bin/mksshfp

   1 #!/usr/bin/perl
   2
   3 my %hosts;
   4
   5 if (-f "/etc/ssh/ssh_known_hosts")
   6 {
   7     open(SSHFP, "-|","sshfp", "-k", "/etc/ssh/ssh_known_hosts") || die $!;
   8
   9     while (my $line = <SSHFP>)
  10     {
  11         if ($line =~ /^(\S+) IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/)
  12         {
  13             my $host = $1;
  14             my $algorithm = $2;
  15             my $type = $3;
  16             my $value = $4;
  17
  18             if ($type == 2 && $algorithm != 2)
  19             {
  20                 my $wanted = 0;
  21
  22                 if (exists($hosts{$host}))
  23                 {
  24                     if ($algorithm == 3)
  25                     {
  26                         $wanted = 1;
  27                     }
  28                     elsif ($algorithm == 4 && $hosts{$host}->{algorithm} != 3)
  29                     {
  30                         $wanted = 1;
  31                     }
  32                 }
  33                 else
  34                 {
  35                     $wanted = 1;
  36                 }
  37
  38                 if ($wanted)
  39                 {
  40                     $hosts{$host} = {
  41                         algorithm => $algorithm,
  42                         type => $type,
  43                         value => $value
  44                     };
  45                 }
  46             }
  47         }
  48         else
  49         {
  50             warn $line;
  51         }
  52     }
  53
  54     close(SSHFP);
  55 }
  56
  57 open(SSHFP_JS, ">", "include/sshfp.js") || die $!;
  58
  59 print SSHFP_JS qq|var SSHFP_RECORDS = [\n|;
  60
  61 foreach my $host (sort keys %hosts)
  62 {
  63     my $algorithm = $hosts{$host}->{algorithm};
  64     my $type = $hosts{$host}->{type};
  65     my $value = $hosts{$host}->{value};
  66
  67     print SSHFP_JS qq|  SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|;
  68 }
  69
  70 print SSHFP_JS qq|];\n|;
  71
  72 close(SSHFP_JS);
  73
  74 exit 0;