Mercurial Mercurial > prosody > prosody-modules / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_s2s_auth_dane/mod_s2s_auth_dane.lua
changeset 1761 d011b87b7f58
parent 1705 9b429fc9e8a0
child 1762 7ba877e2d660
equal deleted inserted replaced
1760:c619425dafe7 1761:d011b87b7f58 
   292 						end
 
   292 						end
 
   293 						if is_match and cacert:issued(cert, unpack(chain)) then
 
   293 						if is_match and cacert:issued(cert, unpack(chain)) then
 
   294 							log("info", "DANE validated ok for %s using %s", host, tlsa:getUsage());
 
   294 							log("info", "DANE validated ok for %s using %s", host, tlsa:getUsage());
 
   295 							if use == 2 then -- DANE-TA
 
   295 							if use == 2 then -- DANE-TA
 
   296 								session.cert_identity_status = "valid";
 
   296 								session.cert_identity_status = "valid";
 
   297 								session.cert_chain_status = "valid";
 
   297 								if cert_verify_identity(host, "xmpp-server", cert) then
 
       
   298 									session.cert_chain_status = "valid";
 
       
   299 									-- else -- TODO Check against SRV target?
 
       
   300 								end
 
   298 								-- for usage 0, PKIX-CA, identity and chain has to be valid already
 
   301 								-- for usage 0, PKIX-CA, identity and chain has to be valid already
 
   299 							end
 
   302 							end
 
   300 							match_found = true;
 
   303 							match_found = true;
 
   301 							break;
 
   304 							break;
 
   302 						end
 
   305 						end
prosody-modules