;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 John Darrington <jmd@gnu.org>
-;;; Copyright © 2016 Nils Gillmann <ng0@n0.is>
-;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016 ng0 <ng0@n0.is>
+;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Vasile Dumitrascu <va511e@yahoo.com>
;;; Copyright © 2017 Gregor Giesen <giesen@zaehlwerk.net>
+;;; Copyright © 2018 Oleg Pykhalov <go.wigust@gmail.com>
+;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
+;;; Copyright © 2019 Chris Marusich <cmmarusich@gmail.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages admin)
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
+ #:use-module (gnu packages bash)
#:use-module (gnu packages databases)
+ #:use-module (gnu packages compression)
#:use-module (gnu packages crypto)
#:use-module (gnu packages datastructures)
#:use-module (gnu packages flex)
#:use-module (gnu packages linux)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages nettle)
+ #:use-module (gnu packages networking)
#:use-module (gnu packages perl)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages swig)
#:use-module (gnu packages tls)
#:use-module (gnu packages web)
#:use-module ((guix licenses) #:prefix license:)
#:use-module (guix packages)
#:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module (guix utils)
- #:use-module (guix build-system gnu))
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system trivial))
(define-public dnsmasq
(package
(name "dnsmasq")
- (version "2.79")
+ (version "2.80")
(source (origin
(method url-fetch)
(uri (string-append
version ".tar.xz"))
(sha256
(base32
- "07w6cw706yyahwvbvslhkrbjf2ynv567cgy9pal8bz8lrbsp9bbq"))))
+ "1fv3g8vikj3sn37x1j6qsywn09w1jipvlv34j3q5qrljbrwa5ayd"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
(define-public isc-bind
(package
(name "bind")
- (version "9.12.1-P2")
+ (version "9.14.2")
(source (origin
(method url-fetch)
(uri (string-append
- "ftp://ftp.isc.org/isc/bind9/" version "/" name "-"
- version ".tar.gz"))
- (patches (search-patches "bind-CVE-2018-5738.patch"))
+ "https://ftp.isc.org/isc/bind9/" version
+ "/bind-" version ".tar.gz"))
(sha256
(base32
- "0a9dvyg1dk7vpqn9gz7p5jas3bz7z22bjd66b98g1qk16i2w7rqd"))))
+ "033zqajnj5ys45g899132xkhh9f0hsh76ffv7302wl166xbjfh0f"))))
(build-system gnu-build-system)
(outputs `("out" "utils"))
(inputs
- ;; it would be nice to add GeoIP and gssapi once there is package
+ ;; It would be nice to add GeoIP and gssapi once there are packages.
`(("libcap" ,libcap)
("libxml2" ,libxml2)
("openssl" ,openssl)
- ("p11-kit" ,p11-kit)))
+ ("p11-kit" ,p11-kit)
+ ("python" ,python)
+ ("python-ply" ,python-ply)))
(native-inputs `(("perl" ,perl)
("net-tools" ,net-tools)))
(arguments
"/share/man/man1/dig.1"
"/share/man/man1/host.1"
"/share/man/man1/nslookup.1"
- "/share/man/man1/nsupdate.1"))))
+ "/share/man/man1/nsupdate.1"))
+ #t))
;; When and if guix provides user namespaces for the build process,
;; then the following can be uncommented and the subsequent "force-test"
;; will not be necessary.
;; (system "bin/tests/system/ifconfig.sh up")))
(replace 'check
(lambda _
- (invoke "make" "force-test")
+ ;; XXX Even ‘make force-test’ tries to create network interfaces
+ ;; and fails. The only working target is the (trivial) fuzz test.
+ (with-directory-excursion "fuzz"
+ (invoke "make" "check"))
#t)))))
(synopsis "An implementation of the Domain Name System")
(description "BIND is an implementation of the @dfn{Domain Name System}
(license:non-copyleft "file://LICENSE") ; includes.h
license:openssl))))
+(define-public nsd
+ (package
+ (name "nsd")
+ (version "4.1.27")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-"
+ version ".tar.gz"))
+ (sha256
+ (base32 "1sjfbwr4vq25304hr9vmd9j821g2vzv8lpy95hpsravc80q5zaqv"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list "--enable-pie" ; fully benefit from ASLR
+ "--enable-ratelimit"
+ "--enable-recvmmsg"
+ "--enable-relro-now" ; protect GOT and .dtor areas
+ "--disable-radix-tree"
+ (string-append "--with-libevent="
+ (assoc-ref %build-inputs "libevent"))
+ (string-append "--with-ssl="
+ (assoc-ref %build-inputs "openssl"))
+ "--with-configdir=/etc"
+ "--with-nsd_conf_file=/etc/nsd/nsd.conf"
+ "--with-logfile=/var/log/nsd.log"
+ "--with-pidfile=/var/db/nsd/nsd.pid"
+ "--with-dbfile=/var/db/nsd/nsd.db"
+ "--with-zonesdir=/etc/nsd"
+ "--with-xfrdfile=/var/db/nsd/xfrd.state"
+ "--with-zonelistfile=/var/db/nsd/zone.list")
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'patch-installation-paths
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version)))
+ ;; The ‘make install’ target tries to create the parent
+ ;; directories of run-time things like ‘pidfile’ above, and
+ ;; useless empty directories like 'configdir'. Remove such
+ ;; '$(INSTALL)' lines and install the example configuration file
+ ;; in an appropriate location.
+ (substitute* "Makefile.in"
+ ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command)
+ (string-append "#" command))
+ (("\\$\\(nsdconfigfile\\)\\.sample" file-name)
+ (string-append doc "/examples/" file-name)))
+ #t))))
+ #:tests? #f)) ; no tests
+ (inputs
+ `(("libevent" ,libevent)
+ ("openssl" ,openssl)))
+ (home-page "https://www.nlnetlabs.nl/projects/nsd/about/")
+ (synopsis "Authoritative DNS name server")
+ (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative
+name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and
+RFC-compliant nameserver.
+
+NSD uses zone information compiled via @command{zonec} into a binary database
+file (@file{nsd.db}). This allows fast startup of the name service daemon and
+allows syntax-structural errors in zone files to be flagged at compile time,
+before being made available to NSD service itself. However, most traditional
+BIND-style zone files can be directly imported into NSD without modification.
+
+The collection of programs and processes that make up NSD are designed so that
+the daemon itself runs as a non-privileged user and can be easily configured to
+run in a @code{chroot} jail, thus making any security flaws in NSD less likely
+to result in system-wide compromise.")
+ (license (list license:bsd-3))))
+
(define-public unbound
(package
(name "unbound")
- (version "1.6.8")
+ (version "1.9.1")
(source
(origin
(method url-fetch)
(uri (string-append "https://www.unbound.net/downloads/unbound-"
version ".tar.gz"))
(sha256
- (base32
- "0jfxhh4gc5amhndikskz1s7da27ycn442j3l20bm992n7zijid73"))))
+ (base32 "1iarvk0i92asvrkpla9z55aan20k6pklzpck9yk4rfnchsdvzh63"))))
(build-system gnu-build-system)
(outputs '("out" "python"))
(native-inputs
("openssl" ,openssl)))
(arguments
`(#:configure-flags
- (list "--disable-static" ;save space and non-determinism in libunbound.a
+ (list "--disable-static" ; save space and non-determinism in libunbound.a
(string-append
"--with-ssl=" (assoc-ref %build-inputs "openssl"))
(string-append
(define-public yadifa
(package
(name "yadifa")
- (version "2.3.8")
+ (version "2.3.9")
(source
- (let ((build "7713"))
+ (let ((build "8497"))
(origin
(method url-fetch)
(uri
(string-append "http://cdn.yadifa.eu/sites/default/files/releases/"
- name "-" version "-" build ".tar.gz"))
+ "yadifa-" version "-" build ".tar.gz"))
(sha256
- (base32 "15xhzg4crjcxascwpz6y8qpqcgypzv2p9bspdskp4nx1x1y4316c")))))
+ (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5")))))
(build-system gnu-build-system)
(native-inputs
`(("which" ,which)))
(define-public knot
(package
(name "knot")
- (version "2.6.7")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://secure.nic.cz/files/knot-dns/"
- name "-" version ".tar.xz"))
- (sha256
- (base32
- "0hr2m664ckjicv3pq2lk16m61pscknywxv2ydnrzfqf10m5h0ahw"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; Delete bundled libraries.
- (with-directory-excursion "src/contrib"
- (delete-file-recursively "lmdb"))
- #t))))
+ (version "2.8.1")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://secure.nic.cz/files/knot-dns/"
+ "knot-" version ".tar.xz"))
+ (sha256
+ (base32 "1im2wb8hl394mzni1wavmvfqd7il8s28kcz8w3s4v05nbhzg06xj"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete bundled libraries.
+ (with-directory-excursion "src/contrib"
+ (delete-file-recursively "lmdb"))
+ #t))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
("liburcu" ,liburcu)
("lmdb" ,lmdb)
("ncurses" ,ncurses)
- ("nettle" ,nettle)
- ("protobuf-c" ,protobuf-c)
-
- ;; For ‘pykeymgr’, needed to migrate keys from versions <= 2.4.
- ("python" ,python-2)
- ("python-lmdb" ,python2-lmdb)))
+ ("protobuf-c" ,protobuf-c)))
(arguments
`(#:phases
(modify-phases %standard-phases
(add-before 'configure 'disable-directory-pre-creation
(lambda _
;; Don't install empty directories like ‘/etc’ outside the store.
+ ;; This is needed even when using ‘make config_dir=... install’.
(substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true"))
#t))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
- (doc (string-append out "/share/doc/knot"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version))
(etc (string-append doc "/examples/etc")))
(invoke "make"
(string-append "config_dir=" etc)
- "install"))))
- (add-after 'install 'wrap-python-scripts
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (path (getenv "PYTHONPATH")))
- (wrap-program (string-append out "/sbin/pykeymgr")
- `("PYTHONPATH" ":" prefix (,path))))
- #t)))
+ "install")))))
#:configure-flags
(list "--sysconfdir=/etc"
"--localstatedir=/var"
- "--with-module-rosedb=yes" ; serve static records from a database
- "--with-module-dnstap=yes" ; allow detailed query logging
+ "--enable-dnstap" ; let tools read/write capture files
+ "--with-module-dnstap=yes" ; detailed query capturing & logging
(string-append "--with-bash-completions="
(assoc-ref %outputs "out")
"/etc/bash_completion.d"))))
license:lgpl2.0+ ; parts of scr/contrib/ucw
license:public-domain ; src/contrib/fnv and possibly murmurhash3
license:gpl3+)))) ; everything else
+
+(define-public ddclient
+ (package
+ (name "ddclient")
+ (version "3.9.0")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://sourceforge/ddclient/ddclient/ddclient-"
+ version "/ddclient-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0fwyhab8yga2yi1kdfkbqxa83wxhwpagmj1w1mwkg2iffh1fjjlw"))))
+ (build-system trivial-build-system) ; no Makefile.PL
+ (native-inputs
+ `(("bash" ,bash)
+ ("gzip" ,gzip)
+ ("perl" ,perl)
+ ("tar" ,tar)))
+ (inputs
+ `(("inetutils" ,inetutils) ; logger
+ ("net-tools" ,net-tools)
+ ("perl-data-validate-ip" ,perl-data-validate-ip)
+ ("perl-digest-sha1" ,perl-digest-sha1)
+ ("perl-io-socket-ssl" ,perl-io-socket-ssl)))
+ (arguments
+ `(#:modules ((guix build utils)
+ (ice-9 match)
+ (srfi srfi-26))
+ #:builder
+ (begin
+ (use-modules (guix build utils)
+ (ice-9 match)
+ (srfi srfi-26))
+ ;; bootstrap
+ (setenv "PATH" (string-append
+ (assoc-ref %build-inputs "bash") "/bin" ":"
+ (assoc-ref %build-inputs "tar") "/bin" ":"
+ (assoc-ref %build-inputs "gzip") "/bin" ":"
+ (assoc-ref %build-inputs "perl") "/bin"))
+ ;; extract source
+ (invoke "tar" "xvf" (assoc-ref %build-inputs "source"))
+ ;; package
+ (with-directory-excursion (string-append ,name "-" ,version)
+ (let* ((out (assoc-ref %outputs "out"))
+ (bin (string-append out "/bin")))
+ (let ((file "ddclient"))
+ (substitute* file
+ (("/usr/bin/perl") (which "perl"))
+ ;; Strictly use ‘/etc/ddclient/ddclient.conf’.
+ (("\\$\\{program\\}\\.conf") "/etc/ddclient/ddclient.conf")
+ (("\\$etc\\$program.conf") "/etc/ddclient/ddclient.conf")
+ ;; Strictly use ‘/var/cache/ddclient/ddclient.cache’
+ (("\\$cachedir\\$program\\.cache")
+ "/var/cache/ddclient/ddclient.cache"))
+ (install-file file bin)
+ (wrap-program (string-append bin "/" file)
+ `("PATH" ":" =
+ ("$PATH"
+ ,@(map (lambda (input)
+ (match input
+ ((name . store)
+ (string-append store "/bin"))))
+ %build-inputs)))
+ `("PERL5LIB" ":" =
+ ,(delete
+ ""
+ (map (match-lambda
+ (((? (cut string-prefix? "perl-" <>) name) . dir)
+ (string-append dir "/lib/perl5/site_perl"))
+ (_ ""))
+ %build-inputs)))))
+ (for-each (cut install-file <> (string-append out
+ "/share/ddclient"))
+ (find-files "." "sample.*$")))))))
+ (home-page "https://sourceforge.net/projects/ddclient/")
+ (synopsis "Address updating utility for dynamic DNS services")
+ (description "This package provides a client to update dynamic IP
+addresses with several dynamic DNS service providers, such as
+@uref{https://www.dyndns.com/account/login.html,DynDNS.com}.
+
+This makes it possible to use a fixed hostname (such as myhost.dyndns.org) to
+access a machine with a dynamic IP address.
+
+The client supports both dynamic and (near) static services, as well as MX
+record and alternative name management. It caches the address, and only
+attempts the update when it has changed.")
+ (license license:gpl2+)))
+
+(define-public hnsd
+ ;; There have been no releases yet, hence this commit.
+ (let ((revision "0")
+ (commit "895d89c25d316d18df9d374fe78aae3902bc89fb"))
+ (package
+ (name "hnsd")
+ (version (git-version "0.0" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/handshake-org/hnsd")
+ (commit commit)))
+ (sha256
+ (base32
+ "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16"))
+ (file-name (git-file-name name version))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Delete the bundled copy of libuv.
+ (delete-file-recursively "uv")
+ (substitute* "configure.ac"
+ (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") ""))
+ (substitute* "Makefile.am"
+ (("SUBDIRS = uv") "\n")
+ (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv")
+
+ ;; Make sure the 'hnsd' binary is installed and
+ ;; dynamically-linked.
+ (("noinst_PROGRAMS") "bin_PROGRAMS")
+ (("hnsd_LDFLAGS = -static") ""))
+
+ ;; This script tries to chdir to "uv" and doesn't do more
+ ;; than "autoreconf" so remove it.
+ (delete-file "autogen.sh")
+ #t))))
+ (build-system gnu-build-system)
+ (arguments
+ '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (inputs
+ `(("unbound" ,unbound)
+ ("libuv" ,libuv)))
+ (home-page "https://www.handshake.org/")
+ (synopsis "Resolver daemon for the Handshake naming protocol")
+ (description
+ "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming
+System (HNS) peer-to-peer network.")
+ (license license:expat))))
+
+(define-public libmicrodns
+ (package
+ (name "libmicrodns")
+ (version "0.0.10")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/videolabs/libmicrodns")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (home-page "https://github.com/videolabs/libmicrodns")
+ (synopsis "Minimal mDNS resolver library")
+ (description "@code{libmicrodns} provides a minimal implementation of a
+mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is
+a zero-config service that allows one to resolve host names to IP addresses in
+local networks.")
+ (license license:lgpl2.1)))
+
+(define-public public-suffix-list
+ ;; Mozilla releases the official list here:
+ ;;
+ ;; https://publicsuffix.org/list/public_suffix_list.dat
+ ;;
+ ;; However, Mozilla syncs that file from the GitHub repository periodically,
+ ;; so its contents will change over time. If you update this commit, please
+ ;; make sure that the new commit refers to a list which is identical to the
+ ;; officially published list available from the URL above.
+ (let ((commit "9375b697baddb0827a5995c81bd3c75877a0b35d"))
+ (package
+ (name "public-suffix-list")
+ (version (git-version "0" "1" commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/publicsuffix/list.git")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1sm7pni01rnl4ldzi8z8nc4cbgq8nxda9gwc68v0s3ij7jd1jmik"))))
+ (build-system trivial-build-system)
+ (arguments
+ `(#:modules ((guix build utils))
+ #:builder
+ (begin
+ (use-modules (guix build utils))
+ (let* ((out (assoc-ref %outputs "out"))
+ ;; Install to /share because that is where "read-only
+ ;; architecture-independent data files" should go (see:
+ ;; (standards) Directory Variables). Include the version in
+ ;; the directory name so that if multiple versions are ever
+ ;; installed in the same profile, they will not conflict.
+ (destination (string-append
+ out "/share/public-suffix-list-" ,version))
+ (source (assoc-ref %build-inputs "source")))
+ (with-directory-excursion source
+ (install-file "public_suffix_list.dat" destination)
+ (install-file "LICENSE" destination))
+ #t))))
+ (home-page "https://publicsuffix.org/")
+ (synopsis "Database of current and historical DNS suffixes")
+ (description "This is the Public Suffix List maintained by Mozilla. A
+\"public suffix\" is one under which Internet users can (or historically
+could) directly register names in the Domain Name System (DNS). Some examples
+of public suffixes are .com, .co.uk and pvt.k12.ma.us. This is a list of all
+known public suffixes.")
+ (license license:mpl2.0))))
HCoop / jackhill / guix / guix.git / blobdiff