[Lunar-commits] <moonbase-other> php5-suhosin: readded to moonbase
v4hn
me at v4hn.de
Thu Aug 23 22:39:31 CEST 2012
commit 288f1172264ab83ce4d8fec8c1ad7a3c53016527
Author: v4hn <me at v4hn.de>
Date: Thu, 23 Aug 2012 13:39:31 -0700
URL: https://github.com/lunar-linux/moonbase-other/commit/288f1172264ab83ce4d8fec8c1ad7a3c53016527
php5-suhosin: readded to moonbase
---
compilers/php5-suhosin/BUILD +48/-0
compilers/php5-suhosin/CONFIGURE +11/-0
compilers/php5-suhosin/CONFLICTS +2/-0
compilers/php5-suhosin/DEPENDS +110/-0
compilers/php5-suhosin/DETAILS +37/-0
compilers/php5-suhosin/POST_INSTALL +26/-0
compilers/php5-suhosin/POST_REMOVE +26/-0
compilers/php5-suhosin/PRE_BUILD +9/-0
8 files changed, 269 insertions (+), 0 deletions (-)
--- /dev/null
+++ b/compilers/php5-suhosin/BUILD
@@ -0,0 +1,48 @@
+(
+
+# So it does not bomb on gmp stuff if you say yes to gmp. Revisit on next bump.
+ sedit "s: __GMP_BITS_PER_MP_LIMB:GMP_LIMB_BITS:g" ext/gmp/gmp.c &&
+
+ if [ "$USE_PATCH" == "y" ]; then
+ patch_it $SOURCE3 1
+ fi &&
+
+# ./buildconf --force &&
+
+ if [ "$USE_REGGLOBALS" == "y" ]; then
+ OPTS+=" "
+ fi &&
+
+ if module_installed apache || module_installed apache-mod_ssl ; then
+ OPTS+=" --with-apxs=/usr/sbin/apxs"
+ elif module_installed apache2 ; then
+ OPTS+=" --with-apxs2=/usr/sbin/apxs"
+ fi &&
+
+ if [ -s /etc/httpsd/httpd.conf ] ; then
+ cp /etc/httpsd/httpd.conf /etc/httpsd/httpd.conf.`date +%Y%m%d`
+ fi &&
+
+ if [ -s /etc/httpd/httpd.conf ] ; then
+ cp /etc/httpd/httpd.conf /etc/httpd/httpd.conf.`date +%Y%m%d`
+ fi &&
+
+ # sedit "s:^:#include <errno.h>\n:" ext/mysql/libmysql/mysys_err.h &&
+
+ verbose_msg "OPTS=$OPTS" &&
+ ./configure --prefix=/usr \
+ --sysconfdir=/etc \
+ --with-config-file-path=/etc \
+ --enable-suhosin \
+ --enable-dbase \
+ --enable-dbx \
+ --enable-dio \
+ --with-readline \
+ --with-zlib=/usr \
+ --enable-force-cgi-redirect \
+ --enable-discard-path \
+ $OPTS &&
+
+ default_make
+
+) > $C_FIFO 2>&1
--- /dev/null
+++ b/compilers/php5-suhosin/CONFIGURE
@@ -0,0 +1,11 @@
+mquery USE_PATCH "[SUHOSIN] Do you want to use the PHP core patch?" y
+mquery USE_REGGLOBALS "Enable global variable support (potential security risk)?" n
+mquery USE_FTP "Install ftp support?" y "--enable-ftp" ""
+mquery USE_SESSIONID "Enable transparent session id?" y "--enable-trans-sid" ""
+mquery USE_SQLITE "Enable UTF-8 support for SQLite?" y "--enable-sqlite-utf8" ""
+mquery USE_SOCKETS "Enable sockets support (experimental)?" y "--enable-sockets" ""
+mquery USE_NCURSES "Enable ncurses support (experimental)?" y "--with-ncurses" ""
+mquery USE_MBYTESTR "Enable multibyte string support?" n "--enable-mbstring --enable-zend-multibyte" ""
+mquery USE_MBYTEREGEX "Enable multibyte regular expression functions?" n "" "--disable-mbregex"
+mquery USE_INTERNAL_GD "Enable built-in gd" y "--with-jpeg-dir --with-gd" ""
+mquery USE_EXIF "Enable exif" y "--enable-exif" ""
--- /dev/null
+++ b/compilers/php5-suhosin/CONFLICTS
@@ -0,0 +1,2 @@
+conflicts php
+conflicts php5
--- /dev/null
+++ b/compilers/php5-suhosin/DEPENDS
@@ -0,0 +1,110 @@
+depends readline
+depends libxml2
+
+optional_depends "lighttpd" \
+ "--enable-fastcgi" \
+ "" \
+ "build FastCGI version also (for LigHTTPD)"
+
+optional_depends "aspell" \
+ "--with-pspell" \
+ "" \
+ "for spelling functions"
+
+optional_depends "mhash" \
+ "--with-mhash" \
+ "" \
+ "for hash functions support"
+
+optional_depends "mcrypt" \
+ "--with-mcrypt" \
+ "" \
+ "for crypto library"
+
+optional_depends "gmp" \
+ "--with-gmp" \
+ "" \
+ "GNU math lib support"
+
+optional_depends "openssl" \
+ "--with-openssl" \
+ "" \
+ "for OpenSSL support"
+
+optional_depends "gettext" \
+ "--with-gettext" \
+ "" \
+ "for GNU gettext support"
+
+optional_depends "db" \
+ "--with-db4" \
+ "" \
+ "for Berkeley DB4 support"
+
+optional_depends "gdbm" \
+ "--with-gdbm" \
+ "" \
+ "for GNU dbm support"
+
+optional_depends "sqlite" \
+ "--with-pdo-sqlite=/usr" \
+ "" \
+ "for PDO SQLite support"
+
+optional_depends "postgresql" \
+ "--with-pgsql=/usr" \
+ "" \
+ "for PostgreSQL support"
+
+optional_depends "mysql" \
+ "--with-mysql=/usr --with-mysqli" \
+ "" \
+ "for native MySQL support"
+
+optional_depends "freetds" \
+ "--with-sybase=/usr" \
+ "" \
+ "for SyBase support"
+
+optional_depends "freetype2" \
+ "--with-freetype-dir=/usr" \
+ "" \
+ "for freetype2 support"
+
+optional_depends "PDFlib-Lite" \
+ "--with-pdflib" \
+ "" \
+ "for pdflib support"
+
+optional_depends "gd" \
+ "--with-gd=/usr \
+ --enable-gd-native-ttf \
+ --with-jpeg-dir=/usr \
+ --with-png-dir=/usr" \
+ "" \
+ "external gd for on the fly graphics (deprecated)"
+
+optional_depends "curl" \
+ "--with-curl" \
+ "" \
+ "for cURL support"
+
+optional_depends "ming" \
+ "--with-ming" \
+ "--without-ming" \
+ "dynamic FLASH generation"
+
+optional_depends "expat" \
+ "--with-expat-dir=/usr" \
+ "" \
+ "for expat XML support"
+
+optional_depends "libxslt" \
+ "--with-xsl=/usr" \
+ "" \
+ "for DOM XSLT support"
+
+optional_depends "openldap" \
+ "--with-ldap" \
+ "" \
+ "for ldap support"
--- /dev/null
+++ b/compilers/php5-suhosin/DETAILS
@@ -0,0 +1,37 @@
+ MODULE=php5-suhosin
+ PHP_VERSION=5.3.9
+ SUHOSIN_VER=0.9.33
+ SUHOSIN_PVER=0.9.10
+ VERSION=$PHP_VERSION-$SUHOSIN_VER
+SOURCE_DIRECTORY=$BUILD_DIRECTORY/php-$PHP_VERSION
+ SOURCE=php-$PHP_VERSION.tar.bz2
+ SOURCE_URL[0]=http://www.php.net/distributions
+ SOURCE_URL[1]=http://uk2.php.net/distributions
+ SOURCE_URL[2]=http://us2.php.net/distributions
+ SOURCE_URL[3]=http://uk.php.net/distributions
+ SOURCE_URL[4]=http://nl.php.net/distributions
+ SOURCE_URL[5]=http://de.php.net/distributions
+ SOURCE_URL[6]=http://fr.php.net/distributions
+ SOURCE2=suhosin-$SUHOSIN_VER.tgz
+ SOURCE3=suhosin-patch-5.3.9-$SUHOSIN_PVER.patch.gz
+ SOURCE2_URL=http://download.suhosin.org
+ SOURCE3_URL=http://download.suhosin.org
+ SOURCE_VFY=sha1:fe0626735c3d9dd370cef9bdcfe9506629449f51
+ SOURCE2_VFY=sha1:abb30c22e7fe341955b42ec71ed597c43439e2b8
+ SOURCE3_VFY=sha1:7b9ef5c3e0831154df0d6290aba0989ca90138ed
+ WEB_SITE=http://www.hardened-php.net/suhosin/index.html
+ MAINTAINER=striker at lunar-linux.org
+ ENTERED=20061219
+ UPDATED=20120429
+ SHORT="Suhosin is an advanced protection system for PHP"
+
+cat << EOF
+Suhosin is an advanced protection system for PHP installations. It was
+designed to protect servers and users from known and unknown flaws in
+PHP applications and the PHP core. Suhosin comes in two independent
+parts, that can be used separately or in combination. The first part
+is a small patch against the PHP core, that implements a few low-level
+protections against bufferoverflows or format string vulnerabilities
+and the second part is a powerful PHP extension that implements all
+the other protections.
+EOF
--- /dev/null
+++ b/compilers/php5-suhosin/POST_INSTALL
@@ -0,0 +1,26 @@
+
+# prototype AddType definition for apache2
+if [ -f /etc/httpd/conf/httpd.conf ] ; then
+ if ! grep -q "x-httpd-php" /etc/httpd/conf/httpd.conf ; then
+ cat >> /etc/httpd/conf/httpd.conf << EOF
+
+# AddType required for php to work:
+AddType application/x-httpd-php .php .php5 .php4 .php3 .phtml
+AddType application/x-httpd-php-source .phps
+
+EOF
+ fi
+fi
+
+if [ ! -e /etc/php.ini ] ; then
+ cp $SOURCE_DIRECTORY/php.ini-dist /etc/php.ini
+fi
+
+case $REGGLOBALS in
+ y|Y)
+ sedit "s/register_globals = Off/register_globals = On/" /etc/php.ini
+ ;;
+ *) true
+ ;;
+esac
+
--- /dev/null
+++ b/compilers/php5-suhosin/POST_REMOVE
@@ -0,0 +1,26 @@
+if module_installed apache; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddModule mod_php5.c" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
+elif module_installed apache_mod_ssl; then
+
+ cp /etc/httpsd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddModule mod_php5.c" > /etc/httpsd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /etc/init.d/apache_modssl.sh restart
+
+elif module_installed apache2; then
+
+ cp /etc/httpd/httpd.conf /tmp/httpd.conf
+ grep -v "LoadModule php5_module" /tmp/httpd.conf |
+ grep -v "AddType application/x-httpd-php" > /etc/httpd/httpd.conf
+ rm -f /tmp/httpd.conf
+ /usr/sbin/apachectl graceful
+
+fi
+
--- /dev/null
+++ b/compilers/php5-suhosin/PRE_BUILD
@@ -0,0 +1,9 @@
+(
+
+ default_pre_build &&
+ cd $SOURCE_DIRECTORY/ext &&
+ unpack $SOURCE2 &&
+ mv suhosin-$SUHOSIN_VER suhosin
+
+)
+
More information about the Lunar-commits
mailing list