Pullup ticket 1961 - requested by tv

security update for tor

Revisions pulled up:
- pkgsrc/net/tor/Makefile			1.34, 1.36, 1.38
- pkgsrc/net/tor/distinfo			1.21, 1.22, 1.23
- pkgsrc/net/tor/patches/patch-ae		removed

   Module Name:		pkgsrc
   Committed By:	tv
   Date:		Mon Oct  9 00:51:26 UTC 2006

   Modified Files:
   	pkgsrc/net/tor: Makefile distinfo
   Removed Files:
   	pkgsrc/net/tor/patches: patch-ae

   Log Message:
   Update to 0.1.1.24.  Changes:

   Changes in version 0.1.1.24 - 2006-09-29
    o Major bugfixes:
      - Allow really slow clients to not hang up five minutes into their
        directory downloads (suggested by Adam J. Richter).
      - Fix major performance regression from 0.1.0.x: instead of checking
        whether we have enough directory information every time we want to
        do something, only check when the directory information has changed.
        This should improve client CPU usage by 25-50%.
      - Don't crash if, after a server has been running for a while,
        it can't resolve its hostname.
      - When a client asks us to resolve (not connect to) an address,
        and we have a cached answer, give them the cached answer.
        Previously, we would give them no answer at all.

    o Minor bugfixes:
      - Allow Tor to start when RunAsDaemon is set but no logs are set.
      - Don't crash when the controller receives a third argument to an
        "extendcircuit" request.
      - Controller protocol fixes: fix encoding in "getinfo addr-mappings"
        response; fix error code when "getinfo dir/status/" fails.
      - Fix configure.in to not produce broken configure files with
        more recent versions of autoconf. Thanks to Clint for his auto*
        voodoo.
      - Fix security bug on NetBSD that could allow someone to force
        uninitialized RAM to be sent to a server's DNS resolver. This
        only affects NetBSD and other platforms that do not bounds-check
        tolower().
      - Warn user when using libevent 1.1a or earlier with win32 or kqueue
        methods: these are known to be buggy.
      - If we're a directory mirror and we ask for "all" network status
        documents, we would discard status documents from authorities
        we don't recognize.
---
   Module Name:		pkgsrc
   Committed By:	tv
   Date:		Wed Nov  8 19:41:10 UTC 2006

   Modified Files:
   	pkgsrc/net/tor: Makefile distinfo

   Log Message:
   Update to 0.1.1.25.

   Changes in version 0.1.1.25 - 2006-11-04
     o Major bugfixes:
       - When a client asks us to resolve (rather than connect to)
         an address, and we have a cached answer, give them the cached
         answer. Previously, we would give them no answer at all.
       - We were building exactly the wrong circuits when we predict
         hidden service requirements, meaning Tor would have to build all
         its circuits on demand.
       - If none of our live entry guards have a high uptime, but we
         require a guard with a high uptime, try adding a new guard before
         we give up on the requirement. This patch should make long-lived
         connections more stable on average.
       - When testing reachability of our DirPort, don't launch new
         tests when there's already one in progress -- unreachable
         servers were stacking up dozens of testing streams.

     o Security bugfixes:
       - When the user sends a NEWNYM signal, clear the client-side DNS
         cache too. Otherwise we continue to act on previous information.

     o Minor bugfixes:
       - Avoid a memory corruption bug when creating a hash table for
         the first time.
       - Avoid possibility of controller-triggered crash when misusing
         certain commands from a v0 controller on platforms that do not
         handle printf("%s",NULL) gracefully.
       - Avoid infinite loop on unexpected controller input.
       - Don't log spurious warnings when we see a circuit close reason we
         don't recognize; it's probably just from a newer version of Tor.
       - Add Vidalia to the OS X uninstaller script, so when we uninstall
         Tor/Privoxy we also uninstall Vidalia.
---
   Module Name:		pkgsrc
   Committed By:	tv
   Date:		Sun Dec 17 21:53:44 UTC 2006

   Modified Files:
   	pkgsrc/net/tor: Makefile distinfo

   Log Message:
   Update to 0.1.1.26 to fix information disclosure vuln.

   Changes in version 0.1.1.26 - 2006-12-14
    o Security bugfixes:
      - Stop sending the HttpProxyAuthenticator string to directory
        servers when directory connections are tunnelled through Tor.
      - Clients no longer store bandwidth history in the state file.
      - Do not log introduction points for hidden services if SafeLogging
        is set.

    o Minor bugfixes:
      - Fix an assert failure when a directory authority sets
        AuthDirRejectUnlisted and then receives a descriptor from an
        unlisted router (reported by seeess).

3 files changed, 6 insertions, 20 deletions

diff --git a/net/tor/Makefile b/net/tor/Makefile
index 7dd5ce0afd0..3e4c4893526 100644
--- a/net/tor/Makefile
+++ b/net/tor/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.33 2006/08/04 15:08:55 tv Exp $
+# $NetBSD: Makefile,v 1.33.2.1 2006/12/18 20:17:52 salo Exp $
 #
 
-DISTNAME=		tor-0.1.1.23
+DISTNAME=		tor-0.1.1.26
 CATEGORIES=		net security
 MASTER_SITES=		http://tor.eff.org/dist/
 
diff --git a/net/tor/distinfo b/net/tor/distinfo
index 3b1c340340d..e74f1d3333d 100644
--- a/net/tor/distinfo
+++ b/net/tor/distinfo
@@ -1,8 +1,7 @@
-$NetBSD: distinfo,v 1.20 2006/08/04 15:08:55 tv Exp $
+$NetBSD: distinfo,v 1.20.2.1 2006/12/18 20:17:52 salo Exp $
 
-SHA1 (tor-0.1.1.23.tar.gz) = d3f0120f5a18658231127281343aafb6c06aed70
-RMD160 (tor-0.1.1.23.tar.gz) = e958ed22f44e5f06736cadb5406dad04510a69f5
-Size (tor-0.1.1.23.tar.gz) = 847906 bytes
+SHA1 (tor-0.1.1.26.tar.gz) = 4d754ee52e20ae99179a74245a5288527c179ab6
+RMD160 (tor-0.1.1.26.tar.gz) = cc1ce91d96dc25a963d1f49f7965db106890949a
+Size (tor-0.1.1.26.tar.gz) = 893367 bytes
 SHA1 (patch-ac) = 3e3a6bce4da2a55b60a52fcc4a575eaceb6a2aa8
 SHA1 (patch-ad) = f0ead230249a0341b5d15c47d9361bd6e16ec23a
-SHA1 (patch-ae) = 9a1daff00de130028ec3be6c4ba1a4bd17e16a69
diff --git a/net/tor/patches/patch-ae b/net/tor/patches/patch-ae
deleted file mode 100644
index 73f8ed109e8..00000000000
--- a/net/tor/patches/patch-ae
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2006/07/09 15:03:55 jschauma Exp $
-
---- src/config/torrc.sample.in.orig	2006-07-09 10:44:17.000000000 -0400
-+++ src/config/torrc.sample.in		2006-07-09 10:44:25.000000000 -0400
-@@ -43,7 +43,7 @@
- ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
- #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
- ## Use the system log instead of Tor's logfiles
--#Log notice syslog
-+Log notice syslog
- ## To send all messages to stderr:
- #Log debug stderr
-