summaryrefslogtreecommitdiffstats
path: root/update-root-anchors.sh
diff options
context:
space:
mode:
Diffstat (limited to 'update-root-anchors.sh')
-rwxr-xr-xupdate-root-anchors.sh21
1 files changed, 21 insertions, 0 deletions
diff --git a/update-root-anchors.sh b/update-root-anchors.sh
new file mode 100755
index 0000000..298c224
--- /dev/null
+++ b/update-root-anchors.sh
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+# This data is documented at <https://www.iana.org/dnssec/files>.
+
+wget -O root-anchors.xml.NEW https://data.iana.org/root-anchors/root-anchors.xml
+
+# ignore the update date, which changes daily
+if diff -u root-anchors.xml root-anchors.xml.NEW; then
+ echo "root-anchors.xml has NOT changed."
+ rm root-anchors.xml.NEW
+ exit
+fi
+
+echo "root-anchors.xml has changed."
+
+wget -O root-anchors.p7s.NEW https://data.iana.org/root-anchors/root-anchors.p7s
+
+openssl smime -verify -content signed-file -CAfile icannbundle.pem -inform DER -in root-anchors.p7s -content root-anchors.xml -out /dev/null
+
+mv root-anchors.xml.NEW root-anchors.xml
+mv root-anchors.p7s.NEW root-anchors.p7s
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-18 07:00:00 +0000