]> www.average.org Git - pdns-pipe-nmc.git/blobdiff - NmcTransform.hs
projects / pdns-pipe-nmc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
wip on enforcing TLSA on subdoms
[pdns-pipe-nmc.git] / NmcTransform.hs
diff --git a/NmcTransform.hs b/NmcTransform.hs
index c461274acdae54ab4eb091f2c3cc9f35bd8ee737..23244a554aa9c25803cbf18b473275b29c7526bb 100644 (file)
--- a/NmcTransform.hs
+++ b/NmcTransform.hs
@@ -75,7 +75,10 @@ mergeSelf base =
 
 -- | transfer some elements of `base` into `sub`, notably TLSA
 propagate :: NmcDom -> NmcDom -> NmcDom
-propagate base sub = sub -- FIXME implement it
+propagate base sub = sub `merge` (pickglobals base)
+  where -- FIXME must do this on the map elements, not on the top level
+    pickglobals dom = def { domTlsa = fmap pickforcedtls (domTlsa dom) }
+    pickforcedtls = filter (\x -> tlsIncSubdoms x)
  
 -- | Presence of some elements require removal of some others
 normalizeDom :: NmcDom -> NmcDom
PowerDns executabe for pipe plugin to serve Namecoin DNS zone .bit