Utility script to convert anchors.mf from the ITAR into individual files that are...

git-svn-id: file:///svn/unbound/trunk@1914 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/contrib/README b/contrib/README
index 1b8458f437dde98fb7aff9743cd6e1ecab87b8ff..b68e0d76a4a5a0add5c9d03257ec5735ab092314 100644 (file)
--- a/contrib/README
+++ b/contrib/README
@@ -8,6 +8,8 @@ distribution but may be helpful.
 * update-anchor.sh: shell script that uses unbound-host to update a set
        of trust anchor files. Run from cron twice a month.
 * update-itar.sh: shell script that updates from itar.iana.org. Run from cron.
+* split-itar.sh: shell script to split anchors.mf from itar.iana.org into
+       multiple key files so it can be used with auto-trust-anchor-file.
 * unbound_munin_ : plugin for munin statistics report
 * unbound_cacti.tar.gz : setup files for cacti statistics report
 * selinux: the .fc and .te files for SElinux protection of the unbound daemon

diff --git a/contrib/split-itar.sh b/contrib/split-itar.sh
new file mode 100644 (file)
index 0000000..5963d65
--- /dev/null
+++ b/contrib/split-itar.sh
@@ -0,0 +1,46 @@
+#/usr/bin/env bash
+# Contributed by Tom Hendrikx <tom@whyscream.net>
+
+PROGNAME=$(basename $0)
+
+usage() {
+       echo "$PROGNAME: split the anchors.mf file from IANA into separate files." >&2
+       echo "" >&2
+       echo "$PROGNAME uses 2 arguments:" >&2
+       echo "  - the path to the anchors.mf, available at: https://itar.iana.org/" >&2
+       echo "  - the directory to leave the files, defaults to '.' (current working dir)" >&2
+       exit 1
+}
+
+if [ -n "$1" ] && [ -r "$1" ]; then
+       itar="$1"
+       echo "Reading from: $itar"
+else 
+       echo "Error: no anchors file given" >&2
+       usage
+fi
+
+if [ -n "$2" ]; then
+       dir="$2"
+else 
+       dir=$(pwd)
+fi
+
+if [ ! -d "$dir" ]; then
+       echo "Error: $dir is not a directory" >&2
+       usage
+fi
+
+while read cn line; do
+       if [ $(expr match "$cn" '[a-zA-Z0-9-]*\.') -gt 0 ]; then
+               # first line of key
+               out="$dir/$cn"anchor
+               echo "writing key for $cn to: $out"
+               echo "$cn       $line" > $out
+       elif [ "$cn" == "DS" ]; then
+               # second or later line of earlier defined key
+               echo "  $cn     $line" >> $out
+       fi
+done < "$itar"
+
+echo "Done."

diff --git a/doc/CREDITS b/doc/CREDITS
index 499b7ba158b5adfbc652f0413b2eda6a50c24e63..13acf74beb0544ba88eedb658e873c06d8b0f3b3 100644 (file)
--- a/doc/CREDITS
+++ b/doc/CREDITS
@@ -17,3 +17,4 @@ Zdenek Vasicek and Marek Vavrusa - python module.
 cz.nic - sponsoring 'summer of code' development by Zdenek and Marek.
 Brett Carr - windows beta testing.
 Luca Bruno - patch for windows support in libunbound hosts and resolvconf().
+Tom Hendrikx - contributed split-itar.sh a useful script to 5011-track ITAR.

diff --git a/doc/Changelog b/doc/Changelog
index 7fe34493b9d1841d400c6bf136f056f0448de295..9b39e0124bbf67e4f63b5b0a56ac49af5a9714d4 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+20 November 2009: Wouter
+       - contrib/split-itar.sh contributed by Tom Hendrikx.
+
 19 November 2009: Wouter
        - better argument help for unbound-control.
        - iana portlist updated.