X-Git-Url: https://git.openstreetmap.org./dns.git/blobdiff_plain/21ccf33f2bc9942054a26a0f3ff11349e9f44963..6a5910323d3c563d57865c58fa5db2b66c85fba7:/bin/mksshfp diff --git a/bin/mksshfp b/bin/mksshfp index 56c7bbb..ef8dda0 100755 --- a/bin/mksshfp +++ b/bin/mksshfp @@ -1,26 +1,51 @@ #!/usr/bin/perl - -open(SSHFP_JS, ">", "include/sshfp.js") || die $!; - -print SSHFP_JS qq|var SSHFP_RECORDS = [\n|; +my %hosts; if (-f "/etc/ssh/ssh_known_hosts") { - open(SSHFP, "-|","sshfp", "-k", "/etc/ssh/ssh_known_hosts") || die $!; + open(SSHFP, "-|","sshfp -k /etc/ssh/ssh_known_hosts 2>&1") || die $!; while (my $line = ) { - if ($line =~ /^(\S+) IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/) + if ($line =~ /^(\S+)\.openstreetmap\.org IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/) { my $host = $1; my $algorithm = $2; my $type = $3; my $value = $4; - print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}");\n|; + if ($type == 2 && $algorithm != 2) + { + my $wanted = 0; + + if (exists($hosts{$host})) + { + if ($algorithm == 3) + { + $wanted = 1; + } + elsif ($algorithm == 4 && $hosts{$host}->{algorithm} != 3) + { + $wanted = 1; + } + } + else + { + $wanted = 1; + } + + if ($wanted) + { + $hosts{$host} = { + algorithm => $algorithm, + type => $type, + value => $value + }; + } + } } - else + elsif ($line !~ /^WARNING: Assuming /) { warn $line; } @@ -29,6 +54,19 @@ if (-f "/etc/ssh/ssh_known_hosts") close(SSHFP); } +open(SSHFP_JS, ">", "include/sshfp.js") || die $!; + +print SSHFP_JS qq|var SSHFP_RECORDS = [\n|; + +foreach my $host (sort keys %hosts) +{ + my $algorithm = $hosts{$host}->{algorithm}; + my $type = $hosts{$host}->{type}; + my $value = $hosts{$host}->{value}; + + print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|; +} + print SSHFP_JS qq|];\n|; close(SSHFP_JS);