summaryrefslogtreecommitdiff
path: root/repo/util/tor
diff options
context:
space:
mode:
authordavidovski <david@davidovski.xyz>2022-05-07 13:50:28 +0100
committerdavidovski <david@davidovski.xyz>2022-05-07 13:50:28 +0100
commit213021de0aaf5439db7d58ca1447db4ae6af92be (patch)
treea2adcfe44a186f9a61b92c5ca80d38b6f4017fa0 /repo/util/tor
parentfd7adb2f3a9d9d239c90742366aec369966a3a03 (diff)
added tor and xss-lock
Diffstat (limited to 'repo/util/tor')
-rw-r--r--repo/util/tor/0002-disable-wildcard-escaping-test_patch25
-rw-r--r--repo/util/tor/0003-disable-sandbox_chown_filename-test_patch36
-rw-r--r--repo/util/tor/0004-disable-more-sandbox-tests_patch120
-rw-r--r--repo/util/tor/tor.confd13
-rw-r--r--repo/util/tor/tor.initd92
-rw-r--r--repo/util/tor/tor.xibuild44
-rw-r--r--repo/util/tor/torrc.sample.patch27
7 files changed, 357 insertions, 0 deletions
diff --git a/repo/util/tor/0002-disable-wildcard-escaping-test_patch b/repo/util/tor/0002-disable-wildcard-escaping-test_patch
new file mode 100644
index 0000000..ee4f280
--- /dev/null
+++ b/repo/util/tor/0002-disable-wildcard-escaping-test_patch
@@ -0,0 +1,25 @@
+This will only fail on aarch64 and s390x, for some reason.
+--- a/src/test/test_util.c
++++ b/src/test/test_util.c
+@@ -4633,21 +4633,6 @@ test_util_glob(void *ptr)
+ TEST("file1"PATH_SEPARATOR"*");
+ EXPECT_EMPTY();
+
+-#ifndef _WIN32
+- // test wildcard escaping
+- TEST("\\*");
+- EXPECT_EMPTY();
+-
+- if (getuid() != 0) {
+- // test forbidden directory, if we're not root.
+- // (Root will be able to see this directory anyway.)
+- tor_asprintf(&pattern, "%s"PATH_SEPARATOR"*"PATH_SEPARATOR"*", dirname);
+- results = tor_glob(pattern);
+- tor_free(pattern);
+- tt_assert(!results);
+- }
+-#endif /* !defined(_WIN32) */
+-
+ #undef TEST
+ #undef EXPECT
+ #undef EXPECT_EMPTY
diff --git a/repo/util/tor/0003-disable-sandbox_chown_filename-test_patch b/repo/util/tor/0003-disable-sandbox_chown_filename-test_patch
new file mode 100644
index 0000000..3140139
--- /dev/null
+++ b/repo/util/tor/0003-disable-sandbox_chown_filename-test_patch
@@ -0,0 +1,36 @@
+This test fail on armhf, armv7 and aarch64
+--- a/src/test/test_sandbox.c
++++ b/src/test/test_sandbox.c
+@@ -193,24 +193,6 @@ test_sandbox_chmod_filename(void *arg)
+ }
+
+ static void
+-test_sandbox_chown_filename(void *arg)
+-{
+- sandbox_data_t *data = arg;
+- int rc, errsv;
+-
+- if (chown(sandbox_intern_string(data->file_ops_allowed), -1, -1) != 0)
+- tt_abort_perror("chown");
+-
+- rc = chown(data->file_ops_blocked, -1, -1);
+- errsv = errno;
+- tt_int_op(rc, OP_EQ, -1);
+- tt_int_op(errsv, OP_EQ, EPERM);
+-
+- done:
+- (void)0;
+-}
+-
+-static void
+ test_sandbox_rename_filename(void *arg)
+ {
+ sandbox_data_t *data = arg;
+@@ -327,7 +309,6 @@ struct testcase_t sandbox_tests[] = {
+
+ SANDBOX_TEST_IN_SANDBOX(openat_filename),
+ SANDBOX_TEST_IN_SANDBOX(chmod_filename),
+- SANDBOX_TEST_IN_SANDBOX(chown_filename),
+ SANDBOX_TEST_IN_SANDBOX(rename_filename),
+
+ /* Currently the sandbox is unable to filter stat() calls on systems where
diff --git a/repo/util/tor/0004-disable-more-sandbox-tests_patch b/repo/util/tor/0004-disable-more-sandbox-tests_patch
new file mode 100644
index 0000000..7359b23
--- /dev/null
+++ b/repo/util/tor/0004-disable-more-sandbox-tests_patch
@@ -0,0 +1,120 @@
+These tests fail on aarch64
+--- a/src/test/test_sandbox.c
++++ b/src/test/test_sandbox.c
+@@ -148,71 +148,6 @@ test_sandbox_is_active(void *ignored)
+ }
+
+ static void
+-test_sandbox_open_filename(void *arg)
+-{
+- sandbox_data_t *data = arg;
+- int fd, errsv;
+-
+- fd = open(sandbox_intern_string(data->file_ops_allowed), O_RDONLY);
+- if (fd == -1)
+- tt_abort_perror("open");
+- close(fd);
+-
+- /* It might be nice to use sandbox_intern_string() in the line below as well
+- * (and likewise in the test cases that follow) but this would require
+- * capturing the warning message it logs, and the mechanism for doing so
+- * relies on system calls that are normally blocked by the sandbox and may
+- * vary across architectures. */
+- fd = open(data->file_ops_blocked, O_RDONLY);
+- errsv = errno;
+- tt_int_op(fd, OP_EQ, -1);
+- tt_int_op(errsv, OP_EQ, EPERM);
+-
+- done:
+- if (fd >= 0)
+- close(fd);
+-}
+-
+-static void
+-test_sandbox_chmod_filename(void *arg)
+-{
+- sandbox_data_t *data = arg;
+- int rc, errsv;
+-
+- if (chmod(sandbox_intern_string(data->file_ops_allowed),
+- S_IRUSR | S_IWUSR) != 0)
+- tt_abort_perror("chmod");
+-
+- rc = chmod(data->file_ops_blocked, S_IRUSR | S_IWUSR);
+- errsv = errno;
+- tt_int_op(rc, OP_EQ, -1);
+- tt_int_op(errsv, OP_EQ, EPERM);
+-
+- done:
+- (void)0;
+-}
+-
+-static void
+-test_sandbox_rename_filename(void *arg)
+-{
+- sandbox_data_t *data = arg;
+- const char *fname_old = sandbox_intern_string(data->file_ops_allowed),
+- *fname_new = sandbox_intern_string(data->file_rename_target_allowed);
+- int rc, errsv;
+-
+- if (rename(fname_old, fname_new) != 0)
+- tt_abort_perror("rename");
+-
+- rc = rename(fname_new, fname_old);
+- errsv = errno;
+- tt_int_op(rc, OP_EQ, -1);
+- tt_int_op(errsv, OP_EQ, EPERM);
+-
+- done:
+- (void)0;
+-}
+-
+-static void
+ test_sandbox_openat_filename(void *arg)
+ {
+ sandbox_data_t *data = arg;
+@@ -235,28 +170,6 @@ test_sandbox_openat_filename(void *arg)
+ }
+
+ static void
+-test_sandbox_opendir_dirname(void *arg)
+-{
+- sandbox_data_t *data = arg;
+- DIR *dir;
+- int errsv;
+-
+- dir = opendir(sandbox_intern_string(data->dir_ops_allowed));
+- if (dir == NULL)
+- tt_abort_perror("opendir");
+- closedir(dir);
+-
+- dir = opendir(data->dir_ops_blocked);
+- errsv = errno;
+- tt_ptr_op(dir, OP_EQ, NULL);
+- tt_int_op(errsv, OP_EQ, EPERM);
+-
+- done:
+- if (dir)
+- closedir(dir);
+-}
+-
+-static void
+ test_sandbox_stat_filename(void *arg)
+ {
+ sandbox_data_t *data = arg;
+@@ -302,15 +215,8 @@ struct testcase_t sandbox_tests[] = {
+ #ifdef ENABLE_FRAGILE_HARDENING
+ SANDBOX_TEST_SKIPPED(open_filename),
+ SANDBOX_TEST_SKIPPED(opendir_dirname),
+-#else
+- SANDBOX_TEST_IN_SANDBOX(open_filename),
+- SANDBOX_TEST_IN_SANDBOX(opendir_dirname),
+ #endif /* defined(ENABLE_FRAGILE_HARDENING) */
+
+- SANDBOX_TEST_IN_SANDBOX(openat_filename),
+- SANDBOX_TEST_IN_SANDBOX(chmod_filename),
+- SANDBOX_TEST_IN_SANDBOX(rename_filename),
+-
+ /* Currently the sandbox is unable to filter stat() calls on systems where
+ * glibc implements this function using either of the legacy "stat" or "stat64"
+ * system calls, or (in glibc version 2.33 and later) either of the newer
diff --git a/repo/util/tor/tor.confd b/repo/util/tor/tor.confd
new file mode 100644
index 0000000..38a482c
--- /dev/null
+++ b/repo/util/tor/tor.confd
@@ -0,0 +1,13 @@
+# Location of the torrc configuration file.
+#conffile="/etc/tor/torrc"
+
+# User to start the tor daemon.
+# If "User" directive is set in $conffile, then this option is ignored (i.e.
+# tor is started under root, but it setuids to the specified User after start).
+#user="tor"
+
+# Timeout for gracefulstop
+#graceful_timeout="60"
+
+# Set the file limit
+rc_ulimit="-n 30000"
diff --git a/repo/util/tor/tor.initd b/repo/util/tor/tor.initd
new file mode 100644
index 0000000..db8b2cf
--- /dev/null
+++ b/repo/util/tor/tor.initd
@@ -0,0 +1,92 @@
+#!/sbin/openrc-run
+
+: ${conffile:="/etc/tor/torrc"}
+: ${user:="tor"}
+: ${graceful_timeout:="${GRACEFUL_TIMEOUT:-60}"}
+
+command="/usr/bin/tor"
+command_args="-f $conffile --runasdaemon 0"
+command_background="yes"
+start_stop_daemon_args="--chdir /var/lib/tor"
+pidfile="/run/tor/tor.pid"
+
+extra_commands="checkconfig"
+extra_started_commands="gracefulstop reload"
+
+description="Anonymizing overlay network for TCP"
+description_checkconfig="Check if config file is valid."
+description_reload="Reload the configuration."
+# See bug #523552, and https://trac.torproject.org/projects/tor/ticket/5525
+description_gracefulstop="Gracefully stop (wait $gracefulstop until all connections are properly closed)."
+
+
+depend() {
+ need net
+}
+
+checkconfig() {
+ # First check that it exists.
+ if [ ! -f "$conffile" ] ; then
+ eerror "You need to setup $conffile first, see $conffile.sample for example"
+ return 1
+ fi
+
+ # Now verify whether the configuration is valid.
+ # If User directive is set in $conffile, then we must run tor as root,
+ # even --verify-config, otherwise it fails when verifying permissions
+ # of DataDirectory.
+ if conf_has User; then
+ local user="root"
+ fi
+ local out
+ out="$(su -s /bin/sh -c "$command $command_args --verify-config" $user 2>&1)" || {
+ eerror "Tor configuration $conffile is not valid"
+ printf '%s\n' "$out"
+ return 1
+ }
+}
+
+start_pre() {
+ checkconfig || return 1
+
+ # If User directive is set in $conffile, start tor as root and let it
+ # drop privileges itself (may be needed e.g. to bind to a privileged
+ # port). Otherwise run tor as $user (recommended).
+ if conf_has User; then
+ local user="$(conf_get User)"
+ else
+ start_stop_daemon_args="$start_stop_daemon_args --user $user"
+ fi
+
+ if conf_has DataDirectory; then
+ checkpath -d -m 0700 -o "$user" "$(conf_get DataDirectory)"
+ fi
+ checkpath -d -m 0755 -o "$user" "$(dirname "$pidfile")"
+}
+
+gracefulstop() {
+ ebegin "Gracefully stopping Tor, this can take up to $graceful_timeout seconds"
+ start-stop-daemon --stop \
+ --progress \
+ --signal INT \
+ --retry $graceful_timeout \
+ --pidfile "$pidfile" \
+ --exec $command -- $command_args
+ eend $?
+}
+
+reload() {
+ start_pre || return 1
+
+ ebegin "Reloading Tor configuration"
+ start-stop-daemon --signal HUP --pidfile "$pidfile"
+ eend $?
+}
+
+conf_get() {
+ sed -n "s/^\s*$1 \([^#]*\)/\1/p" "$conffile"
+}
+
+conf_has() {
+ grep -q "^\s*$1 " "$conffile"
+}
diff --git a/repo/util/tor/tor.xibuild b/repo/util/tor/tor.xibuild
new file mode 100644
index 0000000..92b719d
--- /dev/null
+++ b/repo/util/tor/tor.xibuild
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+NAME="tor"
+DESC="Anonymous network connectivity"
+
+MAKEDEPS="make "
+DEPS="libcap libseccomp libevent openssl cacerts zlib xz zstd "
+
+PKG_VER=0.4.7.7
+SOURCE="https://www.torproject.org/dist/tor-$PKG_VER.tar.gz"
+ADDITIONAL="torrc.sample.patch tor.initd tor.confd"
+
+prepare () {
+ apply_patches
+}
+
+build () {
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --mandir=/usr/share/man \
+ --disable-html-manual
+ make
+
+}
+
+package () {
+ make DESTDIR="$PKG_DEST" install
+
+ install -dm0755 -o "tor" \
+ "$PKG_DEST"/var/lib/"tor" \
+ "$PKG_DEST"/var/log/"tor"
+
+ install -Dm0755 "tor".initd \
+ "$PKG_DEST"/etc/init.d/"tor"
+ install -Dm0644 "tor".confd \
+ "$PKG_DEST"/etc/conf.d/"tor"
+}
+
+postinstall () {
+ adduser -S -D -H -h /var/lib/tor -s /sbin/nologin -g tor tor 2>/dev/null
+ exit 0
+}
diff --git a/repo/util/tor/torrc.sample.patch b/repo/util/tor/torrc.sample.patch
new file mode 100644
index 0000000..3360e98
--- /dev/null
+++ b/repo/util/tor/torrc.sample.patch
@@ -0,0 +1,27 @@
+--- a/src/config/torrc.sample.in
++++ b/src/config/torrc.sample.in
+@@ -35,7 +35,7 @@
+ ## may provide sensitive information to an attacker who obtains the logs.
+ ##
+ ## Send all messages of level 'notice' or higher to @LOCALSTATEDIR@/log/tor/notices.log
+-#Log notice file @LOCALSTATEDIR@/log/tor/notices.log
++Log notice file @LOCALSTATEDIR@/log/tor/notices.log
+ ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
+ #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
+ ## Use the system log instead of Tor's logfiles
+@@ -43,14 +43,9 @@
+ ## To send all messages to stderr:
+ #Log debug stderr
+
+-## Uncomment this to start the process in the background... or use
+-## --runasdaemon 1 on the command line. This is ignored on Windows;
+-## see the FAQ entry if you want Tor to run as an NT service.
+-#RunAsDaemon 1
+-
+ ## The directory for keeping all the keys/etc. By default, we store
+ ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+-#DataDirectory @LOCALSTATEDIR@/lib/tor
++DataDirectory @LOCALSTATEDIR@/lib/tor
+
+ ## The port on which Tor will listen for local connections from Tor
+ ## controller applications, as documented in control-spec.txt.