From nobody@FreeBSD.org  Wed Feb 24 05:49:20 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id A995F106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 24 Feb 2010 05:49:20 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 8DAC48FC14
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 24 Feb 2010 05:49:20 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o1O5nKQk077118
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 24 Feb 2010 05:49:20 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o1O5nKwJ077117;
	Wed, 24 Feb 2010 05:49:20 GMT
	(envelope-from nobody)
Message-Id: <201002240549.o1O5nKwJ077117@www.freebsd.org>
Date: Wed, 24 Feb 2010 05:49:20 GMT
From: Andrei Lavreniyuk <andy.lavr@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [PATCH] Update ports/security/tor-devel to version 0.2.2.9-alpha
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         144254
>Category:       ports
>Synopsis:       [PATCH] Update ports/security/tor-devel to version 0.2.2.9-alpha
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    miwi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 24 05:50:04 UTC 2010
>Closed-Date:    Wed Mar 10 12:57:19 UTC 2010
>Last-Modified:  Wed Mar 10 12:57:19 UTC 2010
>Originator:     Andrei Lavreniyuk
>Release:        FreeBSD 8.0-STABLE
>Organization:
Technica-03, Inc.
>Environment:
FreeBSD datacenter.technica-03.local 8.0-STABLE FreeBSD 8.0-STABLE #0: Mon Feb 22 09:39:03 EET 2010     root@datacenter.technica-03.local:/usr/obj/usr/src/sys/SMP64  amd64
>Description:
Changes in version 0.2.2.9-alpha - 2010-02-22
  o Directory authority changes:             
    - Change IP address for dannenberg (v3 directory authority), and
      remove moria2 (obsolete v1, v2 directory authority and v0 hidden
      service directory authority) from the list.

  o Major bugfixes:
    - Make Tor work again on the latest OS X: when deciding whether to
      use strange flags to turn TLS renegotiation on, detect the OpenSSL
      version at run-time, not compile time. We need to do this because
      Apple doesn't update its dev-tools headers when it updates its
      libraries in a security patch.
    - Fix a potential buffer overflow in lookup_last_hid_serv_request()
      that could happen on 32-bit platforms with 64-bit time_t. Also fix
      a memory leak when requesting a hidden service descriptor we've
      requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
      by aakova.
    - Authorities could be tricked into giving out the Exit flag to relays
      that didn't allow exiting to any ports. This bug could screw
      with load balancing and stats. Bugfix on 0.1.1.6-alpha; fixes bug
      1238. Bug discovered by Martin Kowalczyk.
    - When freeing a cipher, zero it out completely. We only zeroed
      the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
      and patched by ekir. Fixes bug 1254.

  o Minor bugfixes:
    - Fix static compilation by listing the openssl libraries in the right
      order. Bugfix on Tor 0.2.2.8-alpha; fixes bug 1237.
    - Resume handling .exit hostnames in a special way: originally we
      stripped the .exit part and used the requested exit relay. In
      0.2.2.1-alpha we stopped treating them in any special way, meaning
      if you use a .exit address then Tor will pass it on to the exit
      relay. Now we reject the .exit stream outright, since that behavior
      might be more expected by the user. Found and diagnosed by Scott
      Bennett and Downie on or-talk.
    - Don't spam the controller with events when we have no file
      descriptors available. Bugfix on 0.2.1.5-alpha. (Rate-limiting
      for log messages was already solved from bug 748.)
    - Avoid a bogus overlapped memcpy in tor_addr_copy(). Reported by
      "memcpyfail".
    - Make the DNSPort option work with libevent 2.x. Don't alter the
      behaviour for libevent 1.x. Fixes bug 1143. Found by SwissTorExit.
    - Emit a GUARD DROPPED controller event for a case we missed.
    - Make more fields in the controller protocol case-insensitive, since
      control-spec.txt said they were.
    - Refactor resolve_my_address() to not use gethostbyname() anymore.
      Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik.
    - Fix a spec conformance issue: the network-status-version token
      must be the first token in a v3 consensus or vote. Discovered by
      parakeep. Bugfix on 0.2.0.3-alpha.

  o Code simplifications and refactoring:
    - Generate our manpage and HTML documentation using Asciidoc. This
      change should make it easier to maintain the documentation, and
      produce nicer HTML.
    - Remove the --enable-iphone option. According to reports from Marco
      Bonetti, Tor builds fine without any special tweaking on recent
      iPhone SDK versions.
    - Removed some unnecessary files from the source distribution. The
      AUTHORS file has now been merged into the people page on the
      website. The roadmaps and design doc can now be found in the
      projects directory in svn.
    - Enabled various circuit build timeout constants to be controlled
      by consensus parameters. Also set better defaults for these
      parameters based on experimentation on broadband and simulated
      high latency links.

  o Minor features:
    - The 'EXTENDCIRCUIT' control port command can now be used with
      a circ id of 0 and no path. This feature will cause Tor to build
      a new 'fast' general purpose circuit using its own path selection
      algorithms.
    - Added a BUILDTIMEOUT_SET controller event to describe changes
      to the circuit build timeout.
    - Future-proof the controller protocol a bit by ignoring keyword
      arguments we do not recognize.
    - Expand homedirs passed to tor-checkkey. This should silence a
      coverity complaint about passing a user-supplied string into
      open() without checking it.
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN tor-devel.bak/Makefile tor-devel/Makefile
--- tor-devel.bak/Makefile	2010-01-31 08:16:50.000000000 +0200
+++ tor-devel/Makefile	2010-02-24 07:44:00.000000000 +0200
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	tor
-DISTVERSION=	0.2.2.8-alpha
+DISTVERSION=	0.2.2.9-alpha
 CATEGORIES=	security net ipv6
 MASTER_SITES=	http://www.torproject.org/dist/ \
 		http://tor.cypherpunks.at/dist/ \
diff -ruN tor-devel.bak/distinfo tor-devel/distinfo
--- tor-devel.bak/distinfo	2010-01-31 08:16:50.000000000 +0200
+++ tor-devel/distinfo	2010-02-24 07:44:00.000000000 +0200
@@ -1,3 +1,3 @@
-MD5 (tor-0.2.2.8-alpha.tar.gz) = f91adf1ea08ad17ff61d63d001c4b7a4
-SHA256 (tor-0.2.2.8-alpha.tar.gz) = e041761d37a7f8eefc173e1c735d314b0f3deb51ba173e1907b753920ec19bfc
-SIZE (tor-0.2.2.8-alpha.tar.gz) = 2484568
+MD5 (tor-0.2.2.9-alpha.tar.gz) = a59e6855ed670cfa7d0eb584469b777c
+SHA256 (tor-0.2.2.9-alpha.tar.gz) = e736af150f57168fc5a271d0710aec83c1df5b15444b22e80ccf861730cad40d
+SIZE (tor-0.2.2.9-alpha.tar.gz) = 2288813


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->miwi 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed Feb 24 05:50:16 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144254 

From: "b. f." <bf1783@googlemail.com>
To: bug-followup@FreeBSD.org
Cc: miwi@FreeBSD.org, Andrei Lavreniyuk <andy.lavr@gmail.com>
Subject: Re: ports/144254: [PATCH] Update ports/security/tor-devel to version 
	0.2.2.9-alpha
Date: Wed, 24 Feb 2010 01:48:20 -0500

 --0016e6dab1504ee8200480530d6a
 Content-Type: text/plain; charset=ISO-8859-1
 
 Please consider instead the attached patch, which:
 
  (1) takes into account the documentation changes in the latest
 version, while respecting NOPORTDOCS; and
 
 (2) narrows the scope of a few of the sed commands, so that the WRKSRC
 is no longer as cluttered with .bak files, and the commands are
 executed more rapidly.
 
 Regards,
                   b.
 
 --0016e6dab1504ee8200480530d6a
 Content-Type: text/plain; charset=US-ASCII; name="tor0229_diff.txt"
 Content-Disposition: attachment; filename="tor0229_diff.txt"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: file0
 
 ZGlmZiAteCAnb2xkLionIC14ICduZXcuKicgLXJ1TiB0b3ItZGV2ZWwub3JpZy9NYWtlZmlsZSB0
 b3ItZGV2ZWwvTWFrZWZpbGUKLS0tIHRvci1kZXZlbC5vcmlnL01ha2VmaWxlCTIwMTAtMDItMjQg
 MDE6MTM6MzEuMDAwMDAwMDAwIC0wNTAwCisrKyB0b3ItZGV2ZWwvTWFrZWZpbGUJMjAxMC0wMi0y
 NCAwMToxMzoyMC4wMDAwMDAwMDAgLTA1MDAKQEAgLTYsNyArNiw3IEBACiAjCiAKIFBPUlROQU1F
 PQl0b3IKLURJU1RWRVJTSU9OPQkwLjIuMi44LWFscGhhCitESVNUVkVSU0lPTj0JMC4yLjIuOS1h
 bHBoYQogQ0FURUdPUklFUz0Jc2VjdXJpdHkgbmV0IGlwdjYKIE1BU1RFUl9TSVRFUz0JaHR0cDov
 L3d3dy50b3Jwcm9qZWN0Lm9yZy9kaXN0LyBcCiAJCWh0dHA6Ly90b3IuY3lwaGVycHVua3MuYXQv
 ZGlzdC8gXApAQCAtNDQsNiArNDQsMTAgQEAKIE1BTkNPTVBSRVNTRUQ9CW5vCiBNQU4xPQkJdG9y
 LjEgdG9yLXJlc29sdmUuMSB0b3JpZnkuMSB0b3ItZ2VuY2VydC4xCiAKKy5pZiAhZGVmaW5lZChO
 T1BPUlRET0NTKQorUE9SVERPQ1M9CXRvci5odG1sIHRvci1yZXNvbHZlLmh0bWwgdG9yaWZ5Lmh0
 bWwgdG9yLWdlbmNlcnQuaHRtbAorLmVuZGlmCisKIC5pbmNsdWRlIDxic2QucG9ydC5wcmUubWs+
 CiAKIC5pZiBkZWZpbmVkKFdJVEhfQlVGRlJFRUxJU1RTKQpAQCAtODUsMTUgKzg5LDE0IEBACiAJ
 CSR7V1JLU1JDfS9jb250cmliL3Rvci10c29ja3MuY29uZi5zYW1wbGUKIAlAJHtSRUlOUExBQ0Vf
 Q01EfSAtZSAic3x0b3ItdHNvY2tzLmNvbmZ8dG9yLXRzb2Nrcy5jb25mLnNhbXBsZXxnIiBcCiAJ
 CSR7V1JLU1JDfS9jb250cmliL01ha2VmaWxlLmluCi0JQCR7RklORH0gLVggJHtXUktTUkN9IC10
 eXBlIGYgfCAke1hBUkdTfSBcCi0JCS1uIDEwICR7UkVJTlBMQUNFX0NNRH0gLUUgXAotCQktZSAn
 c3wtZyAtTzJ8fGcnIFwKLQkJLWUgJ3N8LU8yfHxnJyBcCi0JCS1lICdzfC1nIC1PfHxnJyBcCi0J
 CS1lICdzfG5ldGluZXQvaW42fG5ldGluZXQ2L2luNnxnJworCUAke1JFSU5QTEFDRV9DTUR9IC1l
 ICdcfENGTEFHUz18e3N8LWd8fDtzfC1PWzAtOV1cezAsMVx9fHw7fScgXAorCQktZSAnc3xuZXRp
 bmV0L2luNnxuZXRpbmV0Ni9pbjZ8ZycgJHtXUktTUkN9L2NvbmZpZ3VyZQorLmlmIGRlZmluZWQo
 Tk9QT1JURE9DUykKKwlAJHtSRUlOUExBQ0VfQ01EfSAtZSAnXHxkb2NfREFUQSA9fGQnICR7V1JL
 U1JDfS9kb2MvTWFrZWZpbGUuaW4KKy5lbmRpZgogCiBwb3N0LWNvbmZpZ3VyZToKLQlAJHtGSU5E
 fSAtWCAke1dSS1NSQ30gLXR5cGUgZiB8ICR7WEFSR1N9ICR7UkVJTlBMQUNFX0NNRH0gLWUgXAor
 CUAke0ZJTkR9IC1YICR7V1JLU1JDfSAtbmFtZSBNYWtlZmlsZSB8ICR7WEFSR1N9ICR7UkVJTlBM
 QUNFX0NNRH0gLWUgXAogCQkic3wtbHB0aHJlYWR8JHtQVEhSRUFEX0xJQlN9fGciCiAKIHByZS1z
 dS1pbnN0YWxsOgpkaWZmIC14ICdvbGQuKicgLXggJ25ldy4qJyAtcnVOIHRvci1kZXZlbC5vcmln
 L2Rpc3RpbmZvIHRvci1kZXZlbC9kaXN0aW5mbwotLS0gdG9yLWRldmVsLm9yaWcvZGlzdGluZm8J
 MjAxMC0wMi0yNCAwMToxMzozMS4wMDAwMDAwMDAgLTA1MDAKKysrIHRvci1kZXZlbC9kaXN0aW5m
 bwkyMDEwLTAyLTIzIDIzOjA3OjA4LjAwMDAwMDAwMCAtMDUwMApAQCAtMSwzICsxLDMgQEAKLU1E
 NSAodG9yLTAuMi4yLjgtYWxwaGEudGFyLmd6KSA9IGY5MWFkZjFlYTA4YWQxN2ZmNjFkNjNkMDAx
 YzRiN2E0Ci1TSEEyNTYgKHRvci0wLjIuMi44LWFscGhhLnRhci5neikgPSBlMDQxNzYxZDM3YTdm
 OGVlZmMxNzNlMWM3MzVkMzE0YjBmM2RlYjUxYmExNzNlMTkwN2I3NTM5MjBlYzE5YmZjCi1TSVpF
 ICh0b3ItMC4yLjIuOC1hbHBoYS50YXIuZ3opID0gMjQ4NDU2OAorTUQ1ICh0b3ItMC4yLjIuOS1h
 bHBoYS50YXIuZ3opID0gYTU5ZTY4NTVlZDY3MGNmYTdkMGViNTg0NDY5Yjc3N2MKK1NIQTI1NiAo
 dG9yLTAuMi4yLjktYWxwaGEudGFyLmd6KSA9IGU3MzZhZjE1MGY1NzE2OGZjNWEyNzFkMDcxMGFl
 YzgzYzFkZjViMTU0NDRiMjJlODBjY2Y4NjE3MzBjYWQ0MGQKK1NJWkUgKHRvci0wLjIuMi45LWFs
 cGhhLnRhci5neikgPSAyMjg4ODEzCg==
 --0016e6dab1504ee8200480530d6a--
State-Changed-From-To: open->closed 
State-Changed-By: miwi 
State-Changed-When: Wed Mar 10 12:57:18 UTC 2010 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=144254 
>Unformatted:
