diff options
| author | Edwin Groothuis <edwin@FreeBSD.org> | 2003-08-25 12:13:36 +0000 |
|---|---|---|
| committer | Edwin Groothuis <edwin@FreeBSD.org> | 2003-08-25 12:13:36 +0000 |
| commit | ba63502f3848e78d69ea6783a831fbbbd3c9625e (patch) | |
| tree | 93d1807311687c2a643fc738a4a09a20a7b57391 /www/suphp | |
| parent | backout last commit, I should have read and understood the || before (diff) | |
[update] www/suphp: update to 0.3 and fix a security leak introduced with previous patch
- update to 0.3
- add a workaround to don't use getpwuid to performs check for apache user (since 4.x
doesn't support getpwuid_r).
- use %%DOCSDIR%%
PR: ports/55952
Submitted by: Clement Laforet <sheepkiller@cultdeadsheep.org>
Notes
Notes:
svn path=/head/; revision=87663
Diffstat (limited to 'www/suphp')
| -rw-r--r-- | www/suphp/Makefile | 91 | ||||
| -rw-r--r-- | www/suphp/distinfo | 2 | ||||
| -rw-r--r-- | www/suphp/files/patch-Makefile | 33 | ||||
| -rw-r--r-- | www/suphp/files/patch-config.h | 9 | ||||
| -rw-r--r-- | www/suphp/files/patch-src::Makefile.in | 10 | ||||
| -rw-r--r-- | www/suphp/files/patch-src::apache::Makefile.in | 13 | ||||
| -rw-r--r-- | www/suphp/files/patch-suphp.c | 34 | ||||
| -rw-r--r-- | www/suphp/pkg-plist | 35 |
8 files changed, 77 insertions, 150 deletions
diff --git a/www/suphp/Makefile b/www/suphp/Makefile index f01a754783fc..cfbd071f1935 100644 --- a/www/suphp/Makefile +++ b/www/suphp/Makefile @@ -6,85 +6,62 @@ # PORTNAME= suphp -PORTVERSION= 0.2.3 -PORTREVISION= 1 +PORTVERSION= 0.3 CATEGORIES= www MASTER_SITES= http://www.suphp.org/download/ MAINTAINER= sheepkiller@cultdeadsheep.org -COMMENT= suPHP is a combination which provides a wrapper for PHP +COMMENT= A combination which provides a wrapper for PHP BUILD_DEPENDS= ${LOCALBASE}/sbin/apxs:${PORTSDIR}/www/apache13 RUN_DEPENDS= ${LOCALBASE}/bin/php:${PORTSDIR}/www/php4-cgi -USE_REINPLACE= yes +HAS_CONFIGURE= yes +USE_GMAKE= yes +CONFLICTS= mod_php4-4* -MAKE_ARGS+= APXS="${APXS}" APXS?= ${LOCALBASE}/sbin/apxs -WWW_USER?= www -WWW_GROUP?= www LOG_PATH?= /var/log PHP_PATH?= ${LOCALBASE}/bin/php +APACHE_USER?= www -.include <bsd.port.pre.mk> +CONFIGURE_ARGS+= --with-php=${PHP_PATH} \ + --with-logfile=${LOG_PATH}/suphp.log \ + --with-apache-user=${APACHE_USER} \ + --with-min-gid=80 \ + --with-min-uid=80 \ + --with-apxs=${APXS} -.if exists(${LOCALBASE}/libexec/apache/libphp4.so) -IGNORE="suPHP conflicts with mod_php4. It works only with php4-cgi" +## Available knobs: +## WITHOUT_CHECKPATH: disable check if script resides in DOCUMENT_ROOT +.if defined(WITHOUT_CHECKPATH) +CONFIGURE_ARGS+= --disable-checkpath +.endif +## WITHOUT_CHECKUID: accept UIDs that are not listed in /etc/passwd +.if defined(WITHOUT_CHECKUID) +CONFIGURE_ARGS+= --disable-checkuid +.endif +## WITHOUT_CHECKGID: accept GIDs that are not listed in /etc/group +.if defined(WITHOUT_CHECKGID) +CONFIGURE_ARGS+= --disable-checkgid .endif -pre-configure: - @${ECHO} - @${ECHO} "*-------------------------------------------------------------*" - @${ECHO} " Options :" - @${ECHO} " - WWW_USER = Apache's User (default www)" - @${ECHO} " - Define CHECK_PATH, to enable suExec-like path checking" - @${ECHO} " (based on DocumentRoot directive)." - @${ECHO} " - LOG_PATH=/path/to/your/logs. Default /var/log/." - @${ECHO} " - PHP_PATH=/path/to/bin/php. Default ${LOCALBASE}/bin/php." - @${ECHO} "*-------------------------------------------------------------*" - @${ECHO} +.include <bsd.port.pre.mk> -do-configure: - @${ECHO} "Setting User to : ${WWW_USER}" - @${REINPLACE_CMD} -e 's!OPT_APACHE_USER "wwwrun"!OPT_APACHE_USER "${WWW_USER}"!' \ - ${WRKSRC}/config.h - @${ECHO} "Setting Group to : ${WWW_GROUP}" - @${REINPLACE_CMD} -e 's!OPT_APACHE_GROUP "wwwrun"!OPT_APACHE_GROUP "${WWW_USER}"!' \ - ${WRKSRC}/config.h - @${ECHO} "Setting checkpath. (if enabled)" -.if !defined(CHECK_PATH) - @${REINPLACE_CMD} -e 's!#define OPT_CHECKPATH!/*#define OPT_CHECKPATH*/!' \ - ${WRKSRC}/config.h +.if exists(${LOCALBASE}/include/apache2/apr.h) +BROKEN= "Doesn't work with Apache 2" .endif - @${ECHO} "Setting logs path" - @${REINPLACE_CMD} -e 's,OPT_LOGFILE "/opt/apache/var/logs/suphp_log",OPT_LOGFILE "${LOG_PATH}/suphp_log",' \ - ${WRKSRC}/config.h - @${ECHO} "Setting php path" - @${REINPLACE_CMD} -e 's,OPT_PATH_TO_PHP "/usr/bin/php",OPT_PATH_TO_PHP "${PHP_PATH}",' \ - ${WRKSRC}/config.h - @${ECHO} "Setting suphp path in mod_suphp" - @${REINPLACE_CMD} -e "s,/usr/sbin/suphp,${PREFIX}/sbin/suphp," ${WRKSRC}/apache/mod_suphp.c -post-build: - @(cd ${WRKSRC}/apache && ${APXS} -c mod_suphp.c) +show-options: + @${EGREP} '^##' ${.CURDIR}/Makefile | ${SED} 's/##//' + +pre-everything:: + @${MAKE} show-options post-install: - @(cd ${WRKSRC}/apache && ${APXS} -i -a -n suphp ${WRKSRC}/apache/mod_suphp.so) .if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR} ${DOCSDIR}/apache ${DOCSDIR}/de-doc ${DOCSDIR}/de-doc/apache - ${INSTALL_DATA} ${WRKSRC}/README ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/INSTALL ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/LICENSE ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/apache/CONFIG ${DOCSDIR}/apache - ${INSTALL_DATA} ${WRKSRC}/apache/README ${DOCSDIR}/apache - ${INSTALL_DATA} ${WRKSRC}/apache/INSTALL ${DOCSDIR}/apache - ${INSTALL_DATA} ${WRKSRC}/apache/LICENSE ${DOCSDIR}/apache - ${INSTALL_DATA} -d ${WRKSRC}/de-doc/ ${DOCSDIR} - ${INSTALL_DATA} ${WRKSRC}/de-doc/README.de ${DOCSDIR}/de-doc/ - ${INSTALL_DATA} ${WRKSRC}/de-doc/INSTALL.de ${DOCSDIR}/de-doc/ - ${INSTALL_DATA} ${WRKSRC}/de-doc/apache/README.de ${DOCSDIR}/de-doc/apache - ${INSTALL_DATA} ${WRKSRC}/de-doc/apache/INSTALL.de ${DOCSDIR}/de-doc/apache - ${INSTALL_DATA} ${WRKSRC}/de-doc/apache/CONFIG.de ${DOCSDIR}/de-doc/apache + @${MKDIR} ${DOCSDIR} + @${CP} -Rfp ${WRKSRC}/doc/* ${DOCSDIR} .endif @${CAT} ${PKGMESSAGE} diff --git a/www/suphp/distinfo b/www/suphp/distinfo index 05ba5f52cb1a..b0eae4971f65 100644 --- a/www/suphp/distinfo +++ b/www/suphp/distinfo @@ -1 +1 @@ -MD5 (suphp-0.2.3.tar.gz) = a540fa3ac0af43a46afc33cf8401ee89 +MD5 (suphp-0.3.tar.gz) = f80d54de6aff5db4ab76670f1c5b3c6d diff --git a/www/suphp/files/patch-Makefile b/www/suphp/files/patch-Makefile deleted file mode 100644 index a472d9849926..000000000000 --- a/www/suphp/files/patch-Makefile +++ /dev/null @@ -1,33 +0,0 @@ ---- Makefile.orig Wed Oct 23 22:16:50 2002 -+++ Makefile Tue Nov 12 12:10:58 2002 -@@ -2,9 +2,9 @@ - ## Makefile for suPHP ## - ############################################## - --SUPHP_INSTALL = /usr/sbin/suphp -+SUPHP_INSTALL = $(PREFIX)/sbin/suphp - --CC = gcc -+#CC = gcc - CFLAGS = -c -Wall - LD = gcc - LDFLAGS = -o -@@ -31,11 +31,7 @@ - touch suphp.h - - install: suphp -- if [ $$UID = 0 ]; then \ -- cp suphp ${SUPHP_INSTALL}; \ -- else \ -- echo -e "You need to be root to install suPHP."; \ -- fi -+ $(INSTALL) -o root -g wheel -m 4755 suphp ${SUPHP_INSTALL} - - clean: - rm *.o -@@ -43,3 +39,5 @@ - - rmbackups: - rm *~ -+ -+all: suphp diff --git a/www/suphp/files/patch-config.h b/www/suphp/files/patch-config.h deleted file mode 100644 index 310ec652982c..000000000000 --- a/www/suphp/files/patch-config.h +++ /dev/null @@ -1,9 +0,0 @@ ---- config.h.orig Wed Oct 23 22:16:50 2002 -+++ config.h Wed Nov 13 16:30:35 2002 -@@ -24,5 +24,6 @@ - #define OPT_MIN_UID 100 - #define OPT_MIN_GID 100 - #define OPT_APACHE_USER "wwwrun" -+#define OPT_APACHE_GROUP "wwwrun" - #define OPT_PATH_TO_PHP "/usr/bin/php" - #define OPT_LOGFILE "/opt/apache/var/logs/suphp_log" diff --git a/www/suphp/files/patch-src::Makefile.in b/www/suphp/files/patch-src::Makefile.in new file mode 100644 index 000000000000..c3925d8f684f --- /dev/null +++ b/www/suphp/files/patch-src::Makefile.in @@ -0,0 +1,10 @@ +--- src/Makefile.in.orig Mon Aug 25 11:50:48 2003 ++++ src/Makefile.in Mon Aug 25 11:50:55 2003 +@@ -39,7 +39,6 @@ + fi + + install: suphp suphp.mod +- $(INSTALL_PROGRAM) -d $(DESTDIR)$(sbindir) + $(INSTALL_PROGRAM) -m 4755 suphp $(DESTDIR)$(sbindir)/suphp + @$(MAKE) $(MAKEDEFS) -C apache install + diff --git a/www/suphp/files/patch-src::apache::Makefile.in b/www/suphp/files/patch-src::apache::Makefile.in new file mode 100644 index 000000000000..86ba22d0e02f --- /dev/null +++ b/www/suphp/files/patch-src::apache::Makefile.in @@ -0,0 +1,13 @@ +--- src/apache/Makefile.in.orig Mon Aug 25 11:40:47 2003 ++++ src/apache/Makefile.in Mon Aug 25 11:41:02 2003 +@@ -29,7 +29,9 @@ + all: suphp.mod + + suphp.mod: mod_suphp.c +- $(APXS) -c $(DEFS) $(EXTRADEFS) $(INCLUDES) -Wc,"$(CFLAGS)" mod_suphp.c ++ @if [ ! -f mod_suphp.o ]; then \ ++ $(APXS) -c $(DEFS) $(EXTRADEFS) $(INCLUDES) -Wc,"$(CFLAGS)" mod_suphp.c ;\ ++ fi; + + install: suphp.mod + $(APXS) -i -a mod_suphp.so diff --git a/www/suphp/files/patch-suphp.c b/www/suphp/files/patch-suphp.c deleted file mode 100644 index 5ea6bf32dcd1..000000000000 --- a/www/suphp/files/patch-suphp.c +++ /dev/null @@ -1,34 +0,0 @@ ---- suphp.c.orig Wed Dec 25 14:21:27 2002 -+++ suphp.c Sat Jun 28 12:02:12 2003 -@@ -68,6 +68,7 @@ - { - // Check, if program has been started by Apache - struct passwd *apacheuser; -+ struct group *apachegroup; - struct passwd *calluser; - struct passwd *targetuser; - struct group *targetgroup; -@@ -76,6 +77,7 @@ - path_translated = getenv("SCRIPT_FILENAME"); - - apacheuser = getpwnam(OPT_APACHE_USER); -+ apachegroup = getgrnam(OPT_APACHE_GROUP); - calluser = getpwuid(getuid()); - - if (calluser->pw_uid!=apacheuser->pw_uid) -@@ -105,13 +107,13 @@ - - // Get gid and uid of the file and check it - targetuser = getpwuid(file_get_uid(path_translated)); -- if (targetuser->pw_uid < OPT_MIN_UID) -+ if (targetuser->pw_uid < OPT_MIN_UID && targetuser->pw_uid != apacheuser->pw_uid ) - { - log_error ("UID of %s or its target (%d / %s) < %d", path_translated, targetuser->pw_uid, targetuser->pw_name, OPT_MIN_UID); - error_exit(ERRCODE_LOW_UID); - } - targetgroup = getgrgid(file_get_gid(path_translated)); -- if (targetgroup->gr_gid < OPT_MIN_GID) -+ if (targetgroup->gr_gid < OPT_MIN_GID && targetgroup->gr_gid != apachegroup->gr_gid ) - { - log_error ("GID of %s or its target (%d / %s) < %d", path_translated, targetgroup->gr_gid, targetgroup->gr_name, OPT_MIN_GID); - error_exit(ERRCODE_LOW_GID); diff --git a/www/suphp/pkg-plist b/www/suphp/pkg-plist index b14a8b924309..b0167e3ca814 100644 --- a/www/suphp/pkg-plist +++ b/www/suphp/pkg-plist @@ -2,19 +2,22 @@ sbin/suphp libexec/apache/mod_suphp.so @exec %D/sbin/apxs -e -a -n suphp %D/%f @unexec echo "===> If you do not plan on reinstalling suphp, you must manually remove"; echo "===> references to it in httpd.conf." -%%PORTDOCS%%share/doc/suphp/apache/CONFIG -%%PORTDOCS%%share/doc/suphp/apache/README -%%PORTDOCS%%share/doc/suphp/apache/INSTALL -%%PORTDOCS%%share/doc/suphp/apache/LICENSE -%%PORTDOCS%%share/doc/suphp/de-doc/apache/README.de -%%PORTDOCS%%share/doc/suphp/de-doc/apache/INSTALL.de -%%PORTDOCS%%share/doc/suphp/de-doc/apache/CONFIG.de -%%PORTDOCS%%share/doc/suphp/de-doc/README.de -%%PORTDOCS%%share/doc/suphp/de-doc/INSTALL.de -%%PORTDOCS%%share/doc/suphp/README -%%PORTDOCS%%share/doc/suphp/INSTALL -%%PORTDOCS%%share/doc/suphp/LICENSE -%%PORTDOCS%%@dirrm share/doc/suphp/de-doc/apache -%%PORTDOCS%%@dirrm share/doc/suphp/de-doc -%%PORTDOCS%%@dirrm share/doc/suphp/apache -%%PORTDOCS%%@dirrm share/doc/suphp/ +%%PORTDOCS%%%%DOCSDIR%%/en/INSTALL +%%PORTDOCS%%%%DOCSDIR%%/en/LICENSE +%%PORTDOCS%%%%DOCSDIR%%/en/README +%%PORTDOCS%%%%DOCSDIR%%/en/apache/CONFIG +%%PORTDOCS%%%%DOCSDIR%%/en/apache/INSTALL +%%PORTDOCS%%%%DOCSDIR%%/en/apache/LICENSE +%%PORTDOCS%%%%DOCSDIR%%/en/apache/README +%%PORTDOCS%%%%DOCSDIR%%/de/INSTALL +%%PORTDOCS%%%%DOCSDIR%%/de/LICENSE +%%PORTDOCS%%%%DOCSDIR%%/de/README +%%PORTDOCS%%%%DOCSDIR%%/de/apache/CONFIG +%%PORTDOCS%%%%DOCSDIR%%/de/apache/INSTALL +%%PORTDOCS%%%%DOCSDIR%%/de/apache/LICENSE +%%PORTDOCS%%%%DOCSDIR%%/de/apache/README +%%PORTDOCS%%@dirrm %%DOCSDIR%%/de/apache +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en/apache +%%PORTDOCS%%@dirrm %%DOCSDIR%%/de +%%PORTDOCS%%@dirrm %%DOCSDIR%%/en +%%PORTDOCS%%@dirrm %%DOCSDIR%% |