2 # NSC -- Zone file generator
3 # (c) 1997--2019 Martin Mares <mj@ucw.cz>
9 echo >&2 "Usage: $0 <domain> <source files>"
15 CURRENT_HASH=$($M4 -DHASHING m4/nsc.m4 "$@" | md5sum | cut -d " " -f1)
16 if [ -f khash/$Z ] ; then
17 CURRENT_HASH=$CURRENT_HASH:$(cat khash/$Z)
18 if [ -f keys/resign-stamp ] ; then
19 CURRENT_HASH=$CURRENT_HASH:$(stat -c '%Y' keys/resign-stamp)
23 PREV_HASH=$(if [ -s hash/$Z ] ; then cat hash/$Z ; fi)
24 if [ "X$CURRENT_HASH" = "X$PREV_HASH" ] ; then
25 echo "-- $Z: No changes"
28 $M4 -DVERS=ver/$Z m4/nsc.m4 "$@" >zone/$Z.new
29 NEWVER="$(sed -e "s/^;;; VERSION: //; t; d" zone/$Z.new)"
30 if [ -f khash/$Z ] ; then
31 ORIGIN=$(grep '\$ORIGIN' zone/$Z.new | cut -d' ' -f2)
32 if [ -z "$ORIGIN" ] ; then
33 echo >&2 "FATAL: Cannot establish zone origin for $Z"
37 if [ -f bin/dnssec-hacks ] ; then
38 # Undocumented hook for hacks
41 if ! dnssec-signzone -a -d tmp -K keys/$Z $SIGNZONE_OPTIONS -f zone/$Z.signed -o $ORIGIN -S $NSEC zone/$Z.new &>zone/$Z.tmp ; then
43 echo >&2 "FATAL: Cannot sign $Z"
48 mv zone/$Z.signed zone/$Z
52 mv zone/$Z.new zone/$Z
55 echo "** $Z: New version $NEWVER$SIGNED"
56 echo $CURRENT_HASH >hash/$Z