From 5ce2813eebf78190784847591544b4086e6f26b5 Mon Sep 17 00:00:00 2001 From: Koishi Komeiji Date: Sun, 8 Jan 2023 04:59:44 +0000 Subject: [PATCH] Initial commit --- README.md | 36 ++++ net/i2pd/CVS/Entries | 4 + net/i2pd/CVS/Repository | 1 + net/i2pd/CVS/Root | 1 + net/i2pd/Makefile | 46 ++++ net/i2pd/distinfo | 2 + net/i2pd/patches/CVS/Entries | 3 + net/i2pd/patches/CVS/Repository | 1 + net/i2pd/patches/CVS/Root | 1 + net/i2pd/patches/patch-tests_Makefile | 39 ++++ net/i2pd/pkg/CVS/Entries | 5 + net/i2pd/pkg/CVS/Repository | 1 + net/i2pd/pkg/CVS/Root | 1 + net/i2pd/pkg/DESCR | 7 + net/i2pd/pkg/PLIST | 200 ++++++++++++++++++ net/i2pd/pkg/README | 24 +++ net/i2pd/pkg/i2pd.rc | 9 + net/tor/CVS/Entries | 4 + net/tor/CVS/Repository | 1 + net/tor/CVS/Root | 1 + net/tor/Makefile | 37 ++++ net/tor/distinfo | 2 + net/tor/patches/CVS/Entries | 9 + net/tor/patches/CVS/Repository | 1 + net/tor/patches/CVS/Root | 1 + net/tor/patches/patch-configure_ac | 18 ++ .../patches/patch-src_config_torrc_sample_in | 47 ++++ ...ext_ed25519_donna_ed25519-donna-portable_h | 11 + ...atch-src_lib_crypt_ops_crypto_dh_openssl_c | 59 ++++++ ...tch-src_lib_crypt_ops_crypto_rsa_openssl_c | 50 +++++ .../patches/patch-src_lib_tls_x509_openssl_c | 14 ++ net/tor/patches/patch-src_test_test_crypto_c | 14 ++ .../patch-src_test_test_crypto_openssl_c | 14 ++ net/tor/pkg/CVS/Entries | 4 + net/tor/pkg/CVS/Repository | 1 + net/tor/pkg/CVS/Root | 1 + net/tor/pkg/DESCR | 2 + net/tor/pkg/PLIST | 34 +++ net/tor/pkg/tor.rc | 10 + 39 files changed, 716 insertions(+) create mode 100644 README.md create mode 100644 net/i2pd/CVS/Entries create mode 100644 net/i2pd/CVS/Repository create mode 100644 net/i2pd/CVS/Root create mode 100644 net/i2pd/Makefile create mode 100644 net/i2pd/distinfo create mode 100644 net/i2pd/patches/CVS/Entries create mode 100644 net/i2pd/patches/CVS/Repository create mode 100644 net/i2pd/patches/CVS/Root create mode 100644 net/i2pd/patches/patch-tests_Makefile create mode 100644 net/i2pd/pkg/CVS/Entries create mode 100644 net/i2pd/pkg/CVS/Repository create mode 100644 net/i2pd/pkg/CVS/Root create mode 100644 net/i2pd/pkg/DESCR create mode 100644 net/i2pd/pkg/PLIST create mode 100644 net/i2pd/pkg/README create mode 100644 net/i2pd/pkg/i2pd.rc create mode 100644 net/tor/CVS/Entries create mode 100644 net/tor/CVS/Repository create mode 100644 net/tor/CVS/Root create mode 100644 net/tor/Makefile create mode 100644 net/tor/distinfo create mode 100644 net/tor/patches/CVS/Entries create mode 100644 net/tor/patches/CVS/Repository create mode 100644 net/tor/patches/CVS/Root create mode 100644 net/tor/patches/patch-configure_ac create mode 100644 net/tor/patches/patch-src_config_torrc_sample_in create mode 100644 net/tor/patches/patch-src_ext_ed25519_donna_ed25519-donna-portable_h create mode 100644 net/tor/patches/patch-src_lib_crypt_ops_crypto_dh_openssl_c create mode 100644 net/tor/patches/patch-src_lib_crypt_ops_crypto_rsa_openssl_c create mode 100644 net/tor/patches/patch-src_lib_tls_x509_openssl_c create mode 100644 net/tor/patches/patch-src_test_test_crypto_c create mode 100644 net/tor/patches/patch-src_test_test_crypto_openssl_c create mode 100644 net/tor/pkg/CVS/Entries create mode 100644 net/tor/pkg/CVS/Repository create mode 100644 net/tor/pkg/CVS/Root create mode 100644 net/tor/pkg/DESCR create mode 100644 net/tor/pkg/PLIST create mode 100644 net/tor/pkg/tor.rc diff --git a/README.md b/README.md new file mode 100644 index 0000000..a6a0dac --- /dev/null +++ b/README.md @@ -0,0 +1,36 @@ +# OpenBSD Ports +Modified OpenBSD 7.2 ports. Everything here works with OpenBSD 7.2. + +## How to install +First if you haven't done so, download and unpack the ports tree for your current OpenBSD version. + +These instructions are taken from https://www.openbsd.org/faq/ports/ports.html#PortsFetch + +``` +cd /tmp +ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/{ports.tar.gz,SHA256.sig} +signify -Cp /etc/signify/openbsd-$(uname -r | cut -c 1,3)-base.pub -x SHA256.sig ports.tar.gz +cd /usr +tar xzf /tmp/ports.tar.gz +``` + +Then remove some ports and unpack this git repo on top of the ports tree with the instructions below: + +``` +rm -rf /usr/ports/net/{i2pd,tor} +cd /tmp +ftp https://gitler.moe/koishi/openbsd-ports/archive/master.tar.gz +tar xzvf /tmp/master.tar.gz +mv /tmp/openbsd-ports/net/* /usr/ports/net/ +``` + +## Installing dependencies + +``` +# i2pd dependencies +pkg_add cmake ninja gmake boost + +# tor dependencies +pkg_add autoconf (select autoconf-2.69 with any patch version) +pkg_add metaauto libevent +``` diff --git a/net/i2pd/CVS/Entries b/net/i2pd/CVS/Entries new file mode 100644 index 0000000..1c63871 --- /dev/null +++ b/net/i2pd/CVS/Entries @@ -0,0 +1,4 @@ +/Makefile/1.10/Fri Mar 11 19:46:04 2022// +/distinfo/1.7/Mon Feb 28 10:49:54 2022// +D/patches//// +D/pkg//// diff --git a/net/i2pd/CVS/Repository b/net/i2pd/CVS/Repository new file mode 100644 index 0000000..ae4248b --- /dev/null +++ b/net/i2pd/CVS/Repository @@ -0,0 +1 @@ +ports/net/i2pd diff --git a/net/i2pd/CVS/Root b/net/i2pd/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/i2pd/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/i2pd/Makefile b/net/i2pd/Makefile new file mode 100644 index 0000000..fbe546a --- /dev/null +++ b/net/i2pd/Makefile @@ -0,0 +1,46 @@ +COMMENT = client for the I2P anonymous network + +GH_ACCOUNT = PurpleI2P +GH_PROJECT = i2pd +GH_TAGNAME = 2.45.0 + +CATEGORIES = net +HOMEPAGE = https://i2pd.website + +MAINTAINER = Koishi Komeiji + +# BSD +PERMIT_PACKAGE = Yes + +WANTLIB += ${COMPILER_LIBCXX} boost_date_time-mt boost_filesystem-mt +WANTLIB += boost_program_options-mt boost_system-mt c crypto m +WANTLIB += ssl z + +COMPILER = base-clang ports-gcc +MODULES = devel/cmake +LIB_DEPENDS = devel/boost + +# for tests +USE_GMAKE = Yes + +WRKSRC = ${WRKDIST}/build + +post-install: + ${INSTALL_DATA_DIR} ${PREFIX}/include/i2pd + ${INSTALL_DATA} ${WRKDIST}/libi2pd{,_client}/*.h \ + ${PREFIX}/include/i2pd +.for dir in family reseed + ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/i2pd/certificates/${dir} + ${INSTALL_DATA} ${WRKDIST}/contrib/certificates/${dir}/* \ + ${PREFIX}/share/examples/i2pd/certificates/${dir} +.endfor + ${INSTALL_DATA} ${WRKDIST}/contrib/i2pd.conf \ + ${PREFIX}/share/examples/i2pd/i2pd.conf + ${INSTALL_DATA} ${WRKDIST}/contrib/tunnels.conf \ + ${PREFIX}/share/examples/i2pd/tunnels.conf + +do-test: + cd ${WRKDIST}/tests && ${MAKE_PROGRAM} CXX="${CXX}" \ + INCFLAGS="-L${LOCALBASE}/lib -I${LOCALBASE}/include ${CFLAGS}" + +.include diff --git a/net/i2pd/distinfo b/net/i2pd/distinfo new file mode 100644 index 0000000..9405804 --- /dev/null +++ b/net/i2pd/distinfo @@ -0,0 +1,2 @@ +SHA256 (i2pd-2.45.0.tar.gz) = QFDAo4/aBqdt770nIfRo9bCYie17a1p+IH5GWdMAc48= +SIZE (i2pd-2.45.0.tar.gz) = 630600 diff --git a/net/i2pd/patches/CVS/Entries b/net/i2pd/patches/CVS/Entries new file mode 100644 index 0000000..84b29dc --- /dev/null +++ b/net/i2pd/patches/CVS/Entries @@ -0,0 +1,3 @@ +/patch-libi2pd_Crypto_h/1.2/Fri Mar 11 19:46:04 2022// +/patch-tests_Makefile/1.6/Fri Mar 11 19:46:04 2022// +D diff --git a/net/i2pd/patches/CVS/Repository b/net/i2pd/patches/CVS/Repository new file mode 100644 index 0000000..bf0a5f1 --- /dev/null +++ b/net/i2pd/patches/CVS/Repository @@ -0,0 +1 @@ +ports/net/i2pd/patches diff --git a/net/i2pd/patches/CVS/Root b/net/i2pd/patches/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/i2pd/patches/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/i2pd/patches/patch-tests_Makefile b/net/i2pd/patches/patch-tests_Makefile new file mode 100644 index 0000000..0689823 --- /dev/null +++ b/net/i2pd/patches/patch-tests_Makefile @@ -0,0 +1,39 @@ +Index: tests/Makefile +--- tests/Makefile.orig ++++ tests/Makefile +@@ -1,5 +1,5 @@ + CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -pthread -Wl,--unresolved-symbols=ignore-in-object-files +-INCFLAGS += -I../libi2pd ++CXXFLAGS += -Wall -Wextra -pedantic -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -I../libi2pd/ -pthread -Wl,--unresolved-symbols=ignore-in-object-files + + TESTS = test-gost test-gost-sig test-base-64 test-x25519 test-aeadchacha20poly1305 test-blinding test-elligator + +@@ -14,8 +14,8 @@ test-base-%: ../libi2pd/Base.cpp test-base-%.cpp + test-gost: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp test-gost.cpp + $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto + +-test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp +- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system ++test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/Config.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp ++ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt + + test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/Crypto.cpp test-x25519.cpp + $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system +@@ -23,14 +23,14 @@ test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndi + test-aeadchacha20poly1305: ../libi2pd/Crypto.cpp ../libi2pd/ChaCha20.cpp ../libi2pd/Poly1305.cpp test-aeadchacha20poly1305.cpp + $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system + +-test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp +- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system ++test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Config.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp ++ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt + + test-elligator: ../libi2pd/Elligator.cpp ../libi2pd/Crypto.cpp test-elligator.cpp + $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system + + run: $(TESTS) +- @for TEST in $(TESTS); do ./$$TEST ; done ++ @for TEST in $(TESTS); do echo -n "$$TEST: "; ./$$TEST && echo OK; done + + clean: + rm -f $(TESTS) diff --git a/net/i2pd/pkg/CVS/Entries b/net/i2pd/pkg/CVS/Entries new file mode 100644 index 0000000..18ddb6e --- /dev/null +++ b/net/i2pd/pkg/CVS/Entries @@ -0,0 +1,5 @@ +/DESCR/1.1.1.1/Sun Jun 16 22:13:55 2019// +/PLIST/1.6/Fri Mar 11 19:46:04 2022// +/README/1.2/Fri Mar 11 19:46:04 2022// +/i2pd.rc/1.4/Fri Mar 11 19:46:04 2022// +D diff --git a/net/i2pd/pkg/CVS/Repository b/net/i2pd/pkg/CVS/Repository new file mode 100644 index 0000000..1bdf917 --- /dev/null +++ b/net/i2pd/pkg/CVS/Repository @@ -0,0 +1 @@ +ports/net/i2pd/pkg diff --git a/net/i2pd/pkg/CVS/Root b/net/i2pd/pkg/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/i2pd/pkg/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/i2pd/pkg/DESCR b/net/i2pd/pkg/DESCR new file mode 100644 index 0000000..77deff1 --- /dev/null +++ b/net/i2pd/pkg/DESCR @@ -0,0 +1,7 @@ +i2pd is a full featured client for the I2P network written in C++. + +I2P (Invisible Internet Project) is a universal anonymous network layer. +All communications over I2P are anonymous and end-to-end encrypted. +Participants don't reveal their real IP address to each other. Peer to +peer (cryptocorruencies, file sharing) and client-to-server applications +(websites, instant messengers, chat servers) are supported. diff --git a/net/i2pd/pkg/PLIST b/net/i2pd/pkg/PLIST new file mode 100644 index 0000000..0e9d69e --- /dev/null +++ b/net/i2pd/pkg/PLIST @@ -0,0 +1,200 @@ +@newgroup _i2pd:838 +@newuser _i2pd:838:838:daemon:i2pd account:${LOCALSTATEDIR}/lib/i2pd:/sbin/nologin +@rcscript ${RCDIR}/i2pd +@bin bin/i2pd +include/i2pd/ +include/i2pd/AddressBook.h +include/i2pd/BOB.h +include/i2pd/Base.h +include/i2pd/Blinding.h +include/i2pd/CPU.h +include/i2pd/ChaCha20.h +include/i2pd/ClientContext.h +include/i2pd/Config.h +include/i2pd/Crypto.h +include/i2pd/CryptoKey.h +include/i2pd/Datagram.h +include/i2pd/Destination.h +include/i2pd/ECIESX25519AEADRatchetSession.h +include/i2pd/Ed25519.h +include/i2pd/Elligator.h +include/i2pd/FS.h +include/i2pd/Family.h +include/i2pd/Garlic.h +include/i2pd/Gost.h +include/i2pd/Gzip.h +include/i2pd/HTTP.h +include/i2pd/HTTPProxy.h +include/i2pd/I2CP.h +include/i2pd/I2NPProtocol.h +include/i2pd/I2PEndian.h +include/i2pd/I2PService.h +include/i2pd/I2PTunnel.h +include/i2pd/Identity.h +include/i2pd/LeaseSet.h +include/i2pd/LittleBigEndian.h +include/i2pd/Log.h +include/i2pd/MatchedDestination.h +include/i2pd/NTCP2.h +include/i2pd/NetDbRequests.h +include/i2pd/Poly1305.h +include/i2pd/Profiling.h +include/i2pd/Queue.h +include/i2pd/Reseed.h +include/i2pd/RouterContext.h +include/i2pd/RouterInfo.h +include/i2pd/SAM.h +include/i2pd/SOCKS.h +include/i2pd/SSU2.h +include/i2pd/Signature.h +include/i2pd/Siphash.h +include/i2pd/Streaming.h +include/i2pd/Tag.h +include/i2pd/Timestamp.h +include/i2pd/TransitTunnel.h +include/i2pd/TransportSession.h +include/i2pd/Transports.h +include/i2pd/Tunnel.h +include/i2pd/TunnelBase.h +include/i2pd/TunnelConfig.h +include/i2pd/TunnelEndpoint.h +include/i2pd/TunnelGateway.h +include/i2pd/TunnelPool.h +include/i2pd/api.h +include/i2pd/util.h +include/i2pd/version.h +@static-lib lib/libi2pd.a +@static-lib lib/libi2pdclient.a +@owner _i2pd +@group _i2pd +@sample ${SYSCONFDIR}/i2pd/ +@sample ${LOCALSTATEDIR}/lib/i2pd/ +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/ +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/ +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/ +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/router/ +@owner +@group +@static-lib lib/libi2pdlang.a +share/doc/pkg-readmes/${PKGSTEM} +share/examples/i2pd/ +share/examples/i2pd/certificates/ +share/examples/i2pd/certificates/family/ +share/examples/i2pd/certificates/family/gostcoin.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/gostcoin.crt +@owner +@group +share/examples/i2pd/certificates/family/i2p-dev.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/i2p-dev.crt +@owner +@group +share/examples/i2pd/certificates/family/i2pd-dev.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/i2pd-dev.crt +@owner +@group +share/examples/i2pd/certificates/family/mca2-i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/mca2-i2p.crt +@owner +@group +share/examples/i2pd/certificates/family/volatile.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/volatile.crt +@owner +@group +share/examples/i2pd/certificates/reseed/ +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/ +@owner +@group +share/examples/i2pd/certificates/reseed/acetone_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/acetone_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/creativecowpat_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/creativecowpat_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/echelon3_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/echelon3_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/hankhill19580_at_gmail.com.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hankhill19580_at_gmail.com.crt +@owner +@group +share/examples/i2pd/certificates/reseed/hiduser0_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hiduser0_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/hottuna_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hottuna_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/igor_at_novg.net.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/igor_at_novg.net.crt +@owner +@group +share/examples/i2pd/certificates/reseed/lazygravy_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/lazygravy_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/orignal_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/orignal_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/r4sas-reseed_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/r4sas-reseed_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/rambler_at_mail.i2p.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/rambler_at_mail.i2p.crt +@owner +@group +share/examples/i2pd/certificates/reseed/reseed_at_diva.exchange.crt +@owner _i2pd +@group _i2pd +@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/reseed_at_diva.exchange.crt +@owner +@group +share/examples/i2pd/i2pd.conf +@owner _i2pd +@group _i2pd +@sample ${SYSCONFDIR}/i2pd/i2pd.conf +@owner +@group +share/examples/i2pd/tunnels.conf +@owner _i2pd +@group _i2pd +@sample ${SYSCONFDIR}/i2pd/tunnels.conf diff --git a/net/i2pd/pkg/README b/net/i2pd/pkg/README new file mode 100644 index 0000000..cae8d08 --- /dev/null +++ b/net/i2pd/pkg/README @@ -0,0 +1,24 @@ ++----------------------------------------------------------------------- +| Running ${PKGSTEM} on OpenBSD ++----------------------------------------------------------------------- + +Resource Limits: File Descriptors +================================= + +By default, the _i2pd user, and so the i2pd process runs in the login(1) +class of "daemon". The default limits on file descriptors are +insufficient to run i2pd; instead you should put the _i2pd user and +process in their own login(1) class with tuned resources. You should +also raise the system-wide maxfiles limit. + +1. Configure i2pd login class in the login.conf(5) file: + + i2pd:\ + :openfiles-cur=8192:\ + :openfiles-max=8192:\ + :tc=daemon: + +2. Adjust kern.maxfiles, if needed: + + # sysctl kern.maxfiles=16000 + # echo "kern.maxfiles=16000" >> /etc/sysctl.conf diff --git a/net/i2pd/pkg/i2pd.rc b/net/i2pd/pkg/i2pd.rc new file mode 100644 index 0000000..fbd0c15 --- /dev/null +++ b/net/i2pd/pkg/i2pd.rc @@ -0,0 +1,9 @@ +#!/bin/ksh + +daemon="${TRUEPREFIX}/bin/i2pd --daemon" +daemon_user="_i2pd" +daemon_flags="--service --datadir=${LOCALSTATEDIR}/lib/i2pd --conf=${SYSCONFDIR}/i2pd/i2pd.conf --tunconf=${SYSCONFDIR}/i2pd/tunnels.conf --tunnelsdir=${SYSCONFDIR}/i2pd/tunnels.d" + +. /etc/rc.d/rc.subr + +rc_cmd $1 diff --git a/net/tor/CVS/Entries b/net/tor/CVS/Entries new file mode 100644 index 0000000..0b26b3f --- /dev/null +++ b/net/tor/CVS/Entries @@ -0,0 +1,4 @@ +/Makefile/1.146/Sun Aug 14 16:52:23 2022// +/distinfo/1.119/Sun Aug 14 16:52:23 2022// +D/patches//// +D/pkg//// diff --git a/net/tor/CVS/Repository b/net/tor/CVS/Repository new file mode 100644 index 0000000..491dde6 --- /dev/null +++ b/net/tor/CVS/Repository @@ -0,0 +1 @@ +ports/net/tor diff --git a/net/tor/CVS/Root b/net/tor/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/tor/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/tor/Makefile b/net/tor/Makefile new file mode 100644 index 0000000..cbce597 --- /dev/null +++ b/net/tor/Makefile @@ -0,0 +1,37 @@ +COMMENT= anonymity service using onion routing + +DISTNAME= tor-0.4.7.12 +CATEGORIES= net +HOMEPAGE= https://www.torproject.org/ + +MAINTAINER= Pascal Stumpf + +# BSD +PERMIT_PACKAGE= Yes + +WANTLIB += c crypto event_core event_extra execinfo m pthread ssl z + +MASTER_SITES= https://www.torproject.org/dist/ + +AUTOCONF_VERSION=2.69 +CONFIGURE_STYLE=autoconf +# PIE is already taken care of on a per-arch basis, and we have stack protection +# anyway on FRAME_GROWS_DOWN archs. +CONFIGURE_ARGS= --with-ssl-dir=/usr \ + --with-libevent-dir="${LOCALBASE}" \ + --disable-gcc-hardening \ + --disable-lzma \ + --disable-zstd +CONFIGURE_ENV+=ac_cv_member_struct_ssl_method_st_get_cipher_by_char=no + +LIB_DEPENDS= devel/libevent2 + +DB_DIR= /var/tor +SUBST_VARS+= DB_DIR + +FAKE_FLAGS= sysconfdir=${PREFIX}/share/examples + +post-install: + ${INSTALL_DATA} ${WRKSRC}/doc/TUNING ${PREFIX}/share/doc/tor/ + +.include diff --git a/net/tor/distinfo b/net/tor/distinfo new file mode 100644 index 0000000..99b6409 --- /dev/null +++ b/net/tor/distinfo @@ -0,0 +1,2 @@ +SHA256 (tor-0.4.7.12.tar.gz) = O12WlxLEZ4Ub0CjzFDQ+8VqX6kVxkek/+pcxCwW545U= +SIZE (tor-0.4.7.12.tar.gz) = 8009573 diff --git a/net/tor/patches/CVS/Entries b/net/tor/patches/CVS/Entries new file mode 100644 index 0000000..b536690 --- /dev/null +++ b/net/tor/patches/CVS/Entries @@ -0,0 +1,9 @@ +/patch-configure_ac/1.19/Wed Apr 27 18:29:44 2022// +/patch-src_config_torrc_sample_in/1.25/Fri Mar 11 19:47:53 2022// +/patch-src_ext_ed25519_donna_ed25519-donna-portable_h/1.2/Fri Mar 11 19:47:53 2022// +/patch-src_lib_crypt_ops_crypto_dh_openssl_c/1.2/Fri Mar 11 19:47:53 2022// +/patch-src_lib_crypt_ops_crypto_rsa_openssl_c/1.2/Fri Mar 11 19:47:53 2022// +/patch-src_lib_tls_x509_openssl_c/1.2/Fri Mar 11 19:47:53 2022// +/patch-src_test_test_crypto_c/1.2/Fri Mar 11 19:47:53 2022// +/patch-src_test_test_crypto_openssl_c/1.2/Fri Mar 11 19:47:53 2022// +D diff --git a/net/tor/patches/CVS/Repository b/net/tor/patches/CVS/Repository new file mode 100644 index 0000000..5cf125a --- /dev/null +++ b/net/tor/patches/CVS/Repository @@ -0,0 +1 @@ +ports/net/tor/patches diff --git a/net/tor/patches/CVS/Root b/net/tor/patches/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/tor/patches/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/tor/patches/patch-configure_ac b/net/tor/patches/patch-configure_ac new file mode 100644 index 0000000..02e3c23 --- /dev/null +++ b/net/tor/patches/patch-configure_ac @@ -0,0 +1,18 @@ +disable -fasynchronous-unwind-tables as it breaks build on armv7 +Index: configure.ac +--- configure.ac.orig ++++ configure.ac +@@ -1435,13 +1435,6 @@ fi + CFLAGS="$saved_CFLAGS" + AC_SUBST(F_OMIT_FRAME_POINTER) + +-dnl ------------------------------------------------------ +-dnl If we are adding -fomit-frame-pointer (or if the compiler's doing it +-dnl for us, as GCC 4.6 and later do at many optimization levels), then +-dnl we should try to add -fasynchronous-unwind-tables so that our backtrace +-dnl code will work. +-TOR_CHECK_CFLAGS(-fasynchronous-unwind-tables) +- + dnl ============================================================ + dnl Check for libseccomp + diff --git a/net/tor/patches/patch-src_config_torrc_sample_in b/net/tor/patches/patch-src_config_torrc_sample_in new file mode 100644 index 0000000..a76f720 --- /dev/null +++ b/net/tor/patches/patch-src_config_torrc_sample_in @@ -0,0 +1,47 @@ +Index: src/config/torrc.sample.in +--- src/config/torrc.sample.in.orig ++++ src/config/torrc.sample.in +@@ -39,18 +39,18 @@ + ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log + #Log debug file @LOCALSTATEDIR@/log/tor/debug.log + ## Use the system log instead of Tor's logfiles +-#Log notice syslog ++Log notice syslog + ## To send all messages to stderr: + #Log debug stderr + + ## Uncomment this to start the process in the background... or use + ## --runasdaemon 1 on the command line. This is ignored on Windows; + ## see the FAQ entry if you want Tor to run as an NT service. +-#RunAsDaemon 1 ++RunAsDaemon 1 + + ## The directory for keeping all the keys/etc. By default, we store + ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. +-#DataDirectory @LOCALSTATEDIR@/lib/tor ++DataDirectory /var/tor + + ## The port on which Tor will listen for local connections from Tor + ## controller applications, as documented in control-spec.txt. +@@ -69,10 +69,10 @@ + ## HiddenServicePort x y:z says to redirect requests on port x to the + ## address y:z. + +-#HiddenServiceDir @LOCALSTATEDIR@/lib/tor/hidden_service/ ++#HiddenServiceDir @LOCALSTATEDIR@/tor/hidden_service/ + #HiddenServicePort 80 127.0.0.1:80 + +-#HiddenServiceDir @LOCALSTATEDIR@/lib/tor/other_hidden_service/ ++#HiddenServiceDir @LOCALSTATEDIR@/tor/other_hidden_service/ + #HiddenServicePort 80 127.0.0.1:80 + #HiddenServicePort 22 127.0.0.1:22 + +@@ -218,6 +218,8 @@ + ## and any public IPv4 and IPv6 addresses on any interface on the relay. + ## See the man page entry for ExitPolicyRejectPrivate if you want to allow + ## "exit enclaving". ++## Revoke privileges ++User _tor + ## + #ExitPolicy accept *:6660-6667,reject *:* # allow irc ports on IPv4 and IPv6 but no more + #ExitPolicy accept *:119 # accept nntp ports on IPv4 and IPv6 as well as default exit policy diff --git a/net/tor/patches/patch-src_ext_ed25519_donna_ed25519-donna-portable_h b/net/tor/patches/patch-src_ext_ed25519_donna_ed25519-donna-portable_h new file mode 100644 index 0000000..33c0378 --- /dev/null +++ b/net/tor/patches/patch-src_ext_ed25519_donna_ed25519-donna-portable_h @@ -0,0 +1,11 @@ +--- src/ext/ed25519/donna/ed25519-donna-portable.h.orig Fri Dec 11 14:53:44 2015 ++++ src/ext/ed25519/donna/ed25519-donna-portable.h Fri Dec 11 14:53:57 2015 +@@ -50,7 +50,7 @@ + #if defined(__SIZEOF_INT128__) + #define HAVE_NATIVE_UINT128 + typedef unsigned __int128 uint128_t; +- #elif (COMPILER_GCC >= 40400) ++ #elif (COMPILER_GCC >= 40200) + #define HAVE_NATIVE_UINT128 + typedef unsigned uint128_t __attribute__((mode(TI))); + #elif defined(CPU_X86_64) diff --git a/net/tor/patches/patch-src_lib_crypt_ops_crypto_dh_openssl_c b/net/tor/patches/patch-src_lib_crypt_ops_crypto_dh_openssl_c new file mode 100644 index 0000000..300e429 --- /dev/null +++ b/net/tor/patches/patch-src_lib_crypt_ops_crypto_dh_openssl_c @@ -0,0 +1,59 @@ +Fix build with opaque structs in LibreSSL 3.5 + +Index: src/lib/crypt_ops/crypto_dh_openssl.c +--- src/lib/crypt_ops/crypto_dh_openssl.c.orig ++++ src/lib/crypt_ops/crypto_dh_openssl.c +@@ -60,7 +60,7 @@ crypto_validate_dh_params(const BIGNUM *p, const BIGNU + /* Copy into a temporary DH object, just so that DH_check() can be called. */ + if (!(dh = DH_new())) + goto out; +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + BIGNUM *dh_p, *dh_g; + if (!(dh_p = BN_dup(p))) + goto out; +@@ -223,7 +223,7 @@ new_openssl_dh_from_params(BIGNUM *p, BIGNUM *g) + goto err; + } + +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + + if (!DH_set0_pqg(res_dh, dh_p, NULL, dh_g)) { + goto err; +@@ -276,7 +276,7 @@ crypto_dh_get_bytes(crypto_dh_t *dh) + int + crypto_dh_generate_public(crypto_dh_t *dh) + { +-#ifndef OPENSSL_1_1_API ++#if !defined(OPENSSL_1_1_API) && !defined(LIBRESSL_VERSION_NUMBER) + again: + #endif + if (!DH_generate_key(dh->dh)) { +@@ -286,7 +286,7 @@ crypto_dh_generate_public(crypto_dh_t *dh) + return -1; + /* LCOV_EXCL_STOP */ + } +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + /* OpenSSL 1.1.x doesn't appear to let you regenerate a DH key, without + * recreating the DH object. I have no idea what sort of aliasing madness + * can occur here, so do the check, and just bail on failure. +@@ -327,7 +327,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, si + + const BIGNUM *dh_pub; + +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM *dh_priv; + DH_get0_key(dh->dh, &dh_pub, &dh_priv); + #else +@@ -338,7 +338,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, si + if (crypto_dh_generate_public(dh)<0) + return -1; + else { +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + DH_get0_key(dh->dh, &dh_pub, &dh_priv); + #else + dh_pub = dh->dh->pub_key; diff --git a/net/tor/patches/patch-src_lib_crypt_ops_crypto_rsa_openssl_c b/net/tor/patches/patch-src_lib_crypt_ops_crypto_rsa_openssl_c new file mode 100644 index 0000000..24ad667 --- /dev/null +++ b/net/tor/patches/patch-src_lib_crypt_ops_crypto_rsa_openssl_c @@ -0,0 +1,50 @@ +Fix build with opaque structs in LibreSSL 3.5 + +Index: src/lib/crypt_ops/crypto_rsa_openssl.c +--- src/lib/crypt_ops/crypto_rsa_openssl.c.orig ++++ src/lib/crypt_ops/crypto_rsa_openssl.c +@@ -47,7 +47,7 @@ struct crypto_pk_t + int + crypto_pk_key_is_private(const crypto_pk_t *k) + { +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + if (!k || !k->key) + return 0; + +@@ -212,7 +212,7 @@ crypto_pk_public_exponent_ok(const crypto_pk_t *env) + + const BIGNUM *e; + +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM *n, *d; + RSA_get0_key(env->key, &n, &e, &d); + #else +@@ -242,7 +242,7 @@ crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_ + const BIGNUM *a_n, *a_e; + const BIGNUM *b_n, *b_e; + +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM *a_d, *b_d; + RSA_get0_key(a->key, &a_n, &a_e, &a_d); + RSA_get0_key(b->key, &b_n, &b_e, &b_d); +@@ -279,7 +279,7 @@ crypto_pk_num_bits(crypto_pk_t *env) + tor_assert(env); + tor_assert(env->key); + +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + /* It's so stupid that there's no other way to check that n is valid + * before calling RSA_bits(). + */ +@@ -572,7 +572,7 @@ static bool + rsa_private_key_too_long(RSA *rsa, int max_bits) + { + const BIGNUM *n, *e, *p, *q, *d, *dmp1, *dmq1, *iqmp; +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + + #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1) + n = RSA_get0_n(rsa); diff --git a/net/tor/patches/patch-src_lib_tls_x509_openssl_c b/net/tor/patches/patch-src_lib_tls_x509_openssl_c new file mode 100644 index 0000000..75f812e --- /dev/null +++ b/net/tor/patches/patch-src_lib_tls_x509_openssl_c @@ -0,0 +1,14 @@ +Fix build with opaque structs in LibreSSL 3.5 + +Index: src/lib/tls/x509_openssl.c +--- src/lib/tls/x509_openssl.c.orig ++++ src/lib/tls/x509_openssl.c +@@ -329,7 +329,7 @@ tor_tls_cert_is_valid(int severity, + cert_key = X509_get_pubkey(cert->cert); + if (check_rsa_1024 && cert_key) { + RSA *rsa = EVP_PKEY_get1_RSA(cert_key); +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + if (rsa && RSA_bits(rsa) == 1024) { + #else + if (rsa && BN_num_bits(rsa->n) == 1024) { diff --git a/net/tor/patches/patch-src_test_test_crypto_c b/net/tor/patches/patch-src_test_test_crypto_c new file mode 100644 index 0000000..837f2fe --- /dev/null +++ b/net/tor/patches/patch-src_test_test_crypto_c @@ -0,0 +1,14 @@ +Fix build with opaque structs in LibreSSL 3.5 + +Index: src/test/test_crypto.c +--- src/test/test_crypto.c.orig ++++ src/test/test_crypto.c +@@ -185,7 +185,7 @@ test_crypto_dh(void *arg) + dh4 = crypto_dh_new_openssl_tls(); + tt_assert(DH_generate_key(dh4)); + const BIGNUM *pk=NULL; +-#ifdef OPENSSL_1_1_API ++#if defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) + const BIGNUM *sk=NULL; + DH_get0_key(dh4, &pk, &sk); + #else diff --git a/net/tor/patches/patch-src_test_test_crypto_openssl_c b/net/tor/patches/patch-src_test_test_crypto_openssl_c new file mode 100644 index 0000000..1dcb4e3 --- /dev/null +++ b/net/tor/patches/patch-src_test_test_crypto_openssl_c @@ -0,0 +1,14 @@ +Fix build with opaque structs in LibreSSL 3.5 + +Index: src/test/test_crypto_openssl.c +--- src/test/test_crypto_openssl.c.orig ++++ src/test/test_crypto_openssl.c +@@ -49,7 +49,7 @@ test_crypto_rng_engine(void *arg) + ; + } + +-#ifndef OPENSSL_1_1_API ++#if !defined(OPENSSL_1_1_API) && !defined(LIBRESSL_VERSION_NUMBER) + #define EVP_ENCODE_CTX_new() tor_malloc_zero(sizeof(EVP_ENCODE_CTX)) + #define EVP_ENCODE_CTX_free(ctx) tor_free(ctx) + #endif diff --git a/net/tor/pkg/CVS/Entries b/net/tor/pkg/CVS/Entries new file mode 100644 index 0000000..c5bb1a4 --- /dev/null +++ b/net/tor/pkg/CVS/Entries @@ -0,0 +1,4 @@ +/DESCR/1.1.1.1/Sun Sep 26 10:06:29 2004// +/PLIST/1.13/Fri Mar 11 19:47:53 2022// +/tor.rc/1.8/Fri Mar 11 19:47:53 2022// +D diff --git a/net/tor/pkg/CVS/Repository b/net/tor/pkg/CVS/Repository new file mode 100644 index 0000000..6eb8ca9 --- /dev/null +++ b/net/tor/pkg/CVS/Repository @@ -0,0 +1 @@ +ports/net/tor/pkg diff --git a/net/tor/pkg/CVS/Root b/net/tor/pkg/CVS/Root new file mode 100644 index 0000000..3811072 --- /dev/null +++ b/net/tor/pkg/CVS/Root @@ -0,0 +1 @@ +/cvs diff --git a/net/tor/pkg/DESCR b/net/tor/pkg/DESCR new file mode 100644 index 0000000..0dad0bc --- /dev/null +++ b/net/tor/pkg/DESCR @@ -0,0 +1,2 @@ +Tor is a connection-based low-latency anonymous communication system that +protects TCP streams: web browsing, instant messaging, irc, ssh, etc. diff --git a/net/tor/pkg/PLIST b/net/tor/pkg/PLIST new file mode 100644 index 0000000..8ad99fb --- /dev/null +++ b/net/tor/pkg/PLIST @@ -0,0 +1,34 @@ +@newgroup _tor:566 +@newuser _tor:566:566::tor:/nonexistent:/sbin/nologin +@rcscript ${RCDIR}/tor +@bin bin/tor +@bin bin/tor-gencert +@bin bin/tor-print-ed-signing-cert +@bin bin/tor-resolve +@comment bin/torify +@man man/man1/tor-gencert.1 +@man man/man1/tor-print-ed-signing-cert.1 +@man man/man1/tor-resolve.1 +@man man/man1/tor.1 +@comment @man man/man1/torify.1 +share/doc/tor/ +share/doc/tor/TUNING +share/doc/tor/tor-gencert.html +share/doc/tor/tor-print-ed-signing-cert.html +share/doc/tor/tor-resolve.html +share/doc/tor/tor.html +@comment share/doc/tor/torify.html +share/examples/tor/ +@sample ${SYSCONFDIR}/tor/ +share/examples/tor/torrc.sample +@sample ${SYSCONFDIR}/tor/torrc +@mode 0700 +@owner _tor +@group _tor +@sample ${DB_DIR}/ +@mode +@owner +@group +share/tor/ +share/tor/geoip +share/tor/geoip6 diff --git a/net/tor/pkg/tor.rc b/net/tor/pkg/tor.rc new file mode 100644 index 0000000..8c75f86 --- /dev/null +++ b/net/tor/pkg/tor.rc @@ -0,0 +1,10 @@ +#!/bin/ksh + +daemon="${TRUEPREFIX}/bin/tor" +daemon_timeout=60 + +. /etc/rc.d/rc.subr + +rc_stop_signal=INT + +rc_cmd $1