diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2023-03-08 20:26:54 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2023-03-08 22:40:50 +0100 |
| commit | a24031248459c107553c13f30fd4bd94a44758e1 (patch) | |
| tree | 50bd7142faec4cea4f3389d1bc2ef1003801345e /pasture/source | |
| parent | 95095a0e2499322212eec0e9ac228095540ede4b (diff) | |
| download | current-a24031248459c107553c13f30fd4bd94a44758e1.tar.gz current-a24031248459c107553c13f30fd4bd94a44758e1.tar.xz | |
Wed Mar 8 20:26:54 UTC 202320230308202654
Hey folks, just some more updates on the road to an eventual beta. :-)
At this point nothing remains linked with openssl-1.1.1 except for python2 and
modules, and vsftpd. I think nobody cares about trying to force python2 to use
openssl3... it's EOL but still a zombie, unfortunately. I have seen some
patches for vsftpd and intend to take a look at them. We've bumped PHP to 8.2
and just gone ahead and killed 8.0 and 8.1. Like 7.4, 8.0 is not compatible
with openssl3 and it doesn't seem worthwhile to try to patch it. And with 8.2
already out for several revisions, 8.1 does not seem particularly valuable.
If you make use of PHP you should be used to it being a moving target by now.
Enjoy, and let me know if anything isn't working right. Cheers!
a/aaa_libraries-15.1-x86_64-19.txz: Rebuilt.
Recompiled against openssl-3.0.8: libcups.so.2, libcurl.so.4.8.0,
libldap.so.2.0.200, libssh2.so.1.0.1.
a/cryptsetup-2.6.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/kmod-30-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
a/openssl-solibs-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
a/openssl11-solibs-1.1.1t-x86_64-1.txz: Added.
ap/cups-2.4.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/hplip-3.20.5-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/lxc-4.0.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/mariadb-10.6.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/qpdf-11.3.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
ap/sudo-1.9.13p3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cargo-vendor-filterer-0.5.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/cvs-1.11.23-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/git-2.39.2-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/perl-5.36.0-x86_64-5.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/python3-3.9.16-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/ruby-3.2.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/rust-1.66.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
d/scons-4.5.1-x86_64-1.txz: Upgraded.
kde/falkon-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
kde/kitinerary-22.12.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/M2Crypto-0.38.0-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/SDL2-2.26.4-x86_64-1.txz: Upgraded.
l/gst-plugins-bad-free-1.22.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libarchive-3.6.2-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libevent-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libimobiledevice-20211124_2c6121d-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libssh2-1.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/libvncserver-0.9.14-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/mlt-7.14.0-x86_64-1.txz: Upgraded.
l/neon-0.32.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/nodejs-19.7.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/opusfile-0.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pipewire-0.3.66-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pulseaudio-16.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/pycurl-7.44.1-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qca-2.3.5-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
l/qt5-5.15.8_20230304_d8b881f0-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
l/serf-1.3.9-x86_64-8.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/alpine-2.26-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/bind-9.18.12-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/curl-7.88.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/cyrus-sasl-2.1.28-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/dovecot-2.3.20-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/epic5-2.1.12-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/fetchmail-6.4.37-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/htdig-3.2.0b6-x86_64-9.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/httpd-2.4.56-x86_64-1.txz: Upgraded.
This update fixes two security issues:
HTTP Response Smuggling vulnerability via mod_proxy_uwsgi.
HTTP Request Smuggling attack via mod_rewrite and mod_proxy.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.56
https://www.cve.org/CVERecord?id=CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-25690
(* Security fix *)
NOTE: This package is compiled against openssl-3.0.8.
n/irssi-1.4.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/krb5-1.20.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lftp-4.9.2-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/links-2.28-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/lynx-2.9.0dev.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/mutt-2.2.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/net-snmp-5.9.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/netatalk-3.1.14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/nmap-7.93-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ntp-4.2.8p15-x86_64-12.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openldap-2.6.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssh-9.2p1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/openssl-3.0.8-x86_64-1.txz: Upgraded.
Shared library .so-version bump.
n/openssl11-1.1.1t-x86_64-1.txz: Added.
n/openvpn-2.6.0-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/php-8.2.3-x86_64-1.txz: Upgraded.
Compiled against openssl-3.0.8.
n/pidentd-3.0.19-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/popa3d-1.0.3-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/postfix-3.7.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/ppp-2.4.9-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/proftpd-1.3.8-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/rsync-3.2.7-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/s-nail-14.9.24-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/samba-4.18.0-x86_64-1.txz: Upgraded.
Build with the bundled Heimdal instead of the system MIT Kerberos.
Thanks again to rpenny.
n/slrn-1.0.3a-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/snownews-1.9-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/socat-1.7.4.4-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/stunnel-5.69-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/tcpdump-4.99.3-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wget-1.21.3-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
n/wpa_supplicant-2.10-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/freerdp-2.10.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gftp-2.9.1b-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/gkrellm-2.3.11-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/hexchat-2.16.1-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/sane-1.0.32-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/x3270-4.0ga14-x86_64-3.txz: Rebuilt.
Recompiled against openssl-3.0.8.
xap/xine-lib-1.2.13-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
y/bsd-games-2.17-x86_64-4.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/php80/php80-8.0.28-x86_64-1.txz: Removed.
extra/php81/php81-8.1.16-x86_64-1.txz: Removed.
extra/rust-for-mozilla/rust-1.60.0-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-8.17.1-x86_64-7.txz: Rebuilt.
Recompiled against openssl-3.0.8.
extra/sendmail/sendmail-cf-8.17.1-noarch-7.txz: Rebuilt.
testing/packages/rust-1.67.1-x86_64-2.txz: Rebuilt.
Recompiled against openssl-3.0.8.
testing/packages/samba-4.17.5-x86_64-2.txz: Removed.
Diffstat (limited to 'pasture/source')
| -rwxr-xr-x | pasture/source/apmd/apmd.SlackBuild | 114 | ||||
| -rw-r--r-- | pasture/source/apmd/slack-desc | 19 | ||||
| -rwxr-xr-x | pasture/source/libpng14/libpng14.SlackBuild | 133 | ||||
| -rw-r--r-- | pasture/source/libpng14/slack-desc | 19 | ||||
| -rw-r--r-- | pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch | 1309 | ||||
| -rw-r--r-- | pasture/source/php/doinst.sh | 30 | ||||
| -rwxr-xr-x | pasture/source/php/fetch-php.sh | 2 | ||||
| -rw-r--r-- | pasture/source/php/mod_php.conf.example | 29 | ||||
| -rw-r--r-- | pasture/source/php/php-fpm.conf.diff | 28 | ||||
| -rwxr-xr-x | pasture/source/php/php.SlackBuild | 317 | ||||
| -rw-r--r-- | pasture/source/php/php.ini-development.diff | 62 | ||||
| -rw-r--r-- | pasture/source/php/slack-desc | 19 |
12 files changed, 0 insertions, 2081 deletions
diff --git a/pasture/source/apmd/apmd.SlackBuild b/pasture/source/apmd/apmd.SlackBuild deleted file mode 100755 index b17ddf36f..000000000 --- a/pasture/source/apmd/apmd.SlackBuild +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/sh - -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -VERSION=${VERSION:-3.2.2} -BUILD=${BUILD:-3} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -NUMJOBS=${NUMJOBS:-" -j7 "} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-apmd - -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" -fi - -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $TMP -rm -rf apmd-$VERSION -tar xvf $CWD/apmd-$VERSION.tar.bz2 || exit 1 -cd apmd-$VERSION - -if [ "$ARCH" = "x86_64" ]; then - sed -i -e "s#/lib#/lib64#" Makefile -fi - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" make $NUMJOBS || exit 1 -CFLAGS="$SLKCFLAGS" make install DESTDIR=$PKG - -( cd xbattery - cp ../.libs/libapm.a .. - xmkmf - make -j3 -) - -mkdir -p $PKG/usr/bin -cat xapm > $PKG/usr/bin/xapm -cat xbattery/xbattery > $PKG/usr/bin/xbattery -chmod 755 $PKG/usr/bin/{xapm,xbattery} - -( cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -mkdir -p $PKG/usr/man/man1 -cat xbattery/xbattery.man | gzip -9c > $PKG/usr/man/man1/xbattery.1.gz -for page in apm.1 apmsleep.1 on_ac_power.1 xapm.1 ; do - cat $page | gzip -9c > $PKG/usr/man/man1/${page}.gz -done -mkdir -p $PKG/usr/man/man8 -cat apmd.8 | gzip -9c > $PKG/usr/man/man8/apmd.8.gz -mkdir -p $PKG/usr/man/fr/man1 -cat apmsleep.fr.1 | gzip -9c > $PKG/usr/man/fr/man1/apmsleep.1.gz - -# Remove this version since the one in pm-utils is better: -rm -f $PKG/usr/bin/on_ac_power -rm -f $PKG/usr/man/man1/on_ac_power.1.gz - -mkdir -p $PKG/usr/doc/apmd-$VERSION -cp -a \ - AUTHORS COPYING LSM README apmlib.COPYING apmsleep.README \ - $PKG/usr/doc/apmd-$VERSION -cp -a xbattery/README $PKG/usr/doc/apmd-$VERSION/README.xbattery - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -# Build the package: -cd $PKG -makepkg -c n -l y $TMP/apmd-$VERSION-$ARCH-$BUILD.txz - diff --git a/pasture/source/apmd/slack-desc b/pasture/source/apmd/slack-desc deleted file mode 100644 index 614c6d1dc..000000000 --- a/pasture/source/apmd/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' on -# the right side marks the last column you can put a character in. You must make -# exactly 11 lines for the formatting to be correct. It's also customary to -# leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -apmd: apmd (Advanced Power Management daemon) -apmd: -apmd: apmd is an APM monitoring daemon, and works in conjunction with the -apmd: APM BIOS driver in the kernel. Apmd (and the included tools) handle -apmd: tasks such as automatically putting a laptop into suspend when the -apmd: power level drop below a certain point. This package also includes -apmd: the graphical power management tools xapm and xbattery. -apmd: -apmd: The apmd tools were written by Rik Faith and are maintained by -apmd: Avery Pennarun. xbattery was written by Nathan Sidwell. -apmd: diff --git a/pasture/source/libpng14/libpng14.SlackBuild b/pasture/source/libpng14/libpng14.SlackBuild deleted file mode 100755 index d6a98ea5b..000000000 --- a/pasture/source/libpng14/libpng14.SlackBuild +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/sh - -# Copyright 2005-2011, 2018 Patrick J. Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -VERSION_NEW=1.4.22 -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i586 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -if [ "$ARCH" = "x86_64" ]; then - LIBDIRSUFFIX="64" -else - LIBDIRSUFFIX="" -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-libpng -rm -rf $PKG -mkdir -p $TMP $PKG/usr - -build_source() { - -cd $TMP -rm -rf libpng-$VERSION -tar xvf $CWD/libpng-$VERSION.tar.?z* || exit 1 -cd libpng-$VERSION -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -# Look like using ./configure is the only way that works now... -./configure --prefix=/usr \ - --libdir=/usr/lib${LIBDIRSUFFIX} \ - --mandir=/usr/man - -make -j4 prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} ZLIBLIB="-L/usr/lib${LIBDIRSUFFIX} -lm -lz" || exit 1 -make install prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} ZLIBLIB="-L/usr/lib${LIBDIRSUFFIX} -lm -lz" DESTDIR=$PKG - -# Don't package these: -rm $PKG/usr/lib${LIBDIRSUFFIX}/*.{a,la} - -# I'm ditching this to see if anyone cares. -# -## This symlink is needed to keep old applications running: -## I guess the real lib used the major number 3, then 0 for -## a short while, and now .3 again. Hopefully it will stay -## this way as it was .3 in Slackware 10.2. One can hope. -#( cd $PKG/usr/lib${LIBDIRSUFFIX} -# if [ ! -e libpng.so.0 -a -e libpng.so.3 ]; then -# ln -sf libpng.so.3 libpng.so.0 -# fi -#) - -# Well, glad I got rid of the above, but <someone> upstream still does not -# grok shared libraries on Linux it seems -- libpng-1.4.0 caused all the -# newly compiled binaries to want libpng.so.14, and now libpng-1.4.1 -# wants to change that to libpng14.so.14. Searching online finds that -# we are not the only ones with binaries that want libpng.so.14, so we -# are forced to provide a compatibility symlink again... :-/ -# -# We'll try to remove this in 5 to 10 years, just like before. -( cd $PKG/usr/lib${LIBDIRSUFFIX} - if [ ! -e libpng.so.14 -a -e libpng14.so.14 ]; then - ln -sf libpng14.so.14 libpng.so.14 - fi -) - -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -#gzip -9 --force $PKG/usr/man/man?/*.? -rm -rf $PKG/usr/man - -mkdir -p $PKG/usr/doc/libpng-$VERSION -cp -a \ - ANNOUNCE CHANGES INSTALL KNOWNBUG LICENSE README TODO Y2KINFO \ - libpng*.txt example.c \ - $PKG/usr/doc/libpng-$VERSION - -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/libpng-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi - -} - -# Build the 1.4 version: -VERSION=$VERSION_NEW -build_source - -# Default the includes to version 1.4.x: -#( cd $PKG/usr/include ; ln -sf libpng14 libpng ) - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -cd $PKG -/sbin/makepkg -l y -c n $TMP/libpng14-$VERSION-$ARCH-$BUILD.txz - diff --git a/pasture/source/libpng14/slack-desc b/pasture/source/libpng14/slack-desc deleted file mode 100644 index 9a05c432b..000000000 --- a/pasture/source/libpng14/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -libpng14: libpng14 (Portable Network Graphics library v1.4) -libpng14: -libpng14: PNG (Portable Network Graphics) is an extensible file format for the -libpng14: lossless, portable, well-compressed storage of raster images. PNG -libpng14: provides a patent-free replacement for GIF and can also replace many -libpng14: common uses of TIFF. Indexed-color, grayscale, and truecolor images -libpng14: are supported, plus an optional alpha channel. Sample depths range -libpng14: from 1 to 16 bits. -libpng14: -libpng14: -libpng14: diff --git a/pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch b/pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch deleted file mode 100644 index 3809ca3c7..000000000 --- a/pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch +++ /dev/null @@ -1,1309 +0,0 @@ -diff -rupN php-5.6.31.orig/ext/openssl/openssl.c php-5.6.31/ext/openssl/openssl.c ---- php-5.6.31.orig/ext/openssl/openssl.c 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/openssl.c 2017-08-01 10:55:28.108819344 +0200 -@@ -42,6 +42,12 @@ - - /* OpenSSL includes */ - #include <openssl/evp.h> -+#if OPENSSL_VERSION_NUMBER >= 0x10002000L -+#include <openssl/bn.h> -+#include <openssl/rsa.h> -+#include <openssl/dsa.h> -+#include <openssl/dh.h> -+#endif - #include <openssl/x509.h> - #include <openssl/x509v3.h> - #include <openssl/crypto.h> -@@ -531,6 +537,133 @@ zend_module_entry openssl_module_entry = - ZEND_GET_MODULE(openssl) - #endif - -+/* {{{ OpenSSL compatibility functions and macros */ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER) -+#define EVP_PKEY_get0_RSA(_pkey) _pkey->pkey.rsa -+#define EVP_PKEY_get0_DH(_pkey) _pkey->pkey.dh -+#define EVP_PKEY_get0_DSA(_pkey) _pkey->pkey.dsa -+#define EVP_PKEY_get0_EC_KEY(_pkey) _pkey->pkey.ec -+ -+static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) -+{ -+ r->n = n; -+ r->e = e; -+ r->d = d; -+ -+ return 1; -+} -+ -+static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) -+{ -+ r->p = p; -+ r->q = q; -+ -+ return 1; -+} -+ -+static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) -+{ -+ r->dmp1 = dmp1; -+ r->dmq1 = dmq1; -+ r->iqmp = iqmp; -+ -+ return 1; -+} -+ -+static void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+ *n = r->n; -+ *e = r->e; -+ *d = r->d; -+} -+ -+static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) -+{ -+ *p = r->p; -+ *q = r->q; -+} -+ -+static void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) -+{ -+ *dmp1 = r->dmp1; -+ *dmq1 = r->dmq1; -+ *iqmp = r->iqmp; -+} -+ -+static void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ *p = dh->p; -+ *q = dh->q; -+ *g = dh->g; -+} -+ -+static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ dh->p = p; -+ dh->q = q; -+ dh->g = g; -+ -+ return 1; -+} -+ -+static void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ *pub_key = dh->pub_key; -+ *priv_key = dh->priv_key; -+} -+ -+static int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) -+{ -+ dh->pub_key = pub_key; -+ dh->priv_key = priv_key; -+ -+ return 1; -+} -+ -+static void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+ *p = d->p; -+ *q = d->q; -+ *g = d->g; -+} -+ -+int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ d->p = p; -+ d->q = q; -+ d->g = g; -+ -+ return 1; -+} -+ -+static void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ *pub_key = d->pub_key; -+ *priv_key = d->priv_key; -+} -+ -+int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) -+{ -+ d->pub_key = pub_key; -+ d->priv_key = priv_key; -+ -+ return 1; -+} -+ -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined (LIBRESSL_VERSION_NUMBER) -+#define EVP_PKEY_id(_pkey) _pkey->type -+#define EVP_PKEY_base_id(_key) EVP_PKEY_type(_key->type) -+ -+static int X509_get_signature_nid(const X509 *x) -+{ -+ return OBJ_obj2nid(x->sig_alg->algorithm); -+} -+ -+#endif -+ -+#endif -+/* }}} */ -+ - static int le_key; - static int le_x509; - static int le_csr; -@@ -825,7 +958,7 @@ static int add_oid_section(struct php_x5 - } - for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { - cnf = sk_CONF_VALUE_value(sktmp, i); -- if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { -+ if (OBJ_sn2nid(cnf->name) == NID_undef && OBJ_ln2nid(cnf->name) == NID_undef && OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "problem creating object %s=%s", cnf->name, cnf->value); - return FAILURE; - } -@@ -967,7 +1100,7 @@ static void php_openssl_dispose_config(s - } - /* }}} */ - --#ifdef PHP_WIN32 -+#if defined(PHP_WIN32) || (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) - #define PHP_OPENSSL_RAND_ADD_TIME() ((void) 0) - #else - #define PHP_OPENSSL_RAND_ADD_TIME() php_openssl_rand_add_timeval() -@@ -1053,9 +1186,11 @@ static EVP_MD * php_openssl_get_evp_md_f - mdtype = (EVP_MD *) EVP_md2(); - break; - #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER) - case OPENSSL_ALGO_DSS1: - mdtype = (EVP_MD *) EVP_dss1(); - break; -+#endif - #if OPENSSL_VERSION_NUMBER >= 0x0090708fL - case OPENSSL_ALGO_SHA224: - mdtype = (EVP_MD *) EVP_sha224(); -@@ -1146,6 +1281,12 @@ PHP_MINIT_FUNCTION(openssl) - OpenSSL_add_all_digests(); - OpenSSL_add_all_algorithms(); - -+#if !defined(OPENSSL_NO_AES) && defined(EVP_CIPH_CCM_MODE) && OPENSSL_VERSION_NUMBER < 0x100020000 -+ EVP_add_cipher(EVP_aes_128_ccm()); -+ EVP_add_cipher(EVP_aes_192_ccm()); -+ EVP_add_cipher(EVP_aes_256_ccm()); -+#endif -+ - SSL_load_error_strings(); - - /* register a resource id number with OpenSSL so that we can map SSL -> stream structures in -@@ -1173,7 +1314,9 @@ PHP_MINIT_FUNCTION(openssl) - #ifdef HAVE_OPENSSL_MD2_H - REGISTER_LONG_CONSTANT("OPENSSL_ALGO_MD2", OPENSSL_ALGO_MD2, CONST_CS|CONST_PERSISTENT); - #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined (LIBRESSL_VERSION_NUMBER) - REGISTER_LONG_CONSTANT("OPENSSL_ALGO_DSS1", OPENSSL_ALGO_DSS1, CONST_CS|CONST_PERSISTENT); -+#endif - #if OPENSSL_VERSION_NUMBER >= 0x0090708fL - REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA224", OPENSSL_ALGO_SHA224, CONST_CS|CONST_PERSISTENT); - REGISTER_LONG_CONSTANT("OPENSSL_ALGO_SHA256", OPENSSL_ALGO_SHA256, CONST_CS|CONST_PERSISTENT); -@@ -1251,7 +1394,9 @@ PHP_MINIT_FUNCTION(openssl) - } - - php_stream_xport_register("ssl", php_openssl_ssl_socket_factory TSRMLS_CC); -+#ifndef OPENSSL_NO_SSL3 - php_stream_xport_register("sslv3", php_openssl_ssl_socket_factory TSRMLS_CC); -+#endif - #ifndef OPENSSL_NO_SSL2 - php_stream_xport_register("sslv2", php_openssl_ssl_socket_factory TSRMLS_CC); - #endif -@@ -1308,7 +1453,9 @@ PHP_MSHUTDOWN_FUNCTION(openssl) - #ifndef OPENSSL_NO_SSL2 - php_stream_xport_unregister("sslv2" TSRMLS_CC); - #endif -+#ifndef OPENSSL_NO_SSL3 - php_stream_xport_unregister("sslv3" TSRMLS_CC); -+#endif - php_stream_xport_unregister("tls" TSRMLS_CC); - php_stream_xport_unregister("tlsv1.0" TSRMLS_CC); - #if OPENSSL_VERSION_NUMBER >= 0x10001001L -@@ -1893,6 +2040,7 @@ static int openssl_x509v3_subjectAltName - { - GENERAL_NAMES *names; - const X509V3_EXT_METHOD *method = NULL; -+ ASN1_OCTET_STRING *extension_data; - long i, length, num; - const unsigned char *p; - -@@ -1901,8 +2049,9 @@ static int openssl_x509v3_subjectAltName - return -1; - } - -- p = extension->value->data; -- length = extension->value->length; -+ extension_data = X509_EXTENSION_get_data(extension); -+ p = extension_data->data; -+ length = extension_data->length; - if (method->it) { - names = (GENERAL_NAMES*)(ASN1_item_d2i(NULL, &p, length, - ASN1_ITEM_ptr(method->it))); -@@ -1965,6 +2114,8 @@ PHP_FUNCTION(openssl_x509_parse) - char * tmpstr; - zval * subitem; - X509_EXTENSION *extension; -+ X509_NAME *subject_name; -+ char *cert_name; - char *extname; - BIO *bio_out; - BUF_MEM *bio_buf; -@@ -1979,10 +2130,10 @@ PHP_FUNCTION(openssl_x509_parse) - } - array_init(return_value); - -- if (cert->name) { -- add_assoc_string(return_value, "name", cert->name, 1); -- } --/* add_assoc_bool(return_value, "valid", cert->valid); */ -+ subject_name = X509_get_subject_name(cert); -+ cert_name = X509_NAME_oneline(subject_name, NULL, 0); -+ add_assoc_string(return_value, "name", cert_name, 1); -+ OPENSSL_free(cert_name); - - add_assoc_name_entry(return_value, "subject", X509_get_subject_name(cert), useshortnames TSRMLS_CC); - /* hash as used in CA directories to lookup cert by subject name */ -@@ -2008,7 +2159,7 @@ PHP_FUNCTION(openssl_x509_parse) - add_assoc_string(return_value, "alias", tmpstr, 1); - } - -- sig_nid = OBJ_obj2nid((cert)->sig_alg->algorithm); -+ sig_nid = X509_get_signature_nid(cert); - add_assoc_string(return_value, "signatureTypeSN", (char*)OBJ_nid2sn(sig_nid), 1); - add_assoc_string(return_value, "signatureTypeLN", (char*)OBJ_nid2ln(sig_nid), 1); - add_assoc_long(return_value, "signatureTypeNID", sig_nid); -@@ -3217,7 +3368,21 @@ PHP_FUNCTION(openssl_csr_get_public_key) - RETURN_FALSE; - } - -- tpubkey=X509_REQ_get_pubkey(csr); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ /* Due to changes in OpenSSL 1.1 related to locking when decoding CSR, -+ * the pub key is not changed after assigning. It means if we pass -+ * a private key, it will be returned including the private part. -+ * If we duplicate it, then we get just the public part which is -+ * the same behavior as for OpenSSL 1.0 */ -+ csr = X509_REQ_dup(csr); -+#endif -+ /* Retrieve the public key from the CSR */ -+ tpubkey = X509_REQ_get_pubkey(csr); -+ -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) -+ /* We need to free the CSR as it was duplicated */ -+ X509_REQ_free(csr); -+#endif - RETVAL_RESOURCE(zend_list_insert(tpubkey, le_key TSRMLS_CC)); - return; - } -@@ -3482,13 +3647,20 @@ static int php_openssl_is_private_key(EV - { - assert(pkey != NULL); - -- switch (pkey->type) { -+ switch (EVP_PKEY_id(pkey)) { - #ifndef NO_RSA - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: -- assert(pkey->pkey.rsa != NULL); -- if (pkey->pkey.rsa != NULL && (NULL == pkey->pkey.rsa->p || NULL == pkey->pkey.rsa->q)) { -- return 0; -+ { -+ RSA *rsa = EVP_PKEY_get0_RSA(pkey); -+ if (rsa != NULL) { -+ const BIGNUM *p, *q; -+ -+ RSA_get0_factors(rsa, &p, &q); -+ if (p == NULL || q == NULL) { -+ return 0; -+ } -+ } - } - break; - #endif -@@ -3498,28 +3670,51 @@ static int php_openssl_is_private_key(EV - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: -- assert(pkey->pkey.dsa != NULL); -- -- if (NULL == pkey->pkey.dsa->p || NULL == pkey->pkey.dsa->q || NULL == pkey->pkey.dsa->priv_key){ -- return 0; -+ { -+ DSA *dsa = EVP_PKEY_get0_DSA(pkey); -+ if (dsa != NULL) { -+ const BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ DSA_get0_pqg(dsa, &p, &q, &g); -+ if (p == NULL || q == NULL) { -+ return 0; -+ } -+ -+ DSA_get0_key(dsa, &pub_key, &priv_key); -+ if (priv_key == NULL) { -+ return 0; -+ } -+ } - } - break; - #endif - #ifndef NO_DH - case EVP_PKEY_DH: -- assert(pkey->pkey.dh != NULL); -- -- if (NULL == pkey->pkey.dh->p || NULL == pkey->pkey.dh->priv_key) { -- return 0; -+ { -+ DH *dh = EVP_PKEY_get0_DH(pkey); -+ if (dh != NULL) { -+ const BIGNUM *p, *q, *g, *pub_key, *priv_key; -+ -+ DH_get0_pqg(dh, &p, &q, &g); -+ if (p == NULL) { -+ return 0; -+ } -+ -+ DH_get0_key(dh, &pub_key, &priv_key); -+ if (priv_key == NULL) { -+ return 0; -+ } -+ } - } - break; - #endif - #ifdef HAVE_EVP_PKEY_EC - case EVP_PKEY_EC: -- assert(pkey->pkey.ec != NULL); -- -- if ( NULL == EC_KEY_get0_private_key(pkey->pkey.ec)) { -- return 0; -+ { -+ EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); -+ if (ec != NULL && NULL == EC_KEY_get0_private_key(ec)) { -+ return 0; -+ } - } - break; - #endif -@@ -3531,34 +3726,80 @@ static int php_openssl_is_private_key(EV - } - /* }}} */ - --#define OPENSSL_PKEY_GET_BN(_type, _name) do { \ -- if (pkey->pkey._type->_name != NULL) { \ -- int len = BN_num_bytes(pkey->pkey._type->_name); \ -- char *str = emalloc(len + 1); \ -- BN_bn2bin(pkey->pkey._type->_name, (unsigned char*)str); \ -- str[len] = 0; \ -- add_assoc_stringl(_type, #_name, str, len, 0); \ -- } \ -- } while (0) -- --#define OPENSSL_PKEY_SET_BN(_ht, _type, _name) do { \ -- zval **bn; \ -- if (zend_hash_find(_ht, #_name, sizeof(#_name), (void**)&bn) == SUCCESS && \ -- Z_TYPE_PP(bn) == IS_STRING) { \ -- _type->_name = BN_bin2bn( \ -- (unsigned char*)Z_STRVAL_PP(bn), \ -- Z_STRLEN_PP(bn), NULL); \ -- } \ -+#define OPENSSL_GET_BN(_array, _bn, _name) do { \ -+ if (_bn != NULL) { \ -+ int len = BN_num_bytes(_bn); \ -+ char *str = emalloc(len + 1); \ -+ BN_bn2bin(_bn, (unsigned char*)str); \ -+ str[len] = 0; \ -+ add_assoc_stringl(_array, #_name, str, len, 0); \ -+ } \ - } while (0); - -+#define OPENSSL_PKEY_GET_BN(_type, _name) OPENSSL_GET_BN(_type, _name, _name) -+ -+#define OPENSSL_PKEY_SET_BN(_data, _name) do { \ -+ zval **bn; \ -+ if (zend_hash_find(Z_ARRVAL_P(_data), #_name, sizeof(#_name),(void**)&bn) == SUCCESS && \ -+ Z_TYPE_PP(bn) == IS_STRING) { \ -+ _name = BN_bin2bn( \ -+ (unsigned char*)Z_STRVAL_PP(bn), \ -+ Z_STRLEN_PP(bn), NULL); \ -+ } else { \ -+ _name = NULL; \ -+ } \ -+ } while (0); -+ -+/* {{{ php_openssl_pkey_init_rsa */ -+zend_bool php_openssl_pkey_init_and_assign_rsa(EVP_PKEY *pkey, RSA *rsa, zval *data) -+{ -+ BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; -+ -+ OPENSSL_PKEY_SET_BN(data, n); -+ OPENSSL_PKEY_SET_BN(data, e); -+ OPENSSL_PKEY_SET_BN(data, d); -+ if (!n || !d || !RSA_set0_key(rsa, n, e, d)) { -+ return 0; -+ } -+ -+ OPENSSL_PKEY_SET_BN(data, p); -+ OPENSSL_PKEY_SET_BN(data, q); -+ if ((p || q) && !RSA_set0_factors(rsa, p, q)) { -+ return 0; -+ } -+ -+ OPENSSL_PKEY_SET_BN(data, dmp1); -+ OPENSSL_PKEY_SET_BN(data, dmq1); -+ OPENSSL_PKEY_SET_BN(data, iqmp); -+ if ((dmp1 || dmq1 || iqmp) && !RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) { -+ return 0; -+ } -+ -+ if (!EVP_PKEY_assign_RSA(pkey, rsa)) { -+ return 0; -+ } -+ -+ return 1; -+} -+/* }}} */ -+ - /* {{{ php_openssl_pkey_init_dsa */ --zend_bool php_openssl_pkey_init_dsa(DSA *dsa) -+zend_bool php_openssl_pkey_init_dsa(DSA *dsa, zval *data) - { -- if (!dsa->p || !dsa->q || !dsa->g) { -+ BIGNUM *p, *q, *g, *priv_key, *pub_key; -+ const BIGNUM *priv_key_const, *pub_key_const; -+ -+ OPENSSL_PKEY_SET_BN(data, p); -+ OPENSSL_PKEY_SET_BN(data, q); -+ OPENSSL_PKEY_SET_BN(data, g); -+ if (!p || !q || !g || !DSA_set0_pqg(dsa, p, q, g)) { - return 0; - } -- if (dsa->priv_key || dsa->pub_key) { -- return 1; -+ -+ OPENSSL_PKEY_SET_BN(data, pub_key); -+ OPENSSL_PKEY_SET_BN(data, priv_key); -+ if (pub_key) { -+ return DSA_set0_key(dsa, pub_key, priv_key); - } - PHP_OPENSSL_RAND_ADD_TIME(); - if (!DSA_generate_key(dsa)) { -@@ -3566,7 +3807,8 @@ zend_bool php_openssl_pkey_init_dsa(DSA - } - /* if BN_mod_exp return -1, then DSA_generate_key succeed for failed key - * so we need to double check that public key is created */ -- if (!dsa->pub_key || BN_is_zero(dsa->pub_key)) { -+ DSA_get0_key(dsa, &pub_key_const, &priv_key_const); -+ if (!pub_key_const || BN_is_zero(pub_key_const)) { - return 0; - } - /* all good */ -@@ -3574,14 +3816,66 @@ zend_bool php_openssl_pkey_init_dsa(DSA - } - /* }}} */ - -+/* {{{ php_openssl_dh_pub_from_priv */ -+static BIGNUM *php_openssl_dh_pub_from_priv(BIGNUM *priv_key, BIGNUM *g, BIGNUM *p) -+{ -+ BIGNUM *pub_key, *priv_key_const_time; -+ BN_CTX *ctx; -+ -+ pub_key = BN_new(); -+ if (pub_key == NULL) { -+ return NULL; -+ } -+ -+ priv_key_const_time = BN_new(); -+ if (priv_key_const_time == NULL) { -+ BN_free(pub_key); -+ return NULL; -+ } -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) { -+ BN_free(pub_key); -+ BN_free(priv_key_const_time); -+ return NULL; -+ } -+ -+ BN_with_flags(priv_key_const_time, priv_key, BN_FLG_CONSTTIME); -+ -+ if (!BN_mod_exp_mont(pub_key, g, priv_key_const_time, p, ctx, NULL)) { -+ BN_free(pub_key); -+ pub_key = NULL; -+ } -+ -+ BN_free(priv_key_const_time); -+ BN_CTX_free(ctx); -+ -+ return pub_key; -+} -+/* }}} */ -+ - /* {{{ php_openssl_pkey_init_dh */ --zend_bool php_openssl_pkey_init_dh(DH *dh) -+zend_bool php_openssl_pkey_init_dh(DH *dh, zval *data) - { -- if (!dh->p || !dh->g) { -+ BIGNUM *p, *q, *g, *priv_key, *pub_key; -+ -+ OPENSSL_PKEY_SET_BN(data, p); -+ OPENSSL_PKEY_SET_BN(data, q); -+ OPENSSL_PKEY_SET_BN(data, g); -+ if (!p || !g || !DH_set0_pqg(dh, p, q, g)) { - return 0; - } -- if (dh->pub_key) { -- return 1; -+ -+ OPENSSL_PKEY_SET_BN(data, priv_key); -+ OPENSSL_PKEY_SET_BN(data, pub_key); -+ if (pub_key) { -+ return DH_set0_key(dh, pub_key, priv_key); -+ } -+ if (priv_key) { -+ pub_key = php_openssl_dh_pub_from_priv(priv_key, g, p); -+ if (pub_key == NULL) { -+ return 0; -+ } -+ return DH_set0_key(dh, pub_key, priv_key); - } - PHP_OPENSSL_RAND_ADD_TIME(); - if (!DH_generate_key(dh)) { -@@ -3614,18 +3908,8 @@ PHP_FUNCTION(openssl_pkey_new) - if (pkey) { - RSA *rsa = RSA_new(); - if (rsa) { -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, n); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, e); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, d); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, p); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, q); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmp1); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, dmq1); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), rsa, iqmp); -- if (rsa->n && rsa->d) { -- if (EVP_PKEY_assign_RSA(pkey, rsa)) { -- RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC)); -- } -+ if (php_openssl_pkey_init_and_assign_rsa(pkey, rsa, *data)) { -+ RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC)); - } - RSA_free(rsa); - } -@@ -3638,12 +3922,7 @@ PHP_FUNCTION(openssl_pkey_new) - if (pkey) { - DSA *dsa = DSA_new(); - if (dsa) { -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, p); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, q); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, g); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, priv_key); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dsa, pub_key); -- if (php_openssl_pkey_init_dsa(dsa)) { -+ if (php_openssl_pkey_init_dsa(dsa, *data)) { - if (EVP_PKEY_assign_DSA(pkey, dsa)) { - RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC)); - } -@@ -3659,11 +3938,7 @@ PHP_FUNCTION(openssl_pkey_new) - if (pkey) { - DH *dh = DH_new(); - if (dh) { -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, p); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, g); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, priv_key); -- OPENSSL_PKEY_SET_BN(Z_ARRVAL_PP(data), dh, pub_key); -- if (php_openssl_pkey_init_dh(dh)) { -+ if (php_openssl_pkey_init_dh(dh, *data)) { - if (EVP_PKEY_assign_DH(pkey, dh)) { - RETURN_RESOURCE(zend_list_insert(pkey, le_key TSRMLS_CC)); - } -@@ -3738,10 +4013,10 @@ PHP_FUNCTION(openssl_pkey_export_to_file - cipher = NULL; - } - -- switch (EVP_PKEY_type(key->type)) { -+ switch (EVP_PKEY_base_id(key)) { - #ifdef HAVE_EVP_PKEY_EC - case EVP_PKEY_EC: -- pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); -+ pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get0_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); - break; - #endif - default: -@@ -3807,7 +4082,7 @@ PHP_FUNCTION(openssl_pkey_export) - cipher = NULL; - } - -- switch (EVP_PKEY_type(key->type)) { -+ switch (EVP_PKEY_base_id(key)) { - #ifdef HAVE_EVP_PKEY_EC - case EVP_PKEY_EC: - pem_write = PEM_write_bio_ECPrivateKey(bio_out, EVP_PKEY_get1_EC_KEY(key), cipher, (unsigned char *)passphrase, passphrase_len, NULL, NULL); -@@ -3928,25 +4203,33 @@ PHP_FUNCTION(openssl_pkey_get_details) - /*TODO: Use the real values once the openssl constants are used - * See the enum at the top of this file - */ -- switch (EVP_PKEY_type(pkey->type)) { -+ switch (EVP_PKEY_base_id(pkey)) { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: -- ktype = OPENSSL_KEYTYPE_RSA; -- -- if (pkey->pkey.rsa != NULL) { -- zval *rsa; -- -- ALLOC_INIT_ZVAL(rsa); -- array_init(rsa); -- OPENSSL_PKEY_GET_BN(rsa, n); -- OPENSSL_PKEY_GET_BN(rsa, e); -- OPENSSL_PKEY_GET_BN(rsa, d); -- OPENSSL_PKEY_GET_BN(rsa, p); -- OPENSSL_PKEY_GET_BN(rsa, q); -- OPENSSL_PKEY_GET_BN(rsa, dmp1); -- OPENSSL_PKEY_GET_BN(rsa, dmq1); -- OPENSSL_PKEY_GET_BN(rsa, iqmp); -- add_assoc_zval(return_value, "rsa", rsa); -+ { -+ RSA *rsa = EVP_PKEY_get0_RSA(pkey); -+ ktype = OPENSSL_KEYTYPE_RSA; -+ -+ if (rsa != NULL) { -+ zval *z_rsa; -+ const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp; -+ -+ RSA_get0_key(rsa, &n, &e, &d); -+ RSA_get0_factors(rsa, &p, &q); -+ RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); -+ -+ ALLOC_INIT_ZVAL(z_rsa); -+ array_init(z_rsa); -+ OPENSSL_PKEY_GET_BN(z_rsa, n); -+ OPENSSL_PKEY_GET_BN(z_rsa, e); -+ OPENSSL_PKEY_GET_BN(z_rsa, d); -+ OPENSSL_PKEY_GET_BN(z_rsa, p); -+ OPENSSL_PKEY_GET_BN(z_rsa, q); -+ OPENSSL_PKEY_GET_BN(z_rsa, dmp1); -+ OPENSSL_PKEY_GET_BN(z_rsa, dmq1); -+ OPENSSL_PKEY_GET_BN(z_rsa, iqmp); -+ add_assoc_zval(return_value, "rsa", z_rsa); -+ } - } - - break; -@@ -3954,42 +4237,55 @@ PHP_FUNCTION(openssl_pkey_get_details) - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: -- ktype = OPENSSL_KEYTYPE_DSA; -- -- if (pkey->pkey.dsa != NULL) { -- zval *dsa; -- -- ALLOC_INIT_ZVAL(dsa); -- array_init(dsa); -- OPENSSL_PKEY_GET_BN(dsa, p); -- OPENSSL_PKEY_GET_BN(dsa, q); -- OPENSSL_PKEY_GET_BN(dsa, g); -- OPENSSL_PKEY_GET_BN(dsa, priv_key); -- OPENSSL_PKEY_GET_BN(dsa, pub_key); -- add_assoc_zval(return_value, "dsa", dsa); -+ { -+ DSA *dsa = EVP_PKEY_get0_DSA(pkey); -+ ktype = OPENSSL_KEYTYPE_DSA; -+ -+ if (dsa != NULL) { -+ zval *z_dsa; -+ const BIGNUM *p, *q, *g, *priv_key, *pub_key; -+ -+ DSA_get0_pqg(dsa, &p, &q, &g); -+ DSA_get0_key(dsa, &pub_key, &priv_key); -+ -+ ALLOC_INIT_ZVAL(z_dsa); -+ array_init(z_dsa); -+ OPENSSL_PKEY_GET_BN(z_dsa, p); -+ OPENSSL_PKEY_GET_BN(z_dsa, q); -+ OPENSSL_PKEY_GET_BN(z_dsa, g); -+ OPENSSL_PKEY_GET_BN(z_dsa, priv_key); -+ OPENSSL_PKEY_GET_BN(z_dsa, pub_key); -+ add_assoc_zval(return_value, "dsa", z_dsa); -+ } - } - break; - case EVP_PKEY_DH: -- -- ktype = OPENSSL_KEYTYPE_DH; -- -- if (pkey->pkey.dh != NULL) { -- zval *dh; -- -- ALLOC_INIT_ZVAL(dh); -- array_init(dh); -- OPENSSL_PKEY_GET_BN(dh, p); -- OPENSSL_PKEY_GET_BN(dh, g); -- OPENSSL_PKEY_GET_BN(dh, priv_key); -- OPENSSL_PKEY_GET_BN(dh, pub_key); -- add_assoc_zval(return_value, "dh", dh); -+ { -+ DH *dh = EVP_PKEY_get0_DH(pkey); -+ ktype = OPENSSL_KEYTYPE_DH; -+ -+ if (dh != NULL) { -+ zval *z_dh; -+ const BIGNUM *p, *q, *g, *priv_key, *pub_key; -+ -+ DH_get0_pqg(dh, &p, &q, &g); -+ DH_get0_key(dh, &pub_key, &priv_key); -+ -+ ALLOC_INIT_ZVAL(z_dh); -+ array_init(z_dh); -+ OPENSSL_PKEY_GET_BN(z_dh, p); -+ OPENSSL_PKEY_GET_BN(z_dh, g); -+ OPENSSL_PKEY_GET_BN(z_dh, priv_key); -+ OPENSSL_PKEY_GET_BN(z_dh, pub_key); -+ add_assoc_zval(return_value, "dh", z_dh); -+ } - } - - break; - #ifdef HAVE_EVP_PKEY_EC - case EVP_PKEY_EC: - ktype = OPENSSL_KEYTYPE_EC; -- if (pkey->pkey.ec != NULL) { -+ if (EVP_PKEY_get0_EC_KEY(pkey) != NULL) { - zval *ec; - const EC_GROUP *ec_group; - int nid; -@@ -4546,13 +4842,13 @@ PHP_FUNCTION(openssl_private_encrypt) - cryptedlen = EVP_PKEY_size(pkey); - cryptedbuf = emalloc(cryptedlen + 1); - -- switch (pkey->type) { -+ switch (EVP_PKEY_id(pkey)) { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - successful = (RSA_private_encrypt(data_len, - (unsigned char *)data, - cryptedbuf, -- pkey->pkey.rsa, -+ EVP_PKEY_get0_RSA(pkey), - padding) == cryptedlen); - break; - default: -@@ -4604,13 +4900,13 @@ PHP_FUNCTION(openssl_private_decrypt) - cryptedlen = EVP_PKEY_size(pkey); - crypttemp = emalloc(cryptedlen + 1); - -- switch (pkey->type) { -+ switch (EVP_PKEY_id(pkey)) { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - cryptedlen = RSA_private_decrypt(data_len, - (unsigned char *)data, - crypttemp, -- pkey->pkey.rsa, -+ EVP_PKEY_get0_RSA(pkey), - padding); - if (cryptedlen != -1) { - cryptedbuf = emalloc(cryptedlen + 1); -@@ -4669,13 +4965,13 @@ PHP_FUNCTION(openssl_public_encrypt) - cryptedlen = EVP_PKEY_size(pkey); - cryptedbuf = emalloc(cryptedlen + 1); - -- switch (pkey->type) { -+ switch (EVP_PKEY_id(pkey)) { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - successful = (RSA_public_encrypt(data_len, - (unsigned char *)data, - cryptedbuf, -- pkey->pkey.rsa, -+ EVP_PKEY_get0_RSA(pkey), - padding) == cryptedlen); - break; - default: -@@ -4728,13 +5024,13 @@ PHP_FUNCTION(openssl_public_decrypt) - cryptedlen = EVP_PKEY_size(pkey); - crypttemp = emalloc(cryptedlen + 1); - -- switch (pkey->type) { -+ switch (EVP_PKEY_id(pkey)) { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - cryptedlen = RSA_public_decrypt(data_len, - (unsigned char *)data, - crypttemp, -- pkey->pkey.rsa, -+ EVP_PKEY_get0_RSA(pkey), - padding); - if (cryptedlen != -1) { - cryptedbuf = emalloc(cryptedlen + 1); -@@ -4798,7 +5094,7 @@ PHP_FUNCTION(openssl_sign) - long keyresource = -1; - char * data; - int data_len; -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - zval *method = NULL; - long signature_algo = OPENSSL_ALGO_SHA1; - const EVP_MD *mdtype; -@@ -4831,9 +5127,10 @@ PHP_FUNCTION(openssl_sign) - siglen = EVP_PKEY_size(pkey); - sigbuf = emalloc(siglen + 1); - -- EVP_SignInit(&md_ctx, mdtype); -- EVP_SignUpdate(&md_ctx, data, data_len); -- if (EVP_SignFinal (&md_ctx, sigbuf,(unsigned int *)&siglen, pkey)) { -+ md_ctx = EVP_MD_CTX_create(); -+ EVP_SignInit(md_ctx, mdtype); -+ EVP_SignUpdate(md_ctx, data, data_len); -+ if (EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)&siglen, pkey)) { - zval_dtor(signature); - sigbuf[siglen] = '\0'; - ZVAL_STRINGL(signature, (char *)sigbuf, siglen, 0); -@@ -4842,7 +5139,7 @@ PHP_FUNCTION(openssl_sign) - efree(sigbuf); - RETVAL_FALSE; - } -- EVP_MD_CTX_cleanup(&md_ctx); -+ EVP_MD_CTX_destroy(md_ctx); - if (keyresource == -1) { - EVP_PKEY_free(pkey); - } -@@ -4856,7 +5153,7 @@ PHP_FUNCTION(openssl_verify) - zval **key; - EVP_PKEY *pkey; - int err; -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - const EVP_MD *mdtype; - long keyresource = -1; - char * data; int data_len; -@@ -4890,10 +5187,11 @@ PHP_FUNCTION(openssl_verify) - RETURN_FALSE; - } - -- EVP_VerifyInit (&md_ctx, mdtype); -- EVP_VerifyUpdate (&md_ctx, data, data_len); -- err = EVP_VerifyFinal (&md_ctx, (unsigned char *)signature, signature_len, pkey); -- EVP_MD_CTX_cleanup(&md_ctx); -+ md_ctx = EVP_MD_CTX_create(); -+ EVP_VerifyInit (md_ctx, mdtype); -+ EVP_VerifyUpdate (md_ctx, data, data_len); -+ err = EVP_VerifyFinal (md_ctx, (unsigned char *)signature, signature_len, pkey); -+ EVP_MD_CTX_destroy(md_ctx); - - if (keyresource == -1) { - EVP_PKEY_free(pkey); -@@ -4917,7 +5215,7 @@ PHP_FUNCTION(openssl_seal) - char *method =NULL; - int method_len = 0; - const EVP_CIPHER *cipher; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "szza/|s", &data, &data_len, &sealdata, &ekeys, &pubkeys, &method, &method_len) == FAILURE) { - return; -@@ -4950,6 +5248,7 @@ PHP_FUNCTION(openssl_seal) - memset(eks, 0, sizeof(*eks) * nkeys); - key_resources = safe_emalloc(nkeys, sizeof(long), 0); - memset(key_resources, 0, sizeof(*key_resources) * nkeys); -+ memset(pkeys, 0, sizeof(*pkeys) * nkeys); - - /* get the public keys we are using to seal this data */ - zend_hash_internal_pointer_reset_ex(pubkeysht, &pos); -@@ -4967,27 +5266,28 @@ PHP_FUNCTION(openssl_seal) - i++; - } - -- if (!EVP_EncryptInit(&ctx,cipher,NULL,NULL)) { -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL || !EVP_EncryptInit(ctx,cipher,NULL,NULL)) { - RETVAL_FALSE; -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - goto clean_exit; - } - - #if 0 - /* Need this if allow ciphers that require initialization vector */ -- ivlen = EVP_CIPHER_CTX_iv_length(&ctx); -+ ivlen = EVP_CIPHER_CTX_iv_length(ctx); - iv = ivlen ? emalloc(ivlen + 1) : NULL; - #endif - /* allocate one byte extra to make room for \0 */ -- buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(&ctx)); -- EVP_CIPHER_CTX_cleanup(&ctx); -+ buf = emalloc(data_len + EVP_CIPHER_CTX_block_size(ctx)); -+ EVP_CIPHER_CTX_cleanup(ctx); - -- if (EVP_SealInit(&ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 || -- !EVP_SealUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len) || -- !EVP_SealFinal(&ctx, buf + len1, &len2)) { -+ if (EVP_SealInit(ctx, cipher, eks, eksl, NULL, pkeys, nkeys) <= 0 || -+ !EVP_SealUpdate(ctx, buf, &len1, (unsigned char *)data, data_len) || -+ !EVP_SealFinal(ctx, buf + len1, &len2)) { - RETVAL_FALSE; - efree(buf); -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - goto clean_exit; - } - -@@ -5018,7 +5318,7 @@ PHP_FUNCTION(openssl_seal) - efree(buf); - } - RETVAL_LONG(len1 + len2); -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - - clean_exit: - for (i=0; i<nkeys; i++) { -@@ -5045,7 +5345,7 @@ PHP_FUNCTION(openssl_open) - int len1, len2; - unsigned char *buf; - long keyresource = -1; -- EVP_CIPHER_CTX ctx; -+ EVP_CIPHER_CTX *ctx; - char * data; int data_len; - char * ekey; int ekey_len; - char *method =NULL; -@@ -5074,8 +5374,9 @@ PHP_FUNCTION(openssl_open) - - buf = emalloc(data_len + 1); - -- if (EVP_OpenInit(&ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(&ctx, buf, &len1, (unsigned char *)data, data_len)) { -- if (!EVP_OpenFinal(&ctx, buf + len1, &len2) || (len1 + len2 == 0)) { -+ ctx = EVP_CIPHER_CTX_new(); -+ if (EVP_OpenInit(ctx, cipher, (unsigned char *)ekey, ekey_len, NULL, pkey) && EVP_OpenUpdate(ctx, buf, &len1, (unsigned char *)data, data_len)) { -+ if (!EVP_OpenFinal(ctx, buf + len1, &len2) || (len1 + len2 == 0)) { - efree(buf); - RETVAL_FALSE; - } else { -@@ -5091,7 +5392,7 @@ PHP_FUNCTION(openssl_open) - if (keyresource == -1) { - EVP_PKEY_free(pkey); - } -- EVP_CIPHER_CTX_cleanup(&ctx); -+ EVP_CIPHER_CTX_free(ctx); - } - /* }}} */ - -@@ -5151,7 +5452,7 @@ PHP_FUNCTION(openssl_digest) - char *data, *method; - int data_len, method_len; - const EVP_MD *mdtype; -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - int siglen; - unsigned char *sigbuf; - -@@ -5167,9 +5468,10 @@ PHP_FUNCTION(openssl_digest) - siglen = EVP_MD_size(mdtype); - sigbuf = emalloc(siglen + 1); - -- EVP_DigestInit(&md_ctx, mdtype); -- EVP_DigestUpdate(&md_ctx, (unsigned char *)data, data_len); -- if (EVP_DigestFinal (&md_ctx, (unsigned char *)sigbuf, (unsigned int *)&siglen)) { -+ md_ctx = EVP_MD_CTX_create(); -+ EVP_DigestInit(md_ctx, mdtype); -+ EVP_DigestUpdate(md_ctx, (unsigned char *)data, data_len); -+ if (EVP_DigestFinal (md_ctx, (unsigned char *)sigbuf, (unsigned int *)&siglen)) { - if (raw_output) { - sigbuf[siglen] = '\0'; - RETVAL_STRINGL((char *)sigbuf, siglen, 0); -@@ -5185,6 +5487,8 @@ PHP_FUNCTION(openssl_digest) - efree(sigbuf); - RETVAL_FALSE; - } -+ -+ EVP_MD_CTX_destroy(md_ctx); - } - /* }}} */ - -@@ -5230,7 +5534,7 @@ PHP_FUNCTION(openssl_encrypt) - char *data, *method, *password, *iv = ""; - int data_len, method_len, password_len, iv_len = 0, max_iv_len; - const EVP_CIPHER *cipher_type; -- EVP_CIPHER_CTX cipher_ctx; -+ EVP_CIPHER_CTX *cipher_ctx; - int i=0, outlen, keylen; - unsigned char *outbuf, *key; - zend_bool free_iv; -@@ -5262,19 +5566,24 @@ PHP_FUNCTION(openssl_encrypt) - outlen = data_len + EVP_CIPHER_block_size(cipher_type); - outbuf = safe_emalloc(outlen, 1, 1); - -- EVP_EncryptInit(&cipher_ctx, cipher_type, NULL, NULL); -+ cipher_ctx = EVP_CIPHER_CTX_new(); -+ if (!cipher_ctx) { -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create cipher context"); -+ RETURN_FALSE; -+ } -+ EVP_EncryptInit(cipher_ctx, cipher_type, NULL, NULL); - if (password_len > keylen) { -- EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len); -+ EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len); - } -- EVP_EncryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv); -+ EVP_EncryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv); - if (options & OPENSSL_ZERO_PADDING) { -- EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0); -+ EVP_CIPHER_CTX_set_padding(cipher_ctx, 0); - } - if (data_len > 0) { -- EVP_EncryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); -+ EVP_EncryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); - } - outlen = i; -- if (EVP_EncryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) { -+ if (EVP_EncryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) { - outlen += i; - if (options & OPENSSL_RAW_DATA) { - outbuf[outlen] = '\0'; -@@ -5301,7 +5610,8 @@ PHP_FUNCTION(openssl_encrypt) - if (free_iv) { - efree(iv); - } -- EVP_CIPHER_CTX_cleanup(&cipher_ctx); -+ EVP_CIPHER_CTX_cleanup(cipher_ctx); -+ EVP_CIPHER_CTX_free(cipher_ctx); - } - /* }}} */ - -@@ -5313,7 +5623,7 @@ PHP_FUNCTION(openssl_decrypt) - char *data, *method, *password, *iv = ""; - int data_len, method_len, password_len, iv_len = 0; - const EVP_CIPHER *cipher_type; -- EVP_CIPHER_CTX cipher_ctx; -+ EVP_CIPHER_CTX *cipher_ctx; - int i, outlen, keylen; - unsigned char *outbuf, *key; - int base64_str_len; -@@ -5359,17 +5669,23 @@ PHP_FUNCTION(openssl_decrypt) - outlen = data_len + EVP_CIPHER_block_size(cipher_type); - outbuf = emalloc(outlen + 1); - -- EVP_DecryptInit(&cipher_ctx, cipher_type, NULL, NULL); -+ cipher_ctx = EVP_CIPHER_CTX_new(); -+ if (!cipher_ctx) { -+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Failed to create cipher context"); -+ RETURN_FALSE; -+ } -+ -+ EVP_DecryptInit(cipher_ctx, cipher_type, NULL, NULL); - if (password_len > keylen) { -- EVP_CIPHER_CTX_set_key_length(&cipher_ctx, password_len); -+ EVP_CIPHER_CTX_set_key_length(cipher_ctx, password_len); - } -- EVP_DecryptInit_ex(&cipher_ctx, NULL, NULL, key, (unsigned char *)iv); -+ EVP_DecryptInit_ex(cipher_ctx, NULL, NULL, key, (unsigned char *)iv); - if (options & OPENSSL_ZERO_PADDING) { -- EVP_CIPHER_CTX_set_padding(&cipher_ctx, 0); -+ EVP_CIPHER_CTX_set_padding(cipher_ctx, 0); - } -- EVP_DecryptUpdate(&cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); -+ EVP_DecryptUpdate(cipher_ctx, outbuf, &i, (unsigned char *)data, data_len); - outlen = i; -- if (EVP_DecryptFinal(&cipher_ctx, (unsigned char *)outbuf + i, &i)) { -+ if (EVP_DecryptFinal(cipher_ctx, (unsigned char *)outbuf + i, &i)) { - outlen += i; - outbuf[outlen] = '\0'; - RETVAL_STRINGL((char *)outbuf, outlen, 0); -@@ -5386,7 +5702,8 @@ PHP_FUNCTION(openssl_decrypt) - if (base64_str) { - efree(base64_str); - } -- EVP_CIPHER_CTX_cleanup(&cipher_ctx); -+ EVP_CIPHER_CTX_cleanup(cipher_ctx); -+ EVP_CIPHER_CTX_free(cipher_ctx); - } - /* }}} */ - -@@ -5424,6 +5741,7 @@ PHP_FUNCTION(openssl_dh_compute_key) - zval *key; - char *pub_str; - int pub_len; -+ DH *dh; - EVP_PKEY *pkey; - BIGNUM *pub; - char *data; -@@ -5433,14 +5751,21 @@ PHP_FUNCTION(openssl_dh_compute_key) - return; - } - ZEND_FETCH_RESOURCE(pkey, EVP_PKEY *, &key, -1, "OpenSSL key", le_key); -- if (!pkey || EVP_PKEY_type(pkey->type) != EVP_PKEY_DH || !pkey->pkey.dh) { -+ if (pkey == NULL) { -+ RETURN_FALSE; -+ } -+ if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) { -+ RETURN_FALSE; -+ } -+ dh = EVP_PKEY_get0_DH(pkey); -+ if (dh == NULL) { - RETURN_FALSE; - } - - pub = BN_bin2bn((unsigned char*)pub_str, pub_len, NULL); - -- data = emalloc(DH_size(pkey->pkey.dh) + 1); -- len = DH_compute_key((unsigned char*)data, pub, pkey->pkey.dh); -+ data = emalloc(DH_size(dh) + 1); -+ len = DH_compute_key((unsigned char*)data, pub, dh); - - if (len >= 0) { - data[len] = 0; -diff -rupN php-5.6.31.orig/ext/openssl/tests/bug41033.phpt php-5.6.31/ext/openssl/tests/bug41033.phpt ---- php-5.6.31.orig/ext/openssl/tests/bug41033.phpt 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/tests/bug41033.phpt 2017-08-01 10:49:25.008823468 +0200 -@@ -13,11 +13,11 @@ $pub = 'file://' . dirname(__FILE__) . ' - - $prkeyid = openssl_get_privatekey($prv, "1234"); - $ct = "Hello I am some text!"; --openssl_sign($ct, $signature, $prkeyid, OPENSSL_ALGO_DSS1); -+openssl_sign($ct, $signature, $prkeyid, OPENSSL_VERSION_NUMBER < 0x10100000 ? OPENSSL_ALGO_DSS1 : OPENSSL_ALGO_SHA1); - echo "Signature: ".base64_encode($signature) . "\n"; - - $pukeyid = openssl_get_publickey($pub); --$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_ALGO_DSS1); -+$valid = openssl_verify($ct, $signature, $pukeyid, OPENSSL_VERSION_NUMBER < 0x10100000 ? OPENSSL_ALGO_DSS1 : OPENSSL_ALGO_SHA1); - echo "Signature validity: " . $valid . "\n"; - - -diff -rupN php-5.6.31.orig/ext/openssl/tests/bug66501.phpt php-5.6.31/ext/openssl/tests/bug66501.phpt ---- php-5.6.31.orig/ext/openssl/tests/bug66501.phpt 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/tests/bug66501.phpt 2017-08-01 10:49:25.008823468 +0200 -@@ -16,7 +16,7 @@ AwEHoUQDQgAEPq4hbIWHvB51rdWr8ejrjWo4qVNW - sqOTOnMoezkbSmVVMuwz9flvnqHGmQvmug==
- -----END EC PRIVATE KEY-----';
- $key = openssl_pkey_get_private($pkey);
--$res = openssl_sign($data ='alpha', $sign, $key, 'ecdsa-with-SHA1');
-+$res = openssl_sign($data ='alpha', $sign, $key, OPENSSL_VERSION_NUMBER < 0x10100000 ? 'ecdsa-with-SHA1' : 'SHA1');
- var_dump($res);
- --EXPECTF--
- bool(true)
-diff -rupN php-5.6.31.orig/ext/openssl/tests/openssl_error_string_basic.phpt php-5.6.31/ext/openssl/tests/openssl_error_string_basic.phpt ---- php-5.6.31.orig/ext/openssl/tests/openssl_error_string_basic.phpt 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/tests/openssl_error_string_basic.phpt 2017-08-01 10:49:25.008823468 +0200 -@@ -105,7 +105,7 @@ expect_openssl_errors('openssl_private_d - // public encrypt and decrypt with failed padding check and padding - @openssl_public_encrypt("data", $crypted, $public_key_file, 1000); - @openssl_public_decrypt("data", $crypted, $public_key_file); --expect_openssl_errors('openssl_private_(en|de)crypt padding', ['0906D06C', '04068076', '0407006A', '04067072']); -+expect_openssl_errors('openssl_private_(en|de)crypt padding', OPENSSL_VERSION_NUMBER < 0x10100000 ? ['0906D06C', '04068076', '0407006A', '04067072'] : ['0906D06C', '04068076', '04067072']); - - // X509 - echo "X509 errors\n"; -diff -rupN php-5.6.31.orig/ext/openssl/tests/sni_server.phpt php-5.6.31/ext/openssl/tests/sni_server.phpt ---- php-5.6.31.orig/ext/openssl/tests/sni_server.phpt 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/tests/sni_server.phpt 2017-08-01 10:49:25.012823468 +0200 -@@ -27,6 +27,9 @@ CODE; - $clientCode = <<<'CODE' - $flags = STREAM_CLIENT_CONNECT; - $ctxArr = [ -+ 'verify_peer' => false, -+ 'verify_peer_name' => false, -+ 'allow_self_signed' => true, - 'cafile' => __DIR__ . '/sni_server_ca.pem', - 'capture_peer_cert' => true - ]; -diff -rupN php-5.6.31.orig/ext/openssl/xp_ssl.c php-5.6.31/ext/openssl/xp_ssl.c ---- php-5.6.31.orig/ext/openssl/xp_ssl.c 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/openssl/xp_ssl.c 2017-08-01 10:49:25.012823468 +0200 -@@ -935,7 +935,7 @@ static int set_local_cert(SSL_CTX *ctx, - static const SSL_METHOD *php_select_crypto_method(long method_value, int is_client TSRMLS_DC) /* {{{ */ - { - if (method_value == STREAM_CRYPTO_METHOD_SSLv2) { --#ifndef OPENSSL_NO_SSL2 -+#if !defined(OPENSSL_NO_SSL2) && OPENSSL_VERSION_NUMBER < 0x10100000L - return is_client ? SSLv2_client_method() : SSLv2_server_method(); - #else - php_error_docref(NULL TSRMLS_CC, E_WARNING, -@@ -1588,12 +1588,26 @@ int php_openssl_setup_crypto(php_stream - } - /* }}} */ - -+#define PHP_SSL_MAX_VERSION_LEN 32 -+ -+static char *php_ssl_cipher_get_version(const SSL_CIPHER *c, char *buffer, size_t max_len) /* {{{ */ -+{ -+ const char *version = SSL_CIPHER_get_version(c); -+ strncpy(buffer, version, max_len); -+ if (max_len <= strlen(version)) { -+ buffer[max_len - 1] = 0; -+ } -+ return buffer; -+} -+/* }}} */ -+ - static zval *capture_session_meta(SSL *ssl_handle) /* {{{ */ - { - zval *meta_arr; - char *proto_str; - long proto = SSL_version(ssl_handle); - const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl_handle); -+ char version_str[PHP_SSL_MAX_VERSION_LEN]; - - switch (proto) { - #if OPENSSL_VERSION_NUMBER >= 0x10001001L -@@ -1611,7 +1625,7 @@ static zval *capture_session_meta(SSL *s - add_assoc_string(meta_arr, "protocol", proto_str, 1); - add_assoc_string(meta_arr, "cipher_name", (char *) SSL_CIPHER_get_name(cipher), 1); - add_assoc_long(meta_arr, "cipher_bits", SSL_CIPHER_get_bits(cipher, NULL)); -- add_assoc_string(meta_arr, "cipher_version", SSL_CIPHER_get_version(cipher), 1); -+ add_assoc_string(meta_arr, "cipher_version", php_ssl_cipher_get_version(cipher, version_str, PHP_SSL_MAX_VERSION_LEN), 1); - - return meta_arr; - } -diff -rupN php-5.6.31.orig/ext/phar/util.c php-5.6.31/ext/phar/util.c ---- php-5.6.31.orig/ext/phar/util.c 2017-07-06 00:25:00.000000000 +0200 -+++ php-5.6.31/ext/phar/util.c 2017-08-01 10:49:25.020823468 +0200 -@@ -1531,7 +1531,7 @@ int phar_verify_signature(php_stream *fp - BIO *in; - EVP_PKEY *key; - EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); -- EVP_MD_CTX md_ctx; -+ EVP_MD_CTX *md_ctx; - #else - int tempsig; - #endif -@@ -1608,7 +1608,8 @@ int phar_verify_signature(php_stream *fp - return FAILURE; - } - -- EVP_VerifyInit(&md_ctx, mdtype); -+ md_ctx = EVP_MD_CTX_create(); -+ EVP_VerifyInit(md_ctx, mdtype); - read_len = end_of_phar; - - if (read_len > sizeof(buf)) { -@@ -1620,7 +1621,7 @@ int phar_verify_signature(php_stream *fp - php_stream_seek(fp, 0, SEEK_SET); - - while (read_size && (len = php_stream_read(fp, (char*)buf, read_size)) > 0) { -- EVP_VerifyUpdate (&md_ctx, buf, len); -+ EVP_VerifyUpdate (md_ctx, buf, len); - read_len -= (off_t)len; - - if (read_len < read_size) { -@@ -1628,9 +1629,9 @@ int phar_verify_signature(php_stream *fp - } - } - -- if (EVP_VerifyFinal(&md_ctx, (unsigned char *)sig, sig_len, key) != 1) { -+ if (EVP_VerifyFinal(md_ctx, (unsigned char *)sig, sig_len, key) != 1) { - /* 1: signature verified, 0: signature does not match, -1: failed signature operation */ -- EVP_MD_CTX_cleanup(&md_ctx); -+ EVP_MD_CTX_destroy(md_ctx); - - if (error) { - spprintf(error, 0, "broken openssl signature"); -@@ -1639,7 +1640,7 @@ int phar_verify_signature(php_stream *fp - return FAILURE; - } - -- EVP_MD_CTX_cleanup(&md_ctx); -+ EVP_MD_CTX_destroy(md_ctx); - #endif - - *signature_len = phar_hex_str((const char*)sig, sig_len, signature TSRMLS_CC); diff --git a/pasture/source/php/doinst.sh b/pasture/source/php/doinst.sh deleted file mode 100644 index a6f584ed3..000000000 --- a/pasture/source/php/doinst.sh +++ /dev/null @@ -1,30 +0,0 @@ -if [ ! -r etc/httpd/mod_php.conf ]; then - cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf -elif [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then - cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf -fi - -config() { - NEW="$1" - OLD="`dirname $NEW`/`basename $NEW .new`" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} -# Keep same perms on rc.php-fpm.new: -if [ -e etc/rc.d/rc.php-fpm ]; then - cp -a etc/rc.d/rc.php-fpm etc/rc.d/rc.php-fpm.new.incoming - cat etc/rc.d/rc.php-fpm.new > etc/rc.d/rc.php-fpm.new.incoming - mv etc/rc.d/rc.php-fpm.new.incoming etc/rc.d/rc.php-fpm.new -fi -config etc/rc.d/rc.php-fpm.new -cp -a etc/php.ini-production etc/php.ini.new -config etc/php.ini.new -cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new -config etc/php-fpm.conf.new -cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new -config etc/php-fpm.conf.new diff --git a/pasture/source/php/fetch-php.sh b/pasture/source/php/fetch-php.sh deleted file mode 100755 index 975c99af6..000000000 --- a/pasture/source/php/fetch-php.sh +++ /dev/null @@ -1,2 +0,0 @@ -lftpget http://us.php.net/distributions/php-5.6.40.tar.xz.asc -lftpget http://us.php.net/distributions/php-5.6.40.tar.xz diff --git a/pasture/source/php/mod_php.conf.example b/pasture/source/php/mod_php.conf.example deleted file mode 100644 index 670eb7135..000000000 --- a/pasture/source/php/mod_php.conf.example +++ /dev/null @@ -1,29 +0,0 @@ -# -# mod_php - PHP Hypertext Preprocessor module -# - -# Load the PHP module: -LoadModule php5_module lib/httpd/modules/libphp5.so - -# Tell Apache to feed all *.php files through PHP. If you'd like to -# parse PHP embedded in files with different extensions, comment out -# these lines and see the example below. -<FilesMatch \.php$> - SetHandler application/x-httpd-php -</FilesMatch> - -# Tell Apache to feed all *.php, *.html, and *.htm files through -# the PHP module. Add or subtract extensions here as desired. Please -# note that running pages through PHP for no reason can be both slow -# and insecure, so be sure to know what you're doing. It's a convenient -# shortcut, but probably isn't suitible for high-traffic sites if you -# write any of your pages in straight HTML. -#<FilesMatch "\.(php|html|htm)$"> -# SetHandler application/x-httpd-php -#</FilesMatch> - -# This will display PHP files in colored syntax form. Use with caution. -#<FilesMatch "\.phps$"> -# SetHandler application/x-httpd-php-source -#</FilesMatch> - diff --git a/pasture/source/php/php-fpm.conf.diff b/pasture/source/php/php-fpm.conf.diff deleted file mode 100644 index 38d0f9c6e..000000000 --- a/pasture/source/php/php-fpm.conf.diff +++ /dev/null @@ -1,28 +0,0 @@ ---- ./sapi/fpm/php-fpm.conf.in.orig 2012-05-20 19:47:53.000000000 +0200 -+++ ./sapi/fpm/php-fpm.conf.in 2012-05-21 09:16:32.646276661 +0200 -@@ -12,7 +12,7 @@ - ; Relative path can also be used. They will be prefixed by: - ; - the global prefix if it's been set (-p arguement) - ; - @prefix@ otherwise --;include=etc/fpm.d/*.conf -+;include=etc/php-fpm.d/*.conf - - ;;;;;;;;;;;;;;;;;; - ; Global Options ; -@@ -22,14 +22,14 @@ - ; Pid file - ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@ - ; Default Value: none --;pid = run/php-fpm.pid -+pid = run/php-fpm.pid - - ; Error log file - ; If it's set to "syslog", log is sent to syslogd instead of being written - ; in a local file. - ; Note: the default prefix is @EXPANDED_LOCALSTATEDIR@ - ; Default Value: log/php-fpm.log --;error_log = log/php-fpm.log -+error_log = log/php-fpm.log - - ; syslog_facility is used to specify what type of program is logging the - ; message. This lets syslogd specify that messages from different facilities diff --git a/pasture/source/php/php.SlackBuild b/pasture/source/php/php.SlackBuild deleted file mode 100755 index b4fdffea9..000000000 --- a/pasture/source/php/php.SlackBuild +++ /dev/null @@ -1,317 +0,0 @@ -#!/bin/sh - -# Build and package mod_php on Slackware. -# by: David Cantrell <david@slackware.com> -# Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2018 Patrick Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -ALPINE=2.21 -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i586 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -NUMJOBS=${NUMJOBS:-" -j7 "} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-php/ -rm -rf $PKG -mkdir -p $TMP $PKG - -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i586" ]; then - SLKCFLAGS="-O2 -march=i586 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -else - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -fi - -# we need to compile alpine to get c-client.a for IMAP support: -IMAPLIBDIR=/usr/local/lib${LIBDIRSUFFIX}/c-client -if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then - echo "Using IMAP library:" - ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a - sleep 5 -else - ( cd $CWD/../alpine ; VERSION=${ALPINE} ; ./alpine.SlackBuild || exit 1 ) || exit 1 - ( cd $TMP/alpine-${ALPINE}/imap/c-client - strip -g c-client.a - mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} - cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} - mkdir -p $IMAPLIBDIR/include - cp *.h $IMAPLIBDIR/include - ) -fi - -mkdir -p $PKG/etc/httpd -mkdir -p $PKG/etc/php.d -# A trick from DaMouse to enable building php into $PKG. -# We'll remove this later on. -cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf -if [ ! -e /etc/httpd/original/httpd.conf ]; then - echo "FATAL: no /etc/httpd/original/httpd.conf found." - exit 1 -fi - -cd $TMP -rm -rf php-$VERSION -tar xvf $CWD/php-$VERSION.tar.?z || exit 1 -cd php-$VERSION || exit 1 - -# cleanup: -find . -name "*.orig" -delete - -# Add missing(?) PEAR modules back: -if [ -d php-$VERSION/pear/packages ]; then - ( cd php-$VERSION/pear/packages - cp -a $CWD/pear/*.bz2 . 2> /dev/null - bzip2 -d *.bz2 2> /dev/null - ) -fi - -if [ "$ARCH" = "s390" ]; then - zcat $CWD/php.configure.s390.diff.gz | patch -p1 || exit -fi - -# Fixup perms/owners: -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -find . -name "*.h" -exec chmod 644 {} \; - -# Sometimes they ship a few of these: -find . -name "*.orig" -exec rm {} \; - -# Patch ini files: -zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose || exit 1 -zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose php.ini-production || exit 1 -zcat $CWD/php-fpm.conf.diff.gz | patch -p1 --verbose || exit 1 - -# Support OpenSSL 1.1.x: -zcat $CWD/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch.gz | patch -p1 --verbose || exit 1 - -# Install the build folder into /usr/lib$LIBDIRSUFFIX/php/build -# and adapt phpize accordingly: -sed -i "s|build$|php/build|" scripts/Makefile.frag -sed -i "s|build\"$|php/build\"|" scripts/phpize.in - -# Generic "kitchen sink" configure function, with as many things as possible (and -# maybe then some ;-) compiled as shared extensions: -EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \ -CFLAGS="$SLKCFLAGS" \ -CXXFLAGS="$SLKCFLAGS -DU_USING_ICU_NAMESPACE=1" \ -./configure \ - --prefix=/usr \ - --libdir=/usr/lib${LIBDIRSUFFIX} \ - --with-libdir=lib${LIBDIRSUFFIX} \ - --localstatedir=/var \ - --sysconfdir=/etc \ - --datarootdir=/usr/share \ - --datadir=/usr/share \ - --infodir=/usr/info \ - --mandir=/usr/man \ - --with-apxs2=/usr/bin/apxs \ - --enable-fpm \ - --with-fpm-user=apache \ - --with-fpm-group=apache \ - --enable-maintainer-zts \ - --enable-pcntl \ - --enable-mbregex \ - --enable-tokenizer=shared \ - --with-config-file-scan-dir=/etc/php.d \ - --with-config-file-path=/etc \ - --enable-mod_charset \ - --with-layout=PHP \ - --disable-sigchild \ - --enable-xml \ - --with-libxml-dir=/usr \ - --with-xmlrpc=shared \ - --enable-simplexml \ - --enable-xmlreader=shared \ - --enable-dom=shared \ - --enable-filter \ - --disable-debug \ - --with-openssl=shared \ - --with-pcre-regex=/usr \ - --with-zlib=shared,/usr \ - --enable-bcmath=shared \ - --with-bz2=shared,/usr \ - --enable-calendar=shared \ - --enable-ctype=shared \ - --with-curl=shared \ - --with-mcrypt=/usr \ - --enable-dba=shared \ - --with-gdbm=/usr \ - --with-db4=/usr \ - --enable-exif=shared \ - --enable-ftp=shared \ - --with-gd=shared \ - --with-jpeg-dir=/usr \ - --with-png-dir=/usr \ - --with-vpx-dir=/usr \ - --with-zlib-dir=/usr \ - --with-xpm-dir=/usr \ - --with-freetype-dir=/usr \ - --with-t1lib=/usr \ - --enable-gd-native-ttf \ - --with-gettext=shared,/usr \ - --with-gmp=shared,/usr \ - --with-iconv=shared \ - --with-imap-ssl=/usr \ - --with-imap=$IMAPLIBDIR \ - --with-ldap=shared \ - --enable-mbstring=shared \ - --enable-hash \ - --with-mysql=shared,mysqlnd \ - --with-mysqli=shared,mysqlnd \ - --with-mysql-sock=/var/run/mysql/mysql.sock \ - --with-iodbc=shared,/usr \ - --enable-pdo=shared \ - --with-pdo-mysql=shared,mysqlnd \ - --with-pdo-sqlite=shared,/usr \ - --with-pdo-odbc=shared,iODBC,/usr \ - --with-pspell=shared,/usr \ - --with-enchant=shared,/usr \ - --enable-shmop=shared \ - --with-snmp=shared,/usr \ - --enable-soap=shared \ - --enable-sockets \ - --with-sqlite3=shared \ - --with-regex=php \ - --enable-sysvmsg \ - --enable-sysvsem \ - --enable-sysvshm \ - --enable-wddx=shared \ - --with-xsl=shared,/usr \ - --enable-zip=shared \ - --with-tsrm-pthreads \ - --enable-intl=shared \ - --enable-opcache \ - --enable-shared=yes \ - --enable-static=no \ - --with-gnu-ld \ - --with-pic \ - --enable-phpdbg \ - --build=$ARCH-slackware-linux || exit 1 - -# I am told this option is worse than nothing. :-) -# --enable-safe-mode -# -# I would recommend *against* and will take no responbility for turning on -# "safe" mode. - -make $NUMJOBS || make || exit 1 -make install INSTALL_ROOT=$PKG || exit 1 - -mkdir -p $PKG/etc/{rc.d,php-fpm.d} -cp sapi/fpm/init.d.php-fpm $PKG/etc/rc.d/rc.php-fpm.new -chmod 644 $PKG/etc/rc.d/rc.php-fpm.new - -# PHP (used to) install Pear with some strange permissions. -chmod 755 $PKG/usr/bin/pear - -# PHP sometimes puts junk in the root directory: -( cd $PKG - rm -rf .channels .depdb .depdblock .filemap .lock .registry -) - -# We do not package static extension libraries: -rm -f $PKG/usr/lib${LIBDIRSUFFIX}/php/extensions/*.a - -# Fix $PKG/usr/lib/php perms: -( cd $PKG/usr/lib${LIBDIRSUFFIX}/php - find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; -) - -mkdir -p $PKG/usr/doc/php-$VERSION -cp -a \ - CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS README* TODO* UPGRADING* \ - sapi/cgi/README.FastCGI \ - $PKG/usr/doc/php-$VERSION -chown -R root:root $PKG/usr/doc/php-$VERSION -chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING* - -mkdir -p $PKG/etc/httpd -cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \ - > $PKG/etc/httpd/mod_php.conf.example -chmod 644 $PKG/etc/httpd/* -chown root:root $PKG/etc/httpd/* - -cp -a php.ini-development php.ini-production $PKG/etc -chmod 755 $PKG/etc/php.d $PKG/etc/php-fpm.d $PKG/etc/httpd -chown root:root $PKG/etc/* - -# This can go now. -rm -f $PKG/etc/httpd/httpd* - -# Session directory for PHP: -mkdir -p $PKG/var/lib/php -chmod 770 $PKG/var/lib/php -chown root:apache $PKG/var/lib/php - -# Strip ELF objects. -find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ - | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -gzip -9 $PKG/usr/man/man?/*.? - -mkdir -p $PKG/install -zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh -cat $CWD/slack-desc > $PKG/install/slack-desc - -#if [ -d "$IMAPLIBDIR" ]; then -# ( cd $IMAPLIBDIR && rm -rf * ) -# rmdir $IMAPLIBDIR -#fi - -cd $PKG -/sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz - diff --git a/pasture/source/php/php.ini-development.diff b/pasture/source/php/php.ini-development.diff deleted file mode 100644 index d94e708cb..000000000 --- a/pasture/source/php/php.ini-development.diff +++ /dev/null @@ -1,62 +0,0 @@ ---- ./php.ini-development.orig 2017-07-05 17:25:00.000000000 -0500 -+++ ./php.ini-development 2017-07-07 14:25:29.270476234 -0500 -@@ -879,6 +879,50 @@ - ; If you only provide the name of the extension, PHP will look for it in its - ; default extension directory. - ; -+ -+; These are the extensions that are available for use on this PHP build. -+; If you do NOT need any of these extensions, you should comment them out. -+; That will probably increase both your security and performance. -+ -+extension=bcmath.so -+extension=bz2.so -+extension=calendar.so -+extension=ctype.so -+extension=curl.so -+extension=dba.so -+extension=dom.so -+extension=enchant.so -+extension=exif.so -+extension=ftp.so -+extension=gd.so -+extension=gettext.so -+extension=gmp.so -+extension=iconv.so -+extension=intl.so -+extension=ldap.so -+extension=mbstring.so -+extension=mysql.so -+extension=mysqli.so -+extension=odbc.so -+extension=openssl.so -+zend_extension=opcache.so -+extension=pdo.so -+extension=pdo_mysql.so -+extension=pdo_sqlite.so -+extension=pdo_odbc.so -+extension=pspell.so -+extension=shmop.so -+extension=snmp.so -+extension=soap.so -+extension=sqlite3.so -+extension=tokenizer.so -+extension=wddx.so -+extension=xmlreader.so -+extension=xmlrpc.so -+extension=xsl.so -+extension=zip.so -+extension=zlib.so -+ - ; Windows Extensions - ; Note that ODBC support is built in, so no dll is needed for it. - ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -@@ -1442,7 +1486,7 @@ - ; where MODE is the octal representation of the mode. Note that this - ; does not overwrite the process's umask. - ; http://php.net/session.save-path --;session.save_path = "/tmp" -+session.save_path = "/var/lib/php" - - ; Whether to use strict session mode. - ; Strict session mode does not accept uninitialized session ID and regenerate diff --git a/pasture/source/php/slack-desc b/pasture/source/php/slack-desc deleted file mode 100644 index fe14da6d6..000000000 --- a/pasture/source/php/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -php: php (HTML-embedded scripting language) -php: -php: PHP is an HTML-embedded scripting language. It shares syntax -php: characteristics with C, Java, and Perl. The primary objective behind -php: this language is to make a fast and easy-to-use scripting language -php: for dynamic web sites. -php: -php: More information can be found online at http://www.php.net/ -php: -php: -php: |