Accepting request 289614 from home:dsterba:branches:server:dns
OBS-URL: https://build.opensuse.org/request/show/289614 OBS-URL: https://build.opensuse.org/package/show/server:dns/dnscrypt-proxy?expand=0&rev=4
This commit is contained in:
parent
a677ca5c3b
commit
a9a4a188ed
19
dnscrypt
Normal file
19
dnscrypt
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# wrapper to feed dnscrypt-proxy with user config
|
||||||
|
|
||||||
|
if test -f /etc/sysconfig/dnscrypt; then
|
||||||
|
source /etc/sysconfig/dnscrypt
|
||||||
|
fi
|
||||||
|
|
||||||
|
/usr/sbin/dnscrypt-proxy \
|
||||||
|
${DNSCRYPT_LOCAL_ADDRESS:+--local-address "$DNSCRYPT_LOCAL_ADDRESS"} \
|
||||||
|
${DNSCRYPT_USER:+--user "$DNSCRYPT_USER"} \
|
||||||
|
--resolver-name "${DNSCRYPT_RESOLVER_NAME:-opendns}" \
|
||||||
|
${DNSCRYPT_LOGFILE:+--logfile "$DNSCRYPT_LOGFILE"} \
|
||||||
|
${DNSCRYPT_PLUGIN1:+--plugin "$DNSCRYPT_PLUGIN1"} \
|
||||||
|
${DNSCRYPT_PLUGIN2:+--plugin "$DNSCRYPT_PLUGIN2"} \
|
||||||
|
${DNSCRYPT_PLUGIN3:+--plugin "$DNSCRYPT_PLUGIN3"} \
|
||||||
|
${DNSCRYPT_PLUGIN4:+--plugin "$DNSCRYPT_PLUGIN4"} \
|
||||||
|
${DNSCRYPT_OPTIONS} \
|
||||||
|
"$@"
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:00cf5c520c8a5a71ad4916b33aa0c8f9f55434039304f4ba10d7fffc620563f8
|
|
||||||
size 1274638
|
|
3
dnscrypt-proxy-1.4.3.tar.bz2
Normal file
3
dnscrypt-proxy-1.4.3.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:0b645813dfa4247e9acd1d14df78f8b12df3b0132c1d6d6abd33daee33403232
|
||||||
|
size 1256110
|
@ -1,3 +1,21 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 6 00:00:00 CET 2015 - dsterba@suse.cz
|
||||||
|
|
||||||
|
- update to 1.4.3
|
||||||
|
- libevent update, including a fix for CVE-2014-6272
|
||||||
|
- Two new public dnscrypt resolvers were added: opennic-us-wa-ns1 and
|
||||||
|
dnscrypt.org-fr
|
||||||
|
- d0wn servers in France IP have changed.
|
||||||
|
- Compilation fixes.
|
||||||
|
- version 1.4.2
|
||||||
|
- New compilation switch: --with-systemd, to enable socket activation support
|
||||||
|
when using systemd
|
||||||
|
- The list of public DNSCrypt-enabled resolvers was updated
|
||||||
|
- Libevent2 updates
|
||||||
|
- add sysconfig file for more flexible configuration
|
||||||
|
- build -devel package and enable plugins
|
||||||
|
- create user dnscrypt:dnscrypt during installation
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Oct 1 15:04:43 CEST 2014 - dsterba@suse.cz
|
Wed Oct 1 15:04:43 CEST 2014 - dsterba@suse.cz
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# This file is part of dnscrypt-proxy
|
# This file is part of dnscrypt-proxy
|
||||||
# Author: Marguerite Su <i@marguerite.su> with some AUR references.
|
# Author: Marguerite Su <i@marguerite.su> with some AUR references.
|
||||||
# Version: 1.4.0
|
# Version: 1.4.3
|
||||||
# Description: dnscrypt is a tool that encrypts your DNS queries in order to
|
# Description: dnscrypt is a tool that encrypts your DNS queries in order to
|
||||||
# protect against man-in-the-middle attacks and DNS hijacking
|
# protect against man-in-the-middle attacks and DNS hijacking
|
||||||
# (commonly seen in China). It uses OpenDNS resolvers by default.
|
# (commonly seen in China). It uses OpenDNS resolvers by default.
|
||||||
@ -10,18 +10,20 @@
|
|||||||
[Unit]
|
[Unit]
|
||||||
Description=Secure connection between your computer and a DNS resolver
|
Description=Secure connection between your computer and a DNS resolver
|
||||||
After=network.target ntp.service
|
After=network.target ntp.service
|
||||||
# Ntp always has local servers, and there's nothing to encrypt for time.
|
# NTP always has local servers, and there's nothing to encrypt for time.
|
||||||
# and ntp.service isn't native systemd service, if we start before it,
|
# and ntp.service isn't native systemd service, if we start before it,
|
||||||
# it will take a long time to sync. just save 20000+ms on boot.
|
# it will take a long time to sync. just save 20000+ms on boot.
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=forking
|
Type=forking
|
||||||
PIDFile=/var/run/dnscrypt-proxy.pid
|
PIDFile=/var/run/dnscrypt-proxy.pid
|
||||||
ExecStart=/usr/sbin/dnscrypt-proxy --daemonize \
|
# Execute a wrapper that calls the dnscrypt-proxy with config from
|
||||||
--resolver-name=opendns \
|
# /etc/sysconfig/dnscrypt and substitutes defaults that cannot be passed
|
||||||
-p /var/run/dnscrypt-proxy.pid \
|
# to ExecStart in combination with EnvironmentFile
|
||||||
-l /var/log/dnscrypt-proxy.log
|
ExecStart=/usr/sbin/dnscrypt \
|
||||||
# Automatically Restart
|
--daemonize \
|
||||||
|
--pidfile /var/run/dnscrypt-proxy.pid
|
||||||
|
# Automatically Restart
|
||||||
Restart=on-abort
|
Restart=on-abort
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: dnscrypt-proxy
|
Name: dnscrypt-proxy
|
||||||
Version: 1.4.1
|
Version: 1.4.3
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: A tool for securing communications between a client and a DNS resolver
|
Summary: A tool for securing communications between a client and a DNS resolver
|
||||||
License: BSD-3-Clause
|
License: BSD-3-Clause
|
||||||
@ -26,7 +26,13 @@ Group: Productivity/Networking/DNS/Utilities
|
|||||||
Url: http://dnscrypt.org
|
Url: http://dnscrypt.org
|
||||||
Source: http://download.dnscrypt.org/dnscrypt-proxy/%{name}-%{version}.tar.bz2
|
Source: http://download.dnscrypt.org/dnscrypt-proxy/%{name}-%{version}.tar.bz2
|
||||||
Source1: %{name}.service
|
Source1: %{name}.service
|
||||||
|
Source2: dnscrypt
|
||||||
|
Source3: sysconfig.dnscrypt
|
||||||
BuildRequires: libsodium-devel
|
BuildRequires: libsodium-devel
|
||||||
|
BuildRequires: shadow
|
||||||
|
BuildRequires: autoconf
|
||||||
|
BuildRequires: automake
|
||||||
|
BuildRequires: libtool
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
%if 0%{?suse_version} >= 1210
|
%if 0%{?suse_version} >= 1210
|
||||||
BuildRequires: systemd
|
BuildRequires: systemd
|
||||||
@ -46,44 +52,85 @@ DNSCurve, but focuses on securing communications between a client and its first-
|
|||||||
While not providing end-to-end security, it protects the local network, which is often the weakest point
|
While not providing end-to-end security, it protects the local network, which is often the weakest point
|
||||||
of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries.
|
of the chain, against man-in-the-middle attacks. It also provides some confidentiality to DNS queries.
|
||||||
|
|
||||||
|
%package devel
|
||||||
|
Summary: Header files for developent of DNSCrypt plugins
|
||||||
|
Group: Development/Languages/C and C++
|
||||||
|
Requires: %{name} = %{version}
|
||||||
|
|
||||||
|
%description devel
|
||||||
|
Header files for developent of DNSCrypt plugins.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure
|
%configure --enable-plugins
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%make_install
|
%make_install
|
||||||
|
|
||||||
# install systemd service
|
install -d -m 755 %{buildroot}%{_unitdir}
|
||||||
mkdir -p %{buildroot}%{_unitdir}
|
install -m 644 %{S:1} %{buildroot}%{_unitdir}
|
||||||
cp -r %{SOURCE1} %{buildroot}%{_unitdir}
|
install -d -m 755 %{buildroot}%{_sbindir}
|
||||||
|
install -m 755 %{S:2} %{buildroot}%{_sbindir}
|
||||||
|
install -m 755 -d %{buildroot}%{_localstatedir}/adm/fillup-templates
|
||||||
|
install -m 644 -D %{S:3} %{buildroot}%{_localstatedir}/adm/fillup-templates
|
||||||
|
ln -s %{_mandir}/man8/%{name}.8.gz %{buildroot}%{_mandir}/man8/dnscrypt.8.gz
|
||||||
|
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
|
||||||
|
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcdnscrypt
|
||||||
|
|
||||||
%if 0%{?suse_version}
|
%if 0%{?suse_version}
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
|
if ! /usr/bin/getent group dnscrypt >/dev/null; then
|
||||||
|
%{_sbindir}/groupadd -r dnscrypt 2>/dev/null || :
|
||||||
|
fi
|
||||||
|
if ! /usr/bin/getent passwd dnscrypt >/dev/null; then
|
||||||
|
%{_sbindir}/useradd -c "DNSCrypt daemon" -d /var/lib/empty -g dnscrypt \
|
||||||
|
-r -s /bin/false dnscrypt 2>/dev/null || :
|
||||||
|
fi
|
||||||
%service_add_pre %{name}.service
|
%service_add_pre %{name}.service
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%service_add_post %{name}.service
|
%service_add_post %{name}.service
|
||||||
|
%{fillup_only dnscrypt}
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%service_del_preun %{name}.service
|
%service_del_preun %{name}.service
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%service_del_postun %{name}.service
|
%service_del_postun %{name}.service
|
||||||
|
|
||||||
|
%else
|
||||||
|
|
||||||
|
# non-systemd
|
||||||
|
%post
|
||||||
|
%{fillup_only dnscrypt}
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%doc AUTHORS ChangeLog README COPYING NEWS TECHNOTES THANKS
|
%doc AUTHORS ChangeLog README COPYING NEWS TECHNOTES THANKS
|
||||||
%{_bindir}/hostip
|
%{_bindir}/hostip
|
||||||
|
%{_sbindir}/dnscrypt
|
||||||
|
%{_sbindir}/%{name}
|
||||||
|
%{_sbindir}/rc%{name}
|
||||||
|
%{_sbindir}/rcdnscrypt
|
||||||
%{_sbindir}/%{name}
|
%{_sbindir}/%{name}
|
||||||
%{_unitdir}/%{name}.service
|
%{_unitdir}/%{name}.service
|
||||||
%{_mandir}/man8/hostip.8.gz
|
%{_mandir}/man8/hostip.8.gz
|
||||||
%{_mandir}/man8/%{name}.8.gz
|
%{_mandir}/man8/%{name}.8.gz
|
||||||
|
%{_mandir}/man8/dnscrypt.8.gz
|
||||||
%dir %{_datadir}/%{name}
|
%dir %{_datadir}/%{name}
|
||||||
%{_datadir}/%{name}/dnscrypt-resolvers.csv
|
%{_datadir}/%{name}/dnscrypt-resolvers.csv
|
||||||
|
%{_localstatedir}/adm/fillup-templates/sysconfig.dnscrypt
|
||||||
|
|
||||||
|
%files devel
|
||||||
|
%defattr(-,root,root)
|
||||||
|
%dir /usr/include/dnscrypt/
|
||||||
|
/usr/include/dnscrypt/*
|
||||||
|
%dir %{_libdir}/%{name}
|
||||||
|
%{_libdir}/%{name}/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
98
sysconfig.dnscrypt
Normal file
98
sysconfig.dnscrypt
Normal file
@ -0,0 +1,98 @@
|
|||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Local address
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Address and port where the dnscrypt-proxy daemon listens. Format is
|
||||||
|
# address:port, with dnscrypt-proxy's default 127.0.0.1:53 .
|
||||||
|
#
|
||||||
|
DNSCRYPT_LOCAL_ADDRESS=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Run daemon under specified user
|
||||||
|
## Type: string
|
||||||
|
## Default: "dnscrypt"
|
||||||
|
#
|
||||||
|
# The recommended user is 'dnscrypt' but the empty value will not pass
|
||||||
|
# any --user parameter to dnscrypt-proxy if this is desired by the user.
|
||||||
|
#
|
||||||
|
DNSCRYPT_USER=dnscrypt
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Resolver name
|
||||||
|
## Type: string
|
||||||
|
## Default: "opendns"
|
||||||
|
#
|
||||||
|
# Short name of resolver, see /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
|
||||||
|
# for the full list.
|
||||||
|
#
|
||||||
|
# If the value is empty, the default is substituted.
|
||||||
|
#
|
||||||
|
DNSCRYPT_RESOLVER_NAME=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Log file
|
||||||
|
## Type: string
|
||||||
|
## Default: "/var/log/dnscrypt-proxy.log"
|
||||||
|
#
|
||||||
|
# Use the given log file instead of standard out, where the output is possibly
|
||||||
|
# grabbed by the system logger.
|
||||||
|
#
|
||||||
|
DNSCRYPT_LOGFILE=/var/log/dnscrypt-proxy.log
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Log level
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Don't log events with priority above this level after the service has been
|
||||||
|
# started up. Default is the value for LOG_INFO.
|
||||||
|
#
|
||||||
|
# NOTE: currently unused
|
||||||
|
#
|
||||||
|
DNSCRYPT_LOGLEVEL=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Optional plugin (1)
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Use the given dnscrypt plugin.
|
||||||
|
#
|
||||||
|
DNSCRYPT_PLUGIN1=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Optional plugin (2)
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Use the given dnscrypt plugin.
|
||||||
|
#
|
||||||
|
DNSCRYPT_PLUGIN2=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Optional plugin (3)
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Use the given dnscrypt plugin.
|
||||||
|
#
|
||||||
|
DNSCRYPT_PLUGIN3=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Optional plugin (4)
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Use the given dnscrypt plugin.
|
||||||
|
#
|
||||||
|
DNSCRYPT_PLUGIN4=
|
||||||
|
|
||||||
|
## Path: Network/DNS/DNSCrypt
|
||||||
|
## Description: Other options
|
||||||
|
## Type: string
|
||||||
|
## Default: ""
|
||||||
|
#
|
||||||
|
# Additional user options
|
||||||
|
#
|
||||||
|
DNSCRYPT_OPTIONS=
|
Loading…
Reference in New Issue
Block a user