Index: Makefile =================================================================== --- Makefile (revision 400464) +++ Makefile (working copy) @@ -5,6 +5,7 @@ DISTVERSION= 0.2.6.10 CATEGORIES= security net ipv6 MASTER_SITES= TOR +PKGNAMESUFFIX= -devel MAINTAINER= bf@FreeBSD.org COMMENT= Anonymizing overlay network for TCP @@ -15,16 +16,25 @@ USES= cpe gmake CPE_VENDOR= torproject GNU_CONFIGURE= yes -CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc -CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \ - TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \ - TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}" +CONFIGURE_ARGS= --with-openssl-dir=${OPENSSLBASE} --disable-asciidoc OPTIONS_DEFINE= BUFFEREVENTS INSTR_DOWNLOADS \ STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT +OPTIONS_DEFAULT= THREADS TRANSPARENT + +OPTIONS_GROUP= TRANSPORT +OPTIONS_GROUP_TRANSPORT= OBFSPROXY + +BUFFEREVENTS_CONFIGURE_ENABLE= bufferevents +INSTR_DOWNLOADS_CONFIGURE_ENABLE= instrument-downloads +OBFSPROXY_BUILD_DEPENDS= ${LOCALBASE}/bin/obfsproxy:security/obfsproxy +TOR2WEB_CONFIGURE_ENABLE= tor2web-mode +TRANSPARENT_CONFIGURE_ENABLE= transparent + BUFFEREVENTS_DESC= Use libevent's buffered IO INSTR_DOWNLOADS_DESC= Instrument downloads for analysis +OBFSPROXY_DESC= Pluggable transport proxy written in Python STATIC_TOR_DESC= Build a static tor TCMALLOC_DESC= Use the tcmalloc memory allocation library TOR2WEB_DESC= Faster but non-anonymous hidden services @@ -32,6 +42,9 @@ OPTIONS_DEFAULT= THREADS TRANSPARENT +OPTIONS_GROUP= TRANSPORT +OPTIONS_GROUP_TRANSPORT= OBFSPROXY + USE_OPENSSL= yes USE_RC_SUBR= tor @@ -40,10 +53,14 @@ GROUPS= _tor USERS= _tor -CONFLICTS= tor-devel-[0-9]* +CONFLICTS= tor-[0-9]* .include +.if (${OSVERSION} < 1000015) +WITH_OPENSSL_PORT= yes +.endif + .if !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \ empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64) CONFIGURE_ARGS+= --enable-gcc-hardening @@ -51,29 +68,22 @@ CONFIGURE_ARGS+= --disable-gcc-hardening .endif -.if ${PORT_OPTIONS:MBUFFEREVENTS} -CONFIGURE_ARGS+= --enable-bufferevents -.else -CONFIGURE_ARGS+= --disable-bufferevents +.if ${PORT_OPTIONS:MOBFSPROXY} +BUILD_DEPENDS += ${LOCALBASE}/bin/obfsproxy:security/obfsproxy .endif -.if ${PORT_OPTIONS:MINSTR_DOWNLOADS} -CONFIGURE_ARGS+= --enable-instrument-downloads -.else -CONFIGURE_ARGS+= --disable-instrument-downloads -.endif - .if ${PORT_OPTIONS:MSTATIC_TOR} -BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:${PORTSDIR}/devel/libevent2 +BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:devel/libevent2 CONFIGURE_ARGS+= --enable-static-tor \ - --with-zlib-dir=/usr/lib --disable-linker-hardening -TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a + --disable-linker-hardening \ + --with-libevent-dir=${LOCALBASE}/lib \ + --with-zlib-dir=/usr/lib .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= ${LOCALBASE}/lib/libevent_openssl.a ${TOR_LIBEVENT_LIBS} .endif .else CONFIGURE_ARGS+= --enable-linker-hardening -LIB_DEPENDS+= libevent.so:${PORTSDIR}/devel/libevent2 +LIB_DEPENDS+= libevent.so:devel/libevent2 TOR_LIBEVENT_LIBS= -levent .if ${PORT_OPTIONS:MBUFFEREVENTS} TOR_LIBEVENT_LIBS:= -levent_openssl ${TOR_LIBEVENT_LIBS} @@ -82,36 +92,22 @@ .if ${PORT_OPTIONS:MTCMALLOC} CONFIGURE_ARGS+= --with-tcmalloc +LDFLAGS+= "-L${LOCALBASE}/lib" .if ${PORT_OPTIONS:MSTATIC_TOR} -BUILD_DEPENDS += ${LOCALBASE}/lib/libtcmalloc.so:${PORTSDIR}/devel/google-perftools -.else -LIB_DEPENDS+= libtcmalloc.so:${PORTSDIR}/devel/google-perftools +BUILD_DEPENDS += ${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools .endif +BUILD_DEPENDS += ${LOCALBASE}/lib/libtcmalloc.so:devel/google-perftools +LIB_DEPENDS+= libtcmalloc.so:devel/google-perftools .endif -.if ${PORT_OPTIONS:MTOR2WEB} -CONFIGURE_ARGS+= --enable-tor2web-mode +.if ! ${PORT_OPTIONS:MTOR2WEB} +check regression-test test: build + @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ + ${MAKE_ARGS} check .endif -.if ${PORT_OPTIONS:MTRANSPARENT} -CONFIGURE_ARGS+= --enable-transparent -.else -CONFIGURE_ARGS+= --disable-transparent -.endif - -post-patch: - @${REINPLACE_CMD} -E -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ - -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \ - ${WRKSRC}/configure - post-configure: @${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \ ${WRKSRC}/Makefile -.if ! ${PORT_OPTIONS:MTOR2WEB} -check regression-test test: build - @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ - ${MAKE_ARGS} check - -.endif .include Index: files/patch-configure =================================================================== --- files/patch-configure (revision 400464) +++ files/patch-configure (nonexistent) @@ -1,49 +0,0 @@ ---- configure.orig 2012-06-15 03:10:31.000000000 -0400 -+++ configure 2012-06-17 08:46:34.000000000 -0400 -@@ -6319,6 +6319,7 @@ - fi - - -+if false ; then - trylibeventdir="" - - # Check whether --with-libevent-dir was given. -@@ -6645,6 +6646,7 @@ - LIBS="$tor_saved_LIBS" - LDFLAGS="$tor_saved_LDFLAGS" - CPPFLAGS="$tor_saved_CPPFLAGS" -+fi - - - -@@ -6707,6 +6709,7 @@ - fi - - -+if false ; then - if test "$enable_static_libevent" = "yes"; then - if test "$tor_cv_library_libevent_dir" = "(system)"; then - as_fn_error $? "\"You must specify an explicit --with-libevent-dir=x option when using --enable-static-libevent\"" "$LINENO" 5 -@@ -6716,6 +6719,7 @@ - else - TOR_LIBEVENT_LIBS="-levent" - fi -+fi - - if test "$enable_bufferevents" = "yes" ; then - if test "$ac_cv_header_event2_bufferevent_ssl_h" != "yes" ; then -@@ -6794,12 +6798,14 @@ - - $as_echo "#define USE_BUFFEREVENTS 1" >>confdefs.h - -+if false ; then - if test "$enable_static_libevent" = "yes"; then - TOR_LIBEVENT_LIBS="$TOR_LIBDIR_libevent/libevent_openssl.a $TOR_LIBEVENT_LIBS" - else - TOR_LIBEVENT_LIBS="-levent_openssl $TOR_LIBEVENT_LIBS" - fi - fi -+fi - - - Property changes on: files/patch-configure ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: files/pkg-message.in =================================================================== --- files/pkg-message.in (revision 400464) +++ files/pkg-message.in (working copy) @@ -3,19 +3,12 @@ and edit %%PREFIX%%/etc/tor/torrc as desired. (However, note that the %%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc options: see that script for details.) To use the torify script, install -the net/torsocks port. After installing tor for the first time, or after -a major update of tor, you should: +the net/torsocks port. -rm -r /var/db/tor /var/run/tor -mkdir -p /var/db/tor/data /var/run/tor -touch /var/log/tor -chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor -chmod -R 700 /var/db/tor +Before starting the tor server. Tor users are strongly advised to prevent traffic +analysis that exploits sequential IP ID by setting: -before starting the tor server. Tor users are strongly advised to prevent traffic -analysis that exploits sequential IP IDs by setting: + # sysctl net.inet.ip.random_id=1 -sysctl net.inet.ip.random_id=1 - -(see sysctl.conf(5)). +Please read sysctl.conf(5) for more information and details. ================================================================================ Index: files/tor.in =================================================================== --- files/tor.in (revision 400464) +++ files/tor.in (working copy) @@ -13,10 +13,11 @@ # tor_enable (bool): Set it to "YES" to enable tor. Default: NO # tor_conf (str): Points to your torrc file. # Default: %%PREFIX%%/etc/tor/torrc -# tor_user (str): Tor daemon user. Default: _tor -# tor_datadir (str): Tor datadir. Default: /var/db/tor -# tor_logfile (str): Tor log file. Default: /var/log/tor -# tor_loglevel (str): Tor log severity level. Default: notice +# tor_user (str): Tor daemon user. Default: _tor +# tor_group (str): Tor daemon group. Default: _tor +# tor_datadir (str): Tor data directory. Default: /var/db/tor +# tor_logdir (str): Tor log directory. Default: /var/log/tor +# tor_loglevel (str): Tor log severity level. Default: notice # . /etc/rc.subr @@ -29,22 +30,42 @@ : ${tor_enable="NO"} : ${tor_conf="%%PREFIX%%/etc/tor/torrc"} : ${tor_user="_tor"} -: ${tor_pidfile="/var/run/tor/tor.pid"} -: ${tor_logfile="/var/log/tor"} +: ${tor_group="_tor"} +: ${tor_datadir="/var/db/tor"} +: ${tor_logdir="/var/log/tor"} +: ${tor_logfile="${tor_logdir}/tor.log"} : ${tor_loglevel="notice"} -: ${tor_datadir="/var/db/tor"} +: ${tor_piddir="/var/run/tor"} +: ${tor_pidfile="${tor_piddir}/tor.pid"} required_files=${tor_conf} -required_dirs=${tor_datadir} +# required_dirs="${tor_datadir} ${tor_logdir} ${tor_piddir}" pidfile=${tor_pidfile} + command="%%PREFIX%%/bin/${name}" -command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir} --+Log ${tor_loglevel}\ file\ ${tor_logfile}" +command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir} --Log ${tor_loglevel}\ file\ ${tor_logfile}" extra_commands="log reload" log_cmd="${name}_log" +start_precmd="${name}_prestart" tor_log() { cat ${tor_logfile} } +tor_prestart() { + if [ ! -d "${tor_datadir}" ]; then + echo ${tor_datadir} not found. Creating it... + install -d -m 0700 -o ${tor_user} -g ${tor_group} ${tor_datadir} + fi + if [ ! -d "${tor_logdir}" ]; then + echo ${tor_logdir} not found. Creating it... + install -d -m 0700 -o ${tor_user} -g ${tor_group} ${tor_logdir} + fi + if [ ! -d "${tor_piddir}" ]; then + echo ${tor_piddir} not found. Creating it... + install -d -m 0700 -o ${tor_user} -g ${tor_group} ${tor_piddir} + fi +} + run_rc_command "$1"