Commit graph

73 commits

Author SHA1 Message Date
Daniel Nagy
a40f86e390 unbound: optionally support DNS-over-HTTPS
unbound can be used as a DNS-over-HTTPS (DoH) server.

This is a blog post introducing the feature:

https://www.nlnetlabs.nl/news/2020/Oct/08/unbound-1.12.0-released/
2021-02-25 18:37:57 -05:00
Ben Siraphob
8c5d37129f pkgs/tools: stdenv.lib -> lib 2021-01-15 17:12:36 +07:00
Martin Weinelt
e8959c4660 unbound: 1.12.0 -> 1.13.0
https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-December/007102.html

Fixes: CVE-2020-28935
2020-12-08 05:22:41 +01:00
Ninjatrappeur
5f5d38e88f
Merge pull request #101218 from andir/unbound-systemd 2020-11-08 16:55:29 +01:00
Andreas Rammhold
c07ce093ec
unbound: allow building with systemd support
Systemd has to remain an optional (non-default) dependency as otherwise
we will have an unpleasant bootstrap cycle. Most (if not all) of the
(lib)unbound consumers will likely not care about unbound's systemd
integration that only affects the daemon mode, anyway.
2020-11-03 13:15:53 +01:00
Vladimír Čunát
89023c38fc
Recover the complicated situation after my bad merge
I made a mistake merge.  Reverting it in c778945806 undid the state
on master, but now I realize it crippled the git merge mechanism.
As the merge contained a mix of commits from `master..staging-next`
and other commits from `staging-next..staging`, it got the
`staging-next` branch into a state that was difficult to recover.

I reconstructed the "desired" state of staging-next tree by:
 - checking out the last commit of the problematic range: 4effe769e2
 - `git rebase -i --preserve-merges a8a018ddc0` - dropping the mistaken
   merge commit and its revert from that range (while keeping
   reapplication from 4effe769e2)
 - merging the last unaffected staging-next commit (803ca85c20)
 - fortunately no other commits have been pushed to staging-next yet
 - applying a diff on staging-next to get it into that state
2020-10-26 09:01:04 +01:00
Vladimír Čunát
c778945806
Revert "Merge #101508: libraw: 0.20.0 -> 0.20.2"
I'm sorry; I didn't notice it contained staging commits.

This reverts commit 17f5305b6c, reversing
changes made to a8a018ddc0.
2020-10-25 09:41:51 +01:00
Martin Weinelt
7d2a6beb6d
unbound: 1.11.0 -> 1.12.0 2020-10-09 00:46:40 +02:00
Frederik Rietdijk
377242d587 Merge staging-next into staging 2020-09-03 19:21:10 +02:00
Arthur Gautier
cc1920a109
unbound: disable lto on static builds (PR #96020)
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>

Amended by vcunat (isMusl != isStatic).
https://github.com/NixOS/nixpkgs/pull/96223#issuecomment-681204478
2020-09-01 08:49:31 +02:00
Vladimír Čunát
848a3a4d4a
Revert "unbound: fix build with nettle-3.5"
This reverts commit 96d65875f8.
The fix has been upstreamed a long time ago.
2020-08-29 07:47:41 +02:00
R. RyanTM
73cd1efe6d unbound: 1.10.1 -> 1.11.0 2020-08-02 22:43:22 +02:00
Vladimír Čunát
73390e3349
unbound: 1.10.0 -> 1.10.1 (security)
https://www.nlnetlabs.nl/news/2020/May/19/unbound-1.10.1-released/
It fixes DoS CVEs; details e.g. on http://www.nxnsattack.com/

On each Linux platform this should be around 8k rebuilds,
so as a compromise I'm pushing to staging-next.
2020-05-19 11:00:51 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Michiel Leenaars
2410dbb3c7 Unbound: 1.9.5 -> 1.10.0 2020-03-14 23:32:04 +00:00
Robert Scott
d17ecebcf0 unbound: install headers etc for libevent support as postInstall step 2019-12-15 18:48:53 +01:00
R. RyanTM
335e62b6f3 unbound: 1.9.4 -> 1.9.5 2019-12-01 18:28:50 +01:00
Vladimír Čunát
dc322c76d6
unbound: 1.9.3 -> 1.9.4
This only fixes CVE-2019-16866 (DoS, minor one IMHO)
https://www.nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-parsing-notify-queries
2019-10-04 09:37:50 +02:00
Vladimír Čunát
96d65875f8
unbound: fix build with nettle-3.5 2019-10-02 20:15:47 +02:00
Michiel Leenaars
ff824dedbc
unbound: 1.9.2 -> 1.9.3 2019-08-31 07:22:44 -04:00
Vladimír Čunát
2e6bf42a22
Merge branch 'master' into staging-next
There ver very many conflicts, basically all due to
name -> pname+version.  Fortunately, almost everything was auto-resolved
by kdiff3, and for now I just fixed up a couple evaluation problems,
as verified by the tarball job.  There might be some fallback to these
conflicts, but I believe it should be minimal.

Hydra nixpkgs: ?compare=1538299
2019-08-24 08:55:37 +02:00
Robin Gloster
4e60b0efae
treewide: update globin's maintained drvs 2019-08-20 19:36:05 +02:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
R. RyanTM
f7eee05a22 unbound: 1.9.1 -> 1.9.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions
2019-07-03 08:28:23 +02:00
R. RyanTM
2db96ffe49 unbound: 1.9.0 -> 1.9.1
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions
2019-04-16 18:56:09 +02:00
R. RyanTM
c84e7d1b6d unbound: 1.8.3 -> 1.9.0
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions
2019-02-15 02:45:27 -08:00
R. RyanTM
fdfb809a9b unbound: 1.8.1 -> 1.8.3
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions
2018-12-19 09:15:47 +01:00
Tristan Helmich (omniIT)
1bfaa0157e unbound: 1.8.0 -> 1.8.1 2018-10-27 14:04:01 +02:00
R. RyanTM
2d759f2b0a unbound: 1.7.3 -> 1.8.0 (#46938)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions
2018-10-03 00:44:42 +02:00
Vladimír Čunát
f769004e5b
unbound: 1.7.2 -> 1.7.3
The NEWS seems safe.

My motivation: fixes resolution of some Microsoft names if using
qname-minimisation: yes
2018-06-21 13:55:32 +02:00
Yegor Timoshenko
d04444295c
Merge pull request #41933 from r-ryantm/auto-update/unbound
unbound: 1.7.1 -> 1.7.2
2018-06-15 01:53:26 +00:00
R. RyanTM
94d678d9b3 unbound: 1.7.1 -> 1.7.2
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/unbound/versions.

These checks were done:

- built on NixOS
- Warning: no invocation of /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound-checkconf had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound-control had a zero exit code or showed the expected version
- /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound-host passed the binary check.
- Warning: no invocation of /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound-anchor had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2/bin/unbound-control-setup had a zero exit code or showed the expected version
- 1 of 6 passed binary check by having a zero exit code.
- 0 of 6 passed binary check by having the new version present in output.
- found 1.7.2 with grep in /nix/store/pka3ii26dp5xsxi7xs2rx3laxca2bv9l-unbound-1.7.2
- directory tree listing: https://gist.github.com/24f2136689bd3209095feb3b71734811
- du listing: https://gist.github.com/9efb5b527b161e93a47f0237c7d556a8
2018-06-13 08:56:56 -07:00
Matthew Bauer
e93a8cba4a unbound: also replace -R in libunbound.la
This was increasing closure sizes as well.
2018-06-09 13:00:50 -04:00
R. RyanTM
64bb57972c unbound: 1.7.0 -> 1.7.1
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/unbound/versions.

These checks were done:

- built on NixOS
- ran ‘/nix/store/456crrnsgkrbicb54bwrwwl76n2645gq-unbound-1.7.1/bin/unbound-host help’ got 0 exit code
- found 1.7.1 with grep in /nix/store/456crrnsgkrbicb54bwrwwl76n2645gq-unbound-1.7.1
- directory tree listing: https://gist.github.com/ab82a0d52e5fd8bda918bbdaa6ce7609
2018-05-06 20:13:16 -07:00
Ryan Mulligan
955898a05f unbound: 1.6.8 -> 1.7.0
Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:

- built on NixOS
- ran `/nix/store/p36fksfjzi9715cgx8s3kmngy51qfjki-unbound-1.7.0/bin/unbound-host help` got 0 exit code
- found 1.7.0 with grep in /nix/store/p36fksfjzi9715cgx8s3kmngy51qfjki-unbound-1.7.0
- directory tree listing: https://gist.github.com/bb22fcb9572c54b0464c82405bf26b56
2018-03-18 12:24:54 -07:00
Will Dietz
5d3af42250 unbound: don't build twice w/musl, second time fails :( 2018-02-13 09:44:50 -06:00
Dmitry Moskowski
baa23aa2fc
unbound: 1.6.7 -> 1.6.8
Fixes CVE-2017-15105
2018-01-21 19:09:27 +00:00
adisbladis
2da692dfc1 unbound: 1.6.6 -> 1.6.7 2017-10-28 10:29:17 +02:00
Joachim Fasting
c41af35c04
unbound: 1.6.5 -> 1.6.6 2017-09-20 22:23:05 +02:00
Franz Pletz
0f043d497d
unbound: 1.6.4 -> 1.6.5 2017-08-28 19:49:43 +02:00
Vladimír Čunát
e2b7b09960
Merge branch 'master' into staging 2017-07-15 12:15:56 +02:00
Franz Pletz
3bb9954a6b
dns-root-data: init at 2017-06-16 2017-07-12 09:45:25 +02:00
Vladimír Čunát
b1081224d8
unbound: bugfix 1.6.3 -> 1.6.4
Unbound is no longer a mass rebuild.
2017-07-11 15:17:12 +02:00
Franz Pletz
4ac68216bd
unbound: 1.6.2 -> 1.6.3
Also moves the header file into the lib output.
2017-06-15 13:42:27 +02:00
Franz Pletz
0b89f71a07
unbound: 1.6.1 -> 1.6.2 2017-05-14 22:46:57 +02:00
Vladimír Čunát
5c89ab7cb6
unbound: only use the two-phase build on Linux
Hydra shows some problems on Darwin with structure defns/decls.
http://hydra.nixos.org/build/49463873/nixlog/1/raw
2017-02-28 22:32:20 +01:00
Vladimír Čunát
a1919db7cd
Merge branch 'master' into staging 2017-02-27 20:15:27 +01:00
Vladimír Čunát
d00c26a595
unbound: lighten direct security deps of libunbound
Unfortunately, it seems easiest to build all twice.
Debian testing does this in a very similar way.

Tested briefly some individual queries and resperf :-)
2017-02-27 18:23:20 +01:00
Franz Pletz
114ae6baab
unbound: 1.6.0 -> 1.6.1 2017-02-24 17:57:41 +01:00
Dhananjay Balan
cab497ee6d unbound 1.5.6 > 1.6.0 2016-12-30 18:13:10 +01:00