From 86dde3a38e801bb88a7d573a2a37ce7201e29e0f Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 8 Jan 2013 16:13:07 +0100
Subject: Add support for RFC 6594 SSHFP DNS records.

https://fedorahosted.org/freeipa/ticket/2642
---
 ipa-client/ipa-install/ipa-client-install | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'ipa-client')

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index aa8bc793..024b94f4 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1325,6 +1325,9 @@ def update_ssh_keys(server, hostname, ssh_dir, create_sshfp):
             sshfp = pubkey.fingerprint_dns_sha1()
             if sshfp is not None:
                 update_txt += 'update add %s. %s IN SSHFP %s\n' % (hostname, ttl, sshfp)
+            sshfp = pubkey.fingerprint_dns_sha256()
+            if sshfp is not None:
+                update_txt += 'update add %s. %s IN SSHFP %s\n' % (hostname, ttl, sshfp)
         update_txt += 'send\n'
 
         if not do_nsupdate(update_txt):
-- 
cgit