1 #!/bin/sh -e 2 3 # Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4 # 5 # SPDX-License-Identifier: MPL-2.0 6 # 7 # This Source Code Form is subject to the terms of the Mozilla Public 8 # License, v. 2.0. If a copy of the MPL was not distributed with this 9 # file, you can obtain one at https://mozilla.org/MPL/2.0/. 10 # 11 # See the COPYRIGHT file distributed with this work for additional 12 # information regarding copyright ownership. 13 14 . ../../conf.sh 15 16 (cd ../ns2 && $SHELL -e sign.sh) 17 18 cp ../ns2/dsset-* . 19 20 zone=. 21 infile=root.db.in 22 zonefile=root.db 23 24 keyname1=$($KEYGEN -a ${DEFAULT_ALGORITHM} -f KSK $zone 2>/dev/null) 25 keyname2=$($KEYGEN -a ${DEFAULT_ALGORITHM} $zone 2>/dev/null) 26 27 cat $infile $keyname1.key $keyname2.key >$zonefile 28 29 $SIGNER -P -g -o $zone $zonefile >/dev/null 30 31 # Add a trust anchor for a name whose non-existence can be securely proved 32 # without recursing when the root zone is mirrored. This will exercise code 33 # attempting to send TAT queries for such names (in ns3). Key data is 34 # irrelevant here, so just reuse the root zone key generated above. 35 sed "s/^\./nonexistent./;" $keyname1.key >$keyname1.modified.key 36 37 keyfile_to_static_ds $keyname1 $keyname1.modified >trusted.conf 38
Indexes created Sat Feb 28 05:31:39 UTC 2026