ports/98373: [UPDATE] security/tor
Peter Thoenen
peter.thoenen at yahoo.com
Fri Jun 2 13:01:00 UTC 2006
>Number: 98373
>Category: ports
>Synopsis: update security/tor
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Jun 02 13:00:24 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Peter Thoenen <peter.thoenen at yahoo.com>
>Release: FreeBSD 6.1-RELEASE-p1 i386
>Organization:
>Environment:
>Description:
Update to current release and take ownership. This has been
pre-coordinated on irc with current maintainer. Lots of changes as I
am basically syncing this with the -devel port as both are now synced
in the tor tree. See previous UPDATING entry concerning tor-devel as
it now effects this port also.
--0-146386478-1149252960=:40028
Content-Type: text/plain; name="tor.diff.txt"
Content-Description: 3935507696-tor.diff.txt
Content-Disposition: inline; filename="tor.diff.txt"
diff -ruN tor.orig/Makefile tor/Makefile
--- tor.orig/Makefile Fri Jun 2 01:23:04 2006
+++ tor/Makefile Fri Jun 2 01:31:46 2006
@@ -1,17 +1,17 @@
-# ports collection makefile for: tor
-# Date created: 2004.05.28
-# Whom: freebsd-ports at rikrose.net
+# ports collection makefile for: tor-devel
+# Date created: 2005.10.20
+# Whom: peter.thoenen at yahoo.com
#
-# $FreeBSD: ports/security/tor/Makefile,v 1.19 2006/03/16 14:43:56 pav Exp $
+# $FreeBSD:$
#
PORTNAME= tor
-PORTVERSION= 0.1.0.17
+PORTVERSION= 0.1.1.20
CATEGORIES= security net
MASTER_SITES= http://tor.eff.org/dist/ \
- http://mirror.onionland.org/dist/
+ http://mirror.onionland.org/dist/
-MAINTAINER= freebsd-ports at rikrose.net
+MAINTAINER= peter.thoenen at yahoo.com
COMMENT= An anonymizing overlay network for TCP
RUN_DEPENDS= tsocks:${PORTSDIR}/net/tsocks
@@ -20,6 +20,9 @@
GNU_CONFIGURE= yes
USE_OPENSSL= yes
+USE_RC_SUBR= tor
+SUB_FILES= pkg-message
+
MANCOMPRESSED= no
MAN1= tor.1 tor-resolve.1 torify.1
@@ -28,16 +31,21 @@
${WRKSRC}/contrib/tor-tsocks.conf.sample
@${REINPLACE_CMD} -e "s|tor-tsocks.conf|tor-tsocks.conf.sample|g" \
${WRKSRC}/contrib/Makefile.in
-# uphold CFLAGS
@${FIND} ${WRKSRC} -type f | ${XARGS} \
-n 10 ${REINPLACE_CMD} -E \
-e 's!-g -O2!!' \
-e 's!-O2!!'
pre-install:
- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+ @${SETENV} PKG_PREFIX=${PREFIX} ${SH} \
+ ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
- ${INSTALL_DATA} ${WRKSRC}/contrib/tor.sh ${PREFIX}/etc/rc.d/tor.sh.sample
+ @${TOUCH} /var/log/tor
+ @${CHOWN} _tor:_tor /var/log/tor
+ @${MKDIR} /var/db/tor
+ @${MKDIR} /var/db/tor/data
+ @${CHOWN} _tor:_tor /var/db/tor
+ @${CAT} ${PKGMESSAGE}
.include <bsd.port.mk>
diff -ruN tor.orig/distinfo tor/distinfo
--- tor.orig/distinfo Fri Jun 2 01:23:04 2006
+++ tor/distinfo Fri Jun 2 01:28:29 2006
@@ -1,3 +1,3 @@
-MD5 (tor-0.1.0.17.tar.gz) = 83c4afe29fa82473afcb2ec7e17771b9
-SHA256 (tor-0.1.0.17.tar.gz) = 33dc70a8d8f4ad20a9c9b8d476d431c713d8d94f1859b3efbaf1e178b36c2ca3
-SIZE (tor-0.1.0.17.tar.gz) = 634144
+MD5 (tor-0.1.1.20.tar.gz) = 51aac1749ff2549e8f3e1a172dc66992
+SHA256 (tor-0.1.1.20.tar.gz) = b251fd9079a40345beb5b67bcdf30c3292ee9220d2d062d583b89f3526015138
+SIZE (tor-0.1.1.20.tar.gz) = 828833
diff -ruN tor.orig/files/patch-contrib-tor.sh.in tor/files/patch-contrib-tor.sh.in
--- tor.orig/files/patch-contrib-tor.sh.in Fri Jun 2 01:23:04 2006
+++ tor/files/patch-contrib-tor.sh.in Thu Jan 1 01:00:00 1970
@@ -1,28 +0,0 @@
---- contrib/tor.sh.in.orig Sun Jun 5 15:44:43 2005
-+++ contrib/tor.sh.in Fri Sep 2 13:25:51 2005
-@@ -5,12 +5,12 @@
- # chkconfig: 2345 90 10
- # description: Onion Router
-
--TORUSER=
--TORGROUP=
-+TORUSER=_tor
-+TORGROUP=_tor
- TORBIN=@BINDIR@/tor
- TORPID=@LOCALSTATEDIR@/run/tor/tor.pid
--TORLOG=@LOCALSTATEDIR@/log/tor/tor.log
--TORDATA=@LOCALSTATEDIR@/lib/tor
-+TORLOG=/var/log/tor.log
-+TORDATA=/var/db/tor/data
-
- TORCONF=@CONFDIR@/torrc
- # Strictly speaking, we don't need to su if we have --user and --group.
-@@ -48,7 +48,7 @@
- if [ "x$TORUSER" = "x" ]; then
- $TORBIN -f $TORCONF $TORARGS
- else
-- $SUPROG -c "$TORBIN -f $TORCONF $TORARGS" $TORUSER
-+ $SUPROG $TORUSER -c "$TORBIN -f $TORCONF $TORARGS"
- fi
- RETVAL=$?
- if [ $RETVAL -eq 0 ]; then
diff -ruN tor.orig/files/pkg-message.in tor/files/pkg-message.in
--- tor.orig/files/pkg-message.in Thu Jan 1 01:00:00 1970
+++ tor/files/pkg-message.in Fri Jun 2 01:28:29 2006
@@ -0,0 +1,5 @@
+================================================================================
+To enable the tor server, set tor_enable="YES" in your /etc/rc.conf
+and edit %%PREFIX%%/etc/tor/torrc. Also note that the rc.subr script overrides
+many torrc options and is tunable. See %%PREFIX%%/etc/rc.d/tor.sh for details
+================================================================================
diff -ruN tor.orig/files/tor.in tor/files/tor.in
--- tor.orig/files/tor.in Thu Jan 1 01:00:00 1970
+++ tor/files/tor.in Fri Jun 2 01:28:29 2006
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# $FreeBSD: ports/security/tor-devel/files/tor.in,v 1.2 2006/04/13 13:43:02 johans Exp $
+#
+# PROVIDE: tor
+# REQUIRE: NETWORKING SERVERS USR
+# BEFORE: LOGIN
+#
+# Add the following lines to /etc/rc.conf to enable tor
+#
+# tor_enable (bool): Set to "NO" by default
+# Set it to "YES" to enable tor
+# tor_conf (str): Points to your tor conf file
+# Default: %%PREFIX%%/etc/tor/torrc
+# tor_user (str): Tor Daemon user. Default _tor
+# tor_group (str): Tor Daemon group. Default _tor
+# tor_datadir (str): Tor DataDir. Defaults /var/db/tor
+# This will overide your torrc as it is
+# a command line option.
+#
+
+. %%RC_SUBR%%
+
+name="tor"
+rcvar=${name}_enable
+
+load_rc_config ${name}
+
+: ${tor_enable="NO"}
+: ${tor_conf="%%PREFIX%%/etc/tor/torrc"}
+: ${tor_user="_tor"}
+: ${tor_group="_tor"}
+: ${tor_pidfile="/var/run/tor/tor.pid"}
+: ${tor_logfile="/var/log/tor"}
+: ${tor_datadir="/var/db/tor"}
+
+required_files=${tor_conf}
+required_dirs=${tor_datadir}
+command="%%PREFIX%%/bin/${name}"
+command_args="-f ${tor_conf} --pidfile ${tor_pidfile} --runasdaemon 1 --datadirectory ${tor_datadir} --user ${tor_user} --group ${tor_group}"
+extra_commands="log"
+log_cmd="${name}_log"
+
+tor_log() {
+ cat ${tor_logfile}
+}
+
+run_rc_command "$1"
+
diff -ruN tor.orig/pkg-deinstall tor/pkg-deinstall
--- tor.orig/pkg-deinstall Thu Jan 1 01:00:00 1970
+++ tor/pkg-deinstall Fri Jun 2 01:28:29 2006
@@ -0,0 +1,62 @@
+#! /bin/sh
+#
+# taken from net/cvsup-mirror
+
+PATH=/bin:/usr/sbin
+
+TOR_USER=${TOR_USER:-_tor}
+TOR_GROUP=${TOR_GROUP:-_tor}
+
+ask() {
+ local question default answer
+
+ question=$1
+ default=$2
+ if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
+ read -p "${question} [${default}]? " answer
+ fi
+ if [ x${answer} = x ]; then
+ answer=${default}
+ fi
+ echo ${answer}
+}
+
+yesno() {
+ local dflt question answer
+
+ question=$1
+ dflt=$2
+ while :; do
+ answer=$(ask "${question}" "${dflt}")
+ case "${answer}" in
+ [Yy]*) return 0;;
+ [Nn]*) return 1;;
+ esac
+ echo "Please answer yes or no."
+ done
+}
+
+delete_account() {
+ local u g home
+
+ u=$1
+ g=$2
+ if yesno "Do you want me to remove group \"${g}\"" y; then
+ pw groupdel -n ${g}
+ echo "Done."
+ fi
+ if yesno "Do you want me to remove user \"${u}\"" y; then
+ eval home=~${u}
+ pw userdel -n ${u}
+ echo "Done."
+ if [ -d "${home}" ]; then
+ echo "Please remember to remove the home directory \"${home}\""
+ fi
+ fi
+}
+
+if [ x$2 != xDEINSTALL ]; then
+ exit
+fi
+
+delete_account ${TOR_USER} ${TOR_GROUP}
diff -ruN tor.orig/pkg-descr tor/pkg-descr
--- tor.orig/pkg-descr Fri Jun 2 01:23:04 2006
+++ tor/pkg-descr Fri Jun 2 01:32:08 2006
@@ -10,9 +10,4 @@
software developers can build new applications with built-in
anonymity, safety, and privacy features.
-Remember that this is development code -- DON'T RELY ON THE CURRENT TOR
-NETWORK FOR ANONYMITY!
-
WWW: http://tor.eff.org/
-- rik
-freebsd-ports at rikrose.net
diff -ruN tor.orig/pkg-install tor/pkg-install
--- tor.orig/pkg-install Fri Jun 2 01:23:04 2006
+++ tor/pkg-install Fri Jun 2 01:34:05 2006
@@ -1,35 +1,40 @@
-#!/bin/sh
+#! /bin/sh
+#
+# taken from devel/perforce
-if [ x"$2" = xPRE-INSTALL ]; then
- USER="_tor"
- UID="256"
- GROUP="_tor"
- GID="256"
+PATH=/bin:/usr/sbin
- if /usr/sbin/pw groupshow "${GROUP}" 2>/dev/null; then
+TOR_USER=${TOR_USER:-_tor}
+TOR_GROUP=${TOR_GROUP:-_tor}
+
+case $2 in
+PRE-INSTALL)
+ USER=${TOR_USER}
+ GROUP=${TOR_GROUP}
+
+ if pw group show "${GROUP}" 2>/dev/null; then
echo "You already have a group \"${GROUP}\", so I will use it."
else
- if /usr/sbin/pw groupadd ${GROUP} -g ${GID}; then
- echo "Added group \"${GROUP}\"."
- else
- echo "Adding group \"${GROUP}\" failed..."
- echo "Please create it, and try again."
- exit 1
+ if pw groupadd ${GROUP} ; then
+ echo "Added group \"${GROUP}\"."
+ else
+ echo "Adding group \"${GROUP}\" failed..."
+ exit 1
fi
fi
- if /usr/sbin/pw user show "${USER}" 2>/dev/null; then
+ if pw user show "${USER}" 2>/dev/null; then
echo "You already have a user \"${USER}\", so I will use it."
else
- if /usr/sbin/pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
- -d /var/db/tor \
- -s /bin/sh \
- -c "Tor anonymising router"; then
- echo "Added user \"${USER}\"."
- else
- echo "Adding user \"${USER}\" failed..."
- echo "Please create it, and try again."
- exit 1
- fi
+ if pw useradd ${USER} -g ${GROUP} -h - \
+ -d /var/db/tor -c "Tor Daemon" -s /bin/sh
+ then
+ echo "Added user \"${USER}\"."
+ else
+ echo "Adding user \"${USER}\" failed..."
+ exit 1
+ fi
fi
-fi
+
+ ;;
+esac
diff -ruN tor.orig/pkg-plist tor/pkg-plist
--- tor.orig/pkg-plist Fri Jun 2 01:23:04 2006
+++ tor/pkg-plist Fri Jun 2 01:28:29 2006
@@ -1,8 +1,7 @@
- at comment $FreeBSD: ports/security/tor/pkg-plist,v 1.7 2006/01/22 02:50:54 edwin Exp $
bin/tor
bin/tor-resolve
bin/torify
-etc/rc.d/tor.sh.sample
-etc/tor/torrc.sample
+etc/rc.d/tor
etc/tor/tor-tsocks.conf.sample
- at dirrmtry etc/tor
+etc/tor/torrc.sample
+ at dirrm etc/tor
--0-146386478-1149252960=:40028--
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
--0-146386478-1149252960=:40028
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Content-Id:
Content-Disposition: inline
More information about the freebsd-ports-bugs
mailing list