]> git.siccegge.de Git - tools.git/commitdiff
projects / tools.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3a5e5c7)
Actually output zonefilesnippets
authorChristoph Egger <christoph@christoph-egger.org>
Fri, 8 Jan 2016 16:24:32 +0000 (17:24 +0100)
committerChristoph Egger <christoph@christoph-egger.org>
Fri, 8 Jan 2016 16:24:32 +0000 (17:24 +0100)
make-tlsa patch | blob | history

diff --git a/make-tlsa b/make-tlsa
index bdc9e46ea7bd568a2cee33a5f688e0330d59e029..9625f8d566f4679ef920536f6e93e091f062f181 100755 (executable)
--- a/make-tlsa
+++ b/make-tlsa
@@ -8,15 +8,31 @@ import os
 import subprocess
 
 def main():
+   records = dict()
    for root, _, files in os.walk(sys.argv[1]):
       for filename in files:
          if filename == 'cert.pem':
             certname = os.path.join(root, filename)
             altnames = parse_cert(certname)
             for altname in altnames:
-               subprocess.Popen(["ldns-dane", "create", "-c", certname,
-                                 altname, "443", "3", "1", "1"])
-
+               nameparts = altname.split('.')
+               zone = '.'.join(nameparts[-2:])
+               domain = '.'.join(nameparts[:-2])
+               if domain == "":
+                  continue
+
+               ldns = subprocess.Popen(["ldns-dane", "create", "-c", certname,
+                                        altname, "443", "3", "1", "1"],
+                                       stdout=subprocess.PIPE)
+               data = ldns.stdout.read().decode().strip().split('\t')
+               record = "{0:<35s}\t{1}".format(data[0], '\t'.join(data[2:]))
+               if not zone in records:
+                  records[zone] = []
+               records[zone].append(record)
+
+   for zone, data in records.items():
+      with open(os.path.join("output", zone), "w") as zonefile:
+         zonefile.write('\n'.join(data))
 
 
 def parse_cert(fname):