Update wip/tor-dev to version 0.4.0.4-rc.

[Alexander Nasonov <alnsn%yandex.ru@localhost>]

Module Name:	pkgsrc-wip
Committed By:	Alexander Nasonov <alnsn%yandex.ru@localhost>
Pushed By:	alnsn
Date:		Fri Apr 12 19:00:26 2019 +0100
Changeset:	3912c2a0b0f81997eed90c4b78a1086bf0a01541

Modified Files:
	tor-dev/Makefile
	tor-dev/distinfo

Log Message:
Update wip/tor-dev to version 0.4.0.4-rc.

Notable changes in version 0.4.0.4-rc - 2019-04-11
  Tor 0.4.0.4-rc is the first release candidate in its series; it fixes
  several bugs from earlier versions, including some that had affected
  stability, and one that prevented relays from working with NSS.

  o Major bugfixes (NSS, relay):
    - When running with NSS, disable TLS 1.2 ciphersuites that use
      SHA384 for their PRF. Due to an NSS bug, the TLS key exporters for
      these ciphersuites don't work -- which caused relays to fail to
      handshake with one another when these ciphersuites were enabled.
      Fixes bug 29241; bugfix on 0.3.5.1-alpha.

  o Minor features (bandwidth authority):
    - Make bandwidth authorities ignore relays that are reported in the
      bandwidth file with the flag "vote=0". This change allows us to
      report unmeasured relays for diagnostic reasons without including
      their bandwidth in the bandwidth authorities' vote. Closes
      ticket 29806.
    - When a directory authority is using a bandwidth file to obtain the
      bandwidth values that will be included in the next vote, serve
      this bandwidth file at /tor/status-vote/next/bandwidth. Closes
      ticket 21377.

  o Minor features (circuit padding):
    - Stop warning about undefined behavior in the probability
      distribution tests. Float division by zero may technically be
      undefined behavior in C, but it's well defined in IEEE 754.
      Partial backport of 29298. Closes ticket 29527; bugfix
      on 0.4.0.1-alpha.

  o Minor features (dormant mode):
    - Add a DormantCanceledByStartup option to tell Tor that it should
      treat a startup event as cancelling any previous dormant state.
      Integrators should use this option with caution: it should only be
      used if Tor is being started because of something that the user
      did, and not if Tor is being automatically started in the
      background. Closes ticket 29357.

  o Minor features (geoip):
    - Update geoip and geoip6 to the April 2 2019 Maxmind GeoLite2
      Country database. Closes ticket 29992.

  o Minor features (NSS, diagnostic):
    - Try to log an error from NSS (if there is any) and a more useful
      description of our situation if we are using NSS and a call to
      SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.

  o Minor bugfixes (security):
    - Fix a potential double free bug when reading huge bandwidth files.
      The issue is not exploitable in the current Tor network because
      the vulnerable code is only reached when directory authorities
      read bandwidth files, but bandwidth files come from a trusted
      source (usually the authorities themselves). Furthermore, the
      issue is only exploitable in rare (non-POSIX) 32-bit architectures,
      which are not used by any of the current authorities. Fixes bug
      30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by
      Tobias Stoeckmann.
    - Verify in more places that we are not about to create a buffer
      with more than INT_MAX bytes, to avoid possible OOB access in the
      event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and
      fixed by Tobias Stoeckmann.

  o Minor bugfixes (bootstrap reporting):
    - During bootstrap reporting, correctly distinguish pluggable
      transports from plain proxies. Fixes bug 28925; bugfix
      on 0.4.0.1-alpha.

  o Minor bugfixes (C correctness):
    - Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug
      29824; bugfix on 0.3.1.1-alpha. This is Coverity warning
      CID 1444119.

  o Minor bugfixes (circuitpadding testing):
    - Minor tweaks to avoid rare test failures related to timers and
      monotonic time. Fixes bug 29500; bugfix on 0.4.0.1-alpha.

  o Minor bugfixes (directory authorities):
    - Actually include the bandwidth-file-digest line in directory
      authority votes. Fixes bug 29959; bugfix on 0.4.0.2-alpha.

  o Minor bugfixes (pluggable transports):
    - Restore old behavior when it comes to discovering the path of a
      given Pluggable Transport executable file. A change in
      0.4.0.1-alpha had broken this behavior on paths containing a
      space. Fixes bug 29874; bugfix on 0.4.0.1-alpha.

  o Minor bugfixes (TLS protocol):
    - When classifying a client's selection of TLS ciphers, if the
      client ciphers are not yet available, do not cache the result.
      Previously, we had cached the unavailability of the cipher list
      and never looked again, which in turn led us to assume that the
      client only supported the ancient V1 link protocol. This, in turn,
      was causing Stem integration tests to stall in some cases. Fixes
      bug 30021; bugfix on 0.2.4.8-alpha.

  o Code simplification and refactoring:
    - Introduce a connection_dir_buf_add() helper function that detects
      whether compression is in use, and adds a string accordingly.
      Resolves issue 28816.
    - Refactor handle_get_next_bandwidth() to use
      connection_dir_buf_add(). Implements ticket 29897.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=3912c2a0b0f81997eed90c4b78a1086bf0a01541

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 tor-dev/Makefile | 7 ++++++-
 tor-dev/distinfo | 8 ++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diffs:
diff --git a/tor-dev/Makefile b/tor-dev/Makefile
index 07fb828a71..606882e5a8 100644
--- a/tor-dev/Makefile
+++ b/tor-dev/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD$
 
-DISTNAME=	tor-0.4.0.3-alpha
+DISTNAME=	tor-0.4.0.4-rc
 PKGNAME=	${DISTNAME:S/tor/tordev/:S/-alpha//:S/-rc/rc0/}
 CATEGORIES=	net security
 MASTER_SITES=	http://www.torproject.org/dist/
@@ -65,6 +65,11 @@ CHECK_PORTABILITY_SKIP+=	contrib/*
 CFLAGS+=		-c99
 .endif
 
+.PHONY: post-install-paxctl-AM:
+post-install: post-install-paxctl-AM
+post-install-paxctl-AM:
+	${PAXCTL} +AM ${DESTDIR}${PREFIX}/bin/tor-dev
+
 BUILDLINK_API_DEPENDS.libevent+= libevent>=2.0
 .include "../../devel/libevent/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
diff --git a/tor-dev/distinfo b/tor-dev/distinfo
index 3acebfe715..b0506fdf87 100644
--- a/tor-dev/distinfo
+++ b/tor-dev/distinfo
@@ -1,8 +1,8 @@
 $NetBSD$
 
-SHA1 (tor-0.4.0.3-alpha.tar.gz) = ca28fc5a0b0e31bfb0845c24143f3f44eb60ce60
-RMD160 (tor-0.4.0.3-alpha.tar.gz) = e03812fa8cc136100329f67a5ae47cc973cb3ae4
-SHA512 (tor-0.4.0.3-alpha.tar.gz) = 88a7380b6c674dc06ee5c7aaa9b4d444c8f771220e47c83fe27612659432c6cb8ac8dd79998e6c27b7815b77113478d475fa8c6ab9733d26bb261b143456f8ad
-Size (tor-0.4.0.3-alpha.tar.gz) = 7173481 bytes
+SHA1 (tor-0.4.0.4-rc.tar.gz) = 64ff9f888bb74d39f786ce05cea2959b4fba18a8
+RMD160 (tor-0.4.0.4-rc.tar.gz) = cbef1f0b5ce7737d305525a1fcaad48d83003a7f
+SHA512 (tor-0.4.0.4-rc.tar.gz) = 5389e87110824747cab4875414d95d2da3c3740dfd0a74a67d1bcb0b90a6ed76bc16c87dd51a3c93020376d927f07645a50fccba4123c56e83518fedbd508773
+Size (tor-0.4.0.4-rc.tar.gz) = 7193480 bytes
 SHA1 (patch-Makefile.in) = c190295f4702bd1e69531cab1ac61dbab451e48b
 SHA1 (patch-src_app_config_config.c) = bac106e382207cdf22c84a52b45c791de2bdf0f8