Index: security/tor-devel/Makefile =================================================================== --- security/tor-devel/Makefile (revision 425808) +++ security/tor-devel/Makefile (working copy) @@ -2,7 +2,8 @@ # $FreeBSD$ PORTNAME= tor -DISTVERSION= 0.2.9.4-alpha +DISTVERSION= 0.2.9.5-alpha +# PORTREVISION= 1 CATEGORIES= security net ipv6 MASTER_SITES= TOR PKGNAMESUFFIX= -devel @@ -13,29 +14,65 @@ LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE -BROKEN_mips64= Does not build: error: Need a uint128_t implementation! -BROKEN_powerpc64= Does not build -BROKEN_sparc64= Does not build: error: Need a uint128_t implementation! +BROKEN_mips64= Does not build: error: Need a uint128_t implementation! +BROKEN_powerpc64= Does not build. +BROKEN_sparc64= Does not build: error: Need a uint128_t implementation! -USES= cpe gmake +USES= cpe CPE_VENDOR= torproject -#CPE_VERSION= ${DISTVERSION:C/-.*//} -#CPE_UPDATE= ${DISTVERSION:C/.*-//} +# CPE_VERSION= ${DISTVERSION:C/-.*//} +# CPE_UPDATE= ${DISTVERSION:C/.*-//} GNU_CONFIGURE= yes -CONFIGURE_ARGS= --with-openssl-dir="${OPENSSLBASE}" --disable-asciidoc -CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \ - TOR_LDFLAGS_libevent="-L${LOCALBASE}/lib/" \ - TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}" +CONFIGURE_ARGS= --disable-asciidoc \ + --with-tor-user=${USERS} --with-tor-group=${GROUPS} \ + --with-libevent-dir=${LOCALBASE} \ + --with-zlib-dir=/usr +CONFIGURE_ENV= TOR_CPPFLAGS_zlib='-I/usr/include' \ + TOR_LDFLAGS_zlib='-L/usr/lib' \ + TOR_CPPFLAGS_libevent='-I${LOCALBASE}/include' \ + TOR_LDFLAGS_libevent='-L${LOCALBASE}/lib' -OPTIONS_DEFINE= STATIC_TOR TCMALLOC TOR2WEB TRANSPARENT +OPTIONS_DEFINE= STATIC TOR2WEB -STATIC_TOR_DESC= Build a static tor -TCMALLOC_DESC= Use the tcmalloc memory allocation library -TOR2WEB_DESC= Faster but non-anonymous hidden services -TRANSPARENT_DESC= Transparent proxy support +OPTIONS_RADIO= MALLOC +OPTIONS_RADIO_MALLOC= DMALLOC TCMALLOC -OPTIONS_DEFAULT= TRANSPARENT +OPTIONS_SINGLE= SSLTLS +OPTIONS_SINGLE_SSLTLS= SSLTLS_FREEBSD SSLTLS_PORTS +DMALLOC_DESC= Use debug memory allocation library +MALLOC_DESC= Dynamic memory allocation management +SSLTLS_FREEBSD_DESC= Use FreeBSD's base SSL/TLS libraries +SSLTLS_PORTS_DESC= Use SSL/TLS from ports instead of FreeBSD's +STATIC_DESC= Create an entirely static Tor binary +TCMALLOC_DESC= Use tcmalloc memory allocation library +TOR2WEB_DESC= Support Tor2Web non-anonymous mode + +OPTIONS_DEFAULT= SSLTLS_FREEBSD + +DMALLOC_CONFIGURE_ON= --with-dmalloc +DMALLOC_CONFIGURE_OFF= +DMALLOC_LIB_DEPENDS= libdmalloc.so:devel/dmalloc +SSLTLS_FREEBSD_CONFIGURE_ON= --with-openssl-dir=/usr --includedir=/usr/include +SSLTLS_FREEBSD_CONFIGURE_OFF= +SSLTLS_FREEBSD_CONFIGURE_ENV= SSL_DEFAULT=base DEFAULT_VERSIONS+='ssl=base' +SSLTLS_FREEBSD_CONFIGURE_ENV+= OPENSSLBASE=/usr OPENSSLRPATH=/usr/lib USE_OPENSSL_RPATH=yes +SSLTLS_FREEBSD_CONFIGURE_ENV+= TOR_CPPFLAGS_openssl='-I/usr/include' +SSLTLS_FREEBSD_CONFIGURE_ENV+= TOR_LDFLAGS_openssl='-L/usr/lib -Wl,-rpath,/usr/lib' +SSLTLS_FREEBSD_LIB_DEPENDS= libevent.so:devel/libevent2 +SSLTLS_PORTS_CONFIGURE_ON= --with-openssl-dir=${OPENSSLBASE} +SSLTLS_PORTS_CONFIGURE_OFF= +SSLTLS_PORTS_CONFIGURE_ENV= TOR_CPPFLAGS_openssl='-I${OPENSSLBASE}/include' TOR_LDFLAGS_openssl='-L${OPENSSLBASE}/lib' +SSLTLS_PORTS_LIB_DEPENDS= libevent.so:devel/libevent2 +STATIC_CONFIGURE_ON= --enable-static-tor +STATIC_CONFIGURE_OFF= +STATIC_CONFIGURE_BUILD_DEPENDS= libevent.a:devel/libevent2 +TCMALLOC_CONFIGURE_ON= --with-tcmalloc +TCMALLOC_CONFIGURE_OFF= +TCMALLOC_LIB_DEPENDS= libtcmalloc.so:devel/google-perftools +TOR2WEB_CONFIGURE_ON= --enable-tor2web-mode +TOR2WEB_CONFIGURE_OFF= + USE_RC_SUBR= tor SUB_FILES= pkg-message @@ -44,52 +81,47 @@ CONFLICTS= tor-[0-9]* -STATIC_TOR_USES= ssl:build -STATIC_TOR_USES_OFF= ssl - .include -.if ${OSVERSION} < 1000000 +.if ${OSVERSION} < 1000015 +DEFAULT_VERSIONS+= ssl=openssl +# OPENSSL_PORT= security/openssl WITH_OPENSSL_PORT= yes .endif -.if !defined(USE_GCC) && empty(CC:T:M*gcc4*) && \ -empty(PORT_OPTIONS:MSTATIC_TOR) && empty(ARCH:Mia64) -CONFIGURE_ARGS+= --enable-gcc-hardening -.else -CONFIGURE_ARGS+= --disable-gcc-hardening +.if ${OSVERSION} <= 903511 +OPTIONS_DEFAULT= SSLTLS_PORTS .endif -.if ${PORT_OPTIONS:MSTATIC_TOR} -BUILD_DEPENDS += ${LOCALBASE}/lib/libevent.a:devel/libevent2 -CONFIGURE_ARGS+= --enable-static-tor \ - --with-zlib-dir=/usr/lib --disable-linker-hardening -TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a -.else -CONFIGURE_ARGS+= --enable-linker-hardening -LIB_DEPENDS+= libevent.so:devel/libevent2 -TOR_LIBEVENT_LIBS= -levent +.if !empty(PORT_OPTIONS:MSSLTLS_PORTS) +USES+= ssl .endif -.if ${PORT_OPTIONS:MTCMALLOC} -CONFIGURE_ARGS+= --with-tcmalloc -.if ${PORT_OPTIONS:MSTATIC_TOR} +.if !empty(PORT_OPTIONS:MSTATIC) +. if !empty(PORT_OPTIONS:MDMALLOC) +BUILD_DEPENDS+= ${LOCALBASE}/lib/libdmalloc.a:devel/dmalloc +. endif +. if !empty(PORT_OPTIONS:MTCMALLOC) BUILD_DEPENDS+= ${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools -.else -LIB_DEPENDS+= libtcmalloc.so:devel/google-perftools +. endif +. if !empty(PORT_OPTIONS:MSSLTLS_PORTS) +BUILD_DEPENDS+= ${OPENSSLBASE}/lib/libcrypto.a:${OPENSSL_PORT} \ + ${OPENSSLBASE}/lib/libssl.a:${OPENSSL_PORT} +. endif .endif -.endif +pre-everything:: .if ${PORT_OPTIONS:MTOR2WEB} -CONFIGURE_ARGS+= --enable-tor2web-mode + @${ECHO_MSG} + @${ECHO_MSG} "WARNING: TOR2WEB is enabled! This option makes Tor working " + @${ECHO_MSG} " only for *non-anonymous* hidden service traffic. " + @${ECHO_MSG} " Please make sure you understand this option to proceed! " + @${ECHO_MSG} + @${ECHO_MSG} " You may want to stop build with Ctrl+C. " + @${ECHO_MSG} + sleep 10 .endif -.if ${PORT_OPTIONS:MTRANSPARENT} -CONFIGURE_ARGS+= --enable-transparent -.else -CONFIGURE_ARGS+= --disable-transparent -.endif - post-patch: @${REINPLACE_CMD} -E -e "s@(-z) (relro|now)@-Wl,\1,\2@g" \ ${WRKSRC}/configure @@ -98,13 +130,13 @@ ${WRKSRC}/doc/tor.1.* \ ${WRKSRC}/doc/tor.html.in -post-patch-STATIC_TOR-off: - @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ - ${WRKSRC}/configure +# post-patch-STATIC-off: +# @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.so@" \ +# ${WRKSRC}/configure -post-patch-STATIC_TOR-on: - @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.a@" \ - ${WRKSRC}/configure +# post-patch-STATIC-on: +# @${REINPLACE_CMD} -e "s@-ltcmalloc@${LOCALBASE}/lib/libtcmalloc.a@" \ +# ${WRKSRC}/configure post-configure: @${REINPLACE_CMD} -e '\|^nodist_man1_MANS =|s|$$|$$(install_mans:=.1)|' \ @@ -113,10 +145,4 @@ post-install: @${MKDIR} ${STAGEDIR}/var/log/tor ${STAGEDIR}/var/run/tor -.if ! ${PORT_OPTIONS:MTOR2WEB} -check regression-test test: build - @cd ${BUILD_WRKSRC} ; ${SETENV} ${MAKE_ENV} ${MAKE_CMD} \ - ${MAKE_ARGS} check -.endif - .include Index: security/tor-devel/distinfo =================================================================== --- security/tor-devel/distinfo (revision 425808) +++ security/tor-devel/distinfo (working copy) @@ -1,3 +1,3 @@ -TIMESTAMP = 1476741065 -SHA256 (tor-0.2.9.4-alpha.tar.gz) = fc5664fff4c86d3644043a068f11b17c57f9a295c37b7186bf90bb237913e400 -SIZE (tor-0.2.9.4-alpha.tar.gz) = 5481286 +TIMESTAMP = 1478628950 +SHA256 (tor-0.2.9.5-alpha.tar.gz) = d0c898ad5e8f1a136864aa105407c7b89f3e70d9462a7bb307a55a3afa5b62bd +SIZE (tor-0.2.9.5-alpha.tar.gz) = 5489651 Index: security/tor-devel/files/pkg-message.in =================================================================== --- security/tor-devel/files/pkg-message.in (revision 425808) +++ security/tor-devel/files/pkg-message.in (working copy) @@ -1,14 +1,16 @@ ================================================================================ -To enable the tor server, set tor_enable="YES" in your /etc/rc.conf -and edit %%PREFIX%%/etc/tor/torrc as desired. (However, note that the -%%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc -options: see that script for details.) To use the torify script, install -the net/torsocks port. +To enable Tor, please set tor_enable="YES" in your /etc/rc.conf and +edit %%PREFIX%%/etc/tor/torrc as desired (however, note that the +%%PREFIX%%/etc/rc.d/tor rc.subr script can override some torrc's options; +see this script for details). -Tor users are strongly advised to prevent traffic analysis that -exploits sequential IP IDs by setting: +To use torify(1), you need to install the 'net/torsocks' port. -sysctl net.inet.ip.random_id=1 +Tor users are strongly advised to prevent traffic analysis that exploits +sequential IP ID by setting: -(see sysctl.conf(5)). + # sysctl net.inet.ip.random_id=1 + +Please refer to sysctl.conf(5) for more information on how to make this change +permanent. ================================================================================ Index: security/tor-devel/pkg-descr =================================================================== --- security/tor-devel/pkg-descr (revision 425808) +++ security/tor-devel/pkg-descr (working copy) @@ -1,16 +1,23 @@ -Tor: an anonymizing overlay network for TCP +Tor: The Onion Routing Network (anonymizing overlay network for TCP) -Tor is a connection-based low-latency anonymous communication system which -addresses many flaws in the original onion routing design. +Tor is free software and an open network that helps you defend against +traffic analysis, a form of network surveillance that threatens +personal freedom and privacy, confidential business activities and +relationships, and state security. -Tor is a toolset for a wide range of organizations and people that -want to improve their safety and security on the Internet. Using -Tor can help you anonymize web browsing and publishing, instant -messaging, IRC, SSH, and more. Tor also provides a platform on which -software developers can build new applications with built-in -anonymity, safety, and privacy features. +Protect your privacy! Defend yourself against network surveillance. -Remember that this is development code -- DON'T RELY ON THE CURRENT TOR -NETWORK FOR ANONYMITY! + o prevents people from learning your location or browsing habits; + o Tor is for web browsers, instant messaging clients, and more. -WWW: http://torproject.org/ +Tor is a toolset for a wide range of organizations and people that want +to improve their safety and security on the Internet. Using Tor can help +you anonymize web browsing and publishing, instant messaging, IRC, SSH, +and more. Tor also provides a platform on which software developers can +build new applications with built-in anonymity, safety, and privacy features. + + *** This version is not a stable Tor release *** + *** Remember that this is development code *** + *** DON'T RELY ON THIS VERSION FOR ANONYMITY *** + +WWW: https://www.torproject.org/ Index: security/tor-devel/pkg-plist =================================================================== --- security/tor-devel/pkg-plist (revision 425808) +++ security/tor-devel/pkg-plist (working copy) @@ -1,13 +1,13 @@ +%%DATADIR%%/geoip +%%DATADIR%%/geoip6 +@dir(_tor,_tor,750) /var/log/tor +@dir(_tor,_tor,750) /var/run/tor +@sample etc/tor/torrc.sample bin/tor bin/tor-gencert bin/tor-resolve bin/torify -@sample etc/tor/torrc.sample man/man1/tor-gencert.1.gz man/man1/tor-resolve.1.gz man/man1/tor.1.gz man/man1/torify.1.gz -%%DATADIR%%/geoip -%%DATADIR%%/geoip6 -@dir(_tor,_tor,750) /var/run/tor -@dir(_tor,_tor,750) /var/log/tor