-#!/bin/sh
+#!/bin/bash
+# NSC -- Zone file generator
+# (c) 1997--2019 Martin Mares <mj@ucw.cz>
+
set -e
. bin/shell-env
+
+if [ $# -lt 2 ] ; then
+ echo >&2 "Usage: $0 <domain> <source files>"
+ exit 1
+fi
Z=$1
shift
-mkdir -p $HASHDIR
+
CURRENT_HASH=$($M4 -DHASHING m4/nsc.m4 "$@" | md5sum | cut -d " " -f1)
+if [ -f $KEYDIR/$Z.hash ] ; then
+ CURRENT_HASH=$CURRENT_HASH:$(cat $KEYDIR/$Z.hash)
+ if [ -f $KEYDIR/resign-stamp ] ; then
+ CURRENT_HASH=$CURRENT_HASH:$(stat -c '%Y' $KEYDIR/resign-stamp)
+ fi
+fi
+
PREV_HASH=$(if [ -s $HASHDIR/$Z ] ; then cat $HASHDIR/$Z ; fi)
if [ "X$CURRENT_HASH" = "X$PREV_HASH" ] ; then
echo "-- $Z: No changes"
touch $ZONEDIR/$Z $HASHDIR/$Z
else
$M4 -DVERS=$VERSDIR/$Z m4/nsc.m4 "$@" >$ZONEDIR/$Z.new
- mv $ZONEDIR/$Z.new $ZONEDIR/$Z
- echo "** $Z: New version $(sed -e "s/^;;; VERSION: //; t; d" $ZONEDIR/$Z)"
+ NEWVER="$(sed -e "s/^;;; VERSION: //; t; d" $ZONEDIR/$Z.new)"
+ if [ -f $KEYDIR/$Z.hash ] ; then
+ if ! dnssec-signzone -a -d $DSSDIR -g -K $KEYDIR/$Z $SIGNZONE_OPTIONS -f $ZONEDIR/$Z.signed -o $Z -S -3 - $ZONEDIR/$Z.new &>$ZONEDIR/$Z.tmp ; then
+ cat $ZONEDIR/$Z.tmp
+ echo >&2 "FATAL: Signing failed"
+ exit 1
+ fi
+ rm -f $ZONEDIR/$Z.tmp
+ mv $ZONEDIR/$Z.signed $ZONEDIR/$Z
+ SIGNED=" (signed)"
+ else
+ mv $ZONEDIR/$Z.new $ZONEDIR/$Z
+ SIGNED=
+ fi
+ echo "** $Z: New version $NEWVER$SIGNED"
echo $CURRENT_HASH >$HASHDIR/$Z
fi
projects / nsc-5.git / commitdiff