HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: r-tximport: Update to 1.12.0.
[jackhill/guix/guix.git] / gnu / packages / dns.scm
CommitLineData
dd2efd3d
TUBK		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
d912db5b 3;;; Copyright © 2016 Mark H Weaver <mhw@netris.org>
b2844d8f 4;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
76dd04be 5;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
be86b7ad 6;;; Copyright © 2016 John Darrington <jmd@gnu.org>
47956fa0 7;;; Copyright © 2016 ng0 <ng0@n0.is>
fe99b7f7 8;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
afe62a8b 9;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
ecc7aa89 10;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
7e61a16c 11;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
0bc2d3e4 12;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
498911d3 13;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
41553c90 14;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
dd2efd3d
TUBK		 15;;;
16;;; This file is part of GNU Guix.
17;;;
18;;; GNU Guix is free software; you can redistribute it and/or modify it
19;;; under the terms of the GNU General Public License as published by
20;;; the Free Software Foundation; either version 3 of the License, or (at
21;;; your option) any later version.
22;;;
23;;; GNU Guix is distributed in the hope that it will be useful, but
24;;; WITHOUT ANY WARRANTY; without even the implied warranty of
25;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26;;; GNU General Public License for more details.
27;;;
28;;; You should have received a copy of the GNU General Public License
29;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
30
36fb36b5 31(define-module (gnu packages dns)
f9cdf1c1 32 #:use-module (gnu packages admin)
71f048c6 33 #:use-module (gnu packages autotools)
6cf626e8 34 #:use-module (gnu packages base)
0bc2d3e4 35 #:use-module (gnu packages bash)
1e744399 36 #:use-module (gnu packages databases)
0bc2d3e4 37 #:use-module (gnu packages compression)
afe62a8b 38 #:use-module (gnu packages crypto)
f9cdf1c1 39 #:use-module (gnu packages datastructures)
7e61a16c 40 #:use-module (gnu packages flex)
cb6d322a 41 #:use-module (gnu packages glib)
71f048c6 42 #:use-module (gnu packages groff)
f9cdf1c1
TGR		 43 #:use-module (gnu packages groff)
44 #:use-module (gnu packages libedit)
afe62a8b 45 #:use-module (gnu packages libevent)
f9cdf1c1 46 #:use-module (gnu packages libidn)
1e744399 47 #:use-module (gnu packages linux)
f9cdf1c1
TGR		 48 #:use-module (gnu packages ncurses)
49 #:use-module (gnu packages nettle)
e12df2c6 50 #:use-module (gnu packages networking)
1e744399 51 #:use-module (gnu packages perl)
71f048c6 52 #:use-module (gnu packages pkg-config)
7e61a16c
GG		 53 #:use-module (gnu packages protobuf)
54 #:use-module (gnu packages python)
0406434b 55 #:use-module (gnu packages python-xyz)
7e61a16c 56 #:use-module (gnu packages swig)
a7fd7b68 57 #:use-module (gnu packages tls)
f9cdf1c1 58 #:use-module (gnu packages web)
1e744399 59 #:use-module (gnu packages xml)
12e530ba 60 #:use-module (gnu packages)
1e744399 61 #:use-module ((guix licenses) #:prefix license:)
dd2efd3d
TUBK		 62 #:use-module (guix packages)
63 #:use-module (guix download)
91a4863d 64 #:use-module (guix git-download)
7e61a16c 65 #:use-module (guix utils)
0bc2d3e4
OP		 66 #:use-module (guix build-system gnu)
67 #:use-module (guix build-system trivial))
dd2efd3d
TUBK		 68
69(define-public dnsmasq
70 (package
71 (name "dnsmasq")
0e8e2908 72 (version "2.80")
dd2efd3d
TUBK		 73 (source (origin
74 (method url-fetch)
75 (uri (string-append
76 "http://www.thekelleys.org.uk/dnsmasq/dnsmasq-"
77 version ".tar.xz"))
78 (sha256
79 (base32
0e8e2908 80 "1fv3g8vikj3sn37x1j6qsywn09w1jipvlv34j3q5qrljbrwa5ayd"))))
dd2efd3d 81 (build-system gnu-build-system)
cb6d322a
CB		 82 (native-inputs
83 `(("pkg-config" ,pkg-config)))
84 (inputs
85 `(("dbus" ,dbus)))
dd2efd3d
TUBK		 86 (arguments
87 `(#:phases
dc1d3cde 88 (modify-phases %standard-phases (delete 'configure))
dd2efd3d 89 #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
cb6d322a
CB		 90 "CC=gcc"
91 "COPTS=\"-DHAVE_DBUS\"")
4e6c51d4 92 #:tests? #f)) ; no ‘check’ target
dd2efd3d
TUBK		 93 (home-page "http://www.thekelleys.org.uk/dnsmasq/doc.html")
94 (synopsis "Small caching DNS proxy and DHCP/TFTP server")
95 (description
c657716e
TGR		 96 "Dnsmasq is a light-weight DNS forwarder and DHCP server. It is designed
97to provide DNS and, optionally, DHCP to a small network. It can serve the
dd2efd3d
TUBK		 98names of local machines which are not in the global DNS. The DHCP server
99integrates with the DNS server and allows machines with DHCP-allocated
c657716e 100addresses to appear in the DNS with names configured either on each host or in
dd2efd3d
TUBK		 101a central configuration file. Dnsmasq supports static and dynamic DHCP leases
102and BOOTP/TFTP for network booting of diskless machines.")
103 ;; Source files only say GPL2 and GPL3 are allowed.
1e744399
 104 (license (list license:gpl2 license:gpl3))))
105
a0683006
LC		 106;; 'bind' is the name of a built-in Guile procedure, which is why we choose a
107;; different name here.
108(define-public isc-bind
1e744399 109 (package
be86b7ad 110 (name "bind")
0406434b 111 (version "9.12.4-P1")
1e744399
 112 (source (origin
113 (method url-fetch)
be86b7ad 114 (uri (string-append
54fd7c02
TGR		 115 "https://ftp.isc.org/isc/bind9/" version
116 "/bind-" version ".tar.gz"))
1e744399
 117 (sha256
118 (base32
0406434b
TGR		 119 "1if7zc5gzrfd28csc63v9bjwrc0rgvm1x9yx058946hc5gp5lyp2"))
120 (patches
121 (search-patches "bind-fix-unused-pk11-ecc-constants.patch"))))
1e744399 122 (build-system gnu-build-system)
be86b7ad 123 (outputs `("out" "utils"))
1e744399 124 (inputs
fc0dd636 125 ;; It would be nice to add GeoIP and gssapi once there are packages.
1e744399
 126 `(("libcap" ,libcap)
127 ("libxml2" ,libxml2)
1e744399 128 ("openssl" ,openssl)
0406434b
TGR		 129 ("p11-kit" ,p11-kit)
130 ("python" ,python)
131 ("python-ply" ,python-ply)))
be86b7ad
JD		 132 (native-inputs `(("perl" ,perl)
133 ("net-tools" ,net-tools)))
1e744399 134 (arguments
be86b7ad 135 `(#:configure-flags
1e744399
 136 (list (string-append "--with-openssl="
137 (assoc-ref %build-inputs "openssl"))
1e744399
 138 (string-append "--with-pkcs11="
139 (assoc-ref %build-inputs "p11-kit")))
140 #:phases
be86b7ad
JD		 141 (modify-phases %standard-phases
142 (add-after 'strip 'move-to-utils
143 (lambda _
144 (for-each
145 (lambda (file)
146 (let ((target (string-append (assoc-ref %outputs "utils") file))
147 (src (string-append (assoc-ref %outputs "out") file)))
148 (mkdir-p (dirname target))
149 (link src target)
150 (delete-file src)))
151 '("/bin/dig" "/bin/delv" "/bin/nslookup" "/bin/host" "/bin/nsupdate"
152 "/share/man/man1/dig.1"
153 "/share/man/man1/host.1"
154 "/share/man/man1/nslookup.1"
6023ecab
TGR		 155 "/share/man/man1/nsupdate.1"))
156 #t))
be86b7ad
JD		 157 ;; When and if guix provides user namespaces for the build process,
158 ;; then the following can be uncommented and the subsequent "force-test"
159 ;; will not be necessary.
160 ;;
161 ;; (add-before 'check 'set-up-loopback
162 ;; (lambda _
163 ;; (system "bin/tests/system/ifconfig.sh up")))
164 (replace 'check
165 (lambda _
6023ecab 166 (invoke "make" "force-test"))))))
be86b7ad 167 (synopsis "An implementation of the Domain Name System")
366efcb2
TGR		 168 (description "BIND is an implementation of the @dfn{Domain Name System}
169(DNS) protocols for the Internet. It is a reference implementation of those
be86b7ad
JD		 170protocols, but it is also production-grade software, suitable for use in
171high-volume and high-reliability applications. The name BIND stands for
172\"Berkeley Internet Name Domain\", because the software originated in the early
1731980s at the University of California at Berkeley.")
174 (home-page "https://www.isc.org/downloads/bind")
ecc7aa89 175 (license (list license:mpl2.0))))
be86b7ad 176
d24727c0
MB		 177(define-public dnscrypt-proxy
178 (package
179 (name "dnscrypt-proxy")
83a89531 180 (version "1.9.5")
d24727c0
MB		 181 (source (origin
182 (method url-fetch)
183 (uri (string-append
184 "https://download.dnscrypt.org/dnscrypt-proxy/"
185 "dnscrypt-proxy-" version ".tar.bz2"))
186 (sha256
187 (base32
83a89531 188 "1dhvklr4dg2vlw108n11xbamacaryyg3dbrg629b76lp7685p7z8"))
d24727c0
MB		 189 (modules '((guix build utils)))
190 (snippet
191 ;; Delete bundled libltdl. XXX: This package also bundles
192 ;; a modified libevent that cannot currently be removed.
6cbee49d
MW		 193 '(begin
194 (delete-file-recursively "libltdl")
195 #t))))
d24727c0
MB		 196 (build-system gnu-build-system)
197 (arguments
198 `(#:phases
199 (modify-phases %standard-phases
d10092b8 200 (add-after 'unpack 'autoreconf
d24727c0
MB		 201 (lambda _
202 ;; Re-generate build files due to unbundling ltdl.
203 ;; TODO: Prevent generating new libltdl and building it.
204 ;; The system version is still favored and referenced.
997a4e18 205 (invoke "autoreconf" "-vif"))))))
d24727c0
MB		 206 (native-inputs
207 `(("pkg-config" ,pkg-config)
208 ("automake" ,automake)
209 ("autoconf" ,autoconf)
210 ("libtool" ,libtool)))
211 (inputs
212 `(("libltdl" ,libltdl)
213 ("libsodium" ,libsodium)))
214 (home-page "https://www.dnscrypt.org/")
215 (synopsis "Securely send DNS requests to a remote server")
216 (description
217 "@command{dnscrypt-proxy} is a tool for securing communications
218between a client and a DNS resolver. It verifies that responses you get
219from a DNS provider was actually sent by that provider, and haven't been
220tampered with. For optimal performance it is recommended to use this as
221a forwarder for a caching DNS resolver such as @command{dnsmasq}, but it
222can also be used as a normal DNS \"server\". A list of public dnscrypt
223servers is included, and an up-to-date version is available at
224@url{https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv}.")
225 (license (list license:isc
226 ;; Libevent and src/ext/queue.h is 3-clause BSD.
227 license:bsd-3))))
228
afe62a8b
MB		 229(define-public dnscrypt-wrapper
230 (package
231 (name "dnscrypt-wrapper")
232 (version "0.2.2")
233 (source (origin
234 (method url-fetch)
235 (uri (string-append
236 "https://github.com/cofyc/dnscrypt-wrapper/releases"
237 "/download/v" version "/" name "-v" version ".tar.bz2"))
238 (sha256
239 (base32
240 "1vhg4g0r687f51wcdn7z9w1hxapazx6vyh5rsr8wa48sljzd583g"))))
241 (build-system gnu-build-system)
242 (arguments
243 `(#:make-flags '("CC=gcc")
244 ;; TODO: Tests require ruby-cucumber and ruby-aruba.
245 #:tests? #f
246 #:phases
247 (modify-phases %standard-phases
d10092b8 248 (add-after 'unpack 'create-configure
afe62a8b 249 (lambda _
b43cd106 250 (invoke "make" "configure"))))))
afe62a8b
MB		 251 (native-inputs
252 `(("autoconf" ,autoconf)))
253 (inputs
254 `(("libevent" ,libevent)
255 ("libsodium" ,libsodium)))
256 (home-page "https://github.com/Cofyc/dnscrypt-wrapper")
257 (synopsis "Server-side dnscrypt proxy")
258 (description
259 "@command{dnscrypt-wrapper} is a tool to expose a name server over
260the @code{dnscrypt} protocol. It can be used as an endpoint for the
261@command{dnscrypt-proxy} client to securely tunnel DNS requests between
262the two.")
263 (license (list license:isc
264 ;; Bundled argparse is MIT. TODO: package and unbundle.
265 license:expat
266 ;; dns-protocol.h and rfc1035.{c,h} is gpl2 or gpl3 (either).
267 license:gpl2
268 license:gpl3))))
269
71f048c6 270(define-public libasr
271 (package
272 (name "libasr")
273 (version "201602131606")
274 (source
275 (origin
276 (method url-fetch)
277 (uri (string-append "https://www.opensmtpd.org/archives/"
278 name "-" version ".tar.gz"))
279 (sha256
280 (base32
281 "18kdmbjsxrfai16d66qslp48b1zf7gr8him2jj5dcqgbsl44ls75"))))
282 (build-system gnu-build-system)
283 (native-inputs
284 `(("autoconf" ,autoconf)
285 ("automake" ,automake)
286 ("pkg-config" ,pkg-config)
287 ("groff" ,groff)))
288 (home-page "https://www.opensmtpd.org")
289 (synopsis "Asynchronous resolver library by the OpenBSD project")
290 (description
291 "libasr is a free, simple and portable asynchronous resolver library.
292It allows to run DNS queries and perform hostname resolutions in a fully
293asynchronous fashion.")
294 (license (list license:isc
295 license:bsd-2 ; last part of getrrsetbyname_async.c
296 license:bsd-3
297 (license:non-copyleft "file://LICENSE") ; includes.h
298 license:openssl))))
6cf626e8 299
7382ecd8
TGR		 300(define-public nsd
301 (package
302 (name "nsd")
15357dd7 303 (version "4.1.27")
7382ecd8
TGR		 304 (source
305 (origin
306 (method url-fetch)
307 (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-"
308 version ".tar.gz"))
309 (sha256
15357dd7 310 (base32 "1sjfbwr4vq25304hr9vmd9j821g2vzv8lpy95hpsravc80q5zaqv"))))
7382ecd8
TGR		 311 (build-system gnu-build-system)
312 (arguments
313 `(#:configure-flags
314 (list "--enable-pie" ; fully benefit from ASLR
315 "--enable-ratelimit"
316 "--enable-recvmmsg"
317 "--enable-relro-now" ; protect GOT and .dtor areas
318 "--disable-radix-tree"
319 (string-append "--with-libevent="
320 (assoc-ref %build-inputs "libevent"))
321 (string-append "--with-ssl="
322 (assoc-ref %build-inputs "openssl"))
323 "--with-configdir=/etc"
324 "--with-nsd_conf_file=/etc/nsd/nsd.conf"
325 "--with-logfile=/var/log/nsd.log"
326 "--with-pidfile=/var/db/nsd/nsd.pid"
327 "--with-dbfile=/var/db/nsd/nsd.db"
328 "--with-zonesdir=/etc/nsd"
329 "--with-xfrdfile=/var/db/nsd/xfrd.state"
330 "--with-zonelistfile=/var/db/nsd/zone.list")
331 #:phases
332 (modify-phases %standard-phases
333 (add-before 'configure 'patch-installation-paths
334 (lambda* (#:key outputs #:allow-other-keys)
335 (let* ((out (assoc-ref outputs "out"))
336 (doc (string-append out "/share/doc/" ,name "-" ,version)))
337 ;; The ‘make install’ target tries to create the parent
338 ;; directories of run-time things like ‘pidfile’ above, and
339 ;; useless empty directories like 'configdir'. Remove such
340 ;; '$(INSTALL)' lines and install the example configuration file
341 ;; in an appropriate location.
342 (substitute* "Makefile.in"
343 ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command)
344 (string-append "#" command))
345 (("\\$\\(nsdconfigfile\\)\\.sample" file-name)
346 (string-append doc "/examples/" file-name)))
347 #t))))
348 #:tests? #f)) ; no tests
349 (inputs
350 `(("libevent" ,libevent)
351 ("openssl" ,openssl)))
352 (home-page "https://www.nlnetlabs.nl/projects/nsd/about/")
353 (synopsis "Authoritative DNS name server")
354 (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
355name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and
356RFC-compliant nameserver.
357
358NSD uses zone information compiled via @command{zonec} into a binary database
359file (@file{nsd.db}). This allows fast startup of the name service daemon and
360allows syntax-structural errors in zone files to be flagged at compile time,
361before being made available to NSD service itself. However, most traditional
362BIND-style zone files can be directly imported into NSD without modification.
363
364The collection of programs and processes that make up NSD are designed so that
365the daemon itself runs as a non-privileged user and can be easily configured to
366run in a @code{chroot} jail, thus making any security flaws in NSD less likely
367to result in system-wide compromise.")
368 (license (list license:bsd-3))))
369
7e61a16c
GG		 370(define-public unbound
371 (package
372 (name "unbound")
223055dd 373 (version "1.9.1")
7e61a16c
GG		 374 (source
375 (origin
376 (method url-fetch)
377 (uri (string-append "https://www.unbound.net/downloads/unbound-"
378 version ".tar.gz"))
379 (sha256
223055dd 380 (base32 "1iarvk0i92asvrkpla9z55aan20k6pklzpck9yk4rfnchsdvzh63"))))
7e61a16c
GG		 381 (build-system gnu-build-system)
382 (outputs '("out" "python"))
383 (native-inputs
384 `(("flex" ,flex)
385 ("swig" ,swig)))
386 (inputs
387 `(("expat" ,expat)
388 ("libevent" ,libevent)
389 ("protobuf" ,protobuf)
390 ("python" ,python-3)
391 ("python-wrapper" ,python-wrapper)
392 ("openssl" ,openssl)))
393 (arguments
394 `(#:configure-flags
37040b85 395 (list "--disable-static" ; save space and non-determinism in libunbound.a
a431929d 396 (string-append
7e61a16c
GG		 397 "--with-ssl=" (assoc-ref %build-inputs "openssl"))
398 (string-append
399 "--with-libevent=" (assoc-ref %build-inputs "libevent"))
400 (string-append
401 "--with-libexpat=" (assoc-ref %build-inputs "expat"))
402 "--with-pythonmodule" "--with-pyunbound")
403 #:phases
404 (modify-phases %standard-phases
405 (add-after 'configure 'fix-python-site-package-path
406 ;; Move python modules into their own output.
407 (lambda* (#:key outputs #:allow-other-keys)
408 (let ((pyout (assoc-ref outputs "python"))
409 (ver ,(version-major+minor (package-version python))))
410 (substitute* "Makefile"
411 (("^PYTHON_SITE_PKG=.*$")
412 (string-append
413 "PYTHON_SITE_PKG="
414 pyout "/lib/python-" ver "/site-packages\n"))))
415 #t))
416 (add-before 'check 'fix-missing-nss-for-tests
417 ;; Unfortunately, the package's unittests involve some checks
418 ;; looking up protocols and services which are not provided
419 ;; by the minimalistic build environment, in particular,
420 ;; /etc/protocols and /etc/services are missing.
421 ;; Also, after plain substitution of protocol and service names
422 ;; in the test data, the tests still fail because the
423 ;; corresponding Resource Records have been signed by
424 ;; RRSIG records.
425 ;; The following LD_PRELOAD library overwrites the glibc
426 ;; functions ‘get{proto,serv}byname’, ‘getprotobynumber’ and
427 ;; ‘getservbyport’ providing the few records required for the
428 ;; unit tests to pass.
429 (lambda* (#:key inputs outputs #:allow-other-keys)
430 (let* ((source (assoc-ref %build-inputs "source"))
431 (gcc (assoc-ref %build-inputs "gcc")))
432 (call-with-output-file "/tmp/nss_preload.c"
433 (lambda (port)
434 (display "#include <stdlib.h>
435#include <string.h>
436#include <strings.h>
437
438#include <netdb.h>
439
440struct protoent *getprotobyname(const char *name) {
441 struct protoent *p = malloc(sizeof(struct protoent));
442 p->p_aliases = malloc(sizeof(char*));
443 if (strcasecmp(name, \"tcp\") == 0) {
444 p->p_name = \"tcp\";
445 p->p_proto = 6;
446 p->p_aliases[0] = \"TCP\";
447 } else if (strcasecmp(name, \"udp\") == 0) {
448 p->p_name = \"udp\";
449 p->p_proto = 17;
450 p->p_aliases[0] = \"UDP\";
451 } else
452 p = NULL;
453 return p;
454}
455
456struct protoent *getprotobynumber(int proto) {
457 struct protoent *p = malloc(sizeof(struct protoent));
458 p->p_aliases = malloc(sizeof(char*));
459 switch(proto) {
460 case 6:
461 p->p_name = \"tcp\";
462 p->p_proto = 6;
463 p->p_aliases[0] = \"TCP\";
464 break;
465 case 17:
466 p->p_name = \"udp\";
467 p->p_proto = 17;
468 p->p_aliases[0] = \"UDP\";
469 break;
470 default:
471 p = NULL;
472 break;
473 }
474 return p;
475}
476
477struct servent *getservbyname(const char *name, const char *proto) {
478 struct servent *s = malloc(sizeof(struct servent));
479 char* buf = malloc((strlen(proto)+1)*sizeof(char));
480 strcpy(buf, proto);
481 s->s_aliases = malloc(sizeof(char*));
482 s->s_aliases[0] = NULL;
483 if (strcasecmp(name, \"domain\") == 0) {
484 s->s_name = \"domain\";
485 s->s_port = htons(53);
486 s->s_proto = buf;
487 } else
488 s = NULL;
489 return s;
490}
491
492struct servent *getservbyport(int port, const char *proto) {
493 char buf[32];
494 struct servent *s = malloc(sizeof(struct servent));
495 strcpy(buf, proto);
496 s->s_aliases = malloc(sizeof(char*));
497 s->s_aliases[0] = NULL;
498 switch(port) {
499 case 53:
500 s->s_name = \"domain\";
501 s->s_port = 53;
502 s->s_proto = \"udp\";
503 break;
504 default:
505 s = NULL;
506 break;
507 }
508 return s;
509}" port)))
9a3a1565
TGR		 510 (invoke (string-append gcc "/bin/gcc")
511 "-shared" "-fPIC" "-o" "/tmp/nss_preload.so"
512 "/tmp/nss_preload.c")
7e61a16c
GG		 513 ;; The preload library only affects the unittests.
514 (substitute* "Makefile"
515 (("./unittest")
516 "LD_PRELOAD=/tmp/nss_preload.so ./unittest")))
517 #t)))))
518 (home-page "https://www.unbound.net")
519 (synopsis "Validating, recursive, and caching DNS resolver")
520 (description
521 "Unbound is a recursive-only caching DNS server which can perform DNSSEC
522validation of results. It implements only a minimal amount of authoritative
523service to prevent leakage to the root nameservers: forward lookups for
524localhost, reverse for @code{127.0.0.1} and @code{::1}, and NXDOMAIN for zones
525served by AS112. Stub and forward zones are supported.")
526 (license license:bsd-4)))
527
6cf626e8
TGR		 528(define-public yadifa
529 (package
530 (name "yadifa")
92a33362 531 (version "2.3.9")
6cf626e8 532 (source
92a33362 533 (let ((build "8497"))
8769d482
TGR		 534 (origin
535 (method url-fetch)
536 (uri
537 (string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
fe99b7f7 538 "yadifa-" version "-" build ".tar.gz"))
8769d482 539 (sha256
92a33362 540 (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5")))))
6cf626e8
TGR		 541 (build-system gnu-build-system)
542 (native-inputs
543 `(("which" ,which)))
544 (inputs
545 `(("openssl" ,openssl)))
546 (arguments
57b05e4a
TGR		 547 `(#:phases
548 (modify-phases %standard-phases
549 (add-before 'configure 'omit-example-configurations
550 (lambda _
551 (substitute* "Makefile.in"
552 ((" (etc|var)") ""))
553 #t)))
554 #:configure-flags
555 (list "--sysconfdir=/etc"
556 "--localstatedir=/var"
557 "--disable-build-timestamp" ; build reproducibly
558 "--enable-shared"
559 "--disable-static"
560 "--enable-acl"
561 "--enable-caching"
562 "--enable-ctrl" ; enable remote control
563 "--enable-nsec"
564 "--enable-nsec3"
565 "--enable-tsig")))
6cf626e8
TGR		 566 (home-page "http://www.yadifa.eu/")
567 (synopsis "Authoritative DNS name server")
366efcb2
TGR		 568 (description "YADIFA is an authoritative name server for the @dfn{Domain
569Name System} (DNS). It aims for both higher performance and a smaller memory
6cf626e8 570footprint than other implementations, while remaining fully RFC-compliant.
366efcb2
TGR		 571YADIFA supports dynamic record updates and the @dfn{Domain Name System Security
572Extensions} (DNSSEC).")
6cf626e8 573 (license license:bsd-3)))
f9cdf1c1
TGR		 574
575(define-public knot
576 (package
577 (name "knot")
e41ddf76
TGR		 578 (version "2.8.1")
579 (source
580 (origin
581 (method url-fetch)
582 (uri (string-append "https://secure.nic.cz/files/knot-dns/"
583 "knot-" version ".tar.xz"))
584 (sha256
585 (base32 "1im2wb8hl394mzni1wavmvfqd7il8s28kcz8w3s4v05nbhzg06xj"))
586 (modules '((guix build utils)))
587 (snippet
588 '(begin
589 ;; Delete bundled libraries.
590 (with-directory-excursion "src/contrib"
591 (delete-file-recursively "lmdb"))
592 #t))))
f9cdf1c1
TGR		 593 (build-system gnu-build-system)
594 (native-inputs
595 `(("pkg-config" ,pkg-config)))
596 (inputs
023ef013
TGR		 597 `(("fstrm" ,fstrm)
598 ("gnutls" ,gnutls)
f9cdf1c1
TGR		 599 ("jansson" ,jansson)
600 ("libcap-ng" ,libcap-ng)
601 ("libedit" ,libedit)
602 ("libidn" ,libidn)
603 ("liburcu" ,liburcu)
604 ("lmdb" ,lmdb)
605 ("ncurses" ,ncurses)
1b00e3bd 606 ("protobuf-c" ,protobuf-c)))
f9cdf1c1
TGR		 607 (arguments
608 `(#:phases
609 (modify-phases %standard-phases
610 (add-before 'configure 'disable-directory-pre-creation
611 (lambda _
612 ;; Don't install empty directories like ‘/etc’ outside the store.
1b00e3bd 613 ;; This is needed even when using ‘make config_dir=... install’.
2d431b01
TGR		 614 (substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
615 #t))
f9cdf1c1
TGR		 616 (replace 'install
617 (lambda* (#:key outputs #:allow-other-keys)
618 (let* ((out (assoc-ref outputs "out"))
ee1362fc 619 (doc (string-append out "/share/doc/" ,name "-" ,version))
f9cdf1c1 620 (etc (string-append doc "/examples/etc")))
6b042495
TGR		 621 (invoke "make"
622 (string-append "config_dir=" etc)
1b00e3bd 623 "install")))))
f9cdf1c1
TGR		 624 #:configure-flags
625 (list "--sysconfdir=/etc"
626 "--localstatedir=/var"
1b00e3bd
TGR		 627 "--enable-dnstap" ; let tools read/write capture files
628 "--with-module-dnstap=yes" ; detailed query capturing & logging
f9cdf1c1
TGR		 629 (string-append "--with-bash-completions="
630 (assoc-ref %outputs "out")
631 "/etc/bash_completion.d"))))
632 (home-page "https://www.knot-dns.cz/")
633 (synopsis "Authoritative DNS name server")
d1e4ad1b 634 (description "Knot DNS is an authoritative name server for the @dfn{Domain
f9cdf1c1
TGR		 635Name System} (DNS), designed to meet the needs of root and @dfn{top-level
636domain} (TLD) name servers. It is implemented as a threaded daemon and uses a
637number of programming techniques to improve speed. For example, the responder
638is completely lock-free, resulting in a very high response rate. Other features
639include automatic @dfn{DNS Security Extensions} (DNSSEC) signing, dynamic record
640synthesis, and on-the-fly re-configuration.")
0056f4cc
TGR		 641 (license
642 (list
643 ;; src/contrib/{hat-trie,murmurhash3,openbsd},
644 ;; src/dnssec/contrib/vpool.[ch], and parts of libtap/ are ‘MIT’ (expat).
645 license:expat
646 license:lgpl2.0+ ; parts of scr/contrib/ucw
647 license:public-domain ; src/contrib/fnv and possibly murmurhash3
648 license:gpl3+)))) ; everything else
0bc2d3e4
OP		 649
650(define-public ddclient
651 (package
652 (name "ddclient")
e12df2c6 653 (version "3.9.0")
0bc2d3e4
OP		 654 (source (origin
655 (method url-fetch)
656 (uri (string-append "mirror://sourceforge/ddclient/ddclient/ddclient-"
657 version "/ddclient-" version ".tar.gz"))
658 (sha256
659 (base32
e12df2c6 660 "0fwyhab8yga2yi1kdfkbqxa83wxhwpagmj1w1mwkg2iffh1fjjlw"))))
0bc2d3e4
OP		 661 (build-system trivial-build-system) ; no Makefile.PL
662 (native-inputs
663 `(("bash" ,bash)
664 ("gzip" ,gzip)
665 ("perl" ,perl)
666 ("tar" ,tar)))
667 (inputs
e12df2c6
TGR		 668 `(("inetutils" ,inetutils) ; logger
669 ("net-tools" ,net-tools)
670 ("perl-data-validate-ip" ,perl-data-validate-ip)
671 ("perl-digest-sha1" ,perl-digest-sha1)
672 ("perl-io-socket-ssl" ,perl-io-socket-ssl)))
0bc2d3e4
OP		 673 (arguments
674 `(#:modules ((guix build utils)
675 (ice-9 match)
676 (srfi srfi-26))
677 #:builder
678 (begin
679 (use-modules (guix build utils)
680 (ice-9 match)
681 (srfi srfi-26))
682 ;; bootstrap
683 (setenv "PATH" (string-append
684 (assoc-ref %build-inputs "bash") "/bin" ":"
685 (assoc-ref %build-inputs "tar") "/bin" ":"
686 (assoc-ref %build-inputs "gzip") "/bin" ":"
687 (assoc-ref %build-inputs "perl") "/bin"))
688 ;; extract source
689 (invoke "tar" "xvf" (assoc-ref %build-inputs "source"))
690 ;; package
691 (with-directory-excursion (string-append ,name "-" ,version)
692 (let* ((out (assoc-ref %outputs "out"))
693 (bin (string-append out "/bin")))
694 (let ((file "ddclient"))
695 (substitute* file
696 (("/usr/bin/perl") (which "perl"))
697 ;; Strictly use ‘/etc/ddclient/ddclient.conf’.
698 (("\\$\\{program\\}\\.conf") "/etc/ddclient/ddclient.conf")
699 (("\\$etc\\$program.conf") "/etc/ddclient/ddclient.conf")
700 ;; Strictly use ‘/var/cache/ddclient/ddclient.cache’
701 (("\\$cachedir\\$program\\.cache")
702 "/var/cache/ddclient/ddclient.cache"))
703 (install-file file bin)
704 (wrap-program (string-append bin "/" file)
705 `("PATH" ":" =
706 ("$PATH"
707 ,@(map (lambda (input)
708 (match input
709 ((name . store)
710 (string-append store "/bin"))))
711 %build-inputs)))
712 `("PERL5LIB" ":" =
713 ,(delete
714 ""
715 (map (match-lambda
716 (((? (cut string-prefix? "perl-" <>) name) . dir)
717 (string-append dir "/lib/perl5/site_perl"))
718 (_ ""))
719 %build-inputs)))))
720 (for-each (cut install-file <> (string-append out
721 "/share/ddclient"))
722 (find-files "." "sample.*$")))))))
723 (home-page "https://sourceforge.net/projects/ddclient/")
724 (synopsis "Address updating utility for dynamic DNS services")
725 (description "This package provides a client to update dynamic IP
726addresses with several dynamic DNS service providers, such as
727@uref{https://www.dyndns.com/account/login.html,DynDNS.com}.
728
729This makes it possible to use a fixed hostname (such as myhost.dyndns.org) to
730access a machine with a dynamic IP address.
731
732The client supports both dynamic and (near) static services, as well as MX
733record and alternative name management. It caches the address, and only
734attempts the update when it has changed.")
735 (license license:gpl2+)))
91a4863d
LC		 736
737(define-public hnsd
738 ;; There have been no releases yet, hence this commit.
739 (let ((revision "0")
740 (commit "895d89c25d316d18df9d374fe78aae3902bc89fb"))
741 (package
742 (name "hnsd")
743 (version (git-version "0.0" revision commit))
744 (source (origin
745 (method git-fetch)
746 (uri (git-reference
747 (url "https://github.com/handshake-org/hnsd")
748 (commit commit)))
749 (sha256
750 (base32
751 "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16"))
752 (file-name (git-file-name name version))
753 (modules '((guix build utils)))
754 (snippet
755 '(begin
756 ;; Delete the bundled copy of libuv.
757 (delete-file-recursively "uv")
758 (substitute* "configure.ac"
759 (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") ""))
760 (substitute* "Makefile.am"
761 (("SUBDIRS = uv") "\n")
762 (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv")
763
764 ;; Make sure the 'hnsd' binary is installed and
765 ;; dynamically-linked.
766 (("noinst_PROGRAMS") "bin_PROGRAMS")
767 (("hnsd_LDFLAGS = -static") ""))
768
769 ;; This script tries to chdir to "uv" and doesn't do more
770 ;; than "autoreconf" so remove it.
771 (delete-file "autogen.sh")
772 #t))))
773 (build-system gnu-build-system)
774 (arguments
775 '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a
776 (native-inputs
777 `(("autoconf" ,autoconf)
778 ("automake" ,automake)
779 ("libtool" ,libtool)))
780 (inputs
781 `(("unbound" ,unbound)
782 ("libuv" ,libuv)))
783 (home-page "https://www.handshake.org/")
784 (synopsis "Resolver daemon for the Handshake naming protocol")
785 (description
786 "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming
787System (HNS) peer-to-peer network.")
788 (license license:expat))))
498911d3
MO		 789
790(define-public libmicrodns
791 (package
792 (name "libmicrodns")
793 (version "0.0.10")
794 (source (origin
795 (method git-fetch)
796 (uri (git-reference
797 (url "https://github.com/videolabs/libmicrodns")
798 (commit version)))
799 (file-name (git-file-name name version))
800 (sha256
801 (base32
802 "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh"))))
803 (build-system gnu-build-system)
804 (native-inputs
805 `(("pkg-config" ,pkg-config)
806 ("autoconf" ,autoconf)
807 ("automake" ,automake)
808 ("libtool" ,libtool)))
809 (home-page "https://github.com/videolabs/libmicrodns")
810 (synopsis "Minimal mDNS resolver library")
811 (description "@code{libmicrodns} provides a minimal implementation of a
812mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is
813a zero-config service that allows one to resolve host names to IP addresses in
814local networks.")
815 (license license:lgpl2.1)))
41553c90
CM		 816
817(define-public public-suffix-list
818 ;; Mozilla releases the official list here:
819 ;;
820 ;; https://publicsuffix.org/list/public_suffix_list.dat
821 ;;
822 ;; However, Mozilla syncs that file from the GitHub repository periodically,
823 ;; so its contents will change over time. If you update this commit, please
824 ;; make sure that the new commit refers to a list which is identical to the
825 ;; officially published list available from the URL above.
826 (let ((commit "9375b697baddb0827a5995c81bd3c75877a0b35d"))
827 (package
828 (name "public-suffix-list")
829 (version (git-version "0" "1" commit))
830 (source (origin
831 (method git-fetch)
832 (uri (git-reference
833 (url "https://github.com/publicsuffix/list.git")
834 (commit commit)))
835 (file-name (git-file-name name version))
836 (sha256
837 (base32
838 "1sm7pni01rnl4ldzi8z8nc4cbgq8nxda9gwc68v0s3ij7jd1jmik"))))
839 (build-system trivial-build-system)
840 (arguments
841 `(#:modules ((guix build utils))
842 #:builder
843 (begin
844 (use-modules (guix build utils))
845 (let* ((out (assoc-ref %outputs "out"))
846 ;; Install to /share because that is where "read-only
847 ;; architecture-independent data files" should go (see:
848 ;; (standards) Directory Variables). Include the version in
849 ;; the directory name so that if multiple versions are ever
850 ;; installed in the same profile, they will not conflict.
851 (destination (string-append
852 out "/share/public-suffix-list-" ,version))
853 (source (assoc-ref %build-inputs "source")))
854 (with-directory-excursion source
855 (install-file "public_suffix_list.dat" destination)
856 (install-file "LICENSE" destination))
857 #t))))
858 (home-page "https://publicsuffix.org/")
859 (synopsis "Database of current and historical DNS suffixes")
860 (description "This is the Public Suffix List maintained by Mozilla. A
861\"public suffix\" is one under which Internet users can (or historically
862could) directly register names in the Domain Name System (DNS). Some examples
863of public suffixes are .com, .co.uk and pvt.k12.ma.us. This is a list of all
864known public suffixes.")
865 (license license:mpl2.0))))
jackhill's copy of GNU Guix: https://guix.gnu.org/