# Contributor: Ondřej Surý <ondrej@sury.org>
pkgname=knot-resolver
-pkgver=VERSION
+pkgver=__VERSION__
pkgrel=1
pkgdesc='full caching DNS resolver implementation'
url='https://www.knot-resolver.cz/'
license=('GPL3')
install=install
depends=('libuv' 'knot>=2.6.4' 'luajit' 'cmocka' 'lua51-sec' 'lua51-socket' 'hiredis' 'libmemcached' 'libsystemd')
-source=("knot-resolver-${pkgver}.tar.xz"
+source=("knot-resolver_${pkgver}.orig.tar.xz"
"kresd.conf"
"root.keys")
--- /dev/null
+Tracking upstream sources in git
+--------------------------------
+
+This debian package is tracked in git at
+https://anonscm.debian.org/git/pkg-dns/knot-resolver.git, which
+includes the commits from the upstream git repository at
+https://gitlab.labs.nic.cz/knot/knot-resolver.git. When importing
+upstream tarballs, make sure you've fetched from the upstream repo
+before using "gbp import-orig" the tarball. We rely on
+upstream-vcs-tag from debian/gbp.conf to link upstream git history
+with new package history.
+
+See Joey Hess's thoughts about why tracking upstream git history is
+useful: https://joeyh.name/blog/entry/upstream_git_repositories/
+
+Rebuilding epoch.js and epoch.css
+---------------------------------
+
+ If you need to rebuild epoch.js and epoch.css using only tools
+ available in Debian, read gulpfile.js in d/missing-sources/epoch/ and
+ adjust following script if any files has been changed. You also need
+ to install ruby-sass, coffeescript and node-uglify
+
+cat > build.sh << EOF
+#!/bin/sh
+
+coffee -b -c \
+ src/epoch.coffee \
+ src/core/context.coffee \
+ src/core/util.coffee \
+ src/core/d3.coffee \
+ src/core/format.coffee \
+ src/core/chart.coffee \
+ src/core/css.coffee \
+ src/data.coffee \
+ src/model.coffee \
+ src/basic.coffee \
+ src/basic/*.coffee \
+ src/time.coffee \
+ src/time/*.coffee \
+ src/adapters.coffee \
+ src/adapters/*.coffee
+
+cat \
+ src/epoch.js \
+ src/core/context.js \
+ src/core/util.js \
+ src/core/d3.js \
+ src/core/format.js \
+ src/core/chart.js \
+ src/core/css.js \
+ src/data.js \
+ src/model.js \
+ src/basic.js \
+ src/basic/*.js \
+ src/time.js \
+ src/time/*.js \
+ src/adapters.js \
+ src/adapters/*.js \
+ > dist/js/epoch.js
+
+uglifyjs dist/js/epoch.js > dist/js/epoch.min.js
+
+sass -t compact sass/epoch.scss > dist/css/epoch.css
+sass -t compressed sass/epoch.scss > dist/css/epoch.min.css
+EOF
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Sun, 12 Nov 2017 12:52:39 +0800
--- /dev/null
+knot-resolver (__VERSION__-1) unstable; urgency=medium
+
+ * move changelog to OBS
+ * see NEWS or https://knot-resolver.cz
+
+ -- Tomas Krizek <tomas.krizek@nic.cz> Tue, 20 Feb 2018 19:36:45 +0100
--- /dev/null
+doc/kresd.8
+libkres.pc
+lib/libkres.a
+lib/libkres.so.6
--- /dev/null
+Source: knot-resolver
+Section: net
+Priority: optional
+Maintainer: Knot Resolver <knot-resolver@labs.nic.cz>
+Uploaders:
+ Tomas Krizek <tomas.krizek@nic.cz>
+Build-Depends-Indep:
+ doxygen,
+ python3-breathe,
+ python3-sphinx,
+ python3-sphinx-rtd-theme,
+Build-Depends:
+ debhelper (>= 9~),
+ dns-root-data,
+ libcmocka-dev (>= 1.0.0),
+ libedit-dev,
+ libgeoip-dev,
+ libgnutls28-dev,
+ libhiredis-dev,
+ libjansson-dev,
+ libknot-dev (>= 2.6.4),
+ liblmdb-dev,
+ libluajit-5.1-dev,
+ libmemcached-dev,
+ libsystemd-dev (>= 227),
+ libuv1-dev,
+ luajit,
+ pkg-config,
+ python3,
+Homepage: https://www.knot-resolver.cz/
+Rules-Requires-Root: no
+
+Package: knot-resolver
+Architecture: any
+Depends:
+ adduser,
+ dns-root-data,
+ libkres6 (= ${binary:Version}),
+ lua-sec,
+ lua-socket,
+ ${misc:Depends},
+ ${shlibs:Depends},
+Recommends:
+ knot-resolver-module-http,
+Description: caching, DNSSEC-validating DNS resolver
+ The Knot DNS Resolver is a caching full resolver implementation
+ written in C and LuaJIT, including both a resolver library and a
+ daemon. Modular architecture of the library keeps the core tiny and
+ efficient, and provides a state-machine like API for
+ extensions. There are three built-in modules - iterator, cache,
+ validator, and many external.
+ .
+ The Lua modules, switchable and shareable cache, and fast FFI
+ bindings makes it great to tap into resolution process, or be used
+ for your recursive DNS service. It's the OpenResty of DNS.
+ .
+ The server adopts a different scaling strategy than the rest of the
+ DNS recursors - no threading, shared-nothing architecture (except
+ MVCC cache that may be shared). You can start and stop additional
+ nodes depending on the contention without downtime.
+
+Package: knot-resolver-module-http
+Architecture: all
+Depends:
+ libjs-bootstrap,
+ libjs-d3,
+ libjs-jquery,
+ lua-http,
+ lua-mmdb,
+ ${misc:Depends},
+ ${shlibs:Depends},
+Breaks:
+ knot-resolver-module-tinyweb (<< 1.1.0~git20160713-1~),
+Description: HTTP/2 module for Knot Resolver
+ The Knot DNS Resolver is a caching full resolver implementation
+ written in C and LuaJIT, including both a resolver library and a
+ daemon. Modular architecture of the library keeps the core tiny and
+ efficient, and provides a state-machine like API for
+ extensions. There are three built-in modules - iterator, cache,
+ validator, and many external.
+ .
+ This package contains HTTP/2 module for local visualization of the
+ resolver cache and queries.
+
+Package: knot-resolver-doc
+Architecture: all
+Section: doc
+Depends:
+ libjs-jquery,
+ libjs-underscore,
+ ${misc:Depends},
+Description: Documentation for Knot Resolver
+ The Knot DNS Resolver is a caching full resolver implementation
+ written in C and LuaJIT, including both a resolver library and a
+ daemon. Modular architecture of the library keeps the core tiny and
+ efficient, and provides a state-machine like API for
+ extensions. There are three built-in modules - iterator, cache,
+ validator, and many external.
+ .
+ This package contains Knot Resolver Documentation.
+
+Package: libkres6
+Architecture: any
+Section: libs
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+Breaks:
+ knot-resolver (<< 1.5.0-5),
+Replaces:
+ knot-resolver (<< 1.5.0-5),
+Description: caching, DNSSEC-validating DNS resolver (shared library)
+ The Knot DNS Resolver is a caching full resolver implementation
+ written in C and LuaJIT, including both a resolver library and a
+ daemon. Modular architecture of the library keeps the core tiny and
+ efficient, and provides a state-machine like API for
+ extensions.
+ .
+ This package contains the libkres shared library used by Knot
+ Resolver.
+
+Package: libkres-dev
+Architecture: any
+Section: libdevel
+Depends:
+ libkres6 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends},
+Breaks:
+ knot-resolver (<< 1.5.0-5),
+Replaces:
+ knot-resolver (<< 1.5.0-5),
+Description: caching, DNSSEC-validating DNS resolver (shared library development files)
+ The Knot DNS Resolver is a caching full resolver implementation
+ written in C and LuaJIT, including both a resolver library and a
+ daemon. Modular architecture of the library keeps the core tiny and
+ efficient, and provides a state-machine like API for
+ extensions.
+ .
+ This package provides development files for use when building against
+ the libkres shared library.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: knot-resolver
+Source: https://www.knot-resolver.cz/
+
+Files: *
+Copyright: 2015 CZ.NIC
+License: GPL-3.0+
+
+Files: contrib/ccan/asprintf/*
+Copyright: Rusty Russell
+License: Expat
+
+Files: contrib/ccan/compiler/*
+ contrib/ccan/ilog/*
+Copyright: Rusty Russell
+License: CC0
+
+Files: contrib/ccan/isaac/*
+Copyright: Timothy B. Terriberry
+ Rusty Russell
+License: CC0
+
+Files: tests/config/tapered/*
+Copyright: 2012-2017, Peter Aronoff
+License: BSD-3-clause
+
+Files: contrib/lmdb/*
+Copyright: 1999-2003 The OpenLDAP Foundation
+License: OpenLDAP
+
+Files: tests/deckard/contrib/libfaketime/*
+Copyright: 2003-2017 Wolfgang Hommel
+License: GPL-2
+
+Files: tests/deckard/contrib/libswrap/*
+Copyright: 2005,2008 Jelmer Vernooij <jelmer@samba.org>
+ 2006-2009 Stefan Metzmacher <metze@samba.org>
+ 2013 Andreas Schneider <asn@samba.org>
+License: BSD-3-clause
+
+Files: contrib/murmurhash3/*
+Copyright: Austin Appleby
+License: public-domain
+
+Files: debian/missing-sources/dygraph-combined.js
+ modules/http/static/dygraph-combined.js
+Copyright: 2006-2014 Dan Vanderkam <danvdk@gmail.com>
+ 2016 Paul Miller
+ 2011 Robert Konigsberg <konigsberg@google.com>
+ 2013 David Eberlein <david.eberlein@ch.sauter-bc.com>
+License: MIT
+
+Files: contrib/ucw/*
+Copyright: 1997-2015 Martin Mares
+ 2005-2014 Tomas Valla
+ 2006 Robert Spalek
+ 2007-2015 Pavel Charvat
+License: LGPL-2.1
+
+Files: contrib/ccan/json/*
+Copyright: 2011 Joey Adams
+License: Expat
+
+Files: lib/generic/map.c lib/generic/map.h
+Copyright: Dan Bernstein
+ Jonas Gehring
+ Adam Langley
+ Marek Vavrusa
+License: public-domain
+
+Files: modules/policy/lua-aho-corasick/*
+Copyright: 2013 CloudFlare, Inc.
+License: BSD-3-CloudFlare
+
+Files: modules/http/static/jquery.js
+Copyright: 2005-2011 John Resig, Brandon Aaron & Jörn Zaefferer
+License: GPL-2 or Expat
+
+Files: modules/http/static/d3.js
+ modules/http/static/topojson.js
+Copyright: 2010-2015 Michael Bostock
+License: BSD-3-clause
+
+Files: modules/http/static/epoch.*
+ debian/missing-sources/epoch/*
+ debian/missing-sources/epoch.*
+Copyright: 2014 Fastly, Inc.
+License: Expat
+
+Files: modules/http/static/datamaps.world.min.js
+Copyright: 2012 Mark DiMarco
+License: Expat
+
+Files: modules/http/static/bootstrap.min.css
+ modules/http/static/bootstrap.min.js
+ modules/http/static/bootstrap-theme.min.css
+ modules/http/static/glyphicons-halflings-regular.woff2
+Copyright: 2012-2016 Thomas Park
+ 2011-2015 Twitter, Inc.
+License: Expat
+
+Files: modules/http/static/selectize.bootstrap3.min.css
+ modules/http/static/selectize.min.css
+ modules/http/static/selectize.min.js
+Copyright: 2013–2015 Brian Reavis & contributors
+License: Apache-2.0
+
+Files: debian/*
+Copyright: 2015 Ondřej Surý <ondrej@debian.org>
+License: GPL-3.0+
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of the
+ License, or (at your option) any later version.
+ .
+ This library is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library. If not, see <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in "/usr/share/common-licenses/LGPL-2.1".
+
+License: GPL-3.0+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
+
+License: Expat
+ Permission is hereby granted, free of charge, to any person obtaining
+ a copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+ .
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+
+License: CC0
+ Statement of Purpose
+ .
+ The laws of most jurisdictions throughout the world automatically
+ confer exclusive Copyright and Related Rights (defined below) upon
+ the creator and subsequent owner(s) (each and all, an "owner") of an
+ original work of authorship and/or a database (each, a "Work").
+ .
+ Certain owners wish to permanently relinquish those rights to a Work
+ for the purpose of contributing to a commons of creative, cultural
+ and scientific works ("Commons") that the public can reliably and
+ without fear of later claims of infringement build upon, modify,
+ incorporate in other works, reuse and redistribute as freely as
+ possible in any form whatsoever and for any purposes, including
+ without limitation commercial purposes. These owners may contribute
+ to the Commons to promote the ideal of a free culture and the further
+ production of creative, cultural and scientific works, or to gain
+ reputation or greater distribution for their Work in part through the
+ use and efforts of others.
+ .
+ For these and/or other purposes and motivations, and without any
+ expectation of additional consideration or compensation, the person
+ associating CC0 with a Work (the "Affirmer"), to the extent that he
+ or she is an owner of Copyright and Related Rights in the Work,
+ voluntarily elects to apply CC0 to the Work and publicly distribute
+ the Work under its terms, with knowledge of his or her Copyright and
+ Related Rights in the Work and the meaning and intended legal effect
+ of CC0 on those rights.
+ .
+ 1. Copyright and Related Rights. A Work made available under CC0 may
+ be protected by copyright and related or neighboring rights
+ ("Copyright and Related Rights"). Copyright and Related Rights
+ include, but are not limited to, the following:
+ .
+ i. the right to reproduce, adapt, distribute, perform, display,
+ communicate, and translate a Work;
+ ii. moral rights retained by the original author(s) and/or
+ performer(s);
+ iii. publicity and privacy rights pertaining to a person's image or
+ likeness depicted in a Work;
+ iv. rights protecting against unfair competition in regards to a
+ Work, subject to the limitations in paragraph 4(a), below;
+ v. rights protecting the extraction, dissemination, use and reuse
+ of data in a Work;
+ vi. database rights (such as those arising under Directive 96/9/EC
+ of the European Parliament and of the Council of 11 March 1996
+ on the legal protection of databases, and under any national
+ implementation thereof, including any amended or successor
+ version of such directive); and
+ vii. other similar, equivalent or corresponding rights throughout
+ the world based on applicable law or treaty, and any national
+ implementations thereof.
+ .
+ 2. Waiver. To the greatest extent permitted by, but not in
+ contravention of, applicable law, Affirmer hereby overtly, fully,
+ permanently, irrevocably and unconditionally waives, abandons, and
+ surrenders all of Affirmer's Copyright and Related Rights and
+ associated claims and causes of action, whether now known or
+ unknown (including existing as well as future claims and causes of
+ action), in the Work (i) in all territories worldwide, (ii) for
+ the maximum duration provided by applicable law or treaty
+ (including future time extensions), (iii) in any current or future
+ medium and for any number of copies, and (iv) for any purpose
+ whatsoever, including without limitation commercial, advertising
+ or promotional purposes (the "Waiver"). Affirmer makes the Waiver
+ for the benefit of each member of the public at large and to the
+ detriment of Affirmer's heirs and successors, fully intending that
+ such Waiver shall not be subject to revocation, rescission,
+ cancellation, termination, or any other legal or equitable action
+ to disrupt the quiet enjoyment of the Work by the public as
+ contemplated by Affirmer's express Statement of Purpose.
+ .
+ 3. Public License Fallback. Should any part of the Waiver for any
+ reason be judged legally invalid or ineffective under applicable
+ law, then the Waiver shall be preserved to the maximum extent
+ permitted taking into account Affirmer's express Statement of
+ Purpose. In addition, to the extent the Waiver is so judged
+ Affirmer hereby grants to each affected person a royalty-free, non
+ transferable, non sublicensable, non exclusive, irrevocable and
+ unconditional license to exercise Affirmer's Copyright and Related
+ Rights in the Work (i) in all territories worldwide, (ii) for the
+ maximum duration provided by applicable law or treaty (including
+ future time extensions), (iii) in any current or future medium and
+ for any number of copies, and (iv) for any purpose whatsoever,
+ including without limitation commercial, advertising or
+ promotional purposes (the "License"). The License shall be deemed
+ effective as of the date CC0 was applied by Affirmer to the
+ Work. Should any part of the License for any reason be judged
+ legally invalid or ineffective under applicable law, such partial
+ invalidity or ineffectiveness shall not invalidate the remainder
+ of the License, and in such case Affirmer hereby affirms that he
+ or she will not (i) exercise any of his or her remaining Copyright
+ and Related Rights in the Work or (ii) assert any associated
+ claims and causes of action with respect to the Work, in either
+ case contrary to Affirmer's express Statement of Purpose.
+ .
+ 4. Limitations and Disclaimers.
+ .
+ a. No trademark or patent rights held by Affirmer are waived,
+ abandoned, surrendered, licensed or otherwise affected by this
+ document.
+ b. Affirmer offers the Work as-is and makes no representations or
+ warranties of any kind concerning the Work, express, implied,
+ statutory or otherwise, including without limitation warranties
+ of title, merchantability, fitness for a particular purpose, non
+ infringement, or the absence of latent or other defects,
+ accuracy, or the present or absence of errors, whether or not
+ discoverable, all to the greatest extent permissible under
+ applicable law.
+ c. Affirmer disclaims responsibility for clearing rights of other
+ persons that may apply to the Work or any use thereof, including
+ without limitation any person's Copyright and Related Rights in
+ the Work. Further, Affirmer disclaims responsibility for
+ obtaining any necessary consents, permissions or other rights
+ required for any use of the Work.
+ d. Affirmer understands and acknowledges that Creative Commons is
+ not a party to this document and has no duty or obligation with
+ respect to this CC0 or use of the Work.
+
+License: BSD-3-CloudFlare
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ .
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and/or other materials provided with the
+ distribution.
+ .
+ 3. Neither the name of CloudFlare, Inc. nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ .
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ 3. Neither the name of the author nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+
+
+License: GPL-2
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ .
+ On Debian systems, the complete text of the GNU General Public
+ License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+License: Apache-2.0
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+ .
+ https://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ On Debian systems, the full text of the Apache Software License version 2 can
+ be found in the file `/usr/share/common-licenses/Apache-2.0'.
+
+License: MIT
+ Permission is hereby granted, free of charge, to any person obtaining
+ a copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+ .
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+
+License: OpenLDAP
+ Redistribution and use of this software and associated documentation
+ ("Software"), with or without modification, are permitted provided
+ that the following conditions are met:
+ .
+ 1. Redistributions in source form must retain copyright statements
+ and notices,
+ .
+ 2. Redistributions in binary form must reproduce applicable copyright
+ statements and notices, this list of conditions, and the following
+ disclaimer in the documentation and/or other materials provided
+ with the distribution, and
+ .
+ 3. Redistributions must contain a verbatim copy of this document.
+ .
+ The OpenLDAP Foundation may revise this license from time to time.
+ Each revision is distinguished by a version number. You may use
+ this Software under terms of this license revision or under the
+ terms of any subsequent revision of the license.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS
+ CONTRIBUTORS ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT
+ SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S)
+ OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+ INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ .
+ The names of the authors and copyright holders must not be used in
+ advertising or otherwise to promote the sale, use or other dealing
+ in this Software without specific, written prior permission. Title
+ to copyright in this Software shall at all times remain with copyright
+ holders.
+ .
+ OpenLDAP is a registered trademark of the OpenLDAP Foundation.
--- /dev/null
+#!/bin/sh
+# See init-d-script(5) for instructions on how to use this library.
+#=============================================================================
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh
+# script. Scripts running before mountnfs.sh should remove the /usr/*
+# entries.
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+export PATH
+
+is_call_implemented() {
+ command -V $1 > /dev/null 2>&1
+}
+
+do_usage() {
+ if is_call_implemented do_reload ; then
+ echo "Usage: $SCRIPTNAME {start|stop|status|reload|restart|try-restart|force-reload}" >&2
+ else
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|try-restart|force-reload}" >&2
+ fi
+}
+
+call() {
+ cmd="$1"
+ shift
+ if is_call_implemented ${cmd}_override ; then
+ ${cmd}_override "$@"
+ else
+ ${cmd} "$@"
+ fi
+}
+
+#
+# Function that starts the daemon/service
+#
+
+# Return
+# 0 if daemon has been started
+# 1 if daemon was already running
+# 2 if daemon could not be started
+do_start_cmd() {
+ start-stop-daemon --start --quiet ${PIDFILE:+--pidfile ${PIDFILE}} \
+ $START_ARGS \
+ --startas $DAEMON --name $NAME --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet ${PIDFILE:+--pidfile ${PIDFILE}} \
+ $START_ARGS \
+ --startas $DAEMON --name $NAME --exec $DAEMON -- $DAEMON_ARGS \
+ || return 2
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+do_start()
+{
+ if is_call_implemented do_start_prepare ; then
+ call do_start_prepare
+ fi
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ call do_start_cmd
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ if is_call_implemented do_start_cleanup ; then
+ call do_start_cleanup
+ fi
+}
+
+#
+# Function that stops the daemon/service
+#
+
+# Return
+# 0 if daemon has been stopped
+# 1 if daemon was already stopped
+# 2 if daemon could not be stopped
+# other if a failure occurred
+do_stop_cmd() {
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
+ $STOP_ARGS \
+ ${PIDFILE:+--pidfile ${PIDFILE}} --name $NAME --exec $DAEMON
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 \
+ $STOP_ARGS \
+ --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return $RETVAL
+}
+
+do_stop()
+{
+ if is_call_implemented do_stop_prepare ; then
+ call do_stop_prepare
+ fi
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ call do_stop_cmd
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ if is_call_implemented do_stop_cleanup ; then
+ call do_stop_cleanup
+ fi
+}
+
+do_restart() {
+ [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME"
+ call do_stop_cmd
+ call do_start_cmd
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+}
+
+do_force_reload() {
+ if is_call_implemented do_reload ; then
+ call do_reload
+ else
+ call do_restart
+ fi
+}
+
+# Enable this using
+# alias do_reload=do_reload_sigusr1
+do_reload_sigusr1() {
+ log_daemon_msg "Reloading $DESC configuration files" "$NAME"
+ start-stop-daemon --oknodo --stop --signal 1 --quiet \
+ --pidfile "$PIDFILE" --exec "$DAEMON"
+ log_end_msg $?
+}
+
+do_status() {
+ status_of_proc "$DAEMON" "$NAME" && return 0 || return $?
+}
+
+if [ "$DEBUG" = "true" ] ; then
+ set -x
+fi
+
+SCRIPTNAME=$1
+scriptbasename="$(basename $1)"
+if [ "$scriptbasename" != "init-d-script" ] ; then
+ script="$1"
+ shift
+ . $script
+else
+ exit 0
+fi
+
+NAME=${NAME:=$(basename $DAEMON)}
+DESC=${DESC:=$NAME}
+
+# Do not use pid file if $PIDFILE is 'none'. Otherwise, generate from
+# $NAME or use the value provided by the init.d script.
+if [ none = "$PIDFILE" ] ; then
+ PIDFILE=
+elif [ -z "$PIDFILE" ] ; then
+ PIDFILE=/var/run/$NAME.pid
+fi
+
+# Exit if the package is not installed
+if [ none != "$DAEMON" ] && [ ! -x "$DAEMON" ] ; then
+ exit 0
+fi
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+if [ -t 0 ] ; then # Be verbose when called from a terminal
+ VERBOSE=yes
+fi
+
+case "$1" in
+ start)
+ call do_start
+ ;;
+ stop)
+ call do_stop
+ ;;
+ status)
+ call do_status
+ ;;
+ reload)
+ if is_call_implemented do_reload ; then
+ do_reload
+ else
+ call do_usage
+ exit 3
+ fi
+ ;;
+ force-reload)
+ call do_force_reload
+ ;;
+ restart)
+ call do_restart
+ ;;
+ try-restart)
+ log_daemon_msg "Trying to restart $DESC" "$NAME"
+ if call do_status > /dev/null 2>&1 ; then
+ call do_restart
+ log_end_msg $?
+ else
+ log_progress_msg "is not running."
+ log_end_msg 1
+ fi
+ ;;
+ '')
+ call do_usage
+ exit 3
+ ;;
+ *)
+ if is_call_implemented do_unknown ; then
+ call do_unknown "$1"
+ exit 3
+ else
+ call do_usage
+ exit 3
+ fi
+ ;;
+esac
+exit 0
--- /dev/null
+Document: knot-resolver
+Title: Knot DNS Resolver documentation
+Author: CZ.NIC labs
+Abstract: Documentation for the Knot DNS resolver,
+ including building from source, using the library,
+ and configuration and operation of the daemon.
+Section: Network/Communication
+
+Format: HTML
+Index: /usr/share/doc/knot-resolver/index.html
+Files: /usr/share/doc/knot-resolver/*.html
--- /dev/null
+doc/html/*
--- /dev/null
+usr/share/javascript/jquery/jquery.min.js usr/share/doc/knot-resolver/_static/jquery.js
+usr/share/javascript/underscore/underscore.min.js usr/share/doc/knot-resolver/_static/underscore.js
--- /dev/null
+usr/lib/knot-resolver/http.lua
+usr/lib/knot-resolver/http/*.css
+usr/lib/knot-resolver/http/*.ico
+usr/lib/knot-resolver/http/*.js
+usr/lib/knot-resolver/http/*.tpl
+usr/lib/knot-resolver/http/*.woff2
--- /dev/null
+/usr/share/javascript/bootstrap/css/bootstrap-theme.min.css /usr/lib/knot-resolver/http/bootstrap-theme.min.css
+/usr/share/javascript/bootstrap/css/bootstrap.min.css /usr/lib/knot-resolver/http/bootstrap.min.css
+/usr/share/javascript/bootstrap/js/bootstrap.min.js /usr/lib/knot-resolver/http/bootstrap.min.js
+/usr/share/javascript/d3/d3.min.js /usr/lib/knot-resolver/http/d3.js
+/usr/share/javascript/jquery/jquery.min.js /usr/lib/knot-resolver/http/jquery.js
--- /dev/null
+usr/lib/knot-resolver/tinyweb/*
--- /dev/null
+/etc/knot-resolver
+/usr/share/doc/knot-resolver/examples/
+/var/lib/knot-resolver
--- /dev/null
+debian/init-d-script usr/lib/knot-resolver/
+debian/kresd.conf etc/knot-resolver/
+etc/knot-resolver/config.* /usr/share/doc/knot-resolver/examples/
+systemd/kresd-control@.socket lib/systemd/system/
+systemd/kresd-tls.socket lib/systemd/system/
+systemd/kresd.socket lib/systemd/system/
+systemd/kresd@.service lib/systemd/system/
+systemd/tmpfiles/knot-resolver.conf usr/lib/tmpfiles.d/
+usr/lib/knot-resolver/*.so
+usr/lib/knot-resolver/daf.lua
+usr/lib/knot-resolver/daf/
+usr/lib/knot-resolver/detect_time_jump.lua
+usr/lib/knot-resolver/detect_time_skew.lua
+usr/lib/knot-resolver/dns64.lua
+usr/lib/knot-resolver/etcd.lua
+usr/lib/knot-resolver/graphite.lua
+usr/lib/knot-resolver/http_trace.lua
+usr/lib/knot-resolver/kres-gen.lua
+usr/lib/knot-resolver/kres.lua
+usr/lib/knot-resolver/policy.lua
+usr/lib/knot-resolver/predict.lua
+usr/lib/knot-resolver/priming.lua
+usr/lib/knot-resolver/prometheus.lua
+usr/lib/knot-resolver/renumber.lua
+usr/lib/knot-resolver/serve_stale.lua
+usr/lib/knot-resolver/ta_sentinel.lua
+usr/lib/knot-resolver/ta_signal_query.lua
+usr/lib/knot-resolver/trust_anchors.lua
+usr/lib/knot-resolver/version.lua
+usr/lib/knot-resolver/view.lua
+usr/lib/knot-resolver/workarounds.lua
+usr/lib/knot-resolver/zonefile.lua
+usr/sbin/kresc
+usr/sbin/kresd
--- /dev/null
+# /etc/default/kresd
+
+# This file is used only under sysvinit. If you use systemd and you
+# want to modify the arguments with which kresd is invoked, you should
+# instead use "systemctl edit kresd@.service" to override ExecStart=
+# in the [Service] section (see kresd.systemd(7) for more details).
+
+# For sysvinit users: KRESD_ARGS used to exist for historical reasons,
+# but that variable is deprecated and may stop working at some point
+# in the future. You are encouraged to merge any local changes into
+# DAEMON_ARGS directly.
+
+DAEMON_ARGS="--config=/etc/knot-resolver/kresd.conf --addr=127.0.0.1#53 --addr=::1#53 $KRESD_ARGS"
--- /dev/null
+#!/bin/sh
+# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
+if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
+ if [ -x /lib/init/init-d-script ]; then
+ set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
+ else
+ set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /usr/lib/knot-resolver/init-d-script
+ fi
+fi
+### BEGIN INIT INFO
+# Provides: kresd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Knot DNS Resolver
+# Description: Knot DNS Resolver
+### END INIT INFO
+
+# Author: Ondřej Surý <ondrej@debian.org>
+
+NAME=kresd
+DESC="Knot DNS Resolver"
+DAEMON=/usr/sbin/kresd
+START_ARGS="--background --make-pidfile"
+
+do_tmpfiles() {
+ local tmpfile type path mode user group age argument
+ tmpfile=/usr/lib/tmpfiles.d/$1.conf
+ if [ -r "$tmpfile" ]; then
+ if [ -x /bin/systemd-tmpfiles ]; then
+ /bin/systemd-tmpfiles --create "$tmpfile"
+ else
+ while read type path mode user group age argument; do
+ case "$type" in
+ d)
+ mkdir -p "$path";
+ chmod "$mode" "$path";
+ chown "$user:$group" "$path";
+ ;;
+ L)
+ if [ ! -e "$path" ]; then ln -s "$argument" "$path"; fi
+ ;;
+ \#*)
+ ;;
+ *)
+ log_warning_msg "tmpfile.d type '$type' is not supported yet"
+ ;;
+ esac
+ done < "$tmpfile"
+ fi
+ else
+ log_warning_msg "tmpfiles.d file '$1' doesn't exist or is not readable"
+ fi
+}
+
+do_start_prepare() {
+ do_tmpfiles knot-resolver
+}
--- /dev/null
+dev/null lib/systemd/system/kresd.service
--- /dev/null
+debian/tmp/usr/share/man/man8/kresd.8
+doc/kresd.systemd.7
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "configure" ]; then
+ adduser --quiet --system --group --no-create-home --home /var/cache/knot-resolver knot-resolver
+fi
+
+# Restart any running kresd instances if the root key is updated.
+# Note: if knot-resolver upstream watches this file and reloads it
+# upon a change, we can and should remove this trigger.
+if [ "$1" = "triggered" ]; then
+ if [ "$2" = "/usr/share/dns/root.key" ]; then
+ # systemctl of the sub-services is the preferred method to restart
+ systemctl try-restart 'kresd@*.service' || true
+ # but if we are running sysvinit, we can try to restart that process anyway
+ # (kresd.service is masked on systems that use systemd)
+ invoke-rc.d kresd try-restart || true
+ fi
+ exit 0
+fi
+
+#DEBHELPER#
--- /dev/null
+#!/bin/sh
+set -e
+
+if [ "$1" = "remove" ] && [ -x "/bin/systemctl" ]; then
+ systemctl stop system-kresd.slice || true
+fi
+
+#DEBHELPER#
--- /dev/null
+interest-noawait /usr/share/dns/root.key
--- /dev/null
+-- vim:syntax=lua:
+-- Refer to manual: http://knot-resolver.readthedocs.org/en/latest/daemon.html#configuration
+
+-- Load useful modules
+modules = {
+ 'policy', -- Block queries to local zones/bad sites
+ 'hints', -- Load /etc/hosts and allow custom root hints
+ 'stats', -- Track internal statistics
+ 'predict', -- Prefetch expiring/frequent records
+}
+
+-- See kresd.systemd(7) about configuring network interfaces when using systemd
+-- Listen on localhost (default)
+-- net = { '127.0.0.1', '::1' }
+
+-- Cache size
+cache.size = 100 * MB
--- /dev/null
+usr/include/libkres/*.h
+usr/lib/*.so
+usr/lib/pkgconfig/libkres.pc
--- /dev/null
+usr/lib/*.so.*
--- /dev/null
+libkres.so.6 libkres6 #MINVER#
+ cache_api@Base 2.1.0
+ iterate_api@Base 2.1.0
+ kr_answer_write_cookie@Base 2.1.0
+ kr_bitcmp@Base 2.1.0
+ kr_cache_clear@Base 2.1.0
+ kr_cache_close@Base 2.1.0
+ kr_cache_materialize@Base 2.1.0
+ kr_cache_open@Base 2.1.0
+ kr_cache_peek_exact@Base 2.1.0
+ kr_cache_sync@Base 2.1.0
+ kr_cache_ttl@Base 2.1.0
+ kr_cc_alg_get@Base 2.1.0
+ kr_cc_alg_names@Base 2.1.0
+ kr_cdb_lmdb@Base 2.1.0
+ kr_cookie_lru_get@Base 2.1.0
+ kr_cookie_lru_set@Base 2.1.0
+ kr_crypto_cleanup@Base 2.1.0
+ kr_crypto_init@Base 2.1.0
+ kr_crypto_reinit@Base 2.1.0
+ kr_dnssec_key_ksk@Base 2.1.0
+ kr_dnssec_key_match@Base 2.1.0
+ kr_dnssec_key_revoked@Base 2.1.0
+ kr_dnssec_key_tag@Base 2.1.0
+ kr_dnssec_key_zsk@Base 2.1.0
+ kr_family_len@Base 2.1.0
+ kr_inaddr@Base 2.1.0
+ kr_inaddr_family@Base 2.1.0
+ kr_inaddr_len@Base 2.1.0
+ kr_inaddr_port@Base 2.1.0
+ kr_inaddr_str@Base 2.1.0
+ kr_log_trace@Base 2.1.0
+ kr_log_verbose@Base 2.1.0
+ kr_memreserve@Base 2.1.0
+ kr_module_call@Base 2.1.0
+ kr_module_embedded@Base 2.1.0
+ kr_module_load@Base 2.1.0
+ kr_module_unload@Base 2.1.0
+ kr_no_question_cookie_query@Base 2.1.0
+ kr_nonce_write_wire@Base 2.1.0
+ kr_now@Base 2.1.0
+ kr_nsrep_elect@Base 2.1.0
+ kr_nsrep_elect_addr@Base 2.1.0
+ kr_nsrep_set@Base 2.1.0
+ kr_nsrep_sort@Base 2.1.0
+ kr_nsrep_update_rep@Base 2.1.0
+ kr_nsrep_update_rtt@Base 2.1.0
+ kr_parse_cookie_opt@Base 2.1.0
+ kr_pkt_clear_payload@Base 2.1.0
+ kr_pkt_make_auth_header@Base 2.1.0
+ kr_pkt_put@Base 2.1.0
+ kr_pkt_recycle@Base 2.1.0
+ kr_pkt_set_ext_rcode@Base 2.1.0
+ kr_qflags_clear@Base 2.1.0
+ kr_qflags_set@Base 2.1.0
+ kr_rand_uint@Base 2.1.0
+ kr_ranked_rrarray_add@Base 2.1.0
+ kr_request_put_cookie@Base 2.1.0
+ kr_resolve_begin@Base 2.1.0
+ kr_resolve_checkout@Base 2.1.0
+ kr_resolve_consume@Base 2.1.0
+ kr_resolve_finish@Base 2.1.0
+ kr_resolve_plan@Base 2.1.0
+ kr_resolve_pool@Base 2.1.0
+ kr_resolve_produce@Base 2.1.0
+ kr_rplan_deinit@Base 2.1.0
+ kr_rplan_empty@Base 2.1.0
+ kr_rplan_find_resolved@Base 2.1.0
+ kr_rplan_init@Base 2.1.0
+ kr_rplan_last@Base 2.1.0
+ kr_rplan_pop@Base 2.1.0
+ kr_rplan_push@Base 2.1.0
+ kr_rplan_push_empty@Base 2.1.0
+ kr_rplan_resolved@Base 2.1.0
+ kr_rplan_satisfies@Base 2.1.0
+ kr_rrkey@Base 2.1.0
+ kr_sc_alg_get@Base 2.1.0
+ kr_sc_alg_names@Base 2.1.0
+ kr_sockaddr_len@Base 2.1.0
+ kr_straddr_family@Base 2.1.0
+ kr_straddr_join@Base 2.1.0
+ kr_straddr_socket@Base 2.1.0
+ kr_straddr_split@Base 2.1.0
+ kr_straddr_subnet@Base 2.1.0
+ kr_strcatdup@Base 2.1.0
+ kr_ta_add@Base 2.1.0
+ kr_ta_clear@Base 2.1.0
+ kr_ta_covers@Base 2.1.0
+ kr_ta_covers_qry@Base 2.1.0
+ kr_ta_del@Base 2.1.0
+ kr_ta_get@Base 2.1.0
+ kr_ta_get_longest_name@Base 2.1.0
+ kr_verbose_set@Base 2.1.0
+ kr_verbose_status@Base 2.1.0
+ kr_zonecut_add@Base 2.1.0
+ kr_zonecut_copy@Base 2.1.0
+ kr_zonecut_copy_trust@Base 2.1.0
+ kr_zonecut_deinit@Base 2.1.0
+ kr_zonecut_del@Base 2.1.0
+ kr_zonecut_del_all@Base 2.1.0
+ kr_zonecut_find@Base 2.1.0
+ kr_zonecut_find_cached@Base 2.1.0
+ kr_zonecut_init@Base 2.1.0
+ kr_zonecut_set@Base 2.1.0
+ kr_zonecut_set_sbelt@Base 2.1.0
+ lru_apply_impl@Base 2.1.0
+ lru_create_impl@Base 2.1.0
+ lru_free_items_impl@Base 2.1.0
+ lru_get_impl@Base 2.1.0
+ map_clear@Base 2.1.0
+ map_contains@Base 2.1.0
+ map_del@Base 2.1.0
+ map_get@Base 2.1.0
+ map_make@Base 2.1.0
+ map_set@Base 2.1.0
+ map_walk_prefixed@Base 2.1.0
+ validate_api@Base 2.1.0
--- /dev/null
+usr/lib/knot-resolver/http/LICENSE
--- /dev/null
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Sun, 12 Nov 2017 14:03:31 +0800
+Subject: avoid shipping duplicate root.hints and icann-ca.pem
+
+---
+ etc/etc.mk | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/etc/etc.mk b/etc/etc.mk
+index 7aa6cb6..fa9e008 100644
+--- a/etc/etc.mk
++++ b/etc/etc.mk
+@@ -1,9 +1,9 @@
+-etc_SOURCES := icann-ca.pem \
++etc_SOURCES := \
+ config.cluster \
+ config.isp \
+ config.personal \
+- config.splitview \
+- root.hints
++ config.splitview
++
+
+ etc-install: $(DESTDIR)$(ETCDIR)
+ $(INSTALL) -m 0640 $(addprefix etc/,$(etc_SOURCES)) $(DESTDIR)$(ETCDIR)
--- /dev/null
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Sat, 17 Feb 2018 15:52:20 -0500
+Subject: Update documentation of --keyfile-ro
+
+On Debian systems, we depend on the OS package management to update
+the dns root data. Make the documentation for running with this
+option less scary-sounding, as it is the default.
+---
+ doc/kresd.8.in | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/doc/kresd.8.in b/doc/kresd.8.in
+index cbf7252..7f73876 100644
+--- a/doc/kresd.8.in
++++ b/doc/kresd.8.in
+@@ -24,7 +24,7 @@
+ .IR config ]
+ .RB [ \-k | \-\-keyfile
+ .IR keyfile ]
+-.RB [ \-K | \-\-keyfile-ro
++.RB [ \-K | \-\-keyfile\-ro
+ .IR keyfile ]
+ .RB [ \-m | \-\-moduledir
+ .IR path ]
+@@ -123,7 +123,7 @@ file at the default location (\fIconfig\fR). The syntax is
+ described in \fIdaemon/README.md\fR.
+ .TP
+ .B \-k\fI keyfile\fR, \fB\-\-keyfile=\fI<keyfile>
+-(Recommended!) Automatically managed root trust anchors file.
++Automatically managed root trust anchors file.
+ Root trust anchors in this file are managed using standard RFC 5011 (Automated Updates of DNS Security Trust Anchors).
+ Kresd needs write access to the directory containing the keyfile.
+
+@@ -133,10 +133,13 @@ and warning that you need to to check the key before trusting it will be issued.
+ The file contains DNSKEY/DS records in presentation format,
+ and is compatible with Unbound and BIND 9 root key files.
+ .TP
+-.B \-K\fI keyfile\fR, \fB\-\-keyfile-ro=\fI<keyfile>
+-(Discouraged) Static root trust anchors file. The file is not updated by kresd. Use of this option is discouraged because it will break your installation when the trust anchor key changes!
++.B \-K\fI keyfile\fR, \fB\-\-keyfile\-ro=\fI<keyfile>
++Static root trust anchors file. The file is not updated by
++kresd. Please ensure that any running kresd instances are restarted if
++the trust anchors change. (On Debian, this should happen automatically
++on upgrade of the dns-root-data package).
+
+-Default: "@KEYFILE_DEFAULT@" (can be empty if your distribution did not provide one)
++Default: "@KEYFILE_DEFAULT@"
+ .TP
+ .B \-m\fI path\fR, \fB\-\-moduledir=\fI<path>
+ Override the directory that is searched for modules. Default: @MODULEDIR@
--- /dev/null
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Sat, 17 Feb 2018 18:41:56 -0500
+Subject: look for modules in python3
+
+When building, we want to make sure we use python3 where possible, not
+python 2.7. This is what the executable is named in debian.
+---
+ platform.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/platform.mk b/platform.mk
+index 170269c..63a305d 100644
+--- a/platform.mk
++++ b/platform.mk
+@@ -200,7 +200,7 @@ endef
+
+ # Find Python package
+ define find_pythonpkg
+- HAS_$(1) := $(shell python -c "import $(1)" > /dev/null 2>&1 && echo yes || echo no)
++ HAS_$(1) := $(shell python3 -c "import $(1)" > /dev/null 2>&1 && echo yes || echo no)
+ endef
+
+ define find_soname
--- /dev/null
+0001-avoid-shipping-duplicate-root.hints-and-icann-ca.pem.patch
+0002-Update-documentation-of-keyfile-ro.patch
+0003-look-for-modules-in-python3.patch
--- /dev/null
+#!/usr/bin/make -f
+
+# see FEATURE AREAS in dpkg-buildflags(1)
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-pie
+
+# see ENVIRONMENT in dpkg-buildflags(1)
+# package maintainers to append CFLAGS
+export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic -fno-omit-frame-pointer
+# package maintainers to append LDFLAGS
+export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/*
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/default.mk
+
+export ARCH=$(DEB_HOST_GNU_CPU)
+export PREFIX=/usr
+export MODULEDIR=/usr/lib/knot-resolver
+export ETCDIR=/etc/knot-resolver
+
+RUN_TESTS := yes
+ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),hurd-i386 mips mipsel ppc64 ppc64el armel armhf arm64 kfreebsd-amd64 kfreebsd-i386))
+ $(warning Disabling checks on $(DEB_HOST_ARCH))
+ RUN_TESTS := no
+endif
+
+%:
+ dh $@
+
+override_dh_auto_clean-indep:
+ dh_auto_clean -- doc-clean http-clean
+
+override_dh_auto_build-arch:
+ CFLAGS="$${CFLAGS} -DNDEBUG" dh_auto_build -- V=1 BUILDMODE=static lib
+ CFLAGS="$${CFLAGS} -DNDEBUG" dh_auto_build -- V=1 \
+ ROOTHINTS=/usr/share/dns/root.hints \
+ KEYFILE_DEFAULT=/usr/share/dns/root.key
+
+override_dh_auto_build-indep:
+ dh_auto_build -- V=1 http
+ dh_auto_build -- V=1 doc-doxygen
+ cd doc && sphinx-build -b html -D html_theme=nature . html
+
+override_dh_auto_install-arch:
+ dh_auto_install --destdir=debian/tmp -- V=1
+
+override_dh_auto_install-indep:
+# install just the http/2 module
+ make http-install DESTDIR=debian/tmp V=1
+
+override_dh_installinit:
+ dh_installinit -pknot-resolver --name=kresd --no-start
+
+override_dh_installsystemd:
+ dh_installsystemd -pknot-resolver --name=kresd kresd-tls.socket kresd.socket
+
+override_dh_auto_test-indep:
+override_dh_auto_test-arch:
+ifeq ($(RUN_TESTS),yes)
+ dh_auto_test -- V=1
+endif
+
+override_dh_missing:
+ dh_missing --fail-missing
+
+override_dh_installchangelogs:
+ dh_installchangelogs NEWS
--- /dev/null
+3.0 (quilt)
--- /dev/null
+knot-resolver source: missing-license-paragraph-in-dep5-copyright public-domain *
+knot-resolver source: source-is-missing debian/missing-sources/*
--- /dev/null
+Test-Command: make installcheck
+Depends: @, @builddeps@
--- /dev/null
+Format: 3.0 (quilt)
+Source: knot-resolver
+Binary: knot-resolver, knot-resolver-module-http, knot-resolver-doc, libkres6, libkres-dev
+Architecture: any all
+Version: __VERSION__-1
+Maintainer: Knot Resolver <knot-resolver@labs.nic.cz>
+Uploaders: Tomas Krizek <tomas.krizek@nic.cz>
+Homepage: https://www.knot-resolver.cz/
+Testsuite: autopkgtest
+Build-Depends: debhelper (>= 9~), dns-root-data, libcmocka-dev (>= 1.0.0), libedit-dev, libgeoip-dev, libgnutls28-dev, libhiredis-dev, libjansson-dev, libknot-dev (>= 2.6.4), liblmdb-dev, libluajit-5.1-dev, libmemcached-dev, libsystemd-dev (>= 227), libuv1-dev, luajit, pkg-config, python3
+Build-Depends-Indep: doxygen, python3-breathe, python3-sphinx, python3-sphinx-rtd-theme
+Package-List:
+ knot-resolver deb net optional arch=any
+ knot-resolver-doc deb doc optional arch=all
+ knot-resolver-module-http deb net optional arch=all
+ libkres-dev deb libdevel optional arch=any
+ libkres6 deb libs optional arch=any
+Files:
%global _hardened_build 1
%define GPG_CHECK 0
-%define VERSION DYNAMIC
+%define VERSION __VERSION__
%define repodir %{_builddir}/%{name}-%{version}
Name: knot-resolver
License: GPLv3
URL: https://www.knot-resolver.cz/
-Source0: knot-resolver-%{version}.tar.xz
+Source0: knot-resolver_%{version}.orig.tar.xz
# LuaJIT only on these arches
%if 0%{?rhel}
#!/bin/bash -e
-# Fill in VERSION field in distribution specific files
+scripts/make-archive.sh
cd "$(git rev-parse --show-toplevel)"
-VERSION=$(scripts/show-version.sh | sed 's/knot-resolver-\(.*\).tar.xz/\1/')
-sed -i.bak "s@%define VERSION .*@%define VERSION $VERSION@" distro/fedora/knot-resolver.spec
-sed -i.bak "s/VERSION/$VERSION/" distro/arch/PKGBUILD
+VERSION=$(scripts/show-version.sh)
+
+# Fill in VERSION field in distribution specific files
+files='distro/fedora/knot-resolver.spec distro/arch/PKGBUILD distro/debian/debian/changelog distro/debian/knot-resolver.dsc'
+for file in $files; do
+ sed -i "s/__VERSION__/$VERSION/g" "$file"
+done
+
+# Rename archive to debian format
+mv knot-resolver-$VERSION.tar.xz knot-resolver_$VERSION.orig.tar.xz
+
+# Create debian archive and dsc
+pushd distro/debian
+tar -chaf knot-resolver_$VERSION-1.debian.tar.xz debian
+archive=knot-resolver_$VERSION-1.debian.tar.xz
+echo " $(md5sum $archive | cut -d' ' -f1) $(wc -c $archive)" >> knot-resolver.dsc
+popd
+archive=knot-resolver_$VERSION.orig.tar.xz
+echo " $(md5sum $archive | cut -d' ' -f1) $(wc -c $archive)" >> distro/debian/knot-resolver.dsc
# Create a source rpm for Fedora/EPEL
cd "$(git rev-parse --show-toplevel)"
-scripts/make-archive.sh
scripts/make-distrofiles.sh
-mv knot-resolver-*.tar.xz distro/fedora/
+mv knot-resolver_*.orig.tar.xz distro/fedora/
cd distro/fedora
rpkg srpm
-mv knot-resolver.spec{.bak,}
mv *.src.rpm ../../
mv *.tar.xz ../../
projects / thirdparty / knot-resolver.git / commitdiff
