Don't flush all TLSA, only erase the ones that are with this subdomain specifically

Signed-off-by: Louis Vallat <louis@louis-vallat.xyz>
This commit is contained in:
Louis Vallat 2022-02-15 11:23:20 +01:00
parent 43667bc6cf
commit 76c23edfab
No known key found for this signature in database
GPG Key ID: 0C87282F76E61283

View File

@ -120,7 +120,11 @@ pub async fn update_tlsa_for_subdomain(ovh_client: &OVHClient,
client: &Client<HttpsConnector<HttpConnector>>, client: &Client<HttpsConnector<HttpConnector>>,
zone: &str, subdomain: &str, hash: &str, zone: &str, subdomain: &str, hash: &str,
issuer_hash: &str, port: u32, protocol: &str) { issuer_hash: &str, port: u32, protocol: &str) {
flush_tlsa_record_for_subdomain(ovh_client, client, zone, subdomain).await; let tlsa_subdomain = get_tlsa_subdomain(subdomain, port, protocol);
let records = get_records_from_zone(ovh_client, client, zone, "TLSA", &tlsa_subdomain).await;
for record in records {
delete_record_from_zone(ovh_client, client, zone, record.id).await;
}
add_record_to_zone(ovh_client, client, zone, &Record { add_record_to_zone(ovh_client, client, zone, &Record {
sub_domain: get_tlsa_subdomain(subdomain, port, protocol), sub_domain: get_tlsa_subdomain(subdomain, port, protocol),
target: format!("3 1 1 {}", hash).to_string(), target: format!("3 1 1 {}", hash).to_string(),