From 38616e43f92bd6c87402890499af994bcaddc3b7 Mon Sep 17 00:00:00 2001
From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com>
Date: Sun, 29 Jan 2023 18:37:21 +0100
Subject: [PATCH] [PR #5914/3da24d50 backport][stable-5] dig lookup: fix
 DNSKEY's algorithm handling (#5915)

dig lookup: fix DNSKEY's algorithm handling (#5914)

Fix DNSKEY's algorithm handling.

(cherry picked from commit 3da24d50cdadfd4aa383800f72ca6dab22ee93f2)

Co-authored-by: Felix Fontein <felix@fontein.de>
---
 changelogs/fragments/5914-dig-dnskey.yml | 2 ++
 plugins/lookup/dig.py                    | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/fragments/5914-dig-dnskey.yml

diff --git a/changelogs/fragments/5914-dig-dnskey.yml b/changelogs/fragments/5914-dig-dnskey.yml
new file mode 100644
index 0000000000..d6a26388d2
--- /dev/null
+++ b/changelogs/fragments/5914-dig-dnskey.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - "dig lookup plugin - correctly handle DNSKEY record type's ``algorithm`` field (https://github.com/ansible-collections/community.general/pull/5914)."
diff --git a/plugins/lookup/dig.py b/plugins/lookup/dig.py
index b64b9e4de8..4f260b86c4 100644
--- a/plugins/lookup/dig.py
+++ b/plugins/lookup/dig.py
@@ -218,7 +218,7 @@ def make_rdata_dict(rdata):
         NSEC3PARAM: ['algorithm', 'flags', 'iterations', 'salt'],
         PTR: ['target'],
         RP: ['mbox', 'txt'],
-        # RRSIG: ['algorithm', 'labels', 'original_ttl', 'expiration', 'inception', 'signature'],
+        # RRSIG: ['type_covered', 'algorithm', 'labels', 'original_ttl', 'expiration', 'inception', 'key_tag', 'signer', 'signature'],
         SOA: ['mname', 'rname', 'serial', 'refresh', 'retry', 'expire', 'minimum'],
         SPF: ['strings'],
         SRV: ['priority', 'weight', 'port', 'target'],
@@ -241,6 +241,8 @@ def make_rdata_dict(rdata):
                 val = dns.rdata._hexify(rdata.digest).replace(' ', '')
             if rdata.rdtype == DS and f == 'digest':
                 val = dns.rdata._hexify(rdata.digest).replace(' ', '')
+            if rdata.rdtype == DNSKEY and f == 'algorithm':
+                val = int(val)
             if rdata.rdtype == DNSKEY and f == 'key':
                 val = dns.rdata._base64ify(rdata.key).replace(' ', '')
             if rdata.rdtype == NSEC3PARAM and f == 'salt':