blob: 104742480c92b11b79bceddf6b6ec18d06de5c2d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
# Contributor: tcely <dnshints-root+aports@tcely.33mail.com>
# Maintainer: tcely <dnshints-root+aports@tcely.33mail.com>
pkgname=dns-root-hints
pkgver=2019031302
pkgrel=0
pkgdesc="The DNS root hint(s)"
url="https://www.internic.net/domain"
arch="noarch"
license="Public-Domain"
makedepends="curl gnupg"
options="net"
source="verisign-grs-nstld-key.asc named.root named.root.sig"
builddir="$srcdir/$pkgname-$pkgver"
build() {
mkdir -p "$builddir"
}
package() {
cd "$builddir"
install -D -m 644 -o root -g root "$srcdir"/named.root \
"$pkgdir"/usr/share/$pkgname/named.root
install -D -m 644 -o root -g root "$srcdir"/named.root.sig \
"$pkgdir"/usr/share/$pkgname/named.root.sig
install -D -m 644 -o root -g root "$srcdir"/verisign-grs-nstld-key.asc \
"$pkgdir"/usr/share/$pkgname/verisign-grs-nstld-key.asc
# compatibility links
cd "$pkgdir/usr/share/$pkgname"
ln -s named.root named.cache
ln -s named.root db.cache
}
check() {
cd "$builddir"
local _awkprog='
/related version of root zone:/ {
rootver=$NF;
if (pkgver != rootver) {
$1="ERROR:";
print;
exit 1;
};
printf "OK: %s\n", rootver;
quit;
}'
awk -v pkgver="$pkgver" "$_awkprog" "$srcdir"/named.root
}
# check new versions of root hints and commit
snapshot() {
# use a temporary dir for new files
export _tmp=$(mktemp -d -p .)
for file in named.root named.root.sig; do
curl -sLR "${url}/${file}" -o "${_tmp}/${file}"
done
# compare new and current versions
local _drh_new_ver=$(grep "related version of root zone:" ${_tmp}/named.root | egrep -o '[0-9]{10}')
local _drh_current_ver=$(grep "related version of root zone:" named.root | egrep -o '[0-9]{10}')
# commit if new version is found
if [ "$_drh_new_ver" != "$_drh_current_ver" ]; then
check_sig
mv ${_tmp}/named.root named.root
mv ${_tmp}/named.root.sig named.root.sig
git add named.root named.root.sig
abump $pkgname-$_drh_new_ver
fi
# cleanup
rm "${_tmp}"/* || true
rmdir "${_tmp}"
}
check_sig() {
local GNUPGHOME="$builddir/.gpg"
install -d -m 0700 "$GNUPGHOME"
gpg --import < verisign-grs-nstld-key.asc
gpg --verify "${_tmp}/named.root.sig" "${_tmp}/named.root"
}
sha512sums="3ecf5d66e506526ad98ea0b371202f0763b987322bd4407b40fcd95415202bddb18fd06c82eb397566b393e214dc88cb17ec94f3908328e8a55f5f68cc730993 verisign-grs-nstld-key.asc
ad14d7b6c6c52ebdd6c21448aa79d0560701df3b92576fab7ed1611314a5279e317dcfbcb05f2f2cb9d9b0a8932f56e6a03c7a52709fc75929d568267aa64f8b named.root
774ac61ee930611a1876447c981e20f0340ad25c49703b2d068164a681c3d5bac8f5c8f6fc0a4ba98e04d9aa4b922d4ea8936029cf2336b94e7cd6588ee6ba69 named.root.sig"
|
