Index: branches/2018Q1/security/tor/Makefile =================================================================== --- branches/2018Q1/security/tor/Makefile (revision 464073) +++ branches/2018Q1/security/tor/Makefile (revision 464074) @@ -1,134 +1,133 @@ # Created by: peter.thoenen@yahoo.com # $FreeBSD$ PORTNAME= tor -PORTVERSION= 0.3.1.9 -PORTREVISION= 1 +DISTVERSION= 0.3.2.10 CATEGORIES= security net ipv6 MASTER_SITES= TOR MAINTAINER= yuri@FreeBSD.org COMMENT= Anonymizing overlay network for TCP LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE BROKEN_mips64= does not build: error: Need a uint128_t implementation! BROKEN_powerpc64= does not build: error: Need a uint128_t implementation! BROKEN_sparc64= does not build: error: Need a uint128_t implementation! USES= cpe gmake pkgconfig CPE_VENDOR= torproject GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \ TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \ TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}" OPTIONS_DEFINE= MANPAGES DOCS STATIC_TOR TCMALLOC TOR2WEB OPTIONS_GROUP= COMPRESSION OPTIONS_GROUP_COMPRESSION=ZSTD LZMA OPTIONS_DEFAULT=MANPAGES ZSTD LZMA OPTIONS_SUB= yes STATIC_TOR_DESC= Build a static tor TCMALLOC_DESC= Use the tcmalloc memory allocation library TOR2WEB_DESC= (EXPERT OPTION) Faster but non-anonymous hidden services COMPRESSION_DESC= Supported compression libraries USE_RC_SUBR= tor SUB_FILES= pkg-message SUB_LIST= USER="${USERS}" GROUP="${GROUPS}" PLIST_SUB= USER="${USERS}" GROUP="${GROUPS}" GROUPS= _tor USERS= _tor CONFLICTS_INSTALL= tor-devel-[0-9]* STATIC_TOR_USES= ssl:build STATIC_TOR_USES_OFF= ssl TOR2WEB_CONFIGURE_ENABLE= tor2web-mode ZSTD_CONFIGURE_ENABLE= zstd ZSTD_CONFIGURE_ENV=TOR_ZSTD_LIBS="${TOR_ZSTD_LIBS}" LZMA_CONFIGURE_ENABLE= lzma .include .if ${PORT_OPTIONS:MDOCS} || ${PORT_OPTIONS:MMANPAGES} BUILD_DEPENDS+= asciidoc:textproc/asciidoc .else CONFIGURE_ARGS+= --disable-asciidoc .endif .if !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \ empty(PORT_OPTIONS:MSTATIC_TOR) CONFIGURE_ARGS+= --enable-gcc-hardening .else CONFIGURE_ARGS+= --disable-gcc-hardening .endif .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:devel/libevent CONFIGURE_ARGS+= --enable-static-tor \ --with-zlib-dir=/usr/lib --disable-linker-hardening TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a . if ${PORT_OPTIONS:MZSTD} BUILD_DEPENDS+= ${LOCALBASE}/lib/libzstd.a:archivers/zstd TOR_ZSTD_LIBS= ${LOCALBASE}/lib/libzstd.a . endif .else CONFIGURE_ARGS+= --enable-linker-hardening LIB_DEPENDS+= libevent.so:devel/libevent TOR_LIBEVENT_LIBS= -levent . if ${PORT_OPTIONS:MZSTD} LIB_DEPENDS+= libzstd.so:archivers/zstd TOR_ZSTD_LIBS= -lzstd . endif .endif .if ${PORT_OPTIONS:MTCMALLOC} CONFIGURE_ARGS+= --with-tcmalloc .if ${PORT_OPTIONS:MSTATIC_TOR} BUILD_DEPENDS+= ${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools .else LIB_DEPENDS+= libtcmalloc.so:devel/google-perftools .endif .endif pre-everything:: .if ${PORT_OPTIONS:MTOR2WEB} @${ECHO_MSG} @${ECHO_MSG} "Warning: The expert option 'tor2web' is chosen." @${ECHO_MSG} " With this option tor cannot be used for regular traffic," @${ECHO_MSG} " only for non-anonymous hidden service traffic." @${ECHO_MSG} " Please make sure you understand this option." @${ECHO_MSG} .endif post-patch: @${REINPLACE_CMD} -E -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \ ${WRKSRC}/configure @${REINPLACE_CMD} -e 's|lib/tor|db/tor|' \ ${WRKSRC}/src/config/torrc.*.in \ ${WRKSRC}/doc/tor.1.* \ ${WRKSRC}/doc/tor.html.in post-patch-STATIC_TOR-off: @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ ${WRKSRC}/configure post-patch-STATIC_TOR-on: @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.a@" \ ${WRKSRC}/configure post-install: @${MKDIR} ${STAGEDIR}/var/log/tor ${STAGEDIR}/var/run/tor ${STAGEDIR}/var/db/tor .if ! ${PORT_OPTIONS:MTOR2WEB} check regression-test test: build @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ ${MAKE_ARGS} check .endif .include Index: branches/2018Q1/security/tor/distinfo =================================================================== --- branches/2018Q1/security/tor/distinfo (revision 464073) +++ branches/2018Q1/security/tor/distinfo (revision 464074) @@ -1,3 +1,3 @@ -TIMESTAMP = 1512146746 -SHA256 (tor-0.3.1.9.tar.gz) = 6e1b04f7890e782fd56014a0de5075e4ab29b52a35d8bca1f6b80c93f58f3d26 -SIZE (tor-0.3.1.9.tar.gz) = 6092702 +TIMESTAMP = 1520087667 +SHA256 (tor-0.3.2.10.tar.gz) = 60df77c31dcf94fdd686c8ca8c34f3b70243b33a7344ecc0b719d5ca2617cbee +SIZE (tor-0.3.2.10.tar.gz) = 6421984 Index: branches/2018Q1/security/tor/files/patch-orconfig.h.in =================================================================== --- branches/2018Q1/security/tor/files/patch-orconfig.h.in (revision 464073) +++ branches/2018Q1/security/tor/files/patch-orconfig.h.in (revision 464074) @@ -1,12 +1,13 @@ --- orconfig.h.in.orig 2017-11-30 20:34:49 UTC +++ orconfig.h.in -@@ -517,7 +517,9 @@ +@@ -517,7 +517,10 @@ #undef HAVE_TIME_H /* Define to 1 if you have the `timingsafe_memcmp' function. */ ++#include +#if __FreeBSD_version >= 1200000 // disabled: timingsafe_memcmp(3) has been added only in 12.0, and isn't yet available on older systems #undef HAVE_TIMINGSAFE_MEMCMP +#endif /* Define to 1 if you have the `TLS_method' function. */ #undef HAVE_TLS_METHOD Index: branches/2018Q1/security/tor/files/tor.in =================================================================== --- branches/2018Q1/security/tor/files/tor.in (revision 464073) +++ branches/2018Q1/security/tor/files/tor.in (revision 464074) @@ -1,133 +1,132 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: tor # REQUIRE: DAEMON FILESYSTEMS # BEFORE: LOGIN # # Add the following lines to /etc/rc.conf to enable tor. # All these options will overide any settings in your local torrc as # they are command line options. # # tor_enable (bool): Set it to "YES" to enable tor. Default: NO # tor_instances (str): List of instances. Default: "" # tor_conf (str): Points to your torrc file. # Default: %%PREFIX%%/etc/tor/torrc # tor_user (str): Tor daemon user. Default: %%USER%% # tor_group (str): Tor group. Default: %%GROUP%% # tor_pidfile (str): Tor pid file. Default: /var/run/tor/tor.pid # tor_datadir (str): Tor datadir. Default: /var/db/tor # tor_disable_default_instance (str): Doesn't run the default instance. # Only valid when tor_instances is used. # Default: NO # tor_setuid (str): Runtime setuid. Default: NO # # The instance definition that tor_instances expects: # inst_name{:inst_conf:inst_user:inst_group:inst_pidfile:inst_data_dir} # . /etc/rc.subr name="tor" rcvar=tor_enable exit_code=0 load_rc_config ${name} : ${tor_enable="NO"} : ${tor_instances=""} : ${tor_conf="%%PREFIX%%/etc/tor/torrc"} : ${tor_user="%%USER%%"} : ${tor_group="%%GROUP%%"} : ${tor_pidfile="/var/run/tor/tor.pid"} : ${tor_datadir="/var/db/tor"} : ${tor_disable_default_instance="NO"} : ${tor_setuid="NO"} instance=${slave_instance} if [ -n "${instance}" ]; then inst_def=${instance} inst_name=${inst_def%%:*} [ "${inst_name}" != "main" ] || err 1 "${name} instance can't be named 'main'" inst_def=${inst_def#$inst_name} if [ -n "$inst_def" ]; then # extended instance: parameters are set explicitly inst_def=${inst_def#:} tor_conf=${inst_def%%:*} inst_def=${inst_def#$tor_conf:} tor_user=${inst_def%%:*} inst_def=${inst_def#$tor_user:} tor_group=${inst_def%%:*} inst_def=${inst_def#$tor_group:} tor_pidfile=${inst_def%%:*} tor_datadir=${inst_def#$tor_pidfile:} if [ -z "${tor_conf}" -o -z "${tor_user}" -o -z "${tor_group}" -o -z "${tor_pidfile}" -o -z "${tor_datadir}" ]; then warn "invalid tor instance ${inst_name} settings: ${instance}" exit 1 fi else # regular instance: default parameters are used tor_conf=${tor_conf}@${inst_name} tor_pidfile=${tor_pidfile}@${inst_name} tor_datadir=${tor_datadir}/instance@${inst_name} fi if ! [ -r ${tor_conf} ]; then warn "tor instance ${inst_name} config file ${tor_conf} doesn't exist or isn't readable" warn "you can copy the sample config %%PREFIX%%/etc/tor/torrc.sample and modify it" exit 1 fi if ! [ -d ${tor_datadir} ]; then mkdir -p ${tor_datadir} && chown ${tor_user}:${tor_group} ${tor_datadir} && chmod 0700 ${tor_datadir} && echo "${name}: created the instance data directory ${tor_datadir}" fi fi if [ -z "${instance}" -a -n "${tor_instances}" ]; then inst_only="$2" inst_done=0 for i in ${tor_instances}; do inst_name=${i%%:*} if [ -z "${inst_only}" -o "${inst_name}" = "${inst_only}" ]; then echo -n "${name} instance ${inst_name}: " if ! slave_instance=${i} %%PREFIX%%/etc/rc.d/tor "$1"; then exit_code=1 fi inst_done=$((inst_done+1)) fi done if [ -z "${inst_only}" -o "${inst_only}" = "main" ]; then checkyesno tor_disable_default_instance && return $exit_code echo -n "${name} main instance: " elif [ -n "${inst_only}" ]; then [ $inst_done -gt 0 ] || err 1 "${name} instance '$inst_only' isn't defined" return $exit_code fi fi required_files=${tor_conf} required_dirs=${tor_datadir} pidfile=${tor_pidfile} command="%%PREFIX%%/bin/${name}" command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir}" extra_commands="reload" +# clear user setting in conf file: it should be done through the command line +if grep -q "^User ${tor_user}$" ${tor_conf}; then + sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} +fi + if [ $tor_setuid = "YES" ]; then - if ! grep -q "^User ${tor_user}$" ${tor_conf}; then - echo "User ${tor_user}" >> ${tor_conf} - fi + command_args="${command_args} --User ${tor_user}" tor_user="root" tor_group="wheel" -else - if grep -q "^User ${tor_user}$" ${tor_conf}; then - sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} - fi fi if ! run_rc_command "$1"; then exit_code=1 fi return $exit_code Index: branches/2018Q1 =================================================================== --- branches/2018Q1 (revision 464073) +++ branches/2018Q1 (revision 464074) Property changes on: branches/2018Q1 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r458993,463489