commit: 8766357f01414edf202c80c3471a855b079fb53d Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Thu Jan 29 17:32:41 2026 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Thu Jan 29 17:33:00 2026 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8766357f
net-vpn/tor: add 0.4.8.22 Bug: https://bugs.gentoo.org/969415 Signed-off-by: Sam James <sam <AT> gentoo.org> net-vpn/tor/Manifest | 3 + net-vpn/tor/tor-0.4.8.22.ebuild | 203 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 206 insertions(+) diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest index 2321a714bc4e..7185f579dd60 100644 --- a/net-vpn/tor/Manifest +++ b/net-vpn/tor/Manifest @@ -1,3 +1,6 @@ DIST tor-0.4.8.21.tar.gz 10663112 BLAKE2B 1b7d786a7ec5a3e5967d8ce214f8a2aef10f8ba10791bc45d42a322bf4107c0a1962b80368e043ee1b239a8367660fdf810d05f00a010d9e69d024e1042217e8 SHA512 5ba774d1f9b2079bd393323d490edf6e1a6380f5a970f07f87e8cf14522eb994c7137a8c8a7ad551289db0ad9aa3ff0a46d8d55fdcdaea5042d68196cf9399b7 DIST tor-0.4.8.21.tar.gz.sha256sum 86 BLAKE2B 66b55dd5cb8f344f54a6ecd51d71aeadabe2c8825b236bcfa018ac8dd0ca98beee832a85728c3294ae56df529e3058c7c6292613108869131258713f482ae691 SHA512 1b6330dfa3b58e9ea99bbbd9dd76f042a23e5c5c2656704bf2ca80f5e0214427020e8718856359ceca0b7d52e135d315f3ea1e1fb760eac6a7422d721b90b144 DIST tor-0.4.8.21.tar.gz.sha256sum.asc 716 BLAKE2B e4ea78b6ed371728fd8d198bb17041a80f84090fd10851d516463b6515ca6a56f7fe3ec0828a29c98e4ca0a242e71a6737d0719aa33bd4292e87dce1b8a3577f SHA512 7c741f85cf2a1c722ce1c24dfd3f2b6271ef10dfb54bd120c49d229b02ac982c88c8c7a833e4b314e35dcb685ce0ede5adea6284ccc13514fd335b85755e61ee +DIST tor-0.4.8.22.tar.gz 10625231 BLAKE2B ab4d04fa8ed47a6270929599e995c9ae1beaacd48339201fe2188cce7f013d3e6f4a34ec883dcd24da4ce5b0226894a5347e1159cd8fcbc3990dae21f9c4f64b SHA512 c7c6bfc7a2c10d045903c3e60fcff076983949fdbdf884d3f8e3eb6dc01c3e8a75abdc6e8e8efe7ac409d77932e034551ff0f6309851edd75c1134f1828aa8b3 +DIST tor-0.4.8.22.tar.gz.sha256sum 86 BLAKE2B 3b0542d26386c811d8ec9c4e23d04d3a88c835758c58213a82a92e6a97986c80f5d13d59d3ebcbf71f9c9fc238e9772b7a1b6359496d75ace85928617d02c99d SHA512 a5098f099b4826f63aecc343dd7b0afa17b502a582b27a81d449ed87bba5d0ee93ace47591d1878997d022af8d80f2ce163cd52dde63f82040c52ec4fa4bbb5d +DIST tor-0.4.8.22.tar.gz.sha256sum.asc 716 BLAKE2B 8e6d8f305bdeb7d8e67d35447440f3dde80c64c16f8de6ddf2eda42bc2b325859137488a5ef10330da34b6b1a7eb2bb672aa032abcb308b607cb25bacf14d5c9 SHA512 5ce3e2341a3b77d071158f8c0d6737d9d14b8fa4500aa0672d0d53f10e20402bbebee33b7abd3fd1a76cc00680a7f77e004e269f35a7f4a482cac9443d56a841 diff --git a/net-vpn/tor/tor-0.4.8.22.ebuild b/net-vpn/tor/tor-0.4.8.22.ebuild new file mode 100644 index 000000000000..0cedb02b795c --- /dev/null +++ b/net-vpn/tor/tor-0.4.8.22.ebuild @@ -0,0 +1,203 @@ +# Copyright 1999-2026 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11..14} ) +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/torproject.org.asc +inherit edo python-any-r1 readme.gentoo-r1 systemd verify-sig + +MY_PV="$(ver_rs 4 -)" +MY_PF="${PN}-${MY_PV}" +DESCRIPTION="Anonymizing overlay network for TCP" +HOMEPAGE="https://www.torproject.org/ https://gitlab.torproject.org/tpo/core/tor/"; + +if [[ ${PV} == 9999 ]] ; then + EGIT_REPO_URI="https://gitlab.torproject.org/tpo/core/tor"; + inherit autotools git-r3 +else + SRC_URI=" + https://www.torproject.org/dist/${MY_PF}.tar.gz + https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz + verify-sig? ( + https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum + https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum.asc + ) + " + + S="${WORKDIR}/${MY_PF}" + + if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" + fi + + BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20250713 )" +fi + +# BSD in general, but for PoW, needs --enable-gpl (GPL-3 per --version) +# We also already had GPL-2 listed here for the init script, but obviously +# that's different from the actual binary. +LICENSE="BSD GPL-2 GPL-3" +SLOT="0" +IUSE="caps doc hardened lzma +man scrypt seccomp selinux +server systemd test zstd" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=dev-libs/libevent-2.1.12-r1:=[ssl] + dev-libs/openssl:=[-bindist(-)] + virtual/zlib:= + caps? ( sys-libs/libcap ) + man? ( app-text/asciidoc ) + lzma? ( app-arch/xz-utils ) + scrypt? ( app-crypt/libscrypt ) + seccomp? ( >=sys-libs/libseccomp-2.4.1 ) + systemd? ( sys-apps/systemd:= ) + zstd? ( app-arch/zstd:= ) +" +DEPEND=" + ${RDEPEND} + test? ( + ${DEPEND} + ${PYTHON_DEPS} + ) +" +RDEPEND+=" + acct-user/tor + acct-group/tor + selinux? ( sec-policy/selinux-tor ) +" +BDEPEND+=" + acct-user/tor + acct-group/tor +" + +DOCS=() + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch + "${FILESDIR}"/${PN}-0.4.8.21-glibc-2.43.patch +) + +QA_CONFIG_IMPL_DECL_SKIP=( + # test correctly fails because -lnacl fails if not available + # https://bugs.gentoo.org/900092 + crypto_scalarmult_curve25519 +) + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_unpack() { + if [[ ${PV} == 9999 ]] ; then + git-r3_src_unpack + else + if use verify-sig; then + cd "${DISTDIR}" || die + verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc} + verify-sig_verify_unsigned_checksums \ + ${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz + cd "${WORKDIR}" || die + fi + + default + fi +} + +src_prepare() { + default + + # Running shellcheck automagically isn't useful for ebuild testing. + echo "exit 0" > scripts/maint/checkShellScripts.sh || die + + if [[ ${PV} == 9999 ]] ; then + eautoreconf + fi +} + +src_configure() { + use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING ) + + export ac_cv_lib_cap_cap_init=$(usex caps) + export tor_cv_PYTHON="${EPYTHON}" + # Already set by default in profiles for our toolchain + export tor_cv_cflags__fcf_protection_full=no + export tor_cv_cflags__mbranch_protection_standard=no + + local myeconfargs=( + --localstatedir="${EPREFIX}/var" + --disable-all-bugs-are-fatal + --enable-system-torrc + --disable-android + --disable-coverage + --disable-html-manual + --disable-libfuzzer + --enable-missing-doc-warnings + --disable-module-dirauth + --enable-pic + --disable-restart-debugging + + # Unless someone asks & has a compelling reason, just always + # build in GPL mode for pow, given we don't want yet another USE + # flag combination to have to test just for the sake of it. + # (PoW requires GPL.) + --enable-gpl + --enable-module-pow + + $(use_enable hardened gcc-hardening) + $(use_enable hardened linker-hardening) + $(use_enable man asciidoc) + $(use_enable man manpage) + $(use_enable lzma) + $(use_enable scrypt libscrypt) + $(use_enable seccomp) + $(use_enable server module-relay) + $(use_enable systemd) + $(use_enable test unittests) + $(use_enable zstd) + ) + + econf "${myeconfargs[@]}" +} + +src_test() { + local skip_tests=( + # Fails in sandbox + :sandbox/open_filename + :sandbox/openat_filename + ) + + if use arm ; then + skip_tests+=( + # bug #920905 + # https://gitlab.torproject.org/tpo/core/tor/-/issues/40912 + :sandbox/opendir_dirname + :sandbox/openat_filename + :sandbox/chmod_filename + :sandbox/chown_filename + :sandbox/rename_filename + ) + fi + + # The makefile runs these by parallel by chunking them with a script + # but that means we lose verbosity and can't skip individual tests easily + # either. + edo ./src/test/test --verbose "${skip_tests[@]}" +} + +src_install() { + default + readme.gentoo_create_doc + + newconfd "${FILESDIR}"/tor.confd tor + newinitd "${FILESDIR}"/tor.initd-r9 tor + systemd_dounit "${FILESDIR}"/tor.service + + keepdir /var/lib/tor + + fperms 750 /var/lib/tor + fowners tor:tor /var/lib/tor + + insinto /etc/tor/ + newins "${FILESDIR}"/torrc-r2 torrc +}
