community/dnscrypt-proxy upgrade to 2.0.29

Upgrade to 2.0.29
Adds Anonymized DNS Relays

2 files changed, 60 insertions, 6 deletions

diff --git a/community/dnscrypt-proxy/APKBUILD b/community/dnscrypt-proxy/APKBUILD
index 193e47b526..18e9333cd6 100644
--- a/community/dnscrypt-proxy/APKBUILD
+++ b/community/dnscrypt-proxy/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Ian Bashford <ianbashford@gmail.com>
 # Maintainer: Ian Bashford <ianbashford@gmail.com>
 pkgname=dnscrypt-proxy
-pkgver=2.0.28
+pkgver=2.0.29
 pkgrel=1
 pkgdesc="A tool for securing communications between a client and a DNS resolver"
 url="https://dnscrypt.info"
@@ -54,8 +54,8 @@ setup() {
 	install -m755 -D "$srcdir"/$pkgname.setup "$subpkgdir"/usr/sbin/setup-dnscrypt
 }
 
-sha512sums="45496a02bd19c94def17b621d0843cc93de4467e51ded4c20af91d9b5aa127529d85b8ff2473a88293c726611291a055d466a50258b7587da0e7d4ba7f0f366e  dnscrypt-proxy-2.0.28.tar.gz
+sha512sums="f02abe56e017153e7fc8b4a26b34c90f68554a1b32a16558c05e8113327896dbf7f81aa69c76fa823a4a0a697b4bb2089bdeb1237ad4ef3587121c2d4cdfe78c  dnscrypt-proxy-2.0.29.tar.gz
 e0a72d39d47dc24b889d08beedbd9fdf21615f42fbab79980debdfd2c3feaa83dc3f776351f7dd13533cc85905ce4e01812e4ff8a80a9ccc0b21e9db7d6cb232  dnscrypt-proxy.initd
 c001ae39da1b2db71764cab568f9ed18e4de0cea3d1a4e7bd6dd01a5668b81a888ea9eef99de6beac08857ad7f8eb1a32d730e946ac3563e4dcfa27147e35052  dnscrypt-proxy.confd
 66dd43d84117a0151ae41f34d82b716760382a5a491424bf6418228ffd21f0dfbc88e34cc5074e11f97f006335d97b85367bb9ab1d96747a48e893c022ad52d0  dnscrypt-proxy.setup
-c884ad02b8dacd4f62984de483be5d749a6444335e9bc9a1cc7326c14feab927c6a946374bbe3cda54c02ca22adcc0f927a5217a19e4016e7b551d3db9a168a7  config-full-paths.patch"
+96e46daf9487f25fcbf3513f862759c8522e5f4c842345cbbd4a25ef4e686cf05c10b539d78eff2ea6b76716e071337d6b8f3f0415ed6a8b92c6e46511411f4a  config-full-paths.patch"
diff --git a/community/dnscrypt-proxy/config-full-paths.patch b/community/dnscrypt-proxy/config-full-paths.patch
index 0e41f62a29..d237952594 100644
--- a/community/dnscrypt-proxy/config-full-paths.patch
+++ b/community/dnscrypt-proxy/config-full-paths.patch
@@ -3,7 +3,7 @@ new file mode 100644
 index 0000000..8455f8d
 --- /dev/null
 +++ b/dnscrypt-proxy/dnscrypt-proxy.toml
-@@ -0,0 +1,556 @@
+@@ -0,0 +1,610 @@
 +
 +##############################################
 +#                                            #
@@ -106,9 +106,12 @@ index 0000000..8455f8d
 +# http_proxy = 'http://127.0.0.1:8888'
 +
 +
-+## How long a DNS query will wait for a response, in milliseconds
++## How long a DNS query will wait for a response, in milliseconds.
++## If you have a network with *a lot* of latency, you may need to
++## increase this. Startup may be slower if you do so.
++## Don't increase it too much. 10000 is the highest reasonable value.
 +
-+timeout = 2500
++timeout = 5000
 +
 +
 +## Keepalive for HTTP (HTTPS, HTTP/2) queries, in seconds
@@ -269,6 +272,12 @@ index 0000000..8455f8d
 +block_ipv6 = false
 +
 +
++## TTL for synthetic responses sent when a request has been blocked (due to
++## IPv6 or blacklists).
++
++reject_ttl = 600
++
++
 +
 +##################################################################################
 +#        Route queries for specific domains to a dedicated set of servers        #
@@ -296,6 +305,9 @@ index 0000000..8455f8d
 +
 +# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt'
 +
++## TTL used when serving entries in cloaking-rules.txt
++
++# cloak_ttl = 600
 +
 +
 +###########################
@@ -535,6 +547,15 @@ index 0000000..8455f8d
 +  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
 +  prefix = ''
 +
++  ## Anonymized DNS relays
++
++  [sources.'relays']
++  urls = ['https://github.com/DNSCrypt/dnscrypt-resolvers/raw/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
++  cache_file = 'relays.md'
++  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
++  refresh_delay = 72
++  prefix = ''
++
 +  ## Quad9 over DNSCrypt - https://quad9.net/
 +
 +  # [sources.quad9-resolvers]
@@ -552,6 +573,39 @@ index 0000000..8455f8d
 +  #  minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
 +
 +
++################################
++#        Anonymized DNS        #
++################################
++
++[anonymized_dns]
++
++## Routes are indirect ways to reach DNSCrypt servers.
++##
++## A route maps a server name ("server_name") to one or more relays that will be
++## used to connect to that server.
++##
++## A relay can be specified as a DNS Stamp (either a relay stamp, or a
++## DNSCrypt stamp), an IP:port, a hostname:port, or a server name.
++##
++## The following example routes "example-server-1" via `anon-example-1` or `anon-example-2``,
++## and "example-server-2" via the relay whose relay DNS stamp
++## is "sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM".
++##
++## !!! THESE ARE JUST EXAMPLES !!!
++##
++## Review the list of available relays from the "relays.md` file, and, for each
++## server you want to use, define the relays you want connections to go through.
++##
++## Carefully choose relays and servers so that the are run by different entities.
++##
++## "server_name" can also be set to "*" to define a default route, but this is not
++## recommended. if you do so, keep "server_names" short and distinct from relays.
++
++# routes = [
++#    { server_name='example-server-1', via=['anon-example-1', 'anon-example-2'] },
++#    { server_name='example-server-2', via=['sdns://gRIxMzcuNzQuMjIzLjIzNDo0NDM'] }
++# ]
++
 +
 +## Optional, local, static list of additional servers
 +## Mostly useful for testing your own servers.