cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to 5.2.16

Browse Source
This commit is contained in:
robert 2011-01-03 15:03:03 +00:00
parent 7eaa2ec294
commit fd4c5155c2
12 changed files with 131 additions and 283 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
www/php5/Makefile.inc
View File

@ -1,11 +1,11 @@
# $OpenBSD: Makefile.inc,v 1.34 2010/08/24 09:14:43 robert Exp $
# $OpenBSD: Makefile.inc,v 1.35 2011/01/03 15:03:03 robert Exp $
# This port currently only works with archs supporting dynamic loading
# and has Apache that supports DSO's.
NOT_FOR_ARCHS= ${NO_SHARED_ARCHS}
V= 5.2.14
SUHOSIN_V= 0.9.29
V= 5.2.16
SUHOSIN_V= 0.9.32.1
SUHOSIN_P_V= 0.9.7
DISTNAME?= php-${V}
@ -72,10 +72,10 @@ PATCH_LIST= ${.CURDIR}/../patches/patch-* \
PSEUDO_FLAVORS+= no_suhosin
FLAVOR?=
.if ${FLAVOR:L:Mno_suhosin}
SUPDISTFILES= suhosin-${SUHOSIN_V}.tgz:0 \
SUPDISTFILES= suhosin-${SUHOSIN_V}.tar.gz:0 \
suhosin-patch-${V}-${SUHOSIN_P_V}.patch.gz:0
.else
DISTFILES+= suhosin-${SUHOSIN_V}.tgz:0
DISTFILES+= suhosin-${SUHOSIN_V}.tar.gz:0
PATCHFILES= suhosin-patch-${V}-${SUHOSIN_P_V}.patch.gz:0
PATCH_DIST_STRIP= -p1
CONFIGURE_ARGS+= --enable-suhosin

3
www/php5/core/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.63 2010/11/22 08:36:52 espie Exp $
# $OpenBSD: Makefile,v 1.64 2011/01/03 15:03:03 robert Exp $
# doesn't set USE_LIBTOOL but use the bundled one because it needs some
# specific options we don't have.
@ -8,7 +8,6 @@ COMMENT-fastcgi=stand-alone FastCGI version of PHP
PKGNAME= php5-core-${V}
PKGNAME-main= php5-core-${V}
REVISION-main= 0
PKGNAME-fastcgi=php5-fastcgi-${V}
DISTFILES= php-${V}.tar.gz

8
www/php5/core/patches/patch-sapi_apache_mod_php5_c
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-sapi_apache_mod_php5_c,v 1.1 2009/03/10 22:07:22 robert Exp $
--- sapi/apache/mod_php5.c.orig Tue Mar 10 20:28:59 2009
+++ sapi/apache/mod_php5.c Tue Mar 10 20:25:42 2009
@@ -938,12 +938,19 @@ static void php_child_exit_handler(server_rec *s, pool
$OpenBSD: patch-sapi_apache_mod_php5_c,v 1.2 2011/01/03 15:03:03 robert Exp $
--- sapi/apache/mod_php5.c.orig Mon Jan 3 14:34:43 2011
+++ sapi/apache/mod_php5.c Mon Jan 3 14:34:43 2011
@@ -940,12 +940,19 @@ static void php_child_exit_handler(server_rec *s, pool
*/
static void php_init_handler(server_rec *s, pool *p)
{

8
www/php5/core/patches/patch-sapi_cgi_main_c
View File

@ -1,6 +1,6 @@
--- sapi/cgi/cgi_main.c.orig Tue Mar 10 20:48:33 2009
+++ sapi/cgi/cgi_main.c Tue Mar 10 21:02:07 2009
@@ -1323,7 +1323,7 @@ int main(int argc, char *argv[])
--- sapi/cgi/cgi_main.c.orig Mon Jan 3 14:34:43 2011
+++ sapi/cgi/cgi_main.c Mon Jan 3 14:34:43 2011
@@ -1327,7 +1327,7 @@ int main(int argc, char *argv[])
char *orig_optarg = php_optarg;
char *script_file = NULL;
int ini_entries_len = 0;
@ -9,7 +9,7 @@
/* end of temporary locals */
#ifdef ZTS
void ***tsrm_ls;
@@ -1375,8 +1375,12 @@ int main(int argc, char *argv[])
@@ -1379,8 +1379,12 @@ int main(int argc, char *argv[])
tsrm_ls = ts_resource(0);
#endif

10
www/php5/core/patches/patch-sapi_cli_php_cli_c
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-sapi_cli_php_cli_c,v 1.1 2009/03/10 22:07:22 robert Exp $
--- sapi/cli/php_cli.c.orig Tue Mar 10 17:02:10 2009
+++ sapi/cli/php_cli.c Tue Mar 10 19:32:00 2009
@@ -604,6 +604,7 @@ int main(int argc, char *argv[])
$OpenBSD: patch-sapi_cli_php_cli_c,v 1.2 2011/01/03 15:03:03 robert Exp $
--- sapi/cli/php_cli.c.orig Mon Jan 3 14:34:43 2011
+++ sapi/cli/php_cli.c Mon Jan 3 14:34:43 2011
@@ -636,6 +636,7 @@ int main(int argc, char *argv[])
char *exec_direct=NULL, *exec_run=NULL, *exec_begin=NULL, *exec_end=NULL;
const char *param_error=NULL;
int hide_argv = 0;
@ -9,7 +9,7 @@ $OpenBSD: patch-sapi_cli_php_cli_c,v 1.1 2009/03/10 22:07:22 robert Exp $
/* end of temporary locals */
#ifdef ZTS
void ***tsrm_ls;
@@ -647,7 +648,11 @@ int main(int argc, char *argv[])
@@ -679,7 +680,11 @@ int main(int argc, char *argv[])
#endif
cli_sapi_module.ini_defaults = sapi_cli_ini_defaults;

30
www/php5/distinfo
View File

@ -1,15 +1,15 @@
MD5 (php-5.2.14.tar.gz) = bf90KaG0OqHHakPpCSFWCA==
MD5 (suhosin-0.9.29.tgz) = 48WZ5+NE6YH5NbLauQWSwQ==
MD5 (suhosin-patch-5.2.14-0.9.7.patch.gz) = hM8BQrijY3uHhLXuHmy8Bw==
RMD160 (php-5.2.14.tar.gz) = iUgWEqwmHUoF1nmAfQdL/cahkr4=
RMD160 (suhosin-0.9.29.tgz) = P7Hyka93d4WMoAkeXqbaQA9QabU=
RMD160 (suhosin-patch-5.2.14-0.9.7.patch.gz) = vHeQzTbcQQEyJoS3VNs8otQ4W6Y=
SHA1 (php-5.2.14.tar.gz) = LPIRslJor3zBRgAcSgmcILrXLPY=
SHA1 (suhosin-0.9.29.tgz) = L6fHFqMucfu1d/w6n+r0bXg6UBs=
SHA1 (suhosin-patch-5.2.14-0.9.7.patch.gz) = ChLTWJ+cJtx9a2RS73mHsuZSejA=
SHA256 (php-5.2.14.tar.gz) = zjPG7Rq8iPC+/mMpRi8wLVOMz9hPqTjB06VFUdCtHRg=
SHA256 (suhosin-0.9.29.tgz) = OsOn0updwnGJ+tt5RdoMrxj+IshzaUBLwy18+ArpU3k=
SHA256 (suhosin-patch-5.2.14-0.9.7.patch.gz) = vQOt5EZz9+b6EW10Y1DxbGC+cXDWxBgWotUfqutaMa4=
SIZE (php-5.2.14.tar.gz) = 11783970
SIZE (suhosin-0.9.29.tgz) = 116137
SIZE (suhosin-patch-5.2.14-0.9.7.patch.gz) = 23057
MD5 (php-5.2.16.tar.gz) = aPLJK1sz0TGx6nDs6fxArQ==
MD5 (suhosin-0.9.32.1.tar.gz) = JqhvD2hKZWw+eJ4+tOwdsw==
MD5 (suhosin-patch-5.2.16-0.9.7.patch.gz) = 2BX8maDCXCH13yhVH8uwAQ==
RMD160 (php-5.2.16.tar.gz) = +myeqJWoihtaJa2nGAl9/1XC10A=
RMD160 (suhosin-0.9.32.1.tar.gz) = YYTu8za509XIhafR3L8g2XsFXo0=
RMD160 (suhosin-patch-5.2.16-0.9.7.patch.gz) = sotw+vE2s+BMW0g9oPTCJ5N49Do=
SHA1 (php-5.2.16.tar.gz) = avDVDCwTNgiOQka7yymOZsEnTNA=
SHA1 (suhosin-0.9.32.1.tar.gz) = k/yx1flmkcTFCAihTdPW1Lv+pFE=
SHA1 (suhosin-patch-5.2.16-0.9.7.patch.gz) = /sELK4FYLQa7DQqW6lXFJa/Iqyk=
SHA256 (php-5.2.16.tar.gz) = AgcWStDaOxjAGKVt6kcvGKRNrbXUsKOL9puYXlKcexg=
SHA256 (suhosin-0.9.32.1.tar.gz) = 0oOry9GAPqoRu9kctarnJ7K7qzoAod6FEPhdjMWY5JA=
SHA256 (suhosin-patch-5.2.16-0.9.7.patch.gz) = quEVoxjYCz8yzt+HbnqOS5Mv67Gwx0PAs5gAPr4SL5E=
SIZE (php-5.2.16.tar.gz) = 11804143
SIZE (suhosin-0.9.32.1.tar.gz) = 119117
SIZE (suhosin-patch-5.2.16-0.9.7.patch.gz) = 23069

4
www/php5/extensions/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.65 2010/11/22 09:40:48 espie Exp $
# $OpenBSD: Makefile,v 1.66 2011/01/03 15:03:03 robert Exp $
FULLPKGNAME-main= php5-extensions-${V}
FULLPKGPATH-main= www/php5/extensions,-main
@ -325,7 +325,7 @@ MULTI_PACKAGES+= -snmp
COMMENT-snmp= snmp protocol extensions for php5
CONFIGURE_ARGS+= --with-snmp=shared,${LOCALBASE} --enable-ucd-snmp-hack
LIB_DEPENDS-snmp = net/net-snmp
WANTLIB-snmp = netsnmp>=6.2
WANTLIB-snmp = crypto netsnmp>=6.2
.endif
# sqlite

14
www/php5/patches/patch-aclocal_m4
View File

@ -1,6 +1,6 @@
--- aclocal.m4.orig Wed Jun 17 14:35:16 2009
+++ aclocal.m4 Mon Jun 22 13:18:01 2009
@@ -194,7 +194,7 @@
--- aclocal.m4.orig Wed Dec 15 14:44:59 2010
+++ aclocal.m4 Mon Jan 3 14:34:45 2011
@@ -194,7 +194,7 @@ dnl the path is interpreted relative to the top build-
dnl
dnl which array to append to?
AC_DEFUN([PHP_ADD_SOURCES],[
@ -9,7 +9,7 @@
])
dnl
@@ -968,15 +968,7 @@
@@ -968,15 +968,7 @@ dnl ---------------------------------------------- Sha
if test "$3" != "shared" && test "$3" != "yes" && test "$4" = "cli"; then
dnl ---------------------------------------------- CLI static module
[PHP_]translit($1,a-z_-,A-Z__)[_SHARED]=no
@ -26,7 +26,7 @@
EXT_CLI_STATIC="$EXT_CLI_STATIC $1"
fi
PHP_ADD_BUILD_DIR($ext_builddir)
@@ -1026,12 +1018,6 @@
@@ -1026,12 +1018,6 @@ You either need to build $1 shared or build $2 statica
build to be successful.
])
fi
@ -39,7 +39,7 @@
dnl Some systems require that we link $2 to $1 when building
])
@@ -2274,10 +2260,9 @@
@@ -2274,10 +2260,9 @@ AC_DEFUN([PHP_SETUP_KERBEROS],[
if test "$PHP_KERBEROS_DIR"; then
found_kerberos=yes
PHP_ADD_LIBPATH($PHP_KERBEROS_DIR/$PHP_LIBDIR, $1)
@ -52,7 +52,7 @@
PHP_ADD_INCLUDE($PHP_KERBEROS_DIR/include)
fi
fi
@@ -4167,7 +4152,7 @@
@@ -4319,7 +4304,7 @@ bsdi[[45]]*)
need_version=no
library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
soname_spec='${libname}${release}${shared_ext}$major'

18
www/php5/patches/patch-configure_in
View File

@ -1,6 +1,6 @@
--- configure.in.orig Tue Dec 9 22:04:42 2008
+++ configure.in Tue Dec 9 22:07:03 2008
@@ -354,8 +354,8 @@
--- configure.in.orig Mon Jan 3 14:34:43 2011
+++ configure.in Mon Jan 3 14:34:45 2011
@@ -352,8 +352,8 @@ AC_CHECK_LIB(m, sin)
dnl Check for resolver routines.
dnl Need to check for both res_search and __res_search
@ -11,7 +11,7 @@
dnl Check for inet_aton and dn_skipname
dnl in -lc, -lbind and -lresolv
@@ -931,7 +931,7 @@
@@ -940,7 +940,7 @@ enable_static=yes
case $php_build_target in
program|static)
@ -20,7 +20,7 @@
if test -z "$PHP_MODULES" && test -z "$PHP_ZEND_EX"; then
enable_shared=no
fi
@@ -940,10 +940,10 @@
@@ -949,10 +949,10 @@ case $php_build_target in
enable_static=no
case $with_pic in
yes)
@ -33,7 +33,7 @@
;;
esac
EXTRA_LDFLAGS="$EXTRA_LDFLAGS -avoid-version -module"
@@ -1136,7 +1136,7 @@
@@ -1146,7 +1146,7 @@ EXPANDED_SYSCONFDIR=`eval echo $sysconfdir`
EXPANDED_DATADIR=$datadir
EXPANDED_PHP_CONFIG_FILE_PATH=`eval echo "$PHP_CONFIG_FILE_PATH"`
EXPANDED_PHP_CONFIG_FILE_SCAN_DIR=`eval echo "$PHP_CONFIG_FILE_SCAN_DIR"`
@ -42,7 +42,7 @@
exec_prefix=$old_exec_prefix
libdir=$old_libdir
@@ -1344,7 +1344,8 @@
@@ -1357,7 +1357,8 @@ CFLAGS="\$(CFLAGS_CLEAN) $standard_libtool_flag"
INLINE_CFLAGS="$INLINE_CFLAGS $standard_libtool_flag"
CXXFLAGS="$CXXFLAGS $standard_libtool_flag"
@ -52,7 +52,7 @@
install_targets="$install_modules install-build install-headers install-programs $install_pear"
case $PHP_SAPI in
@@ -1388,7 +1389,7 @@
@@ -1401,7 +1402,7 @@ esac
PHP_ADD_SOURCES(Zend, \
zend_language_parser.c zend_language_scanner.c \
zend_ini_parser.c zend_ini_scanner.c \
@ -61,7 +61,7 @@
zend_execute_API.c zend_highlight.c zend_llist.c \
zend_opcode.c zend_operators.c zend_ptr_stack.c zend_stack.c \
zend_variables.c zend.c zend_API.c zend_extensions.c zend_hash.c \
@@ -1409,6 +1410,7 @@
@@ -1422,6 +1423,7 @@ else
fi
PHP_ADD_SOURCES_X(Zend, zend_execute.c,,PHP_GLOBAL_OBJS,,$flag)

12
www/php5/patches/patch-ext_standard_config_m4
View File

@ -1,9 +1,9 @@
$OpenBSD: patch-ext_standard_config_m4,v 1.1 2008/04/05 05:45:19 sturm Exp $
--- ext/standard/config.m4.orig Fri Apr 4 22:34:19 2008
+++ ext/standard/config.m4 Fri Apr 4 22:34:33 2008
$OpenBSD: patch-ext_standard_config_m4,v 1.2 2011/01/03 15:03:03 robert Exp $
--- ext/standard/config.m4.orig Sat Nov 28 00:41:13 2009
+++ ext/standard/config.m4 Mon Jan 3 14:34:43 2011
@@ -311,9 +311,9 @@ dnl
dnl Detect library functions needed by php dns_xxx functions
dnl ext/standard/dns.h will collect these in a single define: HAVE_DNS_FUNCS
dnl ext/standard/php_dns.h will collect these in a single define: HAVE_DNS_FUNCS
dnl
-PHP_CHECK_FUNC(res_nmkquery, resolv, bind, socket)
-PHP_CHECK_FUNC(res_nsend, resolv, bind, socket)
@ -12,5 +12,5 @@ $OpenBSD: patch-ext_standard_config_m4,v 1.1 2008/04/05 05:45:19 sturm Exp $
+PHP_CHECK_FUNC(res_nsend, resolv, socket)
+PHP_CHECK_FUNC(dn_expand, resolv, socket)
dnl
dnl Check if atof() accepts NAN
dnl OSX has the dns functions in libc but remaps them in resolv.h for bind so linking fails
case $host_alias in

149
www/php5/patches/patch-php_ini-dist
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
--- php.ini-dist.orig Wed Aug 22 01:24:18 2007
+++ php.ini-dist Tue Nov 13 11:53:18 2007
@@ -466,10 +466,7 @@ default_mimetype = "text/html"
$OpenBSD: patch-php_ini-dist,v 1.14 2011/01/03 15:03:03 robert Exp $
--- php.ini-dist.orig Mon Jan 3 14:35:22 2011
+++ php.ini-dist Mon Jan 3 14:38:34 2011
@@ -471,10 +471,7 @@ default_mimetype = "text/html"
;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2"
@ -13,7 +13,7 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
@@ -483,7 +480,7 @@ doc_root =
@@ -488,7 +485,7 @@ doc_root =
user_dir =
; Directory in which the loadable extensions (modules) reside.
@ -22,7 +22,7 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
@@ -552,7 +549,7 @@ upload_max_filesize = 2M
@@ -560,7 +557,7 @@ max_file_uploads = 20
;;;;;;;;;;;;;;;;;;
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
@ -31,89 +31,7 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
allow_url_include = Off
@@ -573,81 +570,6 @@ default_socket_timeout = 60
; fgets() and file() will work regardless of the source of the file.
; auto_detect_line_endings = Off
-
-;;;;;;;;;;;;;;;;;;;;;;
-; Dynamic Extensions ;
-;;;;;;;;;;;;;;;;;;;;;;
-;
-; If you wish to have an extension loaded automatically, use the following
-; syntax:
-;
-; extension=modulename.extension
-;
-; For example, on Windows:
-;
-; extension=msql.dll
-;
-; ... or under UNIX:
-;
-; extension=msql.so
-;
-; Note that it should be the name of the module only; no directory information
-; needs to go here. Specify the location of the extension with the
-; extension_dir directive above.
-
-
-; Windows Extensions
-; Note that ODBC support is built in, so no dll is needed for it.
-; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
-; extension folders as well as the separate PECL DLL download (PHP 5).
-; Be sure to appropriately set the extension_dir directive.
-
-;extension=php_bz2.dll
-;extension=php_curl.dll
-;extension=php_dba.dll
-;extension=php_dbase.dll
-;extension=php_exif.dll
-;extension=php_fdf.dll
-;extension=php_gd2.dll
-;extension=php_gettext.dll
-;extension=php_gmp.dll
-;extension=php_ifx.dll
-;extension=php_imap.dll
-;extension=php_interbase.dll
-;extension=php_ldap.dll
-;extension=php_mbstring.dll
-;extension=php_mcrypt.dll
-;extension=php_mhash.dll
-;extension=php_mime_magic.dll
-;extension=php_ming.dll
-;extension=php_msql.dll
-;extension=php_mssql.dll
-;extension=php_mysql.dll
-;extension=php_mysqli.dll
-;extension=php_oci8.dll
-;extension=php_openssl.dll
-;extension=php_pdo.dll
-;extension=php_pdo_firebird.dll
-;extension=php_pdo_mssql.dll
-;extension=php_pdo_mysql.dll
-;extension=php_pdo_oci.dll
-;extension=php_pdo_oci8.dll
-;extension=php_pdo_odbc.dll
-;extension=php_pdo_pgsql.dll
-;extension=php_pdo_sqlite.dll
-;extension=php_pgsql.dll
-;extension=php_pspell.dll
-;extension=php_shmop.dll
-;extension=php_snmp.dll
-;extension=php_soap.dll
-;extension=php_sockets.dll
-;extension=php_sqlite.dll
-;extension=php_sybase_ct.dll
-;extension=php_tidy.dll
-;extension=php_xmlrpc.dll
-;extension=php_xsl.dll
-;extension=php_zip.dll
-
;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;
@@ -695,13 +617,6 @@ default_socket_timeout = 60
@@ -699,13 +696,6 @@ default_socket_timeout = 60
define_syslog_variables = Off
[mail function]
@ -127,14 +45,14 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path =
@@ -1277,6 +1192,436 @@ soap.wsdl_cache_dir="/tmp"
@@ -1280,6 +1270,446 @@ soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used
; instead of original one.
soap.wsdl_cache_ttl=86400
-; Local Variables:
-; tab-width: 4
-; End:
+
+
+[suhosin]
+; -----------------------------------------------------------------------------
+; Logging Options
+
+; Defines what classes of security alerts are logged to the syslog daemon.
@ -211,6 +129,12 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+; blacklist and no whitelist is specified all URL schemes are forbidden.
+;suhosin.executor.include.blacklist =
+
+; Defines if PHP is allows to run code from files that are writable by the
+; current process. If a file is created or modified by a PHP process, there
+; is a potential danger of code injection. Only turn this on if you are sure
+; that your application does not require writable PHP files.
+;suhosin.executor.include.allow_writable_files = On
+
+; Comma separated whitelist of functions that are allowed to be called. If the
+; whitelist is empty the blacklist is evaluated, otherwise calling a function
+; not in the whitelist will terminate the script and get logged.
@ -256,7 +180,8 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+; If you fear that Suhosin breaks your application, you can activate Suhosin's
+; simulation mode with this flag. When Suhosin runs in simulation mode,
+; violations are logged as usual, but nothing is blocked or removed from the
+; request. (Transparent Encryptions are NOT deactivated in simulation mode.)
+; request. (Transparent features are NOT deactivated in simulation mode.)
+; (since v0.9.30 affects (dis)allowed functions)
+;suhosin.simulation = Off
+
+; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot
@ -461,11 +386,11 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+
+; Defines the maximum length of a variable that is registered through a POST
+; request.
+;suhosin.post.max_value_length = 65000
+;suhosin.post.max_value_length = 1000000
+
+; Defines the maximum number of variables that may be registered through a POST
+; request.
+;suhosin.post.max_vars = 200
+;suhosin.post.max_vars = 1000
+
+; When set to On ASCIIZ chars are not allowed in variables.
+;suhosin.post.disallow_nul = 1
@ -489,12 +414,12 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+; Defines the maximum length of a variable that is registered through the
+; COOKIE, the URL or through a POST request. This setting is also an upper
+; limit for the variable origin specific configuration directives.
+;suhosin.request.max_value_length = 65000
+;suhosin.request.max_value_length = 1000000
+
+; Defines the maximum number of variables that may be registered through the
+; COOKIE, the URL or through a POST request. This setting is also an upper
+; limit for the variable origin specific configuration directives.
+;suhosin.request.max_vars = 200
+;suhosin.request.max_vars = 1000
+
+; Defines the maximum name length (excluding possible array indicies) of
+; variables that may be registered through the COOKIE, the URL or through a
@ -505,6 +430,16 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+; When set to On ASCIIZ chars are not allowed in variables.
+;suhosin.request.disallow_nul = 1
+
+; When set to On the dangerous characters <>"'` are urlencoded when found
+; not encoded in the server variables REQUEST_URI and QUERY_STRING. This
+; will protect against some XSS vulnerabilities.
+;suhosin.server.encode = 1
+
+; When set to On the dangerous characters <>"'` are replaced with ? in
+; the server variables PHP_SELF, PATH_TRANSLATED and PATH_INFO. This will
+; protect against some XSS vulnerabilities.
+;suhosin.server.strip = 1
+
+; Defines the maximum number of files that may be uploaded with one request.
+;suhosin.upload.max_uploads = 25
+
@ -554,16 +489,6 @@ $OpenBSD: patch-php_ini-dist,v 1.13 2007/11/14 10:53:50 robert Exp $
+; .htaccess. The string "legcprsum" will allow logging, execution, get,
+; post, cookie, request, sql, upload, misc features in .htaccess
+;suhosin.perdir = "0"
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+;
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+; extension=modulename.so
+;
+; Note that it should be the name of the module only; no directory information
+; needs to go here. Specify the location of the extension with the
+; extension_dir directive above.
; Local Variables:
; tab-width: 4

148
www/php5/patches/patch-php_ini-recommended
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
--- php.ini-recommended.orig Wed Aug 22 01:24:18 2007
+++ php.ini-recommended Tue Nov 13 11:53:39 2007
@@ -516,10 +516,7 @@ default_mimetype = "text/html"
$OpenBSD: patch-php_ini-recommended,v 1.14 2011/01/03 15:03:03 robert Exp $
--- php.ini-recommended.orig Mon Jan 3 14:37:12 2011
+++ php.ini-recommended Mon Jan 3 14:38:25 2011
@@ -522,10 +522,7 @@ default_mimetype = "text/html"
;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2"
@ -13,7 +13,7 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
@@ -533,7 +530,7 @@ doc_root =
@@ -539,7 +536,7 @@ doc_root =
user_dir =
; Directory in which the loadable extensions (modules) reside.
@ -22,7 +22,7 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
@@ -602,7 +599,7 @@ upload_max_filesize = 2M
@@ -611,7 +608,7 @@ max_file_uploads = 20
;;;;;;;;;;;;;;;;;;
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
@ -31,89 +31,7 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
allow_url_include = Off
@@ -623,81 +620,6 @@ default_socket_timeout = 60
; fgets() and file() will work regardless of the source of the file.
; auto_detect_line_endings = Off
-
-;;;;;;;;;;;;;;;;;;;;;;
-; Dynamic Extensions ;
-;;;;;;;;;;;;;;;;;;;;;;
-;
-; If you wish to have an extension loaded automatically, use the following
-; syntax:
-;
-; extension=modulename.extension
-;
-; For example, on Windows:
-;
-; extension=msql.dll
-;
-; ... or under UNIX:
-;
-; extension=msql.so
-;
-; Note that it should be the name of the module only; no directory information
-; needs to go here. Specify the location of the extension with the
-; extension_dir directive above.
-
-
-; Windows Extensions
-; Note that ODBC support is built in, so no dll is needed for it.
-; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5)
-; extension folders as well as the separate PECL DLL download (PHP 5).
-; Be sure to appropriately set the extension_dir directive.
-
-;extension=php_bz2.dll
-;extension=php_curl.dll
-;extension=php_dba.dll
-;extension=php_dbase.dll
-;extension=php_exif.dll
-;extension=php_fdf.dll
-;extension=php_gd2.dll
-;extension=php_gettext.dll
-;extension=php_gmp.dll
-;extension=php_ifx.dll
-;extension=php_imap.dll
-;extension=php_interbase.dll
-;extension=php_ldap.dll
-;extension=php_mbstring.dll
-;extension=php_mcrypt.dll
-;extension=php_mhash.dll
-;extension=php_mime_magic.dll
-;extension=php_ming.dll
-;extension=php_msql.dll
-;extension=php_mssql.dll
-;extension=php_mysql.dll
-;extension=php_mysqli.dll
-;extension=php_oci8.dll
-;extension=php_openssl.dll
-;extension=php_pdo.dll
-;extension=php_pdo_firebird.dll
-;extension=php_pdo_mssql.dll
-;extension=php_pdo_mysql.dll
-;extension=php_pdo_oci.dll
-;extension=php_pdo_oci8.dll
-;extension=php_pdo_odbc.dll
-;extension=php_pdo_pgsql.dll
-;extension=php_pdo_sqlite.dll
-;extension=php_pgsql.dll
-;extension=php_pspell.dll
-;extension=php_shmop.dll
-;extension=php_snmp.dll
-;extension=php_soap.dll
-;extension=php_sockets.dll
-;extension=php_sqlite.dll
-;extension=php_sybase_ct.dll
-;extension=php_tidy.dll
-;extension=php_xmlrpc.dll
-;extension=php_xsl.dll
-;extension=php_zip.dll
-
;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;
@@ -745,13 +667,6 @@ default_socket_timeout = 60
@@ -750,13 +747,6 @@ default_socket_timeout = 60
define_syslog_variables = Off
[mail function]
@ -127,14 +45,13 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path =
@@ -1330,6 +1245,436 @@ soap.wsdl_cache_dir="/tmp"
@@ -1334,6 +1324,445 @@ soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used
; instead of original one.
soap.wsdl_cache_ttl=86400
-; Local Variables:
-; tab-width: 4
-; End:
+
+[suhosin]
+; -----------------------------------------------------------------------------
+; Logging Options
+
+; Defines what classes of security alerts are logged to the syslog daemon.
@ -211,6 +128,12 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+; blacklist and no whitelist is specified all URL schemes are forbidden.
+;suhosin.executor.include.blacklist =
+
+; Defines if PHP is allows to run code from files that are writable by the
+; current process. If a file is created or modified by a PHP process, there
+; is a potential danger of code injection. Only turn this on if you are sure
+; that your application does not require writable PHP files.
+;suhosin.executor.include.allow_writable_files = On
+
+; Comma separated whitelist of functions that are allowed to be called. If the
+; whitelist is empty the blacklist is evaluated, otherwise calling a function
+; not in the whitelist will terminate the script and get logged.
@ -256,7 +179,8 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+; If you fear that Suhosin breaks your application, you can activate Suhosin's
+; simulation mode with this flag. When Suhosin runs in simulation mode,
+; violations are logged as usual, but nothing is blocked or removed from the
+; request. (Transparent Encryptions are NOT deactivated in simulation mode.)
+; request. (Transparent features are NOT deactivated in simulation mode.)
+; (since v0.9.30 affects (dis)allowed functions)
+;suhosin.simulation = Off
+
+; APC 3.0.12(p1/p2) uses reserved resources without requesting a resource slot
@ -461,11 +385,11 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+
+; Defines the maximum length of a variable that is registered through a POST
+; request.
+;suhosin.post.max_value_length = 65000
+;suhosin.post.max_value_length = 1000000
+
+; Defines the maximum number of variables that may be registered through a POST
+; request.
+;suhosin.post.max_vars = 200
+;suhosin.post.max_vars = 1000
+
+; When set to On ASCIIZ chars are not allowed in variables.
+;suhosin.post.disallow_nul = 1
@ -489,12 +413,12 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+; Defines the maximum length of a variable that is registered through the
+; COOKIE, the URL or through a POST request. This setting is also an upper
+; limit for the variable origin specific configuration directives.
+;suhosin.request.max_value_length = 65000
+;suhosin.request.max_value_length = 1000000
+
+; Defines the maximum number of variables that may be registered through the
+; COOKIE, the URL or through a POST request. This setting is also an upper
+; limit for the variable origin specific configuration directives.
+;suhosin.request.max_vars = 200
+;suhosin.request.max_vars = 1000
+
+; Defines the maximum name length (excluding possible array indicies) of
+; variables that may be registered through the COOKIE, the URL or through a
@ -505,6 +429,16 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+; When set to On ASCIIZ chars are not allowed in variables.
+;suhosin.request.disallow_nul = 1
+
+; When set to On the dangerous characters <>"'` are urlencoded when found
+; not encoded in the server variables REQUEST_URI and QUERY_STRING. This
+; will protect against some XSS vulnerabilities.
+;suhosin.server.encode = 1
+
+; When set to On the dangerous characters <>"'` are replaced with ? in
+; the server variables PHP_SELF, PATH_TRANSLATED and PATH_INFO. This will
+; protect against some XSS vulnerabilities.
+;suhosin.server.strip = 1
+
+; Defines the maximum number of files that may be uploaded with one request.
+;suhosin.upload.max_uploads = 25
+
@ -554,16 +488,6 @@ $OpenBSD: patch-php_ini-recommended,v 1.13 2007/11/14 10:53:50 robert Exp $
+; .htaccess. The string "legcprsum" will allow logging, execution, get,
+; post, cookie, request, sql, upload, misc features in .htaccess
+;suhosin.perdir = "0"
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+;
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+; extension=modulename.so
+;
+; Note that it should be the name of the module only; no directory information
+; needs to go here. Specify the location of the extension with the
+; extension_dir directive above.
; Local Variables:
; tab-width: 4