Download raw body.
[UPDATE] net/dnscrypt-proxy 2.1.8 -> 2.1.12
Hello, ports
Another update for dnscrypt-proxy. The diff I made for 2.1.11 may be ignored,
however some points still apply:
https://marc.info/?l=openbsd-ports&m=174785569317963&w=2
Reposting them here for convenience.
- We have a web UI now for viewing some statistics data (disabled by
default). Thankfully we don't need to build a 100+ MB front-end to use
it, but it is recommended that your browser supports web socket and
other JS goodies to get its full potential. The main configuration file
is world-readable. Would it make sense to reconsider this given that it
may now contain sensitive information (username and password to access
the aforementioned website)? This could pose a problem if you run the
binary as a regular user because some commands require to read the
configuration file.
- Hot reloading of configuration files (also disabled by default in
the latest version). This is done automatically using fsnotify or
fallback to polling if that is not available. You can even reload it
manually and it works as advertised by shooting a classical SIGHUP to
the running process. The catch is that it's either all or nothing. That
is, you can't have automatic reload disabled while only keeping the
possibility using a manual trigger. Regardless I enabled the option in
rc. Maybe a mention in the README is in order?
And the QP-encoded diff (tested on yesterday's amd64 snap):
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/Makefile,v
retrieving revision 1.70
diff -u -p -u -p -r1.70 Makefile
--- Makefile 4 Apr 2025 09:33:41 -0000 1.70
+++ Makefile 28 May 2025 06:51:18 -0000
@@ -2,7 +2,7 @@ COMMENT = flexible DNS proxy with suppor
GH_ACCOUNT = DNSCrypt
GH_PROJECT = dnscrypt-proxy
-GH_TAGNAME = 2.1.8
+GH_TAGNAME = 2.1.12
CATEGORIES = net
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/distinfo,v
retrieving revision 1.39
diff -u -p -u -p -r1.39 distinfo
--- distinfo 4 Apr 2025 09:33:41 -0000 1.39
+++ distinfo 28 May 2025 06:51:18 -0000
@@ -1,2 +1,2 @@
-SHA256 (dnscrypt-proxy-2.1.8.tar.gz) = 2y1ZPQhNA0I1+q8JdDMYtAOftb4tOm4XywFXCR0j9Ns=
-SIZE (dnscrypt-proxy-2.1.8.tar.gz) = 4185376
+SHA256 (dnscrypt-proxy-2.1.12.tar.gz) = lf4p7QPa0M3TTUcxbssVwl9+9fqyHZ7FLL/EdDvPUZg=
+SIZE (dnscrypt-proxy-2.1.12.tar.gz) = 4294076
Index: patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v
retrieving revision 1.17
diff -u -p -u -p -r1.17 patch-dnscrypt-proxy_example-dnscrypt-proxy_toml
--- patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 11 Mar 2022 19:45:54 -0000 1.17
+++ patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 28 May 2025 06:51:18 -0000
@@ -1,7 +1,7 @@
Index: dnscrypt-proxy/example-dnscrypt-proxy.toml
--- dnscrypt-proxy/example-dnscrypt-proxy.toml.orig
+++ dnscrypt-proxy/example-dnscrypt-proxy.toml
-@@ -52,7 +52,7 @@ max_clients = 250
+@@ -50,7 +50,7 @@ max_clients = 250
## Note (2): this feature is not compatible with systemd socket activation.
## Note (3): when using -pidfile, the PID file directory must be writable by the new user
@@ -9,4 +9,4 @@ Index: dnscrypt-proxy/example-dnscrypt-p
+user_name = '_dnscrypt-proxy'
- ## Require servers (from remote sources) to satisfy specific properties
+ ###############################################################################
Index: pkg/DESCR
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/DESCR,v
retrieving revision 1.3
diff -u -p -u -p -r1.3 DESCR
--- pkg/DESCR 18 Jan 2025 04:32:55 -0000 1.3
+++ pkg/DESCR 28 May 2025 06:51:18 -0000
@@ -12,6 +12,7 @@ DNSCrypt and ODoH (Oblivious DoH), and f
Compatible with all DNS services
- Time-based filtering, with a flexible weekly schedule
- Transparent redirection of specific domains to specific resolvers
+- Optional hot-reloading of configuration files
- DNS caching, to reduce latency and improve privacy
- Local IPv6 blocking to reduce latency on IPv4-only networks
- Load balancing: pick a set of resolvers, dnscrypt-proxy will
Index: pkg/README
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/README,v
retrieving revision 1.6
diff -u -p -u -p -r1.6 README
--- pkg/README 11 Jul 2024 16:09:29 -0000 1.6
+++ pkg/README 28 May 2025 06:51:18 -0000
@@ -26,10 +26,12 @@ Note the load balancing strategy, contro
set to one of the following values:
- 'first' (always pick the fastest server in the list)
- 'p2' (randomly choose between the top two fastest servers)
+ - 'wp2' (choose better performing server from two random candidates)
- 'ph' (randomly choose between the top fastest half of all servers)
+ - 'p<n>' (randomly choose from fastest n servers)
- 'random' (just pick any random server from the list)
-'p2' is the default option. For more information, see
+'wp2' is the default option. For more information, see
https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options
Logging
Index: pkg/dnscrypt_proxy.rc
===================================================================
RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/dnscrypt_proxy.rc,v
retrieving revision 1.7
diff -u -p -u -p -r1.7 dnscrypt_proxy.rc
--- pkg/dnscrypt_proxy.rc 18 Jan 2025 04:32:55 -0000 1.7
+++ pkg/dnscrypt_proxy.rc 28 May 2025 06:51:18 -0000
@@ -8,7 +8,6 @@ daemon_flags="-config ${SYSCONFDIR}/dnsc
pexp="${daemon}${daemon_flags:+ ${daemon_flags}}.*"
rc_bg=YES
-rc_reload=NO
rc_configtest() {
${daemon} ${daemon_flags} -check
[UPDATE] net/dnscrypt-proxy 2.1.8 -> 2.1.12