V1.00.128.2025.06.03
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -0,0 +1,69 @@
|
||||
#!/bin/sh
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: 2025-06-03; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/draft-weidner-catalog-rr-ext.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-FileType: SOURCE
|
||||
# SPDX-License-Identifier: EUPL-1.2
|
||||
# SPDX-LicenseComment: This file is part of the draft-weidner-catalog-rr-ext framework.
|
||||
# SPDX-PackageName: draft-weidner-catalog-rr-ext
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
|
||||
# Usage:
|
||||
# sh build_caa-ct-sts.sh <OWN_DOMAIN> <CA_DOMAIN> <CRIT_FLAG>
|
||||
|
||||
set -eu
|
||||
readonly OWN_DOMAIN="$1"
|
||||
readonly CAA_DOMAIN="$2"
|
||||
readonly CRIT__FLAG="$3"
|
||||
readonly CAA_CTS_TS="caa-ct-sts.${OWN_DOMAIN}.txt"
|
||||
case "${CRIT__FLAG}" in
|
||||
true|false) ;;
|
||||
*) echo "Error: CRIT_FLAG MUST be either 'true' or 'false'." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
:> "${CAA_CTS_TS}"
|
||||
{ echo "### CAA-CT-STS Policy: $CAA_CTS_TS ###"
|
||||
echo "version: CAACTSTSv1"
|
||||
echo "max_age: 60"
|
||||
} > "${CAA_CTS_TS}"
|
||||
JSON=$(curl -fsSL https://www.gstatic.com/ct/log_list/v3/log_list.json)
|
||||
readonly JSON
|
||||
echo "${JSON}" | awk -v OWN="${OWN_DOMAIN}" -v CA="${CAA_DOMAIN}" -v CRIT="${CRIT__FLAG}" -v OUT="${CAA_CTS_TS}" '
|
||||
BEGIN { FS="\""; }
|
||||
/{[[:space:]]*"description"/ {
|
||||
desc=""; url=""; start=""; endt=""; logid=""; key="";
|
||||
}
|
||||
/"description":/ {
|
||||
desc = $4
|
||||
gsub(/\047/, "", desc)
|
||||
}
|
||||
/"url":/ {
|
||||
url = $4
|
||||
}
|
||||
/"start_inclusive":/ {
|
||||
start = $4
|
||||
}
|
||||
/"end_exclusive":/ {
|
||||
endt = $4
|
||||
}
|
||||
/"log_id":/ {
|
||||
logid = $4
|
||||
}
|
||||
/"key":/ {
|
||||
key = $4
|
||||
gsub(/\047/, "", key)
|
||||
}
|
||||
/"end_exclusive":/ {
|
||||
if (desc != "" && url != "" && start != "" && logid != "" && key != "") {
|
||||
printf "ct_policy: ( \"%s; critical=%s; desc='\''%s'\''; validfrom=%s; validtill=%s; cturi=%s; logid='\''%s'\''; pubkey='\''%s'\'';\" )\n", \
|
||||
CA, CRIT, desc, start, endt, url, logid, key \
|
||||
>> OUT
|
||||
}
|
||||
}
|
||||
'
|
||||
echo "CAA-CT-STS Policy File: '${CAA_CTS_TS}' written."
|
||||
exit 0
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
@@ -0,0 +1,65 @@
|
||||
#!/bin/sh
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: 2025-06-03; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/draft-weidner-catalog-rr-ext.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-FileType: SOURCE
|
||||
# SPDX-License-Identifier: EUPL-1.2
|
||||
# SPDX-LicenseComment: This file is part of the draft-weidner-catalog-rr-ext framework.
|
||||
# SPDX-PackageName: draft-weidner-catalog-rr-ext
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
|
||||
# Usage:
|
||||
# sh build_caa_records.sh <OWN_DOMAIN> <CA_DOMAIN> <CRIT_FLAG>
|
||||
|
||||
set -eu
|
||||
readonly OWN_DOMAIN="$1"
|
||||
readonly CAA_DOMAIN="$2"
|
||||
readonly CRIT__FLAG="$3"
|
||||
readonly ZONE__FILE="zone_${OWN_DOMAIN}_CAA.txt"
|
||||
case "${CRIT__FLAG}" in
|
||||
true|false) ;;
|
||||
*) echo "Error: CRIT_FLAG MUST be either 'true' or 'false'." >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
:> "${ZONE__FILE}"
|
||||
JSON=$(curl -fsSL https://www.gstatic.com/ct/log_list/v3/log_list.json)
|
||||
readonly JSON
|
||||
echo "${JSON}" | awk -v OWN="${OWN_DOMAIN}" -v CA="${CAA_DOMAIN}" -v CRIT="${CRIT__FLAG}" -v OUT="${ZONE__FILE}" '
|
||||
BEGIN { FS="\""; }
|
||||
/{[[:space:]]*"description"/ {
|
||||
desc=""; url=""; start=""; endt=""; logid=""; key="";
|
||||
}
|
||||
/"description":/ {
|
||||
desc = $4
|
||||
gsub(/\047/, "", desc)
|
||||
}
|
||||
/"url":/ {
|
||||
url = $4
|
||||
}
|
||||
/"start_inclusive":/ {
|
||||
start = $4
|
||||
}
|
||||
/"end_exclusive":/ {
|
||||
endt = $4
|
||||
}
|
||||
/"log_id":/ {
|
||||
logid = $4
|
||||
}
|
||||
/"key":/ {
|
||||
key = $4
|
||||
gsub(/\047/, "", key)
|
||||
}
|
||||
/"end_exclusive":/ {
|
||||
if (desc != "" && url != "" && start != "" && logid != "" && key != "") {
|
||||
printf "%s. 60 IN CAA 0 issuect ( \"%s; critical=%s; desc='\''%s'\''; validfrom=%s; validtill=%s; cturi=%s; logid='\''%s'\''; pubkey='\''%s'\'';\" )\n", \
|
||||
OWN, CA, CRIT, desc, start, endt, url, logid, key \
|
||||
>> OUT
|
||||
}
|
||||
}
|
||||
'
|
||||
echo "Bind9 zone-file: '${ZONE__FILE}' written."
|
||||
exit 0
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
Reference in New Issue
Block a user