Attachment 162606 Details for Bug 203014 – [PATCH] security/tor-devel: r400391

[patch] [PATCH] security/tor-devel: r400391

security_tor-devel (text/plain), 6.79 KB, created by Vinícius Zavam on 2015-10-30 18:55:06 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Vinícius Zavam

Created: 2015-10-30 18:55:06 UTC

Size: 6.79 KB

patch

obsolete

>Index: Makefile
>===================================================================
>--- Makefile	(revision 400391)
>+++ Makefile	(working copy)
>@@ -2,7 +2,7 @@
> # $FreeBSD$
> 
> PORTNAME=	tor
>-DISTVERSION=	0.2.6.7
>+DISTVERSION=	0.2.7.4-rc
> CATEGORIES=	security net ipv6
> MASTER_SITES=	TOR
> PKGNAMESUFFIX=	-devel
>@@ -15,13 +15,8 @@
> 
> USES=		cpe gmake
> CPE_VENDOR=	torproject
>-#CPE_VERSION=	${DISTVERSION:C/-.*//}
>-#CPE_UPDATE=	${DISTVERSION:C/.*-//}
> GNU_CONFIGURE=	yes
>-CONFIGURE_ARGS=	--with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc
>-CONFIGURE_ENV=	TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \
>-		TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \
>-		TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}"
>+CONFIGURE_ARGS=	--with-openssl-dir=${OPENSSLBASE} --disable-asciidoc
> 
> OPTIONS_DEFINE=	BUFFEREVENTS INSTR_DOWNLOADS \
> 		STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT
>@@ -28,6 +23,7 @@
> 
> BUFFEREVENTS_DESC=	Use libevent's buffered IO
> INSTR_DOWNLOADS_DESC=	Instrument downloads for analysis
>+OBFSPROXY_DESC=		Pluggable transport proxy written in Python
> STATIC_TOR_DESC=	Build a static tor
> TCMALLOC_DESC=		Use the tcmalloc memory allocation library
> TOR2WEB_DESC=		Faster but non-anonymous hidden services
>@@ -35,6 +31,9 @@
> 
> OPTIONS_DEFAULT=	THREADS TRANSPARENT
> 
>+OPTIONS_RADIO=	TRANSPORT
>+OPTIONS_RADIO_TRANSPORT=	OBFSPROXY
>+
> USE_OPENSSL=	yes
> 
> USE_RC_SUBR=	tor
>@@ -47,6 +46,10 @@
> 
> .include <bsd.port.options.mk>
> 
>+.if (${OSVERSION} < 1000015)
>+WITH_OPENSSL_PORT=	yes
>+.endif
>+
> .if !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \
> empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64)
> CONFIGURE_ARGS+=	--enable-gcc-hardening
>@@ -66,11 +69,16 @@
> CONFIGURE_ARGS+=	--disable-instrument-downloads
> .endif
> 
>+.if ${PORT_OPTIONS:MOBFSPROXY}
>+BUILD_DEPENDS +=	${LOCALBASE}/bin/obfsproxy:${PORTSDIR}/security/obfsproxy
>+.endif
>+
> .if ${PORT_OPTIONS:MSTATIC_TOR}
> BUILD_DEPENDS +=	${LOCALBASE}/lib/libevent.a:${PORTSDIR}/devel/libevent2
> CONFIGURE_ARGS+=	--enable-static-tor \
>-			--with-zlib-dir=/usr/lib --disable-linker-hardening
>-TOR_LIBEVENT_LIBS=	${LOCALBASE}/lib/libevent.a
>+			--disable-linker-hardening \
>+			--with-libevent-dir=${LOCALBASE}/lib \
>+			--with-zlib-dir=/usr/lib
> .if ${PORT_OPTIONS:MBUFFEREVENTS}
> TOR_LIBEVENT_LIBS:=	${LOCALBASE}/lib/libevent_openssl.a ${TOR_LIBEVENT_LIBS}
> .endif
>@@ -102,6 +110,12 @@
> CONFIGURE_ARGS+=	--disable-transparent
> .endif
> 
>+.if ! ${PORT_OPTIONS:MTOR2WEB}
>+check regression-test test: build
>+	@cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \
>+		${MAKE_ARGS} check
>+.endif
>+
> post-patch:
> 	@${REINPLACE_CMD} -E -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \
> 		-e "s@(-z) (relro|now)@-Wl,\1,\2@g" \
>@@ -111,10 +125,4 @@
> 	@${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \
> 		${WRKSRC}/Makefile
> 
>-.if ! ${PORT_OPTIONS:MTOR2WEB}
>-check regression-test test: build
>-	@cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \
>-	${MAKE_ARGS} check
>-
>-.endif
> .include <bsd.port.mk>
>Index: distinfo
>===================================================================
>--- distinfo	(revision 400391)
>+++ distinfo	(working copy)
>@@ -1,2 +1,2 @@
>-SHA256 (tor-0.2.6.7.tar.gz) = 8c2be88a542ed1b22a8d3d595ec0acd0e28191de273dbcaefc64fdce92b89e6c
>-SIZE (tor-0.2.6.7.tar.gz) = 3595669
>+SHA256 (tor-0.2.7.4-rc.tar.gz) = 6741c3e6abfedb76be781b767b77f794ee1a0f554cc4ccf083e44d4d9dc8af67
>+SIZE (tor-0.2.7.4-rc.tar.gz) = 4830972
>Index: files/patch-configure
>===================================================================
>--- files/patch-configure	(revision 400391)
>+++ files/patch-configure	(nonexistent)
>@@ -1,49 +0,0 @@
>---- configure.orig	2012-06-15 03:10:31.000000000 -0400
>-+++ configure	2012-06-17 08:46:34.000000000 -0400
>-@@ -6319,6 +6319,7 @@
>- fi
>- 
>- 
>-+if false ; then
>- trylibeventdir=""
>- 
>- # Check whether --with-libevent-dir was given.
>-@@ -6645,6 +6646,7 @@
>- LIBS="$tor_saved_LIBS"
>- LDFLAGS="$tor_saved_LDFLAGS"
>- CPPFLAGS="$tor_saved_CPPFLAGS"
>-+fi
>- 
>- 
>- 
>-@@ -6707,6 +6709,7 @@
>- fi
>- 
>- 
>-+if false ; then
>- if test "$enable_static_libevent" = "yes"; then
>-    if test "$tor_cv_library_libevent_dir" = "(system)"; then
>-      as_fn_error $? "\"You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent\"" "$LINENO" 5
>-@@ -6716,6 +6719,7 @@
>- else
>-      TOR_LIBEVENT_LIBS="-levent"
>- fi
>-+fi
>- 
>- if test "$enable_bufferevents" = "yes" ; then
>-   if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then
>-@@ -6794,12 +6798,14 @@
>- 
>- $as_echo "#define USE_BUFFEREVENTS 1" >>confdefs.h
>- 
>-+if false ; then
>-   if test "$enable_static_libevent" = "yes"; then
>-     TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS"
>-   else
>-     TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS"
>-   fi
>- fi
>-+fi
>- 
>- 
>- 
>
>Property changes on: files/patch-configure
>___________________________________________________________________
>Deleted: fbsd:nokeywords
>## -1 +0,0 ##
>-yes
>\ No newline at end of property
>Deleted: svn:eol-style
>## -1 +0,0 ##
>-native
>\ No newline at end of property
>Deleted: svn:mime-type
>## -1 +0,0 ##
>-text/plain
>\ No newline at end of property
>Index: files/pkg-message.in
>===================================================================
>--- files/pkg-message.in	(revision 400391)
>+++ files/pkg-message.in	(working copy)
>@@ -6,16 +6,16 @@
> the net/torsocks port. After installing tor for the first time, or after
> a major update of tor, you should:
> 
>-rm -r /var/db/tor /var/run/tor
>-mkdir -p /var/db/tor/data /var/run/tor
>-touch /var/log/tor
>-chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
>-chmod -R 700 /var/db/tor
>+	# rm -r /var/db/tor /var/log/tor /var/run/tor
>+	# touch /var/log/tor
>+	# mkdir -p /var/db/tor /var/run/tor
>+	# chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
>+	# chmod -R 700 /var/db/tor /var/log/tor /var/run/tor
> 
>-before starting the tor server. Tor users are strongly advised to prevent traffic
>-analysis that exploits sequential IP IDs by setting:
>+Before starting the tor server. Tor users are strongly advised to prevent traffic
>+analysis that exploits sequential IP ID by setting:
> 
>-sysctl net.inet.ip.random_id=1
>+	# sysctl net.inet.ip.random_id=1
> 
>-(see sysctl.conf(5)).
>+Please read sysctl.conf(5) for more information and details.
> ================================================================================
>Index: files/tor.in
>===================================================================
>--- files/tor.in	(revision 400391)
>+++ files/tor.in	(working copy)
>@@ -38,7 +38,7 @@
> required_dirs=${tor_datadir}
> pidfile=${tor_pidfile}
> command="%%PREFIX%%/bin/${name}"
>-command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir} --+Log ${tor_loglevel}\ file\ ${tor_logfile}"
>+command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir} --Log ${tor_loglevel}\ file\ ${tor_logfile}"
> extra_commands="log reload"
> log_cmd="${name}_log"
>

Actions: View | Diff

Attachments on bug 203014: 162605 | 162606 | 162608 | 162609 | 162610 | 162611 | 162613 | 162616 | 162630 | 162631 | 162632 | 162633 | 163253 | 163254 | 163337 | 163338 | 163340 | 163341 | 163342 | 163355 | 163356 | 163538 | 164153 | 176119 | 176798 | 176829 | 176832 | 176857 | 176858 | 176873 | 176874 | 176875 | 177615 | 177618