From owner-svn-ports-branches@freebsd.org Sat Mar 10 13:48:18 2018 Return-Path: Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DBD4FF38D9C; Sat, 10 Mar 2018 13:48:17 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 97FD4740E0; Sat, 10 Mar 2018 13:48:16 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3D7C86B1C; Sat, 10 Mar 2018 13:48:15 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w2ADmFPI021133; Sat, 10 Mar 2018 13:48:15 GMT (envelope-from feld@FreeBSD.org) Received: (from feld@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w2ADmE7s021129; Sat, 10 Mar 2018 13:48:14 GMT (envelope-from feld@FreeBSD.org) Message-Id: <201803101348.w2ADmE7s021129@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: feld set sender to feld@FreeBSD.org using -f From: Mark Felder Date: Sat, 10 Mar 2018 13:48:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r464074 - in branches/2018Q1/security/tor: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: feld X-SVN-Commit-Paths: in branches/2018Q1/security/tor: . files X-SVN-Commit-Revision: 464074 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-branches@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for all the branches of the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Mar 2018 13:48:18 -0000 Author: feld Date: Sat Mar 10 13:48:14 2018 New Revision: 464074 URL: https://svnweb.freebsd.org/changeset/ports/464074 Log: MFH: r458993 r463489 security/tor: Update to 0.3.2.9 This release contains many new features and many bugfixes. Plesee see the complete list here: https://blog.torproject.org/tor-0329-released-we-have-new-stable-series Additionally, this update adds "#include " to qualm the compiler warning that was caused by the previous fix. Now security/tor and security/tor-devel are identical. security/tor: Update to 0.3.2.10 Backport of countermeasures to mitigate denial-of-service attacks against the Tor network. Changelog is in: https://gitweb.torproject.org/tor.git/tree/ChangeLog None of these fixes appear to be essential for clients, but relays should upgrade. Port changes: * Changed the implementation of 'tor_setuid': now it is done through the command line argument, instead of the torrc file. Modified: branches/2018Q1/security/tor/Makefile branches/2018Q1/security/tor/distinfo branches/2018Q1/security/tor/files/patch-orconfig.h.in branches/2018Q1/security/tor/files/tor.in Directory Properties: branches/2018Q1/ (props changed) Modified: branches/2018Q1/security/tor/Makefile ============================================================================== --- branches/2018Q1/security/tor/Makefile Sat Mar 10 13:12:26 2018 (r464073) +++ branches/2018Q1/security/tor/Makefile Sat Mar 10 13:48:14 2018 (r464074) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= tor -PORTVERSION= 0.3.1.9 -PORTREVISION= 1 +DISTVERSION= 0.3.2.10 CATEGORIES= security net ipv6 MASTER_SITES= TOR Modified: branches/2018Q1/security/tor/distinfo ============================================================================== --- branches/2018Q1/security/tor/distinfo Sat Mar 10 13:12:26 2018 (r464073) +++ branches/2018Q1/security/tor/distinfo Sat Mar 10 13:48:14 2018 (r464074) @@ -1,3 +1,3 @@ -TIMESTAMP = 1512146746 -SHA256 (tor-0.3.1.9.tar.gz) = 6e1b04f7890e782fd56014a0de5075e4ab29b52a35d8bca1f6b80c93f58f3d26 -SIZE (tor-0.3.1.9.tar.gz) = 6092702 +TIMESTAMP = 1520087667 +SHA256 (tor-0.3.2.10.tar.gz) = 60df77c31dcf94fdd686c8ca8c34f3b70243b33a7344ecc0b719d5ca2617cbee +SIZE (tor-0.3.2.10.tar.gz) = 6421984 Modified: branches/2018Q1/security/tor/files/patch-orconfig.h.in ============================================================================== --- branches/2018Q1/security/tor/files/patch-orconfig.h.in Sat Mar 10 13:12:26 2018 (r464073) +++ branches/2018Q1/security/tor/files/patch-orconfig.h.in Sat Mar 10 13:48:14 2018 (r464074) @@ -1,9 +1,10 @@ --- orconfig.h.in.orig 2017-11-30 20:34:49 UTC +++ orconfig.h.in -@@ -517,7 +517,9 @@ +@@ -517,7 +517,10 @@ #undef HAVE_TIME_H /* Define to 1 if you have the `timingsafe_memcmp' function. */ ++#include +#if __FreeBSD_version >= 1200000 // disabled: timingsafe_memcmp(3) has been added only in 12.0, and isn't yet available on older systems #undef HAVE_TIMINGSAFE_MEMCMP +#endif Modified: branches/2018Q1/security/tor/files/tor.in ============================================================================== --- branches/2018Q1/security/tor/files/tor.in Sat Mar 10 13:12:26 2018 (r464073) +++ branches/2018Q1/security/tor/files/tor.in Sat Mar 10 13:48:14 2018 (r464074) @@ -114,16 +114,15 @@ command="%%PREFIX%%/bin/${name}" command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir}" extra_commands="reload" +# clear user setting in conf file: it should be done through the command line +if grep -q "^User ${tor_user}$" ${tor_conf}; then + sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} +fi + if [ $tor_setuid = "YES" ]; then - if ! grep -q "^User ${tor_user}$" ${tor_conf}; then - echo "User ${tor_user}" >> ${tor_conf} - fi + command_args="${command_args} --User ${tor_user}" tor_user="root" tor_group="wheel" -else - if grep -q "^User ${tor_user}$" ${tor_conf}; then - sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} - fi fi if ! run_rc_command "$1"; then