summaryrefslogtreecommitdiff
blob: 9e76945581eb7d136c27b6eb904ab2591c646ca9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$

EAPI=4

DESCRIPTION="The DNSSEC root key(s)"
HOMEPAGE="https://www.iana.org/dnssec/"
SRC_URI="http://data.iana.org/root-anchors/root-anchors.xml -> root-anchors-20100715.xml
		http://data.iana.org/root-anchors/Kjqmt7v.csr -> Kjqmt7v-20100715.csr
		test? ( http://data.iana.org/root-anchors/Kjqmt7v.crt -> Kjqmt7v-20110630.crt
				http://data.iana.org/root-anchors/root-anchors.p7s -> root-anchors-20110630.p7s
				http://data.iana.org/root-anchors/root-anchors.asc -> root-anchors-20100715.asc
				http://data.iana.org/root-anchors/icannbundle.pem -> icannbundle-20100715.pem
				http://data.iana.org/root-anchors/icann.pgp -> icann-20110715.pgp
				)"

LICENSE="public-domain"
SLOT="0"
KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~x64-macos"
IUSE="test"

RESTRICT="mirror"

RDEPEND=""
DEPEND="dev-libs/libxslt
		test? ( app-crypt/gnupg
			dev-libs/openssl )"

S="${WORKDIR}"

# xsl and checking as per:
# http://permalink.gmane.org/gmane.network.dns.unbound.user/1039

src_unpack() {
	return
}

src_compile() {
	xsltproc -o root-anchors-20100715.txt "${FILESDIR}"/anchors2ds.xsl "${DISTDIR}"/root-anchors-20100715.xml || die 'xsl translation failed'
}

src_test() {
	# icann.pgp contains an expired key
	# gpg --import "${DISTDIR}"/icann.pgp || die 'icann key import failed'
	gpg --import \
		"${FILESDIR}"/dnssec_at_iana.org_1024D_0F6C91D2-20120522.asc || die
	gpg --verify \
		"${DISTDIR}"/root-anchors-20100715.asc \
		"${DISTDIR}"/root-anchors-20100715.xml || die
	openssl smime  -verify \
		-content "${DISTDIR}"/root-anchors-20100715.xml \
		-in "${DISTDIR}"/root-anchors-20110630.p7s -inform der \
		-CAfile "${DISTDIR}"/icannbundle-20100715.pem || die
}

src_install() {
	insinto /etc/dnssec
	newins root-anchors-20100715.txt root-anchors.txt
	newins "${DISTDIR}"/root-anchors-20100715.xml root-anchors.xml
	newins "${DISTDIR}"/Kjqmt7v-20100715.csr Kjqmt7v.csr
}