Well, if not all, quite a few of them.
Bernstein's toolsets:
Over the years, Daniel J. Bernstein has released several toolsets, as in the infobox. As of 2016 there were, and still are, some problems with this.
They aren't conveniently packaged for some of us.
The nosh package replaces most of daemontools, ucspi-tcp, and ptyget.
But some things are outwith its remit, and most is not all.
One still needs publicfile's httpd
and ftpd
, as they are not within the remit of the nosh toolset.
One might really need multilog
, where cyclog
simply doesn't satisfy the use case.
People like Gerrit Pape and Paul Jarc have packaged these toolsets much as they originally came from Bernstein, dividing the binaries up as he divided the sources.
With their packages:
Pulling in publicfile's httpd
and ftpd
also pulls in publicfile's configure
, that conflicts with other programs named configure
(and that isn't necessary given that nosh has service bundles for publicfile's HTTP and FTP servers).
One cannot just pull in the Pape daemontools package for multilog
, as that pulls in conflicting tools named svstat
, svscan
, and so forth.
There's a lot of partial duplication. Many of these toolsets use the same Bernstein libraries, such as his TAI library, internally; but the libraries were evolving as the packages were written. Newer packages have newer and better versions of the libraries than the older packages.
This is exemplified by publicfile's TODO list, which contains a note to migrate things like timeoutread()
to the iopause library.
This was actually done for later toolsets; and this consolidation thus directly addresses a publicfile TODO item.
It's all a bit haphazard. ptyget comes with redo scripts, but the other packages do not. daemontools comes with slashpackage scripts, but the other packages do not. Only ptyget and clockspeed have manual pages in the package. (Gerrit Pape has added manual pages for ucspi-tcp and daemontools; although, bizarrely, they are buried in a separate area as if they were specific to Debian Linux.) djbdns servers aren't really designed to inherit open sockets, UCSPI style.
There are some bugs that never got fixed.
The Bernstein-published packages still try to declare errno
themselves.
Bernstein-published ptyget still relies upon an ioctl
, TIOCREMOTE
, that has long since been consigned to the dustbin (except by OpenBSD).
There are a large number of implicit function declarations, void main()
s, clashes in const
-ness, non-standard K&R declarations, and other things that C1999, C2011, and C2023 compilers gravely dislike.
This is a consolidation of all of these packages. (For a short while, until I ported nosh to OpenBSD, my WWW site was the various Bernstein tools from this consolidated package built and running on OpenBSD.) All of the manual pages, Bernstein's originals and Pape's additions, are included; various Bernstein library overlaps have been merged; and the build system of ptyget has been extended to everything.
It has a djbwares Guide packaged and available for reading off-line. The Guide includes information about what commands the toolset contains, building it from source, and changes from the original Bernstein softwares over the years.
Amongst the modernizations listed in the Guide are: a simple host command, relieving one of the need for the ISC tools; some IPv6 support; removal of ANY
support in DNS, as employed in amplificiation attacks (that tinydns
did not amplify to begin with, and now diminishes even further); and many C modernizations for C1999 and C2023.
publicfile has been extended to serving up the same static content over GOPHER, GEMINI, NICNAME/WHOIS, and FINGER.
(In particular, this permits simple static NICNAME and FINGER servers that reveal nothing of the contents of the system account database.)
The toolset is not a improvement along the lines of nosh, s6, daemontools-encore, and so forth, and of ucspi-ssl and so forth.
The often-overlooked (but documented in the original Bernstein manuals and README
) requirement to only use the Olson "right" timezones is still there.
tcpserver
is still insecure by default, with secure mode (where we do not trust DNS and IDENT data that attackers have control over) being the non-default setting.
The problem where dnscache
looks up stuff again that it has already just looked up, is still there.
ftpd
still does not support IPv6.
axfrdns
,
tinydns
,
tinydns-get
, and
tinydns-data
still do not support IPv6 location tagging.
dnscache
still does not support IPv6 addresses for content DNS servers.
dnscache
still has problems with back-end transactions for looking up content DNS servers, and with duplicate back-end transactions.
No; qmail, fastforward, and ezmlm are not included. They're a project in their own rights. In fact, other people have already taken them on. I suggest looking at netqmail.
Download source archive:
You can obtain it in two ways.
It is available in source form. You can build it yourself, or someone can add it to your operating system's ports tree or package build system.
It is distributed as a slashpackage-style package. That's a whole subject in itself. The djbwares Guide has a chapter on building from source that has the details.
Pre-built binary packages are available, that install the toolset under /usr/local
.
(If your operating system has this in ports, or its packages collection, and as long as it is up-to-date with version 10, and the post-Brexit URLs, using that is usually simpler.)
You can configure your machine to use the package repository, and simply update using your package manager.
What binary packages are available, for what architectures and platforms, depends from what resources are available for building. I am not made of money, and all build machines and their running costs are paid for by me. Pre-built packages currently include:
FreeBSD 10 and PC-BSD 10 amd64 | NetBSD 10 evbarm | Debian Linux 12 amd64 | OpenBSD |
---|---|---|---|
Because the third-party-supplied OpenBSD build system has gone away, and the OpenBSD installer failed to install on the build hardware available, pre-built OpenBSD packages are not currently available. |
People knowledgeable enough to use GOPHER (and savvy enough to read to the bottoms of WWW pages) can obtain bonus development-tracking content.