net-dns/dnscrypt-proxy: bump to 2.0.45

Closes: https://bugs.gentoo.org/763312 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org>
author: Sam James <sam@gentoo.org> 2021-01-03 23:10:16 +0000
committer: Sam James <sam@gentoo.org> 2021-01-03 23:10:16 +0000
commit: dc5570c2c49db48832676e68f77fd4cb94596979 (patch)
tree: fd791a1597b8dbebf0fecac43bb6838cce239aec /net-dns
parent: dev-libs/libofx: opensp is {R,}DEPEND (diff)
download: gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.tar.gz
gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.tar.bz2
gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.zip
4 files changed, 217 insertions, 6 deletions
diff --git a/net-dns/dnscrypt-proxy/Manifest b/net-dns/dnscrypt-proxy/Manifest
index 1723c8920adb..0b2a4e38348a 100644
--- a/net-dns/dnscrypt-proxy/Manifest
+++ b/net-dns/dnscrypt-proxy/Manifest
@@ -1 +1,2 @@
 DIST dnscrypt-proxy-2.0.44.tar.gz 2279842 BLAKE2B 90f156914dd29ab5baa2eb02ed2992583999a6688d09a532f8c7c1ec6d285bd39893f66726da928f295056fd66cd756f4332f1ed21284ffa3d357ce355a08625 SHA512 009e2b669c1d6f6cd6b41f5e04d08735587f420dacdea8d422a3c12a62614c1ce1963deebca3af1f956070abd9ff5df9182cb27e31fa0fac8a95478739445801
+DIST dnscrypt-proxy-2.0.45.tar.gz 2721610 BLAKE2B cddeafec2a2fa8179b722a1b4fe8527bcb3991f5d9e04e31667ea8c38deda5b8c9a3c3a3c16e4e2f5d1bfdb5f8d540c6d61273c34df27f4a78215736b240846f SHA512 becfe3c2d4567725e6b7e973647163e32dd2eaae361087bb05c90b6ddc3b0db0891c2725f6b5c255b8965990832bad53bd6ef137be54a342f46594f3633fe47a
diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.0.45.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.0.45.ebuild
new file mode 100644
index 000000000000..43359636f250
--- /dev/null
+++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.0.45.ebuild
@@ -0,0 +1,106 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+EGO_PN="github.com/DNSCrypt/${PN}"
+
+inherit fcaps go-module systemd
+
+if [[ ${PV} == 9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://${EGO_PN}.git"
+else
+	SRC_URI="https://${EGO_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+fi
+
+DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols"
+HOMEPAGE="https://github.com/DNSCrypt/dnscrypt-proxy"
+
+LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0"
+SLOT="0"
+IUSE="pie"
+
+BDEPEND=">=dev-lang/go-1.13"
+RDEPEND="
+	acct-group/dnscrypt-proxy
+	acct-user/dnscrypt-proxy
+"
+
+FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy )
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.0.45-config-full-paths.patch"
+)
+
+src_compile() {
+	pushd "${PN}" >/dev/null || die
+	go build -v -x -mod=readonly -mod=vendor -buildmode="$(usex pie pie default)" || die
+	popd >/dev/null || die
+}
+
+src_test() {
+	cd "${PN}" || die
+	go test -mod=vendor -buildmode="$(usex pie pie default)" || die "Failed to run tests"
+}
+
+src_install() {
+	pushd "${PN}" >/dev/null || die
+
+	dobin dnscrypt-proxy
+
+	insinto /etc/dnscrypt-proxy
+	newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml
+	doins example-{allowed,blocked}-{ips.txt,names.txt}
+	doins example-{cloaking-rules.txt,forwarding-rules.txt}
+
+	popd >/dev/null || die
+
+	insinto /usr/share/dnscrypt-proxy
+	doins -r "utils/generate-domains-blocklist/."
+
+	newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy
+	newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy
+
+	systemd_newunit "${FILESDIR}"/dnscrypt-proxy.service dnscrypt-proxy.service
+	systemd_newunit "${FILESDIR}"/dnscrypt-proxy.socket dnscrypt-proxy.socket
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/dnscrypt-proxy.logrotate dnscrypt-proxy
+
+	einstalldocs
+}
+
+pkg_postinst() {
+	fcaps_pkg_postinst
+	go-module_pkg_postinst
+
+	if ! use filecaps; then
+		ewarn "'filecaps' USE flag is disabled"
+		ewarn "${PN} will fail to listen on port 53"
+		ewarn "please do one the following:"
+		ewarn "1) re-enable 'filecaps'"
+		ewarn "2) change port to > 1024"
+		ewarn "3) configure to run ${PN} as root (not recommended)"
+		ewarn
+	fi
+
+	if systemd_is_booted || has_version sys-apps/systemd; then
+		elog "Using systemd socket activation may cause issues with speed"
+		elog "latency and reliability of ${PN} and is discouraged by upstream"
+		elog "Existing installations advised to disable 'dnscrypt-proxy.socket'"
+		elog "It is disabled by default for new installations"
+		elog "check "$(systemd_get_systemunitdir)/${PN}.service" for details"
+		elog
+
+	fi
+
+	elog "After starting the service you will need to update your"
+	elog "/etc/resolv.conf and replace your current set of resolvers"
+	elog "with:"
+	elog
+	elog "nameserver 127.0.0.1"
+	elog
+	elog "Also see https://github.com/DNSCrypt/${PN}/wiki"
+}
diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild
index 4f7ddaa4a1b8..43359636f250 100644
--- a/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild
+++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -12,7 +12,7 @@ if [[ ${PV} == 9999 ]]; then
 	EGIT_REPO_URI="https://${EGO_PN}.git"
 else
 	SRC_URI="https://${EGO_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
-	KEYWORDS="~amd64 ~arm ~ppc64 ~x86"
+	KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
 fi
 
 DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols"
@@ -23,7 +23,6 @@ SLOT="0"
 IUSE="pie"
 
 BDEPEND=">=dev-lang/go-1.13"
-
 RDEPEND="
 	acct-group/dnscrypt-proxy
 	acct-user/dnscrypt-proxy
@@ -31,7 +30,9 @@ RDEPEND="
 
 FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy )
 
-PATCHES=( "${FILESDIR}"/config-full-paths-r11.patch )
+PATCHES=(
+	"${FILESDIR}/${PN}-2.0.45-config-full-paths.patch"
+)
 
 src_compile() {
 	pushd "${PN}" >/dev/null || die
@@ -51,13 +52,13 @@ src_install() {
 
 	insinto /etc/dnscrypt-proxy
 	newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml
-	doins example-{blacklist.txt,whitelist.txt}
+	doins example-{allowed,blocked}-{ips.txt,names.txt}
 	doins example-{cloaking-rules.txt,forwarding-rules.txt}
 
 	popd >/dev/null || die
 
 	insinto /usr/share/dnscrypt-proxy
-	doins -r "utils/generate-domains-blacklists/."
+	doins -r "utils/generate-domains-blocklist/."
 
 	newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy
 	newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy
diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.0.45-config-full-paths.patch b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.0.45-config-full-paths.patch
new file mode 100644
index 000000000000..86ca893440d2
--- /dev/null
+++ b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.0.45-config-full-paths.patch
@@ -0,0 +1,103 @@
+diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml
+index 12d9bde..0c7f3e1 100644
+--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
++++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml
+@@ -157,7 +157,7 @@ keepalive = 30
+ ## This file is different from other log files, and will not be
+ ## automatically rotated by the application.
+ 
+-# log_file = 'dnscrypt-proxy.log'
++# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
+ 
+ 
+ ## When using a log file, only keep logs from the most recent launch.
+@@ -438,7 +438,7 @@ cache_neg_max_ttl = 600
+   ## Path to the query log file (absolute, or relative to the same directory as the config file)
+   ## Can be set to /dev/stdout in order to log to the standard output.
+ 
+-  # file = 'query.log'
++  # file = '/var/log/dnscrypt-proxy/query.log'
+ 
+ 
+   ## Query log format (currently supported: tsv and ltsv)
+@@ -464,7 +464,7 @@ cache_neg_max_ttl = 600
+ 
+   ## Path to the query log file (absolute, or relative to the same directory as the config file)
+ 
+-  # file = 'nx.log'
++  # file = '/var/log/dnscrypt-proxy/nx.log'
+ 
+ 
+   ## Query log format (currently supported: tsv and ltsv)
+@@ -499,7 +499,7 @@ cache_neg_max_ttl = 600
+ 
+   ## Optional path to a file logging blocked queries
+ 
+-  # log_file = 'blocked-names.log'
++  # log_file = '/var/log/dnscrypt-proxy/blocked.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -527,7 +527,7 @@ cache_neg_max_ttl = 600
+ 
+   ## Optional path to a file logging blocked queries
+ 
+-  # log_file = 'blocked-ips.log'
++  # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -555,7 +555,7 @@ cache_neg_max_ttl = 600
+ 
+   ## Optional path to a file logging allowed queries
+ 
+-  # log_file = 'allowed-names.log'
++  # log_file = '/var/log/dnscrypt-proxy/allowed-names.log'
+ 
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+@@ -583,7 +583,7 @@ cache_neg_max_ttl = 600
+ 
+   ## Optional path to a file logging allowed queries
+ 
+-  # log_file = 'allowed-ips.log'
++  # log_file = '/var/log/dnscrypt-proxy/allowed-ips.log'
+ 
+   ## Optional log format: tsv or ltsv (default: tsv)
+ 
+@@ -654,7 +654,7 @@ cache_neg_max_ttl = 600
+ 
+   [sources.'public-resolvers']
+   urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/public-resolvers.md', 'https://download.dnscrypt.net/resolvers-list/v3/public-resolvers.md']
+-  cache_file = 'public-resolvers.md'
++  cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
+   minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+   refresh_delay = 72
+   prefix = ''
+@@ -663,7 +663,7 @@ cache_neg_max_ttl = 600
+ 
+   [sources.'relays']
+   urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/relays.md', 'https://download.dnscrypt.net/resolvers-list/v3/relays.md']
+-  cache_file = 'relays.md'
++  cache_file = '/var/cache/dnscrypt-proxy/relays.md'
+   minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+   refresh_delay = 72
+   prefix = ''
+@@ -673,7 +673,7 @@ cache_neg_max_ttl = 600
+   # [sources.quad9-resolvers]
+   # urls = ['https://www.quad9.net/quad9-resolvers.md']
+   # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN'
+-  # cache_file = 'quad9-resolvers.md'
++  # cache_file = '/var/cache/dnscrypt-proxy/quad9-resolvers.md'
+   # prefix = 'quad9-'
+ 
+   ## Another example source, with resolvers censoring some websites not appropriate for children
+@@ -681,7 +681,7 @@ cache_neg_max_ttl = 600
+ 
+   #  [sources.'parental-control']
+   #  urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v3/parental-control.md', 'https://ipv6.download.dnscrypt.info/resolvers-list/v3/parental-control.md', 'https://download.dnscrypt.net/resolvers-list/v3/parental-control.md']
+-  #  cache_file = 'parental-control.md'
++  #  cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
+   #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ 
+
author	Sam James <sam@gentoo.org>	2021-01-03 23:10:16 +0000
committer	Sam James <sam@gentoo.org>	2021-01-03 23:10:16 +0000
commit	dc5570c2c49db48832676e68f77fd4cb94596979 (patch)
tree	fd791a1597b8dbebf0fecac43bb6838cce239aec /net-dns
parent	dev-libs/libofx: opensp is {R,}DEPEND (diff)
download	gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.tar.gz gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.tar.bz2 gentoo-dc5570c2c49db48832676e68f77fd4cb94596979.zip