[arch-commits] Commit in dnssec-anchors/trunk (PKGBUILD dnssec-anchors-versioned.sh)
Jelle van der Waa
jelle at archlinux.org
Tue Oct 13 19:54:07 UTC 2020
Date: Tuesday, October 13, 2020 @ 19:54:07
Author: jelle
Revision: 398255
Make dnssec-anchors reproducible by downloading the key from our servers
Added:
dnssec-anchors/trunk/dnssec-anchors-versioned.sh
Modified:
dnssec-anchors/trunk/PKGBUILD
-----------------------------+
PKGBUILD | 26 ++++++++------------------
dnssec-anchors-versioned.sh | 23 +++++++++++++++++++++++
2 files changed, 31 insertions(+), 18 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-10-13 19:49:13 UTC (rev 398254)
+++ PKGBUILD 2020-10-13 19:54:07 UTC (rev 398255)
@@ -1,33 +1,23 @@
-# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Maintainer: Jelle van der Waa <jelle at archlinux.org>
+# Contributor: Gaetan Bisson <bisson at archlinux.org>
# Contributor: Thomas Mudrunka <harvie at email.cz>
# Contributor: m4xm4n <max at maxfierke.com>
pkgname=dnssec-anchors
pkgver=20190629
-pkgrel=2
+_trusted_key=trusted-key-${pkgver}.key
+pkgrel=3
pkgdesc='DNSSEC trust anchors for the root zone'
url='https://data.iana.org/root-anchors/'
license=('custom:none')
arch=('any')
makedepends=('unbound')
-source=('LICENSE')
-sha256sums=('dd37e92942d5a4024f1c77df49d61ca77fc6284691814903a741785df61f78cb')
+source=('LICENSE' "https://sources.archlinux.org/other/packages/${pkgname}/${_trusted_key}")
+sha256sums=('dd37e92942d5a4024f1c77df49d61ca77fc6284691814903a741785df61f78cb'
+ 'b01933ede7d505cac6bbee8c58027057d3a073581fa6cf595c352553dd07ee3c')
-prepare() {
- cd "${srcdir}"
-
- unbound-anchor -v -a root.key ||
- unbound-anchor -v -a root.key
-
- unbound-host -v -f root.key -t DNSKEY . |
- sed 's/ (secure)//;t;d' |
- sed 's/ has / IN /' |
- sed 's/ record / /' \
- > trusted-key.key
-}
-
package() {
cd "${srcdir}"
- install -Dm644 trusted-key.key "${pkgdir}"/etc/trusted-key.key
+ install -Dm644 ${_trusted_key} "${pkgdir}"/etc/trusted-key.key
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}
Added: dnssec-anchors-versioned.sh
===================================================================
--- dnssec-anchors-versioned.sh (rev 0)
+++ dnssec-anchors-versioned.sh 2020-10-13 19:54:07 UTC (rev 398255)
@@ -0,0 +1,23 @@
+#!/usr/bin/bash
+
+TRUSTED_KEY=trusted-key-$(date +%Y%m%d).key
+DEST=/srv/ftp/other/packages/dnssec-anchors
+
+update_key() {
+ key=$1
+ unbound-anchor -v -a root.key ||
+ unbound-anchor -v -a root.key
+
+ unbound-host -v -f root.key -t DNSKEY . |
+ sed 's/ (secure)//;t;d' |
+ sed 's/ has / IN /' |
+ sed 's/ record / /' \
+ > "${key}"
+
+ # Cleanup created root.key
+ rm root.key
+}
+
+update_key "${TRUSTED_KEY}"
+
+scp "${TRUSTED_KEY}" repos.archlinux.org:${DEST}
Property changes on: dnssec-anchors/trunk/dnssec-anchors-versioned.sh
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
More information about the arch-commits
mailing list