diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index b309e4be400..add65893d39 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -659,6 +659,7 @@ ./services/networking/dnscrypt-wrapper.nix ./services/networking/dnsdist.nix ./services/networking/dnsmasq.nix + ./services/networking/doh-proxy-rust.nix ./services/networking/ncdns.nix ./services/networking/nomad.nix ./services/networking/ejabberd.nix diff --git a/nixos/modules/services/networking/doh-proxy-rust.nix b/nixos/modules/services/networking/doh-proxy-rust.nix new file mode 100644 index 00000000000..0e55bc38665 --- /dev/null +++ b/nixos/modules/services/networking/doh-proxy-rust.nix @@ -0,0 +1,60 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.doh-proxy-rust; + +in { + + options.services.doh-proxy-rust = { + + enable = mkEnableOption "doh-proxy-rust"; + + flags = mkOption { + type = types.listOf types.str; + default = []; + example = literalExample [ "--server-address=9.9.9.9:53" ]; + description = '' + A list of command-line flags to pass to doh-proxy. For details on the + available options, see . + ''; + }; + + }; + + config = mkIf cfg.enable { + systemd.services.doh-proxy-rust = { + description = "doh-proxy-rust"; + after = [ "network.target" "nss-lookup.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.doh-proxy-rust}/bin/doh-proxy ${escapeShellArgs cfg.flags}"; + Restart = "always"; + RestartSec = 10; + DynamicUser = true; + + CapabilityBoundingSet = ""; + LockPersonality = true; + MemoryDenyWriteExecute = true; + NoNewPrivileges = true; + ProtectClock = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + RemoveIPC = true; + RestrictAddressFamilies = "AF_INET AF_INET6"; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + SystemCallArchitectures = "native"; + SystemCallErrorNumber = "EPERM"; + SystemCallFilter = [ "@system-service" "~@privileged @resources" ]; + }; + }; + }; + + meta.maintainers = with maintainers; [ stephank ]; + +} diff --git a/nixos/tests/doh-proxy-rust.nix b/nixos/tests/doh-proxy-rust.nix new file mode 100644 index 00000000000..ca150cafab5 --- /dev/null +++ b/nixos/tests/doh-proxy-rust.nix @@ -0,0 +1,43 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "doh-proxy-rust"; + meta = with lib.maintainers; { + maintainers = [ stephank ]; + }; + + nodes = { + machine = { pkgs, lib, ... }: { + services.bind = { + enable = true; + extraOptions = "empty-zones-enable no;"; + zones = lib.singleton { + name = "."; + master = true; + file = pkgs.writeText "root.zone" '' + $TTL 3600 + . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d ) + . IN NS ns.example.org. + ns.example.org. IN A 192.168.0.1 + ''; + }; + }; + services.doh-proxy-rust = { + enable = true; + flags = [ + "--server-address=127.0.0.1:53" + ]; + }; + }; + }; + + testScript = { nodes, ... }: '' + url = "http://localhost:3000/dns-query" + query = "AAABAAABAAAAAAAAAm5zB2V4YW1wbGUDb3JnAAABAAE=" # IN A ns.example.org. + bin_ip = r"$'\xC0\xA8\x00\x01'" # 192.168.0.1, as shell binary string + + machine.wait_for_unit("bind.service") + machine.wait_for_unit("doh-proxy-rust.service") + machine.wait_for_open_port(53) + machine.wait_for_open_port(3000) + machine.succeed(f"curl --fail '{url}?dns={query}' | grep -qF {bin_ip}") + ''; +}) diff --git a/pkgs/servers/dns/doh-proxy-rust/cargo-lock.patch b/pkgs/servers/dns/doh-proxy-rust/cargo-lock.patch new file mode 100644 index 00000000000..8eeb0702bf7 --- /dev/null +++ b/pkgs/servers/dns/doh-proxy-rust/cargo-lock.patch @@ -0,0 +1,838 @@ +diff --git a/Cargo.lock b/Cargo.lock +new file mode 100644 +index 0000000..0dd9527 +--- /dev/null ++++ b/Cargo.lock +@@ -0,0 +1,832 @@ ++# This file is automatically @generated by Cargo. ++# It is not intended for manual editing. ++[[package]] ++name = "ansi_term" ++version = "0.11.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b" ++dependencies = [ ++ "winapi", ++] ++ ++[[package]] ++name = "anyhow" ++version = "1.0.40" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "28b2cd92db5cbd74e8e5028f7e27dd7aa3090e89e4f2a197cc7c8dfb69c7063b" ++ ++[[package]] ++name = "atty" ++version = "0.2.14" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" ++dependencies = [ ++ "hermit-abi", ++ "libc", ++ "winapi", ++] ++ ++[[package]] ++name = "autocfg" ++version = "1.0.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" ++ ++[[package]] ++name = "base64" ++version = "0.13.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" ++ ++[[package]] ++name = "bitflags" ++version = "1.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" ++ ++[[package]] ++name = "bumpalo" ++version = "3.6.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "63396b8a4b9de3f4fdfb320ab6080762242f66a8ef174c49d8e19b674db4cdbe" ++ ++[[package]] ++name = "byteorder" ++version = "1.4.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" ++ ++[[package]] ++name = "bytes" ++version = "1.0.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "b700ce4376041dcd0a327fd0097c41095743c4c8af8887265942faf1100bd040" ++ ++[[package]] ++name = "cc" ++version = "1.0.67" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "e3c69b077ad434294d3ce9f1f6143a2a4b89a8a2d54ef813d85003a4fd1137fd" ++ ++[[package]] ++name = "cfg-if" ++version = "1.0.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" ++ ++[[package]] ++name = "clap" ++version = "2.33.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "37e58ac78573c40708d45522f0d80fa2f01cc4f9b4e2bf749807255454312002" ++dependencies = [ ++ "ansi_term", ++ "atty", ++ "bitflags", ++ "strsim", ++ "textwrap", ++ "unicode-width", ++ "vec_map", ++] ++ ++[[package]] ++name = "doh-proxy" ++version = "0.3.8" ++dependencies = [ ++ "clap", ++ "jemallocator", ++ "libdoh", ++] ++ ++[[package]] ++name = "fnv" ++version = "1.0.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" ++ ++[[package]] ++name = "fs_extra" ++version = "1.2.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "2022715d62ab30faffd124d40b76f4134a550a87792276512b18d63272333394" ++ ++[[package]] ++name = "futures" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "7f55667319111d593ba876406af7c409c0ebb44dc4be6132a783ccf163ea14c1" ++dependencies = [ ++ "futures-channel", ++ "futures-core", ++ "futures-executor", ++ "futures-io", ++ "futures-sink", ++ "futures-task", ++ "futures-util", ++] ++ ++[[package]] ++name = "futures-channel" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "8c2dd2df839b57db9ab69c2c9d8f3e8c81984781937fe2807dc6dcf3b2ad2939" ++dependencies = [ ++ "futures-core", ++ "futures-sink", ++] ++ ++[[package]] ++name = "futures-core" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "15496a72fabf0e62bdc3df11a59a3787429221dd0710ba8ef163d6f7a9112c94" ++ ++[[package]] ++name = "futures-executor" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "891a4b7b96d84d5940084b2a37632dd65deeae662c114ceaa2c879629c9c0ad1" ++dependencies = [ ++ "futures-core", ++ "futures-task", ++ "futures-util", ++] ++ ++[[package]] ++name = "futures-io" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d71c2c65c57704c32f5241c1223167c2c3294fd34ac020c807ddbe6db287ba59" ++ ++[[package]] ++name = "futures-macro" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "ea405816a5139fb39af82c2beb921d52143f556038378d6db21183a5c37fbfb7" ++dependencies = [ ++ "proc-macro-hack", ++ "proc-macro2", ++ "quote", ++ "syn", ++] ++ ++[[package]] ++name = "futures-sink" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "85754d98985841b7d4f5e8e6fbfa4a4ac847916893ec511a2917ccd8525b8bb3" ++ ++[[package]] ++name = "futures-task" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "fa189ef211c15ee602667a6fcfe1c1fd9e07d42250d2156382820fba33c9df80" ++ ++[[package]] ++name = "futures-util" ++version = "0.3.13" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "1812c7ab8aedf8d6f2701a43e1243acdbcc2b36ab26e2ad421eb99ac963d96d1" ++dependencies = [ ++ "futures-channel", ++ "futures-core", ++ "futures-io", ++ "futures-macro", ++ "futures-sink", ++ "futures-task", ++ "memchr", ++ "pin-project-lite", ++ "pin-utils", ++ "proc-macro-hack", ++ "proc-macro-nested", ++ "slab", ++] ++ ++[[package]] ++name = "h2" ++version = "0.3.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "fc018e188373e2777d0ef2467ebff62a08e66c3f5857b23c8fbec3018210dc00" ++dependencies = [ ++ "bytes", ++ "fnv", ++ "futures-core", ++ "futures-sink", ++ "futures-util", ++ "http", ++ "indexmap", ++ "slab", ++ "tokio", ++ "tokio-util", ++ "tracing", ++] ++ ++[[package]] ++name = "hashbrown" ++version = "0.9.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d7afe4a420e3fe79967a00898cc1f4db7c8a49a9333a29f8a4bd76a253d5cd04" ++ ++[[package]] ++name = "hermit-abi" ++version = "0.1.18" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "322f4de77956e22ed0e5032c359a0f1273f1f7f0d79bfa3b8ffbc730d7fbcc5c" ++dependencies = [ ++ "libc", ++] ++ ++[[package]] ++name = "http" ++version = "0.2.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "7245cd7449cc792608c3c8a9eaf69bd4eabbabf802713748fd739c98b82f0747" ++dependencies = [ ++ "bytes", ++ "fnv", ++ "itoa", ++] ++ ++[[package]] ++name = "http-body" ++version = "0.4.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5dfb77c123b4e2f72a2069aeae0b4b4949cc7e966df277813fc16347e7549737" ++dependencies = [ ++ "bytes", ++ "http", ++ "pin-project-lite", ++] ++ ++[[package]] ++name = "httparse" ++version = "1.3.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "615caabe2c3160b313d52ccc905335f4ed5f10881dd63dc5699d47e90be85691" ++ ++[[package]] ++name = "httpdate" ++version = "0.3.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "494b4d60369511e7dea41cf646832512a94e542f68bb9c49e54518e0f468eb47" ++ ++[[package]] ++name = "hyper" ++version = "0.14.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "8bf09f61b52cfcf4c00de50df88ae423d6c02354e385a86341133b5338630ad1" ++dependencies = [ ++ "bytes", ++ "futures-channel", ++ "futures-core", ++ "futures-util", ++ "h2", ++ "http", ++ "http-body", ++ "httparse", ++ "httpdate", ++ "itoa", ++ "pin-project", ++ "tokio", ++ "tower-service", ++ "tracing", ++ "want", ++] ++ ++[[package]] ++name = "indexmap" ++version = "1.6.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "824845a0bf897a9042383849b02c1bc219c2383772efcd5c6f9766fa4b81aef3" ++dependencies = [ ++ "autocfg", ++ "hashbrown", ++] ++ ++[[package]] ++name = "instant" ++version = "0.1.9" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "61124eeebbd69b8190558df225adf7e4caafce0d743919e5d6b19652314ec5ec" ++dependencies = [ ++ "cfg-if", ++] ++ ++[[package]] ++name = "itoa" ++version = "0.4.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "dd25036021b0de88a0aff6b850051563c6516d0bf53f8638938edbb9de732736" ++ ++[[package]] ++name = "jemalloc-sys" ++version = "0.3.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "0d3b9f3f5c9b31aa0f5ed3260385ac205db665baa41d49bb8338008ae94ede45" ++dependencies = [ ++ "cc", ++ "fs_extra", ++ "libc", ++] ++ ++[[package]] ++name = "jemallocator" ++version = "0.3.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "43ae63fcfc45e99ab3d1b29a46782ad679e98436c3169d15a167a1108a724b69" ++dependencies = [ ++ "jemalloc-sys", ++ "libc", ++] ++ ++[[package]] ++name = "js-sys" ++version = "0.3.50" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "2d99f9e3e84b8f67f846ef5b4cbbc3b1c29f6c759fcbce6f01aa0e73d932a24c" ++dependencies = [ ++ "wasm-bindgen", ++] ++ ++[[package]] ++name = "lazy_static" ++version = "1.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" ++ ++[[package]] ++name = "libc" ++version = "0.2.92" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "56d855069fafbb9b344c0f962150cd2c1187975cb1c22c1522c240d8c4986714" ++ ++[[package]] ++name = "libdoh" ++version = "0.3.8" ++dependencies = [ ++ "anyhow", ++ "base64", ++ "byteorder", ++ "futures", ++ "hyper", ++ "tokio", ++ "tokio-rustls", ++] ++ ++[[package]] ++name = "lock_api" ++version = "0.4.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "dd96ffd135b2fd7b973ac026d28085defbe8983df057ced3eb4f2130b0831312" ++dependencies = [ ++ "scopeguard", ++] ++ ++[[package]] ++name = "log" ++version = "0.4.14" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" ++dependencies = [ ++ "cfg-if", ++] ++ ++[[package]] ++name = "memchr" ++version = "2.3.4" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525" ++ ++[[package]] ++name = "mio" ++version = "0.7.11" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "cf80d3e903b34e0bd7282b218398aec54e082c840d9baf8339e0080a0c542956" ++dependencies = [ ++ "libc", ++ "log", ++ "miow", ++ "ntapi", ++ "winapi", ++] ++ ++[[package]] ++name = "miow" ++version = "0.3.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21" ++dependencies = [ ++ "winapi", ++] ++ ++[[package]] ++name = "ntapi" ++version = "0.3.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3f6bb902e437b6d86e03cce10a7e2af662292c5dfef23b65899ea3ac9354ad44" ++dependencies = [ ++ "winapi", ++] ++ ++[[package]] ++name = "num_cpus" ++version = "1.13.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" ++dependencies = [ ++ "hermit-abi", ++ "libc", ++] ++ ++[[package]] ++name = "once_cell" ++version = "1.7.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "af8b08b04175473088b46763e51ee54da5f9a164bc162f615b91bc179dbf15a3" ++ ++[[package]] ++name = "parking_lot" ++version = "0.11.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "6d7744ac029df22dca6284efe4e898991d28e3085c706c972bcd7da4a27a15eb" ++dependencies = [ ++ "instant", ++ "lock_api", ++ "parking_lot_core", ++] ++ ++[[package]] ++name = "parking_lot_core" ++version = "0.8.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "fa7a782938e745763fe6907fc6ba86946d72f49fe7e21de074e08128a99fb018" ++dependencies = [ ++ "cfg-if", ++ "instant", ++ "libc", ++ "redox_syscall", ++ "smallvec", ++ "winapi", ++] ++ ++[[package]] ++name = "pin-project" ++version = "1.0.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "bc174859768806e91ae575187ada95c91a29e96a98dc5d2cd9a1fed039501ba6" ++dependencies = [ ++ "pin-project-internal", ++] ++ ++[[package]] ++name = "pin-project-internal" ++version = "1.0.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a490329918e856ed1b083f244e3bfe2d8c4f336407e4ea9e1a9f479ff09049e5" ++dependencies = [ ++ "proc-macro2", ++ "quote", ++ "syn", ++] ++ ++[[package]] ++name = "pin-project-lite" ++version = "0.2.6" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "dc0e1f259c92177c30a4c9d177246edd0a3568b25756a977d0632cf8fa37e905" ++ ++[[package]] ++name = "pin-utils" ++version = "0.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" ++ ++[[package]] ++name = "proc-macro-hack" ++version = "0.5.19" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" ++ ++[[package]] ++name = "proc-macro-nested" ++version = "0.1.7" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "bc881b2c22681370c6a780e47af9840ef841837bc98118431d4e1868bd0c1086" ++ ++[[package]] ++name = "proc-macro2" ++version = "1.0.26" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a152013215dca273577e18d2bf00fa862b89b24169fb78c4c95aeb07992c9cec" ++dependencies = [ ++ "unicode-xid", ++] ++ ++[[package]] ++name = "quote" ++version = "1.0.9" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7" ++dependencies = [ ++ "proc-macro2", ++] ++ ++[[package]] ++name = "redox_syscall" ++version = "0.2.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "94341e4e44e24f6b591b59e47a8a027df12e008d73fd5672dbea9cc22f4507d9" ++dependencies = [ ++ "bitflags", ++] ++ ++[[package]] ++name = "ring" ++version = "0.16.20" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" ++dependencies = [ ++ "cc", ++ "libc", ++ "once_cell", ++ "spin", ++ "untrusted", ++ "web-sys", ++ "winapi", ++] ++ ++[[package]] ++name = "rustls" ++version = "0.19.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "064fd21ff87c6e87ed4506e68beb42459caa4a0e2eb144932e6776768556980b" ++dependencies = [ ++ "base64", ++ "log", ++ "ring", ++ "sct", ++ "webpki", ++] ++ ++[[package]] ++name = "scopeguard" ++version = "1.1.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" ++ ++[[package]] ++name = "sct" ++version = "0.6.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "e3042af939fca8c3453b7af0f1c66e533a15a86169e39de2657310ade8f98d3c" ++dependencies = [ ++ "ring", ++ "untrusted", ++] ++ ++[[package]] ++name = "slab" ++version = "0.4.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" ++ ++[[package]] ++name = "smallvec" ++version = "1.6.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "fe0f37c9e8f3c5a4a66ad655a93c74daac4ad00c441533bf5c6e7990bb42604e" ++ ++[[package]] ++name = "spin" ++version = "0.5.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" ++ ++[[package]] ++name = "strsim" ++version = "0.8.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" ++ ++[[package]] ++name = "syn" ++version = "1.0.68" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3ce15dd3ed8aa2f8eeac4716d6ef5ab58b6b9256db41d7e1a0224c2788e8fd87" ++dependencies = [ ++ "proc-macro2", ++ "quote", ++ "unicode-xid", ++] ++ ++[[package]] ++name = "textwrap" ++version = "0.11.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" ++dependencies = [ ++ "unicode-width", ++] ++ ++[[package]] ++name = "tokio" ++version = "1.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "134af885d758d645f0f0505c9a8b3f9bf8a348fd822e112ab5248138348f1722" ++dependencies = [ ++ "autocfg", ++ "bytes", ++ "libc", ++ "memchr", ++ "mio", ++ "num_cpus", ++ "parking_lot", ++ "pin-project-lite", ++] ++ ++[[package]] ++name = "tokio-rustls" ++version = "0.22.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "bc6844de72e57df1980054b38be3a9f4702aba4858be64dd700181a8a6d0e1b6" ++dependencies = [ ++ "rustls", ++ "tokio", ++ "webpki", ++] ++ ++[[package]] ++name = "tokio-util" ++version = "0.6.5" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5143d049e85af7fbc36f5454d990e62c2df705b3589f123b71f441b6b59f443f" ++dependencies = [ ++ "bytes", ++ "futures-core", ++ "futures-sink", ++ "log", ++ "pin-project-lite", ++ "tokio", ++] ++ ++[[package]] ++name = "tower-service" ++version = "0.3.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "360dfd1d6d30e05fda32ace2c8c70e9c0a9da713275777f5a4dbb8a1893930c6" ++ ++[[package]] ++name = "tracing" ++version = "0.1.25" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "01ebdc2bb4498ab1ab5f5b73c5803825e60199229ccba0698170e3be0e7f959f" ++dependencies = [ ++ "cfg-if", ++ "pin-project-lite", ++ "tracing-core", ++] ++ ++[[package]] ++name = "tracing-core" ++version = "0.1.17" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "f50de3927f93d202783f4513cda820ab47ef17f624b03c096e86ef00c67e6b5f" ++dependencies = [ ++ "lazy_static", ++] ++ ++[[package]] ++name = "try-lock" ++version = "0.2.3" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" ++ ++[[package]] ++name = "unicode-width" ++version = "0.1.8" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "9337591893a19b88d8d87f2cec1e73fad5cdfd10e5a6f349f498ad6ea2ffb1e3" ++ ++[[package]] ++name = "unicode-xid" ++version = "0.2.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" ++ ++[[package]] ++name = "untrusted" ++version = "0.7.1" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" ++ ++[[package]] ++name = "vec_map" ++version = "0.8.2" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191" ++ ++[[package]] ++name = "want" ++version = "0.3.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" ++dependencies = [ ++ "log", ++ "try-lock", ++] ++ ++[[package]] ++name = "wasm-bindgen" ++version = "0.2.73" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "83240549659d187488f91f33c0f8547cbfef0b2088bc470c116d1d260ef623d9" ++dependencies = [ ++ "cfg-if", ++ "wasm-bindgen-macro", ++] ++ ++[[package]] ++name = "wasm-bindgen-backend" ++version = "0.2.73" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "ae70622411ca953215ca6d06d3ebeb1e915f0f6613e3b495122878d7ebec7dae" ++dependencies = [ ++ "bumpalo", ++ "lazy_static", ++ "log", ++ "proc-macro2", ++ "quote", ++ "syn", ++ "wasm-bindgen-shared", ++] ++ ++[[package]] ++name = "wasm-bindgen-macro" ++version = "0.2.73" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "3e734d91443f177bfdb41969de821e15c516931c3c3db3d318fa1b68975d0f6f" ++dependencies = [ ++ "quote", ++ "wasm-bindgen-macro-support", ++] ++ ++[[package]] ++name = "wasm-bindgen-macro-support" ++version = "0.2.73" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d53739ff08c8a68b0fdbcd54c372b8ab800b1449ab3c9d706503bc7dd1621b2c" ++dependencies = [ ++ "proc-macro2", ++ "quote", ++ "syn", ++ "wasm-bindgen-backend", ++ "wasm-bindgen-shared", ++] ++ ++[[package]] ++name = "wasm-bindgen-shared" ++version = "0.2.73" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "d9a543ae66aa233d14bb765ed9af4a33e81b8b58d1584cf1b47ff8cd0b9e4489" ++ ++[[package]] ++name = "web-sys" ++version = "0.3.50" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "a905d57e488fec8861446d3393670fb50d27a262344013181c2cdf9fff5481be" ++dependencies = [ ++ "js-sys", ++ "wasm-bindgen", ++] ++ ++[[package]] ++name = "webpki" ++version = "0.21.4" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "b8e38c0608262c46d4a56202ebabdeb094cef7e560ca7a226c6bf055188aa4ea" ++dependencies = [ ++ "ring", ++ "untrusted", ++] ++ ++[[package]] ++name = "winapi" ++version = "0.3.9" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" ++dependencies = [ ++ "winapi-i686-pc-windows-gnu", ++ "winapi-x86_64-pc-windows-gnu", ++] ++ ++[[package]] ++name = "winapi-i686-pc-windows-gnu" ++version = "0.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" ++ ++[[package]] ++name = "winapi-x86_64-pc-windows-gnu" ++version = "0.4.0" ++source = "registry+https://github.com/rust-lang/crates.io-index" ++checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/pkgs/servers/dns/doh-proxy-rust/default.nix b/pkgs/servers/dns/doh-proxy-rust/default.nix new file mode 100644 index 00000000000..76f1397611a --- /dev/null +++ b/pkgs/servers/dns/doh-proxy-rust/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, rustPlatform, fetchFromGitHub, Security, libiconv }: + +rustPlatform.buildRustPackage rec { + pname = "doh-proxy-rust"; + version = "0.3.8"; + + src = fetchFromGitHub { + owner = "jedisct1"; + repo = "doh-server"; + rev = version; + sha256 = "0jksdrji06ykk5cj6i8ydcjhagjwb2xz5bjs6qsw044p8a2hsq53"; + }; + + cargoSha256 = "1wilm7bzr8h9yjwzw97ihavaylkv6nrk8f0vmm7kia69vqdrz9in"; + cargoPatches = [ ./cargo-lock.patch ]; + + buildInputs = lib.optionals stdenv.isDarwin [ Security libiconv ]; + + doCheck = false; # no test suite, skip useless compile step + + meta = with lib; { + homepage = "https://github.com/jedisct1/doh-server"; + description = "Fast, mature, secure DoH server proxy written in Rust"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ stephank ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a1c36fc0c57..92c195dc530 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -18288,6 +18288,10 @@ in python3Packages = python36Packages; }; + doh-proxy-rust = callPackage ../servers/dns/doh-proxy-rust { + inherit (darwin.apple_sdk.frameworks) Security; + }; + dgraph = callPackage ../servers/dgraph { }; dico = callPackage ../servers/dico { };