prosody
28211ed70b4c
plugins/mod_s2s_auth_dane_in.lua
Software / code / prosody
Comparison
plugins/mod_s2s_auth_dane_in.lua @ 13322:28211ed70b4c
mod_s2s_auth_dane_in: Bail out on explicit service denial
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 12 Nov 2023 00:35:22 +0100 |
| parent | 13297:7264c4d16072 |
| child | 13416:d8e885db9851 |
comparison
equal
deleted
inserted
replaced
| 13321:19c814d4dd3a | 13322:28211ed70b4c |
|---|---|
| 68 local dns_domain = idna_to_ascii(host); | 68 local dns_domain = idna_to_ascii(host); |
| 69 | 69 |
| 70 local function fetch_tlsa(res) | 70 local function fetch_tlsa(res) |
| 71 local tlsas = {}; | 71 local tlsas = {}; |
| 72 for _, rr in ipairs(res) do | 72 for _, rr in ipairs(res) do |
| 73 if rr.srv.target == "." then return {}; end | |
| 73 table.insert(tlsas, resolver:lookup_promise(("_%d._tcp.%s"):format(rr.srv.port, rr.srv.target), "TLSA"):next(ensure_secure)); | 74 table.insert(tlsas, resolver:lookup_promise(("_%d._tcp.%s"):format(rr.srv.port, rr.srv.target), "TLSA"):next(ensure_secure)); |
| 74 end | 75 end |
| 75 return promise.all(tlsas); | 76 return promise.all(tlsas); |
| 76 end | 77 end |
| 77 | 78 |
