diff options
author | Luca Longinotti <chtekk@gentoo.org> | 2006-07-14 16:04:37 +0000 |
---|---|---|
committer | Luca Longinotti <chtekk@gentoo.org> | 2006-07-14 16:04:37 +0000 |
commit | b77dd4c02cbe26374a94db4673545874bff6ee75 (patch) | |
tree | 84246ed74c82ce8bca1d2f9941733ef63c0ce84e /dev-lang/php/php-5.0.5-r5.ebuild | |
parent | ppc stable, bug #139612 (diff) | |
download | gentoo-2-b77dd4c02cbe26374a94db4673545874bff6ee75.tar.gz gentoo-2-b77dd4c02cbe26374a94db4673545874bff6ee75.tar.bz2 gentoo-2-b77dd4c02cbe26374a94db4673545874bff6ee75.zip |
Update PHP ebuilds, fix various (security) issues.
(Portage version: 2.1.1_pre2-r6)
Diffstat (limited to 'dev-lang/php/php-5.0.5-r5.ebuild')
-rw-r--r-- | dev-lang/php/php-5.0.5-r5.ebuild | 244 |
1 files changed, 211 insertions, 33 deletions
diff --git a/dev-lang/php/php-5.0.5-r5.ebuild b/dev-lang/php/php-5.0.5-r5.ebuild index f52af8006e29..a39a68f5289a 100644 --- a/dev-lang/php/php-5.0.5-r5.ebuild +++ b/dev-lang/php/php-5.0.5-r5.ebuild @@ -1,8 +1,11 @@ # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-lang/php/php-5.0.5-r5.ebuild,v 1.14 2006/04/20 12:35:09 chtekk Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-lang/php/php-5.0.5-r5.ebuild,v 1.15 2006/07/14 16:04:37 chtekk Exp $ + +CGI_SAPI_USE="discard-path force-cgi-redirect" +APACHE2_SAPI_USE="concurrentmodphp threads" +IUSE="cli cgi ${CGI_SAPI_USE} ${APACHE2_SAPI_USE}" -IUSE="cgi cli discard-path force-cgi-redirect" KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" # NOTE: Portage doesn't support setting PROVIDE based on the USE flags @@ -14,39 +17,36 @@ PROVIDE="virtual/php virtual/httpd-php" SLOT="5" MY_PHP_PV="${PV}" MY_PHP_P="php-${MY_PHP_PV}" -PHP_PACKAGE=1 +PHP_PACKAGE="1" -# php patch settings -PHP_PATCHSET_REV="2" +# php patch settings, general +PHP_PATCHSET_REV="3" HARDENEDPHP_PATCH="hardening-patch-${MY_PHP_PV}-0.4.8-gentoo.patch.gz" MULTILIB_PATCH="${MY_PHP_PV}/opt/php${MY_PHP_PV}-multilib-search-path.patch" +# php patch settings, ebuild specific +CONCURRENTMODPHP_PATCH="${MY_PHP_PV}/opt/php${MY_PHP_PV}-concurrent_apache_modules.patch" inherit php5_0-sapi apache-module want_apache -DESCRIPTION="The PHP language runtime engine." - -DEPEND="${DEPEND} app-admin/php-toolkit" -RDEPEND="${RDEPEND} app-admin/php-toolkit" - -# PHP patchsets -SRC_URI="${SRC_URI} http://gentoo.longitekk.com/php-patchset-${MY_PHP_PV}-r${PHP_PATCHSET_REV}.tar.bz2" +DESCRIPTION="The PHP language runtime engine: CLI, CGI and Apache SAPIs." -# Hardened-PHP patch -[[ -n "${HARDENEDPHP_PATCH}" ]] && SRC_URI="${SRC_URI} hardenedphp? ( http://gentoo.longitekk.com/${HARDENEDPHP_PATCH} )" +DEPEND="app-admin/php-toolkit" +RDEPEND="${DEPEND}" pkg_setup() { PHPCONFUTILS_AUTO_USE="" - # make sure the user has specified a SAPI + # Make sure the user has specified at least one SAPI einfo "Determining SAPI(s) to build" phpconfutils_require_any " Enabled SAPI:" " Disabled SAPI:" cli cgi apache apache2 + # Threaded Apache2 support if useq apache2 ; then if [[ "${APACHE_VERSION}" != "0" ]] ; then if ! useq threads ; then - APACHE2_SAFE_MPMS="peruser prefork" + APACHE2_SAFE_MPMS="itk peruser prefork" else APACHE2_SAFE_MPMS="event leader metuxmpm perchild threadpool worker" fi @@ -64,6 +64,30 @@ pkg_setup() { fi fi + # Concurrent PHP Apache2 modules support + if useq apache2 ; then + if [[ "${APACHE_VERSION}" != "0" ]] ; then + if useq concurrentmodphp ; then + ewarn + ewarn "'concurrentmodphp' makes it possible to load multiple, differently" + ewarn "versioned mod_php's into the same Apache instance. This is done with" + ewarn "a few linker tricks and workarounds, and is not guaranteed to always" + ewarn "work correctly, so use it at your own risk. Especially, do not use" + ewarn "this in conjunction with PHP modules (PECL, ...) other than the ones" + ewarn "you may find in the Portage tree or the PHP Overlay!" + ewarn "This is an experimental feature, so please rebuild PHP" + ewarn "without the 'concurrentmodphp' USE flag if you experience" + ewarn "any problems, and then reproduce any bugs before filing" + ewarn "them in Gentoo's Bugzilla or bugs.php.net." + ewarn "If you have conclusive evidence that a bug directly" + ewarn "derives from 'concurrentmodphp', please file a bug in" + ewarn "Gentoo's Bugzilla only." + ewarn + ebeep 5 + fi + fi + fi + php5_0-sapi_pkg_setup } @@ -88,38 +112,91 @@ php_determine_sapis() { fi } +src_unpack() { + if [[ "${PHP_PACKAGE}" == 1 ]] ; then + unpack ${A} + fi + + cd "${S}" + + # Concurrent PHP Apache2 modules support + if useq apache2 ; then + if [[ "${APACHE_VERSION}" != "0" ]] ; then + if useq concurrentmodphp ; then + if [[ -n "${CONCURRENTMODPHP_PATCH}" ]] && [[ -f "${WORKDIR}/${CONCURRENTMODPHP_PATCH}" ]] ; then + epatch "${WORKDIR}/${CONCURRENTMODPHP_PATCH}" + else + ewarn "There is no concurrent mod_php patch available for this PHP release yet!" + fi + fi + fi + fi + + # Now let the eclass do the rest and regenerate the configure + php5_0-sapi_src_unpack +} + src_compile() { php_determine_sapis CLEAN_REQUIRED=0 + my_conf="" + + # Support the Apache2 extras, they must be set globally for all + # SAPIs to work correctly, especially for external PHP extensions + if useq apache2 ; then + if [[ "${APACHE_VERSION}" != "0" ]] ; then + # Concurrent PHP Apache2 modules support + if useq concurrentmodphp ; then + append-ldflags "-Wl,--version-script=${FILESDIR}/php5-ldvs" + fi + fi + fi for x in ${PHPSAPIS} ; do + # Support the Apache2 extras, they must be set globally for all + # SAPIs to work correctly, especially for external PHP extensions + if useq apache2 ; then + if [[ "${APACHE_VERSION}" != "0" ]] ; then + # Threaded Apache2 support + if useq threads ; then + my_conf="${my_conf} --enable-maintainer-zts" + ewarn "Enabling ZTS for Apache2 MPM" + fi + fi + fi + if [[ "${CLEAN_REQUIRED}" = 1 ]] ; then make clean fi - PHPSAPI=${x} + PHPSAPI="${x}" case ${x} in cli) - my_conf="--enable-cli --disable-cgi" + my_conf="${my_conf} --enable-cli --disable-cgi" php5_0-sapi_src_compile - cp sapi/cli/php php-cli + cp sapi/cli/php php-cli || die "Unable to copy CLI SAPI" ;; cgi) - my_conf="--disable-cli --enable-cgi --enable-fastcgi" + my_conf="${my_conf} --disable-cli --enable-cgi --enable-fastcgi" phpconfutils_extension_enable "discard-path" "discard-path" 0 phpconfutils_extension_enable "force-cgi-redirect" "force-cgi-redirect" 0 php5_0-sapi_src_compile - cp sapi/cgi/php php-cgi + cp sapi/cgi/php php-cgi || die "Unable to copy CGI SAPI" ;; - apache*) - my_conf="--disable-cli --with-apxs${USE_APACHE2}=/usr/sbin/apxs${USE_APACHE2}" + apache1) + my_conf="${my_conf} --disable-cli --with-apxs=/usr/sbin/apxs" + php5_0-sapi_src_compile + ;; + apache2) + my_conf="${my_conf} --disable-cli --with-apxs2=/usr/sbin/apxs2" php5_0-sapi_src_compile ;; esac CLEAN_REQUIRED=1 + my_conf="" done } @@ -128,7 +205,7 @@ src_install() { destdir=/usr/$(get_libdir)/php5 - # let the eclass do the heavy lifting + # Let the eclass do the common work php5_0-sapi_src_install einfo @@ -136,7 +213,9 @@ src_install() { einfo for x in ${PHPSAPIS} ; do - PHPSAPI=${x} + + PHPSAPI="${x}" + case ${x} in cli) einfo "Installing CLI SAPI" @@ -150,17 +229,32 @@ src_install() { dobin php-cgi || die "Unable to install ${x} sapi" php5_0-sapi_install_ini ;; - apache*) - einfo "Installing apache${USE_APACHE2} SAPI" + apache1) + einfo "Installing Apache${APACHE_VERSION} SAPI" + make INSTALL_ROOT="${D}" install-sapi || die "Unable to install ${x} SAPI" + einfo "Installing Apache${APACHE_VERSION} config file for PHP5 (70_mod_php5.conf)" + insinto ${APACHE_MODULES_CONFDIR} + newins "${FILESDIR}/70_mod_php5.conf-apache1" "70_mod_php5.conf" + php5_0-sapi_install_ini + ;; + apache2) + einfo "Installing Apache${APACHE_VERSION} SAPI" make INSTALL_ROOT="${D}" install-sapi || die "Unable to install ${x} SAPI" - if [[ -n "${USE_APACHE2}" ]] ; then - einfo "Installing Apache2 config file for PHP5 (70_mod_php5.conf)" + if useq concurrentmodphp ; then + einfo "Installing Apache${APACHE_VERSION} config file for PHP5-concurrent (70_mod_php5_concurr.conf)" insinto ${APACHE_MODULES_CONFDIR} - newins "${FILESDIR}/70_mod_php5.conf-apache2" "70_mod_php5.conf" + newins "${FILESDIR}/70_mod_php5_concurr.conf-apache2" "70_mod_php5_concurr.conf" + + # Put the ld version script in the right place so it's always accessible + insinto "/var/lib/php-pkg/${CATEGORY}/${PN}-${PVR}/" + doins "${FILESDIR}/php5-ldvs" + + # Redefine the extension dir to have the modphp suffix + PHPEXTDIR="`"${D}/${destdir}/bin/php-config" --extension-dir`-versioned" else - einfo "Installing Apache config file for PHP5 (70_mod_php5.conf)" + einfo "Installing Apache${APACHE_VERSION} config file for PHP5 (70_mod_php5.conf)" insinto ${APACHE_MODULES_CONFDIR} - newins "${FILESDIR}/70_mod_php5.conf-apache1" "70_mod_php5.conf" + newins "${FILESDIR}/70_mod_php5.conf-apache2" "70_mod_php5.conf" fi php5_0-sapi_install_ini ;; @@ -174,8 +268,92 @@ pkg_postinst() { APACHE1_MOD_DEFINE="PHP5" APACHE1_MOD_CONF="70_mod_php5" APACHE2_MOD_DEFINE="PHP5" - APACHE2_MOD_CONF="70_mod_php5" + if useq concurrentmodphp ; then + APACHE2_MOD_CONF="70_mod_php5_concurr" + else + APACHE2_MOD_CONF="70_mod_php5" + fi apache-module_pkg_postinst fi + + # Update Apache1 to use mod_php + if useq apache ; then + "${ROOT}/usr/sbin/php-select" -t apache1 php5 > /dev/null 2>&1 + exitStatus=$? + if [[ ${exitStatus} == 2 ]] ; then + php-select apache1 php5 + elif [[ ${exitStatus} == 4 ]] ; then + ewarn + ewarn "Apache1 is configured to load a different version of PHP." + ewarn "To make Apache1 use PHP v5, use php-select:" + ewarn + ewarn " php-select apache1 php5" + ewarn + fi + fi + + # Update Apache2 to use mod_php + if useq apache2 ; then + "${ROOT}/usr/sbin/php-select" -t apache2 php5 > /dev/null 2>&1 + exitStatus=$? + if [[ ${exitStatus} == 2 ]] ; then + php-select apache2 php5 + elif [[ ${exitStatus} == 4 ]] ; then + ewarn + ewarn "Apache2 is configured to load a different version of PHP." + ewarn "To make Apache2 use PHP v5, use php-select:" + ewarn + ewarn " php-select apache2 php5" + ewarn + fi + fi + + # Create the symlinks for php-cli + if useq cli || phpconfutils_usecheck cli ; then + "${ROOT}/usr/sbin/php-select" -t php php5 > /dev/null 2>&1 + exitStatus=$? + if [[ ${exitStatus} == 5 ]] ; then + php-select php php5 + elif [[ ${exitStatus} == 4 ]] ; then + ewarn + ewarn "/usr/bin/php links to a different version of PHP." + ewarn "To make /usr/bin/php point to PHP v5, use php-select:" + ewarn + ewarn " php-select php php5" + ewarn + fi + fi + + # Create the symlinks for php-cgi + if useq cgi ; then + "${ROOT}/usr/sbin/php-select" -t php-cgi php5 > /dev/null 2>&1 + exitStatus=$? + if [[ ${exitStatus} == 5 ]] ; then + php-select php-cgi php5 + elif [[ ${exitStatus} == 4 ]] ; then + ewarn + ewarn "/usr/bin/php-cgi links to a different version of PHP." + ewarn "To make /usr/bin/php-cgi point to PHP v5, use php-select:" + ewarn + ewarn " php-select php-cgi php5" + ewarn + fi + fi + + # Create the symlinks for php-devel + "${ROOT}/usr/sbin/php-select" -t php-devel php5 > /dev/null 2>&1 + exitStatus=$? + if [[ $exitStatus == 5 ]] ; then + php-select php-devel php5 + elif [[ $exitStatus == 4 ]] ; then + ewarn + ewarn "/usr/bin/php-config and/or /usr/bin/phpize are linked to a" + ewarn "different version of PHP. To make them point to PHP v5, use" + ewarn "php-select:" + ewarn + ewarn " php-select php-devel php5" + ewarn + fi + php5_0-sapi_pkg_postinst } |