OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 15-Nov-2006 14:59:30
Branch: HEAD Handle: 2006111513592900
Modified files:
openpkg-src/apache apache.spec
Log:
add optional support for the PHP Suhosin patch & extension from the
Hardened PHP project
Summary:
Revision Changes Path
1.357 +49 -15 openpkg-src/apache/apache.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/apache/apache.spec
============================================================================
$ cvs diff -u -r1.356 -r1.357 apache.spec
--- openpkg-src/apache/apache.spec 11 Nov 2006 08:52:42 -0000 1.356
+++ openpkg-src/apache/apache.spec 15 Nov 2006 13:59:29 -0000 1.357
@@ -36,6 +36,8 @@
%define V_mod_ssl 2.8.28-1.3.37
%define V_mod_perl 1.29
%define V_mod_php 5.2.0
+%define V_mod_php_suhosin_p 5.2.0-0.9.6.2
+%define V_mod_php_suhosin_e 0.9.12
%define V_mod_php_hardened 5.1.6-0.4.15
%define V_mod_dav 1.0.3-1.3.6
%define V_mod_layout 3.2.1
@@ -65,7 +67,7 @@
Group: Web
License: ASF
Version: %{V_apache}
-Release: 20061111
+Release: 20061115
# package options (suexec related)
%option with_suexec yes
@@ -105,6 +107,8 @@
# package options (optional PHP5 specific settings; requires
"with_mod_php")
# please note the lack of an PEAR option since PEAR is provided by the
'php' package
+%option with_mod_php_suhosin no
+%option with_mod_php_hardened no
%option with_mod_php_bc no
%option with_mod_php_bdb no
%option with_mod_php_bzip2 no
@@ -119,7 +123,6 @@
%option with_mod_php_gd no
%option with_mod_php_gdbm no
%option with_mod_php_gettext no
-%option with_mod_php_hardened no
%option with_mod_php_iconv no
%option with_mod_php_imap no
%option with_mod_php_mbregex no
@@ -183,6 +186,10 @@
%undefine with_mod_define
%define with_mod_define yes
%endif
+%if "%{with_mod_php_suhosin}" == "yes" && "%{with_mod_php_hardened}" == "yes"
+%undefine with_mod_php_hardened
+%define with_mod_php_hardened no
+%endif
# list of sources
Source0: http://www.apache.org/dist/httpd/apache_%{V_apache}.tar.gz
@@ -206,17 +213,19 @@
Source18:
http://www.modsecurity.org/download/modsecurity-apache_%{V_mod_security}.tar.gz
Source19:
http://www.nuclearelephant.com/projects/mod_evasive/mod_evasive_%{V_mod_evasive}.tar.gz
Source20: http://www.sharemation.com/~dmcmahon/unix_all.tgz
-Source21: apache.conf
-Source22: apache.base
-Source23: apache.pl
-Source24: rc.apache
-Source25: apache.sh
-Source26: php.ini
+Source21:
http://www.hardened-php.net/suhosin/_media/suhosin-%{V_mod_php_suhosin_e}.tgz
+Source22: apache.conf
+Source23: apache.base
+Source24: apache.pl
+Source25: rc.apache
+Source26: apache.sh
+Source27: php.ini
Patch0: apache.patch
Patch1: apache.patch.modowa
Patch2:
http://www.hardened-php.net/hardening-patch-%{V_mod_php_hardened}.patch.gz
-Patch3: apache.patch.suphp
-Patch4: apache.patch.php
+Patch3:
http://www.hardened-php.net/suhosin/_media/suhosin-patch-%{V_mod_php_suhosin_p}.patch.gz
+Patch4: apache.patch.suphp
+Patch5: apache.patch.php
# build information
Prefix: %{l_prefix}
@@ -237,6 +246,9 @@
%endif
%if "%{with_mod_php}" == "yes"
BuildPreReq: gcc, sed, flex, bison
+%if "%{with_mod_php_suhosin}" == "yes"
+BuildPreReq: autoconf
+%endif
%if "%{with_mod_php_mssql}" == "yes"
BuildPreReq: freetds, libiconv
PreReq: freetds, libiconv
@@ -461,6 +473,16 @@
url = http://www.hardened-php.net/downloads.13.html
regex = hardening-patch-(5\.\d+\.\d+-\d+(\.\d+)+)\.patch\.gz
}
+ prog apache:mod_php_suhosin-patch = {
+ version = %{V_mod_php_suhosin_p}
+ url = http://www.hardened-php.net/suhosin/download.html
+ regex = suhosin-patch-(5\.\d+\.\d+-\d+(\.\d+)+)\.patch\.gz
+ }
+ prog apache:mod_php_suhosin-ext = {
+ version = %{V_mod_php_suhosin_e}
+ url = http://www.hardened-php.net/suhosin/download.html
+ regex = suhosin-(\d+(\.\d+)+)\.tgz
+ }
prog apache:mod_relocate = {
version = %{V_mod_relocate}
url = http://software.tangent.org/download/
@@ -517,7 +539,19 @@
%if "%{with_mod_php}" == "yes"
%setup -q -T -D -a 3
( cd php-%{V_mod_php}
- %patch -p0 -P 4
+%if "%{with_mod_php_hardened}" == "yes"
+ %patch -p1 -P 2
+%endif
+%if "%{with_mod_php_suhosin}" == "yes"
+ %{l_gzip} -d -c %{SOURCE21} | %{l_tar} xf -
+ %patch -p1 -P 3
+ mv suhosin-%{V_mod_php_suhosin_e} ext/suhosin
+ rm -f package.xml
+ export PHP_AUTOCONF=autoconf-213
+ ./buildconf --copy --force
+ $PHP_AUTOCONF
+%endif
+ %patch -p0 -P 5
%{l_shtool} subst \
-e 's;\(/include\)/freetype2;\1;' \
configure \
@@ -533,9 +567,6 @@
-e 's;^typedef short SHORT\;;;' \
ext/mssql/php_mssql.h
%endif
-%if "%{with_mod_php_hardened}" == "yes"
- %patch -p1 -P 2
-%endif
) || exit $?
%endif
%if "%{with_mod_dav}" == "yes"
@@ -579,7 +610,7 @@
%endif
%if "%{with_suphp}" == "yes"
%setup -q -T -D -a 17
- %patch -p0 -d suphp-%{V_suphp} -P 3
+ %patch -p0 -d suphp-%{V_suphp} -P 4
%endif
%if "%{with_mod_security}" == "yes"
%setup -q -T -D -a 18
@@ -728,6 +759,9 @@
%if "%{with_mod_php_mbstring}" == "yes"
--enable-mbstring \
%endif
+%if "%{with_mod_php_suhosin}" == "yes"
+ --enable-suhosin \
+%endif
%if "%{with_mod_php_calendar}" == "yes"
--enable-calendar \
%endif
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
