--- tor-0.3.3.8.orig/debian/README.Debian +++ tor-0.3.3.8/debian/README.Debian @@ -0,0 +1,76 @@ +This is the Debian package for Tor, The Onion Router. + +# Startup and Configuration + +If Tor is started by init, it loads the configuration snippets from +/usr/share/tor/tor-service-defaults-torrc before consulting /etc/tor/torrc. + +The tor-service-defaults-torrc file tells Tor to run as daemon, create +pidfile, sets its data directory and configures cookie authentication. + +If Tor is started not from the init script, then it will behave like +upstream's Tor. + +# Multiple instances + +As of 0.2.7.4, the package supports running multiple instances of Tor +under systemd. Please consult the tor-instance-create(8) manpage +for details. + +# Logging + +As of the 0.3.0.x tree, the Debian packages for Tor by +default log to syslog. + +You can restore the previous behaviour by adding something +like "Log notice file /var/log/tor/log" to your torrc. + +# Filesystem access by the Tor service + +Note that due to systemd and apparmor protections, the places on the +filesystem which the tor process can access is limited. (See the +service files [1] for details.) As such, hidden service directories +should be created in subdirectories below Tor's DataDirectory [2]. + +## Onion services using UNIX domain sockets + +Tor's onion services can access their backends not only via TCP but also +via UNIX domain sockets (see also the tor(1) manpage). + +UNIX domain sockets are not currently covered by filesystem restrictions +from systemd and apparmor. As such, they can be put anywhere as long as +the filesystem namespace is visible. In particular, this means /home +does not not work by default, but anything under /var should. + +It is suggested that sockets be placed in a special directory under +/var/lib [3]. Note that while systemd and apparmor do not currently +limit access to to sockets, you still need to ensure that the Tor +process may access them according to the default UNIX file and directory +permissions. + +Example: The backend is run by user webfu. The default Tor instance + should be able to access the socket. + . + The admin creates the directory /var/lib/tor-onion-sockets/default/webfu/ + and makes it mode 02750 owned by webfu:debian-tor. Then she configures + the backend service to create the socket in this directory and + configures Tor to use that socket. The socket should be read and + writable by the tor process as well, so it should be either g+rw when + its group can be debian-tor, or a+rw when not. + + +1: /lib/systemd/system/tor@default.service and + /lib/systemd/system/tor@.service +2: /var/lib/tor and + /var/lib/tor-instances/ +3: /var/lib/tor-onion-sockets/default and + /var/lib/tor-onion-sockets/ +4: https://bugs.debian.org/846275 + +-- +Peter Palfrader, Mon, 24 Jul 2006 05:20:30 +0200 + Sat, 23 Feb 2008 13:44:40 +0100 + Wed, 11 Jan 2012 21:31:44 +0100 + Mon, 19 Oct 2015 18:21:24 +0200 + Mon, 19 Dec 2016 09:56:05 +0100 + Sat, 04 Mar 2017 10:39:58 +0100 --- tor-0.3.3.8.orig/debian/changelog +++ tor-0.3.3.8/debian/changelog @@ -0,0 +1,2756 @@ +tor (0.3.3.8-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Tue, 10 Jul 2018 10:50:11 +0200 + +tor (0.3.3.7-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Wed, 13 Jun 2018 09:31:15 +0200 + +tor (0.3.3.6-1) unstable; urgency=medium + + * New upstream version, upload 0.3.3.x tree to unstable. + * Start using upstream's minimal torrc as our default /etc/tor/torrc. + * Put longer torrc.sample into /usr/share/doc. + + -- Peter Palfrader Wed, 23 May 2018 00:08:43 +0200 + +tor (0.3.3.5-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Sun, 15 Apr 2018 22:05:26 +0200 + +tor (0.3.3.4-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Wed, 04 Apr 2018 19:50:34 +0200 + +tor (0.3.3.3-alpha-1) experimental; urgency=medium + + * New upstream version. + - Includes an important security fix for a remote crash attack against + directory authorities. + [TROVE-2018-001 and CVE-2018-0490] + - Additionally, note that the previous upload (0.3.3.2-alpha-1) + fixed Tor#24700, which had its severity upgraded now (remotely + triggered crash of relays). + [TROVE-2018-002 and CVE-2018-0491] + + -- Peter Palfrader Sat, 03 Mar 2018 16:29:43 +0100 + +tor (0.3.3.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Sun, 11 Feb 2018 11:48:23 +0100 + +tor (0.3.3.1-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Thu, 25 Jan 2018 21:20:15 +0100 + +tor (0.3.2.9-1) unstable; urgency=medium + + * New upstream version, upload 0.3.2.x tree to unstable. + + -- Peter Palfrader Tue, 16 Jan 2018 10:49:46 +0100 + +tor (0.3.2.8-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 21 Dec 2017 20:55:48 +0100 + +tor (0.3.2.7-rc-1) experimental; urgency=medium + + * New upstream version. + * Stop suggesting obfsproxy -- long obsolete; closes: #884369. + + -- Peter Palfrader Thu, 14 Dec 2017 20:00:51 +0100 + +tor (0.3.2.6-alpha-1) experimental; urgency=medium + + * New upstream version, including among others: + - Fix a denial of service bug where an attacker could use a + malformed directory object to cause a Tor instance to pause while + OpenSSL would try to read a passphrase from the terminal. (Tor + instances run without a terminal, which is the case for most Tor + packages, are not impacted.) Fixes bug 24246; bugfix on every + version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821. + Found by OSS-Fuzz as testcase 6360145429790720. + - Fix a denial of service issue where an attacker could crash a + directory authority using a malformed router descriptor. Fixes bug + 24245; bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2017-010 + and CVE-2017-8820. + - When checking for replays in the INTRODUCE1 cell data for a + (legacy) onion service, correctly detect replays in the RSA- + encrypted part of the cell. We were previously checking for + replays on the entire cell, but those can be circumvented due to + the malleability of Tor's legacy hybrid encryption. This fix helps + prevent a traffic confirmation attack. Fixes bug 24244; bugfix on + 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009 + and CVE-2017-8819. + - Fix a use-after-free error that could crash v2 Tor onion services + when they failed to open circuits while expiring introduction + points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is + also tracked as TROVE-2017-013 and CVE-2017-8823. + - When running as a relay, make sure that we never build a path + through ourselves, even in the case where we have somehow lost the + version of our descriptor appearing in the consensus. Fixes part + of bug 21534; bugfix on 0.2.0.1-alpha. This issue is also tracked + as TROVE-2017-012 and CVE-2017-8822. + - When running as a relay, make sure that we never choose ourselves + as a guard. Fixes part of bug 21534; bugfix on 0.3.0.1-alpha. This + issue is also tracked as TROVE-2017-012 and CVE-2017-8822. + + -- Peter Palfrader Fri, 01 Dec 2017 23:30:27 +0100 + +tor (0.3.2.5-alpha-1) experimental; urgency=medium + + * New upstream version. + * Build-depend on libcap-dev on linux-any so we can build tor with + capabilities support to retain the capability to bind to low ports; + closes: #882281, #700179. + + -- Peter Palfrader Wed, 22 Nov 2017 15:59:58 +0100 + +tor (0.3.2.4-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 09 Nov 2017 15:26:08 +0100 + +tor (0.3.2.3-alpha-2) experimental; urgency=medium + + * Recent linux packages in Debian have enabled the apparmor + Linux-Security-Module by default. Therefore, users are likely to have + apparmor support not only built into their kernel but also actively + enabled at runtime. Unfortunately, without the apparmor package + being installed, systemd's AppArmorProfile= service setting will + cause the unit to fail to start. + . + Change "AppArmorProfile=system_tor" to AppArmorProfile=-system_tor, + causing all errors while switching to the new apparmor profile to + be ignored. This is not ideal, but for now it's probably the + best solution. + . + Thanks to intrigeri; closes: #880490. + + -- Peter Palfrader Thu, 02 Nov 2017 21:31:27 +0100 + +tor (0.3.2.3-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Sun, 29 Oct 2017 18:36:27 +0100 + +tor (0.3.2.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Tue, 03 Oct 2017 19:46:23 +0200 + +tor (0.3.2.1-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Wed, 20 Sep 2017 22:28:53 +0200 + +tor (0.3.1.7-1) unstable; urgency=medium + + * New upstream version, upload 0.3.1.x tree to unstable. + * Build depend on liblzma-dev and libzstd-dev. + + -- Peter Palfrader Mon, 18 Sep 2017 23:01:50 +0200 + +tor (0.3.1.6-rc-1) experimental; urgency=medium + + * New upstream version. + * Drop versioned dependency on binutils. The version is already + newer in all supported Debian and Ubuntu trees, and binutils + is in the transitive dependency set of build-essential. + Patch by Helmut Grohne. (closes: #873127) + + -- Peter Palfrader Thu, 24 Aug 2017 21:11:25 +0200 + +tor (0.3.1.5-alpha-2) experimental; urgency=medium + + * apparmor: use Pix instead of PUx for obfs4proxy, giving us + better confinement of the child process while actually working + with systemd's NoNewPrivileges. (closes: #867342) + * Do not rely on aa-exec and aa-enabled being in /usr/sbin in the + SysV init script. This change enables apparmor confinement + on some system-V systems again. (closes: #869153) + + -- Peter Palfrader Sat, 19 Aug 2017 10:21:30 +0200 + +tor (0.3.1.5-alpha-1) experimental; urgency=medium + + * New upstream version. + * Update apparmor profile: replace CAP_DAC_OVERRIDE with + CAP_DAC_READ_SEARCH to match the systemd capability bounding set + changed with 0.3.0.4-rc-1. This change will allow tor to start + again under apparmor if hidden services are configured. + Patch by intrigeri. (closes: #862993) + * Remove tor-dbg binary package. Nowadays Debian's toolchain + automatically builds packages containing debugging symbols. The new + tor-dbgsym package will end up in the debian-debug archive. + This tor-dbgsym package will Replace/Break tor-dbg versions + prior to 0.3.1.5-alpha for now, but as we keep providing backported + builds for older suites, and since those keep the tor-dbg package for now, + we'll likely keep increasing this version in future releases. + (closes: #867547) + * The dbgsym migration options require debhelper >= 9.20160114; update + build dependency list accordingly. + + -- Peter Palfrader Sun, 06 Aug 2017 20:57:47 +0200 + +tor (0.3.1.4-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Sun, 02 Jul 2017 10:46:56 +0200 + +tor (0.3.0.9-1) unstable; urgency=medium + + * New upstream version, upload 0.3.0.x tree to unstable. + - Fixes TROVE-2017-006: Regression in guard family avoidance + (closes: #866799; CVE-2017-0377). + * Remove debian/README.{polipo,privoxy} as using them is not recommended. + (Torbrowser is the better option for users browsing the web.) + + -- Peter Palfrader Sun, 02 Jul 2017 00:53:02 +0200 + +tor (0.3.0.8-1) experimental; urgency=medium + + * New upstream version. + - Fix a remotely triggerable assertion failure when a hidden service + handles a malformed BEGIN cell. Fixes bug 22493, tracked as + TROVE-2017-004 and as CVE-2017-0375; bugfix on 0.3.0.1-alpha. + - Fix a remotely triggerable assertion failure caused by receiving a + BEGIN_DIR cell on a hidden service rendezvous circuit. Fixes bug + 22494, tracked as TROVE-2017-005 and CVE-2017-0376; bugfix + on 0.2.2.1-alpha. (closes: #864424) + + -- Peter Palfrader Thu, 08 Jun 2017 21:42:54 +0200 + +tor (0.3.0.7-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 18 May 2017 18:36:40 +0200 + +tor (0.3.0.5-rc-1) experimental; urgency=medium + + * New upstream version. + - Run the entry_guard_parse_from_state_full() test with the time set + to a specific date. (closes: #858534). + + -- Peter Palfrader Sat, 08 Apr 2017 10:57:39 +0200 + +tor (0.3.0.4-rc-1) experimental; urgency=medium + + * New upstream version. + * Replace CAP_DAC_OVERRIDE with CAP_DAC_READ_SEARCH in systemd's service + capability bounding set. Read access is sufficient for Tor (as root on + startup) to check its onion service directories (see #847598). + * Change default log target to syslog. We still keep /var/log/tor and + the logrotation configuration around in case the admin prefers normal + log files. Also update README.Debian accordingly. (closes: #852716). + + -- Peter Palfrader Sat, 04 Mar 2017 10:29:57 +0100 + +tor (0.3.0.3-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Sat, 04 Feb 2017 18:10:56 +0100 + +tor (0.3.0.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 23 Jan 2017 17:18:27 +0100 + +tor (0.3.0.1-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Sun, 25 Dec 2016 19:48:12 +0100 + +tor (0.2.9.8-2) unstable; urgency=medium + + * Actually target unstable. + + -- Peter Palfrader Mon, 19 Dec 2016 22:21:05 +0100 + +tor (0.2.9.8-1) experimental; urgency=medium + + * New upstream version, upload 0.2.9.x tree to unstable. + * Add a comment to tor@.service explaining why we cannot limit to + /var/lib/tor-instances/ but only to /var/lib/tor-instances -- + systemd does not do instance expansion in ReadWriteDirectories lines -- + cf. #781730. + * Update README.Debian to mention a good location to put onion service + UNIX sockets. Note that neither systemd nor apparmor limits access + to them -- cf. #846275. + * Use -Z (Apply SE-Linux labels) to install when creating instance datadirs + in tor-instance-create. + + -- Peter Palfrader Mon, 19 Dec 2016 15:53:38 +0100 + +tor (0.2.9.7-rc-1) experimental; urgency=medium + + * New upstream version. + * Remove CAP_CHOWN, CAP_FOWNER from the systemd service files' + CapabilityBoundingSet. We may no longer need them. The upstream + changelog says that Tor changed some logic with 0.2.8.1-alpha that made + CAP_CHOWN CAP_FOWNER no longer needed. + CAP_DAC_OVERRIDE is still needed: Tor checks properties of hidden service + directories as root before changing its UID to debian-tor, and those trees + are owned by debian-tor and go-rwx (see #847598). + + -- Peter Palfrader Mon, 12 Dec 2016 17:06:28 +0100 + +tor (0.2.9.6-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Fri, 02 Dec 2016 17:53:00 +0100 + +tor (0.2.9.5-alpha-1) experimental; urgency=medium + + * New upstream version. + * Raise Standards-Version to 3.9.8 - no changes needed. + * Use command -v $foo instead of [ -x /sbin/$foo ] in maintainer script. + + -- Peter Palfrader Tue, 08 Nov 2016 13:36:16 +0100 + +tor (0.2.9.4-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 17 Oct 2016 22:20:31 +0200 + +tor (0.2.9.3-alpha-1) experimental; urgency=medium + + [ Peter Palfrader ] + * New upstream version. + + [ Iain R. Learmonth ] + * Removes dependency on hardening-wrapper, and + build-depend on version >= 9 of debhelper instead + so we can enable harding via DEB_BUILD_MAINT_OPTIONS + (closes: #836762). + + -- Peter Palfrader Fri, 23 Sep 2016 23:49:01 +0200 + +tor (0.2.9.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 25 Aug 2016 09:40:38 +0200 + +tor (0.2.9.1-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Wed, 17 Aug 2016 21:05:37 +0200 + +tor (0.2.8.6-3) unstable; urgency=medium + + * Raise TimeoutStartSec from 120 to 300 secs for slower systems. + * tor-instance-create and tor-instance-create.8.txt: fix some typos. + + -- Peter Palfrader Wed, 17 Aug 2016 17:16:22 +0200 + +tor (0.2.8.6-2) unstable; urgency=medium + + * Update the system V init script to create /var/run/tor with mode 02755 + also. This matches the systemd service file. + * No longer create /var/run/tor in postinst -- it is created when services + start. + * apparmor policy: let tor read /var/lib/tor/** (without it being the + owner of these files) + + -- Peter Palfrader Thu, 04 Aug 2016 20:27:55 +0200 + +tor (0.2.8.6-1) unstable; urgency=medium + + * New upstream version, upload 0.2.8.x tree to unstable. + + -- Peter Palfrader Tue, 02 Aug 2016 18:07:21 +0200 + +tor (0.2.8.5-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 11 Jul 2016 14:33:45 +0200 + +tor (0.2.8.4-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Wed, 15 Jun 2016 19:59:31 +0200 + +tor (0.2.8.3-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Wed, 01 Jun 2016 21:29:15 +0200 + +tor (0.2.8.2-alpha-1) experimental; urgency=medium + + * New upstream version. + * apparmor profile: Allow reading of /var/lib/tor to the process. + This is required by new tor versions (closes: Tor#18370). + * Set SocksPort unix:/var/run/tor/socks and 9050 in the defaults file + (closes: #797335). + - For non-default instances, use /var/run/tor-instances/@@NAME@@/socks. + - Make /var/run/tor mode 755 (from 750). Same for the instance run + directories. + - Use the RelaxDirModeCheck option for the control unix domain socket + so that works. + - tor-instance-create: in the torrc we create, append to the SocksPort + list using + instead of overriding what is configured in the defaults + file. + - apparmor: allow reading of {/var,}/run/tor, and writing of + {/var,}/run/tor/socks. + + -- Peter Palfrader Sat, 23 Apr 2016 11:23:40 +0200 + +tor (0.2.8.1-alpha-1) experimental; urgency=medium + + * New upstream tree. + * Drop 20-upstream-syslog-identity as it is included upstream + (cf. upstream bug #17194). + + -- Peter Palfrader Fri, 05 Feb 2016 15:50:51 +0100 + +tor (0.2.7.6-2) unstable; urgency=medium + + * Don't override override_dh_install, instead override + override_dh_install-arch to get the extra bits we like + installed and moved around in the tor binary package. + This makes arch-all only builds work (closes: #806661). + + -- Peter Palfrader Wed, 16 Dec 2015 14:19:50 +0100 + +tor (0.2.7.6-1) unstable; urgency=high + + * New upstream version. + - Actually look at the Guard flag when selecting a new directory + guard. + * Actually install tor-instance-create.8 manpage. + * Change the apparmor profile tor allow Tor to access the systemd + notification socket. Thanks to regar42. Closes Tor#17693. + * tor-instance-create: Do systemctl daemon-reload *after* writing the + new torrc. + + -- Peter Palfrader Thu, 10 Dec 2015 21:48:34 +0100 + +tor (0.2.7.5-1) unstable; urgency=medium + + * New upstream version, upload 0.2.7.x tree to unstable. + + -- Peter Palfrader Fri, 20 Nov 2015 16:37:29 +0100 + +tor (0.2.7.4-rc-1) experimental; urgency=medium + + * New upstream version. + * Include identity tag for syslog logging feature from master. This is + bug#17194 upstream. + * Support multiple instances (closes: #791393). + * Split systemd service timeout into start and stop timeout, and raise + them to 120 and 60 seconds from 45 (closes: tor#16398). + * Enable apparmor support for the default tor service (re: #761404). + Apparmor is not yet being enabled for any other tor instance. + + -- Peter Palfrader Thu, 22 Oct 2015 16:09:01 +0200 + +tor (0.2.7.3-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Fri, 25 Sep 2015 16:08:26 +0200 + +tor (0.2.7.2-alpha-1) experimental; urgency=medium + + * New upstream tree. + + -- Peter Palfrader Mon, 27 Jul 2015 20:49:14 +0200 + +tor (0.2.6.10-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 13 Jul 2015 18:05:34 +0200 + +tor (0.2.6.9-1) unstable; urgency=medium + + * New upstream version. + * Drop do-not-require-systemd and fix-sandbox-use-with-systemd.-bug-16212 + patches as they are included upstream now. + + -- Peter Palfrader Fri, 12 Jun 2015 22:01:42 +0200 + +tor (0.2.6.8-5) unstable; urgency=medium + + * Sandboxing, when enabled, would prevent tor from working when + started from systemd, as tor wasn't allowed to create a + UNIX datagram socket. Include that patch from upstream's git. + + -- Peter Palfrader Sat, 30 May 2015 16:44:27 +0200 + +tor (0.2.6.8-4) unstable; urgency=medium + + * Remove whitespace around = in the systemd service file. Apparently + the spaces confuse deb-systemd-helper, which then resulted in Tor + not being automatically started on boot (see #786418). + * Remove obsolete After=syslog.target from systemd service file. + + -- Peter Palfrader Mon, 25 May 2015 22:02:39 +0200 + +tor (0.2.6.8-3) unstable; urgency=low + + * debian/rules: Change order of --with commands to dh to ensure + that we patch before calling autoreconf. + + -- Peter Palfrader Sun, 24 May 2015 08:58:18 +0200 + +tor (0.2.6.8-2) unstable; urgency=low + + * debian/control: Depend on dh-systemd, libsystemd-dev, and pkg-config + only on linux-any. + * debian/rules: Build with systemd only if DEB_HOST_ARCH_OS is linux. + * patch upstream's configure.ac to check for the existance of + libsystemd rather than systemd. + + -- Peter Palfrader Sat, 23 May 2015 16:28:30 +0200 + +tor (0.2.6.8-1) unstable; urgency=medium + + * New upstream version, upload 0.2.6.x tree to unstable. + * Ship a systemd .service file (closes: #761403). + Thanks to intrigeri and Arto Jantunen. + - Build depend on dh-systemd, libsystemd-dev, pkg-config. + - Build with --enable-systemd. + * Autoreconf on build (closes: #783729). + - Build depend on dh-autoreconf. + + -- Peter Palfrader Sat, 23 May 2015 09:57:44 +0200 + +tor (0.2.6.7-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 06 Apr 2015 17:17:44 +0200 + +tor (0.2.6.6-1) experimental; urgency=medium + + * New upstream version. + * Stick to experimental for now to keep unstable open as a track to jessie. + + -- Peter Palfrader Tue, 24 Mar 2015 21:56:04 +0100 + +tor (0.2.6.5-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 19 Mar 2015 14:55:37 +0100 + +tor (0.2.6.4-rc-1) experimental; urgency=medium + + * New upstream version. + * Build with --enable-gcc-warnings-advisory. + + -- Peter Palfrader Mon, 23 Feb 2015 18:39:37 +0100 + +tor (0.2.6.3-alpha-1) experimental; urgency=medium + + * New upstream version. + * [intrigeri] + + apparmor policy: Allow execution of /usr/bin/obfs4proxy (closes: #777592). + * Run restorecon on /var/lib/tor /var/run/tor /var/log/tor in postinst (closes: #776352). + * Suggests cleanup: + + Stop suggesting xul-ext-torbutton, suggest torbrowser-launcher instead. + + Stop suggesting polipo (>= 1) | privoxy - those are no longer considered + good means to browser the web with Tor. + + Suggest obfs4proxy in addition to obfsproxy. + + -- Peter Palfrader Fri, 20 Feb 2015 11:34:40 +0100 + +tor (0.2.6.2-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 01 Jan 2015 16:15:59 +0100 + +tor (0.2.6.1-alpha-1) experimental; urgency=medium + + * New upstream version. + * New upstream tree in experimental: 0.2.6.x. + + -- Peter Palfrader Thu, 06 Nov 2014 15:40:23 +0100 + +tor (0.2.5.10-1) unstable; urgency=medium + + * New upstream version. + * Use "service tor reload", guarded by "service tor status" in logrotate + instead as suggested by Dirk Griesbach (closes: #765407). + + -- Peter Palfrader Fri, 24 Oct 2014 16:05:28 +0200 + +tor (0.2.5.9-rc-1) unstable; urgency=medium + + * New upstream version. + - Disabled SSLv3 unconditionally. As a by-product, this means + that we no longer die in SSLv3 cleanup code in what is likely + an openssl bug introduced in 1.0.1j (closes: 765968). + * logrotate script: call invoke-rc.d tor reload instead of + /etc/init.d/tor reload. This way, if tor is properly disabled, we will + not try to reload tor. (closes: #765407). + + -- Peter Palfrader Mon, 20 Oct 2014 21:01:01 +0200 + +tor (0.2.5.8-rc-1) unstable; urgency=medium + + * New upstream version. Upload to unstable. + + -- Peter Palfrader Tue, 23 Sep 2014 11:06:10 +0200 + +tor (0.2.5.7-rc-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Fri, 12 Sep 2014 16:56:10 +0200 + +tor (0.2.5.6-alpha-1) experimental; urgency=medium + + * New upstream version. + + -- Peter Palfrader Mon, 28 Jul 2014 22:41:37 +0200 + +tor (0.2.5.5-alpha-1) experimental; urgency=low + + * New upstream version. + * upstream contrib/ directory cleanup, requires adapting paths in + tor.docs and tor.install: + - torify moved to contrib/client-tools/ + - tor-exit-notice.html moved to contrib/operator-tools/ + * Restrict build dependency on libseccomp-dev to amd64 and i386 only. + Build-Conflict with it on the other archs. + + -- Peter Palfrader Thu, 19 Jun 2014 08:06:11 +0200 + +tor (0.2.5.4-alpha-1) experimental; urgency=low + + * New upstream version. + * Build depend on libseccomp-dev. + + -- Peter Palfrader Sat, 26 Apr 2014 09:01:00 +0200 + +tor (0.2.5.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Add obfsproxy to suggests. + * Apparmor policy: Allow executing /usr/bin/obfsproxy - thanks to + intrigeri for the patch (closes: #739279). + + -- Peter Palfrader Sun, 23 Mar 2014 07:39:17 +0100 + +tor (0.2.5.2-alpha-1) experimental; urgency=low + + * New upstream version. + * From 0.2.4.20-1: + + init script: make /var/log/tor if it does not exist anymore + (closes: #732572). + + -- Peter Palfrader Thu, 13 Feb 2014 23:44:03 +0100 + +tor (0.2.5.1-alpha-1) experimental; urgency=low + + * New upstream tree, new upstream version. + * Current alpha no longer /builds/ contrib/torify, it just ships it. + Adapt debian/tor.install to get it from contrib/torify instead of + build/contrib/torify. + + -- Peter Palfrader Tue, 01 Oct 2013 20:28:59 +0200 + +tor (0.2.4.17-rc-2) UNRELEASED; urgency=low + + * Re-add a few 'exit 1' statements on errors that got lost while + updating the init script to fancy LSB style output (closes: #722153). + * Mention the DisableDebuggerAttachment setting next to the ulimit -c + line in /etc/default/tor (closes: #723801). + + -- Peter Palfrader Sun, 08 Sep 2013 16:49:04 +0200 + +tor (0.2.4.17-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 05 Sep 2013 15:00:08 +0200 + +tor (0.2.4.16-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 11 Aug 2013 00:31:17 +0200 + +tor (0.2.4.15-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 03 Jul 2013 20:58:53 +0200 + +tor (0.2.4.14-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 18 Jun 2013 22:21:36 +0200 + +tor (0.2.4.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 17 Jun 2013 12:18:16 +0200 + +tor (0.2.4.12-alpha-2) experimental; urgency=low + + * No longer change tor manpage to be in section 8. + * No longer move tor from usr/bin to /usr/sbin after make install. + We now install tor into the same place as upstream. Having it in + the default user path makes it easier for users who want to run + tor themselves. + * Install a compatibility symlink in /usr/sbin. + * Change relation form from (< version) to (<< version) in the tor-geoip + package. + * Update debian/watch file. + * Clean up old /etc/tor/tor-tsocks.conf conffile (closes: #705785). + This requires debhelper >= 8.1.0~, adapt build-dependency accordingly. + + -- Peter Palfrader Wed, 08 May 2013 18:03:36 +0200 + +tor (0.2.4.12-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 03_tor_manpage_in_section_8.dpatch: torify.1 no longer + references tsocks. + * No longer install contrib/tor-tsocks.conf - it was dropped upstream. + * Update year in debian/copyright. + + -- Peter Palfrader Thu, 18 Apr 2013 16:04:29 +0200 + +tor (0.2.4.11-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 11 Mar 2013 22:46:51 +0100 + +tor (0.2.4.10-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 05 Feb 2013 00:08:36 +0100 + +tor (0.2.4.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Build-Conflict with libnacl-dev so that we don't pull it in accidentally. + For now Tor doesn't manage to use it on at least amd64 anyway, but that + may change. We should review this decision once we know how things work + and where we want to use nacl. + * Move the geoip6 file to the tor-geoip package (spotted by George + Kargiotakis) + * add appropriate Replaces and Breaks to the tor-geoip package for + tor < 0.2.4.8 since we moved a file to tor-geoip. + * If $DAEMON $VERIFY_ARGS fails, call use the same arguments for + finding the errors and not $DAEMON --verify-config. + + -- Peter Palfrader Wed, 16 Jan 2013 11:05:43 +0100 + +tor (0.2.4.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 25 Dec 2012 21:23:49 +0100 + +tor (0.2.4.6-alpha-1) experimental; urgency=low + + * New upstream version. + * Update debian/copyright file somewhat. + + -- Peter Palfrader Tue, 13 Nov 2012 11:28:25 +0100 + +tor (0.2.4.5-alpha-1) experimental; urgency=high + + * New upstream version: + - Fix a group of remotely triggerable assertion failures related to + incorrect link protocol negotiation. Found, diagnosed, and fixed + by "some guy from France". Fix for CVE-2012-2250; bugfix on + 0.2.3.6-alpha. + - Fix a denial of service attack by which any directory authority + could crash all the others, or by which a single v2 directory + authority could crash everybody downloading v2 directory + information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. + - and more. + + -- Peter Palfrader Fri, 26 Oct 2012 09:17:33 +0200 + +tor (0.2.4.4-alpha-1) experimental; urgency=low + + * New upstream version. + o Major bugfixes (security/privacy, also in 0.2.3.23-rc): + - Disable TLS session tickets. OpenSSL's implementation was giving + our TLS session keys the lifetime of our TLS context objects, when + perfect forward secrecy would want us to discard anything that + could decrypt a link connection as soon as the link connection + was closed. Fixes bug 7139; bugfix on all versions of Tor linked + against OpenSSL 1.0.0 or later. Found by Florent Daignière. + - Discard extraneous renegotiation attempts once the V3 link + protocol has been initiated. Failure to do so left us open to + a remotely triggerable assertion failure. Fixes CVE-2012-2249; + bugfix on 0.2.3.6-alpha. Reported by "some guy from France". + o And more. For details please see the upstream changelog. + * Add debian/source.lintian-overrides for + rc-version-greater-than-expected-version, similar to what we have for + the binary packages. + + -- Peter Palfrader Mon, 22 Oct 2012 11:52:48 +0200 + +tor (0.2.4.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove debian/patches/02_add_debian_files_in_manpage which hasn't been + enabled for over five years now. + * Update and fix a minor whitespace issue in + debian/patches/14_fix_geoip_warning. + * remove obsolete debian/TODO file. + * Use dh_lintian to install the override file for tor-geoipdb. Requires + changing debhelper build dependency to >= 6 from >= 5, and renaming + debian/tor-geoipdb.lintian-override to tor-geoipdb.lintian-overrides. + * Use dh_link to create the /usr/share/doc/tor-dbg -> tor symlink in + tor-dbg. Also call dh_link before dh_install*, so that nothing creates a + /usr/share/doc/tor-dbg directory. + * No longer call dh_link with arguments to create the + /usr/share/man/man5/torrc.5 -> ../man8/tor.8 symlink in the tor package, + instead create and populate debian/tor.links accordingly. + * Call configure with --disable-silent-rules, so we actually see what + the build did in a log. + * Try to patch upstream's documenation build system so it does what we want + rather than duplicating parts of it in debian/rules. This will fix a bug + where we would end up with empty .html documentation if building from the + source source tree more than once. + * Upstream no longer installs /usr/bin/tor-control.py, so no need to remove + it in debian/rules. + * No longer try to symlink the changelogs for tor-geoipdb from the tor + package. Frist, this has been broken as dh_installchangelogs stomps all + over our symlinks. Second, the tor and tor-geoipdb package may be of + different versions, so a symlink is probably the wrong thing in the + first place. + * Add lintian overrides for all three binary packages for + rc-version-greater-than-expected-version. Tor's version scheme is sane. + + -- Peter Palfrader Sat, 22 Sep 2012 12:31:29 +0200 + +tor (0.2.4.2-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 11 Sep 2012 08:45:17 +0200 + +tor (0.2.4.1-alpha-1) experimental; urgency=low + + [ Peter Palfrader ] + * New upstream version (starts 0.2.4.x tree). + * Forward port debian/patches/03_tor_manpage_in_section_8. + + [ Stefano Zacchiroli ] + * README.privoxy, README.polipo: explicitly set socks type to socks5. + + -- Peter Palfrader Sat, 08 Sep 2012 13:12:54 +0200 + +tor (0.2.3.21-rc-1) unstable; urgency=low + + * New upstream version, changes including: + - Tear down the circuit if we get an unexpected SENDME cell. Clients + could use this trick to make their circuits receive cells faster + than our flow control would have allowed, or to gum up the network, + or possibly to do targeted memory denial-of-service attacks on + entry nodes. + - Reject any attempt to extend to an internal address. Without + this fix, a router could be used to probe addresses on an internal + network to see whether they were accepting connections. + - Do not crash when comparing an address with port value 0 to an + address policy. + For details please see the upstream changelog. + + -- Peter Palfrader Fri, 07 Sep 2012 12:25:17 +0200 + +tor (0.2.3.20-rc-1) unstable; urgency=low + + * New upstream version, including a couple security fixes: + - Avoid read-from-freed-memory and double-free bugs that could occur + when a DNS request fails while launching it. Fixes bug 6480. + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. Fixes bug 6530. + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. + * Suggest the tor-arm controller. + * Improve long descriptions with Roger's help. + * Use https:// instead of git:// for the Vcs-Git URL. + + -- Peter Palfrader Tue, 07 Aug 2012 23:13:18 +0200 + +tor (0.2.3.19-rc-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 07 Jul 2012 12:15:49 +0200 + +tor (0.2.3.18-rc-1) unstable; urgency=low + + * New upstream version. + * Remove debian/patches/15_longer_test_timeout - something similar has been + incorporated upstream (Re: Tor#6227). + * Re-enable apparmor, if available: Instead of confining /usr/sbin/tor by + default, we now only confine the daemon that is launched from the init + script. We do this by calling aa-exec with the appropriate flags, if it + is installed. Therefore also suggest apparmor-utils. + + -- Peter Palfrader Fri, 29 Jun 2012 12:03:30 +0200 + +tor (0.2.3.17-beta-3) unstable; urgency=low + + * Apply the correct SE-Linux label to /var/run/tor when creating the + directory in the init script (closes: #678362). Thanks to Russell Coker. + * Hack up the unit tests to wait longer for the thread test to finish. + This is not a real fix, but it will probably make it more likely that + we successfully build on our mips/octeon machines (Re: Tor#6227). + + -- Peter Palfrader Sun, 24 Jun 2012 16:13:35 +0200 + +tor (0.2.3.17-beta-2) unstable; urgency=low + + * Shipping and enabling the apparmor policy by default causes Tor to + break for users who have apparmor enabled in enforcind mode and + that, either in addition to or instead of running Tor as a system + service (i.e. /etc/init.d/tor), also run Tor as their user or in + some other means like launched from vidalia. Therefore: + . + - No longer install apparmor policy by default. It can be found in + /usr/share/doc/tor if anybody is interested. + - No longer build-depend on dh-apparmor, or suggest apparmor. + - Also, clean up and remove old /etc/apparmor.d/usr.sbin.tor files + on upgrade if they have not been changed by the user. + . + These changes relate to Debian Bug #670525 and fixes Tor ticket #6188. + + -- Peter Palfrader Mon, 18 Jun 2012 14:21:36 +0200 + +tor (0.2.3.17-beta-1) unstable; urgency=low + + * New upstream version. + * apparmor policy: + - allow access to /var/log/tor/* and not just /var/log/tor/log*, + * No longer create /var/run/tor in postint if it does not exist - + the init script should take care of that. + * Change the output of the init script to use lsb* functions: + - Depend on lsb-base. + - Makes the output pretty (closes: #676843) + * Also, in the init script we are now less verbose, unless VERBOSE is + set to yes in /etc/default/rcS (see the rcS(5) manual page): + - pass --hush to tor on startup, so only warnings and errors are + displayed, hiding any notice level log output, + - do not report raising ulimit -n. + + -- Peter Palfrader Fri, 15 Jun 2012 15:26:38 +0200 + +tor (0.2.3.16-alpha-1) experimental; urgency=medium + + * New upstream version. + - Work around a bug in OpenSSL that broke renegotiation with TLS + 1.1 and TLS 1.2. Without this workaround, all attempts to speak + the v2 Tor connection protocol when both sides were using OpenSSL + 1.0.1 would fail. Resolves ticket 6033. + - and more - please consult upstream changelog. + * Include apparmor profile. Thanks to intrigeri (closes: #670525). + + -- Peter Palfrader Wed, 06 Jun 2012 11:09:59 +0200 + +tor (0.2.3.15-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 30 Apr 2012 23:18:41 +0200 + +tor (0.2.3.14-alpha-1) experimental; urgency=low + + * New upstream version. + - No longer need backported 45ace4844b020cb754d3bb65f1021bfeb5115f9e + from master to fix a test suite stack overflow. + * torify now no longer can use tsocks. Change recommends from + torsocks | tsocks to just torsocks. + + -- Peter Palfrader Tue, 24 Apr 2012 08:34:05 +0200 + +tor (0.2.3.13-alpha-1) experimental; urgency=low + + * New upstream version. + * When creating the debian-tor user that tor runs at, create it with + a shell of /bin/false instead of /bin/bash. Does not change shells + of existing users (closes: #658358). + * Include 45ace4844b020cb754d3bb65f1021bfeb5115f9e from master + to fix a test suite stack overflow, just introduced. + + -- Peter Palfrader Tue, 27 Mar 2012 14:12:37 +0200 + +tor (0.2.3.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 13 Feb 2012 19:09:58 +0100 + +tor (0.2.3.11-alpha-2) experimental; urgency=low + + * init script: use the new defaults torrc file also for when we + try to check our configuration (tor --verify-config) prior to starting + tor. (Might close TorBug#4954.) + + -- Peter Palfrader Wed, 25 Jan 2012 22:52:03 +0100 + +tor (0.2.3.11-alpha-1) experimental; urgency=low + + * New upstream version. + * No longer patch Tor to set DataDirectory, RunAsDaemon etc. when run + as root or debian-tor. + Instead ship with a file setting all these options in + /usr/share/tor/tor-service-defaults-torrc and cause our init-script + to pass --defaults-torrc to the tor started by that script. + * No longer fail postinst when the init script fails to restart tor. + Patch provided by Carl Fuerstenberg (closes: #652884). + + -- Peter Palfrader Mon, 23 Jan 2012 14:50:16 +0100 + +tor (0.2.3.10-alpha-1) experimental; urgency=high + + * New upstream version, fixing a heap overflow bug related to Tor's + SOCKS code (CVE-2011-2778). + + -- Peter Palfrader Thu, 15 Dec 2011 21:29:00 +0100 + +tor (0.2.3.9-alpha-1) experimental; urgency=low + + * New upstream version. + * There no longer is a document called INSTALL to copy to + usr/share/docs/tor, so get rid of the lintian override. Since that was + the only one in the tor package get rid of installing overrides for the + tor package entirely - there's still one override in tor-geoipdb + (closes Tor #4576). + + -- Peter Palfrader Thu, 08 Dec 2011 22:30:31 +0100 + +tor (0.2.3.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Nov 2011 12:38:51 +0100 + +tor (0.2.3.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 31 Oct 2011 00:06:14 +0100 + +tor (0.2.3.6-alpha-1) experimental; urgency=high + + * New upstream version, fixing a couple of security relevant bugs + such as guard enumeration (CVE-2011-2768) and bridge enumeration + (CVE-2011-2769) issues. For details consult the upstream changelog. + + -- Peter Palfrader Thu, 27 Oct 2011 15:59:44 +0200 + +tor (0.2.3.5-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 29 Sep 2011 09:38:34 +0200 + +tor (0.2.3.4-alpha-1) experimental; urgency=low + + * New upstream version. + * Make patches/06_add_compile_time_defaults build without compiler warnings: + - use config_find_option_mutable() instead of config_find_option() + if we're going to mess with the return value, + - Correctly declare functions as having no arguments instead of not + telling the compiler which arguments it'll have. + * Suggest tor-arm (closes: #640265). + * Downgrade socat and polipo|privoxy to Suggests (closes: #640264). + + -- Peter Palfrader Wed, 14 Sep 2011 09:00:30 +0200 + +tor (0.2.3.3-alpha-1) experimental; urgency=low + + * New upstream version. + * Upload to experimental now that 0.2.2.x is out of rc and was uploaded to + unstable. + * Merged from debian-0.2.2: 0.2.2.29-beta-1 + - The postinst script changes /var/run/tor to mode 02750 if it exists, + but the tor init script creates it with mode 02700 if it doesn't. + Change the init script to also create the directory with a group + writeable mode, the same as the postinst maintainer script, i.e. 02750. + . + This will allow users in the debian-tor group to access the control + socket (re: #552556). + - Enable Control Socket by default. It lives in /var/run/tor/ + (closes: #552556). + * Update context in patches/06_add_compile_time_defaults. + * Forward port patches/07_log_to_file_by_default. + + -- Peter Palfrader Sat, 03 Sep 2011 13:32:18 +0200 + +tor (0.2.3.1-alpha-1) tor-0.2.3.x; urgency=low + + * New upstream version. + * Forward port debian/patches/14_fix_geoip_warning. + + -- Peter Palfrader Fri, 06 May 2011 17:08:03 +0200 + +tor (0.2.2.25-alpha-1) experimental; urgency=low + + * New upstream version. + * Add Vcs-* control fields. Patch by intrigeri@boum.org + (closes: #623316). + * Update mailinglist archive URLs in package description. + Patch by intrigeri@boum.org (closes: #623318). + + -- Peter Palfrader Sun, 01 May 2011 19:48:24 +0200 + +tor (0.2.2.24-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port missing changes from the 0.2.1.x tree: + - Add ${misc:Depends} for all three binary packages because debhelper + might want to add stuff [tor 0.2.1.26-1]. + - tor.postinst: Stop calling stat(1) with its full path [tor 0.2.1.26-1]. + - No longer set ulimit -c to unlimited: + Up until now the init script (or actually /etc/default/tor) raised + the ulimit for coredumps to unlimited, so that Tor would produce + coredumps on assert errors or segfaults. Coredumps however can + leak sensitive information, like cryptographic session keys and + clients' data should the core files get into the wrong hands. As + such it seems prudent to only enable coredumps if the user or + operator explicitly asks for them, and knows what to do with them. + [tor 0.2.1.26-2] + - Also include a cron.weekly job that removes old coredumps from + /var/lib/tor. This action can be disabled in /etc/default/tor. + [tor 0.2.1.26-2] + - Make sure the cronjob does not try to access a /var/lib/tor + that has already been removed (due to for instance package removal). + Thanks to Holger and piuparts for catching this. + [tor 0.2.1.26-3] + + -- Peter Palfrader Sun, 10 Apr 2011 19:08:27 +0200 + +tor (0.2.2.23-alpha-1) experimental; urgency=low + + * New upstream version. + * The tor specification files are no longer shipped in the tarball, + so /usr/share/doc/tor/spec is no more. They can be found online + at . + + -- Peter Palfrader Wed, 09 Mar 2011 14:40:16 +0100 + +tor (0.2.2.22-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 26 Jan 2011 19:20:21 +0100 + +tor (0.2.2.21-alpha-1) experimental; urgency=high + + * New upstream version, including several security related fixes. See + upstream changelog for details. Addresses CVE-2011-0427. + * Forward port patches/03_tor_manpage_in_section_8. + + -- Peter Palfrader Sun, 16 Jan 2011 18:40:27 +0100 + +tor (0.2.2.20-alpha-1) experimental; urgency=high + + * New upstream version. + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out (CVE-2010-1676). + * Since the dawn of time (0.0.2pre19-1, January 2004, initial release + of the debian package), the postinst script has changed ownership and + permissions of various trees like /var/lib/tor, /var/run/tor, and + /var/log/tor, sometimes recursively. + . + It turns out this actually is a security issue, so try to be more + conservative when fixing up modes and only chown/chgrp + /var/{lib,log,run}/tor directly, never recursively. + * Remove /var/run/tor, recursively, on purge. We already do this + for /var/lib/tor and /var/log/tor. + + -- Peter Palfrader Sat, 18 Dec 2010 13:35:26 +0100 + +tor (0.2.2.19-alpha-1) experimental; urgency=low + + * New upstream version. + - remove debian/patches/15_tlsext_host_name (already included in new + upstream version). + + -- Peter Palfrader Mon, 29 Nov 2010 13:46:10 +0100 + +tor (0.2.2.18-alpha-2) experimental; urgency=low + + * If we overwrite src/or/micro-revision.i in during build, + clean it out in the clean target. + * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8 + (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198): + . + Do not set the tlsext_host_name extension on server SSL objects; only on + client SSL objects. We set it to immitate a browser, not a vhosting + server. This resolves an incompatibility with openssl 0.9.8p and openssl + 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. + + -- Peter Palfrader Sun, 21 Nov 2010 23:39:32 +0100 + +tor (0.2.2.18-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 16 Nov 2010 20:01:23 +0100 + +tor (0.2.2.17-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 01 Oct 2010 12:33:28 +0200 + +tor (0.2.2.16-alpha-1) experimental; urgency=low + + * New upstream version. + * Downgrade torsocks/tsocks dependency to a recommends. That tool + is not needed if you only run a relay, or if you access Tor only + using polipo or privoxy. The torify(1) wrapper that makes use + of torsocks or tsocks already handles their absense and emmits a + proper message telling the user what they are missing (closes: #595898). + * Remove suggests of mixminion which is no longer in the archive + (closes: #594207), and also of anon-proxy which appears to not + have been updated in at least two years. + * Add xul-ext-torbutton to suggests. + + -- Peter Palfrader Sat, 18 Sep 2010 19:49:23 +0200 + +tor (0.2.2.15-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 06_add_compile_time_defaults. + + -- Peter Palfrader Sat, 21 Aug 2010 10:39:41 +0200 + +tor (0.2.2.14-alpha-1) experimental; urgency=low + + * New upstream version. + Among many other things: + - New config option "WarnUnsafeSocks 0" disables the warning that + occurs whenever Tor receives only an IP address instead of a + hostname. Setups that do DNS locally over Tor are fine, and we + shouldn't spam the logs in that case. (Closes: #497466) + + -- Peter Palfrader Thu, 15 Jul 2010 14:41:10 +0200 + +tor (0.2.2.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 24 Apr 2010 12:12:11 +0200 + +tor (0.2.2.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 20 Apr 2010 12:23:00 +0200 + +tor (0.2.2.11-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 17 Apr 2010 21:49:19 +0200 + +tor (0.2.2.10-alpha-2) experimental; urgency=low + + * In /etc/default/tor also source /etc/default/tor.vidalia if it exists + and if vidalia is installed. We do this so that the vidalia package + can override some of our settings: People who have vidalia installed might + not want to run Tor as a system service. The vidalia .deb can ask them + that and then set run-daemon to no. + + -- Peter Palfrader Sat, 03 Apr 2010 15:24:11 +0200 + +tor (0.2.2.10-alpha-1) experimental; urgency=low + + * New upstream version. + * debian/rules: + - make manpage building properly depend on patch-stamp, + - Fix building in the absence of a debian/micro-revision.i file. + + -- Peter Palfrader Tue, 09 Mar 2010 14:06:48 +0100 + +tor (0.2.2.9-alpha-1) experimental; urgency=low + + * New upstream version. + - We no longer need to build-depend on a recent libssl-dev because + Tor now detects whether we need to explicitly turn on + autonegotiation at run-time rather than compile time. Good. + (This also means we no longer need to conflict with newer + libssls when we built against an old one on backports.) + - The manpages are now built with asciidoc. While the upstream + tarball already ships with the output of asciidoc, we instead + build the manpages during package build time so we can patch them. + + Therefore build-depend on asciidoc (>= 8.2), docbook-xml, + docbook-xsl, and xmlto. + + update 03_tor_manpage_in_section_8 to patch the .txt files now. + + Remove tor.1.in torify.1.in tor-gencert.1.in tor-resolve.1.in in + the doc directory during clean. + + And try to work around missing (and if it wasn't, broken) + build-system for the manpages. + + The torify.1 manpage gets installed by upstream, no longer need + to do it manually in debian/rules. + - The original design paper is no longer shipped with Tor. + + Remove debian/hexdump-*.pdf (which we used to work around + fig2dev bugs). + + No longer build the paper in debian/rules, and remove it from + debian/tor.docs. + + No longer build-depend on texlive-base-bin, texlive-latex-base, + texlive-fonts-recommended, transfig and ghostscript. + - Upstream tarballs no longer ship an AUTHORS file, or the website, + Removed these from debian/tor.docs. No longer shipping parts of + the website also closes: #443560. + - Also no longer distribute doc/TODO and doc/HACKING in the debian + package. + * Move from comm to section net, where it might fit slightly better + (closes: #482801). + * Ship contrib/tor-exit-notice.html in the tor package (put it into + usr/share/doc/tor; closes: #568934). + * Add stark README.polipo with the instructions from Juliusz Chroboczek. + (closes: #413730) + * 0.2.2.4-alpha failed to ship test.h so we had included it in the + debian diff. The upstream bug has long since been fixed so we should + probably stop shipping our own copy of test.h. + * Finally apply Peter Eisentraut's patch for tor's init script to support + status as an argument (closes: #526371). + + -- Peter Palfrader Sun, 28 Feb 2010 10:58:10 +0100 + +tor (0.2.2.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 29 Jan 2010 23:22:35 +0100 + +tor (0.2.2.7-alpha-2) experimental; urgency=low + + * debian/rules: Minor cleanup (use a single variable for making up our + configure flags, not two). + * debian/rules: Remove logic that ignores the result of unit tests if + localhost does not resolve (or not to 127.0.0.1). This should no + longer be necessary as our build chroots have gotten a lot better. + * Depend on and enable hardening-includes for building. + + -- Peter Palfrader Sun, 24 Jan 2010 13:22:26 +0100 + +tor (0.2.2.7-alpha-1) experimental; urgency=medium + + * New upstream version. + - Rotate keys (both v3 identity and relay identity) for moria1 + and gabelmoo. + [and more] + + -- Peter Palfrader Wed, 20 Jan 2010 19:29:08 +0100 + +tor (0.2.2.6-alpha-1) experimental; urgency=low + + * New upstream version. + - Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch + (part of upstream). + + -- Peter Palfrader Mon, 23 Nov 2009 18:52:04 +0100 + +tor (0.2.2.5-alpha-1) experimental; urgency=low + + * New upstream version. + * Pick 0a58567ce3418f410cf1dd0143dd3e56b4a4bd1f from master git tree: + - work with libssl that has renegotiation disabled by default. + (debian/patches/0a58567c-work-with-reneg-ssl.dpatch) + * Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against + earlier versions we will not work once libssl gets upgraded to a version + that disabled renegotiations. + * Change order of recommends from privoxy | polipo to polipo | privoxy. + * Allegedly echo -e is a bashism. Remove it from debian/rules, we don't + need it anyways (closes: #478631). + * Change the dependency on tsocks to torsocks | tsocks (see: #554717). + + -- Peter Palfrader Sun, 15 Nov 2009 11:04:02 +0100 + +tor (0.2.2.4-alpha-1) experimental; urgency=low + + * New upstream version. + * The testsuite moved from src/or/test to src/test/test, + but let's call it using "make check" now. + * Upstream failed to ship src/test/test.h. Ship it in debian/ and + manually copy it in place during configure and clean up in clean. + Let's not use the patch system as this will most likely be rectified + by next release. + + -- Peter Palfrader Sun, 11 Oct 2009 10:38:55 +0200 + +tor (0.2.2.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Sep 2009 10:27:40 +0200 + +tor (0.2.2.2-alpha-1) experimental; urgency=low + + * New upstream version. + * The files src/common/common_sha1.i src/or/or_sha1.i get changed + during the build - they contain the checksums of the individual + files that end up in the binary. Of couse changes only end up + in the debian diff.gz after building a second time in the same + directory. So, remove those files in clean to get both a cleaner + diff.gz and idempotent builds. + * If we have a debian/micro-revision.i, replace the one in src/or + with our copy so that this will be the revision that ends up in + the binary. This is an informational only version string, but + it'd be kinda nice if it was (more) accurate nonetheless. + . + Of course this won't help if people manually patch around but + it's still preferable to claiming we are exactly upstream's source. + . + If we are building directly out of a git tree, update + debian/micro-revision.i in the clean target. + + -- Peter Palfrader Mon, 21 Sep 2009 14:51:20 +0200 + +tor (0.2.2.1-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/03_tor_manpage_in_section_8.dpatch. + * Forward port patches/06_add_compile_time_defaults.dpatch. + + -- Peter Palfrader Thu, 03 Sep 2009 15:10:26 +0200 + +tor (0.2.1.19-1) unstable; urgency=low + + * New upstream version. + - Make accessing hidden services on 0.2.1.x work right (closes: #538960). + [More items are in the upstream changelog.] + + -- Peter Palfrader Wed, 29 Jul 2009 12:49:03 +0200 + +tor (0.2.1.18-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 25 Jul 2009 11:15:11 +0200 + +tor (0.2.1.17-rc-1) experimental; urgency=low + + * New upstream version. + * Update upstream URL in debian/copyright. + + -- Peter Palfrader Mon, 13 Jul 2009 23:37:37 +0200 + +tor (0.2.1.16-rc-1) experimental; urgency=low + + * New upstream version. + * No longer inform the user if/when we re-create the /var/run/tor + directory in the init script. With /var/run on tmpfs this is + completely normal now so our message was just noise. + * Stop shipping /var/run/tor in the package. + * Only clean up permissions of /var/run/tor in postinst if the + directory actually exists. + * Update Standards-Version from 3.8.0 to 3.8.1. No real changes + required, we already support nocheck in DEB_BUILD_OPTIONS since + August 2004, and we already create our var/run directory in the + init script (tho we now no longer ship it either - see above). + * Change debhelper compatibility version from 4 to 5: + - Change dh_strip call from --dbg-package=tor + to --dbg-package=tor-dbg. + - Update versioned build time dependency on debhelper. + * Forward port 06_add_compile_time_defaults. + + -- Peter Palfrader Sat, 20 Jun 2009 13:16:02 +0200 + +tor (0.2.1.15-rc-1) experimental; urgency=low + + * New upstream version. + * Change build time dependency on gs to ghostscript. + + -- Peter Palfrader Sat, 30 May 2009 21:10:03 +0200 + +tor (0.2.1.14-rc-1) experimental; urgency=low + + * New upstream version. + * Change Section of tor-dbg to debug. + + -- Peter Palfrader Thu, 16 Apr 2009 19:54:19 +0200 + +tor (0.2.1.13-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 15 Mar 2009 00:58:07 +0100 + +tor (0.2.1.12-alpha-1) experimental; urgency=low + + * New upstream version, fixing several security relevant bugs: + - Avoid a potential crash on exit nodes when processing malformed + input. Remote DoS opportunity (closes: #514579). + - Fix a temporary DoS vulnerability that could be performed by + a directory mirror (closes: #514580). + * patches/06_add_compile_time_defaults: Only set the User option in + the config if we run as root. Do not set it when run as debian-tor + as Tor then always insists on changing users which will fail. (If + we run as any other user we don't set our debian defaults anyway.) + + -- Peter Palfrader Tue, 10 Feb 2009 00:19:53 +0100 + +tor (0.2.1.11-alpha-1) experimental; urgency=high + + * New upstream version: + - Fixes a possible remote heap buffer overflow bug. + - torify(1) manpage mentions DNS leaks now (closes: #495829). + * README.Debian: No longer claim we change the default 'Group' setting + when run as debian-user. That setting no longer exists. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Wed, 21 Jan 2009 01:00:15 +0100 + +tor (0.2.1.10-alpha-1) experimental; urgency=low + + * New alpha release. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Sun, 11 Jan 2009 12:06:28 +0100 + +tor (0.2.1.9-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Fri, 26 Dec 2008 20:51:53 +0100 + +tor (0.2.1.8-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Mon, 15 Dec 2008 23:00:32 +0100 + +tor (0.2.1.7-alpha-2) experimental; urgency=low + + * No longer set now obsolete Group setting in built-in debian config. + + -- Peter Palfrader Mon, 10 Nov 2008 16:28:31 +0100 + +tor (0.2.1.7-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Mon, 10 Nov 2008 09:39:30 +0100 + +tor (0.2.1.6-alpha-1) experimental; urgency=low + + * New alpha release. + * Forward port 14_fix_geoip_warning.dpatch. + + -- Peter Palfrader Tue, 30 Sep 2008 14:37:26 +0200 + +tor (0.2.1.5-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Tue, 02 Sep 2008 00:18:55 +0200 + +tor (0.2.1.4-alpha-1) experimental; urgency=low + + * New alpha release. + * Do not build with openbsd's malloc unless enable-openbsd-malloc is in + DEB_BUILD_OPTIONS. + + -- Peter Palfrader Tue, 05 Aug 2008 12:33:23 +0200 + +tor (0.2.1.2-alpha-1) experimental; urgency=low + + * New alpha release. + + -- Peter Palfrader Wed, 16 Jul 2008 13:05:45 +0200 + +tor (0.2.0.30-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 16 Jul 2008 02:19:08 +0200 + +tor (0.2.0.29-rc-2) unstable; urgency=low + + * Upload to unstable. + + -- Peter Palfrader Tue, 15 Jul 2008 22:16:08 +0200 + +tor (0.2.0.29-rc-1) experimental; urgency=low + + * New upstream version. + * Warn the admin if the number of file descriptors on his system is + tiny. + + -- Peter Palfrader Wed, 09 Jul 2008 14:02:06 +0200 + +tor (0.2.0.28-rc-1) experimental; urgency=low + + * New upstream version. + * Remove debian/patches/11_tor_as_root_more_helpful.dpatch as + it is no longer needed: We now setuid() to the Tor user + when run as root and it all just works. + * Add comments to the dpatch headers so lintian shuts up. + * Add patches/14_fix_geoip_warning: Change geoipdb open failed message. + * Require unit tests to pass again. + + -- Peter Palfrader Fri, 13 Jun 2008 10:28:36 +0200 + +tor (0.2.0.27-rc-1) experimental; urgency=low + + * New upstream version. + * Add tor-geoipdb arch: all package for the geoip database. + * Update debian/rules so that there now is a binary-common target + and the binary-indep and binary-arch targets call make with + proper DH_OPTIONS options. This is taken from the template + that dh_make nowadays uses for multi-binary packages. + * Unit tests are broken, yay. + * Use ${binary:Version} to depend on the right tor binary package from + the tor-dbg package instead of ${Source-Version}. Some guy on the + internet said the latter was deprecated. + * Add Homepage: https://www.torproject.org/ field to control file. + * And mention www.tp.o instead of the old tor.eff.org in the long + description. + * No longer ignore failure of make clean in the clean target. + * Support passing of parallel= in build options. + * Change declared Standards-Version to 3.8.0. + + -- Peter Palfrader Fri, 06 Jun 2008 01:11:33 +0200 + +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * New upstream version. + * Conflict with old libssls. + * On upgrading from versions prior to, including, 0.1.2.19-2, or + from versions later than 0.2.0 and prior to 0.2.0.26-rc do the + following, and if we are a server (we have a /var/lib/tor/keys + directory) + - move /var/lib/tor/keys/secret_onion_key out of the way. + - move /var/lib/tor/keys/secret_onion_key.old out of the way. + - move /var/lib/tor/keys/secret_id_key out of the way if it was + created on or after 2006-09-17, which is the day the bad + libssl was uploaded to Debian unstable. + * Add a NEWS file explaining this change. + + -- Peter Palfrader Tue, 13 May 2008 16:11:21 +0200 + +tor (0.2.0.24-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Wed, 23 Apr 2008 02:25:22 +0200 + +tor (0.2.0.23-rc-1) experimental; urgency=low + + * New upstream version. + * Mention OpenBSD_malloc_Linux.c in debian/copyright. + * Add a recommends on logrotate. + + -- Peter Palfrader Tue, 25 Mar 2008 09:34:37 +0100 + +tor (0.2.0.22-rc-1) experimental; urgency=low + + * New upstream version. + * Work around fig2dev failing to build the images on all archs + (re #457568). + * Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is + found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the + horrible memory fragmentation that glibc's malloc causes. + + -- Peter Palfrader Wed, 19 Mar 2008 08:03:47 +0100 + +tor (0.2.0.21-rc-1) experimental; urgency=low + + * New upstream version. + * Run --verify-config before start/reload/restart as root. No longer + su - to debian-tor tor run it. Given that we now even start Tor as + root (it setuids later on) this should be fine (closes: #468566). + + -- Peter Palfrader Mon, 3 Mar 2008 13:36:59 +0100 + +tor (0.2.0.20-rc-1) experimental; urgency=low + + * New upstream version. + * Change the default for MAX_FILEDESCRIPTORS in our init script to depend + on the number of system-wide available file descriptors: + /proc/sys/fs/file-max is bigger than 80k, set ulimit -n to 32k, if it's + greater than 40k set the limit to 16k, and when greater than 10k our limit + shall be 8k descriptors. If there are less than 20k FDs in the entire + system default to a limit of only 1024. + + Big servers at the moment regularly use more than 10k FDs, so our old + default of 8k no longer is sufficient. On the other hand we don't want + lower end systems to run out of FDs on Tor's account. + * If we run as root also apply debian defaults. + * Add User=debian-tor and Group=debian-tor to debian defaults. That allows + us to start Tor as root and have it setuid/setgid to the target user. + * Change the init script to start Tor as root. Now we should be able to + bind to low port. + + -- Peter Palfrader Mon, 25 Feb 2008 13:54:58 +0100 + +tor (0.2.0.19-alpha-1) experimental; urgency=low + + * New upstream version. + * It's 2008. Now is the time to add copyright statements for 2007. + * Forward port 03_tor_manpage_in_section_8.dpatch. + + -- Peter Palfrader Sun, 10 Feb 2008 01:12:04 +0100 + +tor (0.2.0.18-alpha-2) experimental; urgency=low + + * Work around fig2dev failing to build the images on mipsel like we do on + sparc and s390 (re #457568) + * Fix postinst find command that chowns stuff to the right user. Find + does weird things in the presence of !. + + -- Peter Palfrader Sun, 3 Feb 2008 18:17:16 +0100 + +tor (0.2.0.18-alpha-1) experimental; urgency=low + + * New upstream version. + * postinst: Remove the check that requires the debian-tor user + to have a uid between 100 and 999. There is no good reason + to require this. If the local admin moves the system users/uid-space + to some other range then they probably have a good reason for that. + * postinst: change wording if debian-tor's homedir is wrong, do not + print anything if it is ok. + * postinst: We were only fixing the permissions of /var/{lib,run,log}/tor + when we were not upgrading. Unfortunately the check doesn't work all + that well usually in cases where the package was removed (not purged) + and then later re-installed again. Now we ensure proper ownership + and modes for all the directories and files below /var/{lib,run,log}/tor + (the dirs themselves included) every time we run postinst. + * postinst: if we reboot between unpacking and configuring on some smart + systems this will mean that we just lost /var/run/tor - creating it + in the maintainer script if it doesn't exist. + * Create logfiles in logrotate so that they come into the world with the + correct mode (o-r). + + -- Peter Palfrader Thu, 24 Jan 2008 15:15:32 +0100 + +tor (0.2.0.17-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 17 Jan 2008 21:42:25 +0100 + +tor (0.2.0.15-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 25 Dec 2007 08:53:25 +0100 + +tor (0.2.0.14-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove 13_r12907-fix-unit-tests.dpatch (Fix unit tests from HEAD) again - + it's included upstream. + * Work around fig2dev failing to build the images on sparc like we do on + s390. + + -- Peter Palfrader Sun, 23 Dec 2007 13:45:41 +0100 + +tor (0.2.0.13-alpha-1) experimental; urgency=low + + * New upstream version. + * Fix unit tests from HEAD (13_r12907-fix-unit-tests.dpatch). + + -- Peter Palfrader Fri, 21 Dec 2007 11:52:43 +0100 + +tor (0.2.0.12-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 18 Nov 2007 11:49:06 +0100 + +tor (0.2.0.11-alpha-1) experimental; urgency=low + + * New upstream version. + * remove 12_r12235_do_not_crash_when_myfamily_is_set again, it's + now part of upstream. + + -- Peter Palfrader Thu, 15 Nov 2007 11:07:06 +0100 + +tor (0.2.0.9-alpha-2) experimental; urgency=low + + * Do not separate required lsb facilities with commas in the + init script (closes: #448001). + * Add 12_r12235_do_not_crash_when_myfamily_is_set.dpatch, + from trunk/head. + + -- Peter Palfrader Sun, 28 Oct 2007 00:03:21 +0200 + +tor (0.2.0.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Only create pid dir if we are about to start Tor (Luca Capello, + closes: #447508). + + -- Peter Palfrader Fri, 26 Oct 2007 14:29:56 +0200 + +tor (0.2.0.8-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 13 Oct 2007 16:27:04 +0200 + +tor (0.2.0.7-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 24 Sep 2007 23:50:14 +0200 + +tor (0.2.0.6-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 27 Aug 2007 15:41:31 +0200 + +tor (0.2.0.5-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 19 Aug 2007 15:10:49 +0200 + +tor (0.2.0.4-alpha-1) experimental; urgency=high + + * New upstream version. + + -- Peter Palfrader Thu, 2 Aug 2007 07:09:36 +0200 + +tor (0.2.0.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 31 Jul 2007 07:03:00 +0200 + +tor (0.2.0.2-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 3 Jun 2007 02:31:29 +0200 + +tor (0.2.0.1-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port 06_add_compile_time_defaults. + * teTeX is no more, long live TeX Live: + - remove build depends on tetex-bin, tetex-extra, + - add build depends on texlive-base-bin for dvips and bibtex, + texlive-latex-base for latex, and texlive-fonts-recommended for fonts + like ptmr7t. + + -- Peter Palfrader Sat, 2 Jun 2007 14:31:15 +0200 + +tor (0.1.2.19-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 17 Jan 2008 20:57:42 +0100 + +tor (0.1.2.18-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 29 Oct 2007 20:36:38 +0100 + +tor (0.1.2.17-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 31 Aug 2007 03:14:33 +0200 + +tor (0.1.2.16-1) unstable; urgency=high + + * New upstream version. + + -- Peter Palfrader Thu, 2 Aug 2007 06:43:09 +0200 + +tor (0.1.2.15-1) unstable; urgency=low + + * New upstream version. + * Change build-depends from tetex to texlive suite. + + -- Peter Palfrader Thu, 19 Jul 2007 22:33:43 +0200 + +tor (0.1.2.14-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 25 May 2007 21:49:20 +0200 + +tor (0.1.2.13-3) unstable; urgency=low + + * Always give a shell (/bin/sh) when we use su(1) in our init script + (closes: #421465). + + -- Peter Palfrader Sun, 6 May 2007 14:44:11 +0200 + +tor (0.1.2.13-2) unstable; urgency=low + + * In options_init_from_torrc()'s error path only config_free() options + if they already have been initialized (closes: #421235). + + -- Peter Palfrader Fri, 27 Apr 2007 13:06:37 +0200 + +tor (0.1.2.13-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 24 Apr 2007 21:21:10 +0200 + +tor (0.1.2.12-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 17 Mar 2007 11:35:31 +0100 + +tor (0.1.2.10-rc-1) experimental; urgency=low + + * New upstream version. + * Change recommends on privoxy to privoxy | polipo (>= 1) (closes: #413728). + + -- Peter Palfrader Fri, 9 Mar 2007 10:57:40 +0100 + +tor (0.1.2.8-beta-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 26 Feb 2007 11:50:49 +0100 + +tor (0.1.2.7-alpha-1) experimental; urgency=low + + * New upstream version. + * Install all the spec files into usr/share/doc/tor/spec now. + They moved to doc/spec/* from just doc/* in the source too. + + -- Peter Palfrader Tue, 13 Feb 2007 18:51:14 +0100 + +tor (0.1.2.6-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Tue, 9 Jan 2007 17:39:15 +0100 + +tor (0.1.2.5-alpha-1) experimental; urgency=low + + * New upstream version. + * Disable 02_add_debian_files_in_manpage.dpatch for now. + + -- Peter Palfrader Sun, 7 Jan 2007 13:57:37 +0100 + +tor (0.1.2.4-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 4 Dec 2006 00:13:37 +0100 + +tor (0.1.2.3-alpha-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 30 Oct 2006 11:06:52 +0100 + +tor (0.1.2.2-alpha-1) experimental; urgency=low + + [ Peter Palfrader ] + * New upstream version. + + [ Roger Dingledine ] + * Minor update of debian/copyright. + + -- Peter Palfrader Tue, 10 Oct 2006 03:26:00 +0200 + +tor (0.1.2.1-alpha-1) experimental; urgency=low + + * Forward port 07_log_to_file_by_default.dpatch. + * Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and + Log differed from upstreams. Now Tor behaves just like before (with + our own DataDirectory and all) only when run as the debian-tor user. + If invoked as any other user, Tor will behave just like the pristine + upstream version. + * Tell users about the init script when they try to run Tor as root. + Should we also do this when they try to run their Tor as any other + (non root, non debian-tor) user? - add 11_tor_as_root_more_helpful + * Use tor --verify-config before start and reload. Abort init script + with exit 1 if config does not verify. + * Change Standards-Version to 3.7.2. No changes required. + + -- Peter Palfrader Tue, 29 Aug 2006 22:38:29 +0200 + +tor (0.1.1.26-1) unstable; urgency=high + + * New upstream version (Stop sending the HttpProxyAuthenticator string to + directory servers when directory connections are tunnelled through Tor). + + -- Peter Palfrader Fri, 15 Dec 2006 20:24:07 +0100 + +tor (0.1.1.25-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 4 Nov 2006 17:16:08 +0100 + +tor (0.1.1.24-1) unstable; urgency=low + + * New upstream version. + * Update debian/copyright: + - tree.h has vanished somewhere along the current branch + - ht.h is new and credits Christopher Clark + - We didn't mention Matej Pfajfar's copyright before. + * Forward port 07_log_to_file_by_default. + + -- Peter Palfrader Fri, 6 Oct 2006 23:32:45 +0200 + +tor (0.1.1.23-1) unstable; urgency=medium + + * New upstream version. + + -- Peter Palfrader Thu, 3 Aug 2006 03:13:24 +0200 + +tor (0.1.1.22-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 6 Jul 2006 02:55:37 +0200 + +tor (0.1.1.21-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sun, 11 Jun 2006 18:27:13 +0200 + +tor (0.1.1.20-1) unstable; urgency=low + + * New upstream stable release: The 0.1.1.x tree is now the new stable + tree. Upload to unstable rather than experimental. + + -- Peter Palfrader Tue, 23 May 2006 20:16:25 +0200 + +tor (0.1.1.19-rc-1) experimental; urgency=low + + * New upstream version. + * Remove support for my nodoc DEB_BUILD_OPTIONS variable. It clutters + stuff and I haven't used it in ages. + * Update debian/tor.docs file. + + -- Peter Palfrader Fri, 5 May 2006 16:27:48 +0200 + +tor (0.1.1.18-rc-1) experimental; urgency=low + + * New upstream version. + * update debian/tor.doc: + - no longer ship INSTALL and README files, they are useless now. + - doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html, + doc/tor-hidden-service.html, doc/tor-switchproxy.html got replaced + by doc/website/stylesheet.css and doc/website/tor-* which is more + or less the same, only taken from the website. Some links are + probably broken still, but this should get fixed eventually. + + -- Peter Palfrader Mon, 10 Apr 2006 12:00:50 +0200 + +tor (0.1.1.17-rc-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/07_log_to_file_by_default. + + -- Peter Palfrader Tue, 28 Mar 2006 09:48:04 +0200 + +tor (0.1.1.16-rc-1) experimental; urgency=low + + * New upstream version. + + -- Peter Palfrader Mon, 20 Mar 2006 02:03:29 +0100 + +tor (0.1.1.15-rc-1) experimental; urgency=low + + * New upstream version. + * Apparently passing --host to configure when not cross-compiling + is evil now and greatly confuses configure. So don't do it unless it + actually differs from --build host. + + -- Peter Palfrader Sat, 11 Mar 2006 20:04:36 +0100 + +tor (0.1.1.14-alpha-1) experimental; urgency=low + + * New upstream version. + * Include 0.1.0.17 changelog in experimental tree. + * doc/FAQ is no longer shipped, so remove it from debian/tor.docs. + + -- Peter Palfrader Tue, 21 Feb 2006 05:16:21 +0100 + +tor (0.1.1.13-alpha-1) experimental; urgency=low + + * New upstream version. + * Forward port patches/02_add_debian_files_in_manpage. + * Forward port patches/03_tor_manpage_in_section_8. + * Create /var/run/tor on init script start if it does + not exist already. + * Set default ulimit -n to 8k instead of 4k in /etc/default/tor. + * Print that we're raising the ulimit to stdout in the init script. + * Add CVE numbers to past issues in the changelog where applicable. + + -- Peter Palfrader Fri, 10 Feb 2006 14:38:11 +0100 + +tor (0.1.1.12-alpha-1) experimental; urgency=low + + * New upstream version, that was a quick one. :) + * Forward port patches/02_add_debian_files_in_manpage. + + -- Peter Palfrader Thu, 12 Jan 2006 02:53:27 +0100 + +tor (0.1.1.11-alpha-1) experimental; urgency=low + + * New upstream version. + - Implement "entry guards": automatically choose a handful of entry + nodes and stick with them for all circuits. This will increase + security dramatically against certain end-point attacks + (closes: #349283, CVE-2006-0414). + * Forward port patches/07_log_to_file_by_default. + * Forward port 0.1.0.16 changelog and change to copyright file. + + -- Peter Palfrader Wed, 11 Jan 2006 12:08:25 +0100 + +tor (0.1.1.10-alpha-1) experimental; urgency=low + + * New upstream version. + * doc/tor-doc.css and doc/tor-doc.html are no longer in the upstream + tarball, remove them from debian/tor.docs. + * add the following new files to tor.docs: doc/socks-extensions.txt, + doc/stylesheet.css, doc/tor-doc-server.html, doc/tor-doc-unix.html + + -- Peter Palfrader Sun, 11 Dec 2005 14:02:41 +0100 + +tor (0.1.1.9-alpha-1) experimental; urgency=low + + * New upstream version. + * Remove 08_add_newlines_between_serverdescriptors.dpatch. + * Update 06_add_compile_time_defaults.dpatch + * Use bin/bash for the init script instead of bin/sh. We are using + ulimit -n which is not POSIX (closes: #338797). + * Remove the EVENT_NOEPOLL block from etc/default/tor. + * Add an ARGS block to etc/default/tor as suggested in #338425. + + -- Peter Palfrader Tue, 15 Nov 2005 23:29:54 +0100 + +tor (0.1.1.8-alpha-1) experimental; urgency=low + + * New upstream version. + * Add patch from CVS to + "Insert a newline between all router descriptors when generating (old + style) signed directories, in case somebody was counting on that". + r1.247 of dirserv.c, <20051008060243.85F41140808C@moria.seul.org> + + -- Peter Palfrader Sat, 8 Oct 2005 20:24:39 +0200 + +tor (0.1.1.7-alpha-1) experimental; urgency=low + + * New upstream version. + * More merging from 0.1.0.14+XXXX: + - The tor-dbg package does not really need its own copy of copyright + and changelog in usr/share/doc/tor-dbg. + * Forward port 03_tor_manpage_in_section_8.dpatch + + -- Peter Palfrader Wed, 14 Sep 2005 17:52:35 +0200 + +tor (0.1.1.6-alpha-2) experimental; urgency=low + + * Merge 0.1.0.14+XXXX changes. + + -- Peter Palfrader Wed, 14 Sep 2005 15:05:16 +0200 + +tor (0.1.1.6-alpha-1) experimental; urgency=low + + * Experimental upstream version. + + -- Peter Palfrader Sat, 10 Sep 2005 10:17:43 +0200 + +tor (0.1.1.5-alpha-cvs-1) UNRELEASED; urgency=low + + * Even more experimental cvs snapshot. + * Testsuite is mandatory again. + * Forward port 03_tor_manpage_in_section_8.dpatch + * Forward port 06_add_compile_time_defaults.dpatch + + -- Peter Palfrader Fri, 9 Sep 2005 23:22:38 +0200 + +tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low + + * Experimental upstream version. + * Allow test suite to fail, it's broken in this version. + * Update list of files from doc/ that should be installed. + * Forward port debian/ patches. + + -- Peter Palfrader Fri, 12 Aug 2005 17:02:23 +0200 + +tor (0.1.0.17-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 18 Feb 2006 02:49:45 +0100 + +tor (0.1.0.16-1) unstable; urgency=low + + * New upstream version. + * Update copyright file for 2006. + + -- Peter Palfrader Tue, 3 Jan 2006 13:59:34 +0100 + +tor (0.1.0.15-1) unstable; urgency=low + + * New upstream release. + * Forward port 03_tor_manpage_in_section_8. + + -- Peter Palfrader Sat, 24 Sep 2005 15:15:34 +0200 + +tor (0.1.0.14-2) unstable; urgency=low + + * Ship debugging information in a separate package now, instead + of simply not stripping tor. This is still useful while tor is + young. Ideally it would go away some time. + * Add LSB comments to init script as suggested by Petter Reinholdtsen + on the debian-devel list: + - http://lists.debian.org/debian-devel/2005/08/msg01172.html + - http://wiki.debian.net/?LSBInitScripts + * Work around broken chroots that do not resolve localhost or resolve + it to the wrong IP. We now catch such cases in debian/rules, shout + at the buildd maintainer, and ignore the result of our test suite. + + -- Peter Palfrader Wed, 21 Sep 2005 10:23:25 +0200 + +tor (0.1.0.14-1) unstable; urgency=high + + * New upstream version - changes, among others: + - Fixes the other half of the bug with crypto handshakes (CVE-2005-2643). + * Since gs-gpl on s390 is broken (#321435) and unable to + build PDFs of our images for the design paper this version + ships them in the source and uses them on s390, should building + them from source really fail. + * Increase standards-version from 3.6.1 to 3.6.2. No changes + necessary. + + -- Peter Palfrader Mon, 8 Aug 2005 23:55:05 +0200 + +tor (0.1.0.13-1) unstable; urgency=high + + * New upstream version: + - Explicitly set no-unaligned-access for sparc in configure.in. + it turns out the new gcc's let you compile broken code, but + that doesn't make it not-broken (closes: #320140). + - Fix a critical bug in the security of our crypto handshakes. + (Therefore set urgency to high). + and more (see upstream changelog). + * Slightly improve init script to give you proper error messages when + you do not run it as root. + + -- Peter Palfrader Fri, 5 Aug 2005 01:27:49 +0200 + +tor (0.1.0.12-1) unstable; urgency=medium + + * New upstream version: + - New IP for tor26 directory server, + - fix a possible double-free in tor_gzip_uncompress, + - and more (see upstream changelog). + + -- Peter Palfrader Tue, 19 Jul 2005 17:36:24 +0200 + +tor (0.1.0.11-1) unstable; urgency=high + + * New upstream version (closes: #316753): + - Fixes a serious bug: servers now honor their exit policies - + In 0.1.0.x only clients enforced them so far. 0.0.9.x is + not affected. + * Build depend on libevent-dev >= 1.1. + * Urgency high because 0.0.9.10-1 did not make it into testing after + like 3 weeks because of an impending ftp-master move. So I might + just as well upload this one. + + -- Peter Palfrader Mon, 4 Jul 2005 17:53:48 +0200 + +tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low + + * New upstream version. + * Add a watch file. + * Forward port 03_tor_manpage_in_section_8. + * Forward port 06_add_compile_time_defaults. + * Add libevent-dev to build-depends. + * Update URL to tor in debian/control and debian/copyright. + * Add a snippet to disable epoll in etc/default/tor, commented out. + * Add a snippet to set nice level in etc/default/tor. + * Wait for 60 seconds in init stop. 35 is too little. + * Don't depend on python anymore - tor-resolve is C now. + * If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4. + Of course the -dev package needs to be installed. + * Update README.Debian to say that upstream now does have a default + for DataDirectory. + * Don't fail in the init script when we cannot raise the ulimit. + Instead just warn a bit (closes: #312882). + + -- Peter Palfrader Wed, 15 Jun 2005 16:38:06 +0200 + +tor (0.0.9.10-1) unstable; urgency=high + + * While we're waiting for a newer libevent to enter sid, make another + upload of the 0.0.9.x tree: + - Refuse relay cells that claim to have a length larger than the + maximum allowed. This prevents a potential attack that could read + arbitrary memory (e.g. keys) from an exit server's process + (CVE-2005-2050). + + -- Peter Palfrader Thu, 16 Jun 2005 22:56:11 +0200 + +tor (0.0.9.9-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Sat, 23 Apr 2005 23:58:47 +0200 + +tor (0.0.9.8-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 8 Apr 2005 09:11:34 +0200 + +tor (0.0.9.7-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Fri, 1 Apr 2005 09:52:12 +0200 + +tor (0.0.9.6-1) unstable; urgency=low + + * New upstream version. + * Upstream used newer auto* tools, so hopefully the new config.sub + and config.guess files (2003-08-18) are good enough to build + tor on ppc64 (closes: #300376: FTBFS on ppc64). + + -- Peter Palfrader Fri, 25 Mar 2005 01:34:28 +0100 + +tor (0.0.9.5-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 24 Feb 2005 09:45:52 +0100 + +tor (0.0.9.4-1) unstable; urgency=low + + * New upstream version. + * Set ulimit for file descriptors to 4096 in our init + script. + * Use SIGINT to shutdown tor. That way - if you are a server - + tor will stop accepting new connections immediately, and + give existing connections a grace period of 30 seconds in + which they might complete their task. If you just run a + client it should make no difference. + + -- Peter Palfrader Fri, 4 Feb 2005 00:20:25 +0100 + +tor (0.0.9.3-1) unstable; urgency=low + + * New upstream version. + * Forward port 07_log_to_file_by_default. + + -- Peter Palfrader Sun, 23 Jan 2005 16:01:58 +0100 + +tor (0.0.9.2-1) unstable; urgency=low + + * New upstream version. + * Update debian/copyright (it's 2005). + * Add sharedscripts tor logrotate.d/tor. + + -- Peter Palfrader Tue, 4 Jan 2005 11:14:03 +0100 + +tor (0.0.9.1-1) unstable; urgency=low + + * New upstream version. + + -- Peter Palfrader Thu, 16 Dec 2004 00:16:47 +0100 + +tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium + + * New upstream release (candidate). + For real this time. Looks like our rc6 orig.tar.gz + was in fact the rc5 one. + * forward port patches/07_log_to_file_by_default + + -- Peter Palfrader Wed, 8 Dec 2004 15:22:44 +0100 + +tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium + + * New upstream release (candidate). + - cleans up more integer underflows that don't look exploitable. + But one never knows (-> medium). + * Remove those 'date' calls in debian/rules again that were + added in rc5-1. + + -- Peter Palfrader Mon, 6 Dec 2004 11:11:23 +0100 + +tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium + + * New upstream release (candidate). + - medium because it fixes an integer overflow that might + be exploitable, but doesn't seem to be currently. + * Add a few 'date' calls in debian/rules, so I can see how long + building the docs take on autobuilders. + + -- Peter Palfrader Wed, 1 Dec 2004 10:02:08 +0100 + +tor (0.0.8+0.0.9rc3-1) unstable; urgency=low + + * New upstream release (candidate). + + -- Peter Palfrader Thu, 25 Nov 2004 10:33:42 +0100 + +tor (0.0.8+0.0.9rc2-1) unstable; urgency=low + + * New upstream release (candidate). + * Nick's patch is now part of upstream, remove it from + the debian diff. + + -- Peter Palfrader Wed, 24 Nov 2004 09:03:13 +0100 + +tor (0.0.8+0.0.9rc1-1) unstable; urgency=low + + * New upstream release (candidate). + * Apply nick's patch against config.c (1.267) to handle + absense of units in BandwidthRate. + + -- Peter Palfrader Tue, 23 Nov 2004 11:57:49 +0100 + +tor (0.0.8+0.0.9pre6-1) unstable; urgency=low + + * New upstream (pre)release. + * Install control-spec.txt into usr/share/doc/tor/. + + -- Peter Palfrader Tue, 16 Nov 2004 04:49:32 +0100 + +tor (0.0.8+0.0.9pre5-2) unstable; urgency=low + + * Symlink tor(8) manpage to torrc(5). + * Make logs readable by the system administrators (group adm). + * Point to /var/log/tor (the directory) instead of a single + file (/var/log/tor/log) in the debian patch of the manpage. + * Do not patch the default torrc to include settings we really want. + Instead modify the compiled in default options. Those settings are + + - RunAsDaemon is enabled by default. + - PidFile is set to /var/run/tor/tor.pid. No default upstream. + - default logging goes to /var/log/tor/log instead of stdout. + - DataDirectory is set to /var/lib/tor by default. No default upstream. + + This is also documented in the new debian/README.Debian. + * Remove /usr/bin/tor-control.py from the binary package, it is + not really useful yet, and wasn't meant to be installed by + default. + * Change init startup script to properly deal with tor + printing stuff on startup. + + -- Peter Palfrader Fri, 12 Nov 2004 18:30:50 +0100 + +tor (0.0.8+0.0.9pre5-1) unstable; urgency=low + + * New upstream (pre)release. + * 04_fix_test can be backed out again. + * Make sure all patches apply cleanly. + * No longer use --pidfile, --logfile, and --runasdaemon + command line options. Set them in the configfile instead. + * Change the description slightly, to say "don't rely on the current Tor + network if you really need strong anonymity", instead of "Tor will not + provide anonymity currently". + + -- Peter Palfrader Wed, 10 Nov 2004 04:43:10 +0100 + +tor (0.0.8+0.0.9pre4-1) unstable; urgency=low + + * New upstream (pre)release. + * Apply patch from cvs to fix a segfault in src/or/test + (test.c, 1.131). + + -- Peter Palfrader Sun, 17 Oct 2004 19:04:31 +0200 + +tor (0.0.8+0.0.9pre3-1) unstable; urgency=high + + * New upstream (pre)release. + * Fixes at least one segfault that can be triggered remotely, + a format string vulnerability which probably is not exploitable, + and several assert bugs. + + -- Peter Palfrader Thu, 14 Oct 2004 13:36:45 +0200 + +tor (0.0.8+0.0.9pre2-1) unstable; urgency=low + + * New upstream (pre)release. + + -- Peter Palfrader Sun, 3 Oct 2004 01:29:13 +0200 + +tor (0.0.8+0.0.9pre1-1) unstable; urgency=low + + * New upstream (pre)release. + * Built depend on zlib1g-dev. + + -- Peter Palfrader Fri, 1 Oct 2004 21:28:49 +0200 + +tor (0.0.8-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Fri, 27 Aug 2004 14:08:10 +0200 + +tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low + + * New upstream release candidate. + * Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops. + + -- Peter Palfrader Wed, 18 Aug 2004 09:59:13 +0200 + +tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low + + * New upstream (pre)release. + * Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO, + doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package. + * Build tor-design.{pdf,ps}, wich adds new build-dependencies: + tetex-{bin,extra}, transfig, and gs. + * Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design. + With nodoc the build will not need tetex-{bin,extra}, transfig, and gs. + * Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests + ('notest' is an alias') + * Enable coredumps by default, this is still development code. + * Modify 02_add_debian_files_in_manpage to still apply. + + -- Peter Palfrader Sun, 8 Aug 2004 15:03:32 +0200 + +tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low + + * New upstream (pre)release. + * Depend on python as we now have a python script: tor_resolve + + -- Peter Palfrader Wed, 4 Aug 2004 20:09:26 +0200 + +tor (0.0.7.2-1) unstable; urgency=medium + + * New upstream release. + Fixes another instance of that remote crash bug. + * Mention another reason why stop/reload may fail in the init script. + + -- Peter Palfrader Thu, 8 Jul 2004 03:21:32 +0200 + +tor (0.0.7.1-1) unstable; urgency=medium + + * New upstream release. + Fixes a bug that allows a remote crash on exit nodes. + * Logrotate var/log/tor/*log instead of just var/log/tor/log, in + case the admin wants several logs. + + -- Peter Palfrader Mon, 5 Jul 2004 19:18:12 +0200 + +tor (0.0.7-1) unstable; urgency=low + + * New upstream version + closes: #249893: FTBFS on ia64 + + -- Peter Palfrader Mon, 7 Jun 2004 21:46:08 +0200 + +tor (0.0.6.2-1) unstable; urgency=medium + + * New upstream release (breaks backwards compatibility yet again). + * Recommend socat. + * Since tor is in /usr/sbin, the manpage should be in section 8, not + in section 1. Move it there, including updating the section in + the manpage itself and the reference in torify(1). + * Update debian/copyright file. + + -- Peter Palfrader Sun, 16 May 2004 10:47:20 +0200 + +tor (0.0.6.1-1) unstable; urgency=medium + + * New upstream release (breaks backwards compatibility). + + -- Peter Palfrader Fri, 7 May 2004 00:24:49 +0200 + +tor (0.0.6-1) unstable; urgency=low + + * New upstream release (breaks backwards compatibility). + + -- Peter Palfrader Sun, 2 May 2004 23:58:36 +0200 + +tor (0.0.5+0.0.6rc4-1) unstable; urgency=low + + * New upstream release candidate. + + -- Peter Palfrader Sun, 2 May 2004 14:36:59 +0200 + +tor (0.0.5+0.0.6rc3-1) unstable; urgency=low + + * New upstream release candidate. + + -- Peter Palfrader Thu, 29 Apr 2004 11:52:07 +0200 + +tor (0.0.5+0.0.6rc2-1) unstable; urgency=low + + * New upstream release candidate. + * Mention upstream website and mailinglist archives in long + description. + + -- Peter Palfrader Mon, 26 Apr 2004 12:23:20 +0200 + +tor (0.0.5-1) unstable; urgency=low + + * New upstream release. + * Upstream installs a torrc.sample file now, rather than torrc. + Keep using torrc as dpkg handles conffile upgrades. + + -- Peter Palfrader Tue, 30 Mar 2004 20:54:00 +0200 + +tor (0.0.4-1) unstable; urgency=low + + * New upstream release (how the version numbers fly by :). + + -- Peter Palfrader Fri, 26 Mar 2004 23:46:09 +0100 + +tor (0.0.3-1) unstable; urgency=low + + * New upstream release. + * Also mention that tree.h is by Niels Provos in debian/copyright. + + -- Peter Palfrader Fri, 26 Mar 2004 20:36:08 +0100 + +tor (0.0.2-1) unstable; urgency=low + + * New upstream release. + * Uses strlcpy and strlcat by Todd C. Miller, mention him in + debian/copyright. + + -- Peter Palfrader Fri, 19 Mar 2004 12:37:17 +0100 + +tor (0.0.1+0.0.2pre27-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Mon, 15 Mar 2004 05:19:16 +0100 + +tor (0.0.1+0.0.2pre26-1) unstable; urgency=low + + * New upstream release. + * Mention log and pidfile location in tor.1. + + -- Peter Palfrader Mon, 15 Mar 2004 02:21:29 +0100 + +tor (0.0.1+0.0.2pre25-1) unstable; urgency=low + + * New upstream release. + + -- Peter Palfrader Thu, 4 Mar 2004 23:05:38 +0100 + +tor (0.0.1+0.0.2pre24-1) unstable; urgency=low + + * New upstream release. + * Do not strip binaries for now. + * Add "# ulimit -c unlimited" to tor.default + * Always enable DataDirectory. + * Actually use dpatch now (to modify upstream torrc.in) + * Wait for tor to die in init stop. Let the user know if it doesn't. + + -- Peter Palfrader Wed, 3 Mar 2004 14:10:25 +0100 + +tor (0.0.1+0.0.2pre23-1) unstable; urgency=low + + * New upstream release. + * The one test that always failed has been fixed: removed comment from + rules file. + + -- Peter Palfrader Sun, 29 Feb 2004 12:36:33 +0100 + +tor (0.0.1+0.0.2pre22-1) unstable; urgency=low + + * New upstream release. + * Upstream has moved tor back to usr/bin, but we will keep it in + usr/sbin. That's the right place and it doesn't break my tab + completion there. + + -- Peter Palfrader Fri, 27 Feb 2004 01:59:09 +0100 + +tor (0.0.1+0.0.2pre21-1) unstable; urgency=low + + * New upstream release. + * 0.0.2pre20-2 removed the Recommends: on privoxy rather + than tsocks (which is now required) by mistake. Fix that. + * package description: Mention that the package starts the OP by default and + that OR can be enabled in the config. + * tor moved to sbin, updating init script. + + -- Peter Palfrader Wed, 18 Feb 2004 10:08:12 +0100 + +tor (0.0.1+0.0.2pre20-2) unstable; urgency=low + + * Add torify script, documentation, and config file. Means we also + depend on tsocks now rather than just recommending it. Right now + we install it in debian/rules, but upcoming versions might install + it in upstream's make install target. + * There's an upstream ChangeLog file now. Enjoy! + * Add a README.privoxy file that explains how to setup privoxy to + go over tor. + * As is the case too often, the INSTALL file not only covers + installation, but also basic usage and configuration. Therefore + include it in the docs dir. + * Add a lintian override for the INSTALL file. + + -- Peter Palfrader Tue, 17 Feb 2004 02:32:00 +0100 + +tor (0.0.1+0.0.2pre20-1) unstable; urgency=low + + * New upstream version. + - various design paper updates + - resolve cygwin warnings + - split the token bucket into "rate" and "burst" params + - try to resolve discrepency between bytes transmitted over TLS and actual + bandwidth use + - setuid to user _before_ complaining about running as root + - fix several memleaks and double frees + - minor logging fixes + - add more debugging for logs. + - various documentation fixes and improvements + - for perforcmance testing, paths are always 3 hops, not "3 or more" + (this will go away at a later date again) + * Add dependency on adduser which was previously missing. + * Change short description to a nicer one. + + -- Peter Palfrader Sat, 31 Jan 2004 10:10:45 +0100 + +tor (0.0.1+0.0.2pre19-1) unstable; urgency=low + + * Initial Release (closes: #216611). + + -- Peter Palfrader Sat, 10 Jan 2004 11:20:06 +0100 + --- tor-0.3.3.8.orig/debian/compat +++ tor-0.3.3.8/debian/compat @@ -0,0 +1 @@ +9 --- tor-0.3.3.8.orig/debian/control +++ tor-0.3.3.8/debian/control @@ -0,0 +1,67 @@ +Source: tor +Section: net +Priority: optional +Maintainer: Peter Palfrader +Build-Depends: debhelper (>= 9.20160114), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev [amd64 i386], dh-systemd [linux-any], libsystemd-dev [linux-any], pkg-config [linux-any], libcap-dev [linux-any], dh-autoreconf, liblzma-dev, libzstd-dev +Build-Conflicts: libnacl-dev, libseccomp-dev [!amd64 !i386] +Standards-Version: 3.9.8 +Homepage: https://www.torproject.org/ +Vcs-Git: https://git.torproject.org/debian/tor.git +Vcs-Browser: https://gitweb.torproject.org/debian/tor.git + +Package: tor +Architecture: any +Depends: ${shlibs:Depends}, adduser, ${misc:Depends}, lsb-base +Pre-Depends: ${misc:Pre-Depends} +Conflicts: libssl0.9.8 (<< 0.9.8g-9) +Recommends: logrotate, tor-geoipdb, torsocks +Suggests: mixmaster, torbrowser-launcher, socat, tor-arm, apparmor-utils, tor-arm, obfs4proxy +Description: anonymizing overlay network for TCP + Tor is a connection-based low-latency anonymous communication system. + . + Clients choose a source-routed path through a set of relays, and + negotiate a "virtual circuit" through the network, in which each relay + knows its predecessor and successor, but no others. Traffic flowing + down the circuit is decrypted at each relay, which reveals the + downstream relay. + . + Basically, Tor provides a distributed network of relays. Users bounce + their TCP streams (web traffic, ftp, ssh, etc) around the relays, and + recipients, observers, and even the relays themselves have difficulty + learning which users connected to which destinations. + . + This package enables only a Tor client by default, but it can also be + configured as a relay and/or a hidden service easily. + . + Client applications can use the Tor network by connecting to the local + socks proxy interface provided by your Tor instance. If the application + itself does not come with socks support, you can use a socks client + such as torsocks. + . + Note that Tor does no protocol cleaning on application traffic. There + is a danger that application protocols and associated programs can be + induced to reveal information about the user. Tor depends on Torbutton + and similar protocol cleaners to solve this problem. For best + protection when web surfing, the Tor Project recommends that you use + the Tor Browser Bundle, a standalone tarball that includes static + builds of Tor, Torbutton, and a modified Firefox that is patched to fix + a variety of privacy bugs. + +Package: tor-geoipdb +Architecture: all +Priority: extra +Depends: tor (>= ${source:Version}), ${misc:Depends} +Replaces: tor (<< 0.2.4.8) +Breaks: tor (<< 0.2.4.8) +Description: GeoIP database for Tor + This package provides a GeoIP database for Tor, i.e. it maps IPv4 addresses + to countries. + . + Bridge relays (special Tor relays that aren't listed in the main Tor + directory) use this information to report which countries they see + connections from. These statistics enable the Tor network operators to + learn when certain countries start blocking access to bridges. + . + Clients can also use this to learn what country each relay is in, so + Tor controllers like arm or Vidalia can use it, or if they want to + configure path selection preferences. --- tor-0.3.3.8.orig/debian/copyright +++ tor-0.3.3.8/debian/copyright @@ -0,0 +1,227 @@ +This package was debianized by Peter Palfrader on +Sat, 10 Jan 2004 11:20:06 +0100. + +It was downloaded from https://www.torproject.org/ + +Upstream Author: The Tor Project - https://www.torproject.org/ + +Copyright (c) 2001 Matej Pfajfar +Copyright (c) 2001-2004, Roger Dingledine +Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson +Copyright (c) 2007-2013, The Tor Project, Inc. +strlcat, strlcpy: Copyright (c) 1998 Todd C. Miller +ht.h: Copyright (c) 2002, Christopher Clark, 2006 Nick Mathewson +OpenBSD_malloc_Linux.c: phk@FreeBSD.ORG +OpenBSD queue.h: Copyright (c) 1991, 1993 The Regents of the University of California. +Curve25519: Copyright (c) 2008 Google Inc. +Modifications for Debian: Copyright (c) 2004-2013 Peter Palfrader + +Tor is distributed under this license: +=============================================================================== +Copyright (c) 2001-2004, Roger Dingledine +Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson +Copyright (c) 2007-2008, The Tor Project, Inc. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +=============================================================================== +strlcat and strlcpy by Todd C. Miller are licensed under the following license: + + * Copyright (c) 1998 Todd C. Miller + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +=============================================================================== +ht.h by Nick Mathewson is licensed as follows: +/* + * Copyright 2005, Nick Mathewson. Implementation logic is adapted from code + * by Cristopher Clark, retrofit to allow drop-in memory management, and to + * use the same interface as Niels Provos's HT_H. I'm not sure whether this + * is a derived work any more, but whether it is or not, the license below + * applies. + * + * Copyright (c) 2002, Christopher Clark + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * * Neither the name of the original author; nor the names of any contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER + * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +=============================================================================== +OpenBSD_malloc_Linux.c: + * "THE BEER-WARE LICENSE" (Revision 42): + * wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp +=============================================================================== +OpenBSD queue.h: +/* + * Copyright (c) 1991, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +=============================================================================== +src/ext/curve25519_donna/: +/* Copyright 2008, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * curve25519-donna: Curve25519 elliptic curve, public key function + * + * http://code.google.com/p/curve25519-donna/ + * + * Adam Langley + * + * Derived from public domain C code by Daniel J. Bernstein + * + * More information about curve25519 can be found here + * http://cr.yp.to/ecdh.html + * + * djb's sample implementation of curve25519 is written in a special assembly + * language called qhasm and uses the floating point registers. + * + * This is, almost, a clean room reimplementation from the curve25519 paper. It + * uses many of the tricks described therein. Only the crecip function is taken + * from the sample implementation. + */ +/* Copyright 2008, Google Inc. + * All rights reserved. + * + * Code released into the public domain. + * + * curve25519-donna: Curve25519 elliptic curve, public key function + * + * http://code.google.com/p/curve25519-donna/ + * + * Adam Langley + * + * Derived from public domain C code by Daniel J. Bernstein + * + * More information about curve25519 can be found here + * http://cr.yp.to/ecdh.html + * + * djb's sample implementation of curve25519 is written in a special assembly + * language called qhasm and uses the floating point registers. + * + * This is, almost, a clean room reimplementation from the curve25519 paper. It + * uses many of the tricks described therein. Only the crecip function is taken + * from the sample implementation. + */ --- tor-0.3.3.8.orig/debian/micro-revision.i +++ tor-0.3.3.8/debian/micro-revision.i @@ -0,0 +1 @@ +"b223c266a605f9bc" --- tor-0.3.3.8.orig/debian/misc/README +++ tor-0.3.3.8/debian/misc/README @@ -0,0 +1,5 @@ +These scripts are used by weasel and infrastructure while releasing Tor +Debian packages. They might not be useful to other people directly. At +least not yet. Patches welcome. + +-- weasel, August 2017 --- tor-0.3.3.8.orig/debian/misc/backport +++ tor-0.3.3.8/debian/misc/backport @@ -0,0 +1,138 @@ +#!/bin/bash + +# Add a "backport" debian changelog entry with the right version + +# Copyright 2011,2013,2014,2015,2016,2017 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +set -u +set -e + +get_bp_info() { + local target="$1"; shift + local key="$1"; shift + + local result=$(awk '$1 == "'"$target"'" {print}' << 'EOF' +#arg versiontag #tilde changelogdist +lenny d50.lenny 1 +squeeze d60.squeeze 1 +wheezy d70.wheezy 1 +jessie d80.jessie 1 +stretch d90.stretch 1 +buster d99.buster 1 + +lenny-bpo bpo50 1 lenny-backports +squeeze-bpo bpo60 1 squeeze-backports +wheezy-bpo bpo70 1 wheezy-backports +jessie-bpo bpo80 1 jessie-backports +stretch-bpo bpo90 1 stretch-backports +buster-bpo bpo99 1 buster-backports + +dapper dapper 1 +edgy edgy 1 +feisty feisty 1 +gutsy gutsy 1 +hardy hardy 1 +intrepid intrepid 1 +jaunty jaunty 1 +karmic karmic 1 +lucid lucid 1 +maverick maverick 1 +natty natty 1 +oneiric oneiric 1 +precise precise 1 +quantal quantal 1 +raring raring 1 +saucy saucy 1 +trusty trusty 1 +utopic utopic 1 +vivid vivid 1 +wily wily 1 +xenial xenial 1 +yakkety yakkety 1 +zesty zesty 1 +artful artful 1 +bionic bionic 1 +cosmic cosmic 1 +EOF +) + if [ -z "$result" ] ; then + echo >&2 "Do not now about target '$target'." + exit 1 + fi + set "nothing" $result + shift + if [ "$#" != "3" ] && [ "$#" != "4" ]; then + echo >&2 "Bad result line for '$target': '$result'." + exit 1 + fi + shift + case "$key" in + versiontag) echo "$1" ;; + tilde) echo "$2" ;; + changelogdist) echo "${3:-}" ;; + *) + echo >&2 "Invalid key '$key'" + exit 1 + esac + return 0 +} + +if [ "$#" != "1" ]; then + echo >&2 "Usage: $0 " + exit 1 +fi + +target="$1" + +versiontag=$(get_bp_info "$target" versiontag) +tildenum=$(get_bp_info "$target" tilde) +tildes="" +while [ "$tildenum" -gt 0 ]; do + tildes="$tildes~" + tildenum=$((tildenum-1)) +done +cldist=$(get_bp_info "$target" changelogdist) + + +currentdist=$(dpkg-parsechangelog | grep-dctrl -n -s Distribution '') +if [ -z "$currentdist" ]; then + echo >&2 "Cannot figure out current distribution" + exit 1 +fi +currentver=$(dpkg-parsechangelog | grep-dctrl -n -s Version '') +#currentupstream="${currentver%-*}" +#currentdebian="${currentver##*-}" +newver="$currentver$tildes$versiontag+1" +if [ -z "$cldist" ]; then + if [ "$currentdist" = "experimental" ]; then + cldist="experimental-$target-backport" + elif [ "$currentdist" = "unstable" ]; then + cldist="$target-backport" + else + cldist="$currentdist-$target" + fi +fi + +dch \ + --newversion "$newver" --allow-lower-version . \ + --distribution "$cldist" --force-distribution \ + "Build for $cldist." --- tor-0.3.3.8.orig/debian/misc/build-tor-sources +++ tor-0.3.3.8/debian/misc/build-tor-sources @@ -0,0 +1,436 @@ +#!/bin/bash + +# helper script to build tor debian releases. +# +# Usage: [GITDIR=.../tor] $0 [debian-revision] +# +# Given a Tor git tree and an orig.tar.gz, builds a tor source package +# and backport source packages for many Debian and Ubuntu suites. +# +# This script is used both manually by the maintainer, e.g. when preparing +# uploads to security.d.o, as well as the Tor jenkins instance when building +# release builds. As of 2017, the latter only uses the backport_all function +# from this script. + +# Copyright 2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +assert_files_dont_exist () { + local pkg="$1"; shift + local debian_version="$1"; + if [ -z "$debian_version" ]; then + echo "assert_files_dont_exist called without debian_version" >&2 + exit 1; + fi + + if [ -e "${pkg}_$debian_version.diff.gz" ] ; then + echo "${pkg}_$debian_version.diff.gz already exists" >&2 + exit 1; + fi + if [ -e "${pkg}_$debian_version.dsc" ] ; then + echo "${pkg}_$debian_version.dsc already exists" >&2 + exit 1; + fi + if [ -e "${pkg}_$debian_version""_amd64.deb" ] ; then + echo "${pkg}_$debian_version""_amd64.deb already exists" >&2 + exit 1; + fi + if [ -e "${pkg}_$debian_version""_amd64.changes" ] ; then + echo "${pkg}_$debian_version""_amd64.changes already exists" >&2 + exit 1; + fi +} + +get_debian_version() { + local dir="$1"; shift + local which="${1:-}"; shift + + if [ -z "$which" ]; then + ( cd $dir && dpkg-parsechangelog | grep-dctrl -n -s Version '' ) + else + local v=$(get_debian_version $dir) + case "$which" in + upstream) echo "${v%-*}" ;; + debrev) echo "${v##*-}" ;; + *) + echo >&2 "Unknown key '$which' in get_debian_version" + exit 1 + esac + fi +} + +# remove_completely ... 0 replace hardening-includes with hardening-wrapper +# 1 get rid entirely +hardening_backport() { + local remove_completely="$1" + + sed -i -e '/^Build-Depends/ s/, *hardening-includes//' debian/control + if [ "$remove_completely" = 0 ]; then + sed -i -e '/^Build-Depends/ s/$/, hardening-wrapper/' debian/control + fi + + if [ "$remove_completely" = 0 ]; then + sed -i -e 's#include /usr/share/hardening-includes/hardening.make#export DEB_BUILD_HARDENING=1#' debian/rules + sed -i -e '/export DEB_BUILD_HARDENING=1/ a export DEB_BUILD_HARDENING_DEBUG=1' debian/rules + else + sed -i -e 's#include /usr/share/hardening-includes/hardening.make##' debian/rules + fi + + if [ "$remove_completely" = 0 ]; then + dch --append "Replace hardening-includes use with hardening-wrapper." + else + dch --append "Completely remove hardening-includes use." + fi +} + +remove_libseccomp() { + if grep -q libseccomp-dev debian/control; then + sed -i -e '/^Build-Depends/ s/, *libseccomp-dev\( *\[[^]]*\]\)\?//' debian/control + dch --append "Remove libseccomp-dev build dependency for backport." + fi +} + +remove_libzstd() { + if grep -q libzstd-dev debian/control; then + sed -i -e '/^Build-Depends/ s/, *libzstd-dev\( *\[[^]]*\]\)\?//' debian/control + dch --append "Remove libzstd-dev build dependency for backport." + fi +} + +remove_systemd() { + if grep -q dh-systemd debian/control; then + sed -i -e '/^Build-Depends/ s/, *dh-systemd\( *\[[^]]*\]\)\?//' debian/control + dch --append "Remove dh-systemd build dependency for backport." + fi + if grep -q -- "--with systemd" debian/rules; then + sed -i -e '/--with systemd/ d' debian/rules + dch --append "Remove --with systemd from debian/rules" + fi + if grep -q libsystemd-dev debian/control; then + sed -i -e '/^Build-Depends/ s/, *libsystemd-dev\( *\[[^]]*\]\)\?//' debian/control + dch --append "Remove libsystemd-dev build dependency for backport." + fi + if grep -q pkg-config debian/control; then + sed -i -e '/^Build-Depends/ s/, *pkg-config\( *\[[^]]*\]\)\?//' debian/control + dch --append "Remove pkg-configu build dependency for backport." + fi + if grep -q -- "--enable-systemd" debian/rules; then + sed -i -e '/--enable-systemd/ d' debian/rules + dch --append "Remove --enable-systemd from debian/rules" + fi + if grep -q -- "^debian/tor\.service[[:space:]]" debian/tor.install; then + sed -i -e '/^debian\/tor\.service[[:space:]]/ d' debian/tor.install + dch --append "Remove debian/tor.service from debian/tor.install" + fi + if [ -e debian/tor.service ]; then + rm -f debian/tor.service + dch --append "Remove debian/tor.service" + fi + if grep -q -- "^debian/systemd/" debian/tor.install; then + sed -i -e '/^debian\/systemd\// d' debian/tor.install + dch --append "Remove debian/systemd/* from debian/tor.install" + fi + if grep -q -- "chmod +x debian/systemd/tor-generator" debian/rules; then + sed -i -e '/chmod +x debian\/systemd\/tor-generator/ d' debian/rules + dch --append "Remove chmod +x debian/systemd/tor-generator from debian/rules" + fi + if [ -e debian/systemd ]; then + rm -fr debian/systemd + dch --append "Remove debian/systemd" + fi + if grep -q -- "^debian/tor-instance-create" debian/tor.install; then + sed -i -e '/^debian\/tor-instance-create/ d' debian/tor.install + dch --append "Remove debian/tor-instance-create from debian/tor.install" + fi + if grep -q -- "^debian/tor-instance-create.8" debian/tor.manpages; then + sed -i -e '/^debian\/tor-instance-create.8/ d' debian/tor.manpages + dch --append "Remove debian/tor-instance-create.8 from debian/tor.manpages" + fi +} + +old_debug_pkg() { + patch debian/rules << EOF +diff --git a/debian/rules b/debian/rules +index 6950e6d3c..af002ae52 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -70,7 +70,10 @@ override_dh_install-arch: + cp debian/tor.apparmor-profile.abstraction debian/tor/etc/apparmor.d/abstractions/tor + dh_apparmor --profile-name=system_tor -ptor + ++override_dh_installdocs: ++ dh_installdocs -ptor-dbg --link-doc=tor ++ dh_installdocs + override_dh_strip: +- dh_strip --dbgsym-migration='tor-dbg (<< 0.3.1.5-alpha)' ++ dh_strip --dbg-package=tor-dbg + override_dh_installinit: + dh_installinit --error-handler=tor_error_init +EOF + cat >> debian/control << 'EOF' + +Package: tor-dbg +Architecture: any +Depends: tor (= ${binary:Version}), ${misc:Depends} +Suggests: gdb +Priority: extra +Section: debug +Description: debugging symbols for Tor + This package provides the debugging symbols for Tor, The Onion Router. + Those symbols allow your debugger to assign names to your backtraces, which + makes it somewhat easier to interpret core dumps. +EOF + + dch --append "Restore building of tor-dbg." + sed -i -e '/^Build-Depends/ s/debhelper [^,]*, */debhelper (>= 9), /' debian/control + dch --append "Downgrade debhelper build dependency to just >= 9." +} + + + +bp1() { + local pkg="$1"; shift + local dir="$1"; shift + local sid_debian_version="$1"; shift + local dist="$1"; shift + + dpkg-source -x ${pkg}_$sid_debian_version.dsc + (cd $dir; backport $dist) +} +bp2() { + local pkg="$1"; shift + local dir="$1"; shift + local origtar="$1"; shift + + local debian_version=$(get_debian_version $dir) + assert_files_dont_exist $pkg $debian_version + dpkg-source -b $dir $origtar + rm -r $dir +} + +backport_all() { + local pkg="$1"; shift + local dir="$1"; shift + local origtar="$1"; shift + local sid_debian_version="$1"; shift + + # sid + ################################################# + # null + + # stretch + ################################################# + bp1 $pkg $dir $sid_debian_version stretch + bp2 $pkg $dir $origtar + + # buster + ################################################# + bp1 $pkg $dir $sid_debian_version buster + bp2 $pkg $dir $origtar + + # jessie + ################################################# + bp1 $pkg $dir $sid_debian_version jessie + (cd $dir; remove_libzstd) + (cd $dir; old_debug_pkg) + bp2 $pkg $dir $origtar + + # wheezy + ################################################# + bp1 $pkg $dir $sid_debian_version wheezy + (cd $dir; remove_libzstd) + (cd $dir; remove_libseccomp) + (cd $dir; remove_systemd) + (cd $dir; old_debug_pkg) + bp2 $pkg $dir $origtar + + + # trusty (EOL: April 2019) + ################################################# + bp1 $pkg $dir $sid_debian_version trusty + (cd $dir; remove_libzstd) + (cd $dir; remove_systemd) + (cd $dir; old_debug_pkg) + bp2 $pkg $dir $origtar + + # xenial (EOL: Apr 2021) + ################################################# + bp1 $pkg $dir $sid_debian_version xenial + bp2 $pkg $dir $origtar + + # zesty (EOL: Jan 2018) + ################################################# + bp1 $pkg $dir $sid_debian_version zesty + bp2 $pkg $dir $origtar + + # artful (EOL: Jul 2018) + ################################################# + bp1 $pkg $dir $sid_debian_version artful + bp2 $pkg $dir $origtar + + # bionic (EOL: Apr 2023) + ################################################# + bp1 $pkg $dir $sid_debian_version bionic + bp2 $pkg $dir $origtar + + # cosmic (EOL: Jul 2019) + ################################################# + bp1 $pkg $dir $sid_debian_version cosmic + bp2 $pkg $dir $origtar + + ################################################# + ## BPO + ################################################# + + #if [ "${DO_BPO:-}" = 1 ]; then + # # SQUEEZE-BPO + # ################################################# + # bp1 $pkg $dir $sid_debian_version squeeze-bpo + # (cd $dir; remove_libseccomp) + # (cd $dir; remove_systemd) + # bp2 $pkg $dir $origtar + # + # mkdir bpo + # mv *'~bpo'* bpo/ + #fi +} + +main() { + local origtar="$1"; shift + local deb_revision="$1"; shift + local gitdir="$1"; shift + local pkg="$1"; shift + + [ -d local-build ] || mkdir local-build + + if [ -z "$origtar" ] ; then + echo "Usage: $0 [debian-revision]" >&2 + exit 1; + fi + + + if [ ! -e "$origtar" ] ; then + echo "$origtar does not exist." >&2 + exit 1; + fi + + if [ "${origtar#${pkg}-}" != $origtar ]; then + ver="$origtar" + ver=${ver#${pkg}-} + ver=${ver%.tar.gz} + neworig="${pkg}_$ver.orig.tar.gz" + if ! [ -e "$neworig" ]; then + ln -v "$origtar" "$neworig" + fi + echo "Using $neworig instead of $origtar" + origtar="$neworig" + fi + + local dir + local dir_version + dir=`tar tzf $origtar 2>/dev/null | head -n1` + dir="${dir%%/}" + dir_version="${dir##${pkg}-}" + if [ -e "$dir" ] ; then + echo "$dir already exists." >&2 + exit 1; + fi + tar xzf $origtar + git clone -n -s "$gitdir" git-"$dir" + local tag="debian-${pkg}-$dir_version-${deb_revision//\~/_}" + (cd "git-$dir" && git checkout $tag) + if diff -qr "git-$dir" "$dir" --exclude .git | grep -v '^Only in ' | grep --color .; then + echo "Differenced detected." + exit 1 + fi + (cd "git-$dir" && echo "\"`git rev-parse --short=16 "$tag"`\"" > "debian/micro-revision.i") + cp -av "git-$dir/debian" "$dir" + rm -rf "git-$dir" + + + debian_upstream_version=$(get_debian_version $dir upstream) + if [ "$origtar" != "${pkg}_$debian_upstream_version.orig.tar.gz" ] ; then + echo "possible mismatch: $origtar but $debian_upstream_version in debian/changelog" >&2 + exit 1; + fi + + debian_version=$(get_debian_version $dir) + sid_debian_version="$debian_version" + assert_files_dont_exist $pkg $debian_version + dpkg-source -b $dir $origtar + rm -r $dir + + + + # local + ################################################# + cd local-build + dpkg-source -x ../${pkg}_$debian_version.dsc + cd ${pkg}-$debian_upstream_version + debuild -j8 -rfakeroot -uc -us + cd ../.. + + + [ "$DO_BACKPORTS" -gt 0 ] && backport_all "$pkg" "$dir" "$origtar" "$sid_debian_version" + + echo + echo "All done" +} + +usage() { + cat << EOF +Usage: $0 [-B] +EOF +} + +# this is hardcoded to weasel's directory layout. sorry. +case "$(basename $0)" in + build-tor-sources) + DO_BACKPORTS=1 + while getopts "hB" option; do + case "$option" in + h) + usage + exit + ;; + B) + DO_BACKPORTS=0 + ;; + *) + usage >&2 + exit 1 + ;; + esac + done + shift $(($OPTIND - 1)) + + set -e + set -x + GITDIR="${GITDIR:-$HOME/projects/tor/tor}" + if ! [ -e "$GITDIR/.git" ] ; then + echo >&2 "\$GITDIR does not exist or does not have a .git. It needs to point to the tor git repository." + exit 1 + fi + PKG="tor" + DO_BPO=1 + main "${1:-}" ${2:-1} $GITDIR $PKG + ;; +esac --- tor-0.3.3.8.orig/debian/misc/new-tor-release +++ tor-0.3.3.8/debian/misc/new-tor-release @@ -0,0 +1,190 @@ +#!/bin/bash + +# helper script to prepare a tor debian release. +# This is currently assuming weasel's directory structure. Feel free to send patches. + +# Usage: new-tor [] +# full version example:: 0.2.8.4-alpha-2 +# +# This script verifies the downloaded tarball and upstream git release tag (or +# rather, it runs gpg on it and prompts the user). It then adds the tarball and +# signature to the pristine tar git branch (if not there already), signs the debian +# git revision (if not done already), and pushes to the git repo. +# Then it tells the user to trigger jenkins and do the rest of the release +# procedure manually. + +# Copyright 2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + +set -e +set -u + +TORGIT="$HOME/projects/tor/tor" +TORDEBBASE="$HOME/projects/debian/debian/tor" + +cd "$TORGIT" +if [ -n "$(git status --porcelain)" ]; then + echo "git status reports differences, aborting." >&2 + git status >&2 + exit 1 +fi + + +############################# +# learn about the version +echo -n "Tor version: " +if [ -n "${1:-}" ]; then echo "$1"; version="$1"; shift; else read version; fi +debv=${version##*-} +upv=${version%-*} +if [ "$upv-$debv" != "$version" ] ;then + echo >&2 "Cannot parse version $version" + exit 1 +fi + +tail=${version#*.*.*.} +tree=${version%.$tail} +if [ "$tree.$tail" != "$version" ]; then + echo >&2 "Cannot parse version $version" + exit 1 +fi + +chlogversion=$(dpkg-parsechangelog | grep-dctrl -sVersion -n .) +if [ "$chlogversion" != "$upv-$debv" ]; then + echo >&2 "Version mismatch: $chlogversion vs. $upv-$debv." + exit 1 +fi + +############################# +tordebdir="$TORDEBBASE/$tree.X/$version" +if ! [ -d "$tordebdir" ]; then + echo >&2 "tordebdir $tordebdir does not exist" + exit 1 +fi + +# verify upstream tarball +tarball="$tordebdir/tor-$upv.tar.gz" +gpg --verify "$tarball.asc" +echo "Continue? [y/N]"; read ans; [ "$ans" = "y" ] || exit 1 + +# verify git tag +tag="tor-$upv" +cd "$TORGIT" +git tag -v "$tag" +echo "Continue? [y/N]"; read ans; [ "$ans" = "y" ] || exit 1 + +############################# +# Adding upstream tarball +# get current branch +current_branch=$(git rev-parse --abbrev-ref HEAD) +tar=$(basename $tarball) +git co pristine-tar +if [ -e "$tar.id" ]; then + echo >&1 "Tarball already committed." +else + pristine-tar commit "$tarball" "$tag" +fi + +git co pristine-tar-signatures +if [ -e "$tar.asc" ]; then + echo >&1 "Tarball signature already committed." +else + cp "$tarball.asc" . + git add "$tar.asc" + git ci -m "Add $tar.asc" "$tar.asc" +fi +git push +git co "$current_branch" + +debtag="debian-tor-$chlogversion" +if ! git tag -v "$debtag"; then + echo >&2 + echo >&2 "Debian version not yet tagged." + echo >&2 "Run" + echo >&2 " git tag -s $debtag -m 'tag $debtag'" + exit 1 +fi +git push --tags + +echo "All done, for now." +echo "Do the rest manually" + + +### +cat > /dev/null << 'EOF' +rsync -Pravz rouyi.torproject.org:/var/lib/jenkins/jobs/tor-debian-release-binaries/configurations/axis-ARCHITECTURE/\*/axis-SUITE/\*/builds/20/archive/RESULT/\* . + + +#echo -n "Tor version: " +#if [ -n "${1:-}" ]; then echo "$1"; version="$1"; shift; else read version; fi +version=$(basename $(pwd)) && +debv=${version##*-} && +upv=${version%-*} && +echo "Version is $version, upstream is $upv, debian revision $debv" + +#echo -n "previos Tor version: " +#if [ -n "${1:-}" ]; then echo "$1"; prevversion="$1"; shift; else read prevversion; fi +read prevversion + + +zinterdiff -p1 "../$prevversion/tor_$prevversion.diff.gz" "tor_$version.diff.gz" +debdiff --controlfiles=ALL "../$prevversion/tor-geoipdb_${prevversion}_all.deb" "tor-geoipdb_${version}_all.deb" + +#cp tor-${upv}.tar.gz.asc tor_${upv}.orig.tar.gz.asc +cp tor_${version}_src.changes tor_${version}_weasel.changes +###changestool tor_${version}_weasel.changes addrawfile tor_${upv}.orig.tar.gz.asc +#changestool tor_${version}_weasel.changes adddeb tor-geoipdb_${version}_all.deb +cat tor_${version}_weasel.changes + +#[ -e "tor_${version}.dsc.orig" ] || cp -v tor_${version}.dsc tor_${version}.dsc.orig +#cat "tor_${version}.dsc.orig" | while IFS='' read l; do +# echo "$l" +# case "$l" in +# Files:) +# grep "$(md5sum tor_${upv}.orig.tar.gz.asc | awk '{print $1}')" tor_${version}_weasel.changes | sed -e s'/- - //' ;; +# Checksums-Sha1:) +# grep "$(sha1sum tor_${upv}.orig.tar.gz.asc | awk '{print $1}')" tor_${version}_weasel.changes ;; +# Checksums-Sha256:) +# grep "$(sha256sum tor_${upv}.orig.tar.gz.asc | awk '{print $1}')" tor_${version}_weasel.changes ;; +# Checksums-Sha512:) +# grep "$(sha512sum tor_${upv}.orig.tar.gz.asc | awk '{print $1}')" tor_${version}_weasel.changes ;; +# esac +#done > "tor_${version}.dsc" +#changestool tor_${version}_weasel.changes updatechecksums + +gpg --verify tor-${upv}.tar.gz.asc +#gpg --verify tor_${upv}.orig.tar.gz.asc +grep "$(md5sum tor-${upv}.tar.gz | awk '{print $1}')" tor_${version}_weasel.changes +grep "$(sha1sum tor-${upv}.tar.gz | awk '{print $1}')" tor_${version}_weasel.changes +grep "$(sha256sum tor-${upv}.tar.gz | awk '{print $1}')" tor_${version}_weasel.changes + +debsign tor_${version}_weasel.changes +dput tor_${version}_weasel.changes + +# promote proposed-updates to release on palmeri +## for i in `list-suites | grep proposed-updates | grep tor-experimental`; do echo " " reprepro -b /srv/deb.torproject.org/reprepro copysrc ${i#proposed-updates/} $i tor; done +## for i in `list-suites | grep proposed-updates | grep -v tor-experimental`; do echo " " reprepro -b /srv/deb.torproject.org/reprepro copysrc ${i#proposed-updates/} $i tor; done +## static-update-component deb.torproject.org + + +# build arm binaries +## : palmeri && needs-build +EOF --- tor-0.3.3.8.orig/debian/patches/improve-geoip-warning +++ tor-0.3.3.8/debian/patches/improve-geoip-warning @@ -0,0 +1,12 @@ +--- a/src/or/geoip.c ++++ b/src/or/geoip.c +@@ -301,7 +301,8 @@ + tor_assert(family == AF_INET || family == AF_INET6); + + if (!(f = tor_fopen_cloexec(filename, "r"))) { +- log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s", ++ log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s" ++ " Do you have the tor-geoipdb package installed?", + filename, msg); + return -1; + } --- tor-0.3.3.8.orig/debian/patches/series +++ tor-0.3.3.8/debian/patches/series @@ -0,0 +1 @@ +improve-geoip-warning --- tor-0.3.3.8.orig/debian/rules +++ tor-0.3.3.8/debian/rules @@ -0,0 +1,77 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +DH_VERBOSE ?= 1 + +DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) + +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +# allow building against libdmalloc4 - it better be installed +ifneq (,$(findstring with-dmalloc,$(DEB_BUILD_OPTIONS))) + confflags += --with-dmalloc +endif +# allow building with --enable-openbsd-malloc +ifneq (,$(findstring enable-openbsd-malloc,$(DEB_BUILD_OPTIONS))) + confflags += --enable-openbsd-malloc +endif + +ifeq ($(DEB_HOST_ARCH_OS),linux) + dhoptions += --with systemd + confflags += --enable-systemd +endif + +%: + dh \ + $@ \ + --with quilt \ + --with autoreconf \ + $(dhoptions) \ + --builddirectory=build \ + --parallel + +override_dh_auto_configure: + ! [ -e debian/micro-revision.i ] || cp debian/micro-revision.i src/or/micro-revision.i + dh_auto_configure -- \ + $(confflags) \ + --prefix=/usr \ + --mandir=\$${prefix}/share/man \ + --infodir=\$${prefix}/share/info \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --disable-silent-rules \ + --enable-gcc-warnings-advisory + +override_dh_clean: + ! [ -e debian/micro-revision.i ] || rm -f src/or/micro-revision.i + + # Normally the .deb wouldn't ship with a ../.git, but if we do, include the revision number + if [ -d .git ] && which git >/dev/null; then \ + echo "\"`git rev-parse --short=16 HEAD`\"" > "debian/micro-revision.i" ; \ + fi + + # these get autobuilt from the .txt files, some of which we also patch + rm -vf doc/*.in + rm -f debian/tor-instance-create.8 + + dh_clean + +override_dh_auto_build: + dh_auto_build + a2x -f manpage debian/tor-instance-create.8.txt + chmod +x debian/systemd/tor-generator + +override_dh_install-arch: + dh_install --fail-missing + + rm debian/tor/etc/tor/torrc.sample + cp build/src/config/torrc.minimal debian/tor/etc/tor/torrc + + cp debian/tor.apparmor-profile debian/tor/etc/apparmor.d/system_tor + cp debian/tor.apparmor-profile.abstraction debian/tor/etc/apparmor.d/abstractions/tor + dh_apparmor --profile-name=system_tor -ptor + +override_dh_strip: + dh_strip --dbgsym-migration='tor-dbg (<< 0.3.1.5-alpha)' +override_dh_installinit: + dh_installinit --error-handler=tor_error_init --- tor-0.3.3.8.orig/debian/source.lintian-overrides +++ tor-0.3.3.8/debian/source.lintian-overrides @@ -0,0 +1 @@ +tor source: rc-version-greater-than-expected-version --- tor-0.3.3.8.orig/debian/systemd/tor-generator +++ tor-0.3.3.8/debian/systemd/tor-generator @@ -0,0 +1,31 @@ +#!/bin/sh + +# systemd generator to create dependency symlink to start +# all tor instances from /etc/tor/instances/ + +set -eu + +if [ $# -lt 1 ]; then + echo >&2 "Usage: $0 [...]" + exit 1 +fi + +GENDIR="$1" +WANTDIR="$1/tor.service.wants" +SERVICEFILE="/lib/systemd/system/tor@.service" +DEFAULTTOR="/lib/systemd/system/tor@default.service" +BASEETC="/etc/tor/instances" + +mkdir -p "$WANTDIR" + +[ -e "/etc/tor/torrc" ] && ln -s "$DEFAULTTOR" "$WANTDIR/" +for name in $( find "$BASEETC" -mindepth 1 -maxdepth 1 -type d -printf '%f\n' ); do + if echo "x$name" | grep -q '[^a-zA-Z0-9]' || + [ "$name" = "default" ] ; then + continue + fi + [ -e "$BASEETC/$name/torrc" ] && ln -s "$SERVICEFILE" "$WANTDIR/tor@$name.service" +done + +exit 0 + --- tor-0.3.3.8.orig/debian/systemd/tor.service +++ tor-0.3.3.8/debian/systemd/tor.service @@ -0,0 +1,15 @@ +# This service is actually a systemd target, +# but we are using a service since targets cannot be reloaded. + +[Unit] +Description=Anonymizing overlay network for TCP (multi-instance-master) + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/true +ExecReload=/bin/true + +[Install] +WantedBy=multi-user.target + --- tor-0.3.3.8.orig/debian/systemd/tor@.service +++ tor-0.3.3.8/debian/systemd/tor@.service @@ -0,0 +1,37 @@ +[Unit] +Description=Anonymizing overlay network for TCP (instance %i) +After=network.target nss-lookup.target +PartOf=tor.service +ReloadPropagatedFrom=tor.service + +[Service] +Type=notify +NotifyAccess=all +PIDFile=/var/run/tor-instances/%i/tor.pid +PermissionsStartOnly=yes +ExecStartPre=/usr/bin/install -Z -m 02755 -o _tor-%i -g _tor-%i -d /var/run/tor-instances/%i +ExecStartPre=/bin/sed -e 's/@@NAME@@/%i/g; w /var/run/tor-instances/%i.defaults' /usr/share/tor/tor-service-defaults-torrc-instances +ExecStartPre=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc --verify-config +ExecStart=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutStartSec=300 +TimeoutStopSec=60 +Restart=on-failure +LimitNOFILE=65536 + +# Hardening +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +# We would really like to restrict the next item to [..]/%i but we can't, +# as systemd does not support that yet. See also #781730. +ReadWriteDirectories=-/var/lib/tor-instances +ReadWriteDirectories=-/var/run +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH + +[Install] +WantedBy=multi-user.target --- tor-0.3.3.8.orig/debian/systemd/tor@default.service +++ tor-0.3.3.8/debian/systemd/tor@default.service @@ -0,0 +1,34 @@ +[Unit] +Description=Anonymizing overlay network for TCP +After=network.target nss-lookup.target +PartOf=tor.service +ReloadPropagatedFrom=tor.service + +[Service] +Type=notify +NotifyAccess=all +PIDFile=/var/run/tor/tor.pid +PermissionsStartOnly=yes +ExecStartPre=/usr/bin/install -Z -m 02755 -o debian-tor -g debian-tor -d /var/run/tor +ExecStartPre=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 --verify-config +ExecStart=/usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0 +ExecReload=/bin/kill -HUP ${MAINPID} +KillSignal=SIGINT +TimeoutStartSec=300 +TimeoutStopSec=60 +Restart=on-failure +LimitNOFILE=65536 + +# Hardening +AppArmorProfile=-system_tor +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +ProtectHome=yes +ProtectSystem=full +ReadOnlyDirectories=/ +ReadWriteDirectories=-/proc +ReadWriteDirectories=-/var/lib/tor +ReadWriteDirectories=-/var/log/tor +ReadWriteDirectories=-/var/run +CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH --- tor-0.3.3.8.orig/debian/tor-geoipdb.copyright +++ tor-0.3.3.8/debian/tor-geoipdb.copyright @@ -0,0 +1,35 @@ +This geo-ip database was downloaded as part of the Tor distribution +from . + + +It is the IP-to-Country Database provided by WebHosting.Info +(http://www.webhosting.info), available from +http://ip-to-country.webhosting.info. + + +Copyright (c) 2003 Direct Information Pvt. Ltd. All Rights Reserved. + +All usage, reproduction, modification and derivative works created from, and +distribution and publication of the IP-to-Country Database and your derivative +works thereof must keep intact all copyright notices and give credit by +displaying the following acknowledgment by replacing 'work' with one of the +following: script, product, page, service or application: + +"This 'work' uses the IP-to-Country Database + provided by WebHosting.Info (http://www.webhosting.info), + available from http://ip-to-country.webhosting.info." + +BECAUSE THE DATABASE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE +DATABASE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE +STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE +DATABASE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTIES REGARDING THE CONTENTS OR +ACCURACY OF THE WORK. + +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY +COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE +DATABASE AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR +INABILITY TO USE THE DATABASE, EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN +ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. --- tor-0.3.3.8.orig/debian/tor-geoipdb.install +++ tor-0.3.3.8/debian/tor-geoipdb.install @@ -0,0 +1,2 @@ +usr/share/tor/geoip +usr/share/tor/geoip6 --- tor-0.3.3.8.orig/debian/tor-geoipdb.lintian-overrides +++ tor-0.3.3.8/debian/tor-geoipdb.lintian-overrides @@ -0,0 +1,2 @@ +tor-geoipdb: debian-changelog-file-is-a-symlink +tor-geoipdb: rc-version-greater-than-expected-version --- tor-0.3.3.8.orig/debian/tor-instance-create +++ tor-0.3.3.8/debian/tor-instance-create @@ -0,0 +1,99 @@ +#!/bin/bash + +# Copyright (c) 2015 Peter Palfrader +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +# create an instance of a tor service + +set -e +set -u + +BASEETC="/etc/tor/instances" +BASEDATA="/var/lib/tor-instances" + +shopt -s extglob + +usage() { + echo "Usage: $0 " +} + +while getopts "h" OPTION +do + case "$OPTION" in + h) + usage + exit 0 + ;; + *) + usage >&2 + exit 1 + esac +done +shift $(($OPTIND - 1)) + +if [ "${1:-}" = "--help" ]; then + usage + exit 0 +elif [ "$#" -lt 1 ]; then + usage >&2 + exit 1 +fi + +name="$1"; shift +# XXX verify name is valid + +if echo "x$name" | grep -q '[^a-zA-Z0-9]' || + [ "$name" = "default" ] ; then + echo >&2 "Invalid name: $name." + exit 1 +fi + +etc="$BASEETC/$name" +torrc="$etc/torrc" +home="$BASEDATA/$name" +user="_tor-$name" + +adduser --quiet \ + --system \ + --disabled-password \ + --home "$home" \ + --no-create-home \ + --shell /bin/false \ + --group \ + --force-badname \ + "$user" +install -Z -d -m 02700 -o "$user" -g "$user" "$home" +install -d "$etc" + +[ -e "$torrc" ] || cat > "$torrc" << EOF +# This is the tor configuration file for tor instance $name. +# +# To start/reload/etc this instance, run "systemctl start tor@$name" (or reload, or..). +# This instance will run as user $user; its data directory is $home. +# +# Append to the list of socks interfaces configured via +# /usr/share/tor/tor-service-defaults-torrc-instances +# which is unix:/var/run/tor-instances/$name/socks + ++SocksPort auto +EOF + +[ -x /bin/systemctl ] && systemctl daemon-reload || true --- tor-0.3.3.8.orig/debian/tor-instance-create.8.txt +++ tor-0.3.3.8/debian/tor-instance-create.8.txt @@ -0,0 +1,50 @@ +:man source: Tor +:man manual: Tor Manual +tor-instance-create(8) +====================== +Peter Palfrader + +NAME +---- +tor-instance-create - Set up a new tor instance + +SYNOPSIS +-------- +**tor-instance-create** __instance_name__ + +DESCRIPTION +----------- +The Tor Debian package supports running multiple instances of the Tor +daemon. This can be useful if you want to run multiple relays or bridge +relays on a single system, of if you want to provide a hidden service in +addition to running a relay. + +**tor-instance-create** is the tool that creates a new instance of Tor +on a Debian system. In particular, it creates a new UNIX user with a +home directory and a mostly empty tor configuration file. + +The new user and group are named **_tor-**__instance_name__. The user's +home directory, which is also the DataDirectory of the new tor instance, +is **/var/lib/tor-instances/**__instance_name__. The configuration file +for that instance is **/etc/tor/instances/**__instance_name__**/torrc**. +Logs go to syslog by default. + +To start this new service, use +**systemctl start tor@**__instance_name__. Stopping, restarting, and +reloading the config works accordingly. Stopping/Starting/.. the +**tor** service should affect all instances. +The "main" instance which lives in /var/lib/tor and has /etc/tor/torrc +as its configuration file is known to systemd as **tor@default**. + +There currently is no **tor-instance-remove** script. To remove an +instance, delete the user and its homedirectory once you are convinced +there are no files or processes on your system still owned by that user. +Then also remove the corresponding directory tree in /etc/tor/instances. + +SEE ALSO +-------- +**tor**(1) + + +AUTHORS +------- + Peter Palfrader --- tor-0.3.3.8.orig/debian/tor-service-defaults-torrc +++ tor-0.3.3.8/debian/tor-service-defaults-torrc @@ -0,0 +1,15 @@ +DataDirectory /var/lib/tor +PidFile /var/run/tor/tor.pid +RunAsDaemon 1 +User debian-tor + +ControlSocket /var/run/tor/control GroupWritable RelaxDirModeCheck +ControlSocketsGroupWritable 1 +SocksPort unix:/var/run/tor/socks WorldWritable +SocksPort 9050 + +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +CookieAuthFile /var/run/tor/control.authcookie + +Log notice syslog --- tor-0.3.3.8.orig/debian/tor-service-defaults-torrc-instances +++ tor-0.3.3.8/debian/tor-service-defaults-torrc-instances @@ -0,0 +1,14 @@ +DataDirectory /var/lib/tor-instances/@@NAME@@ +PidFile /var/run/tor-instances/@@NAME@@/tor.pid +RunAsDaemon 0 +User _tor-@@NAME@@ +SyslogIdentityTag @@NAME@@ + +ControlSocket /var/run/tor-instances/@@NAME@@/control GroupWritable RelaxDirModeCheck +SocksPort unix:/var/run/tor-instances/@@NAME@@/socks WorldWritable + +CookieAuthentication 1 +CookieAuthFileGroupReadable 1 +CookieAuthFile /var/run/tor-instances/@@NAME@@/control.authcookie + +Log notice syslog --- tor-0.3.3.8.orig/debian/tor.NEWS +++ tor-0.3.3.8/debian/tor.NEWS @@ -0,0 +1,16 @@ +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * weak cryptographic keys + + It has been discovered that the random number generator in Debian's + openssl package is predictable. This is caused by an incorrect + Debian-specific change to the openssl package (CVE-2008-0166). As a + result, cryptographic key material may be guessable. + + See Debian Security Advisory number 1571 (DSA-1571) for more information: + http://lists.debian.org/debian-security-announce/2008/msg00152.html + + If you run a Tor server using this package please see + /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY + + -- Peter Palfrader Tue, 13 May 2008 12:49:05 +0200 --- tor-0.3.3.8.orig/debian/tor.apparmor-profile +++ tor-0.3.3.8/debian/tor.apparmor-profile @@ -0,0 +1,25 @@ +# vim:syntax=apparmor +#include + +profile system_tor flags=(attach_disconnected) { + #include + + owner /var/lib/tor/** rwk, + owner /var/lib/tor/ r, + owner /var/log/tor/* w, + + # During startup, tor (as root) tries to open various things such as + # directories via check_private_dir(). Let it. + /var/lib/tor/** r, + + /{,var/}run/tor/ r, + /{,var/}run/tor/control w, + /{,var/}run/tor/socks w, + /{,var/}run/tor/tor.pid w, + /{,var/}run/tor/control.authcookie w, + /{,var/}run/tor/control.authcookie.tmp rw, + /{,var/}run/systemd/notify w, + + # Site-specific additions and overrides. See local/README for details. + #include +} --- tor-0.3.3.8.orig/debian/tor.apparmor-profile.abstraction +++ tor-0.3.3.8/debian/tor.apparmor-profile.abstraction @@ -0,0 +1,30 @@ +# vim:syntax=apparmor + + #include + #include + + network tcp, + network udp, + + capability chown, + capability dac_read_search, + capability fowner, + capability fsetid, + capability setgid, + capability setuid, + + /usr/bin/tor r, + /usr/sbin/tor r, + + # Needed by obfs4proxy + /proc/sys/net/core/somaxconn r, + + /proc/sys/kernel/random/uuid r, + /sys/devices/system/cpu/ r, + /sys/devices/system/cpu/** r, + + /etc/tor/* r, + /usr/share/tor/** r, + + /usr/bin/obfsproxy PUx, + /usr/bin/obfs4proxy Pix, --- tor-0.3.3.8.orig/debian/tor.cron.weekly +++ tor-0.3.3.8/debian/tor.cron.weekly @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e +set -u + +DEFAULTSFILE=/etc/default/tor + +if [ -f $DEFAULTSFILE ] ; then + . $DEFAULTSFILE +fi + +if [ "${CLEANUP_OLD_COREFILES:-}" = "y" ] ; then + if [ -d /var/lib/tor ] ; then + find /var/lib/tor -mindepth 1 -maxdepth 1 -type f -mtime +21 -user debian-tor -regex '.*/core\(\.[0-9]+\)?' -exec rm '{}' + + fi +fi --- tor-0.3.3.8.orig/debian/tor.default +++ tor-0.3.3.8/debian/tor.default @@ -0,0 +1,75 @@ +# Defaults for tor initscript +# sourced by /etc/init.d/tor +# installed at /etc/default/tor by the maintainer scripts +# +# Note that this file is not being used for controlling Tor-startup +# when Tor is launched by systemd. +# + +# +# This is a bash shell fragment +# +RUN_DAEMON="yes" + +# +# Servers sometimes may need more than the default 1024 file descriptors +# if they are very busy and have many clients connected to them. The top +# servers as of early 2008 regularly have more than 10000 connected +# clients. +# (ulimit -n) +# +# (the default varies as it depends on the number of available system-wide file +# descriptors. See the init script in /etc/init.d/tor for details.) +# +# MAX_FILEDESCRIPTORS= + +# +# If tor is seriously hogging your CPU, taking away too much cycles from +# other system resources, then you can renice tor. See nice(1) for a +# bit more information. Another way to limit the CPU usage of an Onion +# Router is to set a lower BandwidthRate, as CPU usage is mostly a function +# of the amount of traffic flowing through your node. Consult the torrc(5) +# manual page for more information on setting BandwidthRate. +# +# NICE="--nicelevel 5" + +# Additional arguments to pass on tor's command line. +# +# ARGS="$ARGS " + +# +# Uncomment the ulimit call below, and set "DisableDebuggerAttachment 0" +# in /etc/tor/torrc, if you want tor to produce coredumps on segfaults +# and assert errors. +# +# Keeping coredumps around is some sort of security issue since they +# may leak session keys, sensitive client data and more, should such +# files fall into the wrong hands. Therefore coredumps are not enabled +# by default. +# +# ulimit -c unlimited + +# +# Config option for the weekly cron file: Whether or not to remove old +# coredumps in /var/lib/tor. Coredumps can hold sensitive data, as such +# they probably should not be kept lying around if nobody will ever look +# at them. This option makes /etc/cron.weekly/tor clean out files older +# then three weeks. +# +CLEANUP_OLD_COREFILES=y + +# +# By default the tor init script will launch Tor using apparmor iff +# /usr/sbin/aa-status exists and is executable and calling it with --enabled +# returns true, /usr/sbin/aa-exec is executable, there is a +# /etc/apparmor.d/system_tor policy, and USE_AA_EXEC is set to 'yes'. +# +# USE_AA_EXEC="yes" # default +# USE_AA_EXEC="no" + +# Let the vidalia package override some of our settings. +# People who have vidalia installed might not want to run Tor as a system +# service. The vidalia .deb can ask them that and then set run-daemon to no. +if [ -e /etc/default/tor.vidalia ] && [ -x /usr/bin/vidalia ]; then + . /etc/default/tor.vidalia +fi --- tor-0.3.3.8.orig/debian/tor.dirs +++ tor-0.3.3.8/debian/tor.dirs @@ -0,0 +1,2 @@ +etc/apparmor.d/abstractions +lib/systemd/system --- tor-0.3.3.8.orig/debian/tor.docs +++ tor-0.3.3.8/debian/tor.docs @@ -0,0 +1,3 @@ +debian/README.Debian +contrib/operator-tools/tor-exit-notice.html +build/src/config/torrc.sample --- tor-0.3.3.8.orig/debian/tor.init +++ tor-0.3.3.8/debian/tor.init @@ -0,0 +1,253 @@ +#! /bin/bash + +### BEGIN INIT INFO +# Provides: tor +# Required-Start: $local_fs $remote_fs $network $named $time +# Required-Stop: $local_fs $remote_fs $network $named $time +# Should-Start: $syslog +# Should-Stop: $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Starts The Onion Router daemon processes +# Description: Start The Onion Router, a TCP overlay +# network client that provides anonymous +# transport. +### END INIT INFO + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +. /lib/lsb/init-functions + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/bin/tor +NAME=tor +DESC="tor daemon" +TORLOGDIR=/var/log/tor +TORPIDDIR=/var/run/tor +TORPID=$TORPIDDIR/tor.pid +DEFAULTSFILE=/etc/default/$NAME +WAITFORDAEMON=60 +DEFAULT_ARGS="--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" +VERIFY_ARGS="--verify-config $DEFAULT_ARGS" +USE_AA_EXEC="yes" +ARGS="" +if [ "${VERBOSE:-}" != "yes" ]; then + ARGS="$ARGS --hush" +fi + +# Let's try to figure our some sane defaults: +if [ -r /proc/sys/fs/file-max ]; then + system_max=`cat /proc/sys/fs/file-max` + if [ "$system_max" -gt "80000" ] ; then + MAX_FILEDESCRIPTORS=32768 + elif [ "$system_max" -gt "40000" ] ; then + MAX_FILEDESCRIPTORS=16384 + elif [ "$system_max" -gt "10000" ] ; then + MAX_FILEDESCRIPTORS=8192 + else + MAX_FILEDESCRIPTORS=1024 + cat << EOF + +Warning: Your system has very few filedescriptors available in total. + +Maybe you should try raising that by adding 'fs.file-max=100000' to your +/etc/sysctl.conf file. Feel free to pick any number that you deem appropriate. +Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and +file-nr in the same directory for how many of those are used at the moment. + +EOF + fi +else + MAX_FILEDESCRIPTORS=8192 +fi + +NICE="" + +test -x $DAEMON || exit 0 + +# Include tor defaults if available +if [ -f $DEFAULTSFILE ] ; then + . $DEFAULTSFILE +fi + +wait_for_deaddaemon () { + pid=$1 + sleep 1 + if test -n "$pid" + then + if kill -0 $pid 2>/dev/null + then + cnt=0 + while kill -0 $pid 2>/dev/null + do + cnt=`expr $cnt + 1` + if [ $cnt -gt $WAITFORDAEMON ] + then + log_action_end_msg 1 "still running" + exit 1 + fi + sleep 1 + [ "`expr $cnt % 3`" != 2 ] || log_action_cont_msg "" + done + fi + fi + log_action_end_msg 0 +} + + +check_torpiddir () { + if test ! -d $TORPIDDIR; then + mkdir -m 02755 "$TORPIDDIR" + chown debian-tor:debian-tor "$TORPIDDIR" + ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" + fi + + if test ! -x $TORPIDDIR; then + log_action_end_msg 1 "cannot access $TORPIDDIR directory, are you root?" + exit 1 + fi +} + +check_torlogdir () { + if test ! -d $TORLOGDIR; then + mkdir -m 02750 "$TORLOGDIR" + chown debian-tor:adm "$TORLOGDIR" + ! [ -x /sbin/restorecon ] || /sbin/restorecon "$TORPIDDIR" + fi +} + + +check_config () { + if ! $DAEMON $VERIFY_ARGS > /dev/null; then + log_failure_msg "Checking if $NAME configuration is valid" + $DAEMON $VERIFY_ARGS >&2 + exit 1 + fi +} + + +case "$1" in + start) + if [ "$RUN_DAEMON" != "yes" ]; then + log_action_msg "Not starting $DESC (Disabled in $DEFAULTSFILE)." + exit 0 + fi + + if [ -n "$MAX_FILEDESCRIPTORS" ]; then + [ "${VERBOSE:-}" != "yes" ] || log_action_begin_msg "Raising maximum number of filedescriptors (ulimit -n) for tor to $MAX_FILEDESCRIPTORS" + if ulimit -n "$MAX_FILEDESCRIPTORS" ; then + [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 0 + else + [ "${VERBOSE:-}" != "yes" ] || log_action_end_msg 1 + fi + fi + + check_torpiddir + check_torlogdir + check_config + + log_action_begin_msg "Starting $DESC" + + if start-stop-daemon --stop --signal 0 --quiet --pidfile $TORPID --exec $DAEMON; then + log_action_end_msg 0 "already running" + else + if [ "$USE_AA_EXEC" = "yes" ] && + command -v aa-status > /dev/null && + command -v aa-exec > /dev/null && + [ -e /etc/apparmor.d/system_tor ] && \ + aa-status --enabled ; then + AA_EXEC_PATH=$(command -v aa-exec) + AA_EXEC="--startas $AA_EXEC_PATH" + AA_EXEC_ARGS="--profile=system_tor -- $DAEMON" + else + AA_EXEC="" + AA_EXEC_ARGS="" + fi + if start-stop-daemon --start --quiet \ + --pidfile $TORPID \ + $NICE \ + $AA_EXEC \ + --exec $DAEMON -- $AA_EXEC_ARGS $DEFAULT_ARGS $ARGS + then + log_action_end_msg 0 + else + log_action_end_msg 1 + exit 1 + fi + fi + ;; + stop) + log_action_begin_msg "Stopping $DESC" + pid=`cat $TORPID 2>/dev/null` || true + + if test ! -f $TORPID -o -z "$pid"; then + log_action_end_msg 0 "not running - there is no $TORPID" + exit 0 + fi + + if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then + wait_for_deaddaemon $pid + elif kill -0 $pid 2>/dev/null; then + log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" + exit 1 + else + log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" + exit 1 + fi + ;; + reload|force-reload) + check_config + + log_action_begin_msg "Reloading $DESC configuration" + pid=`cat $TORPID 2>/dev/null` || true + + if test ! -f $TORPID -o -z "$pid"; then + log_action_end_msg 1 "not running - there is no $TORPID" + exit 1 + fi + + if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON + then + log_action_end_msg 0 + elif kill -0 $pid 2>/dev/null; then + log_action_end_msg 1 "Is $pid not $NAME? Is $DAEMON a different binary now?" + exit 1 + else + log_action_end_msg 1 "$DAEMON died: process $pid not running; or permission denied" + exit 1 + fi + ;; + restart) + check_config + + $0 stop + sleep 1 + $0 start + ;; + status) + if test ! -r $(dirname $TORPID); then + log_failure_msg "cannot read PID file $TORPID" + exit 4 + fi + pid=`cat $TORPID 2>/dev/null` || true + if test ! -f $TORPID -o -z "$pid"; then + log_failure_msg "$NAME is not running" + exit 3 + fi + if ps "$pid" >/dev/null 2>&1; then + log_success_msg "$NAME is running" + exit 0 + else + log_failure_msg "$NAME is not running" + exit 1 + fi + ;; + *) + log_action_msg "Usage: $0 {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 --- tor-0.3.3.8.orig/debian/tor.install +++ tor-0.3.3.8/debian/tor.install @@ -0,0 +1,13 @@ +usr/bin +usr/share/doc +usr/share/man +etc/tor + +contrib/client-tools/torify usr/bin +debian/tor-instance-create usr/sbin +debian/tor-service-defaults-torrc usr/share/tor +debian/tor-service-defaults-torrc-instances usr/share/tor +debian/systemd/tor.service lib/systemd/system +debian/systemd/tor@.service lib/systemd/system +debian/systemd/tor@default.service lib/systemd/system +debian/systemd/tor-generator lib/systemd/system-generators --- tor-0.3.3.8.orig/debian/tor.links +++ tor-0.3.3.8/debian/tor.links @@ -0,0 +1,2 @@ +/usr/share/man/man1/tor.1 /usr/share/man/man5/torrc.5 +/usr/bin/tor /usr/sbin/tor --- tor-0.3.3.8.orig/debian/tor.lintian-overrides +++ tor-0.3.3.8/debian/tor.lintian-overrides @@ -0,0 +1 @@ +tor: rc-version-greater-than-expected-version --- tor-0.3.3.8.orig/debian/tor.logrotate +++ tor-0.3.3.8/debian/tor.logrotate @@ -0,0 +1,15 @@ +/var/log/tor/*log { + daily + rotate 5 + compress + delaycompress + missingok + notifempty + create 0640 debian-tor adm + sharedscripts + postrotate + if service tor status > /dev/null; then + service tor reload > /dev/null + fi + endscript +} --- tor-0.3.3.8.orig/debian/tor.maintscript +++ tor-0.3.3.8/debian/tor.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/tor/tor-tsocks.conf 0.2.4.12-alpha-1 tor --- tor-0.3.3.8.orig/debian/tor.manpages +++ tor-0.3.3.8/debian/tor.manpages @@ -0,0 +1 @@ +debian/tor-instance-create.8 --- tor-0.3.3.8.orig/debian/tor.postinst +++ tor-0.3.3.8/debian/tor.postinst @@ -0,0 +1,145 @@ +#!/bin/sh -e + +# checking debian-tor account + +uid=`getent passwd debian-tor | cut -d ":" -f 3` +home=`getent passwd debian-tor | cut -d ":" -f 6` + +# if there is the uid the account is there and we can do +# the sanit(ar)y checks otherwise we can safely create it. + +if [ "$uid" ]; then + if [ "$home" = "/var/lib/tor" ]; then + : + #echo "debian-tor homedir check: ok" + else + echo "ERROR: debian-tor account has an unexpected home directory!" + echo "It should be '/var/lib/tor', but it is '$home'." + echo "Removing the debian-tor user might fix this, but the question" + echo "remains how you got into this mess to begin with." + exit 1 + fi +else + adduser --quiet \ + --system \ + --disabled-password \ + --home /var/lib/tor \ + --no-create-home \ + --shell /bin/false \ + --group \ + debian-tor +fi + + +for i in lib log; do + if ! [ -d "/var/$i/tor" ]; then + echo "Something or somebody made /var/$i/tor disappear." + echo "Creating one for you again." + mkdir "/var/$i/tor" + fi +done + +which restorecon >/dev/null 2>&1 && restorecon /var/lib/tor +chown debian-tor:debian-tor /var/lib/tor +chmod 02700 /var/lib/tor + +which restorecon >/dev/null 2>&1 && restorecon /var/log/tor +chown debian-tor:adm /var/log/tor +chmod 02750 /var/log/tor + + +move_away_keys=0 + +if [ "$1" = "configure" ] && + [ -e /var/lib/tor/keys ] && + [ ! -z "$2" ]; then + if dpkg --compare-versions "$2" lt 0.1.2.19-2; then + move_away_keys=1 + elif dpkg --compare-versions "$2" gt 0.2.0 && + dpkg --compare-versions "$2" lt 0.2.0.26-rc; then + move_away_keys=1 + fi +fi +if [ "$move_away_keys" = "1" ]; then + echo "Retiring possibly compromised keys. See /usr/share/doc/tor/NEWS.Debian.gz" + echo "and /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY for" + echo "further information." + if ! [ -d /var/lib/tor/keys/moved-away-by-tor-package ]; then + mkdir /var/lib/tor/keys/moved-away-by-tor-package + cat > /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY << EOF +It has been discovered that the random number generator in Debian's +openssl package is predictable. This is caused by an incorrect +Debian-specific change to the openssl package (CVE-2008-0166). As a +result, cryptographic key material may be guessable. + +See Debian Security Advisory number 1571 (DSA-1571) for more information: +http://lists.debian.org/debian-security-announce/2008/msg00152.html + +The Debian package for Tor has moved away the onion keys upon package +upgrade, and it will have moved away your identity key if it was created +in the affected timeframe. There is no sure way to automatically tell +if your key was created with an affected openssl library, so this move +is done unconditionally. + +If you have restarted Tor since this change (and the package probably +did that for you already unless you configured your system differently) +then the Tor daemon already created new keys for itself and in all +likelyhood is already working just fine with new keys. + +If you are absolutely certain that your identity key was created with +a non-affected version of openssl and for some reason you have to retain +the old identity, then you can move back the copy of secret_id_key to +/var/lib/tor/keys. Do not move back the onion keys, they were created +only recently since they are temporary keys with a lifetime of only a few +days anyway. + +Sincerely, +Peter Palfrader, Tue, 13 May 2008 13:32:23 +0200 +EOF + fi + for f in secret_onion_key secret_onion_key.old; do + if [ -e /var/lib/tor/keys/"$f" ]; then + mv -v /var/lib/tor/keys/"$f" /var/lib/tor/keys/moved-away-by-tor-package/"$f" + fi + done + if [ -e /var/lib/tor/keys/secret_id_key ]; then + id_mtime=`stat -c %Y /var/lib/tor/keys/secret_id_key` + sept=`date -d '2006-09-10' +%s` + if [ "$id_mtime" -gt "$sept" ] ; then + mv -v /var/lib/tor/keys/secret_id_key /var/lib/tor/keys/moved-away-by-tor-package/secret_id_key + fi + fi +fi + +# clean out apparmor policy files that we shipped with +# Tor 0.2.3.16-alpha-1 in experimental and +# Tor 0.2.3.17-beta-1 in unstable. +if [ "$1" = "configure" ] && + [ -e /etc/apparmor.d/usr.sbin.tor ] && + [ ! -z "$2" ] && + dpkg --compare-versions "$2" le 0.2.3.17-beta-1; then + checksum="`md5sum /etc/apparmor.d/usr.sbin.tor | awk '{print $1}'`" + pkg_md5="`dpkg-query -W -f='${Conffiles}' tor | awk '$1=="/etc/apparmor.d/usr.sbin.tor" {print $2}'`" + if [ "$checksum" = "$pkg_md5" ]; then + if command -v apparmor_parser > /dev/null 2>&1 ; then + apparmor_parser --remove -T -W /etc/apparmor.d/usr.sbin.tor || true + fi + + rm -f "/etc/apparmor.d/usr.sbin.tor" + rm -f "/etc/apparmor.d/disable/usr.sbin.tor" || true + rm -f "/etc/apparmor.d/force-complain/usr.sbin.tor" || true + rm -f "/etc/apparmor.d/local/usr.sbin.tor" || true + rmdir /etc/apparmor.d/local 2>/dev/null || true + rmdir /etc/apparmor.d 2>/dev/null || true + fi +fi + +tor_error_init() { + echo "Tor was unable to start due to configuration errors."; + echo "Please fix them and manually restart the tor daemon using"; + echo " ´service start tor´"; +} + +#DEBHELPER# + +exit 0 --- tor-0.3.3.8.orig/debian/tor.postrm +++ tor-0.3.3.8/debian/tor.postrm @@ -0,0 +1,12 @@ +#!/bin/sh -e + +if [ "$1" = "purge" ]; then + # logs have to be removed according to policy. + rm -rf /var/log/tor/ + rm -rf /var/lib/tor/ + rm -rf /var/run/tor/ +fi + +#DEBHELPER# + +exit 0 --- tor-0.3.3.8.orig/debian/watch +++ tor-0.3.3.8/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://dist.torproject.org/tor-(.*)\.tar\.gz