diff --git a/lang/pear/Makefile b/lang/pear/Makefile index bdf7b156b529..6b4c328edea8 100644 --- a/lang/pear/Makefile +++ b/lang/pear/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.17 2011/05/16 13:05:01 taca Exp $ +# $NetBSD: Makefile,v 1.18 2011/06/19 15:40:21 taca Exp $ # -DISTNAME= PEAR-1.9.2 +DISTNAME= PEAR-1.9.3 PKGNAME= ${PHP_PKG_PREFIX}-${DISTNAME:S/PEAR/pear/} -PKGREVISION= 2 CATEGORIES= lang MASTER_SITES= http://download.pear.php.net/package/ EXTRACT_SUFX= .tgz @@ -46,6 +45,11 @@ EXTRACT_ONLY+= ${CONSOLE_SRCS} STRUCTURES_SRCS= Structures_Graph-1.0.4${EXTRACT_SUFX} DISTFILES+= ${STRUCTURES_SRCS} + +XMLUTIL_SRCS= XML_Util-1.2.1${EXTRACT_SUFX} +XMLUTIL_WRKSRC= ${WRKDIR}/${XMLUTIL_SRCS:S/${EXTRACT_SUFX}//} +DISTFILES+= ${XMLUTIL_SRCS} +EXTRACT_ONLY+= ${XMLUTIL_SRCS} # # end of base components @@ -76,6 +80,8 @@ do-build: ${BUNDLE}/${PEAR_SRCS:S/${EXTRACT_SUFX}/.tar/} ${GZCAT} ${DISTDIR}/${STRUCTURES_SRCS} > \ ${BUNDLE}/${STRUCTURES_SRCS:S/${EXTRACT_SUFX}/.tar/} + ${GZCAT} ${DISTDIR}/${XMLUTIL_SRCS} > \ + ${BUNDLE}/${XMLUTIL_SRCS:S/${EXTRACT_SUFX}/.tar/} ${CP} ${ARCHIVE_WRKSRC}/Archive/Tar.php ${BUNDLE} ${CP} ${CONSOLE_WRKSRC}/Console/Getopt.php ${BUNDLE} diff --git a/lang/pear/PLIST b/lang/pear/PLIST index 077b4c126653..365793edfb27 100644 --- a/lang/pear/PLIST +++ b/lang/pear/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.5 2009/10/29 08:29:03 seb Exp $ +@comment $NetBSD: PLIST,v 1.6 2011/06/19 15:40:21 taca Exp $ bin/pear bin/peardev bin/pecl @@ -17,6 +17,7 @@ lib/php/.registry/archive_tar.reg lib/php/.registry/console_getopt.reg lib/php/.registry/pear.reg lib/php/.registry/structures_graph.reg +lib/php/.registry/xml_util.reg lib/php/Archive/Tar.php lib/php/Console/Getopt.php lib/php/OS/Guess.php @@ -115,6 +116,7 @@ lib/php/Structures/Graph/Manipulator/AcyclicTest.php lib/php/Structures/Graph/Manipulator/TopologicalSorter.php lib/php/Structures/Graph/Node.php lib/php/System.php +lib/php/XML/Util.php lib/php/data/PEAR/package.dtd lib/php/data/PEAR/template.spec lib/php/data/Structures_Graph/LICENSE @@ -143,10 +145,31 @@ lib/php/doc/Structures_Graph/docs/html/media/stylesheet.css lib/php/doc/Structures_Graph/docs/html/packages.html lib/php/doc/Structures_Graph/docs/html/todolist.html lib/php/doc/Structures_Graph/docs/tutorials/Structures_Graph/Structures_Graph.pkg +lib/php/doc/XML_Util/examples/example.php +lib/php/doc/XML_Util/examples/example2.php lib/php/pearcmd.php lib/php/peclcmd.php lib/php/test/Structures_Graph/tests/AllTests.php lib/php/test/Structures_Graph/tests/testCase/BasicGraph.php +lib/php/test/XML_Util/tests/AllTests.php +lib/php/test/XML_Util/tests/testBasic_apiVersion.phpt +lib/php/test/XML_Util/tests/testBasic_attributesToString.phpt +lib/php/test/XML_Util/tests/testBasic_collapseEmptyTags.phpt +lib/php/test/XML_Util/tests/testBasic_createCDataSection.phpt +lib/php/test/XML_Util/tests/testBasic_createComment.phpt +lib/php/test/XML_Util/tests/testBasic_createEndElement.phpt +lib/php/test/XML_Util/tests/testBasic_createStartElement.phpt +lib/php/test/XML_Util/tests/testBasic_createTag.phpt +lib/php/test/XML_Util/tests/testBasic_createTagFromArray.phpt +lib/php/test/XML_Util/tests/testBasic_getDocTypeDeclaration.phpt +lib/php/test/XML_Util/tests/testBasic_getXmlDeclaration.phpt +lib/php/test/XML_Util/tests/testBasic_isValidName.phpt +lib/php/test/XML_Util/tests/testBasic_raiseError.phpt +lib/php/test/XML_Util/tests/testBasic_replaceEntities.phpt +lib/php/test/XML_Util/tests/testBasic_reverseEntities.phpt +lib/php/test/XML_Util/tests/testBasic_splitQualifiedName.phpt +lib/php/test/XML_Util/tests/testBug_4950.phpt +lib/php/test/XML_Util/tests/testBug_5392.phpt share/examples/pear/pear.conf @pkgdir lib/php/.registry/.channel.pecl.php.net @pkgdir lib/php/.registry/.channel.doc.php.net diff --git a/lang/pear/distinfo b/lang/pear/distinfo index 6703a83af059..3c55431095f2 100644 --- a/lang/pear/distinfo +++ b/lang/pear/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.9 2011/05/16 13:05:01 taca Exp $ +$NetBSD: distinfo,v 1.10 2011/06/19 15:40:21 taca Exp $ SHA1 (Archive_Tar-1.3.7.tgz) = 5b35a8c3bfa34ba8b29c5208f8f37504d0ce280c RMD160 (Archive_Tar-1.3.7.tgz) = 0b018556bf4d916440e0e661e714986edd728de2 @@ -6,11 +6,13 @@ Size (Archive_Tar-1.3.7.tgz) = 17610 bytes SHA1 (Console_Getopt-1.3.1.tgz) = 8f9ac495728ee9ba87edd109c3946f11ee72bc08 RMD160 (Console_Getopt-1.3.1.tgz) = aae10ad272bf2a66bc80d899f60cb8e630f90d16 Size (Console_Getopt-1.3.1.tgz) = 4471 bytes -SHA1 (PEAR-1.9.2.tgz) = 1dda2c7c1c87532f6a45a54b98521a2e9efa02b3 -RMD160 (PEAR-1.9.2.tgz) = f12b6a0a4600b0b227a88687c124b515621ca803 -Size (PEAR-1.9.2.tgz) = 295120 bytes +SHA1 (PEAR-1.9.3.tgz) = c214bb9d5e1fb9e3c5b99d2af9ae9501ccd55206 +RMD160 (PEAR-1.9.3.tgz) = eb227ec284d63e9df3d78863d2b9cf2952befe93 +Size (PEAR-1.9.3.tgz) = 295774 bytes SHA1 (Structures_Graph-1.0.4.tgz) = 00f5c2aefad0c3f6490e5ca95da87828e64ebc57 RMD160 (Structures_Graph-1.0.4.tgz) = d236ddff4a31cafa6fa750b4ec4a0849c48ad3f6 Size (Structures_Graph-1.0.4.tgz) = 30318 bytes -SHA1 (patch-PEAR_REST.php) = 996afa4ed9ca2d041dab2cb5dbf4bfdeb3fc9ec6 +SHA1 (XML_Util-1.2.1.tgz) = 8072216577fb9ad684f15e0388ab0b1c0b57e2d4 +RMD160 (XML_Util-1.2.1.tgz) = 9d9dd43889312f46f39c9a43a800a8f2d8f6e9b2 +Size (XML_Util-1.2.1.tgz) = 17729 bytes SHA1 (patch-aa) = 6de18a37aa927f7c84f31bdad9ce7f813ea3ee4e diff --git a/lang/pear/files/go-pear.php b/lang/pear/files/go-pear.php index c798c5afca2f..4aa5893e5ce5 100644 --- a/lang/pear/files/go-pear.php +++ b/lang/pear/files/go-pear.php @@ -35,7 +35,7 @@ * @author Tias Guns */ -/* $NetBSD: go-pear.php,v 1.2 2009/10/29 08:29:03 seb Exp $ */ +/* $NetBSD: go-pear.php,v 1.3 2011/06/19 15:40:21 taca Exp $ */ $sapi_name = php_sapi_name(); @@ -113,7 +113,8 @@ $bootstrap_files = array( $bootstrap_pkgs = array( // uses URL like http://pear.php.net/get/%s 'PEAR', - 'Structures_Graph' + 'Structures_Graph', + 'XML_Util', ); $installer_packages = array( @@ -121,6 +122,7 @@ $installer_packages = array( 'Structures_Graph-stable', 'Archive_Tar-stable', 'Console_Getopt-stable', + 'XML_Util-stable', ); $pfc_packages = array( diff --git a/lang/pear/patches/patch-PEAR_REST.php b/lang/pear/patches/patch-PEAR_REST.php deleted file mode 100644 index d5b46d6f3dce..000000000000 --- a/lang/pear/patches/patch-PEAR_REST.php +++ /dev/null @@ -1,146 +0,0 @@ -$NetBSD: patch-PEAR_REST.php,v 1.1 2011/05/16 13:05:01 taca Exp $ - -* Update to r309592 in PEAR's repository, fixing CVE-2011-1144. - ---- PEAR/REST.php.orig 2011-02-28 17:48:36.000000000 +0000 -+++ PEAR/REST.php -@@ -102,7 +102,7 @@ class PEAR_REST - // reset the age of the cache if the server says it was unmodified - $result = $this->saveCache($url, $ret, null, true, $cacheId); - if (PEAR::isError($result)) { -- return PEAR::raiseErro($result->getMessage()); -+ return PEAR::raiseError($result->getMessage()); - } - } - -@@ -122,7 +122,7 @@ class PEAR_REST - if ($forcestring) { - $result = $this->saveCache($url, $content, $lastmodified, false, $cacheId); - if (PEAR::isError($result)) { -- return PEAR::raiseErro($result->getMessage()); -+ return PEAR::raiseError($result->getMessage()); - } - - return $content; -@@ -162,7 +162,7 @@ class PEAR_REST - - $result = $this->saveCache($url, $content, $lastmodified, false, $cacheId); - if (PEAR::isError($result)) { -- return PEAR::raiseErro($result->getMessage()); -+ return PEAR::raiseError($result->getMessage()); - } - - return $content; -@@ -228,59 +228,75 @@ class PEAR_REST - $cacheidfile = $d . 'rest.cacheid'; - $cachefile = $d . 'rest.cachefile'; - -+ if (!is_dir($cache_dir)) { -+ if (System::mkdir(array('-p', $cache_dir)) === false) { -+ return PEAR::raiseError("The value of config option cache_dir ($cache_dir) is not a directory and attempts to create the directory failed."); -+ } -+ } -+ - if ($cacheid === null && $nochange) { - $cacheid = unserialize(implode('', file($cacheidfile))); - } - -- if (is_link($cacheidfile)) { -- return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $cacheidfile . ' as it is symlinked to ' . readlink($cacheidfile) . ' - Possible symlink attack'); -- } -+ $idData = serialize(array( -+ 'age' => time(), -+ 'lastChange' => ($nochange ? $cacheid['lastChange'] : $lastmodified), -+ )); - -- if (is_link($cachefile)) { -- return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $cacheidfile . ' as it is symlinked to ' . readlink($cacheidfile) . ' - Possible symlink attack'); -+ $result = $this->saveCacheFile($cacheidfile, $idData); -+ if (PEAR::isError($result)) { -+ return $result; -+ } elseif ($nochange) { -+ return true; - } - -- $cacheidfile_fp = @fopen($cacheidfile, 'wb'); -- if (!$cacheidfile_fp) { -- if (is_dir($cache_dir)) { -- return PEAR::raiseError("The value of config option cache_dir ($cache_dir) is not a directory. "); -+ $result = $this->saveCacheFile($cachefile, serialize($contents)); -+ if (PEAR::isError($result)) { -+ if (file_exists($cacheidfile)) { -+ @unlink($cacheidfile); - } - -- System::mkdir(array('-p', $cache_dir)); -- $cacheidfile_fp = @fopen($cacheidfile, 'wb'); -- if (!$cacheidfile_fp) { -- return PEAR::raiseError("Could not open $cacheidfile for writing."); -- } -+ return $result; - } - -- if ($nochange) { -- fwrite($cacheidfile_fp, serialize(array( -- 'age' => time(), -- 'lastChange' => $cacheid['lastChange'], -- )) -- ); -- -- fclose($cacheidfile_fp); -- return true; -- } -+ return true; -+ } - -- fwrite($cacheidfile_fp, serialize(array( -- 'age' => time(), -- 'lastChange' => $lastmodified, -- )) -- ); -- fclose($cacheidfile_fp); -+ function saveCacheFile($file, $contents) -+ { -+ $len = strlen($contents); - -- $cachefile_fp = @fopen($cachefile, 'wb'); -- if (!$cachefile_fp) { -- if (file_exists($cacheidfile)) { -- @unlink($cacheidfile); -+ $cachefile_fp = @fopen($file, 'xb'); // x is the O_CREAT|O_EXCL mode -+ if ($cachefile_fp !== false) { // create file -+ if (fwrite($cachefile_fp, $contents, $len) < $len) { -+ fclose($cachefile_fp); -+ return PEAR::raiseError("Could not write $file."); -+ } -+ } else { // update file -+ $cachefile_lstat = lstat($file); -+ $cachefile_fp = @fopen($file, 'wb'); -+ if (!$cachefile_fp) { -+ return PEAR::raiseError("Could not open $file for writing."); -+ } -+ -+ $cachefile_fstat = fstat($cachefile_fp); -+ if ( -+ $cachefile_lstat['mode'] == $cachefile_fstat['mode'] && -+ $cachefile_lstat['ino'] == $cachefile_fstat['ino'] && -+ $cachefile_lstat['dev'] == $cachefile_fstat['dev'] && -+ $cachefile_fstat['nlink'] === 1 -+ ) { -+ if (fwrite($cachefile_fp, $contents, $len) < $len) { -+ fclose($cachefile_fp); -+ return PEAR::raiseError("Could not write $file."); -+ } -+ } else { -+ fclose($cachefile_fp); -+ $link = function_exists('readlink') ? readlink($file) : $file; -+ return PEAR::raiseError('SECURITY ERROR: Will not write to ' . $file . ' as it is symlinked to ' . $link . ' - Possible symlink attack'); - } -- -- return PEAR::raiseError("Could not open $cacheidfile for writing."); - } - -- fwrite($cachefile_fp, serialize($contents)); - fclose($cachefile_fp); - return true; - }