forked from wolfi-dev/os
-
Notifications
You must be signed in to change notification settings - Fork 0
/
update-dns-root-hints
46 lines (36 loc) · 1.16 KB
/
update-dns-root-hints
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/bin/sh
# originated from https://git.alpinelinux.org/aports/plain/main/dns-root-hints/update-dns-root-hints
set -eu
BASE_URL='https://www.internic.net/domain'
destdir=${DNS_ROOT_HINTS_DIR:-"/usr/share/dns-root-hints"}
if ! [ -w "$destdir" ]; then
echo 'Needs to run as root.' >&2
exit 1
fi
tmpdir=$(mktemp -d)
cleanup() {
rm "$tmpdir"/* 2>/dev/null || true
rmdir "$tmpdir" || true
}
trap cleanup EXIT HUP INT TERM
for f in named.root named.root.sig; do
curl -sLR "$BASE_URL/$f" -o "$tmpdir/$f"
done
read_version() {
sed -En 's/.*related version of root zone:\s*([0-9]{10}).*/\1/p' "$1"
}
# compare new and current versions
new_ver=$(read_version "$tmpdir"/named.root)
cur_ver=$(read_version "$destdir"/named.root)
echo "Version $cur_ver <- Installed"
echo "Version $new_ver <- Downloaded"
# update to new version if needed
if [ "$new_ver" != "$cur_ver" ]; then
gpgv --keyring "$destdir"/verisign-grs-nstld-key.gpg \
"$tmpdir"/named.root.sig "$tmpdir"/named.root || exit 10
mv "$tmpdir"/named.root "$destdir"/named.root
mv "$tmpdir"/named.root.sig "$destdir"/named.root.sig
printf '\nZone file updated.\n\n'
else
printf '\nZone file already up-to-date.\n\n'
fi