From a4002a31ceb1b844c0946bb80ec22df3820de698 Mon Sep 17 00:00:00 2001 From: Florian Fainelli Date: Thu, 10 Aug 2006 21:44:54 +0000 Subject: [PATCH] Port tor to -ng SVN-Revision: 4554 --- net/tor/Makefile | 103 +++++++++++++++++++++++++++++++ net/tor/files/tor.init | 24 ++++++++ net/tor/files/torrc | 136 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 263 insertions(+) create mode 100644 net/tor/Makefile create mode 100644 net/tor/files/tor.init create mode 100644 net/tor/files/torrc diff --git a/net/tor/Makefile b/net/tor/Makefile new file mode 100644 index 0000000000..a825319528 --- /dev/null +++ b/net/tor/Makefile @@ -0,0 +1,103 @@ +# +# Copyright (C) 2006 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +# $Id$ + +include $(TOPDIR)/rules.mk + +PKG_NAME:=tor +PKG_VERSION:=0.1.0.17 +PKG_RELEASE:=1 +PKG_MD5SUM:=83c4afe29fa82473afcb2ec7e17771b9 + +PKG_SOURCE_URL:=http://tor.eff.org/dist/ \ + http://ftp.se.linux.org/crypto/tor/ \ + http://tor.meulie.net/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_CAT:=zcat + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install + +include $(INCLUDE_DIR)/package.mk + +define Package/tor + SECTION:=net + CATEGORY:=Network + DEPENDS:=+libevent +libopenssl +libpthread +zlib + TITLE:=An anonymous Internet communication system + DESCRIPTION:=Tor is a toolset for a wide range of organizations and people that want\\\ + to improve their safety and security on the Internet. Using Tor can\\\ + help you anonymize web browsing and publishing, instant messaging,\\\ + IRC, SSH, and more. Tor also provides a platform on which software\\\ + developers can build new applications with built-in anonymity, safety,\\\ + and privacy features.\\\ + URL:=http://tor.eff.org/ +endef + +define Package/tor/conffiles +/etc/tor/torrc +endef + +define Package/tor/postinst +#!/bin/sh + +name=tor +id=52 + +# do not change below +# # check if we are on real system +# if [ -z "${IPKG_INSTROOT}" ]; then +# # create copies of passwd and group, if we use squashfs + rootfs=`mount |awk '/root/ { print $5 }'` + if [ "$rootfs" = "squashfs" ]; then + if [ -h /etc/group ]; then + rm /etc/group + cp /rom/etc/group /etc/group + fi + if [ -h /etc/passwd ]; then + rm /etc/passwd + cp /rom/etc/passwd /etc/passwd + fi + fi +fi + +echo "" +if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/group)" ]; then + echo "adding group $name to /etc/group" + echo "${name}:x:${id}:" >> ${IPKG_INSTROOT}/etc/group +fi + +if [ -z "$(grep ^\\${name}: ${IPKG_INSTROOT}/etc/passwd)" ]; then + echo "adding user $name to /etc/passwd" + echo "${name}:x:${id}:${id}:${name}:/tmp/.${name}:/bin/false" >> ${IPKG_INSTROOT}/etc/passwd +fi +endef + +define Build/Configure +$(call Build/Configure/Default,--enable-shared \ + --disable-static,ac_cv_libevent_normal=yes \ + ac_cv_openssldir="$(STAGING_DIR)/usr" \ + tor_cv_null_is_zero=yes \ + tor_cv_unaligned_ok=yes) +endef + +define Build/Compile +$(call Build/Compile/Default,DESTDIR="$(PKG_INSTALL_DIR)" \ + all install) +endef + +define Package/tor/install + install -d -m0755 $(1)/etc/init.d + install -m0755 ./files/tor.init $(1)/etc/init.d/tor + install -d -m0755 $(1)/etc/tor + install -m0644 ./files/torrc $(1)/etc/tor/torrc + install -d -m0755 $(1)/usr/sbin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/tor $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,tor)) + diff --git a/net/tor/files/tor.init b/net/tor/files/tor.init new file mode 100644 index 0000000000..8eb2db49f9 --- /dev/null +++ b/net/tor/files/tor.init @@ -0,0 +1,24 @@ +#!/bin/sh + +BIN=tor +DEFAULT=/etc/default/$BIN +LOG_D=/var/log/$BIN +RUN_D=/var/run +PID_F=$RUN_D/$BIN.pid +[ -f $DEFAULT ] && . $DEFAULT + +case $1 in + start) + mkdir -p $LOG_D + mkdir -p $RUN_D + $BIN $OPTIONS + ;; + stop) + [ -f $PID_F ] && kill $(cat $PID_F) + ;; + *) + echo "usage: $0 (start|stop)" + exit 1 +esac + +exit $? diff --git a/net/tor/files/torrc b/net/tor/files/torrc new file mode 100644 index 0000000000..e5cf75b6e1 --- /dev/null +++ b/net/tor/files/torrc @@ -0,0 +1,136 @@ +## Configuration file for a typical tor user +## Built for Tor version 0.1.0.8-rc +## (May or may not work for older or newer versions of Tor.) +# +# On Unix, Tor will look for this file in someplace like "~/.tor/torrc" or +# "/etc/torrc" +# +# On Windows, Tor will look for the configuration file in someplace like +# "Application Data\tor\torrc" or "Application Data\\tor\torrc" +# +# With the default Mac OS X installer, Tor will look in ~/.tor/torrc or +# /Library/Tor/torrc + + +## Replace this with "SocksPort 0" if you plan to run Tor only as a +## server, and not make any local application connections yourself. +SocksPort 9050 # what port to open for local application connections +SocksBindAddress 127.0.0.1 # accept connections only from localhost +#SocksBindAddress 192.168.0.1:9100 # listen on a chosen IP/port too + +## Entry policies to allow/deny SOCKS requests based on IP address. +## First entry that matches wins. If no SocksPolicy is set, we accept +## all (and only) requests from SocksBindAddress. +#SocksPolicy accept 192.168.0.1/16 +#SocksPolicy reject * + +## Allow no-name routers (ones that the dirserver operators don't +## know anything about) in only these positions in your circuits. +## Other choices (not advised) are entry,exit,introduction. +AllowUnverifiedNodes middle,rendezvous + +## Logs go to stdout at level "notice" unless redirected by something +## else, like one of the below lines. You can have as many log lines as +## you want. +## +## Send all messages of level 'notice' or higher to /var/log/tor/notices.log +#Log notice file /var/log/tor/notices.log +## Send only debug and info messages to /var/log/tor/debug.log +#Log debug-info file /var/log/tor/debug.log +## Send ONLY debug messages to /var/log/tor/debug.log +#Log debug-debug file /var/log/tor/debug.log +## To use the system log instead of Tor's logfiles, uncomment these lines: +#Log notice syslog +## To send all messages to stderr: +#Log debug stderr + +## Uncomment this to start the process in the background... or use +## --runasdaemon 1 on the command line. +RunAsDaemon 1 + +## Tor only trusts directories signed with one of these keys, and +## uses the given addresses to connect to the trusted directory +## servers. If no DirServer lines are specified, Tor uses the built-in +## defaults (moria1, moria2, tor26), so you can leave this alone unless +## you need to change it. +#DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441 +#DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF +#DirServer 62.116.124.106:9030 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D + +## The directory for keeping all the keys/etc. By default, we store +## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. +#DataDirectory /var/lib/tor + +## The port on which Tor will listen for local connections from Tor controller +## applications, as documented in control-spec.txt. NB: this feature is +## currently experimental. +#ControlPort 9051 + +############### This section is just for location-hidden services ### + +## Look in .../hidden_service/hostname for the address to tell people. +## HiddenServicePort x y:z says to redirect a port x request from the +## client to y:z. + +#HiddenServiceDir /var/lib/tor/hidden_service/ +#HiddenServicePort 80 127.0.0.1:80 + +#HiddenServiceDir /var/lib/tor/other_hidden_service/ +#HiddenServicePort 80 127.0.0.1:80 +#HiddenServicePort 22 127.0.0.1:22 +#HiddenServiceNodes moria1,moria2 +#HiddenServiceExcludeNodes bad,otherbad + +################ This section is just for servers ##################### + +## NOTE: If you enable these, you should consider mailing your identity +## key fingerprint to the tor-ops, so we can add you to the list of +## servers that clients will trust. See +## http://tor.eff.org/doc/tor-doc.html#server for details. + +## Required: A unique handle for this server +#Nickname ididnteditheconfig + +## The IP or fqdn for this server. Leave blank and Tor will guess. +#Address noname.example.com + +## Contact info that will be published in the directory, so we can +## contact you if you need to upgrade or if something goes wrong. +## This is optional but recommended. +#ContactInfo Random Person +## You might also include your PGP or GPG fingerprint if you have one: +#ContactInfo 1234D/FFFFFFFF Random Person + +## Required: what port to advertise for tor connections +#ORPort 9001 +## If you want to listen on a port other than the one advertised +## in ORPort (e.g. to advertise 443 but bind to 9090), uncomment +## the line below. You'll need to do ipchains or other port forwarding +## yourself to make this work. +#ORBindAddress 0.0.0.0:9090 + +## Uncomment this to mirror the directory for others (please do) +#DirPort 9030 # what port to advertise for directory connections +## If you want to listen on a port other than the one advertised +## in DirPort (e.g. to advertise 80 but bind 9091), uncomment the line +## below. You'll need to do ipchains or other port forwarding yourself +## to make this work. +#DirBindAddress 0.0.0.0:9091 + +## A comma-separated list of exit policies. They're considered first +## to last, and the first match wins. If you want to *replace* +## the default exit policy, end this with either a reject *:* or an +## accept *:*. Otherwise, you're *augmenting* (prepending to) the +## default exit policy. Leave commented to just use the default, which is +## available in the man page or at http://tor.eff.org/documentation.html +## +## Look at http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Abuse +## for issues you might encounter if you use the default exit policy. +## +#ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more +#ExitPolicy accept *:119 # accept nntp as well as default exit policy +#ExitPolicy reject *:* # middleman only -- no exits allowed + +User tor +Group tor +PidFile /var/run/tor.pid -- 2.30.2