--- tor-0.2.7.6.orig/debian/README.Debian +++ tor-0.2.7.6/debian/README.Debian @@ -0,0 +1,20 @@ +This is the Debian package for Tor, The Onion Router. + +If Tor is started by init, it loads the configuration snippets from +/usr/share/tor/tor-service-defaults-torrc before consulting /etc/tor/torrc. + +The tor-service-defaults-torrc file tells Tor to run as daemon, create +pidfile, sets its data directory and configures cookie authentication. + +If Tor is started not from the init script, then it will behave like +upstream's Tor. + +As of 0.2.7.4, the package supports running multiple instances of Tor +under systemd. Please consult the tor-instance-create(8) manpage +for details. + +-- +Peter Palfrader, Mon, 24 Jul 2006 05:20:30 +0200 + Sat, 23 Feb 2008 13:44:40 +0100 + Wed, 11 Jan 2012 21:31:44 +0100 + Mon, 19 Oct 2015 18:21:24 +0200 --- tor-0.2.7.6.orig/debian/README.polipo +++ tor-0.2.7.6/debian/README.polipo @@ -0,0 +1,10 @@ +Polipo is a http proxy that makes it easer to use Tor with a browser. + +In order to make polipo use Tor, add the following to /etc/polipo/config: + socksParentProxy = localhost:9050 + socksProxyType = socks5 +You should then point your browser at localhost:8123 . + +If you are concerned about cached data remaining on your disk, you +should also add + diskCacheRoot= --- tor-0.2.7.6.orig/debian/README.privoxy +++ tor-0.2.7.6/debian/README.privoxy @@ -0,0 +1,18 @@ +Tor only provides TCP layer anonymity. It does not do any protocol +cleaning, so if you are going to browse the web you still give away a +lot of information to servers. + +The privoxy package provides a privacy enhancing HTTP proxy, which +is good at filtering headers, cookies, and much more. To view the +description of the Debian privoxy package just run "apt-cache show +privoxy". Please refer to the privoxy documentation for more details. + +In order to use privoxy over tor, add the following line to your +privoxy configuration file ( /etc/privoxy/config ) : + forward-socks5 / localhost:9050 . +(the dot is important) + +Then configure your browser to use privoxy as its HTTP proxy. + +-- +Peter Palfrader , Tue, 17 Feb 2004 02:15:36 +0100 --- tor-0.2.7.6.orig/debian/changelog +++ tor-0.2.7.6/debian/changelog @@ -0,0 +1,2333 @@ +tor (0.2.7.6-1ubuntu1) xenial; urgency=low + + * Merge from Debian unstable. Remaining changes: + - Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf]. + + -- Gianfranco Costamagna Tue, 22 Mar 2016 13:59:13 +0100 + +tor (0.2.7.6-1) unstable; urgency=high + + * New upstream version. + - Actually look at the Guard flag when selecting a new directory + guard. + * Actually install tor-instance-create.8 manpage. + * Change the apparmor profile tor allow Tor to access the systemd + notification socket. Thanks for regar42. Closes Tor#17693. + * tor-instance-create: Do systemctl daemon-reload *after* writing the + new torrc. + + -- Peter Palfrader Thu, 10 Dec 2015 21:48:34 +0100 + +tor (0.2.7.5-1) unstable; urgency=medium + + * New upstream version, upload 0.2.7.x tree to unstable. + + -- Peter Palfrader Fri, 20 Nov 2015 16:37:29 +0100 + +tor (0.2.7.4-rc-1) experimental; urgency=medium + + * New upstream version. + * Include identity tag for syslog logging feature from master. This is + bug#17194 upstream. + * Support multiple instances (closes: #791393). + * Split systemd service timeout into start and stop timeout, and raise + them to 120 and 60 seconds from 45 (closes: tor#16398). + * Enable apparmor support for the default tor service (re: #761404). + Apparmor is not yet being enabled for any other tor instance. + + -- Peter Palfrader Thu, 22 Oct 2015 16:09:01 +0200 + +tor (0.2.7.3-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Fri, 25 Sep 2015 16:08:26 +0200 + +tor (0.2.7.2-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Mon, 27 Jul 2015 20:49:14 +0200 + +tor (0.2.6.10-1ubuntu2) wily; urgency=medium + + * Limit the seccomp build-dependency to [amd64 i386 x32 armel armhf]. + Fails on other archs with + error: 'mcontext_t {aka struct sigcontext}' has no member named 'M_SYSCALL'. + + -- Matthias Klose Mon, 05 Oct 2015 10:56:51 +0200 + +tor (0.2.6.10-1ubuntu1) wily; urgency=medium + + * Build using libseccomp on all architectures. + + -- Matthias Klose Sat, 03 Oct 2015 21:08:21 +0200 + +tor (0.2.6.10-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 13 Jul 2015 18:05:34 +0200 + +tor (0.2.6.9-1) unstable; urgency=medium + + * New upstream version. + * Drop do-not-require-systemd and fix-sandbox-use-with-systemd.-bug-16212 + patches as they are included upstream now. + + -- Peter Palfrader Fri, 12 Jun 2015 22:01:42 +0200 + +tor (0.2.6.8-5) unstable; urgency=medium + + * Sandboxing, when enabled, would prevent tor from working when + started from systemd, as tor wasn't allowed to create a + UNIX datagram socket. Include that patch from upstream's git. + + -- Peter Palfrader Sat, 30 May 2015 16:44:27 +0200 + +tor (0.2.6.8-4) unstable; urgency=medium + + * Remove whitespace around = in the systemd service file. Apparently + the spaces confuse deb-systemd-helper, which then resulted in Tor + not being automatically started on boot (see #786418). + * Remove obsolete After=syslog.target from systemd service file. + + -- Peter Palfrader Mon, 25 May 2015 22:02:39 +0200 + +tor (0.2.6.8-3) unstable; urgency=low + + * debian/rules: Change order of --with commands to dh to ensure + that we patch before calling autoreconf. + + -- Peter Palfrader Sun, 24 May 2015 08:58:18 +0200 + +tor (0.2.6.8-2) unstable; urgency=low + + * debian/control: Depend on dh-systemd, libsystemd-dev, and pkg-config + only on linux-any. + * debian/rules: Build with systemd only if DEB_HOST_ARCH_OS is linux. + * patch upstream's configure.ac to check for the existance of + libsystemd rather than systemd. + + -- Peter Palfrader Sat, 23 May 2015 16:28:30 +0200 + +tor (0.2.6.8-1) unstable; urgency=medium + + * New upstream version, upload 0.2.6.x tree to unstable. + * Ship a systemd .service file (closes: #761403). + Thanks to intrigeri and Arto Jantunen. + - Build depend on dh-systemd, libsystemd-dev, pkg-config. + - Build with --enable-systemd. + * Autoreconf on build (closes: #783729). + - Build depend on dh-autoreconf. + + -- Peter Palfrader Sat, 23 May 2015 09:57:44 +0200 + +tor (0.2.6.7-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 06 Apr 2015 17:17:44 +0200 + +tor (0.2.6.6-1) experimental; urgency=medium + + * New upstream version. + * Stick to experimental for now to keep unstable open as a track to jessie. + + -- Peter Palfrader Tue, 24 Mar 2015 21:56:04 +0100 + +tor (0.2.6.5-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 19 Mar 2015 14:55:37 +0100 + +tor (0.2.6.4-rc-1) experimental; urgency=medium + + * New upstream version. + * Build with --enable-gcc-warnings-advisory. + + -- Peter Palfrader Mon, 23 Feb 2015 18:39:37 +0100 + +tor (0.2.6.3-alpha-1) experimental; urgency=medium + + * New upstream version. + * [intrigeri] + + apparmor policy: Allow execution of /usr/bin/obfs4proxy (closes: #777592). + * Run restorecon on /var/lib/tor /var/run/tor /var/log/tor in postinst (closes: #776352). + * Suggests cleanup: + + Stop suggesting xul-ext-torbutton, suggest torbrowser-launcher instead. + + Stop suggesting polipo (>= 1) | privoxy - those are no longer considered + good means to browser the web with Tor. + + Suggest obfs4proxy in addition to obfsproxy. + + -- Peter Palfrader Fri, 20 Feb 2015 11:34:40 +0100 + +tor (0.2.6.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 01 Jan 2015 16:15:59 +0100 + +tor (0.2.6.1-alpha-1) experimental; urgency=medium + + * New upstream version. + * New upstream tree in experimental: 0.2.6.x. + + -- Peter Palfrader Thu, 06 Nov 2014 15:40:23 +0100 + +tor (0.2.5.10-1) unstable; urgency=medium + + * New upstream version. + * Use "service tor reload", guarded by "service tor status" in logrotate + instead as suggested by Dirk Griesbach (closes: #765407). + + -- Peter Palfrader Fri, 24 Oct 2014 16:05:28 +0200 + +tor (0.2.5.9-rc-1) unstable; urgency=medium + + * New upstream version. + - Disabled SSLv3 unconditionally. As a by-product, this means + that we no longer die in SSLv3 cleanup code in what is likely + an openssl bug introduced in 1.0.1j (closes: 765968). + * logrotate script: call invoke-rc.d tor reload instead of + /etc/init.d/tor reload. This way, if tor is properly disabled, we will + not try to reload tor. (closes: #765407). + + -- Peter Palfrader Mon, 20 Oct 2014 21:01:01 +0200 + +tor (0.2.5.8-rc-1) unstable; urgency=medium + + * New upstream version. Upload to unstable. + + -- Peter Palfrader Tue, 23 Sep 2014 11:06:10 +0200 + +tor (0.2.5.7-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Fri, 12 Sep 2014 16:56:10 +0200 + +tor (0.2.5.6-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 28 Jul 2014 22:41:37 +0200 + +tor (0.2.5.5-alpha-1) experimental; urgency=low + + * New upstream version. + * upstream contrib/ directory cleanup, requires adapting paths in + tor.docs and tor.install: + - torify moved to contrib/client-tools/ + - tor-exit-notice.html moved to contrib/operator-tools/ + * Restrict build dependency on libseccomp-dev to amd64 and i386 only. + Build-Conflict with it on the other archs. + + -- Peter Palfrader Thu, 19 Jun 2014 08:06:11 +0200 + +tor (0.2.5.4-alpha-1) experimental; urgency=low + + * New upstream version. + * Build depend on libseccomp-dev. + + -- Peter Palfrader Sat, 26 Apr 2014 09:01:00 +0200 + +tor (0.2.5.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Add obfsproxy to suggests. + * Apparmor policy: Allow executing /usr/bin/obfsproxy - thanks to + intrigeri for the patch (closes: #739279). + + -- Peter Palfrader Sun, 23 Mar 2014 07:39:17 +0100 + +tor (0.2.5.2-alpha-1) experimental; urgency=low + + * New upstream version. + * From 0.2.4.20-1: + + init script: make /var/log/tor if it does not exist anymore + (closes: #732572). + + -- Peter Palfrader Thu, 13 Feb 2014 23:44:03 +0100 + +tor (0.2.5.1-alpha-1) experimental; urgency=low + + * New upstream tree, new upstream version. + * Current alpha no longer /builds/ contrib/torify, it just ships it. + Adapt debian/tor.install to get it from contrib/torify instead of + build/contrib/torify. + + -- Peter Palfrader Tue, 01 Oct 2013 20:28:59 +0200 + +tor (0.2.4.17-rc-2) UNRELEASED; urgency=low + + * Re-add a few 'exit 1' statements on errors that got lost while + updating the init script to fancy LSB style output (closes: #722153). + * Mention the DisableDebuggerAttachment setting next to the ulimit -c + line in /etc/default/tor (closes: #723801). + + -- Peter Palfrader Sun, 08 Sep 2013 16:49:04 +0200 + +tor (0.2.4.17-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 05 Sep 2013 15:00:08 +0200 + +tor (0.2.4.16-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 11 Aug 2013 00:31:17 +0200 + +tor (0.2.4.15-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 03 Jul 2013 20:58:53 +0200 + +tor (0.2.4.14-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 18 Jun 2013 22:21:36 +0200 + +tor (0.2.4.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 17 Jun 2013 12:18:16 +0200 + +tor (0.2.4.12-alpha-2) experimental; urgency=low + + * No longer change tor manpage to be in section 8. + * No longer move tor from usr/bin to /usr/sbin after make install. + We now install tor into the same place as upstream. Having it in + the default user path makes it easier for users who want to run + tor themselves. + * Install a compatibility symlink in /usr/sbin. + * Change relation form from (< version) to (<< version) in the tor-geoip + package. + * Update debian/watch file. + * Clean up old /etc/tor/tor-tsocks.conf conffile (closes: #705785). + This requires debhelper >= 8.1.0~, adapt build-dependency accordingly. + + -- Peter Palfrader Wed, 08 May 2013 18:03:36 +0200 + +tor (0.2.4.12-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 03_tor_manpage_in_section_8.dpatch: torify.1 no longer + references tsocks. + * No longer install contrib/tor-tsocks.conf - it was dropped upstream. + * Update year in debian/copyright. + + -- Peter Palfrader Thu, 18 Apr 2013 16:04:29 +0200 + +tor (0.2.4.11-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 11 Mar 2013 22:46:51 +0100 + +tor (0.2.4.10-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 05 Feb 2013 00:08:36 +0100 + +tor (0.2.4.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Build-Conflict with libnacl-dev so that we don't pull it in accidentally. + For now Tor doesn't manage to use it on at least amd64 anyway, but that + may change. We should review this decision once we know how things work + and where we want to use nacl. + * Move the geoip6 file to the tor-geoip package (spotted by George + Kargiotakis) + * add appropriate Replaces and Breaks to the tor-geoip package for + tor < 0.2.4.8 since we moved a file to tor-geoip. + * If $DAEMON $VERIFY_ARGS fails, call use the same arguments for + finding the errors and not $DAEMON --verify-config. + + -- Peter Palfrader Wed, 16 Jan 2013 11:05:43 +0100 + +tor (0.2.4.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 25 Dec 2012 21:23:49 +0100 + +tor (0.2.4.6-alpha-1) experimental; urgency=low + + * New upstream version. + * Update debian/copyright file somewhat. + + -- Peter Palfrader Tue, 13 Nov 2012 11:28:25 +0100 + +tor (0.2.4.5-alpha-1) experimental; urgency=high + + * New upstream version: + - Fix a group of remotely triggerable assertion failures related to + incorrect link protocol negotiation. Found, diagnosed, and fixed + by "some guy from France". Fix for CVE-2012-2250; bugfix on + 0.2.3.6-alpha. + - Fix a denial of service attack by which any directory authority + could crash all the others, or by which a single v2 directory + authority could crash everybody downloading v2 directory + information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. + - and more. + + -- Peter Palfrader Fri, 26 Oct 2012 09:17:33 +0200 + +tor (0.2.4.4-alpha-1) experimental; urgency=low + + * New upstream version. + o Major bugfixes (security/privacy, also in 0.2.3.23-rc): + - Disable TLS session tickets. OpenSSL's implementation was giving + our TLS session keys the lifetime of our TLS context objects, when + perfect forward secrecy would want us to discard anything that + could decrypt a link connection as soon as the link connection + was closed. Fixes bug 7139; bugfix on all versions of Tor linked + against OpenSSL 1.0.0 or later. Found by Florent Daignière. + - Discard extraneous renegotiation attempts once the V3 link + protocol has been initiated. Failure to do so left us open to + a remotely triggerable assertion failure. Fixes CVE-2012-2249; + bugfix on 0.2.3.6-alpha. Reported by "some guy from France". + o And more. For details please see the upstream changelog. + * Add debian/source.lintian-overrides for + rc-version-greater-than-expected-version, similar to what we have for + the binary packages. + + -- Peter Palfrader Mon, 22 Oct 2012 11:52:48 +0200 + +tor (0.2.4.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove debian/patches/02_add_debian_files_in_manpage which hasn't been + enabled for over five years now. + * Update and fix a minor whitespace issue in + debian/patches/14_fix_geoip_warning. + * remove obsolete debian/TODO file. + * Use dh_lintian to install the override file for tor-geoipdb. Requires + changing debhelper build dependency to >= 6 from >= 5, and renaming + debian/tor-geoipdb.lintian-override to tor-geoipdb.lintian-overrides. + * Use dh_link to create the /usr/share/doc/tor-dbg -> tor symlink in + tor-dbg. Also call dh_link before dh_install*, so that nothing creates a + /usr/share/doc/tor-dbg directory. + * No longer call dh_link with arguments to create the + /usr/share/man/man5/torrc.5 -> ../man8/tor.8 symlink in the tor package, + instead create and populate debian/tor.links accordingly. + * Call configure with --disable-silent-rules, so we actually see what + the build did in a log. + * Try to patch upstream's documenation build system so it does what we want + rather than duplicating parts of it in debian/rules. This will fix a bug + where we would end up with empty .html documentation if building from the + source source tree more than once. + * Upstream no longer installs /usr/bin/tor-control.py, so no need to remove + it in debian/rules. + * No longer try to symlink the changelogs for tor-geoipdb from the tor + package. Frist, this has been broken as dh_installchangelogs stomps all + over our symlinks. Second, the tor and tor-geoipdb package may be of + different versions, so a symlink is probably the wrong thing in the + first place. + * Add lintian overrides for all three binary packages for + rc-version-greater-than-expected-version. Tor's version scheme is sane. + + -- Peter Palfrader Sat, 22 Sep 2012 12:31:29 +0200 + +tor (0.2.4.2-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 11 Sep 2012 08:45:17 +0200 + +tor (0.2.4.1-alpha-1) experimental; urgency=low + + [ Peter Palfrader ] + * New upstream version (starts 0.2.4.x tree). + * Forward port debian/patches/03_tor_manpage_in_section_8. + + [ Stefano Zacchiroli ] + * README.privoxy, README.polipo: explicitly set socks type to socks5. + + -- Peter Palfrader Sat, 08 Sep 2012 13:12:54 +0200 + +tor (0.2.3.21-rc-1) unstable; urgency=low + + * New upstream version, changes including: + - Tear down the circuit if we get an unexpected SENDME cell. Clients + could use this trick to make their circuits receive cells faster + than our flow control would have allowed, or to gum up the network, + or possibly to do targeted memory denial-of-service attacks on + entry nodes. + - Reject any attempt to extend to an internal address. Without + this fix, a router could be used to probe addresses on an internal + network to see whether they were accepting connections. + - Do not crash when comparing an address with port value 0 to an + address policy. + For details please see the upstream changelog. + + -- Peter Palfrader Fri, 07 Sep 2012 12:25:17 +0200 + +tor (0.2.3.20-rc-1) unstable; urgency=low + + * New upstream version, including a couple security fixes: + - Avoid read-from-freed-memory and double-free bugs that could occur + when a DNS request fails while launching it. Fixes bug 6480. + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. Fixes bug 6530. + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. + * Suggest the tor-arm controller. + * Improve long descriptions with Roger's help. + * Use https:// instead of git:// for the Vcs-Git URL. + + -- Peter Palfrader Tue, 07 Aug 2012 23:13:18 +0200 + +tor (0.2.3.19-rc-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 07 Jul 2012 12:15:49 +0200 + +tor (0.2.3.18-rc-1) unstable; urgency=low + + * New upstream version. + * Remove debian/patches/15_longer_test_timeout - something similar has been + incorporated upstream (Re: Tor#6227). + * Re-enable apparmor, if available: Instead of confining /usr/sbin/tor by + default, we now only confine the daemon that is launched from the init + script. We do this by calling aa-exec with the appropriate flags, if it + is installed. Therefore also suggest apparmor-utils. + + -- Peter Palfrader Fri, 29 Jun 2012 12:03:30 +0200 + +tor (0.2.3.17-beta-3) unstable; urgency=low + + * Apply the correct SE-Linux label to /var/run/tor when creating the + directory in the init script (closes: #678362). Thanks to Russell Coker. + * Hack up the unit tests to wait longer for the thread test to finish. + This is not a real fix, but it will probably make it more likely that + we successfully build on our mips/octeon machines (Re: Tor#6227). + + -- Peter Palfrader Sun, 24 Jun 2012 16:13:35 +0200 + +tor (0.2.3.17-beta-2) unstable; urgency=low + + * Shipping and enabling the apparmor policy by default causes Tor to + break for users who have apparmor enabled in enforcind mode and + that, either in addition to or instead of running Tor as a system + service (i.e. /etc/init.d/tor), also run Tor as their user or in + some other means like launched from vidalia. Therefore: + . + - No longer install apparmor policy by default. It can be found in + /usr/share/doc/tor if anybody is interested. + - No longer build-depend on dh-apparmor, or suggest apparmor. + - Also, clean up and remove old /etc/apparmor.d/usr.sbin.tor files + on upgrade if they have not been changed by the user. + . + These changes relate to Debian Bug #670525 and fixes Tor ticket #6188. + + -- Peter Palfrader Mon, 18 Jun 2012 14:21:36 +0200 + +tor (0.2.3.17-beta-1) unstable; urgency=low + + * New upstream version. + * apparmor policy: + - allow access to /var/log/tor/* and not just /var/log/tor/log*, + * No longer create /var/run/tor in postint if it does not exist - + the init script should take care of that. + * Change the output of the init script to use lsb* functions: + - Depend on lsb-base. + - Makes the output pretty (closes: #676843) + * Also, in the init script we are now less verbose, unless VERBOSE is + set to yes in /etc/default/rcS (see the rcS(5) manual page): + - pass --hush to tor on startup, so only warnings and errors are + displayed, hiding any notice level log output, + - do not report raising ulimit -n. + + -- Peter Palfrader Fri, 15 Jun 2012 15:26:38 +0200 + +tor (0.2.3.16-alpha-1) experimental; urgency=medium + + * New upstream version. + - Work around a bug in OpenSSL that broke renegotiation with TLS + 1.1 and TLS 1.2. Without this workaround, all attempts to speak + the v2 Tor connection protocol when both sides were using OpenSSL + 1.0.1 would fail. Resolves ticket 6033. + - and more - please consult upstream changelog. + * Include apparmor profile. Thanks to intrigeri (closes: #670525). + + -- Peter Palfrader Wed, 06 Jun 2012 11:09:59 +0200 + +tor (0.2.3.15-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 30 Apr 2012 23:18:41 +0200 + +tor (0.2.3.14-alpha-1) experimental; urgency=low + + * New upstream version. + - No longer need backported 45ace4844b020cb754d3bb65f1021bfeb5115f9e + from master to fix a test suite stack overflow. + * torify now no longer can use tsocks. Change recommends from + torsocks | tsocks to just torsocks. + + -- Peter Palfrader Tue, 24 Apr 2012 08:34:05 +0200 + +tor (0.2.3.13-alpha-1) experimental; urgency=low + + * New upstream version. + * When creating the debian-tor user that tor runs at, create it with + a shell of /bin/false instead of /bin/bash. Does not change shells + of existing users (closes: #658358). + * Include 45ace4844b020cb754d3bb65f1021bfeb5115f9e from master + to fix a test suite stack overflow, just introduced. + + -- Peter Palfrader Tue, 27 Mar 2012 14:12:37 +0200 + +tor (0.2.3.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 13 Feb 2012 19:09:58 +0100 + +tor (0.2.3.11-alpha-2) experimental; urgency=low + + * init script: use the new defaults torrc file also for when we + try to check our configuration (tor --verify-config) prior to starting + tor. (Might close TorBug#4954.) + + -- Peter Palfrader Wed, 25 Jan 2012 22:52:03 +0100 + +tor (0.2.3.11-alpha-1) experimental; urgency=low + + * New upstream version. + * No longer patch Tor to set DataDirectory, RunAsDaemon etc. when run + as root or debian-tor. + Instead ship with a file setting all these options in + /usr/share/tor/tor-service-defaults-torrc and cause our init-script + to pass --defaults-torrc to the tor started by that script. + * No longer fail postinst when the init script fails to restart tor. + Patch provided by Carl Fuerstenberg (closes: #652884). + + -- Peter Palfrader Mon, 23 Jan 2012 14:50:16 +0100 + +tor (0.2.3.10-alpha-1) experimental; urgency=high + + * New upstream version, fixing a heap overflow bug related to Tor's + SOCKS code (CVE-2011-2778). + + -- Peter Palfrader Thu, 15 Dec 2011 21:29:00 +0100 + +tor (0.2.3.9-alpha-1) experimental; urgency=low + + * New upstream version. + * There no longer is a document called INSTALL to copy to + usr/share/docs/tor, so get rid of the lintian override. Since that was + the only one in the tor package get rid of installing overrides for the + tor package entirely - there's still one override in tor-geoipdb + (closes Tor #4576). + + -- Peter Palfrader Thu, 08 Dec 2011 22:30:31 +0100 + +tor (0.2.3.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Nov 2011 12:38:51 +0100 + +tor (0.2.3.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 31 Oct 2011 00:06:14 +0100 + +tor (0.2.3.6-alpha-1) experimental; urgency=high + + * New upstream version, fixing a couple of security relevant bugs + such as guard enumeration (CVE-2011-2768) and bridge enumeration + (CVE-2011-2769) issues. For details consult the upstream changelog. + + -- Peter Palfrader Thu, 27 Oct 2011 15:59:44 +0200 + +tor (0.2.3.5-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 29 Sep 2011 09:38:34 +0200 + +tor (0.2.3.4-alpha-1) experimental; urgency=low + + * New upstream version. + * Make patches/06_add_compile_time_defaults build without compiler warnings: + - use config_find_option_mutable() instead of config_find_option() + if we're going to mess with the return value, + - Correctly declare functions as having no arguments instead of not + telling the compiler which arguments it'll have. + * Suggest tor-arm (closes: #640265). + * Downgrade socat and polipo|privoxy to Suggests (closes: #640264). + + -- Peter Palfrader Wed, 14 Sep 2011 09:00:30 +0200 + +tor (0.2.3.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Upload to experimental now that 0.2.2.x is out of rc and was uploaded to + unstable. + * Merged from debian-0.2.2: 0.2.2.29-beta-1 + - The postinst script changes /var/run/tor to mode 02750 if it exists, + but the tor init script creates it with mode 02700 if it doesn't. + Change the init script to also create the directory with a group + writeable mode, the same as the postinst maintainer script, i.e. 02750. + . + This will allow users in the debian-tor group to access the control + socket (re: #552556). + - Enable Control Socket by default. It lives in /var/run/tor/ + (closes: #552556). + * Update context in patches/06_add_compile_time_defaults. + * Forward port patches/07_log_to_file_by_default. + + -- Peter Palfrader Sat, 03 Sep 2011 13:32:18 +0200 + +tor (0.2.3.1-alpha-1) tor-0.2.3.x; urgency=low + + * New upstream version. + * Forward port debian/patches/14_fix_geoip_warning. + + -- Peter Palfrader Fri, 06 May 2011 17:08:03 +0200 + +tor (0.2.2.25-alpha-1) experimental; urgency=low + + * New upstream version. + * Add Vcs-* control fields. Patch by intrigeri@boum.org + (closes: #623316). + * Update mailinglist archive URLs in package description. + Patch by intrigeri@boum.org (closes: #623318). + + -- Peter Palfrader Sun, 01 May 2011 19:48:24 +0200 + +tor (0.2.2.24-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port missing changes from the 0.2.1.x tree: + - Add ${misc:Depends} for all three binary packages because debhelper + might want to add stuff [tor 0.2.1.26-1]. + - tor.postinst: Stop calling stat(1) with its full path [tor 0.2.1.26-1]. + - No longer set ulimit -c to unlimited: + Up until now the init script (or actually /etc/default/tor) raised + the ulimit for coredumps to unlimited, so that Tor would produce + coredumps on assert errors or segfaults. Coredumps however can + leak sensitive information, like cryptographic session keys and + clients' data should the core files get into the wrong hands. As + such it seems prudent to only enable coredumps if the user or + operator explicitly asks for them, and knows what to do with them. + [tor 0.2.1.26-2] + - Also include a cron.weekly job that removes old coredumps from + /var/lib/tor. This action can be disabled in /etc/default/tor. + [tor 0.2.1.26-2] + - Make sure the cronjob does not try to access a /var/lib/tor + that has already been removed (due to for instance package removal). + Thanks to Holger and piuparts for catching this. + [tor 0.2.1.26-3] + + -- Peter Palfrader Sun, 10 Apr 2011 19:08:27 +0200 + +tor (0.2.2.23-alpha-1) experimental; urgency=low + + * New upstream version. + * The tor specification files are no longer shipped in the tarball, + so /usr/share/doc/tor/spec is no more. They can be found online + at . + + -- Peter Palfrader Wed, 09 Mar 2011 14:40:16 +0100 + +tor (0.2.2.22-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 26 Jan 2011 19:20:21 +0100 + +tor (0.2.2.21-alpha-1) experimental; urgency=high + + * New upstream version, including several security related fixes. See + upstream changelog for details. Addresses CVE-2011-0427. + * Forward port patches/03_tor_manpage_in_section_8. + + -- Peter Palfrader Sun, 16 Jan 2011 18:40:27 +0100 + +tor (0.2.2.20-alpha-1) experimental; urgency=high + + * New upstream version. + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out (CVE-2010-1676). + * Since the dawn of time (0.0.2pre19-1, January 2004, initial release + of the debian package), the postinst script has changed ownership and + permissions of various trees like /var/lib/tor, /var/run/tor, and + /var/log/tor, sometimes recursively. + . + It turns out this actually is a security issue, so try to be more + conservative when fixing up modes and only chown/chgrp + /var/{lib,log,run}/tor directly, never recursively. + * Remove /var/run/tor, recursively, on purge. We already do this + for /var/lib/tor and /var/log/tor. + + -- Peter Palfrader Sat, 18 Dec 2010 13:35:26 +0100 + +tor (0.2.2.19-alpha-1) experimental; urgency=low + + * New upstream version. + - remove debian/patches/15_tlsext_host_name (already included in new + upstream version). + + -- Peter Palfrader Mon, 29 Nov 2010 13:46:10 +0100 + +tor (0.2.2.18-alpha-2) experimental; urgency=low + + * If we overwrite src/or/micro-revision.i in during build, + clean it out in the clean target. + * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8 + (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198): + . + Do not set the tlsext_host_name extension on server SSL objects; only on + client SSL objects. We set it to immitate a browser, not a vhosting + server. This resolves an incompatibility with openssl 0.9.8p and openssl + 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. + + -- Peter Palfrader Sun, 21 Nov 2010 23:39:32 +0100 + +tor (0.2.2.18-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 16 Nov 2010 20:01:23 +0100 + +tor (0.2.2.17-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 01 Oct 2010 12:33:28 +0200 + +tor (0.2.2.16-alpha-1) experimental; urgency=low + + * New upstream version. + * Downgrade torsocks/tsocks dependency to a recommends. That tool + is not needed if you only run a relay, or if you access Tor only + using polipo or privoxy. The torify(1) wrapper that makes use + of torsocks or tsocks already handles their absense and emmits a + proper message telling the user what they are missing (closes: #595898). + * Remove suggests of mixminion which is no longer in the archive + (closes: #594207), and also of anon-proxy which appears to not + have been updated in at least two years. + * Add xul-ext-torbutton to suggests. + + -- Peter Palfrader Sat, 18 Sep 2010 19:49:23 +0200 + +tor (0.2.2.15-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 06_add_compile_time_defaults. + + -- Peter Palfrader Sat, 21 Aug 2010 10:39:41 +0200 + +tor (0.2.2.14-alpha-1) experimental; urgency=low + + * New upstream version. + Among many other things: + - New config option "WarnUnsafeSocks 0" disables the warning that + occurs whenever Tor receives only an IP address instead of a + hostname. Setups that do DNS locally over Tor are fine, and we + shouldn't spam the logs in that case. (Closes: #497466) + + -- Peter Palfrader Thu, 15 Jul 2010 14:41:10 +0200 + +tor (0.2.2.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 24 Apr 2010 12:12:11 +0200 + +tor (0.2.2.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 20 Apr 2010 12:23:00 +0200 + +tor (0.2.2.11-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 17 Apr 2010 21:49:19 +0200 + +tor (0.2.2.10-alpha-2) experimental; urgency=low + + * In /etc/default/tor also source /etc/default/tor.vidalia if it exists + and if vidalia is installed. We do this so that the vidalia package + can override some of our settings: People who have vidalia installed might + not want to run Tor as a system service. The vidalia .deb can ask them + that and then set run-daemon to no. + + -- Peter Palfrader Sat, 03 Apr 2010 15:24:11 +0200 + +tor (0.2.2.10-alpha-1) experimental; urgency=low + + * New upstream version. + * debian/rules: + - make manpage building properly depend on patch-stamp, + - Fix building in the absence of a debian/micro-revision.i file. + + -- Peter Palfrader Tue, 09 Mar 2010 14:06:48 +0100 + +tor (0.2.2.9-alpha-1) experimental; urgency=low + + * New upstream version. + - We no longer need to build-depend on a recent libssl-dev because + Tor now detects whether we need to explicitly turn on + autonegotiation at run-time rather than compile time. Good. + (This also means we no longer need to conflict with newer + libssls when we built against an old one on backports.) + - The manpages are now built with asciidoc. While the upstream + tarball already ships with the output of asciidoc, we instead + build the manpages during package build time so we can patch them. + + Therefore build-depend on asciidoc (>= 8.2), docbook-xml, + docbook-xsl, and xmlto. + + update 03_tor_manpage_in_section_8 to patch the .txt files now. + + Remove tor.1.in torify.1.in tor-gencert.1.in tor-resolve.1.in in + the doc directory during clean. + + And try to work around missing (and if it wasn't, broken) + build-system for the manpages. + + The torify.1 manpage gets installed by upstream, no longer need + to do it manually in debian/rules. + - The original design paper is no longer shipped with Tor. + + Remove debian/hexdump-*.pdf (which we used to work around + fig2dev bugs). + + No longer build the paper in debian/rules, and remove it from + debian/tor.docs. + + No longer build-depend on texlive-base-bin, texlive-latex-base, + texlive-fonts-recommended, transfig and ghostscript. + - Upstream tarballs no longer ship an AUTHORS file, or the website, + Removed these from debian/tor.docs. No longer shipping parts of + the website also closes: #443560. + - Also no longer distribute doc/TODO and doc/HACKING in the debian + package. + * Move from comm to section net, where it might fit slightly better + (closes: #482801). + * Ship contrib/tor-exit-notice.html in the tor package (put it into + usr/share/doc/tor; closes: #568934). + * Add stark README.polipo with the instructions from Juliusz Chroboczek. + (closes: #413730) + * 0.2.2.4-alpha failed to ship test.h so we had included it in the + debian diff. The upstream bug has long since been fixed so we should + probably stop shipping our own copy of test.h. + * Finally apply Peter Eisentraut's patch for tor's init script to support + status as an argument (closes: #526371). + + -- Peter Palfrader Sun, 28 Feb 2010 10:58:10 +0100 + +tor (0.2.2.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 29 Jan 2010 23:22:35 +0100 + +tor (0.2.2.7-alpha-2) experimental; urgency=low + + * debian/rules: Minor cleanup (use a single variable for making up our + configure flags, not two). + * debian/rules: Remove logic that ignores the result of unit tests if + localhost does not resolve (or not to 127.0.0.1). This should no + longer be necessary as our build chroots have gotten a lot better. + * Depend on and enable hardening-includes for building. + + -- Peter Palfrader Sun, 24 Jan 2010 13:22:26 +0100 + +tor (0.2.2.7-alpha-1) experimental; urgency=medium + + * New upstream version. + - Rotate keys (both v3 identity and relay identity) for moria1 + and gabelmoo. + [and more] + + -- Peter Palfrader Wed, 20 Jan 2010 19:29:08 +0100 + +tor (0.2.2.6-alpha-1) experimental; urgency=low + + * New upstream version. + - Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch + (part of upstream). + + -- Peter Palfrader Mon, 23 Nov 2009 18:52:04 +0100 + +tor (0.2.2.5-alpha-1) experimental; urgency=low + + * New upstream version. + * Pick 0a58567ce3418f410cf1dd0143dd3e56b4a4bd1f from master git tree: + - work with libssl that has renegotiation disabled by default. + (debian/patches/0a58567c-work-with-reneg-ssl.dpatch) + * Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against + earlier versions we will not work once libssl gets upgraded to a version + that disabled renegotiations. + * Change order of recommends from privoxy | polipo to polipo | privoxy. + * Allegedly echo -e is a bashism. Remove it from debian/rules, we don't + need it anyways (closes: #478631). + * Change the dependency on tsocks to torsocks | tsocks (see: #554717). + + -- Peter Palfrader Sun, 15 Nov 2009 11:04:02 +0100 + +tor (0.2.2.4-alpha-1) experimental; urgency=low + + * New upstream version. + * The testsuite moved from src/or/test to src/test/test, + but let's call it using "make check" now. + * Upstream failed to ship src/test/test.h. Ship it in debian/ and + manually copy it in place during configure and clean up in clean. + Let's not use the patch system as this will most likely be rectified + by next release. + + -- Peter Palfrader Sun, 11 Oct 2009 10:38:55 +0200 + +tor (0.2.2.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Sep 2009 10:27:40 +0200 + +tor (0.2.2.2-alpha-1) experimental; urgency=low + + * New upstream version. + * The files src/common/common_sha1.i src/or/or_sha1.i get changed + during the build - they contain the checksums of the individual + files that end up in the binary. Of couse changes only end up + in the debian diff.gz after building a second time in the same + directory. So, remove those files in clean to get both a cleaner + diff.gz and idempotent builds. + * If we have a debian/micro-revision.i, replace the one in src/or + with our copy so that this will be the revision that ends up in + the binary. This is an informational only version string, but + it'd be kinda nice if it was (more) accurate nonetheless. + . + Of course this won't help if people manually patch around but + it's still preferable to claiming we are exactly upstream's source. + . + If we are building directly out of a git tree, update + debian/micro-revision.i in the clean target. + + -- Peter Palfrader Mon, 21 Sep 2009 14:51:20 +0200 + +tor (0.2.2.1-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/03_tor_manpage_in_section_8.dpatch. + * Forward port patches/06_add_compile_time_defaults.dpatch. + + -- Peter Palfrader Thu, 03 Sep 2009 15:10:26 +0200 + +tor (0.2.1.19-1) unstable; urgency=low + + * New upstream version. + - Make accessing hidden services on 0.2.1.x work right (closes: #538960). + [More items are in the upstream changelog.] + + -- Peter Palfrader Wed, 29 Jul 2009 12:49:03 +0200 + +tor (0.2.1.18-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 25 Jul 2009 11:15:11 +0200 + +tor (0.2.1.17-rc-1) experimental; urgency=low + + * New upstream version. + * Update upstream URL in debian/copyright. + + -- Peter Palfrader Mon, 13 Jul 2009 23:37:37 +0200 + +tor (0.2.1.16-rc-1) experimental; urgency=low + + * New upstream version. + * No longer inform the user if/when we re-create the /var/run/tor + directory in the init script. With /var/run on tmpfs this is + completely normal now so our message was just noise. + * Stop shipping /var/run/tor in the package. + * Only clean up permissions of /var/run/tor in postinst if the + directory actually exists. + * Update Standards-Version from 3.8.0 to 3.8.1. No real changes + required, we already support nocheck in DEB_BUILD_OPTIONS since + August 2004, and we already create our var/run directory in the + init script (tho we now no longer ship it either - see above). + * Change debhelper compatibility version from 4 to 5: + - Change dh_strip call from --dbg-package=tor + to --dbg-package=tor-dbg. + - Update versioned build time dependency on debhelper. + * Forward port 06_add_compile_time_defaults. + + -- Peter Palfrader Sat, 20 Jun 2009 13:16:02 +0200 + +tor (0.2.1.15-rc-1) experimental; urgency=low + + * New upstream version. + * Change build time dependency on gs to ghostscript. + + -- Peter Palfrader Sat, 30 May 2009 21:10:03 +0200 + +tor (0.2.1.14-rc-1) experimental; urgency=low + + * New upstream version. + * Change Section of tor-dbg to debug. + + -- Peter Palfrader Thu, 16 Apr 2009 19:54:19 +0200 + +tor (0.2.1.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 15 Mar 2009 00:58:07 +0100 + +tor (0.2.1.12-alpha-1) experimental; urgency=low + + * New upstream version, fixing several security relevant bugs: + - Avoid a potential crash on exit nodes when processing malformed + input. Remote DoS opportunity (closes: #514579). + - Fix a temporary DoS vulnerability that could be performed by + a directory mirror (closes: #514580). + * patches/06_add_compile_time_defaults: Only set the User option in + the config if we run as root. Do not set it when run as debian-tor + as Tor then always insists on changing users which will fail. (If + we run as any other user we don't set our debian defaults anyway.) + + -- Peter Palfrader Tue, 10 Feb 2009 00:19:53 +0100 + +tor (0.2.1.11-alpha-1) experimental; urgency=high + + * New upstream version: + - Fixes a possible remote heap buffer overflow bug. + - torify(1) manpage mentions DNS leaks now (closes: #495829). + * README.Debian: No longer claim we change the default 'Group' setting + when run as debian-user. That setting no longer exists. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Wed, 21 Jan 2009 01:00:15 +0100 + +tor (0.2.1.10-alpha-1) experimental; urgency=low + + * New alpha release. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Sun, 11 Jan 2009 12:06:28 +0100 + +tor (0.2.1.9-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Fri, 26 Dec 2008 20:51:53 +0100 + +tor (0.2.1.8-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Mon, 15 Dec 2008 23:00:32 +0100 + +tor (0.2.1.7-alpha-2) experimental; urgency=low + + * No longer set now obsolete Group setting in built-in debian config. + + -- Peter Palfrader Mon, 10 Nov 2008 16:28:31 +0100 + +tor (0.2.1.7-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Mon, 10 Nov 2008 09:39:30 +0100 + +tor (0.2.1.6-alpha-1) experimental; urgency=low + + * New alpha release. + * Forward port 14_fix_geoip_warning.dpatch. + + -- Peter Palfrader Tue, 30 Sep 2008 14:37:26 +0200 + +tor (0.2.1.5-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Tue, 02 Sep 2008 00:18:55 +0200 + +tor (0.2.1.4-alpha-1) experimental; urgency=low + + * New alpha release. + * Do not build with openbsd's malloc unless enable-openbsd-malloc is in + DEB_BUILD_OPTIONS. + + -- Peter Palfrader Tue, 05 Aug 2008 12:33:23 +0200 + +tor (0.2.1.2-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Wed, 16 Jul 2008 13:05:45 +0200 + +tor (0.2.0.30-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 16 Jul 2008 02:19:08 +0200 + +tor (0.2.0.29-rc-2) unstable; urgency=low + + * Upload to unstable. + + -- Peter Palfrader Tue, 15 Jul 2008 22:16:08 +0200 + +tor (0.2.0.29-rc-1) experimental; urgency=low + + * New upstream version. + * Warn the admin if the number of file descriptors on his system is + tiny. + + -- Peter Palfrader Wed, 09 Jul 2008 14:02:06 +0200 + +tor (0.2.0.28-rc-1) experimental; urgency=low + + * New upstream version. + * Remove debian/patches/11_tor_as_root_more_helpful.dpatch as + it is no longer needed: We now setuid() to the Tor user + when run as root and it all just works. + * Add comments to the dpatch headers so lintian shuts up. + * Add patches/14_fix_geoip_warning: Change geoipdb open failed message. + * Require unit tests to pass again. + + -- Peter Palfrader Fri, 13 Jun 2008 10:28:36 +0200 + +tor (0.2.0.27-rc-1) experimental; urgency=low + + * New upstream version. + * Add tor-geoipdb arch: all package for the geoip database. + * Update debian/rules so that there now is a binary-common target + and the binary-indep and binary-arch targets call make with + proper DH_OPTIONS options. This is taken from the template + that dh_make nowadays uses for multi-binary packages. + * Unit tests are broken, yay. + * Use ${binary:Version} to depend on the right tor binary package from + the tor-dbg package instead of ${Source-Version}. Some guy on the + internet said the latter was deprecated. + * Add Homepage: https://www.torproject.org/ field to control file. + * And mention www.tp.o instead of the old tor.eff.org in the long + description. + * No longer ignore failure of make clean in the clean target. + * Support passing of parallel= in build options. + * Change declared Standards-Version to 3.8.0. + + -- Peter Palfrader Fri, 06 Jun 2008 01:11:33 +0200 + +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * New upstream version. + * Conflict with old libssls. + * On upgrading from versions prior to, including, 0.1.2.19-2, or + from versions later than 0.2.0 and prior to 0.2.0.26-rc do the + following, and if we are a server (we have a /var/lib/tor/keys + directory) + - move /var/lib/tor/keys/secret_onion_key out of the way. + - move /var/lib/tor/keys/secret_onion_key.old out of the way. + - move /var/lib/tor/keys/secret_id_key out of the way if it was + created on or after 2006-09-17, which is the day the bad + libssl was uploaded to Debian unstable. + * Add a NEWS file explaining this change. + + -- Peter Palfrader Tue, 13 May 2008 16:11:21 +0200 + +tor (0.2.0.24-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Apr 2008 02:25:22 +0200 + +tor (0.2.0.23-rc-1) experimental; urgency=low + + * New upstream version. + * Mention OpenBSD_malloc_Linux.c in debian/copyright. + * Add a recommends on logrotate. + + -- Peter Palfrader Tue, 25 Mar 2008 09:34:37 +0100 + +tor (0.2.0.22-rc-1) experimental; urgency=low + + * New upstream version. + * Work around fig2dev failing to build the images on all archs + (re #457568). + * Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is + found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the + horrible memory fragmentation that glibc's malloc causes. + + -- Peter Palfrader Wed, 19 Mar 2008 08:03:47 +0100 + +tor (0.2.0.21-rc-1) experimental; urgency=low + + * New upstream version. + * Run --verify-config before start/reload/restart as root. No longer + su - to debian-tor tor run it. Given that we now even start Tor as + root (it setuids later on) this should be fine (closes: #468566). + + -- Peter Palfrader Mon, 3 Mar 2008 13:36:59 +0100 + +tor (0.2.0.20-rc-1) experimental; urgency=low + + * New upstream version. + * Change the default for MAX_FILEDESCRIPTORS in our init script to depend + on the number of system-wide available file descriptors: + /proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's + greater than 40k set the limit to 16k, and when greater than 10k our limit + shall be 8k descriptors. If there are less than 20k FDs in the entire + system default to a limit of only 1024. + + Big servers at the moment regularly use more than 10k FDs, so our old + default of 8k no longer is sufficient. On the other hand we don't want + lower end systems to run out of FDs on Tor's account. + * If we run as root also apply debian defaults. + * Add User=debian-tor and Group=debian-tor to debian defaults. That allows + us to start Tor as root and have it setuid/setgid to the target user. + * Change the init script to start Tor as root. Now we should be able to + bind to low port. + + -- Peter Palfrader Mon, 25 Feb 2008 13:54:58 +0100 + +tor (0.2.0.19-alpha-1) experimental; urgency=low + + * New upstream version. + * It's 2008. Now is the time to add copyright statements for 2007. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Sun, 10 Feb 2008 01:12:04 +0100 + +tor (0.2.0.18-alpha-2) experimental; urgency=low + + * Work around fig2dev failing to build the images on mipsel like we do on + sparc and s390 (re #457568) + * Fix postinst find command that chowns stuff to the right user. Find + does weird things in the presence of !. + + -- Peter Palfrader Sun, 3 Feb 2008 18:17:16 +0100 + +tor (0.2.0.18-alpha-1) experimental; urgency=low + + * New upstream version. + * postinst: Remove the check that requires the debian-tor user + to have a uid between 100 and 999. There is no good reason + to require this. If the local admin moves the system users/uid-space + to some other range then they probably have a good reason for that. + * postinst: change wording if debian-tor's homedir is wrong, do not + print anything if it is ok. + * postinst: We were only fixing the permissions of /var/{lib,run,log}/tor + when we were not upgrading. Unfortunately the check doesn't work all + that well usually in cases where the package was removed (not purged) + and then later re-installed again. Now we ensure proper ownership + and modes for all the directories and files below /var/{lib,run,log}/tor + (the dirs themselves included) every time we run postinst. + * postinst: if we reboot between unpacking and configuring on some smart + systems this will mean that we just lost /var/run/tor - creating it + in the maintainer script if it doesn't exist. + * Create logfiles in logrotate so that they come into the world with the + correct mode (o-r). + + -- Peter Palfrader Thu, 24 Jan 2008 15:15:32 +0100 + +tor (0.2.0.17-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 17 Jan 2008 21:42:25 +0100 + +tor (0.2.0.15-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 25 Dec 2007 08:53:25 +0100 + +tor (0.2.0.14-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again - + it's included upstream. + * Work around fig2dev failing to build the images on sparc like we do on + s390. + + -- Peter Palfrader Sun, 23 Dec 2007 13:45:41 +0100 + +tor (0.2.0.13-alpha-1) experimental; urgency=low + + * New upstream version. + * Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch). + + -- Peter Palfrader Fri, 21 Dec 2007 11:52:43 +0100 + +tor (0.2.0.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 18 Nov 2007 11:49:06 +0100 + +tor (0.2.0.11-alpha-1) experimental; urgency=low + + * New upstream version. + * remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's + now part of upstream. + + -- Peter Palfrader Thu, 15 Nov 2007 11:07:06 +0100 + +tor (0.2.0.9-alpha-2) experimental; urgency=low + + * Do not separate required lsb facilities with commas in the + init script (closes: #448001). + * Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch, + from trunk/head. + + -- Peter Palfrader Sun, 28 Oct 2007 00:03:21 +0200 + +tor (0.2.0.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Only create pid dir if we are about to start Tor (Luca Capello, + closes: #447508). + + -- Peter Palfrader Fri, 26 Oct 2007 14:29:56 +0200 + +tor (0.2.0.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 13 Oct 2007 16:27:04 +0200 + +tor (0.2.0.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 24 Sep 2007 23:50:14 +0200 + +tor (0.2.0.6-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 27 Aug 2007 15:41:31 +0200 + +tor (0.2.0.5-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 19 Aug 2007 15:10:49 +0200 + +tor (0.2.0.4-alpha-1) experimental; urgency=high + + * New upstream version. + + -- Peter Palfrader Thu, 2 Aug 2007 07:09:36 +0200 + +tor (0.2.0.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 31 Jul 2007 07:03:00 +0200 + +tor (0.2.0.2-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 3 Jun 2007 02:31:29 +0200 + +tor (0.2.0.1-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 06_add_compile_time_defaults. + * teTeX is no more, long live TeX Live: + - remove build depends on tetex-bin, tetex-extra, + - add build depends on texlive-base-bin for dvips and bibtex, + texlive-latex-base for latex, and texlive-fonts-recommended for fonts + like ptmr7t. + + -- Peter Palfrader Sat, 2 Jun 2007 14:31:15 +0200 + +tor (0.1.2.19-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 17 Jan 2008 20:57:42 +0100 + +tor (0.1.2.18-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 29 Oct 2007 20:36:38 +0100 + +tor (0.1.2.17-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 31 Aug 2007 03:14:33 +0200 + +tor (0.1.2.16-1) unstable; urgency=high + + * New upstream version. + + -- Peter Palfrader Thu, 2 Aug 2007 06:43:09 +0200 + +tor (0.1.2.15-1) unstable; urgency=low + + * New upstream version. + * Change build-depends from tetex to texlive suite. + + -- Peter Palfrader Thu, 19 Jul 2007 22:33:43 +0200 + +tor (0.1.2.14-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 25 May 2007 21:49:20 +0200 + +tor (0.1.2.13-3) unstable; urgency=low + + * Always give a shell (/bin/sh) when we use su(1) in our init script + (closes: #421465). + + -- Peter Palfrader Sun, 6 May 2007 14:44:11 +0200 + +tor (0.1.2.13-2) unstable; urgency=low + + * In options_init_from_torrc()'s error path only config_free() options + if they already have been initialized (closes: #421235). + + -- Peter Palfrader Fri, 27 Apr 2007 13:06:37 +0200 + +tor (0.1.2.13-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 24 Apr 2007 21:21:10 +0200 + +tor (0.1.2.12-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 17 Mar 2007 11:35:31 +0100 + +tor (0.1.2.10-rc-1) experimental; urgency=low + + * New upstream version. + * Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728). + + -- Peter Palfrader Fri, 9 Mar 2007 10:57:40 +0100 + +tor (0.1.2.8-beta-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 26 Feb 2007 11:50:49 +0100 + +tor (0.1.2.7-alpha-1) experimental; urgency=low + + * New upstream version. + * Install all the spec files into usr/share/doc/tor/spec now. + They moved to doc/spec/* from just doc/* in the source too. + + -- Peter Palfrader Tue, 13 Feb 2007 18:51:14 +0100 + +tor (0.1.2.6-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 9 Jan 2007 17:39:15 +0100 + +tor (0.1.2.5-alpha-1) experimental; urgency=low + + * New upstream version. + * Disable 02_add_debian_files_in_manpage.dpatch for now. + + -- Peter Palfrader Sun, 7 Jan 2007 13:57:37 +0100 + +tor (0.1.2.4-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 4 Dec 2006 00:13:37 +0100 + +tor (0.1.2.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 30 Oct 2006 11:06:52 +0100 + +tor (0.1.2.2-alpha-1) experimental; urgency=low + + [ Peter Palfrader ] + * New upstream version. + + [ Roger Dingledine ] + * Minor update of debian/copyright. + + -- Peter Palfrader Tue, 10 Oct 2006 03:26:00 +0200 + +tor (0.1.2.1-alpha-1) experimental; urgency=low + + * Forward port 07_log_to_file_by_default.dpatch. + * Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and + Log differed from upstreams. Now Tor behaves just like before (with + our own DataDirectory and all) only when run as the debian-tor user. + If invoked as any other user, Tor will behave just like the pristine + upstream version. + * Tell users about the init script when they try to run Tor as root. + Should we also do this when they try to run their Tor as any other + (non root, non debian-tor) user? - add 11_tor_as_root_more_helpful + * Use tor --verify-config before start and reload. Abort init script + with exit 1 if config does not verify. + * Change Standards-Version to 3.7.2. No changes required. + + -- Peter Palfrader Tue, 29 Aug 2006 22:38:29 +0200 + +tor (0.1.1.26-1) unstable; urgency=high + + * New upstream version (Stop sending the HttpProxyAuthenticator string to + directory servers when directory connections are tunnelled through Tor). + + -- Peter Palfrader Fri, 15 Dec 2006 20:24:07 +0100 + +tor (0.1.1.25-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 4 Nov 2006 17:16:08 +0100 + +tor (0.1.1.24-1) unstable; urgency=low + + * New upstream version. + * Update debian/copyright: + - tree.h has vanished somewhere along the current branch + - ht.h is new and credits Christopher Clark + - We didn't mention Matej Pfajfar's copyright before. + * Forward port 07_log_to_file_by_default. + + -- Peter Palfrader Fri, 6 Oct 2006 23:32:45 +0200 + +tor (0.1.1.23-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 3 Aug 2006 03:13:24 +0200 + +tor (0.1.1.22-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 6 Jul 2006 02:55:37 +0200 + +tor (0.1.1.21-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 11 Jun 2006 18:27:13 +0200 + +tor (0.1.1.20-1) unstable; urgency=low + + * New upstream stable release: The 0.1.1.x tree is now the new stable + tree. Upload to unstable rather than experimental. + + -- Peter Palfrader Tue, 23 May 2006 20:16:25 +0200 + +tor (0.1.1.19-rc-1) experimental; urgency=low + + * New upstream version. + * Remove support for my nodoc DEB_BUILD_OPTIONS variable. It clutters + stuff and I haven't used it in ages. + * Update debian/tor.docs file. + + -- Peter Palfrader Fri, 5 May 2006 16:27:48 +0200 + +tor (0.1.1.18-rc-1) experimental; urgency=low + + * New upstream version. + * update debian/tor.doc: + - no longer ship INSTALL and README files, they are useless now. + - doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html, + doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced + by doc/website/stylesheet.css and doc/website/tor-* which is more + or less the same, only taken from the website. Some links are + probably broken still, but this should get fixed eventually. + + -- Peter Palfrader Mon, 10 Apr 2006 12:00:50 +0200 + +tor (0.1.1.17-rc-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/07_log_to_file_by_default. + + -- Peter Palfrader Tue, 28 Mar 2006 09:48:04 +0200 + +tor (0.1.1.16-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 20 Mar 2006 02:03:29 +0100 + +tor (0.1.1.15-rc-1) experimental; urgency=low + + * New upstream version. + * Apparently passing --host to configure when not cross-compiling + is evil now and greatly confuses configure. So don't do it unless it + actually differs from --build host. + + -- Peter Palfrader Sat, 11 Mar 2006 20:04:36 +0100 + +tor (0.1.1.14-alpha-1) experimental; urgency=low + + * New upstream version. + * Include 0.1.0.17 changelog in experimental tree. + * doc/FAQ is no longer shipped, so remove it from debian/tor.docs. + + -- Peter Palfrader Tue, 21 Feb 2006 05:16:21 +0100 + +tor (0.1.1.13-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/02_add_debian_files_in_manpage. + * Forward port patches/03_tor_manpage_in_section_8. + * Create /var/run/tor on init script start if it does + not exist already. + * Set default ulimit -n to 8k instead of 4k in /etc/default/tor. + * Print that we're raising the ulimit to stdout in the init script. + * Add CVE numbers to past issues in the changelog where applicable. + + -- Peter Palfrader Fri, 10 Feb 2006 14:38:11 +0100 + +tor (0.1.1.12-alpha-1) experimental; urgency=low + + * New upstream version, that was a quick one. :) + * Forward port patches/02_add_debian_files_in_manpage. + + -- Peter Palfrader Thu, 12 Jan 2006 02:53:27 +0100 + +tor (0.1.1.11-alpha-1) experimental; urgency=low + + * New upstream version. + - Implement "entry guards": automatically choose a handful of entry + nodes and stick with them for all circuits. This will increase + security dramatically against certain end-point attacks + (closes: #349283, CVE-2006-0414). + * Forward port patches/07_log_to_file_by_default. + * Forward port 0.1.0.16 changelog and change to copyright file. + + -- Peter Palfrader Wed, 11 Jan 2006 12:08:25 +0100 + +tor (0.1.1.10-alpha-1) experimental; urgency=low + + * New upstream version. + * doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream + tarball, remove them from debian/tor.docs. + * add the following new files to tor.docs: doc/socks-extensions.txt, + doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html + + -- Peter Palfrader Sun, 11 Dec 2005 14:02:41 +0100 + +tor (0.1.1.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove 08_add_newlines_between_serverdescriptors.dpatch. + * Update 06_add_compile_time_defaults.dpatch + * Use bin/bash for the init script instead of bin/sh. We are using + ulimit -n which is not POSIX (closes: #338797). + * Remove the EVENT_NOEPOLL block from etc/default/tor. + * Add an ARGS block to etc/default/tor as suggested in #338425. + + -- Peter Palfrader Tue, 15 Nov 2005 23:29:54 +0100 + +tor (0.1.1.8-alpha-1) experimental; urgency=low + + * New upstream version. + * Add patch from CVS to + "Insert a newline between all router descriptors when generating (old + style) signed directories, in case somebody was counting on that". + r1.247 of dirserv.c, <20051008060243.85F41140808C@moria.seul.org> + + -- Peter Palfrader Sat, 8 Oct 2005 20:24:39 +0200 + +tor (0.1.1.7-alpha-1) experimental; urgency=low + + * New upstream version. + * More merging from 0.1.0.14+XXXX: + - The tor-dbg package does not really need its own copy of copyright + and changelog in usr/share/doc/tor-dbg. + * Forward port 03_tor_manpage_in_section_8.dpatch + + -- Peter Palfrader Wed, 14 Sep 2005 17:52:35 +0200 + +tor (0.1.1.6-alpha-2) experimental; urgency=low + + * Merge 0.1.0.14+XXXX changes. + + -- Peter Palfrader Wed, 14 Sep 2005 15:05:16 +0200 + +tor (0.1.1.6-alpha-1) experimental; urgency=low + + * Experimental upstream version. + + -- Peter Palfrader Sat, 10 Sep 2005 10:17:43 +0200 + +tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low + + * Even more experimental cvs snapshot. + * Testsuite is mandatory again. + * Forward port 03_tor_manpage_in_section_8.dpatch + * Forward port 06_add_compile_time_defaults.dpatch + + -- Peter Palfrader Fri, 9 Sep 2005 23:22:38 +0200 + +tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low + + * Experimental upstream version. + * Allow test suite to fail, it's broken in this version. + * Update list of files from doc/ that should be installed. + * Forward port debian/ patches. + + -- Peter Palfrader Fri, 12 Aug 2005 17:02:23 +0200 + +tor (0.1.0.17-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 18 Feb 2006 02:49:45 +0100 + +tor (0.1.0.16-1) unstable; urgency=low + + * New upstream version. + * Update copyright file for 2006. + + -- Peter Palfrader Tue, 3 Jan 2006 13:59:34 +0100 + +tor (0.1.0.15-1) unstable; urgency=low + + * New upstream release. + * Forward port 03_tor_manpage_in_section_8. + + -- Peter Palfrader Sat, 24 Sep 2005 15:15:34 +0200 + +tor (0.1.0.14-2) unstable; urgency=low + + * Ship debugging information in a separate package now, instead + of simply not stripping tor. This is still useful while tor is + young. Ideally it would go away some time. + * Add LSB comments to init script as suggested by Petter Reinholdtsen + on the debian-devel list: + - http://lists.debian.org/debian-devel/2005/08/msg01172.html + - http://wiki.debian.net/?LSBInitScripts + * Work around broken chroots that do not resolve localhost or resolve + it to the wrong IP. We now catch such cases in debian/rules, shout + at the buildd maintainer, and ignore the result of our test suite. + + -- Peter Palfrader Wed, 21 Sep 2005 10:23:25 +0200 + +tor (0.1.0.14-1) unstable; urgency=high + + * New upstream version - changes, among others: + - Fixes the other half of the bug with crypto handshakes (CVE-2005-2643). + * Since gs-gpl on s390 is broken (#321435) and unable to + build PDFs of our images for the design paper this version + ships them in the source and uses them on s390, should building + them from source really fail. + * Increase standards-version from 3.6.1 to 3.6.2. No changes + necessary. + + -- Peter Palfrader Mon, 8 Aug 2005 23:55:05 +0200 + +tor (0.1.0.13-1) unstable; urgency=high + + * New upstream version: + - Explicitly set no-unaligned-access for sparc in configure.in. + it turns out the new gcc's let you compile broken code, but + that doesn't make it not-broken (closes: #320140). + - Fix a critical bug in the security of our crypto handshakes. + (Therefore set urgency to high). + and more (see upstream changelog). + * Slightly improve init script to give you proper error messages when + you do not run it as root. + + -- Peter Palfrader Fri, 5 Aug 2005 01:27:49 +0200 + +tor (0.1.0.12-1) unstable; urgency=medium + + * New upstream version: + - New IP for tor26 directory server, + - fix a possible double-free in tor_gzip_uncompress, + - and more (see upstream changelog). + + -- Peter Palfrader Tue, 19 Jul 2005 17:36:24 +0200 + +tor (0.1.0.11-1) unstable; urgency=high + + * New upstream version (closes: #316753): + - Fixes a serious bug: servers now honor their exit policies - + In 0.1.0.x only clients enforced them so far. 0.0.9.x is + not affected. + * Build depend on libevent-dev >= 1.1. + * Urgency high because 0.0.9.10-1 did not make it into testing after + like 3 weeks because of an impending ftp-master move. So I might + just as well upload this one. + + -- Peter Palfrader Mon, 4 Jul 2005 17:53:48 +0200 + +tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low + + * New upstream version. + * Add a watch file. + * Forward port 03_tor_manpage_in_section_8. + * Forward port 06_add_compile_time_defaults. + * Add libevent-dev to build-depends. + * Update URL to tor in debian/control and debian/copyright. + * Add a snippet to disable epoll in etc/default/tor, commented out. + * Add a snippet to set nice level in etc/default/tor. + * Wait for 60 seconds in init stop. 35 is too little. + * Don't depend on python anymore - tor-resolve is C now. + * If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4. + Of course the -dev package needs to be installed. + * Update README.Debian to say that upstream now does have a default + for DataDirectory. + * Don't fail in the init script when we cannot raise the ulimit. + Instead just warn a bit (closes: #312882). + + -- Peter Palfrader Wed, 15 Jun 2005 16:38:06 +0200 + +tor (0.0.9.10-1) unstable; urgency=high + + * While we're waiting for a newer libevent to enter sid, make another + upload of the 0.0.9.x tree: + - Refuse relay cells that claim to have a length larger than the + maximum allowed. This prevents a potential attack that could read + arbitrary memory (e.g. keys) from an exit server's process + (CVE-2005-2050). + + -- Peter Palfrader Thu, 16 Jun 2005 22:56:11 +0200 + +tor (0.0.9.9-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 23 Apr 2005 23:58:47 +0200 + +tor (0.0.9.8-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 8 Apr 2005 09:11:34 +0200 + +tor (0.0.9.7-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 1 Apr 2005 09:52:12 +0200 + +tor (0.0.9.6-1) unstable; urgency=low + + * New upstream version. + * Upstream used newer auto* tools, so hopefully the new config.sub + and config.guess files (2003-08-18) are good enough to build + tor on ppc64 (closes: #300376: FTBFS on ppc64). + + -- Peter Palfrader Fri, 25 Mar 2005 01:34:28 +0100 + +tor (0.0.9.5-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 24 Feb 2005 09:45:52 +0100 + +tor (0.0.9.4-1) unstable; urgency=low + + * New upstream version. + * Set ulimit for file descriptors to 4096 in our init + script. + * Use SIGINT to shutdown tor. That way - if you are a server - + tor will stop accepting new connections immediately, and + give existing connections a grace period of 30 seconds in + which they might complete their task. If you just run a + client it should make no difference. + + -- Peter Palfrader Fri, 4 Feb 2005 00:20:25 +0100 + +tor (0.0.9.3-1) unstable; urgency=low + + * New upstream version. + * Forward port 07_log_to_file_by_default. + + -- Peter Palfrader Sun, 23 Jan 2005 16:01:58 +0100 + +tor (0.0.9.2-1) unstable; urgency=low + + * New upstream version. + * Update debian/copyright (it's 2005). + * Add sharedscripts tor logrotate.d/tor. + + -- Peter Palfrader Tue, 4 Jan 2005 11:14:03 +0100 + +tor (0.0.9.1-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 16 Dec 2004 00:16:47 +0100 + +tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium + + * New upstream release (candidate). + For real this time. Looks like our rc6 orig.tar.gz + was in fact the rc5 one. + * forward port patches/07_log_to_file_by_default + + -- Peter Palfrader Wed, 8 Dec 2004 15:22:44 +0100 + +tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium + + * New upstream release (candidate). + - cleans up more integer underflows that don't look exploitable. + But one never knows (-> medium). + * Remove those 'date' calls in debian/rules again that were + added in rc5-1. + + -- Peter Palfrader Mon, 6 Dec 2004 11:11:23 +0100 + +tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium + + * New upstream release (candidate). + - medium because it fixes an integer overflow that might + be exploitable, but doesn't seem to be currently. + * Add a few 'date' calls in debian/rules, so I can see how long + building the docs take on autobuilders. + + -- Peter Palfrader Wed, 1 Dec 2004 10:02:08 +0100 + +tor (0.0.8+0.0.9rc3-1) unstable; urgency=low + + * New upstream release (candidate). + + -- Peter Palfrader Thu, 25 Nov 2004 10:33:42 +0100 + +tor (0.0.8+0.0.9rc2-1) unstable; urgency=low + + * New upstream release (candidate). + * Nick's patch is now part of upstream, remove it from + the debian diff. + + -- Peter Palfrader Wed, 24 Nov 2004 09:03:13 +0100 + +tor (0.0.8+0.0.9rc1-1) unstable; urgency=low + + * New upstream release (candidate). + * Apply nick's patch against config.c (1.267) to handle + absense of units in BandwidthRate. + + -- Peter Palfrader Tue, 23 Nov 2004 11:57:49 +0100 + +tor (0.0.8+0.0.9pre6-1) unstable; urgency=low + + * New upstream (pre)release. + * Install control-spec.txt into usr/share/doc/tor/. + + -- Peter Palfrader Tue, 16 Nov 2004 04:49:32 +0100 + +tor (0.0.8+0.0.9pre5-2) unstable; urgency=low + + * Symlink tor(8) manpage to torrc(5). + * Make logs readable by the system administrators (group adm). + * Point to /var/log/tor (the directory) instead of a single + file (/var/log/tor/log) in the debian patch of the manpage. + * Do not patch the default torrc to include settings we really want. + Instead modify the compiled in default options. Those settings are + + - RunAsDaemon is enabled by default. + - PidFile is set to /var/run/tor/tor.pid. No default upstream. + - default logging goes to /var/log/tor/log instead of stdout. + - DataDirectory is set to /var/lib/tor by default. No default upstream. + + This is also documented in the new debian/README.Debian. + * Remove /usr/bin/tor-control.py from the binary package, it is + not really useful yet, and wasn't meant to be installed by + default. + * Change init startup script to properly deal with tor + printing stuff on startup. + + -- Peter Palfrader Fri, 12 Nov 2004 18:30:50 +0100 + +tor (0.0.8+0.0.9pre5-1) unstable; urgency=low + + * New upstream (pre)release. + * 04_fix_test can be backed out again. + * Make sure all patches apply cleanly. + * No longer use --pidfile, --logfile, and --runasdaemon + command line options. Set them in the configfile instead. + * Change the description slightly, to say "don't rely on the current Tor + network if you really need strong anonymity", instead of "Tor will not + provide anonymity currently". + + -- Peter Palfrader Wed, 10 Nov 2004 04:43:10 +0100 + +tor (0.0.8+0.0.9pre4-1) unstable; urgency=low + + * New upstream (pre)release. + * Apply patch from cvs to fix a segfault in src/or/test + (test.c, 1.131). + + -- Peter Palfrader Sun, 17 Oct 2004 19:04:31 +0200 + +tor (0.0.8+0.0.9pre3-1) unstable; urgency=high + + * New upstream (pre)release. + * Fixes at least one segfault that can be triggered remotely, + a format string vulnerability which probably is not exploitable, + and several assert bugs. + + -- Peter Palfrader Thu, 14 Oct 2004 13:36:45 +0200 + +tor (0.0.8+0.0.9pre2-1) unstable; urgency=low + + * New upstream (pre)release. + + -- Peter Palfrader Sun, 3 Oct 2004 01:29:13 +0200 + +tor (0.0.8+0.0.9pre1-1) unstable; urgency=low + + * New upstream (pre)release. + * Built depend on zlib1g-dev. + + -- Peter Palfrader Fri, 1 Oct 2004 21:28:49 +0200 + +tor (0.0.8-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Fri, 27 Aug 2004 14:08:10 +0200 + +tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low + + * New upstream release candidate. + * Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops. + + -- Peter Palfrader Wed, 18 Aug 2004 09:59:13 +0200 + +tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low + + * New upstream (pre)release. + * Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO, + doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package. + * Build tor-design.{pdf,ps}, wich adds new build-dependencies: + tetex-{bin,extra}, transfig, and gs. + * Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design. + With nodoc the build will not need tetex-{bin,extra}, transfig, and gs. + * Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests + ('notest' is an alias') + * Enable coredumps by default, this is still development code. + * Modify 02_add_debian_files_in_manpage to still apply. + + -- Peter Palfrader Sun, 8 Aug 2004 15:03:32 +0200 + +tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low + + * New upstream (pre)release. + * Depend on python as we now have a python script: tor_resolve + + -- Peter Palfrader Wed, 4 Aug 2004 20:09:26 +0200 + +tor (0.0.7.2-1) unstable; urgency=medium + + * New upstream release. + Fixes another instance of that remote crash bug. + * Mention another reason why stop/reload may fail in the init script. + + -- Peter Palfrader Thu, 8 Jul 2004 03:21:32 +0200 + +tor (0.0.7.1-1) unstable; urgency=medium + + * New upstream release. + Fixes a bug that allows a remote crash on exit nodes. + * Logrotate var/log/tor/*log instead of just var/log/tor/log, in + case the admin wants several logs. + + -- Peter Palfrader Mon, 5 Jul 2004 19:18:12 +0200 + +tor (0.0.7-1) unstable; urgency=low + + * New upstream version + closes: #249893: FTBFS on ia64 + + -- Peter Palfrader Mon, 7 Jun 2004 21:46:08 +0200 + +tor (0.0.6.2-1) unstable; urgency=medium + + * New upstream release (breaks backwards compatibility yet again). + * Recommend socat. + * Since tor is in /usr/sbin, the manpage should be in section 8, not + in section 1. Move it there, including updating the section in + the manpage itself and the reference in torify(1). + * Update debian/copyright file. + + -- Peter Palfrader Sun, 16 May 2004 10:47:20 +0200 + +tor (0.0.6.1-1) unstable; urgency=medium + + * New upstream release (breaks backwards compatibility). + + -- Peter Palfrader Fri, 7 May 2004 00:24:49 +0200 + +tor (0.0.6-1) unstable; urgency=low + + * New upstream release (breaks backwards compatibility). + + -- Peter Palfrader Sun, 2 May 2004 23:58:36 +0200 + +tor (0.0.5+0.0.6rc4-1) unstable; urgency=low + + * New upstream release candidate. + + -- Peter Palfrader Sun, 2 May 2004 14:36:59 +0200 + +tor (0.0.5+0.0.6rc3-1) unstable; urgency=low + + * New upstream release candidate. + + -- Peter Palfrader Thu, 29 Apr 2004 11:52:07 +0200 + +tor (0.0.5+0.0.6rc2-1) unstable; urgency=low + + * New upstream release candidate. + * Mention upstream website and mailinglist archives in long + description. + + -- Peter Palfrader Mon, 26 Apr 2004 12:23:20 +0200 + +tor (0.0.5-1) unstable; urgency=low + + * New upstream release. + * Upstream installs a torrc.sample file now, rather than torrc. + Keep using torrc as dpkg handles conffile upgrades. + + -- Peter Palfrader Tue, 30 Mar 2004 20:54:00 +0200 + +tor (0.0.4-1) unstable; urgency=low + + * New upstream release (how the version numbers fly by :). + + -- Peter Palfrader Fri, 26 Mar 2004 23:46:09 +0100 + +tor (0.0.3-1) unstable; urgency=low + + * New upstream release. + * Also mention that tree.h is by Niels Provos in debian/copyright. + + -- Peter Palfrader Fri, 26 Mar 2004 20:36:08 +0100 + +tor (0.0.2-1) unstable; urgency=low + + * New upstream release. + * Uses strlcpy and strlcat by Todd C. Miller, mention him in + debian/copyright. + + -- Peter Palfrader Fri, 19 Mar 2004 12:37:17 +0100 + +tor (0.0.1+0.0.2pre27-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Mon, 15 Mar 2004 05:19:16 +0100 + +tor (0.0.1+0.0.2pre26-1) unstable; urgency=low + + * New upstream release. + * Mention log and pidfile location in tor.1. + + -- Peter Palfrader Mon, 15 Mar 2004 02:21:29 +0100 + +tor (0.0.1+0.0.2pre25-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Thu, 4 Mar 2004 23:05:38 +0100 + +tor (0.0.1+0.0.2pre24-1) unstable; urgency=low + + * New upstream release. + * Do not strip binaries for now. + * Add "# ulimit -c unlimited" to tor.default + * Always enable DataDirectory. + * Actually use dpatch now (to modify upstream torrc.in) + * Wait for tor to die in init stop. Let the user know if it doesn't. + + -- Peter Palfrader Wed, 3 Mar 2004 14:10:25 +0100 + +tor (0.0.1+0.0.2pre23-1) unstable; urgency=low + + * New upstream release. + * The one test that always failed has been fixed: removed comment from + rules file. + + -- Peter Palfrader Sun, 29 Feb 2004 12:36:33 +0100 + +tor (0.0.1+0.0.2pre22-1) unstable; urgency=low + + * New upstream release. + * Upstream has moved tor back to usr/bin, but we will keep it in + usr/sbin. That's the right place and it doesn't break my tab + completion there. + + -- Peter Palfrader Fri, 27 Feb 2004 01:59:09 +0100 + +tor (0.0.1+0.0.2pre21-1) unstable; urgency=low + + * New upstream release. + * 0.0.2pre20-2 removed the Recommends: on privoxy rather + than tsocks (which is now required) by mistake. Fix that. + * package description: Mention that the package starts the OP by default and + that OR can be enabled in the config. + * tor moved to sbin, updating init script. + + -- Peter Palfrader Wed, 18 Feb 2004 10:08:12 +0100 + +tor (0.0.1+0.0.2pre20-2) unstable; urgency=low + + * Add torify script, documentation, and config file. Means we also + depend on tsocks now rather than just recommending it. Right now + we install it in debian/rules, but upcoming versions might install + it in upstream's make install target. + * There's an upstream ChangeLog file now. Enjoy! + * Add a README.privoxy file that explains how to setup privoxy to + go over tor. + * As is the case too often, the INSTALL file not only covers + installation, but also basic usage and configuration. Therefore + include it in the docs dir. + * Add a lintian override for the INSTALL file. + + -- Peter Palfrader Tue, 17 Feb 2004 02:32:00 +0100 + +tor (0.0.1+0.0.2pre20-1) unstable; urgency=low + + * New upstream version. + - various design paper updates + - resolve cygwin warnings + - split the token bucket into "rate" and "burst" params + - try to resolve discrepency between bytes transmitted over TLS and actual + bandwidth use + - setuid to user _before_ complaining about running as root + - fix several memleaks and double frees + - minor logging fixes + - add more debugging for logs. + - various documentation fixes and improvements + - for perforcmance testing, paths are always 3 hops, not "3 or more" + (this will go away at a later date again) + * Add dependency on adduser which was previously missing. + * Change short description to a nicer one. + + -- Peter Palfrader Sat, 31 Jan 2004 10:10:45 +0100 + +tor (0.0.1+0.0.2pre19-1) unstable; urgency=low + + * Initial Release (closes: #216611). + + -- Peter Palfrader Sat, 10 Jan 2004 11:20:06 +0100 + --- tor-0.2.7.6.orig/debian/compat +++ tor-0.2.7.6/debian/compat @@ -0,0 +1 @@ +8 --- tor-0.2.7.6.orig/debian/control +++ tor-0.2.7.6/debian/control @@ -0,0 +1,77 @@ +Source: tor +Section: net +Priority: optional +Maintainer: Peter Palfrader +Build-Depends: debhelper (>= 8.1.0~), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev [amd64 i386 x32 armel armhf], dh-systemd [linux-any], libsystemd-dev [linux-any], pkg-config [linux-any], dh-autoreconf +Standards-Version: 3.9.4 +Homepage: https://www.torproject.org/ +Vcs-Git: https://git.torproject.org/debian/tor.git +Vcs-Browser: https://gitweb.torproject.org/debian/tor.git + +Package: tor +Architecture: any +Depends: ${shlibs:Depends}, adduser, ${misc:Depends}, lsb-base +Pre-Depends: ${misc:Pre-Depends} +Conflicts: libssl0.9.8 (<< 0.9.8g-9) +Recommends: logrotate, tor-geoipdb, torsocks +Suggests: mixmaster, torbrowser-launcher, socat, tor-arm, apparmor-utils, tor-arm, obfsproxy, obfs4proxy +Description: anonymizing overlay network for TCP + Tor is a connection-based low-latency anonymous communication system. + . + Clients choose a source-routed path through a set of relays, and + negotiate a "virtual circuit" through the network, in which each relay + knows its predecessor and successor, but no others. Traffic flowing + down the circuit is decrypted at each relay, which reveals the + downstream relay. + . + Basically, Tor provides a distributed network of relays. Users bounce + their TCP streams (web traffic, ftp, ssh, etc) around the relays, and + recipients, observers, and even the relays themselves have difficulty + learning which users connected to which destinations. + . + This package enables only a Tor client by default, but it can also be + configured as a relay and/or a hidden service easily. + . + Client applications can use the Tor network by connecting to the local + socks proxy interface provided by your Tor instance. If the application + itself does not come with socks support, you can use a socks client + such as torsocks. + . + Note that Tor does no protocol cleaning on application traffic. There + is a danger that application protocols and associated programs can be + induced to reveal information about the user. Tor depends on Torbutton + and similar protocol cleaners to solve this problem. For best + protection when web surfing, the Tor Project recommends that you use + the Tor Browser Bundle, a standalone tarball that includes static + builds of Tor, Torbutton, and a modified Firefox that is patched to fix + a variety of privacy bugs. + +Package: tor-dbg +Architecture: any +Depends: tor (= ${binary:Version}), ${misc:Depends} +Suggests: gdb +Priority: extra +Section: debug +Description: debugging symbols for Tor + This package provides the debugging symbols for Tor, The Onion Router. + Those symbols allow your debugger to assign names to your backtraces, which + makes it somewhat easier to interpret core dumps. + +Package: tor-geoipdb +Architecture: all +Priority: extra +Depends: tor (>= ${source:Version}), ${misc:Depends} +Replaces: tor (<< 0.2.4.8) +Breaks: tor (<< 0.2.4.8) +Description: GeoIP database for Tor + This package provides a GeoIP database for Tor, i.e. it maps IPv4 addresses + to countries. + . + Bridge relays (special Tor relays that aren't listed in the main Tor + directory) use this information to report which countries they see + connections from. These statistics enable the Tor network operators to + learn when certain countries start blocking access to bridges. + . + Clients can also use this to learn what country each relay is in, so + Tor controllers like arm or Vidalia can use it, or if they want to + configure path selection preferences. --- tor-0.2.7.6.orig/debian/copyright +++ tor-0.2.7.6/debian/copyright @@ -0,0 +1,227 @@ +This package was debianized by Peter Palfrader on +Sat, 10 Jan 2004 11:20:06 +0100. + +It was downloaded from https://www.torproject.org/ + +Upstream Author: The Tor Project - https://www.torproject.org/ + +Copyright (c) 2001 Matej Pfajfar +Copyright (c) 2001-2004, Roger Dingledine +Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson +Copyright (c) 2007-2013, The Tor Project, Inc. +strlcat, strlcpy: Copyright (c) 1998 Todd C. Miller +ht.h: Copyright (c) 2002, Christopher Clark, 2006 Nick Mathewson +OpenBSD_malloc_Linux.c: phk@FreeBSD.ORG +OpenBSD queue.h: Copyright (c) 1991, 1993 The Regents of the University of California. +Curve25519: Copyright (c) 2008 Google Inc. +Modifications for Debian: Copyright (c) 2004-2013 Peter Palfrader + +Tor is distributed under this license: +=============================================================================== +Copyright (c) 2001-2004, Roger Dingledine +Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson +Copyright (c) 2007-2008, The Tor Project, Inc. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +=============================================================================== +strlcat and strlcpy by Todd C. Miller are licensed under the following license: + + * Copyright (c) 1998 Todd C. Miller + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +=============================================================================== +ht.h by Nick Mathewson is licensed as follows: +/* + * Copyright 2005, Nick Mathewson. Implementation logic is adapted from code + * by Cristopher Clark, retrofit to allow drop-in memory management, and to + * use the same interface as Niels Provos's HT_H. I'm not sure whether this + * is a derived work any more, but whether it is or not, the license below + * applies. + * + * Copyright (c) 2002, Christopher Clark + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * * Neither the name of the original author; nor the names of any contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +=============================================================================== +OpenBSD_malloc_Linux.c: + * "THE BEER-WARE LICENSE" (Revision 42): + * wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp +=============================================================================== +OpenBSD queue.h: +/* + * Copyright (c) 1991, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +=============================================================================== +src/ext/curve25519_donna/: +/* Copyright 2008, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * curve25519-donna: Curve25519 elliptic curve, public key function + * + * http://code.google.com/p/curve25519-donna/ + * + * Adam Langley + * + * Derived from public domain C code by Daniel J. Bernstein + * + * More information about curve25519 can be found here + * http://cr.yp.to/ecdh.html + * + * djb's sample implementation of curve25519 is written in a special assembly + * language called qhasm and uses the floating point registers. + * + * This is, almost, a clean room reimplementation from the curve25519 paper. It + * uses many of the tricks described therein. Only the crecip function is taken + * from the sample implementation. + */ +/* Copyright 2008, Google Inc. + * All rights reserved. + * + * Code released into the public domain. + * + * curve25519-donna: Curve25519 elliptic curve, public key function + * + * http://code.google.com/p/curve25519-donna/ + * + * Adam Langley + * + * Derived from public domain C code by Daniel J. Bernstein + * + * More information about curve25519 can be found here + * http://cr.yp.to/ecdh.html + * + * djb's sample implementation of curve25519 is written in a special assembly + * language called qhasm and uses the floating point registers. + * + * This is, almost, a clean room reimplementation from the curve25519 paper. It + * uses many of the tricks described therein. Only the crecip function is taken + * from the sample implementation. + */ --- tor-0.2.7.6.orig/debian/micro-revision.i +++ tor-0.2.7.6/debian/micro-revision.i @@ -0,0 +1 @@ +"605ae665009853bd" --- tor-0.2.7.6.orig/debian/patches/20-upstream-syslog-identity +++ tor-0.2.7.6/debian/patches/20-upstream-syslog-identity @@ -0,0 +1,179 @@ +From 1cf0d82280973a52403c160fa47a4fb06dfca6c3 Mon Sep 17 00:00:00 2001 +From: Peter Palfrader +Date: Wed, 30 Sep 2015 17:54:56 +0200 +Subject: [PATCH 1/4] Add SyslogIdentityTag + +When logging to syslog, allow a tag to be added to the syslog identity +("Tor"), i.e. the string prepended to every log message. The tag can be +configured by setting SyslogIdentityTag and defaults to none. Setting +it to "foo" will cause logs to be tagged as "Tor-foo". Closes: #17194. +--- + changes/bug17194 | 7 +++++++ + doc/tor.1.txt | 4 ++++ + src/common/log.c | 13 ++++++++++--- + src/common/torlog.h | 2 +- + src/or/config.c | 3 ++- + src/or/or.h | 1 + + 6 files changed, 25 insertions(+), 5 deletions(-) + create mode 100644 changes/bug17194 + +diff --git a/changes/bug17194 b/changes/bug17194 +new file mode 100644 +index 0000000..26549b3 +--- /dev/null ++++ b/changes/bug17194 +@@ -0,0 +1,7 @@ ++ o Minor feature: ++ - When logging to syslog, allow a tag to be added to the syslog ++ identity ("Tor"), i.e. the string prepended to every log message. ++ The tag can be configured by setting SyslogIdentityTag and defaults ++ to none. Setting it to "foo" will cause logs to be tagged as ++ "Tor-foo". ++ +diff --git a/doc/tor.1.txt b/doc/tor.1.txt +index 954c8fa..b04d57b 100644 +--- a/doc/tor.1.txt ++++ b/doc/tor.1.txt +@@ -580,6 +580,10 @@ GENERAL OPTIONS + If 1, Tor will overwrite logs at startup and in response to a HUP signal, + instead of appending to them. (Default: 0) + ++[[SyslogIdentityTag]] **SyslogIdentityTag** __tag__:: ++ When logging to syslog, adds a tag to the syslog identity such that ++ log entries are marked with "Tor-__tag__". (Default: none) ++ + [[SafeLogging]] **SafeLogging** **0**|**1**|**relay**:: + Tor can scrub potentially sensitive strings from log messages (e.g. + addresses) by replacing them with the string [scrubbed]. This way logs can +diff --git a/src/common/log.c b/src/common/log.c +index e23691b..8d1c40c 100644 +--- a/src/common/log.c ++++ b/src/common/log.c +@@ -1099,12 +1099,19 @@ add_file_log(const log_severity_list_t *severity, const char *filename, + * Add a log handler to send messages to they system log facility. + */ + int +-add_syslog_log(const log_severity_list_t *severity) ++add_syslog_log(const log_severity_list_t *severity, const char* syslog_identity_tag) + { + logfile_t *lf; +- if (syslog_count++ == 0) ++ if (syslog_count++ == 0) { + /* This is the first syslog. */ +- openlog("Tor", LOG_PID | LOG_NDELAY, LOGFACILITY); ++ static char buf[256]; ++ if (syslog_identity_tag) { ++ tor_snprintf(buf, sizeof(buf), "Tor-%s", syslog_identity_tag); ++ } else { ++ tor_snprintf(buf, sizeof(buf), "Tor"); ++ } ++ openlog(buf, LOG_PID | LOG_NDELAY, LOGFACILITY); ++ } + + lf = tor_malloc_zero(sizeof(logfile_t)); + lf->fd = -1; +diff --git a/src/common/torlog.h b/src/common/torlog.h +index 67edf14..57679b5 100644 +--- a/src/common/torlog.h ++++ b/src/common/torlog.h +@@ -135,7 +135,7 @@ void add_stream_log(const log_severity_list_t *severity, const char *name, + int add_file_log(const log_severity_list_t *severity, const char *filename, + const int truncate); + #ifdef HAVE_SYSLOG_H +-int add_syslog_log(const log_severity_list_t *severity); ++int add_syslog_log(const log_severity_list_t *severity, const char* syslog_identity_tag); + #endif + int add_callback_log(const log_severity_list_t *severity, log_callback cb); + void logs_set_domain_logging(int enabled); +diff --git a/src/or/config.c b/src/or/config.c +index fa860af..9b65add 100644 +--- a/src/or/config.c ++++ b/src/or/config.c +@@ -312,6 +312,7 @@ static config_var_t option_vars_[] = { + V(LogMessageDomains, BOOL, "0"), + V(LogTimeGranularity, MSEC_INTERVAL, "1 second"), + V(TruncateLogFile, BOOL, "0"), ++ V(SyslogIdentityTag, STRING, NULL), + V(LongLivedPorts, CSV, + "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"), + VAR("MapAddress", LINELIST, AddressMap, NULL), +@@ -4937,7 +4938,7 @@ options_init_logs(const or_options_t *old_options, or_options_t *options, + !strcasecmp(smartlist_get(elts,0), "syslog")) { + #ifdef HAVE_SYSLOG_H + if (!validate_only) { +- add_syslog_log(severity); ++ add_syslog_log(severity, options->SyslogIdentityTag); + } + #else + log_warn(LD_CONFIG, "Syslog is not supported on this system. Sorry."); +diff --git a/src/or/or.h b/src/or/or.h +index 4496cbc..a80cd55 100644 +--- a/src/or/or.h ++++ b/src/or/or.h +@@ -3424,6 +3424,7 @@ typedef struct { + * each log message occurs? */ + int TruncateLogFile; /**< Boolean: Should we truncate the log file + before we start writing? */ ++ char *SyslogIdentityTag; /**< Identity tag to add for syslog logging. */ + + char *DebugLogFile; /**< Where to send verbose log messages. */ + char *DataDirectory; /**< OR only: where to store long-term data. */ +-- +2.1.4 + +From 335af6fed8af30b8528965247622b71102e8dd2c Mon Sep 17 00:00:00 2001 +From: Peter Palfrader +Date: Wed, 30 Sep 2015 18:02:52 +0200 +Subject: [PATCH 2/4] Document syslog_identity_tag for add_syslog_log + +--- + src/common/log.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/common/log.c b/src/common/log.c +index 8d1c40c..126fb2e 100644 +--- a/src/common/log.c ++++ b/src/common/log.c +@@ -1097,6 +1097,9 @@ add_file_log(const log_severity_list_t *severity, const char *filename, + #ifdef HAVE_SYSLOG_H + /** + * Add a log handler to send messages to they system log facility. ++ * ++ * If this is the first log handler, opens syslog with ident Tor or ++ * Tor- if that is not NULL. + */ + int + add_syslog_log(const log_severity_list_t *severity, const char* syslog_identity_tag) +-- +2.1.4 + +From 71e4649f02940806c8be2b8349aeb2029f2721a0 Mon Sep 17 00:00:00 2001 +From: Nick Mathewson +Date: Wed, 30 Sep 2015 18:33:02 +0200 +Subject: [PATCH 3/4] Disallow transitions on SyslogIdentityTag, since they do + not work right + +--- + src/or/config.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/or/config.c b/src/or/config.c +index 9b65add..f8fc757 100644 +--- a/src/or/config.c ++++ b/src/or/config.c +@@ -3997,6 +3997,12 @@ options_transition_allowed(const or_options_t *old, + return -1; + } + ++ if (!opt_streq(old->SyslogIdentityTag, new_val->SyslogIdentityTag)) { ++ *msg = tor_strdup("While Tor is running, changing " ++ "SyslogIdentityTag is not allowed."); ++ return -1; ++ } ++ + if ((old->HardwareAccel != new_val->HardwareAccel) + || !opt_streq(old->AccelName, new_val->AccelName) + || !opt_streq(old->AccelDir, new_val->AccelDir)) { +-- +2.1.4 + --- tor-0.2.7.6.orig/debian/patches/improve-geoip-warning +++ tor-0.2.7.6/debian/patches/improve-geoip-warning @@ -0,0 +1,12 @@ +--- a/src/or/geoip.c ++++ b/src/or/geoip.c +@@ -301,7 +301,8 @@ + tor_assert(family == AF_INET || family == AF_INET6); + + if (!(f = tor_fopen_cloexec(filename, "r"))) { +- log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s", ++ log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s" ++ " Do you have the tor-geoipdb package installed?", + filename, msg); + return -1; + } --- tor-0.2.7.6.orig/debian/patches/series +++ tor-0.2.7.6/debian/patches/series @@ -0,0 +1,2 @@ +20-upstream-syslog-identity +improve-geoip-warning --- tor-0.2.7.6.orig/debian/rules +++ tor-0.2.7.6/debian/rules @@ -0,0 +1,77 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +DH_VERBOSE ?= 1 + +DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) + +# allow building against libdmalloc4 - it better be installed +ifneq (,$(findstring with-dmalloc,$(DEB_BUILD_OPTIONS))) + confflags += --with-dmalloc +endif +# allow building with --enable-openbsd-malloc +ifneq (,$(findstring enable-openbsd-malloc,$(DEB_BUILD_OPTIONS))) + confflags += --enable-openbsd-malloc +endif + +ifeq ($(DEB_HOST_ARCH_OS),linux) + dhoptions += --with systemd + confflags += --enable-systemd +endif + +%: + dh \ + $@ \ + --with quilt \ + --with autoreconf \ + $(dhoptions) \ + --builddirectory=build \ + --parallel + +override_dh_auto_configure: + ! [ -e debian/micro-revision.i ] || cp debian/micro-revision.i src/or/micro-revision.i + dh_auto_configure -- \ + $(confflags) \ + --prefix=/usr \ + --mandir=\$${prefix}/share/man \ + --infodir=\$${prefix}/share/info \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --disable-silent-rules \ + --enable-gcc-warnings-advisory + +override_dh_clean: + ! [ -e debian/micro-revision.i ] || rm -f src/or/micro-revision.i + + # Normally the .deb wouldn't ship with a ../.git, but if we do, include the revision number + if [ -d .git ] && which git >/dev/null; then \ + echo "\"`git rev-parse --short=16 HEAD`\"" > "debian/micro-revision.i" ; \ + fi + + # these get autobuilt from the .txt files, some of which we also patch + rm -vf doc/*.in + rm -f debian/tor-instance-create.8 + + dh_clean + +override_dh_auto_build: + dh_auto_build + a2x -f manpage debian/tor-instance-create.8.txt + chmod +x debian/systemd/tor-generator + +override_dh_install: + dh_install --fail-missing + + mv debian/tor/etc/tor/torrc.sample debian/tor/etc/tor/torrc + + cp debian/tor.apparmor-profile debian/tor/etc/apparmor.d/system_tor + cp debian/tor.apparmor-profile.abstraction debian/tor/etc/apparmor.d/abstractions/tor + dh_apparmor --profile-name=system_tor -ptor + +override_dh_installdocs: + dh_installdocs -ptor-dbg --link-doc=tor + dh_installdocs +override_dh_strip: + dh_strip --dbg-package=tor-dbg +override_dh_installinit: + dh_installinit --error-handler=tor_error_init --- tor-0.2.7.6.orig/debian/source.lintian-overrides +++ tor-0.2.7.6/debian/source.lintian-overrides @@ -0,0 +1 @@ +tor source: rc-version-greater-than-expected-version --- tor-0.2.7.6.orig/debian/systemd/tor-generator +++ tor-0.2.7.6/debian/systemd/tor-generator @@ -0,0 +1,31 @@ +#!/bin/sh + +# systemd generator to create dependency symlink to start +# all tor instances from /etc/tor/instances/ + +set -eu + +if [ $# -lt 1 ]; then + echo >&2 "Usage: $0 [...]" + exit 1 +fi + +GENDIR="$1" +WANTDIR="$1/tor.service.wants" +SERVICEFILE="/lib/systemd/system/tor@.service" +DEFAULTTOR="/lib/systemd/system/tor@default.service" +BASEETC="/etc/tor/instances" + +mkdir -p "$WANTDIR" + +[ -e "/etc/tor/torrc" ] && ln -s "$DEFAULTTOR" "$WANTDIR/" +for name in $( find "$BASEETC" -mindepth 1 -maxdepth 1 -type d -printf '%f\n' ); do + if echo "x$name" | grep -q '[^a-zA-Z0-9]' || + [ "$name" = "default" ] ; then + continue + fi + [ -e "$BASEETC/$name/torrc" ] && ln -s "$SERVICEFILE" "$WANTDIR/tor@$name.service" +done + +exit 0 + --- tor-0.2.7.6.orig/debian/systemd/tor.service +++ tor-0.2.7.6/debian/systemd/tor.service @@ -0,0 +1,15 @@ +# This service is actually a systemd target, +# but we are using a service since targets cannot be reloaded. + +[Unit] +Description=Anonymizing overlay network for TCP (multi-instance-master) + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/true +ExecReload=/bin/true + +[Install] +WantedBy=multi-user.target + --- tor-0.2.7.6.orig/debian/systemd/tor@.service +++ tor-0.2.7.6/debian/systemd/tor@.service @@ -0,0 +1,35 @@ +[Unit] +Description=Anonymizing overlay network for TCP (instance %i) +After=network.target nss-lookup.target +PartOf=tor.service +ReloadPropagatedFrom=tor.service + +[Service] +Type=notify +NotifyAccess=all +PIDFile=/var/run/tor-instances/%i/tor.pid +PermissionsStartOnly=yes +ExecStartPre=/usr/bin/install -Z -m 02750 -o _tor-%i -g _tor-%i -d /var/run/tor-instances/%i +ExecStartPre=/bin/sed -e 's/@@NAME@@/%i/g; w /var/run/tor-instances/%i.defaults' /usr/share/tor/tor-service-defaults-torrc-instances +ExecStartPre=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc --verify-config +ExecStart=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutStartSec=120 +TimeoutStopSec=60 +Restart=on-failure +LimitNOFILE=65536 + +# Hardening +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/var/lib/tor-instances +ReadWriteDirectories=-/var/run +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER + +[Install] +WantedBy=multi-user.target --- tor-0.2.7.6.orig/debian/systemd/tor@default.service +++ tor-0.2.7.6/debian/systemd/tor@default.service @@ -0,0 +1,34 @@ +[Unit] +Description=Anonymizing overlay network for TCP +After=network.target nss-lookup.target +PartOf=tor.service +ReloadPropagatedFrom=tor.service + +[Service] +Type=notify +NotifyAccess=all +PIDFile=/var/run/tor/tor.pid +PermissionsStartOnly=yes +ExecStartPre=/usr/bin/install -Z -m 02750 -o debian-tor -g debian-tor -d /var/run/tor +ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config +ExecStart=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutStartSec=120 +TimeoutStopSec=60 +Restart=on-failure +LimitNOFILE=65536 + +# Hardening +AppArmorProfile=system_tor +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/proc +ReadWriteDirectories=-/var/lib/tor +ReadWriteDirectories=-/var/log/tor +ReadWriteDirectories=-/var/run +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER --- tor-0.2.7.6.orig/debian/tor-dbg.lintian-overrides +++ tor-0.2.7.6/debian/tor-dbg.lintian-overrides @@ -0,0 +1 @@ +tor-dbg: rc-version-greater-than-expected-version --- tor-0.2.7.6.orig/debian/tor-geoipdb.copyright +++ tor-0.2.7.6/debian/tor-geoipdb.copyright @@ -0,0 +1,35 @@ +This geo-ip database was downloaded as part of the Tor distribution +from . + + +It is the IP-to-Country Database provided by WebHosting.Info +(http://www.webhosting.info), available from +http://ip-to-country.webhosting.info. + + +Copyright (c) 2003 Direct Information Pvt. Ltd. All Rights Reserved. + +All usage, reproduction, modification and derivative works created from, and +distribution and publication of the IP-to-Country Database and your derivative +works thereof must keep intact all copyright notices and give credit by +displaying the following acknowledgment by replacing 'work' with one of the +following: script, product, page, service or application: + +"This 'work' uses the IP-to-Country Database + provided by WebHosting.Info (http://www.webhosting.info), + available from http://ip-to-country.webhosting.info." + +BECAUSE THE DATABASE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE +DATABASE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE +STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE +DATABASE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTIES REGARDING THE CONTENTS OR +ACCURACY OF THE WORK. + +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY +COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE +DATABASE AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE DATABASE, EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN +ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. --- tor-0.2.7.6.orig/debian/tor-geoipdb.install +++ tor-0.2.7.6/debian/tor-geoipdb.install @@ -0,0 +1,2 @@ +usr/share/tor/geoip +usr/share/tor/geoip6 --- tor-0.2.7.6.orig/debian/tor-geoipdb.lintian-overrides +++ tor-0.2.7.6/debian/tor-geoipdb.lintian-overrides @@ -0,0 +1,2 @@ +tor-geoipdb: debian-changelog-file-is-a-symlink +tor-geoipdb: rc-version-greater-than-expected-version --- tor-0.2.7.6.orig/debian/tor-instance-create +++ tor-0.2.7.6/debian/tor-instance-create @@ -0,0 +1,95 @@ +#!/bin/bash + +# Copyright (c) 2015 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# create an instance of a tor service + +set -e +set -u + +BASEETC="/etc/tor/instances" +BASEDATA="/var/lib/tor-instances" + +shopt -s extglob + +usage() { + echo "Usage: $0 " +} + +while getopts "h" OPTION +do + case "$OPTION" in + h) + usage + exit 0 + ;; + *) + usage >&2 + exit 1 + esac +done +shift $(($OPTIND - 1)) + +if [ "${1:-}" = "--help" ]; then + usage + exit 0 +elif [ "$#" -lt 1 ]; then + usage >&2 + exit 1 +fi + +name="$1"; shift +# XXX verify name is valid + +if echo "x$name" | grep -q '[^a-zA-Z0-9]' || + [ "$name" = "default" ] ; then + echo >&2 "Invalid name: $name." + exit 1 +fi + +etc="$BASEETC/$name" +torrc="$etc/torrc" +home="$BASEDATA/$name" +user="_tor-$name" + +adduser --quiet \ + --system \ + --disabled-password \ + --home "$home" \ + --no-create-home \ + --shell /bin/false \ + --group \ + --force-badname \ + "$user" +install -d -m 02700 -o "$user" -g "$user" "$home" +install -d "$etc" + +[ -e "$torrc" ] || cat > "$torrc" << EOF +# This is the tor configuration file for tor instance $name. +# +# To start/reload/etc this instance, run "systemctl tor@$name start" (or reload, or..). +# This instance will run as user $user; its data directory is $home. +# +SocksPort auto +EOF + +[ -x /bin/systemctl ] && systemctl daemon-reload || true --- tor-0.2.7.6.orig/debian/tor-instance-create.8.txt +++ tor-0.2.7.6/debian/tor-instance-create.8.txt @@ -0,0 +1,50 @@ +:man source: Tor +:man manual: Tor Manual +tor-instance-create(8) +====================== +Peter Palfrader + +NAME +---- +tor-instance-create - Set up a new tor instance + +SYNOPSIS +-------- +**tor-instance-create** __instance_name__ + +DESCRIPTION +----------- +The Tor Debian package supports running multiple instances of the Tor +daemon. This can be useful if you want to run multiple relays or brdige +relays on a single system, of if you want to provide a hidden service in +addition to running a relay. + +**tor-instance-create** is the tool that creates a new instance of Tor +on a Debian system. In particular, it creates a new UNIX user with a +home directory and a mostly empty tor configuration file. + +The new user and group are named **_tor-**__instance_name__. The user's +home directory, which is also the DataDirectory of the new tor instance, +is **/var/lib/tor-instances/**__instance_name__. The configuration file +for that instance is **/etc/tor/instances/**__instance_name__**/torrc**. +Logs go to syslog by default. + +To start this new service, use +**systemctl start tor@**__instance_name__. Stopping, restarting, and +reloading the config works accordingly. Stopping/Starting/.. the +**tor** service should affect all instances. +The "main" instance which lives in /var/lib/tor and has /etc/tor/torrc +as its configuration file is known to systemd as **tor@default**. + +There currently is no **tor-instance-remove** script. To remove an +instance, delete the user and its homedirectory once you are convinced +there are no files or processes on your system still owned by that user. +Then also remove the directory tree in /etc/tor/instances. + +SEE ALSO +-------- +**tor**(1) + + +AUTHORS +------- + Peter Palfrader --- tor-0.2.7.6.orig/debian/tor-service-defaults-torrc +++ tor-0.2.7.6/debian/tor-service-defaults-torrc @@ -0,0 +1,13 @@ +DataDirectory /var/lib/tor +PidFile /var/run/tor/tor.pid +RunAsDaemon 1 +User debian-tor + +ControlSocket /var/run/tor/control +ControlSocketsGroupWritable 1 + +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +CookieAuthFile /var/run/tor/control.authcookie + +Log notice file /var/log/tor/log --- tor-0.2.7.6.orig/debian/tor-service-defaults-torrc-instances +++ tor-0.2.7.6/debian/tor-service-defaults-torrc-instances @@ -0,0 +1,14 @@ +DataDirectory /var/lib/tor-instances/@@NAME@@ +PidFile /var/run/tor-instances/@@NAME@@/tor.pid +RunAsDaemon 0 +User _tor-@@NAME@@ +SyslogIdentityTag @@NAME@@ + +ControlSocket /var/run/tor-instances/@@NAME@@/control +ControlSocketsGroupWritable 1 + +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +CookieAuthFile /var/run/tor-instances/@@NAME@@/control.authcookie + +Log notice syslog --- tor-0.2.7.6.orig/debian/tor.NEWS +++ tor-0.2.7.6/debian/tor.NEWS @@ -0,0 +1,16 @@ +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * weak cryptographic keys + + It has been discovered that the random number generator in Debian's + openssl package is predictable. This is caused by an incorrect + Debian-specific change to the openssl package (CVE-2008-0166). As a + result, cryptographic key material may be guessable. + + See Debian Security Advisory number 1571 (DSA-1571) for more information: + http://lists.debian.org/debian-security-announce/2008/msg00152.html + + If you run a Tor server using this package please see + /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY + + -- Peter Palfrader Tue, 13 May 2008 12:49:05 +0200 --- tor-0.2.7.6.orig/debian/tor.apparmor-profile +++ tor-0.2.7.6/debian/tor.apparmor-profile @@ -0,0 +1,18 @@ +# vim:syntax=apparmor +#include + +profile system_tor flags=(attach_disconnected) { + #include + + owner /var/lib/tor/** rwk, + owner /var/log/tor/* w, + + /{,var/}run/tor/control w, + /{,var/}run/tor/tor.pid w, + /{,var/}run/tor/control.authcookie w, + /{,var/}run/tor/control.authcookie.tmp rw, + /{,var/}run/systemd/notify w, + + # Site-specific additions and overrides. See local/README for details. + #include +} --- tor-0.2.7.6.orig/debian/tor.apparmor-profile.abstraction +++ tor-0.2.7.6/debian/tor.apparmor-profile.abstraction @@ -0,0 +1,27 @@ +# vim:syntax=apparmor + + #include + #include + + network tcp, + network udp, + + capability chown, + capability dac_override, + capability fowner, + capability fsetid, + capability setgid, + capability setuid, + + /usr/bin/tor r, + /usr/sbin/tor r, + + /proc/sys/kernel/random/uuid r, + /sys/devices/system/cpu/ r, + /sys/devices/system/cpu/** r, + + /etc/tor/* r, + /usr/share/tor/** r, + + /usr/bin/obfsproxy PUx, + /usr/bin/obfs4proxy PUx, --- tor-0.2.7.6.orig/debian/tor.cron.weekly +++ tor-0.2.7.6/debian/tor.cron.weekly @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e +set -u + +DEFAULTSFILE=/etc/default/tor + +if [ -f $DEFAULTSFILE ] ; then + . $DEFAULTSFILE +fi + +if [ "${CLEANUP_OLD_COREFILES:-}" = "y" ] ; then + if [ -d /var/lib/tor ] ; then + find /var/lib/tor -mindepth 1 -maxdepth 1 -type f -mtime +21 -user debian-tor -regex '.*/core\(\.[0-9]+\)?' -exec rm '{}' + + fi +fi --- tor-0.2.7.6.orig/debian/tor.default +++ tor-0.2.7.6/debian/tor.default @@ -0,0 +1,75 @@ +# Defaults for tor initscript +# sourced by /etc/init.d/tor +# installed at /etc/default/tor by the maintainer scripts +# +# Note that this file is not being used for controlling Tor-startup +# when Tor is launched by systemd. +# + +# +# This is a bash shell fragment +# +RUN_DAEMON="yes" + +# +# Servers sometimes may need more than the default 1024 file descriptors +# if they are very busy and have many clients connected to them. The top +# servers as of early 2008 regularly have more than 10000 connected +# clients. +# (ulimit -n) +# +# (the default varies as it depends on the number of available system-wide file +# descriptors. See the init script in /etc/init.d/tor for details.) +# +# MAX_FILEDESCRIPTORS= + +# +# If tor is seriously hogging your CPU, taking away too much cycles from +# other system resources, then you can renice tor. See nice(1) for a +# bit more information. Another way to limit the CPU usage of an Onion +# Router is to set a lower BandwidthRate, as CPU usage is mostly a function +# of the amount of traffic flowing through your node. Consult the torrc(5) +# manual page for more information on setting BandwidthRate. +# +# NICE="--nicelevel 5" + +# Additional arguments to pass on tor's command line. +# +# ARGS="$ARGS " + +# +# Uncomment the ulimit call below, and set "DisableDebuggerAttachment 0" +# in /etc/tor/torrc, if you want tor to produce coredumps on segfaults +# and assert errors. +# +# Keeping coredumps around is some sort of security issue since they +# may leak session keys, sensitive client data and more, should such +# files fall into the wrong hands. Therefore coredumps are not enabled +# by default. +# +# ulimit -c unlimited + +# +# Config option for the weekly cron file: Whether or not to remove old +# coredumps in /var/lib/tor. Coredumps can hold sensitive data, as such +# they probably should not be kept lying around if nobody will ever look +# at them. This option makes /etc/cron.weekly/tor clean out files older +# then three weeks. +# +CLEANUP_OLD_COREFILES=y + +# +# By default the tor init script will launch Tor using apparmor iff +# /usr/sbin/aa-status exists and is executable and calling it with --enabled +# returns true, /usr/sbin/aa-exec is executable, there is a +# /etc/apparmor.d/system_tor policy, and USE_AA_EXEC is set to 'yes'. +# +# USE_AA_EXEC="yes" # default +# USE_AA_EXEC="no" + +# Let the vidalia package override some of our settings. +# People who have vidalia installed might not want to run Tor as a system +# service. The vidalia .deb can ask them that and then set run-daemon to no. +if [ -e /etc/default/tor.vidalia ] && [ -x /usr/bin/vidalia ]; then + . /etc/default/tor.vidalia +fi --- tor-0.2.7.6.orig/debian/tor.dirs +++ tor-0.2.7.6/debian/tor.dirs @@ -0,0 +1,2 @@ +etc/apparmor.d/abstractions +lib/systemd/system --- tor-0.2.7.6.orig/debian/tor.docs +++ tor-0.2.7.6/debian/tor.docs @@ -0,0 +1,4 @@ +debian/README.Debian +debian/README.polipo +debian/README.privoxy +contrib/operator-tools/tor-exit-notice.html --- tor-0.2.7.6.orig/debian/tor.init +++ tor-0.2.7.6/debian/tor.init @@ -0,0 +1,252 @@ +#! /bin/bash + +### BEGIN INIT INFO +# Provides: tor +# Required-Start: $local_fs $remote_fs $network $named $time +# Required-Stop: $local_fs $remote_fs $network $named $time +# Should-Start: $syslog +# Should-Stop: $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Starts The Onion Router daemon processes +# Description: Start The Onion Router, a TCP overlay +# network client that provides anonymous +# transport. +### END INIT INFO + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +. /lib/lsb/init-functions + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/bin/tor +NAME=tor +DESC="tor daemon" +TORLOGDIR=/var/log/tor +TORPIDDIR=/var/run/tor +TORPID=$TORPIDDIR/tor.pid +DEFAULTSFILE=/etc/default/$NAME +WAITFORDAEMON=60 +DEFAULT_ARGS="--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" +VERIFY_ARGS="--verify-config $DEFAULT_ARGS" +USE_AA_EXEC="yes" +ARGS="" +if [ "${VERBOSE:-}" != "yes" ]; then + ARGS="$ARGS --hush" +fi + +# Let's try to figure our some sane defaults: +if [ -r /proc/sys/fs/file-max ]; then + system_max=`cat /proc/sys/fs/file-max` + if [ "$system_max" -gt "80000" ] ; then + MAX_FILEDESCRIPTORS=32768 + elif [ "$system_max" -gt "40000" ] ; then + MAX_FILEDESCRIPTORS=16384 + elif [ "$system_max" -gt "10000" ] ; then + MAX_FILEDESCRIPTORS=8192 + else + MAX_FILEDESCRIPTORS=1024 + cat << EOF + +Warning: Your system has very few filedescriptors available in total. + +Maybe you should try raising that by adding 'fs.file-max=100000' to your +/etc/sysctl.conf file. Feel free to pick any number that you deem appropriate. +Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and +file-nr in the same directory for how many of those are used at the moment. + +EOF + fi +else + MAX_FILEDESCRIPTORS=8192 +fi + +NICE="" + +test -x $DAEMON || exit 0 + +# Include tor defaults if available +if [ -f $DEFAULTSFILE ] ; then + . $DEFAULTSFILE +fi + +wait_for_deaddaemon () { + pid=$1 + sleep 1 + if test -n "$pid" + then + if kill -0 $pid 2>/dev/null + then + cnt=0 + while kill -0 $pid 2>/dev/null + do + cnt=`expr $cnt + 1` + if [ $cnt -gt $WAITFORDAEMON ] + then + log_action_end_msg 1 "still running" + exit 1 + fi + sleep 1 + [ "`expr $cnt % 3`" != 2 ] || log_action_cont_msg "" + done + fi + fi + log_action_end_msg 0 +} + + +check_torpiddir () { + if test ! -d $TORPIDDIR; then + mkdir -m 02750 "$TORPIDDIR" + chown debian-tor:debian-tor "$TORPIDDIR" + ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" + fi + + if test ! -x $TORPIDDIR; then + log_action_end_msg 1 "cannot access $TORPIDDIR directory, are you root?" + exit 1 + fi +} + +check_torlogdir () { + if test ! -d $TORLOGDIR; then + mkdir -m 02750 "$TORLOGDIR" + chown debian-tor:adm "$TORLOGDIR" + ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" + fi +} + + +check_config () { + if ! $DAEMON $VERIFY_ARGS > /dev/null; then + log_failure_msg "Checking if $NAME configuration is valid" + $DAEMON $VERIFY_ARGS >&2 + exit 1 + fi +} + + +case "$1" in + start) + if [ "$RUN_DAEMON" != "yes" ]; then + log_action_msg "Not starting $DESC (Disabled in $DEFAULTSFILE)." + exit 0 + fi + + if [ -n "$MAX_FILEDESCRIPTORS" ]; then + [ "${VERBOSE:-}" != "yes" ] || log_action_begin_msg "Raising maximum number of filedescriptors (ulimit -n) for tor to $MAX_FILEDESCRIPTORS" + if ulimit -n "$MAX_FILEDESCRIPTORS" ; then + [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 0 + else + [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 1 + fi + fi + + check_torpiddir + check_torlogdir + check_config + + log_action_begin_msg "Starting $DESC" + + if start-stop-daemon --stop --signal 0 --quiet --pidfile $TORPID --exec $DAEMON; then + log_action_end_msg 0 "already running" + else + if [ "$USE_AA_EXEC" = "yes" ] && + [ -x /usr/sbin/aa-status ] && \ + [ -x /usr/sbin/aa-exec ] && \ + [ -e /etc/apparmor.d/system_tor ] && \ + /usr/sbin/aa-status --enabled ; then + AA_EXEC="--startas /usr/sbin/aa-exec" + AA_EXEC_ARGS="--profile=system_tor -- $DAEMON" + else + AA_EXEC="" + AA_EXEC_ARGS="" + fi + if start-stop-daemon --start --quiet \ + --pidfile $TORPID \ + $NICE \ + $AA_EXEC \ + --exec $DAEMON -- $AA_EXEC_ARGS $DEFAULT_ARGS $ARGS + then + log_action_end_msg 0 + else + log_action_end_msg 1 + exit 1 + fi + fi + ;; + stop) + log_action_begin_msg "Stopping $DESC" + pid=`cat $TORPID 2>/dev/null` || true + + if test ! -f $TORPID -o -z "$pid"; then + log_action_end_msg 0 "not running - there is no $TORPID" + exit 0 + fi + + if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then + wait_for_deaddaemon $pid + elif kill -0 $pid 2>/dev/null; then + log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" + exit 1 + else + log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" + exit 1 + fi + ;; + reload|force-reload) + check_config + + log_action_begin_msg "Reloading $DESC configuration" + pid=`cat $TORPID 2>/dev/null` || true + + if test ! -f $TORPID -o -z "$pid"; then + log_action_end_msg 1 "not running - there is no $TORPID" + exit 1 + fi + + if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON + then + log_action_end_msg 0 + elif kill -0 $pid 2>/dev/null; then + log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" + exit 1 + else + log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" + exit 1 + fi + ;; + restart) + check_config + + $0 stop + sleep 1 + $0 start + ;; + status) + if test ! -r $(dirname $TORPID); then + log_failure_msg "cannot read PID file $TORPID" + exit 4 + fi + pid=`cat $TORPID 2>/dev/null` || true + if test ! -f $TORPID -o -z "$pid"; then + log_failure_msg "$NAME is not running" + exit 3 + fi + if ps "$pid" >/dev/null 2>&1; then + log_success_msg "$NAME is running" + exit 0 + else + log_failure_msg "$NAME is not running" + exit 1 + fi + ;; + *) + log_action_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 --- tor-0.2.7.6.orig/debian/tor.install +++ tor-0.2.7.6/debian/tor.install @@ -0,0 +1,13 @@ +usr/bin +usr/share/doc +usr/share/man +etc/tor + +contrib/client-tools/torify usr/bin +debian/tor-instance-create usr/sbin +debian/tor-service-defaults-torrc usr/share/tor +debian/tor-service-defaults-torrc-instances usr/share/tor +debian/systemd/tor.service lib/systemd/system +debian/systemd/tor@.service lib/systemd/system +debian/systemd/tor@default.service lib/systemd/system +debian/systemd/tor-generator lib/systemd/system-generators --- tor-0.2.7.6.orig/debian/tor.links +++ tor-0.2.7.6/debian/tor.links @@ -0,0 +1,2 @@ +/usr/share/man/man1/tor.1 /usr/share/man/man5/torrc.5 +/usr/bin/tor /usr/sbin/tor --- tor-0.2.7.6.orig/debian/tor.lintian-overrides +++ tor-0.2.7.6/debian/tor.lintian-overrides @@ -0,0 +1 @@ +tor: rc-version-greater-than-expected-version --- tor-0.2.7.6.orig/debian/tor.logrotate +++ tor-0.2.7.6/debian/tor.logrotate @@ -0,0 +1,15 @@ +/var/log/tor/*log { + daily + rotate 5 + compress + delaycompress + missingok + notifempty + create 0640 debian-tor adm + sharedscripts + postrotate + if service tor status > /dev/null; then + service tor reload > /dev/null + fi + endscript +} --- tor-0.2.7.6.orig/debian/tor.maintscript +++ tor-0.2.7.6/debian/tor.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/tor/tor-tsocks.conf 0.2.4.12-alpha-1 tor --- tor-0.2.7.6.orig/debian/tor.manpages +++ tor-0.2.7.6/debian/tor.manpages @@ -0,0 +1 @@ +debian/tor-instance-create.8 --- tor-0.2.7.6.orig/debian/tor.postinst +++ tor-0.2.7.6/debian/tor.postinst @@ -0,0 +1,151 @@ +#!/bin/sh -e + +# checking debian-tor account + +uid=`getent passwd debian-tor | cut -d ":" -f 3` +home=`getent passwd debian-tor | cut -d ":" -f 6` + +# if there is the uid the account is there and we can do +# the sanit(ar)y checks otherwise we can safely create it. + +if [ "$uid" ]; then + if [ "$home" = "/var/lib/tor" ]; then + : + #echo "debian-tor homedir check: ok" + else + echo "ERROR: debian-tor account has an unexpected home directory!" + echo "It should be '/var/lib/tor', but it is '$home'." + echo "Removing the debian-tor user might fix this, but the question" + echo "remains how you got into this mess to begin with." + exit 1 + fi +else + adduser --quiet \ + --system \ + --disabled-password \ + --home /var/lib/tor \ + --no-create-home \ + --shell /bin/false \ + --group \ + debian-tor +fi + + +for i in lib log; do + if ! [ -d "/var/$i/tor" ]; then + echo "Something or somebody made /var/$i/tor disappear." + echo "Creating one for you again." + mkdir "/var/$i/tor" + fi +done + +which restorecon >/dev/null 2>&1 && restorecon /var/lib/tor +chown debian-tor:debian-tor /var/lib/tor +chmod 02700 /var/lib/tor + +if [ -e /var/run/tor ]; then + which restorecon >/dev/null 2>&1 && restorecon /var/run/tor + chown debian-tor:debian-tor /var/run/tor + chmod 02750 /var/run/tor +fi + +which restorecon >/dev/null 2>&1 && restorecon /var/log/tor +chown debian-tor:adm /var/log/tor +chmod 02750 /var/log/tor + + +move_away_keys=0 + +if [ "$1" = "configure" ] && + [ -e /var/lib/tor/keys ] && + [ ! -z "$2" ]; then + if dpkg --compare-versions "$2" lt 0.1.2.19-2; then + move_away_keys=1 + elif dpkg --compare-versions "$2" gt 0.2.0 && + dpkg --compare-versions "$2" lt 0.2.0.26-rc; then + move_away_keys=1 + fi +fi +if [ "$move_away_keys" = "1" ]; then + echo "Retiring possibly compromised keys. See /usr/share/doc/tor/NEWS.Debian.gz" + echo "and /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY for" + echo "further information." + if ! [ -d /var/lib/tor/keys/moved-away-by-tor-package ]; then + mkdir /var/lib/tor/keys/moved-away-by-tor-package + cat > /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY << EOF +It has been discovered that the random number generator in Debian's +openssl package is predictable. This is caused by an incorrect +Debian-specific change to the openssl package (CVE-2008-0166). As a +result, cryptographic key material may be guessable. + +See Debian Security Advisory number 1571 (DSA-1571) for more information: +http://lists.debian.org/debian-security-announce/2008/msg00152.html + +The Debian package for Tor has moved away the onion keys upon package +upgrade, and it will have moved away your identity key if it was created +in the affected timeframe. There is no sure way to automatically tell +if your key was created with an affected openssl library, so this move +is done unconditionally. + +If you have restarted Tor since this change (and the package probably +did that for you already unless you configured your system differently) +then the Tor daemon already created new keys for itself and in all +likelyhood is already working just fine with new keys. + +If you are absolutely certain that your identity key was created with +a non-affected version of openssl and for some reason you have to retain +the old identity, then you can move back the copy of secret_id_key to +/var/lib/tor/keys. Do not move back the onion keys, they were created +only recently since they are temporary keys with a lifetime of only a few +days anyway. + +Sincerely, +Peter Palfrader, Tue, 13 May 2008 13:32:23 +0200 +EOF + fi + for f in secret_onion_key secret_onion_key.old; do + if [ -e /var/lib/tor/keys/"$f" ]; then + mv -v /var/lib/tor/keys/"$f" /var/lib/tor/keys/moved-away-by-tor-package/"$f" + fi + done + if [ -e /var/lib/tor/keys/secret_id_key ]; then + id_mtime=`stat -c %Y /var/lib/tor/keys/secret_id_key` + sept=`date -d '2006-09-10' +%s` + if [ "$id_mtime" -gt "$sept" ] ; then + mv -v /var/lib/tor/keys/secret_id_key /var/lib/tor/keys/moved-away-by-tor-package/secret_id_key + fi + fi +fi + +# clean out apparmor policy files that we shipped with +# Tor 0.2.3.16-alpha-1 in experimental and +# Tor 0.2.3.17-beta-1 in unstable. +if [ "$1" = "configure" ] && + [ -e /etc/apparmor.d/usr.sbin.tor ] && + [ ! -z "$2" ] && + dpkg --compare-versions "$2" le 0.2.3.17-beta-1; then + checksum="`md5sum /etc/apparmor.d/usr.sbin.tor | awk '{print $1}'`" + pkg_md5="`dpkg-query -W -f='${Conffiles}' tor | awk '$1=="/etc/apparmor.d/usr.sbin.tor" {print $2}'`" + if [ "$checksum" = "$pkg_md5" ]; then + if [ -x /sbin/apparmor_parser ] ; then + apparmor_parser --remove -T -W /etc/apparmor.d/usr.sbin.tor || true + fi + + rm -f "/etc/apparmor.d/usr.sbin.tor" + rm -f "/etc/apparmor.d/disable/usr.sbin.tor" || true + rm -f "/etc/apparmor.d/force-complain/usr.sbin.tor" || true + rm -f "/etc/apparmor.d/local/usr.sbin.tor" || true + rmdir /etc/apparmor.d/local 2>/dev/null || true + rmdir /etc/apparmor.d 2>/dev/null || true + fi +fi + +tor_error_init() { + echo "Tor was unable to start due to configuration errors."; + echo "Please fix them and manually restart the tor daemon using"; + echo " ´service start tor´"; +} + +#DEBHELPER# + +exit 0 --- tor-0.2.7.6.orig/debian/tor.postrm +++ tor-0.2.7.6/debian/tor.postrm @@ -0,0 +1,12 @@ +#!/bin/sh -e + +if [ "$1" = "purge" ]; then + # logs have to be removed according to policy. + rm -rf /var/log/tor/ + rm -rf /var/lib/tor/ + rm -rf /var/run/tor/ +fi + +#DEBHELPER# + +exit 0 --- tor-0.2.7.6.orig/debian/watch +++ tor-0.2.7.6/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://dist.torproject.org/tor-(.*)\.tar\.gz