From 6914334a4fcb099d41abbc8e2f14c06b4d829161 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Thu, 2 Jan 2014 10:05:47 +0100 Subject: php-pecl-crypto: 0.1.0 (devel) - New package --- Makefile | 4 + crypto-build.patch | 152 ++++++++++++++++++++++++++++++++++++ php-pecl-crypto.spec | 215 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 371 insertions(+) create mode 100644 Makefile create mode 100644 crypto-build.patch create mode 100644 php-pecl-crypto.spec diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..13af741 --- /dev/null +++ b/Makefile @@ -0,0 +1,4 @@ +SRCDIR := $(shell pwd) +NAME := $(shell basename $(SRCDIR)) +include ../../../common/Makefile + diff --git a/crypto-build.patch b/crypto-build.patch new file mode 100644 index 0000000..6317810 --- /dev/null +++ b/crypto-build.patch @@ -0,0 +1,152 @@ +From 4407d0ce8653a5dcd8889ee695c7e8d450175ab7 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 2 Jan 2014 08:44:18 +0100 +Subject: [PATCH 1/5] fix build with PHP 5.3.3 + +--- + crypto.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto.c b/crypto.c +index e5fed4a..2de49c2 100644 +--- a/crypto.c ++++ b/crypto.c +@@ -31,7 +31,7 @@ + + /* {{{ crypto_functions[] */ + const zend_function_entry crypto_functions[] = { +- PHP_FE_END ++ PHP_CRYPTO_FE_END + }; + /* }}} */ + +@@ -62,7 +62,7 @@ + PHP_MINIT(crypto_alg)(INIT_FUNC_ARGS_PASSTHRU); + PHP_MINIT(crypto_base64)(INIT_FUNC_ARGS_PASSTHRU); + PHP_MINIT(crypto_rand)(INIT_FUNC_ARGS_PASSTHRU); +- ++ + return SUCCESS; + } + /* }}} */ +-- +1.8.5.1 + + +From cec32fccdcbbbd87bfad058fdb085bed456d0968 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 2 Jan 2014 08:47:54 +0100 +Subject: [PATCH 2/5] Fix: crypto_alg.c:326:7: warning: 'copy_success' may be + used uninitialized in this function [-Wmaybe-uninitialized] + +--- + crypto_alg.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/crypto_alg.c b/crypto_alg.c +index 6aa26c4..200069d 100644 +--- a/crypto_alg.c ++++ b/crypto_alg.c +@@ -321,6 +321,9 @@ zend_object_value php_crypto_algorithm_object_clone(zval *this_ptr TSRMLS_DC) + copy_success = CMAC_CTX_copy(PHP_CRYPTO_CMAC_CTX(new_obj), PHP_CRYPTO_CMAC_CTX(old_obj)); + } + #endif ++ else { ++ copy_success = 0; ++ } + + copy_end: + if (!copy_success) { +-- +1.8.5.1 + + +From 1392ed66ea17466fd2c7674a55185677ed8316b9 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 2 Jan 2014 09:46:34 +0100 +Subject: [PATCH 3/5] Fix buffer overflow, fix #7 + +--- + crypto_base64.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto_base64.c b/crypto_base64.c +index 296e4d2..5ef3543 100644 +--- a/crypto_base64.c ++++ b/crypto_base64.c +@@ -270,7 +270,7 @@ static inline void php_crypto_base64_decode_finish(EVP_ENCODE_CTX *ctx, char *ou + + real_len = PHP_CRYPTO_BASE64_ENCODING_SIZE_REAL(in_len, intern->ctx); + if (real_len < PHP_CRYPTO_BASE64_ENCODING_SIZE_MIN) { +- char buff[PHP_CRYPTO_BASE64_ENCODING_SIZE_MIN]; ++ char buff[PHP_CRYPTO_BASE64_ENCODING_SIZE_MIN+1]; + php_crypto_base64_encode_update(intern->ctx, buff, &out_len, in, in_len); + if (out_len == 0) { + RETURN_EMPTY_STRING(); +@@ -278,7 +278,7 @@ static inline void php_crypto_base64_decode_finish(EVP_ENCODE_CTX *ctx, char *ou + buff[out_len] = 0; + RETURN_STRINGL(buff, out_len, 1); + } else { +- out = (char *) emalloc(real_len); ++ out = (char *) emalloc(real_len+1); + php_crypto_base64_encode_update(intern->ctx, out, &out_len, in, in_len); + out[out_len] = 0; + RETURN_STRINGL(out, out_len, 0); +-- +1.8.5.1 + + +From f0a2ffd8e35b687e641c6a63c10a6654692b8179 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 2 Jan 2014 09:52:49 +0100 +Subject: [PATCH 4/5] Fix buffer overflow (2), fix #7 + +--- + crypto_base64.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/crypto_base64.c b/crypto_base64.c +index 5ef3543..1139b48 100644 +--- a/crypto_base64.c ++++ b/crypto_base64.c +@@ -289,7 +289,7 @@ static inline void php_crypto_base64_decode_finish(EVP_ENCODE_CTX *ctx, char *ou + Encodes characters that left in the encoding context */ + PHP_CRYPTO_METHOD(Base64, encodeFinish) + { +- char out[PHP_CRYPTO_BASE64_ENCODING_SIZE_MIN]; ++ char out[PHP_CRYPTO_BASE64_ENCODING_SIZE_MIN+1]; + int out_len; + php_crypto_base64_object *intern; + +-- +1.8.5.1 + + +From 6d342bc2c96f624cd5d8c732eb74bbbb4c992952 Mon Sep 17 00:00:00 2001 +From: Remi Collet +Date: Thu, 2 Jan 2014 09:54:53 +0100 +Subject: [PATCH 5/5] Link to shared library, fix from Gasol, fix #5 + +--- + config.m4 | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/config.m4 b/config.m4 +index 1d7f8d0..4bfc013 100644 +--- a/config.m4 ++++ b/config.m4 +@@ -15,8 +15,10 @@ if test "$PHP_CRYPTO" != "no"; then + if test -x "$PKG_CONFIG" && $PKG_CONFIG --exists openssl; then + OPENSSL_INCDIR=`$PKG_CONFIG --variable=includedir openssl` + PHP_ADD_INCLUDE($OPENSSL_INCDIR) ++ CRYPTO_LIBS=`$PKG_CONFIG --libs openssl` ++ PHP_EVAL_LIBLINE($CRYPTO_LIBS, CRYPTO_SHARED_LIBADD) + fi +- ++ + AC_DEFINE(HAVE_CRYPTOLIB,1,[Enable objective OpenSSL Crypto wrapper]) + PHP_SUBST(CRYPTO_SHARED_LIBADD) + PHP_NEW_EXTENSION(crypto, crypto.c crypto_alg.c crypto_base64.c crypto_rand.c, $ext_shared) +-- +1.8.5.1 + diff --git a/php-pecl-crypto.spec b/php-pecl-crypto.spec new file mode 100644 index 0000000..ec5b607 --- /dev/null +++ b/php-pecl-crypto.spec @@ -0,0 +1,215 @@ +# spec file for php-pecl-crypto +# +# Copyright (c) 2013-2014 Remi Collet +# License: CC-BY-SA +# http://creativecommons.org/licenses/by-sa/3.0/ +# +# Please, preserve the changelog entries +# +%{?scl: %scl_package php-pecl-crypto} +%{!?php_inidir: %global php_inidir %{_sysconfdir}/php.d} +%{!?__pecl: %global __pecl %{_bindir}/pecl} +%{!?__php: %global __php %{_bindir}/php} + +%global with_zts 0%{?__ztsphp:1} +%global pecl_name crypto +%global with_tests %{!?_without_tests:1}%{?_without_tests:0} + +Summary: Wrapper for OpenSSL Crypto Library +Name: %{?scl_prefix}php-pecl-%{pecl_name} +Version: 0.1.0 +Release: 1%{?dist}%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')} +License: BSD +Group: Development/Languages +URL: http://pecl.php.net/package/%{pecl_name} +Source0: http://pecl.php.net/get/%{pecl_name}-%{version}.tgz + +# https://github.com/bukka/php-crypto/pull/6 +Patch0: %{pecl_name}-build.patch + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +BuildRequires: %{?scl_prefix}php-devel > 5.3 +BuildRequires: %{?scl_prefix}php-pear +%if 0%{?rhel} == 5 +BuildRequires: openssl-devel +%else +BuildRequires: pkgconfig(openssl) +%endif + +Requires(post): %{__pecl} +Requires(postun): %{__pecl} +Requires: %{?scl_prefix}php(zend-abi) = %{php_zend_api} +Requires: %{?scl_prefix}php(api) = %{php_core_api} + +Provides: %{?scl_prefix}php-%{pecl_name} = %{version} +Provides: %{?scl_prefix}php-%{pecl_name}%{?_isa} = %{version} +Provides: %{?scl_prefix}php-pecl(%{pecl_name}) = %{version} +Provides: %{?scl_prefix}php-pecl(%{pecl_name})%{?_isa} = %{version} + +%if 0%{!?scl:1} +# Other third party repo stuff +%if "%{php_version}" > "5.4" +Obsoletes: php53-pecl-%{pecl_name} +Obsoletes: php53u-pecl-%{pecl_name} +Obsoletes: php54-pecl-%{pecl_name} +%endif +%if "%{php_version}" > "5.5" +Obsoletes: php55u-pecl-%{pecl_name} +%endif +%endif + +%if 0%{?fedora} < 20 +# Filter shared private +%{?filter_provides_in: %filter_provides_in %{_libdir}/.*\.so$} +%{?filter_setup} +%endif + + +%description +This package provides an objective wrapper for OpenSSL Crypto Library. + + +%prep +%setup -q -c +mv %{pecl_name}-%{version} NTS + +cd NTS +%patch0 -p1 -b .build + +# Sanity check, really often broken +extver=$(sed -n '/#define PHP_CRYPTO_VERSION/{s/.* "//;s/".*$//;p}' php_crypto.h) +if test "x${extver}" != "x%{version}%{?prever:-%{prever}}"; then + : Error: Upstream extension version is ${extver}, expecting %{version}%{?prever:-%{prever}}. + exit 1 +fi +cd .. + +%if %{with_zts} +# Duplicate source tree for NTS / ZTS build +cp -pr NTS ZTS +%endif + +# Create configuration file +cat << 'EOF' | tee %{pecl_name}.ini +; Enable '%{summary}' extension module +extension=%{pecl_name}.so +EOF + + +%build +cd NTS +%{_bindir}/phpize +%configure \ + --with-crypto \ + --with-php-config=%{_bindir}/php-config +make %{?_smp_mflags} + +%if %{with_zts} +cd ../ZTS +%{_bindir}/zts-phpize +%configure \ + --with-crypto \ + --with-php-config=%{_bindir}/zts-php-config +make %{?_smp_mflags} +%endif + + +%install +rm -rf %{buildroot} + +make -C NTS install INSTALL_ROOT=%{buildroot} + +# install config file +install -D -m 644 %{pecl_name}.ini %{buildroot}%{php_inidir}/%{pecl_name}.ini + +# Install XML package description +install -D -m 644 package.xml %{buildroot}%{pecl_xmldir}/%{name}.xml + +%if %{with_zts} +make -C ZTS install INSTALL_ROOT=%{buildroot} + +install -D -m 644 %{pecl_name}.ini %{buildroot}%{php_ztsinidir}/%{pecl_name}.ini +%endif + +# Test & Documentation +for i in $(grep 'role="test"' package.xml | sed -e 's/^.*name="//;s/".*$//') +do install -Dpm 644 NTS/$i %{buildroot}%{pecl_testdir}/%{pecl_name}/$i +done +for i in $(grep 'role="doc"' package.xml | sed -e 's/^.*name="//;s/".*$//') +do install -Dpm 644 NTS/$i %{buildroot}%{pecl_docdir}/%{pecl_name}/$i +done + + +%post +%{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || : + + +%postun +if [ $1 -eq 0 ] ; then + %{pecl_uninstall} %{pecl_name} >/dev/null || : +fi + + +%check +cd NTS +: Minimal load test for NTS extension +%{__php} --no-php-ini \ + --define extension=modules/%{pecl_name}.so \ + --modules | grep %{pecl_name} + +%if %{with_tests} +for mod in json hash iconv propro; do + if [ -f %{php_extdir}/${mod}.so ]; then + modules="$modules -d extension=${mod}.so" + fi +done + +: Upstream test suite for NTS extension +TEST_PHP_EXECUTABLE=%{__php} \ +TEST_PHP_ARGS="-n $modules -d extension=$PWD/modules/%{pecl_name}.so" \ +NO_INTERACTION=1 \ +REPORT_EXIT_STATUS=1 \ +%{__php} -n run-tests.php +%endif + +%if %{with_zts} +cd ../ZTS +: Minimal load test for ZTS extension +%{__ztsphp} --no-php-ini \ + --define extension=modules/%{pecl_name}.so \ + --modules | grep %{pecl_name} + +%if %{with_tests} +: Upstream test suite for ZTS extension +TEST_PHP_EXECUTABLE=%{__ztsphp} \ +TEST_PHP_ARGS="-n $modules -d extension=$PWD/modules/%{pecl_name}.so" \ +NO_INTERACTION=1 \ +REPORT_EXIT_STATUS=1 \ +%{__ztsphp} -n run-tests.php +%endif +%endif + + +%clean +rm -rf %{buildroot} + + +%files +%defattr(-,root,root,-) +%doc %{pecl_docdir}/%{pecl_name} +%doc %{pecl_testdir}/%{pecl_name} +%{pecl_xmldir}/%{name}.xml +%config(noreplace) %{php_inidir}/%{pecl_name}.ini +%{php_extdir}/%{pecl_name}.so + +%if %{with_zts} +%config(noreplace) %{php_ztsinidir}/%{pecl_name}.ini +%{php_ztsextdir}/%{pecl_name}.so +%endif + + + +%changelog +* Thu Jan 2 2014 Remi Collet - 0.1.0-1 +- initial package, version 0.1.0 (devel) +- patch for PHP 5.3.3, https://github.com/bukka/php-crypto/pull/6 \ No newline at end of file -- cgit