# # spec file for package getdns # # Copyright (c) 2022 SUSE LLC # Copyright (c) 2021/22 Florian "sp1rit" # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %global soversion 10 %global libname lib%{name}%{soversion} %bcond_with libev_over_libevent Name: getdns Version: 1.7.3 Release: 2.13 Summary: A modern asynchronous DNS API License: BSD-3-Clause Group: System/Libraries URL: https://getdnsapi.net/ Source0: https://getdnsapi.net/dist/%{name}-%{version}.tar.gz Source1: https://getdnsapi.net/dist/%{name}-%{version}.tar.gz.asc # Willem Toorop # https://nlnetlabs.nl/people/#willem-toorop # DC34EE5DB2417BCC151E5100E5F8F8212F77A498 Source2: https://keys.openpgp.org/pks/lookup?op=get&search=0xE5F8F8212F77A498#/%{name}.keyring BuildRequires: cmake >= 3.20 BuildRequires: doxygen BuildRequires: fdupes BuildRequires: gcc BuildRequires: unbound-devel BuildRequires: pkgconfig BuildRequires: pkgconfig(check) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libidn2) BuildRequires: pkgconfig(libssl) BuildRequires: pkgconfig(libuv) Requires: unbound-anchor %if %{with libev_over_libevent} BuildRequires: pkgconfig(libev) %else BuildRequires: pkgconfig(libevent) %endif %description getdns is an implementation of a modern asynchronous DNS API; the specification was originally edited by Paul Hoffman. It is intended to make all types of DNS information easily available to application developers and non-DNS experts. %package -n %{libname} Summary: A modern asynchronous DNS API Group: System/Libraries %description -n %{libname} getdns is an implementation of a modern asynchronous DNS API; the specification was originally edited by Paul Hoffman. It is intended to make all types of DNS information easily available to application developers and non-DNS experts. %package devel Summary: Development files for %{name} Group: Development/Libraries/C and C++ Requires: %{libname} = %{version} %description devel The %{name}-devel package contains libraries and header files for developing applications that use %{name}. %package utils Summary: Utilities for interacting with %{name} Group: Productivity/Networking/DNS/Utilities Requires: %{libname} = %{version} %description utils The %{name}-utils package contains utilities using getdns library, getdns_query and getdns_query_mon utilities. They can be used to analyze responses from DNS servers over UDP, TCP and TLS, including support for DNS security. getdns_query can be used for fetching details of DNS responses in json format. getdns_query_mon is great for automated monitoring of DNS server replies. %prep %autosetup -p1 %build %cmake \ -DBUILD_DOXYGEN=ON \ -DBUILD_EXAMPLES=ON \ -DPATH_TRUST_ANCHOR_FILE=%{_sharedstatedir}/unbound/root.key \ -DENABLE_STATIC=OFF \ %if %{with libev_over_libevent} -DBUILD_LIBEV=ON \ -DBUILD_LIBEVENT=OFF %else -DBUILD_LIBEV=OFF %endif %cmake_build %check # make test needs a network connection - so disabled per default # make test %install %cmake_install rm -rf %{buildroot}%{_docdir}/%{name} rm -rf %{buildroot}%{_datadir}/doc/%{name} %fdupes -s %{buildroot}/%{_mandir} %post -n %{libname} -p /sbin/ldconfig %postun -n %{libname} -p /sbin/ldconfig %files -n %{libname} %license LICENSE %{_libdir}/lib%{name}.so.%{soversion}* %{_libdir}/lib%{name}_ext_*.so.%{soversion}* %files devel %license LICENSE %doc README.md NEWS AUTHORS ChangeLog %doc spec %{_libdir}/lib%{name}.so %{_libdir}/lib%{name}_ext_*.so %{_libdir}/pkgconfig/%{name}.pc %{_includedir}/%{name}/ %{_mandir}/man3/%{name}_*.3%{?ext_man} %{_mandir}/man3/lib%{name}.3%{?ext_man} %files utils %{_bindir}/%{name}_query %{_bindir}/%{name}_server_mon %changelog * Wed Apr 10 2024 Matthias Bach - Fix package build on Tumbleweed and 15.6 stumbling over changed documentation install directories. * Thu Aug 10 2023 Wolfgang Rosenauer - pkgconfig(libunbound) started failing BuildRequire unbound-devel explicitely * Thu Dec 22 2022 Florian "spirit" - Update to version 1.7.3: * PR #532: Increase CMake required version 3.5 -> 3.20, because we need cmake_path for Absolute paths in pkg-config (See Issue #517) Thanks Gabriel Ganne * Updated to Stubby 0.4.3 quickfix release * Wed Sep 7 2022 Florian "spirit" - Update to version 1.7.2: * Updated to Stubby 0.4.2 quickfix release - Changes from version 1.7.1: * Always send the `dot` ALPN when using DoT * Strengthen version determination for Libidn2 during cmake processing (thanks jpbion). * Fix for issue in UDP stream selection in case of timeouts. Thanks Shikha Sharma * Fix using asterisk in ipstr for any address. Thanks uzlonewolf. * Issue stubby#295: rdata not correctly written for validation for certain RR type. Also, set default built type to RelWithDebInfo and expose CFLAGS via GETDNS_BUILD_CFLAGS define and via getdns_context_get_api_information() * Issue #524: Bug fixes from submodules' upstream? Thanks Johnnyslee * Issue #517: Allow Absolute path CMAKE_INSTALL_{INCLUDE,LIB}DIR in pkg-config files. Thanks Alex Shpilkin * Issue #512: Update README.md to show correct PGP key location. Thanks Katze Prior. * Wed May 4 2022 Florian "spirit" - Dropped libeconf0 workarround as it doesn't seem to be needed anymore. - Ran spec-cleaner * Sat Jul 24 2021 Florian "sp1rit" - Update to version 1.7.0 * Make TLS Handshake timeout max 4/5th of timeout for the query, just like connection setup timeout was, so fallback transport have a chance too when TCP connection setup is less well detectable (as with TCP_FASTOPEN on MacOS). * Issue #466: Memory leak with retrying queries (for examples with search paths). Thanks doublez13. * Issue #480: Handling of strptime when Cross compiling with CMake. A new option to FORCE_COMPAT_STRPTIME (default disabled) will (when disabled) make cmake assume the target platform has a POSIX compatible strptime when cross-compiling. * Setting of the number of milliseconds send data may remain unacknowledged by the peer in a TCP connection (when supported by the OS) with getdns_context_set_tcp_send_timeout() Thanks maciejsszmigiero. * Issue #497: Fix typo in CMAKE included files, so Stubby can use TLS v1.3 with chipersuites options ON. Thanks har-riz. * Basic name compression on server replied messages. Thanks amialkow! This alleviates (but might not completely resolve) issues #495 and [#320] . * Eventloop extensions back to the old names libgetdns_ext_event, libgetdns_ext_ev and libgetdns_ext_uv. * Compilation warning fixes. Thanks Andreas! + Version 1.6.0 * Issues #457, #458, #461: New symbols with libnettle >= 3.4. Thanks hanvinke & kometchtech for testing & reporting. * Issue #432: answer_ipv4_address and answer_ipv6_address in reply and response dicts. * Issue #430: Record and guard UDP max payload size with servers. * Issue #407: Run only offline-tests option with: src/test/tpkg/run-offline-only.sh (only with git checkouts). * Issue #175: Include the packet the stub resolver sent to the upstream the call_reporting dict. Thanks Tom Pusateri * Issue #169: Build eventloop support libraries if event libraries are available. Thanks Tom Pusateri - Rewrote spec file - Removed stubby subpackage, as it is now a seperate package. * Fri May 10 2019 Andreas Schneider - Do not overwrite the stubby config file * Mon Apr 15 2019 Wolfgang Rosenauer - Update to version 1.5.2 * experimental support for GnuTLS >= 3.5.0 as replacement for OpenSSL * support TCP Fast Open when possible * bugfix for DNSSEC scheduling * includes stubby version 0.2.6 * Tue Feb 19 2019 Andreas Schneider - Update to version 1.5.1 o getdns changelog: * 2019-01-11: Version 1.5.1 x PR #414: remove TLS13 ciphers from cipher_list, but only when SSL_CTX_set_ciphersuites is available. Thanks Bruno Pagani x Issue #415: Filter out #defines etc. when creating symbols file. Thanks Zero King * 2018-12-21: Version 1.5.0 x RFE getdnsapi/stubby#121 log re-instantiating TLS upstreams (because they reached tls_backoff_time) at log level 4 (WARNING) x GETDNS_RESPSTATUS_NO_NAME for NODATA answers too x ZONEMD rr-type x getdns_query queries for addresses when a query name without a type is given. x RFE #408: Fetching of trust anchors will be retried after failure, after a certain backoff time. The time can be configured with getdns_context_set_trust_anchors_backoff_time(). x RFE #408: A "dnssec" extension that requires DNSSEC verification. When this extension is set, Indeterminate DNSSEC status will not be returned. x Issue #410: Unspecified ownership of get_api_information() x Fix for DNSSEC bug in finding most specific key when trust anchor proves non-existance of one of the labels along the authentication chain other than the non- existance of a DS record on a zonecut. x Enhancement getdnsapi/stubby#56 & getdnsapi/stubby#130: Configurable minimum and maximum TLS versions with getdns_context_set_tls_min_version() and getdns_context_set_tls_max_version() functions and tls_min_version and tls_max_version configuration parameters for upstreams. x Configurable TLS1.3 ciphersuites with the getdns_context_set_tls_ciphersuites() function and tls_ciphersuites config parameter for upstreams. x Bugfix in upstream string configurations: tls_cipher_list and tls_curve_list x Bugfix finding signer for validating NSEC and NSEC3s, which caused trouble with the partly tracing DNSSEC from the root up, introduced in 1.4.2. Thanks Philip Homburg o Stubby ChangeLog * 2019-01-11: Version 0.2.5 x RFE getdnsapi/getdns#408: Document trust_anchors_backoff_time in stubby.yml.example. Thanks Jonathan Underwood x RFE #148: Document tls_ciphersuites, tls_cipher_list, tls_min_version and tls_max_version in stubby.yml.example. Thanks Jonathan Underwood x RFE #149: Added Google Public DNS to stubby.yml.example. Thanks Bruno Pagani * 2018-12-21: Version 0.2.4 x DNSSEC required with dnssec extension in example config x Removed the yeti servers from stubby.yml.example x Added the Foundation RESTENA servers in stubby.yml.example x Bugfix: only start Stubby when network is up Thanks Bruno Pagani - Removed stubby.service file (provided by the tarball now) * Tue Feb 19 2019 Andreas Schneider - Package stubby service - Added stubby.service file * Sat Oct 7 2017 wr@rosenauer.org - update to version 1.2.0 * Built-in DNSSEC trust-anchor management: Zero configuration DNSSEC * Better TLS upstream failure management, more resilient to transient connectivity loss and laptop "sleeps" etc. * An updated version of Stubby (0.1.3) with YAML configuration files. (not shipped in the package) - removed obsolete stub-fixes.diff * Thu Aug 3 2017 wr@rosenauer.org - update to version 1.1.2 * this release introduces a single new feature: the ability to register a callback function that will fire when certain subsystems have a log message of a certain severity 1.1.1: * bugfix release 1.1.0: * This version comes with the DNS Privacy stub resolver Stubby. Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy. https://getdnsapi.net/blog/dns-privacy-daemon-stubby/ NOTE: stubby is not included in this package at this moment! 1.0.0: * This release implements the "December 2015" specification of the API. With the exception of namespaces (i.e. mDNS), everything in the API specification is implemented in this release - added stub-fixes.diff to fix a crash https://github.com/getdnsapi/getdns/pull/321 * Sat Sep 17 2016 wr@rosenauer.org - initial package