summaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2006-05-07 17:30:59 +0000
committerXin LI <delphij@FreeBSD.org>2006-05-07 17:30:59 +0000
commit048d6d4065faff5ee390f070b2c3459d94197211 (patch)
treeb0f9b29d6a52ce3792903880aaaf184e2d307067 /www
parent- Update to 34.t25.d6 (diff)
Give the user a chance to disable our local anti-DoS patch, which
appears to be conflict with phpBB's built-in captcha functionality. Please note that this does not change the default behavior (patch phpBB for the DoS issue), and this is intentionally undocumented. Hopefully we can get rid of all these home-grown stuff as the phpBB make their 2.2-release. Requested by: Goyo Roth <sadangel@pow2clk.net> PR: ports/93204 Submitted by: delphij Approved by: Kang Liu <liukang@cn.FreeBSD.org> Approved by: mentor (sem)
Notes
Notes: svn path=/head/; revision=161622
Diffstat (limited to 'www')
-rw-r--r--www/phpbb/Makefile8
-rw-r--r--www/phpbb/files/security-patch-includes-sessions.php (renamed from www/phpbb/files/patch-includes-sessions.php)0
2 files changed, 8 insertions, 0 deletions
diff --git a/www/phpbb/Makefile b/www/phpbb/Makefile
index 0490e4d65982..a629909a6f27 100644
--- a/www/phpbb/Makefile
+++ b/www/phpbb/Makefile
@@ -7,6 +7,7 @@
PORTNAME= phpbb
PORTVERSION= 2.0.20
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -31,6 +32,13 @@ WWWGRP?= www
#
# End of user-configurable variables.
+# XXX The phpBB folks does not seem to care about the session table DoS
+# issue. You can disable the patch at your own risk to make the
+# visual authentication work.
+.if !defined(WITHOUT_ANTI_SESSIONTAB_DOS_PATCH)
+EXTRA_PATCHES= ${FILESDIR}/security-patch-includes-sessions.php
+.endif
+
# Set/override/append to variables from bsd.port.mk:
#
WRKSRC= ${WRKDIR}/phpBB2
diff --git a/www/phpbb/files/patch-includes-sessions.php b/www/phpbb/files/security-patch-includes-sessions.php
index a84aa2f04322..a84aa2f04322 100644
--- a/www/phpbb/files/patch-includes-sessions.php
+++ b/www/phpbb/files/security-patch-includes-sessions.php