Accepting request 860552 from server:dns
Update to version 2.0.45 OBS-URL: https://build.opensuse.org/request/show/860552 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dnscrypt-proxy?expand=0&rev=8
This commit is contained in:
commit
8ceeae4f6e
@ -1,6 +1,6 @@
|
||||
***************************************************************************
|
||||
* *
|
||||
* README.openSUSE last edited for version 2.0.44 *
|
||||
* README.openSUSE last edited by cunix for version 2.0.44 *
|
||||
* *
|
||||
***************************************************************************
|
||||
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c2c9968f07a414e973ec5734f4598d756a35c32beedb18268590ea1355794237
|
||||
size 2279842
|
3
dnscrypt-proxy-2.0.45.tar.gz
Normal file
3
dnscrypt-proxy-2.0.45.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f7aac28c6a60404683d436072b89d18ed3bb309f8d8a95c8e87ad250da190821
|
||||
size 2721610
|
@ -1,3 +1,60 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 4 20:00:00 UTC 2021 - cunix@mail.de
|
||||
|
||||
- Minimum golang version now at 1.15
|
||||
|
||||
- Include 'notice' and 'patents' files of vendored packages.
|
||||
|
||||
- Paths and hints in configuration file adjusted and added.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 4 11:45:57 UTC 2021 - Ismail Dönmez <idonmez@suse.com>
|
||||
|
||||
- Update to version 2.0.45
|
||||
* Configuration changes (to be required in versions 2.1.x):
|
||||
- [blacklist] has been renamed to [blocked_names]
|
||||
- [ip_blacklist] has been renamed to [blocked_ips]
|
||||
- [whitelist] has been renamed to [allowed_names]
|
||||
- generate-domains-blacklist.py has been renamed to
|
||||
generate-domains-blocklist.py, and the configuration files
|
||||
have been renamed as well.
|
||||
* dnscrypt-proxy -resolve has been completely revamped, and now
|
||||
requires the configuration file to be accessible. It will send
|
||||
a query to an IP address of the dnscrypt-proxy server by default.
|
||||
Sending queries to arbitrary servers is also supported with the
|
||||
new -resolve name,address syntax.
|
||||
* Relay lists can be set to * for automatic relay selection.
|
||||
When a wildcard is used, either for the list of servers or relays,
|
||||
the proxy ensures that relays and servers are on distinct networks.
|
||||
* Lying resolvers are detected and reported.
|
||||
* New return code: NOT_READY for queries received before the proxy
|
||||
has been initialized.
|
||||
* Server lists can't be older than a week any more, even if directory
|
||||
permissions are incorrect and cache files cannot be written.
|
||||
* New feature: allowed_ips, to configure a set of IP addresses to never
|
||||
block no matter what DNS name resolves to them.
|
||||
* Hard-coded IP addresses can be immediately returned for test queries
|
||||
sent by operating systems in order to check for connectivity and captive portals.
|
||||
Such responses can be sent even before an interface is considered as enabled by the
|
||||
operating system. This can be configured in a new section called [captive_portals].
|
||||
* On Linux, OpenBSD and FreeBSD, listen_addresses can now include IP addresses
|
||||
that haven't been assigned to an interface yet.
|
||||
* generate-domains-blocklist.py: regular expressions are now ignored in time-based entries.
|
||||
* Minor bug fixes and logging improvements.
|
||||
* Cloaking plugin: if an entry has multiple IP addresses for a type, all the IP
|
||||
addresses are now returned instead of a random one.
|
||||
* Static entries can now include DNSCrypt relays.
|
||||
* Name blocking: aliases relying on SVCB and HTTPS records can now be blocked in
|
||||
addition to aliases via regular CNAME records.
|
||||
* EDNS-Client-Subnet information can be added to outgoing queries. Instead of sending
|
||||
the actual client IP, ECS information is user configurable, and IP addresses will be
|
||||
randomly chosen for every query.
|
||||
* Initial DoH queries are now checked using random names in order to properly measure
|
||||
CDNs such as Tencent that ignore the padding.
|
||||
* DoH: the max-stale cache control directive is now present in queries.
|
||||
* Logs can now be sent to /dev/stdout instead of actual files.
|
||||
* New download mirror (https://download.dnscrypt.net) for resolvers, relays and parental-control.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 22 01:43:47 UTC 2020 - Bernhard Wiedemann <bwiedemann@suse.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package dnscrypt-proxy
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LLC
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -15,6 +15,7 @@
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%define _buildshell /bin/bash
|
||||
%define user_group dnscrypt
|
||||
%define config_dir %{_sysconfdir}/%{name}
|
||||
@ -24,7 +25,7 @@
|
||||
%define vlic_dir vendored
|
||||
|
||||
Name: dnscrypt-proxy
|
||||
Version: 2.0.44
|
||||
Version: 2.0.45
|
||||
Release: 0
|
||||
Summary: A tool for securing communications between a client and a DNS resolver
|
||||
License: ISC
|
||||
@ -43,11 +44,11 @@ Source5: install_licenses.sh
|
||||
Source6: README.openSUSE
|
||||
# Example how to override socket unit
|
||||
Source7: %{name}.socket.conf
|
||||
BuildRequires: golang(API) >= 1.14
|
||||
BuildRequires: golang-packaging
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: shadow
|
||||
BuildRequires: systemd-rpm-macros
|
||||
BuildRequires: golang(API) >= 1.15
|
||||
BuildRequires: pkgconfig(libsystemd)
|
||||
# For systemd pidfile solution.
|
||||
Requires: bash
|
||||
@ -82,7 +83,7 @@ cp ./%{name}.toml.default ./%{name}.toml
|
||||
sed -i "s/## This is an example configuration file./## This is a configuration file./" ./dnscrypt-proxy.toml
|
||||
|
||||
# python path instead of env
|
||||
sed -i "1s/#! \/usr\/bin\/env python3/#! \/usr\/bin\/python3/" utils/generate-domains-blacklists/generate-domains-blacklist.py
|
||||
sed -i "1s/#! \/usr\/bin\/env python3/#! \/usr\/bin\/python3/" utils/generate-domains-blocklist/generate-domains-blocklist.py
|
||||
|
||||
%build
|
||||
cd %{name}
|
||||
@ -100,26 +101,19 @@ install -D -d -m 0755 %{buildroot}%{_datadir}/%{name}/
|
||||
# Binary
|
||||
install -D -m 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name}
|
||||
|
||||
# blacklist generator
|
||||
cp -a utils/generate-domains-blacklists/ %{buildroot}%{_datadir}/%{name}/
|
||||
|
||||
# Config file examples
|
||||
install -D -m 0644 ./%{name}/example-%{name}.toml %{buildroot}/%{_docdir}/%{name}/example-%{name}.toml
|
||||
install -D -m 0644 ./%{name}.toml.default %{buildroot}/%{_docdir}/%{name}/%{name}.toml.default
|
||||
install -D -m 0644 ./%{name}/example-blacklist.txt %{buildroot}/%{_docdir}/%{name}/example-blacklist.txt
|
||||
install -D -m 0644 ./%{name}/example-ip-blacklist.txt %{buildroot}/%{_docdir}/%{name}/example-ip-blacklist.txt
|
||||
install -D -m 0644 ./%{name}/example-cloaking-rules.txt %{buildroot}/%{_docdir}/%{name}/example-cloaking-rules.txt
|
||||
install -D -m 0644 ./%{name}/example-forwarding-rules.txt %{buildroot}/%{_docdir}/%{name}/example-forwarding-rules.txt
|
||||
install -D -m 0644 ./%{name}/example-whitelist.txt %{buildroot}/%{_docdir}/%{name}/example-whitelist.txt
|
||||
# blocklist generator
|
||||
cp -a utils/generate-domains-blocklist/ %{buildroot}%{_datadir}/%{name}/
|
||||
|
||||
# Config files
|
||||
install -D -m 0640 ./%{name}.toml %{buildroot}/%{config_dir}/%{name}.toml
|
||||
install -D -m 0640 ./%{name}.toml.default %{buildroot}/%{config_dir}/%{name}.toml.default
|
||||
install -D -m 0640 ./%{name}/example-blacklist.txt %{buildroot}/%{config_dir}/blacklist.txt
|
||||
install -D -m 0640 ./%{name}/example-ip-blacklist.txt %{buildroot}/%{config_dir}/ip-blacklist.txt
|
||||
install -D -m 0640 ./%{name}/example-allowed-ips.txt %{buildroot}/%{config_dir}/allowed-ips.txt
|
||||
install -D -m 0640 ./%{name}/example-allowed-names.txt %{buildroot}/%{config_dir}/allowed-names.txt
|
||||
install -D -m 0640 ./%{name}/example-blocked-ips.txt %{buildroot}/%{config_dir}/blocked-ips.txt
|
||||
install -D -m 0640 ./%{name}/example-blocked-names.txt %{buildroot}/%{config_dir}/blocked-names.txt
|
||||
install -D -m 0640 ./%{name}/example-captive-portals.txt %{buildroot}/%{config_dir}/captive-portals.txt
|
||||
install -D -m 0640 ./%{name}/example-cloaking-rules.txt %{buildroot}/%{config_dir}/cloaking-rules.txt
|
||||
install -D -m 0640 ./%{name}/example-forwarding-rules.txt %{buildroot}/%{config_dir}/forwarding-rules.txt
|
||||
install -D -m 0640 ./%{name}/example-whitelist.txt %{buildroot}/%{config_dir}/whitelist.txt
|
||||
|
||||
# Systemd
|
||||
install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
|
||||
@ -156,13 +150,17 @@ getent passwd %{user_group} >/dev/null || %{_sbindir}/useradd -r -g %{user_group
|
||||
%service_del_postun %{services}
|
||||
|
||||
%files
|
||||
%doc ChangeLog README.md README.openSUSE %{name}.socket.conf %{name}.toml.default
|
||||
%doc %{name}/example-*
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blacklist.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/ip-blacklist.txt
|
||||
%config %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml.default
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/allowed-ips.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/allowed-names.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blocked-ips.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/blocked-names.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/captive-portals.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/cloaking-rules.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/forwarding-rules.txt
|
||||
%config(noreplace) %attr(-,root,%{user_group}) %{config_dir}/whitelist.txt
|
||||
%config %attr(-,root,%{user_group}) %{config_dir}/%{name}.toml.default
|
||||
%{_sbindir}/%{name}
|
||||
%{_sbindir}/rc%{name}
|
||||
%{_unitdir}/%{name}.service
|
||||
@ -171,8 +169,6 @@ getent passwd %{user_group} >/dev/null || %{_sbindir}/useradd -r -g %{user_group
|
||||
%dir %attr(0750,root,%{user_group}) %{config_dir}
|
||||
%dir %attr(0750,%{user_group},%{user_group}) %{home_dir}
|
||||
%dir %attr(0750,%{user_group},%{user_group}) %{log_dir}
|
||||
%{_docdir}/%{name}/
|
||||
%doc ChangeLog README.md README.openSUSE %{name}.socket.conf
|
||||
%license LICENSE
|
||||
%{_licensedir}/%{name}/%{vlic_dir}/
|
||||
|
||||
|
@ -9,17 +9,23 @@ s/listen_addresses = \['127.0.0.1:53']/#listen_addresses = ['127.0.0.1:53']\nlis
|
||||
s/# log_file = 'dnscrypt-proxy.log'/# log_file = '\/var\/log\/dnscrypt-proxy\/dnscrypt-proxy.log'/
|
||||
s/# forwarding_rules = 'forwarding-rules.txt'/# forwarding_rules = '\/etc\/dnscrypt-proxy\/forwarding-rules.txt'/
|
||||
s/# cloaking_rules = 'cloaking-rules.txt'/# cloaking_rules = '\/etc\/dnscrypt-proxy\/cloaking-rules.txt'/
|
||||
s/# cert_file = "localhost.pem"/# cert_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/
|
||||
s/# cert_key_file = "localhost.pem"/# cert_key_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/
|
||||
s/# map_file = 'example-captive-portals.txt'/# map_file = '\/etc\/dnscrypt-proxy\/captive-portals.txt'/
|
||||
s/# cert_file = 'localhost.pem'/# cert_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/
|
||||
s/# cert_key_file = 'localhost.pem'/# cert_key_file = '\/etc\/dnscrypt-proxy\/localhost.pem'/
|
||||
s/ # file = 'query.log'/ # file = '\/var\/log\/dnscrypt-proxy\/query.log'/
|
||||
s/ # file = 'nx.log'/ # file = '\/var\/log\/dnscrypt-proxy\/nx.log'/
|
||||
s/ # blacklist_file = 'blacklist.txt'/ # blacklist_file = '\/etc\/dnscrypt-proxy\/blacklist.txt'/
|
||||
s/ # log_file = 'blocked.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/blocked.log'/
|
||||
s/ # blacklist_file = 'ip-blacklist.txt'/# blacklist_file = '\/etc\/dnscrypt-proxy\/ip-blacklist.txt'/
|
||||
s/ # log_file = 'ip-blocked.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/ip-blocked.log'/
|
||||
s/ # whitelist_file = 'whitelist.txt'/# blacklist_file = '\/etc\/dnscrypt-proxy\/whitelist.txt'/
|
||||
s/ # log_file = 'whitelisted.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/whitelisted.log'/
|
||||
s/ # blocked_names_file = 'blocked-names.txt'/ # blocked_names_file = '\/etc\/dnscrypt-proxy\/blocked-names.txt'/
|
||||
s/ # log_file = 'blocked-names.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/blocked-names.log'/
|
||||
s/ # blocked_ips_file = 'blocked-ips.txt'/ # blocked_ips_file = '\/etc\/dnscrypt-proxy\/blocked-ips.txt'/
|
||||
s/ # log_file = 'blocked-ips.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/blocked-ips.log'/
|
||||
s/ # allowed_names_file = 'allowed-names.txt'/ # allowed_names_file = '\/etc\/dnscrypt-proxy\/allowed-names.txt'/
|
||||
s/ # log_file = 'allowed-names.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/allowed-names.log'/
|
||||
s/ # allowed_ips_file = 'allowed-ips.txt'/ # allowed_ips_file = '\/etc\/dnscrypt-proxy\/allowed-ips.txt'/
|
||||
s/ # log_file = 'allowed-ips.log'/ # log_file = '\/var\/log\/dnscrypt-proxy\/allowed-ips.log'/
|
||||
s/ cache_file = 'public-resolvers.md'/ cache_file = '\/var\/lib\/dnscrypt-proxy\/public-resolvers.md'/
|
||||
s/ cache_file = 'relays.md'/ cache_file = '\/var\/lib\/dnscrypt-proxy\/relays.md'/
|
||||
s/ # cache_file = "quad9-resolvers.md"/ # cache_file = '\/var\/lib\/dnscrypt-proxy\/quad9-resolvers.md'/
|
||||
s/ # cache_file = 'quad9-resolvers.md'/ # cache_file = '\/var\/lib\/dnscrypt-proxy\/quad9-resolvers.md'/
|
||||
s/ # cache_file = 'parental-control.md'/ # cache_file = '\/var\/lib\/dnscrypt-proxy\/parental-control.md'/
|
||||
|
||||
# package directory instead of source code directory
|
||||
s/## `utils\/generate-domains-blocklists` directory of the dnscrypt-proxy source code./## '\/usr\/share\/dnscrypt-proxy\/generate-domains-blocklists' directory./
|
||||
|
@ -1,6 +1,8 @@
|
||||
#!/bin/bash
|
||||
|
||||
# written by cunix in 2019
|
||||
# corrected by Bernhard Wiedemann in 2020 (pipe through sort)
|
||||
# updated by cunix in 2021
|
||||
#
|
||||
# Tries to find and prepare licenses from vendored packages for
|
||||
# installation as file or link to existing file.
|
||||
@ -35,6 +37,8 @@ if [[ -z "$vendor_licenses_dir" ]]
|
||||
rm $licenses_file
|
||||
find ./*/ -iname "license*" | sort > $licenses_file
|
||||
find ./*/ -iname "copying*" | sort >> $licenses_file
|
||||
find ./*/ -iname "notice*" | sort >> $licenses_file
|
||||
find ./*/ -iname "patents*" | sort >> $licenses_file
|
||||
goahead=1
|
||||
else
|
||||
echo "$vendor_licenses_dir" is not a directory.
|
||||
|
Loading…
Reference in New Issue
Block a user