Merge branch 'wip/tsigalgoname' into 'master'

tsig: simplifies algorithm list The algorithm names match now the names used in dnssec-keygen and dnspython tools. See merge request !2

Merge branch 'wip/tsigalgoname' into 'master'
tsig: simplifies algorithm list The algorithm names match now the names used in dnssec-keygen and dnspython tools. See merge request !2
63831f1c · Adrien Dorsaz · 6766a4a8 · a28c132c · 63831f1c · 63831f1c
Commit 63831f1c authored Aug 16, 2016 by Adrien Dorsaz
--- a/README.md
+++ b/README.md
@@ -101,7 +101,7 @@ updates and create a TSIG key which will give rights to perform updates.

 The configuration of the script will need:
 * the TSIG key name and value
-* the algorithm used for TSIG key (MD5, SHA1, SHA224, SHA256, SHA384 or SHA512)
+* the algorithm used for TSIG key (hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384 or hmac-512; list of algoithm depends on knowe ones by dnspython module)
 * the DNS zone to update
 * the address and the port of the DNS server


--- a/acme_dns_tiny.py
+++ b/acme_dns_tiny.py
@@ -24,7 +24,7 @@ def get_crt(config, log=LOGGER):

    # helper function to send DNS dynamic update messages
    def _update_dns(rrset, action):
-        algorithm = dns.name.from_text("hmac-{0}".format(config["TSIGKeyring"]["Algorithm"].lower()))
+        algorithm = dns.name.from_text("{0}".format(config["TSIGKeyring"]["Algorithm"].lower()))
        dns_update = dns.update.Update(config["DNS"]["zone"], keyring=keyring, keyalgorithm=algorithm)
        if action == "add":
            dns_update.add(rrset.name, rrset)

--- a/example.ini
+++ b/example.ini
@@ -14,7 +14,7 @@ KeyName = host-example
 # Required TSIG key value in base64
 KeyValue = XXXXXXXXXXX==
 # Required TSIG algorithm
-Algorithm = SHA256
+Algorithm = hmac-sha256 

 [DNS]
 # Required name of zone to update