Attachment #189057 for bug #224545

View | Details | Raw Unified | Return to bug 224545
Collapse All | Expand All




# Created by: Franco Fichtner <franco@opnsense.org>
# $FreeBSD$

PORTNAME=	snuffleupagus
PORTVERSION=	0.1.0
DISTVERSIONPREFIX=v
CATEGORIES=	security

MAINTAINER=	franco@opnsense.org
COMMENT=	Security module for PHP 7+

LICENSE=	LGPL3
LICENSE_FILE=	${WRKSRC}/../LICENSE

IGNORE_WITH_PHP=56

LIB_DEPENDS=	libpcre.so:devel/pcre

WRKSRC_SUBDIR=	src

USES=		localbase:ldflags php:ext
USE_PHP=	hash:build

USE_GITHUB=	yes
GH_ACCOUNT=	nbs-system

CONFIGURE_ARGS=	--enable-snuffleupagus

.include <bsd.port.mk>

Added Link Here

(-)b/security/snuffleupagus/distinfo (+3 lines)
1	TIMESTAMP = 1513844643
2	SHA256 (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 7b3432e46ecdd1eb78666ee03475bbc2e50b1bd4de71a8d5a03c7d90168a004a
3	SIZE (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 3898803




--- sp_network_utils.c.orig	2017-12-21 22:34:33 UTC
+++ sp_network_utils.c
@@ -23,15 +23,8 @@ static inline bool cidr4_match(const str
 
 static inline bool cidr6_match(const struct in6_addr address,
                                const struct in6_addr network, uint8_t bits) {
-  //#ifdef LINUX
-  const uint32_t *a = address.s6_addr32;
-  const uint32_t *n = network.s6_addr32;
-  /*
-#else
   const uint32_t *a = address.__u6_addr.__u6_addr32;
   const uint32_t *n = network.__u6_addr.__u6_addr32;
-#endif
-*/
   int bits_whole = bits >> 5;         // number of whole u32
   int bits_incomplete = bits & 0x1F;  // number of bits in incomplete u32
   if (bits_whole) {

Added Link Here

(-)b/security/snuffleupagus/pkg-descr (+7 lines)
1	Snuffleupagus is a PHP7+ module designed to drastically raise the cost
2	of attacks against websites. This is achieved by killing entire bug
3	classes and providing a powerful virtual-patching system, allowing the
4	administrator to fix specific vulnerabilities without having to touch
5	the PHP code.
6
7	WWW: https://snuffleupagus.readthedocs.io/

Return to bug 224545

Added Link Here

(-)b/security/snuffleupagus/Makefile (+29 lines)
1	# Created by: Franco Fichtner <franco@opnsense.org>
2	# $FreeBSD$
3
4	PORTNAME= snuffleupagus
5	PORTVERSION= 0.1.0
6	DISTVERSIONPREFIX=v
7	CATEGORIES= security
8
9	MAINTAINER= franco@opnsense.org
10	COMMENT= Security module for PHP 7+
11
12	LICENSE= LGPL3
13	LICENSE_FILE= ${WRKSRC}/../LICENSE
14
15	IGNORE_WITH_PHP=56
16
17	LIB_DEPENDS= libpcre.so:devel/pcre
18
19	WRKSRC_SUBDIR= src
20
21	USES= localbase:ldflags php:ext
22	USE_PHP= hash:build
23
24	USE_GITHUB= yes
25	GH_ACCOUNT= nbs-system
26
27	CONFIGURE_ARGS= --enable-snuffleupagus
28
29	.include <bsd.port.mk>

Added Link Here

(-)b/security/snuffleupagus/files/patch-sp__network__utils.c (+18 lines)
1	--- sp_network_utils.c.orig 2017-12-21 22:34:33 UTC
2	+++ sp_network_utils.c
3	@@ -23,15 +23,8 @@ static inline bool cidr4_match(const str
4
5	static inline bool cidr6_match(const struct in6_addr address,
6	const struct in6_addr network, uint8_t bits) {
7	- //#ifdef LINUX
8	- const uint32_t *a = address.s6_addr32;
9	- const uint32_t *n = network.s6_addr32;
10	- /*
11	-#else
12	const uint32_t *a = address.__u6_addr.__u6_addr32;
13	const uint32_t *n = network.__u6_addr.__u6_addr32;
14	-#endif
15	-*/
16	int bits_whole = bits >> 5; // number of whole u32
17	int bits_incomplete = bits & 0x1F; // number of bits in incomplete u32
18	if (bits_whole) {