Feature #9147: Build Tor 0.2.6.6 with seccomp

Feature #9147

Build Tor 0.2.6.6 with seccomp

Added by intrigeri 2015-04-01 14:41:49 . Updated 2015-04-01 17:44:20 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Tails_1.4

Start date:

2015-04-01

Due date:

% Done:

100%

Feature Branch:

feature/8925-tor-0.2.6

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

In feature/8925-tor-0.2.6, we’re using Tor 0.2.6 from the Tor Project’s experimental repository. Before merging, we should instead build our own Tor, with seccomp enabled.

Subtasks

History

#1 Updated by anonym 2015-04-01 16:55:42

Status changed from Confirmed to In Progress
Assignee changed from intrigeri to anonym
% Done changed from 0 to 20

I get this build error:

To make it build. Otherwise I got:

gcc -std=gnu99 -DHAVE_CONFIG_H -I. -I..  -I../src/ext -Isrc/ext -I../src/ext/trunnel -I../src/trunnel -I../src/common -Isrc/common -I../src/ext/trunnel -I../src/trunnel -I../src/or -Isrc/or -DSHARE_DATADIR="\"/usr/share\"" -DLOCALSTATEDIR="\"/var\"" -DBINDIR="\"/usr/bin\"" -I../src/common     -g -O2 -D_FORTIFY_SOURCE=2 -fstack-protector-all -Wstack-protector -fwrapv --param ssp-buffer-size=1 -fPIE -fasynchronous-unwind-tables -Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls -Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self -Wmissing-field-initializers -Wold-style-definition -Waddress -Wmissing-noreturn -Wstrict-overflow=1 -Wnormalized=id -Woverride-init -Wextra -Warray-bounds -Wlogical-op -c -o src/common/sandbox.o ../src/common/sandbox.c
../src/common/sandbox.c: In function 'sb_getsockopt':
../src/common/sandbox.c:662:8: error: 'IP6T_SO_ORIGINAL_DST' undeclared (first use in this function)
../src/common/sandbox.c:662:8: note: each undeclared identifier is reported only once for each function it appears in
make[2]: *** [src/common/sandbox.o] Error 1
make[2]: Leaving directory `/tmp/buildd/tor-0.2.6.6/build'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/tmp/buildd/tor-0.2.6.6/build'
dh_auto_build: make -j1 returned exit code 2
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2

To fix it I had to add a build dependency on linux-libc-dev (>= 3.16.7-ckt4-3~bpo70+1), i.e. apply:

--- tor-0.2.6.6.orig/debian/control      2015-04-01 17:07:00.000000000 +0200
+++ tor-0.2.6.6/debian/control  2015-04-01 18:47:35.517704332 +0200
@@ -2,7 +2,7 @@
 Section: net
 Priority: optional
 Maintainer: Peter Palfrader <weasel@debian.org>
-Build-Depends: debhelper (>= 8.1.0~), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev [amd64 i386]
+Build-Depends: debhelper (>= 8.1.0~), quilt, libssl-dev, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor, libseccomp-dev, linux-libc-dev (>= 3.16.7-ckt4-3~bpo70+1) [amd64 i386]
 Build-Conflicts: libnacl-dev, libseccomp-dev [!amd64 !i386]
 Standards-Version: 3.9.4
 Homepage: https://www.torproject.org/

Gonna check if it breaks any thing in Tails…

#2 Updated by anonym 2015-04-01 17:44:21

Status changed from In Progress to Resolved
Assignee deleted (~~anonym~~)
% Done changed from 20 to 100

It seems to work just fine. Packages are uploaded to feature/8925-tor-0.2.6’s APT suite, and I pushed a fix to the building instructions to apply my fix.