svn commit: r457156 - in head/security: . snuffleupagus snuffleupagus/files

Jochen Neumeister joneum at FreeBSD.org
Sun Dec 24 13:11:43 UTC 2017 

Author: joneum
Date: Sun Dec 24 13:11:41 2017
New Revision: 457156
URL: https://svnweb.freebsd.org/changeset/ports/457156

Log:
  New port: security/snuffleupagus
  
  Snuffleupagus is a PHP7+ module designed to drastically raise the cost
  of attacks against websites.  This is achieved by killing entire bug
  classes and providing a powerful virtual-patching system, allowing the
  administrator to fix specific vulnerabilities without having to touch
  the PHP code.
  
  WWW: https://snuffleupagus.readthedocs.io/
  
  PR:		224545
  Submitted by:	Franco Fichtner <franco at opnsense.org> (maintainer)
  Approved by:	rene (mentor)
  Differential Revision:	https://reviews.freebsd.org/D13606

Added:
  head/security/snuffleupagus/
  head/security/snuffleupagus/Makefile   (contents, props changed)
  head/security/snuffleupagus/distinfo   (contents, props changed)
  head/security/snuffleupagus/files/
  head/security/snuffleupagus/files/patch-sp__network__utils.c   (contents, props changed)
  head/security/snuffleupagus/pkg-descr   (contents, props changed)
Modified:
  head/security/Makefile

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Sun Dec 24 13:01:36 2017	(r457155)
+++ head/security/Makefile	Sun Dec 24 13:11:41 2017	(r457156)
@@ -1174,6 +1174,7 @@
     SUBDIR += snortreport
     SUBDIR += snortsam
     SUBDIR += snortsnarf
+    SUBDIR += snuffleupagus
     SUBDIR += softether
     SUBDIR += softether-devel
     SUBDIR += softhsm

Added: head/security/snuffleupagus/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/snuffleupagus/Makefile	Sun Dec 24 13:11:41 2017	(r457156)
@@ -0,0 +1,28 @@
+# $FreeBSD$
+
+PORTNAME=	snuffleupagus
+DISTVERSIONPREFIX=v
+DISTVERSION=	0.1.0
+CATEGORIES=	security
+
+MAINTAINER=	franco at opnsense.org
+COMMENT=	Security module for PHP 7+
+
+LICENSE=	LGPL3
+LICENSE_FILE=	${WRKSRC}/../LICENSE
+
+IGNORE_WITH_PHP=56
+
+LIB_DEPENDS=	libpcre.so:devel/pcre
+
+WRKSRC_SUBDIR=	src
+
+USES=		localbase:ldflags php:ext
+USE_PHP=	hash:build
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	nbs-system
+
+CONFIGURE_ARGS=	--enable-snuffleupagus
+
+.include <bsd.port.mk>

Added: head/security/snuffleupagus/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/snuffleupagus/distinfo	Sun Dec 24 13:11:41 2017	(r457156)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1513844643
+SHA256 (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 7b3432e46ecdd1eb78666ee03475bbc2e50b1bd4de71a8d5a03c7d90168a004a
+SIZE (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 3898803

Added: head/security/snuffleupagus/files/patch-sp__network__utils.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/snuffleupagus/files/patch-sp__network__utils.c	Sun Dec 24 13:11:41 2017	(r457156)
@@ -0,0 +1,18 @@
+--- sp_network_utils.c.orig	2017-12-21 22:34:33 UTC
++++ sp_network_utils.c
+@@ -23,15 +23,8 @@ static inline bool cidr4_match(const str
+ 
+ static inline bool cidr6_match(const struct in6_addr address,
+                                const struct in6_addr network, uint8_t bits) {
+-  //#ifdef LINUX
+-  const uint32_t *a = address.s6_addr32;
+-  const uint32_t *n = network.s6_addr32;
+-  /*
+-#else
+   const uint32_t *a = address.__u6_addr.__u6_addr32;
+   const uint32_t *n = network.__u6_addr.__u6_addr32;
+-#endif
+-*/
+   int bits_whole = bits >> 5;         // number of whole u32
+   int bits_incomplete = bits & 0x1F;  // number of bits in incomplete u32
+   if (bits_whole) {

Added: head/security/snuffleupagus/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/snuffleupagus/pkg-descr	Sun Dec 24 13:11:41 2017	(r457156)
@@ -0,0 +1,7 @@
+Snuffleupagus is a PHP7+ module designed to drastically raise the cost
+of attacks against websites.  This is achieved by killing entire bug
+classes and providing a powerful virtual-patching system, allowing the
+administrator to fix specific vulnerabilities without having to touch
+the PHP code.
+
+WWW: https://snuffleupagus.readthedocs.io/

More information about the svn-ports-head mailing list