From 86dde3a38e801bb88a7d573a2a37ce7201e29e0f Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 8 Jan 2013 16:13:07 +0100
Subject: Add support for RFC 6594 SSHFP DNS records.

https://fedorahosted.org/freeipa/ticket/2642
---
 ipalib/plugins/host.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'ipalib/plugins/host.py')

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index e1c07b53..f464127d 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -139,6 +139,12 @@ def update_sshfp_record(zone, record, entry_attrs):
             continue
         if sshfp is not None:
             sshfps.append(sshfp)
+        try:
+            sshfp = SSHPublicKey(pubkey).fingerprint_dns_sha256()
+        except ValueError, UnicodeDecodeError:
+            continue
+        if sshfp is not None:
+            sshfps.append(sshfp)
 
     try:
         api.Command['dnsrecord_mod'](zone, record, sshfprecord=sshfps)
-- 
cgit