Aggregate CAAs

diff --git a/rc.tcl b/rc.tcl
index 2fe3d04327e5a8e46786c9cc6cabe76a71bd0462..99bb0b65c276685f5c3c54db3e56c52d6999158c 100644 (file)
--- a/rc.tcl
+++ b/rc.tcl
@@ -59,15 +59,19 @@ proc dane {dn {port 443}} {
     set dn [fqdn $dn]
     set dirname [string trimright $dn .]
     set was [pwd]
+    set caas [list]
     cd tls
     foreach ca [lsort [glob ca/*/*]] {
         set ca [join [lrange [split $ca /] 1 end] /]
         set ee [file join ee $ca $dirname]
         if {![file exists $ee]} { continue }
-        puts "[shorten $dn] CAA 0 issue \"[lindex [split $ca /] end]\""
+        set caas [lappend $caas [lindex [split $ca /] end]]
         puts "[shorten _$port._tcp.$dn] TLSA 3 1 1 [exec zeasypki dane $ee]"
     }
     cd $was
+    foreach ca [lsort -unique $caas] {
+        puts "[shorten $dn] CAA 0 issue \"$ca\""
+    }
 }
 
 proc ssh {dn} {