svn commit: r457054 - in head: . dns/dnscrypt-proxy dns/dnscrypt-proxy/files
Danilo G. Baio
dbaio at FreeBSD.org
Sat Dec 23 14:16:20 UTC 2017
Author: dbaio
Date: Sat Dec 23 14:16:18 2017
New Revision: 457054
URL: https://svnweb.freebsd.org/changeset/ports/457054
Log:
dns/dnscrypt-proxy: Replace 'cisco' (OpenDNS) resolver by 'random'
This update replaces the default resolver used by
dnscrypt-proxy (cisco/OpenDNS) by a random one that
does not log entries and supports dnssec.
- Improve pkg-message's.
- Fix MASTER_SITES.
- Reorder Makefile variable's.
- Update WWW.
PR: 223222
Submitted by: Vinícius Zavam <egypcio at googlemail.com>
Reviewed by: dbaio, garga, mat
Approved by: Leo Vandewoestijne <freebsd at dns-lab.com>
(maintainer, previous patch, then timeout)
Differential Revision: https://reviews.freebsd.org/D12775
Modified:
head/UPDATING
head/dns/dnscrypt-proxy/Makefile
head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in
head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in
head/dns/dnscrypt-proxy/files/pkg-message.in
head/dns/dnscrypt-proxy/files/pkg-message_multi.in
head/dns/dnscrypt-proxy/pkg-descr
Modified: head/UPDATING
==============================================================================
--- head/UPDATING Sat Dec 23 14:10:58 2017 (r457053)
+++ head/UPDATING Sat Dec 23 14:16:18 2017 (r457054)
@@ -6,6 +6,14 @@ You should get into the habit of checking this file fo
you update your ports collection, before attempting any port upgrades.
20171223:
+ AFFECTS: users of dns/dnscrypt-proxy
+ AUTHOR: egypcio at googlemail.com
+
+ The 1.9.5_3 update of dns/dnscrypt-proxy replaces the default resolver used
+ by dnscrypt-proxy (cisco/OpenDNS) by a random one that does not log entries
+ and supports dnssec.
+
+20171223:
AFFECTS: users of samba44
AUTHOR: antoine at FreeBSD.org
Modified: head/dns/dnscrypt-proxy/Makefile
==============================================================================
--- head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/Makefile Sat Dec 23 14:16:18 2017 (r457054)
@@ -3,11 +3,10 @@
PORTNAME= dnscrypt-proxy
PORTVERSION= 1.9.5
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= dns
MASTER_SITES= https://download.dnscrypt.org/dnscrypt-proxy/ \
- http://download.dnscrypt.org/dnscrypt-proxy/ \
- http://dns-lab.com/downloads/dnscrypt-proxy/
+ https://download.dnscrypt.org/dnscrypt-proxy/old/
MAINTAINER= freebsd at dns-lab.com
COMMENT= Boost privacy and security of DNS
@@ -15,10 +14,10 @@ COMMENT= Boost privacy and security of DNS
LICENSE= MIT
LICENSE_FILE= ${WRKSRC}/COPYING
-LIB_DEPENDS= libsodium.so:security/libsodium
-
BROKEN_powerpc64= fails to compile: fpst.c: error: redefinition of typedef 'FPST'
+LIB_DEPENDS= libsodium.so:security/libsodium
+
USERS= _dnscrypt-proxy
GROUPS= _dnscrypt-proxy
@@ -35,20 +34,23 @@ OPTIONS_SINGLE_RCWHICH= RCSINGLE RCMULTI
OPTIONS_DEFAULT= PLUGINS RCSINGLE
OPTIONS_SUB= yes
+PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users
+PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory
+RCWHICH_DESC= Rc script to use:
+RCSINGLE_DESC= Use default rc script for single daemon
+RCMULTI_DESC= Use experimental rc script for multiple instances
+
PLUGINS_CONFIGURE_ENABLE= plugins
PLUGINS_LIB_DEPENDS= libltdl.so:devel/libltdl \
libldns.so:dns/ldns
+
PLUGINS_USE= LDCONFIG=${PREFIX}/lib/dnscrypt-proxy
PLUGINS_USES= libtool
-PLUGINS_RELAXED_DESC= Allow loading plugins owned by other users
PLUGINS_RELAXED_CONFIGURE_ENABLE= relaxed-plugins-permissions
-PLUGINS_ROOT_DESC= Only load plugins sitting in the default plugins directory
PLUGINS_ROOT_CONFIGURE_ENABLE= plugins-root
-RCWHICH_DESC= Rc script to use:
-RCSINGLE_DESC= Use default rc script for single daemon
+
RCSINGLE_VARS= USE_RC_SUBR=${PORTNAME}
RCSINGLE_SUB_FILES= pkg-message
-RCMULTI_DESC= Use experimental rc script for multiple instances
RCMULTI_VARS= USE_RC_SUBR=${PORTNAME}_multi
RCMULTI_SUB_FILES= pkg-message_multi
Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in
==============================================================================
--- head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy.in Sat Dec 23 14:16:18 2017 (r457054)
@@ -15,8 +15,8 @@
# settings and only use the config file.
# dnscrypt_proxy_uid (str): Set to "_dnscrypt-proxy" by default.
# User to switch to after starting.
-# dnscrypt_proxy_resolver (str):Set to "cisco" by default.
-# Choose a different upstream resolver.
+# dnscrypt_proxy_resolver (str):Set to "random" by default.
+# Better to select one of your own choice.
# dnscrypt_proxy_pidfile (str): default: "/var/run/dnscrypt-proxy.pid"
# Location of pid file.
# dnscrypt_proxy_logfile (str): default: "/var/log/dnscrypt-proxy.log"
@@ -36,7 +36,7 @@ load_rc_config ${name}
: ${dnscrypt_proxy_enable:=NO}
: ${dnscrypt_proxy_uid=_dnscrypt-proxy} # User to run daemon as
-: ${dnscrypt_proxy_resolver=cisco} # resolver to use
+: ${dnscrypt_proxy_resolver=random} # resolver to use
: ${dnscrypt_proxy_pidfile=/var/run/dnscrypt-proxy.pid} # Path to pid file
: ${dnscrypt_proxy_logfile=/var/log/dnscrypt-proxy.log} # Path to log file
Modified: head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in
==============================================================================
--- head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/files/dnscrypt-proxy_multi.in Sat Dec 23 14:16:18 2017 (r457054)
@@ -16,8 +16,8 @@
# Set to YES to enable dnscrypt-proxy.
# {instance_id}_uid (str): Set to "_dnscrypt-proxy" by default.
# User to switch to after starting.
-# {instance_id}_resolver (str): Set to "opendns" by default.
-# Choose a different upstream resolver.
+# {instance_id}_resolver (str): Set to "random" by default.
+# Better to select one of your own choice.
# {instance_id}_pidfile (str): default: "/var/run/dnscrypt-proxy.pid"
# Location of pid file.
# {instance_id}_logfile (str): default: "/var/log/dnscrypt-proxy.log"
@@ -57,7 +57,7 @@ for i in $dnscrypt_proxy_instances; do
eval dnscrypt_proxy_logfile_tmp=\${${i}_logfile}
: ${dnscrypt_proxy_uid_tmp:=_dnscrypt-proxy} # User to run daemon as
-: ${dnscrypt_proxy_resolver_tmp:=cisco} # resolver to use
+: ${dnscrypt_proxy_resolver_tmp:=random} # resolver to use
: ${dnscrypt_proxy_pidfile_tmp:=/var/run/${i}.pid} # Path to pid file
: ${dnscrypt_proxy_logfile_tmp:=/var/log/${i}.log} # Path to log file
Modified: head/dns/dnscrypt-proxy/files/pkg-message.in
==============================================================================
--- head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/files/pkg-message.in Sat Dec 23 14:16:18 2017 (r457054)
@@ -1,22 +1,27 @@
This port/software comes all 'working out of the box'.
-By default this port is using OpenDNS' resolvers, other services are possible.
+By default this port is using random resolvers.
+Better to select one of your own choice.
To enable dnscrypt-proxy at boot:
-sysrc dnscrypt_proxy_enable=YES
-sysrc dnscrypt_proxy_flags='-a 127.0.0.2'
+ sysrc dnscrypt_proxy_enable=YES
+ sysrc dnscrypt_proxy_flags="-a 127.0.0.2"
+or:
+ sysrc dnscrypt_proxy_enable=YES
+ sysrc dnscrypt_proxy_conf="%%PREFIX%%/etc/dnscrypt-proxy.conf"
-or
+Be sure to setup above IP address/alias, so dnscrypt-proxy can bind correctly.
-sysrc dnscrypt_proxy_enable=YES
-sysrc dnscrypt_proxy_conf="/usr/local/etc/dnscrypt-proxy.conf"
-
-
-** You cannot mix the config file with the other rc.conf flags / settings. **
-
-
To view available options, run:
-%%PREFIX%%/sbin/dnscrypt-proxy --help
-or read the manual: `man dnscrypt-proxy`
+ %%PREFIX%%/sbin/dnscrypt-proxy --help
+or read the manual:
+ man dnscrypt-proxy
+
+**************************************************
+* *
+* You can't mix the config file option with *
+* other options or flags/settings in the rc.conf *
+* *
+**************************************************
Modified: head/dns/dnscrypt-proxy/files/pkg-message_multi.in
==============================================================================
--- head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/files/pkg-message_multi.in Sat Dec 23 14:16:18 2017 (r457054)
@@ -1,19 +1,29 @@
This port/software comes all 'working out of the box'.
-By default this port is using OpenDNS' resolvers, other services are possible.
+By default this port is using random resolvers.
+Better to select one of your own choice.
To enable dnscrypt-proxy at boot:
-echo dnscrypt_proxy_enable=\"YES\" >> /etc/rc.conf
-echo dnscrypt_proxy_instances=\"dnscrypt_proxy_1 dnscrypt_proxy_2 dnscrypt_proxy_3\" >> /etc/rc.conf
-echo dnscrypt_proxy_1_resolver=\"soltysiak\" >> /etc/rc.conf
-echo dnscrypt_proxy_1_flags=\"-a 127.0.0.2\" >> /etc/rc.conf
-echo dnscrypt_proxy_2_resolver=\"okturtles\" >> /etc/rc.conf
-echo dnscrypt_proxy_2_flags=\"-a 127.0.0.3\" >> /etc/rc.conf
-echo dnscrypt_proxy_3_resolver=\"cypherpunk\" >> /etc/rc.conf
-echo dnscrypt_proxy_3_flags=\"-a 127.0.0.4\" >> /etc/rc.conf
+ sysrc dnscrypt_proxy_enable=YES
+ sysrc dnscrypt_proxy_instances="dnscrypt_proxy_1 dnscrypt_proxy_2" # etc.
+ sysrc dnscrypt_proxy_1_resolver=soltysiak
+ sysrc dnscrypt_proxy_1_flags="-a 127.0.0.2"
+ sysrc dnscrypt_proxy_2_resolver=okturtles
+ sysrc dnscrypt_proxy_2_flags="-a 127.0.0.3"
+Be sure to setup above IP addresses/aliases, so dnscrypt-proxy can bind
+correctly.
+
To view available options, run:
-%%PREFIX%%/sbin/dnscrypt-proxy --help
-or read the manual: `man dnscrypt-proxy`
+ %%PREFIX%%/sbin/dnscrypt-proxy --help
+or read the manual:
+ man dnscrypt-proxy
+
+**************************************************
+* *
+* You can't mix the config file option with *
+* other options or flags/settings in the rc.conf *
+* *
+**************************************************
Modified: head/dns/dnscrypt-proxy/pkg-descr
==============================================================================
--- head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:10:58 2017 (r457053)
+++ head/dns/dnscrypt-proxy/pkg-descr Sat Dec 23 14:16:18 2017 (r457054)
@@ -11,7 +11,7 @@ is often the weakest point of the chain, against man-i
It also provides some confidentiality to DNS queries.
Reference links:
-1. https://www.opendns.com/technology/dnscrypt/
-2. http://dnscurve.org
+1. https://www.opendns.com/about/innovations/dnscrypt/
+2. https://dnscurve.org/
-WWW: http://dnscrypt.org
+WWW: https://dnscrypt.org/
More information about the svn-ports-head
mailing list