louis/ovh-dane-companion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Don't flush all TLSA, only erase the ones that are with this subdomain specifically

Browse Source 
Signed-off-by: Louis Vallat <louis@louis-vallat.xyz>
This commit is contained in:
Louis Vallat 2022-02-15 11:23:20 +01:00
parent 43667bc6cf
commit 76c23edfab
No known key found for this signature in database
GPG Key ID: 0C87282F76E61283
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/records.rs
View File

@ -120,7 +120,11 @@ pub async fn update_tlsa_for_subdomain(ovh_client: &OVHClient,
client: &Client<HttpsConnector<HttpConnector>>,
zone: &str, subdomain: &str, hash: &str,
issuer_hash: &str, port: u32, protocol: &str) {
flush_tlsa_record_for_subdomain(ovh_client, client, zone, subdomain).await;
let tlsa_subdomain = get_tlsa_subdomain(subdomain, port, protocol);
let records = get_records_from_zone(ovh_client, client, zone, "TLSA", &tlsa_subdomain).await;
for record in records {
delete_record_from_zone(ovh_client, client, zone, record.id).await;
}
add_record_to_zone(ovh_client, client, zone, &Record {
sub_domain: get_tlsa_subdomain(subdomain, port, protocol),
target: format!("3 1 1 {}", hash).to_string(),