From 5c3a344f6e591f1182c6f452467103cef27b5ac8 Mon Sep 17 00:00:00 2001 From: Yuri Victorovich Date: Sat, 3 Mar 2018 16:00:48 +0000 Subject: [PATCH] security/tor: Update to 0.3.2.10 Backport of countermeasures to mitigate denial-of-service attacks against the Tor network. Changelog is in: https://gitweb.torproject.org/tor.git/tree/ChangeLog None of these fixes appear to be essential for clients, but relays should upgrade. Port changes: * Changed the implementation of 'tor_setuid': now it is done through the command line argument, instead of the torrc file. Reported by: Nick Mathewson (notification) Approved by: tcberner (mentor, implicit) --- security/tor/Makefile | 2 +- security/tor/distinfo | 6 +++--- security/tor/files/tor.in | 13 ++++++------- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/security/tor/Makefile b/security/tor/Makefile index 2f6d74f64ff4..8bfb5178adec 100644 --- a/security/tor/Makefile +++ b/security/tor/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= tor -DISTVERSION= 0.3.2.9 +DISTVERSION= 0.3.2.10 CATEGORIES= security net ipv6 MASTER_SITES= TOR diff --git a/security/tor/distinfo b/security/tor/distinfo index 9627d206c612..34d44f70942c 100644 --- a/security/tor/distinfo +++ b/security/tor/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1515542628 -SHA256 (tor-0.3.2.9.tar.gz) = 435a7b91aa98d8b1a0ac1f60ca30c0ff3665b18a02e570bab5fe27935829160f -SIZE (tor-0.3.2.9.tar.gz) = 6250442 +TIMESTAMP = 1520087667 +SHA256 (tor-0.3.2.10.tar.gz) = 60df77c31dcf94fdd686c8ca8c34f3b70243b33a7344ecc0b719d5ca2617cbee +SIZE (tor-0.3.2.10.tar.gz) = 6421984 diff --git a/security/tor/files/tor.in b/security/tor/files/tor.in index 48374620e1b5..d78dd2e2df68 100644 --- a/security/tor/files/tor.in +++ b/security/tor/files/tor.in @@ -114,16 +114,15 @@ command="%%PREFIX%%/bin/${name}" command_args="-f ${tor_conf} --PidFile ${tor_pidfile} --RunAsDaemon 1 --DataDirectory ${tor_datadir}" extra_commands="reload" +# clear user setting in conf file: it should be done through the command line +if grep -q "^User ${tor_user}$" ${tor_conf}; then + sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} +fi + if [ $tor_setuid = "YES" ]; then - if ! grep -q "^User ${tor_user}$" ${tor_conf}; then - echo "User ${tor_user}" >> ${tor_conf} - fi + command_args="${command_args} --User ${tor_user}" tor_user="root" tor_group="wheel" -else - if grep -q "^User ${tor_user}$" ${tor_conf}; then - sed -i '' -e "s/^User ${tor_user}$//" ${tor_conf} - fi fi if ! run_rc_command "$1"; then