mod_s2s_auth_dane: Keep DANE response around after the connection is established to aid in debugging
--- a/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Thu Dec 10 23:23:07 2015 +0100
+++ b/mod_s2s_auth_dane/mod_s2s_auth_dane.lua Thu Dec 10 23:24:11 2015 +0100
@@ -225,7 +225,6 @@
return false;
end
-- Cleanup
- session.dane = nil;
session.srv_hosts = nil;
end);
end
@@ -290,6 +289,7 @@
session.cert_chain_status = "valid";
end
match_found = true;
+ dane.matching = tlsa;
break;
end
-- DANE-TA or PKIX-CA
@@ -319,6 +319,7 @@
end
end
match_found = true;
+ dane.matching = tlsa;
break;
end
end