/
Portfile
128 lines (108 loc) · 5.21 KB
/
Portfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
PortSystem 1.0
PortGroup compiler_blacklist_versions 1.0
PortGroup openssl 1.0
name tor
conflicts tor-devel
version 0.4.8.8
revision 0
categories security net
platforms darwin
maintainers {i0ntempest @i0ntempest} openmaintainer
license BSD
description anonymizing overlay network for TCP
long_description Tor provides a distributed network of servers \
(onion routers). Users bounce their TCP streams \
(web traffic, FTP, SSH, etc.) around the \
routers. This makes it hard for recipients, \
observers, and even the onion routers \
themselves to track the source of the stream.
homepage https://www.torproject.org/
master_sites https://dist.torproject.org/
checksums rmd160 b7dab80b87600cb7af8f4082cd197243b65650b1 \
sha256 21bbe908cafeabff04636d26293540aa9366eb1cf389bc65dc2476c93e688004 \
size 8261891
depends_lib-append port:libevent \
port:zlib
set torUser _tor
set torGroup _tor
add_users ${torUser} group=${torGroup} home=${prefix}/var/lib/${name}
# src/core/or/conflux_pool.h:39: error: redefinition of typedef ‘conflux_t’
# src/core/or/conflux.h:15: error: previous declaration of ‘conflux_t’ was here
compiler.blacklist-append \
{*gcc-[34].*} {clang < 400}
configure.args-append \
--disable-silent-rules
# https://gitweb.torproject.org/torspec.git/tree/proposals/278-directory-compression-scheme-negotiation.txt
# All clients should aim at supporting the same set of supported compression schemes to avoid fingerprinting.
configure.args-append \
--disable-lzma \
--disable-zstd
# Xcode 14: ld: archive member '__.SYMDEF SORTED' is not mach-o or llvm bitcode file
patchfiles-append patch-remove-symdef.patch
post-destroot {
# Create a working torrc file with basic, locked-down permissions
xinstall -o ${torUser} -g ${torGroup} -m 0640 ${destroot}${prefix}/etc/${name}/torrc.sample ${destroot}${prefix}/etc/${name}/torrc
system -W ${destroot}${prefix}/etc/${name} "cat >> torrc <<LOCAL_TOR_CONFIGURATION
# Local Tor configuration
SocksPolicy accept 127.0.0.1 # accept only localhost connections
SocksPolicy reject *
ExitPolicy reject *:* # no exits allowed
DataDirectory ${prefix}/var/lib/${name}
PidFile ${prefix}/var/run/${name}/${name}.pid
# tor process uid
User ${torUser}
LOCAL_TOR_CONFIGURATION"
# backup torrc files
if {[file exists ${prefix}/etc/${name}/torrc]} {
move ${destroot}${prefix}/etc/${name}/torrc \
${destroot}${prefix}/etc/${name}/torrc.new
copy ${prefix}/etc/${name}/torrc \
${destroot}${prefix}/etc/${name}/torrc.mp_backup
file attributes ${destroot}${prefix}/etc/${name}/torrc.mp_backup \
-owner ${torUser} -group ${torGroup} \
-permissions 0660
}
}
post-activate {
# DataDirectory and PID file Ddirectory permissions
system "chown ${torUser}:${torGroup} ${prefix}/var/lib/${name}"
system "chmod 0750 ${prefix}/var/lib/${name}"
system "chown ${torUser}:${torGroup} ${prefix}/var/run/${name}"
system "chmod 0750 ${prefix}/var/run/${name}"
if {![file exists ${prefix}/etc/${name}/torrc]} {
# restore config files
if {[file exists ${prefix}/etc/${name}/torrc.mp_backup]} {
copy ${prefix}/etc/${name}/torrc.mp_backup \
${prefix}/etc/${name}/torrc
} else {
copy ${prefix}/etc/${name}/torrc.new \
${prefix}/etc/${name}/torrc
}
file attributes ${prefix}/etc/${name}/torrc \
-owner ${torUser} -group ${torGroup} \
-permissions 0660
}
}
test.run yes
test.target check
platform darwin {
startupitem.create yes
startupitem.name Tor
startupitem.start "\[ -f \"${prefix}/etc/${name}/torrc\" \] \\"
startupitem.start-append "\t&& ${prefix}/bin/${name} \\"
startupitem.start-append "\t\t-f ${prefix}/etc/${name}/torrc 2>/dev/null"
startupitem.stop "if \[ -f \"${prefix}/var/run/${name}/${name}.pid\" \]; then"
startupitem.stop-append "\tkill `cat ${prefix}/var/run/${name}/${name}.pid` \\"
startupitem.stop-append "\t\t&& rm -f ${prefix}/var/run/${name}/${name}.pid"
startupitem.stop-append "else"
startupitem.stop-append "\t/usr/bin/killall -SIGUSR1 ${name} 2>/dev/null"
startupitem.stop-append "fi"
startupitem.pidfile none ${prefix}/var/run/${name}/${name}.pid
}
destroot.keepdirs ${destroot}${prefix}/var/lib/${name} \
${destroot}${prefix}/var/run/${name} \
${destroot}${prefix}/var/log/${name}
livecheck.type regex
livecheck.url ${master_sites}?C=M\;O=D
livecheck.regex ${name}-(\\d+\\.\\d+\\.\\d+\\.\\d+)${extract.suffix}