#!/usr/bin/perl
-
-open(SSHFP_JS, ">", "include/sshfp.js") || die $!;
-
-print SSHFP_JS qq|var SSHFP_RECORDS = [\n|;
+my %hosts;
if (-f "/etc/ssh/ssh_known_hosts")
{
- open(SSHFP, "-|","sshfp", "-k", "/etc/ssh/ssh_known_hosts") || die $!;
+ open(SSHFP, "-|","sshfp -k /etc/ssh/ssh_known_hosts 2>&1") || die $!;
while (my $line = <SSHFP>)
{
- if ($line =~ /^(\S+) IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/)
+ if ($line =~ /^(\S+)\.openstreetmap\.org IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/)
{
my $host = $1;
my $algorithm = $2;
my $type = $3;
my $value = $4;
- print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|;
+ if ($type == 2 && $algorithm != 2)
+ {
+ my $wanted = 0;
+
+ if (exists($hosts{$host}))
+ {
+ if ($algorithm == 3)
+ {
+ $wanted = 1;
+ }
+ elsif ($algorithm == 4 && $hosts{$host}->{algorithm} != 3)
+ {
+ $wanted = 1;
+ }
+ }
+ else
+ {
+ $wanted = 1;
+ }
+
+ if ($wanted)
+ {
+ $hosts{$host} = {
+ algorithm => $algorithm,
+ type => $type,
+ value => $value
+ };
+ }
+ }
}
- else
+ elsif ($line !~ /^WARNING: Assuming /)
{
warn $line;
}
close(SSHFP);
}
+open(SSHFP_JS, ">", "include/sshfp.js") || die $!;
+
+print SSHFP_JS qq|var SSHFP_RECORDS = [\n|;
+
+foreach my $host (sort keys %hosts)
+{
+ my $algorithm = $hosts{$host}->{algorithm};
+ my $type = $hosts{$host}->{type};
+ my $value = $hosts{$host}->{value};
+
+ print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|;
+}
+
print SSHFP_JS qq|];\n|;
close(SSHFP_JS);