From da2c8cc672b8f45bbb52d8ac7bb145705c707ac1 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Thu, 17 Mar 2016 21:13:01 +0800 Subject: [PATCH 01/13] tor: remove tor-fw-helper The "internal pure-C" tor-fw-helper was removed in 0.2.7.5. This removes the tor-fw-helper package and references to its dependencies. Signed-off-by: Jeffery To --- net/tor/Makefile | 28 +++------------------------- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index ce2135ec8d..27c62fda64 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2008-2014 OpenWrt.org +# Copyright (C) 2008-2016 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor PKG_VERSION:=0.2.7.6 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.torproject.org/dist \ @@ -18,7 +18,6 @@ PKG_MD5SUM:=cc19107b57136a68e8c563bf2d35b072 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE -PKG_BUILD_DEPENDS:=libminiupnpc libnatpmp PKG_INSTALL:=1 include $(INCLUDE_DIR)/package.mk @@ -49,17 +48,6 @@ $(call Package/tor/Default/description) This package contains the tor daemon. endef -define Package/tor-fw-helper -$(call Package/tor/Default) - TITLE:=Firewall helper for tor - DEPENDS:=+tor +libminiupnpc +libnatpmp -endef - -define Package/tor-fw-helper/description -$(call Package/tor/Default/description) - This package contains a helper for automatically configuring port forwarding. -endef - define Package/tor-geoip $(call Package/tor/Default) TITLE:=GeoIP db for tor @@ -78,10 +66,6 @@ endef CONFIGURE_ARGS += \ --with-libevent-dir="$(STAGING_DIR)/usr" \ --with-ssl-dir="$(STAGING_DIR)/usr" \ - --enable-upnp \ - --with-libminiupnpc-dir="$(STAGING_DIR)/usr" \ - --enable-nat-pmp \ - --with-libnatpmp-dir="$(STAGING_DIR)/usr" \ --disable-asciidoc \ --disable-seccomp @@ -92,7 +76,7 @@ ifneq ($(CONFIG_SSP_SUPPORT),y) CFLAGS="$(TARGET_CFLAGS) -std=gnu99" else MAKE_FLAGS += \ - CFLAGS="$(TARGET_CFLAGS) -fPIC -std=gnu99" + CFLAGS="$(TARGET_CFLAGS) -fPIC -std=gnu99" endif CONFIGURE_VARS += \ @@ -107,16 +91,10 @@ define Package/tor/install $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/tor/torrc.sample $(1)/etc/tor/torrc endef -define Package/tor-fw-helper/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-fw-helper $(1)/usr/bin/ -endef - define Package/tor-geoip/install $(INSTALL_DIR) $(1)/usr/share/tor $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/ endef $(eval $(call BuildPackage,tor)) -$(eval $(call BuildPackage,tor-fw-helper)) $(eval $(call BuildPackage,tor-geoip)) From 37b5a5761e449280c369fb355b21d5bf09bc0c3e Mon Sep 17 00:00:00 2001 From: Karl Palsson Date: Tue, 24 May 2016 09:01:38 +0000 Subject: [PATCH 02/13] tor: correct URL for dist downloads Original url was 404. Fixes Github issue #2284 --- net/tor/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 27c62fda64..d77c80fcff 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -12,7 +12,7 @@ PKG_VERSION:=0.2.7.6 PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://www.torproject.org/dist \ +PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive PKG_MD5SUM:=cc19107b57136a68e8c563bf2d35b072 PKG_MAINTAINER:=Hauke Mehrtens From e02b4a77930e50e6e7b6b75f187d8bdce274b1df Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Sun, 24 Jul 2016 14:55:45 +0200 Subject: [PATCH 03/13] tor: add missing zlib dependency Signed-off-by: Felix Fietkau --- net/tor/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index d77c80fcff..1c685d3ba4 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -40,7 +40,7 @@ endef define Package/tor $(call Package/tor/Default) TITLE:=An anonymous Internet communication system - DEPENDS:=+libevent2 +libopenssl +libpthread +librt + DEPENDS:=+libevent2 +libopenssl +libpthread +librt +zlib endef define Package/tor/description From aa224c9ae169bd6b17e6cd1ce604c898e21ec2f0 Mon Sep 17 00:00:00 2001 From: Nima Fatemi Date: Wed, 26 Oct 2016 16:54:44 +0000 Subject: [PATCH 04/13] Tor: update to 0.2.8.9 - update to 0.2.8.9 - use sha256 instead of md5 for integrity check - add dependency: libcap signed-off-by: Nima Fatemi --- net/tor/Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 1c685d3ba4..ccdd47b655 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.7.6 -PKG_RELEASE:=2 +PKG_VERSION:=0.2.8.9 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=cc19107b57136a68e8c563bf2d35b072 +PKG_MD5SUM:=3f5c273bb887be4aff11f4d99b9e2e52d293b81ff4f6302b730161ff16dc5316 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE @@ -40,7 +40,7 @@ endef define Package/tor $(call Package/tor/Default) TITLE:=An anonymous Internet communication system - DEPENDS:=+libevent2 +libopenssl +libpthread +librt +zlib + DEPENDS:=+libevent2 +libopenssl +libpthread +librt +zlib +libcap endef define Package/tor/description From 030c7796efdb210e06acc602af271c37a8f9e9df Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sun, 11 Dec 2016 23:56:19 +0100 Subject: [PATCH 05/13] tor: update to version 0.2.8.11 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 4 ++-- net/tor/patches/001-torrc.patch | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index ccdd47b655..570140d439 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.8.9 +PKG_VERSION:=0.2.8.11 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=3f5c273bb887be4aff11f4d99b9e2e52d293b81ff4f6302b730161ff16dc5316 +PKG_MD5SUM:=7adea0bfa17edafd4e09453f4f58a0dca737660e5358f9dafd52d55d55dc6ab3 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE diff --git a/net/tor/patches/001-torrc.patch b/net/tor/patches/001-torrc.patch index e295219f1e..47e04f93f7 100644 --- a/net/tor/patches/001-torrc.patch +++ b/net/tor/patches/001-torrc.patch @@ -1,6 +1,6 @@ --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in -@@ -45,11 +45,11 @@ +@@ -46,11 +46,11 @@ ## Uncomment this to start the process in the background... or use ## --runasdaemon 1 on the command line. This is ignored on Windows; ## see the FAQ entry if you want Tor to run as an NT service. @@ -14,7 +14,7 @@ ## The port on which Tor will listen for local connections from Tor ## controller applications, as documented in control-spec.txt. -@@ -190,3 +190,4 @@ +@@ -202,3 +202,4 @@ ## address manually to your friends, uncomment this line: #PublishServerDescriptor 0 From 88e4f98f2c8bcea0fe7e5260d27fe0f045cd9cd8 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:28:02 +0100 Subject: [PATCH 06/13] tor: update to version 0.2.9.8 In addition update some configure options and use EXTRA_CFLAGS. Setting RunAsDaemon to 1 will be overwritten by the init script option "--runasdaemon 0" anyway and we want it in foreground for procd. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 20 +++++++++++++------- net/tor/patches/001-torrc.patch | 9 ++------- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index 570140d439..e4299cc981 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.8.11 +PKG_VERSION:=0.2.9.8 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=7adea0bfa17edafd4e09453f4f58a0dca737660e5358f9dafd52d55d55dc6ab3 +PKG_MD5SUM:=fbdd33d3384574297b88744622382008d1e0f9ddd300d330746c464b7a7d746a PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE @@ -66,17 +66,23 @@ endef CONFIGURE_ARGS += \ --with-libevent-dir="$(STAGING_DIR)/usr" \ --with-ssl-dir="$(STAGING_DIR)/usr" \ + --with-openssl-dir="$(STAGING_DIR)/usr" \ + --with-zlib-dir="$(STAGING_DIR)/usr" \ --disable-asciidoc \ - --disable-seccomp + --disable-seccomp \ + --disable-libscrypt \ + --disable-unittests \ + --disable-largefile \ + --with-tor-user=tor \ + --with-tor-group=tor + +EXTRA_CFLAGS += -std=gnu99 ifneq ($(CONFIG_SSP_SUPPORT),y) CONFIGURE_ARGS += \ --disable-gcc-hardening - MAKE_FLAGS += \ - CFLAGS="$(TARGET_CFLAGS) -std=gnu99" else - MAKE_FLAGS += \ - CFLAGS="$(TARGET_CFLAGS) -fPIC -std=gnu99" + EXTRA_CFLAGS += -fPIC endif CONFIGURE_VARS += \ diff --git a/net/tor/patches/001-torrc.patch b/net/tor/patches/001-torrc.patch index 47e04f93f7..eb315a077b 100644 --- a/net/tor/patches/001-torrc.patch +++ b/net/tor/patches/001-torrc.patch @@ -1,11 +1,6 @@ --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in -@@ -46,11 +46,11 @@ - ## Uncomment this to start the process in the background... or use - ## --runasdaemon 1 on the command line. This is ignored on Windows; - ## see the FAQ entry if you want Tor to run as an NT service. --#RunAsDaemon 1 -+RunAsDaemon 1 +@@ -50,7 +50,7 @@ ## The directory for keeping all the keys/etc. By default, we store ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. @@ -14,7 +9,7 @@ ## The port on which Tor will listen for local connections from Tor ## controller applications, as documented in control-spec.txt. -@@ -202,3 +202,4 @@ +@@ -204,3 +204,4 @@ ## address manually to your friends, uncomment this line: #PublishServerDescriptor 0 From 4001649ed569bc788f83ed531e9ef5117a584aca Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:29:19 +0100 Subject: [PATCH 07/13] tor: preserve tor keys over sysupgrade Mark the directories containing the keys for hidden services as conffiles to preserve them over sysupgrade. Fixes: #2247 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index e4299cc981..17e80f1397 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -61,6 +61,8 @@ endef define Package/tor/conffiles /etc/tor/torrc +/var/lib/tor/fingerprint +/var/lib/tor/keys/* endef CONFIGURE_ARGS += \ From 5228fe11d8cd00f9565f5697898731642baee26e Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:26:41 +0100 Subject: [PATCH 08/13] tor: add geoip6 to tor-geoip This add the IPv6 addresses to the tor-geoip6 package. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index 17e80f1397..ad1ca87fde 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -102,6 +102,7 @@ endef define Package/tor-geoip/install $(INSTALL_DIR) $(1)/usr/share/tor $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip6 $(1)/usr/share/tor/ endef $(eval $(call BuildPackage,tor)) From e6ea3339fed1b618e69210c452f2fc4ab9123189 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 15:38:14 +0100 Subject: [PATCH 09/13] tor: add tor-gencert, tor-resolve and torify These are some additional applications build by the tor package. Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/net/tor/Makefile b/net/tor/Makefile index ad1ca87fde..b00698033d 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -48,6 +48,28 @@ $(call Package/tor/Default/description) This package contains the tor daemon. endef +define Package/tor-gencert +$(call Package/tor/Default) + TITLE:=Tor certificate generation + DEPENDS:=+tor +endef + +define Package/tor-gencert/description +$(call Package/tor/Default/description) + Generate certs and keys for Tor directory authorities +endef + +define Package/tor-resolve +$(call Package/tor/Default) + TITLE:=tor hostname resolve + DEPENDS:=+tor +endef + +define Package/tor-resolve/description +$(call Package/tor/Default/description) + Resolve a hostname to an IP address via tor +endef + define Package/tor-geoip $(call Package/tor/Default) TITLE:=GeoIP db for tor @@ -93,12 +115,23 @@ CONFIGURE_VARS += \ define Package/tor/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor $(1)/usr/sbin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/torify $(1)/usr/sbin/ $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/tor.init $(1)/etc/init.d/tor $(INSTALL_DIR) $(1)/etc/tor $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/tor/torrc.sample $(1)/etc/tor/torrc endef +define Package/tor-gencert/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-gencert $(1)/usr/sbin/ +endef + +define Package/tor-resolve/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-resolve $(1)/usr/sbin/ +endef + define Package/tor-geoip/install $(INSTALL_DIR) $(1)/usr/share/tor $(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/ @@ -106,4 +139,6 @@ define Package/tor-geoip/install endef $(eval $(call BuildPackage,tor)) +$(eval $(call BuildPackage,tor-gencert)) +$(eval $(call BuildPackage,tor-resolve)) $(eval $(call BuildPackage,tor-geoip)) From b05cb4e4bd9507b7521788e811361695b329aed6 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 14 Jan 2017 17:40:43 +0100 Subject: [PATCH 10/13] tor: log to syslog by default Make tor log to syslog by default instead of stdout. Signed-off-by: Hauke Mehrtens --- net/tor/patches/001-torrc.patch | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/net/tor/patches/001-torrc.patch b/net/tor/patches/001-torrc.patch index eb315a077b..1a784d2ffa 100644 --- a/net/tor/patches/001-torrc.patch +++ b/net/tor/patches/001-torrc.patch @@ -1,5 +1,14 @@ --- a/src/config/torrc.sample.in +++ b/src/config/torrc.sample.in +@@ -39,7 +39,7 @@ + ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log + #Log debug file @LOCALSTATEDIR@/log/tor/debug.log + ## Use the system log instead of Tor's logfiles +-#Log notice syslog ++Log notice syslog + ## To send all messages to stderr: + #Log debug stderr + @@ -50,7 +50,7 @@ ## The directory for keeping all the keys/etc. By default, we store From 83dba23e0a495fb8a00462e088d9c39563ddac26 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Tue, 31 Jan 2017 23:44:00 +0100 Subject: [PATCH 11/13] tor: update to version 0.2.9.9 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index b00698033d..b6ab886c2a 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.9.8 +PKG_VERSION:=0.2.9.9 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=fbdd33d3384574297b88744622382008d1e0f9ddd300d330746c464b7a7d746a +PKG_MD5SUM:=33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE From 7d5da97506dce0f187ead8c1e28e40bb49f4d0c9 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Mon, 13 Mar 2017 22:31:21 +0100 Subject: [PATCH 12/13] tor: update to version 0.2.9.10 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index b6ab886c2a..ad110b2ac0 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,13 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.9.9 +PKG_VERSION:=0.2.9.10 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43 +PKG_MD5SUM:=6760a646a096b61e307b84fb5ae93cc7 +PKG_HASH:=d611283e1fb284b5f884f8c07e7d3151016851848304f56cfdf3be2a88bd1341 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE From e37a60ef3aafd1e3ac6ef20a0bf95f3cef2465b0 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Mon, 3 Jul 2017 23:00:29 +0200 Subject: [PATCH 13/13] tor: update to version 0.2.9.11 This fixes CVE-2017-0376 Signed-off-by: Hauke Mehrtens --- net/tor/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/tor/Makefile b/net/tor/Makefile index ad110b2ac0..ed5551f9c7 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tor -PKG_VERSION:=0.2.9.10 +PKG_VERSION:=0.2.9.11 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://dist.torproject.org/ \ https://archive.torproject.org/tor-package-archive -PKG_MD5SUM:=6760a646a096b61e307b84fb5ae93cc7 -PKG_HASH:=d611283e1fb284b5f884f8c07e7d3151016851848304f56cfdf3be2a88bd1341 +PKG_MD5SUM:=763ae964e916c2a7a4c5015d351fcf8b +PKG_HASH:=c1959bebff9a546a54cbedb58c8289a42441991af417d2d16f7b336be8903221 PKG_MAINTAINER:=Hauke Mehrtens PKG_LICENSE_FILES:=LICENSE