Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Mar 2008 21:07:54 GMT
From:      bf <bf2006a@yahoo.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/121881: [PATCH]security/tor-devel: update to 0.2.0.22-rc
Message-ID:  <200803192107.m2JL7sG5003104@www.freebsd.org>
Resent-Message-ID: <200803192110.m2JLA0Gr042872@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         121881
>Category:       ports
>Synopsis:       [PATCH]security/tor-devel: update to 0.2.0.22-rc
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 19 21:10:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     bf
>Release:        7-STABLE i386
>Organization:
-
>Environment:
>Description:
-fixed a few port Makefile glitches (which masked some configure script problems,  ugh!)

-updated to 0.2.0.22-rc:

Changes in version 0.2.0.22-rc - 2008-03-18
  o Major features:
    - Enable encrypted directory connections by default for non-relays,
      so censor tools that block Tor directory connections based on their
      plaintext patterns will no longer work. This means Tor works in
      certain censored countries by default again.

  o Major bugfixes:
    - Make sure servers always request certificates from clients during
      TLS renegotiation. Reported by lodger; bugfix on 0.2.0.20-rc.
    - Do not enter a CPU-eating loop when a connection is closed in
      the middle of client-side TLS renegotiation. Fixes bug 622. Bug
      diagnosed by lodger; bugfix on 0.2.0.20-rc.
    - Fix assertion failure that could occur when a blocked circuit
      became unblocked, and it had pending client DNS requests. Bugfix
      on 0.2.0.1-alpha. Fixes bug 632.

  o Minor bugfixes (on 0.1.2.x):
    - Generate "STATUS_SERVER" events rather than misspelled
      "STATUS_SEVER" events. Caught by mwenge.
    - When counting the number of bytes written on a TLS connection,
      look at the BIO actually used for writing to the network, not
      at the BIO used (sometimes) to buffer data for the network.
      Looking at different BIOs could result in write counts on the
      order of ULONG_MAX. Fixes bug 614.
    - On Windows, correctly detect errors when listing the contents of
      a directory. Fix from lodger.

  o Minor bugfixes (on 0.2.0.x):
    - Downgrade "sslv3 alert handshake failure" message to INFO.
    - If we set RelayBandwidthRate and RelayBandwidthBurst very high but
      left BandwidthRate and BandwidthBurst at the default, we would be
      silently limited by those defaults. Now raise them to match the
      RelayBandwidth* values.
    - Fix the SVK version detection logic to work correctly on a branch.
    - Make --enable-openbsd-malloc work correctly on Linux with alpha
      CPUs. Fixes bug 625.
    - Logging functions now check that the passed severity is sane.
    - Use proper log levels in the testsuite call of
      get_interface_address6().
    - When using a nonstandard malloc, do not use the platform values for
      HAVE_MALLOC_GOOD_SIZE or HAVE_MALLOC_USABLE_SIZE.
    - Make the openbsd malloc code use 8k pages on alpha CPUs and
      16k pages on ia64.
    - Detect mismatched page sizes when using --enable-openbsd-malloc.
    - Avoid double-marked-for-close warning when certain kinds of invalid
      .in-addr.arpa addresses are passed to the DNSPort. Part of a fix
      for bug 617. Bugfix on 0.2.0.1-alpha.
    - Make sure that the "NULL-means-reject *:*" convention is followed by
      all the policy manipulation functions, avoiding some possible crash
      bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha.
    - Fix the implementation of ClientDNSRejectInternalAddresses so that it
      actually works, and doesn't warn about every single reverse lookup.
      Fixes the other part of bug 617.  Bugfix on 0.2.0.1-alpha.

  o Minor features:
    - Only log guard node status when guard node status has changed.
    - Downgrade the 3 most common "INFO" messages to "DEBUG". This will
      make "INFO" 75% less verbose.



I haven't tested use of the port with tcmalloc, but as this is a development port, it seems reasonable to expose this option for experimentation.  Also, since I don't run tor via an rc.d script, I did not make changes to address the problem reported in PR ports/120811, or even verify that it exists.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN tor-devel.orig/Makefile tor-devel/Makefile
--- tor-devel.orig/Makefile	2008-03-06 04:45:40.000000000 -0500
+++ tor-devel/Makefile	2008-03-19 16:11:48.656234425 -0400
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	tor
-DISTVERSION=	0.2.0.21-rc
+DISTVERSION=	0.2.0.22-rc
 CATEGORIES=	security net
 MASTER_SITES=	http://www.torproject.org/dist/ \
 		http://mirror.onionland.org/dist/
@@ -20,8 +20,12 @@
 
 GNU_CONFIGURE=	yes
 USE_OPENSSL=	yes
+CPPFLAGS+=	-I${LOCALBASE}/include
+CONFIGURE_ENV+= CPPFLAGS="${CPPFLAGS}"
 
-OPTIONS=	CELLPOOL "memory pool allocator for cells" on \
+OPTIONS=	BUFFREELISTS "freelists for buffer RAM" on \
+		CELLPOOL "memory pool allocator for cells" on \
+		TCMALLOC "use the tcmalloc memory allocation library" off \
 		THREADS "multi-threading support" on \
 		TRANSPARENT "transparent proxy support" on \
 		VIDALIA "Vidalia graphical Tor controller" off
@@ -36,8 +40,11 @@
 
 .include <bsd.port.pre.mk>
 
-CONFIGURE_ENV+=	CPPFLAGS+=-I{LOCALBASE}/include \
-		LDFLAGS+=-L{LOCALBASE}/lib
+.if defined(WITH_BUFFREELISTS)
+CONFIGURE_ARGS+=	--enable-buf-freelists
+.else
+CONFIGURE_ARGS+=	--disable-buf-freelists
+.endif
 
 .if defined(WITH_CELLPOOL)
 CONFIGURE_ARGS+=	--enable-cell-pool
@@ -45,9 +52,14 @@
 CONFIGURE_ARGS+=	--disable-cell-pool
 .endif
 
+.if defined(WITH_TCMALLOC)
+CONFIGURE_ARGS+=	--with-tcmalloc
+LIB_DEPENDS+=		tcmalloc:${PORTSDIR}/devel/google-perftools
+.endif
+
 .if defined(WITH_THREADS)
 CONFIGURE_ARGS+=	--enable-threads
-CONFIGURE_ENV+=	LDFLAGS+={PTHREAD_LIBS}
+CFLAGS+=		${PTHREAD_CFLAGS}
 .else
 CONFIGURE_ARGS+=	--disable-threads
 .endif
@@ -67,13 +79,11 @@
 		${WRKSRC}/contrib/tor-tsocks.conf.sample
 	@${REINPLACE_CMD} -e "s|tor-tsocks.conf|tor-tsocks.conf.sample|g" \
 		${WRKSRC}/contrib/Makefile.in
-#fix typos in configure scripts, undesirable compiler flags, wrong location of in6.h
 	@${FIND} ${WRKSRC} -type f | ${XARGS} \
 		-n 10 ${REINPLACE_CMD} -E \
 		-e 's|-g -O2||g' \
 		-e 's|-O2||g' \
 		-e 's|-g -O||g' \
-		-e 's|netintet|netinet|g' \
 		-e 's|netinet/in6|netinet6/in6|g'
 
 post-configure:
diff -ruN tor-devel.orig/distinfo tor-devel/distinfo
--- tor-devel.orig/distinfo	2008-03-06 04:45:40.000000000 -0500
+++ tor-devel/distinfo	2008-03-19 16:11:48.652231402 -0400
@@ -1,3 +1,3 @@
-MD5 (tor-0.2.0.21-rc.tar.gz) = cfedbbc30e687b427e0aa0d006fde0c6
-SHA256 (tor-0.2.0.21-rc.tar.gz) = 6b7b161be6c573b42caaab5e4201b7797264f0dc2d27119872587f00007a68ba
-SIZE (tor-0.2.0.21-rc.tar.gz) = 1540586
+MD5 (tor-0.2.0.22-rc.tar.gz) = 9404ea3f6e4b01af01a34e95cd937723
+SHA256 (tor-0.2.0.22-rc.tar.gz) = f2bed9305107d36828d4becd7e186c6aa514d713e456d4ecbc20782def55cfdd
+SIZE (tor-0.2.0.22-rc.tar.gz) = 1541300


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200803192107.m2JL7sG5003104>