Hardened-PHP patch support for php port

Daniel Gerzo danger at rulez.sk
Mon Aug 7 18:23:08 UTC 2006 

Hello freebsd-ports,

   I've been trying to add support for Hardened-php patch into our PHP
   port (only php4 first, since that's what I'm running) and I ran into a
   problem with autoconf, unfortunately I have no clue what's going on
   there, therefore I'm asking if anybody on this list have some idea.
   Here's the error message:

===>  Found saved configuration for php4-4.4.3_1
===>  Extracting for php4-4.4.3_1
=> MD5 Checksum OK for php-4.4.3.tar.bz2.
=> SHA256 Checksum OK for php-4.4.3.tar.bz2.
=> MD5 Checksum OK for hardening-patch-4.4.3-0.4.13.patch.gz.
=> SHA256 Checksum OK for hardening-patch-4.4.3-0.4.13.patch.gz.
===>  Patching for php4-4.4.3_1
===>  Applying distribution patches for php4-4.4.3_1
===>  Applying FreeBSD patches for php4-4.4.3_1
===>   php4-4.4.3_1 depends on file: /usr/local/sbin/apxs - found
===>   php4-4.4.3_1 depends on file: /usr/local/sbin/apxs - found
===>   php4-4.4.3_1 depends on file: /usr/local/bin/autoconf259 - found
===>  Configuring for php4-4.4.3_1
configure.in:150: warning: AC_PROG_LEX invoked multiple times
autoconf/programs.m4:438: AC_DECL_YYTEXT is expanded from...
configure.in:150: the top level
configure.in:622: error: possibly undefined macro:
PHP_AC_BROKEN_REALPATH
      If this token and others are legitimate, please use
      m4_pattern_allow.
            See the Autoconf documentation.
	    *** Error code 1

Stop in /usr/ports/lang/php4.
  
   The patch for php4 I've produced is attached.

   Please cc: me when replying, since I'm not subscribed to the list,
   thank you for you help!

-- 
Sincerely,
   Daniel Gerzo
-------------- next part --------------
diff -ruN php4.orig/Makefile php4/Makefile
--- php4.orig/Makefile	Mon Aug  7 12:38:53 2006
+++ php4/Makefile	Mon Aug  7 13:55:55 2006
@@ -7,7 +7,7 @@
 
 PORTNAME=	php4
 PORTVERSION=	4.4.3
-PORTREVISION?=	0
+PORTREVISION?=	1
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP:S,$,:release,} \
 		http://downloads.php.net/ilia/:rc \
@@ -43,7 +43,8 @@
 		DISCARD "Enable discard-path support (CGI only)" off \
 		FASTCGI "Enable fastcgi support (CGI only)" on \
 		PATHINFO "Enable path-info-check support (CGI only)" on \
-		OPENSSL "Build static OpenSSL extension" off
+		OPENSSL "Build static OpenSSL extension" off \
+		HARDENED "Build with Hardened-PHP security patch" off
 
 CONFLICTS=	php5-5*
 
@@ -121,6 +122,12 @@
 CONFIGURE_ARGS+=--with-openssl=${OPENSSLBASE} \
 		--with-openssl-dir=${OPENSSLBASE}
 LDFLAGS+=	-L${OPENSSLLIB} -lcrypto -lssl
+.endif
+
+.if defined(WITH_HARDENED)
+PATCH_SITES+=		http://www.hardened-php.net/
+PATCHFILES+=		hardening-patch-4.4.3-0.4.13.patch.gz
+PATCH_DIST_STRIP=	-p1
 .endif
 
 .if defined(WITH_DEBUG)
diff -ruN php4.orig/distinfo php4/distinfo
--- php4.orig/distinfo	Mon Aug  7 12:38:53 2006
+++ php4/distinfo	Mon Aug  7 12:44:27 2006
@@ -1,3 +1,6 @@
 MD5 (php-4.4.3.tar.bz2) = 9542117551c0e79f5bf21f46493094e7
 SHA256 (php-4.4.3.tar.bz2) = 0f57da4b9d94f7febd37c0bc8e608e5aafafe744d094466723e04afb283407f7
 SIZE (php-4.4.3.tar.bz2) = 4461353
+MD5 (hardening-patch-4.4.3-0.4.13.patch.gz) = 1e765f70ba38d40000501f6238728ae9
+SHA256 (hardening-patch-4.4.3-0.4.13.patch.gz) = 011dfff574912a3ee011cd59c25fe2edca7fb7da3406213d7f0774eb065b7482
+SIZE (hardening-patch-4.4.3-0.4.13.patch.gz) = 61322

More information about the freebsd-ports mailing list