From daf1af11235eaca95fc44a1d75bca5c4930979a4 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 24 Aug 2013 09:44:40 +0200 Subject: php-pear-Auth-OpenID: import from rawhide --- php-openid-2.2.2-cve-2013-4701.patch | 17 ++ php-openid-2.2.2-requires-paths.patch | 548 ++++++++++++++++++++++++++++++++++ php-pear-Auth-OpenID.spec | 151 ++++++++++ 3 files changed, 716 insertions(+) create mode 100644 php-openid-2.2.2-cve-2013-4701.patch create mode 100644 php-openid-2.2.2-requires-paths.patch create mode 100644 php-pear-Auth-OpenID.spec diff --git a/php-openid-2.2.2-cve-2013-4701.patch b/php-openid-2.2.2-cve-2013-4701.patch new file mode 100644 index 0000000..8529d1b --- /dev/null +++ b/php-openid-2.2.2-cve-2013-4701.patch @@ -0,0 +1,17 @@ +diff -Nur php-openid-2.2.2.orig/Auth/Yadis/XML.php php-openid-2.2.2/Auth/Yadis/XML.php +--- php-openid-2.2.2.orig/Auth/Yadis/XML.php 2011-01-19 15:25:39.000000000 -0700 ++++ php-openid-2.2.2/Auth/Yadis/XML.php 2013-08-23 21:39:13.818386179 -0600 +@@ -235,6 +235,13 @@ + } + + if (!@$this->doc->loadXML($xml_string)) { ++ // disable external entities and libxml errors ++ $loader = libxml_disable_entity_loader(true); ++ $errors = libxml_use_internal_errors(true); ++ $parse_result = @$this->doc->loadXML($xml_string); ++ libxml_disable_entity_loader($loader); ++ libxml_use_internal_errors($errors); ++ if (!$parse_result) { + return false; + } + diff --git a/php-openid-2.2.2-requires-paths.patch b/php-openid-2.2.2-requires-paths.patch new file mode 100644 index 0000000..c445990 --- /dev/null +++ b/php-openid-2.2.2-requires-paths.patch @@ -0,0 +1,548 @@ +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Association.php php-openid-2.2.2.new/Auth/OpenID/Association.php +--- php-openid-2.2.2.orig/Auth/OpenID/Association.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Association.php 2011-03-22 21:10:52.000000000 -0600 +@@ -17,17 +17,17 @@ + /** + * @access private + */ +-require_once 'Auth/OpenID/CryptUtil.php'; ++require_once 'Auth_OpenID/OpenID/CryptUtil.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID/KVForm.php'; ++require_once 'Auth_OpenID/OpenID/KVForm.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID/HMAC.php'; ++require_once 'Auth_OpenID/OpenID/HMAC.php'; + + /** + * This class represents an association between a server and a +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/AX.php php-openid-2.2.2.new/Auth/OpenID/AX.php +--- php-openid-2.2.2.orig/Auth/OpenID/AX.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/AX.php 2011-03-22 21:10:52.000000000 -0600 +@@ -10,9 +10,9 @@ + /** + * Require utility classes and functions for the consumer. + */ +-require_once "Auth/OpenID/Extension.php"; +-require_once "Auth/OpenID/Message.php"; +-require_once "Auth/OpenID/TrustRoot.php"; ++require_once "Auth_OpenID/OpenID/Extension.php"; ++require_once "Auth_OpenID/OpenID/Message.php"; ++require_once "Auth_OpenID/OpenID/TrustRoot.php"; + + define('Auth_OpenID_AX_NS_URI', + 'http://openid.net/srv/ax/1.0'); +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/BigMath.php php-openid-2.2.2.new/Auth/OpenID/BigMath.php +--- php-openid-2.2.2.orig/Auth/OpenID/BigMath.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/BigMath.php 2011-03-22 21:10:52.000000000 -0600 +@@ -18,12 +18,12 @@ + /** + * Needed for random number generation + */ +-require_once 'Auth/OpenID/CryptUtil.php'; ++require_once 'Auth_OpenID/OpenID/CryptUtil.php'; + + /** + * Need Auth_OpenID::bytes(). + */ +-require_once 'Auth/OpenID.php'; ++require_once 'Auth_OpenID/OpenID.php'; + + /** + * The superclass of all big-integer math implementations +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Consumer.php php-openid-2.2.2.new/Auth/OpenID/Consumer.php +--- php-openid-2.2.2.orig/Auth/OpenID/Consumer.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Consumer.php 2011-03-22 21:10:52.000000000 -0600 +@@ -160,18 +160,18 @@ + /** + * Require utility classes and functions for the consumer. + */ +-require_once "Auth/OpenID.php"; +-require_once "Auth/OpenID/Message.php"; +-require_once "Auth/OpenID/HMAC.php"; +-require_once "Auth/OpenID/Association.php"; +-require_once "Auth/OpenID/CryptUtil.php"; +-require_once "Auth/OpenID/DiffieHellman.php"; +-require_once "Auth/OpenID/KVForm.php"; +-require_once "Auth/OpenID/Nonce.php"; +-require_once "Auth/OpenID/Discover.php"; +-require_once "Auth/OpenID/URINorm.php"; +-require_once "Auth/Yadis/Manager.php"; +-require_once "Auth/Yadis/XRI.php"; ++require_once "Auth_OpenID/OpenID.php"; ++require_once "Auth_OpenID/OpenID/Message.php"; ++require_once "Auth_OpenID/OpenID/HMAC.php"; ++require_once "Auth_OpenID/OpenID/Association.php"; ++require_once "Auth_OpenID/OpenID/CryptUtil.php"; ++require_once "Auth_OpenID/OpenID/DiffieHellman.php"; ++require_once "Auth_OpenID/OpenID/KVForm.php"; ++require_once "Auth_OpenID/OpenID/Nonce.php"; ++require_once "Auth_OpenID/OpenID/Discover.php"; ++require_once "Auth_OpenID/OpenID/URINorm.php"; ++require_once "Auth_OpenID/Yadis/Manager.php"; ++require_once "Auth_OpenID/Yadis/XRI.php"; + + /** + * This is the status code returned when the complete method returns +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/DiffieHellman.php php-openid-2.2.2.new/Auth/OpenID/DiffieHellman.php +--- php-openid-2.2.2.orig/Auth/OpenID/DiffieHellman.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/DiffieHellman.php 2011-03-22 21:10:52.000000000 -0600 +@@ -14,8 +14,8 @@ + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +-require_once 'Auth/OpenID.php'; +-require_once 'Auth/OpenID/BigMath.php'; ++require_once 'Auth_OpenID/OpenID.php'; ++require_once 'Auth_OpenID/OpenID/BigMath.php'; + + function Auth_OpenID_getDefaultMod() + { +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Discover.php php-openid-2.2.2.new/Auth/OpenID/Discover.php +--- php-openid-2.2.2.orig/Auth/OpenID/Discover.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Discover.php 2011-03-22 21:10:52.000000000 -0600 +@@ -4,11 +4,11 @@ + * The OpenID and Yadis discovery implementation for OpenID 1.2. + */ + +-require_once "Auth/OpenID.php"; +-require_once "Auth/OpenID/Parse.php"; +-require_once "Auth/OpenID/Message.php"; +-require_once "Auth/Yadis/XRIRes.php"; +-require_once "Auth/Yadis/Yadis.php"; ++require_once "Auth_OpenID/OpenID.php"; ++require_once "Auth_OpenID/OpenID/Parse.php"; ++require_once "Auth_OpenID/OpenID/Message.php"; ++require_once "Auth_OpenID/Yadis/XRIRes.php"; ++require_once "Auth_OpenID/Yadis/Yadis.php"; + + // XML namespace value + define('Auth_OpenID_XMLNS_1_0', 'http://openid.net/xmlns/1.0'); +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/DumbStore.php php-openid-2.2.2.new/Auth/OpenID/DumbStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/DumbStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/DumbStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -17,8 +17,8 @@ + /** + * Import the interface for creating a new store class. + */ +-require_once 'Auth/OpenID/Interface.php'; +-require_once 'Auth/OpenID/HMAC.php'; ++require_once 'Auth_OpenID/OpenID/Interface.php'; ++require_once 'Auth_OpenID/OpenID/HMAC.php'; + + /** + * This is a store for use in the worst case, when you have no way of +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Extension.php php-openid-2.2.2.new/Auth/OpenID/Extension.php +--- php-openid-2.2.2.orig/Auth/OpenID/Extension.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Extension.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + /** + * Require the Message implementation. + */ +-require_once 'Auth/OpenID/Message.php'; ++require_once 'Auth_OpenID/OpenID/Message.php'; + + /** + * A base class for accessing extension request and response data for +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/FileStore.php php-openid-2.2.2.new/Auth/OpenID/FileStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/FileStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/FileStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -17,10 +17,10 @@ + /** + * Require base class for creating a new interface. + */ +-require_once 'Auth/OpenID.php'; +-require_once 'Auth/OpenID/Interface.php'; +-require_once 'Auth/OpenID/HMAC.php'; +-require_once 'Auth/OpenID/Nonce.php'; ++require_once 'Auth_OpenID/OpenID.php'; ++require_once 'Auth_OpenID/OpenID/Interface.php'; ++require_once 'Auth_OpenID/OpenID/HMAC.php'; ++require_once 'Auth_OpenID/OpenID/Nonce.php'; + + /** + * This is a filesystem-based store for OpenID associations and +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/HMAC.php php-openid-2.2.2.new/Auth/OpenID/HMAC.php +--- php-openid-2.2.2.orig/Auth/OpenID/HMAC.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/HMAC.php 2011-03-22 21:10:52.000000000 -0600 +@@ -14,7 +14,7 @@ + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +-require_once 'Auth/OpenID.php'; ++require_once 'Auth_OpenID/OpenID.php'; + + /** + * SHA1_BLOCKSIZE is this module's SHA1 blocksize used by the fallback +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MDB2Store.php php-openid-2.2.2.new/Auth/OpenID/MDB2Store.php +--- php-openid-2.2.2.orig/Auth/OpenID/MDB2Store.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/MDB2Store.php 2011-03-22 21:10:52.000000000 -0600 +@@ -18,17 +18,17 @@ + /** + * @access private + */ +-require_once 'Auth/OpenID/Interface.php'; ++require_once 'Auth_OpenID/OpenID/Interface.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID.php'; ++require_once 'Auth_OpenID/OpenID.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID/Nonce.php'; ++require_once 'Auth_OpenID/OpenID/Nonce.php'; + + /** + * This store uses a PEAR::MDB2 connection to store persistence +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MemcachedStore.php php-openid-2.2.2.new/Auth/OpenID/MemcachedStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/MemcachedStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/MemcachedStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -18,7 +18,7 @@ + /** + * Import the interface for creating a new store class. + */ +-require_once 'Auth/OpenID/Interface.php'; ++require_once 'Auth_OpenID/OpenID/Interface.php'; + + /** + * This is a memcached-based store for OpenID associations and +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Message.php php-openid-2.2.2.new/Auth/OpenID/Message.php +--- php-openid-2.2.2.orig/Auth/OpenID/Message.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Message.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,10 +9,10 @@ + /** + * Import tools needed to deal with messages. + */ +-require_once 'Auth/OpenID.php'; +-require_once 'Auth/OpenID/KVForm.php'; +-require_once 'Auth/Yadis/XML.php'; +-require_once 'Auth/OpenID/Consumer.php'; // For Auth_OpenID_FailureResponse ++require_once 'Auth_OpenID/OpenID.php'; ++require_once 'Auth_OpenID/OpenID/KVForm.php'; ++require_once 'Auth_OpenID/Yadis/XML.php'; ++require_once 'Auth_OpenID/OpenID/Consumer.php'; // For Auth_OpenID_FailureResponse + + // This doesn't REALLY belong here, but where is better? + define('Auth_OpenID_IDENTIFIER_SELECT', +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MySQLStore.php php-openid-2.2.2.new/Auth/OpenID/MySQLStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/MySQLStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/MySQLStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + /** + * Require the base class file. + */ +-require_once "Auth/OpenID/SQLStore.php"; ++require_once "Auth_OpenID/OpenID/SQLStore.php"; + + /** + * An SQL store that uses MySQL as its backend. +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Nonce.php php-openid-2.2.2.new/Auth/OpenID/Nonce.php +--- php-openid-2.2.2.orig/Auth/OpenID/Nonce.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Nonce.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + /** + * Need CryptUtil to generate random strings. + */ +-require_once 'Auth/OpenID/CryptUtil.php'; ++require_once 'Auth_OpenID/OpenID/CryptUtil.php'; + + /** + * This is the characters that the nonces are made from. +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/PAPE.php php-openid-2.2.2.new/Auth/OpenID/PAPE.php +--- php-openid-2.2.2.orig/Auth/OpenID/PAPE.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/PAPE.php 2011-03-22 21:10:52.000000000 -0600 +@@ -8,7 +8,7 @@ + * http://openid.net/developers/specs/ + */ + +-require_once "Auth/OpenID/Extension.php"; ++require_once "Auth_OpenID/OpenID/Extension.php"; + + define('Auth_OpenID_PAPE_NS_URI', + "http://specs.openid.net/extensions/pape/1.0"); +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Parse.php php-openid-2.2.2.new/Auth/OpenID/Parse.php +--- php-openid-2.2.2.orig/Auth/OpenID/Parse.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Parse.php 2011-03-22 21:10:52.000000000 -0600 +@@ -82,7 +82,7 @@ + /** + * Require Auth_OpenID::arrayGet(). + */ +-require_once "Auth/OpenID.php"; ++require_once "Auth_OpenID/OpenID.php"; + + class Auth_OpenID_Parse { + +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/PostgreSQLStore.php php-openid-2.2.2.new/Auth/OpenID/PostgreSQLStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/PostgreSQLStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/PostgreSQLStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + /** + * Require the base class file. + */ +-require_once "Auth/OpenID/SQLStore.php"; ++require_once "Auth_OpenID/OpenID/SQLStore.php"; + + /** + * An SQL store that uses PostgreSQL as its backend. +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Server.php php-openid-2.2.2.new/Auth/OpenID/Server.php +--- php-openid-2.2.2.orig/Auth/OpenID/Server.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/Server.php 2011-03-22 21:10:52.000000000 -0600 +@@ -92,16 +92,16 @@ + /** + * Required imports + */ +-require_once "Auth/OpenID.php"; +-require_once "Auth/OpenID/Association.php"; +-require_once "Auth/OpenID/CryptUtil.php"; +-require_once "Auth/OpenID/BigMath.php"; +-require_once "Auth/OpenID/DiffieHellman.php"; +-require_once "Auth/OpenID/KVForm.php"; +-require_once "Auth/OpenID/TrustRoot.php"; +-require_once "Auth/OpenID/ServerRequest.php"; +-require_once "Auth/OpenID/Message.php"; +-require_once "Auth/OpenID/Nonce.php"; ++require_once "Auth_OpenID/OpenID.php"; ++require_once "Auth_OpenID/OpenID/Association.php"; ++require_once "Auth_OpenID/OpenID/CryptUtil.php"; ++require_once "Auth_OpenID/OpenID/BigMath.php"; ++require_once "Auth_OpenID/OpenID/DiffieHellman.php"; ++require_once "Auth_OpenID/OpenID/KVForm.php"; ++require_once "Auth_OpenID/OpenID/TrustRoot.php"; ++require_once "Auth_OpenID/OpenID/ServerRequest.php"; ++require_once "Auth_OpenID/OpenID/Message.php"; ++require_once "Auth_OpenID/OpenID/Nonce.php"; + + define('AUTH_OPENID_HTTP_OK', 200); + define('AUTH_OPENID_HTTP_REDIRECT', 302); +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/ServerRequest.php php-openid-2.2.2.new/Auth/OpenID/ServerRequest.php +--- php-openid-2.2.2.orig/Auth/OpenID/ServerRequest.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/ServerRequest.php 2011-03-22 21:10:52.000000000 -0600 +@@ -17,7 +17,7 @@ + /** + * Imports + */ +-require_once "Auth/OpenID.php"; ++require_once "Auth_OpenID/OpenID.php"; + + /** + * Object that holds the state of a request to the OpenID server +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SQLiteStore.php php-openid-2.2.2.new/Auth/OpenID/SQLiteStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/SQLiteStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/SQLiteStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + /** + * Require the base class file. + */ +-require_once "Auth/OpenID/SQLStore.php"; ++require_once "Auth_OpenID/OpenID/SQLStore.php"; + + /** + * An SQL store that uses SQLite as its backend. +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SQLStore.php php-openid-2.2.2.new/Auth/OpenID/SQLStore.php +--- php-openid-2.2.2.orig/Auth/OpenID/SQLStore.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/SQLStore.php 2011-03-22 21:10:52.000000000 -0600 +@@ -16,18 +16,18 @@ + /** + * @access private + */ +-require_once 'Auth/OpenID/Interface.php'; +-require_once 'Auth/OpenID/Nonce.php'; ++require_once 'Auth_OpenID/OpenID/Interface.php'; ++require_once 'Auth_OpenID/OpenID/Nonce.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID.php'; ++require_once 'Auth_OpenID/OpenID.php'; + + /** + * @access private + */ +-require_once 'Auth/OpenID/Nonce.php'; ++require_once 'Auth_OpenID/OpenID/Nonce.php'; + + /** + * This is the parent class for the SQL stores, which contains the +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SReg.php php-openid-2.2.2.new/Auth/OpenID/SReg.php +--- php-openid-2.2.2.orig/Auth/OpenID/SReg.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/SReg.php 2011-03-22 21:10:52.000000000 -0600 +@@ -42,8 +42,8 @@ + /** + * Import message and extension internals. + */ +-require_once 'Auth/OpenID/Message.php'; +-require_once 'Auth/OpenID/Extension.php'; ++require_once 'Auth_OpenID/OpenID/Message.php'; ++require_once 'Auth_OpenID/OpenID/Extension.php'; + + // The data fields that are listed in the sreg spec + global $Auth_OpenID_sreg_data_fields; +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/TrustRoot.php php-openid-2.2.2.new/Auth/OpenID/TrustRoot.php +--- php-openid-2.2.2.orig/Auth/OpenID/TrustRoot.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/TrustRoot.php 2011-03-22 21:10:52.000000000 -0600 +@@ -12,7 +12,7 @@ + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +-require_once 'Auth/OpenID/Discover.php'; ++require_once 'Auth_OpenID/OpenID/Discover.php'; + + /** + * A regular expression that matches a domain ending in a top-level domains. +diff -Naur php-openid-2.2.2.orig/Auth/OpenID/URINorm.php php-openid-2.2.2.new/Auth/OpenID/URINorm.php +--- php-openid-2.2.2.orig/Auth/OpenID/URINorm.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID/URINorm.php 2011-03-22 21:10:52.000000000 -0600 +@@ -9,7 +9,7 @@ + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +-require_once 'Auth/Yadis/Misc.php'; ++require_once 'Auth_OpenID/Yadis/Misc.php'; + + // from appendix B of rfc 3986 (http://www.ietf.org/rfc/rfc3986.txt) + function Auth_OpenID_getURIPattern() +diff -Naur php-openid-2.2.2.orig/Auth/OpenID.php php-openid-2.2.2.new/Auth/OpenID.php +--- php-openid-2.2.2.orig/Auth/OpenID.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/OpenID.php 2011-03-22 21:10:49.000000000 -0600 +@@ -25,10 +25,10 @@ + /** + * Require the fetcher code. + */ +-require_once "Auth/Yadis/PlainHTTPFetcher.php"; +-require_once "Auth/Yadis/ParanoidHTTPFetcher.php"; +-require_once "Auth/OpenID/BigMath.php"; +-require_once "Auth/OpenID/URINorm.php"; ++require_once "Auth_OpenID/Yadis/PlainHTTPFetcher.php"; ++require_once "Auth_OpenID/Yadis/ParanoidHTTPFetcher.php"; ++require_once "Auth_OpenID/OpenID/BigMath.php"; ++require_once "Auth_OpenID/OpenID/URINorm.php"; + + /** + * Status code returned by the server when the only option is to show +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/HTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/HTTPFetcher.php +--- php-openid-2.2.2.orig/Auth/Yadis/HTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/HTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600 +@@ -16,7 +16,7 @@ + /** + * Require logging functionality + */ +-require_once "Auth/OpenID.php"; ++require_once "Auth_OpenID/OpenID.php"; + + define('Auth_OpenID_FETCHER_MAX_RESPONSE_KB', 1024); + define('Auth_OpenID_USER_AGENT', +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/ParanoidHTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/ParanoidHTTPFetcher.php +--- php-openid-2.2.2.orig/Auth/Yadis/ParanoidHTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/ParanoidHTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600 +@@ -16,9 +16,9 @@ + /** + * Interface import + */ +-require_once "Auth/Yadis/HTTPFetcher.php"; ++require_once "Auth_OpenID/Yadis/HTTPFetcher.php"; + +-require_once "Auth/OpenID.php"; ++require_once "Auth_OpenID/OpenID.php"; + + /** + * A paranoid {@link Auth_Yadis_HTTPFetcher} class which uses CURL +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/PlainHTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/PlainHTTPFetcher.php +--- php-openid-2.2.2.orig/Auth/Yadis/PlainHTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/PlainHTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600 +@@ -17,7 +17,7 @@ + /** + * Interface import + */ +-require_once "Auth/Yadis/HTTPFetcher.php"; ++require_once "Auth_OpenID/Yadis/HTTPFetcher.php"; + + /** + * This class implements a plain, hand-built socket-based fetcher +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRDS.php php-openid-2.2.2.new/Auth/Yadis/XRDS.php +--- php-openid-2.2.2.orig/Auth/Yadis/XRDS.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/XRDS.php 2011-03-22 21:10:55.000000000 -0600 +@@ -16,7 +16,7 @@ + /** + * Require the XPath implementation. + */ +-require_once 'Auth/Yadis/XML.php'; ++require_once 'Auth_OpenID/Yadis/XML.php'; + + /** + * This match mode means a given service must match ALL filters passed +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRI.php php-openid-2.2.2.new/Auth/Yadis/XRI.php +--- php-openid-2.2.2.orig/Auth/Yadis/XRI.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/XRI.php 2011-03-22 21:10:55.000000000 -0600 +@@ -9,9 +9,9 @@ + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache + */ + +-require_once 'Auth/Yadis/Misc.php'; +-require_once 'Auth/Yadis/Yadis.php'; +-require_once 'Auth/OpenID.php'; ++require_once 'Auth_OpenID/Yadis/Misc.php'; ++require_once 'Auth_OpenID/Yadis/Yadis.php'; ++require_once 'Auth_OpenID/OpenID.php'; + + function Auth_Yadis_getDefaultProxy() + { +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRIRes.php php-openid-2.2.2.new/Auth/Yadis/XRIRes.php +--- php-openid-2.2.2.orig/Auth/Yadis/XRIRes.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/XRIRes.php 2011-03-22 21:10:55.000000000 -0600 +@@ -4,8 +4,8 @@ + * Code for using a proxy XRI resolver. + */ + +-require_once 'Auth/Yadis/XRDS.php'; +-require_once 'Auth/Yadis/XRI.php'; ++require_once 'Auth_OpenID/Yadis/XRDS.php'; ++require_once 'Auth_OpenID/Yadis/XRI.php'; + + class Auth_Yadis_ProxyResolver { + function Auth_Yadis_ProxyResolver($fetcher, $proxy_url = null) +diff -Naur php-openid-2.2.2.orig/Auth/Yadis/Yadis.php php-openid-2.2.2.new/Auth/Yadis/Yadis.php +--- php-openid-2.2.2.orig/Auth/Yadis/Yadis.php 2011-03-22 21:09:55.000000000 -0600 ++++ php-openid-2.2.2.new/Auth/Yadis/Yadis.php 2011-03-22 21:10:55.000000000 -0600 +@@ -17,18 +17,18 @@ + * Need both fetcher types so we can use the right one based on the + * presence or absence of CURL. + */ +-require_once "Auth/Yadis/PlainHTTPFetcher.php"; +-require_once "Auth/Yadis/ParanoidHTTPFetcher.php"; ++require_once "Auth_OpenID/Yadis/PlainHTTPFetcher.php"; ++require_once "Auth_OpenID/Yadis/ParanoidHTTPFetcher.php"; + + /** + * Need this for parsing HTML (looking for META tags). + */ +-require_once "Auth/Yadis/ParseHTML.php"; ++require_once "Auth_OpenID/Yadis/ParseHTML.php"; + + /** + * Need this to parse the XRDS document during Yadis discovery. + */ +-require_once "Auth/Yadis/XRDS.php"; ++require_once "Auth_OpenID/Yadis/XRDS.php"; + + /** + * XRDS (yadis) content type +@@ -165,7 +165,7 @@ + * + * First, require this library into your program source: + * +- * 
  require_once "Auth/Yadis/Yadis.php";
++ * 
  require_once "Auth_OpenID/Yadis/Yadis.php";
+ * + * To perform Yadis discovery, first call the "discover" method + * statically with a URI parameter: diff --git a/php-pear-Auth-OpenID.spec b/php-pear-Auth-OpenID.spec new file mode 100644 index 0000000..413e080 --- /dev/null +++ b/php-pear-Auth-OpenID.spec @@ -0,0 +1,151 @@ +%{!?__pear: %{expand: %%global __pear %{_bindir}/pear}} +%define pear_name Auth_OpenID + +Name: php-pear-Auth-OpenID +Version: 2.2.2 +Release: 7%{?dist} +Summary: PHP OpenID +Group: Development/System +License: ASL 2.0 +URL: http://www.janrain.com/openid-enabled +# php-pear-Auth-OpenID is now hosted on github +# https://github.com/openid/php-openid +# downloading the tarball and repacking it from +# openid-php-openid-2.2.2-0-ga287b2d.tar.gz to php-openid-2.2.2.tar.bz2 +Source0: php-openid-%{version}.tar.bz2 + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root +BuildArch: noarch +BuildRequires: php-pear >= 1:1.4.9-1.2 +BuildRequires: python +Requires: php-pear(PEAR) +Requires(post): php-pear +Requires(postun): php-pear +# Required for testing, but we need PHPUnit 1.x +#Requires: php-pear-PHPUnit >= 1.1.1 +# part of the pear spec, but the version makes no sense +#Requires: php-pear-DB >= 1.80 +Requires: php-pgsql +Requires: php-mysql +#Requires: php-sqlite +Requires: php-bcmath +Requires: php-pear-Net-Curl +Provides: php-pear(%{pear_name}) = %{version} + +# This patch fixes the paths from Auth -> Auth_OpenID +Patch0: php-openid-2.2.2-requires-paths.patch + +# Patch for CVE-2013-4701 +# https://github.com/openid/php-openid/commit/625c16bb28bb120d262b3f19f89c2c06cb9b0da9 +Patch1: php-openid-2.2.2-cve-2013-4701.patch + +%description +An implementation of the OpenID single sign-on authentication +protocol. + +%prep +%setup -q -n php-openid-%{version} +# +# needed so we can execute packagexml.py +# +chmod +x admin/packagexml.py +admin/packagexml.py %{version} admin/package2.xml README > %{pear_name}.xml + +# Fix the paths from Auth -> Auth_OpenID +%patch0 -p1 +%patch1 -p1 + +%build + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/%{pear_phpdir}/%{pear_name}/OpenID \ + %{buildroot}/%{pear_phpdir}/%{pear_name}/Yadis +pear install --nodeps --packagingroot %{buildroot} %{pear_name}.xml +# The pear install is not yet complete, so we need to manually move in +# some parts +cp -a Auth/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/ +cp -a Auth/OpenID/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/OpenID/ +cp -a Auth/Yadis/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/Yadis/ + +# Clean up unnecessary files +rm -rf %{buildroot}%{pear_metadir}/.??* + +# Install XML package description +mkdir -p %{buildroot}%{pear_xmldir} +install -pm 644 %{pear_name}.xml %{buildroot}%{pear_xmldir} + +%clean +rm -rf %{buildroot} + +%post +pear install --nodeps --offline --soft --force --register-only \ + %{pear_xmldir}/%{pear_name}.xml >/dev/null || : + +%postun +if [ $1 -eq 0 ] ; then + pear uninstall --nodeps --ignore-errors --register-only \ + %{pear_name} >/dev/null || : +fi + +%files +%defattr(-,root,root,-) +%doc NEWS COPYING README examples + +%{pear_xmldir}/%{pear_name}.xml +%{pear_phpdir}/%{pear_name} + +%changelog +* Fri Aug 23 2013 Kevin Fenzi 2.2.2-7 +- Patch for CVE-2013-4701 + +* Sun Aug 04 2013 Fedora Release Engineering - 2.2.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Feb 22 2013 Kevin Fenzi 2.2.2-5 +- Fixed pear metadata directory location. Fixes FTBFS bug 914351 + +* Thu Feb 14 2013 Fedora Release Engineering - 2.2.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jul 20 2012 Fedora Release Engineering - 2.2.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jan 14 2012 Fedora Release Engineering - 2.2.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Mar 22 2011 Kurt Seifried - 2.2.2-1 +- Upgrade to 2.2.2 +- Corrected file paths for Fedora +- Corrected chmod +x admin/packagexml.py + +* Sun Jul 26 2009 Fedora Release Engineering - 2.1.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Feb 26 2009 Fedora Release Engineering - 2.1.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Fri Aug 1 2008 Axel Thimm - 2.1.1-6 +- Change documentation handling to use %%doc. + +* Wed Jul 30 2008 Axel Thimm - 2.1.1-5 +- Upgrade to 2.1.1. +- Use php_dir instead of data_dir (Rakesh Pandit ) +- Fix CRLF (Peter Lemenkov & R. Pandit) + +* Sun Feb 24 2008 Axel Thimm - 2.0.1-4 +- Update to 2.0.1. +- Change license. +- PEAR install method has regressed, some manual fixes are neccessary. +- No testing done (needs too old PHPUnit). + +* Sat Feb 23 2008 Axel Thimm - 1.2.3-3 +- Update to 1.2.3. +- Dropped PHPUnit 1.x dependency. + +* Mon Aug 6 2007 Axel Thimm - 1.2.2-2 +- Update to 1.2.2. + +* Thu Feb 1 2007 Axel Thimm - 1.2.1-1 +- Initial build. + -- cgit