2014-09-05 18:46:48 +00:00
|
|
|
#
|
2014-10-07 14:32:39 +00:00
|
|
|
# spec file for package dnscrypt-proxy
|
2014-09-05 18:46:48 +00:00
|
|
|
#
|
Accepting request 1236957 from home:ramdomPTM:branches:server:dns
- Update to version 2.1.6
* Forwarding: in the list of servers for a zone, the `$BOOTSTRAP` keyword can be included as a shortcut to forward to the bootstrap servers. And the `$DHCP` keyword can be included to forward to the DNS resolvers provided by the local DHCP server. Based on work by YX Hao, thanks! DHCP forwarding should be considered experimental and my not work on all operating systems. A rule for a zone can mix and match multiple forwarder types, such as `10.0.0.1,10.0.0.254,$DHCP,192.168.1.1,$BOOTSTRAP`. Note that this is not implemented for captive portals yet.
* Lying resolvers are now skipped, instead of just printing an error. This doesn't apply to captive portal and forwarding entries, which are the only reasonable use case for lying resolvers.
* Support for XSalsa20 in DNSCrypt has been removed. This was not documented, and was supserseded by XChaCha20 in 2016.
* Source files are now fetched with compression.
* DNS64: compatibility has been improved.
* Forwarding: the root domain (`.`) can now be forwarded.
* The ARC caching algorithm has been replaced by the SIEVE algorithm.
* Properties of multiple servers are now updated simultaneously. The concurrency level can be adjusted with the new `cert_refresh_concurrency` setting. Contributed by YX Hao.
* MSI packages for DNSCrypt can now easily be built.
* New command-line flag: `-include-relays` to include relays in `-list` and `-list-all`.
* Support for DNS extended error codes has been added.
* Documentation updates, bug fixes, dependency updates.
- Drop quic-go.patch, for dnscrypt-proxy already pulls fixed quic-go v0.48.2
OBS-URL: https://build.opensuse.org/request/show/1236957
OBS-URL: https://build.opensuse.org/package/show/server:dns/dnscrypt-proxy?expand=0&rev=53
2025-01-11 16:35:35 +00:00
|
|
|
# Copyright (c) 2025 SUSE LLC
|
2014-09-05 18:46:48 +00:00
|
|
|
#
|
|
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
2020-01-04 05:48:56 +00:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2014-09-05 18:46:48 +00:00
|
|
|
#
|
|
|
|
|
|
2021-01-04 18:36:28 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
%define _buildshell /bin/bash
|
|
|
|
|
%define user_group dnscrypt
|
|
|
|
|
%define config_dir %{_sysconfdir}/%{name}
|
|
|
|
|
%define home_dir %{_localstatedir}/lib/%{name}
|
2024-02-05 19:44:55 +00:00
|
|
|
%define home_dir_escaped \\%{_localstatedir}\\/lib\\/%{name}
|
2020-06-11 20:29:58 +00:00
|
|
|
%define log_dir %{_localstatedir}/log/%{name}
|
2021-01-18 17:46:09 +00:00
|
|
|
%define services %{name}.socket %{name}.service %{name}-resolvconf.service
|
2017-08-05 13:09:15 +00:00
|
|
|
|
2014-10-07 14:32:39 +00:00
|
|
|
Name: dnscrypt-proxy
|
2025-08-24 17:31:00 +00:00
|
|
|
Version: 2.1.13
|
2014-09-05 18:46:48 +00:00
|
|
|
Release: 0
|
|
|
|
|
Summary: A tool for securing communications between a client and a DNS resolver
|
2020-06-11 20:29:58 +00:00
|
|
|
License: ISC
|
2014-09-05 18:46:48 +00:00
|
|
|
Group: Productivity/Networking/DNS/Utilities
|
2020-06-11 20:29:58 +00:00
|
|
|
URL: https://dnscrypt.info/
|
|
|
|
|
Source0: https://codeload.github.com/DNSCrypt/%{name}/tar.gz/%{version}#/%{name}-%{version}.tar.gz
|
|
|
|
|
Source1: %{name}.service
|
|
|
|
|
Source2: %{name}.socket
|
2021-01-18 17:46:09 +00:00
|
|
|
Source3: %{name}-resolvconf.service
|
2020-06-11 20:29:58 +00:00
|
|
|
# File to use with sed to modify default configuration.
|
2021-01-18 17:46:09 +00:00
|
|
|
Source4: example-dnscrypt-proxy.toml.sed
|
2020-06-11 20:29:58 +00:00
|
|
|
# Some words
|
2022-03-26 17:08:58 +00:00
|
|
|
Source5: README.openSUSE
|
2020-07-10 15:22:57 +00:00
|
|
|
# Example how to override socket unit
|
2022-03-26 17:08:58 +00:00
|
|
|
Source6: %{name}.socket.conf
|
2024-02-05 19:44:55 +00:00
|
|
|
# dnscrypt user configuration
|
|
|
|
|
Source7: %{user_group}-user.conf
|
2020-06-11 20:29:58 +00:00
|
|
|
BuildRequires: golang-packaging
|
2017-08-05 13:09:15 +00:00
|
|
|
BuildRequires: pkgconfig
|
2017-09-04 10:23:01 +00:00
|
|
|
BuildRequires: systemd-rpm-macros
|
2024-02-05 19:44:55 +00:00
|
|
|
BuildRequires: sysuser-tools
|
Accepting request 1236957 from home:ramdomPTM:branches:server:dns
- Update to version 2.1.6
* Forwarding: in the list of servers for a zone, the `$BOOTSTRAP` keyword can be included as a shortcut to forward to the bootstrap servers. And the `$DHCP` keyword can be included to forward to the DNS resolvers provided by the local DHCP server. Based on work by YX Hao, thanks! DHCP forwarding should be considered experimental and my not work on all operating systems. A rule for a zone can mix and match multiple forwarder types, such as `10.0.0.1,10.0.0.254,$DHCP,192.168.1.1,$BOOTSTRAP`. Note that this is not implemented for captive portals yet.
* Lying resolvers are now skipped, instead of just printing an error. This doesn't apply to captive portal and forwarding entries, which are the only reasonable use case for lying resolvers.
* Support for XSalsa20 in DNSCrypt has been removed. This was not documented, and was supserseded by XChaCha20 in 2016.
* Source files are now fetched with compression.
* DNS64: compatibility has been improved.
* Forwarding: the root domain (`.`) can now be forwarded.
* The ARC caching algorithm has been replaced by the SIEVE algorithm.
* Properties of multiple servers are now updated simultaneously. The concurrency level can be adjusted with the new `cert_refresh_concurrency` setting. Contributed by YX Hao.
* MSI packages for DNSCrypt can now easily be built.
* New command-line flag: `-include-relays` to include relays in `-list` and `-list-all`.
* Support for DNS extended error codes has been added.
* Documentation updates, bug fixes, dependency updates.
- Drop quic-go.patch, for dnscrypt-proxy already pulls fixed quic-go v0.48.2
OBS-URL: https://build.opensuse.org/request/show/1236957
OBS-URL: https://build.opensuse.org/package/show/server:dns/dnscrypt-proxy?expand=0&rev=53
2025-01-11 16:35:35 +00:00
|
|
|
BuildRequires: vendored_licenses_packager
|
2025-05-29 16:16:10 +00:00
|
|
|
BuildRequires: golang(API) >= 1.24
|
2020-01-04 05:48:56 +00:00
|
|
|
BuildRequires: pkgconfig(libsystemd)
|
2024-02-05 19:44:55 +00:00
|
|
|
%sysusers_requires
|
|
|
|
|
%{?systemd_requires}
|
2020-07-10 15:22:57 +00:00
|
|
|
# For systemd pidfile solution.
|
|
|
|
|
Requires: bash
|
2020-06-11 20:29:58 +00:00
|
|
|
Recommends: ca-certificates
|
2021-01-18 17:46:09 +00:00
|
|
|
# needed for resolvconf support
|
|
|
|
|
Suggests: openresolv
|
2015-09-02 15:48:08 +00:00
|
|
|
Provides: dnscrypt = %{version}-%{release}
|
|
|
|
|
Obsoletes: dnscrypt < %{version}-%{release}
|
2020-06-11 20:29:58 +00:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%description
|
2020-06-11 20:29:58 +00:00
|
|
|
A flexible DNS proxy, with support for modern encrypted DNS protocols
|
2021-08-17 14:30:07 +00:00
|
|
|
such as DNSCrypt v2, DNS-over-HTTPS, Anonymized DNSCrypt
|
|
|
|
|
and ODoH (Oblivious DoH).
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
%prep
|
2024-04-22 16:30:59 +00:00
|
|
|
%autosetup -p1 -n %{name}-%{version}
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2024-02-05 19:44:55 +00:00
|
|
|
# replace with home directory from spec
|
|
|
|
|
sed -i "s/home_dir_placeholder/%{home_dir_escaped}/" %{SOURCE7}
|
|
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# duplicate original config file
|
|
|
|
|
cp ./%{name}/example-%{name}.toml ./%{name}.toml.default
|
2015-03-06 10:36:58 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# Edit default port and file locations
|
2021-01-18 17:46:09 +00:00
|
|
|
sed -i -f %{SOURCE4} ./%{name}.toml.default
|
2015-03-06 10:36:58 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# duplicate edited config file
|
|
|
|
|
cp ./%{name}.toml.default ./%{name}.toml
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# Delete "example" to prevent fdupes from deleting the backup config file if run for buildroot
|
|
|
|
|
sed -i "s/## This is an example configuration file./## This is a configuration file./" ./dnscrypt-proxy.toml
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# python path instead of env
|
2021-01-04 18:36:28 +00:00
|
|
|
sed -i "1s/#! \/usr\/bin\/env python3/#! \/usr\/bin\/python3/" utils/generate-domains-blocklist/generate-domains-blocklist.py
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2022-03-26 17:08:58 +00:00
|
|
|
%vendored_licenses_packager_prep
|
|
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
%build
|
2024-02-05 19:44:55 +00:00
|
|
|
%sysusers_generate_pre %{SOURCE7} %{user_group} %{user_group}.conf
|
2020-07-10 15:22:57 +00:00
|
|
|
cd %{name}
|
2020-06-11 20:29:58 +00:00
|
|
|
go build -mod=vendor -buildmode=pie
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
%install
|
|
|
|
|
# Directories
|
|
|
|
|
install -D -d -m 0750 \
|
|
|
|
|
%{buildroot}%{log_dir} \
|
|
|
|
|
%{buildroot}%{home_dir} \
|
|
|
|
|
%{buildroot}%{config_dir}
|
|
|
|
|
|
2020-07-10 15:22:57 +00:00
|
|
|
install -D -d -m 0755 %{buildroot}%{_datadir}/%{name}/
|
2020-06-11 20:29:58 +00:00
|
|
|
|
|
|
|
|
# Binary
|
|
|
|
|
install -D -m 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name}
|
|
|
|
|
|
2021-01-04 18:36:28 +00:00
|
|
|
# blocklist generator
|
|
|
|
|
cp -a utils/generate-domains-blocklist/ %{buildroot}%{_datadir}/%{name}/
|
2020-06-11 20:29:58 +00:00
|
|
|
|
|
|
|
|
# Config files
|
|
|
|
|
install -D -m 0640 ./%{name}.toml %{buildroot}/%{config_dir}/%{name}.toml
|
|
|
|
|
install -D -m 0640 ./%{name}.toml.default %{buildroot}/%{config_dir}/%{name}.toml.default
|
2021-01-05 22:23:51 +00:00
|
|
|
install -D -m 0640 ./%{name}/example-allowed-ips.txt %{buildroot}/%{config_dir}/allowed-ips.txt
|
|
|
|
|
install -D -m 0640 ./%{name}/example-allowed-names.txt %{buildroot}/%{config_dir}/allowed-names.txt
|
2021-01-04 18:36:28 +00:00
|
|
|
install -D -m 0640 ./%{name}/example-blocked-ips.txt %{buildroot}/%{config_dir}/blocked-ips.txt
|
2021-01-05 22:23:51 +00:00
|
|
|
install -D -m 0640 ./%{name}/example-blocked-names.txt %{buildroot}/%{config_dir}/blocked-names.txt
|
|
|
|
|
install -D -m 0640 ./%{name}/example-captive-portals.txt %{buildroot}/%{config_dir}/captive-portals.txt
|
2020-06-11 20:29:58 +00:00
|
|
|
install -D -m 0640 ./%{name}/example-cloaking-rules.txt %{buildroot}/%{config_dir}/cloaking-rules.txt
|
|
|
|
|
install -D -m 0640 ./%{name}/example-forwarding-rules.txt %{buildroot}/%{config_dir}/forwarding-rules.txt
|
|
|
|
|
|
|
|
|
|
# Systemd
|
|
|
|
|
install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
|
|
|
|
install -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.socket
|
2021-01-18 17:46:09 +00:00
|
|
|
install -D -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}-resolvconf.service
|
2020-06-11 20:29:58 +00:00
|
|
|
|
2024-02-05 19:44:55 +00:00
|
|
|
# sysuser
|
|
|
|
|
install -D -m 0644 %{SOURCE7} %{buildroot}%{_sysusersdir}/%{user_group}.conf
|
|
|
|
|
|
2020-06-11 20:29:58 +00:00
|
|
|
# service link
|
|
|
|
|
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
|
2021-01-18 17:46:09 +00:00
|
|
|
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}-resolvconf
|
2020-06-11 20:29:58 +00:00
|
|
|
|
2022-03-26 17:08:58 +00:00
|
|
|
%vendored_licenses_packager_install
|
2020-06-11 20:29:58 +00:00
|
|
|
|
|
|
|
|
# Some hints. Improvements and feedback welcome!
|
2022-03-26 17:08:58 +00:00
|
|
|
cp %{SOURCE5} README.openSUSE
|
2014-09-05 18:46:48 +00:00
|
|
|
|
2020-07-10 15:22:57 +00:00
|
|
|
# Example drop-in.
|
2022-03-26 17:08:58 +00:00
|
|
|
cp %{SOURCE6} %{name}.socket.conf
|
2020-07-10 15:22:57 +00:00
|
|
|
|
2024-02-05 19:44:55 +00:00
|
|
|
%pre -f %{user_group}.pre
|
2020-06-11 20:29:58 +00:00
|
|
|
%service_add_pre %{services}
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%post
|
2020-06-11 20:29:58 +00:00
|
|
|
%service_add_post %{services}
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%preun
|
2020-06-11 20:29:58 +00:00
|
|
|
%service_del_preun %{services}
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%postun
|
2020-06-11 20:29:58 +00:00
|
|
|
%service_del_postun %{services}
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%files
|
2021-01-05 22:23:51 +00:00
|
|
|
%doc ChangeLog README.md README.openSUSE %{name}.socket.conf %{name}.toml.default
|
|
|
|
|
%doc %{name}/example-*
|
2020-06-11 20:29:58 +00:00
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml
|
2021-01-05 22:23:51 +00:00
|
|
|
%config %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml.default
|
|
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/allowed-ips.txt
|
|
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/allowed-names.txt
|
2021-01-04 18:36:28 +00:00
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blocked-ips.txt
|
2021-01-05 22:23:51 +00:00
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blocked-names.txt
|
|
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/captive-portals.txt
|
2020-06-11 20:29:58 +00:00
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/cloaking-rules.txt
|
|
|
|
|
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/forwarding-rules.txt
|
2024-02-05 19:44:55 +00:00
|
|
|
%{_sysusersdir}/%{user_group}.conf
|
2015-03-06 10:36:58 +00:00
|
|
|
%{_sbindir}/%{name}
|
|
|
|
|
%{_sbindir}/rc%{name}
|
2021-01-18 17:46:09 +00:00
|
|
|
%{_sbindir}/rc%{name}-resolvconf
|
2020-06-11 20:29:58 +00:00
|
|
|
%{_unitdir}/%{name}.service
|
|
|
|
|
%{_unitdir}/%{name}.socket
|
2021-01-18 17:46:09 +00:00
|
|
|
%{_unitdir}/%{name}-resolvconf.service
|
2020-06-11 20:29:58 +00:00
|
|
|
%{_datadir}/%{name}/
|
|
|
|
|
%dir %attr(0750,root,%{user_group}) %{config_dir}
|
|
|
|
|
%dir %attr(0750,%{user_group},%{user_group}) %{home_dir}
|
|
|
|
|
%dir %attr(0750,%{user_group},%{user_group}) %{log_dir}
|
|
|
|
|
%license LICENSE
|
2022-03-26 17:08:58 +00:00
|
|
|
%vendored_licenses_packager_files
|
2014-09-05 18:46:48 +00:00
|
|
|
|
|
|
|
|
%changelog
|
