net-vpn/tor: add 0.4.8.10

Bug: https://bugs.gentoo.org/919496
Signed-off-by: Federico Justus Denkena <federico.denkena@posteo.de>
Closes: https://github.com/gentoo/gentoo/pull/34188
Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 180 insertions, 0 deletions

diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest
index a8028b67d25b..34f03cb659f9 100644
--- a/net-vpn/tor/Manifest
+++ b/net-vpn/tor/Manifest
@@ -7,6 +7,9 @@ DIST tor-0.4.7.14.tar.gz.sha256sum.asc 1321 BLAKE2B 0ed3a4ab5c119f097367c2f2b88b
 DIST tor-0.4.7.16.tar.gz 8120424 BLAKE2B 59b7cf6b69cf552caac09ab000732bf6fa6cd5a171f00e86bea5a89ba9ce548e404fa7adb25d3aebed9f500b15ae2ca5272b07f61921f19bc5bc71b3f42a88e6 SHA512 4b1e08f158369dfd51f72a45b67fccb42095980c674e94c7a917f44996783296544b15ec1cbb7506f78d2a1473679326a128501d4341bb0251966770cf6a3d1b
 DIST tor-0.4.7.16.tar.gz.sha256sum 86 BLAKE2B 8468b7728bb47ee1e27b2895f264f1fbbb4e21a20532da76bf7b5de139b7d1c5307a9016159ee834b4f696f156acfb6f252c95d094e62480ce36a7414815cc71 SHA512 858bb461c4d7a10b32aa4088c5e75eaa6527211314bfa02197578dfb8837cc263abe06ea565a352e6255eb0b1c7c1b80807713b1906f52c2bf883b6c945345d2
 DIST tor-0.4.7.16.tar.gz.sha256sum.asc 716 BLAKE2B 108bf2ba3c5678da0be72e6816b3ebe981d56733ddae00bcc79ecae050753580df3da2c2aef179310efc426e7caa5e6df991ac9e4b87d4a7aaa53556e00fb8ce SHA512 9595dbedef35fabdd0b19bf055329580326447cefd269c21c8e73c9f65f2f02ec70fdf3431255b4b3356d3d82175c8a5c99d0368bf733c63d87d81ca9f7ce4a3
+DIST tor-0.4.8.10.tar.gz 8272740 BLAKE2B ef470664d85e019f6cac2366e934d5dc31b8ae92f121a2b4c8c95f8267abce5ce4413d30a24affa40a069d587212364ae5a7c3cd114488e50a535f01c54c6e77 SHA512 3827902541a0289ed1bfcae9bb0ac8bf8dee7bedacbfdf9c703bb38c3c586d1cfe5eeb20a477664e10a2b81b90a7fd5d623e556f3ee32aad4f8a9f828bc4dd83
+DIST tor-0.4.8.10.tar.gz.sha256sum 86 BLAKE2B 1410a5e7e486c7c33b6b217a53d250bc3e1d76c87e74ad29f6c6a67cbdacb3627521cc8936f7e8e8d72c3333078cede222d13c825b8d66df7c1d50721043f89e SHA512 853a88b75ecd195e6b155361c8321b575c5fd526f5d73da8b5de99ac875b2f22f2b8668f7c9a68a8e599170290041533345fd324dd56a0102d5cd5ddf8020461
+DIST tor-0.4.8.10.tar.gz.sha256sum.asc 716 BLAKE2B 0154ef1defa1a8227813ef3589f1fd4215f5bd305447fec1404f7950c0b89e6d9fcb6686900e4819d0f1a635d3b08e60cdc9c96a4f74e603185afb6eb1e29279 SHA512 aaeee664c9342a6cddaacfeea6e6974ce374d746153a28943dee1db3db48a8e08f36a076856358819cae8ea2f8b7d912d0e6dc2dc772465dba3283b553f43b91
 DIST tor-0.4.8.9.tar.gz 8266806 BLAKE2B a2d8cc8e60f162930d64d191af1893cb4060a8d98c16560c9ba30e0a9a0fd9cce2132573ca4db7b8b6e002f127f06b53fc5aea5fb6e8795c10f73671d14d9190 SHA512 b8c38368f80091d8dcf378d9a243952308f756902da23afe40df4f1bed30f0b274c2bd2abc47d80d6bc0b8939fd09dd19a4def4b91da1eeb55a4ee1687e2795b
 DIST tor-0.4.8.9.tar.gz.sha256sum 85 BLAKE2B 3972857f4aa008783fa3da9024e0853835c05655a083ab145fbc355f01d58c2fdd9be0eaa10a77b58ed5e6f804aacb286422f640c0b16e8387838f7aad0c9b58 SHA512 87b0813a90a61c061d81c81119d1827dbd7d48818319659af5d9536c7e551dab6750b6d813def230d6b7ffb573f81b48fc57e3afcca52ed5826ae60fb7f49c05
 DIST tor-0.4.8.9.tar.gz.sha256sum.asc 716 BLAKE2B 80d3118a01de55c6257324e526ab8191a7cde23e70b07f41fce0f4f426b8e97a237369c69ff3e6f5657d44c3a7aea62cde9243d9072de99369cb5434b1a177a7 SHA512 4ab4039c86e7118086237abb36442c9801d72d951626735b6d8d633feecccdca10222d48d29b18904dc04d6940f19b6717b3f3b3fbe3c8e942bafb17afe91c91
diff --git a/net-vpn/tor/tor-0.4.8.10.ebuild b/net-vpn/tor/tor-0.4.8.10.ebuild
new file mode 100644
index 000000000000..009e202668a5
--- /dev/null
+++ b/net-vpn/tor/tor-0.4.8.10.ebuild
@@ -0,0 +1,177 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/torproject.org.asc
+inherit edo python-any-r1 readme.gentoo-r1 systemd verify-sig
+
+MY_PV="$(ver_rs 4 -)"
+MY_PF="${PN}-${MY_PV}"
+DESCRIPTION="Anonymizing overlay network for TCP"
+HOMEPAGE="https://www.torproject.org/ https://gitlab.torproject.org/tpo/core/tor/"
+
+if [[ ${PV} == 9999 ]] ; then
+	EGIT_REPO_URI="https://gitlab.torproject.org/tpo/core/tor"
+	inherit autotools git-r3
+else
+	SRC_URI="
+		https://www.torproject.org/dist/${MY_PF}.tar.gz
+		https://archive.torproject.org/tor-package-archive/${MY_PF}.tar.gz
+		verify-sig? (
+			https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum
+			https://dist.torproject.org/${MY_PF}.tar.gz.sha256sum.asc
+		)
+	"
+
+	S="${WORKDIR}/${MY_PF}"
+
+	if [[ ${PV} != *_alpha* && ${PV} != *_beta* && ${PV} != *_rc* ]]; then
+		KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~ppc-macos"
+	fi
+
+	BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20230727 )"
+fi
+
+# BSD in general, but for PoW, needs --enable-gpl (GPL-3 per --version)
+# We also already had GPL-2 listed here for the init script, but obviously
+# that's different from the actual binary.
+LICENSE="BSD GPL-2 GPL-3"
+SLOT="0"
+IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening test zstd"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	>=dev-libs/libevent-2.1.12-r1:=[ssl]
+	dev-libs/openssl:=[-bindist(-)]
+	sys-libs/zlib
+	caps? ( sys-libs/libcap )
+	man? ( app-text/asciidoc )
+	lzma? ( app-arch/xz-utils )
+	scrypt? ( app-crypt/libscrypt )
+	seccomp? ( >=sys-libs/libseccomp-2.4.1 )
+	systemd? ( sys-apps/systemd:= )
+	zstd? ( app-arch/zstd:= )
+"
+RDEPEND="
+	acct-user/tor
+	acct-group/tor
+	${DEPEND}
+	selinux? ( sec-policy/selinux-tor )
+"
+DEPEND+="
+	test? (
+		${DEPEND}
+		${PYTHON_DEPS}
+	)
+"
+
+DOCS=()
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.2.7.4-torrc.sample.patch
+)
+
+pkg_setup() {
+	use test && python-any-r1_pkg_setup
+}
+
+src_unpack() {
+	if [[ ${PV} == 9999 ]] ; then
+		git-r3_src_unpack
+	else
+		if use verify-sig; then
+			cd "${DISTDIR}" || die
+			verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc}
+			verify-sig_verify_unsigned_checksums \
+				${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz
+			cd "${WORKDIR}" || die
+		fi
+
+		default
+	fi
+}
+
+src_prepare() {
+	default
+
+	# Running shellcheck automagically isn't useful for ebuild testing.
+	echo "exit 0" > scripts/maint/checkShellScripts.sh || die
+
+	if [[ ${PV} == 9999 ]] ; then
+		eautoreconf
+	fi
+}
+
+src_configure() {
+	use doc && DOCS+=( README.md ChangeLog ReleaseNotes doc/HACKING )
+
+	export ac_cv_lib_cap_cap_init=$(usex caps)
+	export tor_cv_PYTHON="${EPYTHON}"
+
+	local myeconfargs=(
+		--localstatedir="${EPREFIX}/var"
+		--disable-all-bugs-are-fatal
+		--enable-system-torrc
+		--disable-android
+		--disable-coverage
+		--disable-html-manual
+		--disable-libfuzzer
+		--enable-missing-doc-warnings
+		--disable-module-dirauth
+		--enable-pic
+		--disable-restart-debugging
+
+		# Unless someone asks & has a compelling reason, just always
+		# build in GPL mode for pow, given we don't want yet another USE
+		# flag combination to have to test just for the sake of it.
+		# (PoW requires GPL.)
+		--enable-gpl
+		--enable-module-pow
+
+		$(use_enable man asciidoc)
+		$(use_enable man manpage)
+		$(use_enable lzma)
+		$(use_enable scrypt libscrypt)
+		$(use_enable seccomp)
+		$(use_enable server module-relay)
+		$(use_enable systemd)
+		$(use_enable tor-hardening gcc-hardening)
+		$(use_enable tor-hardening linker-hardening)
+		$(use_enable test unittests)
+		$(use_enable zstd)
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_test() {
+	local skip_tests=(
+		# Fails in sandbox
+		:sandbox/open_filename
+		:sandbox/openat_filename
+	)
+
+	# The makefile runs these by parallel by chunking them with a script
+	# but that means we lose verbosity and can't skip individual tests easily
+	# either.
+	edo ./src/test/test --verbose "${skip_tests[@]}"
+}
+
+src_install() {
+	default
+	readme.gentoo_create_doc
+
+	newconfd "${FILESDIR}"/tor.confd tor
+	newinitd "${FILESDIR}"/tor.initd-r9 tor
+	systemd_dounit "${FILESDIR}"/tor.service
+
+	keepdir /var/lib/tor
+
+	fperms 750 /var/lib/tor
+	fowners tor:tor /var/lib/tor
+
+	insinto /etc/tor/
+	newins "${FILESDIR}"/torrc-r2 torrc
+}