summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/packages/dns.scm50
1 files changed, 50 insertions, 0 deletions
diff --git a/gnu/packages/dns.scm b/gnu/packages/dns.scm
index 96818f8226..16e2220c90 100644
--- a/gnu/packages/dns.scm
+++ b/gnu/packages/dns.scm
@@ -137,6 +137,56 @@ high-volume and high-reliability applications. The name BIND stands for
     (home-page "https://www.isc.org/downloads/bind")
     (license (list license:isc))))
 
+(define-public dnscrypt-proxy
+  (package
+    (name "dnscrypt-proxy")
+    (version "1.7.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://download.dnscrypt.org/dnscrypt-proxy/"
+                    "dnscrypt-proxy-" version ".tar.bz2"))
+              (sha256
+               (base32
+                "1qw2nib0d5ia8581lbdnjxgn9c7pf2qw8vhpnnh1wjcjj3gpgbqx"))
+              (modules '((guix build utils)))
+              (snippet
+               ;; Delete bundled libltdl. XXX: This package also bundles
+               ;; a modified libevent that cannot currently be removed.
+               '(delete-file-recursively "libltdl"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'configure 'autoreconf
+           (lambda _
+             ;; Re-generate build files due to unbundling ltdl.
+             ;; TODO: Prevent generating new libltdl and building it.
+             ;; The system version is still favored and referenced.
+             (zero? (system* "autoreconf" "-vif")))))))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)
+       ("automake" ,automake)
+       ("autoconf" ,autoconf)
+       ("libtool" ,libtool)))
+    (inputs
+     `(("libltdl" ,libltdl)
+       ("libsodium" ,libsodium)))
+    (home-page "https://www.dnscrypt.org/")
+    (synopsis "Securely send DNS requests to a remote server")
+    (description
+     "@command{dnscrypt-proxy} is a tool for securing communications
+between a client and a DNS resolver.  It verifies that responses you get
+from a DNS provider was actually sent by that provider, and haven't been
+tampered with.  For optimal performance it is recommended to use this as
+a forwarder for a caching DNS resolver such as @command{dnsmasq}, but it
+can also be used as a normal DNS \"server\".  A list of public dnscrypt
+servers is included, and an up-to-date version is available at
+@url{https://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-resolvers.csv}.")
+    (license (list license:isc
+                   ;; Libevent and src/ext/queue.h is 3-clause BSD.
+                   license:bsd-3))))
+
 (define-public dnscrypt-wrapper
   (package
     (name "dnscrypt-wrapper")