From 5c955bb67db1644d85599d8b71e5c3a7cc23ad6f Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 1 Mar 2018 20:28:48 +0100
Subject: [PATCH] Qualify each zone file entry in sshfp with a hostname, not
 just the first line for each host

---
 ud-generate | 25 +++++++++----------------
 1 file changed, 9 insertions(+), 16 deletions(-)

diff --git a/ud-generate b/ud-generate
index 9dcf0a3..22eda37 100755
--- a/ud-generate
+++ b/ud-generate
@@ -888,6 +888,7 @@ def is_ipv6_addr(i):
    return True
 
 def ExtractDNSInfo(x):
+   hostname = GetAttr(x, "hostname")
 
    TTLprefix="\t"
    if 'dnsTTL' in x[1]:
@@ -897,9 +898,9 @@ def ExtractDNSInfo(x):
    if x[1].has_key("ipHostNumber"):
       for I in x[1]["ipHostNumber"]:
          if is_ipv6_addr(I):
-            DNSInfo.append("%sIN\tAAAA\t%s" % (TTLprefix, I))
+            DNSInfo.append("%s.\t%sIN\tAAAA\t%s" % (hostname, TTLprefix, I))
          else:
-            DNSInfo.append("%sIN\tA\t%s" % (TTLprefix, I))
+            DNSInfo.append("%s.\t%sIN\tA\t%s" % (hostname, TTLprefix, I))
 
    Algorithm = None
 
@@ -915,24 +916,24 @@ def ExtractDNSInfo(x):
          if Algorithm == None:
             continue
          Fingerprint = hashlib.new('sha1', base64.decodestring(Split[1])).hexdigest()
-         DNSInfo.append("%sIN\tSSHFP\t%u 1 %s" % (TTLprefix, Algorithm, Fingerprint))
+         DNSInfo.append("%s.\t%sIN\tSSHFP\t%u 1 %s" % (hostname, TTLprefix, Algorithm, Fingerprint))
          Fingerprint = hashlib.new('sha256', base64.decodestring(Split[1])).hexdigest()
-         DNSInfo.append("%sIN\tSSHFP\t%u 2 %s" % (TTLprefix, Algorithm, Fingerprint))
+         DNSInfo.append("%s.\t%sIN\tSSHFP\t%u 2 %s" % (hostname, TTLprefix, Algorithm, Fingerprint))
 
    if 'architecture' in x[1]:
       Arch = GetAttr(x, "architecture")
       Mach = ""
       if x[1].has_key("machine"):
          Mach = " " + GetAttr(x, "machine")
-      DNSInfo.append("%sIN\tHINFO\t\"%s%s\" \"%s\"" % (TTLprefix, Arch, Mach, "Debian"))
+      DNSInfo.append("%s.\t%sIN\tHINFO\t\"%s%s\" \"%s\"" % (hostname, TTLprefix, Arch, Mach, "Debian"))
 
    if x[1].has_key("mXRecord"):
       for I in x[1]["mXRecord"]:
          if I in MX_remap:
             for e in MX_remap[I]:
-               DNSInfo.append("%sIN\tMX\t%s" % (TTLprefix, e))
+               DNSInfo.append("%s.\t%sIN\tMX\t%s" % (hostname, TTLprefix, e))
          else:
-            DNSInfo.append("%sIN\tMX\t%s" % (TTLprefix, I))
+            DNSInfo.append("%s.\t%sIN\tMX\t%s" % (hostname, TTLprefix, I))
 
    return DNSInfo
 
@@ -950,15 +951,7 @@ def GenZoneRecords(host_attrs, File):
          if IsDebianHost.match(GetAttr(x, "hostname")) is None:
             continue
 
-         DNSInfo = ExtractDNSInfo(x)
-         start = True
-         for Line in DNSInfo:
-            if start == True:
-               Line = "%s.\t%s" % (GetAttr(x, "hostname"), Line)
-               start = False
-            else:
-               Line = "\t\t\t%s" % (Line)
-
+         for Line in ExtractDNSInfo(x):
             F.write(Line + "\n")
 
         # this would write sshfp lines for services on machines
-- 
2.20.1