X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/116ca65b583ba4e404289f1481dc3a3ffef1c3dd..34b81a9cddcfd4b5b2aa041d644833e2211da8c9:/gnu/packages/dns.scm diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index 0b8d8be574..656c1f9d70 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -5,10 +5,12 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 John Darrington ;;; Copyright © 2016 Nils Gillmann -;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice ;;; Copyright © 2016 Marius Bakke ;;; Copyright © 2017 Vasile Dumitrascu ;;; Copyright © 2017 Gregor Giesen +;;; Copyright © 2018 Oleg Pykhalov +;;; Copyright © 2019 Mathieu Othacehe ;;; ;;; This file is part of GNU Guix. ;;; @@ -29,7 +31,9 @@ #:use-module (gnu packages admin) #:use-module (gnu packages autotools) #:use-module (gnu packages base) + #:use-module (gnu packages bash) #:use-module (gnu packages databases) + #:use-module (gnu packages compression) #:use-module (gnu packages crypto) #:use-module (gnu packages datastructures) #:use-module (gnu packages flex) @@ -42,6 +46,7 @@ #:use-module (gnu packages linux) #:use-module (gnu packages ncurses) #:use-module (gnu packages nettle) + #:use-module (gnu packages networking) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages protobuf) @@ -50,16 +55,19 @@ #:use-module (gnu packages tls) #:use-module (gnu packages web) #:use-module (gnu packages xml) + #:use-module (gnu packages) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) + #:use-module (guix git-download) #:use-module (guix utils) - #:use-module (guix build-system gnu)) + #:use-module (guix build-system gnu) + #:use-module (guix build-system trivial)) (define-public dnsmasq (package (name "dnsmasq") - (version "2.79") + (version "2.80") (source (origin (method url-fetch) (uri (string-append @@ -67,7 +75,7 @@ version ".tar.xz")) (sha256 (base32 - "07w6cw706yyahwvbvslhkrbjf2ynv567cgy9pal8bz8lrbsp9bbq")))) + "1fv3g8vikj3sn37x1j6qsywn09w1jipvlv34j3q5qrljbrwa5ayd")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -98,19 +106,19 @@ and BOOTP/TFTP for network booting of diskless machines.") (define-public isc-bind (package (name "bind") - (version "9.12.1-P2") + (version "9.12.3-P4") (source (origin (method url-fetch) (uri (string-append - "ftp://ftp.isc.org/isc/bind9/" version "/" name "-" - version ".tar.gz")) + "https://ftp.isc.org/isc/bind9/" version + "/bind-" version ".tar.gz")) (sha256 (base32 - "0a9dvyg1dk7vpqn9gz7p5jas3bz7z22bjd66b98g1qk16i2w7rqd")))) + "01pj47z5582rd538dmbzf1msw4jc8j4zr0zx4ciy88r6qr9l80fi")))) (build-system gnu-build-system) (outputs `("out" "utils")) (inputs - ;; it would be nice to add GeoIP and gssapi once there is package + ;; It would be nice to add GeoIP and gssapi once there are packages. `(("libcap" ,libcap) ("libxml2" ,libxml2) ("openssl" ,openssl) @@ -188,7 +196,7 @@ high-volume and high-reliability applications. The name BIND stands for ;; Re-generate build files due to unbundling ltdl. ;; TODO: Prevent generating new libltdl and building it. ;; The system version is still favored and referenced. - (zero? (system* "autoreconf" "-vif"))))))) + (invoke "autoreconf" "-vif")))))) (native-inputs `(("pkg-config" ,pkg-config) ("automake" ,automake) @@ -233,7 +241,7 @@ servers is included, and an up-to-date version is available at (modify-phases %standard-phases (add-after 'unpack 'create-configure (lambda _ - (zero? (system* "make" "configure"))))))) + (invoke "make" "configure")))))) (native-inputs `(("autoconf" ,autoconf))) (inputs @@ -283,18 +291,87 @@ asynchronous fashion.") (license:non-copyleft "file://LICENSE") ; includes.h license:openssl)))) +(define-public nsd + (package + (name "nsd") + (version "4.1.26") + (source + (origin + (method url-fetch) + (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-" + version ".tar.gz")) + (sha256 + (base32 "1x0mvj4872dzj1rr9adnchdm4dhn41xmc459p5j4s0r13m1l32lz")))) + (build-system gnu-build-system) + (arguments + `(#:configure-flags + (list "--enable-pie" ; fully benefit from ASLR + "--enable-ratelimit" + "--enable-recvmmsg" + "--enable-relro-now" ; protect GOT and .dtor areas + "--disable-radix-tree" + (string-append "--with-libevent=" + (assoc-ref %build-inputs "libevent")) + (string-append "--with-ssl=" + (assoc-ref %build-inputs "openssl")) + "--with-configdir=/etc" + "--with-nsd_conf_file=/etc/nsd/nsd.conf" + "--with-logfile=/var/log/nsd.log" + "--with-pidfile=/var/db/nsd/nsd.pid" + "--with-dbfile=/var/db/nsd/nsd.db" + "--with-zonesdir=/etc/nsd" + "--with-xfrdfile=/var/db/nsd/xfrd.state" + "--with-zonelistfile=/var/db/nsd/zone.list") + #:phases + (modify-phases %standard-phases + (add-before 'configure 'patch-installation-paths + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (doc (string-append out "/share/doc/" ,name "-" ,version))) + ;; The ‘make install’ target tries to create the parent + ;; directories of run-time things like ‘pidfile’ above, and + ;; useless empty directories like 'configdir'. Remove such + ;; '$(INSTALL)' lines and install the example configuration file + ;; in an appropriate location. + (substitute* "Makefile.in" + ((".*INSTALL.*\\$\\((config|pid|xfr|db)dir" command) + (string-append "#" command)) + (("\\$\\(nsdconfigfile\\)\\.sample" file-name) + (string-append doc "/examples/" file-name))) + #t)))) + #:tests? #f)) ; no tests + (inputs + `(("libevent" ,libevent) + ("openssl" ,openssl))) + (home-page "https://www.nlnetlabs.nl/projects/nsd/about/") + (synopsis "Authoritative DNS name server") + (description "@dfn{NSD}, short for Name Server Daemon, is an authoritative +name server for the Domain Name System (@dfn{DNS}). It aims to be a fast and +RFC-compliant nameserver. + +NSD uses zone information compiled via @command{zonec} into a binary database +file (@file{nsd.db}). This allows fast startup of the name service daemon and +allows syntax-structural errors in zone files to be flagged at compile time, +before being made available to NSD service itself. However, most traditional +BIND-style zone files can be directly imported into NSD without modification. + +The collection of programs and processes that make up NSD are designed so that +the daemon itself runs as a non-privileged user and can be easily configured to +run in a @code{chroot} jail, thus making any security flaws in NSD less likely +to result in system-wide compromise.") + (license (list license:bsd-3)))) + (define-public unbound (package (name "unbound") - (version "1.6.8") + (version "1.9.0") (source (origin (method url-fetch) (uri (string-append "https://www.unbound.net/downloads/unbound-" version ".tar.gz")) (sha256 - (base32 - "0jfxhh4gc5amhndikskz1s7da27ycn442j3l20bm992n7zijid73")))) + (base32 "05xrb8havr2vgjsdy7n85kgnvk1mg7qwhjp4a8n6pg4jhd5zjnj1")))) (build-system gnu-build-system) (outputs '("out" "python")) (native-inputs @@ -309,7 +386,7 @@ asynchronous fashion.") ("openssl" ,openssl))) (arguments `(#:configure-flags - (list "--disable-static" ;save space and non-determinism in libunbound.a + (list "--disable-static" ; save space and non-determinism in libunbound.a (string-append "--with-ssl=" (assoc-ref %build-inputs "openssl")) (string-append @@ -424,9 +501,9 @@ struct servent *getservbyport(int port, const char *proto) { } return s; }" port))) - (system* (string-append gcc "/bin/gcc") - "-shared" "-fPIC" "-o" "/tmp/nss_preload.so" - "/tmp/nss_preload.c") + (invoke (string-append gcc "/bin/gcc") + "-shared" "-fPIC" "-o" "/tmp/nss_preload.so" + "/tmp/nss_preload.c") ;; The preload library only affects the unittests. (substitute* "Makefile" (("./unittest") @@ -445,16 +522,16 @@ served by AS112. Stub and forward zones are supported.") (define-public yadifa (package (name "yadifa") - (version "2.3.8") + (version "2.3.9") (source - (let ((build "7713")) + (let ((build "8497")) (origin (method url-fetch) (uri (string-append "http://cdn.yadifa.eu/sites/default/files/releases/" - name "-" version "-" build ".tar.gz")) + "yadifa-" version "-" build ".tar.gz")) (sha256 - (base32 "15xhzg4crjcxascwpz6y8qpqcgypzv2p9bspdskp4nx1x1y4316c"))))) + (base32 "0xvyr91sfgzkpw6g3h893ldbwnki3w2472n56rr18w67qghs1sa5"))))) (build-system gnu-build-system) (native-inputs `(("which" ,which))) @@ -492,14 +569,14 @@ Extensions} (DNSSEC).") (define-public knot (package (name "knot") - (version "2.6.7") + (version "2.7.6") (source (origin (method url-fetch) (uri (string-append "https://secure.nic.cz/files/knot-dns/" - name "-" version ".tar.xz")) + "knot-" version ".tar.xz")) (sha256 (base32 - "0hr2m664ckjicv3pq2lk16m61pscknywxv2ydnrzfqf10m5h0ahw")) + "18lpyq3vgr2ainmfiy14x7hcf1zxza66bhkpr54jaz2gy1viijx1")) (modules '((guix build utils))) (snippet '(begin @@ -520,41 +597,29 @@ Extensions} (DNSSEC).") ("liburcu" ,liburcu) ("lmdb" ,lmdb) ("ncurses" ,ncurses) - ("nettle" ,nettle) - ("protobuf-c" ,protobuf-c) - - ;; For ‘pykeymgr’, needed to migrate keys from versions <= 2.4. - ("python" ,python-2) - ("python-lmdb" ,python2-lmdb))) + ("protobuf-c" ,protobuf-c))) (arguments `(#:phases (modify-phases %standard-phases (add-before 'configure 'disable-directory-pre-creation (lambda _ ;; Don't install empty directories like ‘/etc’ outside the store. + ;; This is needed even when using ‘make config_dir=... install’. (substitute* "src/Makefile.in" (("\\$\\(INSTALL\\) -d") "true")) #t)) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) - (doc (string-append out "/share/doc/knot")) + (doc (string-append out "/share/doc/" ,name "-" ,version)) (etc (string-append doc "/examples/etc"))) - (zero? - (system* "make" - (string-append "config_dir=" etc) - "install"))))) - (add-after 'install 'wrap-python-scripts - (lambda* (#:key outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (path (getenv "PYTHONPATH"))) - (wrap-program (string-append out "/sbin/pykeymgr") - `("PYTHONPATH" ":" prefix (,path)))) - #t))) + (invoke "make" + (string-append "config_dir=" etc) + "install"))))) #:configure-flags (list "--sysconfdir=/etc" "--localstatedir=/var" - "--with-module-rosedb=yes" ; serve static records from a database - "--with-module-dnstap=yes" ; allow detailed query logging + "--enable-dnstap" ; let tools read/write capture files + "--with-module-dnstap=yes" ; detailed query capturing & logging (string-append "--with-bash-completions=" (assoc-ref %outputs "out") "/etc/bash_completion.d")))) @@ -575,3 +640,170 @@ synthesis, and on-the-fly re-configuration.") license:lgpl2.0+ ; parts of scr/contrib/ucw license:public-domain ; src/contrib/fnv and possibly murmurhash3 license:gpl3+)))) ; everything else + +(define-public ddclient + (package + (name "ddclient") + (version "3.9.0") + (source (origin + (method url-fetch) + (uri (string-append "mirror://sourceforge/ddclient/ddclient/ddclient-" + version "/ddclient-" version ".tar.gz")) + (sha256 + (base32 + "0fwyhab8yga2yi1kdfkbqxa83wxhwpagmj1w1mwkg2iffh1fjjlw")))) + (build-system trivial-build-system) ; no Makefile.PL + (native-inputs + `(("bash" ,bash) + ("gzip" ,gzip) + ("perl" ,perl) + ("tar" ,tar))) + (inputs + `(("inetutils" ,inetutils) ; logger + ("net-tools" ,net-tools) + ("perl-data-validate-ip" ,perl-data-validate-ip) + ("perl-digest-sha1" ,perl-digest-sha1) + ("perl-io-socket-ssl" ,perl-io-socket-ssl))) + (arguments + `(#:modules ((guix build utils) + (ice-9 match) + (srfi srfi-26)) + #:builder + (begin + (use-modules (guix build utils) + (ice-9 match) + (srfi srfi-26)) + ;; bootstrap + (setenv "PATH" (string-append + (assoc-ref %build-inputs "bash") "/bin" ":" + (assoc-ref %build-inputs "tar") "/bin" ":" + (assoc-ref %build-inputs "gzip") "/bin" ":" + (assoc-ref %build-inputs "perl") "/bin")) + ;; extract source + (invoke "tar" "xvf" (assoc-ref %build-inputs "source")) + ;; package + (with-directory-excursion (string-append ,name "-" ,version) + (let* ((out (assoc-ref %outputs "out")) + (bin (string-append out "/bin"))) + (let ((file "ddclient")) + (substitute* file + (("/usr/bin/perl") (which "perl")) + ;; Strictly use ‘/etc/ddclient/ddclient.conf’. + (("\\$\\{program\\}\\.conf") "/etc/ddclient/ddclient.conf") + (("\\$etc\\$program.conf") "/etc/ddclient/ddclient.conf") + ;; Strictly use ‘/var/cache/ddclient/ddclient.cache’ + (("\\$cachedir\\$program\\.cache") + "/var/cache/ddclient/ddclient.cache")) + (install-file file bin) + (wrap-program (string-append bin "/" file) + `("PATH" ":" = + ("$PATH" + ,@(map (lambda (input) + (match input + ((name . store) + (string-append store "/bin")))) + %build-inputs))) + `("PERL5LIB" ":" = + ,(delete + "" + (map (match-lambda + (((? (cut string-prefix? "perl-" <>) name) . dir) + (string-append dir "/lib/perl5/site_perl")) + (_ "")) + %build-inputs))))) + (for-each (cut install-file <> (string-append out + "/share/ddclient")) + (find-files "." "sample.*$"))))))) + (home-page "https://sourceforge.net/projects/ddclient/") + (synopsis "Address updating utility for dynamic DNS services") + (description "This package provides a client to update dynamic IP +addresses with several dynamic DNS service providers, such as +@uref{https://www.dyndns.com/account/login.html,DynDNS.com}. + +This makes it possible to use a fixed hostname (such as myhost.dyndns.org) to +access a machine with a dynamic IP address. + +The client supports both dynamic and (near) static services, as well as MX +record and alternative name management. It caches the address, and only +attempts the update when it has changed.") + (license license:gpl2+))) + +(define-public hnsd + ;; There have been no releases yet, hence this commit. + (let ((revision "0") + (commit "895d89c25d316d18df9d374fe78aae3902bc89fb")) + (package + (name "hnsd") + (version (git-version "0.0" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/handshake-org/hnsd") + (commit commit))) + (sha256 + (base32 + "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16")) + (file-name (git-file-name name version)) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete the bundled copy of libuv. + (delete-file-recursively "uv") + (substitute* "configure.ac" + (("AC_CONFIG_SUBDIRS\\(\\[uv\\]\\)") "")) + (substitute* "Makefile.am" + (("SUBDIRS = uv") "\n") + (("\\$\\(top_builddir\\)/uv/libuv.la") "-luv") + + ;; Make sure the 'hnsd' binary is installed and + ;; dynamically-linked. + (("noinst_PROGRAMS") "bin_PROGRAMS") + (("hnsd_LDFLAGS = -static") "")) + + ;; This script tries to chdir to "uv" and doesn't do more + ;; than "autoreconf" so remove it. + (delete-file "autogen.sh") + #t)))) + (build-system gnu-build-system) + (arguments + '(#:configure-flags '("--disable-static"))) ;no need for libhsk.a + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (inputs + `(("unbound" ,unbound) + ("libuv" ,libuv))) + (home-page "https://www.handshake.org/") + (synopsis "Resolver daemon for the Handshake naming protocol") + (description + "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming +System (HNS) peer-to-peer network.") + (license license:expat)))) + +(define-public libmicrodns + (package + (name "libmicrodns") + (version "0.0.10") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/videolabs/libmicrodns") + (commit version))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "1xvl9k49ng35wbsqmnjnyqvkyjf8dcq2ywsq3jp3wh0rgmxhq2fh")))) + (build-system gnu-build-system) + (native-inputs + `(("pkg-config" ,pkg-config) + ("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (home-page "https://github.com/videolabs/libmicrodns") + (synopsis "Minimal mDNS resolver library") + (description "@code{libmicrodns} provides a minimal implementation of a +mDNS resolver as well as an announcer. mDNS (Multicast Domain Name System) is +a zero-config service that allows one to resolve host names to IP addresses in +local networks.") + (license license:lgpl2.1)))