Index: head/security/tor/Makefile =================================================================== --- head/security/tor/Makefile (revision 382649) +++ head/security/tor/Makefile (revision 382650) @@ -1,138 +1,118 @@ # Created by: peter.thoenen@yahoo.com # $FreeBSD$ PORTNAME= tor -DISTVERSION= 0.2.5.10 -PORTREVISION= 1 +DISTVERSION= 0.2.6.6 CATEGORIES= security net ipv6 MASTER_SITES= TOR MAINTAINER= bf@FreeBSD.org COMMENT= Anonymizing overlay network for TCP LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE -USES= gmake +USES= cpe gmake +CPE_VENDOR= torproject GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \ TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \ TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}" -OPTIONS_DEFINE= BUFFEREVENTS BUFFREELISTS INSTR_DOWNLOADS MEMPOOLS \ - STATIC_TOR TCMALLOC THREADS TOR2WEB TRANSPARENT +OPTIONS_DEFINE= BUFFEREVENTS INSTR_DOWNLOADS \ + STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT BUFFEREVENTS_DESC= Use libevent's buffered IO -BUFFREELISTS_DESC= Freelists for buffer RAM INSTR_DOWNLOADS_DESC= Instrument downloads for analysis -MEMPOOLS_DESC= Mempools for relay cells STATIC_TOR_DESC= Build a static tor TCMALLOC_DESC= Use the tcmalloc memory allocation library TOR2WEB_DESC= Faster but non-anonymous hidden services TRANSPARENT_DESC= Transparent proxy support OPTIONS_DEFAULT= THREADS TRANSPARENT USE_OPENSSL= yes USE_RC_SUBR= tor SUB_FILES= pkg-message GROUPS= _tor USERS= _tor CONFLICTS= tor-devel-[0-9]* .include .if ( (${OSVERSION} < 900000) || \ (${OSVERSION} >= 900003) ) && !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \ empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64) CONFIGURE_ARGS+= --enable-gcc-hardening .else CONFIGURE_ARGS+= --disable-gcc-hardening .endif .if ${PORT_OPTIONS:MBUFFEREVENTS} CONFIGURE_ARGS+= --enable-bufferevents .else CONFIGURE_ARGS+= --disable-bufferevents .endif -.if ${PORT_OPTIONS:MBUFFREELISTS} -CONFIGURE_ARGS+= --enable-buf-freelists -.else -CONFIGURE_ARGS+= --disable-buf-freelists -.endif - .if ${PORT_OPTIONS:MINSTR_DOWNLOADS} CONFIGURE_ARGS+= --enable-instrument-downloads .else CONFIGURE_ARGS+= --disable-instrument-downloads .endif -.if ${PORT_OPTIONS:MMEMPOOLS} -CONFIGURE_ARGS+= --enable-mempools -.else -CONFIGURE_ARGS+= --disable-mempools -.endif - .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:${PORTSDIR}/devel/libevent2 CONFIGURE_ARGS+= --enable-static-tor \ --with-zlib-dir=/usr/lib --disable-linker-hardening TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= ${LOCALBASE}/lib/libevent_openssl.a ${TOR_LIBEVENT_LIBS} .endif .else CONFIGURE_ARGS+= --enable-linker-hardening LIB_DEPENDS+= libevent.so:${PORTSDIR}/devel/libevent2 TOR_LIBEVENT_LIBS= -levent .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= -levent_openssl ${TOR_LIBEVENT_LIBS} .endif .endif .if ${PORT_OPTIONS:MTCMALLOC} CONFIGURE_ARGS+= --with-tcmalloc .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS += ${LOCALBASE}/lib/libtcmalloc.so:${PORTSDIR}/devel/google-perftools .else LIB_DEPENDS+= libtcmalloc.so:${PORTSDIR}/devel/google-perftools .endif -.endif - -.if ${PORT_OPTIONS:MTHREADS} -CONFIGURE_ARGS+= --enable-threads -.else -CONFIGURE_ARGS+= --disable-threads .endif .if ${PORT_OPTIONS:MTOR2WEB} CONFIGURE_ARGS+= --enable-tor2web-mode .endif .if ${PORT_OPTIONS:MTRANSPARENT} CONFIGURE_ARGS+= --enable-transparent .else CONFIGURE_ARGS+= --disable-transparent .endif post-patch: @${REINPLACE_CMD} -E -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \ ${WRKSRC}/configure post-configure: @${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \ ${WRKSRC}/Makefile .if ! ${PORT_OPTIONS:MTOR2WEB} check regression-test test: build @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ ${MAKE_ARGS} check .endif .include Index: head/security/tor/distinfo =================================================================== --- head/security/tor/distinfo (revision 382649) +++ head/security/tor/distinfo (revision 382650) @@ -1,2 +1,2 @@ -SHA256 (tor-0.2.5.10.tar.gz) = b3dd02a5dcd2ffe14d9a37956f92779d4427edf7905c0bba9b1e3901b9c5a83b -SIZE (tor-0.2.5.10.tar.gz) = 3166480 +SHA256 (tor-0.2.6.6.tar.gz) = c3349e457c71b8e5c138c656927b2bbca0bfa03539ffee8579b0e568ffb10283 +SIZE (tor-0.2.6.6.tar.gz) = 3594452 Index: head/security/tor/files/pkg-message.in =================================================================== --- head/security/tor/files/pkg-message.in (revision 382649) +++ head/security/tor/files/pkg-message.in (revision 382650) @@ -1,19 +1,21 @@ ================================================================================ To enable the tor server, set tor_enable="YES" in your /etc/rc.conf and edit %%PREFIX%%/etc/tor/torrc as desired. (However, note that the %%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc options: see that script for details.) To use the torify script, install the net/torsocks port. After installing tor for the first time, or after a major update of tor, you should: rm -r /var/db/tor /var/run/tor mkdir -p /var/db/tor/data /var/run/tor touch /var/log/tor chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor chmod -R 700 /var/db/tor before starting the tor server. Tor users are strongly advised to prevent traffic analysis that exploits sequential IP IDs by setting: sysctl net.inet.ip.random_id=1 + +(see sysctl.conf(5)). ================================================================================ Index: head/security/tor/files/tor.in =================================================================== --- head/security/tor/files/tor.in (revision 382649) +++ head/security/tor/files/tor.in (revision 382650) @@ -1,50 +1,50 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: tor -# REQUIRE: NETWORKING SERVERS USR +# REQUIRE: DAEMON FILESYSTEMS # BEFORE: LOGIN # # Add the following lines to /etc/rc.conf to enable tor. # All these options will overide any settings in your local torrc as # they are command line options. # # tor_enable (bool): Set it to "YES" to enable tor. Default: NO # tor_conf (str): Points to your torrc file. # Default: %%PREFIX%%/etc/tor/torrc # tor_user (str): Tor daemon user. Default: _tor # tor_datadir (str): Tor datadir. Default: /var/db/tor # tor_logfile (str): Tor log file. Default: /var/log/tor # tor_loglevel (str): Tor log severity level. Default: notice # . /etc/rc.subr name="tor" rcvar=tor_enable load_rc_config ${name} : ${tor_enable="NO"} : ${tor_conf="%%PREFIX%%/etc/tor/torrc"} : ${tor_user="_tor"} : ${tor_pidfile="/var/run/tor/tor.pid"} : ${tor_logfile="/var/log/tor"} : ${tor_loglevel="notice"} : ${tor_datadir="/var/db/tor"} required_files=${tor_conf} required_dirs=${tor_datadir} pidfile=${tor_pidfile} command="%%PREFIX%%/bin/${name}" command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir} --+Log ${tor_loglevel}\ file\ ${tor_logfile}" extra_commands="log reload" log_cmd="${name}_log" tor_log() { cat ${tor_logfile} } run_rc_command "$1" Index: head/security/tor/pkg-plist =================================================================== --- head/security/tor/pkg-plist (revision 382649) +++ head/security/tor/pkg-plist (revision 382650) @@ -1,11 +1,11 @@ bin/tor bin/tor-gencert bin/tor-resolve bin/torify -etc/tor/torrc.sample +@sample etc/tor/torrc.sample man/man1/tor-gencert.1.gz man/man1/tor-resolve.1.gz man/man1/tor.1.gz man/man1/torify.1.gz %%DATADIR%%/geoip %%DATADIR%%/geoip6 Index: head/security/tor-devel/Makefile =================================================================== --- head/security/tor-devel/Makefile (revision 382649) +++ head/security/tor-devel/Makefile (revision 382650) @@ -1,121 +1,121 @@ # Created by: peter.thoenen@yahoo.com # $FreeBSD$ PORTNAME= tor -DISTVERSION= 0.2.6.3-alpha +DISTVERSION= 0.2.6.6 CATEGORIES= security net ipv6 MASTER_SITES= TOR PKGNAMESUFFIX= -devel MAINTAINER= bf@FreeBSD.org COMMENT= Anonymizing overlay network for TCP LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE USES= cpe gmake CPE_VENDOR= torproject -CPE_VERSION= ${DISTVERSION:C/-.*//} -CPE_UPDATE= ${DISTVERSION:C/.*-//} +#CPE_VERSION= ${DISTVERSION:C/-.*//} +#CPE_UPDATE= ${DISTVERSION:C/.*-//} GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \ TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \ TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}" OPTIONS_DEFINE= BUFFEREVENTS INSTR_DOWNLOADS \ STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT BUFFEREVENTS_DESC= Use libevent's buffered IO INSTR_DOWNLOADS_DESC= Instrument downloads for analysis STATIC_TOR_DESC= Build a static tor TCMALLOC_DESC= Use the tcmalloc memory allocation library TOR2WEB_DESC= Faster but non-anonymous hidden services TRANSPARENT_DESC= Transparent proxy support OPTIONS_DEFAULT= THREADS TRANSPARENT USE_OPENSSL= yes USE_RC_SUBR= tor SUB_FILES= pkg-message GROUPS= _tor USERS= _tor CONFLICTS= tor-[0-9]* .include .if ( (${OSVERSION} < 900000) || \ (${OSVERSION} >= 900003) ) && !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \ empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64) CONFIGURE_ARGS+= --enable-gcc-hardening .else CONFIGURE_ARGS+= --disable-gcc-hardening .endif .if ${PORT_OPTIONS:MBUFFEREVENTS} CONFIGURE_ARGS+= --enable-bufferevents .else CONFIGURE_ARGS+= --disable-bufferevents .endif .if ${PORT_OPTIONS:MINSTR_DOWNLOADS} CONFIGURE_ARGS+= --enable-instrument-downloads .else CONFIGURE_ARGS+= --disable-instrument-downloads .endif .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:${PORTSDIR}/devel/libevent2 CONFIGURE_ARGS+= --enable-static-tor \ --with-zlib-dir=/usr/lib --disable-linker-hardening TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= ${LOCALBASE}/lib/libevent_openssl.a ${TOR_LIBEVENT_LIBS} .endif .else CONFIGURE_ARGS+= --enable-linker-hardening LIB_DEPENDS+= libevent.so:${PORTSDIR}/devel/libevent2 TOR_LIBEVENT_LIBS= -levent .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= -levent_openssl ${TOR_LIBEVENT_LIBS} .endif .endif .if ${PORT_OPTIONS:MTCMALLOC} CONFIGURE_ARGS+= --with-tcmalloc .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS += ${LOCALBASE}/lib/libtcmalloc.so:${PORTSDIR}/devel/google-perftools .else LIB_DEPENDS+= libtcmalloc.so:${PORTSDIR}/devel/google-perftools .endif .endif .if ${PORT_OPTIONS:MTOR2WEB} CONFIGURE_ARGS+= --enable-tor2web-mode .endif .if ${PORT_OPTIONS:MTRANSPARENT} CONFIGURE_ARGS+= --enable-transparent .else CONFIGURE_ARGS+= --disable-transparent .endif post-patch: @${REINPLACE_CMD} -E -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \ ${WRKSRC}/configure post-configure: @${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \ ${WRKSRC}/Makefile .if ! ${PORT_OPTIONS:MTOR2WEB} check regression-test test: build @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ ${MAKE_ARGS} check .endif .include Index: head/security/tor-devel/distinfo =================================================================== --- head/security/tor-devel/distinfo (revision 382649) +++ head/security/tor-devel/distinfo (revision 382650) @@ -1,2 +1,2 @@ -SHA256 (tor-0.2.6.3-alpha.tar.gz) = 5e31a0ccbb1fbe9ac6fc64d157c5c3db9b478908ea09bbe15adea2f1fd11d670 -SIZE (tor-0.2.6.3-alpha.tar.gz) = 3526195 +SHA256 (tor-0.2.6.6.tar.gz) = c3349e457c71b8e5c138c656927b2bbca0bfa03539ffee8579b0e568ffb10283 +SIZE (tor-0.2.6.6.tar.gz) = 3594452 Index: head/security/tor-devel/files/pkg-message.in =================================================================== --- head/security/tor-devel/files/pkg-message.in (revision 382649) +++ head/security/tor-devel/files/pkg-message.in (revision 382650) @@ -1,19 +1,21 @@ ================================================================================ To enable the tor server, set tor_enable="YES" in your /etc/rc.conf and edit %%PREFIX%%/etc/tor/torrc as desired. (However, note that the %%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc options: see that script for details.) To use the torify script, install the net/torsocks port. After installing tor for the first time, or after a major update of tor, you should: rm -r /var/db/tor /var/run/tor mkdir -p /var/db/tor/data /var/run/tor touch /var/log/tor chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor chmod -R 700 /var/db/tor before starting the tor server. Tor users are strongly advised to prevent traffic analysis that exploits sequential IP IDs by setting: sysctl net.inet.ip.random_id=1 + +(see sysctl.conf(5)). ================================================================================