[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[Michael Ford]

[-- Attachment #1: Type: text/plain, Size: 1094 bytes --]

From 1ca67dd8ba30c34d60c4ae49889c30d912edd4ee Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Thu, 24 Aug 2023 09:47:33 +0100
Subject: [PATCH] gnu: tor: Update to 0.4.8.4.

* gnu/packages/tor.scm (tor): Update to 0.4.8.4.
---
 gnu/packages/tor.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 7fec88656f..ba8c98cf83 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -63,14 +63,14 @@ (define-module (gnu packages tor)
 (define-public tor
   (package
     (name "tor")
-    (version "0.4.7.14")
+    (version "0.4.8.4")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://dist.torproject.org/tor-"
                                  version ".tar.gz"))
              (sha256
               (base32
-               "1y2xwrji1rvk6h0k15705yra5s74h72h2g84x02zr0338vv6gb55"))))
+               "0aqxd8pijazvq97rdqp4iyxwnf6m1nynq57zh66b9hszl9scxh89"))))
     (build-system gnu-build-system)
     (arguments
      (list #:configure-flags
-- 
2.42.0

[-- Attachment #2: Type: text/html, Size: 1459 bytes --]

[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[André Batista]

Hi Michael!

The Tor Project has released v0.4.8.5, so I guess we can skip
v0.4.8.4. Would you care to send a new version of your patch?

Also, Tor v0.4.8.x has introduced a new PoW feature which is useful
for Onion Service operators and users during those all too common
DDoS attempts on the network. However, the feature is disabled by
default because the code was GPL'd. So, in order to enable it for
Guix users - whom I think won't have an issue with GPL code ;) -, you
need to change the current package definition configure flags and add
"--enable-gpl", otherwise we will be missing on this.

Moreover, I'm running the tor-client package and have hit on core/tor
issue #40848[1], since upgrading to v0.4.8.5. Apparently it's a
pretty harmless bug assertion which Alexander Færøy solved [2] by
just removing the bug assertion. Nonetheless, I think it's best if we
also include that patch on Guix, otherwise there may be future
repeated questions from guix users once they start seeing it show up
on system logs.

WDYT?

Cheers!

1 - https://gitlab.torproject.org/tpo/core/tor/-/issues/40848
2 - https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/752

[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[Michael Ford]

[-- Attachment #1: Type: text/plain, Size: 5252 bytes --]

Hi Andre,

I've taken your suggestions.
Here is the updated patch.
Thanks

From a7c754da51888f23755ba46904191bf16523fc17 Mon Sep 17 00:00:00 2001
From: fanquake <fanquake@gmail.com>
Date: Thu, 24 Aug 2023 09:47:33 +0100
Subject: [PATCH] gnu: tor: Update to 0.4.8.5.

* gnu/packages/tor.scm (tor): Update to 0.4.8.5.
* gnu/packages/tor.scm (tor)[arguments]<#:configure-flags>:
Add "--enable-gpl".
* gnu/packages/patches/tor-remove-defensive-assert.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/tor.scm (tor)[source]: Add patch to remove defensive
  assert.
---
 gnu/local.mk                                  |  1 +
 .../patches/tor-remove-defensive-assert.patch | 28 +++++++++++++++++++
 gnu/packages/tor.scm                          |  8 ++++--
 3 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 gnu/packages/patches/tor-remove-defensive-assert.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 9b493df8d5..6a4f9dabb2 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -2012,6 +2012,7 @@ dist_patch_DATA = \
   %D%/packages/patches/tofi-32bit-compat.patch \
   %D%/packages/patches/tootle-glib-object-naming.patch \
   %D%/packages/patches/tootle-reason-phrase.patch \
+  %D%/packages/patches/tor-remove-defensive-assert.patch   \
   %D%/packages/patches/transcode-ffmpeg.patch \
   %D%/packages/patches/transfig-gcc10-fno-common.patch \
   %D%/packages/patches/trytond-add-egg-modules-to-path.patch \
diff --git a/gnu/packages/patches/tor-remove-defensive-assert.patch
b/gnu/packages/patches/tor-remove-defensive-assert.patch
new file mode 100644
index 0000000000..7207ec867a
--- /dev/null
+++ b/gnu/packages/patches/tor-remove-defensive-assert.patch
@@ -0,0 +1,28 @@
+This patch removes a call to `tor_assert_nonfatal_unreached()` in
+`relay_key_is_unavailable_()` that is only called when Tor is compiled
+without relay support.
+
+Unfortunately, the non-fatal assertion causes a BUG log
+message to appear for clients when they start up without relay support
+for each CPU worker we spawn. This makes it spotting issues during
+bootstrap harder particularly for our iOS developers.
+
+Since the call sites to `get_master_identity_key()` handles `NULL`
+values already, we do not think this will be an issue later on.
+
+Reported by Benjamin Erhart (@tla) from Guardian Project.
+
+Fixes tpo/core/tor#40848.
+
+diff --git a/src/feature/relay/routerkeys.h
b/src/feature/relay/routerkeys.h
+index 7b6d80773c..b97615a9c9 100644
+--- a/src/feature/relay/routerkeys.h
++++ b/src/feature/relay/routerkeys.h
+@@ -53,7 +53,6 @@ void routerkeys_free_all(void);
+ static inline void *
+ relay_key_is_unavailable_(void)
+ {
+-  tor_assert_nonfatal_unreached();
+   return NULL;
+ }
+ #define relay_key_is_unavailable(type) \
diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
index 7fec88656f..44e62b63cc 100644
--- a/gnu/packages/tor.scm
+++ b/gnu/packages/tor.scm
@@ -63,18 +63,20 @@ (define-module (gnu packages tor)
 (define-public tor
   (package
     (name "tor")
-    (version "0.4.7.14")
+    (version "0.4.8.5")
     (source (origin
              (method url-fetch)
              (uri (string-append "https://dist.torproject.org/tor-"
                                  version ".tar.gz"))
              (sha256
               (base32
-               "1y2xwrji1rvk6h0k15705yra5s74h72h2g84x02zr0338vv6gb55"))))
+               "06g1awb4piqvgxa97pyswxgjzkpj8rx3iy2jbiaygvi99b8wymv9"))
+             (patches (search-patches
"tor-remove-defensive-assert.patch"))))
     (build-system gnu-build-system)
     (arguments
      (list #:configure-flags
-           #~(list "--enable-lzma"
+           #~(list "--enable-gpl"
+                   "--enable-lzma"
                    "--enable-zstd")
            #:phases
            #~(modify-phases %standard-phases
-- 
2.42.0

On Thu, 31 Aug 2023 at 03:10, André Batista <nandre@riseup.net> wrote:

> Hi Michael!
>
> The Tor Project has released v0.4.8.5, so I guess we can skip
> v0.4.8.4. Would you care to send a new version of your patch?
>
> Also, Tor v0.4.8.x has introduced a new PoW feature which is useful
> for Onion Service operators and users during those all too common
> DDoS attempts on the network. However, the feature is disabled by
> default because the code was GPL'd. So, in order to enable it for
> Guix users - whom I think won't have an issue with GPL code ;) -, you
> need to change the current package definition configure flags and add
> "--enable-gpl", otherwise we will be missing on this.
>
> Moreover, I'm running the tor-client package and have hit on core/tor
> issue #40848[1], since upgrading to v0.4.8.5. Apparently it's a
> pretty harmless bug assertion which Alexander Færøy solved [2] by
> just removing the bug assertion. Nonetheless, I think it's best if we
> also include that patch on Guix, otherwise there may be future
> repeated questions from guix users once they start seeing it show up
> on system logs.
>
> WDYT?
>
> Cheers!
>
> 1 - https://gitlab.torproject.org/tpo/core/tor/-/issues/40848
> 2 - https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/752
>

[-- Attachment #2: Type: text/html, Size: 6692 bytes --]

[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[André Batista]

Hi Michael,

sex 01 set 2023 às 10:31:43 (1693575103), fanquake@gmail.com enviou:
[...]
> diff --git a/gnu/packages/tor.scm b/gnu/packages/tor.scm
> index 7fec88656f..44e62b63cc 100644
> --- a/gnu/packages/tor.scm
> +++ b/gnu/packages/tor.scm
> @@ -63,18 +63,20 @@ (define-module (gnu packages tor)
>  (define-public tor
>    (package
>      (name "tor")
> -    (version "0.4.7.14")
> +    (version "0.4.8.5")
>      (source (origin
>               (method url-fetch)
>               (uri (string-append "https://dist.torproject.org/tor-"
>                                   version ".tar.gz"))
>               (sha256
>                (base32
> -               "1y2xwrji1rvk6h0k15705yra5s74h72h2g84x02zr0338vv6gb55"))))
> +               "06g1awb4piqvgxa97pyswxgjzkpj8rx3iy2jbiaygvi99b8wymv9"))
> +             (patches (search-patches
> "tor-remove-defensive-assert.patch"))))
>      (build-system gnu-build-system)
>      (arguments
>       (list #:configure-flags
> -           #~(list "--enable-lzma"
> +           #~(list "--enable-gpl"
> +                   "--enable-lzma"
>                     "--enable-zstd")
>             #:phases
>             #~(modify-phases %standard-phases

I'm sorry but I forgot to mention you should probably also update the
license field in order to refer to the license option. It seems to me
that the configure flag is a bit misleading, since the license is
LGPLv3[1][2], not GPL.

Other than that, it looks good to me, thank you! I do not have commit
rights, so let's wait for a Guix Maintainer to pick it up.

Cheers!

1 - https://gitlab.torproject.org/tpo/core/tor/-/blob/release-0.4.8/Makefile.am?ref_type=heads#L117
2 - https://gitlab.torproject.org/tpo/core/tor/-/blob/release-0.4.8/src/ext/equix/LICENSE?ref_type=heads

[bug#65489] [PATCH] gnu: tor: Update to 0.4.8.4.

[Ludovic Courtès]

Hi André,

André Batista <nandre@riseup.net> skribis:

> I'm sorry but I forgot to mention you should probably also update the
> license field in order to refer to the license option. It seems to me
> that the configure flag is a bit misleading, since the license is
> LGPLv3[1][2], not GPL.

However the flag is documented like this in ‘configure.ac’:

--8<---------------cut here---------------start------------->8---
AC_ARG_ENABLE(gpl,
  AS_HELP_STRING(--enable-gpl, [allow the inclusion of GPL-licensed code, building a version of tor and libtor covered by the GPL rather than its usual 3-clause BSD license]))
license_option=BSD
AS_IF([test "x$enable_gpl" = xyes],
  [
    AC_DEFINE(ENABLE_GPL, 1, [Defined if tor is building in GPL-licensed mode.])
    license_option=GPL
  ])
--8<---------------cut here---------------end--------------->8---

That said, although that’s unwritten, the ‘license’ field describes the
license of the package itself, not that of the combination with its
dependencies, so I’d leave it at ‘bsd-3’.

Thanks,
Ludo’.

bug#65489: [PATCH] gnu: tor: Update to 0.4.8.4.

[Ludovic Courtès]

Hi,

Michael Ford <fanquake@gmail.com> skribis:

>>From a7c754da51888f23755ba46904191bf16523fc17 Mon Sep 17 00:00:00 2001
> From: fanquake <fanquake@gmail.com>
> Date: Thu, 24 Aug 2023 09:47:33 +0100
> Subject: [PATCH] gnu: tor: Update to 0.4.8.5.
>
> * gnu/packages/tor.scm (tor): Update to 0.4.8.5.
> * gnu/packages/tor.scm (tor)[arguments]<#:configure-flags>:
> Add "--enable-gpl".
> * gnu/packages/patches/tor-remove-defensive-assert.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Register it.
> * gnu/packages/tor.scm (tor)[source]: Add patch to remove defensive
>   assert.

Applied, thanks!

Note that the patch got mangled on the way.  Please use ‘git send-email’
or make it an attachment next time.

Ludo’.