From 21ccf33f2bc9942054a26a0f3ff11349e9f44963 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sat, 8 Feb 2020 15:51:30 +0000 Subject: [PATCH] Add SSHFP records to main domain --- Makefile | 11 +++++++---- bin/mksshfp | 36 ++++++++++++++++++++++++++++++++++++ dnsconfig.js | 3 ++- 3 files changed, 45 insertions(+), 5 deletions(-) create mode 100755 bin/mksshfp diff --git a/Makefile b/Makefile index 0b27d0d..8a26dd0 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ preview_bytemark: data/openstreetmap.org data/openstreetmap.com data/openstreetm data/tile.openstreetmap.org \ data/render.openstreetmap.org -preview_cloudflare: data/tile.openstreetmap.org data/render.openstreetmap.org +preview_cloudflare: include/sshfp.js include/tile.js include/render.js dnscontrol preview update: update_bytemark update_cloudflare update_geodns @@ -24,7 +24,7 @@ update: update_bytemark update_cloudflare update_geodns update_bytemark: preview_bytemark bin/update -update_cloudflare: data/tile.openstreetmap.org data/render.openstreetmap.org +update_cloudflare: include/sshfp.js include/tile.js include/render.js dnscontrol push --providers cloudflare update_geodns: gdns/tile.map gdns/tile.resource gdns/tile.weighted @@ -66,13 +66,16 @@ data/switch2osm.org: src/switch2osm data/switch2osm.com: src/switch2osm data/stateofthemap.eu: src/stateofthemap-eu +include/sshfp.js: + bin/mksshfp + origins/tile.openstreetmap.yml: bin/mkcountries lib/countries.xml bandwidth/tile.openstreetmap.yml bin/mkcountries bandwidth/tile.openstreetmap.yml origins/tile.openstreetmap.yml -data/tile.openstreetmap.org json/tile.openstreetmap.org.json origins/render.openstreetmap.yml gdns/tile.map gdns/tile.resource gdns/tile.weighted: bin/mkgeo origins/tile.openstreetmap.yml src/tile.openstreetmap +data/tile.openstreetmap.org include/tilse.js json/tile.openstreetmap.org.json origins/render.openstreetmap.yml gdns/tile.map gdns/tile.resource gdns/tile.weighted: bin/mkgeo origins/tile.openstreetmap.yml src/tile.openstreetmap bin/mkgeo origins/tile.openstreetmap.yml src/tile.openstreetmap tile.openstreetmap.org tile origins/render.openstreetmap.yml tile -data/render.openstreetmap.org json/render.openstreetmap.org.json: bin/mkgeo origins/render.openstreetmap.yml src/render.openstreetmap +data/render.openstreetmap.org include/render.js json/render.openstreetmap.org.json: bin/mkgeo origins/render.openstreetmap.yml src/render.openstreetmap bin/mkgeo origins/render.openstreetmap.yml src/render.openstreetmap render.openstreetmap.org render origins/total.openstreetmap.yml data/%: diff --git a/bin/mksshfp b/bin/mksshfp new file mode 100755 index 0000000..56c7bbb --- /dev/null +++ b/bin/mksshfp @@ -0,0 +1,36 @@ +#!/usr/bin/perl + + +open(SSHFP_JS, ">", "include/sshfp.js") || die $!; + +print SSHFP_JS qq|var SSHFP_RECORDS = [\n|; + +if (-f "/etc/ssh/ssh_known_hosts") +{ + open(SSHFP, "-|","sshfp", "-k", "/etc/ssh/ssh_known_hosts") || die $!; + + while (my $line = ) + { + if ($line =~ /^(\S+) IN SSHFP (\d+) (\d+) ([0-9A-F]+)$/) + { + my $host = $1; + my $algorithm = $2; + my $type = $3; + my $value = $4; + + print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}");\n|; + } + else + { + warn $line; + } + } + + close(SSHFP); +} + +print SSHFP_JS qq|];\n|; + +close(SSHFP_JS); + +exit 0; diff --git a/dnsconfig.js b/dnsconfig.js index 7873396..1de4a40 100644 --- a/dnsconfig.js +++ b/dnsconfig.js @@ -30,10 +30,11 @@ function loadTemplate(template) { var OPENSTREETMAP = loadTemplate("openstreetmap"); +require("include/sshfp.js"); require("include/tile.js"); require("include/render.js"); -OPENSTREETMAP("openstreetmap.org", REG_GANDI, TILE_RECORDS, RENDER_RECORDS); +OPENSTREETMAP("openstreetmap.org", REG_GANDI, SSHFP_RECORDS, TILE_RECORDS, RENDER_RECORDS); OPENSTREETMAP("openstreetmap.com", REG_GANDI); OPENSTREETMAP("openstreetmap.net", REG_GANDI); OPENSTREETMAP("openstreetmap.ca", REG_GANDI); -- 2.39.5