Date: Sat, 23 Dec 2017 14:16:18 +0000 (UTC) From: "Danilo G. Baio" <dbaio@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r457054 - in head: . dns/dnscrypt-proxy dns/dnscrypt-proxy/files Message-ID: <201712231416.vBNEGI7l000513@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dbaio Date: Sat Dec 23 14:16:18 2017 New Revision: 457054 URL: https://svnweb.freebsd.org/changeset/ports/457054 Log: dns/dnscrypt-proxy: Replace 'cisco' (OpenDNS) resolver by 'random' This update replaces the default resolver used by dnscrypt-proxy (cisco/OpenDNS) by a random one that does not log entries and supports dnssec. - Improve pkg-message's. - Fix MASTER_SITES. - Reorder Makefile variable's. - Update WWW. PR: 223222 Submitted by: VinÃcius Zavam <egypcio@googlemail.com> Reviewed by: dbaio, garga, mat Approved by: Leo Vandewoestijne <freebsd@dns-lab.com> (maintainer, previous patch, then timeout) Differential Revision: https://reviews.freebsd.org/D12775 Modified: head/UPDATING head/dns/dnscrypt-proxy/Makefile head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in head/dns/dnscrypt-proxy/files/pkg-message.in head/dns/dnscrypt-proxy/files/pkg-message_multi.in head/dns/dnscrypt-proxy/pkg-descr Modified: head/UPDATING ============================================================================== --- head/UPDATING Sat Dec 23 14:10:58 2017 (r457053) +++ head/UPDATING Sat Dec 23 14:16:18 2017 (r457054) @@ -6,6 +6,14 @@ You should get into the habit of checking this file fo you update your ports collection, before attempting any port upgrades. 20171223: + AFFECTS: users of dns/dnscrypt-proxy + AUTHOR: egypcio@googlemail.com + + The 1.9.5_3 update of dns/dnscrypt-proxy replaces the default resolver used + by dnscrypt-proxy (cisco/OpenDNS) by a random one that does not log entries + and supports dnssec. + +20171223: AFFECTS: users of samba44 AUTHOR: antoine@FreeBSD.org Modified: head/dns/dnscrypt-proxy/Makefile ============================================================================== --- head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:16:18 2017 (r457054) @@ -3,11 +3,10 @@ PORTNAME= dnscrypt-proxy PORTVERSION= 1.9.5 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= dns MASTER_SITES= https://download.dnscrypt.org/dnscrypt-proxy/ \ - http://download.dnscrypt.org/dnscrypt-proxy/ \ - http://dns-lab.com/downloads/dnscrypt-proxy/ + https://download.dnscrypt.org/dnscrypt-proxy/old/ MAINTAINER= freebsd@dns-lab.com COMMENT= Boost privacy and security of DNS @@ -15,10 +14,10 @@ COMMENT= Boost privacy and security of DNS LICENSE= MIT LICENSE_FILE= ${WRKSRC}/COPYING -LIB_DEPENDS= libsodium.so:security/libsodium - BROKEN_powerpc64= fails to compile: fpst.c: error: redefinition of typedef 'FPST' +LIB_DEPENDS= libsodium.so:security/libsodium + USERS= _dnscrypt-proxy GROUPS= _dnscrypt-proxy @@ -35,20 +34,23 @@ OPTIONS_SINGLE_RCWHICH= RCSINGLE RCMULTI OPTIONS_DEFAULT= PLUGINS RCSINGLE OPTIONS_SUB= yes +PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users +PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory +RCWHICH_DESC= Rc script to use: +RCSINGLE_DESC= Use default rc script for single daemon +RCMULTI_DESC= Use experimental rc script for multiple instances + PLUGINS_CONFIGURE_ENABLE= plugins PLUGINS_LIB_DEPENDS= libltdl.so:devel/libltdl \ libldns.so:dns/ldns + PLUGINS_USE= LDCONFIG=${PREFIX}/lib/dnscrypt-proxy PLUGINS_USES= libtool -PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users PLUGINS_RELAXED_CONFIGURE_ENABLE= relaxed-plugins-permissions -PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory PLUGINS_ROOT_CONFIGURE_ENABLE= plugins-root -RCWHICH_DESC= Rc script to use: -RCSINGLE_DESC= Use default rc script for single daemon + RCSINGLE_VARS= USE_RC_SUBR=${PORTNAME} RCSINGLE_SUB_FILES= pkg-message -RCMULTI_DESC= Use experimental rc script for multiple instances RCMULTI_VARS= USE_RC_SUBR=${PORTNAME}_multi RCMULTI_SUB_FILES= pkg-message_multi Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in ============================================================================== --- head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:16:18 2017 (r457054) @@ -15,8 +15,8 @@ # settings and only use the config file. # dnscrypt_proxy_uid (str): Set to "_dnscrypt-proxy" by default. # User to switch to after starting. -# dnscrypt_proxy_resolver (str):Set to "cisco" by default. -# Choose a different upstream resolver. +# dnscrypt_proxy_resolver (str):Set to "random" by default. +# Better to select one of your own choice. # dnscrypt_proxy_pidfile (str): default: "/var/run/dnscrypt-proxy.pid" # Location of pid file. # dnscrypt_proxy_logfile (str): default: "/var/log/dnscrypt-proxy.log" @@ -36,7 +36,7 @@ load_rc_config ${name} : ${dnscrypt_proxy_enable:=NO} : ${dnscrypt_proxy_uid=_dnscrypt-proxy} # User to run daemon as -: ${dnscrypt_proxy_resolver=cisco} # resolver to use +: ${dnscrypt_proxy_resolver=random} # resolver to use : ${dnscrypt_proxy_pidfile=/var/run/dnscrypt-proxy.pid} # Path to pid file : ${dnscrypt_proxy_logfile=/var/log/dnscrypt-proxy.log} # Path to log file Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in ============================================================================== --- head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:16:18 2017 (r457054) @@ -16,8 +16,8 @@ # Set to YES to enable dnscrypt-proxy. # {instance_id}_uid (str): Set to "_dnscrypt-proxy" by default. # User to switch to after starting. -# {instance_id}_resolver (str): Set to "opendns" by default. -# Choose a different upstream resolver. +# {instance_id}_resolver (str): Set to "random" by default. +# Better to select one of your own choice. # {instance_id}_pidfile (str): default: "/var/run/dnscrypt-proxy.pid" # Location of pid file. # {instance_id}_logfile (str): default: "/var/log/dnscrypt-proxy.log" @@ -57,7 +57,7 @@ for i in $dnscrypt_proxy_instances; do eval dnscrypt_proxy_logfile_tmp=\${${i}_logfile} : ${dnscrypt_proxy_uid_tmp:=_dnscrypt-proxy} # User to run daemon as -: ${dnscrypt_proxy_resolver_tmp:=cisco} # resolver to use +: ${dnscrypt_proxy_resolver_tmp:=random} # resolver to use : ${dnscrypt_proxy_pidfile_tmp:=/var/run/${i}.pid} # Path to pid file : ${dnscrypt_proxy_logfile_tmp:=/var/log/${i}.log} # Path to log file Modified: head/dns/dnscrypt-proxy/files/pkg-message.in ============================================================================== --- head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:16:18 2017 (r457054) @@ -1,22 +1,27 @@ This port/software comes all 'working out of the box'. -By default this port is using OpenDNS' resolvers, other services are possible. +By default this port is using random resolvers. +Better to select one of your own choice. To enable dnscrypt-proxy at boot: -sysrc dnscrypt_proxy_enable=YES -sysrc dnscrypt_proxy_flags='-a 127.0.0.2' + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_flags="-a 127.0.0.2" +or: + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_conf="%%PREFIX%%/etc/dnscrypt-proxy.conf" -or +Be sure to setup above IP address/alias, so dnscrypt-proxy can bind correctly. -sysrc dnscrypt_proxy_enable=YES -sysrc dnscrypt_proxy_conf="/usr/local/etc/dnscrypt-proxy.conf" - - -** You cannot mix the config file with the other rc.conf flags / settings. ** - - To view available options, run: -%%PREFIX%%/sbin/dnscrypt-proxy --help -or read the manual: `man dnscrypt-proxy` + %%PREFIX%%/sbin/dnscrypt-proxy --help +or read the manual: + man dnscrypt-proxy + +************************************************** +* * +* You can't mix the config file option with * +* other options or flags/settings in the rc.conf * +* * +************************************************** Modified: head/dns/dnscrypt-proxy/files/pkg-message_multi.in ============================================================================== --- head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:16:18 2017 (r457054) @@ -1,19 +1,29 @@ This port/software comes all 'working out of the box'. -By default this port is using OpenDNS' resolvers, other services are possible. +By default this port is using random resolvers. +Better to select one of your own choice. To enable dnscrypt-proxy at boot: -echo dnscrypt_proxy_enable=\"YES\" >> /etc/rc.conf -echo dnscrypt_proxy_instances=\"dnscrypt_proxy_1 dnscrypt_proxy_2 dnscrypt_proxy_3\" >> /etc/rc.conf -echo dnscrypt_proxy_1_resolver=\"soltysiak\" >> /etc/rc.conf -echo dnscrypt_proxy_1_flags=\"-a 127.0.0.2\" >> /etc/rc.conf -echo dnscrypt_proxy_2_resolver=\"okturtles\" >> /etc/rc.conf -echo dnscrypt_proxy_2_flags=\"-a 127.0.0.3\" >> /etc/rc.conf -echo dnscrypt_proxy_3_resolver=\"cypherpunk\" >> /etc/rc.conf -echo dnscrypt_proxy_3_flags=\"-a 127.0.0.4\" >> /etc/rc.conf + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_instances="dnscrypt_proxy_1 dnscrypt_proxy_2" # etc. + sysrc dnscrypt_proxy_1_resolver=soltysiak + sysrc dnscrypt_proxy_1_flags="-a 127.0.0.2" + sysrc dnscrypt_proxy_2_resolver=okturtles + sysrc dnscrypt_proxy_2_flags="-a 127.0.0.3" +Be sure to setup above IP addresses/aliases, so dnscrypt-proxy can bind +correctly. + To view available options, run: -%%PREFIX%%/sbin/dnscrypt-proxy --help -or read the manual: `man dnscrypt-proxy` + %%PREFIX%%/sbin/dnscrypt-proxy --help +or read the manual: + man dnscrypt-proxy + +************************************************** +* * +* You can't mix the config file option with * +* other options or flags/settings in the rc.conf * +* * +************************************************** Modified: head/dns/dnscrypt-proxy/pkg-descr ============================================================================== --- head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:16:18 2017 (r457054) @@ -11,7 +11,7 @@ is often the weakest point of the chain, against man-i It also provides some confidentiality to DNS queries. Reference links: -1. https://www.opendns.com/technology/dnscrypt/ -2. http://dnscurve.org +1. https://www.opendns.com/about/innovations/dnscrypt/ +2. https://dnscurve.org/ -WWW: http://dnscrypt.org +WWW: https://dnscrypt.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201712231416.vBNEGI7l000513>