Comparison

net/server_epoll.lua @ 11413:9fb23779c863

net.server_epoll: Support for passing DANE TLSA data to LuaSec (0.8 needed)
author Kim Alvefur <zash@zash.se>
date Sun, 29 Sep 2019 16:53:56 +0200
parent 11267:97077089f3c2
child 11497:960674938665
comparison
equal deleted inserted replaced
11412:77785c5d6773 11413:9fb23779c863
11 local setmetatable = setmetatable; 11 local setmetatable = setmetatable;
12 local pcall = pcall; 12 local pcall = pcall;
13 local type = type; 13 local type = type;
14 local next = next; 14 local next = next;
15 local pairs = pairs; 15 local pairs = pairs;
16 local ipairs = ipairs;
16 local traceback = debug.traceback; 17 local traceback = debug.traceback;
17 local logger = require "util.logger"; 18 local logger = require "util.logger";
18 local log = logger.init("server_epoll"); 19 local log = logger.init("server_epoll");
19 local socket = require "socket"; 20 local socket = require "socket";
20 local luasec = require "ssl"; 21 local luasec = require "ssl";
581 if conn.sni then 582 if conn.sni then
582 if self.servername then 583 if self.servername then
583 conn:sni(self.servername); 584 conn:sni(self.servername);
584 elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then 585 elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then
585 conn:sni(self._server.hosts, true); 586 conn:sni(self._server.hosts, true);
587 end
588 end
589 if self.extra and self.extra.tlsa and conn.settlsa then
590 -- TODO Error handling
591 if not conn:setdane(self.servername or self.extra.dane_hostname) then
592 self:debug("Could not enable DANE on connection");
593 else
594 self:debug("Enabling DANE with %d TLSA records", #self.extra.tlsa);
595 self:noise("DANE hostname is %q", self.servername or self.extra.dane_hostname);
596 for _, tlsa in ipairs(self.extra.tlsa) do
597 self:noise("TLSA: %q", tlsa);
598 conn:settlsa(tlsa.use, tlsa.select, tlsa.match, tlsa.data);
599 end
586 end 600 end
587 end 601 end
588 self:on("starttls"); 602 self:on("starttls");
589 self.ondrain = nil; 603 self.ondrain = nil;
590 self.onwritable = interface.tlshandshake; 604 self.onwritable = interface.tlshandshake;