From owner-svn-ports-all@FreeBSD.ORG Tue Apr 14 01:27:54 2015 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7D8E83E6; Tue, 14 Apr 2015 01:27:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5EB4D90D; Tue, 14 Apr 2015 01:27:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3E1RsxR046757; Tue, 14 Apr 2015 01:27:54 GMT (envelope-from mi@FreeBSD.org) Received: (from mi@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3E1Rqaa046745; Tue, 14 Apr 2015 01:27:52 GMT (envelope-from mi@FreeBSD.org) Message-Id: <201504140127.t3E1Rqaa046745@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mi set sender to mi@FreeBSD.org using -f From: Mikhail Teterin Date: Tue, 14 Apr 2015 01:27:52 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r383970 - in head/security/pecl-crack: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Apr 2015 01:27:54 -0000 Author: mi Date: Tue Apr 14 01:27:51 2015 New Revision: 383970 URL: https://svnweb.freebsd.org/changeset/ports/383970 Log: Unbreak and otherwise improve this port: * Use standard source of PECL-sources -- the old MASTER_SITE is gone, and good riddance too, because the difference between 0.4 and 0.4.1 was an irrelevant one-liner. * Patch to use modern PHP ZEND API * Patch to actually use cracklib as advertized -- since the port's inception it LIB_DEPENDed on security/cracklib and advertized its use in pkg-descr, lying on both accounts. * Throw in a couple of basic usage tests rejecting bad passwords and accepting good ones. Special thanks to Nathan Neulinger for making the necessary cracklib function accessible and to cy@ for promptly updating security/cracklib to use Nathan's latest release. Added: head/security/pecl-crack/files/ head/security/pecl-crack/files/patch-modern-api (contents, props changed) head/security/pecl-crack/files/patch-tests (contents, props changed) head/security/pecl-crack/files/patch-use-real-libcrack (contents, props changed) Modified: head/security/pecl-crack/Makefile head/security/pecl-crack/distinfo Modified: head/security/pecl-crack/Makefile ============================================================================== --- head/security/pecl-crack/Makefile Tue Apr 14 00:51:31 2015 (r383969) +++ head/security/pecl-crack/Makefile Tue Apr 14 01:27:51 2015 (r383970) @@ -2,29 +2,35 @@ # $FreeBSD$ PORTNAME= crack -PORTVERSION= 0.4.1 -PORTREVISION= 5 +PORTVERSION= 0.4 +PORTEPOCH= 1 CATEGORIES= security www -MASTER_SITES= http://www.osuweb.net/~ahaning/ +MASTER_SITES= http://pecl.php.net/get/ PKGNAMEPREFIX= pecl- -EXTRACT_SUFX= .tgz DIST_SUBDIR= PECL MAINTAINER= ports@FreeBSD.org COMMENT= PECL extension to cracklib -DEPRECATED= requires php53, security EOL reached 14 Aug 2014 -EXPIRATION_DATE= 2015-04-15 +LICENSE= PHP30 LIB_DEPENDS= libcrack.so:${PORTSDIR}/security/cracklib +USES= tar:tgz USE_PHP= yes USE_PHPIZE= yes USE_PHP_BUILD= yes USE_PHPEXT= yes PHP_MODNAME= crack -IGNORE_WITH_PHP=5 55 56 +EXTRACT_AFTER_ARGS=--no-same-permissions --no-same-owner --exclude libcrack +CONFIGURE_ARGS= --with-crack=${LOCALBASE} +CFLAGS+= -Wno-deprecated + +post-configure: + ${REINPLACE_CMD} -e 's|^\$$ini_overwrites.*|&'"'"'crack.default_dictionary=\"${LOCALBASE}/libdata/cracklib/pw_dict\"'"'"',|' \ + ${WRKSRC}/run-tests.php -WRKSRC= ${WRKDIR}/crack-0.4 +test check regression-test: build + ${MAKE} -C ${WRKSRC} test < /dev/null .include Modified: head/security/pecl-crack/distinfo ============================================================================== --- head/security/pecl-crack/distinfo Tue Apr 14 00:51:31 2015 (r383969) +++ head/security/pecl-crack/distinfo Tue Apr 14 01:27:51 2015 (r383970) @@ -1,2 +1,2 @@ -SHA256 (PECL/crack-0.4.1.tgz) = d9ba43b3678fb46db0eee659d9e000e9bad682bc7702d33f6d7e293d7f6f08ad -SIZE (PECL/crack-0.4.1.tgz) = 25143 +SHA256 (PECL/crack-0.4.tgz) = 00a5250a6c82b39c1aefcb6e1ce0980da5df49c9bfc6ade9a8e867d89e87f560 +SIZE (PECL/crack-0.4.tgz) = 25524 Added: head/security/pecl-crack/files/patch-modern-api ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pecl-crack/files/patch-modern-api Tue Apr 14 01:27:51 2015 (r383970) @@ -0,0 +1,169 @@ +--- crack.c 2005-09-21 05:00:06.000000000 -0400 ++++ crack.c 2015-04-13 20:41:24.000000000 -0400 +@@ -32,5 +32,5 @@ + + #include "php_crack.h" +-#include "libcrack/src/cracklib.h" ++#include + + /* True global resources - no need for thread safety here */ +@@ -39,5 +39,5 @@ + /* {{{ crack_functions[] + */ +-function_entry crack_functions[] = { ++zend_function_entry crack_functions[] = { + PHP_FE(crack_opendict, NULL) + PHP_FE(crack_closedict, NULL) +@@ -91,42 +91,7 @@ + /* {{{ php_crack_checkpath + */ +-static int php_crack_checkpath(char* path TSRMLS_DC) ++static int php_crack_checkpath(const char* path TSRMLS_DC) + { +- char *filename; +- int filename_len; +- int result = SUCCESS; +- +- if (PG(safe_mode)) { +- filename_len = strlen(path) + 10; +- filename = (char *) emalloc(filename_len); +- if (NULL == filename) { +- return FAILURE; +- } +- +- memset(filename, '\0', filename_len); +- strcpy(filename, path); +- strcat(filename, ".pwd"); +- if (!php_checkuid(filename, "r", CHECKUID_CHECK_FILE_AND_DIR)) { +- efree(filename); +- return FAILURE; +- } +- +- memset(filename, '\0', filename_len); +- strcpy(filename, path); +- strcat(filename, ".pwi"); +- if (!php_checkuid(filename, "r", CHECKUID_CHECK_FILE_AND_DIR)) { +- efree(filename); +- return FAILURE; +- } +- +- memset(filename, '\0', filename_len); +- strcpy(filename, path); +- strcat(filename, ".hwm"); +- if (!php_checkuid(filename, "r", CHECKUID_CHECK_FILE_AND_DIR)) { +- efree(filename); +- return FAILURE; +- } +- } +- ++ + if (php_check_open_basedir(path TSRMLS_CC)) { + return FAILURE; +@@ -155,7 +120,6 @@ + { + if ((-1 == CRACKG(default_dict)) && (NULL != CRACKG(default_dictionary))) { +- CRACKLIB_PWDICT *pwdict; +- printf("trying to open: %s\n", CRACKG(default_dictionary)); +- pwdict = cracklib_pw_open(CRACKG(default_dictionary), "r"); ++ PWDICT *pwdict; ++ pwdict = PWOpen(CRACKG(default_dictionary), "r"); + if (NULL != pwdict) { + ZEND_REGISTER_RESOURCE(return_value, pwdict, le_crack); +@@ -172,8 +136,8 @@ + static void php_crack_module_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC) + { +- CRACKLIB_PWDICT *pwdict = (CRACKLIB_PWDICT *) rsrc->ptr; ++ PWDICT *pwdict = (PWDICT *) rsrc->ptr; + + if (pwdict != NULL) { +- cracklib_pw_close(pwdict); ++ PWClose(pwdict); + } + } +@@ -245,5 +209,5 @@ + char *path; + int path_len; +- CRACKLIB_PWDICT *pwdict; ++ PWDICT *pwdict; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s", &path, &path_len) == FAILURE) { +@@ -255,5 +219,5 @@ + } + +- pwdict = cracklib_pw_open(path, "r"); ++ pwdict = PWOpen(path, "r"); + if (NULL == pwdict) { + #if ZEND_MODULE_API_NO >= 20021010 +@@ -276,5 +240,5 @@ + zval *dictionary = NULL; + int id = -1; +- CRACKLIB_PWDICT *pwdict; ++ PWDICT *pwdict; + + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|r", &dictionary)) { +@@ -293,5 +257,5 @@ + } + } +- ZEND_FETCH_RESOURCE(pwdict, CRACKLIB_PWDICT *, &dictionary, id, "crack dictionary", le_crack); ++ ZEND_FETCH_RESOURCE(pwdict, PWDICT *, &dictionary, id, "crack dictionary", le_crack); + + if (NULL == dictionary) { +@@ -319,5 +283,5 @@ + int gecos_len; + char *message; +- CRACKLIB_PWDICT *pwdict; ++ PWDICT *pwdict; + int id = -1; + +@@ -327,10 +291,36 @@ + } + +- if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS() TSRMLS_CC, "rs", &dictionary, &password, &password_len) == FAILURE) { +- if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|ssr", &password, &password_len, &username, &username_len, &gecos, &gecos_len, &dictionary) == FAILURE) { +- RETURN_FALSE; +- } ++ switch (ZEND_NUM_ARGS()) { ++ case 1: ++ id = zend_parse_parameters(1 TSRMLS_CC, "s", ++ &password, &password_len); ++ dictionary = NULL; ++ break; ++ case 2: ++ id = zend_parse_parameters(2 TSRMLS_CC, "rs", ++ &dictionary, ++ &password, &password_len); ++ break; ++ case 3: ++ id = zend_parse_parameters(3 TSRMLS_CC, "sss", ++ &password, &password_len, ++ &username, &username_len, ++ &gecos, &gecos_len); ++ dictionary = NULL; ++ break; ++ case 4: ++ id = zend_parse_parameters(3 TSRMLS_CC, "sssr", ++ &password, &password_len, ++ &username, &username_len, ++ &gecos, &gecos_len, ++ &dictionary); ++ break; ++ default: ++ WRONG_PARAM_COUNT; + } +- ++ ++ if (id == FAILURE) ++ RETURN_FALSE; ++ + if (NULL == dictionary) { + id = php_crack_get_default_dict(INTERNAL_FUNCTION_PARAM_PASSTHRU); +@@ -344,7 +334,7 @@ + } + } +- ZEND_FETCH_RESOURCE(pwdict, CRACKLIB_PWDICT *, &dictionary, id, "crack dictionary", le_crack); ++ ZEND_FETCH_RESOURCE(pwdict, PWDICT *, &dictionary, id, "crack dictionary", le_crack); + +- message = cracklib_fascist_look_ex(pwdict, password, username, gecos); ++ message = FascistLookUser(pwdict, password, username, gecos); + + if (NULL == message) { Added: head/security/pecl-crack/files/patch-tests ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pecl-crack/files/patch-tests Tue Apr 14 01:27:51 2015 (r383970) @@ -0,0 +1,56 @@ +Add a few tests to verify basic usage. Additional contributions welcome. + + -mi + ++++ tests/002.phpt 2015-04-13 20:40:26.000000000 -0400 +@@ -0,0 +1,16 @@ ++--TEST-- ++Verify rejection of very simple password ++--SKIPIF-- ++--POST-- ++--GET-- ++--FILE-- ++ ++--EXPECT-- ++Good, password 'password' rejected ++++ tests/003.phpt 2015-04-13 20:48:28.000000000 -0400 +@@ -0,0 +1,15 @@ ++--TEST-- ++Verify rejection of password identical to username ++--SKIPIF-- ++--POST-- ++--GET-- ++--FILE-- ++ ++--EXPECTREGEX-- ++Good, password identical to username rejected ++++ tests/004.phpt 2015-04-13 20:40:43.000000000 -0400 +@@ -0,0 +1,15 @@ ++--TEST-- ++Verify acceptance of good password ++--SKIPIF-- ++--POST-- ++--GET-- ++--FILE-- ++ ++--EXPECT-- ++Good, harsh password accepted Added: head/security/pecl-crack/files/patch-use-real-libcrack ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/pecl-crack/files/patch-use-real-libcrack Tue Apr 14 01:27:51 2015 (r383970) @@ -0,0 +1,9 @@ +--- config.m4 2005-09-21 05:00:06.000000000 -0400 ++++ config.m4 2015-04-09 21:44:51.000000000 -0400 +@@ -9,6 +9,4 @@ + + if test "$PHP_CRACK" != "yes"; then +- AC_MSG_ERROR(Only the bundled library is supported right now) +- + for i in $PHP_CRACK/lib $PHP_CRACK/cracklib /usr/local/lib /usr/lib; do + test -f $i/libcrack.$SHLIB_SUFFIX_NAME -o -f $i/libcrack.a && CRACK_LIBDIR=$i && break