[Lunar-commits] r22672 - in moonbase/trunk/compilers: . php php5 php5-suhosin
striker
striker at lunar-linux.org
Wed Dec 20 00:05:43 CET 2006
Author: striker
Date: 2006-12-20 00:05:43 +0100 (Wed, 20 Dec 2006)
New Revision: 22672
Added:
moonbase/trunk/compilers/php5-suhosin/
moonbase/trunk/compilers/php5-suhosin/BUILD
moonbase/trunk/compilers/php5-suhosin/CONFIGURE
moonbase/trunk/compilers/php5-suhosin/CONFLICTS
moonbase/trunk/compilers/php5-suhosin/DEPENDS
moonbase/trunk/compilers/php5-suhosin/DETAILS
moonbase/trunk/compilers/php5-suhosin/POST_INSTALL
moonbase/trunk/compilers/php5-suhosin/POST_REMOVE
moonbase/trunk/compilers/php5-suhosin/PRE_BUILD
Modified:
moonbase/trunk/compilers/php/CONFLICTS
moonbase/trunk/compilers/php/POST_REMOVE
moonbase/trunk/compilers/php5/CONFLICTS
moonbase/trunk/compilers/php5/POST_REMOVE
Log:
- Adding php5-suhosin, a hardened-php.net patchset for PHP
- Adjusting conflicts for php, php5
- Added POST_REMOVE case for apache2
Modified: moonbase/trunk/compilers/php/CONFLICTS
===================================================================
--- moonbase/trunk/compilers/php/CONFLICTS 2006-12-19 20:37:09 UTC (rev 22671)
+++ moonbase/trunk/compilers/php/CONFLICTS 2006-12-19 23:05:43 UTC (rev 22672)
@@ -1 +1,3 @@
-conflicts php5
+conflicts php5 &&
+conflicts php5-suhosin
+
Modified: moonbase/trunk/compilers/php/POST_REMOVE
===================================================================
--- moonbase/trunk/compilers/php/POST_REMOVE 2006-12-19 20:37:09 UTC (rev 22671)
+++ moonbase/trunk/compilers/php/POST_REMOVE 2006-12-19 23:05:43 UTC (rev 22672)
@@ -14,4 +14,12 @@
rm -f /tmp/httpd.conf
/etc/init.d/apache_modssl.sh restart
+elif module_installed apache2; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php4_module" /tmp/httpd.conf |
+ grep -v "AddType application/x-httpd-php" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
fi
Modified: moonbase/trunk/compilers/php5/CONFLICTS
===================================================================
--- moonbase/trunk/compilers/php5/CONFLICTS 2006-12-19 20:37:09 UTC (rev 22671)
+++ moonbase/trunk/compilers/php5/CONFLICTS 2006-12-19 23:05:43 UTC (rev 22672)
@@ -1 +1,3 @@
-conflicts php
+conflicts php &&
+conflicts php5-suhosin
+
Modified: moonbase/trunk/compilers/php5/POST_REMOVE
===================================================================
--- moonbase/trunk/compilers/php5/POST_REMOVE 2006-12-19 20:37:09 UTC (rev 22671)
+++ moonbase/trunk/compilers/php5/POST_REMOVE 2006-12-19 23:05:43 UTC (rev 22672)
@@ -14,4 +14,13 @@
rm -f /tmp/httpd.conf
/etc/init.d/apache_modssl.sh restart
+elif module_installed apache2; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddType application/x-httpd-php" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
fi
+
Added: moonbase/trunk/compilers/php5-suhosin/BUILD
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/BUILD (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/BUILD 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,82 @@
+(
+
+ if [ "$USE_PATCH" == "y" ]; then
+ patch_it $SOURCE4 1
+ fi &&
+
+ ./buildconf --force &&
+
+ if [ "$USE_IMAP" == "y" ]; then
+ unpack $SOURCE2
+ make -C imap-${IMAP_VERSION} slx SPECIALS="SSLDIR=/etc/ssl SSLINCLUDE=/usr/include SSLLIB=/usr/lib"
+ OPTS="$OPTS --with-imap=imap-${IMAP_VERSION}"
+ fi &&
+
+ if [ "$USE_REGGLOBALS" == "y" ]; then
+ OPTS="$OPTS "
+ fi &&
+
+ if [ "$USE_FTP" == "y" ]; then
+ OPTS="$OPTS --enable-ftp"
+ fi &&
+
+ if [ "$USE_SESSIONID" == "y" ]; then
+ OPTS="$OPTS --enable-trans-sid"
+ fi &&
+
+ if [ "$USE_SQLITE" == "y" ]; then
+ OPTS="$OPTS --enable-sqlite-utf8"
+ fi &&
+
+ if [ "$USE_SOCKETS" == "y" ]; then
+ OPTS="$OPTS --enable-sockets"
+ fi &&
+
+ if [ "$USE_NCURSES" == "y" ]; then
+ OPTS="$OPTS --with-ncurses"
+ fi &&
+
+ if [ "$USE_FASTCGI" == "y" ]; then
+ OPTS="$OPTS --enable-fastcgi"
+ fi &&
+
+ if [ "$USE_MBYTESTR" == "y" ]; then
+ OPTS="$OPTS --enable-mbstring"
+ fi &&
+
+ if [ "$USE_MBYTEREGEX" == "n" ]; then
+ OPTS="$OPTS --disable-mbregex"
+ fi &&
+
+ if module_installed apache || module_installed apache-mod_ssl ; then
+ OPTS="$OPTS --with-apxs=/usr/sbin/apxs"
+ elif module_installed apache2 ; then
+ OPTS="$OPTS --with-apxs2=/usr/sbin/apxs"
+ fi &&
+
+ if [ -s /etc/httpsd/httpd.conf ] ; then
+ cp /etc/httpsd/httpd.conf /etc/httpsd/httpd.conf.`date +%Y%m%d`
+ fi &&
+
+ if [ -s /etc/httpd/httpd.conf ] ; then
+ cp /etc/httpd/httpd.conf /etc/httpd/httpd.conf.`date +%Y%m%d`
+ fi &&
+
+ # sedit "s:^:#include <errno.h>\n:" ext/mysql/libmysql/mysys_err.h &&
+
+ verbose_msg "OPTS=$OPTS" &&
+ ./configure --prefix=/usr \
+ --sysconfdir=/etc \
+ --with-config-file-path=/etc \
+ --enable-suhosin \
+ --enable-dbase \
+ --enable-dbx \
+ --enable-dio \
+ --with-readline \
+ --with-zlib=/usr \
+ --enable-force-cgi-redirect \
+ --enable-discard-path \
+ $OPTS &&
+ default_make
+
+) > $C_FIFO 2>&1
Added: moonbase/trunk/compilers/php5-suhosin/CONFIGURE
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/CONFIGURE (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/CONFIGURE 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,13 @@
+mquery USE_PATCH "[SUHOSIN] Do you want to use the PHP core patch?" y
+mquery USE_IMAP "Install imap support?" y
+mquery USE_REGGLOBALS "Enable global variable support (potential security risk)?" n
+mquery USE_FTP "Install ftp support?" y
+mquery USE_SESSIONID "Enable transparent session id?" y
+mquery USE_SQLITE "Enable UTF-8 support for SQLite?" y
+mquery USE_SOCKETS "Enable sockets support (experimental)?" y
+mquery USE_NCURSES "Enable ncurses support (experimental)?" y
+if module_installed lighttpd; then
+ mquery USE_FASTCGI "Build FastCGI version (required by lighttpd)?" y
+fi
+mquery USE_MBYTESTR "Enable multibyte string support?" n
+mquery USE_MBYTEREGEX "Enable multibyte regular expression functions?" n
Added: moonbase/trunk/compilers/php5-suhosin/CONFLICTS
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/CONFLICTS (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/CONFLICTS 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,3 @@
+conflicts php &&
+conflicts php5
+
Added: moonbase/trunk/compilers/php5-suhosin/DEPENDS
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/DEPENDS (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/DEPENDS 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,105 @@
+depends readline &&
+depends libxml2 &&
+
+optional_depends "aspell" \
+ "--with-pspell" \
+ "" \
+ "for spelling functions" &&
+
+optional_depends "mhash" \
+ "--with-mhash" \
+ "" \
+ "for hash functions support" &&
+
+optional_depends "mcrypt" \
+ "--with-mcrypt" \
+ "" \
+ "for crypto library" &&
+
+optional_depends "gmp" \
+ "--with-gmp" \
+ "" \
+ "GNU math lib support" &&
+
+optional_depends "openssl" \
+ "--with-openssl" \
+ "" \
+ "for OpenSSL support" &&
+
+optional_depends "gettext" \
+ "--with-gettext" \
+ "" \
+ "for GNU gettext support" &&
+
+optional_depends "db" \
+ "--with-db4" \
+ "" \
+ "for Berkeley DB4 support" &&
+
+optional_depends "gdbm" \
+ "--with-gdbm" \
+ "" \
+ "for GNU dbm support" &&
+
+optional_depends "sqlite" \
+ "--with-pdo-sqlite=/usr" \
+ "" \
+ "for PDO SQLite support" &&
+
+optional_depends "postgresql" \
+ "--with-pgsql=/usr" \
+ "" \
+ "for Postgresql support" &&
+
+optional_depends "mysql" \
+ "--with-mysql=/usr" \
+ "" \
+ "for native MySQL support" &&
+
+optional_depends "freetds" \
+ "--with-sybase=/usr" \
+ "" \
+ "for SyBase support" &&
+
+optional_depends "freetype2" \
+ "--with-freetype-dir=/usr" \
+ "" \
+ "for freetype2 support" &&
+
+optional_depends "pdflib" \
+ "--with-pdflib" \
+ "" \
+ "for pdflib support" &&
+
+optional_depends "gd" \
+ "--with-gd \
+ --enable-gd-native-ttf \
+ --with-jpeg-dir=/usr \
+ --with-png-dir=/usr" \
+ "" \
+ "for on the fly graphics" &&
+
+optional_depends "curl" \
+ "--with-curl" \
+ "" \
+ "for curl support" &&
+
+optional_depends "ming" \
+ "--with-ming" \
+ "--without-ming" \
+ "dynamic FLASH generation" &&
+
+optional_depends "expat" \
+ "--with-expat-dir=/usr" \
+ "" \
+ "for expat xml support" &&
+
+optional_depends "libxslt" \
+ "--with-xsl=/usr" \
+ "" \
+ "for DOM Xslt support" &&
+
+optional_depends "openldap" \
+ "--with-ldap" \
+ "" \
+ "For ldap support"
Added: moonbase/trunk/compilers/php5-suhosin/DETAILS
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/DETAILS (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/DETAILS 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,42 @@
+ MODULE=php5-suhosin
+ PHP_VERSION=5.2.0
+ SUHOSIN_VER=0.9.16
+ SUHOSIN_PVER=0.9.6.2
+ VERSION=$PHP_VERSION-$SUHOSIN_VER
+ IMAP_VERSION=2004g
+SOURCE_DIRECTORY=$BUILD_DIRECTORY/php-$PHP_VERSION
+ SOURCE=php-$PHP_VERSION.tar.bz2
+ SOURCE_URL[0]=http://www.php.net/distributions/
+ SOURCE_URL[1]=http://uk2.php.net/distributions/
+ SOURCE_URL[2]=http://us2.php.net/distributions/
+ SOURCE_URL[3]=http://uk.php.net/distributions/
+ SOURCE_URL[4]=http://nl.php.net/distributions/
+ SOURCE_URL[5]=http://de.php.net/distributions/
+ SOURCE_URL[6]=http://fr.php.net/distributions/
+ SOURCE2=imap-$IMAP_VERSION.tar.Z
+ SOURCE2_URL[0]=ftp://ftp.cac.washington.edu/imap/
+ SOURCE2_URL[1]=ftp://ftp.cac.washington.edu/imap/old/
+ SOURCE3=suhosin-$SUHOSIN_VER.tgz
+ SOURCE4=suhosin-patch-$PHP_VERSION-$SUHOSIN_PVER.patch.gz
+ SOURCE3_URL=http://www.hardened-php.net/suhosin/_media/
+ SOURCE4_URL=http://www.hardened-php.net/suhosin/_media/
+ SOURCE_VFY=sha1:6306829b1b252156ca3a936ec809aba89a71d9e1
+ SOURCE2_VFY=sha1:791a8bb247ca51ce0a4c32e814a2f736c2bcf066
+ SOURCE3_VFY=sha1:c0b1e92ba7a60853775e2441159f23af36d73c75
+ SOURCE4_VFY=sha1:01f5f23a8c087d5ad5c2e7e464f9f3bf36e8578a
+ WEB_SITE=http://www.hardened-php.net/suhosin/index.html
+ MAINTAINER=striker at lunar-linux.org
+ ENTERED=20061219
+ UPDATED=20061219
+ SHORT="Suhosin is an advanced protection system for PHP"
+
+cat << EOF
+Suhosin is an advanced protection system for PHP installations. It was
+designed to protect servers and users from known and unknown flaws in
+PHP applications and the PHP core. Suhosin comes in two independent
+parts, that can be used separately or in combination. The first part
+is a small patch against the PHP core, that implements a few low-level
+protections against bufferoverflows or format string vulnerabilities
+and the second part is a powerful PHP extension that implements all
+the other protections.
+EOF
Added: moonbase/trunk/compilers/php5-suhosin/POST_INSTALL
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/POST_INSTALL (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/POST_INSTALL 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,26 @@
+
+# prototype AddType definition for apache2
+if [ -f /etc/httpd/conf/httpd.conf ] ; then
+ if ! grep -q "x-httpd-php" /etc/httpd/conf/httpd.conf ; then
+ cat >> /etc/httpd/conf/httpd.conf << EOF
+
+# AddType required for php to work:
+AddType application/x-httpd-php .php .php5 .php4 .php3 .phtml
+AddType application/x-httpd-php-source .phps
+
+EOF
+ fi
+fi
+
+if [ ! -e /etc/php.ini ] ; then
+ cp $SOURCE_DIRECTORY/php.ini-dist /etc/php.ini
+fi
+
+case $REGGLOBALS in
+ y|Y)
+ sedit "s/register_globals = Off/register_globals = On/" /etc/php.ini
+ ;;
+ *) true
+ ;;
+esac
+
Added: moonbase/trunk/compilers/php5-suhosin/POST_REMOVE
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/POST_REMOVE (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/POST_REMOVE 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,26 @@
+if module_installed apache; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddModule mod_php5.c" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
+elif module_installed apache_mod_ssl; then
+
+ cp /etc/httpsd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddModule mod_php5.c" > /etc/httpsd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /etc/init.d/apache_modssl.sh restart
+
+elif module_installed apache2; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddType application/x-httpd-php" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
+fi
+
Added: moonbase/trunk/compilers/php5-suhosin/PRE_BUILD
===================================================================
--- moonbase/trunk/compilers/php5-suhosin/PRE_BUILD (rev 0)
+++ moonbase/trunk/compilers/php5-suhosin/PRE_BUILD 2006-12-19 23:05:43 UTC (rev 22672)
@@ -0,0 +1,13 @@
+(
+
+ default_pre_build &&
+ cd $SOURCE_DIRECTORY/ext &&
+ unpack $SOURCE3 &&
+ mv suhosin-$SUHOSIN_VER suhosin &&
+ mv package.xml suhosin
+# cd .. &&
+# patch_it $SOURCE4 1 &&
+# false
+
+)
+
More information about the Lunar-commits
mailing list