pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/dq Add dq, a recursive DNS/DNSCurve server. This p...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2695ffec715a
branches: trunk
changeset: 372599:2695ffec715a
user: schmonz <schmonz%pkgsrc.org@localhost>
date: Thu Jan 27 15:31:09 2022 +0000
description:
Add dq, a recursive DNS/DNSCurve server. This package contains:
- dqcache, a recursive DNS server with DNSCurve support
- based on dnscache from djbdns
- added support for streamlined DNSCurve
- added support for TXT DNSCurve
- added support for combined DNSCurve (streamlined and TXT)
- added support for DNS anchors with DNSCurve keys
- added full IPv6 support
- added support for IPv6 DNS anchors
- added support for cache dumping/loading
- used siphash24 instead of hash5381 in cache library
- added SOA record caching
- added authority record to DNS response
- improved logs - IPs not printed in hex format
- fixed CVE-2012-1191
- fixed CVE-2008-4392
- dq, a command-line tool to debug DNS/DNScurve
- based on dnsq and dnsqr from djbdns
- added IPv6 support
- added DNSCurve support (Streamlined/TXT)
diffstat:
net/dq/DESCR | 21 ++++
net/dq/Makefile | 51 ++++++++++
net/dq/PLIST | 11 ++
net/dq/distinfo | 6 +
net/dq/files/dnscurveroots.global | 24 ++++
net/dq/files/dqcache.sh | 56 +++++++++++
net/dq/files/examples.md | 170 +++++++++++++++++++++++++++++++++++
net/dq/patches/patch-make-install.sh | 14 ++
8 files changed, 353 insertions(+), 0 deletions(-)
diffs (truncated from 385 to 300 lines):
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/DESCR
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/DESCR Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,21 @@
+Dq contains:
+
+- dqcache, a recursive DNS server with DNSCurve support
+ - based on dnscache from djbdns
+ - added support for streamlined DNSCurve
+ - added support for TXT DNSCurve
+ - added support for combined DNSCurve (streamlined and TXT)
+ - added support for DNS anchors with DNSCurve keys
+ - added full IPv6 support
+ - added support for IPv6 DNS anchors
+ - added support for cache dumping/loading
+ - used siphash24 instead of hash5381 in cache library
+ - added SOA record caching
+ - added authority record to DNS response
+ - improved logs - IPs not printed in hex format
+ - fixed CVE-2012-1191
+ - fixed CVE-2008-4392
+- dq, a command-line tool to debug DNS/DNScurve
+ - based on dnsq and dnsqr from djbdns
+ - added IPv6 support
+ - added DNSCurve support (Streamlined/TXT)
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/Makefile Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,51 @@
+# $NetBSD: Makefile,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+
+GITHUB_PROJECT= dq
+GITHUB_TAG= 20220101
+DISTNAME= ${GITHUB_PROJECT}
+PKGNAME= ${GITHUB_PROJECT}-${GITHUB_TAG}
+CATEGORIES= net
+MASTER_SITES= ${MASTER_SITE_GITHUB:=janmojzis/}
+
+MAINTAINER= schmonz%NetBSD.org@localhost
+HOMEPAGE= https://github.com/janmojzis/dq/
+COMMENT= Recursive DNS/DNSCurve server
+LICENSE= public-domain
+
+DEPENDS+= daemontools-[0-9]*:../../sysutils/daemontools
+
+DJB_MAKE_TARGETS= no
+BUILD_TARGET= compile
+
+SUBST_CLASSES+= etc
+SUBST_STAGE.etc= do-configure
+SUBST_FILES.etc= dq/dns_rcrw.c dq/dq.c man/dq.1
+SUBST_SED.etc= -e 's|/etc/dnsrewrite|${PKG_SYSCONFBASE}/dnsrewrite|g'
+SUBST_MESSAGE.etc= Fixing prefix.
+
+EGDIR= share/examples/${PKGBASE}
+INSTALLATION_DIRS= ${EGDIR}
+MAKE_DIRS+= ${PKG_SYSCONFDIR}/dqcache/servers
+
+CONF_FILES+= ${PREFIX}/${EGDIR}/dnscurveroots.global \
+ ${PKG_SYSCONFDIR}/dqcache/servers/@
+
+PKG_GROUPS+= ${DQCACHE_GROUP}
+PKG_USERS+= ${DQCACHE_USER}:${DQCACHE_GROUP}
+BUILD_DEFS+= DQCACHE_GROUP DQCACHE_USER PKG_SYSCONFBASE
+
+RCD_SCRIPTS= dqcache
+FILES_SUBST+= DQCACHE_USER=${DQCACHE_USER:Q}
+FILES_SUBST+= PKGNAME=${PKGNAME:Q}
+
+post-configure:
+ ${RUN}cd ${DJB_CONFIG_DIR}; \
+ [ -f conf-sbin ] && ${ECHO} ${DJB_CONFIG_PREFIX}/sbin > conf-sbin
+
+post-install:
+ for i in examples.md dnscurveroots.global; do \
+ ${INSTALL_DATA} ${FILESDIR}/$$i ${DESTDIR}${PREFIX}/${EGDIR}/; \
+ done
+
+.include "../../mk/djbware.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/PLIST
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/PLIST Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,11 @@
+@comment $NetBSD: PLIST,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+bin/dq
+man/man1/dq.1
+man/man8/dqcache-makekey.8
+man/man8/dqcache-start.8
+man/man8/dqcache.8
+sbin/dqcache
+sbin/dqcache-makekey
+sbin/dqcache-start
+share/examples/dq/dnscurveroots.global
+share/examples/dq/examples.md
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/distinfo
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/distinfo Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+
+BLAKE2s (dq-20220101.tar.gz) = 3b340e5217e58061e38fdafc407f40e64877a61f680c7f43409b8b6a4fe290ba
+SHA512 (dq-20220101.tar.gz) = 5c4fd8a8f37b2f8707abde80af7efe943dd00f0e725b406bff9ee8aae889f820fb76fe137be8223943c76ec14d41579de9a66f5d4c440d493e6d527bb24b175a
+Size (dq-20220101.tar.gz) = 140727 bytes
+SHA1 (patch-make-install.sh) = f8d8460015ab6a849e5bc25d341bb993c3bdcb3c
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/dnscurveroots.global
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/dnscurveroots.global Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,24 @@
+198.41.0.4
+2001:503:ba3e::2:30
+192.228.79.201
+2001:500:84::b
+192.33.4.12
+2001:500:2::c
+199.7.91.13
+2001:500:2d::d
+192.203.230.10
+192.5.5.241
+2001:500:2f::f
+192.112.36.4
+198.97.190.53
+2001:500:1::53
+192.36.148.17
+2001:7fe::53
+192.58.128.30
+2001:503:c27::2:30
+193.0.14.129
+2001:7fd::1
+199.7.83.42
+2001:500:9f::42
+202.12.27.33
+2001:dc3::35
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/dqcache.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/dqcache.sh Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,56 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: dqcache.sh,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+#
+# @PKGNAME@ script to control dqcache (caching DNS+DNSCurve resolver).
+#
+
+# PROVIDE: dqcache named
+# REQUIRE: NETWORKING mountcritremote syslogd
+# BEFORE: DAEMON
+
+name="dqcache"
+
+# User-settable rc.conf variables and their default values:
+: ${dqcache_postenv:=""}
+: ${dqcache_ip:="127.0.0.1"}
+: ${dqcache_size:="10000000"}
+: ${dqcache_log:="YES"}
+: ${dqcache_logcmd:="logger -t nbdq/cache -p daemon.info"}
+: ${dqcache_nologcmd:="@PREFIX@/bin/multilog -*"}
+
+if [ -f /etc/rc.subr ]; then
+ . /etc/rc.subr
+fi
+
+rcvar=${name}
+required_dirs="@PKG_SYSCONFDIR@/${name}/servers"
+required_files="@PKG_SYSCONFDIR@/${name}/servers/@"
+command="@PREFIX@/sbin/${name}"
+procname=nb${name}
+start_precmd="dqcache_precmd"
+
+dqcache_precmd() {
+ if [ -f /etc/rc.subr ] && ! checkyesno dqcache_log; then
+ dqcache_logcmd=${dqcache_nologcmd}
+ fi
+ command="@PREFIX@/bin/pgrphack @SETENV@ - ${dqcache_postenv} \
+ROOT=@PKG_SYSCONFDIR@/${name} \
+IP=${dqcache_ip} \
+CACHESIZE=${dqcache_size} \
+@PREFIX@/bin/envuidgid @DQCACHE_USER@ \
+@PREFIX@/bin/argv0 @PREFIX@/sbin/${name} ${procname} \
+2>&1 | \
+${dqcache_logcmd}"
+ command_args="&"
+ rc_flags=""
+}
+
+if [ -f /etc/rc.subr ]; then
+ load_rc_config $name
+ run_rc_command "$1"
+else
+ @ECHO_N@ " ${name}"
+ dqcache_precmd
+ eval ${command} ${dqcache_flags} ${command_args}
+fi
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/examples.md
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/examples.md Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,170 @@
+# dq
+
+### Authoritative example - streamlined DNSCurve query (executed 23.11.2013):
+
+ $ dq -a a dnscurve.org uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ 1 dnscurve.org - streamlined DNSCurve:
+ 320 bytes, 1+2+3+3 records, response, authoritative, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.142
+ answer: dnscurve.org 600 A 131.193.32.147
+ authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+ additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+ additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+ additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - TXT DNSCurve query, using suffix 'dnscurve.org'
+(executed 23.11.2013):
+
+ $ dq -S 'dnscurve.org' -a a dnscurve.org uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ 1 dnscurve.org - txt DNSCurve:
+ 320 bytes, 1+2+3+3 records, response, authoritative, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.142
+ answer: dnscurve.org 600 A 131.193.32.147
+ authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+ additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+ additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+ additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - streamlined DNSCurve query, using IPv4 and key
+(executed 23.11.2013):
+
+ $ dq -k uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090 -a a dnscurve.org 131.155.71.143
+ 1 dnscurve.org - streamlined DNSCurve:
+ 320 bytes, 1+2+3+3 records, response, authoritative, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.147
+ answer: dnscurve.org 600 A 131.193.32.142
+ authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+ additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+ additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+ additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - streamlined DNSCurve query, using IPv6 and key
+(executed 23.11.2013):
+
+ $ dq -a -k uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p a blinkenlights.ch 2a01:4f8:120:43c1::a
+ 1 blinkenlights.ch - streamlined DNSCurve:
+ 341 bytes, 1+1+3+3 records, response, authoritative, noerror
+ query: 1 blinkenlights.ch
+ answer: blinkenlights.ch 86400 A 78.46.72.150
+ authority: blinkenlights.ch 259200 NS uz5crn6x92t4vb4k3z68du7rmwmnnvkbdd29t79yzg9fr2s2rx5pk0.nsde1.eqmx.net
+ authority: blinkenlights.ch 259200 NS uz5mnv8n4dzrp95zl50jryb4wgf45my27q6pvx8f540l9sspkcwvtm.nszh1.eqmx.net
+ authority: blinkenlights.ch 259200 NS uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p.dns1.workaround.ch
+ additional: uz5crn6x92t4vb4k3z68du7rmwmnnvkbdd29t79yzg9fr2s2rx5pk0.nsde1.eqmx.net 86400 A 178.209.50.169
+ additional: uz5mnv8n4dzrp95zl50jryb4wgf45my27q6pvx8f540l9sspkcwvtm.nszh1.eqmx.net 86400 A 46.246.93.162
+ additional: uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p.dns1.workaround.ch 86400 A 78.46.72.150
+
+### Recursive example (executed 23.11.2013):
+
+ $ dq a dnscurve.org
+ 1 dnscurve.org - regular DNS:
+ 272 bytes, 1+2+3+0 records, response, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.147
+ answer: dnscurve.org 600 A 131.193.32.142
+ authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+ authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+
+### Recursive example, using OpenDNS resolver - IPv6 (executed 23.11.2013):
+
+ $ dq a dnscurve.org 2620:0:ccc::2
+ 1 dnscurve.org - regular DNS:
+ 62 bytes, 1+2+0+0 records, response, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.147
+ answer: dnscurve.org 600 A 131.193.32.142
+
+### Recursive example, using OpenDNS resolver - IPv4 (executed 23.11.2013):
+
+ $ dq a dnscurve.org 208.67.222.222
+ 1 dnscurve.org - regular DNS:
+ 62 bytes, 1+2+0+0 records, response, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.142
+ answer: dnscurve.org 600 A 131.193.32.147
+
+### Recursive example, using OpenDNS resolver - IPv4, dnsqr backward
+compatibility (executed 23.11.2013):
+
+ env DNSCACHEIP=208.67.222.222 dq a dnscurve.org
+ 1 dnscurve.org - regular DNS:
+ 62 bytes, 1+2+0+0 records, response, noerror
+ query: 1 dnscurve.org
+ answer: dnscurve.org 600 A 131.193.32.142
+ answer: dnscurve.org 600 A 131.193.32.147
Home |
Main Index |
Thread Index |
Old Index