X-Git-Url: https://git.siccegge.de//index.cgi?p=tools.git;a=blobdiff_plain;f=make-tlsa;h=9625f8d566f4679ef920536f6e93e091f062f181;hp=4c823de2397ea4451fce6bc7cfcc034c7e48710b;hb=HEAD;hpb=e19f4e15365ed7f2047d9bd8098d0c7aa3268ae6

diff --git a/make-tlsa b/make-tlsa
index 4c823de..9625f8d 100755
--- a/make-tlsa
+++ b/make-tlsa
@@ -8,17 +8,33 @@ import os
 import subprocess
 
 def main():
+   records = dict()
    for root, _, files in os.walk(sys.argv[1]):
       for filename in files:
          if filename == 'cert.pem':
             certname = os.path.join(root, filename)
             altnames = parse_cert(certname)
             for altname in altnames:
-               subprocess.Popen(["ldns-dane", "create", "-c", certname,
-                                 altname, "443", "3", "1", "1"])
-      
+               nameparts = altname.split('.')
+               zone = '.'.join(nameparts[-2:])
+               domain = '.'.join(nameparts[:-2])
+               if domain == "":
+                  continue
+
+               ldns = subprocess.Popen(["ldns-dane", "create", "-c", certname,
+                                        altname, "443", "3", "1", "1"],
+                                       stdout=subprocess.PIPE)
+               data = ldns.stdout.read().decode().strip().split('\t')
+               record = "{0:<35s}\t{1}".format(data[0], '\t'.join(data[2:]))
+               if not zone in records:
+                  records[zone] = []
+               records[zone].append(record)
+
+   for zone, data in records.items():
+      with open(os.path.join("output", zone), "w") as zonefile:
+         zonefile.write('\n'.join(data))
+
 
-   
 def parse_cert(fname):
    names = []
    with open(fname) as fhd:
@@ -38,7 +54,7 @@ def parse_cert(fname):
                names.append(str(result))
 
    return names
-         
+
 
 if __name__ == '__main__':
    main()