mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
20e608a8f8
Changes in version 0.4.8.10 - 2023-12-08
This is a security release fixing a high severity bug (TROVE-2023-007)
affecting Exit relays supporting Conflux. We strongly recommend to update as
soon as possible.
o Major bugfixes (TROVE-2023-007, exit):
- Improper error propagation from a safety check in conflux leg
linking lead to a desynchronization of which legs were part of a
conflux set, ultimately causing a UAF and NULL pointer dereference
crash on Exit relays. Fixes bug 40897; bugfix on 0.4.8.1-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 08, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/12/08.
o Minor bugfixes (bridges, statistics):
- Correctly report statistics for client count over Pluggable
transport. Fixes bug 40871; bugfix on 0.4.8.4
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
125 lines
4.3 KiB
Plaintext
125 lines
4.3 KiB
Plaintext
###############################################################################
|
|
# #
|
|
# IPFire.org - A linux based firewall #
|
|
# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
|
|
# #
|
|
###############################################################################
|
|
|
|
###############################################################################
|
|
# Definitions
|
|
###############################################################################
|
|
|
|
include Config
|
|
|
|
SUMMARY = Anonymizing overlay network for TCP (The onion router)
|
|
|
|
VER = 0.4.8.10
|
|
|
|
THISAPP = tor-$(VER)
|
|
DL_FILE = $(THISAPP).tar.gz
|
|
DL_FROM = $(URL_IPFIRE)
|
|
DIR_APP = $(DIR_SRC)/$(THISAPP)
|
|
TARGET = $(DIR_INFO)/$(THISAPP)
|
|
PROG = tor
|
|
PAK_VER = 83
|
|
|
|
DEPS = libseccomp
|
|
|
|
SERVICES = tor
|
|
|
|
###############################################################################
|
|
# Top-level Rules
|
|
###############################################################################
|
|
|
|
objects = $(DL_FILE)
|
|
|
|
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
|
|
|
|
$(DL_FILE)_BLAKE2 = ef470664d85e019f6cac2366e934d5dc31b8ae92f121a2b4c8c95f8267abce5ce4413d30a24affa40a069d587212364ae5a7c3cd114488e50a535f01c54c6e77
|
|
|
|
install : $(TARGET)
|
|
|
|
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
|
|
|
|
download :$(patsubst %,$(DIR_DL)/%,$(objects))
|
|
|
|
b2 : $(subst %,%_BLAKE2,$(objects))
|
|
|
|
dist:
|
|
@$(PAK)
|
|
|
|
###############################################################################
|
|
# Downloading, checking, b2sum
|
|
###############################################################################
|
|
|
|
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
|
|
@$(CHECK)
|
|
|
|
$(patsubst %,$(DIR_DL)/%,$(objects)) :
|
|
@$(LOAD)
|
|
|
|
$(subst %,%_BLAKE2,$(objects)) :
|
|
@$(B2SUM)
|
|
|
|
###############################################################################
|
|
# Installation Details
|
|
###############################################################################
|
|
|
|
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
|
|
@$(PREBUILD)
|
|
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
|
|
cd $(DIR_APP) && \
|
|
./configure \
|
|
--prefix=/usr \
|
|
--sysconfdir=/etc \
|
|
--localstatedir=/var \
|
|
--with-tor-user=tor \
|
|
--with-tor-group=tor
|
|
|
|
cd $(DIR_APP) && make $(MAKETUNING)
|
|
cd $(DIR_APP) && make install
|
|
|
|
# Install configuration files.
|
|
mkdir -pv /var/ipfire/tor /var/lib/tor /var/log/tor
|
|
touch /var/ipfire/tor/settings
|
|
mv /etc/tor/torrc.sample /var/ipfire/tor/torrc
|
|
ln -svf /var/ipfire/tor/torrc /etc/tor/torrc
|
|
|
|
# Adjust ownerships.
|
|
chown -R nobody:nobody /var/lib/tor /var/ipfire/tor
|
|
|
|
# Logrotate
|
|
mkdir -pv /etc/logrotate.d
|
|
install -v -m 644 $(DIR_SRC)/config/tor/tor.logrotate \
|
|
/etc/logrotate.d/tor
|
|
|
|
# Defaults
|
|
mkdir -pv /usr/share/tor
|
|
install -v -m 644 $(DIR_SRC)/config/tor/defaults-torrc \
|
|
/usr/share/tor/defaults-torrc
|
|
|
|
# Install initscripts
|
|
$(call INSTALL_INITSCRIPTS,$(SERVICES))
|
|
|
|
# Install start links and backup include file.
|
|
ln -sf ../init.d/tor /etc/rc.d/rc3.d/S60tor
|
|
ln -sf ../init.d/tor /etc/rc.d/rc0.d/K40tor
|
|
ln -sf ../init.d/tor /etc/rc.d/rc6.d/K40tor
|
|
install -v -m 644 $(DIR_SRC)/config/backup/includes/tor \
|
|
/var/ipfire/backup/addons/includes/tor
|
|
@rm -rf $(DIR_APP)
|
|
@$(POSTBUILD)
|