From 55e97da44178f34579c61a212dcb493c3100c428 Mon Sep 17 00:00:00 2001
From: Stephen Gran <steve@lobefin.net>
Date: Sun, 28 Mar 2010 09:38:27 +0000
Subject: [PATCH] prototype code for sshfp generation for services

Signed-off-by: Stephen Gran <steve@lobefin.net>
---
 ud-generate | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/ud-generate b/ud-generate
index 1617821..2951794 100755
--- a/ud-generate
+++ b/ud-generate
@@ -54,6 +54,7 @@ BSMTPCheck = re.compile(".*mx 0 (master)\.debian\.org\..*",re.DOTALL)
 PurposeHostField = re.compile(r".*\[\[([\*\-]?[a-z0-9.\-]*)(?:\|.*)?\]\]")
 IsV6Addr = re.compile("^[a-fA-F0-9:]+$")
 IsDebianHost = re.compile(ConfModule.dns_hostmatch)
+isSSHFP = re.compile("^\s*IN\s+SSHFP")
 DNSZone = ".debian.net"
 Keyrings = ConfModule.sync_keyrings.split(":")
 
@@ -896,6 +897,29 @@ def GenZoneRecords(File):
 
             F.write(Line + "\n")
 
+        # this would write sshfp lines for services on machines
+        # but we can't yet, since some are cnames and we'll make
+        # an invalid zonefile
+        #
+        # for i in x[1].get("purpose", []):
+        #    m = PurposeHostField.match(i)
+        #    if m:
+        #       m = m.group(1)
+        #       # we ignore [[*..]] entries
+        #       if m.startswith('*'):
+        #          continue
+        #       if m.startswith('-'):
+        #          m = m[1:]
+        #       if m:
+        #          if not m.endswith(HostDomain):
+        #             continue
+        #          if not m.endswith('.'):
+        #             m = m + "."
+        #          for Line in DNSInfo:
+        #             if isSSHFP.match(Line):
+        #                Line = "%s\t%s" % (m, Line)
+        #                F.write(Line + "\n")
+
    # Oops, something unspeakable happened.
    except:
       Die(File, F, None)
-- 
2.20.1