Attachment 176873 Details for Bug 203014 – [PATCH] security/tor-devel: r425808

[patch] [PATCH] security/tor-devel: r425808

security_tor-devel_r425808.patch (text/plain), 11.28 KB, created by Vinícius Zavam on 2016-11-10 21:29:35 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Vinícius Zavam

Created: 2016-11-10 21:29:35 UTC

Size: 11.28 KB

patch

obsolete

>Index: security/tor-devel/Makefile
>===================================================================
>--- security/tor-devel/Makefile	(revision 425846)
>+++ security/tor-devel/Makefile	(working copy)
>@@ -2,7 +2,8 @@
> # $FreeBSD$
> 
> PORTNAME=	tor
>-DISTVERSION=	0.2.9.4-alpha
>+DISTVERSION=	0.2.9.5-alpha
>+# PORTREVISION=	1
> CATEGORIES=	security net ipv6
> MASTER_SITES=	TOR
> PKGNAMESUFFIX=	-devel
>@@ -13,29 +14,65 @@
> LICENSE=	BSD3CLAUSE
> LICENSE_FILE=	${WRKSRC}/LICENSE
> 
>-BROKEN_mips64=	Does not build: error: Need a uint128_t implementation!
>-BROKEN_powerpc64=	Does not build
>-BROKEN_sparc64=	Does not build: error: Need a uint128_t implementation!
>+BROKEN_mips64=		Does not build: error: Need a uint128_t implementation!
>+BROKEN_powerpc64=	Does not build.
>+BROKEN_sparc64=		Does not build: error: Need a uint128_t implementation!
> 
>-USES=		cpe gmake
>+USES=		cpe
> CPE_VENDOR=	torproject
>-#CPE_VERSION=	${DISTVERSION:C/-.*//}
>-#CPE_UPDATE=	${DISTVERSION:C/.*-//}
>+# CPE_VERSION=	${DISTVERSION:C/-.*//}
>+# CPE_UPDATE=	${DISTVERSION:C/.*-//}
> GNU_CONFIGURE=	yes
>-CONFIGURE_ARGS=	--with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc
>-CONFIGURE_ENV=	TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \
>-		TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \
>-		TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}"
>+CONFIGURE_ARGS=	--disable-asciidoc \
>+		--with-tor-user=${USERS} --with-tor-group=${GROUPS} \
>+		--with-libevent-dir=${LOCALBASE} \
>+		--with-zlib-dir=/usr
>+CONFIGURE_ENV=	TOR_CPPFLAGS_zlib='-I/usr/include' \
>+		TOR_LDFLAGS_zlib='-L/usr/lib' \
>+		TOR_CPPFLAGS_libevent='-I${LOCALBASE}/include' \
>+		TOR_LDFLAGS_libevent='-L${LOCALBASE}/lib'
> 
>-OPTIONS_DEFINE=	STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT
>+OPTIONS_DEFINE=		STATIC TOR2WEB
> 
>-STATIC_TOR_DESC=	Build a static tor
>-TCMALLOC_DESC=		Use the tcmalloc memory allocation library
>-TOR2WEB_DESC=		Faster but non-anonymous hidden services
>-TRANSPARENT_DESC=	Transparent proxy support
>+OPTIONS_RADIO=		MALLOC
>+OPTIONS_RADIO_MALLOC=	DMALLOC TCMALLOC
> 
>-OPTIONS_DEFAULT=	TRANSPARENT
>+OPTIONS_SINGLE=		SSLTLS
>+OPTIONS_SINGLE_SSLTLS=	SSLTLS_FREEBSD SSLTLS_PORTS
> 
>+DMALLOC_DESC=		Use debug memory allocation library
>+MALLOC_DESC=		Dynamic memory allocation management
>+SSLTLS_FREEBSD_DESC=	Use FreeBSD's base SSL/TLS libraries
>+SSLTLS_PORTS_DESC=	Use SSL/TLS from ports instead of FreeBSD's
>+STATIC_DESC=		Create an entirely static Tor binary
>+TCMALLOC_DESC=		Use tcmalloc memory allocation library
>+TOR2WEB_DESC=		Support Tor2Web non-anonymous mode
>+
>+OPTIONS_DEFAULT=	SSLTLS_FREEBSD
>+
>+DMALLOC_CONFIGURE_ON=		--with-dmalloc
>+DMALLOC_CONFIGURE_OFF=
>+DMALLOC_LIB_DEPENDS=		libdmalloc.so:devel/dmalloc
>+SSLTLS_FREEBSD_CONFIGURE_ON=	--with-openssl-dir=/usr --includedir=/usr/include
>+SSLTLS_FREEBSD_CONFIGURE_OFF=
>+SSLTLS_FREEBSD_CONFIGURE_ENV=	SSL_DEFAULT=base DEFAULT_VERSIONS+='ssl=base'
>+SSLTLS_FREEBSD_CONFIGURE_ENV+=	OPENSSLBASE=/usr OPENSSLRPATH=/usr/lib USE_OPENSSL_RPATH=yes
>+SSLTLS_FREEBSD_CONFIGURE_ENV+=	TOR_CPPFLAGS_openssl='-I/usr/include'
>+SSLTLS_FREEBSD_CONFIGURE_ENV+=	TOR_LDFLAGS_openssl='-L/usr/lib -Wl,-rpath,/usr/lib'
>+SSLTLS_FREEBSD_LIB_DEPENDS=	libevent.so:devel/libevent2
>+SSLTLS_PORTS_CONFIGURE_ON=	--with-openssl-dir=${OPENSSLBASE}
>+SSLTLS_PORTS_CONFIGURE_OFF=
>+SSLTLS_PORTS_CONFIGURE_ENV=	TOR_CPPFLAGS_openssl='-I${OPENSSLBASE}/include' TOR_LDFLAGS_openssl='-L${OPENSSLBASE}/lib'
>+SSLTLS_PORTS_LIB_DEPENDS=	libevent.so:devel/libevent2
>+STATIC_CONFIGURE_ON=		--enable-static-tor
>+STATIC_CONFIGURE_OFF=
>+STATIC_CONFIGURE_BUILD_DEPENDS=	libevent.a:devel/libevent2
>+TCMALLOC_CONFIGURE_ON=		--with-tcmalloc
>+TCMALLOC_CONFIGURE_OFF=
>+TCMALLOC_LIB_DEPENDS=		libtcmalloc.so:devel/google-perftools
>+TOR2WEB_CONFIGURE_ON=		--enable-tor2web-mode
>+TOR2WEB_CONFIGURE_OFF=
>+
> USE_RC_SUBR=	tor
> SUB_FILES=	pkg-message
> 
>@@ -44,52 +81,43 @@
> 
> CONFLICTS=	tor-[0-9]*
> 
>-STATIC_TOR_USES=	ssl:build
>-STATIC_TOR_USES_OFF=	ssl
>+.if ${OSVERSION} < 1000015
>+OPTIONS_DEFAULT=	SSLTLS_PORTS
>+SSL_DEFAULT=		openssl
>+USES+=			ssl
>+.endif
> 
> .include <bsd.port.options.mk>
> 
>-.if ${OSVERSION} < 1000000
>-WITH_OPENSSL_PORT=	yes
>+.if !empty(PORT_OPTIONS:MSSLTLS_PORTS)
>+USES+=	ssl
> .endif
> 
>-.if !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \
>-empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64)
>-CONFIGURE_ARGS+=	--enable-gcc-hardening
>-.else
>-CONFIGURE_ARGS+=	--disable-gcc-hardening
>-.endif
>-
>-.if ${PORT_OPTIONS:MSTATIC_TOR}
>-BUILD_DEPENDS +=	${LOCALBASE}/lib/libevent.a:devel/libevent2
>-CONFIGURE_ARGS+=	--enable-static-tor \
>-			--with-zlib-dir=/usr/lib --disable-linker-hardening
>-TOR_LIBEVENT_LIBS=	${LOCALBASE}/lib/libevent.a
>-.else
>-CONFIGURE_ARGS+=	--enable-linker-hardening
>-LIB_DEPENDS+=		libevent.so:devel/libevent2
>-TOR_LIBEVENT_LIBS=	-levent
>-.endif
>-
>-.if ${PORT_OPTIONS:MTCMALLOC}
>-CONFIGURE_ARGS+=	--with-tcmalloc
>-.if ${PORT_OPTIONS:MSTATIC_TOR}
>+.if !empty(PORT_OPTIONS:MSTATIC)
>+.	if !empty(PORT_OPTIONS:MDMALLOC)
>+BUILD_DEPENDS+=		${LOCALBASE}/lib/libdmalloc.a:devel/dmalloc
>+.	endif
>+.	if !empty(PORT_OPTIONS:MTCMALLOC)
> BUILD_DEPENDS+=		${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools
>-.else
>-LIB_DEPENDS+=		libtcmalloc.so:devel/google-perftools
>+.	endif
>+.	if !empty(PORT_OPTIONS:MSSLTLS_PORTS)
>+BUILD_DEPENDS+=		${OPENSSLBASE}/lib/libcrypto.a:${OPENSSL_PORT} \
>+			${OPENSSLBASE}/lib/libssl.a:${OPENSSL_PORT}
>+.	endif
> .endif
>-.endif
> 
>+pre-everything::
> .if ${PORT_OPTIONS:MTOR2WEB}
>-CONFIGURE_ARGS+=	--enable-tor2web-mode
>+	@${ECHO_MSG}
>+	@${ECHO_MSG} "WARNING: TOR2WEB is enabled! This option makes Tor working	"
>+	@${ECHO_MSG} "	only for *non-anonymous* hidden service traffic.		"
>+	@${ECHO_MSG} "	Please make sure you understand this option to proceed!		"
>+	@${ECHO_MSG}
>+	@${ECHO_MSG} "	You may want to stop build with Ctrl+C.				"
>+	@${ECHO_MSG}
>+	sleep 10
> .endif
> 
>-.if ${PORT_OPTIONS:MTRANSPARENT}
>-CONFIGURE_ARGS+=	--enable-transparent
>-.else
>-CONFIGURE_ARGS+=	--disable-transparent
>-.endif
>-
> post-patch:
> 	@${REINPLACE_CMD} -E -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \
> 		${WRKSRC}/configure
>@@ -98,13 +126,13 @@
> 		${WRKSRC}/doc/tor.1.* \
> 		${WRKSRC}/doc/tor.html.in
> 
>-post-patch-STATIC_TOR-off:
>-	@${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \
>-		${WRKSRC}/configure
>+# post-patch-STATIC-off:
>+#	@${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \
>+#		${WRKSRC}/configure
> 
>-post-patch-STATIC_TOR-on:
>-	@${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.a@" \
>-		${WRKSRC}/configure
>+# post-patch-STATIC-on:
>+#	@${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.a@" \
>+#		${WRKSRC}/configure
> 
> post-configure:
> 	@${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \
>@@ -113,10 +141,5 @@
> post-install:
> 	@${MKDIR} ${STAGEDIR}/var/log/tor ${STAGEDIR}/var/run/tor
> 
>-.if ! ${PORT_OPTIONS:MTOR2WEB}
>-check regression-test test: build
>-	@cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \
>-		${MAKE_ARGS} check
>-.endif
>+.include <bsd.port.mk>
> 
>-.include <bsd.port.mk>
>Index: security/tor-devel/distinfo
>===================================================================
>--- security/tor-devel/distinfo	(revision 425846)
>+++ security/tor-devel/distinfo	(working copy)
>@@ -1,3 +1,3 @@
>-TIMESTAMP = 1476741065
>-SHA256 (tor-0.2.9.4-alpha.tar.gz) = fc5664fff4c86d3644043a068f11b17c57f9a295c37b7186bf90bb237913e400
>-SIZE (tor-0.2.9.4-alpha.tar.gz) = 5481286
>+TIMESTAMP = 1478628950
>+SHA256 (tor-0.2.9.5-alpha.tar.gz) = d0c898ad5e8f1a136864aa105407c7b89f3e70d9462a7bb307a55a3afa5b62bd
>+SIZE (tor-0.2.9.5-alpha.tar.gz) = 5489651
>Index: security/tor-devel/files/pkg-message.in
>===================================================================
>--- security/tor-devel/files/pkg-message.in	(revision 425846)
>+++ security/tor-devel/files/pkg-message.in	(working copy)
>@@ -1,14 +1,16 @@
> ================================================================================
>-To enable the tor server, set tor_enable="YES" in your /etc/rc.conf
>-and edit %%PREFIX%%/etc/tor/torrc as desired. (However, note that the
>-%%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc
>-options: see that script for details.) To use the torify script, install
>-the net/torsocks port.
>+To enable Tor, please set tor_enable="YES" in your /etc/rc.conf and 
>+edit %%PREFIX%%/etc/tor/torrc as desired (however, note that the 
>+%%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc's options; 
>+see this script for details).
> 
>-Tor users are strongly advised to prevent traffic analysis that
>-exploits sequential IP IDs by setting:
>+To use torify(1), you need to install the 'net/torsocks' port.
> 
>-sysctl net.inet.ip.random_id=1
>+Tor users are strongly advised to prevent traffic analysis that exploits 
>+sequential IP ID by setting:
> 
>-(see sysctl.conf(5)).
>+	# sysctl net.inet.ip.random_id=1
>+
>+Please refer to sysctl.conf(5) for more information on how to make this change
>+permanent.
> ================================================================================
>Index: security/tor-devel/pkg-descr
>===================================================================
>--- security/tor-devel/pkg-descr	(revision 425846)
>+++ security/tor-devel/pkg-descr	(working copy)
>@@ -1,16 +1,23 @@
>-Tor: an anonymizing overlay network for TCP
>+Tor: The Onion Routing Network (anonymizing overlay network for TCP)
> 
>-Tor is a connection-based low-latency anonymous communication system which
>-addresses many flaws in the original onion routing design.
>+Tor is free software and an open network that helps you defend against 
>+traffic analysis, a form of network surveillance that threatens 
>+personal freedom and privacy, confidential business activities and 
>+relationships, and state security.
> 
>-Tor is a toolset for a wide range of organizations and people that
>-want to improve their safety and security on the Internet. Using
>-Tor can help you anonymize web browsing and publishing, instant
>-messaging, IRC, SSH, and more. Tor also provides a platform on which
>-software developers can build new applications with built-in
>-anonymity, safety, and privacy features.
>+Protect your privacy! Defend yourself against network surveillance.
> 
>-Remember that this is development code -- DON'T RELY ON THE CURRENT TOR
>-NETWORK FOR ANONYMITY!
>+	o prevents people from learning your location or browsing habits;
>+	o Tor is for web browsers, instant messaging clients, and more.
> 
>-WWW: http://torproject.org/
>+Tor is a toolset for a wide range of organizations and people that want 
>+to improve their safety and security on the Internet. Using Tor can help 
>+you anonymize web browsing and publishing, instant messaging, IRC, SSH, 
>+and more. Tor also provides a platform on which software developers can 
>+build new applications with built-in anonymity, safety, and privacy features.
>+
>+	*** This version is not a stable Tor release ***
>+	***  Remember that this is development code  ***
>+	*** DON'T RELY ON THIS VERSION FOR ANONYMITY ***
>+
>+WWW: https://www.torproject.org/
>Index: security/tor-devel/pkg-plist
>===================================================================
>--- security/tor-devel/pkg-plist	(revision 425846)
>+++ security/tor-devel/pkg-plist	(working copy)
>@@ -1,13 +1,13 @@
>+%%DATADIR%%/geoip
>+%%DATADIR%%/geoip6
>+@dir(_tor,_tor,750) /var/log/tor
>+@dir(_tor,_tor,750) /var/run/tor
>+@sample etc/tor/torrc.sample
> bin/tor
> bin/tor-gencert
> bin/tor-resolve
> bin/torify
>-@sample etc/tor/torrc.sample
> man/man1/tor-gencert.1.gz
> man/man1/tor-resolve.1.gz
> man/man1/tor.1.gz
> man/man1/torify.1.gz
>-%%DATADIR%%/geoip
>-%%DATADIR%%/geoip6
>-@dir(_tor,_tor,750) /var/run/tor
>-@dir(_tor,_tor,750) /var/log/tor

Actions: View | Diff

Attachments on bug 203014: 162605 | 162606 | 162608 | 162609 | 162610 | 162611 | 162613 | 162616 | 162630 | 162631 | 162632 | 162633 | 163253 | 163254 | 163337 | 163338 | 163340 | 163341 | 163342 | 163355 | 163356 | 163538 | 164153 | 176119 | 176798 | 176829 | 176832 | 176857 | 176858 | 176873 | 176874 | 176875 | 177615 | 177618