X-Git-Url: https://git.openstreetmap.org./dns.git/blobdiff_plain/92c136c904be9197783db936f54082355730d300..e321ed160d7f6b28947bb1c558359bbe9e2b6a30:/bin/mksshfp diff --git a/bin/mksshfp b/bin/mksshfp index 7c0f518..ef8dda0 100755 --- a/bin/mksshfp +++ b/bin/mksshfp @@ -1,30 +1,51 @@ #!/usr/bin/perl - -open(SSHFP_JS, ">", "include/sshfp.js") || die $!; - -print SSHFP_JS qq|var SSHFP_RECORDS = [\n|; +my %hosts; if (-f "/etc/ssh/ssh_known_hosts") { - open(SSHFP, "-|","sshfp", "-k", "/etc/ssh/ssh_known_hosts") || die $!; + open(SSHFP, "-|","sshfp -k /etc/ssh/ssh_known_hosts 2>&1") || die $!; while (my $line = ) { - if ($line =~ /^(\S+) IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/) + if ($line =~ /^(\S+)\.openstreetmap\.org IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/) { my $host = $1; my $algorithm = $2; my $type = $3; my $value = $4; - if ($type == 2 && - ($algorithm == 3 || $algorithm == 4)) + if ($type == 2 && $algorithm != 2) { - print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|; + my $wanted = 0; + + if (exists($hosts{$host})) + { + if ($algorithm == 3) + { + $wanted = 1; + } + elsif ($algorithm == 4 && $hosts{$host}->{algorithm} != 3) + { + $wanted = 1; + } + } + else + { + $wanted = 1; + } + + if ($wanted) + { + $hosts{$host} = { + algorithm => $algorithm, + type => $type, + value => $value + }; + } } } - else + elsif ($line !~ /^WARNING: Assuming /) { warn $line; } @@ -33,6 +54,19 @@ if (-f "/etc/ssh/ssh_known_hosts") close(SSHFP); } +open(SSHFP_JS, ">", "include/sshfp.js") || die $!; + +print SSHFP_JS qq|var SSHFP_RECORDS = [\n|; + +foreach my $host (sort keys %hosts) +{ + my $algorithm = $hosts{$host}->{algorithm}; + my $type = $hosts{$host}->{type}; + my $value = $hosts{$host}->{value}; + + print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|; +} + print SSHFP_JS qq|];\n|; close(SSHFP_JS);