| 1 | # Contributor: Thomas Mudrunka <harvie@@email..cz> |
| 2 | # Maintainer: Thomas Mudrunka <harvie@@email..cz> |
| 3 | # You can also contact me on http://blog.harvie.cz/ |
| 4 | # Patches welcome: http://github.com/harvie/archlinux-packages |
| 5 | |
| 6 | pkgname=dnssec-root-zone-trust-anchors |
| 7 | pkgver=2010.07.15 |
| 8 | pkgrel=1 |
| 9 | pkgdesc='IANA Root Zone Trust Anchors for DNSSEC converted to various formats so they are usable by many applications.' |
| 10 | arch=('any') |
| 11 | license=('Public Domain') |
| 12 | url='https://www.iana.org/dnssec/' |
| 13 | depends=() |
| 14 | makedepends=(sed coreutils gnupg) |
| 15 | optdepends=( |
| 16 | 'gnupg: verify IANA anchors yourself' |
| 17 | 'sed: anchors2ds' |
| 18 | ) |
| 19 | _signed_zones=(.) #(bg br cat cz dk edu lk na org tm uk) |
| 20 | _anchor_dir=/usr/share/dnssec-trust-anchors |
| 21 | _root_anchors=root-anchors |
| 22 | _root_anchor=Kjqmt7v |
| 23 | source=( |
| 24 | anchors2ds.sed |
| 25 | https://data.iana.org/root-anchors/${_root_anchor}.crt |
| 26 | https://data.iana.org/root-anchors/${_root_anchor}.csr |
| 27 | https://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.html |
| 28 | https://data.iana.org/root-anchors/draft-icann-dnssec-trust-anchor.txt |
| 29 | https://data.iana.org/root-anchors/icann.pgp |
| 30 | https://data.iana.org/root-anchors/icannbundle.p12 |
| 31 | https://data.iana.org/root-anchors/icannbundle.pem |
| 32 | https://data.iana.org/root-anchors/root-anchors.asc |
| 33 | https://data.iana.org/root-anchors/root-anchors.p7s |
| 34 | https://data.iana.org/root-anchors/root-anchors.xml |
| 35 | ) |
| 36 | |
| 37 | build() { |
| 38 | cd ${srcdir} |
| 39 | |
| 40 | msg 'Verifiing root-zone anchors using GPG' |
| 41 | echo 'I will import ICANN GPG key now. You should check it and optionaly sign it for future pkg builds.' |
| 42 | gpg --import icann.pgp |
| 43 | if gpg --verify "${_root_anchors}.asc" "${_root_anchors}.xml"; then |
| 44 | msg2 'OK!' |
| 45 | echo |
| 46 | else |
| 47 | msg2 'Failed!' |
| 48 | return 1 |
| 49 | fi; |
| 50 | |
| 51 | msg 'Transforming root-zone anchors for various applications' |
| 52 | msg2 'to DS format... (unbound,drill,dig,...)' |
| 53 | _anchor_data="$(sed -f "${srcdir}/anchors2ds.sed" "${_root_anchors}.xml" | tee "${_root_anchors}.key")"; |
| 54 | echo ${_anchor_data} |
| 55 | echo |
| 56 | |
| 57 | msg2 'to dnsval.conf format... (dnssec-tools)' |
| 58 | echo "# you can include this file in dnsval.conf using following directive: |
| 59 | # include ${_anchor_dir}/${_root_anchors}.dnsval.conf |
| 60 | |
| 61 | : trust-anchor |
| 62 | ${_anchor_data} |
| 63 | ; |
| 64 | |
| 65 | : zone-security-expectation |
| 66 | $(for zone in ${_signed_zones[*]}; do echo -e "\t${zone} validate"; done) |
| 67 | ;" | tee "${_root_anchors}.dnsval.conf" |
| 68 | echo |
| 69 | |
| 70 | msg 'Installing anchor files...' |
| 71 | mkdir -p ${pkgdir}${_anchor_dir}/ |
| 72 | cp -f ${srcdir}/* "${pkgdir}${_anchor_dir}/" |
| 73 | |
| 74 | msg 'Making /etc/trusted-key.key symlink...' |
| 75 | mkdir -p "${pkgdir}/etc" |
| 76 | ln -s "${_anchor_dir}/${_root_anchors}.key" "${pkgdir}/etc/trusted-key.key" |
| 77 | |
| 78 | msg 'Installing usefull binaries...' |
| 79 | mkdir -p "${pkgdir}/usr/bin" |
| 80 | cp "${srcdir}/anchors2ds.sed" "${pkgdir}/usr/bin/anchors2ds" |
| 81 | chmod -R 755 "${pkgdir}/usr/bin" |
| 82 | |
| 83 | msg 'Cleaning...' |
| 84 | rm -rf "${srcdir}"/* |
| 85 | |
| 86 | } |
| 87 | |
| 88 | md5sums=('dc7048530480e57f2eade3cd12dfaf39' |
| 89 | '4659ca54445124527a9cdc1993264b3e' |
| 90 | '427766bf91c674c4f0469ed363f207a8' |
| 91 | 'fc244ac431689b6f5be904028c869fce' |
| 92 | '3cd5b6b9f78658e1a1132fe36ce18273' |
| 93 | 'ec5993b72a0b20e58fa993cd455efbc1' |
| 94 | 'b174283d8da2150b9a720814aed0399b' |
| 95 | '59774aba58dbde1049bdf4722fb4f02c' |
| 96 | 'a5612e1b84a75c29b642b9342286c511' |
| 97 | 'ebde9ff9f8fdc8e057c7f9c0fa24738a' |
| 98 | '69e6f9b67e92fbc952d488cc6f67198f') |
| 99 | sha1sums=('535d130c78439146182cd33d3e5f26a6191abeb4' |
| 100 | '1521d2d6046e8858b6e7bad0a03f524abfa81cb1' |
| 101 | 'ccd189083713572119635047e3d78ae9a2d9d307' |
| 102 | '1d7c57b28ec4551361b7b6fc38f7740e8c2626c0' |
| 103 | '81c1a8a5292938ce858c72abd39e07acd9d4f95c' |
| 104 | 'c44ac1ef27f6b3070283c71c63e9567f7be4e946' |
| 105 | '1ab810120ce23b8d00bc85d23d51a5386beb4574' |
| 106 | '4c4de880ff9f06e70f72cf66121ecc0849cbd1f5' |
| 107 | '9a9fe64e4ef587f4413c1e0ab7655e532de9070f' |
| 108 | '5e7a74700015caaed59a2cc09f5daf15f24d5c18' |
| 109 | '9bb81768fb3095584096999693418fcdb13d7b9c') |
| 110 | sha256sums=('94b4370dd436580e8a5fb775e436ef9ff1cafcfb00bb787a8cadef8b3e34ee08' |
| 111 | 'ad068d18531618a9f1d0b68ffd84c87fbb5b8c2aea0288122a2eae8ad1190c2f' |
| 112 | '401120c1721ba100b2d9abf2d01332399535ba0f9c71dbd9f97232c5ebd608d2' |
| 113 | 'dbf1e6220849f93ceb80b6d247c5a3d42b5c38e053b1a6465e701d3c8f953a8e' |
| 114 | '328faa824f529f1483f584fbb4b1f83b63f53ae4bad64609bab2009a811172c7' |
| 115 | 'aaa2c7f6230c49b94af57931cfdd2452d24245b917a27110b28e952975b8c5be' |
| 116 | '0c854f3be5b2e212c276a1b98ce7bf57caf412152c26e667613e63793af4f654' |
| 117 | 'c4a91c4bea6763f4ef05ca92bf74fb41d5583594c04aa999c90a55d710a3e5da' |
| 118 | '5bffcac53f810c5fb1e1baf543e2de2f10ec99d7f7cddb5f1e47b1e58cf34cfa' |
| 119 | '62eba1622ebf8f87b3125f4f9e686cefd952f805696cab0fc24c96eccd7c6f49' |
| 120 | 'dfb281b771dc854c18d1cff9d2eecaf184cf7a9668606aaa33e8f01bf4b4d8e4') |
| 121 | sha384sums=('d23aa0cee0c601dac88a418ddb90730bfc12d0b14d7332d1741dd44843a21a89fad6298cce7e4c3fa66d67779844c873' |
| 122 | '8e749498165c421f468fbd97d520651f54db79cfd5683bd74486758701916c7b44084d7aac449f8e50aa553237bea63a' |
| 123 | '65128264d4271ff197368b69bce1df37294f45e324a02289599c13ad920d1acb9fc13be67b64c7b54c305feae30cd270' |
| 124 | 'fb37e1b7130094cffd36e7c6d8e9f3fbd2f1266f759bb453975e4047f71246dd46d556213e913bed6698e45862cd5dc1' |
| 125 | '3789bf702382ba80dc21cb33db0b9cb2b1fc4dfc91a990b0762fcb9b9b89c184ae3bfe62e18ef7f01c5f35fd2436f090' |
| 126 | '799e8204dbd6590afc8fecc5cea5a2c9127657d29942bb1c677d4150490a7f27ef52b33ddada72eba71a92c485b0f84e' |
| 127 | '1110c6323fa56ad2bce304992bba69be78a5479e983bdadb0dab92e16ae94993748bfb618eb74ebae0617377e366c18f' |
| 128 | 'ea647918a84e9952ad16cd559f386a47768b91ea22ea33b7218461188400ca3f3fe71dd80d6c096a4aafbf7126666b59' |
| 129 | '47c1f4243298ce2f5f6234a159b080acdd58d657175300408020e2e064c647ebd3c8110d82700c35a622f96804f48827' |
| 130 | 'f9a0059f6040b1f39a03c0eb3c861a5b1f287b9507b42bff25ce12784ad8500c0b4dcbbb0f1b2c849c25c1626bfade1b' |
| 131 | 'e4e08ece419d2ccb934a930121a8ea3a7f34127dfcc3ac1dda3da4389b1b825fc689dc00dcefb13d749179ac5a497c38') |
| 132 | sha512sums=('772c3d5f89f75f3629cd52116ffe15355f66de58892dc7d9518275a07f1c27865e3cc1331254918e0edfb7979de471f2641ada7b544d6ec0a95f8cc9c389f370' |
| 133 | 'b0c85c17439b3a9323390217edf72f67a91a36b509a68470543b4dc1a3cce6a73065e989dee10ae070e5d2100e026af1d01ab8c000447ae4bbe64c21451d1081' |
| 134 | '8e47be5054bbb801cb914d94a6f0d1e6b9b2eba387714f011f118bf8af6dacfe24a2dec80525ad005c545fa15fd8413cf90615e6d5c50d7925daa4aefff77112' |
| 135 | '66a5e48a2a2222bbddb84222c49b5e6cd2e30c4dc56c8ba5be9d0748fb46f71a3c2a82e843a340acbc9ce9a5f655a1695c73d0d127c6dac2099d2303a9057898' |
| 136 | 'df200c6e42924df6813c32a3084a93ec5228a6a04e21e2daf82069d40a390d5a4f3e72c8e55610fda70b01f1ae20dbf2e7e49a7c1d45e9cd145446821a67479f' |
| 137 | 'db6c917bd5a6141beb8f6ce5d601541fe222446e330ab7c598d6e355315a354f14b117731213863fea28a0ca7d5b12a6b91ac32f5e55cc476a7d1dbb437abbab' |
| 138 | '7689a2304b9ac8875d9c58a4c0facc2718abb7de39af19c8a6c149bfc5fbb80ef23a41828fc79f07b2359290505e22c8ea509ec56d0b1c17212d455badcc2ecf' |
| 139 | '36ce5025acc447f740222dd5f794fd848540731792441c6e50b0260411ea8d30b7d2b97a53a26d0469f3315d5881acb5e2b92a904413939db9a6b64ffd6e0f2b' |
| 140 | 'e9c86b897d7e8edb979cba4bebe353b7c7f21b4061cd6f571c8671b02e73c2ea0b78a980169fa7d40987b9e962a0f1ba17dbb392b5ec6ad14fedce65a139c913' |
| 141 | 'a9dda6e8785cb1675128f90b181f6100055894e5c8c7f8e7cbdcac82d4a0b3a2a00f57421b81a5093c4b283a75dc63e1e21e10f8c350e7404bba7c5e13fad28a' |
| 142 | 'bca506c852bc83aa9d04ed0b52bef6d0baec745e466292273d52f49fd73cec73db4c6d55a9921fe086c7edc618f3ab21dc03146b6d617644495b3926e262e572') |