diff options
author | ng0 <ng0@pkgsrc.org> | 2019-12-10 13:06:23 +0000 |
---|---|---|
committer | ng0 <ng0@pkgsrc.org> | 2019-12-10 13:06:23 +0000 |
commit | 49d02d2e356516192138c59a342846fea9a05946 (patch) | |
tree | 0c84127190f30c1222ed32e19706708033ada036 /net/tor | |
parent | 6a9c7178ff74f31ac4f3a96734ed313f4af47a6e (diff) | |
download | pkgsrc-49d02d2e356516192138c59a342846fea9a05946.tar.gz |
Update net/tor to version 0.4.2.5
Changelog:
Changes in version 0.4.2.5 - 2019-12-09
This is the first stable release in the 0.4.2.x series. This series
improves reliability and stability, and includes several stability and
correctness improvements for onion services. It also fixes many smaller
bugs present in previous series.
Per our support policy, we will support the 0.4.2.x series for nine
months, or until three months after the release of a stable 0.4.3.x:
whichever is longer. If you need longer-term support, please stick
with 0.3.5.x, which will we plan to support until Feb 2022.
Per our support policy, we will support the 0.4.2.x series for nine
months, or until three months after the release of a stable 0.4.3.x:
whichever is longer. If you need longer-term support, please stick
with 0.3.5.x, which will we plan to support until Feb 2022.
Below are the changes since 0.4.1.4-rc. For a complete list of changes
since 0.4.1.5, see the ReleaseNotes file.
o Minor features (geoip):
- Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2
Country database. Closes ticket 32685.
o Testing:
- Require C99 standards-conforming code in Travis CI, but allow GNU
gcc extensions. Also activates clang's -Wtypedef-redefinition
warnings. Build some jobs with -std=gnu99, and some jobs without.
Closes ticket 32500.
Changes in version 0.4.2.4-rc - 2019-11-15
Tor 0.4.2.4-rc is the first release candidate in its series. It fixes
several bugs from earlier versions, including a few that would result in
stack traces or incorrect behavior.
o Minor features (build system):
- Make pkg-config use --prefix when cross-compiling, if
PKG_CONFIG_PATH is not set. Closes ticket 32191.
o Minor features (geoip):
- Update geoip and geoip6 to the November 6 2019 Maxmind GeoLite2
Country database. Closes ticket 32440.
o Minor bugfixes (client, onion service v3):
- Fix a BUG() assertion that occurs within a very small race window
between when a client intro circuit opens and when its descriptor
gets cleaned up from the cache. The circuit is now closed early,
which will trigger a re-fetch of the descriptor and continue the
connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha.
o Minor bugfixes (code quality):
- Fix "make check-includes" so it runs correctly on out-of-tree
builds. Fixes bug 31335; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (configuration):
- Log the option name when skipping an obsolete option. Fixes bug
32295; bugfix on 0.4.2.1-alpha.
o Minor bugfixes (crash):
- When running Tor with an option like --verify-config or
--dump-config that does not start the event loop, avoid crashing
if we try to exit early because of an error. Fixes bug 32407;
bugfix on 0.3.3.1-alpha.
o Minor bugfixes (directory):
- When checking if a directory connection is anonymous, test if the
circuit was marked for close before looking at its channel. This
avoids a BUG() stacktrace if the circuit was previously closed.
Fixes bug 31958; bugfix on 0.4.2.1-alpha.
o Minor bugfixes (shellcheck):
- Fix minor shellcheck errors in the git-*.sh scripts. Fixes bug
32402; bugfix on 0.4.2.1-alpha.
- Start checking most scripts for shellcheck errors again. Fixes bug
32402; bugfix on 0.4.2.1-alpha.
o Testing (continuous integration):
- Use Ubuntu Bionic images for our Travis CI builds, so we can get a
recent version of coccinelle. But leave chutney on Ubuntu Trusty,
until we can fix some Bionic permissions issues (see ticket
32240). Related to ticket 31919.
- Install the mingw OpenSSL package in Appveyor. This makes sure
that the OpenSSL headers and libraries match in Tor's Appveyor
builds. (This bug was triggered by an Appveyor image update.)
Fixes bug 32449; bugfix on 0.3.5.6-rc.
- In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241.
Changes in version 0.4.2.3-alpha - 2019-10-24
This release fixes several bugs from the previous alpha release, and
from earlier versions of Tor.
o Major bugfixes (relay):
- Relays now respect their AccountingMax bandwidth again. When
relays entered "soft" hibernation (which typically starts when
we've hit 90% of our AccountingMax), we had stopped checking
whether we should enter hard hibernation. Soft hibernation refuses
new connections and new circuits, but the existing circuits can
continue, meaning that relays could have exceeded their configured
AccountingMax. Fixes bug 32108; bugfix on 0.4.0.1-alpha.
o Major bugfixes (v3 onion services):
- Onion services now always use the exact number of intro points
configured with the HiddenServiceNumIntroductionPoints option (or
fewer if nodes are excluded). Before, a service could sometimes
pick more intro points than configured. Fixes bug 31548; bugfix
on 0.3.2.1-alpha.
o Minor feature (onion services, control port):
- The ADD_ONION command's keyword "BEST" now defaults to ED25519-V3
(v3) onion services. Previously it defaulted to RSA1024 (v2).
Closes ticket 29669.
o Minor features (testing):
- When running tests that attempt to look up hostnames, replace the
libc name lookup functions with ones that do not actually touch
the network. This way, the tests complete more quickly in the
presence of a slow or missing DNS resolver. Closes ticket 31841.
o Minor features (testing, continuous integration):
- Disable all but one Travis CI macOS build, to mitigate slow
scheduling of Travis macOS jobs. Closes ticket 32177.
- Run the chutney IPv6 networks as part of Travis CI. Closes
ticket 30860.
- Simplify the Travis CI build matrix, and optimise for build time.
Closes ticket 31859.
- Use Windows Server 2019 instead of Windows Server 2016 in our
Appveyor builds. Closes ticket 32086.
o Minor bugfixes (build system):
- Interpret "--disable-module-dirauth=no" correctly. Fixes bug
32124; bugfix on 0.3.4.1-alpha.
- Interpret "--with-tcmalloc=no" correctly. Fixes bug 32124; bugfix
on 0.2.0.20-rc.
- Stop failing when jemalloc is requested, but tcmalloc is not
found. Fixes bug 32124; bugfix on 0.3.5.1-alpha.
- When pkg-config is not installed, or a library that depends on
pkg-config is not found, tell the user what to do to fix the
problem. Fixes bug 31922; bugfix on 0.3.1.1-alpha.
o Minor bugfixes (connections):
- Avoid trying to read data from closed connections, which can cause
needless loops in Libevent and infinite loops in Shadow. Fixes bug
30344; bugfix on 0.1.1.1-alpha.
o Minor bugfixes (error handling):
- Always lock the backtrace buffer before it is used. Fixes bug
31734; bugfix on 0.2.5.3-alpha.
o Minor bugfixes (mainloop, periodic events, in-process API):
- Reset the periodic events' "enabled" flag when Tor is shut down
cleanly. Previously, this flag was left on, which caused periodic
events not to be re-enabled when Tor was relaunched in-process
with tor_api.h after a shutdown. Fixes bug 32058; bugfix
on 0.3.3.1-alpha.
o Minor bugfixes (process management):
- Remove overly strict assertions that triggered when a pluggable
transport failed to launch. Fixes bug 31091; bugfix
on 0.4.0.1-alpha.
- Remove an assertion in the Unix process backend. This assertion
would trigger when we failed to find the executable for a child
process. Fixes bug 31810; bugfix on 0.4.0.1-alpha.
o Minor bugfixes (testing):
- Avoid intermittent test failures due to a test that had relied on
inconsistent timing sources. Fixes bug 31995; bugfix
on 0.3.1.3-alpha.
- When testing port rebinding, don't busy-wait for tor to log.
Instead, actually sleep for a short time before polling again.
Also improve the formatting of control commands and log messages.
Fixes bug 31837; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (tls, logging):
- Log bugs about the TLS read buffer's length only once, rather than
filling the logs with similar warnings. Fixes bug 31939; bugfix
on 0.3.0.4-rc.
o Minor bugfixes (v3 onion services):
- Fix an implicit conversion from ssize_t to size_t discovered by
Coverity. Fixes bug 31682; bugfix on 0.4.2.1-alpha.
- Fix a memory leak in an unlikely error code path when encoding HS
DoS establish intro extension cell. Fixes bug 32063; bugfix
on 0.4.2.1-alpha.
- When cleaning up intro circuits for a v3 onion service, don't
remove circuits that have an established or pending circuit, even
if they ran out of retries. This way, we don't remove a circuit on
its last retry. Fixes bug 31652; bugfix on 0.3.2.1-alpha.
o Documentation:
- Correct the description of "GuardLifetime". Fixes bug 31189;
bugfix on 0.3.0.1-alpha.
- Make clear in the man page, in both the bandwidth section and the
AccountingMax section, that Tor counts in powers of two, not
powers of ten: 1 GByte is 1024*1024*1024 bytes, not one billion
bytes. Resolves ticket 32106.
Changes in version 0.4.2.2-alpha - 2019-10-07
This release fixes several bugs from the previous alpha release, and
from earlier versions. It also includes a change in authorities, so
that they begin to reject the currently unsupported release series.
o Major features (directory authorities):
- Directory authorities now reject relays running all currently
deprecated release series. The currently supported release series
are: 0.2.9, 0.3.5, 0.4.0, 0.4.1, and 0.4.2. Closes ticket 31549.
o Major bugfixes (embedded Tor):
- Avoid a possible crash when restarting Tor in embedded mode and
enabling a different set of publish/subscribe messages. Fixes bug
31898; bugfix on 0.4.1.1-alpha.
o Major bugfixes (torrc parsing):
- Stop ignoring torrc options after an %include directive, when the
included directory ends with a file that does not contain any
config options (but does contain comments or whitespace). Fixes
bug 31408; bugfix on 0.3.1.1-alpha.
o Minor features (auto-formatting scripts):
- When annotating C macros, never generate a line that our check-
spaces script would reject. Closes ticket 31759.
- When annotating C macros, try to remove cases of double-negation.
Closes ticket 31779.
o Minor features (continuous integration):
- When building on Appveyor and Travis, pass the "-k" flag to make,
so that we are informed of all compilation failures, not just the
first one or two. Closes ticket 31372.
o Minor features (geoip):
- Update geoip and geoip6 to the October 1 2019 Maxmind GeoLite2
Country database. Closes ticket 31931.
o Minor features (maintenance scripts):
- Add a Coccinelle script to detect bugs caused by incrementing or
decrementing a variable inside a call to log_debug(). Since
log_debug() is a macro whose arguments are conditionally
evaluated, it is usually an error to do this. One such bug was
30628, in which SENDME cells were miscounted by a decrement
operator inside a log_debug() call. Closes ticket 30743.
o Minor features (onion services v3):
- Assist users who try to setup v2 client authorization in v3 onion
services by pointing them to the right documentation. Closes
ticket 28966.
o Minor bugfixes (Appveyor continuous integration):
- Avoid spurious errors when Appveyor CI fails before the install
step. Fixes bug 31884; bugfix on 0.3.4.2-alpha.
o Minor bugfixes (best practices tracker):
- When listing overbroad exceptions, do not also list problems, and
do not list insufficiently broad exceptions. Fixes bug 31338;
bugfix on 0.4.2.1-alpha.
o Minor bugfixes (controller protocol):
- Fix the MAPADDRESS controller command to accept one or more
arguments. Previously, it required two or more arguments, and
ignored the first. Fixes bug 31772; bugfix on 0.4.1.1-alpha.
o Minor bugfixes (logging):
- Add a missing check for HAVE_PTHREAD_H, because the backtrace code
uses mutexes. Fixes bug 31614; bugfix on 0.2.5.2-alpha.
- Disable backtrace signal handlers when shutting down tor. Fixes
bug 31614; bugfix on 0.2.5.2-alpha.
- Rate-limit our the logging message about the obsolete .exit
notation. Previously, there was no limit on this warning, which
could potentially be triggered many times by a hostile website.
Fixes bug 31466; bugfix on 0.2.2.1-alpha.
- When initialising log domain masks, only set known log domains.
Fixes bug 31854; bugfix on 0.2.1.1-alpha.
o Minor bugfixes (logging, protocol violations):
- Do not log a nonfatal assertion failure when receiving a VERSIONS
cell on a connection using the obsolete v1 link protocol. Log a
protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha.
o Minor bugfixes (modules):
- Explain what the optional Directory Authority module is, and what
happens when it is disabled. Fixes bug 31825; bugfix
on 0.3.4.1-alpha.
o Minor bugfixes (multithreading):
- Avoid some undefined behaviour when freeing mutexes. Fixes bug
31736; bugfix on 0.0.7.
o Minor bugfixes (relay):
- Avoid crashing when starting with a corrupt keys directory where
the old ntor key and the new ntor key are identical. Fixes bug
30916; bugfix on 0.2.4.8-alpha.
o Minor bugfixes (tests, SunOS):
- Avoid a map_anon_nofork test failure due to a signed/unsigned
integer comparison. Fixes bug 31897; bugfix on 0.4.1.1-alpha.
o Code simplification and refactoring:
- Refactor connection_control_process_inbuf() to reduce the size of
a practracker exception. Closes ticket 31840.
- Refactor the microdescs_parse_from_string() function into smaller
pieces, for better comprehensibility. Closes ticket 31675.
- Use SEVERITY_MASK_IDX() to find the LOG_* mask indexes in the unit
tests and fuzzers, rather than using hard-coded values. Closes
ticket 31334.
- Interface for function `decrypt_desc_layer` cleaned up. Closes
ticket 31589.
o Documentation:
- Document the signal-safe logging behaviour in the tor man page.
Also add some comments to the relevant functions. Closes
ticket 31839.
- Explain why we can't destroy the backtrace buffer mutex. Explain
why we don't need to destroy the log mutex. Closes ticket 31736.
- The Tor source code repository now includes a (somewhat dated)
description of Tor's modular architecture, in doc/HACKING/design.
This is based on the old "tor-guts.git" repository, which we are
adopting and superseding. Closes ticket 31849.
Diffstat (limited to 'net/tor')
-rw-r--r-- | net/tor/Makefile | 4 | ||||
-rw-r--r-- | net/tor/distinfo | 10 | ||||
-rw-r--r-- | net/tor/options.mk | 6 |
3 files changed, 12 insertions, 8 deletions
diff --git a/net/tor/Makefile b/net/tor/Makefile index 1f9f5a608ff..7df519a1358 100644 --- a/net/tor/Makefile +++ b/net/tor/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.146 2019/11/03 11:45:55 rillig Exp $ +# $NetBSD: Makefile,v 1.147 2019/12/10 13:06:23 ng0 Exp $ -DISTNAME= tor-0.4.1.6 +DISTNAME= tor-0.4.2.5 CATEGORIES= net security MASTER_SITES= https://dist.torproject.org/ diff --git a/net/tor/distinfo b/net/tor/distinfo index c1da47995d1..ddb6c2338c8 100644 --- a/net/tor/distinfo +++ b/net/tor/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.102 2019/11/24 18:42:16 ng0 Exp $ +$NetBSD: distinfo,v 1.103 2019/12/10 13:06:23 ng0 Exp $ SHA1 (digest-0.7.2.crate) = 5b9c88bbbd10db277eb81489d4fd98222c81f654 RMD160 (digest-0.7.2.crate) = e1754858a8cc3376e4b1faaa2ab950f5c5a9ff26 @@ -20,10 +20,10 @@ SHA1 (rand_core-0.2.0-pre.0.crate) = 21ea25e01766a26dbbd71997c5c3f358f3454980 RMD160 (rand_core-0.2.0-pre.0.crate) = cbd3dc9ad06727ca36c296f4d33ec695e25b7bb9 SHA512 (rand_core-0.2.0-pre.0.crate) = b14f88e529fe99b7b9774fc8e1233b44192e253a8a27bfc4da1a7ae99104b6b697068bd19faab85df3427e557a5182892f81f481dd89e8eb6921ec390ca752e9 Size (rand_core-0.2.0-pre.0.crate) = 19211 bytes -SHA1 (tor-0.4.1.6.tar.gz) = 43dbea19932ec589c498d27f64df41816d9043c7 -RMD160 (tor-0.4.1.6.tar.gz) = 4d4ccc798a057a75e6d5282d01ddaf306341e0f4 -SHA512 (tor-0.4.1.6.tar.gz) = 9e4625216e25b9498d6054a9920e5a8932ca7b28c5131062eac637b69c80cdf05bc3fd008b833e5359d8849e256f1f405abd56b07f50fd91077b153ba60503da -Size (tor-0.4.1.6.tar.gz) = 7390096 bytes +SHA1 (tor-0.4.2.5.tar.gz) = 975653be50ff68040734ed422fb517799c4914ed +RMD160 (tor-0.4.2.5.tar.gz) = a9e4a5b96fb75445e711cda7c9ecccb927046449 +SHA512 (tor-0.4.2.5.tar.gz) = e63157713caa3590324f652f17c5c5634bab015dcde5c7832eb725351c3a91c1051dd8a95650502703e9c3dd5daefc2867ff3d20530dfec17310bb3dd4bb5b7d +Size (tor-0.4.2.5.tar.gz) = 7596836 bytes SHA1 (typenum-1.9.0.crate) = 76b18bc10204c28798cd32d10fd0df349d4cb5e4 RMD160 (typenum-1.9.0.crate) = 6468f8efe8e91edac71dfd4e28c46581a2f0d457 SHA512 (typenum-1.9.0.crate) = 8b72af1e370cf9d9308287baf4fc7c6096c4923d1c52fe0313c23c84077d74196aa4d997ecf195842d8242c871b0fd0da111f7914664be1841c97315e3ba6abb diff --git a/net/tor/options.mk b/net/tor/options.mk index 11f2bc91eab..e65653ecc2b 100644 --- a/net/tor/options.mk +++ b/net/tor/options.mk @@ -1,4 +1,4 @@ -# $NetBSD: options.mk,v 1.9 2019/11/24 18:42:16 ng0 Exp $ +# $NetBSD: options.mk,v 1.10 2019/12/10 13:06:23 ng0 Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.tor PKG_SUPPORTED_OPTIONS= doc rust @@ -41,6 +41,10 @@ BUILDLINK_API_DEPENDS.rust+= rust>=1.34.0 pre-configure: cd ${WRKSRC} && ${MKDIR} -p src/rust/target/release +# \todo: Maybe we should add a path option to show-cargo-depends. +show-tor-cargo-depends: + ${RUN}${AWK} '/^\"checksum/ { print "CARGO_CRATE_DEPENDS+=\t" $$2 "-" $$3""; next } ' ${WRKSRC}/src/rust/Cargo.lock + .else CONFIGURE_ARGS+= --disable-rust .endif |