Stubby can't be built anymore since they now use cmake

[BlueFyre]

As of getdns 1.6.0 they seemed to have switched to using cmake instead of autoconf/libtool

Might not be optimal but this got mine going:

diff --git a/stubby/Dockerfile b/stubby/Dockerfile
index a63337b..9d51e0b 100644
--- a/stubby/Dockerfile
+++ b/stubby/Dockerfile
@@ -43,7 +43,7 @@ WORKDIR /tmp/src
 COPY --from=builder /opt/openssl /opt/openssl

 RUN set -e -x && \
-    build_deps="autoconf build-essential dh-autoreconf git libssl-dev libtool-bin libyaml-dev make m4" && \
+    build_deps="build-essential git libssl-dev libtool-bin libyaml-dev make m4 cmake libev-dev libevent-dev libuv1-dev check" && \
     debian_frontend=noninteractive apt-get update && apt-get install -y --no-install-recommends \
       $build_deps \
       ca-certificates \
@@ -57,11 +57,9 @@ RUN set -e -x && \
     git clone https://github.com/getdnsapi/getdns.git --branch develop && \
     cd getdns && \
     git submodule update --init && \
-    libtoolize -ci && \
-    autoreconf -fi && \
     mkdir build && \
     cd build && \
-    ../configure --prefix=/opt/stubby --without-libidn --without-libidn2 --enable-stub-only --with-ssl=/opt/openssl --with-stubby && \
+    cmake -DCMAKE_INSTALL_PREFIX=/opt/stubby -DUSE_LIBIDN2=OFF -DENABLE_STUB_ONLY=ON -DOPENSSL_INCLUDE_DIR=/opt/openssl -DBUILD_STUBBY=ON .. && \
     make && \
     make install && \
     groupadd -r stubby && \
@@ -83,4 +81,4 @@ COPY stubby.yml /opt/stubby/etc/stubby/stubby.yml

 HEALTHCHECK --interval=5s --timeout=3s --start-period=5s CMD drill @127.0.0.1 -p 8053 cloudflare.com || exit 1

-CMD ["/opt/stubby/bin/stubby"]
+CMD ["/opt/stubby/bin/stubby", "-C", "etc/stubby/stubby.yml"]

[MatthewVance]

Thanks for sharing. TI appreciate you sharing a possible fix.

I've been needing to re-factor how Stubby is built since they made several updates since I first created this. https://github.com/MatthewVance/stubby-docker/issues/4

To be honest, I've neglected this project lately. Unbound has improved some of the DNS over TLS features in more recent releases so I've went back to relying solely on it. I need to dig back into Stubby to re-compare the feature sets.

[BlueFyre]

If they've managed to close the feature gap it would certainly make it simpler to just run one server. Let me know if you get around to comparing the features. Thanks in advance

[MatthewVance]

It looks like the feature gaps remain. Unbound plans to release connection reuse in the coming months per https://github.com/NLnetLabs/unbound/issues/47. I didn't have any success confirming 'Strict' mode support or padding queries to hide query size.

Unbound 1.9.0 did include some performance improvements. Namely, TLS session resumption support and TCP fast open support.

[MatthewVance]

Actually, after re-reading the change log, TCP fast open was released before 1.9.0.

[MatthewVance]

EDIT: The example needed further tweaks after testing.

I'm looking into re-factoring to use cmake. I have some testing to do, but think I have the commands worked out:

    git checkout "${VERSION_GETDNS}" && \
    git submodule update --init && \
    mkdir build && \
    cd build && \
    cmake \
        -DBUILD_STUBBY=ON \
        -DENABLE_STUB_ONLY=ON \
        -DCMAKE_INSTALL_PREFIX=/opt/stubby \
        -DOPENSSL_INCLUDE_DIR=/opt/openssl \
        -DOPENSSL_CRYPTO_LIBRARY=/opt/openssl/lib/libcrypto.so \
        -DOPENSSL_SSL_LIBRARY=/opt/openssl/lib/libssl.so \
        -DUSE_LIBIDN2=OFF \
        -DBUILD_LIBEV=OFF \
        -DBUILD_LIBEVENT2=OFF \
        -DBUILD_LIBUV=OFF ..&& \
    cmake .. && \
    make && \
    make install

It also requires cmake and check be installed (put in ${build_deps}).

[MatthewVance]

Closed by https://github.com/MatthewVance/stubby-docker/commit/4a06090ac5500d755387722e470f40ad6a59d289