HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
doc: Fix typo.
[jackhill/guix/guix.git] / gnu / packages / dns.scm
CommitLineData
dd2efd3d
TUBK		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
d912db5b 3;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
b2844d8f 4;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
76dd04be 5;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
be86b7ad 6;;; Copyright © 2016 John Darrington <jmd@gnu.org>
47956fa0 7;;; Copyright © 2016 ng0 <ng0@n0.is>
47b8608d 8;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
afe62a8b 9;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
ecc7aa89 10;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
7e61a16c 11;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
0bc2d3e4 12;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
498911d3 13;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
41553c90 14;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
7e5eda0c 15;;; Copyright © 2019 Rutger Helling <rhelling@mykolab.com>
37eaefe8 16;;; Copyright © 2020 Pierre Langlois <pierre.langlois@gmx.com>
dd2efd3d
TUBK		 17;;;
18;;; This file is part of GNU Guix.
19;;;
20;;; GNU Guix is free software; you can redistribute it and/or modify it
21;;; under the terms of the GNU General Public License as published by
22;;; the Free Software Foundation; either version 3 of the License, or (at
23;;; your option) any later version.
24;;;
25;;; GNU Guix is distributed in the hope that it will be useful, but
26;;; WITHOUT ANY WARRANTY; without even the implied warranty of
27;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28;;; GNU General Public License for more details.
29;;;
30;;; You should have received a copy of the GNU General Public License
31;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
32
36fb36b5 33(define-module (gnu packages dns)
f9cdf1c1 34 #:use-module (gnu packages admin)
71f048c6 35 #:use-module (gnu packages autotools)
6cf626e8 36 #:use-module (gnu packages base)
0bc2d3e4 37 #:use-module (gnu packages bash)
a35e16c0 38 #:use-module (gnu packages check)
1e744399 39 #:use-module (gnu packages databases)
a35e16c0 40 #:use-module (gnu packages documentation)
0bc2d3e4 41 #:use-module (gnu packages compression)
afe62a8b 42 #:use-module (gnu packages crypto)
f9cdf1c1 43 #:use-module (gnu packages datastructures)
7e61a16c 44 #:use-module (gnu packages flex)
cb6d322a 45 #:use-module (gnu packages glib)
71f048c6 46 #:use-module (gnu packages groff)
f9cdf1c1
TGR		 47 #:use-module (gnu packages groff)
48 #:use-module (gnu packages libedit)
afe62a8b 49 #:use-module (gnu packages libevent)
f9cdf1c1 50 #:use-module (gnu packages libidn)
1e744399 51 #:use-module (gnu packages linux)
a35e16c0 52 #:use-module (gnu packages lua)
f9cdf1c1
TGR		 53 #:use-module (gnu packages ncurses)
54 #:use-module (gnu packages nettle)
e12df2c6 55 #:use-module (gnu packages networking)
1e744399 56 #:use-module (gnu packages perl)
71f048c6 57 #:use-module (gnu packages pkg-config)
7e61a16c
GG		 58 #:use-module (gnu packages protobuf)
59 #:use-module (gnu packages python)
0406434b 60 #:use-module (gnu packages python-xyz)
a35e16c0 61 #:use-module (gnu packages sphinx)
7e61a16c 62 #:use-module (gnu packages swig)
a7fd7b68 63 #:use-module (gnu packages tls)
f9cdf1c1 64 #:use-module (gnu packages web)
1e744399 65 #:use-module (gnu packages xml)
12e530ba 66 #:use-module (gnu packages)
1e744399 67 #:use-module ((guix licenses) #:prefix license:)
dd2efd3d
TUBK		 68 #:use-module (guix packages)
69 #:use-module (guix download)
91a4863d 70 #:use-module (guix git-download)
7e61a16c 71 #:use-module (guix utils)
0bc2d3e4 72 #:use-module (guix build-system gnu)
a35e16c0 73 #:use-module (guix build-system meson)
0bc2d3e4 74 #:use-module (guix build-system trivial))
dd2efd3d
TUBK		 75
76(define-public dnsmasq
77 (package
78 (name "dnsmasq")
37eaefe8 79 (version "2.81")
dd2efd3d
TUBK		 80 (source (origin
81 (method url-fetch)
82 (uri (string-append
83 "http://www.thekelleys.org.uk/dnsmasq/dnsmasq-"
84 version ".tar.xz"))
85 (sha256
86 (base32
37eaefe8 87 "1yzq6anwgr5rlnwydpszb51cyhp2vjq29b24ck19flbwac1sk73l"))))
dd2efd3d 88 (build-system gnu-build-system)
cb6d322a
CB		 89 (native-inputs
90 `(("pkg-config" ,pkg-config)))
91 (inputs
92 `(("dbus" ,dbus)))
dd2efd3d
TUBK		 93 (arguments
94 `(#:phases
dc1d3cde 95 (modify-phases %standard-phases (delete 'configure))
dd2efd3d 96 #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
cb6d322a
CB		 97 "CC=gcc"
98 "COPTS=\"-DHAVE_DBUS\"")
4e6c51d4 99 #:tests? #f)) ; no ‘check’ target
dd2efd3d
TUBK		 100 (home-page "http://www.thekelleys.org.uk/dnsmasq/doc.html")
101 (synopsis "Small caching DNS proxy and DHCP/TFTP server")
102 (description
c657716e
TGR		 103 "Dnsmasq is a light-weight DNS forwarder and DHCP server. It is designed
104to provide DNS and, optionally, DHCP to a small network. It can serve the
dd2efd3d
TUBK		 105names of local machines which are not in the global DNS. The DHCP server
106integrates with the DNS server and allows machines with DHCP-allocated
c657716e 107addresses to appear in the DNS with names configured either on each host or in
dd2efd3d
TUBK		 108a central configuration file. Dnsmasq supports static and dynamic DHCP leases
109and BOOTP/TFTP for network booting of diskless machines.")
110 ;; Source files only say GPL2 and GPL3 are allowed.
1e744399
 111 (license (list license:gpl2 license:gpl3))))
112
a0683006
LC		 113;; 'bind' is the name of a built-in Guile procedure, which is why we choose a
114;; different name here.
115(define-public isc-bind
1e744399 116 (package
be86b7ad 117 (name "bind")
6d27891a 118 (version "9.16.1")
1e744399
 119 (source (origin
120 (method url-fetch)
be86b7ad 121 (uri (string-append
54fd7c02 122 "https://ftp.isc.org/isc/bind9/" version
3c4c60fa 123 "/bind-" version ".tar.xz"))
1e744399
 124 (sha256
125 (base32
6d27891a 126 "14ayswxnyaqwb935iqdi1w9ih3zs0a0va59j4cyi5f9mh7kxf4x9"))))
1e744399 127 (build-system gnu-build-system)
be86b7ad 128 (outputs `("out" "utils"))
1e744399 129 (inputs
fc0dd636 130 ;; It would be nice to add GeoIP and gssapi once there are packages.
1e744399 131 `(("libcap" ,libcap)
3c4c60fa 132 ("libuv" ,libuv)
1e744399 133 ("libxml2" ,libxml2)
1e744399 134 ("openssl" ,openssl)
0406434b
TGR		 135 ("p11-kit" ,p11-kit)
136 ("python" ,python)
137 ("python-ply" ,python-ply)))
3c4c60fa
TGR		 138 (native-inputs
139 `(("perl" ,perl)
140 ("pkg-config" ,pkg-config)))
1e744399 141 (arguments
be86b7ad 142 `(#:configure-flags
3c4c60fa 143 (list (string-append "--with-pkcs11="
1e744399
 144 (assoc-ref %build-inputs "p11-kit")))
145 #:phases
be86b7ad
JD		 146 (modify-phases %standard-phases
147 (add-after 'strip 'move-to-utils
148 (lambda _
149 (for-each
150 (lambda (file)
151 (let ((target (string-append (assoc-ref %outputs "utils") file))
152 (src (string-append (assoc-ref %outputs "out") file)))
153 (mkdir-p (dirname target))
154 (link src target)
155 (delete-file src)))
156 '("/bin/dig" "/bin/delv" "/bin/nslookup" "/bin/host" "/bin/nsupdate"
157 "/share/man/man1/dig.1"
158 "/share/man/man1/host.1"
159 "/share/man/man1/nslookup.1"
6023ecab
TGR		 160 "/share/man/man1/nsupdate.1"))
161 #t))
be86b7ad
JD		 162 ;; When and if guix provides user namespaces for the build process,
163 ;; then the following can be uncommented and the subsequent "force-test"
164 ;; will not be necessary.
165 ;;
166 ;; (add-before 'check 'set-up-loopback
167 ;; (lambda _
168 ;; (system "bin/tests/system/ifconfig.sh up")))
169 (replace 'check
170 (lambda _
c72c1005
TGR		 171 ;; XXX Even ‘make force-test’ tries to create network interfaces
172 ;; and fails. The only working target is the (trivial) fuzz test.
173 (with-directory-excursion "fuzz"
174 (invoke "make" "check"))
175 #t)))))
be86b7ad 176 (synopsis "An implementation of the Domain Name System")
366efcb2
TGR		 177 (description "BIND is an implementation of the @dfn{Domain Name System}
178(DNS) protocols for the Internet. It is a reference implementation of those
be86b7ad
JD		 179protocols, but it is also production-grade software, suitable for use in
180high-volume and high-reliability applications. The name BIND stands for
181\"Berkeley Internet Name Domain\", because the software originated in the early
1821980s at the University of California at Berkeley.")
183 (home-page "https://www.isc.org/downloads/bind")
ecc7aa89 184 (license (list license:mpl2.0))))
be86b7ad 185
d24727c0
MB		 186(define-public dnscrypt-proxy
187 (package
188 (name "dnscrypt-proxy")
83a89531 189 (version "1.9.5")
d24727c0
MB		 190 (source (origin
191 (method url-fetch)
192 (uri (string-append
193 "https://download.dnscrypt.org/dnscrypt-proxy/"
194 "dnscrypt-proxy-" version ".tar.bz2"))
195 (sha256
196 (base32
83a89531 197 "1dhvklr4dg2vlw108n11xbamacaryyg3dbrg629b76lp7685p7z8"))
d24727c0
MB		 198 (modules '((guix build utils)))
199 (snippet
200 ;; Delete bundled libltdl. XXX: This package also bundles
201 ;; a modified libevent that cannot currently be removed.
6cbee49d
MW		 202 '(begin
203 (delete-file-recursively "libltdl")
204 #t))))
d24727c0
MB		 205 (build-system gnu-build-system)
206 (arguments
207 `(#:phases
208 (modify-phases %standard-phases
d10092b8 209 (add-after 'unpack 'autoreconf
d24727c0
MB		 210 (lambda _
211 ;; Re-generate build files due to unbundling ltdl.
212 ;; TODO: Prevent generating new libltdl and building it.
213 ;; The system version is still favored and referenced.
997a4e18 214 (invoke "autoreconf" "-vif"))))))
d24727c0
MB		 215 (native-inputs
216 `(("pkg-config" ,pkg-config)
217 ("automake" ,automake)
218 ("autoconf" ,autoconf)
219 ("libtool" ,libtool)))
220 (inputs
221 `(("libltdl" ,libltdl)
222 ("libsodium" ,libsodium)))
223 (home-page "https://www.dnscrypt.org/")
224 (synopsis "Securely send DNS requests to a remote server")
225 (description
226 "@command{dnscrypt-proxy} is a tool for securing communications
227between a client and a DNS resolver. It verifies that responses you get
228from a DNS provider was actually sent by that provider, and haven't been
229tampered with. For optimal performance it is recommended to use this as
230a forwarder for a caching DNS resolver such as @command{dnsmasq}, but it
231can also be used as a normal DNS \"server\". A list of public dnscrypt
232servers is included, and an up-to-date version is available at
233@url{https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv}.")
234 (license (list license:isc
235 ;; Libevent and src/ext/queue.h is 3-clause BSD.
236 license:bsd-3))))
237
afe62a8b
MB		 238(define-public dnscrypt-wrapper
239 (package
240 (name "dnscrypt-wrapper")
241 (version "0.2.2")
242 (source (origin
243 (method url-fetch)
244 (uri (string-append
245 "https://github.com/cofyc/dnscrypt-wrapper/releases"
246 "/download/v" version "/" name "-v" version ".tar.bz2"))
247 (sha256
248 (base32
249 "1vhg4g0r687f51wcdn7z9w1hxapazx6vyh5rsr8wa48sljzd583g"))))
250 (build-system gnu-build-system)
251 (arguments
252 `(#:make-flags '("CC=gcc")
253 ;; TODO: Tests require ruby-cucumber and ruby-aruba.
254 #:tests? #f
255 #:phases
256 (modify-phases %standard-phases
d10092b8 257 (add-after 'unpack 'create-configure
afe62a8b 258 (lambda _
b43cd106 259 (invoke "make" "configure"))))))
afe62a8b
MB		 260 (native-inputs
261 `(("autoconf" ,autoconf)))
262 (inputs
263 `(("libevent" ,libevent)
264 ("libsodium" ,libsodium)))
265 (home-page "https://github.com/Cofyc/dnscrypt-wrapper")
266 (synopsis "Server-side dnscrypt proxy")
267 (description
268 "@command{dnscrypt-wrapper} is a tool to expose a name server over
269the @code{dnscrypt} protocol. It can be used as an endpoint for the
270@command{dnscrypt-proxy} client to securely tunnel DNS requests between
271the two.")
272 (license (list license:isc
273 ;; Bundled argparse is MIT. TODO: package and unbundle.
274 license:expat
275 ;; dns-protocol.h and rfc1035.{c,h} is gpl2 or gpl3 (either).
276 license:gpl2
277 license:gpl3))))
278
71f048c6 279(define-public libasr
280 (package
281 (name "libasr")
4bf26153 282 (version "1.0.4")
71f048c6 283 (source
284 (origin
285 (method url-fetch)
286 (uri (string-append "https://www.opensmtpd.org/archives/"
c34d0cd8 287 "libasr-" version ".tar.gz"))
71f048c6 288 (sha256
4bf26153 289 (base32 "1d6s8njqhvayx2gp47409sp1fn8m608ws26hr1srfp6i23nnpyqr"))))
71f048c6 290 (build-system gnu-build-system)
0aa217e7
TGR		 291 (arguments
292 `(#:phases
293 (modify-phases %standard-phases
0aa217e7
TGR		 294 (add-after 'install 'install-documentation
295 (lambda* (#:key outputs #:allow-other-keys)
296 (let ((out (assoc-ref outputs "out")))
297 (install-file "src/asr_run.3"
298 (string-append out "/share/man/man3"))
299 #t))))))
71f048c6 300 (native-inputs
301 `(("autoconf" ,autoconf)
302 ("automake" ,automake)
0aa217e7
TGR		 303 ("libtool" ,libtool)
304 ("pkg-config" ,pkg-config)))
71f048c6 305 (home-page "https://www.opensmtpd.org")
306 (synopsis "Asynchronous resolver library by the OpenBSD project")
307 (description
308 "libasr is a free, simple and portable asynchronous resolver library.
23f5dd91 309It runs DNS queries and performs hostname resolution in a fully
71f048c6 310asynchronous fashion.")
311 (license (list license:isc
312 license:bsd-2 ; last part of getrrsetbyname_async.c
313 license:bsd-3
314 (license:non-copyleft "file://LICENSE") ; includes.h
315 license:openssl))))
6cf626e8 316
7382ecd8
TGR		 317(define-public nsd
318 (package
319 (name "nsd")
def6eed5 320 (version "4.2.4")
7382ecd8
TGR		 321 (source
322 (origin
323 (method url-fetch)
324 (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-"
325 version ".tar.gz"))
326 (sha256
def6eed5 327 (base32 "0z7j3vwqqj0hh8n5irb2yqwzl45k4sn2wczbq1b1lqv5cxv6vgcy"))))
7382ecd8
TGR		 328 (build-system gnu-build-system)
329 (arguments
330 `(#:configure-flags
331 (list "--enable-pie" ; fully benefit from ASLR
332 "--enable-ratelimit"
333 "--enable-recvmmsg"
334 "--enable-relro-now" ; protect GOT and .dtor areas
335 "--disable-radix-tree"
336 (string-append "--with-libevent="
337 (assoc-ref %build-inputs "libevent"))
338 (string-append "--with-ssl="
339 (assoc-ref %build-inputs "openssl"))
340 "--with-configdir=/etc"
341 "--with-nsd_conf_file=/etc/nsd/nsd.conf"
342 "--with-logfile=/var/log/nsd.log"
343 "--with-pidfile=/var/db/nsd/nsd.pid"
344 "--with-dbfile=/var/db/nsd/nsd.db"
345 "--with-zonesdir=/etc/nsd"
346 "--with-xfrdfile=/var/db/nsd/xfrd.state"
347 "--with-zonelistfile=/var/db/nsd/zone.list")
348 #:phases
349 (modify-phases %standard-phases
350 (add-before 'configure 'patch-installation-paths
351 (lambda* (#:key outputs #:allow-other-keys)
352 (let* ((out (assoc-ref outputs "out"))
353 (doc (string-append out "/share/doc/" ,name "-" ,version)))
354 ;; The ‘make install’ target tries to create the parent
355 ;; directories of run-time things like ‘pidfile’ above, and
356 ;; useless empty directories like 'configdir'. Remove such
357 ;; '$(INSTALL)' lines and install the example configuration file
358 ;; in an appropriate location.
359 (substitute* "Makefile.in"
360 ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command)
361 (string-append "#" command))
362 (("\\$\\(nsdconfigfile\\)\\.sample" file-name)
363 (string-append doc "/examples/" file-name)))
364 #t))))
365 #:tests? #f)) ; no tests
366 (inputs
367 `(("libevent" ,libevent)
368 ("openssl" ,openssl)))
369 (home-page "https://www.nlnetlabs.nl/projects/nsd/about/")
370 (synopsis "Authoritative DNS name server")
371 (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
372name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and
373RFC-compliant nameserver.
374
375NSD uses zone information compiled via @command{zonec} into a binary database
376file (@file{nsd.db}). This allows fast startup of the name service daemon and
377allows syntax-structural errors in zone files to be flagged at compile time,
378before being made available to NSD service itself. However, most traditional
379BIND-style zone files can be directly imported into NSD without modification.
380
381The collection of programs and processes that make up NSD are designed so that
382the daemon itself runs as a non-privileged user and can be easily configured to
383run in a @code{chroot} jail, thus making any security flaws in NSD less likely
384to result in system-wide compromise.")
385 (license (list license:bsd-3))))
386
7e61a16c
GG		 387(define-public unbound
388 (package
389 (name "unbound")
e7ba60dd 390 (version "1.10.0")
7e61a16c
GG		 391 (source
392 (origin
393 (method url-fetch)
394 (uri (string-append "https://www.unbound.net/downloads/unbound-"
395 version ".tar.gz"))
396 (sha256
e7ba60dd 397 (base32 "0mg9divpysr42sp0m693a70693dp8025v6c9dv1yabr4g1jlhbqm"))))
7e61a16c
GG		 398 (build-system gnu-build-system)
399 (outputs '("out" "python"))
400 (native-inputs
401 `(("flex" ,flex)
402 ("swig" ,swig)))
403 (inputs
404 `(("expat" ,expat)
405 ("libevent" ,libevent)
406 ("protobuf" ,protobuf)
7e61a16c
GG		 407 ("python-wrapper" ,python-wrapper)
408 ("openssl" ,openssl)))
409 (arguments
410 `(#:configure-flags
37040b85 411 (list "--disable-static" ; save space and non-determinism in libunbound.a
a431929d 412 (string-append
7e61a16c
GG		 413 "--with-ssl=" (assoc-ref %build-inputs "openssl"))
414 (string-append
415 "--with-libevent=" (assoc-ref %build-inputs "libevent"))
416 (string-append
417 "--with-libexpat=" (assoc-ref %build-inputs "expat"))
418 "--with-pythonmodule" "--with-pyunbound")
419 #:phases
420 (modify-phases %standard-phases
421 (add-after 'configure 'fix-python-site-package-path
422 ;; Move python modules into their own output.
423 (lambda* (#:key outputs #:allow-other-keys)
424 (let ((pyout (assoc-ref outputs "python"))
425 (ver ,(version-major+minor (package-version python))))
426 (substitute* "Makefile"
427 (("^PYTHON_SITE_PKG=.*$")
428 (string-append
429 "PYTHON_SITE_PKG="
430 pyout "/lib/python-" ver "/site-packages\n"))))
431 #t))
432 (add-before 'check 'fix-missing-nss-for-tests
433 ;; Unfortunately, the package's unittests involve some checks
434 ;; looking up protocols and services which are not provided
435 ;; by the minimalistic build environment, in particular,
436 ;; /etc/protocols and /etc/services are missing.
437 ;; Also, after plain substitution of protocol and service names
438 ;; in the test data, the tests still fail because the
439 ;; corresponding Resource Records have been signed by
440 ;; RRSIG records.
441 ;; The following LD_PRELOAD library overwrites the glibc
442 ;; functions ‘get{proto,serv}byname’, ‘getprotobynumber’ and
443 ;; ‘getservbyport’ providing the few records required for the
444 ;; unit tests to pass.
445 (lambda* (#:key inputs outputs #:allow-other-keys)
446 (let* ((source (assoc-ref %build-inputs "source"))
447 (gcc (assoc-ref %build-inputs "gcc")))
448 (call-with-output-file "/tmp/nss_preload.c"
449 (lambda (port)
450 (display "#include <stdlib.h>
451#include <string.h>
452#include <strings.h>
453
454#include <netdb.h>
455
456struct protoent *getprotobyname(const char *name) {
457 struct protoent *p = malloc(sizeof(struct protoent));
458 p->p_aliases = malloc(sizeof(char*));
459 if (strcasecmp(name, \"tcp\") == 0) {
460 p->p_name = \"tcp\";
461 p->p_proto = 6;
462 p->p_aliases[0] = \"TCP\";
463 } else if (strcasecmp(name, \"udp\") == 0) {
464 p->p_name = \"udp\";
465 p->p_proto = 17;
466 p->p_aliases[0] = \"UDP\";
467 } else
468 p = NULL;
469 return p;
470}
471
472struct protoent *getprotobynumber(int proto) {
473 struct protoent *p = malloc(sizeof(struct protoent));
474 p->p_aliases = malloc(sizeof(char*));
475 switch(proto) {
476 case 6:
477 p->p_name = \"tcp\";
478 p->p_proto = 6;
479 p->p_aliases[0] = \"TCP\";
480 break;
481 case 17:
482 p->p_name = \"udp\";
483 p->p_proto = 17;
484 p->p_aliases[0] = \"UDP\";
485 break;
486 default:
487 p = NULL;
488 break;
489 }
490 return p;
491}
492
493struct servent *getservbyname(const char *name, const char *proto) {
494 struct servent *s = malloc(sizeof(struct servent));
495 char* buf = malloc((strlen(proto)+1)*sizeof(char));
496 strcpy(buf, proto);
497 s->s_aliases = malloc(sizeof(char*));
498 s->s_aliases[0] = NULL;
499 if (strcasecmp(name, \"domain\") == 0) {
500 s->s_name = \"domain\";
501 s->s_port = htons(53);
502 s->s_proto = buf;
503 } else
504 s = NULL;
505 return s;
506}
507
508struct servent *getservbyport(int port, const char *proto) {
509 char buf[32];
510 struct servent *s = malloc(sizeof(struct servent));
511 strcpy(buf, proto);
512 s->s_aliases = malloc(sizeof(char*));
513 s->s_aliases[0] = NULL;
514 switch(port) {
515 case 53:
516 s->s_name = \"domain\";
517 s->s_port = 53;
518 s->s_proto = \"udp\";
519 break;
520 default:
521 s = NULL;
522 break;
523 }
524 return s;
525}" port)))
9a3a1565
TGR		 526 (invoke (string-append gcc "/bin/gcc")
527 "-shared" "-fPIC" "-o" "/tmp/nss_preload.so"
528 "/tmp/nss_preload.c")
7e61a16c
GG		 529 ;; The preload library only affects the unittests.
530 (substitute* "Makefile"
531 (("./unittest")
532 "LD_PRELOAD=/tmp/nss_preload.so ./unittest")))
533 #t)))))
534 (home-page "https://www.unbound.net")
535 (synopsis "Validating, recursive, and caching DNS resolver")
536 (description
537 "Unbound is a recursive-only caching DNS server which can perform DNSSEC
538validation of results. It implements only a minimal amount of authoritative
539service to prevent leakage to the root nameservers: forward lookups for
540localhost, reverse for @code{127.0.0.1} and @code{::1}, and NXDOMAIN for zones
541served by AS112. Stub and forward zones are supported.")
542 (license license:bsd-4)))
543
6cf626e8
TGR		 544(define-public yadifa
545 (package
546 (name "yadifa")
92a33362 547 (version "2.3.9")
6cf626e8 548 (source
92a33362 549 (let ((build "8497"))
8769d482
TGR		 550 (origin
551 (method url-fetch)
552 (uri
553 (string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
fe99b7f7 554 "yadifa-" version "-" build ".tar.gz"))
8769d482 555 (sha256
92a33362 556 (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5")))))
6cf626e8
TGR		 557 (build-system gnu-build-system)
558 (native-inputs
559 `(("which" ,which)))
560 (inputs
561 `(("openssl" ,openssl)))
562 (arguments
57b05e4a
TGR		 563 `(#:phases
564 (modify-phases %standard-phases
565 (add-before 'configure 'omit-example-configurations
566 (lambda _
567 (substitute* "Makefile.in"
568 ((" (etc|var)") ""))
569 #t)))
570 #:configure-flags
571 (list "--sysconfdir=/etc"
572 "--localstatedir=/var"
573 "--disable-build-timestamp" ; build reproducibly
574 "--enable-shared"
575 "--disable-static"
576 "--enable-acl"
577 "--enable-caching"
578 "--enable-ctrl" ; enable remote control
579 "--enable-nsec"
580 "--enable-nsec3"
581 "--enable-tsig")))
9f733172 582 (home-page "https://www.yadifa.eu/")
6cf626e8 583 (synopsis "Authoritative DNS name server")
366efcb2
TGR		 584 (description "YADIFA is an authoritative name server for the @dfn{Domain
585Name System} (DNS). It aims for both higher performance and a smaller memory
6cf626e8 586footprint than other implementations, while remaining fully RFC-compliant.
366efcb2
TGR		 587YADIFA supports dynamic record updates and the @dfn{Domain Name System Security
588Extensions} (DNSSEC).")
6cf626e8 589 (license license:bsd-3)))
f9cdf1c1
TGR		 590
591(define-public knot
592 (package
593 (name "knot")
d7488433 594 (version "2.9.3")
e41ddf76
TGR		 595 (source
596 (origin
597 (method url-fetch)
598 (uri (string-append "https://secure.nic.cz/files/knot-dns/"
599 "knot-" version ".tar.xz"))
600 (sha256
d7488433 601 (base32 "0zm0642hkb16sqkqpa84f89f3s0bw44m837r1nia8m89swvz3bgj"))
e41ddf76
TGR		 602 (modules '((guix build utils)))
603 (snippet
604 '(begin
605 ;; Delete bundled libraries.
606 (with-directory-excursion "src/contrib"
607 (delete-file-recursively "lmdb"))
608 #t))))
f9cdf1c1
TGR		 609 (build-system gnu-build-system)
610 (native-inputs
611 `(("pkg-config" ,pkg-config)))
612 (inputs
023ef013
TGR		 613 `(("fstrm" ,fstrm)
614 ("gnutls" ,gnutls)
f9cdf1c1
TGR		 615 ("jansson" ,jansson)
616 ("libcap-ng" ,libcap-ng)
617 ("libedit" ,libedit)
618 ("libidn" ,libidn)
619 ("liburcu" ,liburcu)
620 ("lmdb" ,lmdb)
621 ("ncurses" ,ncurses)
1b00e3bd 622 ("protobuf-c" ,protobuf-c)))
f9cdf1c1
TGR		 623 (arguments
624 `(#:phases
625 (modify-phases %standard-phases
626 (add-before 'configure 'disable-directory-pre-creation
627 (lambda _
628 ;; Don't install empty directories like ‘/etc’ outside the store.
1b00e3bd 629 ;; This is needed even when using ‘make config_dir=... install’.
2d431b01
TGR		 630 (substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
631 #t))
f9cdf1c1
TGR		 632 (replace 'install
633 (lambda* (#:key outputs #:allow-other-keys)
634 (let* ((out (assoc-ref outputs "out"))
ee1362fc 635 (doc (string-append out "/share/doc/" ,name "-" ,version))
f9cdf1c1 636 (etc (string-append doc "/examples/etc")))
6b042495
TGR		 637 (invoke "make"
638 (string-append "config_dir=" etc)
1b00e3bd 639 "install")))))
f9cdf1c1
TGR		 640 #:configure-flags
641 (list "--sysconfdir=/etc"
642 "--localstatedir=/var"
1b00e3bd
TGR		 643 "--enable-dnstap" ; let tools read/write capture files
644 "--with-module-dnstap=yes" ; detailed query capturing & logging
f9cdf1c1
TGR		 645 (string-append "--with-bash-completions="
646 (assoc-ref %outputs "out")
647 "/etc/bash_completion.d"))))
648 (home-page "https://www.knot-dns.cz/")
649 (synopsis "Authoritative DNS name server")
d1e4ad1b 650 (description "Knot DNS is an authoritative name server for the @dfn{Domain
f9cdf1c1
TGR		 651Name System} (DNS), designed to meet the needs of root and @dfn{top-level
652domain} (TLD) name servers. It is implemented as a threaded daemon and uses a
653number of programming techniques to improve speed. For example, the responder
654is completely lock-free, resulting in a very high response rate. Other features
655include automatic @dfn{DNS Security Extensions} (DNSSEC) signing, dynamic record
656synthesis, and on-the-fly re-configuration.")
0056f4cc
TGR		 657 (license
658 (list
659 ;; src/contrib/{hat-trie,murmurhash3,openbsd},
660 ;; src/dnssec/contrib/vpool.[ch], and parts of libtap/ are ‘MIT’ (expat).
661 license:expat
662 license:lgpl2.0+ ; parts of scr/contrib/ucw
663 license:public-domain ; src/contrib/fnv and possibly murmurhash3
664 license:gpl3+)))) ; everything else
0bc2d3e4 665
a35e16c0
SB		 666(define-public knot-resolver
667 (package
668 (name "knot-resolver")
cb73f30d 669 (version "4.3.0")
a35e16c0
SB		 670 (source (origin
671 (method url-fetch)
672 (uri (string-append "https://secure.nic.cz/files/knot-resolver/"
673 "knot-resolver-" version ".tar.xz"))
674 (sha256
675 (base32
cb73f30d 676 "09ffmqx79lv5psr433x4n946njgsn071b9b7161pcb9bmrqz380c"))))
a35e16c0
SB		 677 (build-system meson-build-system)
678 (arguments
8a5c4384 679 '(#:configure-flags '("-Ddoc=enabled")
a35e16c0
SB		 680 #:phases
681 (modify-phases %standard-phases
8a5c4384
SB		 682 (add-before 'configure 'disable-default-ta
683 (lambda _
684 ;; Disable the default managed root TA, since we don't have
685 ;; write access to the keyfile and its directory in store.
686 (substitute* "daemon/lua/sandbox.lua.in"
687 (("^trust_anchors\\.add_file.*") ""))
688 #t))
a35e16c0
SB		 689 (add-after 'build 'build-doc
690 (lambda _
691 (invoke "ninja" "doc")))
692 (add-after 'install 'wrap-binary
693 (lambda* (#:key inputs outputs #:allow-other-keys)
694 (let* ((out (assoc-ref outputs "out"))
695 (lua-* (map cdr (filter
696 (lambda (input)
697 (string-prefix? "lua-" (car input)))
698 inputs)))
699 (lua-path (lambda (p)
700 (string-append p "/share/lua/5.1/?.lua")))
701 (lua-cpath (lambda (p)
702 (string-append p "/lib/lua/5.1/?.so"))))
703 (wrap-program (string-append out "/sbin/kresd")
704 `("LUA_PATH" ";" prefix ,(map lua-path lua-*))
705 `("LUA_CPATH" ";" prefix ,(map lua-cpath lua-*)))
706 #t))))))
707 (native-inputs
708 `(("cmocka" ,cmocka) ; for unit tests
709 ("doxygen" ,doxygen)
710 ("protobuf-c" ,protobuf-c)
711 ("pkg-config" ,pkg-config)
712 ("python-breathe" ,python-breathe)
713 ("python-sphinx" ,python-sphinx)
714 ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme)))
715 (inputs
716 `(("fstrm" ,fstrm)
717 ("gnutls" ,gnutls)
718 ("knot" ,knot)
719 ("libuv" ,libuv)
720 ("lmdb" ,lmdb)
721 ("luajit" ,luajit)
722 ;; TODO: Add optional lua modules: basexx, cqueues and psl.
723 ("lua-bitop" ,lua5.1-bitop)
724 ("lua-filesystem" ,lua5.1-filesystem)
725 ("lua-sec" ,lua5.1-sec)
726 ("lua-socket" ,lua5.1-socket)))
727 (home-page "https://www.knot-resolver.cz/")
728 (synopsis "Caching validating DNS resolver")
729 (description
730 "Knot Resolver is a caching full resolver implementation written in C and
731LuaJIT, both a resolver library and a daemon.")
732 (license (list license:gpl3+
733 ;; Some 'contrib' files are under MIT, CC0 and LGPL2.
734 license:expat
735 license:cc0
736 license:lgpl2.0))))
737
0bc2d3e4
OP		 738(define-public ddclient
739 (package
740 (name "ddclient")
8bb9f997
TGR		 741 (version "3.9.1")
742 (source
743 (origin
744 (method git-fetch)
745 (uri (git-reference
746 (url "https://github.com/ddclient/ddclient.git")
747 (commit (string-append "v" version))))
748 (file-name (git-file-name name version))
749 (sha256
750 (base32 "0hf377g4j9r9sac75xp17nk2h58mazswz4vkg4g2gl2yyhvzq91w"))))
0bc2d3e4
OP		 751 (build-system trivial-build-system) ; no Makefile.PL
752 (native-inputs
753 `(("bash" ,bash)
8bb9f997 754 ("perl" ,perl)))
0bc2d3e4 755 (inputs
e12df2c6
TGR		 756 `(("inetutils" ,inetutils) ; logger
757 ("net-tools" ,net-tools)
758 ("perl-data-validate-ip" ,perl-data-validate-ip)
759 ("perl-digest-sha1" ,perl-digest-sha1)
760 ("perl-io-socket-ssl" ,perl-io-socket-ssl)))
0bc2d3e4
OP		 761 (arguments
762 `(#:modules ((guix build utils)
763 (ice-9 match)
764 (srfi srfi-26))
765 #:builder
766 (begin
767 (use-modules (guix build utils)
768 (ice-9 match)
769 (srfi srfi-26))
0bc2d3e4
OP		 770 (setenv "PATH" (string-append
771 (assoc-ref %build-inputs "bash") "/bin" ":"
0bc2d3e4 772 (assoc-ref %build-inputs "perl") "/bin"))
8bb9f997
TGR		 773
774 ;; Copy the (read-only) source into the (writable) build directory.
775 (copy-recursively (assoc-ref %build-inputs "source") ".")
776
777 ;; Install.
778 (let* ((out (assoc-ref %outputs "out"))
779 (bin (string-append out "/bin")))
780 (let ((file "ddclient"))
781 (substitute* file
782 (("/usr/bin/perl") (which "perl"))
783 ;; Strictly use ‘/etc/ddclient/ddclient.conf’.
784 (("\\$\\{program\\}\\.conf") "/etc/ddclient/ddclient.conf")
785 (("\\$etc\\$program.conf") "/etc/ddclient/ddclient.conf")
786 ;; Strictly use ‘/var/cache/ddclient/ddclient.cache’
787 (("\\$cachedir\\$program\\.cache")
788 "/var/cache/ddclient/ddclient.cache"))
789 (install-file file bin)
790 (wrap-program (string-append bin "/" file)
791 `("PATH" ":" =
792 ("$PATH"
793 ,@(map (lambda (input)
794 (match input
795 ((name . store)
796 (string-append store "/bin"))))
797 %build-inputs)))
798 `("PERL5LIB" ":" =
799 ,(delete
800 ""
801 (map (match-lambda
802 (((? (cut string-prefix? "perl-" <>) name) . dir)
803 (string-append dir "/lib/perl5/site_perl"))
804 (_ ""))
805 %build-inputs)))))
806 (for-each (cut install-file <> (string-append out
807 "/share/ddclient"))
808 (find-files "." "sample.*$"))))))
9469ab53 809 (home-page "https://ddclient.net/")
0bc2d3e4
OP		 810 (synopsis "Address updating utility for dynamic DNS services")
811 (description "This package provides a client to update dynamic IP
812addresses with several dynamic DNS service providers, such as
813@uref{https://www.dyndns.com/account/login.html,DynDNS.com}.
814
815This makes it possible to use a fixed hostname (such as myhost.dyndns.org) to
816access a machine with a dynamic IP address.
817
818The client supports both dynamic and (near) static services, as well as MX
819record and alternative name management. It caches the address, and only
820attempts the update when it has changed.")
821 (license license:gpl2+)))
91a4863d
LC		 822
823(define-public hnsd
824 ;; There have been no releases yet, hence this commit.
825 (let ((revision "0")
826 (commit "895d89c25d316d18df9d374fe78aae3902bc89fb"))
827 (package
828 (name "hnsd")
829 (version (git-version "0.0" revision commit))
830 (source (origin
831 (method git-fetch)
832 (uri (git-reference
833 (url "https://github.com/handshake-org/hnsd")
834 (commit commit)))
835 (sha256
836 (base32
837 "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16"))
838 (file-name (git-file-name name version))
839 (modules '((guix build utils)))
840 (snippet
841 '(begin
842 ;; Delete the bundled copy of libuv.
843 (delete-file-recursively "uv")
844 (substitute* "configure.ac"
845 (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") ""))
846 (substitute* "Makefile.am"
847 (("SUBDIRS = uv") "\n")
848 (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv")
849
850 ;; Make sure the 'hnsd' binary is installed and
851 ;; dynamically-linked.
852 (("noinst_PROGRAMS") "bin_PROGRAMS")
853 (("hnsd_LDFLAGS = -static") ""))
854
855 ;; This script tries to chdir to "uv" and doesn't do more
856 ;; than "autoreconf" so remove it.
857 (delete-file "autogen.sh")
858 #t))))
859 (build-system gnu-build-system)
860 (arguments
861 '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a
862 (native-inputs
863 `(("autoconf" ,autoconf)
864 ("automake" ,automake)
865 ("libtool" ,libtool)))
866 (inputs
867 `(("unbound" ,unbound)
868 ("libuv" ,libuv)))
869 (home-page "https://www.handshake.org/")
870 (synopsis "Resolver daemon for the Handshake naming protocol")
871 (description
872 "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming
873System (HNS) peer-to-peer network.")
874 (license license:expat))))
498911d3
MO		 875
876(define-public libmicrodns
877 (package
878 (name "libmicrodns")
879 (version "0.0.10")
880 (source (origin
881 (method git-fetch)
882 (uri (git-reference
883 (url "https://github.com/videolabs/libmicrodns")
884 (commit version)))
885 (file-name (git-file-name name version))
886 (sha256
887 (base32
888 "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh"))))
889 (build-system gnu-build-system)
890 (native-inputs
891 `(("pkg-config" ,pkg-config)
892 ("autoconf" ,autoconf)
893 ("automake" ,automake)
894 ("libtool" ,libtool)))
895 (home-page "https://github.com/videolabs/libmicrodns")
896 (synopsis "Minimal mDNS resolver library")
897 (description "@code{libmicrodns} provides a minimal implementation of a
898mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is
899a zero-config service that allows one to resolve host names to IP addresses in
900local networks.")
901 (license license:lgpl2.1)))
41553c90
CM		 902
903(define-public public-suffix-list
904 ;; Mozilla releases the official list here:
905 ;;
906 ;; https://publicsuffix.org/list/public_suffix_list.dat
907 ;;
908 ;; However, Mozilla syncs that file from the GitHub repository periodically,
909 ;; so its contents will change over time. If you update this commit, please
910 ;; make sure that the new commit refers to a list which is identical to the
911 ;; officially published list available from the URL above.
912 (let ((commit "9375b697baddb0827a5995c81bd3c75877a0b35d"))
913 (package
914 (name "public-suffix-list")
915 (version (git-version "0" "1" commit))
916 (source (origin
917 (method git-fetch)
918 (uri (git-reference
919 (url "https://github.com/publicsuffix/list.git")
920 (commit commit)))
921 (file-name (git-file-name name version))
922 (sha256
923 (base32
924 "1sm7pni01rnl4ldzi8z8nc4cbgq8nxda9gwc68v0s3ij7jd1jmik"))))
925 (build-system trivial-build-system)
926 (arguments
927 `(#:modules ((guix build utils))
928 #:builder
929 (begin
930 (use-modules (guix build utils))
931 (let* ((out (assoc-ref %outputs "out"))
932 ;; Install to /share because that is where "read-only
933 ;; architecture-independent data files" should go (see:
934 ;; (standards) Directory Variables). Include the version in
935 ;; the directory name so that if multiple versions are ever
936 ;; installed in the same profile, they will not conflict.
937 (destination (string-append
938 out "/share/public-suffix-list-" ,version))
939 (source (assoc-ref %build-inputs "source")))
940 (with-directory-excursion source
941 (install-file "public_suffix_list.dat" destination)
942 (install-file "LICENSE" destination))
943 #t))))
944 (home-page "https://publicsuffix.org/")
945 (synopsis "Database of current and historical DNS suffixes")
946 (description "This is the Public Suffix List maintained by Mozilla. A
947\"public suffix\" is one under which Internet users can (or historically
948could) directly register names in the Domain Name System (DNS). Some examples
949of public suffixes are .com, .co.uk and pvt.k12.ma.us. This is a list of all
950known public suffixes.")
951 (license license:mpl2.0))))
jackhill's copy of GNU Guix: https://guix.gnu.org/