File tor.spec of Package tor

#
# spec file for package tor
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


%define with_systemd 0%{?suse_version} > 1140
%define with_systemd_notifications 0%{?suse_version} > 1310
%define with_upnp 0%{?suse_version} >= 1220 && 0%{?suse_version} != 1315
%define toruser %{name}
%define torgroup %{name}
%define home_dir %{_localstatedir}/lib/empty
%bcond_with bufferevents
Name:           tor
Version:        0.2.6.10
Release:        0
Summary:        Anonymizing overlay network for TCP (The onion router)
License:        BSD-3-Clause
Group:          Productivity/Networking/Security
Url:            https://www.torproject.org/
Source0:        https://www.torproject.org/dist/%{name}-%{version}.tar.gz
Source1:        https://www.torproject.org/dist/%{name}-%{version}.tar.gz.asc
# https://www.torproject.org/docs/signing-keys.html.en
Source2:        tor.keyring
Source3:        tor.service
Source4:        tor.tmpfiles
Source5:        tor.firewall
Patch0:         tor-0.2.5.x-logrotate.patch
Patch1:         tor-0.2.6.10-malformed-hostname-safe-logging.patch
BuildRequires:  openssl-devel
BuildRequires:  pwdutils
BuildRequires:  python-base
Requires:       logrotate
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
PreReq(post):	%fillup_prereq
%if %{with_upnp}
BuildRequires:  libminiupnpc-devel
%endif
#
%if %{with bufferevents}
BuildRequires:  pkgconfig(libevent) >= 2.0.13
%endif # with bufferevents
%if %{?suse_version} > 1210
BuildRequires:  pkgconfig(libevent)
%else
BuildRequires:  libevent-devel
%endif
%if 0%{with_systemd}
BuildRequires:  pkgconfig(systemd)
%{?systemd_requires}
%endif
%if 0%{with_systemd_notifications}
BuildRequires:  pkg-config >= 0.9.0
BuildRequires:  systemd-devel >= 209
%endif
#

%description
Tor is a connection-based low-latency anonymous communication system.

This package provides the "tor" program, which serves as both a client and
a relay node. Scripts will automatically create a "%{toruser}" user and
a "%{torgroup}" group, and set tor up to run as a daemon when the system
is rebooted.

Applications connect to the local Tor proxy using the SOCKS
protocol. The tor client chooses a path through a set of relays, in
which each relay knows its predecessor and successor, but no
others. Traffic flowing down the circuit is unwrapped by a symmetric
key at each relay, which reveals the downstream relay.

Warnings: Tor does no protocol cleaning.  That means there is a danger
that application protocols and associated programs can be induced to
reveal information about the initiator. Tor depends on Privoxy or
similar protocol cleaners to solve this problem. This is alpha code,
and is even more likely than released code to have anonymity-spoiling
bugs. The present network is small -- this further reduces the
strength of the anonymity provided. Tor is not presently suitable
for high-stakes anonymity.

%prep
%setup -q
%patch0 -p1
%patch1 -p1

%build
%configure \
	--with-tor-user=%{toruser} \
	--with-tor-group=%{torgroup} \
%if %{with_upnp}
	--enable-upnp \
%endif
%if %{with bufferevents}
	--enable-bufferevents \
%endif
%if 0%{with_systemd_notifications}
	--enable-systemd \
%endif
	--enable-unittests \
	--enable-gcc-warnings \
	--enable-gcc-warnings-advisory \
	--docdir=%{_docdir}/%{name}

make %{?_smp_mflags}

%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}

# missing dirs
install -d -m 700 \
        %{buildroot}%{_localstatedir}/lib/%{name} \
        %{buildroot}%{_localstatedir}/tmp/%{name}

install -d -m 755 \
        %{buildroot}%{_localstatedir}/log/%{name} \
        %{buildroot}/%{_sbindir}

%if 0%{?with_systemd}
install -m 644 -D %{SOURCE3} %{buildroot}/%{_unitdir}/%{name}.service
install -d -m 0755 %{buildroot}%{_libexecdir}/tmpfiles.d/
install -m 0644 %{SOURCE4} %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf
ln -s -f service %{buildroot}%{_sbindir}/rc%{name}
%else
# init script
install -D -m 755 contrib/dist/suse/tor.sh %{buildroot}/%{_initddir}/%{name}
ln -s -f ../..%{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}
%endif

# firewall config
install -m 644 -D %{SOURCE5} %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}

# control script
install -p -m 755 contrib/dist/torctl %{buildroot}/%{_bindir}

# sample config files
install -p -m 644 -D src/config/torrc.{sample,minimal} %{buildroot}/%{_sysconfdir}/%{name}
install -p -m 644 src/config/torrc.minimal %{buildroot}/%{_sysconfdir}/%{name}/torrc

# logrotate conf
sed -i -e "s|_tor|tor|g" contrib/operator-tools/tor.logrotate
install -D -m 644 contrib/operator-tools/tor.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}

%check
make %{?_smp_mflags} check

%pre
getent group %{torgroup} >/dev/null || groupadd -r %{torgroup}
getent passwd %{toruser} >/dev/null || useradd -r -g %{torgroup} -d %{home_dir} -s /sbin/false -c "User to ru %{name}" %{toruser}
%if 0%{?with_systemd}
%service_add_pre tor.service
%endif

%post
%if 0%{?with_systemd}
%fillup_only
%service_add_post tor.service
systemd-tmpfiles --create %{_libexecdir}/tmpfiles.d/tor.conf
%else
%fillup_and_insserv tor
%endif

%preun
%if 0%{?with_systemd}
%service_del_preun tor.service
%else
%stop_on_removal tor
%endif

%postun
%if 0%{?with_systemd}
%service_del_postun tor.service
%else
%insserv_cleanup
%restart_on_update tor
%endif

%files
%defattr(-,root,root)
%doc LICENSE README ChangeLog doc/HACKING doc/*.html
%{_mandir}/man*/*
%{_bindir}/%{name}
%{_bindir}/%{name}ctl
%{_bindir}/%{name}ify
%{_bindir}/%{name}-gencert
%{_bindir}/%{name}-resolve
%if %{with_upnp}
%{_bindir}/%{name}-fw-helper
%endif
%dir %{_datadir}/%{name}
%{_datadir}/%{name}/geoip*
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}
%dir %attr(0755,root,%{torgroup}) %{_sysconfdir}/%{name}
%config(noreplace) %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/torrc
%config %attr(0644,root,%{torgroup}) %{_sysconfdir}/%{name}/torrc.*
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
%attr(0700,%{toruser},%{torgroup}) %dir %{_localstatedir}/lib/%{name}
%attr(0750,%{toruser},%{torgroup}) %dir %{_localstatedir}/log/%{name}
%if 0%{?with_systemd}
%{_unitdir}/%{name}.service
%{_libexecdir}/tmpfiles.d/%{name}.conf
%else
%config %{_initddir}/%{name}
%endif
%{_sbindir}/rc%{name}

%changelog