X-Git-Url: https://git.svenne.dk/?p=public%2Fdnssec-swede-utility.git;a=blobdiff_plain;f=swede;h=10325c3fd9649491b22dce978f79e121e5da329c;hp=036071a3cb6cf72ac56e96037f61f8c82a4887bd;hb=e502dc23f12f2d5f34524f3bb3ab59c5731d9123;hpb=f1c877c34786e9a017a2075b6d77ab78967c14eb diff --git a/swede b/swede index 036071a..10325c3 100755 --- a/swede +++ b/swede @@ -127,6 +127,7 @@ def getRecords(hostname, rrtype='A', secure=True): global resolvconf ctx = unbound.ub_ctx() ctx.add_ta_file('root.key') + ctx.set_option("dlv-anchor-file:", "dlv.isc.org.key") # Use the local cache if resolvconf and os.path.isfile(resolvconf): ctx.resolvconf(resolvconf) @@ -416,8 +417,8 @@ if __name__ == '__main__': if not args.quiet: print 'Received the following record for name %s:' % record.name print '\tUsage:\t\t\t\t%d (%s)' % (record.usage, {0:'CA Constraint', 1:'End-Entity Constraint + chain to CA', 2:'Trust Anchor', 3:'End-Entity'}.get(record.usage, 'INVALID')) - print '\tSelector:\t\t\t%d (%s)' % (record.selector, {0:'Certificate', 1:'SubjectPublicKeyInfo'}.get(record.usage, 'INVALID')) - print '\tMatching Type:\t\t\t%d (%s)' % (record.mtype, {0:'Full Certificate', 1:'SHA-256', 2:'SHA-512'}.get(record.usage, 'INVALID')) + print '\tSelector:\t\t\t%d (%s)' % (record.selector, {0:'Certificate', 1:'SubjectPublicKeyInfo'}.get(record.selector, 'INVALID')) + print '\tMatching Type:\t\t\t%d (%s)' % (record.mtype, {0:'Full Certificate', 1:'SHA-256', 2:'SHA-512'}.get(record.mtype, 'INVALID')) print '\tCertificate for Association:\t%s' % record.cert try: @@ -610,6 +611,13 @@ if __name__ == '__main__': else: print genTLSA(args.host, args.protocol, args.port, cert, args.output, args.usage, args.selector, args.mtype) + # Clear the cert from memory (to stop M2Crypto from segfaulting) + # And cleanup the connection and context + cert=None + connection.clear() + connection.close() + ctx.close() + else: # Pass the path to the certificate to the genTLSA function if args.output == 'both': print genTLSA(args.host, args.protocol, args.port, args.certificate, 'draft', args.usage, args.selector, args.mtype)