Tinderbox uses a hardcoded filename of index.php to refer to itself in hyperlinks within the application. When used with Apache (and likely other web servers) a correctly defined DirectoryIndex can remove the requirement to include the filename in these links. This (the HIDE_PHP knob) then assists in not easily disclosing the use of PHP when used in a public space. In addition to this, disclosure of log files may not be desired and while the "log" links can be controlled using "Allow from" controls, the display_markup_log action does not support any equivalent. A second option (the HIDE_MARKUP knob) removes the links from uses of "markup" and disables the use of the action by forcing a build and port identifier of -1 which does not exist. Both are off by default. Fix: Attached diff can be downloaded from: http://www.downtools.com.au/~jarrod/FreeBSD/ports-mgmt-tinderbox-WITH_HIDE_PHP.diff
Responsible Changed From-To: freebsd-ports-bugs->itetcu Over to maintainer (via the GNATS Auto Assign Tool)
Responsible Changed From-To: itetcu->crees Over to new maintainer.
Author: crees Date: Tue Mar 25 20:49:20 2014 New Revision: 349193 URL: http://svnweb.freebsd.org/changeset/ports/349193 QAT: https://qat.redports.org/buildarchive/r349193/ Log: Fix enterBuild-- also fixed upstream PR: ports/184943 Submitted by: Anes Mukhametov <anes@anes.su> Allow masking of PHP use and markup logs PR: ports/167601 Submitted by: Jarrod Sayers <jarrod@downtools.com.au> Added: head/ports-mgmt/tinderbox/files/patch-enterbuild (contents, props changed) Modified: head/ports-mgmt/tinderbox/Makefile Modified: head/ports-mgmt/tinderbox/Makefile ============================================================================== --- head/ports-mgmt/tinderbox/Makefile Tue Mar 25 20:34:56 2014 (r349192) +++ head/ports-mgmt/tinderbox/Makefile Tue Mar 25 20:49:20 2014 (r349193) @@ -3,6 +3,7 @@ PORTNAME= tinderbox PORTVERSION= 4.1.0 +PORTREVISION= 1 CATEGORIES= ports-mgmt MASTER_SITES= http://tinderbox.marcuscom.com/ \ http://T32.TecNik93.com/FreeBSD/ports/${PORTNAME}/sources/ @@ -21,7 +22,7 @@ OPTIONS_MULTI_DB= PGSQL MYSQL SQLITE OPTIONS_RADIO= WEB OPTIONS_RADIO_WEB= APACHE HIAWATHA LIGHTTPD NGINX -OPTIONS_DEFINE= CHECK_ROOT EMAILS LSOF LOG_COMPRESS +OPTIONS_DEFINE= CHECK_ROOT EMAILS LSOF LOG_COMPRESS HIDE_PHP HIDE_MARKUP CHECK_ROOT_DESC= Check if ./tc is run by uid 0 EMAILS_DESC= Support for build failure/completion emails @@ -29,6 +30,8 @@ LSOF_DESC= For killMountProcesses() whe LOG_COMPRESS_DESC= Support bzip log compression HIAWATHA_DESC= Hiawatha server NGINX_DESC= Nginx server +HIDE_PHP_DESC= Hide index.php in webui templates +HIDE_MARKUP_DESC= Hide display_markup_log action OPTIONS_DEFAULT= MYSQL APACHE CHECK_ROOT EMAILS LSOF \ LOG_COMPRESS @@ -101,6 +104,18 @@ post-patch: ${REINPLACE_CMD} -e 's/^if \[ `id -u` != 0 \]; then/if false; then/' \ ${WRKSRC}/tc .endif +.if defined(WEBUI) +. if ${PORT_OPTIONS:MHIDE_PHP} + @${REINPLACE_CMD} -e 's#index.php\?#\?#g;s#index.php#\?#g' \ + ${WRKSRC}/webui/templates/*/*.tpl +. endif +. if ${PORT_OPTIONS:MHIDE_MARKUP} + @${REINPLACE_CMD} -e 's#<a href="[^"]*">markup</a>#markup#g' \ + -e 's#>markup_log.*;#>markup_log(-1,-1)#g' \ + ${WRKSRC}/webui/templates/*/*.tpl ${WRKSRC}/webui/index.php +. endif +.endif + @${FIND} ${WRKSRC} -name '*.orig' -or -name '*.bak' -delete do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/tinderbox/scripts Added: head/ports-mgmt/tinderbox/files/patch-enterbuild ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/ports-mgmt/tinderbox/files/patch-enterbuild Tue Mar 25 20:49:20 2014 (r349193) @@ -0,0 +1,17 @@ +diff -u lib/tc_command.sh.orig lib/tc_command.sh +--- lib/tc_command.sh.orig ++++ lib/tc_command.sh +@@ -1284,11 +1284,12 @@ enterBuild () { + return 1 + fi + ++ tc=$(tinderLoc scripts tc) + portstree=$(${tc} getPortsTreeForBuild -b ${build}) + sleepName=$(echo ${portDir} | sed -e 'y/\//_/') + buildPortFullDir=${buildRoot}/usr/ports/${portDir} + portsTreeDir=$(tinderLoc portstree ${portstree}) +- portFullDir=${portsTreeDir}/${portDir} ++ portFullDir=${portsTreeDir}/ports/${portDir} + + if [ ! -d ${portFullDir} ]; then + echo "enterBuild: Build environment does not exist yet, sleeping." _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!
Author: crees Date: Mon Apr 7 18:02:17 2014 New Revision: 350530 URL: http://svnweb.freebsd.org/changeset/ports/350530 QAT: https://qat.redports.org/buildarchive/r350530/ Log: Fix with HIDE_MARKUP option PR: ports/167601 Submitted by: Jarrod Sayers Modified: head/ports-mgmt/tinderbox/Makefile Modified: head/ports-mgmt/tinderbox/Makefile ============================================================================== --- head/ports-mgmt/tinderbox/Makefile Mon Apr 7 17:43:20 2014 (r350529) +++ head/ports-mgmt/tinderbox/Makefile Mon Apr 7 18:02:17 2014 (r350530) @@ -111,7 +111,7 @@ post-patch: . endif . if ${PORT_OPTIONS:MHIDE_MARKUP} @${REINPLACE_CMD} -e 's#<a href="[^"]*">markup</a>#markup#g' \ - -e 's#>markup_log.*;#>markup_log(-1,-1)#g' \ + -e 's#>markup_log.*;#>markup_log(-1,-1);#g' \ ${WRKSRC}/webui/templates/*/*.tpl ${WRKSRC}/webui/index.php . endif .endif _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"