wip on enforcing TLSA on subdoms

diff --git a/NmcDom.hs b/NmcDom.hs
index 2fdd6b99a3b41df75dd71c210d23aa2e29992796..dac614ba123e241be7c68e3b6c5bc379ff30f85f 100644 (file)
--- a/NmcDom.hs
+++ b/NmcDom.hs
@@ -182,7 +182,7 @@ instance Mergeable NmcRRI2p where
 data NmcRRTlsa = NmcRRTlsa
                         { tlsMatchType  :: Int -- 0:exact 1:sha256 2:sha512
                         , tlsMatchValue :: String
-                        , tlsIncSubdoms :: Int -- 1:enforce on subdoms 0:no
+                        , tlsIncSubdoms :: Bool -- enforce on subdoms?
                         } deriving (Show, Eq)
 
 instance FromJSON NmcRRTlsa where
@@ -190,7 +190,10 @@ instance FromJSON NmcRRTlsa where
                 if length a == 3 then NmcRRTlsa
                         <$> parseJSON (a ! 0)
                         <*> parseJSON (a ! 1)
-                        <*> parseJSON (a ! 2)
+                        <*> case (a ! 2) of
+                              Number 0 -> return False
+                              Number 1 -> return True
+                              _        -> empty
                 else empty
         parseJSON _ = empty
 

diff --git a/NmcTransform.hs b/NmcTransform.hs
index c461274acdae54ab4eb091f2c3cc9f35bd8ee737..23244a554aa9c25803cbf18b473275b29c7526bb 100644 (file)
--- a/NmcTransform.hs
+++ b/NmcTransform.hs
@@ -75,7 +75,10 @@ mergeSelf base =
 
 -- | transfer some elements of `base` into `sub`, notably TLSA
 propagate :: NmcDom -> NmcDom -> NmcDom
-propagate base sub = sub -- FIXME implement it
+propagate base sub = sub `merge` (pickglobals base)
+  where -- FIXME must do this on the map elements, not on the top level
+    pickglobals dom = def { domTlsa = fmap pickforcedtls (domTlsa dom) }
+    pickforcedtls = filter (\x -> tlsIncSubdoms x)
  
 -- | Presence of some elements require removal of some others
 normalizeDom :: NmcDom -> NmcDom