Update to dnscrypt-proxy-2.0.25.

Changelog can be found at
https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.25 and
https://github.com/jedisct1/dnscrypt-proxy/releases/tag/2.0.24

From Nam Nguyen (maintainer). Thanks!

OK sthen@
This commit is contained in:
bket 2019-06-04 10:02:45 +00:00
parent e8af5b8c48
commit 0b5059d794
4 changed files with 44 additions and 18 deletions

View File

@ -1,10 +1,10 @@
# $OpenBSD: Makefile,v 1.41 2019/05/04 21:46:17 sthen Exp $
# $OpenBSD: Makefile,v 1.42 2019/06/04 10:02:45 bket Exp $
COMMENT = flexible DNS proxy with support for encrypted DNS protocols
GH_ACCOUNT = jedisct1
GH_PROJECT = dnscrypt-proxy
GH_TAGNAME = 2.0.23
GH_TAGNAME = 2.0.25
CATEGORIES = net

View File

@ -1,2 +1,2 @@
SHA256 (dnscrypt-proxy-2.0.23.tar.gz) = 1AWlYrDUsBAaETR8Fke7VTUZRdgtZ1ZbOWeUur8paQU=
SIZE (dnscrypt-proxy-2.0.23.tar.gz) = 2552615
SHA256 (dnscrypt-proxy-2.0.25.tar.gz) = d0aWAEyeMG4XI7TLvmapYRKKM1VD0xjQeGSSzmm5Bvo=
SIZE (dnscrypt-proxy-2.0.25.tar.gz) = 2596674

View File

@ -1,4 +1,4 @@
$OpenBSD: patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v 1.3 2019/04/16 15:26:11 bket Exp $
$OpenBSD: patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v 1.4 2019/06/04 10:02:45 bket Exp $
Index: dnscrypt-proxy/example-dnscrypt-proxy.toml
--- dnscrypt-proxy/example-dnscrypt-proxy.toml.orig
@ -12,7 +12,7 @@ Index: dnscrypt-proxy/example-dnscrypt-proxy.toml
## Require servers (from static + remote sources) to satisfy specific properties
@@ -497,7 +497,7 @@ cache_neg_max_ttl = 600
@@ -514,7 +514,7 @@ cache_neg_max_ttl = 600
[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']

View File

@ -1,4 +1,4 @@
$OpenBSD: README,v 1.2 2019/04/30 08:51:13 sthen Exp $
$OpenBSD: README,v 1.3 2019/06/04 10:02:45 bket Exp $
+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
@ -9,35 +9,61 @@ them to a DNSCrypt resolver over an encrypted channel.
To use this package, several things are required.
First, ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.
Customizing dnscrypt-proxy.toml
===============================
Uncomment 'server_names' to have a smaller set of public resolvers to be
used for load balancing. If this line is commented, all registered
servers matching the require_* filters will be used for load balancing.
Ensure that ${SYSCONFDIR}/dnscrypt-proxy.toml fits your needs.
Resolvers
---------
Uncomment 'server_names' to have a smaller set of public resolvers to be used
for load balancing. If this line is commented, all registered servers matching
the require_* filters will be used for load balancing. Refer to
${LOCALSTATEDIR}/dnscrypt-proxy/public-resolvers.md for a list of all public
resolvers.
Load balancing strategy
-----------------------
Note the load balancing strategy, controlled by 'lb_strategy'. It can be
set to one of the following values:
- 'fastest' (always pick the fastest server in the list)
- 'first' (always pick the fastest server in the list)
- 'p2' (randomly choose between the top two fastest servers)
- 'ph' (randomly choose between the top fastest half of all servers)
- 'random' (just pick any random server from the list)
'p2' is the default option, and you may change this. For more
information, see
'p2' is the default option. For more information, see
https://github.com/jedisct1/dnscrypt-proxy/wiki/Load-Balancing-Options
Second, start the daemon:
Logging
-------
Logging is disabled by default.
To log to /var/log/messages:
log_level = 2
use_syslog = true
To log to a custom file:
log_level = 2
log_file = '/var/log/dnscrypt-proxy.log'
Daemon
======
Start the daemon:
# rcctl enable dnscrypt_proxy
# rcctl start dnscrypt_proxy
Finally, set /etc/resolv.conf to perform queries from dnscrypt-proxy:
resolv.conf
===========
Set /etc/resolv.conf to perform queries from dnscrypt-proxy:
nameserver 127.0.0.1
lookup file bind
Note: If your IP address is dynamically fetched, dhclient(8) will normally
update resolv.conf with network-provided DNS servers. This can be avoided
by using "ignore domain-name, domain-name-servers;" in /etc/dhclient.conf.
update resolv.conf with network-provided DNS servers. This can be avoided by
using "ignore domain-name, domain-name-servers;" in /etc/dhclient.conf.
For more information, see https://dnscrypt.info/