security updates to PHP 7.1.28, 7.2.17 and 7.3.4, and unbreak 7.3

by disabling AVX2/SSSE3 code (it was crashing in the AVX2-accelerated
base64 decoder).  ok naddy@

lang/php/7.1/Makefile

@@ -1,7 +1,6 @@
-# $OpenBSD: Makefile,v 1.20 2019/03/28 12:39:03 sthen Exp $
+# $OpenBSD: Makefile,v 1.21 2019/04/08 23:24:11 sthen Exp $
 
 PV=		7.1
-V=		${PV}.27
-REVISION-apache= 0
+V=		${PV}.28
 
 .include <bsd.port.mk>

lang/php/7.1/distinfo

@@ -1,2 +1,2 @@
-SHA256 (php-7.1.27.tar.bz2) = 2tfs0wlBkRUo5HHFVaAZEaaKqSGWlr/B4AX4tmn07Es=
-SIZE (php-7.1.27.tar.bz2) = 15164328
+SHA256 (php-7.1.28.tar.bz2) = c56HM/4fxeaeYibabbp6MbrP0uOHGtLJenkmOPIsVMk=
+SIZE (php-7.1.28.tar.bz2) = 15165503

lang/php/7.1/patches/patch-php_ini-development

@@ -1,4 +1,4 @@
-$OpenBSD: patch-php_ini-development,v 1.2 2019/01/09 23:44:30 sthen Exp $
+$OpenBSD: patch-php_ini-development,v 1.3 2019/04/08 23:24:11 sthen Exp $
 Index: php.ini-development
 --- php.ini-development.orig
 +++ php.ini-development
@@ -41,7 +41,7 @@ Index: php.ini-development
  
  ; http://php.net/date.default-latitude
  ;date.default_latitude = 31.7667
-@@ -1036,16 +1034,6 @@ pdo_mysql.default_socket=
+@@ -1047,16 +1045,6 @@ pdo_mysql.default_socket=
  ;phar.cache_list =
  
  [mail function]

lang/php/7.2/Makefile

@@ -1,7 +1,6 @@
-# $OpenBSD: Makefile,v 1.23 2019/03/28 12:39:03 sthen Exp $
+# $OpenBSD: Makefile,v 1.24 2019/04/08 23:24:11 sthen Exp $
 
 PV=		7.2
-V=		${PV}.16
-REVISION-apache= 0
+V=		${PV}.17
 
 .include <bsd.port.mk>

lang/php/7.2/distinfo

@@ -1,2 +1,2 @@
-SHA256 (php-7.2.16.tar.bz2) = LArRAFPVhpTNFDIySOzW2bpx0nM9Fglzw1atAdCefzg=
-SIZE (php-7.2.16.tar.bz2) = 15058325
+SHA256 (php-7.2.17.tar.bz2) = kagRq29tessxIVnPawo8/+loZ2/evwQuklMkXMYJT3U=
+SIZE (php-7.2.17.tar.bz2) = 15060211

lang/php/7.2/patches/patch-acinclude_m4

@@ -1,8 +1,8 @@
-$OpenBSD: patch-acinclude_m4,v 1.2 2019/03/06 15:16:34 sthen Exp $
+$OpenBSD: patch-acinclude_m4,v 1.3 2019/04/08 23:24:11 sthen Exp $
 Index: acinclude.m4
 --- acinclude.m4.orig
 +++ acinclude.m4
-@@ -974,15 +974,9 @@ dnl ---------------------------------------------- Sha
+@@ -970,15 +970,9 @@ dnl ---------------------------------------------- Sha
    if test "$3" != "shared" && test "$3" != "yes" && test "$4" = "cli"; then
  dnl ---------------------------------------------- CLI static module
      [PHP_]translit($1,a-z_-,A-Z__)[_SHARED]=no
@@ -20,7 +20,7 @@ Index: acinclude.m4
      EXT_CLI_STATIC="$EXT_CLI_STATIC $1;$ext_dir"
    fi
    PHP_ADD_BUILD_DIR($ext_builddir)
-@@ -1032,12 +1026,6 @@ You either need to build $1 shared or build $2 statica
+@@ -1028,12 +1022,6 @@ You either need to build $1 shared or build $2 statica
  build to be successful.
  ])
    fi
@@ -33,7 +33,7 @@ Index: acinclude.m4
    dnl Some systems require that we link $2 to $1 when building
  ])
  
-@@ -2350,9 +2338,9 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2346,9 +2334,9 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
    test -z "$PHP_IMAP_SSL" && PHP_IMAP_SSL=no
  
    dnl Fallbacks for different configure options
@@ -45,7 +45,7 @@ Index: acinclude.m4
      PHP_OPENSSL_DIR=$PHP_IMAP_SSL
    fi
  
-@@ -2363,7 +2351,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2359,7 +2347,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
  
    dnl If pkg-config is found try using it
    if test "$PHP_OPENSSL_DIR" = "yes" && test -x "$PKG_CONFIG" && $PKG_CONFIG --exists openssl; then

lang/php/7.2/patches/patch-aclocal_m4

@@ -1,4 +1,4 @@
-$OpenBSD: patch-aclocal_m4,v 1.2 2019/03/06 15:16:34 sthen Exp $
+$OpenBSD: patch-aclocal_m4,v 1.3 2019/04/08 23:24:11 sthen Exp $
 Index: aclocal.m4
 --- aclocal.m4.orig
 +++ aclocal.m4
@@ -13,7 +13,7 @@ Index: aclocal.m4
      php_cxx_done=yes
    fi
  ])
-@@ -2363,7 +2365,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2359,7 +2361,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
  
    dnl If pkg-config is found try using it
    if test "$PHP_OPENSSL_DIR" = "yes" && test -x "$PKG_CONFIG" && $PKG_CONFIG --exists openssl; then

lang/php/7.2/patches/patch-php_ini-development

@@ -1,4 +1,4 @@
-$OpenBSD: patch-php_ini-development,v 1.3 2019/02/07 22:48:37 sthen Exp $
+$OpenBSD: patch-php_ini-development,v 1.4 2019/04/08 23:24:11 sthen Exp $
 Index: php.ini-development
 --- php.ini-development.orig
 +++ php.ini-development
@@ -41,7 +41,7 @@ Index: php.ini-development
  
  ; http://php.net/date.default-latitude
  ;date.default_latitude = 31.7667
-@@ -1031,16 +1029,6 @@ pdo_mysql.default_socket=
+@@ -1042,16 +1040,6 @@ pdo_mysql.default_socket=
  ;phar.cache_list =
  
  [mail function]

lang/php/7.2/patches/patch-sapi_fpm_fpm_fpm_children_c

@@ -1,9 +1,9 @@
-$OpenBSD: patch-sapi_fpm_fpm_fpm_children_c,v 1.2 2018/11/07 22:27:54 sthen Exp $
+$OpenBSD: patch-sapi_fpm_fpm_fpm_children_c,v 1.3 2019/04/08 23:24:11 sthen Exp $
 
 Index: sapi/fpm/fpm/fpm_children.c
 --- sapi/fpm/fpm/fpm_children.c.orig
 +++ sapi/fpm/fpm/fpm_children.c
-@@ -249,9 +249,9 @@ void fpm_children_bury() /* {{{ */
+@@ -253,9 +253,9 @@ void fpm_children_bury() /* {{{ */
  				if (!fpm_pctl_can_spawn_children()) {
  					severity = ZLOG_DEBUG;
  				}

lang/php/7.3/Makefile

@@ -1,15 +1,6 @@
-# $OpenBSD: Makefile,v 1.4 2019/03/28 12:39:03 sthen Exp $
-
-BROKEN=	many crashes at runtime.
-# basic things in CLI work but some others fail (see e.g. tests
-# for pecl things; some work but many have crashes; backtraces often
-# include setproctitle).
-#
-# simple pages in FPM work, others fail (e.g. with roundcube: login
-# screen is displayed, actually logging in fails).
+# $OpenBSD: Makefile,v 1.5 2019/04/08 23:24:11 sthen Exp $
 
 PV=		7.3
-V=		${PV}.3
-REVISION-apache= 0
+V=		${PV}.4
 
 .include <bsd.port.mk>

lang/php/7.3/distinfo

@@ -1,2 +1,2 @@
-SHA256 (php-7.3.3.tar.bz2) = YZaelDrf6nlwGjS45wHt0/lb6CnRZgGkqr6wX4MCPOY=
-SIZE (php-7.3.3.tar.bz2) = 14813435
+SHA256 (php-7.3.4.tar.bz2) = Liw9ghLINknkQ7Ye//vQPfS57dD5x6Z5CB/kyy2hK3g=
+SIZE (php-7.3.4.tar.bz2) = 14807811

lang/php/7.3/patches/patch-acinclude_m4

@@ -1,8 +1,8 @@
-$OpenBSD: patch-acinclude_m4,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-acinclude_m4,v 1.2 2019/04/08 23:24:11 sthen Exp $
 Index: acinclude.m4
 --- acinclude.m4.orig
 +++ acinclude.m4
-@@ -971,15 +971,9 @@ dnl ---------------------------------------------- Sha
+@@ -967,15 +967,9 @@ dnl ---------------------------------------------- Sha
    if test "$3" != "shared" && test "$3" != "yes" && test "$4" = "cli"; then
  dnl ---------------------------------------------- CLI static module
      [PHP_]translit($1,a-z_-,A-Z__)[_SHARED]=no
@@ -20,7 +20,7 @@ Index: acinclude.m4
      EXT_CLI_STATIC="$EXT_CLI_STATIC $1;$ext_dir"
    fi
    PHP_ADD_BUILD_DIR($ext_builddir)
-@@ -1029,12 +1023,6 @@ You either need to build $1 shared or build $2 statica
+@@ -1025,12 +1019,6 @@ You either need to build $1 shared or build $2 statica
  build to be successful.
  ])
    fi
@@ -33,7 +33,7 @@ Index: acinclude.m4
    dnl Some systems require that we link $2 to $1 when building
  ])
  
-@@ -2328,9 +2316,9 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2324,9 +2312,9 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
    test -z "$PHP_IMAP_SSL" && PHP_IMAP_SSL=no
  
    dnl Fallbacks for different configure options
@@ -45,7 +45,7 @@ Index: acinclude.m4
      PHP_OPENSSL_DIR=$PHP_IMAP_SSL
    fi
  
-@@ -2341,7 +2329,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2337,7 +2325,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
  
    dnl If pkg-config is found try using it
    if test "$PHP_OPENSSL_DIR" = "yes" && test -x "$PKG_CONFIG" && $PKG_CONFIG --exists openssl; then

lang/php/7.3/patches/patch-aclocal_m4

@@ -1,4 +1,4 @@
-$OpenBSD: patch-aclocal_m4,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-aclocal_m4,v 1.2 2019/04/08 23:24:11 sthen Exp $
 Index: aclocal.m4
 --- aclocal.m4.orig
 +++ aclocal.m4
@@ -13,7 +13,7 @@ Index: aclocal.m4
      php_cxx_done=yes
    fi
  ])
-@@ -2341,7 +2343,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
+@@ -2337,7 +2339,7 @@ AC_DEFUN([PHP_SETUP_OPENSSL],[
  
    dnl If pkg-config is found try using it
    if test "$PHP_OPENSSL_DIR" = "yes" && test -x "$PKG_CONFIG" && $PKG_CONFIG --exists openssl; then

lang/php/7.3/patches/patch-configure_ac

@@ -1,8 +1,45 @@
-$OpenBSD: patch-configure_ac,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-configure_ac,v 1.2 2019/04/08 23:24:11 sthen Exp $
+
+#1: disable avx/sse/ssse, runtime crashes in optimized b64decode
+
 Index: configure.ac
 --- configure.ac.orig
 +++ configure.ac
-@@ -1117,16 +1117,16 @@ case $php_sapi_module in
+@@ -556,33 +556,7 @@ dnl Check __builtin_ssubll_overflow
+ PHP_CHECK_BUILTIN_SSUBLL_OVERFLOW
+ dnl Check __builtin_cpu_init
+ PHP_CHECK_BUILTIN_CPU_INIT
+-dnl Check __builtin_cpu_supports
+-PHP_CHECK_BUILTIN_CPU_SUPPORTS
+ 
+-dnl Check instructions
+-PHP_CHECK_CPU_SUPPORTS([ssse3])
+-PHP_CHECK_CPU_SUPPORTS([sse4.2])
+-PHP_CHECK_CPU_SUPPORTS([avx])
+-PHP_CHECK_CPU_SUPPORTS([avx2])
+-
+-dnl The ABI of php_addslashes in PHP 7.3 is dependent on __SSE4_2__,
+-dnl which depends on target attributes. Use this check to make sure that
+-dnl SSE 4.2 availability during the PHP compilation is used, independently
+-dnl of whether extensions are compiled with SSE 4.2 support.
+-AC_MSG_CHECKING([whether __SSE4_2__ is defined])
+-AC_RUN_IFELSE([AC_LANG_SOURCE([[
+-int main() {
+-#if defined(__SSE4_2__)
+-  return 0;
+-#else
+-  return 1;
+-#endif
+-}
+-]])], [
+-  AC_MSG_RESULT([yes])
+-  AC_DEFINE(HAVE_SSE4_2_DEF, 1, [Define if __SSE4_2__ has been defined])
+-], [AC_MSG_RESULT([no])], [AC_MSG_RESULT([no])])
+-
+ dnl Check for members of the stat structure
+ AC_CHECK_MEMBERS([struct stat.st_blksize, struct stat.st_rdev])
+ dnl AC_STRUCT_ST_BLOCKS will screw QNX because fileblocks.o does not exist
+@@ -1117,16 +1091,16 @@ case $php_sapi_module in
      enable_static=no
      case $with_pic in
        yes)
@@ -22,7 +59,7 @@ Index: configure.ac
      if test -z "$PHP_MODULES" && test -z "$PHP_ZEND_EX"; then
        enable_shared=no
      fi
-@@ -1310,7 +1310,7 @@ EXPANDED_SYSCONFDIR=`eval echo $sysconfdir`
+@@ -1310,7 +1284,7 @@ EXPANDED_SYSCONFDIR=`eval echo $sysconfdir`
  EXPANDED_DATADIR=$datadir
  EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"`
  EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"`

lang/php/7.3/patches/patch-php_ini-development

@@ -1,8 +1,8 @@
-$OpenBSD: patch-php_ini-development,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-php_ini-development,v 1.2 2019/04/08 23:24:11 sthen Exp $
 Index: php.ini-development
 --- php.ini-development.orig
 +++ php.ini-development
-@@ -724,11 +724,8 @@ default_charset = "UTF-8"
+@@ -725,11 +725,8 @@ default_charset = "UTF-8"
  ;;;;;;;;;;;;;;;;;;;;;;;;;
  
  ; UNIX: "/path1:/path2"
@@ -15,7 +15,7 @@ Index: php.ini-development
  ; PHP's default setting for include_path is ".;/path/to/php/pear"
  ; http://php.net/include-path
  
-@@ -750,6 +747,7 @@ user_dir =
+@@ -751,6 +748,7 @@ user_dir =
  ;extension_dir = "./"
  ; On windows:
  ;extension_dir = "ext"
@@ -23,7 +23,7 @@ Index: php.ini-development
  
  ; Directory where the temporary files should be placed.
  ; Defaults to the system default (see sys_get_temp_dir)
-@@ -845,7 +843,7 @@ max_file_uploads = 20
+@@ -846,7 +844,7 @@ max_file_uploads = 20
  
  ; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
  ; http://php.net/allow-url-fopen
@@ -32,7 +32,7 @@ Index: php.ini-development
  
  ; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
  ; http://php.net/allow-url-include
-@@ -949,7 +947,7 @@ cli_server.color = On
+@@ -950,7 +948,7 @@ cli_server.color = On
  [Date]
  ; Defines the default timezone used by the date functions
  ; http://php.net/date.timezone
@@ -41,7 +41,7 @@ Index: php.ini-development
  
  ; http://php.net/date.default-latitude
  ;date.default_latitude = 31.7667
-@@ -1044,16 +1042,6 @@ pdo_mysql.default_socket=
+@@ -1056,16 +1054,6 @@ pdo_mysql.default_socket=
  ;phar.cache_list =
  
  [mail function]

lang/php/7.3/patches/patch-php_ini-production

@@ -1,8 +1,8 @@
-$OpenBSD: patch-php_ini-production,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-php_ini-production,v 1.2 2019/04/08 23:24:11 sthen Exp $
 Index: php.ini-production
 --- php.ini-production.orig
 +++ php.ini-production
-@@ -731,11 +731,8 @@ default_charset = "UTF-8"
+@@ -732,11 +732,8 @@ default_charset = "UTF-8"
  ;;;;;;;;;;;;;;;;;;;;;;;;;
  
  ; UNIX: "/path1:/path2"
@@ -15,7 +15,7 @@ Index: php.ini-production
  ; PHP's default setting for include_path is ".;/path/to/php/pear"
  ; http://php.net/include-path
  
-@@ -757,6 +754,7 @@ user_dir =
+@@ -758,6 +755,7 @@ user_dir =
  ;extension_dir = "./"
  ; On windows:
  ;extension_dir = "ext"
@@ -23,7 +23,7 @@ Index: php.ini-production
  
  ; Directory where the temporary files should be placed.
  ; Defaults to the system default (see sys_get_temp_dir)
-@@ -852,7 +850,7 @@ max_file_uploads = 20
+@@ -853,7 +851,7 @@ max_file_uploads = 20
  
  ; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
  ; http://php.net/allow-url-fopen
@@ -32,7 +32,7 @@ Index: php.ini-production
  
  ; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
  ; http://php.net/allow-url-include
-@@ -956,7 +954,7 @@ cli_server.color = On
+@@ -957,7 +955,7 @@ cli_server.color = On
  [Date]
  ; Defines the default timezone used by the date functions
  ; http://php.net/date.timezone

lang/php/7.3/patches/patch-sapi_fpm_fpm_fpm_children_c

@@ -1,9 +1,9 @@
-$OpenBSD: patch-sapi_fpm_fpm_fpm_children_c,v 1.1 2019/03/08 02:13:05 sthen Exp $
+$OpenBSD: patch-sapi_fpm_fpm_fpm_children_c,v 1.2 2019/04/08 23:24:11 sthen Exp $
 
 Index: sapi/fpm/fpm/fpm_children.c
 --- sapi/fpm/fpm/fpm_children.c.orig
 +++ sapi/fpm/fpm/fpm_children.c
-@@ -252,9 +252,9 @@ void fpm_children_bury() /* {{{ */
+@@ -256,9 +256,9 @@ void fpm_children_bury() /* {{{ */
  				if (!fpm_pctl_can_spawn_children()) {
  					severity = ZLOG_DEBUG;
  				}