From 7f8a07f20eb6ce496db3fcad40188711a3e7f519 Mon Sep 17 00:00:00 2001 From: Leonardo Arena Date: Tue, 13 Aug 2019 06:44:12 +0000 Subject: main/dns-root-hints: add manual update script --- main/dns-root-hints/APKBUILD | 11 +++++--- main/dns-root-hints/update-dns-root-hints | 43 +++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 4 deletions(-) create mode 100755 main/dns-root-hints/update-dns-root-hints diff --git a/main/dns-root-hints/APKBUILD b/main/dns-root-hints/APKBUILD index a5a4a66e19..1b866407fc 100644 --- a/main/dns-root-hints/APKBUILD +++ b/main/dns-root-hints/APKBUILD @@ -2,15 +2,15 @@ # Maintainer: Leonardo Arena pkgname=dns-root-hints pkgver=2019031302 -pkgrel=1 +pkgrel=2 pkgdesc="The DNS root hint(s)" url="https://www.internic.net/domain" arch="noarch" license="Public-Domain" makedepends="curl gnupg" options="net" -source="verisign-grs-nstld-key.asc named.root named.root.sig" -builddir="$srcdir/$pkgname-$pkgver" +source="verisign-grs-nstld-key.asc named.root named.root.sig + update-$pkgname" build() { mkdir -p "$builddir" @@ -24,6 +24,8 @@ package() { "$pkgdir"/usr/share/$pkgname/named.root.sig install -D -m 644 -o root -g root "$srcdir"/verisign-grs-nstld-key.asc \ "$pkgdir"/usr/share/$pkgname/verisign-grs-nstld-key.asc + install -D -m 755 -o root -g root "$srcdir"/update-$pkgname \ + "$pkgdir"/usr/bin/update-$pkgname # compatibility links cd "$pkgdir/usr/share/$pkgname" @@ -82,4 +84,5 @@ _check_sig() { sha512sums="3ecf5d66e506526ad98ea0b371202f0763b987322bd4407b40fcd95415202bddb18fd06c82eb397566b393e214dc88cb17ec94f3908328e8a55f5f68cc730993 verisign-grs-nstld-key.asc ad14d7b6c6c52ebdd6c21448aa79d0560701df3b92576fab7ed1611314a5279e317dcfbcb05f2f2cb9d9b0a8932f56e6a03c7a52709fc75929d568267aa64f8b named.root -774ac61ee930611a1876447c981e20f0340ad25c49703b2d068164a681c3d5bac8f5c8f6fc0a4ba98e04d9aa4b922d4ea8936029cf2336b94e7cd6588ee6ba69 named.root.sig" +774ac61ee930611a1876447c981e20f0340ad25c49703b2d068164a681c3d5bac8f5c8f6fc0a4ba98e04d9aa4b922d4ea8936029cf2336b94e7cd6588ee6ba69 named.root.sig +7e640e997dd0eae47fb1e609f73d5206e09684eada15d3b6043fc23e639859af743b99cbd868e98269c2af25e7c3eeea307f52f2fb7d4a6f3e00f8b14a289322 update-dns-root-hints" diff --git a/main/dns-root-hints/update-dns-root-hints b/main/dns-root-hints/update-dns-root-hints new file mode 100755 index 0000000000..55f3dc77f9 --- /dev/null +++ b/main/dns-root-hints/update-dns-root-hints @@ -0,0 +1,43 @@ +#!/bin/sh + +url=https://www.internic.net/domain +base_dir=/usr/share/dns-root-hints +_tmp=$(mktemp -d -p .) + +if [ $(id -u) != "0" ]; then + echo "Needs to run as root." + exit 1 +fi + +_check_sig() { + local GNUPGHOME="$HOME/.gpg" + install -d -m 0700 "$GNUPGHOME" + gpg --import < $base_dir/verisign-grs-nstld-key.asc + gpg --verify "${_tmp}/named.root.sig" "${_tmp}/named.root" +} + +for file in named.root named.root.sig; do + curl -sLR ${url}/${file} -o "${_tmp}/${file}" || exit 1 +done + +# compare new and current versions +_drh_new_ver=$(grep "related version of root zone:" ${_tmp}/named.root | egrep -o '[0-9]{10}') +_drh_current_ver=$(grep "related version of root zone:" $base_dir/named.root | egrep -o '[0-9]{10}') + +# update to new version if needed +echo "Version $_drh_current_ver <- Installed" +echo "Version $_drh_new_ver <- Downloaded" + +if [ "$_drh_new_ver" != "$_drh_current_ver" ]; then + _check_sig || exit 1 + mv ${_tmp}/named.root $base_dir/named.root || exit 1 + mv ${_tmp}/named.root.sig $base_dir/named.root.sig || exit 1 + echo -e "\nZone file updated.\n" +else + echo -e "\nZone file already up-to-date.\n" +fi + +# cleanup +rm "${_tmp}"/* 2>/dev/null || true +rmdir "${_tmp}" 2>/dev/null || true + -- cgit v1.2.3