colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #266299 from wahjava/update-unbound

Browse Source 
unbound: 1.18.0 -> 1.19.0
This commit is contained in:
ajs124 2023-11-14 15:45:54 +01:00 committed by GitHub
commit 7623b1c0fd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
nixos/tests/unbound.nix
View File

@ -106,8 +106,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
{
name = ".";
forward-addr = [
(lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv6.addresses).address
(lib.head nodes.authoritative.config.networking.interfaces.eth1.ipv4.addresses).address
(lib.head nodes.authoritative.networking.interfaces.eth1.ipv6.addresses).address
(lib.head nodes.authoritative.networking.interfaces.eth1.ipv4.addresses).address
];
}
];
@ -168,8 +168,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
"unbound-extra1.conf".text = ''
forward-zone:
name: "example.local."
forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}
forward-addr: ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}
forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}
forward-addr: ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}
'';
"unbound-extra2.conf".text = ''
auth-zone:
@ -187,8 +187,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
client = { lib, nodes, ... }: {
imports = [ common ];
networking.nameservers = [
(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address
(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address
(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address
(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address
];
networking.interfaces.eth1.ipv4.addresses = [
{ address = "192.168.0.10"; prefixLength = 24; }
@ -276,7 +276,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
resolver.wait_for_unit("multi-user.target")
with subtest("client should be able to query the resolver"):
test(client, ["${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True)
test(client, ["${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address}", "${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"], doh=True)
# discard the client we do not need anymore
client.shutdown()
@ -298,7 +298,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
).strip()
# Thank you black! Can't really break this line into a readable version.
expected = "example.local. IN forward ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.config.networking.interfaces.eth1.ipv4.addresses).address}"
expected = "example.local. IN forward ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv6.addresses).address} ${(lib.head nodes.resolver.networking.interfaces.eth1.ipv4.addresses).address}"
assert out == expected, f"Expected `{expected}` but got `{out}` instead."
local_resolver.fail("sudo -u unauthorizeduser -- unbound-control list_forwards")

21
pkgs/tools/networking/unbound/default.nix
View File

@ -47,24 +47,15 @@
, gnutls
}:
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "unbound";
version = "1.18.0";
version = "1.19.0";
src = fetchurl {
url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz";
hash = "sha256-PalUkKhc/2Qg8m+uC4Skn1ES3xvxt/w0+HJPAggstxI=";
url = "https://nlnetlabs.nl/downloads/unbound/unbound-${finalAttrs.version}.tar.gz";
hash = "sha256-qXUyRohUxhwt5IykFw3oVP07yVyAQ7sM+w/iZgWWZiQ=";
};
patches = [
# Backport: fix libunbound with nettle.
(fetchpatch {
url = "https://github.com/NLnetLabs/unbound/commit/654a7eab62cbd1844d483cc4a0f2cf2fbcbaf00a.patch";
excludes = [ "doc/Changelog" ];
hash = "sha256-n3FCeZESFrrn6Wcf28Hb8WZs1eMHWjbsf2WCFOXU3lI=";
})
];
outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB
nativeBuildInputs = [ makeWrapper pkg-config ]
@ -157,7 +148,7 @@ stdenv.mkDerivation rec {
+ ''substituteInPlace "$lib/lib/libunbound.la" ''
+ lib.concatMapStrings
(pkg: lib.optionalString (pkg ? dev) " --replace '-L${pkg.dev}/lib' '-L${pkg.out}/lib' --replace '-R${pkg.dev}/lib' '-R${pkg.out}/lib'")
(builtins.filter (p: p != null) buildInputs);
(builtins.filter (p: p != null) finalAttrs.buildInputs);
passthru.tests = {
inherit gnutls;
@ -172,4 +163,4 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ ajs124 ];
platforms = platforms.unix;
};
}
})