pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang
Module Name: pkgsrc
Committed By: manu
Date: Wed Jul 18 07:33:12 UTC 2018
Modified Files:
pkgsrc/lang/php56: Makefile.php distinfo
pkgsrc/lang/php70: Makefile.php distinfo
pkgsrc/lang/php71: Makefile.php distinfo
pkgsrc/lang/php72: Makefile.php distinfo
Added Files:
pkgsrc/lang/php56/patches: patch-disable-filter-url
pkgsrc/lang/php70/patches: patch-disable-filter-url
pkgsrc/lang/php71/patches: patch-disable-filter-url
pkgsrc/lang/php72/patches: patch-disable-filter-url
Log Message:
Add pkgsrc build option disable-filter-url to disable php://filter URL
php://filter URL is a feature documented here:
http://php.net/manual/en/wrappers.php.php
Unfortunately, it allows remote control of include() behavior
beyond what many developpers expected, enabling easy dump of
PHP source files. The administrator may want to disable the
feature for security sake, and this option makes that possible.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/php56/Makefile.php
cvs rdiff -u -r1.48 -r1.49 pkgsrc/lang/php56/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php56/patches/patch-disable-filter-url
cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/php70/Makefile.php
cvs rdiff -u -r1.45 -r1.46 pkgsrc/lang/php70/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php70/patches/patch-disable-filter-url
cvs rdiff -u -r1.7 -r1.8 pkgsrc/lang/php71/Makefile.php
cvs rdiff -u -r1.38 -r1.39 pkgsrc/lang/php71/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php71/patches/patch-disable-filter-url
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/php72/Makefile.php
cvs rdiff -u -r1.26 -r1.27 pkgsrc/lang/php72/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/lang/php72/patches/patch-disable-filter-url
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/php56/Makefile.php
diff -u pkgsrc/lang/php56/Makefile.php:1.4 pkgsrc/lang/php56/Makefile.php:1.5
--- pkgsrc/lang/php56/Makefile.php:1.4 Wed Jul 12 09:11:35 2017
+++ pkgsrc/lang/php56/Makefile.php Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.4 2017/07/12 09:11:35 manu Exp $
+# $NetBSD: Makefile.php,v 1.5 2018/07/18 07:33:12 manu Exp $
# used by lang/php56/Makefile
# used by www/ap-php/Makefile
# used by www/php-fpm/Makefile
@@ -42,7 +42,7 @@ CONFIGURE_ARGS+= --with-libxml-dir=${PRE
.include "../../textproc/libxml2/buildlink3.mk"
PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX}
-PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline
+PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline disable-filter-url
PKG_SUGGESTED_OPTIONS+= inet6 ssl
.if ${OPSYS} == "SunOS" || ${OPSYS} == "Darwin" || ${OPSYS} == "FreeBSD"
@@ -89,5 +89,9 @@ CONFIGURE_ARGS+= --enable-dtrace
INSTALL_MAKE_FLAGS+= -r
.endif
+.if !empty(PKG_OPTIONS:Mdisable-filter-url)
+CFLAGS+= -DDISABLE_FILTER_URL
+.endif
+
DL_AUTO_VARS= yes
.include "../../mk/dlopen.buildlink3.mk"
Index: pkgsrc/lang/php56/distinfo
diff -u pkgsrc/lang/php56/distinfo:1.48 pkgsrc/lang/php56/distinfo:1.49
--- pkgsrc/lang/php56/distinfo:1.48 Sun Apr 29 16:26:40 2018
+++ pkgsrc/lang/php56/distinfo Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.48 2018/04/29 16:26:40 taca Exp $
+$NetBSD: distinfo,v 1.49 2018/07/18 07:33:12 manu Exp $
SHA1 (php-5.6.36.tar.bz2) = c5cf00d9d6e212e1d10cfd45adbe73c936312e43
RMD160 (php-5.6.36.tar.bz2) = 91d662d8dba9cd6ed9b14244afcae4c12c25ff01
@@ -6,6 +6,7 @@ SHA512 (php-5.6.36.tar.bz2) = 39988e3be5
Size (php-5.6.36.tar.bz2) = 15057704 bytes
SHA1 (patch-acinclude.m4) = 34d38d2538cc00932cdfcc80d1d4a91632cd15d0
SHA1 (patch-configure) = a5623b0cbb3331fd0a537b26c0ae48315d52dbe2
+SHA1 (patch-disable-filter-url) = a2b08912d81f2872bf1834fa4cefddb044c9d0f8
SHA1 (patch-ext_gd_config.m4) = b92ab4c7fe8aceaef7787a607a7d2eac258fee19
SHA1 (patch-ext_imap_config.m4) = 9c6ed6966366c4fe1b7cfd34b5910e2ff0e68577
SHA1 (patch-ext_mssql_php__mssql.c) = c4fa9231dc539ffb027f1beb6f182f21ddb94a3c
Index: pkgsrc/lang/php70/Makefile.php
diff -u pkgsrc/lang/php70/Makefile.php:1.8 pkgsrc/lang/php70/Makefile.php:1.9
--- pkgsrc/lang/php70/Makefile.php:1.8 Mon Jul 16 10:58:50 2018
+++ pkgsrc/lang/php70/Makefile.php Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.8 2018/07/16 10:58:50 maya Exp $
+# $NetBSD: Makefile.php,v 1.9 2018/07/18 07:33:12 manu Exp $
# used by lang/php70/Makefile
# used by www/ap-php/Makefile
# used by www/php-fpm/Makefile
@@ -40,7 +40,7 @@ CONFIGURE_ARGS+= --with-libxml-dir=${PRE
.include "../../textproc/libxml2/buildlink3.mk"
PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX}
-PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline
+PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline disable-filter-url
PKG_SUGGESTED_OPTIONS+= inet6 ssl readline
.if ${OPSYS} == "SunOS" || ${OPSYS} == "Darwin" || ${OPSYS} == "FreeBSD"
@@ -87,5 +87,9 @@ CONFIGURE_ARGS+= --enable-dtrace
INSTALL_MAKE_FLAGS+= -r
.endif
+.if !empty(PKG_OPTIONS:Mdisable-filter-url)
+CFLAGS+= -DDISABLE_FILTER_URL
+.endif
+
DL_AUTO_VARS= yes
.include "../../mk/dlopen.buildlink3.mk"
Index: pkgsrc/lang/php70/distinfo
diff -u pkgsrc/lang/php70/distinfo:1.45 pkgsrc/lang/php70/distinfo:1.46
--- pkgsrc/lang/php70/distinfo:1.45 Thu Apr 26 15:46:57 2018
+++ pkgsrc/lang/php70/distinfo Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.45 2018/04/26 15:46:57 taca Exp $
+$NetBSD: distinfo,v 1.46 2018/07/18 07:33:12 manu Exp $
SHA1 (php-7.0.30.tar.bz2) = 774d76578f06e4acc035ed65692f7750f7d9c9b1
RMD160 (php-7.0.30.tar.bz2) = f3bf11cfb9d02988d1458d9b30a223af3191e970
@@ -6,6 +6,7 @@ SHA512 (php-7.0.30.tar.bz2) = 37b39b3163
Size (php-7.0.30.tar.bz2) = 14641553 bytes
SHA1 (patch-acinclude.m4) = 81a8f33a536500978ea5a9aa2d2875c61c843e56
SHA1 (patch-configure) = 68ca63d7623feee2f12c9e1abacf4a5d7827d96c
+SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c
SHA1 (patch-ext_gd_config.m4) = bde93678626592cdcee619189bfc6532d0913a76
SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92
SHA1 (patch-ext_intl_config.m4) = 222e35fc2c3e9e559696293fdf66171f8abfca7f
Index: pkgsrc/lang/php71/Makefile.php
diff -u pkgsrc/lang/php71/Makefile.php:1.7 pkgsrc/lang/php71/Makefile.php:1.8
--- pkgsrc/lang/php71/Makefile.php:1.7 Mon Jul 16 10:58:50 2018
+++ pkgsrc/lang/php71/Makefile.php Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.7 2018/07/16 10:58:50 maya Exp $
+# $NetBSD: Makefile.php,v 1.8 2018/07/18 07:33:12 manu Exp $
# used by lang/php71/Makefile
# used by www/ap-php/Makefile
# used by www/php-fpm/Makefile
@@ -40,7 +40,7 @@ CONFIGURE_ARGS+= --with-libxml-dir=${PRE
.include "../../textproc/libxml2/buildlink3.mk"
PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX}
-PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline
+PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline disable-filter-url
PKG_SUGGESTED_OPTIONS+= inet6 ssl readline
.if ${OPSYS} == "SunOS" || ${OPSYS} == "Darwin" || ${OPSYS} == "FreeBSD"
@@ -87,5 +87,9 @@ CONFIGURE_ARGS+= --enable-dtrace
INSTALL_MAKE_FLAGS+= -r
.endif
+.if !empty(PKG_OPTIONS:Mdisable-filter-url)
+CFLAGS+= -DDISABLE_FILTER_URL
+.endif
+
DL_AUTO_VARS= yes
.include "../../mk/dlopen.buildlink3.mk"
Index: pkgsrc/lang/php71/distinfo
diff -u pkgsrc/lang/php71/distinfo:1.38 pkgsrc/lang/php71/distinfo:1.39
--- pkgsrc/lang/php71/distinfo:1.38 Mon Jun 25 15:19:22 2018
+++ pkgsrc/lang/php71/distinfo Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.38 2018/06/25 15:19:22 taca Exp $
+$NetBSD: distinfo,v 1.39 2018/07/18 07:33:12 manu Exp $
SHA1 (php-7.1.19.tar.bz2) = 2010c911e34ec01e94697567d13eb29e49ac3045
RMD160 (php-7.1.19.tar.bz2) = f8fbc7f0218954938fe5b37b91160fe093839288
@@ -6,6 +6,7 @@ SHA512 (php-7.1.19.tar.bz2) = d19ca6063f
Size (php-7.1.19.tar.bz2) = 15147029 bytes
SHA1 (patch-acinclude.m4) = b682280fd89950c082c2226bdb7364b0dc475bad
SHA1 (patch-configure) = 862707ff3fd8b8d7312104bb44a48fe8379951bd
+SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c
SHA1 (patch-ext_gd_config.m4) = 93b62daad93b9ee6dc28e06016f739bc26b0dc9f
SHA1 (patch-ext_imap_config.m4) = f4e10ab81697b72019313f63bc630627a08efd92
SHA1 (patch-ext_intl_config.m4) = 5192f8e8fa32939c62a734421463edd294372282
Index: pkgsrc/lang/php72/Makefile.php
diff -u pkgsrc/lang/php72/Makefile.php:1.5 pkgsrc/lang/php72/Makefile.php:1.6
--- pkgsrc/lang/php72/Makefile.php:1.5 Mon Jul 16 10:58:50 2018
+++ pkgsrc/lang/php72/Makefile.php Wed Jul 18 07:33:12 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.php,v 1.5 2018/07/16 10:58:50 maya Exp $
+# $NetBSD: Makefile.php,v 1.6 2018/07/18 07:33:12 manu Exp $
# used by lang/php72/Makefile
# used by www/ap-php/Makefile
# used by www/php-fpm/Makefile
@@ -46,6 +46,7 @@ CONFIGURE_ARGS+= --with-pcre-regex=${BUI
PKG_OPTIONS_VAR= PKG_OPTIONS.${PHP_PKG_PREFIX}
PKG_SUPPORTED_OPTIONS+= inet6 ssl maintainer-zts readline argon2 sqlite3
+PKG_SUPPORTED_OPTIONS+= disable-filter-url
PKG_SUGGESTED_OPTIONS+= inet6 ssl readline sqlite3
.if ${OPSYS} == "SunOS" || ${OPSYS} == "Darwin" || ${OPSYS} == "FreeBSD"
@@ -104,5 +105,9 @@ CONFIGURE_ARGS+= --with-sqlite3=${BUILDL
CONFIGURE_ARGS+= --without-sqlite3
.endif
+.if !empty(PKG_OPTIONS:Mdisable-filter-url)
+CFLAGS+= -DDISABLE_FILTER_URL
+.endif
+
DL_AUTO_VARS= yes
.include "../../mk/dlopen.buildlink3.mk"
Index: pkgsrc/lang/php72/distinfo
diff -u pkgsrc/lang/php72/distinfo:1.26 pkgsrc/lang/php72/distinfo:1.27
--- pkgsrc/lang/php72/distinfo:1.26 Sun Jun 24 10:34:47 2018
+++ pkgsrc/lang/php72/distinfo Wed Jul 18 07:33:12 2018
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.26 2018/06/24 10:34:47 taca Exp $
+$NetBSD: distinfo,v 1.27 2018/07/18 07:33:12 manu Exp $
SHA1 (php-7.2.7.tar.bz2) = e56adc671e9a19bcbe2b84e510cd2c2cec571970
RMD160 (php-7.2.7.tar.bz2) = ba76b61f709eda603bf6c6b2d31baf6111210e13
SHA512 (php-7.2.7.tar.bz2) = 7817e082963a4f185c5dd4a7bdd9358e25ae1dc83fa6b353313660c9907a2ead308676be86d5e1f7d586d394308e451dd8139a7879a68ab5d0c4a59fcbe73027
Size (php-7.2.7.tar.bz2) = 15050410 bytes
SHA1 (patch-configure) = 47f2ede97390cc7e46d04c2769dd97459b19450a
+SHA1 (patch-disable-filter-url) = e9e92d686ddd1d1a1ece10fe4feee4e368fe510c
SHA1 (patch-ext_gd_config.m4) = 67730ccc13410adaf8829f77a6b044f16e412489
SHA1 (patch-ext_phar_Makefile.frag) = 558869b60f8ed6674a3ba1d595a65f010df4c426
SHA1 (patch-ext_phar_phar_phar.php) = f630e3946b21b76d4fe857a43e00e25c9445f2c8
Added files:
Index: pkgsrc/lang/php56/patches/patch-disable-filter-url
diff -u /dev/null pkgsrc/lang/php56/patches/patch-disable-filter-url:1.1
--- /dev/null Wed Jul 18 07:33:12 2018
+++ pkgsrc/lang/php56/patches/patch-disable-filter-url Wed Jul 18 07:33:12 2018
@@ -0,0 +1,34 @@
+$NetBSD: patch-disable-filter-url,v 1.1 2018/07/18 07:33:12 manu Exp $
+
+Add build-time disable option for dangerous php://filter URL
+
+php://filter URL is a feature documented here:
+http://php.net/manual/en/wrappers.php.php
+
+Unfortunately, it allows remote control of include() behavior
+beyond what many developpers expected, enabling easy dump of
+PHP source files. The administrator may want to disable the
+feature for security sake, and this patch makes that possible.
+
+--- ./ext/standard/php_fopen_wrapper.c.orig
++++ ./ext/standard/php_fopen_wrapper.c
+@@ -333,8 +333,9 @@
+ "Error duping file descriptor %ld; possibly it doesn't exist: "
+ "[%d]: %s", fildes_ori, errno, strerror(errno));
+ return NULL;
+ }
++#ifndef DISABLE_FILTER_URL
+ } else if (!strncasecmp(path, "filter/", 7)) {
+ /* Save time/memory when chain isn't specified */
+ if (strchr(mode, 'r') || strchr(mode, '+')) {
+ mode_rw |= PHP_STREAM_FILTER_READ;
+@@ -369,8 +370,9 @@
+ }
+ efree(pathdup);
+
+ return stream;
++#endif /* !DISABLE_FILTER_URL */
+ } else {
+ /* invalid php://thingy */
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid php:// URL specified");
+ return NULL;
Index: pkgsrc/lang/php70/patches/patch-disable-filter-url
diff -u /dev/null pkgsrc/lang/php70/patches/patch-disable-filter-url:1.1
--- /dev/null Wed Jul 18 07:33:12 2018
+++ pkgsrc/lang/php70/patches/patch-disable-filter-url Wed Jul 18 07:33:12 2018
@@ -0,0 +1,34 @@
+$NetBSD: patch-disable-filter-url,v 1.1 2018/07/18 07:33:12 manu Exp $
+
+Add build-time disable option for dangerous php://filter URL
+
+php://filter URL is a feature documented here:
+http://php.net/manual/en/wrappers.php.php
+
+Unfortunately, it allows remote control of include() behavior
+beyond what many developpers expected, enabling easy dump of
+PHP source files. The administrator may want to disable the
+feature for security sake, and this patch makes that possible.
+
+--- ./ext/standard/php_fopen_wrapper.c.orig
++++ ./ext/standard/php_fopen_wrapper.c
+@@ -345,8 +345,9 @@
+ "Error duping file descriptor " ZEND_LONG_FMT "; possibly it doesn't exist: "
+ "[%d]: %s", fildes_ori, errno, strerror(errno));
+ return NULL;
+ }
++#ifndef DISABLE_FILTER_URL
+ } else if (!strncasecmp(path, "filter/", 7)) {
+ /* Save time/memory when chain isn't specified */
+ if (strchr(mode, 'r') || strchr(mode, '+')) {
+ mode_rw |= PHP_STREAM_FILTER_READ;
+@@ -382,8 +383,9 @@
+ }
+ efree(pathdup);
+
+ return stream;
++#endif /* !DISABLE_FILTER_URL */
+ } else {
+ /* invalid php://thingy */
+ php_error_docref(NULL, E_WARNING, "Invalid php:// URL specified");
+ return NULL;
Index: pkgsrc/lang/php71/patches/patch-disable-filter-url
diff -u /dev/null pkgsrc/lang/php71/patches/patch-disable-filter-url:1.1
--- /dev/null Wed Jul 18 07:33:12 2018
+++ pkgsrc/lang/php71/patches/patch-disable-filter-url Wed Jul 18 07:33:12 2018
@@ -0,0 +1,34 @@
+$NetBSD: patch-disable-filter-url,v 1.1 2018/07/18 07:33:12 manu Exp $
+
+Add build-time disable option for dangerous php://filter URL
+
+php://filter URL is a feature documented here:
+http://php.net/manual/en/wrappers.php.php
+
+Unfortunately, it allows remote control of include() behavior
+beyond what many developpers expected, enabling easy dump of
+PHP source files. The administrator may want to disable the
+feature for security sake, and this patch makes that possible.
+
+--- ./ext/standard/php_fopen_wrapper.c.orig
++++ ./ext/standard/php_fopen_wrapper.c
+@@ -345,8 +345,9 @@
+ "Error duping file descriptor " ZEND_LONG_FMT "; possibly it doesn't exist: "
+ "[%d]: %s", fildes_ori, errno, strerror(errno));
+ return NULL;
+ }
++#ifndef DISABLE_FILTER_URL
+ } else if (!strncasecmp(path, "filter/", 7)) {
+ /* Save time/memory when chain isn't specified */
+ if (strchr(mode, 'r') || strchr(mode, '+')) {
+ mode_rw |= PHP_STREAM_FILTER_READ;
+@@ -382,8 +383,9 @@
+ }
+ efree(pathdup);
+
+ return stream;
++#endif /* !DISABLE_FILTER_URL */
+ } else {
+ /* invalid php://thingy */
+ php_error_docref(NULL, E_WARNING, "Invalid php:// URL specified");
+ return NULL;
Index: pkgsrc/lang/php72/patches/patch-disable-filter-url
diff -u /dev/null pkgsrc/lang/php72/patches/patch-disable-filter-url:1.1
--- /dev/null Wed Jul 18 07:33:12 2018
+++ pkgsrc/lang/php72/patches/patch-disable-filter-url Wed Jul 18 07:33:12 2018
@@ -0,0 +1,34 @@
+$NetBSD: patch-disable-filter-url,v 1.1 2018/07/18 07:33:12 manu Exp $
+
+Add build-time disable option for dangerous php://filter URL
+
+php://filter URL is a feature documented here:
+http://php.net/manual/en/wrappers.php.php
+
+Unfortunately, it allows remote control of include() behavior
+beyond what many developpers expected, enabling easy dump of
+PHP source files. The administrator may want to disable the
+feature for security sake, and this patch makes that possible.
+
+--- ./ext/standard/php_fopen_wrapper.c.orig
++++ ./ext/standard/php_fopen_wrapper.c
+@@ -345,8 +345,9 @@
+ "Error duping file descriptor " ZEND_LONG_FMT "; possibly it doesn't exist: "
+ "[%d]: %s", fildes_ori, errno, strerror(errno));
+ return NULL;
+ }
++#ifndef DISABLE_FILTER_URL
+ } else if (!strncasecmp(path, "filter/", 7)) {
+ /* Save time/memory when chain isn't specified */
+ if (strchr(mode, 'r') || strchr(mode, '+')) {
+ mode_rw |= PHP_STREAM_FILTER_READ;
+@@ -382,8 +383,9 @@
+ }
+ efree(pathdup);
+
+ return stream;
++#endif /* !DISABLE_FILTER_URL */
+ } else {
+ /* invalid php://thingy */
+ php_error_docref(NULL, E_WARNING, "Invalid php:// URL specified");
+ return NULL;
Home |
Main Index |
Thread Index |
Old Index