security/tor: Update 0.4.4.7 -> 0.4.5.6
Changelog: https://lists.torproject.org/pipermail/tor-announce/2021-February/000214.html - contains major and minor bugfixes and new features. Port options LTTNG,USDT,LOG_DEBUG backported from security/tor-devel. LIB_DEPENDS is fixes in STATIC_TOR option. Reported by: upstream notification
This commit is contained in:
parent
601f956e3b
commit
1387321eaa
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=565324
3 changed files with 26 additions and 73 deletions
|
@ -2,7 +2,7 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME= tor
|
||||
DISTVERSION= 0.4.4.7
|
||||
DISTVERSION= 0.4.5.6
|
||||
CATEGORIES= security net
|
||||
MASTER_SITES= TOR
|
||||
|
||||
|
@ -23,13 +23,15 @@ CONFIGURE_ENV= TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \
|
|||
TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}"
|
||||
|
||||
OPTIONS_DEFINE= MANPAGES DOCS STATIC_TOR TCMALLOC
|
||||
OPTIONS_GROUP= COMPRESSION
|
||||
OPTIONS_GROUP= COMPRESSION TRACING
|
||||
OPTIONS_GROUP_COMPRESSION= ZSTD LZMA
|
||||
OPTIONS_GROUP_TRACING= LTTNG USDT LOG_DEBUG
|
||||
OPTIONS_DEFAULT=MANPAGES ZSTD LZMA
|
||||
OPTIONS_SUB= yes
|
||||
STATIC_TOR_DESC= Build a static tor
|
||||
TCMALLOC_DESC= Use the tcmalloc memory allocation library
|
||||
COMPRESSION_DESC= Supported compression libraries
|
||||
TRACING_DESC= Tracing
|
||||
|
||||
USE_RC_SUBR= tor
|
||||
SUB_FILES= pkg-message
|
||||
|
@ -44,10 +46,23 @@ CONFLICTS_INSTALL= tor-devel
|
|||
STATIC_TOR_USES= ssl:build
|
||||
STATIC_TOR_USES_OFF= ssl
|
||||
|
||||
# compression options
|
||||
ZSTD_CONFIGURE_ENABLE= zstd
|
||||
ZSTD_CONFIGURE_ENV=TOR_ZSTD_LIBS="${TOR_ZSTD_LIBS}"
|
||||
LZMA_CONFIGURE_ENABLE= lzma
|
||||
|
||||
# tracing options
|
||||
LTTNG_DESC= Build with LTTng-UST instrumentation
|
||||
LTTNG_USES= localbase
|
||||
LTTNG_CONFIGURE_ENABLE= tracing-instrumentation-lttng
|
||||
LTTNG_LIB_DEPENDS= liblttng-ust.so:sysutils/lttng-ust
|
||||
USDT_DESC= Build with tracing USDT instrumentation
|
||||
USDT_CONFIGURE_ENABLE= tracing-instrumentation-usdt
|
||||
USDT_LIB_DEPENDS= liblttng-ust.so:sysutils/lttng-ust
|
||||
USDT_BROKEN= error: use of undeclared identifier 'tor_circuit': https://gitlab.torproject.org/tpo/core/tor/-/issues/40174#note_2714275
|
||||
LOG_DEBUG_DESC= Build with tracing event to debug log
|
||||
LOG_DEBUG_CONFIGURE_ENABLE= tracing-instrumentation-log-debug
|
||||
|
||||
.include <bsd.port.options.mk>
|
||||
|
||||
.if ${PORT_OPTIONS:MDOCS} || ${PORT_OPTIONS:MMANPAGES}
|
||||
|
@ -71,6 +86,7 @@ TOR_LIBEVENT_LIBS= ${LOCALBASE}/lib/libevent.a
|
|||
. if ${PORT_OPTIONS:MZSTD}
|
||||
BUILD_DEPENDS+= ${LOCALBASE}/lib/libzstd.a:archivers/zstd
|
||||
TOR_ZSTD_LIBS= ${LOCALBASE}/lib/libzstd.a
|
||||
LDFLAGS+= -lelf # needed by libexecinfo.a
|
||||
. endif
|
||||
.else
|
||||
CONFIGURE_ARGS+= --enable-linker-hardening
|
||||
|
@ -85,7 +101,8 @@ TOR_ZSTD_LIBS= -lzstd
|
|||
.if ${PORT_OPTIONS:MTCMALLOC}
|
||||
CONFIGURE_ARGS+= --with-malloc=tcmalloc
|
||||
.if ${PORT_OPTIONS:MSTATIC_TOR}
|
||||
BUILD_DEPENDS+= ${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools
|
||||
BUILD_DEPENDS+= ${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools # for static 'tor' executable
|
||||
RUN_DEPENDS+= google-perftool>0:devel/google-perftools # for a still-dynamic 'tor-gencert' executable
|
||||
LDFLAGS+= -lc++ -lm # required by libtcmalloc.a and isn't cocered by google-perftools' `pkg-config --libs libtcmalloc` output
|
||||
.else
|
||||
LIB_DEPENDS+= libtcmalloc.so:devel/google-perftools
|
||||
|
@ -101,8 +118,8 @@ post-patch:
|
|||
${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|lib/tor|db/tor|' \
|
||||
${WRKSRC}/src/config/torrc.*.in \
|
||||
${WRKSRC}/doc/tor.1.* \
|
||||
${WRKSRC}/doc/tor.html.in
|
||||
${WRKSRC}/doc/man/tor.1.* \
|
||||
${WRKSRC}/doc/man/tor.html.in
|
||||
|
||||
post-install:
|
||||
@${MKDIR} ${STAGEDIR}/var/log/tor ${STAGEDIR}/var/run/tor ${STAGEDIR}/var/db/tor
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
TIMESTAMP = 1612376430
|
||||
SHA256 (tor-0.4.4.7.tar.gz) = 326d2926177f0c7838cac213456d0056817d57f3f2e46714a2911c7d7a9b05ee
|
||||
SIZE (tor-0.4.4.7.tar.gz) = 7812645
|
||||
TIMESTAMP = 1613411993
|
||||
SHA256 (tor-0.4.5.6.tar.gz) = 22cba3794fedd5fa87afc1e512c6ce2c21bc20b4e1c6f8079d832dc1e545e733
|
||||
SIZE (tor-0.4.5.6.tar.gz) = 7926711
|
||||
|
|
|
@ -1,64 +0,0 @@
|
|||
- submitted by brnrd@ in PR#253486
|
||||
|
||||
From b22568a54506e4b79b72530f89f21032e6435414 Mon Sep 17 00:00:00 2001
|
||||
From: Nick Mathewson <nickm@torproject.org>
|
||||
Date: Fri, 6 Nov 2020 10:29:28 -0500
|
||||
Subject: [PATCH] Rename OpenSSL_version_num() as defined in Tor
|
||||
|
||||
This way, if we guess wrong about whether the library has it,
|
||||
we don't conflict with the library's headers.
|
||||
|
||||
Fixes #40181; bug not in any released version.
|
||||
---
|
||||
src/lib/crypt_ops/compat_openssl.h | 3 ++-
|
||||
src/lib/crypt_ops/crypto_openssl_mgt.c | 2 +-
|
||||
src/lib/tls/tortls_openssl.c | 2 +-
|
||||
3 files changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/lib/crypt_ops/compat_openssl.h b/src/lib/crypt_ops/compat_openssl.h
|
||||
index c2e1459078..aa66e0c3fa 100644
|
||||
--- src/lib/crypt_ops/compat_openssl.h.orig
|
||||
+++ src/lib/crypt_ops/compat_openssl.h
|
||||
@@ -34,7 +34,7 @@
|
||||
|
||||
#ifndef OPENSSL_1_1_API
|
||||
#define OpenSSL_version(v) SSLeay_version(v)
|
||||
-#define OpenSSL_version_num() SSLeay()
|
||||
+#define tor_OpenSSL_version_num() SSLeay()
|
||||
#define RAND_OpenSSL() RAND_SSLeay()
|
||||
#define STATE_IS_SW_SERVER_HELLO(st) \
|
||||
(((st) == SSL3_ST_SW_SRVR_HELLO_A) || \
|
||||
@@ -42,6 +42,7 @@
|
||||
#define OSSL_HANDSHAKE_STATE int
|
||||
#define CONST_IF_OPENSSL_1_1_API
|
||||
#else /* defined(OPENSSL_1_1_API) */
|
||||
+#define tor_OpenSSL_version_num() OpenSSL_version_num()
|
||||
#define STATE_IS_SW_SERVER_HELLO(st) \
|
||||
((st) == TLS_ST_SW_SRVR_HELLO)
|
||||
#define CONST_IF_OPENSSL_1_1_API const
|
||||
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
|
||||
index 065cbca1cc..e763491a11 100644
|
||||
--- src/lib/crypt_ops/crypto_openssl_mgt.c.orig
|
||||
+++ src/lib/crypt_ops/crypto_openssl_mgt.c
|
||||
@@ -222,7 +222,7 @@ crypto_openssl_early_init(void)
|
||||
|
||||
setup_openssl_threading();
|
||||
|
||||
- unsigned long version_num = OpenSSL_version_num();
|
||||
+ unsigned long version_num = tor_OpenSSL_version_num();
|
||||
const char *version_str = crypto_openssl_get_version_str();
|
||||
if (version_num == OPENSSL_VERSION_NUMBER &&
|
||||
!strcmp(version_str, OPENSSL_VERSION_TEXT)) {
|
||||
diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
|
||||
index 2269714141..ad9b49ab4f 100644
|
||||
--- src/lib/tls/tortls_openssl.c.orig
|
||||
+++ src/lib/tls/tortls_openssl.c
|
||||
@@ -342,7 +342,7 @@ tor_tls_init(void)
|
||||
|
||||
#if (SIZEOF_VOID_P >= 8 && \
|
||||
OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1))
|
||||
- long version = OpenSSL_version_num();
|
||||
+ long version = tor_OpenSSL_version_num();
|
||||
|
||||
/* LCOV_EXCL_START : we can't test these lines on the same machine */
|
||||
if (version >= OPENSSL_V_SERIES(1,0,1)) {
|
Loading…
Reference in a new issue