;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
;;; Copyright © 2016 Nils Gillmann <ng0@n0.is>
-;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
+ #:use-module (gnu packages networking)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module (guix utils)
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial))
(define-public dnsmasq
(package
(name "dnsmasq")
- (version "2.79")
+ (version "2.80")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "07w6cw706yyahwvbvslhkrbjf2ynv567cgy9pal8bz8lrbsp9bbq"))))
+ "1fv3g8vikj3sn37x1j6qsywn09w1jipvlv34j3q5qrljbrwa5ayd"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
(define-public isc-bind
(package
(name "bind")
- (version "9.12.2")
+ (version "9.12.3-P4")
(source (origin
(method url-fetch)
(uri (string-append
- "ftp://ftp.isc.org/isc/bind9/" version "/" name "-"
- version ".tar.gz"))
+ "https://ftp.isc.org/isc/bind9/" version
+ "/bind-" version ".tar.gz"))
(sha256
(base32
- "0ll46igs9xfq2qclc5wzqsnj3zv7ssga0544gm24s1m7765lqslz"))))
+ "01pj47z5582rd538dmbzf1msw4jc8j4zr0zx4ciy88r6qr9l80fi"))))
(build-system gnu-build-system)
(outputs `("out" "utils"))
(inputs
- ;; it would be nice to add GeoIP and gssapi once there is package
+ ;; It would be nice to add GeoIP and gssapi once there are packages.
`(("libcap" ,libcap)
("libxml2" ,libxml2)
("openssl" ,openssl)
(license:non-copyleft "file://LICENSE") ; includes.h
license:openssl))))
+(define-public nsd
+ (package
+ (name "nsd")
+ (version "4.1.26")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "1x0mvj4872dzj1rr9adnchdm4dhn41xmc459p5j4s0r13m1l32lz"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list "--enable-pie" ; fully benefit from ASLR
+ "--enable-ratelimit"
+ "--enable-recvmmsg"
+ "--enable-relro-now" ; protect GOT and .dtor areas
+ "--disable-radix-tree"
+ (string-append "--with-libevent="
+ (assoc-ref %build-inputs "libevent"))
+ (string-append "--with-ssl="
+ (assoc-ref %build-inputs "openssl"))
+ "--with-configdir=/etc"
+ "--with-nsd_conf_file=/etc/nsd/nsd.conf"
+ "--with-logfile=/var/log/nsd.log"
+ "--with-pidfile=/var/db/nsd/nsd.pid"
+ "--with-dbfile=/var/db/nsd/nsd.db"
+ "--with-zonesdir=/etc/nsd"
+ "--with-xfrdfile=/var/db/nsd/xfrd.state"
+ "--with-zonelistfile=/var/db/nsd/zone.list")
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'patch-installation-paths
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version)))
+ ;; The ‘make install’ target tries to create the parent
+ ;; directories of run-time things like ‘pidfile’ above, and
+ ;; useless empty directories like 'configdir'. Remove such
+ ;; '$(INSTALL)' lines and install the example configuration file
+ ;; in an appropriate location.
+ (substitute* "Makefile.in"
+ ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command)
+ (string-append "#" command))
+ (("\\$\\(nsdconfigfile\\)\\.sample" file-name)
+ (string-append doc "/examples/" file-name)))
+ #t))))
+ #:tests? #f)) ; no tests
+ (inputs
+ `(("libevent" ,libevent)
+ ("openssl" ,openssl)))
+ (home-page "https://www.nlnetlabs.nl/projects/nsd/about/")
+ (synopsis "Authoritative DNS name server")
+ (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
+name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and
+RFC-compliant nameserver.
+
+NSD uses zone information compiled via @command{zonec} into a binary database
+file (@file{nsd.db}). This allows fast startup of the name service daemon and
+allows syntax-structural errors in zone files to be flagged at compile time,
+before being made available to NSD service itself. However, most traditional
+BIND-style zone files can be directly imported into NSD without modification.
+
+The collection of programs and processes that make up NSD are designed so that
+the daemon itself runs as a non-privileged user and can be easily configured to
+run in a @code{chroot} jail, thus making any security flaws in NSD less likely
+to result in system-wide compromise.")
+ (license (list license:bsd-3))))
+
(define-public unbound
(package
(name "unbound")
- (version "1.7.3")
+ (version "1.9.0")
(source
(origin
(method url-fetch)
(uri (string-append "https://www.unbound.net/downloads/unbound-"
version ".tar.gz"))
(sha256
- (base32
- "0bb0p8nbda77ghx20yfl7hqxm9x709223q35465v99i8v4ay27f1"))))
+ (base32 "05xrb8havr2vgjsdy7n85kgnvk1mg7qwhjp4a8n6pg4jhd5zjnj1"))))
(build-system gnu-build-system)
(outputs '("out" "python"))
(native-inputs
("openssl" ,openssl)))
(arguments
`(#:configure-flags
- (list "--disable-static" ;save space and non-determinism in libunbound.a
+ (list "--disable-static" ; save space and non-determinism in libunbound.a
(string-append
"--with-ssl=" (assoc-ref %build-inputs "openssl"))
(string-append
(define-public yadifa
(package
(name "yadifa")
- (version "2.3.8")
+ (version "2.3.9")
(source
- (let ((build "7713"))
+ (let ((build "8497"))
(origin
(method url-fetch)
(uri
(string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
- name "-" version "-" build ".tar.gz"))
+ "yadifa-" version "-" build ".tar.gz"))
(sha256
- (base32 "15xhzg4crjcxascwpz6y8qpqcgypzv2p9bspdskp4nx1x1y4316c")))))
+ (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5")))))
(build-system gnu-build-system)
(native-inputs
`(("which" ,which)))
(define-public knot
(package
(name "knot")
- (version "2.6.7")
+ (version "2.7.6")
(source (origin
(method url-fetch)
(uri (string-append "https://secure.nic.cz/files/knot-dns/"
- name "-" version ".tar.xz"))
+ "knot-" version ".tar.xz"))
(sha256
(base32
- "0hr2m664ckjicv3pq2lk16m61pscknywxv2ydnrzfqf10m5h0ahw"))
+ "18lpyq3vgr2ainmfiy14x7hcf1zxza66bhkpr54jaz2gy1viijx1"))
(modules '((guix build utils)))
(snippet
'(begin
("liburcu" ,liburcu)
("lmdb" ,lmdb)
("ncurses" ,ncurses)
- ("nettle" ,nettle)
- ("protobuf-c" ,protobuf-c)
-
- ;; For ‘pykeymgr’, needed to migrate keys from versions <= 2.4.
- ("python" ,python-2)
- ("python-lmdb" ,python2-lmdb)))
+ ("protobuf-c" ,protobuf-c)))
(arguments
`(#:phases
(modify-phases %standard-phases
(add-before 'configure 'disable-directory-pre-creation
(lambda _
;; Don't install empty directories like ‘/etc’ outside the store.
+ ;; This is needed even when using ‘make config_dir=... install’.
(substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
#t))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
- (doc (string-append out "/share/doc/knot"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version))
(etc (string-append doc "/examples/etc")))
(invoke "make"
(string-append "config_dir=" etc)
- "install"))))
- (add-after 'install 'wrap-python-scripts
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (path (getenv "PYTHONPATH")))
- (wrap-program (string-append out "/sbin/pykeymgr")
- `("PYTHONPATH" ":" prefix (,path))))
- #t)))
+ "install")))))
#:configure-flags
(list "--sysconfdir=/etc"
"--localstatedir=/var"
- "--with-module-rosedb=yes" ; serve static records from a database
- "--with-module-dnstap=yes" ; allow detailed query logging
+ "--enable-dnstap" ; let tools read/write capture files
+ "--with-module-dnstap=yes" ; detailed query capturing & logging
(string-append "--with-bash-completions="
(assoc-ref %outputs "out")
"/etc/bash_completion.d"))))
(define-public ddclient
(package
(name "ddclient")
- (version "3.8.3")
+ (version "3.9.0")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/ddclient/ddclient/ddclient-"
version "/ddclient-" version ".tar.gz"))
(sha256
(base32
- "1j8zdn7fy7i0bjk3jf0hxnbnshc2yf054vxq64imxdpfd7n5zgfy"))))
+ "0fwyhab8yga2yi1kdfkbqxa83wxhwpagmj1w1mwkg2iffh1fjjlw"))))
(build-system trivial-build-system) ; no Makefile.PL
(native-inputs
`(("bash" ,bash)
("perl" ,perl)
("tar" ,tar)))
(inputs
- `(("net-tools" ,net-tools)
- ("inetutils" ,inetutils) ;logger
- ("perl-io-socket-ssl" ,perl-io-socket-ssl)
- ("perl-digest-sha1" ,perl-digest-sha1)))
+ `(("inetutils" ,inetutils) ; logger
+ ("net-tools" ,net-tools)
+ ("perl-data-validate-ip" ,perl-data-validate-ip)
+ ("perl-digest-sha1" ,perl-digest-sha1)
+ ("perl-io-socket-ssl" ,perl-io-socket-ssl)))
(arguments
`(#:modules ((guix build utils)
(ice-9 match)
record and alternative name management. It caches the address, and only
attempts the update when it has changed.")
(license license:gpl2+)))
+
+(define-public hnsd
+ ;; There have been no releases yet, hence this commit.
+ (let ((revision "0")
+ (commit "895d89c25d316d18df9d374fe78aae3902bc89fb"))
+ (package
+ (name "hnsd")
+ (version (git-version "0.0" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/handshake-org/hnsd")
+ (commit commit)))
+ (sha256
+ (base32
+ "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16"))
+ (file-name (git-file-name name version))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete the bundled copy of libuv.
+ (delete-file-recursively "uv")
+ (substitute* "configure.ac"
+ (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") ""))
+ (substitute* "Makefile.am"
+ (("SUBDIRS = uv") "\n")
+ (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv")
+
+ ;; Make sure the 'hnsd' binary is installed and
+ ;; dynamically-linked.
+ (("noinst_PROGRAMS") "bin_PROGRAMS")
+ (("hnsd_LDFLAGS = -static") ""))
+
+ ;; This script tries to chdir to "uv" and doesn't do more
+ ;; than "autoreconf" so remove it.
+ (delete-file "autogen.sh")
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (inputs
+ `(("unbound" ,unbound)
+ ("libuv" ,libuv)))
+ (home-page "https://www.handshake.org/")
+ (synopsis "Resolver daemon for the Handshake naming protocol")
+ (description
+ "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming
+System (HNS) peer-to-peer network.")
+ (license license:expat))))
+
+(define-public libmicrodns
+ (package
+ (name "libmicrodns")
+ (version "0.0.10")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/videolabs/libmicrodns")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (home-page "https://github.com/videolabs/libmicrodns")
+ (synopsis "Minimal mDNS resolver library")
+ (description "@code{libmicrodns} provides a minimal implementation of a
+mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is
+a zero-config service that allows one to resolve host names to IP addresses in
+local networks.")
+ (license license:lgpl2.1)))