Bug 86608

Summary: lang/php5: Enhancement to allow dynamic open_basedir when using Virtual Dynamic Hosts with php5/apache
Product: Ports & Packages Reporter: Lee Brotherston <freebsd>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Lee Brotherston 2005-09-26 19:30:15 UTC 
A problem which crops up again and again with php is when using vhosts a user wants to do something like:

<VirtualHost 82.70.196.65:80>
    VirtualDocumentRoot /data/www/%0
    ServerName %0
    php_admin_value open_basedir %0
</VirtualHost>

Which works... apart from the open_basedir as apache does not expand the %0.  The patch means that the keyphrase of VIRTUAL_DOCUMENT_ROOT will dynamically set the basedir to the VirtualDocumentRoot, which for security reasons is a good thing :)

I cannot claim to have written this patch I found it on a forum (http://www.phpbuilder.com/lists/php-developer-list/2000101/0994.php) written by Jason Greene.  I merely tweaked it to work with the lang/php5 port.

Fix: 

/* Special case basedir==".": Use script-directory */
        if (strcmp(basedir, ".") || !VCWD_GETCWD(local_open_basedir, MAXPATHLEN)) {--ZbadrICwOijNvIZXmh2lI6hoorgJPuc58QNgkxLEIR1ajoZd
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

--- main/fopen_wrappers.c.orig  Sun Sep 25 22:25:20 2005
+++ main/fopen_wrappers.c       Sun Sep 25 22:28:40 2005
@@ -95,8 +95,18 @@
        char resolved_name[MAXPATHLEN];
        char resolved_basedir[MAXPATHLEN];
        char local_open_basedir[MAXPATHLEN];
+       char *local_open_basedir_sub; /* Substring pointer for strstr */
        int resolved_basedir_len;
        int resolved_name_len;
+
+       if ((strcmp(PG(open_basedir), "VIRTUAL_DOCUMENT_ROOT") == 0) &&
+               SG(request_info).path_translated && *SG(request_info).path_translated  ) {
+
+               strlcpy(local_open_basedir, SG(request_info).path_translated, sizeof(local_open_basedir));
+               local_open_basedir_sub=strstr(local_open_basedir,SG(request_info).request_uri);
+               /* Now insert null to break apart the string */
+               if (local_open_basedir_sub) *local_open_basedir_sub = '\0';
+       } else
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2005-09-26 19:35:07 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->ale

Over to maintainer.
Comment 2 Martin Wilke freebsd_committer freebsd_triage 2009-05-17 11:49:40 UTC 
State Changed
From-To: open->closed

this was fixed years ago.