mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2026-01-10 03:01:44 +01:00
79 lines
2.9 KiB
Plaintext
79 lines
2.9 KiB
Plaintext
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
|
|
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
|
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
|
|
pkgname=dnssec-root
|
|
pkgver=20100715
|
|
pkgrel=3
|
|
pkgdesc="The DNSSEC root key(s)"
|
|
url="https://www.iana.org/dnssec/"
|
|
arch="noarch"
|
|
license="public-domain"
|
|
depends=""
|
|
makedepends="libxslt gnupg bind-tools"
|
|
install=""
|
|
subpackages=""
|
|
source="https://data.iana.org/root-anchors/icann.pgp
|
|
https://data.iana.org/root-anchors/root-anchors.xml
|
|
https://data.iana.org/root-anchors/root-anchors.asc
|
|
anchors2ds.xsl
|
|
"
|
|
|
|
# Modeled after the following approach:
|
|
# http://permalink.gmane.org/gmane.network.dns.unbound.user/1039
|
|
|
|
_keyflags=257
|
|
_hashalgo=-2
|
|
|
|
_builddir="$srcdir"/$pkgname-$pkgver
|
|
prepare() {
|
|
cd "$srcdir"
|
|
mkdir -p "$_builddir"
|
|
|
|
(
|
|
export GNUPGHOME="$_builddir"/gpg
|
|
install -d -m 700 "$GNUPGHOME"
|
|
gpg --import "$srcdir"/icann.pgp || exit 1
|
|
gpg --verify "$srcdir"/root-anchors.asc \
|
|
root-anchors.xml
|
|
) || return 1
|
|
}
|
|
|
|
build() {
|
|
cd "$_builddir"
|
|
xsltproc -o root-anchors.txt "$srcdir"/anchors2ds.xsl "$srcdir"/root-anchors.xml
|
|
|
|
dig DNSKEY . | grep -w $_keyflags > untrusted.key
|
|
dnssec-dsfromkey $_hashalgo untrusted.key > untrusted.ds
|
|
|
|
cut -d ' ' -f1-6 untrusted.ds | tr '\n' ' ' > root-anchors.tmp
|
|
cut -d ' ' -f7- untrusted.ds | sed 's/ //g' | tr '\n' ' ' >> root-anchors.tmp
|
|
printf '\n' >> root-anchors.tmp
|
|
|
|
if ! cmp root-anchors.txt root-anchors.tmp; then
|
|
echo "DNSKEY is invalid, don't continue." 1>&2
|
|
exit 1
|
|
fi
|
|
|
|
awk '{print $1 "\t" $2 "\t" $3 "\t" $4 "\t" $5 " " $6 " " $7; for (i = 8; i <= NF; i++) printf $i}' \
|
|
untrusted.key | tr '\n' ' ' > trusted-key.key
|
|
printf "\n" >> trusted-key.key
|
|
}
|
|
|
|
package() {
|
|
install -Dm644 "$_builddir"/trusted-key.key \
|
|
"$pkgdir"/usr/share/$pkgname/trusted-key.key || return 1
|
|
}
|
|
|
|
md5sums="041a789ee96301623d3e66e4d52c8a0b icann.pgp
|
|
69e6f9b67e92fbc952d488cc6f67198f root-anchors.xml
|
|
a5612e1b84a75c29b642b9342286c511 root-anchors.asc
|
|
1043c559c923279600a6da395b794597 anchors2ds.xsl"
|
|
sha256sums="3e9beaaf9bbd1fe78a0d104230cbc04d544e833a2dc6b982992f74a4860a9ae8 icann.pgp
|
|
dfb281b771dc854c18d1cff9d2eecaf184cf7a9668606aaa33e8f01bf4b4d8e4 root-anchors.xml
|
|
5bffcac53f810c5fb1e1baf543e2de2f10ec99d7f7cddb5f1e47b1e58cf34cfa root-anchors.asc
|
|
2cc436e29e5bfd39c055390045a4c14dfae517ebdad79002983756a508a15e8f anchors2ds.xsl"
|
|
sha512sums="5fba8334850f2ae753f4f8a30d1e6c62abc341ece2dc83df4bc0f6db2b91ae68942c0d2a38eab3d33b5b91640cd1cf0970777225c15d5f961884c00077d539a2 icann.pgp
|
|
bca506c852bc83aa9d04ed0b52bef6d0baec745e466292273d52f49fd73cec73db4c6d55a9921fe086c7edc618f3ab21dc03146b6d617644495b3926e262e572 root-anchors.xml
|
|
e9c86b897d7e8edb979cba4bebe353b7c7f21b4061cd6f571c8671b02e73c2ea0b78a980169fa7d40987b9e962a0f1ba17dbb392b5ec6ad14fedce65a139c913 root-anchors.asc
|
|
5b496d8f7fcb6a1241d889221f539b68485fea356feec13a94329b0807768c543c828c2821567f59d6a56931a6b2ea22827e49a1527582e3dda844d61c28b198 anchors2ds.xsl"
|