This thread contains a patchset. You're looking at the original emails,
but you may wish to use the patch review UI.
Review patch
4
2
[alpine-devel]
[alpine-devel] [PATCH 1/2] Initial APKBUILD for libsodium / libsodium-dev
libsodium is a dependency for dnscrypt-proxy & is now a separate library
& no longer part of the dnscrypt-proxy sources.
libsodium/libsodium.post-install - this just runs ldconfig.
---
testing/libsodium/APKBUILD | 40 ++++++++++++++++++++++++++++++++
testing/libsodium/libsodium.post-install | 5 ++++
2 files changed, 45 insertions(+)
create mode 100644 testing/libsodium/APKBUILD
create mode 100644 testing/libsodium/libsodium.post-install
diff --git a/testing/libsodium/APKBUILD b/testing/libsodium/APKBUILD
new file mode 100644
index 0000000..1a41ca6
--- /dev/null
+++ b/testing/libsodium/APKBUILD
@@ -0,0 +1,40 @@
+ # Contributor: IT Offshore <developer@it-offshore.co.uk>
+ # Maintainer:
+ pkgname=libsodium
+ pkgver=0.4.5
+ pkgrel=0
+ pkgdesc="P(ortable|ackageable) NaCl-based crypto library"
+ url="https://github.com/jedisct1/libsodium"
+ arch="all"
+ license="custom:ISC"
+ depends="libc"
+ options="libtool"
+ install="$pkgname.post-install"
+ subpackages="$pkgname-dev"
+ source="https://github.com/jedisct1/$pkgname/releases/download/$pkgver/$pkgname-$pkgver.tar.gz"
+
+ _builddir="$srcdir"/$pkgname-$pkgver
+
+ build() {
+ cd "$_builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ || return 1
+ make || return 1
+ }
+
+ check() {
+ cd "$pkgname-$pkgver"
+ make check
+ }
+
+ package() {
+ cd "$_builddir"
+ make DESTDIR="$pkgdir" install
+ }
+
+ md5sums="3a97d2c29ec0133e334036e3f19d0741 libsodium-0.4.5.tar.gz"
+ sha256sums="7ad5202df53eeac0eb29b064ae5d05b65d82b2fc1c082899c9c6a09b0ee1ac32 libsodium-0.4.5.tar.gz"
+ sha512sums="6105bb91982e040420312f042bb71547f0208ed9b2928b1740a68134b82dd4566f18c0761b8959a85d13b6770edbd977d989bc74eabc9bfa5e0000f5ab5c7b32 libsodium-0.4.5.tar.gz"
diff --git a/testing/libsodium/libsodium.post-install b/testing/libsodium/libsodium.post-install
new file mode 100644
index 0000000..eaae580
--- /dev/null
+++ b/testing/libsodium/libsodium.post-install
@@ -0,0 +1,5 @@
+ #!/bin/sh
+
+ # register libsodium library
+
+ ldconfig
--
1.8.4.2
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---
[alpine-devel] [PATCH 2/2] dnscrypt-proxy Version Bump to v.1.33 / updated APKBUILD for new sources
The sources URL was not working even with the version bump so I amended it to
work with GIT. Added make-depends to build with autoconf / make.
dnscrypt-proxy no longer has libsodium sources included. Separate patch added for
libsodium / libsodium-dev.
/usr/bin/dnscrypt-config added (run by the post-install script) to choose the
DNS Resolver dnscrypt queries (the default OpenDNS resolver keeps logs - the other
Resolvers do not)
dnscrypt ip:port can be changed & optionally unbound can be installed for dns caching.
---
testing/dnscrypt-proxy/APKBUILD | 51 +++ ---
testing/dnscrypt-proxy/dnscrypt-config | 201 +++++++++++++++++++++
testing/dnscrypt-proxy/dnscrypt-proxy.post-install | 6 +
3 files changed, 236 insertions(+), 22 deletions(-)
create mode 100644 testing/dnscrypt-proxy/dnscrypt-config
create mode 100644 testing/dnscrypt-proxy/dnscrypt-proxy.post-install
diff --git a/testing/dnscrypt-proxy/APKBUILD b/testing/dnscrypt-proxy/APKBUILD
index 9b34b39..c64c049 100644
--- a/testing/dnscrypt-proxy/APKBUILD
+++ b/testing/dnscrypt-proxy/APKBUILD
@@ -1,33 +1,36 @@
# Contributor: Francesco Colista <francesco.colista@gmail.com>
# Maintainer: Francesco Colista <francesco.colista@gmail.com>
pkgname=dnscrypt-proxy
- pkgver=1.3.0
- pkgrel=0
+ pkgver=1.3.3
+ pkgrel=1
pkgdesc="A tool for securing communications between a client and a DNS resolver"
url="http://dnscrypt.org/"
arch="x86"
license="custom"
- depends=""
- depends_dev=""
+ depends="libsodium"
+ depends_dev="libtool automake autoconf libsodium-dev"
makedepends="$depends_dev"
- install=""
- pkguser=dnscrypt
- pkggroup=dnscrypt
- subpackages="$pkgname-dev $pkgname-doc"
- source="http://download.dnscrypt.org/$pkgname/$pkgname-$pkgver.tar.bz2
+ install="$pkgname.post-install $pkgname.pre-install"
+ pkgusers=dnscrypt
+ pkggroups=dnscrypt
+ subpackages="$pkgname-doc"
+ source="saveas-https://github.com/jedisct1/$pkgname/archive/$pkgver.tar.gz/$pkgname-$pkgver.tar.gz
$pkgname.initd
$pkgname.confd
+ dnscrypt-config
"
+
_builddir="$srcdir"/$pkgname-$pkgver
build() {
-
- cd "$_builddir"/src/libsodium
- make -j1 check
-
- cd "$_builddir"
- CFLAGS="$CFLAGS -fPIC" ./configure --prefix=/usr
- make -j1
+ cd "$_builddir"
+ ./autogen.sh
+ CFLAGS="$CFLAGS -fPIC" ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ || return 1
+ make || return 1
}
package() {
@@ -38,18 +41,22 @@ package() {
mkdir -p $pkgdir/usr/share/licenses/$pkgname
install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
install -m755 -D "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
+ install -m755 -D "$srcdir"/dnscrypt-config "$pkgdir"/usr/bin/dnscrypt-config
install -m 644 COPYING $pkgdir/usr/share/licenses/$pkgname
chown dnscrypt "$pkgdir"/var/log/$pkgname
chown dnscrypt "$pkgdir"/var/run/$pkgname
rm -rf $pkgdir/usr/lib/*.la
}
- md5sums="33cc94dd06d23f96b4bac3efd1b20c95 dnscrypt-proxy-1.3.0.tar.bz2
+ md5sums="6a10b1d6018bfeed9a6dbc3b49cc39d8 dnscrypt-proxy-1.3.3.tar.gz
9d4858771258a029d00197422d3888b8 dnscrypt-proxy.initd
- a7a34c94174eca5c688e7867a87cafb3 dnscrypt-proxy.confd"
- sha256sums="211ee2d75acd631b09d012229c73654c2302234d73c9f12425e1c906520dc7c5 dnscrypt-proxy-1.3.0.tar.bz2
+ a7a34c94174eca5c688e7867a87cafb3 dnscrypt-proxy.confd
+ 57d315cafd53eefc37cd791c48d27aa8 dnscrypt-config"
+ sha256sums="b797b1cc2ce6b7a01bc8a8d119367971f0cff20beea506cd0aeaa613fd5eaa24 dnscrypt-proxy-1.3.3.tar.gz
f8b9301a8deda8413c6057788644505e622c0e12c8637f1dc7bdddf44f9cbec7 dnscrypt-proxy.initd
- e4817f9c73137bf34607df3617f3fa3075ea8cb805cff948e06901ca7259e46b dnscrypt-proxy.confd"
- sha512sums="b6d7e6796d24bfe8ef27a16c4e6970122965f4d9fd4f3df997fc4f46e2c762efcd6fd145df7e154c2b66b358771d1ce45f676df3810b14fb6aeec0b182e354b6 dnscrypt-proxy-1.3.0.tar.bz2
+ e4817f9c73137bf34607df3617f3fa3075ea8cb805cff948e06901ca7259e46b dnscrypt-proxy.confd
+ 928cf063b9ab3168fe3fcc5f790ea803e344ca2d82dbfeccfffd12c177bff2e0 dnscrypt-config"
+ sha512sums="e0d668446eaf65dce358b6d90fc7cf9905e49e267f0ff6c4d399c54b4ccc13d1c9f9622ac68f5fd992ce0b0c275b4e07bd98bc35404c822f521f20a244287dce dnscrypt-proxy-1.3.3.tar.gz
34e375faab52b381198bf50d1ce5e47be56132e7e427255782747952cf828951fec4676b523558f3f0bb46c1afa1a58b46960a3d9c550f6196f8de182a03e220 dnscrypt-proxy.initd
- 544133669bb1ef1ab17992035919afccb911f7f282b71f0369f055a105efe7f6b9d61c1f281f879d684f08a095559800f57e124982dd4ea33b90a12b61352009 dnscrypt-proxy.confd"
+ 544133669bb1ef1ab17992035919afccb911f7f282b71f0369f055a105efe7f6b9d61c1f281f879d684f08a095559800f57e124982dd4ea33b90a12b61352009 dnscrypt-proxy.confd
+ fcfd2b9bf08daeb65997f4236c46674a59e344c34d6c8724e2aa54d974b636ffd8d1b0e3ddc3267483017b3ef95deefde63db0b1d439191f1aa0b0f111deaccd dnscrypt-config"
diff --git a/testing/dnscrypt-proxy/dnscrypt-config b/testing/dnscrypt-proxy/dnscrypt-config
new file mode 100644
index 0000000..d45d517
--- /dev/null
+++ b/testing/dnscrypt-proxy/dnscrypt-config
@@ -0,0 +1,201 @@
+ #!/bin/sh
+
+ # dnscrypt-proxy script to choose DNS Resolver / install & configure DNS Caching
+ ############################################################################################
+
+ print_info() {
+ echo -n -e '\e[1;36m'
+ echo -n -e $1
+ echo -e '\e[0m'
+ }
+
+ die() {
+ echo "ERROR: $1" > /dev/null 1>&2
+ exit 1
+ }
+
+ choose_ip(){
+ IP=none
+ IPADDR=$(ifconfig |grep -B1 "inet addr" |awk '{ if ( $1 == "inet" ) { print $2 } else if ( $2 == "Link" ) { printf "%s:" ,$1 } }' |awk -F: '{ print $1 ": " $3 }')
+ until echo $IPADDR | grep -e $IP 1>/dev/null
+ do
+ echo; print_info "Choose dnscrypt ip from the following addresses:"
+ print_info "$IPADDR\t[ default - 127.0.0.1 ]"
+ echo; read IP
+ if [ ! $IP ] ;then
+ IP=127.0.0.1; print_info "IP: 127.0.0.1 Selected"; echo
+ fi
+ done
+ }
+
+ choose_port(){
+ echo; print_info "Choose dnscrypt port: [ default = 40 ]"
+ until [ "$DNSPORT" -gt 0 ] 2>/dev/null
+ do
+ echo;read DNSPORT
+ if [ ! $DNSPORT ]; then
+ DNSPORT=40; print_info "Port: 40 Selected"
+ fi
+
+ case $DNSPORT in
+ ''|*[!0-9]*) echo; print_info "Choose NUMERIC dnscrypt port: [ default = 40 ]" ;;
+ *) if [ "$DNSPORT" -gt 65535 ]; then
+ echo; print_info "Please choose a valid port [1 - 65535]";
+ DNSPORT=0;
+ fi;;
+ esac
+ done
+ }
+
+ update_unbound(){
+ if [ -f /etc/unbound/unbound.conf ]; then
+ if grep 'Settings from /usr/bin/dnscrypt-config' /etc/unbound/unbound.conf 1>/dev/null; then
+ #replace previous setting
+ START=$(sed -n '/Settings from \/usr\/bin\/dnscrypt-config/=' /etc/unbound/unbound.conf)
+ END=$(expr $START + 5)
+ sed "$END c \ forward-addr: $IP@$DNSPORT" /etc/unbound/unbound.conf -i
+ else
+ echo -e '##### Settings from /usr/bin/dnscrypt-config #####' >> /etc/unbound/unbound.conf
+ echo -e 'do-not-query-localhost: no' >> /etc/unbound/unbound.conf
+ echo >> /etc/unbound/unbound.conf
+ echo -e 'forward-zone:' >> /etc/unbound/unbound.conf
+ echo -e ' name: "."' >> /etc/unbound/unbound.conf
+ echo -e " forward-addr: $IP@$DNSPORT" >> /etc/unbound/unbound.conf
+ echo; print_info "/etc/unbound/unbound.conf updated"
+ fi
+ fi
+ }
+
+ # Do some sanity checking.
+ if [ $(/usr/bin/id -u) != "0" ]; then
+ die 'Must be run by root user'
+ fi
+
+ clear; echo -e "\n"
+ print_info "Please choose a DNS Resolver for dnscrypt-proxy to query [1 - 8]:"
+ print_info "-----------------------------------------------------------------"
+ print_info "1: OpenDNS"
+ print_info "2: Cloud NS\t\t: Canberra, Australia (No Logs, DNSSEC)"
+ print_info "3: Cloud NS\t\t: Canberra (over TOR .onion:443)"
+ print_info "4: Cloud NS\t\t: Sydney, Australia (No Logs, DNSSEC)"
+ print_info "5: Cloud NS\t\t: Sydney (over TOR .onion:443)"
+ print_info "6: OpenNIC\t\t: Japan (No Logs)"
+ print_info "7: DNSCrypt.eu\t\t: Holland (No logs, DNSSEC)"
+ print_info "8: Soltysiak.com\t: Poland (No logs, DNSSEC)"
+ print_info "-----------------------------------------------------------------"
+ #read DNS
+
+ until [ "$DNS" -gt 0 ] 2>/dev/null
+ do
+
+ read DNS
+
+ case $DNS in
+ 1) RESOLVER=208.67.220.220:443;
+ PROVIDER=2.dnscrypt-cert.opendns.com
+ PUBKEY=B735:1140:206F:225D:3E2B:D822:D7FD:691E:A1C3:3CC8:D666:8D0C:BE04:BFAB:CA43:FB79;;
+ 2) RESOLVER=113.20.6.2:443;
+ PROVIDER=2.dnscrypt-cert.cloudns.com.au;
+ PUBKEY=1971:7C1A:C550:6C09:F09B:ACB1:1AF7:C349:6425:2676:247F:B738:1C5A:243A:C1CC:89F4;;
+ 3) RESOLVER=gc2tzw6lbmeagrp3.onion:443;
+ PROVIDER=2.dnscrypt-cert.cloudns.com.au;
+ PUBKEY=1971:7C1A:C550:6C09:F09B:ACB1:1AF7:C349:6425:2676:247F:B738:1C5A:243A:C1CC:89F4;;
+ 4) RESOLVER=113.20.8.17:443;
+ PROVIDER=2.dnscrypt-cert-2.cloudns.com.au;
+ PUBKEY=67A4:323E:581F:79B9:BC54:825F:54FE:1025:8B4F:37EB:0D07:0BCE:4010:6195:D94F:E330;;
+ 5) RESOLVER=l65q62lf7wnfme7m.onion:443;
+ PROVIDER=2.dnscrypt-cert-2.cloudns.com.au;
+ PUBKEY=67A4:323E:581F:79B9:BC54:825F:54FE:1025:8B4F:37EB:0D07:0BCE:4010:6195:D94F:E330;;
+ 6) RESOLVER=106.186.17.181:2053;
+ PROVIDER=2.dnscrypt-cert.ns2.jp.dns.opennic.glue;
+ PUBKEY=8768:C3DB:F70A:FBC6:3B64:8630:8167:2FD4:EE6F:E175:ECFD:46C9:22FC:7674:A1AC:2E2A;;
+ 7) RESOLVER=176.56.237.171:443;
+ PROVIDER=2.dnscrypt-cert.dnscrypt.eu;
+ PUBKEY=67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66;;
+ 8) RESOLVER=178.216.201.222:2053;
+ PROVIDER=2.dnscrypt-cert.soltysiak.com;
+ PUBKEY=25C4:E188:2915:4697:8F9C:2BBD:B6A7:AFA4:01ED:A051:0508:5D53:03E7:1928:C066:8F21;;
+ #check for numerical input
+ ''|*[!1-9]*) print_info "Please choose a NUMERICAL option [1 - 8]" ;;
+ *) if [ "$DNS" -gt 8 ]; then
+ print_info "Please choose an option [1 - 8]";
+ DNS=0;
+ fi;;
+ esac
+ done
+
+ # update init script
+ START='ebegin "Starting dnscrypt-proxy"'
+ CMD='start-stop-daemon --start --quiet --pidfile=${PID} --exec /usr/sbin/dnscrypt-proxy -- -p ${PID} -l ${DNSCRYPT_LOGFILE} -d -u ${DNSCRYPT_GROUP} -a ${DNSCRYPT_LOCALIP} -r ${RESOLVER} -k ${PUBKEY} -N ${PROVIDER}'
+ sed -e '/start-stop-daemon --start/d' -e "s|$START|&\n $CMD|g" /etc/init.d/dnscrypt-proxy -i
+
+ # remove existing Resolver config
+ if grep "RESOLVER" /etc/conf.d/dnscrypt-proxy 1> /dev/null; then
+ sed -e '/RESOLVER/d' -e '/PROVIDER/d' -e '/PUBKEY/d' /etc/conf.d/dnscrypt-proxy -i
+ fi
+
+ # update Resolver config
+ echo "RESOLVER=$RESOLVER" >> /etc/conf.d/dnscrypt-proxy
+ echo "PROVIDER=$PROVIDER" >> /etc/conf.d/dnscrypt-proxy
+ echo "PUBKEY=$PUBKEY" >> /etc/conf.d/dnscrypt-proxy
+
+ echo; print_info "dnscrypt-proxy Resolver settings updated to:"
+ print_info "---------------------------------------------------------------------------------------------"
+ print_info "RESOLVER\t\t: $RESOLVER"
+ print_info "PROVIDER\t\t: $PROVIDER"
+ print_info "PUBLIC KEY : $PUBKEY"
+ print_info "---------------------------------------------------------------------------------------------"
+
+ # install unbound
+ if ! which unbound 1> /dev/null; then
+ echo; print_info "Install Unbound (Caching DNS Server) [ Y / N ]"
+ read installsrv
+ if [ "$installsrv" = "Y" ] || [ "$installsrv" = "y" ]; then
+ apk add -q unbound
+ fi
+ fi
+
+ # choose dnscrypt ip address port
+ echo; print_info "Modify dnscrypt-proxy ip / port ? [ Y / N ]"
+ read updateip
+ if [ "$updateip" = "Y" ] || [ "$updateip" = "y" ]; then
+ choose_ip; choose_port
+
+ # update dnscrypt listening ip & port
+ START=$(sed -n '/DNSCRYPT_LOCALIP=/=' /etc/conf.d/dnscrypt-proxy)
+ sed "$START c DNSCRYPT_LOCALIP=$IP:$DNSPORT" /etc/conf.d/dnscrypt-proxy -i
+
+ # update dhclient.conf
+ if [ -f /etc/dhcp/dhclient.conf ]; then
+ if grep 'supersede domain-name-servers' /etc/dhcp/dhclient.conf 1>/dev/null; then
+ START=$(sed -n '/supersede domain-name-servers/=' /etc/dhcp/dhclient.conf)
+ sed "$START c supersede domain-name-servers $IP" /etc/dhcp/dhclient.conf -i
+ else
+ echo "supersede domain-name-servers $IP" >> /etc/dhcp/dhclient.conf
+ fi
+ fi
+
+ # update resolv.conf & unbound
+ echo "nameserver $IP" > /etc/resolv.conf
+ update_unbound
+
+ # add / restart services
+ for srv in "unbound dnscrypt-proxy"; do
+ if ! rc-status | grep $srv; then
+ rc-update add $srv default
+ rc-service $srv restart
+ fi
+ done
+
+ echo; print_info "dnscrypt-proxy Listening Address updated to:"
+ print_info "------------------------------------------------------"
+ print_info "IP: $IP Port: $DNSPORT"
+ print_info "------------------------------------------------------"
+ fi
+
+
+
+
+
+
+
diff --git a/testing/dnscrypt-proxy/dnscrypt-proxy.post-install b/testing/dnscrypt-proxy/dnscrypt-proxy.post-install
new file mode 100644
index 0000000..8059c83
--- /dev/null
+++ b/testing/dnscrypt-proxy/dnscrypt-proxy.post-install
@@ -0,0 +1,6 @@
+ #!/bin/sh
+
+ # choose DNS Resolver / change ip:port / optionally install DNS caching / add & start services
+ /usr/bin/dnscrypt-config
+ exit 0
+
--
1.8.4.2
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---
Re: [alpine-devel] [PATCH 1/2] Initial APKBUILD for libsodium / libsodium-dev
Re: [alpine-devel] [PATCH 2/2] dnscrypt-proxy Version Bump to v.1.33 / updated APKBUILD for new sources
On Fri, 8 Nov 2013 00:25:10 +0000
IT Offshore <developer@it-offshore.co.uk > wrote:
> The sources URL was not working even with the version bump so I amended it to
> work with GIT. Added make-depends to build with autoconf / make.
>
> dnscrypt-proxy no longer has libsodium sources included. Separate patch added for
> libsodium / libsodium-dev.
>
> /usr/bin/dnscrypt-config added (run by the post-install script) to choose the
> DNS Resolver dnscrypt queries (the default OpenDNS resolver keeps logs - the other
> Resolvers do not)
>
> dnscrypt ip:port can be changed & optionally unbound can be installed for dns caching.
> ---
> testing/dnscrypt-proxy/APKBUILD | 51 +++---
> testing/dnscrypt-proxy/dnscrypt-config | 201 +++++++++++++++++++++
> testing/dnscrypt-proxy/dnscrypt-proxy.post-install | 6 +
> 3 files changed, 236 insertions(+), 22 deletions(-)
> create mode 100644 testing/dnscrypt-proxy/dnscrypt-config
> create mode 100644 testing/dnscrypt-proxy/dnscrypt-proxy.post-install
>
What is this:
> +# update init script
> +START='ebegin "Starting dnscrypt-proxy"'
> +CMD='start-stop-daemon --start --quiet --pidfile=${PID} --exec /usr/sbin/dnscrypt-proxy -- -p ${PID} -l ${DNSCRYPT_LOGFILE} -d -u ${DNSCRYPT_GROUP} -a ${DNSCRYPT_LOCALIP} -r ${RESOLVER} -k ${PUBKEY} -N ${PROVIDER}'
> +sed -e '/start-stop-daemon --start/d' -e "s|$START|&\n $CMD|g" /etc/init.d/dnscrypt-proxy -i
It edits the init.d script?
If that is needed something must be terribly wrong...
-nc
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---