From patchwork Thu Sep 14 17:45:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 7173 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Rml8b3c5vz3wtG for ; Thu, 14 Sep 2023 17:45:19 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Rml8X2yvWz1V2; Thu, 14 Sep 2023 17:45:16 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Rml8X2Fk8z2xxT; Thu, 14 Sep 2023 17:45:16 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Rml8W0t4tz2xMT for ; Thu, 14 Sep 2023 17:45:15 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "people01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Rml8T6Z97zN6; Thu, 14 Sep 2023 17:45:13 +0000 (UTC) Received: by people01.haj.ipfire.org (Postfix, from userid 1078) id 4Rml8T5CMbz2xns; Thu, 14 Sep 2023 17:45:13 +0000 (UTC) From: =?utf-8?q?Peter_M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 1/2] Tor: Update to 0.4.8.5 Date: Thu, 14 Sep 2023 17:45:11 +0000 Message-Id: <20230914174512.568996-1-peter.mueller@ipfire.org> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" Changes in version 0.4.8.5 - 2023-08-30 Quick second release after the first stable few days ago fixing minor annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation failures and PoW unit test. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 30, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/08/30. o Minor bugfix (NetBSD, compilation): - Fix compilation issue on NetBSD by avoiding an unnecessary dependency on "huge" page mappings in Equi-X. Fixes bug 40843; bugfix on 0.4.8.1-alpha. o Minor bugfix (NetBSD, testing): - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on x86_64 and aarch64 NetBSD hosts, by adding support for PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha. o Minor bugfixes (conflux): - Demote a relay-side warn about too many legs to ProtocolWarn, as there are conditions that it can briefly happen during set construction. Also add additional set logging details for all error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. - Prevent non-fatal assert stacktrace caused by using conflux sets during their teardown process. Fixes bug 40842; bugfix on 0.4.8.1-alpha. Signed-off-by: Peter Müller --- lfs/tor | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/tor b/lfs/tor index f735b0ca4..d7be53a1c 100644 --- a/lfs/tor +++ b/lfs/tor @@ -26,7 +26,7 @@ include Config SUMMARY = Anonymizing overlay network for TCP (The onion router) -VER = 0.4.8.4 +VER = 0.4.8.5 THISAPP = tor-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tor -PAK_VER = 79 +PAK_VER = 80 DEPS = libseccomp @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = e283d828fede259b1186b45214d466ff7ee79c835d68d0253537cd44b4dfdc4effe97ffb864d788eb0c65e7c09dc79673b1f191662c3641917a36af935cb9e7f +$(DL_FILE)_BLAKE2 = 71a4807284ecefc4a18d6bc15ce798844304f860338b786590779fb171f851d630e8af3114dbc84fe854561e0085dcb147b4dd87787988a8fb6c3628bfcc8175 install : $(TARGET) From patchwork Thu Sep 14 17:45:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= X-Patchwork-Id: 7174 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Rml8c59bsz3wtG for ; Thu, 14 Sep 2023 17:45:20 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Rml8Y0ldbz2Mg; Thu, 14 Sep 2023 17:45:17 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Rml8X2k13z30HR; Thu, 14 Sep 2023 17:45:16 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Rml8W1KXZz2y2l for ; Thu, 14 Sep 2023 17:45:15 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "people01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Rml8V6Slvz1V2; Thu, 14 Sep 2023 17:45:14 +0000 (UTC) Received: by people01.haj.ipfire.org (Postfix, from userid 1078) id 4Rml8V5RLrz2xs9; Thu, 14 Sep 2023 17:45:14 +0000 (UTC) From: =?utf-8?q?Peter_M=C3=BCller?= To: development@lists.ipfire.org Subject: [PATCH 2/2] Tor: Do not attempt to establish connections via IPv6 Date: Thu, 14 Sep 2023 17:45:12 +0000 Message-Id: <20230914174512.568996-2-peter.mueller@ipfire.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230914174512.568996-1-peter.mueller@ipfire.org> References: <20230914174512.568996-1-peter.mueller@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" To quote from the changelog of Tor 0.4.8.4: o Minor feature (client, IPv6): - Make client able to pick IPv6 relays by default now meaning ClientUseIPv6 option now defaults to 1. Closes ticket 40785. In order to avoid any malfunctions on IPFire installations, set this option to "0" explicitly. Signed-off-by: Peter Müller --- html/cgi-bin/tor.cgi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/html/cgi-bin/tor.cgi b/html/cgi-bin/tor.cgi index 96be35102..75fdf0d5d 100644 --- a/html/cgi-bin/tor.cgi +++ b/html/cgi-bin/tor.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team # +# Copyright (C) 2007-2023 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -732,6 +732,7 @@ sub BuildConfiguration() { # Global settings. print FILE "Sandbox 1\n"; print FILE "HardwareAccel 1\n"; + print FILE "ClientUseIPv6 0\n"; print FILE "ControlPort $TOR_CONTROL_PORT\n"; if ($settings{'TOR_ENABLED'} eq 'on') {