Software /
code /
prosody
Comparison
net/server_epoll.lua @ 11413:9fb23779c863
net.server_epoll: Support for passing DANE TLSA data to LuaSec (0.8 needed)
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 29 Sep 2019 16:53:56 +0200 |
parent | 11267:97077089f3c2 |
child | 11497:960674938665 |
comparison
equal
deleted
inserted
replaced
11412:77785c5d6773 | 11413:9fb23779c863 |
---|---|
11 local setmetatable = setmetatable; | 11 local setmetatable = setmetatable; |
12 local pcall = pcall; | 12 local pcall = pcall; |
13 local type = type; | 13 local type = type; |
14 local next = next; | 14 local next = next; |
15 local pairs = pairs; | 15 local pairs = pairs; |
16 local ipairs = ipairs; | |
16 local traceback = debug.traceback; | 17 local traceback = debug.traceback; |
17 local logger = require "util.logger"; | 18 local logger = require "util.logger"; |
18 local log = logger.init("server_epoll"); | 19 local log = logger.init("server_epoll"); |
19 local socket = require "socket"; | 20 local socket = require "socket"; |
20 local luasec = require "ssl"; | 21 local luasec = require "ssl"; |
581 if conn.sni then | 582 if conn.sni then |
582 if self.servername then | 583 if self.servername then |
583 conn:sni(self.servername); | 584 conn:sni(self.servername); |
584 elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then | 585 elseif self._server and type(self._server.hosts) == "table" and next(self._server.hosts) ~= nil then |
585 conn:sni(self._server.hosts, true); | 586 conn:sni(self._server.hosts, true); |
587 end | |
588 end | |
589 if self.extra and self.extra.tlsa and conn.settlsa then | |
590 -- TODO Error handling | |
591 if not conn:setdane(self.servername or self.extra.dane_hostname) then | |
592 self:debug("Could not enable DANE on connection"); | |
593 else | |
594 self:debug("Enabling DANE with %d TLSA records", #self.extra.tlsa); | |
595 self:noise("DANE hostname is %q", self.servername or self.extra.dane_hostname); | |
596 for _, tlsa in ipairs(self.extra.tlsa) do | |
597 self:noise("TLSA: %q", tlsa); | |
598 conn:settlsa(tlsa.use, tlsa.select, tlsa.match, tlsa.data); | |
599 end | |
586 end | 600 end |
587 end | 601 end |
588 self:on("starttls"); | 602 self:on("starttls"); |
589 self.ondrain = nil; | 603 self.ondrain = nil; |
590 self.onwritable = interface.tlshandshake; | 604 self.onwritable = interface.tlshandshake; |