nixpkgs/pkgs/tools/security/tor/default.nix
Joachim Fasting 87677d0390
tor: 0.3.1.9 -> 0.3.2.9
- Adds next-generation onion services[1]
- Lots of fixes, e.g., for CVE-2017-8821, CVE-2017-8820, CVE-2017-8823,
  CVE-2017-8819, CVE-2017-8822, CVE-2017-8822
- Adds new option `NoExec` to disallow exec syscalls
2018-01-13 18:22:45 +01:00

58 lines
1.8 KiB
Nix

{ stdenv, fetchurl, pkgconfig, libevent, openssl, zlib, torsocks
, libseccomp, systemd, libcap
}:
stdenv.mkDerivation rec {
name = "tor-0.3.2.9";
src = fetchurl {
url = "https://dist.torproject.org/${name}.tar.gz";
sha256 = "03qn55c969zynnx71r82iaqnadpzq0qclq0zmjhb3n4qma8pnnj3";
};
outputs = [ "out" "geoip" ];
enableParallelBuilding = true;
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libevent openssl zlib ] ++
stdenv.lib.optionals stdenv.isLinux [ libseccomp systemd libcap ];
NIX_CFLAGS_LINK = stdenv.lib.optionalString stdenv.cc.isGNU "-lgcc_s";
postPatch = ''
substituteInPlace contrib/client-tools/torify \
--replace 'pathfind torsocks' true \
--replace 'exec torsocks' 'exec ${torsocks}/bin/torsocks'
'';
postInstall = ''
mkdir -p $geoip/share/tor
mv $out/share/tor/geoip{,6} $geoip/share/tor
rm -rf $out/share/tor
'';
doCheck = true;
meta = with stdenv.lib; {
homepage = https://www.torproject.org/;
repositories.git = https://git.torproject.org/git/tor;
description = "Anonymizing overlay network";
longDescription = ''
Tor helps improve your privacy by bouncing your communications around a
network of relays run by volunteers all around the world: it makes it
harder for somebody watching your Internet connection to learn what sites
you visit, and makes it harder for the sites you visit to track you. Tor
works with many of your existing applications, including web browsers,
instant messaging clients, remote login, and other applications based on
the TCP protocol.
'';
license = licenses.bsd3;
maintainers = with maintainers;
[ phreedom doublec thoughtpolice joachifm ];
platforms = platforms.unix;
};
}