security/tor: Update 0.4.4.7 -> 0.4.5.6

Changelog: https://lists.torproject.org/pipermail/tor-announce/2021-February/000214.html
- contains major and minor bugfixes and new features.

Port options LTTNG,USDT,LOG_DEBUG backported from security/tor-devel.
LIB_DEPENDS is fixes in STATIC_TOR option.

Reported by:	upstream notification

3 files changed, 26 insertions, 73 deletions

diff --git a/security/tor/Makefile b/security/tor/Makefile
index ff869f4cc8c1..dffcae46aaec 100644
--- a/security/tor/Makefile
+++ b/security/tor/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	tor
-DISTVERSION=	0.4.4.7
+DISTVERSION=	0.4.5.6
 CATEGORIES=	security net
 MASTER_SITES=	TOR
 
@@ -23,13 +23,15 @@ CONFIGURE_ENV=	TOR_CPPFLAGS_libevent="-I${LOCALBASE}/include" \
 		TOR_LIBEVENT_LIBS="${TOR_LIBEVENT_LIBS}"
 
 OPTIONS_DEFINE=	MANPAGES DOCS STATIC_TOR TCMALLOC
-OPTIONS_GROUP=	COMPRESSION
-OPTIONS_GROUP_COMPRESSION=ZSTD LZMA
+OPTIONS_GROUP=	COMPRESSION TRACING
+OPTIONS_GROUP_COMPRESSION=	ZSTD LZMA
+OPTIONS_GROUP_TRACING=	LTTNG USDT LOG_DEBUG
 OPTIONS_DEFAULT=MANPAGES ZSTD LZMA
 OPTIONS_SUB=	yes
 STATIC_TOR_DESC=	Build a static tor
 TCMALLOC_DESC=		Use the tcmalloc memory allocation library
 COMPRESSION_DESC=	Supported compression libraries
+TRACING_DESC=		Tracing
 
 USE_RC_SUBR=	tor
 SUB_FILES=	pkg-message
@@ -44,10 +46,23 @@ CONFLICTS_INSTALL=	tor-devel
 STATIC_TOR_USES=	ssl:build
 STATIC_TOR_USES_OFF=	ssl
 
+# compression options
 ZSTD_CONFIGURE_ENABLE=		zstd
 ZSTD_CONFIGURE_ENV=TOR_ZSTD_LIBS="${TOR_ZSTD_LIBS}"
 LZMA_CONFIGURE_ENABLE=		lzma
 
+# tracing options
+LTTNG_DESC=			Build with LTTng-UST instrumentation
+LTTNG_USES=			localbase
+LTTNG_CONFIGURE_ENABLE=		tracing-instrumentation-lttng
+LTTNG_LIB_DEPENDS=		liblttng-ust.so:sysutils/lttng-ust
+USDT_DESC=			Build with tracing USDT instrumentation
+USDT_CONFIGURE_ENABLE=		tracing-instrumentation-usdt
+USDT_LIB_DEPENDS=		liblttng-ust.so:sysutils/lttng-ust
+USDT_BROKEN=			error: use of undeclared identifier 'tor_circuit': https://gitlab.torproject.org/tpo/core/tor/-/issues/40174#note_2714275
+LOG_DEBUG_DESC=			Build with tracing event to debug log
+LOG_DEBUG_CONFIGURE_ENABLE=	tracing-instrumentation-log-debug
+
 .include <bsd.port.options.mk>
 
 .if ${PORT_OPTIONS:MDOCS} || ${PORT_OPTIONS:MMANPAGES}
@@ -71,6 +86,7 @@ TOR_LIBEVENT_LIBS=	${LOCALBASE}/lib/libevent.a
 .  if ${PORT_OPTIONS:MZSTD}
 BUILD_DEPENDS+=		${LOCALBASE}/lib/libzstd.a:archivers/zstd
 TOR_ZSTD_LIBS=		${LOCALBASE}/lib/libzstd.a
+LDFLAGS+=		-lelf # needed by libexecinfo.a
 .  endif
 .else
 CONFIGURE_ARGS+=	--enable-linker-hardening
@@ -85,7 +101,8 @@ TOR_ZSTD_LIBS=		-lzstd
 .if ${PORT_OPTIONS:MTCMALLOC}
 CONFIGURE_ARGS+=	--with-malloc=tcmalloc
 .if ${PORT_OPTIONS:MSTATIC_TOR}
-BUILD_DEPENDS+=		${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools
+BUILD_DEPENDS+=		${LOCALBASE}/lib/libtcmalloc.a:devel/google-perftools # for static 'tor' executable
+RUN_DEPENDS+=		google-perftool>0:devel/google-perftools # for a still-dynamic 'tor-gencert' executable
 LDFLAGS+=		-lc++ -lm # required by libtcmalloc.a and isn't cocered by google-perftools' `pkg-config --libs libtcmalloc` output
 .else
 LIB_DEPENDS+=		libtcmalloc.so:devel/google-perftools
@@ -101,8 +118,8 @@ post-patch:
 		${WRKSRC}/configure
 	@${REINPLACE_CMD} -e 's|lib/tor|db/tor|' \
 		${WRKSRC}/src/config/torrc.*.in \
-		${WRKSRC}/doc/tor.1.* \
-		${WRKSRC}/doc/tor.html.in
+		${WRKSRC}/doc/man/tor.1.* \
+		${WRKSRC}/doc/man/tor.html.in
 
 post-install:
 	@${MKDIR} ${STAGEDIR}/var/log/tor ${STAGEDIR}/var/run/tor ${STAGEDIR}/var/db/tor
diff --git a/security/tor/distinfo b/security/tor/distinfo
index c7b93e12b4f6..4bdf567c3ca0 100644
--- a/security/tor/distinfo
+++ b/security/tor/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1612376430
-SHA256 (tor-0.4.4.7.tar.gz) = 326d2926177f0c7838cac213456d0056817d57f3f2e46714a2911c7d7a9b05ee
-SIZE (tor-0.4.4.7.tar.gz) = 7812645
+TIMESTAMP = 1613411993
+SHA256 (tor-0.4.5.6.tar.gz) = 22cba3794fedd5fa87afc1e512c6ce2c21bc20b4e1c6f8079d832dc1e545e733
+SIZE (tor-0.4.5.6.tar.gz) = 7926711
diff --git a/security/tor/files/patch-src_lib_crypt__ops_compat__openssl.h b/security/tor/files/patch-src_lib_crypt__ops_compat__openssl.h
deleted file mode 100644
index a50408babffe..000000000000
--- a/security/tor/files/patch-src_lib_crypt__ops_compat__openssl.h
+++ /dev/null
@@ -1,64 +0,0 @@
-- submitted by brnrd@ in PR#253486
-
-From b22568a54506e4b79b72530f89f21032e6435414 Mon Sep 17 00:00:00 2001
-From: Nick Mathewson <nickm@torproject.org>
-Date: Fri, 6 Nov 2020 10:29:28 -0500
-Subject: [PATCH] Rename OpenSSL_version_num() as defined in Tor
-
-This way, if we guess wrong about whether the library has it,
-we don't conflict with the library's headers.
-
-Fixes #40181; bug not in any released version.
----
- src/lib/crypt_ops/compat_openssl.h     | 3 ++-
- src/lib/crypt_ops/crypto_openssl_mgt.c | 2 +-
- src/lib/tls/tortls_openssl.c           | 2 +-
- 3 files changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/src/lib/crypt_ops/compat_openssl.h b/src/lib/crypt_ops/compat_openssl.h
-index c2e1459078..aa66e0c3fa 100644
---- src/lib/crypt_ops/compat_openssl.h.orig
-+++ src/lib/crypt_ops/compat_openssl.h
-@@ -34,7 +34,7 @@
- 
- #ifndef OPENSSL_1_1_API
- #define OpenSSL_version(v) SSLeay_version(v)
--#define OpenSSL_version_num() SSLeay()
-+#define tor_OpenSSL_version_num() SSLeay()
- #define RAND_OpenSSL() RAND_SSLeay()
- #define STATE_IS_SW_SERVER_HELLO(st)       \
-   (((st) == SSL3_ST_SW_SRVR_HELLO_A) ||    \
-@@ -42,6 +42,7 @@
- #define OSSL_HANDSHAKE_STATE int
- #define CONST_IF_OPENSSL_1_1_API
- #else /* defined(OPENSSL_1_1_API) */
-+#define tor_OpenSSL_version_num() OpenSSL_version_num()
- #define STATE_IS_SW_SERVER_HELLO(st) \
-   ((st) == TLS_ST_SW_SRVR_HELLO)
- #define CONST_IF_OPENSSL_1_1_API const
-diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
-index 065cbca1cc..e763491a11 100644
---- src/lib/crypt_ops/crypto_openssl_mgt.c.orig
-+++ src/lib/crypt_ops/crypto_openssl_mgt.c
-@@ -222,7 +222,7 @@ crypto_openssl_early_init(void)
- 
-     setup_openssl_threading();
- 
--    unsigned long version_num = OpenSSL_version_num();
-+    unsigned long version_num = tor_OpenSSL_version_num();
-     const char *version_str = crypto_openssl_get_version_str();
-     if (version_num == OPENSSL_VERSION_NUMBER &&
-         !strcmp(version_str, OPENSSL_VERSION_TEXT)) {
-diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c
-index 2269714141..ad9b49ab4f 100644
---- src/lib/tls/tortls_openssl.c.orig
-+++ src/lib/tls/tortls_openssl.c
-@@ -342,7 +342,7 @@ tor_tls_init(void)
- 
- #if (SIZEOF_VOID_P >= 8 &&                              \
-      OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1))
--    long version = OpenSSL_version_num();
-+    long version = tor_OpenSSL_version_num();
- 
-     /* LCOV_EXCL_START : we can't test these lines on the same machine */
-     if (version >= OPENSSL_V_SERIES(1,0,1)) {