kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/net/tor/Makefile

74 lines
1.8 KiB
Makefile
Raw Normal View History

update to 0.2.2.32 Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally ready. More than two years in the making, this release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many many other features and bugfixes.
2011-09-06 21:34:01 +02:00
# $NetBSD: Makefile,v 1.80 2011/09/06 19:34:01 drochner Exp $
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
#
update to 0.2.2.32 Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally ready. More than two years in the making, this release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many many other features and bugfixes.
2011-09-06 21:34:01 +02:00
DISTNAME= tor-0.2.2.32
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
CATEGORIES= net security
new homepage and dist site is http://www.torproject.org/
2008-01-06 20:44:23 +01:00
MASTER_SITES= http://www.torproject.org/dist/
update to 0.2.2.32 Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally ready. More than two years in the making, this release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many many other features and bugfixes.
2011-09-06 21:34:01 +02:00
FETCH_USING= curl
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
MAINTAINER= athaba@users.sourceforge.net
new homepage and dist site is http://www.torproject.org/
2008-01-06 20:44:23 +01:00
HOMEPAGE= http://www.torproject.org/
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
COMMENT= Anonymizing overlay network for TCP
Update tor to 0.2.0.35. maintainer update request via PR 41688. Changes in version 0.2.0.35 - 2009-06-24 o Security fix: - Avoid crashing in the presence of certain malformed descriptors. Found by lark, and by automated fuzzing. - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta. o Major bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes: directory mirrors were mistakenly telling them their old address if they asked via begin_dir, so they never got an accurate answer about their new address, so they just vanished after a day. For belt-and-suspenders, relays that don't set Address in their config now avoid using begin_dir for all direct connections. Should fix bugs 827, 883, and 900. - Fix a timing-dependent, allocator-dependent, DNS-related crash bug that would occur on some exit nodes when DNS failures and timeouts occurred in certain patterns. Fix for bug 957. o Minor bugfixes: - When starting with a cache over a few days old, do not leak memory for the obsolete router descriptors in it. Bugfix on 0.2.0.33; fixes bug 672. - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either, because there was already one in the cache. Now, fetch a v2 descriptor unless the same descriptor was added to the cache within the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
2009-07-09 13:52:31 +02:00
LICENSE= modified-bsd
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
Update tor to 0.2.0.32. Based on PR 40241 by Taylor R Campbell. While here, add DESTDIR support. Changes in version 0.2.0.32 - 2008-11-20 o Security fixes: - The "User" and "Group" config options did not clear the supplementary group entries for the Tor process. The "User" option is now more robust, and we now set the groups to the specified user's primary group. The "Group" option is now ignored. For more detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857. - The "ClientDNSRejectInternalAddresses" config option wasn't being consistently obeyed: if an exit relay refuses a stream because its exit policy doesn't allow it, we would remember what IP address the relay said the destination address resolves to, even if it's an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv. o Major bugfixes: - Fix a DOS opportunity during the voting signature collection process at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x. o Major bugfixes (hidden services): - When fetching v0 and v2 rendezvous service descriptors in parallel, we were failing the whole hidden service request when the v0 descriptor fetch fails, even if the v2 fetch is still pending and might succeed. Similarly, if the last v2 fetch fails, we were failing the whole hidden service request even if a v0 fetch is still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha. - When extending a circuit to a hidden service directory to upload a rendezvous descriptor using a BEGIN_DIR cell, almost 1/6 of all requests failed, because the router descriptor has not been downloaded yet. In these cases, do not attempt to upload the rendezvous descriptor, but wait until the router descriptor is downloaded and retry. Likewise, do not attempt to fetch a rendezvous descriptor from a hidden service directory for which the router descriptor has not yet been downloaded. Fixes bug 767. Bugfix on 0.2.0.10-alpha. o Minor bugfixes: - Fix several infrequent memory leaks spotted by Coverity. - When testing for libevent functions, set the LDFLAGS variable correctly. Found by Riastradh. - Avoid a bug where the FastFirstHopPK 0 option would keep Tor from bootstrapping with tunneled directory connections. Bugfix on 0.1.2.5-alpha. Fixes bug 797. Found by Erwin Lam. - When asked to connect to A.B.exit:80, if we don't know the IP for A and we know that server B rejects most-but-not all connections to port 80, we would previously reject the connection. Now, we assume the user knows what they were asking for. Fixes bug 752. Bugfix on 0.0.9rc5. Diagnosed by BarkerJr. - If we overrun our per-second write limits a little, count this as having used up our write allocation for the second, and choke outgoing directory writes. Previously, we had only counted this when we had met our limits precisely. Fixes bug 824. Patch from by rovv. Bugfix on 0.2.0.x (??). - Remove the old v2 directory authority 'lefkada' from the default list. It has been gone for many months. - Stop doing unaligned memory access that generated bus errors on sparc64. Bugfix on 0.2.0.10-alpha. Fixes bug 862. - Make USR2 log-level switch take effect immediately. Bugfix on 0.1.2.8-beta. o Minor bugfixes (controller): - Make DNS resolved events into "CLOSED", not "FAILED". Bugfix on 0.1.2.5-alpha. Fix by Robert Hogan. Resolves bug 807.
2008-12-21 12:10:27 +01:00
PKG_DESTDIR_SUPPORT= user-destdir
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
.include "../../mk/bsd.prefs.mk"
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
USE_LANGUAGES= c99
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
USE_PKGLOCALEDIR= yes
GNU_CONFIGURE= yes
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
Update tor to 0.1.2.17. Changes in version 0.1.2.17 - 2007-08-30 o Major bugfixes (security): - We removed support for the old (v0) control protocol. It has been deprecated since Tor 0.1.1.1-alpha, and keeping it secure has become more of a headache than it's worth. o Major bugfixes (load balancing): - When choosing nodes for non-guard positions, weight guards proportionally less, since they already have enough load. Patch from Mike Perry. - Raise the "max believable bandwidth" from 1.5MB/s to 10MB/s. This will allow fast Tor servers to get more attention. - When we're upgrading from an old Tor version, forget our current guards and pick new ones according to the new weightings. These three load balancing patches could raise effective network capacity by a factor of four. Thanks to Mike Perry for measurements. o Major bugfixes (stream expiration): - Expire not-yet-successful application streams in all cases if they've been around longer than SocksTimeout. Right now there are some cases where the stream will live forever, demanding a new circuit every 15 seconds. Fixes bug 454; reported by lodger. o Minor features (controller): - Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it is valid before any authentication has been received. It tells a controller what kind of authentication is expected, and what protocol is spoken. Implements proposal 119. o Minor bugfixes (performance): - Save on most routerlist_assert_ok() calls in routerlist.c, thus greatly speeding up loading cached-routers from disk on startup. - Disable sentinel-based debugging for buffer code: we squashed all the bugs that this was supposed to detect a long time ago, and now its only effect is to change our buffer sizes from nice powers of two (which platform mallocs tend to like) to values slightly over powers of two (which make some platform mallocs sad). o Minor bugfixes (misc): - If exit bandwidth ever exceeds one third of total bandwidth, then use the correct formula to weight exit nodes when choosing paths. Based on patch from Mike Perry. - Choose perfectly fairly among routers when choosing by bandwidth and weighting by fraction of bandwidth provided by exits. Previously, we would choose with only approximate fairness, and correct ourselves if we ran off the end of the list. - If we require CookieAuthentication but we fail to write the cookie file, we would warn but not exit, and end up in a state where no controller could authenticate. Now we exit. - If we require CookieAuthentication, stop generating a new cookie every time we change any piece of our config. - Refuse to start with certain directory authority keys, and encourage people using them to stop. - Terminate multi-line control events properly. Original patch from tup. - Fix a minor memory leak when we fail to find enough suitable servers to choose a circuit. - Stop leaking part of the descriptor when we run into a particularly unparseable piece of it.
2007-09-11 17:53:57 +02:00
CONFIGURE_ENV+= CPP=${CPP:Q}
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASEDIR}
Update tor to 0.1.2.17. Changes in version 0.1.2.17 - 2007-08-30 o Major bugfixes (security): - We removed support for the old (v0) control protocol. It has been deprecated since Tor 0.1.1.1-alpha, and keeping it secure has become more of a headache than it's worth. o Major bugfixes (load balancing): - When choosing nodes for non-guard positions, weight guards proportionally less, since they already have enough load. Patch from Mike Perry. - Raise the "max believable bandwidth" from 1.5MB/s to 10MB/s. This will allow fast Tor servers to get more attention. - When we're upgrading from an old Tor version, forget our current guards and pick new ones according to the new weightings. These three load balancing patches could raise effective network capacity by a factor of four. Thanks to Mike Perry for measurements. o Major bugfixes (stream expiration): - Expire not-yet-successful application streams in all cases if they've been around longer than SocksTimeout. Right now there are some cases where the stream will live forever, demanding a new circuit every 15 seconds. Fixes bug 454; reported by lodger. o Minor features (controller): - Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it is valid before any authentication has been received. It tells a controller what kind of authentication is expected, and what protocol is spoken. Implements proposal 119. o Minor bugfixes (performance): - Save on most routerlist_assert_ok() calls in routerlist.c, thus greatly speeding up loading cached-routers from disk on startup. - Disable sentinel-based debugging for buffer code: we squashed all the bugs that this was supposed to detect a long time ago, and now its only effect is to change our buffer sizes from nice powers of two (which platform mallocs tend to like) to values slightly over powers of two (which make some platform mallocs sad). o Minor bugfixes (misc): - If exit bandwidth ever exceeds one third of total bandwidth, then use the correct formula to weight exit nodes when choosing paths. Based on patch from Mike Perry. - Choose perfectly fairly among routers when choosing by bandwidth and weighting by fraction of bandwidth provided by exits. Previously, we would choose with only approximate fairness, and correct ourselves if we ran off the end of the list. - If we require CookieAuthentication but we fail to write the cookie file, we would warn but not exit, and end up in a state where no controller could authenticate. Now we exit. - If we require CookieAuthentication, stop generating a new cookie every time we change any piece of our config. - Refuse to start with certain directory authority keys, and encourage people using them to stop. - Terminate multi-line control events properly. Original patch from tup. - Fix a minor memory leak when we fail to find enough suitable servers to choose a circuit. - Stop leaking part of the descriptor when we run into a particularly unparseable piece of it.
2007-09-11 17:53:57 +02:00
TEST_TARGET= check
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
TOR_USER?= tor
TOR_GROUP?= tor
Update tor to 0.1.2.17. Changes in version 0.1.2.17 - 2007-08-30 o Major bugfixes (security): - We removed support for the old (v0) control protocol. It has been deprecated since Tor 0.1.1.1-alpha, and keeping it secure has become more of a headache than it's worth. o Major bugfixes (load balancing): - When choosing nodes for non-guard positions, weight guards proportionally less, since they already have enough load. Patch from Mike Perry. - Raise the "max believable bandwidth" from 1.5MB/s to 10MB/s. This will allow fast Tor servers to get more attention. - When we're upgrading from an old Tor version, forget our current guards and pick new ones according to the new weightings. These three load balancing patches could raise effective network capacity by a factor of four. Thanks to Mike Perry for measurements. o Major bugfixes (stream expiration): - Expire not-yet-successful application streams in all cases if they've been around longer than SocksTimeout. Right now there are some cases where the stream will live forever, demanding a new circuit every 15 seconds. Fixes bug 454; reported by lodger. o Minor features (controller): - Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it is valid before any authentication has been received. It tells a controller what kind of authentication is expected, and what protocol is spoken. Implements proposal 119. o Minor bugfixes (performance): - Save on most routerlist_assert_ok() calls in routerlist.c, thus greatly speeding up loading cached-routers from disk on startup. - Disable sentinel-based debugging for buffer code: we squashed all the bugs that this was supposed to detect a long time ago, and now its only effect is to change our buffer sizes from nice powers of two (which platform mallocs tend to like) to values slightly over powers of two (which make some platform mallocs sad). o Minor bugfixes (misc): - If exit bandwidth ever exceeds one third of total bandwidth, then use the correct formula to weight exit nodes when choosing paths. Based on patch from Mike Perry. - Choose perfectly fairly among routers when choosing by bandwidth and weighting by fraction of bandwidth provided by exits. Previously, we would choose with only approximate fairness, and correct ourselves if we ran off the end of the list. - If we require CookieAuthentication but we fail to write the cookie file, we would warn but not exit, and end up in a state where no controller could authenticate. Now we exit. - If we require CookieAuthentication, stop generating a new cookie every time we change any piece of our config. - Refuse to start with certain directory authority keys, and encourage people using them to stop. - Terminate multi-line control events properly. Original patch from tup. - Fix a minor memory leak when we fail to find enough suitable servers to choose a circuit. - Stop leaking part of the descriptor when we run into a particularly unparseable piece of it.
2007-09-11 17:53:57 +02:00
PKG_HOME?= ${VARBASE}/chroot/tor
BUILD_DEFS+= VARBASE
Change to pass PKG_SYSCONFDIR to configure, fixes PR 37195. While here, change user/group and directory handling to the usual manner. Bump PKGREVISION.
2007-10-25 16:58:29 +02:00
PKG_SYSCONFSUBDIR= tor
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
Make it easier to build and install packages "unprivileged", where the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-07-04 22:54:31 +02:00
PKG_GROUPS_VARS+= TOR_GROUP
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
PKG_USERS_VARS= TOR_USER
Make it easier to build and install packages "unprivileged", where the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-07-04 22:54:31 +02:00
Fixed some spelling mistakes.
2006-05-28 19:50:23 +02:00
RCD_SCRIPTS= tor
Use standard rc script handler, instead of custom. Fixes PR 36965.
2007-09-11 17:26:14 +02:00
RCD_SCRIPT_SRC.tor= ${FILESDIR}/tor.in
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
PKG_GROUPS= ${TOR_GROUP}
Update to current stable version, tor-0.2.0.30, based on wip/tor. Thanks to athaba, netcap, and tvierling. Changes in version 0.2.0.30 - 2008-07-15 This new stable release switches to a more efficient directory distribution design, adds features to make connections to the Tor network harder to block, allows Tor to act as a DNS proxy, adds separate rate limiting for relayed traffic to make it easier for clients to become relays, fix a variety of potential anonymity problems, and includes the usual huge pile of other features and bug fixes.
2008-08-01 19:23:21 +02:00
PKG_USERS= ${TOR_USER}:${TOR_GROUP}::Torifier:${PKG_HOME}
Update tor to 0.0.9.4. pkgsrc changes: - depend on tsocks to allow torification of other applications - create a user for this application to run as - install a suitable rc script ChangeLog says: o Bugfixes on 0.0.9: - Fix an assert bug that took down most of our servers: when a server claims to have 500 GB of bandwidthburst, don't freak out. - Don't crash as badly if we have spawned the max allowed number of dnsworkers, or we're out of file descriptors. - Block more file-sharing ports in the default exit policy. - MaxConn is now automatically set to the hard limit of max file descriptors we're allowed (ulimit -n), minus a few for logs, etc. - Give a clearer message when servers need to raise their ulimit -n when they start running out of file descriptors. - SGI Compatibility patches from Jan Schaumann. - Tolerate a corrupt cached directory better. - When a dirserver hasn't approved your server, list which one. - Go into soft hibernation after 95% of the bandwidth is used, not 99%. This is especially important for daily hibernators who have a small accounting max. Hopefully it will result in fewer cut connections when the hard hibernation starts. - Load-balance better when using servers that claim more than 800kB/s of capacity. - Make NT services work (experimental, only used if compiled in).
2005-02-13 21:27:53 +01:00
USER_GROUP= ${TOR_USER} ${TOR_GROUP}
Change to pass PKG_SYSCONFDIR to configure, fixes PR 37195. While here, change user/group and directory handling to the usual manner. Bump PKGREVISION.
2007-10-25 16:58:29 +02:00
OWN_DIRS_PERMS+= ${PKG_HOME} ${USER_GROUP} 0700
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
CONF_FILES+= ${PREFIX}/share/examples/tor/tor-tsocks.conf \
Change to pass PKG_SYSCONFDIR to configure, fixes PR 37195. While here, change user/group and directory handling to the usual manner. Bump PKGREVISION.
2007-10-25 16:58:29 +02:00
${PKG_SYSCONFDIR}/tor-tsocks.conf
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
CONF_FILES+= ${PREFIX}/share/examples/tor/torrc.sample \
Change to pass PKG_SYSCONFDIR to configure, fixes PR 37195. While here, change user/group and directory handling to the usual manner. Bump PKGREVISION.
2007-10-25 16:58:29 +02:00
${PKG_SYSCONFDIR}/torrc
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
update to 0.2.1.30, from Christian Sturm (the MAINTAINER) per PR pkg/44702 changes: -fixes for less critical bugs -make TLS D-H parameters match those of Apache's mod_ssl pkgsrc changes: Makefile cleanup, appease plglint
2011-03-09 11:03:06 +01:00
FILES_SUBST+= PKG_HOME=${PKG_HOME}
FILES_SUBST+= TOR_USER=${TOR_USER} TOR_GROUP=${TOR_GROUP}
Update tor to 0.0.9.3. Pkgsrc changes: - make this build under IRIX. - tor has moved to tor.eff.org Version changes since 0.0.9.2: - Backport the cpu use fixes from main branch, so busy servers won't need as much processor time. - Work better when we go offline and then come back, or when we run Tor at boot before the network is up. We do this by optimistically trying to fetch a new directory whenever an application request comes in and we think we're offline -- the human is hopefully a good measure of when the network is back. - Backport some minimal hidserv bugfixes: keep rend circuits open as long as you keep using them; actually publish hidserv descriptors shortly after they change, rather than waiting 20-40 minutes. - Enable Mac startup script by default. - Fix duplicate dns_cancel_pending_resolve reported by Giorgos Pallas. - When you update AllowUnverifiedNodes or FirewallPorts via the controller's setconf feature, we were always appending, never resetting. - When you update HiddenServiceDir via setconf, it was screwing up the order of reading the lines, making it fail. - Do not rewrite a cached directory back to the cache; otherwise we will think it is recent and not fetch a newer one on startup. - Workaround for webservers that lie about Content-Encoding: Tor now tries to autodetect compressed directories and compression itself. This lets us Proxypass dir fetches through apache.
2005-02-02 17:41:22 +01:00
Update tor to 0.2.1.19. Based on maintainer update request via PR 41828. (remove patch-a{a,b} and make to simplify by me). Tor 0.2.1.18 lays the foundations for performance improvements, adds status events to help users diagnose bootstrap problems, adds optional authentication/authorization for hidden services, fixes a variety of potential anonymity problems, and includes a huge pile of other features and bug fixes. Tor 0.2.1.19 fixes a major bug with accessing and providing hidden services.
2009-08-18 07:48:08 +02:00
INSTALL_MAKE_FLAGS+= sysconfdir=${PREFIX}/share/examples
Add CHECK_PORTABILITY_SKIP.
2006-10-26 16:47:37 +02:00
CHECK_PORTABILITY_SKIP+=contrib/*
Update to current stable version, tor-0.2.0.30, based on wip/tor. Thanks to athaba, netcap, and tvierling. Changes in version 0.2.0.30 - 2008-07-15 This new stable release switches to a more efficient directory distribution design, adds features to make connections to the Tor network harder to block, allows Tor to act as a DNS proxy, adds separate rate limiting for relayed traffic to make it easier for clients to become relays, fix a variety of potential anonymity problems, and includes the usual huge pile of other features and bug fixes.
2008-08-01 19:23:21 +02:00
.if !empty(PKGSRC_COMPILER:Mmipspro)
CFLAGS+= -c99
.endif
update to 0.2.2.32 Tor 0.2.2.32, the first stable release in the 0.2.2 branch, is finally ready. More than two years in the making, this release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many many other features and bugfixes.
2011-09-06 21:34:01 +02:00
BUILD_DEPENDS+= asciidoc-[0-9]*:../../textproc/asciidoc
Update to current stable version, tor-0.2.0.30, based on wip/tor. Thanks to athaba, netcap, and tvierling. Changes in version 0.2.0.30 - 2008-07-15 This new stable release switches to a more efficient directory distribution design, adds features to make connections to the Tor network harder to block, allows Tor to act as a DNS proxy, adds separate rate limiting for relayed traffic to make it easier for clients to become relays, fix a variety of potential anonymity problems, and includes the usual huge pile of other features and bug fixes.
2008-08-01 19:23:21 +02:00
BUILDLINK_API_DEPENDS.libevent+= libevent>=1.2
update to 0.1.0.12 This is a major update, too many improvements to list here, see the ChangeLog in the distribution for details. pkgsrc changes: -remove dependency on tsocks; this is just one possible way to make applications use SOCKS; add a hint to MESSAGE -use the pkgsrc libevent - the NetBSD builtin is old, and tor complains loudly if it doesn't like the libevent version -make the rc.d script executable
2005-08-04 12:55:31 +02:00
.include "../../devel/libevent/buildlink3.mk"
This needs zlib, too. PKGREVISION++
2005-02-18 05:13:04 +01:00
.include "../../devel/zlib/buildlink3.mk"
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
.include "../../security/openssl/buildlink3.mk"
Update to current stable version, tor-0.2.0.30, based on wip/tor. Thanks to athaba, netcap, and tvierling. Changes in version 0.2.0.30 - 2008-07-15 This new stable release switches to a more efficient directory distribution design, adds features to make connections to the Tor network harder to block, allows Tor to act as a DNS proxy, adds separate rate limiting for relayed traffic to make it easier for clients to become relays, fix a variety of potential anonymity problems, and includes the usual huge pile of other features and bug fixes.
2008-08-01 19:23:21 +02:00
.include "../../mk/pthread.buildlink3.mk"
Update to version 0.1.2.18. Changes since the last release: o Major bugfixes (crashes): - If a connection is shut down abruptly because of something that happened inside connection_flushed_some(), do not call connection_finished_flushing(). Should fix bug 451: "connection_stop_writing: Assertion conn->write_event failed" Bugfix on 0.1.2.7-alpha. - Fix possible segfaults in functions called from rend_process_relay_cell(). o Major bugfixes (hidden services): - Hidden services were choosing introduction points uniquely by hexdigest, but when constructing the hidden service descriptor they merely wrote the (potentially ambiguous) nickname. - Clients now use the v2 intro format for hidden service connections: they specify their chosen rendezvous point by identity digest rather than by (potentially ambiguous) nickname. These changes could speed up hidden service connections dramatically. o Major bugfixes (other): - Stop publishing a new server descriptor just because we get a HUP signal. This led (in a roundabout way) to some servers getting dropped from the networkstatus lists for a few hours each day. - When looking for a circuit to cannibalize, consider family as well as identity. Fixes bug 438. Bugfix on 0.1.0.x (which introduced circuit cannibalization). - When a router wasn't listed in a new networkstatus, we were leaving the flags for that router alone -- meaning it remained Named, Running, etc -- even though absence from the networkstatus means that it shouldn't be considered to exist at all anymore. Now we clear all the flags for routers that fall out of the networkstatus consensus. Fixes bug 529. o Minor bugfixes: - Don't try to access (or alter) the state file when running --list-fingerprint or --verify-config or --hash-password. Resolves bug 499. - When generating information telling us how to extend to a given router, do not try to include the nickname if it is absent. Resolves bug 467. - Fix a user-triggerable segfault in expand_filename(). (There isn't a way to trigger this remotely.) - When sending a status event to the controller telling it that an OR address is readable, set the port correctly. (Previously we were reporting the dir port.) - Fix a minor memory leak whenever a controller sends the PROTOCOLINFO command. Bugfix on 0.1.2.17. - When loading bandwidth history, do not believe any information in the future. Fixes bug 434. - When loading entry guard information, do not believe any information in the future. - When we have our clock set far in the future and generate an onion key, then re-set our clock to be correct, we should not stop the onion key from getting rotated. - On some platforms, accept() can return a broken address. Detect this more quietly, and deal accordingly. Fixes bug 483. - It's not actually an error to find a non-pending entry in the DNS cache when canceling a pending resolve. Don't log unless stuff is fishy. Resolves bug 463. - Don't reset trusted dir server list when we set a configuration option. Patch from Robert Hogan.
2007-11-16 06:30:13 +01:00
## We include this after other b3.mk files since we use PTHREAD_TYPE.
##
.include "options.mk"
Import tor into pkgsrc: The simple version: Tor provides a distributed network of servers ("onion routers"). Users bounce their TCP streams (web traffic, FTP, SSH, etc.) around the routers. This makes it hard for recipients, observers, and even the onion routers themselves to track the source of the stream. The complex version: Onion Routing is a connection-oriented anonymizing communication service. Users choose a source-routed path through a set of nodes, and negotiate a "virtual circuit" through the network, in which each node knows its predecessor and successor, but no others. Traffic flowing down the circuit is unwrapped by a symmetric key at each node, which reveals the downstream node.
2004-08-13 21:33:41 +02:00
.include "../../mk/bsd.pkg.mk"
Reference in a new issue Copy permalink