Initial commit
このコミットが含まれているのは:
コミット
5ce2813eeb
|
@ -0,0 +1,36 @@
|
|||
# OpenBSD Ports
|
||||
Modified OpenBSD 7.2 ports. Everything here works with OpenBSD 7.2.
|
||||
|
||||
## How to install
|
||||
First if you haven't done so, download and unpack the ports tree for your current OpenBSD version.
|
||||
|
||||
These instructions are taken from https://www.openbsd.org/faq/ports/ports.html#PortsFetch
|
||||
|
||||
```
|
||||
cd /tmp
|
||||
ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/{ports.tar.gz,SHA256.sig}
|
||||
signify -Cp /etc/signify/openbsd-$(uname -r | cut -c 1,3)-base.pub -x SHA256.sig ports.tar.gz
|
||||
cd /usr
|
||||
tar xzf /tmp/ports.tar.gz
|
||||
```
|
||||
|
||||
Then remove some ports and unpack this git repo on top of the ports tree with the instructions below:
|
||||
|
||||
```
|
||||
rm -rf /usr/ports/net/{i2pd,tor}
|
||||
cd /tmp
|
||||
ftp https://gitler.moe/koishi/openbsd-ports/archive/master.tar.gz
|
||||
tar xzvf /tmp/master.tar.gz
|
||||
mv /tmp/openbsd-ports/net/* /usr/ports/net/
|
||||
```
|
||||
|
||||
## Installing dependencies
|
||||
|
||||
```
|
||||
# i2pd dependencies
|
||||
pkg_add cmake ninja gmake boost
|
||||
|
||||
# tor dependencies
|
||||
pkg_add autoconf (select autoconf-2.69 with any patch version)
|
||||
pkg_add metaauto libevent
|
||||
```
|
|
@ -0,0 +1,4 @@
|
|||
/Makefile/1.10/Fri Mar 11 19:46:04 2022//
|
||||
/distinfo/1.7/Mon Feb 28 10:49:54 2022//
|
||||
D/patches////
|
||||
D/pkg////
|
|
@ -0,0 +1 @@
|
|||
ports/net/i2pd
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,46 @@
|
|||
COMMENT = client for the I2P anonymous network
|
||||
|
||||
GH_ACCOUNT = PurpleI2P
|
||||
GH_PROJECT = i2pd
|
||||
GH_TAGNAME = 2.45.0
|
||||
|
||||
CATEGORIES = net
|
||||
HOMEPAGE = https://i2pd.website
|
||||
|
||||
MAINTAINER = Koishi Komeiji <koishi@fedora.email>
|
||||
|
||||
# BSD
|
||||
PERMIT_PACKAGE = Yes
|
||||
|
||||
WANTLIB += ${COMPILER_LIBCXX} boost_date_time-mt boost_filesystem-mt
|
||||
WANTLIB += boost_program_options-mt boost_system-mt c crypto m
|
||||
WANTLIB += ssl z
|
||||
|
||||
COMPILER = base-clang ports-gcc
|
||||
MODULES = devel/cmake
|
||||
LIB_DEPENDS = devel/boost
|
||||
|
||||
# for tests
|
||||
USE_GMAKE = Yes
|
||||
|
||||
WRKSRC = ${WRKDIST}/build
|
||||
|
||||
post-install:
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/include/i2pd
|
||||
${INSTALL_DATA} ${WRKDIST}/libi2pd{,_client}/*.h \
|
||||
${PREFIX}/include/i2pd
|
||||
.for dir in family reseed
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/i2pd/certificates/${dir}
|
||||
${INSTALL_DATA} ${WRKDIST}/contrib/certificates/${dir}/* \
|
||||
${PREFIX}/share/examples/i2pd/certificates/${dir}
|
||||
.endfor
|
||||
${INSTALL_DATA} ${WRKDIST}/contrib/i2pd.conf \
|
||||
${PREFIX}/share/examples/i2pd/i2pd.conf
|
||||
${INSTALL_DATA} ${WRKDIST}/contrib/tunnels.conf \
|
||||
${PREFIX}/share/examples/i2pd/tunnels.conf
|
||||
|
||||
do-test:
|
||||
cd ${WRKDIST}/tests && ${MAKE_PROGRAM} CXX="${CXX}" \
|
||||
INCFLAGS="-L${LOCALBASE}/lib -I${LOCALBASE}/include ${CFLAGS}"
|
||||
|
||||
.include <bsd.port.mk>
|
|
@ -0,0 +1,2 @@
|
|||
SHA256 (i2pd-2.45.0.tar.gz) = QFDAo4/aBqdt770nIfRo9bCYie17a1p+IH5GWdMAc48=
|
||||
SIZE (i2pd-2.45.0.tar.gz) = 630600
|
|
@ -0,0 +1,3 @@
|
|||
/patch-libi2pd_Crypto_h/1.2/Fri Mar 11 19:46:04 2022//
|
||||
/patch-tests_Makefile/1.6/Fri Mar 11 19:46:04 2022//
|
||||
D
|
|
@ -0,0 +1 @@
|
|||
ports/net/i2pd/patches
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,39 @@
|
|||
Index: tests/Makefile
|
||||
--- tests/Makefile.orig
|
||||
+++ tests/Makefile
|
||||
@@ -1,5 +1,5 @@
|
||||
CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -pthread -Wl,--unresolved-symbols=ignore-in-object-files
|
||||
-INCFLAGS += -I../libi2pd
|
||||
+CXXFLAGS += -Wall -Wextra -pedantic -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -I../libi2pd/ -pthread -Wl,--unresolved-symbols=ignore-in-object-files
|
||||
|
||||
TESTS = test-gost test-gost-sig test-base-64 test-x25519 test-aeadchacha20poly1305 test-blinding test-elligator
|
||||
|
||||
@@ -14,8 +14,8 @@ test-base-%: ../libi2pd/Base.cpp test-base-%.cpp
|
||||
test-gost: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp test-gost.cpp
|
||||
$(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto
|
||||
|
||||
-test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
|
||||
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
|
||||
+test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/Config.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
|
||||
+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
|
||||
|
||||
test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/Crypto.cpp test-x25519.cpp
|
||||
$(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
|
||||
@@ -23,14 +23,14 @@ test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndi
|
||||
test-aeadchacha20poly1305: ../libi2pd/Crypto.cpp ../libi2pd/ChaCha20.cpp ../libi2pd/Poly1305.cpp test-aeadchacha20poly1305.cpp
|
||||
$(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
|
||||
|
||||
-test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
|
||||
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
|
||||
+test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Config.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
|
||||
+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
|
||||
|
||||
test-elligator: ../libi2pd/Elligator.cpp ../libi2pd/Crypto.cpp test-elligator.cpp
|
||||
$(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
|
||||
|
||||
run: $(TESTS)
|
||||
- @for TEST in $(TESTS); do ./$$TEST ; done
|
||||
+ @for TEST in $(TESTS); do echo -n "$$TEST: "; ./$$TEST && echo OK; done
|
||||
|
||||
clean:
|
||||
rm -f $(TESTS)
|
|
@ -0,0 +1,5 @@
|
|||
/DESCR/1.1.1.1/Sun Jun 16 22:13:55 2019//
|
||||
/PLIST/1.6/Fri Mar 11 19:46:04 2022//
|
||||
/README/1.2/Fri Mar 11 19:46:04 2022//
|
||||
/i2pd.rc/1.4/Fri Mar 11 19:46:04 2022//
|
||||
D
|
|
@ -0,0 +1 @@
|
|||
ports/net/i2pd/pkg
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,7 @@
|
|||
i2pd is a full featured client for the I2P network written in C++.
|
||||
|
||||
I2P (Invisible Internet Project) is a universal anonymous network layer.
|
||||
All communications over I2P are anonymous and end-to-end encrypted.
|
||||
Participants don't reveal their real IP address to each other. Peer to
|
||||
peer (cryptocorruencies, file sharing) and client-to-server applications
|
||||
(websites, instant messengers, chat servers) are supported.
|
|
@ -0,0 +1,200 @@
|
|||
@newgroup _i2pd:838
|
||||
@newuser _i2pd:838:838:daemon:i2pd account:${LOCALSTATEDIR}/lib/i2pd:/sbin/nologin
|
||||
@rcscript ${RCDIR}/i2pd
|
||||
@bin bin/i2pd
|
||||
include/i2pd/
|
||||
include/i2pd/AddressBook.h
|
||||
include/i2pd/BOB.h
|
||||
include/i2pd/Base.h
|
||||
include/i2pd/Blinding.h
|
||||
include/i2pd/CPU.h
|
||||
include/i2pd/ChaCha20.h
|
||||
include/i2pd/ClientContext.h
|
||||
include/i2pd/Config.h
|
||||
include/i2pd/Crypto.h
|
||||
include/i2pd/CryptoKey.h
|
||||
include/i2pd/Datagram.h
|
||||
include/i2pd/Destination.h
|
||||
include/i2pd/ECIESX25519AEADRatchetSession.h
|
||||
include/i2pd/Ed25519.h
|
||||
include/i2pd/Elligator.h
|
||||
include/i2pd/FS.h
|
||||
include/i2pd/Family.h
|
||||
include/i2pd/Garlic.h
|
||||
include/i2pd/Gost.h
|
||||
include/i2pd/Gzip.h
|
||||
include/i2pd/HTTP.h
|
||||
include/i2pd/HTTPProxy.h
|
||||
include/i2pd/I2CP.h
|
||||
include/i2pd/I2NPProtocol.h
|
||||
include/i2pd/I2PEndian.h
|
||||
include/i2pd/I2PService.h
|
||||
include/i2pd/I2PTunnel.h
|
||||
include/i2pd/Identity.h
|
||||
include/i2pd/LeaseSet.h
|
||||
include/i2pd/LittleBigEndian.h
|
||||
include/i2pd/Log.h
|
||||
include/i2pd/MatchedDestination.h
|
||||
include/i2pd/NTCP2.h
|
||||
include/i2pd/NetDbRequests.h
|
||||
include/i2pd/Poly1305.h
|
||||
include/i2pd/Profiling.h
|
||||
include/i2pd/Queue.h
|
||||
include/i2pd/Reseed.h
|
||||
include/i2pd/RouterContext.h
|
||||
include/i2pd/RouterInfo.h
|
||||
include/i2pd/SAM.h
|
||||
include/i2pd/SOCKS.h
|
||||
include/i2pd/SSU2.h
|
||||
include/i2pd/Signature.h
|
||||
include/i2pd/Siphash.h
|
||||
include/i2pd/Streaming.h
|
||||
include/i2pd/Tag.h
|
||||
include/i2pd/Timestamp.h
|
||||
include/i2pd/TransitTunnel.h
|
||||
include/i2pd/TransportSession.h
|
||||
include/i2pd/Transports.h
|
||||
include/i2pd/Tunnel.h
|
||||
include/i2pd/TunnelBase.h
|
||||
include/i2pd/TunnelConfig.h
|
||||
include/i2pd/TunnelEndpoint.h
|
||||
include/i2pd/TunnelGateway.h
|
||||
include/i2pd/TunnelPool.h
|
||||
include/i2pd/api.h
|
||||
include/i2pd/util.h
|
||||
include/i2pd/version.h
|
||||
@static-lib lib/libi2pd.a
|
||||
@static-lib lib/libi2pdclient.a
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${SYSCONFDIR}/i2pd/
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/router/
|
||||
@owner
|
||||
@group
|
||||
@static-lib lib/libi2pdlang.a
|
||||
share/doc/pkg-readmes/${PKGSTEM}
|
||||
share/examples/i2pd/
|
||||
share/examples/i2pd/certificates/
|
||||
share/examples/i2pd/certificates/family/
|
||||
share/examples/i2pd/certificates/family/gostcoin.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/gostcoin.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/family/i2p-dev.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/i2p-dev.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/family/i2pd-dev.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/i2pd-dev.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/family/mca2-i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/mca2-i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/family/volatile.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/volatile.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/acetone_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/acetone_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/creativecowpat_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/creativecowpat_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/echelon3_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/echelon3_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/hankhill19580_at_gmail.com.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hankhill19580_at_gmail.com.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/hiduser0_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hiduser0_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/hottuna_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hottuna_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/igor_at_novg.net.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/igor_at_novg.net.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/lazygravy_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/lazygravy_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/orignal_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/orignal_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/r4sas-reseed_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/r4sas-reseed_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/rambler_at_mail.i2p.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/rambler_at_mail.i2p.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/certificates/reseed/reseed_at_diva.exchange.crt
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/reseed_at_diva.exchange.crt
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/i2pd.conf
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${SYSCONFDIR}/i2pd/i2pd.conf
|
||||
@owner
|
||||
@group
|
||||
share/examples/i2pd/tunnels.conf
|
||||
@owner _i2pd
|
||||
@group _i2pd
|
||||
@sample ${SYSCONFDIR}/i2pd/tunnels.conf
|
|
@ -0,0 +1,24 @@
|
|||
+-----------------------------------------------------------------------
|
||||
| Running ${PKGSTEM} on OpenBSD
|
||||
+-----------------------------------------------------------------------
|
||||
|
||||
Resource Limits: File Descriptors
|
||||
=================================
|
||||
|
||||
By default, the _i2pd user, and so the i2pd process runs in the login(1)
|
||||
class of "daemon". The default limits on file descriptors are
|
||||
insufficient to run i2pd; instead you should put the _i2pd user and
|
||||
process in their own login(1) class with tuned resources. You should
|
||||
also raise the system-wide maxfiles limit.
|
||||
|
||||
1. Configure i2pd login class in the login.conf(5) file:
|
||||
|
||||
i2pd:\
|
||||
:openfiles-cur=8192:\
|
||||
:openfiles-max=8192:\
|
||||
:tc=daemon:
|
||||
|
||||
2. Adjust kern.maxfiles, if needed:
|
||||
|
||||
# sysctl kern.maxfiles=16000
|
||||
# echo "kern.maxfiles=16000" >> /etc/sysctl.conf
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/ksh
|
||||
|
||||
daemon="${TRUEPREFIX}/bin/i2pd --daemon"
|
||||
daemon_user="_i2pd"
|
||||
daemon_flags="--service --datadir=${LOCALSTATEDIR}/lib/i2pd --conf=${SYSCONFDIR}/i2pd/i2pd.conf --tunconf=${SYSCONFDIR}/i2pd/tunnels.conf --tunnelsdir=${SYSCONFDIR}/i2pd/tunnels.d"
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_cmd $1
|
|
@ -0,0 +1,4 @@
|
|||
/Makefile/1.146/Sun Aug 14 16:52:23 2022//
|
||||
/distinfo/1.119/Sun Aug 14 16:52:23 2022//
|
||||
D/patches////
|
||||
D/pkg////
|
|
@ -0,0 +1 @@
|
|||
ports/net/tor
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,37 @@
|
|||
COMMENT= anonymity service using onion routing
|
||||
|
||||
DISTNAME= tor-0.4.7.12
|
||||
CATEGORIES= net
|
||||
HOMEPAGE= https://www.torproject.org/
|
||||
|
||||
MAINTAINER= Pascal Stumpf <pascal@stumpf.co>
|
||||
|
||||
# BSD
|
||||
PERMIT_PACKAGE= Yes
|
||||
|
||||
WANTLIB += c crypto event_core event_extra execinfo m pthread ssl z
|
||||
|
||||
MASTER_SITES= https://www.torproject.org/dist/
|
||||
|
||||
AUTOCONF_VERSION=2.69
|
||||
CONFIGURE_STYLE=autoconf
|
||||
# PIE is already taken care of on a per-arch basis, and we have stack protection
|
||||
# anyway on FRAME_GROWS_DOWN archs.
|
||||
CONFIGURE_ARGS= --with-ssl-dir=/usr \
|
||||
--with-libevent-dir="${LOCALBASE}" \
|
||||
--disable-gcc-hardening \
|
||||
--disable-lzma \
|
||||
--disable-zstd
|
||||
CONFIGURE_ENV+=ac_cv_member_struct_ssl_method_st_get_cipher_by_char=no
|
||||
|
||||
LIB_DEPENDS= devel/libevent2
|
||||
|
||||
DB_DIR= /var/tor
|
||||
SUBST_VARS+= DB_DIR
|
||||
|
||||
FAKE_FLAGS= sysconfdir=${PREFIX}/share/examples
|
||||
|
||||
post-install:
|
||||
${INSTALL_DATA} ${WRKSRC}/doc/TUNING ${PREFIX}/share/doc/tor/
|
||||
|
||||
.include <bsd.port.mk>
|
|
@ -0,0 +1,2 @@
|
|||
SHA256 (tor-0.4.7.12.tar.gz) = O12WlxLEZ4Ub0CjzFDQ+8VqX6kVxkek/+pcxCwW545U=
|
||||
SIZE (tor-0.4.7.12.tar.gz) = 8009573
|
|
@ -0,0 +1,9 @@
|
|||
/patch-configure_ac/1.19/Wed Apr 27 18:29:44 2022//
|
||||
/patch-src_config_torrc_sample_in/1.25/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_ext_ed25519_donna_ed25519-donna-portable_h/1.2/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_lib_crypt_ops_crypto_dh_openssl_c/1.2/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_lib_crypt_ops_crypto_rsa_openssl_c/1.2/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_lib_tls_x509_openssl_c/1.2/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_test_test_crypto_c/1.2/Fri Mar 11 19:47:53 2022//
|
||||
/patch-src_test_test_crypto_openssl_c/1.2/Fri Mar 11 19:47:53 2022//
|
||||
D
|
|
@ -0,0 +1 @@
|
|||
ports/net/tor/patches
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,18 @@
|
|||
disable -fasynchronous-unwind-tables as it breaks build on armv7
|
||||
Index: configure.ac
|
||||
--- configure.ac.orig
|
||||
+++ configure.ac
|
||||
@@ -1435,13 +1435,6 @@ fi
|
||||
CFLAGS="$saved_CFLAGS"
|
||||
AC_SUBST(F_OMIT_FRAME_POINTER)
|
||||
|
||||
-dnl ------------------------------------------------------
|
||||
-dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it
|
||||
-dnl for us, as GCC 4.6 and later do at many optimization levels), then
|
||||
-dnl we should try to add -fasynchronous-unwind-tables so that our backtrace
|
||||
-dnl code will work.
|
||||
-TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables)
|
||||
-
|
||||
dnl ============================================================
|
||||
dnl Check for libseccomp
|
||||
|
|
@ -0,0 +1,47 @@
|
|||
Index: src/config/torrc.sample.in
|
||||
--- src/config/torrc.sample.in.orig
|
||||
+++ src/config/torrc.sample.in
|
||||
@@ -39,18 +39,18 @@
|
||||
## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
|
||||
#Log debug file @LOCALSTATEDIR@/log/tor/debug.log
|
||||
## Use the system log instead of Tor's logfiles
|
||||
-#Log notice syslog
|
||||
+Log notice syslog
|
||||
## To send all messages to stderr:
|
||||
#Log debug stderr
|
||||
|
||||
## Uncomment this to start the process in the background... or use
|
||||
## --runasdaemon 1 on the command line. This is ignored on Windows;
|
||||
## see the FAQ entry if you want Tor to run as an NT service.
|
||||
-#RunAsDaemon 1
|
||||
+RunAsDaemon 1
|
||||
|
||||
## The directory for keeping all the keys/etc. By default, we store
|
||||
## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
|
||||
-#DataDirectory @LOCALSTATEDIR@/lib/tor
|
||||
+DataDirectory /var/tor
|
||||
|
||||
## The port on which Tor will listen for local connections from Tor
|
||||
## controller applications, as documented in control-spec.txt.
|
||||
@@ -69,10 +69,10 @@
|
||||
## HiddenServicePort x y:z says to redirect requests on port x to the
|
||||
## address y:z.
|
||||
|
||||
-#HiddenServiceDir @LOCALSTATEDIR@/lib/tor/hidden_service/
|
||||
+#HiddenServiceDir @LOCALSTATEDIR@/tor/hidden_service/
|
||||
#HiddenServicePort 80 127.0.0.1:80
|
||||
|
||||
-#HiddenServiceDir @LOCALSTATEDIR@/lib/tor/other_hidden_service/
|
||||
+#HiddenServiceDir @LOCALSTATEDIR@/tor/other_hidden_service/
|
||||
#HiddenServicePort 80 127.0.0.1:80
|
||||
#HiddenServicePort 22 127.0.0.1:22
|
||||
|
||||
@@ -218,6 +218,8 @@
|
||||
## and any public IPv4 and IPv6 addresses on any interface on the relay.
|
||||
## See the man page entry for ExitPolicyRejectPrivate if you want to allow
|
||||
## "exit enclaving".
|
||||
+## Revoke privileges
|
||||
+User _tor
|
||||
##
|
||||
#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports on IPv4 and IPv6 but no more
|
||||
#ExitPolicy accept *:119 # accept nntp ports on IPv4 and IPv6 as well as default exit policy
|
|
@ -0,0 +1,11 @@
|
|||
--- src/ext/ed25519/donna/ed25519-donna-portable.h.orig Fri Dec 11 14:53:44 2015
|
||||
+++ src/ext/ed25519/donna/ed25519-donna-portable.h Fri Dec 11 14:53:57 2015
|
||||
@@ -50,7 +50,7 @@
|
||||
#if defined(__SIZEOF_INT128__)
|
||||
#define HAVE_NATIVE_UINT128
|
||||
typedef unsigned __int128 uint128_t;
|
||||
- #elif (COMPILER_GCC >= 40400)
|
||||
+ #elif (COMPILER_GCC >= 40200)
|
||||
#define HAVE_NATIVE_UINT128
|
||||
typedef unsigned uint128_t __attribute__((mode(TI)));
|
||||
#elif defined(CPU_X86_64)
|
|
@ -0,0 +1,59 @@
|
|||
Fix build with opaque structs in LibreSSL 3.5
|
||||
|
||||
Index: src/lib/crypt_ops/crypto_dh_openssl.c
|
||||
--- src/lib/crypt_ops/crypto_dh_openssl.c.orig
|
||||
+++ src/lib/crypt_ops/crypto_dh_openssl.c
|
||||
@@ -60,7 +60,7 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNU
|
||||
/* Copy into a temporary DH object, just so that DH_check() can be called. */
|
||||
if (!(dh = DH_new()))
|
||||
goto out;
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
BIGNUM *dh_p, *dh_g;
|
||||
if (!(dh_p = BN_dup(p)))
|
||||
goto out;
|
||||
@@ -223,7 +223,7 @@ new_openssl_dh_from_params(BIGNUM *p, BIGNUM *g)
|
||||
goto err;
|
||||
}
|
||||
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
|
||||
if (!DH_set0_pqg(res_dh, dh_p, NULL, dh_g)) {
|
||||
goto err;
|
||||
@@ -276,7 +276,7 @@ crypto_dh_get_bytes(crypto_dh_t *dh)
|
||||
int
|
||||
crypto_dh_generate_public(crypto_dh_t *dh)
|
||||
{
|
||||
-#ifndef OPENSSL_1_1_API
|
||||
+#if !defined(OPENSSL_1_1_API) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
again:
|
||||
#endif
|
||||
if (!DH_generate_key(dh->dh)) {
|
||||
@@ -286,7 +286,7 @@ crypto_dh_generate_public(crypto_dh_t *dh)
|
||||
return -1;
|
||||
/* LCOV_EXCL_STOP */
|
||||
}
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* OpenSSL 1.1.x doesn't appear to let you regenerate a DH key, without
|
||||
* recreating the DH object. I have no idea what sort of aliasing madness
|
||||
* can occur here, so do the check, and just bail on failure.
|
||||
@@ -327,7 +327,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, si
|
||||
|
||||
const BIGNUM *dh_pub;
|
||||
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
const BIGNUM *dh_priv;
|
||||
DH_get0_key(dh->dh, &dh_pub, &dh_priv);
|
||||
#else
|
||||
@@ -338,7 +338,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, si
|
||||
if (crypto_dh_generate_public(dh)<0)
|
||||
return -1;
|
||||
else {
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
DH_get0_key(dh->dh, &dh_pub, &dh_priv);
|
||||
#else
|
||||
dh_pub = dh->dh->pub_key;
|
|
@ -0,0 +1,50 @@
|
|||
Fix build with opaque structs in LibreSSL 3.5
|
||||
|
||||
Index: src/lib/crypt_ops/crypto_rsa_openssl.c
|
||||
--- src/lib/crypt_ops/crypto_rsa_openssl.c.orig
|
||||
+++ src/lib/crypt_ops/crypto_rsa_openssl.c
|
||||
@@ -47,7 +47,7 @@ struct crypto_pk_t
|
||||
int
|
||||
crypto_pk_key_is_private(const crypto_pk_t *k)
|
||||
{
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
if (!k || !k->key)
|
||||
return 0;
|
||||
|
||||
@@ -212,7 +212,7 @@ crypto_pk_public_exponent_ok(const crypto_pk_t *env)
|
||||
|
||||
const BIGNUM *e;
|
||||
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
const BIGNUM *n, *d;
|
||||
RSA_get0_key(env->key, &n, &e, &d);
|
||||
#else
|
||||
@@ -242,7 +242,7 @@ crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_
|
||||
const BIGNUM *a_n, *a_e;
|
||||
const BIGNUM *b_n, *b_e;
|
||||
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
const BIGNUM *a_d, *b_d;
|
||||
RSA_get0_key(a->key, &a_n, &a_e, &a_d);
|
||||
RSA_get0_key(b->key, &b_n, &b_e, &b_d);
|
||||
@@ -279,7 +279,7 @@ crypto_pk_num_bits(crypto_pk_t *env)
|
||||
tor_assert(env);
|
||||
tor_assert(env->key);
|
||||
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* It's so stupid that there's no other way to check that n is valid
|
||||
* before calling RSA_bits().
|
||||
*/
|
||||
@@ -572,7 +572,7 @@ static bool
|
||||
rsa_private_key_too_long(RSA *rsa, int max_bits)
|
||||
{
|
||||
const BIGNUM *n, *e, *p, *q, *d, *dmp1, *dmq1, *iqmp;
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1)
|
||||
n = RSA_get0_n(rsa);
|
|
@ -0,0 +1,14 @@
|
|||
Fix build with opaque structs in LibreSSL 3.5
|
||||
|
||||
Index: src/lib/tls/x509_openssl.c
|
||||
--- src/lib/tls/x509_openssl.c.orig
|
||||
+++ src/lib/tls/x509_openssl.c
|
||||
@@ -329,7 +329,7 @@ tor_tls_cert_is_valid(int severity,
|
||||
cert_key = X509_get_pubkey(cert->cert);
|
||||
if (check_rsa_1024 && cert_key) {
|
||||
RSA *rsa = EVP_PKEY_get1_RSA(cert_key);
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
if (rsa && RSA_bits(rsa) == 1024) {
|
||||
#else
|
||||
if (rsa && BN_num_bits(rsa->n) == 1024) {
|
|
@ -0,0 +1,14 @@
|
|||
Fix build with opaque structs in LibreSSL 3.5
|
||||
|
||||
Index: src/test/test_crypto.c
|
||||
--- src/test/test_crypto.c.orig
|
||||
+++ src/test/test_crypto.c
|
||||
@@ -185,7 +185,7 @@ test_crypto_dh(void *arg)
|
||||
dh4 = crypto_dh_new_openssl_tls();
|
||||
tt_assert(DH_generate_key(dh4));
|
||||
const BIGNUM *pk=NULL;
|
||||
-#ifdef OPENSSL_1_1_API
|
||||
+#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER)
|
||||
const BIGNUM *sk=NULL;
|
||||
DH_get0_key(dh4, &pk, &sk);
|
||||
#else
|
|
@ -0,0 +1,14 @@
|
|||
Fix build with opaque structs in LibreSSL 3.5
|
||||
|
||||
Index: src/test/test_crypto_openssl.c
|
||||
--- src/test/test_crypto_openssl.c.orig
|
||||
+++ src/test/test_crypto_openssl.c
|
||||
@@ -49,7 +49,7 @@ test_crypto_rng_engine(void *arg)
|
||||
;
|
||||
}
|
||||
|
||||
-#ifndef OPENSSL_1_1_API
|
||||
+#if !defined(OPENSSL_1_1_API) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||
#define EVP_ENCODE_CTX_new() tor_malloc_zero(sizeof(EVP_ENCODE_CTX))
|
||||
#define EVP_ENCODE_CTX_free(ctx) tor_free(ctx)
|
||||
#endif
|
|
@ -0,0 +1,4 @@
|
|||
/DESCR/1.1.1.1/Sun Sep 26 10:06:29 2004//
|
||||
/PLIST/1.13/Fri Mar 11 19:47:53 2022//
|
||||
/tor.rc/1.8/Fri Mar 11 19:47:53 2022//
|
||||
D
|
|
@ -0,0 +1 @@
|
|||
ports/net/tor/pkg
|
|
@ -0,0 +1 @@
|
|||
/cvs
|
|
@ -0,0 +1,2 @@
|
|||
Tor is a connection-based low-latency anonymous communication system that
|
||||
protects TCP streams: web browsing, instant messaging, irc, ssh, etc.
|
|
@ -0,0 +1,34 @@
|
|||
@newgroup _tor:566
|
||||
@newuser _tor:566:566::tor:/nonexistent:/sbin/nologin
|
||||
@rcscript ${RCDIR}/tor
|
||||
@bin bin/tor
|
||||
@bin bin/tor-gencert
|
||||
@bin bin/tor-print-ed-signing-cert
|
||||
@bin bin/tor-resolve
|
||||
@comment bin/torify
|
||||
@man man/man1/tor-gencert.1
|
||||
@man man/man1/tor-print-ed-signing-cert.1
|
||||
@man man/man1/tor-resolve.1
|
||||
@man man/man1/tor.1
|
||||
@comment @man man/man1/torify.1
|
||||
share/doc/tor/
|
||||
share/doc/tor/TUNING
|
||||
share/doc/tor/tor-gencert.html
|
||||
share/doc/tor/tor-print-ed-signing-cert.html
|
||||
share/doc/tor/tor-resolve.html
|
||||
share/doc/tor/tor.html
|
||||
@comment share/doc/tor/torify.html
|
||||
share/examples/tor/
|
||||
@sample ${SYSCONFDIR}/tor/
|
||||
share/examples/tor/torrc.sample
|
||||
@sample ${SYSCONFDIR}/tor/torrc
|
||||
@mode 0700
|
||||
@owner _tor
|
||||
@group _tor
|
||||
@sample ${DB_DIR}/
|
||||
@mode
|
||||
@owner
|
||||
@group
|
||||
share/tor/
|
||||
share/tor/geoip
|
||||
share/tor/geoip6
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/ksh
|
||||
|
||||
daemon="${TRUEPREFIX}/bin/tor"
|
||||
daemon_timeout=60
|
||||
|
||||
. /etc/rc.d/rc.subr
|
||||
|
||||
rc_stop_signal=INT
|
||||
|
||||
rc_cmd $1
|
新しいイシューから参照