From 35b58fd107ce76a42ec6e393621abc9e5f426d90 Mon Sep 17 00:00:00 2001
From: Christoph Egger <christoph@christoph-egger.org>
Date: Fri, 8 Jan 2016 17:24:32 +0100
Subject: [PATCH] Actually output zonefilesnippets

---
 make-tlsa | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/make-tlsa b/make-tlsa
index bdc9e46..9625f8d 100755
--- a/make-tlsa
+++ b/make-tlsa
@@ -8,15 +8,31 @@ import os
 import subprocess
 
 def main():
+   records = dict()
    for root, _, files in os.walk(sys.argv[1]):
       for filename in files:
          if filename == 'cert.pem':
             certname = os.path.join(root, filename)
             altnames = parse_cert(certname)
             for altname in altnames:
-               subprocess.Popen(["ldns-dane", "create", "-c", certname,
-                                 altname, "443", "3", "1", "1"])
-
+               nameparts = altname.split('.')
+               zone = '.'.join(nameparts[-2:])
+               domain = '.'.join(nameparts[:-2])
+               if domain == "":
+                  continue
+
+               ldns = subprocess.Popen(["ldns-dane", "create", "-c", certname,
+                                        altname, "443", "3", "1", "1"],
+                                       stdout=subprocess.PIPE)
+               data = ldns.stdout.read().decode().strip().split('\t')
+               record = "{0:<35s}\t{1}".format(data[0], '\t'.join(data[2:]))
+               if not zone in records:
+                  records[zone] = []
+               records[zone].append(record)
+
+   for zone, data in records.items():
+      with open(os.path.join("output", zone), "w") as zonefile:
+         zonefile.write('\n'.join(data))
 
 
 def parse_cert(fname):
-- 
2.39.2