webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 03:25:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e2dfefea71c8c189a33a1daeeb0f00798e08cc2
bpfire/lfs/tor
Peter Müller 9446956679 Tor: Update to 0.4.8.9 
Changes in version 0.4.8.9 - 2023-11-09
  This is another security release fixing a high severity bug affecting onion
  services which is tracked by TROVE-2023-006. We are also releasing a guard
  major bugfix as well. If you are an onion service operator, we strongly
  recommend to update as soon as possible.

  o Major bugfixes (guard usage):
    - When Tor excluded a guard due to temporary circuit restrictions,
      it considered *additional* primary guards for potential usage by
      that circuit. This could result in more than the specified number
      of guards (currently 2) being used, long-term, by the tor client.
      This could happen when a Guard was also selected as an Exit node,
      but it was exacerbated by the Conflux guard restrictions. Both
      instances have been fixed. Fixes bug 40876; bugfix
      on 0.3.0.1-alpha.

  o Major bugfixes (onion service, TROVE-2023-006):
    - Fix a possible hard assert on a NULL pointer when recording a
      failed rendezvous circuit on the service side for the MetricsPort.
      Fixes bug 40883; bugfix on 0.4.8.1-alpha

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on November 09, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/11/09.

Changes in version 0.4.8.8 - 2023-11-03
  We are releasing today a fix for a high security issue, TROVE-2023-004, that
  is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
  as soon as posssible.

  o Major bugfixes (TROVE-2023-004, relay):
    - Mitigate an issue when Tor compiled with OpenSSL can crash during
      handshake with a remote relay. Fixes bug 40874; bugfix
      on 0.2.7.2-alpha.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on November 03, 2023.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2023/11/03.

  o Minor bugfixes (directory authority):
    - Look at the network parameter "maxunmeasuredbw" with the correct
      spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.

  o Minor bugfixes (vanguards addon support):
    - Count the conflux linked cell as valid when it is successfully
      processed. This will quiet a spurious warn in the vanguards addon.
      Fixes bug 40878; bugfix on 0.4.8.1-alpha.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
2023-11-22 16:14:54 +00:00

125 lines
4.3 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
SUMMARY = Anonymizing overlay network for TCP (The onion router)
VER = 0.4.8.9
THISAPP = tor-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tor
PAK_VER = 82
DEPS = libseccomp
SERVICES = tor
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_BLAKE2 = a2d8cc8e60f162930d64d191af1893cb4060a8d98c16560c9ba30e0a9a0fd9cce2132573ca4db7b8b6e002f127f06b53fc5aea5fb6e8795c10f73671d14d9190
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
b2 : $(subst %,%_BLAKE2,$(objects))
dist:
@$(PAK)
###############################################################################
# Downloading, checking, b2sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_BLAKE2,$(objects)) :
@$(B2SUM)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--localstatedir=/var \
--with-tor-user=tor \
--with-tor-group=tor
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
# Install configuration files.
mkdir -pv /var/ipfire/tor /var/lib/tor /var/log/tor
touch /var/ipfire/tor/settings
mv /etc/tor/torrc.sample /var/ipfire/tor/torrc
ln -svf /var/ipfire/tor/torrc /etc/tor/torrc
# Adjust ownerships.
chown -R nobody:nobody /var/lib/tor /var/ipfire/tor
# Logrotate
mkdir -pv /etc/logrotate.d
install -v -m 644 $(DIR_SRC)/config/tor/tor.logrotate \
/etc/logrotate.d/tor
# Defaults
mkdir -pv /usr/share/tor
install -v -m 644 $(DIR_SRC)/config/tor/defaults-torrc \
/usr/share/tor/defaults-torrc
# Install initscripts
$(call INSTALL_INITSCRIPTS,$(SERVICES))
# Install start links and backup include file.
ln -sf ../init.d/tor /etc/rc.d/rc3.d/S60tor
ln -sf ../init.d/tor /etc/rc.d/rc0.d/K40tor
ln -sf ../init.d/tor /etc/rc.d/rc6.d/K40tor
install -v -m 644 $(DIR_SRC)/config/backup/includes/tor \
/var/ipfire/backup/addons/includes/tor
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink