Changeset

1352:b0f780d3a24e

mod_s2s_auth_dane: Don't pass nil to hash functions in case of unsupported selectors
author Kim Alvefur <zash@zash.se>
date Tue, 18 Mar 2014 15:20:28 +0100
parents 1351:a052740bbf48
children 1353:a17c2c4043e5
files mod_s2s_auth_dane/mod_s2s_auth_dane.lua
diffstat 1 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Tue Mar 18 15:12:11 2014 +0100
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua	Tue Mar 18 15:20:28 2014 +0100
@@ -141,9 +141,9 @@
 					end
 
 					if match == 1 then
-						certdata = hashes.sha256(certdata);
+						certdata = certdata and hashes.sha256(certdata);
 					elseif match == 2 then
-						certdata = hashes.sha512(certdata);
+						certdata = certdata and hashes.sha512(certdata);
 					elseif match ~= 0 then
 						module:log("warn", "DANE match rule %s is unsupported", tlsa:getMatchType() or match);
 						certdata = nil;