From cfdc0f431df55869bb95ad2077c27eabe19e2a53 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 27 Oct 2015 13:38:33 +0100 Subject: php-pecl-taint: 1.0.0 (beta, php7) - New package --- LICENSE | 68 ++++++++++++++++ Makefile | 4 + php-pecl-taint.spec | 217 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 289 insertions(+) create mode 100644 LICENSE create mode 100644 Makefile create mode 100644 php-pecl-taint.spec diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..51877e0 --- /dev/null +++ b/LICENSE @@ -0,0 +1,68 @@ +-------------------------------------------------------------------- + The PHP License, version 3.01 +Copyright (c) 1999 - 2011 The PHP Group. All rights reserved. +-------------------------------------------------------------------- + +Redistribution and use in source and binary forms, with or without +modification, is permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. The name "PHP" must not be used to endorse or promote products + derived from this software without prior written permission. For + written permission, please contact group@php.net. + + 4. Products derived from this software may not be called "PHP", nor + may "PHP" appear in their name, without prior written permission + from group@php.net. You may indicate that your software works in + conjunction with PHP by saying "Foo for PHP" instead of calling + it "PHP Foo" or "phpfoo" + + 5. The PHP Group may publish revised and/or new versions of the + license from time to time. Each version will be given a + distinguishing version number. + Once covered code has been published under a particular version + of the license, you may always continue to use it under the terms + of that version. You may also choose to use such covered code + under the terms of any subsequent version of the license + published by the PHP Group. No one other than the PHP Group has + the right to modify the terms applicable to covered code created + under this License. + + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + "This product includes PHP software, freely available from + ". + +THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND +ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP +DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. + +-------------------------------------------------------------------- + +This software consists of voluntary contributions made by many +individuals on behalf of the PHP Group. + +The PHP Group can be contacted via Email at group@php.net. + +For more information on the PHP Group and the PHP project, +please see . + +PHP includes the Zend Engine, freely available at +. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..13af741 --- /dev/null +++ b/Makefile @@ -0,0 +1,4 @@ +SRCDIR := $(shell pwd) +NAME := $(shell basename $(SRCDIR)) +include ../../../common/Makefile + diff --git a/php-pecl-taint.spec b/php-pecl-taint.spec new file mode 100644 index 0000000..8699e5e --- /dev/null +++ b/php-pecl-taint.spec @@ -0,0 +1,217 @@ +# remirepo spec file for php-pecl-taint +# +# Copyright (c) 2015 Remi Collet +# License: CC-BY-SA +# http://creativecommons.org/licenses/by-sa/4.0/ +# +# Please, preserve the changelog entries +# +%{?scl: %scl_package php-pecl-taint} +%{!?php_inidir: %global php_inidir %{_sysconfdir}/php.d} +%{!?__php: %global __php %{_bindir}/php} + +%global gh_commit e7cc225bf212a72db3be492d53aa89ddbb18bfa1 +%global gh_short %(c=%{gh_commit}; echo ${c:0:7}) +%global gh_owner laruence +%global gh_project taint +#global gh_date 20150910 +%global pecl_name taint +%global with_zts 0%{?__ztsphp:1} +%global ini_name 40-%{pecl_name}.ini + +Summary: XSS code sniffer +Name: %{?scl_prefix}php-pecl-taint +Version: 2.0.0 +%if 0%{?gh_date:1} +Release: 0.7.%{gh_date}git%{gh_short}%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} +%else +Release: 1%{?dist}%{!?scl:%{!?nophptag:%(%{__php} -r 'echo ".".PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')}} +%endif +License: PHP +Group: Development/Languages +URL: https://github.com/%{gh_owner}/%{gh_project} +Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{version}-%{gh_short}.tar.gz + +Source1: https://raw.githubusercontent.com/laruence/taint/php7/LICENSE + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root +BuildRequires: %{?scl_prefix}php-devel > 7 +BuildRequires: %{?scl_prefix}php-pear + +Requires: %{?scl_prefix}php(zend-abi) = %{php_zend_api} +Requires: %{?scl_prefix}php(api) = %{php_core_api} +%{?_sclreq:Requires: %{?scl_prefix}runtime%{?_sclreq}%{?_isa}} + +%if "%{?vendor}" == "Remi Collet" && 0%{!?scl:1} +%if "%{php_version}" > "7.0" +Obsoletes: php70u-pecl-%{pecl_name} <= %{version} +Obsoletes: php70w-pecl-%{pecl_name} <= %{version} +%endif +%endif + +Provides: %{?scl_prefix}php-%{pecl_name} = %{version} +Provides: %{?scl_prefix}php-%{pecl_name}%{?_isa} = %{version} +Provides: %{?scl_prefix}php-pecl(%{pecl_name}) = %{version} +Provides: %{?scl_prefix}php-pecl(%{pecl_name})%{?_isa} = %{version} + +%if 0%{?fedora} < 20 && 0%{?rhel} < 7 +# Filter shared private +%{?filter_provides_in: %filter_provides_in %{_libdir}/.*\.so$} +%{?filter_setup} +%endif + + +%description +An extension used for detecting XSS codes(tainted string), +And also can be used to spot sql injection vulnerabilities, shell inject, etc. + +This extension is still EXPERIMENTAL. + +Package built for PHP %(%{__php} -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')%{?scl: as Software Collection (%{scl} by %{?scl_vendor}%{!?scl_vendor:rh})}. + + +%prep +%setup -qc +mv %{gh_project}-%{gh_commit} NTS +mv NTS/package2.xml package.xml + +cp %{SOURCE1} NTS/LICENSE + +cd NTS +# When this file will be removed, clean the description. +[ -f EXPERIMENTAL ] || exit 1 + +# Sanity check, really often broken +extver=$(sed -n '/#define PHP_TAINT_VERSION/{s/.* "//;s/".*$//;p}' php_taint.h) +if test "x${extver}" != "x%{version}%{?gh_date:-dev}"; then + : Error: Upstream extension version is ${extver}, expecting %{version}%{?gh_date:-dev}. + exit 1 +fi +cd .. + +%if %{with_zts} +# duplicate for ZTS build +cp -pr NTS ZTS +%endif + +# Drop in the bit of configuration +cat << 'EOF' | tee %{ini_name} +; Enable '%{summary}' extension module +extension = %{pecl_name}.so + +; Configuration +;taint.enable = 0 +;taint.error_level = 512 +EOF + + +%build +cd NTS +%{_bindir}/phpize +%configure \ + --with-php-config=%{_bindir}/php-config \ + --enable-taint +make %{?_smp_mflags} + +%if %{with_zts} +cd ../ZTS +%{_bindir}/zts-phpize +%configure \ + --with-php-config=%{_bindir}/zts-php-config \ + --enable-taint +make %{?_smp_mflags} +%endif + + +%install +rm -rf %{buildroot} +# Install the NTS stuff +make -C NTS install INSTALL_ROOT=%{buildroot} +install -D -m 644 %{ini_name} %{buildroot}%{php_inidir}/%{ini_name} + +# Install XML package description +install -D -m 644 package.xml %{buildroot}%{pecl_xmldir}/%{name}.xml + +%if %{with_zts} +# Install the ZTS stuff +make -C ZTS install INSTALL_ROOT=%{buildroot} +install -D -m 644 %{ini_name} %{buildroot}%{php_ztsinidir}/%{ini_name} +%endif + +# Documentation +for i in README.md CREDITS LICENSE EXPERIMENTAL $(grep 'role="doc"' package.xml | sed -e 's/^.*name="//;s/".*$//') +do [ -f NTS/$i ] && install -Dpm 644 NTS/$i %{buildroot}%{pecl_docdir}/%{pecl_name}/$i +done + + +%check +cd NTS +: Minimal load test for NTS extension +%{__php} --no-php-ini \ + --define extension=%{buildroot}%{php_extdir}/%{pecl_name}.so \ + --modules | grep %{pecl_name} + +: Upstream test suite for NTS extension +TEST_PHP_EXECUTABLE=%{__php} \ +TEST_PHP_ARGS="-n -d extension_dir=$PWD/modules -d extension=%{pecl_name}.so" \ +NO_INTERACTION=1 \ +REPORT_EXIT_STATUS=1 \ +%{__php} -n run-tests.php --show-diff || : ignore + +%if %{with_zts} +cd ../ZTS +rm tests/004.phpt +: Minimal load test for ZTS extension +%{__ztsphp} --no-php-ini \ + --define extension=%{buildroot}%{php_ztsextdir}/%{pecl_name}.so \ + --modules | grep %{pecl_name} + +: Upstream test suite for ZTS extension +TEST_PHP_EXECUTABLE=%{__ztsphp} \ +TEST_PHP_ARGS="-n -d extension_dir=$PWD/modules -d extension=%{pecl_name}.so" \ +NO_INTERACTION=1 \ +REPORT_EXIT_STATUS=1 \ +%{__ztsphp} -n run-tests.php --show-diff +%endif + + +# when pear installed alone, after us +%triggerin -- %{?scl_prefix}php-pear +if [ -x %{__pecl} ] ; then + %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || : +fi + +# posttrans as pear can be installed after us +%posttrans +if [ -x %{__pecl} ] ; then + %{pecl_install} %{pecl_xmldir}/%{name}.xml >/dev/null || : +fi + +%postun +if [ $1 -eq 0 -a -x %{__pecl} ] ; then + %{pecl_uninstall} %{pecl_name} >/dev/null || : +fi + + +%clean +rm -rf %{buildroot} + + +%files +%defattr(-,root,root,-) +%{?_licensedir:%license NTS/LICENSE} +%doc %{pecl_docdir}/%{pecl_name} +%{pecl_xmldir}/%{name}.xml + +%config(noreplace) %{php_inidir}/%{ini_name} +%{php_extdir}/%{pecl_name}.so + +%if %{with_zts} +%config(noreplace) %{php_ztsinidir}/%{ini_name} +%{php_ztsextdir}/%{pecl_name}.so +%endif + + +%changelog +* Tue Oct 27 2015 Remi Collet - 1.0.0-1 +- new package, version 1.0.0 (beta, php 7) \ No newline at end of file -- cgit