pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/dq Add dq, a recursive DNS/DNSCurve server. This p...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/2695ffec715a
branches:  trunk
changeset: 372599:2695ffec715a
user:      schmonz <schmonz%pkgsrc.org@localhost>
date:      Thu Jan 27 15:31:09 2022 +0000

description:
Add dq, a recursive DNS/DNSCurve server. This package contains:

- dqcache, a recursive DNS server with DNSCurve support
    - based on dnscache from djbdns
    - added support for streamlined DNSCurve
    - added support for TXT DNSCurve
    - added support for combined DNSCurve (streamlined and TXT)
    - added support for DNS anchors with DNSCurve keys
    - added full IPv6 support
    - added support for IPv6 DNS anchors
    - added support for cache dumping/loading
    - used siphash24 instead of hash5381 in cache library
    - added SOA record caching
    - added authority record to DNS response
    - improved logs - IPs not printed in hex format
    - fixed CVE-2012-1191
    - fixed CVE-2008-4392
- dq, a command-line tool to debug DNS/DNScurve
    - based on dnsq and dnsqr from djbdns
    - added IPv6 support
    - added DNSCurve support (Streamlined/TXT)

diffstat:

 net/dq/DESCR                         |   21 ++++
 net/dq/Makefile                      |   51 ++++++++++
 net/dq/PLIST                         |   11 ++
 net/dq/distinfo                      |    6 +
 net/dq/files/dnscurveroots.global    |   24 ++++
 net/dq/files/dqcache.sh              |   56 +++++++++++
 net/dq/files/examples.md             |  170 +++++++++++++++++++++++++++++++++++
 net/dq/patches/patch-make-install.sh |   14 ++
 8 files changed, 353 insertions(+), 0 deletions(-)

diffs (truncated from 385 to 300 lines):

diff -r 17195bfb30a1 -r 2695ffec715a net/dq/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/DESCR      Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,21 @@
+Dq contains:
+
+- dqcache, a recursive DNS server with DNSCurve support
+    - based on dnscache from djbdns
+    - added support for streamlined DNSCurve
+    - added support for TXT DNSCurve
+    - added support for combined DNSCurve (streamlined and TXT)
+    - added support for DNS anchors with DNSCurve keys
+    - added full IPv6 support
+    - added support for IPv6 DNS anchors
+    - added support for cache dumping/loading
+    - used siphash24 instead of hash5381 in cache library
+    - added SOA record caching
+    - added authority record to DNS response
+    - improved logs - IPs not printed in hex format
+    - fixed CVE-2012-1191
+    - fixed CVE-2008-4392
+- dq, a command-line tool to debug DNS/DNScurve
+    - based on dnsq and dnsqr from djbdns
+    - added IPv6 support
+    - added DNSCurve support (Streamlined/TXT)
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/Makefile   Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,51 @@
+# $NetBSD: Makefile,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+
+GITHUB_PROJECT=                dq
+GITHUB_TAG=            20220101
+DISTNAME=              ${GITHUB_PROJECT}
+PKGNAME=               ${GITHUB_PROJECT}-${GITHUB_TAG}
+CATEGORIES=            net
+MASTER_SITES=          ${MASTER_SITE_GITHUB:=janmojzis/}
+
+MAINTAINER=            schmonz%NetBSD.org@localhost
+HOMEPAGE=              https://github.com/janmojzis/dq/
+COMMENT=               Recursive DNS/DNSCurve server
+LICENSE=               public-domain
+
+DEPENDS+=              daemontools-[0-9]*:../../sysutils/daemontools
+
+DJB_MAKE_TARGETS=      no
+BUILD_TARGET=          compile
+
+SUBST_CLASSES+=                etc
+SUBST_STAGE.etc=       do-configure
+SUBST_FILES.etc=       dq/dns_rcrw.c dq/dq.c man/dq.1
+SUBST_SED.etc=         -e 's|/etc/dnsrewrite|${PKG_SYSCONFBASE}/dnsrewrite|g'
+SUBST_MESSAGE.etc=     Fixing prefix.
+
+EGDIR=                 share/examples/${PKGBASE}
+INSTALLATION_DIRS=     ${EGDIR}
+MAKE_DIRS+=            ${PKG_SYSCONFDIR}/dqcache/servers
+
+CONF_FILES+=           ${PREFIX}/${EGDIR}/dnscurveroots.global \
+                       ${PKG_SYSCONFDIR}/dqcache/servers/@
+
+PKG_GROUPS+=           ${DQCACHE_GROUP}
+PKG_USERS+=            ${DQCACHE_USER}:${DQCACHE_GROUP}
+BUILD_DEFS+=           DQCACHE_GROUP DQCACHE_USER PKG_SYSCONFBASE
+
+RCD_SCRIPTS=           dqcache
+FILES_SUBST+=          DQCACHE_USER=${DQCACHE_USER:Q}
+FILES_SUBST+=          PKGNAME=${PKGNAME:Q}
+
+post-configure:
+       ${RUN}cd ${DJB_CONFIG_DIR}; \
+       [ -f conf-sbin ] && ${ECHO} ${DJB_CONFIG_PREFIX}/sbin > conf-sbin
+
+post-install:
+       for i in examples.md dnscurveroots.global; do \
+               ${INSTALL_DATA} ${FILESDIR}/$$i ${DESTDIR}${PREFIX}/${EGDIR}/; \
+       done
+
+.include "../../mk/djbware.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/PLIST      Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,11 @@
+@comment $NetBSD: PLIST,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+bin/dq
+man/man1/dq.1
+man/man8/dqcache-makekey.8
+man/man8/dqcache-start.8
+man/man8/dqcache.8
+sbin/dqcache
+sbin/dqcache-makekey
+sbin/dqcache-start
+share/examples/dq/dnscurveroots.global
+share/examples/dq/examples.md
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/distinfo   Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+
+BLAKE2s (dq-20220101.tar.gz) = 3b340e5217e58061e38fdafc407f40e64877a61f680c7f43409b8b6a4fe290ba
+SHA512 (dq-20220101.tar.gz) = 5c4fd8a8f37b2f8707abde80af7efe943dd00f0e725b406bff9ee8aae889f820fb76fe137be8223943c76ec14d41579de9a66f5d4c440d493e6d527bb24b175a
+Size (dq-20220101.tar.gz) = 140727 bytes
+SHA1 (patch-make-install.sh) = f8d8460015ab6a849e5bc25d341bb993c3bdcb3c
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/dnscurveroots.global
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/dnscurveroots.global Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,24 @@
+198.41.0.4
+2001:503:ba3e::2:30
+192.228.79.201
+2001:500:84::b
+192.33.4.12
+2001:500:2::c
+199.7.91.13
+2001:500:2d::d
+192.203.230.10
+192.5.5.241
+2001:500:2f::f
+192.112.36.4
+198.97.190.53
+2001:500:1::53
+192.36.148.17
+2001:7fe::53
+192.58.128.30
+2001:503:c27::2:30
+193.0.14.129
+2001:7fd::1
+199.7.83.42
+2001:500:9f::42
+202.12.27.33
+2001:dc3::35
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/dqcache.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/dqcache.sh   Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,56 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: dqcache.sh,v 1.1 2022/01/27 15:31:09 schmonz Exp $
+#
+# @PKGNAME@ script to control dqcache (caching DNS+DNSCurve resolver).
+#
+
+# PROVIDE: dqcache named
+# REQUIRE: NETWORKING mountcritremote syslogd
+# BEFORE:  DAEMON
+
+name="dqcache"
+
+# User-settable rc.conf variables and their default values:
+: ${dqcache_postenv:=""}
+: ${dqcache_ip:="127.0.0.1"}
+: ${dqcache_size:="10000000"}
+: ${dqcache_log:="YES"}
+: ${dqcache_logcmd:="logger -t nbdq/cache -p daemon.info"}
+: ${dqcache_nologcmd:="@PREFIX@/bin/multilog -*"}
+
+if [ -f /etc/rc.subr ]; then
+       . /etc/rc.subr
+fi
+
+rcvar=${name}
+required_dirs="@PKG_SYSCONFDIR@/${name}/servers"
+required_files="@PKG_SYSCONFDIR@/${name}/servers/@"
+command="@PREFIX@/sbin/${name}"
+procname=nb${name}
+start_precmd="dqcache_precmd"
+
+dqcache_precmd() {
+       if [ -f /etc/rc.subr ] && ! checkyesno dqcache_log; then
+               dqcache_logcmd=${dqcache_nologcmd}
+       fi
+       command="@PREFIX@/bin/pgrphack @SETENV@ - ${dqcache_postenv} \
+ROOT=@PKG_SYSCONFDIR@/${name} \
+IP=${dqcache_ip} \
+CACHESIZE=${dqcache_size} \
+@PREFIX@/bin/envuidgid @DQCACHE_USER@ \
+@PREFIX@/bin/argv0 @PREFIX@/sbin/${name} ${procname} \
+2>&1 | \
+${dqcache_logcmd}"
+       command_args="&"
+       rc_flags=""
+}
+
+if [ -f /etc/rc.subr ]; then
+       load_rc_config $name
+       run_rc_command "$1"
+else
+       @ECHO_N@ " ${name}"
+       dqcache_precmd
+       eval ${command} ${dqcache_flags} ${command_args}
+fi
diff -r 17195bfb30a1 -r 2695ffec715a net/dq/files/examples.md
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dq/files/examples.md  Thu Jan 27 15:31:09 2022 +0000
@@ -0,0 +1,170 @@
+# dq
+
+### Authoritative example - streamlined DNSCurve query (executed 23.11.2013):
+
+    $ dq -a a dnscurve.org uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    1 dnscurve.org - streamlined DNSCurve:
+    320 bytes, 1+2+3+3 records, response, authoritative, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.142
+    answer: dnscurve.org 600 A 131.193.32.147
+    authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+    additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+    additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+    additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - TXT DNSCurve query, using suffix 'dnscurve.org'
+(executed 23.11.2013):
+
+    $ dq -S 'dnscurve.org' -a a dnscurve.org uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    1 dnscurve.org - txt DNSCurve:
+    320 bytes, 1+2+3+3 records, response, authoritative, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.142
+    answer: dnscurve.org 600 A 131.193.32.147
+    authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+    additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+    additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+    additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - streamlined DNSCurve query, using IPv4 and key
+(executed 23.11.2013):
+
+    $ dq -k uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090 -a a dnscurve.org 131.155.71.143
+    1 dnscurve.org - streamlined DNSCurve:
+    320 bytes, 1+2+3+3 records, response, authoritative, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.147
+    answer: dnscurve.org 600 A 131.193.32.142
+    authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+    additional: uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org 259200 A 131.193.32.142
+    additional: uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org 259200 A 131.155.71.143
+    additional: uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org 259200 A 80.101.159.118
+
+### Authoritative example - streamlined DNSCurve query, using IPv6 and key
+(executed 23.11.2013):
+    
+    $ dq -a -k uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p a blinkenlights.ch 2a01:4f8:120:43c1::a
+    1 blinkenlights.ch - streamlined DNSCurve:
+    341 bytes, 1+1+3+3 records, response, authoritative, noerror
+    query: 1 blinkenlights.ch
+    answer: blinkenlights.ch 86400 A 78.46.72.150
+    authority: blinkenlights.ch 259200 NS uz5crn6x92t4vb4k3z68du7rmwmnnvkbdd29t79yzg9fr2s2rx5pk0.nsde1.eqmx.net
+    authority: blinkenlights.ch 259200 NS uz5mnv8n4dzrp95zl50jryb4wgf45my27q6pvx8f540l9sspkcwvtm.nszh1.eqmx.net
+    authority: blinkenlights.ch 259200 NS uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p.dns1.workaround.ch
+    additional: uz5crn6x92t4vb4k3z68du7rmwmnnvkbdd29t79yzg9fr2s2rx5pk0.nsde1.eqmx.net 86400 A 178.209.50.169
+    additional: uz5mnv8n4dzrp95zl50jryb4wgf45my27q6pvx8f540l9sspkcwvtm.nszh1.eqmx.net 86400 A 46.246.93.162
+    additional: uz52zufj724bjt11s3pgk2dtcpw8ww1dr8g3ssm3hs3jkmwr8l090p.dns1.workaround.ch 86400 A 78.46.72.150
+
+### Recursive example (executed 23.11.2013):
+
+    $ dq a dnscurve.org
+    1 dnscurve.org - regular DNS:
+    272 bytes, 1+2+3+0 records, response, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.147
+    answer: dnscurve.org 600 A 131.193.32.142
+    authority: dnscurve.org 259200 NS uz5hjgptn63q5qlch6xlrw63tf6vhvvu6mjwn0s31buw1lhmlk14kd.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5dz39x8xk8wyq3dzn7vpt670qmvzx0zd9zg4ldwldkv6kx9ft090.ns.dnscurve.org
+    authority: dnscurve.org 259200 NS uz5uu2c7j228ujjccp3ustnfmr4pgcg5ylvt16kmd0qzw7bbjgd5xq.ns.dnscurve.org
+
+### Recursive example, using OpenDNS resolver - IPv6 (executed 23.11.2013):
+    
+    $ dq a dnscurve.org 2620:0:ccc::2
+    1 dnscurve.org - regular DNS:
+    62 bytes, 1+2+0+0 records, response, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.147
+    answer: dnscurve.org 600 A 131.193.32.142
+
+### Recursive example, using OpenDNS resolver - IPv4 (executed 23.11.2013):
+
+    $ dq a dnscurve.org 208.67.222.222
+    1 dnscurve.org - regular DNS:
+    62 bytes, 1+2+0+0 records, response, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.142
+    answer: dnscurve.org 600 A 131.193.32.147
+
+### Recursive example, using OpenDNS resolver - IPv4, dnsqr backward
+compatibility (executed 23.11.2013):
+
+    env DNSCACHEIP=208.67.222.222 dq a dnscurve.org
+    1 dnscurve.org - regular DNS:
+    62 bytes, 1+2+0+0 records, response, noerror
+    query: 1 dnscurve.org
+    answer: dnscurve.org 600 A 131.193.32.142
+    answer: dnscurve.org 600 A 131.193.32.147



Home | Main Index | Thread Index | Old Index