diff --git a/dns/Makefile b/dns/Makefile index fce194f16234..fa99ca5364c1 100644 --- a/dns/Makefile +++ b/dns/Makefile @@ -1,235 +1,236 @@ # $FreeBSD$ # COMMENT = Domain Name Service tools SUBDIR += adns SUBDIR += adsuck SUBDIR += ares SUBDIR += autotrust SUBDIR += axfr2acl SUBDIR += bind-tools SUBDIR += bind9-devel SUBDIR += bind910 SUBDIR += bind911 SUBDIR += bind912 SUBDIR += bind99 SUBDIR += bindgraph SUBDIR += bundy SUBDIR += c-ares SUBDIR += checkdns SUBDIR += cli53 SUBDIR += credns SUBDIR += crossip SUBDIR += curvedns SUBDIR += ddclient SUBDIR += ddns SUBDIR += denominator SUBDIR += dhisd SUBDIR += djbdns SUBDIR += djbdns-tools SUBDIR += dlint SUBDIR += dnrd SUBDIR += dns2blackhole SUBDIR += dns2tcp SUBDIR += dns_balance SUBDIR += dnscap SUBDIR += dnscheck SUBDIR += dnscheckengine SUBDIR += dnscrypt-proxy + SUBDIR += dnscrypt-proxy2 SUBDIR += dnscrypt-wrapper SUBDIR += dnsdbck SUBDIR += dnsdbq SUBDIR += dnsdist SUBDIR += dnsenum SUBDIR += dnsflood SUBDIR += dnsforwarder SUBDIR += dnshistory SUBDIR += dnsjava SUBDIR += dnsmasq SUBDIR += dnsmasq-devel SUBDIR += dnsmax-perl SUBDIR += dnsperf SUBDIR += dnsproxy SUBDIR += dnsrecon SUBDIR += dnsreflector SUBDIR += dnstable SUBDIR += dnstop SUBDIR += dnstracer SUBDIR += dnsutl SUBDIR += dnsviz SUBDIR += dnswalk SUBDIR += dnswall SUBDIR += doc SUBDIR += dq SUBDIR += drool SUBDIR += dsc SUBDIR += dsp SUBDIR += dynip SUBDIR += erlang-idna SUBDIR += ez-ipupdate SUBDIR += fastresolve SUBDIR += firedns SUBDIR += fpdns SUBDIR += gdnsd SUBDIR += gdnsd2 SUBDIR += gen6dns SUBDIR += getdns SUBDIR += ghtool SUBDIR += hesiod SUBDIR += hostdb SUBDIR += hs-dns SUBDIR += hs-gnuidn SUBDIR += idnkit SUBDIR += idnkit2 SUBDIR += inadyn SUBDIR += inadyn-mt SUBDIR += ipcheck SUBDIR += ironsides SUBDIR += kf5-kdnssd SUBDIR += knot-resolver SUBDIR += knot1 SUBDIR += knot2 SUBDIR += ldapdns SUBDIR += ldns SUBDIR += libasr SUBDIR += libasr-devel SUBDIR += libbind SUBDIR += libdjbdns SUBDIR += libidn SUBDIR += libidn2 SUBDIR += libnspsl SUBDIR += libpsl SUBDIR += linux-c6-libasyncns SUBDIR += linux-c7-libasyncns SUBDIR += mDNSResponder_nss SUBDIR += maradns SUBDIR += mdnsd SUBDIR += mydns SUBDIR += mydns-ng SUBDIR += noip SUBDIR += nsd SUBDIR += nslint SUBDIR += nsnotifyd SUBDIR += nsping SUBDIR += nss_mdns SUBDIR += nss_resinit SUBDIR += opendd SUBDIR += opendnssec SUBDIR += opendnssec2 SUBDIR += openmdns SUBDIR += openresolv SUBDIR += p5-AnyEvent-CacheDNS SUBDIR += p5-AnyEvent-DNS-EtcHosts SUBDIR += p5-App-DSC-DataTool SUBDIR += p5-BIND-Conf_Parser SUBDIR += p5-BIND-Config-Parser SUBDIR += p5-DNS-Config SUBDIR += p5-DNS-EasyDNS SUBDIR += p5-DNS-Ldns SUBDIR += p5-DNS-Zone SUBDIR += p5-DNS-ZoneParse SUBDIR += p5-DSC SUBDIR += p5-Data-Validate-Domain SUBDIR += p5-IO-Async-Resolver-DNS SUBDIR += p5-Mozilla-PublicSuffix SUBDIR += p5-Net-Amazon-Route53 SUBDIR += p5-Net-Bonjour SUBDIR += p5-Net-DNS SUBDIR += p5-Net-DNS-Async SUBDIR += p5-Net-DNS-Check SUBDIR += p5-Net-DNS-Codes SUBDIR += p5-Net-DNS-Lite SUBDIR += p5-Net-DNS-Match SUBDIR += p5-Net-DNS-RR-SRV-Helper SUBDIR += p5-Net-DNS-Resolver-Mock SUBDIR += p5-Net-DNS-Resolver-Programmable SUBDIR += p5-Net-DNS-SEC SUBDIR += p5-Net-DNS-TestNS SUBDIR += p5-Net-DNS-ToolKit SUBDIR += p5-Net-DNS-Zone-Parser SUBDIR += p5-Net-DNS-ZoneFile-Fast SUBDIR += p5-Net-DNSBL-MultiDaemon SUBDIR += p5-Net-DNSBL-Statistics SUBDIR += p5-Net-DRI SUBDIR += p5-Net-Domain-ExpireDate SUBDIR += p5-Net-Domain-TLD SUBDIR += p5-Net-LibIDN SUBDIR += p5-Net-LibIDN2 SUBDIR += p5-Net-Nslookup SUBDIR += p5-Net-RBLClient SUBDIR += p5-Net-RNDC SUBDIR += p5-POE-Component-Client-DNS SUBDIR += p5-POE-Component-Client-DNS-Recursive SUBDIR += p5-POE-Component-Client-DNSBL SUBDIR += p5-POE-Component-Resolver SUBDIR += p5-POE-Component-Server-DNS SUBDIR += p5-POE-Filter-DNS-TCP SUBDIR += p5-Stanford-DNSserver SUBDIR += p5-Tie-DNS SUBDIR += p5-URBL-Prepare SUBDIR += p5-pgeodns SUBDIR += packetq SUBDIR += pdnsd SUBDIR += pear-File_DNS SUBDIR += pear-Horde_Idna SUBDIR += pear-Net_DNS2 SUBDIR += powerdns SUBDIR += powerdns-recursor SUBDIR += powerdns-recursor40 SUBDIR += public_suffix_list SUBDIR += py-cloudflare SUBDIR += py-dns SUBDIR += py-dns-lexicon SUBDIR += py-dnschain SUBDIR += py-dnspython SUBDIR += py-easyzone SUBDIR += py-idna SUBDIR += py-idna_ssl SUBDIR += py-idnkit2 SUBDIR += py-ldns SUBDIR += py-namebench SUBDIR += py-publicsuffix SUBDIR += py-py3dns SUBDIR += py-pycares SUBDIR += py-pydnstable SUBDIR += py-pywdns SUBDIR += py-tld SUBDIR += py-tldextract SUBDIR += radns SUBDIR += rbldnsd SUBDIR += rbllookup SUBDIR += rbllookup-ng SUBDIR += renewck SUBDIR += rpsl2acl SUBDIR += rubygem-dnsruby SUBDIR += rubygem-idn-ruby SUBDIR += rubygem-net-dns SUBDIR += rubygem-public_suffix SUBDIR += rubygem-public_suffix_service SUBDIR += rubygem-simpleidn SUBDIR += rubygem-validates_hostname SUBDIR += samba-nsupdate SUBDIR += scavenge SUBDIR += sheerdns SUBDIR += sleuth SUBDIR += sshfp SUBDIR += tinystats SUBDIR += totd SUBDIR += udns SUBDIR += unbound SUBDIR += updatedd SUBDIR += validns SUBDIR += vhostcname SUBDIR += vizone SUBDIR += void-zones-tools SUBDIR += walker SUBDIR += wdns SUBDIR += whoseip SUBDIR += wrapsrv SUBDIR += yadifa SUBDIR += zkt SUBDIR += zonecheck SUBDIR += zonenotify .include diff --git a/dns/dnscrypt-proxy/Makefile b/dns/dnscrypt-proxy/Makefile index 7ef8ebbaaad4..9f0161baa492 100644 --- a/dns/dnscrypt-proxy/Makefile +++ b/dns/dnscrypt-proxy/Makefile @@ -1,63 +1,68 @@ # Created by: Leo Vandewoestijne # $FreeBSD$ PORTNAME= dnscrypt-proxy PORTVERSION= 1.9.5 PORTREVISION= 3 CATEGORIES= dns MASTER_SITES= LOCAL/dbaio/${PORTNAME}/ MAINTAINER= freebsd@dns-lab.com COMMENT= Boost privacy and security of DNS LICENSE= MIT LICENSE_FILE= ${WRKSRC}/COPYING +DEPRECATED= Deprecated by upstream, use dns/dnscrypt-proxy2 instead +EXPIRATION_DATE= 2018-09-25 BROKEN_powerpc64= fails to compile: fpst.c: error: redefinition of typedef 'FPST' LIB_DEPENDS= libsodium.so:security/libsodium +USES= gmake + USERS= _dnscrypt-proxy GROUPS= _dnscrypt-proxy GNU_CONFIGURE= yes -USES= gmake INSTALL_TARGET= install-strip PORTDOCS= AUTHORS ChangeLog INSTALL NEWS README* THANKS +CONFLICTS_INSTALL= dnscrypt-proxy2 + OPTIONS_DEFINE= DOCS PLUGINS PLUGINS_RELAXED PLUGINS_ROOT OPTIONS_SINGLE= RCWHICH OPTIONS_SINGLE_RCWHICH= RCSINGLE RCMULTI OPTIONS_DEFAULT= PLUGINS RCSINGLE OPTIONS_SUB= yes PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory RCWHICH_DESC= Rc script to use: RCSINGLE_DESC= Use default rc script for single daemon RCMULTI_DESC= Use experimental rc script for multiple instances PLUGINS_CONFIGURE_ENABLE= plugins PLUGINS_LIB_DEPENDS= libltdl.so:devel/libltdl \ libldns.so:dns/ldns PLUGINS_USE= LDCONFIG=${PREFIX}/lib/dnscrypt-proxy PLUGINS_USES= libtool PLUGINS_RELAXED_CONFIGURE_ENABLE= relaxed-plugins-permissions PLUGINS_ROOT_CONFIGURE_ENABLE= plugins-root RCSINGLE_VARS= USE_RC_SUBR=${PORTNAME} RCSINGLE_SUB_FILES= pkg-message RCMULTI_VARS= USE_RC_SUBR=${PORTNAME}_multi RCMULTI_SUB_FILES= pkg-message_multi post-install: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR} ${INSTALL_MAN} ${WRKSRC}/man/dnscrypt-proxy.8 ${STAGEDIR}${MAN8PREFIX}/man/man8 ${INSTALL_MAN} ${WRKSRC}/man/hostip.8 ${STAGEDIR}${MAN8PREFIX}/man/man8 ${MV} ${STAGEDIR}${PREFIX}/etc/dnscrypt-proxy.conf ${STAGEDIR}${PREFIX}/etc/dnscrypt-proxy.conf.sample .include diff --git a/dns/dnscrypt-proxy2/Makefile b/dns/dnscrypt-proxy2/Makefile new file mode 100644 index 000000000000..8b6197a41f78 --- /dev/null +++ b/dns/dnscrypt-proxy2/Makefile @@ -0,0 +1,57 @@ +# $FreeBSD$ + +PORTNAME= dnscrypt-proxy +PORTVERSION= 2.0.7 +CATEGORIES= dns security +PKGNAMESUFFIX= 2 + +MAINTAINER= egypcio@googlemail.com +COMMENT= Flexible DNS proxy with support for encrypted protocols + +LICENSE= ISCL +LICENSE_FILE= ${WRKSRC}/LICENSE + +BUILD_DEPENDS= go:lang/go +RUN_DEPENDS= ca_root_nss>=3.35:security/ca_root_nss + +USE_RC_SUBR= ${PORTNAME} + +USE_GITHUB= yes +GH_ACCOUNT= jedisct1 + +USERS= _dnscrypt-proxy +GROUPS= _dnscrypt-proxy + +PORTDOCS= ${WRKSRC}/README.* +PORTEXAMPLES= ${WRKSRC}/${PORTNAME}/example* + +CONFLICTS_INSTALL= dnscrypt-proxy + +OPTIONS_DEFINE= DOCS EXAMPLES + +do-build: + ${RLN} ${WRKSRC}/vendor ${WRKSRC}/src + cd ${WRKSRC}/${PORTNAME} && \ + ${SETENV} ${MAKE_ENV} ${BUILD_ENV} GOPATH=${WRKSRC} \ + go build -ldflags "-s -w" -o ${WRKDIR}/sbin/${PORTNAME} + +do-install: + ${INSTALL_PROGRAM} ${WRKDIR}/sbin/${PORTNAME} ${STAGEDIR}${LOCALBASE}/sbin + +do-install-DOCS-on: + ${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS} ${STAGEDIR}${DOCSDIR} + +do-install-EXAMPLES-on: + ${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${PORTEXAMPLES} ${STAGEDIR}${EXAMPLESDIR} + +post-install: + # After install examples because of the priv drop issue with Go + @${REINPLACE_CMD} -e \ + "s#\['127.0.0.1:53', '\[::1\]:53'\]#\['127.0.0.1:5353'\]#" \ + ${WRKSRC}/${PORTNAME}/example-${PORTNAME}.toml + ${INSTALL_DATA} ${WRKSRC}/${PORTNAME}/example-${PORTNAME}.toml \ + ${STAGEDIR}${LOCALBASE}/etc/${PORTNAME}.toml.sample + +.include diff --git a/dns/dnscrypt-proxy2/distinfo b/dns/dnscrypt-proxy2/distinfo new file mode 100644 index 000000000000..e1ac3f421967 --- /dev/null +++ b/dns/dnscrypt-proxy2/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1521930002 +SHA256 (jedisct1-dnscrypt-proxy-2.0.7_GH0.tar.gz) = 7278f592217e89e3650d6b70dbd7103cb1a7c7d87bfc38c361664d522e053b5b +SIZE (jedisct1-dnscrypt-proxy-2.0.7_GH0.tar.gz) = 746018 diff --git a/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in b/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in new file mode 100644 index 000000000000..7a7f42dd5adf --- /dev/null +++ b/dns/dnscrypt-proxy2/files/dnscrypt-proxy.in @@ -0,0 +1,32 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: dnscrypt_proxy +# REQUIRE: cleanvar SERVERS +# BEFORE: dnsmasq local_unbound unbound named +# +# These are some lines to configure dnscrypt-proxy on /etc/rc.conf: +# +# dnscrypt_proxy_enable (bool): Enable service on boot. Default: NO +# dnscrypt_proxy_conf (str): Config file to use. Default: %%PREFIX%%/etc/dnscrypt-proxy.toml +# dnscrypt_proxy_uid (str): Set to "_dnscrypt-proxy" by default. +# + +. /etc/rc.subr + +name="dnscrypt_proxy" +rcvar="dnscrypt_proxy_enable" +pidfile="/var/run/dnscrypt-proxy.pid" +procname="%%PREFIX%%/sbin/dnscrypt-proxy" + +load_rc_config $name + +: ${dnscrypt_proxy_enable:=NO} +: ${dnscrypt_proxy_conf:=%%PREFIX%%/etc/dnscrypt-proxy.toml} +: ${dnscrypt_proxy_uid:=_dnscrypt-proxy} + +command="/usr/sbin/daemon" +command_args="-p ${pidfile} -u ${dnscrypt_proxy_uid} -f ${procname} -config ${dnscrypt_proxy_conf}" + +run_rc_command "$1" diff --git a/dns/dnscrypt-proxy2/pkg-descr b/dns/dnscrypt-proxy2/pkg-descr new file mode 100644 index 000000000000..67f163267560 --- /dev/null +++ b/dns/dnscrypt-proxy2/pkg-descr @@ -0,0 +1,4 @@ +A flexible DNS proxy, with support for modern encrypted DNS protocols such as +DNSCrypt v2 and DNS-over-HTTP/2. + +WWW: https://github.com/jedisct1/dnscrypt-proxy diff --git a/dns/dnscrypt-proxy2/pkg-message b/dns/dnscrypt-proxy2/pkg-message new file mode 100644 index 000000000000..100965fbac53 --- /dev/null +++ b/dns/dnscrypt-proxy2/pkg-message @@ -0,0 +1,46 @@ +===================================================================== +Version 2 of dnscrypt-proxy is written in Go and in FreeBSD it's +not capable to drop root privileges after binding a low port (53), +Go issue [1][2]. + +For default dnscrypt-proxy2 is listening in port 5353 using username +_dnscrypt-proxy. + +You can change your rc.conf/config to use port 53 and root but it's +not recommended. + +It's needed some tweaks to use dnscrypt-proxy2 on port 5353 on your +machine, some examples below to redirect localhost port 53 to 5353: + +[ipfw] + + ipfw nat 1 config if lo0 reset same_ports \ + redirect_port tcp 127.0.0.1:5353 53 \ + redirect_port udp 127.0.0.1:5353 53 + ipfw add nat 1 ip from any to 127.0.0.1 via lo0 + + /etc/rc.conf: + firewall_nat_enable="YES" + + /etc/sysctl.conf: + net.inet.ip.fw.one_pass=0 + +[pf] + + rdr pass on lo0 proto { tcp udp } from any to port 53 -> 127.0.0.1 port 5353 + +[unbound] + + server: + interface: 127.0.0.1 + do-not-query-localhost: no + hide-identity: yes + hide-version: yes + + forward-zone: + name: "." + forward-addr: 127.0.0.1@5353 + +[1] - https://github.com/jedisct1/dnscrypt-proxy/issues/199 +[2] - https://github.com/golang/go/issues/13838 +===================================================================== diff --git a/dns/dnscrypt-proxy2/pkg-plist b/dns/dnscrypt-proxy2/pkg-plist new file mode 100644 index 000000000000..985ee7f289bc --- /dev/null +++ b/dns/dnscrypt-proxy2/pkg-plist @@ -0,0 +1,7 @@ +@sample etc/dnscrypt-proxy.toml.sample +%%PORTDOCS%%%%DOCSDIR%%/README.md +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-blacklist.txt +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-cloaking-rules.txt +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-dnscrypt-proxy.toml +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/example-forwarding-rules.txt +sbin/dnscrypt-proxy