Add experimental Tor support to base libreCMC

Pulled in libcap and tor from upstream master.

package/libs/libcap/Makefile

@@ -0,0 +1,58 @@
+#
+# Copyright (C) 2011 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libcap
+PKG_VERSION:=2.25
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
+PKG_SOURCE_URL:=@KERNEL/linux/libs/security/linux-privs/libcap2
+PKG_HASH:=693c8ac51e983ee678205571ef272439d83afe62dd8e424ea14ad9790bc35162
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=License
+PKG_MAINTAINER:=Paul Wassi <p.wassi@gmx.at>
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+define Package/libcap
+  TITLE:=Linux capabilities library
+  SECTION:=libs
+  CATEGORY:=Libraries
+  URL:=http://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/
+endef
+
+MAKE_FLAGS += \
+    CFLAGS="$(TARGET_CFLAGS)" \
+    BUILD_CC="$(CC)" \
+    BUILD_CFLAGS="$(FPIC) -I$(PKG_BUILD_DIR)/libcap/include" \
+    CFLAGS="$(TARGET_CFLAGS)" \
+    LD="$(TARGET_CC)" \
+    LDFLAGS="$(TARGET_LDFLAGS) -shared" \
+    INDENT="| true" \
+    PAM_CAP="no" \
+    RAISE_SETFCAP="no" \
+    DYNAMIC="yes" \
+    lib="lib"
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(1)/usr/include/sys
+	$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
+	$(INSTALL_DIR) $(1)/usr/lib/
+	$(CP) $(PKG_INSTALL_DIR)/lib/* $(1)/usr/lib/
+endef
+
+define Package/libcap/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/lib/libcap.so* $(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libcap))

package/libs/libcap/patches/100-portability.patch

@@ -0,0 +1,19 @@
+--- a/libcap/_makenames.c
++++ b/libcap/_makenames.c
+@@ -7,7 +7,6 @@
+ 
+ #include <stdio.h>
+ #include <stdlib.h>
+-#include <sys/capability.h>
+ 
+ /*
+  * #include 'sed' generated array
+@@ -22,7 +21,7 @@ struct {
+ };
+ 
+ /* this should be more than big enough (factor of three at least) */
+-const char *pointers[8*sizeof(struct __user_cap_data_struct)];
++const char *pointers[8*12];
+ 
+ int main(void)
+ {

package/network/services/tor/Makefile

@@ -0,0 +1,145 @@
+#
+# Copyright (C) 2008-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tor
+PKG_VERSION:=0.3.2.9
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://dist.torproject.org/ \
+	https://archive.torproject.org/tor-package-archive
+PKG_HASH:=435a7b91aa98d8b1a0ac1f60ca30c0ff3665b18a02e570bab5fe27935829160f
+PKG_MAINTAINER:=Hauke Mehrtens <hauke@hauke-m.de>
+PKG_LICENSE_FILES:=LICENSE
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tor/Default
+  SECTION:=net
+  CATEGORY:=Network
+  URL:=https://www.torproject.org/
+  USERID:=tor=52:tor=52
+endef
+
+define Package/tor/Default/description
+ Tor is a toolset for a wide range of organizations and people that want to
+ improve their safety and security on the Internet. Using Tor can help you
+ anonymize web browsing and publishing, instant messaging, IRC, SSH, and
+ more. Tor also provides a platform on which software developers can build
+ new applications with built-in anonymity, safety, and privacy features.
+endef
+
+define Package/tor
+$(call Package/tor/Default)
+  TITLE:=An anonymous Internet communication system
+  DEPENDS:=+libevent2 +libopenssl +libpthread +librt +zlib +libcap
+endef
+
+define Package/tor/description
+$(call Package/tor/Default/description)
+ This package contains the tor daemon.
+endef
+
+define Package/tor-gencert
+$(call Package/tor/Default)
+  TITLE:=Tor certificate generation
+  DEPENDS:=+tor
+endef
+
+define Package/tor-gencert/description
+$(call Package/tor/Default/description)
+ Generate certs and keys for Tor directory authorities
+endef
+
+define Package/tor-resolve
+$(call Package/tor/Default)
+  TITLE:=tor hostname resolve
+  DEPENDS:=+tor
+endef
+
+define Package/tor-resolve/description
+$(call Package/tor/Default/description)
+ Resolve a hostname to an IP address via tor 
+endef
+
+define Package/tor-geoip
+$(call Package/tor/Default)
+  TITLE:=GeoIP db for tor
+  DEPENDS:=+tor
+endef
+
+define Package/tor-geoip/description
+$(call Package/tor/Default/description)
+ This package contains a GeoIP database mapping IP addresses to countries.
+endef
+
+define Package/tor/conffiles
+/etc/tor/torrc
+/var/lib/tor/fingerprint
+/var/lib/tor/keys/*
+endef
+
+CONFIGURE_ARGS += \
+	--with-libevent-dir="$(STAGING_DIR)/usr" \
+	--with-ssl-dir="$(STAGING_DIR)/usr" \
+	--with-openssl-dir="$(STAGING_DIR)/usr" \
+	--with-zlib-dir="$(STAGING_DIR)/usr" \
+	--disable-asciidoc \
+	--disable-seccomp \
+	--disable-libscrypt \
+	--disable-unittests \
+	--disable-largefile \
+	--disable-lzma \
+	--with-tor-user=tor \
+	--with-tor-group=tor
+
+EXTRA_CFLAGS += -std=gnu99
+
+ifneq ($(CONFIG_SSP_SUPPORT),y)
+	CONFIGURE_ARGS += \
+		--disable-gcc-hardening
+else
+	EXTRA_CFLAGS += -fPIC
+endif
+
+CONFIGURE_VARS += \
+	CROSS_COMPILE="yes"
+
+define Package/tor/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/torify $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/tor.init $(1)/etc/init.d/tor
+	$(INSTALL_DIR) $(1)/etc/tor
+	$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/tor/torrc.sample $(1)/etc/tor/torrc
+endef
+
+define Package/tor-gencert/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-gencert $(1)/usr/sbin/
+endef
+
+define Package/tor-resolve/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/tor-resolve $(1)/usr/sbin/
+endef
+
+define Package/tor-geoip/install
+	$(INSTALL_DIR) $(1)/usr/share/tor
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip $(1)/usr/share/tor/
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/tor/geoip6 $(1)/usr/share/tor/
+endef
+
+$(eval $(call BuildPackage,tor))
+$(eval $(call BuildPackage,tor-gencert))
+$(eval $(call BuildPackage,tor-resolve))
+$(eval $(call BuildPackage,tor-geoip))

package/network/services/tor/files/tor.init

@@ -0,0 +1,26 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2006-2011 OpenWrt.org
+
+START=50
+STOP=50
+
+USE_PROCD=1
+
+start_service() {
+	[ -f /var/run/tor.pid ] || {
+		touch /var/run/tor.pid
+		chown tor:tor /var/run/tor.pid
+	}
+	[ -d /var/lib/tor ] || {
+		mkdir -m 0755 -p /var/lib/tor
+		chmod 0700 /var/lib/tor
+		chown tor:tor /var/lib/tor
+	}
+	[ -d /var/log/tor ] || {
+		mkdir -m 0755 -p /var/log/tor
+		chown tor:tor /var/log/tor
+	}
+	procd_open_instance
+	procd_set_param command /usr/sbin/tor --runasdaemon 0
+	procd_close_instance
+}

package/network/services/tor/patches/001-torrc.patch

@@ -0,0 +1,25 @@
+--- a/src/config/torrc.sample.in
++++ b/src/config/torrc.sample.in
+@@ -39,7 +39,7 @@
+ ## Send every possible message to @LOCALSTATEDIR@/log/tor/debug.log
+ #Log debug file @LOCALSTATEDIR@/log/tor/debug.log
+ ## Use the system log instead of Tor's logfiles
+-#Log notice syslog
++Log notice syslog
+ ## To send all messages to stderr:
+ #Log debug stderr
+ 
+@@ -50,7 +50,7 @@
+ 
+ ## The directory for keeping all the keys/etc. By default, we store
+ ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+-#DataDirectory @LOCALSTATEDIR@/lib/tor
++DataDirectory @LOCALSTATEDIR@/lib/tor
+ 
+ ## The port on which Tor will listen for local connections from Tor
+ ## controller applications, as documented in control-spec.txt.
+@@ -227,3 +227,4 @@
+ #%include /etc/torrc.d/
+ #%include /etc/torrc.custom
+ 
++User tor