Don't flush all TLSA, only erase the ones that are with this subdomain specifically
Signed-off-by: Louis Vallat <louis@louis-vallat.xyz>
This commit is contained in:
parent
43667bc6cf
commit
76c23edfab
@ -120,7 +120,11 @@ pub async fn update_tlsa_for_subdomain(ovh_client: &OVHClient,
|
|||||||
client: &Client<HttpsConnector<HttpConnector>>,
|
client: &Client<HttpsConnector<HttpConnector>>,
|
||||||
zone: &str, subdomain: &str, hash: &str,
|
zone: &str, subdomain: &str, hash: &str,
|
||||||
issuer_hash: &str, port: u32, protocol: &str) {
|
issuer_hash: &str, port: u32, protocol: &str) {
|
||||||
flush_tlsa_record_for_subdomain(ovh_client, client, zone, subdomain).await;
|
let tlsa_subdomain = get_tlsa_subdomain(subdomain, port, protocol);
|
||||||
|
let records = get_records_from_zone(ovh_client, client, zone, "TLSA", &tlsa_subdomain).await;
|
||||||
|
for record in records {
|
||||||
|
delete_record_from_zone(ovh_client, client, zone, record.id).await;
|
||||||
|
}
|
||||||
add_record_to_zone(ovh_client, client, zone, &Record {
|
add_record_to_zone(ovh_client, client, zone, &Record {
|
||||||
sub_domain: get_tlsa_subdomain(subdomain, port, protocol),
|
sub_domain: get_tlsa_subdomain(subdomain, port, protocol),
|
||||||
target: format!("3 1 1 {}", hash).to_string(),
|
target: format!("3 1 1 {}", hash).to_string(),
|
||||||
|
Loading…
Reference in New Issue
Block a user