X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/4e869b180a94aa5bf5ae70ca48e0527e8e8db8db..bdb1a3385df8b16ecdbded9142ed12c40b2a5954:/gnu/packages/dns.scm diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm index 0fe047abdb..3cf88febae 100644 --- a/gnu/packages/dns.scm +++ b/gnu/packages/dns.scm @@ -5,7 +5,7 @@ ;;; Copyright © 2016, 2017 Efraim Flashner ;;; Copyright © 2016 John Darrington ;;; Copyright © 2016 Nikita -;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice +;;; Copyright © 2016–2021 Tobias Geerinckx-Rice ;;; Copyright © 2016, 2020 Marius Bakke ;;; Copyright © 2017 Vasile Dumitrascu ;;; Copyright © 2017 Gregor Giesen @@ -13,11 +13,12 @@ ;;; Copyright © 2019 Mathieu Othacehe ;;; Copyright © 2019 Chris Marusich ;;; Copyright © 2019 Rutger Helling -;;; Copyright © 2020 Pierre Langlois +;;; Copyright © 2020, 2021 Pierre Langlois ;;; Copyright © 2020 Arun Isaac ;;; Copyright © 2020 Leo Famulari ;;; Copyright © 2020 Brice Waegeneire ;;; Copyright © 2020 Simon South +;;; Copyright © 2021 Zheng Junjie <873216071@qq.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -46,6 +47,7 @@ #:use-module (gnu packages compression) #:use-module (gnu packages crypto) #:use-module (gnu packages datastructures) + #:use-module (gnu packages elf) #:use-module (gnu packages flex) #:use-module (gnu packages freedesktop) #:use-module (gnu packages gcc) @@ -276,7 +278,7 @@ prompt the user with the option to go with insecure DNS only.") (define-public dnsmasq (package (name "dnsmasq") - (version "2.82") + (version "2.85") (source (origin (method url-fetch) (uri (string-append @@ -284,7 +286,7 @@ prompt the user with the option to go with insecure DNS only.") version ".tar.xz")) (sha256 (base32 - "0cn1xd1s6xs78jmrmwjnh9m6w3q38pk6dyqy2phvasqiyd33cll4")))) + "1yhjwgz8g5qrqvxh6bbmg3443zi8qqjks3q872wyb1zn7n0d765d")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) @@ -316,7 +318,9 @@ and BOOTP/TFTP for network booting of diskless machines.") (package (name "bind") ;; When updating, check whether isc-dhcp's bundled copy should be as well. - (version "9.16.7") + ;; The BIND release notes are available here: + ;; https://www.isc.org/bind/ + (version "9.16.13") (source (origin (method url-fetch) (uri (string-append @@ -324,7 +328,7 @@ and BOOTP/TFTP for network booting of diskless machines.") "/bind-" version ".tar.xz")) (sha256 (base32 - "1l8lhgnkj3fnl1101bs3pzj5gv2x5m9ahvrbyscsc9mxxc91hzcz")))) + "026cliyj570wxvvij96mrzsxyf421xv9a80gc5gv6savza9wfk55")))) (build-system gnu-build-system) (outputs `("out" "utils")) (inputs @@ -374,15 +378,18 @@ and BOOTP/TFTP for network booting of diskless machines.") (with-directory-excursion "fuzz" (invoke "make" "check")) #t))))) - (synopsis "Domain Name System (DNS) implementation") - (description "BIND is an implementation of the @dfn{Domain Name System} -(DNS) protocols for the Internet. It is a reference implementation of those -protocols, but it is also production-grade software, suitable for use in -high-volume and high-reliability applications. The name BIND stands for -\"Berkeley Internet Name Domain\", because the software originated in the -early 1980s at the University of California at Berkeley. The @code{utils} -output of this package contains the following DNS name servers related command -line utilities: + (synopsis "@acronym{DNS, Domain Name System} implementation") + (description "BIND implements the @acronym{DNS, Domain Name System} +protocols for the Internet. It is both a reference implementation of those +protocols and production-grade software, suitable for use in high-volume and +high-reliability applications. + +The name stands for \"Berkeley Internet Name Domain\" because the software +originated in the early 1980s at the University of California at Berkeley. + +The @code{utils} output of this package contains the following command line +utilities related to DNS name servers: + @table @code @item delv DNS lookup and validation utility @@ -532,14 +539,14 @@ asynchronous fashion.") (define-public nsd (package (name "nsd") - (version "4.3.2") + (version "4.3.6") (source (origin (method url-fetch) (uri (string-append "https://www.nlnetlabs.nl/downloads/nsd/nsd-" version ".tar.gz")) (sha256 - (base32 "0ac3mbn5z4nc18782m9aswdpi2m9f4665vidw0ciyigdh0pywp2v")))) + (base32 "062zwx4k5rgpg2c0b4721ldj36aj8clrxv79mlfw9b15ap7w1rmy")))) (build-system gnu-build-system) (arguments `(#:configure-flags @@ -602,14 +609,14 @@ to result in system-wide compromise.") (define-public unbound (package (name "unbound") - (version "1.10.1") + (version "1.13.1") (source (origin (method url-fetch) (uri (string-append "https://www.unbound.net/downloads/unbound-" version ".tar.gz")) (sha256 - (base32 "0dnmh9jjh2v274f0hl31bgv40pl77mmfgky8bkqr5kvi3b17fdmp")))) + (base32 "1f2hky62f4xxnjr0lncrzz4gipg01rp12pf98mrqkgf5ixxxj145")))) (build-system gnu-build-system) (outputs '("out" "python")) (native-inputs @@ -759,16 +766,16 @@ served by AS112. Stub and forward zones are supported.") (define-public yadifa (package (name "yadifa") - (version "2.3.10") + (version "2.4.2") (source - (let ((build "9729")) + (let ((build "9997")) (origin (method url-fetch) (uri - (string-append "http://cdn.yadifa.eu/sites/default/files/releases/" + (string-append "https://www.yadifa.eu/sites/default/files/releases/" "yadifa-" version "-" build ".tar.gz")) (sha256 - (base32 "0azaignqmylfdzr4x02s8y3pkn4f0xkpz3d1pkiiz8mwk92zgybn"))))) + (base32 "0f1by2c7l39qpsar5nh98f3xypmn2ikv7wr557wmva6m0lwbl3q0"))))) (build-system gnu-build-system) (native-inputs `(("which" ,which))) @@ -781,19 +788,19 @@ served by AS112. Stub and forward zones are supported.") (lambda _ (substitute* "Makefile.in" ((" (etc|var)") "")) + #t)) + (add-after 'configure 'omit-spurious-references + (lambda _ + ;; The many Makefile.in grep this(!) to #define BUILD_OPTIONS. + (substitute* "config.log" + (("(=/gnu/store/)[^-]*" _ match) + (string-append match "..."))) #t))) #:configure-flags (list "--sysconfdir=/etc" "--localstatedir=/var" - "--disable-build-timestamp" ; build reproducibly - "--enable-shared" - "--disable-static" - "--enable-acl" - "--enable-caching" - "--enable-ctrl" ; enable remote control - "--enable-nsec" - "--enable-nsec3" - "--enable-tsig"))) + "--enable-shared" "--disable-static" + "--disable-build-timestamp"))) ; build reproducibly (home-page "https://www.yadifa.eu/") (synopsis "Authoritative DNS name server") (description "YADIFA is an authoritative name server for the @dfn{Domain @@ -806,7 +813,7 @@ Extensions} (DNSSEC).") (define-public knot (package (name "knot") - (version "3.0.0") + (version "3.0.5") (source (origin (method git-fetch) @@ -815,26 +822,41 @@ Extensions} (DNSSEC).") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 - (base32 "0fkvip7n5ihjfwnnivdc3jf44y8p85ifglvq7b0anxvj9cg1m78f")) - (patches - (search-patches "knot-test_net_shortwrite-ensure-connection.patch")) + (base32 "16rgcmgj21w2niyz45d3zjlci9i22gxcvfzqw7g5zwsjdy9610nx")) (modules '((guix build utils))) (snippet '(begin ;; Remove Ragel-generated C files. We'll recreate them below. (for-each delete-file (find-files "." "\\.c\\.[gt].")) (delete-file "src/libknot/yparser/ypbody.c") + ;; Remove bundled library to ensure we always use the system's. + (delete-file-recursively "src/contrib/libbpf") #t)))) (build-system gnu-build-system) + (outputs (list "out" "doc" "lib" "tools")) (arguments `(#:configure-flags - (list "--sysconfdir=/etc" + (list (string-append "--docdir=" (assoc-ref %outputs "doc") + "/share/" ,name "-" ,version) + (string-append "--infodir=" (assoc-ref %outputs "doc") + "/share/info") + (string-append "--libdir=" (assoc-ref %outputs "lib") "/lib") + "--sysconfdir=/etc" "--localstatedir=/var" "--enable-dnstap" ; let tools read/write capture files - "--enable-fast-parser" ; disabled by default when .git/ exists + "--enable-fastparser" ; disabled by default when .git/ exists + "--enable-xdp=auto" ; XXX [=yes] currently means =embedded "--with-module-dnstap=yes") ; detailed query capturing & logging #:phases (modify-phases %standard-phases + (add-after 'unpack 'link-missing-libbpf-dependency + ;; Linking against -lbpf later would fail to find -lz: libbpf.pc has + ;; zlib in its Requires.private (not Requires) field. Add it here. + (lambda _ + (substitute* "configure.ac" + (("enable_xdp=yes" match) + (string-append match "\nlibbpf_LIBS=\"$libbpf_LIBS -lz\""))) + #true)) (add-before 'bootstrap 'update-parser (lambda _ (with-directory-excursion "src" @@ -858,7 +880,26 @@ Extensions} (DNSSEC).") "install")))) (add-after 'install 'install-info (lambda _ - (invoke "make" "install-info")))))) + (invoke "make" "install-info"))) + (add-after 'install 'break-circular-:lib->:out-reference + (lambda* (#:key outputs #:allow-other-keys) + (let ((lib (assoc-ref outputs "lib"))) + (for-each (lambda (file) + (substitute* file + (("(prefix=).*" _ assign) + (string-append assign lib "\n")))) + (find-files lib "\\.pc$")) + #true))) + (add-after 'install 'split-:tools + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (tools (assoc-ref outputs "tools"))) + (mkdir-p (string-append tools "/share/man")) + (rename-file (string-append out "/bin") + (string-append tools "/bin")) + (rename-file (string-append out "/share/man/man1") + (string-append tools "/share/man/man1")) + #true)))))) (native-inputs `(("autoconf" ,autoconf) ("automake" ,automake) @@ -871,8 +912,10 @@ Extensions} (DNSSEC).") `(("fstrm" ,fstrm) ("gnutls" ,gnutls) ("jansson" ,jansson) + ("libbpf" ,libbpf) ("libcap-ng" ,libcap-ng) ("libedit" ,libedit) + ("libelf" ,libelf) ("libidn" ,libidn) ("libnghttp2" ,nghttp2 "lib") ("liburcu" ,liburcu) @@ -900,15 +943,16 @@ synthesis, and on-the-fly re-configuration.") (define-public knot-resolver (package (name "knot-resolver") - (version "5.1.3") + (version "5.3.1") (source (origin (method url-fetch) (uri (string-append "https://secure.nic.cz/files/knot-resolver/" "knot-resolver-" version ".tar.xz")) (sha256 (base32 - "12s5070nqqf599s1mb6rjas2as481rjf751qk5yrz6p34y885k90")))) + "1j99sz6r1hdvvd8rffx1917r9cyb7z46ivp5934sq57irmxnnkcx")))) (build-system meson-build-system) + (outputs '("out" "doc")) (arguments '(#:configure-flags '("-Ddoc=enabled") #:phases @@ -923,6 +967,20 @@ synthesis, and on-the-fly re-configuration.") (add-after 'build 'build-doc (lambda _ (invoke "ninja" "doc"))) + (add-after 'install 'move-doc + (lambda* (#:key outputs #:allow-other-keys) + ;; Move the manual and the example configuration files to the + ;; "doc" output. + (let ((out (assoc-ref outputs "out")) + (doc (assoc-ref outputs "doc"))) + (mkdir-p (string-append doc "/share/doc/knot-resolver")) + (for-each + (lambda (dir) + (rename-file (string-append out "/share/" dir) + (string-append doc "/share/" dir))) + '("doc/knot-resolver/examples" + "doc/knot-resolver/html" + "info"))))) (add-after 'install 'wrap-binary (lambda* (#:key inputs outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) @@ -945,16 +1003,18 @@ synthesis, and on-the-fly re-configuration.") ("pkg-config" ,pkg-config) ("python-breathe" ,python-breathe) ("python-sphinx" ,python-sphinx) - ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme))) + ("python-sphinx-rtd-theme" ,python-sphinx-rtd-theme) + ("texinfo" ,texinfo))) (inputs `(("fstrm" ,fstrm) ("gnutls" ,gnutls) - ("knot" ,knot) + ("knot:lib" ,knot "lib") ("libuv" ,libuv) ("lmdb" ,lmdb) ("luajit" ,luajit) ;; TODO: Add optional lua modules: basexx and psl. - ("lua-bitop" ,lua5.1-bitop))) + ("lua-bitop" ,lua5.1-bitop) + ("nghttp2" ,nghttp2 "lib"))) (home-page "https://www.knot-resolver.cz/") (synopsis "Caching validating DNS resolver") (description @@ -990,9 +1050,7 @@ LuaJIT, both a resolver library and a daemon.") ("perl-digest-sha1" ,perl-digest-sha1) ("perl-io-socket-ssl" ,perl-io-socket-ssl))) (arguments - `(#:modules ((guix build utils) - (ice-9 match) - (srfi srfi-26)) + `(#:modules ((guix build utils)) #:builder (begin (use-modules (guix build utils) @@ -1052,20 +1110,17 @@ attempts the update when it has changed.") (license license:gpl2+))) (define-public hnsd - ;; There have been no releases yet, hence this commit. - (let ((revision "0") - (commit "895d89c25d316d18df9d374fe78aae3902bc89fb")) (package (name "hnsd") - (version (git-version "0.0" revision commit)) + (version "1.0.0") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/handshake-org/hnsd") - (commit commit))) + (commit (string-append "v" version)))) (sha256 (base32 - "0704y73sddn24jga9csw4gxyfb3pnrfnk0vdcph84n1h38490l16")) + "1kdgff8rf8gmvwz2p758ilbjxpvz4xm6z41pa5353asg6xb853bb")) (file-name (git-file-name name version)) (modules '((guix build utils))) (snippet @@ -1102,7 +1157,7 @@ attempts the update when it has changed.") (description "@command{hnsd} is a @dfn{host name resolver} for the Handshake Naming System (HNS) peer-to-peer network.") - (license license:expat)))) + (license license:expat))) (define-public libmicrodns (package @@ -1228,14 +1283,14 @@ and TCP-capable recursive DNS server for finding domains on the internet.") (define-public openresolv (package (name "openresolv") - (version "3.10.0") + (version "3.12.0") (source (origin (method url-fetch) (uri (string-append "https://roy.marples.name/downloads/openresolv/" "openresolv-" version ".tar.xz")) (sha256 (base32 - "01ms6c087la4hk0f0w6n2vpsb7dg4kklah2rqyhz88p0vr9bqy20")) + "15qvp5va2yrqpz0ba54clvn8cbc66v4sl7k3bi9ji8jpx040bcs2")) (patches (search-patches "openresolv-restartcmd-guix.patch")))) (build-system gnu-build-system)