From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Mar 19 21:10:01 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 39B471065674 for ; Wed, 19 Mar 2008 21:10:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 0F8C08FC1B for ; Wed, 19 Mar 2008 21:10:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JLA02P042873 for ; Wed, 19 Mar 2008 21:10:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m2JLA0Gr042872; Wed, 19 Mar 2008 21:10:00 GMT (envelope-from gnats) Resent-Date: Wed, 19 Mar 2008 21:10:00 GMT Resent-Message-Id: <200803192110.m2JLA0Gr042872@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, bf Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E309C1065670 for ; Wed, 19 Mar 2008 21:07:57 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id CAFAA8FC24 for ; Wed, 19 Mar 2008 21:07:57 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m2JL7slL003105 for ; Wed, 19 Mar 2008 21:07:54 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.2/8.14.1/Submit) id m2JL7sG5003104; Wed, 19 Mar 2008 21:07:54 GMT (envelope-from nobody) Message-Id: <200803192107.m2JL7sG5003104@www.freebsd.org> Date: Wed, 19 Mar 2008 21:07:54 GMT From: bf To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/121881: [PATCH]security/tor-devel: update to 0.2.0.22-rc X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 21:10:01 -0000 >Number: 121881 >Category: ports >Synopsis: [PATCH]security/tor-devel: update to 0.2.0.22-rc >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Mar 19 21:10:00 UTC 2008 >Closed-Date: >Last-Modified: >Originator: bf >Release: 7-STABLE i386 >Organization: - >Environment: >Description: -fixed a few port Makefile glitches (which masked some configure script problems, ugh!) -updated to 0.2.0.22-rc: Changes in version 0.2.0.22-rc - 2008-03-18 o Major features: - Enable encrypted directory connections by default for non-relays, so censor tools that block Tor directory connections based on their plaintext patterns will no longer work. This means Tor works in certain censored countries by default again. o Major bugfixes: - Make sure servers always request certificates from clients during TLS renegotiation. Reported by lodger; bugfix on 0.2.0.20-rc. - Do not enter a CPU-eating loop when a connection is closed in the middle of client-side TLS renegotiation. Fixes bug 622. Bug diagnosed by lodger; bugfix on 0.2.0.20-rc. - Fix assertion failure that could occur when a blocked circuit became unblocked, and it had pending client DNS requests. Bugfix on 0.2.0.1-alpha. Fixes bug 632. o Minor bugfixes (on 0.1.2.x): - Generate "STATUS_SERVER" events rather than misspelled "STATUS_SEVER" events. Caught by mwenge. - When counting the number of bytes written on a TLS connection, look at the BIO actually used for writing to the network, not at the BIO used (sometimes) to buffer data for the network. Looking at different BIOs could result in write counts on the order of ULONG_MAX. Fixes bug 614. - On Windows, correctly detect errors when listing the contents of a directory. Fix from lodger. o Minor bugfixes (on 0.2.0.x): - Downgrade "sslv3 alert handshake failure" message to INFO. - If we set RelayBandwidthRate and RelayBandwidthBurst very high but left BandwidthRate and BandwidthBurst at the default, we would be silently limited by those defaults. Now raise them to match the RelayBandwidth* values. - Fix the SVK version detection logic to work correctly on a branch. - Make --enable-openbsd-malloc work correctly on Linux with alpha CPUs. Fixes bug 625. - Logging functions now check that the passed severity is sane. - Use proper log levels in the testsuite call of get_interface_address6(). - When using a nonstandard malloc, do not use the platform values for HAVE_MALLOC_GOOD_SIZE or HAVE_MALLOC_USABLE_SIZE. - Make the openbsd malloc code use 8k pages on alpha CPUs and 16k pages on ia64. - Detect mismatched page sizes when using --enable-openbsd-malloc. - Avoid double-marked-for-close warning when certain kinds of invalid .in-addr.arpa addresses are passed to the DNSPort. Part of a fix for bug 617. Bugfix on 0.2.0.1-alpha. - Make sure that the "NULL-means-reject *:*" convention is followed by all the policy manipulation functions, avoiding some possible crash bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha. - Fix the implementation of ClientDNSRejectInternalAddresses so that it actually works, and doesn't warn about every single reverse lookup. Fixes the other part of bug 617. Bugfix on 0.2.0.1-alpha. o Minor features: - Only log guard node status when guard node status has changed. - Downgrade the 3 most common "INFO" messages to "DEBUG". This will make "INFO" 75% less verbose. I haven't tested use of the port with tcmalloc, but as this is a development port, it seems reasonable to expose this option for experimentation. Also, since I don't run tor via an rc.d script, I did not make changes to address the problem reported in PR ports/120811, or even verify that it exists. >How-To-Repeat: >Fix: Patch attached with submission follows: diff -ruN tor-devel.orig/Makefile tor-devel/Makefile --- tor-devel.orig/Makefile 2008-03-06 04:45:40.000000000 -0500 +++ tor-devel/Makefile 2008-03-19 16:11:48.656234425 -0400 @@ -6,7 +6,7 @@ # PORTNAME= tor -DISTVERSION= 0.2.0.21-rc +DISTVERSION= 0.2.0.22-rc CATEGORIES= security net MASTER_SITES= http://www.torproject.org/dist/ \ http://mirror.onionland.org/dist/ @@ -20,8 +20,12 @@ GNU_CONFIGURE= yes USE_OPENSSL= yes +CPPFLAGS+= -I${LOCALBASE}/include +CONFIGURE_ENV+= CPPFLAGS="${CPPFLAGS}" -OPTIONS= CELLPOOL "memory pool allocator for cells" on \ +OPTIONS= BUFFREELISTS "freelists for buffer RAM" on \ + CELLPOOL "memory pool allocator for cells" on \ + TCMALLOC "use the tcmalloc memory allocation library" off \ THREADS "multi-threading support" on \ TRANSPARENT "transparent proxy support" on \ VIDALIA "Vidalia graphical Tor controller" off @@ -36,8 +40,11 @@ .include -CONFIGURE_ENV+= CPPFLAGS+=-I{LOCALBASE}/include \ - LDFLAGS+=-L{LOCALBASE}/lib +.if defined(WITH_BUFFREELISTS) +CONFIGURE_ARGS+= --enable-buf-freelists +.else +CONFIGURE_ARGS+= --disable-buf-freelists +.endif .if defined(WITH_CELLPOOL) CONFIGURE_ARGS+= --enable-cell-pool @@ -45,9 +52,14 @@ CONFIGURE_ARGS+= --disable-cell-pool .endif +.if defined(WITH_TCMALLOC) +CONFIGURE_ARGS+= --with-tcmalloc +LIB_DEPENDS+= tcmalloc:${PORTSDIR}/devel/google-perftools +.endif + .if defined(WITH_THREADS) CONFIGURE_ARGS+= --enable-threads -CONFIGURE_ENV+= LDFLAGS+={PTHREAD_LIBS} +CFLAGS+= ${PTHREAD_CFLAGS} .else CONFIGURE_ARGS+= --disable-threads .endif @@ -67,13 +79,11 @@ ${WRKSRC}/contrib/tor-tsocks.conf.sample @${REINPLACE_CMD} -e "s|tor-tsocks.conf|tor-tsocks.conf.sample|g" \ ${WRKSRC}/contrib/Makefile.in -#fix typos in configure scripts, undesirable compiler flags, wrong location of in6.h @${FIND} ${WRKSRC} -type f | ${XARGS} \ -n 10 ${REINPLACE_CMD} -E \ -e 's|-g -O2||g' \ -e 's|-O2||g' \ -e 's|-g -O||g' \ - -e 's|netintet|netinet|g' \ -e 's|netinet/in6|netinet6/in6|g' post-configure: diff -ruN tor-devel.orig/distinfo tor-devel/distinfo --- tor-devel.orig/distinfo 2008-03-06 04:45:40.000000000 -0500 +++ tor-devel/distinfo 2008-03-19 16:11:48.652231402 -0400 @@ -1,3 +1,3 @@ -MD5 (tor-0.2.0.21-rc.tar.gz) = cfedbbc30e687b427e0aa0d006fde0c6 -SHA256 (tor-0.2.0.21-rc.tar.gz) = 6b7b161be6c573b42caaab5e4201b7797264f0dc2d27119872587f00007a68ba -SIZE (tor-0.2.0.21-rc.tar.gz) = 1540586 +MD5 (tor-0.2.0.22-rc.tar.gz) = 9404ea3f6e4b01af01a34e95cd937723 +SHA256 (tor-0.2.0.22-rc.tar.gz) = f2bed9305107d36828d4becd7e186c6aa514d713e456d4ecbc20782def55cfdd +SIZE (tor-0.2.0.22-rc.tar.gz) = 1541300 >Release-Note: >Audit-Trail: >Unformatted: