Attachment #133545 for bug #178018

View | Details | Raw Unified | Return to bug 178018
Collapse All | Expand All




# $FreeBSD: mail/roundcube/Makefile 315455 2013-03-28 10:23:59Z ale $

PORTNAME=	roundcube
DISTVERSION=	0.9.0
PORTEPOCH=	1
CATEGORIES?=	mail www
MASTER_SITES=	SF/${PORTNAME}mail/${PORTNAME}mail/${DISTVERSION:U}


MYSQL_DESC=	Use MySQL backend
PGSQL_DESC=	Use PostgreSQL backend
SQLITE_DESC=	Use SQLite backend
SSL_DESC=	Enable SSL support (imaps or google spellcheck)
LDAP_DESC=	Enable LDAP support (address book)
GD_DESC=	Enable GD support (image convertion)

.endif

.if ${PORT_OPTIONS:MSQLITE}
USE_PHP+=	pdo_sqlite
.endif

.if ${PORT_OPTIONS:MSSL}

Lines 1-2 Link Here

(-)roundcube/distinfo (-2 / +2 lines)
1	SHA256 (roundcubemail-0.8.6.tar.gz) = 88128db0dc57651e08beb3c4811bc9e33aca1c39a50cfc9efb5d14b0baa17704	1	SHA256 (roundcubemail-0.9.0.tar.gz) = 7edab9579cd2a6353c30de3fcfc86da231f0a46f7ad4ce707090813173f662c2
2	SIZE (roundcubemail-0.8.6.tar.gz) = 3724565	2	SIZE (roundcubemail-0.9.0.tar.gz) = 3711615

Lines 1-10 Link Here

(-)roundcube/files/patch-program_include_iniset.php (-5 / +5 lines)
1	--- program/include/iniset.php.orig 2012-08-06 18:18:13.000000000 +0200	1	--- program/include/iniset.php.orig 2013-04-21 05:21:41.000000000 +0000
2	+++ program/include/iniset.php 2012-08-13 12:37:50.000000000 +0200	2	+++ program/include/iniset.php 2013-04-21 05:21:58.000000000 +0000
3	@@ -29,7 +29,6 @@	3	@@ -28,7 +28,6 @@
		4	// Some users are not using Installer, so we'll check some
4	// critical PHP settings here. Only these, which doesn't provide	5	// critical PHP settings here. Only these, which doesn't provide
5	// an error/warning in the logs later. See (#1486307).	6	// an error/warning in the logs later. See (#1486307).
6	'mbstring.func_overload' => 0,
7	- 'suhosin.session.encrypt' => 0,	7	- 'suhosin.session.encrypt' => 0,
8	'session.auto_start' => 0,	8	'session.auto_start' => 0,
9	'file_uploads' => 1,	9	'file_uploads' => 1,
10	'magic_quotes_runtime' => 0,	10	);




--- program/include/rcube_message.php.orig	2010-11-26 13:41:16.000000000 +0100
+++ program/include/rcube_message.php	2010-12-13 17:20:59.000000000 +0100
@@ -452,9 +452,7 @@
                 }
                 // part is a file/attachment
                 else if (preg_match('/^(inline|attach)/', $mail_part->disposition) ||
-                    $mail_part->headers['content-id'] ||
-                    ($mail_part->filename &&
-                        (empty($mail_part->disposition) || preg_match('/^[a-z0-9!#$&.+^_-]+$/i', $mail_part->disposition)))
+                    $mail_part->headers['content-id'] || $mail_part->filename
                 ) {
                     // skip apple resource forks
                     if ($message_ctype_secondary == 'appledouble' && $secondary_type == 'applefile')




--- program/include/rcube_session.php.orig	2012-08-06 18:18:13.000000000 +0200
+++ program/include/rcube_session.php	2012-08-13 12:44:54.000000000 +0200
@@ -37,7 +37,6 @@
   private $ip;
   private $start;
   private $changed;
-  private $unsets = array();
   private $gc_handlers = array();
   private $cookiename = 'roundcube_sessauth';
   private $vars;
@@ -134,7 +133,7 @@
     if ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
       $this->changed = strtotime($sql_arr['changed']);
       $this->ip      = $sql_arr['ip'];
-      $this->vars    = base64_decode($sql_arr['vars']);
+      $this->vars    = $sql_arr['vars'];
       $this->key     = $key;
 
       return !empty($this->vars) ? (string) $this->vars : '';
@@ -170,13 +169,13 @@
     }
 
     if ($oldvars !== null) {
-      $newvars = $this->_fixvars($vars, $oldvars);
+      $newvars = $vars;
 
       if ($newvars !== $oldvars) {
         $this->db->query(
           sprintf("UPDATE %s SET vars=?, changed=%s WHERE sess_id=?",
             get_table_name('session'), $now),
-          base64_encode($newvars), $key);
+          $newvars, $key);
       }
       else if ($ts - $this->changed > $this->lifetime / 2) {
         $this->db->query("UPDATE ".get_table_name('session')." SET changed=$now WHERE sess_id=?", $key);
@@ -187,7 +186,7 @@
         sprintf("INSERT INTO %s (sess_id, vars, ip, created, changed) ".
           "VALUES (?, ?, ?, %s, %s)",
           get_table_name('session'), $now, $now),
-        $key, base64_encode($vars), (string)$this->ip);
+        $key, $vars, (string)$this->ip);
     }
 
     return true;
@@ -195,29 +194,6 @@
 
 
   /**
-   * Merge vars with old vars and apply unsets
-   */
-  private function _fixvars($vars, $oldvars)
-  {
-    if ($oldvars !== null) {
-      $a_oldvars = $this->unserialize($oldvars);
-      if (is_array($a_oldvars)) {
-        foreach ((array)$this->unsets as $k)
-          unset($a_oldvars[$k]);
-
-        $newvars = $this->serialize(array_merge(
-          (array)$a_oldvars, (array)$this->unserialize($vars)));
-      }
-      else
-        $newvars = $vars;
-    }
-
-    $this->unsets = array();
-    return $newvars;
-  }
-
-
-  /**
    * Handler for session_destroy()
    *
    * @param string Session ID
@@ -296,7 +272,7 @@
     else // else read data again
       $oldvars = $this->mc_read($key);
 
-    $newvars = $oldvars !== null ? $this->_fixvars($vars, $oldvars) : $vars;
+    $newvars = $vars;
 
     if ($newvars !== $oldvars || $ts - $this->changed > $this->lifetime / 2)
       return $this->memcache->set($key, serialize(array('changed' => time(), 'ip' => $this->ip, 'vars' => $newvars)), MEMCACHE_COMPRESSED, $this->lifetime);
@@ -376,7 +352,6 @@
     if (empty($var))
       return $this->destroy(session_id());
 
-    $this->unsets[] = $var;
     unset($_SESSION[$var]);
 
     return true;

Return to bug 178018

Lines 1-7 Link Here

(-)roundcube/Makefile (-3 / +3 lines)
1	# $FreeBSD: mail/roundcube/Makefile 315455 2013-03-28 10:23:59Z ale $	1	# $FreeBSD: mail/roundcube/Makefile 315455 2013-03-28 10:23:59Z ale $
2		2
3	PORTNAME= roundcube	3	PORTNAME= roundcube
4	DISTVERSION= 0.8.6	4	DISTVERSION= 0.9.0
5	PORTEPOCH= 1	5	PORTEPOCH= 1
6	CATEGORIES?= mail www	6	CATEGORIES?= mail www
7	MASTER_SITES= SF/${PORTNAME}mail/${PORTNAME}mail/${DISTVERSION:U}	7	MASTER_SITES= SF/${PORTNAME}mail/${PORTNAME}mail/${DISTVERSION:U}
Lines 33-39 Link Here
33		33
34	MYSQL_DESC= Use MySQL backend	34	MYSQL_DESC= Use MySQL backend
35	PGSQL_DESC= Use PostgreSQL backend	35	PGSQL_DESC= Use PostgreSQL backend
36	SQLITE_DESC= Use SQLite backend (needs PHP 5.3 or below)	36	SQLITE_DESC= Use SQLite backend
37	SSL_DESC= Enable SSL support (imaps or google spellcheck)	37	SSL_DESC= Enable SSL support (imaps or google spellcheck)
38	LDAP_DESC= Enable LDAP support (address book)	38	LDAP_DESC= Enable LDAP support (address book)
39	GD_DESC= Enable GD support (image convertion)	39	GD_DESC= Enable GD support (image convertion)
Lines 51-57 Link Here
51	.endif	51	.endif
52		52
53	.if ${PORT_OPTIONS:MSQLITE}	53	.if ${PORT_OPTIONS:MSQLITE}
54	USE_PHP+= sqlite	54	USE_PHP+= pdo_sqlite
55	.endif	55	.endif
56		56
57	.if ${PORT_OPTIONS:MSSL}	57	.if ${PORT_OPTIONS:MSSL}

Lines 1-13 Link Here

(-)roundcube/files/patch-program_include_rcube_message.php (-13 lines)
1	--- program/include/rcube_message.php.orig 2010-11-26 13:41:16.000000000 +0100
2	+++ program/include/rcube_message.php 2010-12-13 17:20:59.000000000 +0100
3	@@ -452,9 +452,7 @@
4	}
5	// part is a file/attachment
6	else if (preg_match('/^(inline\|attach)/', $mail_part->disposition) \|\|
7	- $mail_part->headers['content-id'] \|\|
8	- ($mail_part->filename &&
9	- (empty($mail_part->disposition) \|\| preg_match('/^[a-z0-9!#$&.+^_-]+$/i', $mail_part->disposition)))
10	+ $mail_part->headers['content-id'] \|\| $mail_part->filename
11	) {
12	// skip apple resource forks
13	if ($message_ctype_secondary == 'appledouble' && $secondary_type == 'applefile')

Lines 1-91 Link Here

(-)roundcube/files/patch-program_include_rcube_session.php (-91 lines)
1	--- program/include/rcube_session.php.orig 2012-08-06 18:18:13.000000000 +0200
2	+++ program/include/rcube_session.php 2012-08-13 12:44:54.000000000 +0200
3	@@ -37,7 +37,6 @@
4	private $ip;
5	private $start;
6	private $changed;
7	- private $unsets = array();
8	private $gc_handlers = array();
9	private $cookiename = 'roundcube_sessauth';
10	private $vars;
11	@@ -134,7 +133,7 @@
12	if ($sql_result && ($sql_arr = $this->db->fetch_assoc($sql_result))) {
13	$this->changed = strtotime($sql_arr['changed']);
14	$this->ip = $sql_arr['ip'];
15	- $this->vars = base64_decode($sql_arr['vars']);
16	+ $this->vars = $sql_arr['vars'];
17	$this->key = $key;
18
19	return !empty($this->vars) ? (string) $this->vars : '';
20	@@ -170,13 +169,13 @@
21	}
22
23	if ($oldvars !== null) {
24	- $newvars = $this->_fixvars($vars, $oldvars);
25	+ $newvars = $vars;
26
27	if ($newvars !== $oldvars) {
28	$this->db->query(
29	sprintf("UPDATE %s SET vars=?, changed=%s WHERE sess_id=?",
30	get_table_name('session'), $now),
31	- base64_encode($newvars), $key);
32	+ $newvars, $key);
33	}
34	else if ($ts - $this->changed > $this->lifetime / 2) {
35	$this->db->query("UPDATE ".get_table_name('session')." SET changed=$now WHERE sess_id=?", $key);
36	@@ -187,7 +186,7 @@
37	sprintf("INSERT INTO %s (sess_id, vars, ip, created, changed) ".
38	"VALUES (?, ?, ?, %s, %s)",
39	get_table_name('session'), $now, $now),
40	- $key, base64_encode($vars), (string)$this->ip);
41	+ $key, $vars, (string)$this->ip);
42	}
43
44	return true;
45	@@ -195,29 +194,6 @@
46
47
48	/**
49	- * Merge vars with old vars and apply unsets
50	- */
51	- private function _fixvars($vars, $oldvars)
52	- {
53	- if ($oldvars !== null) {
54	- $a_oldvars = $this->unserialize($oldvars);
55	- if (is_array($a_oldvars)) {
56	- foreach ((array)$this->unsets as $k)
57	- unset($a_oldvars[$k]);
58	-
59	- $newvars = $this->serialize(array_merge(
60	- (array)$a_oldvars, (array)$this->unserialize($vars)));
61	- }
62	- else
63	- $newvars = $vars;
64	- }
65	-
66	- $this->unsets = array();
67	- return $newvars;
68	- }
69	-
70	-
71	- /**
72	* Handler for session_destroy()
73	*
74	* @param string Session ID
75	@@ -296,7 +272,7 @@
76	else // else read data again
77	$oldvars = $this->mc_read($key);
78
79	- $newvars = $oldvars !== null ? $this->_fixvars($vars, $oldvars) : $vars;
80	+ $newvars = $vars;
81
82	if ($newvars !== $oldvars \|\| $ts - $this->changed > $this->lifetime / 2)
83	return $this->memcache->set($key, serialize(array('changed' => time(), 'ip' => $this->ip, 'vars' => $newvars)), MEMCACHE_COMPRESSED, $this->lifetime);
84	@@ -376,7 +352,6 @@
85	if (empty($var))
86	return $this->destroy(session_id());
87
88	- $this->unsets[] = $var;
89	unset($_SESSION[$var]);
90
91	return true;