mirror of
https://github.com/openwrt/packages.git
synced 2025-08-04 09:50:37 +00:00
4f22b4dceb
Knot Resolver 5.7.6 (2025-07-17) ================================ Security -------- - DoS: fix a rare segfault in `resolve` function (!1720) Someone controlling the DNS traffic might be able to trigger this crash intentionally and too often. - DoS: drop a wrong assertion/crash (!1721) Someone controlling the DNS traffic will most likely be able to trigger this crash intentionally and too often. Knot Resolver 5.7.5 (2025-04-24) ================================ Security -------- - DoS: fix unconfirmed crashes with the line below (!1683) [system] requirement "h && h->end > h->begin" failed in queue_pop_impl Improvements ------------ - tests: disable problematic config.http test (#925, !1678) - validator: accept a confusing NODATA proof with insecure delegation (!1678) Bugfixes -------- - daemon/http: DoH stream got stuck after returning an error code (!1652) - stats: request latency was very incorrect in some cases (!1678) Signed-off-by: Vladimír Čunát <vladimir.cunat@nic.cz>
90 lines
2.5 KiB
Makefile
90 lines
2.5 KiB
Makefile
#
|
|
# Copyright (C) 2015-2024 CZ.NIC, z. s. p. o. (https://www.nic.cz/)
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
|
|
PKG_RELRO_FULL:=0
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=knot-resolver
|
|
PKG_VERSION:=5.7.6
|
|
PKG_RELEASE:=1
|
|
|
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
|
|
PKG_SOURCE_URL:=https://secure.nic.cz/files/knot-resolver
|
|
PKG_HASH:=500ccd3a560300e547b8dc5aaff322f7c8e2e7d6f0d7ef5f36e59cb60504d674
|
|
|
|
PKG_MAINTAINER:=Jan Pavlinec <jan.pavlinec1@gmail.com>
|
|
PKG_LICENSE:=GPL-3.0-later
|
|
PKG_LICENSE_FILES:=COPYING
|
|
PKG_CPE_ID:=cpe:/a:nic:knot_resolver
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
include $(INCLUDE_DIR)/meson.mk
|
|
|
|
define Package/knot-resolver
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
SUBMENU:=IP Addresses and Names
|
|
TITLE:=Knot Resolver
|
|
URL:=https://www.knot-resolver.cz
|
|
DEPENDS=\
|
|
+knot-libs \
|
|
+knot-libzscanner \
|
|
+libuv \
|
|
@HAS_LUAJIT_ARCH +luajit \
|
|
+luasec \
|
|
+luasocket \
|
|
+libstdcpp \
|
|
+libnghttp2 \
|
|
+lmdb \
|
|
PACKAGE_knot-resolver_dnstap:libfstrm \
|
|
PACKAGE_knot-resolver_dnstap:libprotobuf-c
|
|
USERID:=kresd=3536:kresd=3536
|
|
endef
|
|
|
|
define Package/knot-resolver/description
|
|
The Knot Resolver is a caching full resolver
|
|
implementation, including both a resolver library and a daemon.
|
|
endef
|
|
|
|
define Package/knot-resolver/config
|
|
source "$(SOURCE)/Config.in"
|
|
endef
|
|
|
|
MESON_ARGS+= \
|
|
$(if $(CONFIG_PACKAGE_knot-resolver_dnstap), -Ddnstap=enabled,-Ddnstap=disabled) \
|
|
-Dcapng=disabled \
|
|
-Dclient=disabled \
|
|
-Dconfig_tests=disabled \
|
|
-Ddoc=disabled \
|
|
-Dinstall_kresd_conf=disabled \
|
|
-Dinstall_root_keys=disabled \
|
|
-Dkeyfile_default=/etc/knot-resolver/root.keys \
|
|
-Dprefix=/usr \
|
|
-Dunit_tests=disabled \
|
|
-Dutils=disabled \
|
|
-Dmalloc=disabled
|
|
|
|
define Package/knot-resolver/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/kresd $(1)/usr/sbin/
|
|
|
|
$(INSTALL_DIR) $(1)/usr/lib/knot-resolver
|
|
$(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/
|
|
$(CP) $(PKG_INSTALL_DIR)/usr/lib/knot-resolver/{*.lua,*.so} $(1)/usr/lib/knot-resolver/
|
|
$(INSTALL_DIR) $(1)/usr/lib/knot-resolver/kres_modules
|
|
$(CP) $(PKG_INSTALL_DIR)/usr/lib/knot-resolver/kres_modules/{*.lua,*.so} $(1)/usr/lib/knot-resolver/kres_modules/
|
|
$(INSTALL_DIR) $(1)/etc/init.d
|
|
$(INSTALL_BIN) ./files/kresd.init $(1)/etc/init.d/kresd
|
|
|
|
$(INSTALL_DIR) $(1)/etc/knot-resolver
|
|
$(CP) $(PKG_INSTALL_DIR)/etc/knot-resolver/root.hints $(1)/etc/knot-resolver/
|
|
$(CP) ./files/root.keys $(1)/etc/knot-resolver
|
|
endef
|
|
|
|
$(eval $(call BuildPackage,knot-resolver))
|