From owner-svn-ports-all@freebsd.org Sat Dec 23 14:16:20 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3F5D2EA6B6D; Sat, 23 Dec 2017 14:16:20 +0000 (UTC) (envelope-from dbaio@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E70DE64A8F; Sat, 23 Dec 2017 14:16:19 +0000 (UTC) (envelope-from dbaio@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vBNEGIrG000521; Sat, 23 Dec 2017 14:16:18 GMT (envelope-from dbaio@FreeBSD.org) Received: (from dbaio@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vBNEGI7l000513; Sat, 23 Dec 2017 14:16:18 GMT (envelope-from dbaio@FreeBSD.org) Message-Id: <201712231416.vBNEGI7l000513@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dbaio set sender to dbaio@FreeBSD.org using -f From: "Danilo G. Baio" Date: Sat, 23 Dec 2017 14:16:18 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r457054 - in head: . dns/dnscrypt-proxy dns/dnscrypt-proxy/files X-SVN-Group: ports-head X-SVN-Commit-Author: dbaio X-SVN-Commit-Paths: in head: . dns/dnscrypt-proxy dns/dnscrypt-proxy/files X-SVN-Commit-Revision: 457054 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Dec 2017 14:16:20 -0000 Author: dbaio Date: Sat Dec 23 14:16:18 2017 New Revision: 457054 URL: https://svnweb.freebsd.org/changeset/ports/457054 Log: dns/dnscrypt-proxy: Replace 'cisco' (OpenDNS) resolver by 'random' This update replaces the default resolver used by dnscrypt-proxy (cisco/OpenDNS) by a random one that does not log entries and supports dnssec. - Improve pkg-message's. - Fix MASTER_SITES. - Reorder Makefile variable's. - Update WWW. PR: 223222 Submitted by: Vinícius Zavam Reviewed by: dbaio, garga, mat Approved by: Leo Vandewoestijne (maintainer, previous patch, then timeout) Differential Revision: https://reviews.freebsd.org/D12775 Modified: head/UPDATING head/dns/dnscrypt-proxy/Makefile head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in head/dns/dnscrypt-proxy/files/pkg-message.in head/dns/dnscrypt-proxy/files/pkg-message_multi.in head/dns/dnscrypt-proxy/pkg-descr Modified: head/UPDATING ============================================================================== --- head/UPDATING Sat Dec 23 14:10:58 2017 (r457053) +++ head/UPDATING Sat Dec 23 14:16:18 2017 (r457054) @@ -6,6 +6,14 @@ You should get into the habit of checking this file fo you update your ports collection, before attempting any port upgrades. 20171223: + AFFECTS: users of dns/dnscrypt-proxy + AUTHOR: egypcio@googlemail.com + + The 1.9.5_3 update of dns/dnscrypt-proxy replaces the default resolver used + by dnscrypt-proxy (cisco/OpenDNS) by a random one that does not log entries + and supports dnssec. + +20171223: AFFECTS: users of samba44 AUTHOR: antoine@FreeBSD.org Modified: head/dns/dnscrypt-proxy/Makefile ============================================================================== --- head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:16:18 2017 (r457054) @@ -3,11 +3,10 @@ PORTNAME= dnscrypt-proxy PORTVERSION= 1.9.5 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= dns MASTER_SITES= https://download.dnscrypt.org/dnscrypt-proxy/ \ - http://download.dnscrypt.org/dnscrypt-proxy/ \ - http://dns-lab.com/downloads/dnscrypt-proxy/ + https://download.dnscrypt.org/dnscrypt-proxy/old/ MAINTAINER= freebsd@dns-lab.com COMMENT= Boost privacy and security of DNS @@ -15,10 +14,10 @@ COMMENT= Boost privacy and security of DNS LICENSE= MIT LICENSE_FILE= ${WRKSRC}/COPYING -LIB_DEPENDS= libsodium.so:security/libsodium - BROKEN_powerpc64= fails to compile: fpst.c: error: redefinition of typedef 'FPST' +LIB_DEPENDS= libsodium.so:security/libsodium + USERS= _dnscrypt-proxy GROUPS= _dnscrypt-proxy @@ -35,20 +34,23 @@ OPTIONS_SINGLE_RCWHICH= RCSINGLE RCMULTI OPTIONS_DEFAULT= PLUGINS RCSINGLE OPTIONS_SUB= yes +PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users +PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory +RCWHICH_DESC= Rc script to use: +RCSINGLE_DESC= Use default rc script for single daemon +RCMULTI_DESC= Use experimental rc script for multiple instances + PLUGINS_CONFIGURE_ENABLE= plugins PLUGINS_LIB_DEPENDS= libltdl.so:devel/libltdl \ libldns.so:dns/ldns + PLUGINS_USE= LDCONFIG=${PREFIX}/lib/dnscrypt-proxy PLUGINS_USES= libtool -PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users PLUGINS_RELAXED_CONFIGURE_ENABLE= relaxed-plugins-permissions -PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory PLUGINS_ROOT_CONFIGURE_ENABLE= plugins-root -RCWHICH_DESC= Rc script to use: -RCSINGLE_DESC= Use default rc script for single daemon + RCSINGLE_VARS= USE_RC_SUBR=${PORTNAME} RCSINGLE_SUB_FILES= pkg-message -RCMULTI_DESC= Use experimental rc script for multiple instances RCMULTI_VARS= USE_RC_SUBR=${PORTNAME}_multi RCMULTI_SUB_FILES= pkg-message_multi Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in ============================================================================== --- head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:16:18 2017 (r457054) @@ -15,8 +15,8 @@ # settings and only use the config file. # dnscrypt_proxy_uid (str): Set to "_dnscrypt-proxy" by default. # User to switch to after starting. -# dnscrypt_proxy_resolver (str):Set to "cisco" by default. -# Choose a different upstream resolver. +# dnscrypt_proxy_resolver (str):Set to "random" by default. +# Better to select one of your own choice. # dnscrypt_proxy_pidfile (str): default: "/var/run/dnscrypt-proxy.pid" # Location of pid file. # dnscrypt_proxy_logfile (str): default: "/var/log/dnscrypt-proxy.log" @@ -36,7 +36,7 @@ load_rc_config ${name} : ${dnscrypt_proxy_enable:=NO} : ${dnscrypt_proxy_uid=_dnscrypt-proxy} # User to run daemon as -: ${dnscrypt_proxy_resolver=cisco} # resolver to use +: ${dnscrypt_proxy_resolver=random} # resolver to use : ${dnscrypt_proxy_pidfile=/var/run/dnscrypt-proxy.pid} # Path to pid file : ${dnscrypt_proxy_logfile=/var/log/dnscrypt-proxy.log} # Path to log file Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in ============================================================================== --- head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:16:18 2017 (r457054) @@ -16,8 +16,8 @@ # Set to YES to enable dnscrypt-proxy. # {instance_id}_uid (str): Set to "_dnscrypt-proxy" by default. # User to switch to after starting. -# {instance_id}_resolver (str): Set to "opendns" by default. -# Choose a different upstream resolver. +# {instance_id}_resolver (str): Set to "random" by default. +# Better to select one of your own choice. # {instance_id}_pidfile (str): default: "/var/run/dnscrypt-proxy.pid" # Location of pid file. # {instance_id}_logfile (str): default: "/var/log/dnscrypt-proxy.log" @@ -57,7 +57,7 @@ for i in $dnscrypt_proxy_instances; do eval dnscrypt_proxy_logfile_tmp=\${${i}_logfile} : ${dnscrypt_proxy_uid_tmp:=_dnscrypt-proxy} # User to run daemon as -: ${dnscrypt_proxy_resolver_tmp:=cisco} # resolver to use +: ${dnscrypt_proxy_resolver_tmp:=random} # resolver to use : ${dnscrypt_proxy_pidfile_tmp:=/var/run/${i}.pid} # Path to pid file : ${dnscrypt_proxy_logfile_tmp:=/var/log/${i}.log} # Path to log file Modified: head/dns/dnscrypt-proxy/files/pkg-message.in ============================================================================== --- head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:16:18 2017 (r457054) @@ -1,22 +1,27 @@ This port/software comes all 'working out of the box'. -By default this port is using OpenDNS' resolvers, other services are possible. +By default this port is using random resolvers. +Better to select one of your own choice. To enable dnscrypt-proxy at boot: -sysrc dnscrypt_proxy_enable=YES -sysrc dnscrypt_proxy_flags='-a 127.0.0.2' + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_flags="-a 127.0.0.2" +or: + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_conf="%%PREFIX%%/etc/dnscrypt-proxy.conf" -or +Be sure to setup above IP address/alias, so dnscrypt-proxy can bind correctly. -sysrc dnscrypt_proxy_enable=YES -sysrc dnscrypt_proxy_conf="/usr/local/etc/dnscrypt-proxy.conf" - - -** You cannot mix the config file with the other rc.conf flags / settings. ** - - To view available options, run: -%%PREFIX%%/sbin/dnscrypt-proxy --help -or read the manual: `man dnscrypt-proxy` + %%PREFIX%%/sbin/dnscrypt-proxy --help +or read the manual: + man dnscrypt-proxy + +************************************************** +* * +* You can't mix the config file option with * +* other options or flags/settings in the rc.conf * +* * +************************************************** Modified: head/dns/dnscrypt-proxy/files/pkg-message_multi.in ============================================================================== --- head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:16:18 2017 (r457054) @@ -1,19 +1,29 @@ This port/software comes all 'working out of the box'. -By default this port is using OpenDNS' resolvers, other services are possible. +By default this port is using random resolvers. +Better to select one of your own choice. To enable dnscrypt-proxy at boot: -echo dnscrypt_proxy_enable=\"YES\" >> /etc/rc.conf -echo dnscrypt_proxy_instances=\"dnscrypt_proxy_1 dnscrypt_proxy_2 dnscrypt_proxy_3\" >> /etc/rc.conf -echo dnscrypt_proxy_1_resolver=\"soltysiak\" >> /etc/rc.conf -echo dnscrypt_proxy_1_flags=\"-a 127.0.0.2\" >> /etc/rc.conf -echo dnscrypt_proxy_2_resolver=\"okturtles\" >> /etc/rc.conf -echo dnscrypt_proxy_2_flags=\"-a 127.0.0.3\" >> /etc/rc.conf -echo dnscrypt_proxy_3_resolver=\"cypherpunk\" >> /etc/rc.conf -echo dnscrypt_proxy_3_flags=\"-a 127.0.0.4\" >> /etc/rc.conf + sysrc dnscrypt_proxy_enable=YES + sysrc dnscrypt_proxy_instances="dnscrypt_proxy_1 dnscrypt_proxy_2" # etc. + sysrc dnscrypt_proxy_1_resolver=soltysiak + sysrc dnscrypt_proxy_1_flags="-a 127.0.0.2" + sysrc dnscrypt_proxy_2_resolver=okturtles + sysrc dnscrypt_proxy_2_flags="-a 127.0.0.3" +Be sure to setup above IP addresses/aliases, so dnscrypt-proxy can bind +correctly. + To view available options, run: -%%PREFIX%%/sbin/dnscrypt-proxy --help -or read the manual: `man dnscrypt-proxy` + %%PREFIX%%/sbin/dnscrypt-proxy --help +or read the manual: + man dnscrypt-proxy + +************************************************** +* * +* You can't mix the config file option with * +* other options or flags/settings in the rc.conf * +* * +************************************************** Modified: head/dns/dnscrypt-proxy/pkg-descr ============================================================================== --- head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:10:58 2017 (r457053) +++ head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:16:18 2017 (r457054) @@ -11,7 +11,7 @@ is often the weakest point of the chain, against man-i It also provides some confidentiality to DNS queries. Reference links: -1. https://www.opendns.com/technology/dnscrypt/ -2. http://dnscurve.org +1. https://www.opendns.com/about/innovations/dnscrypt/ +2. https://dnscurve.org/ -WWW: http://dnscrypt.org +WWW: https://dnscrypt.org/