This is an update for net/dnscrypt-proxy 2.0.44, released June 11, 2020. Changelogs: https://github.com/DNSCrypt/dnscrypt-proxy/blob/2.0.44/ChangeLog https://github.com/DNSCrypt/dnscrypt-proxy/blob/2.0.43/ChangeLog
A config breaking change is that the `tls_client_auth' section was renamed to `doh_client_x509_auth', but it errors out to notify the user if this is a problem. - "cache files are now downloaded as the user the daemon will be running as. This fixes permission issues at startup time." Larry Hynes reported this bug, and it was fixed by upstream (Frank Denis). https://github.com/DNSCrypt/dnscrypt-proxy/commit/6f2dcb900af01954a424e0d38bf0d16d9c599607 Port-wise to support downloading cache files, PLIST is manually changed to have @mode 775 and @owner/@group to _dnscrypt-proxy for /var/dnscrypt-proxy. Does 775 seem fine? permissions are changed from this: $ ls -al /var/dnscrypt-proxy/ total 136 drwxr-xr-x 2 root wheel 512 Jun 9 16:04 . drwxr-xr-x 26 root wheel 512 Jun 2 09:55 .. -rw-r--r-- 1 root wheel 55034 Jun 9 16:04 public-resolvers.md -rw-r--r-- 1 root wheel 307 Jun 9 16:04 public-resolvers.md.minisig -rw-r--r-- 1 root wheel 5920 Jun 9 16:04 relays.md -rw-r--r-- 1 root wheel 297 May 29 15:53 relays.md.minisig to this: $ ls -al /var/dnscrypt-proxy/ total 136 drwxrwxr-x 2 _dnscrypt-proxy _dnscrypt-proxy 512 Jun 11 19:18 . drwxr-xr-x 25 root wheel 512 Jun 11 19:15 .. -rw-r--r-- 1 _dnscrypt-proxy _dnscrypt-proxy 55034 Jun 11 19:18 public-resolvers.md -rw-r--r-- 1 _dnscrypt-proxy _dnscrypt-proxy 307 Jun 11 19:18 public-resolvers.md.minisig -rw-r--r-- 1 _dnscrypt-proxy _dnscrypt-proxy 5920 Jun 11 19:18 relays.md -rw-r--r-- 1 _dnscrypt-proxy _dnscrypt-proxy 297 Jun 11 19:18 relays.md.minisig I tested runtime on amd64. Feedback and tests are welcome. Index: Makefile =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/Makefile,v retrieving revision 1.53 diff -u -p -u -p -r1.53 Makefile --- Makefile 6 Apr 2020 18:42:57 -0000 1.53 +++ Makefile 12 Jun 2020 02:30:27 -0000 @@ -4,7 +4,7 @@ COMMENT = flexible DNS proxy with suppor GH_ACCOUNT = jedisct1 GH_PROJECT = dnscrypt-proxy -GH_TAGNAME = 2.0.42 +GH_TAGNAME = 2.0.44 CATEGORIES = net Index: distinfo =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/distinfo,v retrieving revision 1.29 diff -u -p -u -p -r1.29 distinfo --- distinfo 6 Apr 2020 18:42:57 -0000 1.29 +++ distinfo 12 Jun 2020 02:30:27 -0000 @@ -1,2 +1,2 @@ -SHA256 (dnscrypt-proxy-2.0.42.tar.gz) = wADKThWcZgbLNHbqnjTtZLXEbHENcMxWUfFPESXI01I= -SIZE (dnscrypt-proxy-2.0.42.tar.gz) = 2324442 +SHA256 (dnscrypt-proxy-2.0.44.tar.gz) = wsmWjwekFOlz7Fc09FmNdWo1wyvu2xgmhZDqE1V5Qjc= +SIZE (dnscrypt-proxy-2.0.44.tar.gz) = 2279842 Index: patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml,v retrieving revision 1.13 diff -u -p -u -p -r1.13 patch-dnscrypt-proxy_example-dnscrypt-proxy_toml --- patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 23 Mar 2020 05:16:43 -0000 1.13 +++ patches/patch-dnscrypt-proxy_example-dnscrypt-proxy_toml 12 Jun 2020 02:30:27 -0000 @@ -12,7 +12,7 @@ Index: dnscrypt-proxy/example-dnscrypt-p ## Require servers (from static + remote sources) to satisfy specific properties -@@ -585,7 +585,7 @@ cache_neg_max_ttl = 600 +@@ -594,7 +594,7 @@ cache_neg_max_ttl = 600 [sources.'public-resolvers'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'] @@ -21,7 +21,7 @@ Index: dnscrypt-proxy/example-dnscrypt-p minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' prefix = '' -@@ -593,7 +593,7 @@ cache_neg_max_ttl = 600 +@@ -602,7 +602,7 @@ cache_neg_max_ttl = 600 [sources.'relays'] urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md'] Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/PLIST,v retrieving revision 1.2 diff -u -p -u -p -r1.2 PLIST --- pkg/PLIST 22 Dec 2019 14:12:47 -0000 1.2 +++ pkg/PLIST 12 Jun 2020 02:30:27 -0000 @@ -16,4 +16,7 @@ share/examples/dnscrypt-proxy/example-dn share/examples/dnscrypt-proxy/example-forwarding-rules.txt share/examples/dnscrypt-proxy/example-ip-blacklist.txt share/examples/dnscrypt-proxy/example-whitelist.txt +@mode 775 +@owner _dnscrypt-proxy +@group _dnscrypt-proxy @sample ${LOCALSTATEDIR}/dnscrypt-proxy/
