From aeb9350cfbd2f4675f0d095394660cc0c2cc0d7b Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Mon, 21 May 2012 01:17:54 +0000 Subject: php: security bump to version 5.3.13 and enhance Bump php to version 5.3.13 to solve multiple CVEs. The 5.2 series is no longer maintained. The PCRE and SPL extensions are no longer optional. Reflection is no longer optional either. Ncurses was spun out to PECL. Add a ton of new extensions and give more granular options on others (like the libxml2-based ones). The FastCGI option no longer exists, it's always on as long as CGI is. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- package/php/php.mk | 199 +++++++++++++++++++++++++++++------------------------ 1 file changed, 110 insertions(+), 89 deletions(-) (limited to 'package/php/php.mk') diff --git a/package/php/php.mk b/package/php/php.mk index 6de6a9e83..e9bda447f 100644 --- a/package/php/php.mk +++ b/package/php/php.mk @@ -4,53 +4,59 @@ # ############################################################# -PHP_VERSION = 5.2.17 +PHP_VERSION = 5.3.13 PHP_SOURCE = php-$(PHP_VERSION).tar.bz2 PHP_SITE = http://www.php.net/distributions PHP_INSTALL_STAGING = YES PHP_INSTALL_STAGING_OPT = INSTALL_ROOT=$(STAGING_DIR) install PHP_INSTALL_TARGET_OPT = INSTALL_ROOT=$(TARGET_DIR) install -PHP_LIBTOOL_PATCH = NO PHP_CONF_OPT = --mandir=/usr/share/man \ --infodir=/usr/share/info \ --disable-all \ --without-pear \ --with-config-file-path=/etc \ --localstatedir=/var \ + --disable-rpath PHP_CFLAGS = $(TARGET_CFLAGS) -ifneq ($(BR2_PACKAGE_PHP_CLI),y) - PHP_CONF_OPT += --disable-cli -else - PHP_CONF_OPT += --enable-cli -endif - -ifneq ($(BR2_PACKAGE_PHP_CGI),y) - PHP_CONF_OPT += --disable-cgi -else - PHP_CONF_OPT += --enable-cgi - ifeq ($(BR2_PACKAGE_PHP_FASTCGI),y) - PHP_CONF_OPT += --enable-fastcgi - endif +# Workaround for non-IPv6 uClibc toolchain +ifeq ($(BR2_TOOLCHAIN_BUILDROOT)$(BR2_TOOLCHAIN_EXTERNAL_UCLIBC)$(BR2_TOOLCHAIN_CTNG_uClibc),y) +ifneq ($(BR2_INET_IPV6),y) + PHP_CFLAGS += -DHAVE_DEPRECATED_DNS_FUNCS endif - -### Extensions -ifeq ($(BR2_PACKAGE_PHP_EXT_SOCKETS),y) - PHP_CONF_OPT += --enable-sockets -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_POSIX),y) - PHP_CONF_OPT += --enable-posix endif -ifeq ($(BR2_PACKAGE_PHP_EXT_SPL),y) - PHP_CONF_OPT += --enable-spl -endif +PHP_CONF_OPT += $(if $(BR2_PACKAGE_PHP_CLI),,--disable-cli) +PHP_CONF_OPT += $(if $(BR2_PACKAGE_PHP_CGI),,--disable-cgi) -ifeq ($(BR2_PACKAGE_PHP_EXT_SESSION),y) - PHP_CONF_OPT += --enable-session -endif +### Extensions +PHP_CONF_OPT += $(if $(BR2_PACKAGE_PHP_EXT_SOCKETS),--enable-sockets) \ + $(if $(BR2_PACKAGE_PHP_EXT_POSIX),--enable-posix) \ + $(if $(BR2_PACKAGE_PHP_EXT_SESSION),--enable-session) \ + $(if $(BR2_PACKAGE_PHP_EXT_HASH),--enable-hash) \ + $(if $(BR2_PACKAGE_PHP_EXT_DOM),--enable-dom) \ + $(if $(BR2_PACKAGE_PHP_EXT_SIMPLEXML),--enable-simplexml) \ + $(if $(BR2_PACKAGE_PHP_EXT_SOAP),--enable-soap) \ + $(if $(BR2_PACKAGE_PHP_EXT_WDDX),--enable-wddx) \ + $(if $(BR2_PACKAGE_PHP_EXT_XML),--enable-xml) \ + $(if $(BR2_PACKAGE_PHP_EXT_XMLREADER),--enable-xmlreader) \ + $(if $(BR2_PACKAGE_PHP_EXT_XMLWRITER),--enable-xmlwriter) \ + $(if $(BR2_PACKAGE_PHP_EXT_EXIF),--enable-exif) \ + $(if $(BR2_PACKAGE_PHP_EXT_FTP),--enable-ftp) \ + $(if $(BR2_PACKAGE_PHP_EXT_JSON),--enable-json) \ + $(if $(BR2_PACKAGE_PHP_EXT_TOKENIZER),--enable-tokenizer) \ + $(if $(BR2_PACKAGE_PHP_EXT_PCNTL),--enable-pcntl) \ + $(if $(BR2_PACKAGE_PHP_EXT_SHMOP),--enable-shmop) \ + $(if $(BR2_PACKAGE_PHP_EXT_SYSVMSG),--enable-sysvmsg) \ + $(if $(BR2_PACKAGE_PHP_EXT_SYSVSEM),--enable-sysvsem) \ + $(if $(BR2_PACKAGE_PHP_EXT_SYSVSHM),--enable-sysvshm) \ + $(if $(BR2_PACKAGE_PHP_EXT_ZIP),--enable-zip) \ + $(if $(BR2_PACKAGE_PHP_EXT_CTYPE),--enable-ctype) \ + $(if $(BR2_PACKAGE_PHP_EXT_FILTER),--enable-filter) \ + $(if $(BR2_PACKAGE_PHP_EXT_CALENDAR),--enable-calendar) \ + $(if $(BR2_PACKAGE_PHP_EXT_FILENIFO),--enable-fileinfo) \ + $(if $(BR2_PACKAGE_PHP_EXT_BCMATH),--enable-bcmath) ifeq ($(BR2_PACKAGE_PHP_EXT_OPENSSL),y) PHP_CONF_OPT += --with-openssl=$(STAGING_DIR)/usr @@ -58,16 +64,14 @@ ifeq ($(BR2_PACKAGE_PHP_EXT_OPENSSL),y) endif ifeq ($(BR2_PACKAGE_PHP_EXT_LIBXML2),y) - PHP_CONF_OPT += --enable-libxml \ - --with-libxml-dir=${STAGING_DIR}/usr \ - --enable-xml \ - --enable-xmlreader \ - --enable-xmlwriter + PHP_CONF_OPT += --enable-libxml --with-libxml-dir=${STAGING_DIR}/usr PHP_DEPENDENCIES += libxml2 endif -ifeq ($(BR2_PACKAGE_PHP_EXT_SIMPLEXML),y) - PHP_CONF_OPT += --enable-simplexml +ifeq ($(BR2_PACKAGE_PHP_EXT_XMLRPC),y) + PHP_CONF_OPT += --with-xmlrpc \ + $(if $(BR2_PACKAGE_LIBICONV),--with-iconv-dir=$(STAGING_DIR)/usr) + PHP_DEPENDENCIES += $(if $(BR2_PACKAGE_LIBICONV),libiconv) endif ifneq ($(BR2_PACKAGE_PHP_EXT_ZLIB)$(BR2_PACKAGE_PHP_EXT_ZIP),) @@ -75,17 +79,23 @@ ifneq ($(BR2_PACKAGE_PHP_EXT_ZLIB)$(BR2_PACKAGE_PHP_EXT_ZIP),) PHP_DEPENDENCIES += zlib endif -ifeq ($(BR2_PACKAGE_PHP_EXT_EXIF),y) - PHP_CONF_OPT += --enable-exif +ifeq ($(BR2_PACKAGE_PHP_EXT_GETTEXT),y) + PHP_CONF_OPT += --with-gettext=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += $(if $(BR2_NEEDS_GETTEXT),gettext) endif -ifeq ($(BR2_PACKAGE_PHP_EXT_FTP),y) - PHP_CONF_OPT += --enable-ftp +ifeq ($(BR2_PACKAGE_PHP_EXT_ICONV),y) +ifeq ($(BR2_PACKAGE_LIBICONV),y) + PHP_CONF_OPT += --with-iconv=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += libiconv +else + PHP_CONF_OPT += --with-iconv +endif endif -ifeq ($(BR2_PACKAGE_PHP_EXT_GETTEXT),y) - PHP_CONF_OPT += --with-gettext=$(STAGING_DIR)/usr - PHP_DEPENDENCIES += $(if $(BR2_NEEDS_GETTEXT),gettext) +ifeq ($(BR2_PACKAGE_PHP_EXT_INTL),y) + PHP_CONF_OPT += --enable-intl --with-icu-dir=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += icu endif ifeq ($(BR2_PACKAGE_PHP_EXT_GMP),y) @@ -93,52 +103,11 @@ ifeq ($(BR2_PACKAGE_PHP_EXT_GMP),y) PHP_DEPENDENCIES += gmp endif -ifeq ($(BR2_PACKAGE_PHP_EXT_JSON),y) - PHP_CONF_OPT += --enable-json -endif - ifeq ($(BR2_PACKAGE_PHP_EXT_READLINE),y) PHP_CONF_OPT += --with-readline=$(STAGING_DIR)/usr PHP_DEPENDENCIES += readline endif -ifeq ($(BR2_PACKAGE_PHP_EXT_NCURSES),y) - PHP_CONF_OPT += --with-ncurses=$(STAGING_DIR)/usr - PHP_DEPENDENCIES += ncurses -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_PCNTL),y) - PHP_CONF_OPT += --enable-pcntl -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_SYSVMSG),y) - PHP_CONF_OPT += --enable-sysvmsg -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_SYSVSEM),y) - PHP_CONF_OPT += --enable-sysvsem -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_SYSVSHM),y) - PHP_CONF_OPT += --enable-sysvshm -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_ZIP),y) - PHP_CONF_OPT += --enable-zip -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_FILTER),y) - PHP_CONF_OPT += --enable-filter -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_CALENDAR),y) - PHP_CONF_OPT += --enable-calendar -endif - -ifeq ($(BR2_PACKAGE_PHP_EXT_PCRE),y) - PHP_CONF_OPT += --with-pcre-regex -endif - ### Legacy sqlite2 support ifeq ($(BR2_PACKAGE_PHP_EXT_SQLITE),y) PHP_CONF_OPT += --with-sqlite @@ -150,16 +119,22 @@ ifeq ($(BR2_PACKAGE_PHP_EXT_SQLITE_UTF8),y) endif endif +### Native MySQL extensions +ifeq ($(BR2_PACKAGE_PHP_EXT_MYSQL),y) + PHP_CONF_OPT += --with-mysql=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += mysql_client +endif +ifeq ($(BR2_PACKAGE_PHP_EXT_MYSQLI),y) + PHP_CONF_OPT += --with-mysqli=$(STAGING_DIR)/usr/bin/mysql_config + PHP_DEPENDENCIES += mysql_client +endif + ### PDO ifeq ($(BR2_PACKAGE_PHP_EXT_PDO),y) PHP_CONF_OPT += --enable-pdo ifeq ($(BR2_PACKAGE_PHP_EXT_PDO_SQLITE),y) -ifeq ($(BR2_PACKAGE_PHP_EXT_PDO_SQLITE_EXTERNAL),y) PHP_CONF_OPT += --with-pdo-sqlite=$(STAGING_DIR)/usr PHP_DEPENDENCIES += sqlite -else - PHP_CONF_OPT += --with-pdo-sqlite -endif PHP_CFLAGS += -DSQLITE_OMIT_LOAD_EXTENSION ifneq ($(BR2_LARGEFILE),y) PHP_CFLAGS += -DSQLITE_DISABLE_LFS @@ -171,6 +146,50 @@ ifeq ($(BR2_PACKAGE_PHP_EXT_PDO_MYSQL),y) endif endif +### Use external PCRE if it's available +ifeq ($(BR2_PACKAGE_PCRE),y) + PHP_CONF_OPT += --with-pcre-regex=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += pcre +endif + +ifeq ($(BR2_PACKAGE_PHP_EXT_CURL),y) + PHP_CONF_OPT += --with-curl=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += libcurl +endif + +ifeq ($(BR2_PACKAGE_PHP_EXT_XSL),y) + PHP_CONF_OPT += --with-xsl=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += libxslt +endif + +ifeq ($(BR2_PACKAGE_PHP_EXT_BZIP2),y) + PHP_CONF_OPT += --with-bz2=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += bzip2 +endif + +### DBA +ifeq ($(BR2_PACKAGE_PHP_EXT_DBA),y) + PHP_CONF_OPT += --enable-dba +ifneq ($(BR2_PACKAGE_PHP_EXT_DBA_CDB),y) + PHP_CONF_OPT += --without-cdb +endif +ifneq ($(BR2_PACKAGE_PHP_EXT_DBA_FLAT),y) + PHP_CONF_OPT += --without-flatfile +endif +ifneq ($(BR2_PACKAGE_PHP_EXT_DBA_INI),y) + PHP_CONF_OPT += --without-inifile +endif +ifeq ($(BR2_PACKAGE_PHP_EXT_DBA_DB4),y) + PHP_CONF_OPT += --with-db4=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += berkeleydb +endif +endif + +ifeq ($(BR2_PACKAGE_PHP_EXT_SNMP),y) + PHP_CONF_OPT += --with-snmp=$(STAGING_DIR)/usr + PHP_DEPENDENCIES += netsnmp +endif + # Fixup prefix= and exec_prefix= in php-config define PHP_FIXUP_PHP_CONFIG $(SED) 's%^prefix="/usr"%prefix="$(STAGING_DIR)/usr"%' \ @@ -185,7 +204,9 @@ define PHP_INSTALL_FIXUP rm -f $(TARGET_DIR)/usr/bin/phpize rm -f $(TARGET_DIR)/usr/bin/php-config if [ ! -f $(TARGET_DIR)/etc/php.ini ]; then \ - $(INSTALL) -m 0755 $(BR2_PACKAGE_PHP_CONFIG) $(TARGET_DIR)/etc/php.ini; fi + $(INSTALL) -m 0755 $(PHP_DIR)/php.ini-production \ + $(TARGET_DIR)/etc/php.ini; \ + fi endef PHP_POST_INSTALL_TARGET_HOOKS += PHP_INSTALL_FIXUP -- cgit v1.2.3