Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>lilik-openwrt-22.03
@ -0,0 +1,12 @@ | |||
menu "Configuration" | |||
config PACKAGE_knot-resolver_dnstap | |||
bool "Build with dnstap support" | |||
default n | |||
help | |||
knot-resolver dnstap module supports logging DNS responses | |||
to a unix socket in dnstap format using fstrm framing library. | |||
This logging is useful if you need effectivelly log all | |||
DNS traffic. | |||
The unix socket and the socket reader must be present before | |||
starting resolver instances. | |||
endmenu |
@ -0,0 +1,91 @@ | |||
# | |||
# Copyright (C) 2015-2021 CZ.NIC, z. s. p. o. (https://www.nic.cz/) | |||
# | |||
# This is free software, licensed under the GNU General Public License v2. | |||
# See /LICENSE for more information. | |||
# | |||
PKG_RELRO_FULL:=0 | |||
include $(TOPDIR)/rules.mk | |||
PKG_NAME:=knot-resolver | |||
PKG_VERSION:=5.2.1 | |||
PKG_RELEASE:=1 | |||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz | |||
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-resolver | |||
PKG_HASH:=aa37b744c400f437acba7a54aebcbdbe722ece743d342cbc39f2dd8087f05826 | |||
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec@nic.cz> | |||
PKG_LICENSE:=GPL-3.0-later | |||
PKG_LICENSE_FILES:=COPYING | |||
PKG_BUILD_DEPENDS:=meson/host | |||
PKG_INSTALL:=1 | |||
include $(INCLUDE_DIR)/package.mk | |||
include ../../devel/meson/meson.mk | |||
define Package/knot-resolver | |||
SECTION:=net | |||
CATEGORY:=Network | |||
SUBMENU:=IP Addresses and Names | |||
TITLE:=Knot DNS Resolver | |||
URL:=https://www.knot-resolver.cz | |||
DEPENDS=\ | |||
+knot-libs \ | |||
+knot-libzscanner \ | |||
+libuv \ | |||
+luajit \ | |||
+luasec \ | |||
+luasocket \ | |||
+libstdcpp \ | |||
+lmdb \ | |||
PACKAGE_knot-resolver_dnstap:libfstrm \ | |||
PACKAGE_knot-resolver_dnstap:libprotobuf-c \ | |||
@(aarch64||mips64||mips64el||powerpc64||x86_64) | |||
USERID:=kresd=3536:kresd=3536 | |||
endef | |||
define Package/knot-resolver/description | |||
The Knot Resolver is a caching full resolver | |||
implementation, including both a resolver library and a daemon. | |||
endef | |||
define Package/knot-resolver/config | |||
source "$(SOURCE)/Config.in" | |||
endef | |||
MESON_ARGS+= \ | |||
$(if $(CONFIG_PACKAGE_knot-resolver_dnstap), -Ddnstap=enabled,-Ddnstap=disabled) \ | |||
-Dcapng=disabled \ | |||
-Dclient=disabled \ | |||
-Dconfig_tests=disabled \ | |||
-Ddnstap=disabled \ | |||
-Ddoc=disabled \ | |||
-Dinstall_kresd_conf=disabled \ | |||
-Dinstall_root_keys=disabled \ | |||
-Dkeyfile_default=/etc/knot-resolver/root.keys \ | |||
-Dprefix=/usr \ | |||
-Dunit_tests=disabled \ | |||
-Dutils=disabled | |||
define Package/knot-resolver/install | |||
$(INSTALL_DIR) $(1)/usr/sbin | |||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kresd $(1)/usr/sbin/ | |||
$(INSTALL_DIR) $(1)/usr/lib/knot-resolver | |||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ | |||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/knot-resolver/{*.lua,*.so} $(1)/usr/lib/knot-resolver/ | |||
$(INSTALL_DIR) $(1)/usr/lib/knot-resolver/kres_modules | |||
$(CP) $(PKG_INSTALL_DIR)/usr/lib/knot-resolver/kres_modules/{*.lua,*.so} $(1)/usr/lib/knot-resolver/kres_modules/ | |||
$(INSTALL_DIR) $(1)/etc/init.d | |||
$(INSTALL_BIN) ./files/kresd.init $(1)/etc/init.d/kresd | |||
$(INSTALL_DIR) $(1)/etc/knot-resolver | |||
$(CP) $(PKG_INSTALL_DIR)/etc/knot-resolver/root.hints $(1)/etc/knot-resolver/ | |||
$(CP) ./files/root.keys $(1)/etc/knot-resolver | |||
endef | |||
$(eval $(call BuildPackage,knot-resolver)) |
@ -0,0 +1,75 @@ | |||
#!/bin/sh /etc/rc.common | |||
START=61 | |||
STOP=00 | |||
USE_PROCD=1 | |||
PROG=/usr/sbin/kresd | |||
CONFIGFILE=/tmp/kresd/kresd.config | |||
ROOTKEYFILE=/etc/knot-resolver/root.keys | |||
DEFAULT_RUNDIR=/tmp/kresd | |||
USERNAME=kresd | |||
GROUP=kresd | |||
init_header() { | |||
{ | |||
echo "--Automatically generated file; DO NOT EDIT" | |||
echo "modules = {" | |||
echo " 'hints > iterate'" | |||
echo " , 'policy'" | |||
if [ "$prefetch" \!= 0 ]; then | |||
echo " , 'stats'" | |||
echo " , predict = {" | |||
echo " window = 30 -- 30 minutes sampling window" | |||
echo " , period = 24*(60/30) -- track last 24 hours" | |||
echo " }" | |||
fi | |||
echo "}" | |||
echo "hints.use_nodata(true)" | |||
} > $CONFIGFILE | |||
} | |||
init_rootkey() { | |||
{ | |||
echo "trust_anchors.remove('.')" | |||
echo "trust_anchors.add_file('$ROOTKEYFILE', true)" | |||
} >> $CONFIGFILE | |||
} | |||
modify_rundir() { | |||
local rundir | |||
#create rundir | |||
rundir="$DEFAULT_RUNDIR" | |||
if [ ! -d "$rundir" ]; then | |||
mkdir -p "$rundir" | |||
fi | |||
if id "$1" >/dev/null 2>&1; then | |||
chown -R $USERNAME:$GROUP "$rundir" | |||
fi | |||
} | |||
start_service() { | |||
procd_open_instance | |||
procd_set_param file /etc/config/resolver | |||
procd_set_param command "$PROG" | |||
procd_append_param command --noninteractive | |||
procd_set_param respawn | |||
modify_rundir | |||
init_header | |||
init_rootkey | |||
# knot-resolver config | |||
procd_append_param command -c "$CONFIGFILE" | |||
procd_append_param command -a "0.0.0.0#53" | |||
procd_append_param command -a "::0#53" | |||
procd_close_instance | |||
} | |||
reload_service() | |||
{ | |||
stop | |||
start | |||
} |
@ -0,0 +1 @@ | |||
. IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d |
@ -0,0 +1,20 @@ | |||
This is just workaround. It should be removed after proper fixing in upstream. | |||
Patch fixes problem with lmdb pkg config. It also adds workaround for get_option | |||
which is now not propagated in OpenWrt meson host package. | |||
--- a/meson.build | |||
+++ b/meson.build | |||
@@ -23,10 +23,10 @@ libknot = dependency('libknot', version: | |||
libdnssec = dependency('libdnssec', version: knot_version) | |||
libzscanner = dependency('libzscanner', version: knot_version) | |||
libuv = dependency('libuv', version: '>=1.7') | |||
-lmdb = dependency('lmdb', required: false) | |||
-if not lmdb.found() # darwin workaround: missing pkgconfig | |||
- lmdb = meson.get_compiler('c').find_library('lmdb') | |||
-endif | |||
+##lmdb = dependency('lmdb', required: false) | |||
+##if not lmdb.found() # darwin workaround: missing pkgconfig | |||
+lmdb = meson.get_compiler('c').find_library('lmdb') | |||
+##endif | |||
gnutls = dependency('gnutls') | |||
luajit = dependency('luajit') | |||
# NOTE avoid using link_args for luajit due to a macOS issue |
@ -0,0 +1,13 @@ | |||
This patch fixes the problem with forwarding in knot-resolver v4.3.0. | |||
It reintroduces a fix which enables policy related hack (knot/knot-resolver#205 (comment 94566) ) | |||
--- a/modules/policy/policy.lua | |||
+++ b/modules/policy/policy.lua | |||
@@ -985,7 +985,7 @@ policy.layer = { | |||
if bit.band(state, bit.bor(kres.FAIL, kres.DONE)) ~= 0 then return state end | |||
local qry = req:initial() -- same as :current() but more descriptive | |||
return policy.evaluate(policy.rules, req, qry, state) | |||
- or (special_names_optim(req, qry.sname) | |||
+ or (true--special_names_optim(req, qry.sname) | |||
and policy.evaluate(policy.special_names, req, qry, state)) | |||
or state | |||
end, |
@ -0,0 +1,3 @@ | |||
#!/bin/sh | |||
kresd --version | grep "$2" |