HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: signify: Update to 26.
[jackhill/guix/guix.git] / gnu / packages / dns.scm
CommitLineData
dd2efd3d
TUBK		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
d912db5b 3;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
b2844d8f 4;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
76dd04be 5;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
be86b7ad 6;;; Copyright © 2016 John Darrington <jmd@gnu.org>
47956fa0 7;;; Copyright © 2016 ng0 <ng0@n0.is>
fe99b7f7 8;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
afe62a8b 9;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
ecc7aa89 10;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
7e61a16c 11;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
0bc2d3e4 12;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
498911d3 13;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
41553c90 14;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
dd2efd3d
TUBK		 15;;;
16;;; This file is part of GNU Guix.
17;;;
18;;; GNU Guix is free software; you can redistribute it and/or modify it
19;;; under the terms of the GNU General Public License as published by
20;;; the Free Software Foundation; either version 3 of the License, or (at
21;;; your option) any later version.
22;;;
23;;; GNU Guix is distributed in the hope that it will be useful, but
24;;; WITHOUT ANY WARRANTY; without even the implied warranty of
25;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26;;; GNU General Public License for more details.
27;;;
28;;; You should have received a copy of the GNU General Public License
29;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
30
36fb36b5 31(define-module (gnu packages dns)
f9cdf1c1 32 #:use-module (gnu packages admin)
71f048c6 33 #:use-module (gnu packages autotools)
6cf626e8 34 #:use-module (gnu packages base)
0bc2d3e4 35 #:use-module (gnu packages bash)
1e744399 36 #:use-module (gnu packages databases)
0bc2d3e4 37 #:use-module (gnu packages compression)
afe62a8b 38 #:use-module (gnu packages crypto)
f9cdf1c1 39 #:use-module (gnu packages datastructures)
7e61a16c 40 #:use-module (gnu packages flex)
cb6d322a 41 #:use-module (gnu packages glib)
71f048c6 42 #:use-module (gnu packages groff)
f9cdf1c1
TGR		 43 #:use-module (gnu packages groff)
44 #:use-module (gnu packages libedit)
afe62a8b 45 #:use-module (gnu packages libevent)
f9cdf1c1 46 #:use-module (gnu packages libidn)
1e744399 47 #:use-module (gnu packages linux)
f9cdf1c1
TGR		 48 #:use-module (gnu packages ncurses)
49 #:use-module (gnu packages nettle)
e12df2c6 50 #:use-module (gnu packages networking)
1e744399 51 #:use-module (gnu packages perl)
71f048c6 52 #:use-module (gnu packages pkg-config)
7e61a16c
GG		 53 #:use-module (gnu packages protobuf)
54 #:use-module (gnu packages python)
0406434b 55 #:use-module (gnu packages python-xyz)
7e61a16c 56 #:use-module (gnu packages swig)
a7fd7b68 57 #:use-module (gnu packages tls)
f9cdf1c1 58 #:use-module (gnu packages web)
1e744399 59 #:use-module (gnu packages xml)
12e530ba 60 #:use-module (gnu packages)
1e744399 61 #:use-module ((guix licenses) #:prefix license:)
dd2efd3d
TUBK		 62 #:use-module (guix packages)
63 #:use-module (guix download)
91a4863d 64 #:use-module (guix git-download)
7e61a16c 65 #:use-module (guix utils)
0bc2d3e4
OP		 66 #:use-module (guix build-system gnu)
67 #:use-module (guix build-system trivial))
dd2efd3d
TUBK		 68
69(define-public dnsmasq
70 (package
71 (name "dnsmasq")
0e8e2908 72 (version "2.80")
dd2efd3d
TUBK		 73 (source (origin
74 (method url-fetch)
75 (uri (string-append
76 "http://www.thekelleys.org.uk/dnsmasq/dnsmasq-"
77 version ".tar.xz"))
78 (sha256
79 (base32
0e8e2908 80 "1fv3g8vikj3sn37x1j6qsywn09w1jipvlv34j3q5qrljbrwa5ayd"))))
dd2efd3d 81 (build-system gnu-build-system)
cb6d322a
CB		 82 (native-inputs
83 `(("pkg-config" ,pkg-config)))
84 (inputs
85 `(("dbus" ,dbus)))
dd2efd3d
TUBK		 86 (arguments
87 `(#:phases
dc1d3cde 88 (modify-phases %standard-phases (delete 'configure))
dd2efd3d 89 #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
cb6d322a
CB		 90 "CC=gcc"
91 "COPTS=\"-DHAVE_DBUS\"")
4e6c51d4 92 #:tests? #f)) ; no ‘check’ target
dd2efd3d
TUBK		 93 (home-page "http://www.thekelleys.org.uk/dnsmasq/doc.html")
94 (synopsis "Small caching DNS proxy and DHCP/TFTP server")
95 (description
c657716e
TGR		 96 "Dnsmasq is a light-weight DNS forwarder and DHCP server. It is designed
97to provide DNS and, optionally, DHCP to a small network. It can serve the
dd2efd3d
TUBK		 98names of local machines which are not in the global DNS. The DHCP server
99integrates with the DNS server and allows machines with DHCP-allocated
c657716e 100addresses to appear in the DNS with names configured either on each host or in
dd2efd3d
TUBK		 101a central configuration file. Dnsmasq supports static and dynamic DHCP leases
102and BOOTP/TFTP for network booting of diskless machines.")
103 ;; Source files only say GPL2 and GPL3 are allowed.
1e744399
 104 (license (list license:gpl2 license:gpl3))))
105
a0683006
LC		 106;; 'bind' is the name of a built-in Guile procedure, which is why we choose a
107;; different name here.
108(define-public isc-bind
1e744399 109 (package
be86b7ad 110 (name "bind")
1e73986f 111 (version "9.14.4")
1e744399
 112 (source (origin
113 (method url-fetch)
be86b7ad 114 (uri (string-append
54fd7c02
TGR		 115 "https://ftp.isc.org/isc/bind9/" version
116 "/bind-" version ".tar.gz"))
1e744399
 117 (sha256
118 (base32
1e73986f 119 "0gxqws7ml15lwkjw9mdcd759gv5kk3s9m17j3vrp9448ls1gnbii"))))
1e744399 120 (build-system gnu-build-system)
be86b7ad 121 (outputs `("out" "utils"))
1e744399 122 (inputs
fc0dd636 123 ;; It would be nice to add GeoIP and gssapi once there are packages.
1e744399
 124 `(("libcap" ,libcap)
125 ("libxml2" ,libxml2)
1e744399 126 ("openssl" ,openssl)
0406434b
TGR		 127 ("p11-kit" ,p11-kit)
128 ("python" ,python)
129 ("python-ply" ,python-ply)))
be86b7ad
JD		 130 (native-inputs `(("perl" ,perl)
131 ("net-tools" ,net-tools)))
1e744399 132 (arguments
be86b7ad 133 `(#:configure-flags
1e744399
 134 (list (string-append "--with-openssl="
135 (assoc-ref %build-inputs "openssl"))
1e744399
 136 (string-append "--with-pkcs11="
137 (assoc-ref %build-inputs "p11-kit")))
138 #:phases
be86b7ad
JD		 139 (modify-phases %standard-phases
140 (add-after 'strip 'move-to-utils
141 (lambda _
142 (for-each
143 (lambda (file)
144 (let ((target (string-append (assoc-ref %outputs "utils") file))
145 (src (string-append (assoc-ref %outputs "out") file)))
146 (mkdir-p (dirname target))
147 (link src target)
148 (delete-file src)))
149 '("/bin/dig" "/bin/delv" "/bin/nslookup" "/bin/host" "/bin/nsupdate"
150 "/share/man/man1/dig.1"
151 "/share/man/man1/host.1"
152 "/share/man/man1/nslookup.1"
6023ecab
TGR		 153 "/share/man/man1/nsupdate.1"))
154 #t))
be86b7ad
JD		 155 ;; When and if guix provides user namespaces for the build process,
156 ;; then the following can be uncommented and the subsequent "force-test"
157 ;; will not be necessary.
158 ;;
159 ;; (add-before 'check 'set-up-loopback
160 ;; (lambda _
161 ;; (system "bin/tests/system/ifconfig.sh up")))
162 (replace 'check
163 (lambda _
c72c1005
TGR		 164 ;; XXX Even ‘make force-test’ tries to create network interfaces
165 ;; and fails. The only working target is the (trivial) fuzz test.
166 (with-directory-excursion "fuzz"
167 (invoke "make" "check"))
168 #t)))))
be86b7ad 169 (synopsis "An implementation of the Domain Name System")
366efcb2
TGR		 170 (description "BIND is an implementation of the @dfn{Domain Name System}
171(DNS) protocols for the Internet. It is a reference implementation of those
be86b7ad
JD		 172protocols, but it is also production-grade software, suitable for use in
173high-volume and high-reliability applications. The name BIND stands for
174\"Berkeley Internet Name Domain\", because the software originated in the early
1751980s at the University of California at Berkeley.")
176 (home-page "https://www.isc.org/downloads/bind")
ecc7aa89 177 (license (list license:mpl2.0))))
be86b7ad 178
d24727c0
MB		 179(define-public dnscrypt-proxy
180 (package
181 (name "dnscrypt-proxy")
83a89531 182 (version "1.9.5")
d24727c0
MB		 183 (source (origin
184 (method url-fetch)
185 (uri (string-append
186 "https://download.dnscrypt.org/dnscrypt-proxy/"
187 "dnscrypt-proxy-" version ".tar.bz2"))
188 (sha256
189 (base32
83a89531 190 "1dhvklr4dg2vlw108n11xbamacaryyg3dbrg629b76lp7685p7z8"))
d24727c0
MB		 191 (modules '((guix build utils)))
192 (snippet
193 ;; Delete bundled libltdl. XXX: This package also bundles
194 ;; a modified libevent that cannot currently be removed.
6cbee49d
MW		 195 '(begin
196 (delete-file-recursively "libltdl")
197 #t))))
d24727c0
MB		 198 (build-system gnu-build-system)
199 (arguments
200 `(#:phases
201 (modify-phases %standard-phases
d10092b8 202 (add-after 'unpack 'autoreconf
d24727c0
MB		 203 (lambda _
204 ;; Re-generate build files due to unbundling ltdl.
205 ;; TODO: Prevent generating new libltdl and building it.
206 ;; The system version is still favored and referenced.
997a4e18 207 (invoke "autoreconf" "-vif"))))))
d24727c0
MB		 208 (native-inputs
209 `(("pkg-config" ,pkg-config)
210 ("automake" ,automake)
211 ("autoconf" ,autoconf)
212 ("libtool" ,libtool)))
213 (inputs
214 `(("libltdl" ,libltdl)
215 ("libsodium" ,libsodium)))
216 (home-page "https://www.dnscrypt.org/")
217 (synopsis "Securely send DNS requests to a remote server")
218 (description
219 "@command{dnscrypt-proxy} is a tool for securing communications
220between a client and a DNS resolver. It verifies that responses you get
221from a DNS provider was actually sent by that provider, and haven't been
222tampered with. For optimal performance it is recommended to use this as
223a forwarder for a caching DNS resolver such as @command{dnsmasq}, but it
224can also be used as a normal DNS \"server\". A list of public dnscrypt
225servers is included, and an up-to-date version is available at
226@url{https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv}.")
227 (license (list license:isc
228 ;; Libevent and src/ext/queue.h is 3-clause BSD.
229 license:bsd-3))))
230
afe62a8b
MB		 231(define-public dnscrypt-wrapper
232 (package
233 (name "dnscrypt-wrapper")
234 (version "0.2.2")
235 (source (origin
236 (method url-fetch)
237 (uri (string-append
238 "https://github.com/cofyc/dnscrypt-wrapper/releases"
239 "/download/v" version "/" name "-v" version ".tar.bz2"))
240 (sha256
241 (base32
242 "1vhg4g0r687f51wcdn7z9w1hxapazx6vyh5rsr8wa48sljzd583g"))))
243 (build-system gnu-build-system)
244 (arguments
245 `(#:make-flags '("CC=gcc")
246 ;; TODO: Tests require ruby-cucumber and ruby-aruba.
247 #:tests? #f
248 #:phases
249 (modify-phases %standard-phases
d10092b8 250 (add-after 'unpack 'create-configure
afe62a8b 251 (lambda _
b43cd106 252 (invoke "make" "configure"))))))
afe62a8b
MB		 253 (native-inputs
254 `(("autoconf" ,autoconf)))
255 (inputs
256 `(("libevent" ,libevent)
257 ("libsodium" ,libsodium)))
258 (home-page "https://github.com/Cofyc/dnscrypt-wrapper")
259 (synopsis "Server-side dnscrypt proxy")
260 (description
261 "@command{dnscrypt-wrapper} is a tool to expose a name server over
262the @code{dnscrypt} protocol. It can be used as an endpoint for the
263@command{dnscrypt-proxy} client to securely tunnel DNS requests between
264the two.")
265 (license (list license:isc
266 ;; Bundled argparse is MIT. TODO: package and unbundle.
267 license:expat
268 ;; dns-protocol.h and rfc1035.{c,h} is gpl2 or gpl3 (either).
269 license:gpl2
270 license:gpl3))))
271
71f048c6 272(define-public libasr
273 (package
274 (name "libasr")
275 (version "201602131606")
276 (source
277 (origin
278 (method url-fetch)
279 (uri (string-append "https://www.opensmtpd.org/archives/"
280 name "-" version ".tar.gz"))
281 (sha256
282 (base32
283 "18kdmbjsxrfai16d66qslp48b1zf7gr8him2jj5dcqgbsl44ls75"))))
284 (build-system gnu-build-system)
285 (native-inputs
286 `(("autoconf" ,autoconf)
287 ("automake" ,automake)
288 ("pkg-config" ,pkg-config)
289 ("groff" ,groff)))
290 (home-page "https://www.opensmtpd.org")
291 (synopsis "Asynchronous resolver library by the OpenBSD project")
292 (description
293 "libasr is a free, simple and portable asynchronous resolver library.
294It allows to run DNS queries and perform hostname resolutions in a fully
295asynchronous fashion.")
296 (license (list license:isc
297 license:bsd-2 ; last part of getrrsetbyname_async.c
298 license:bsd-3
299 (license:non-copyleft "file://LICENSE") ; includes.h
300 license:openssl))))
6cf626e8 301
7382ecd8
TGR		 302(define-public nsd
303 (package
304 (name "nsd")
935e4b3a 305 (version "4.2.0")
7382ecd8
TGR		 306 (source
307 (origin
308 (method url-fetch)
309 (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-"
310 version ".tar.gz"))
311 (sha256
935e4b3a 312 (base32 "0k57xl3ybdnqjqw9a3dmi7l6qmhkiic6wsghkz08ir809aj1rpsi"))))
7382ecd8
TGR		 313 (build-system gnu-build-system)
314 (arguments
315 `(#:configure-flags
316 (list "--enable-pie" ; fully benefit from ASLR
317 "--enable-ratelimit"
318 "--enable-recvmmsg"
319 "--enable-relro-now" ; protect GOT and .dtor areas
320 "--disable-radix-tree"
321 (string-append "--with-libevent="
322 (assoc-ref %build-inputs "libevent"))
323 (string-append "--with-ssl="
324 (assoc-ref %build-inputs "openssl"))
325 "--with-configdir=/etc"
326 "--with-nsd_conf_file=/etc/nsd/nsd.conf"
327 "--with-logfile=/var/log/nsd.log"
328 "--with-pidfile=/var/db/nsd/nsd.pid"
329 "--with-dbfile=/var/db/nsd/nsd.db"
330 "--with-zonesdir=/etc/nsd"
331 "--with-xfrdfile=/var/db/nsd/xfrd.state"
332 "--with-zonelistfile=/var/db/nsd/zone.list")
333 #:phases
334 (modify-phases %standard-phases
335 (add-before 'configure 'patch-installation-paths
336 (lambda* (#:key outputs #:allow-other-keys)
337 (let* ((out (assoc-ref outputs "out"))
338 (doc (string-append out "/share/doc/" ,name "-" ,version)))
339 ;; The ‘make install’ target tries to create the parent
340 ;; directories of run-time things like ‘pidfile’ above, and
341 ;; useless empty directories like 'configdir'. Remove such
342 ;; '$(INSTALL)' lines and install the example configuration file
343 ;; in an appropriate location.
344 (substitute* "Makefile.in"
345 ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command)
346 (string-append "#" command))
347 (("\\$\\(nsdconfigfile\\)\\.sample" file-name)
348 (string-append doc "/examples/" file-name)))
349 #t))))
350 #:tests? #f)) ; no tests
351 (inputs
352 `(("libevent" ,libevent)
353 ("openssl" ,openssl)))
354 (home-page "https://www.nlnetlabs.nl/projects/nsd/about/")
355 (synopsis "Authoritative DNS name server")
356 (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
357name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and
358RFC-compliant nameserver.
359
360NSD uses zone information compiled via @command{zonec} into a binary database
361file (@file{nsd.db}). This allows fast startup of the name service daemon and
362allows syntax-structural errors in zone files to be flagged at compile time,
363before being made available to NSD service itself. However, most traditional
364BIND-style zone files can be directly imported into NSD without modification.
365
366The collection of programs and processes that make up NSD are designed so that
367the daemon itself runs as a non-privileged user and can be easily configured to
368run in a @code{chroot} jail, thus making any security flaws in NSD less likely
369to result in system-wide compromise.")
370 (license (list license:bsd-3))))
371
7e61a16c
GG		 372(define-public unbound
373 (package
374 (name "unbound")
223055dd 375 (version "1.9.1")
7e61a16c
GG		 376 (source
377 (origin
378 (method url-fetch)
379 (uri (string-append "https://www.unbound.net/downloads/unbound-"
380 version ".tar.gz"))
381 (sha256
223055dd 382 (base32 "1iarvk0i92asvrkpla9z55aan20k6pklzpck9yk4rfnchsdvzh63"))))
7e61a16c
GG		 383 (build-system gnu-build-system)
384 (outputs '("out" "python"))
385 (native-inputs
386 `(("flex" ,flex)
387 ("swig" ,swig)))
388 (inputs
389 `(("expat" ,expat)
390 ("libevent" ,libevent)
391 ("protobuf" ,protobuf)
392 ("python" ,python-3)
393 ("python-wrapper" ,python-wrapper)
394 ("openssl" ,openssl)))
395 (arguments
396 `(#:configure-flags
37040b85 397 (list "--disable-static" ; save space and non-determinism in libunbound.a
a431929d 398 (string-append
7e61a16c
GG		 399 "--with-ssl=" (assoc-ref %build-inputs "openssl"))
400 (string-append
401 "--with-libevent=" (assoc-ref %build-inputs "libevent"))
402 (string-append
403 "--with-libexpat=" (assoc-ref %build-inputs "expat"))
404 "--with-pythonmodule" "--with-pyunbound")
405 #:phases
406 (modify-phases %standard-phases
407 (add-after 'configure 'fix-python-site-package-path
408 ;; Move python modules into their own output.
409 (lambda* (#:key outputs #:allow-other-keys)
410 (let ((pyout (assoc-ref outputs "python"))
411 (ver ,(version-major+minor (package-version python))))
412 (substitute* "Makefile"
413 (("^PYTHON_SITE_PKG=.*$")
414 (string-append
415 "PYTHON_SITE_PKG="
416 pyout "/lib/python-" ver "/site-packages\n"))))
417 #t))
418 (add-before 'check 'fix-missing-nss-for-tests
419 ;; Unfortunately, the package's unittests involve some checks
420 ;; looking up protocols and services which are not provided
421 ;; by the minimalistic build environment, in particular,
422 ;; /etc/protocols and /etc/services are missing.
423 ;; Also, after plain substitution of protocol and service names
424 ;; in the test data, the tests still fail because the
425 ;; corresponding Resource Records have been signed by
426 ;; RRSIG records.
427 ;; The following LD_PRELOAD library overwrites the glibc
428 ;; functions ‘get{proto,serv}byname’, ‘getprotobynumber’ and
429 ;; ‘getservbyport’ providing the few records required for the
430 ;; unit tests to pass.
431 (lambda* (#:key inputs outputs #:allow-other-keys)
432 (let* ((source (assoc-ref %build-inputs "source"))
433 (gcc (assoc-ref %build-inputs "gcc")))
434 (call-with-output-file "/tmp/nss_preload.c"
435 (lambda (port)
436 (display "#include <stdlib.h>
437#include <string.h>
438#include <strings.h>
439
440#include <netdb.h>
441
442struct protoent *getprotobyname(const char *name) {
443 struct protoent *p = malloc(sizeof(struct protoent));
444 p->p_aliases = malloc(sizeof(char*));
445 if (strcasecmp(name, \"tcp\") == 0) {
446 p->p_name = \"tcp\";
447 p->p_proto = 6;
448 p->p_aliases[0] = \"TCP\";
449 } else if (strcasecmp(name, \"udp\") == 0) {
450 p->p_name = \"udp\";
451 p->p_proto = 17;
452 p->p_aliases[0] = \"UDP\";
453 } else
454 p = NULL;
455 return p;
456}
457
458struct protoent *getprotobynumber(int proto) {
459 struct protoent *p = malloc(sizeof(struct protoent));
460 p->p_aliases = malloc(sizeof(char*));
461 switch(proto) {
462 case 6:
463 p->p_name = \"tcp\";
464 p->p_proto = 6;
465 p->p_aliases[0] = \"TCP\";
466 break;
467 case 17:
468 p->p_name = \"udp\";
469 p->p_proto = 17;
470 p->p_aliases[0] = \"UDP\";
471 break;
472 default:
473 p = NULL;
474 break;
475 }
476 return p;
477}
478
479struct servent *getservbyname(const char *name, const char *proto) {
480 struct servent *s = malloc(sizeof(struct servent));
481 char* buf = malloc((strlen(proto)+1)*sizeof(char));
482 strcpy(buf, proto);
483 s->s_aliases = malloc(sizeof(char*));
484 s->s_aliases[0] = NULL;
485 if (strcasecmp(name, \"domain\") == 0) {
486 s->s_name = \"domain\";
487 s->s_port = htons(53);
488 s->s_proto = buf;
489 } else
490 s = NULL;
491 return s;
492}
493
494struct servent *getservbyport(int port, const char *proto) {
495 char buf[32];
496 struct servent *s = malloc(sizeof(struct servent));
497 strcpy(buf, proto);
498 s->s_aliases = malloc(sizeof(char*));
499 s->s_aliases[0] = NULL;
500 switch(port) {
501 case 53:
502 s->s_name = \"domain\";
503 s->s_port = 53;
504 s->s_proto = \"udp\";
505 break;
506 default:
507 s = NULL;
508 break;
509 }
510 return s;
511}" port)))
9a3a1565
TGR		 512 (invoke (string-append gcc "/bin/gcc")
513 "-shared" "-fPIC" "-o" "/tmp/nss_preload.so"
514 "/tmp/nss_preload.c")
7e61a16c
GG		 515 ;; The preload library only affects the unittests.
516 (substitute* "Makefile"
517 (("./unittest")
518 "LD_PRELOAD=/tmp/nss_preload.so ./unittest")))
519 #t)))))
520 (home-page "https://www.unbound.net")
521 (synopsis "Validating, recursive, and caching DNS resolver")
522 (description
523 "Unbound is a recursive-only caching DNS server which can perform DNSSEC
524validation of results. It implements only a minimal amount of authoritative
525service to prevent leakage to the root nameservers: forward lookups for
526localhost, reverse for @code{127.0.0.1} and @code{::1}, and NXDOMAIN for zones
527served by AS112. Stub and forward zones are supported.")
528 (license license:bsd-4)))
529
6cf626e8
TGR		 530(define-public yadifa
531 (package
532 (name "yadifa")
92a33362 533 (version "2.3.9")
6cf626e8 534 (source
92a33362 535 (let ((build "8497"))
8769d482
TGR		 536 (origin
537 (method url-fetch)
538 (uri
539 (string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
fe99b7f7 540 "yadifa-" version "-" build ".tar.gz"))
8769d482 541 (sha256
92a33362 542 (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5")))))
6cf626e8
TGR		 543 (build-system gnu-build-system)
544 (native-inputs
545 `(("which" ,which)))
546 (inputs
547 `(("openssl" ,openssl)))
548 (arguments
57b05e4a
TGR		 549 `(#:phases
550 (modify-phases %standard-phases
551 (add-before 'configure 'omit-example-configurations
552 (lambda _
553 (substitute* "Makefile.in"
554 ((" (etc|var)") ""))
555 #t)))
556 #:configure-flags
557 (list "--sysconfdir=/etc"
558 "--localstatedir=/var"
559 "--disable-build-timestamp" ; build reproducibly
560 "--enable-shared"
561 "--disable-static"
562 "--enable-acl"
563 "--enable-caching"
564 "--enable-ctrl" ; enable remote control
565 "--enable-nsec"
566 "--enable-nsec3"
567 "--enable-tsig")))
6cf626e8
TGR		 568 (home-page "http://www.yadifa.eu/")
569 (synopsis "Authoritative DNS name server")
366efcb2
TGR		 570 (description "YADIFA is an authoritative name server for the @dfn{Domain
571Name System} (DNS). It aims for both higher performance and a smaller memory
6cf626e8 572footprint than other implementations, while remaining fully RFC-compliant.
366efcb2
TGR		 573YADIFA supports dynamic record updates and the @dfn{Domain Name System Security
574Extensions} (DNSSEC).")
6cf626e8 575 (license license:bsd-3)))
f9cdf1c1
TGR		 576
577(define-public knot
578 (package
579 (name "knot")
3abc9cc2 580 (version "2.8.2")
e41ddf76
TGR		 581 (source
582 (origin
583 (method url-fetch)
584 (uri (string-append "https://secure.nic.cz/files/knot-dns/"
585 "knot-" version ".tar.xz"))
586 (sha256
3abc9cc2 587 (base32 "0dx1lp4w33rpa54nns41k4vfdfin6naaskwh132r4qs0l9hl7lh0"))
e41ddf76
TGR		 588 (modules '((guix build utils)))
589 (snippet
590 '(begin
591 ;; Delete bundled libraries.
592 (with-directory-excursion "src/contrib"
593 (delete-file-recursively "lmdb"))
594 #t))))
f9cdf1c1
TGR		 595 (build-system gnu-build-system)
596 (native-inputs
597 `(("pkg-config" ,pkg-config)))
598 (inputs
023ef013
TGR		 599 `(("fstrm" ,fstrm)
600 ("gnutls" ,gnutls)
f9cdf1c1
TGR		 601 ("jansson" ,jansson)
602 ("libcap-ng" ,libcap-ng)
603 ("libedit" ,libedit)
604 ("libidn" ,libidn)
605 ("liburcu" ,liburcu)
606 ("lmdb" ,lmdb)
607 ("ncurses" ,ncurses)
1b00e3bd 608 ("protobuf-c" ,protobuf-c)))
f9cdf1c1
TGR		 609 (arguments
610 `(#:phases
611 (modify-phases %standard-phases
612 (add-before 'configure 'disable-directory-pre-creation
613 (lambda _
614 ;; Don't install empty directories like ‘/etc’ outside the store.
1b00e3bd 615 ;; This is needed even when using ‘make config_dir=... install’.
2d431b01
TGR		 616 (substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
617 #t))
f9cdf1c1
TGR		 618 (replace 'install
619 (lambda* (#:key outputs #:allow-other-keys)
620 (let* ((out (assoc-ref outputs "out"))
ee1362fc 621 (doc (string-append out "/share/doc/" ,name "-" ,version))
f9cdf1c1 622 (etc (string-append doc "/examples/etc")))
6b042495
TGR		 623 (invoke "make"
624 (string-append "config_dir=" etc)
1b00e3bd 625 "install")))))
f9cdf1c1
TGR		 626 #:configure-flags
627 (list "--sysconfdir=/etc"
628 "--localstatedir=/var"
1b00e3bd
TGR		 629 "--enable-dnstap" ; let tools read/write capture files
630 "--with-module-dnstap=yes" ; detailed query capturing & logging
f9cdf1c1
TGR		 631 (string-append "--with-bash-completions="
632 (assoc-ref %outputs "out")
633 "/etc/bash_completion.d"))))
634 (home-page "https://www.knot-dns.cz/")
635 (synopsis "Authoritative DNS name server")
d1e4ad1b 636 (description "Knot DNS is an authoritative name server for the @dfn{Domain
f9cdf1c1
TGR		 637Name System} (DNS), designed to meet the needs of root and @dfn{top-level
638domain} (TLD) name servers. It is implemented as a threaded daemon and uses a
639number of programming techniques to improve speed. For example, the responder
640is completely lock-free, resulting in a very high response rate. Other features
641include automatic @dfn{DNS Security Extensions} (DNSSEC) signing, dynamic record
642synthesis, and on-the-fly re-configuration.")
0056f4cc
TGR		 643 (license
644 (list
645 ;; src/contrib/{hat-trie,murmurhash3,openbsd},
646 ;; src/dnssec/contrib/vpool.[ch], and parts of libtap/ are ‘MIT’ (expat).
647 license:expat
648 license:lgpl2.0+ ; parts of scr/contrib/ucw
649 license:public-domain ; src/contrib/fnv and possibly murmurhash3
650 license:gpl3+)))) ; everything else
0bc2d3e4
OP		 651
652(define-public ddclient
653 (package
654 (name "ddclient")
e12df2c6 655 (version "3.9.0")
0bc2d3e4
OP		 656 (source (origin
657 (method url-fetch)
658 (uri (string-append "mirror://sourceforge/ddclient/ddclient/ddclient-"
659 version "/ddclient-" version ".tar.gz"))
660 (sha256
661 (base32
e12df2c6 662 "0fwyhab8yga2yi1kdfkbqxa83wxhwpagmj1w1mwkg2iffh1fjjlw"))))
0bc2d3e4
OP		 663 (build-system trivial-build-system) ; no Makefile.PL
664 (native-inputs
665 `(("bash" ,bash)
666 ("gzip" ,gzip)
667 ("perl" ,perl)
668 ("tar" ,tar)))
669 (inputs
e12df2c6
TGR		 670 `(("inetutils" ,inetutils) ; logger
671 ("net-tools" ,net-tools)
672 ("perl-data-validate-ip" ,perl-data-validate-ip)
673 ("perl-digest-sha1" ,perl-digest-sha1)
674 ("perl-io-socket-ssl" ,perl-io-socket-ssl)))
0bc2d3e4
OP		 675 (arguments
676 `(#:modules ((guix build utils)
677 (ice-9 match)
678 (srfi srfi-26))
679 #:builder
680 (begin
681 (use-modules (guix build utils)
682 (ice-9 match)
683 (srfi srfi-26))
684 ;; bootstrap
685 (setenv "PATH" (string-append
686 (assoc-ref %build-inputs "bash") "/bin" ":"
687 (assoc-ref %build-inputs "tar") "/bin" ":"
688 (assoc-ref %build-inputs "gzip") "/bin" ":"
689 (assoc-ref %build-inputs "perl") "/bin"))
690 ;; extract source
691 (invoke "tar" "xvf" (assoc-ref %build-inputs "source"))
692 ;; package
693 (with-directory-excursion (string-append ,name "-" ,version)
694 (let* ((out (assoc-ref %outputs "out"))
695 (bin (string-append out "/bin")))
696 (let ((file "ddclient"))
697 (substitute* file
698 (("/usr/bin/perl") (which "perl"))
699 ;; Strictly use ‘/etc/ddclient/ddclient.conf’.
700 (("\\$\\{program\\}\\.conf") "/etc/ddclient/ddclient.conf")
701 (("\\$etc\\$program.conf") "/etc/ddclient/ddclient.conf")
702 ;; Strictly use ‘/var/cache/ddclient/ddclient.cache’
703 (("\\$cachedir\\$program\\.cache")
704 "/var/cache/ddclient/ddclient.cache"))
705 (install-file file bin)
706 (wrap-program (string-append bin "/" file)
707 `("PATH" ":" =
708 ("$PATH"
709 ,@(map (lambda (input)
710 (match input
711 ((name . store)
712 (string-append store "/bin"))))
713 %build-inputs)))
714 `("PERL5LIB" ":" =
715 ,(delete
716 ""
717 (map (match-lambda
718 (((? (cut string-prefix? "perl-" <>) name) . dir)
719 (string-append dir "/lib/perl5/site_perl"))
720 (_ ""))
721 %build-inputs)))))
722 (for-each (cut install-file <> (string-append out
723 "/share/ddclient"))
724 (find-files "." "sample.*$")))))))
725 (home-page "https://sourceforge.net/projects/ddclient/")
726 (synopsis "Address updating utility for dynamic DNS services")
727 (description "This package provides a client to update dynamic IP
728addresses with several dynamic DNS service providers, such as
729@uref{https://www.dyndns.com/account/login.html,DynDNS.com}.
730
731This makes it possible to use a fixed hostname (such as myhost.dyndns.org) to
732access a machine with a dynamic IP address.
733
734The client supports both dynamic and (near) static services, as well as MX
735record and alternative name management. It caches the address, and only
736attempts the update when it has changed.")
737 (license license:gpl2+)))
91a4863d
LC		 738
739(define-public hnsd
740 ;; There have been no releases yet, hence this commit.
741 (let ((revision "0")
742 (commit "895d89c25d316d18df9d374fe78aae3902bc89fb"))
743 (package
744 (name "hnsd")
745 (version (git-version "0.0" revision commit))
746 (source (origin
747 (method git-fetch)
748 (uri (git-reference
749 (url "https://github.com/handshake-org/hnsd")
750 (commit commit)))
751 (sha256
752 (base32
753 "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16"))
754 (file-name (git-file-name name version))
755 (modules '((guix build utils)))
756 (snippet
757 '(begin
758 ;; Delete the bundled copy of libuv.
759 (delete-file-recursively "uv")
760 (substitute* "configure.ac"
761 (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") ""))
762 (substitute* "Makefile.am"
763 (("SUBDIRS = uv") "\n")
764 (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv")
765
766 ;; Make sure the 'hnsd' binary is installed and
767 ;; dynamically-linked.
768 (("noinst_PROGRAMS") "bin_PROGRAMS")
769 (("hnsd_LDFLAGS = -static") ""))
770
771 ;; This script tries to chdir to "uv" and doesn't do more
772 ;; than "autoreconf" so remove it.
773 (delete-file "autogen.sh")
774 #t))))
775 (build-system gnu-build-system)
776 (arguments
777 '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a
778 (native-inputs
779 `(("autoconf" ,autoconf)
780 ("automake" ,automake)
781 ("libtool" ,libtool)))
782 (inputs
783 `(("unbound" ,unbound)
784 ("libuv" ,libuv)))
785 (home-page "https://www.handshake.org/")
786 (synopsis "Resolver daemon for the Handshake naming protocol")
787 (description
788 "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming
789System (HNS) peer-to-peer network.")
790 (license license:expat))))
498911d3
MO		 791
792(define-public libmicrodns
793 (package
794 (name "libmicrodns")
795 (version "0.0.10")
796 (source (origin
797 (method git-fetch)
798 (uri (git-reference
799 (url "https://github.com/videolabs/libmicrodns")
800 (commit version)))
801 (file-name (git-file-name name version))
802 (sha256
803 (base32
804 "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh"))))
805 (build-system gnu-build-system)
806 (native-inputs
807 `(("pkg-config" ,pkg-config)
808 ("autoconf" ,autoconf)
809 ("automake" ,automake)
810 ("libtool" ,libtool)))
811 (home-page "https://github.com/videolabs/libmicrodns")
812 (synopsis "Minimal mDNS resolver library")
813 (description "@code{libmicrodns} provides a minimal implementation of a
814mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is
815a zero-config service that allows one to resolve host names to IP addresses in
816local networks.")
817 (license license:lgpl2.1)))
41553c90
CM		 818
819(define-public public-suffix-list
820 ;; Mozilla releases the official list here:
821 ;;
822 ;; https://publicsuffix.org/list/public_suffix_list.dat
823 ;;
824 ;; However, Mozilla syncs that file from the GitHub repository periodically,
825 ;; so its contents will change over time. If you update this commit, please
826 ;; make sure that the new commit refers to a list which is identical to the
827 ;; officially published list available from the URL above.
828 (let ((commit "9375b697baddb0827a5995c81bd3c75877a0b35d"))
829 (package
830 (name "public-suffix-list")
831 (version (git-version "0" "1" commit))
832 (source (origin
833 (method git-fetch)
834 (uri (git-reference
835 (url "https://github.com/publicsuffix/list.git")
836 (commit commit)))
837 (file-name (git-file-name name version))
838 (sha256
839 (base32
840 "1sm7pni01rnl4ldzi8z8nc4cbgq8nxda9gwc68v0s3ij7jd1jmik"))))
841 (build-system trivial-build-system)
842 (arguments
843 `(#:modules ((guix build utils))
844 #:builder
845 (begin
846 (use-modules (guix build utils))
847 (let* ((out (assoc-ref %outputs "out"))
848 ;; Install to /share because that is where "read-only
849 ;; architecture-independent data files" should go (see:
850 ;; (standards) Directory Variables). Include the version in
851 ;; the directory name so that if multiple versions are ever
852 ;; installed in the same profile, they will not conflict.
853 (destination (string-append
854 out "/share/public-suffix-list-" ,version))
855 (source (assoc-ref %build-inputs "source")))
856 (with-directory-excursion source
857 (install-file "public_suffix_list.dat" destination)
858 (install-file "LICENSE" destination))
859 #t))))
860 (home-page "https://publicsuffix.org/")
861 (synopsis "Database of current and historical DNS suffixes")
862 (description "This is the Public Suffix List maintained by Mozilla. A
863\"public suffix\" is one under which Internet users can (or historically
864could) directly register names in the Domain Name System (DNS). Some examples
865of public suffixes are .com, .co.uk and pvt.k12.ma.us. This is a list of all
866known public suffixes.")
867 (license license:mpl2.0))))
jackhill's copy of GNU Guix: https://guix.gnu.org/