From 66b9522c26e9692ddf0aeadaf20c30529f50f397 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:28:02 +0100 Subject: [PATCH 1/5] tor: update to version 0.2.9.8 In addition update some configure options and use EXTRA_CFLAGS. Setting RunAsDaemon to 1 will be overwritten by the init script option "--runasdaemon 0" anyway and we want it in foreground for procd. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 20 +++++++++++++------- net/tor/patches/001-torrc.patch | 9 ++------- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 570140d43..e4299cc98 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.8.11 +PKG_VERSION:=0.2.9.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=7adea0bfa17edafd4e09453f4f58a0dca737660e5358f9dafd52d55d55dc6ab3 +PKG_MD5SUM:=fbdd33d3384574297b88744622382008d1e0f9ddd300d330746c464b7a7d746a PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE @@ -66,17 +66,23 @@ endef CONFIGURE_ARGS += \ --with-libevent-dir="$(STAGING_DIR)/usr" \ --with-ssl-dir="$(STAGING_DIR)/usr" \ + --with-openssl-dir="$(STAGING_DIR)/usr" \ + --with-zlib-dir="$(STAGING_DIR)/usr" \ --disable-asciidoc \ - --disable-seccomp + --disable-seccomp \ + --disable-libscrypt \ + --disable-unittests \ + --disable-largefile \ + --with-tor-user=tor \ + --with-tor-group=tor + +EXTRA_CFLAGS += -std=gnu99 ifneq ($(CONFIG_SSP_SUPPORT),y) CONFIGURE_ARGS += \ --disable-gcc-hardening - MAKE_FLAGS += \ - CFLAGS="$(TARGET_CFLAGS) -std=gnu99" else - MAKE_FLAGS += \ - CFLAGS="$(TARGET_CFLAGS) -fPIC -std=gnu99" + EXTRA_CFLAGS += -fPIC endif CONFIGURE_VARS += \ diff --git a/net/tor/patches/001-torrc.patch b/net/tor/patches/001-torrc.patch index 47e04f93f..eb315a077 100644 --- a/net/tor/patches/001-torrc.patch +++ b/net/tor/patches/001-torrc.patch @@ -1,11 +1,6 @@ --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in -@@ -46,11 +46,11 @@ - ## Uncomment this to start the process in the background... or use - ## --runasdaemon 1 on the command line. This is ignored on Windows; - ## see the FAQ entry if you want Tor to run as an NT service. --#RunAsDaemon 1 -+RunAsDaemon 1 +@@ -50,7 +50,7 @@ ## The directory for keeping all the keys/etc. By default, we store ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. @@ -14,7 +9,7 @@ ## The port on which Tor will listen for local connections from Tor ## controller applications, as documented in control-spec.txt. -@@ -202,3 +202,4 @@ +@@ -204,3 +204,4 @@ ## address manually to your friends, uncomment this line: #PublishServerDescriptor 0 From 3c3f70979212d14973a55f48cd97f77ae91b52b3 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:29:19 +0100 Subject: [PATCH 2/5] tor: preserve tor keys over sysupgrade Mark the directories containing the keys for hidden services as conffiles to preserve them over sysupgrade. Fixes: #2247 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index e4299cc98..17e80f139 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -61,6 +61,8 @@ endef define Package/tor/conffiles /etc/tor/torrc +/var/lib/tor/fingerprint +/var/lib/tor/keys/* endef CONFIGURE_ARGS += \ From f382d5da0dd6bf2fec07331e2d677dbccdc6bd5a Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:26:41 +0100 Subject: [PATCH 3/5] tor: add geoip6 to tor-geoip This add the IPv6 addresses to the tor-geoip6 package. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index 17e80f139..ad1ca87fd 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -102,6 +102,7 @@ endef define Package/tor-geoip/install $(INSTALL_DIR) $(1)/usr/share/tor $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip6 $(1)/usr/share/tor/ endef $(eval $(call BuildPackage,tor)) From 239ed96b0d7279e71ed233f3f9c038050c589026 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:38:14 +0100 Subject: [PATCH 4/5] tor: add tor-gencert, tor-resolve and torify These are some additional applications build by the tor package. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index ad1ca87fd..b00698033 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -48,6 +48,28 @@ $(call Package/tor/Default/description) This package contains the tor daemon. endef +define Package/tor-gencert +$(call Package/tor/Default) + TITLE:=Tor certificate generation + DEPENDS:=+tor +endef + +define Package/tor-gencert/description +$(call Package/tor/Default/description) + Generate certs and keys for Tor directory authorities +endef + +define Package/tor-resolve +$(call Package/tor/Default) + TITLE:=tor hostname resolve + DEPENDS:=+tor +endef + +define Package/tor-resolve/description +$(call Package/tor/Default/description) + Resolve a hostname to an IP address via tor +endef + define Package/tor-geoip $(call Package/tor/Default) TITLE:=GeoIP db for tor @@ -93,12 +115,23 @@ CONFIGURE_VARS += \ define Package/tor/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/torify $(1)/usr/sbin/ $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/tor.init $(1)/etc/init.d/tor $(INSTALL_DIR) $(1)/etc/tor $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/tor/torrc.sample $(1)/etc/tor/torrc endef +define Package/tor-gencert/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-gencert $(1)/usr/sbin/ +endef + +define Package/tor-resolve/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-resolve $(1)/usr/sbin/ +endef + define Package/tor-geoip/install $(INSTALL_DIR) $(1)/usr/share/tor $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/ @@ -106,4 +139,6 @@ define Package/tor-geoip/install endef $(eval $(call BuildPackage,tor)) +$(eval $(call BuildPackage,tor-gencert)) +$(eval $(call BuildPackage,tor-resolve)) $(eval $(call BuildPackage,tor-geoip)) From 275874dc22180f61d62f0d7a6793d223eb618fc6 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 17:40:43 +0100 Subject: [PATCH 5/5] tor: log to syslog by default Make tor log to syslog by default instead of stdout. Signed-off-by: Hauke Mehrtens --- net/tor/patches/001-torrc.patch | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/net/tor/patches/001-torrc.patch b/net/tor/patches/001-torrc.patch index eb315a077..1a784d2ff 100644 --- a/net/tor/patches/001-torrc.patch +++ b/net/tor/patches/001-torrc.patch @@ -1,5 +1,14 @@ --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in +@@ -39,7 +39,7 @@ + ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log + #Log debug file @LOCALSTATEDIR@/log/tor/debug.log + ## Use the system log instead of Tor's logfiles +-#Log notice syslog ++Log notice syslog + ## To send all messages to stderr: + #Log debug stderr + @@ -50,7 +50,7 @@ ## The directory for keeping all the keys/etc. By default, we store