Add support for RFC 6594 SSHFP DNS records.

https://fedorahosted.org/freeipa/ticket/2642
author: Jan Cholasta <jcholast@redhat.com> 2013-01-08 16:13:07 +0100
committer: Rob Crittenden <rcritten@redhat.com> 2013-02-01 09:16:09 -0500
commit: 86dde3a38e801bb88a7d573a2a37ce7201e29e0f (patch)
tree: 0dc55fbc3f2d8076836302833900b5d58573ada7 /ipalib
parent: c1735e1c80c9ec515f4a30cd212b7e331d7e2a83 (diff)
download: freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.gz
freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.xz
freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index e1c07b53b..f464127d9 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -139,6 +139,12 @@ def update_sshfp_record(zone, record, entry_attrs):
             continue
         if sshfp is not None:
             sshfps.append(sshfp)
+        try:
+            sshfp = SSHPublicKey(pubkey).fingerprint_dns_sha256()
+        except ValueError, UnicodeDecodeError:
+            continue
+        if sshfp is not None:
+            sshfps.append(sshfp)
 
     try:
         api.Command['dnsrecord_mod'](zone, record, sshfprecord=sshfps)
author	Jan Cholasta <jcholast@redhat.com>	2013-01-08 16:13:07 +0100
committer	Rob Crittenden <rcritten@redhat.com>	2013-02-01 09:16:09 -0500
commit	86dde3a38e801bb88a7d573a2a37ce7201e29e0f (patch)
tree	0dc55fbc3f2d8076836302833900b5d58573ada7 /ipalib
parent	c1735e1c80c9ec515f4a30cd212b7e331d7e2a83 (diff)
download	freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.gz freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.tar.xz freeipa-86dde3a38e801bb88a7d573a2a37ce7201e29e0f.zip