summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php-openid-2.2.2-cve-2013-4701.patch17
-rw-r--r--php-openid-2.2.2-requires-paths.patch548
-rw-r--r--php-pear-Auth-OpenID.spec151
3 files changed, 716 insertions, 0 deletions
diff --git a/php-openid-2.2.2-cve-2013-4701.patch b/php-openid-2.2.2-cve-2013-4701.patch
new file mode 100644
index 0000000..8529d1b
--- /dev/null
+++ b/php-openid-2.2.2-cve-2013-4701.patch
@@ -0,0 +1,17 @@
+diff -Nur php-openid-2.2.2.orig/Auth/Yadis/XML.php php-openid-2.2.2/Auth/Yadis/XML.php
+--- php-openid-2.2.2.orig/Auth/Yadis/XML.php 2011-01-19 15:25:39.000000000 -0700
++++ php-openid-2.2.2/Auth/Yadis/XML.php 2013-08-23 21:39:13.818386179 -0600
+@@ -235,6 +235,13 @@
+ }
+
+ if (!@$this->doc->loadXML($xml_string)) {
++ // disable external entities and libxml errors
++ $loader = libxml_disable_entity_loader(true);
++ $errors = libxml_use_internal_errors(true);
++ $parse_result = @$this->doc->loadXML($xml_string);
++ libxml_disable_entity_loader($loader);
++ libxml_use_internal_errors($errors);
++ if (!$parse_result) {
+ return false;
+ }
+
diff --git a/php-openid-2.2.2-requires-paths.patch b/php-openid-2.2.2-requires-paths.patch
new file mode 100644
index 0000000..c445990
--- /dev/null
+++ b/php-openid-2.2.2-requires-paths.patch
@@ -0,0 +1,548 @@
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Association.php php-openid-2.2.2.new/Auth/OpenID/Association.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Association.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Association.php 2011-03-22 21:10:52.000000000 -0600
+@@ -17,17 +17,17 @@
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/CryptUtil.php';
++require_once 'Auth_OpenID/OpenID/CryptUtil.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/KVForm.php';
++require_once 'Auth_OpenID/OpenID/KVForm.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/HMAC.php';
++require_once 'Auth_OpenID/OpenID/HMAC.php';
+
+ /**
+ * This class represents an association between a server and a
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/AX.php php-openid-2.2.2.new/Auth/OpenID/AX.php
+--- php-openid-2.2.2.orig/Auth/OpenID/AX.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/AX.php 2011-03-22 21:10:52.000000000 -0600
+@@ -10,9 +10,9 @@
+ /**
+ * Require utility classes and functions for the consumer.
+ */
+-require_once "Auth/OpenID/Extension.php";
+-require_once "Auth/OpenID/Message.php";
+-require_once "Auth/OpenID/TrustRoot.php";
++require_once "Auth_OpenID/OpenID/Extension.php";
++require_once "Auth_OpenID/OpenID/Message.php";
++require_once "Auth_OpenID/OpenID/TrustRoot.php";
+
+ define('Auth_OpenID_AX_NS_URI',
+ 'http://openid.net/srv/ax/1.0');
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/BigMath.php php-openid-2.2.2.new/Auth/OpenID/BigMath.php
+--- php-openid-2.2.2.orig/Auth/OpenID/BigMath.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/BigMath.php 2011-03-22 21:10:52.000000000 -0600
+@@ -18,12 +18,12 @@
+ /**
+ * Needed for random number generation
+ */
+-require_once 'Auth/OpenID/CryptUtil.php';
++require_once 'Auth_OpenID/OpenID/CryptUtil.php';
+
+ /**
+ * Need Auth_OpenID::bytes().
+ */
+-require_once 'Auth/OpenID.php';
++require_once 'Auth_OpenID/OpenID.php';
+
+ /**
+ * The superclass of all big-integer math implementations
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Consumer.php php-openid-2.2.2.new/Auth/OpenID/Consumer.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Consumer.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Consumer.php 2011-03-22 21:10:52.000000000 -0600
+@@ -160,18 +160,18 @@
+ /**
+ * Require utility classes and functions for the consumer.
+ */
+-require_once "Auth/OpenID.php";
+-require_once "Auth/OpenID/Message.php";
+-require_once "Auth/OpenID/HMAC.php";
+-require_once "Auth/OpenID/Association.php";
+-require_once "Auth/OpenID/CryptUtil.php";
+-require_once "Auth/OpenID/DiffieHellman.php";
+-require_once "Auth/OpenID/KVForm.php";
+-require_once "Auth/OpenID/Nonce.php";
+-require_once "Auth/OpenID/Discover.php";
+-require_once "Auth/OpenID/URINorm.php";
+-require_once "Auth/Yadis/Manager.php";
+-require_once "Auth/Yadis/XRI.php";
++require_once "Auth_OpenID/OpenID.php";
++require_once "Auth_OpenID/OpenID/Message.php";
++require_once "Auth_OpenID/OpenID/HMAC.php";
++require_once "Auth_OpenID/OpenID/Association.php";
++require_once "Auth_OpenID/OpenID/CryptUtil.php";
++require_once "Auth_OpenID/OpenID/DiffieHellman.php";
++require_once "Auth_OpenID/OpenID/KVForm.php";
++require_once "Auth_OpenID/OpenID/Nonce.php";
++require_once "Auth_OpenID/OpenID/Discover.php";
++require_once "Auth_OpenID/OpenID/URINorm.php";
++require_once "Auth_OpenID/Yadis/Manager.php";
++require_once "Auth_OpenID/Yadis/XRI.php";
+
+ /**
+ * This is the status code returned when the complete method returns
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/DiffieHellman.php php-openid-2.2.2.new/Auth/OpenID/DiffieHellman.php
+--- php-openid-2.2.2.orig/Auth/OpenID/DiffieHellman.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/DiffieHellman.php 2011-03-22 21:10:52.000000000 -0600
+@@ -14,8 +14,8 @@
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+-require_once 'Auth/OpenID.php';
+-require_once 'Auth/OpenID/BigMath.php';
++require_once 'Auth_OpenID/OpenID.php';
++require_once 'Auth_OpenID/OpenID/BigMath.php';
+
+ function Auth_OpenID_getDefaultMod()
+ {
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Discover.php php-openid-2.2.2.new/Auth/OpenID/Discover.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Discover.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Discover.php 2011-03-22 21:10:52.000000000 -0600
+@@ -4,11 +4,11 @@
+ * The OpenID and Yadis discovery implementation for OpenID 1.2.
+ */
+
+-require_once "Auth/OpenID.php";
+-require_once "Auth/OpenID/Parse.php";
+-require_once "Auth/OpenID/Message.php";
+-require_once "Auth/Yadis/XRIRes.php";
+-require_once "Auth/Yadis/Yadis.php";
++require_once "Auth_OpenID/OpenID.php";
++require_once "Auth_OpenID/OpenID/Parse.php";
++require_once "Auth_OpenID/OpenID/Message.php";
++require_once "Auth_OpenID/Yadis/XRIRes.php";
++require_once "Auth_OpenID/Yadis/Yadis.php";
+
+ // XML namespace value
+ define('Auth_OpenID_XMLNS_1_0', 'http://openid.net/xmlns/1.0');
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/DumbStore.php php-openid-2.2.2.new/Auth/OpenID/DumbStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/DumbStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/DumbStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -17,8 +17,8 @@
+ /**
+ * Import the interface for creating a new store class.
+ */
+-require_once 'Auth/OpenID/Interface.php';
+-require_once 'Auth/OpenID/HMAC.php';
++require_once 'Auth_OpenID/OpenID/Interface.php';
++require_once 'Auth_OpenID/OpenID/HMAC.php';
+
+ /**
+ * This is a store for use in the worst case, when you have no way of
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Extension.php php-openid-2.2.2.new/Auth/OpenID/Extension.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Extension.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Extension.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ /**
+ * Require the Message implementation.
+ */
+-require_once 'Auth/OpenID/Message.php';
++require_once 'Auth_OpenID/OpenID/Message.php';
+
+ /**
+ * A base class for accessing extension request and response data for
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/FileStore.php php-openid-2.2.2.new/Auth/OpenID/FileStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/FileStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/FileStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -17,10 +17,10 @@
+ /**
+ * Require base class for creating a new interface.
+ */
+-require_once 'Auth/OpenID.php';
+-require_once 'Auth/OpenID/Interface.php';
+-require_once 'Auth/OpenID/HMAC.php';
+-require_once 'Auth/OpenID/Nonce.php';
++require_once 'Auth_OpenID/OpenID.php';
++require_once 'Auth_OpenID/OpenID/Interface.php';
++require_once 'Auth_OpenID/OpenID/HMAC.php';
++require_once 'Auth_OpenID/OpenID/Nonce.php';
+
+ /**
+ * This is a filesystem-based store for OpenID associations and
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/HMAC.php php-openid-2.2.2.new/Auth/OpenID/HMAC.php
+--- php-openid-2.2.2.orig/Auth/OpenID/HMAC.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/HMAC.php 2011-03-22 21:10:52.000000000 -0600
+@@ -14,7 +14,7 @@
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+-require_once 'Auth/OpenID.php';
++require_once 'Auth_OpenID/OpenID.php';
+
+ /**
+ * SHA1_BLOCKSIZE is this module's SHA1 blocksize used by the fallback
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MDB2Store.php php-openid-2.2.2.new/Auth/OpenID/MDB2Store.php
+--- php-openid-2.2.2.orig/Auth/OpenID/MDB2Store.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/MDB2Store.php 2011-03-22 21:10:52.000000000 -0600
+@@ -18,17 +18,17 @@
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/Interface.php';
++require_once 'Auth_OpenID/OpenID/Interface.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID.php';
++require_once 'Auth_OpenID/OpenID.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/Nonce.php';
++require_once 'Auth_OpenID/OpenID/Nonce.php';
+
+ /**
+ * This store uses a PEAR::MDB2 connection to store persistence
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MemcachedStore.php php-openid-2.2.2.new/Auth/OpenID/MemcachedStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/MemcachedStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/MemcachedStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -18,7 +18,7 @@
+ /**
+ * Import the interface for creating a new store class.
+ */
+-require_once 'Auth/OpenID/Interface.php';
++require_once 'Auth_OpenID/OpenID/Interface.php';
+
+ /**
+ * This is a memcached-based store for OpenID associations and
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Message.php php-openid-2.2.2.new/Auth/OpenID/Message.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Message.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Message.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,10 +9,10 @@
+ /**
+ * Import tools needed to deal with messages.
+ */
+-require_once 'Auth/OpenID.php';
+-require_once 'Auth/OpenID/KVForm.php';
+-require_once 'Auth/Yadis/XML.php';
+-require_once 'Auth/OpenID/Consumer.php'; // For Auth_OpenID_FailureResponse
++require_once 'Auth_OpenID/OpenID.php';
++require_once 'Auth_OpenID/OpenID/KVForm.php';
++require_once 'Auth_OpenID/Yadis/XML.php';
++require_once 'Auth_OpenID/OpenID/Consumer.php'; // For Auth_OpenID_FailureResponse
+
+ // This doesn't REALLY belong here, but where is better?
+ define('Auth_OpenID_IDENTIFIER_SELECT',
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/MySQLStore.php php-openid-2.2.2.new/Auth/OpenID/MySQLStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/MySQLStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/MySQLStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ /**
+ * Require the base class file.
+ */
+-require_once "Auth/OpenID/SQLStore.php";
++require_once "Auth_OpenID/OpenID/SQLStore.php";
+
+ /**
+ * An SQL store that uses MySQL as its backend.
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Nonce.php php-openid-2.2.2.new/Auth/OpenID/Nonce.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Nonce.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Nonce.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ /**
+ * Need CryptUtil to generate random strings.
+ */
+-require_once 'Auth/OpenID/CryptUtil.php';
++require_once 'Auth_OpenID/OpenID/CryptUtil.php';
+
+ /**
+ * This is the characters that the nonces are made from.
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/PAPE.php php-openid-2.2.2.new/Auth/OpenID/PAPE.php
+--- php-openid-2.2.2.orig/Auth/OpenID/PAPE.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/PAPE.php 2011-03-22 21:10:52.000000000 -0600
+@@ -8,7 +8,7 @@
+ * http://openid.net/developers/specs/
+ */
+
+-require_once "Auth/OpenID/Extension.php";
++require_once "Auth_OpenID/OpenID/Extension.php";
+
+ define('Auth_OpenID_PAPE_NS_URI',
+ "http://specs.openid.net/extensions/pape/1.0");
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Parse.php php-openid-2.2.2.new/Auth/OpenID/Parse.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Parse.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Parse.php 2011-03-22 21:10:52.000000000 -0600
+@@ -82,7 +82,7 @@
+ /**
+ * Require Auth_OpenID::arrayGet().
+ */
+-require_once "Auth/OpenID.php";
++require_once "Auth_OpenID/OpenID.php";
+
+ class Auth_OpenID_Parse {
+
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/PostgreSQLStore.php php-openid-2.2.2.new/Auth/OpenID/PostgreSQLStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/PostgreSQLStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/PostgreSQLStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ /**
+ * Require the base class file.
+ */
+-require_once "Auth/OpenID/SQLStore.php";
++require_once "Auth_OpenID/OpenID/SQLStore.php";
+
+ /**
+ * An SQL store that uses PostgreSQL as its backend.
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/Server.php php-openid-2.2.2.new/Auth/OpenID/Server.php
+--- php-openid-2.2.2.orig/Auth/OpenID/Server.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/Server.php 2011-03-22 21:10:52.000000000 -0600
+@@ -92,16 +92,16 @@
+ /**
+ * Required imports
+ */
+-require_once "Auth/OpenID.php";
+-require_once "Auth/OpenID/Association.php";
+-require_once "Auth/OpenID/CryptUtil.php";
+-require_once "Auth/OpenID/BigMath.php";
+-require_once "Auth/OpenID/DiffieHellman.php";
+-require_once "Auth/OpenID/KVForm.php";
+-require_once "Auth/OpenID/TrustRoot.php";
+-require_once "Auth/OpenID/ServerRequest.php";
+-require_once "Auth/OpenID/Message.php";
+-require_once "Auth/OpenID/Nonce.php";
++require_once "Auth_OpenID/OpenID.php";
++require_once "Auth_OpenID/OpenID/Association.php";
++require_once "Auth_OpenID/OpenID/CryptUtil.php";
++require_once "Auth_OpenID/OpenID/BigMath.php";
++require_once "Auth_OpenID/OpenID/DiffieHellman.php";
++require_once "Auth_OpenID/OpenID/KVForm.php";
++require_once "Auth_OpenID/OpenID/TrustRoot.php";
++require_once "Auth_OpenID/OpenID/ServerRequest.php";
++require_once "Auth_OpenID/OpenID/Message.php";
++require_once "Auth_OpenID/OpenID/Nonce.php";
+
+ define('AUTH_OPENID_HTTP_OK', 200);
+ define('AUTH_OPENID_HTTP_REDIRECT', 302);
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/ServerRequest.php php-openid-2.2.2.new/Auth/OpenID/ServerRequest.php
+--- php-openid-2.2.2.orig/Auth/OpenID/ServerRequest.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/ServerRequest.php 2011-03-22 21:10:52.000000000 -0600
+@@ -17,7 +17,7 @@
+ /**
+ * Imports
+ */
+-require_once "Auth/OpenID.php";
++require_once "Auth_OpenID/OpenID.php";
+
+ /**
+ * Object that holds the state of a request to the OpenID server
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SQLiteStore.php php-openid-2.2.2.new/Auth/OpenID/SQLiteStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/SQLiteStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/SQLiteStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ /**
+ * Require the base class file.
+ */
+-require_once "Auth/OpenID/SQLStore.php";
++require_once "Auth_OpenID/OpenID/SQLStore.php";
+
+ /**
+ * An SQL store that uses SQLite as its backend.
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SQLStore.php php-openid-2.2.2.new/Auth/OpenID/SQLStore.php
+--- php-openid-2.2.2.orig/Auth/OpenID/SQLStore.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/SQLStore.php 2011-03-22 21:10:52.000000000 -0600
+@@ -16,18 +16,18 @@
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/Interface.php';
+-require_once 'Auth/OpenID/Nonce.php';
++require_once 'Auth_OpenID/OpenID/Interface.php';
++require_once 'Auth_OpenID/OpenID/Nonce.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID.php';
++require_once 'Auth_OpenID/OpenID.php';
+
+ /**
+ * @access private
+ */
+-require_once 'Auth/OpenID/Nonce.php';
++require_once 'Auth_OpenID/OpenID/Nonce.php';
+
+ /**
+ * This is the parent class for the SQL stores, which contains the
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/SReg.php php-openid-2.2.2.new/Auth/OpenID/SReg.php
+--- php-openid-2.2.2.orig/Auth/OpenID/SReg.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/SReg.php 2011-03-22 21:10:52.000000000 -0600
+@@ -42,8 +42,8 @@
+ /**
+ * Import message and extension internals.
+ */
+-require_once 'Auth/OpenID/Message.php';
+-require_once 'Auth/OpenID/Extension.php';
++require_once 'Auth_OpenID/OpenID/Message.php';
++require_once 'Auth_OpenID/OpenID/Extension.php';
+
+ // The data fields that are listed in the sreg spec
+ global $Auth_OpenID_sreg_data_fields;
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/TrustRoot.php php-openid-2.2.2.new/Auth/OpenID/TrustRoot.php
+--- php-openid-2.2.2.orig/Auth/OpenID/TrustRoot.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/TrustRoot.php 2011-03-22 21:10:52.000000000 -0600
+@@ -12,7 +12,7 @@
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+-require_once 'Auth/OpenID/Discover.php';
++require_once 'Auth_OpenID/OpenID/Discover.php';
+
+ /**
+ * A regular expression that matches a domain ending in a top-level domains.
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID/URINorm.php php-openid-2.2.2.new/Auth/OpenID/URINorm.php
+--- php-openid-2.2.2.orig/Auth/OpenID/URINorm.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID/URINorm.php 2011-03-22 21:10:52.000000000 -0600
+@@ -9,7 +9,7 @@
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+-require_once 'Auth/Yadis/Misc.php';
++require_once 'Auth_OpenID/Yadis/Misc.php';
+
+ // from appendix B of rfc 3986 (http://www.ietf.org/rfc/rfc3986.txt)
+ function Auth_OpenID_getURIPattern()
+diff -Naur php-openid-2.2.2.orig/Auth/OpenID.php php-openid-2.2.2.new/Auth/OpenID.php
+--- php-openid-2.2.2.orig/Auth/OpenID.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/OpenID.php 2011-03-22 21:10:49.000000000 -0600
+@@ -25,10 +25,10 @@
+ /**
+ * Require the fetcher code.
+ */
+-require_once "Auth/Yadis/PlainHTTPFetcher.php";
+-require_once "Auth/Yadis/ParanoidHTTPFetcher.php";
+-require_once "Auth/OpenID/BigMath.php";
+-require_once "Auth/OpenID/URINorm.php";
++require_once "Auth_OpenID/Yadis/PlainHTTPFetcher.php";
++require_once "Auth_OpenID/Yadis/ParanoidHTTPFetcher.php";
++require_once "Auth_OpenID/OpenID/BigMath.php";
++require_once "Auth_OpenID/OpenID/URINorm.php";
+
+ /**
+ * Status code returned by the server when the only option is to show
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/HTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/HTTPFetcher.php
+--- php-openid-2.2.2.orig/Auth/Yadis/HTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/HTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600
+@@ -16,7 +16,7 @@
+ /**
+ * Require logging functionality
+ */
+-require_once "Auth/OpenID.php";
++require_once "Auth_OpenID/OpenID.php";
+
+ define('Auth_OpenID_FETCHER_MAX_RESPONSE_KB', 1024);
+ define('Auth_OpenID_USER_AGENT',
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/ParanoidHTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/ParanoidHTTPFetcher.php
+--- php-openid-2.2.2.orig/Auth/Yadis/ParanoidHTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/ParanoidHTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600
+@@ -16,9 +16,9 @@
+ /**
+ * Interface import
+ */
+-require_once "Auth/Yadis/HTTPFetcher.php";
++require_once "Auth_OpenID/Yadis/HTTPFetcher.php";
+
+-require_once "Auth/OpenID.php";
++require_once "Auth_OpenID/OpenID.php";
+
+ /**
+ * A paranoid {@link Auth_Yadis_HTTPFetcher} class which uses CURL
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/PlainHTTPFetcher.php php-openid-2.2.2.new/Auth/Yadis/PlainHTTPFetcher.php
+--- php-openid-2.2.2.orig/Auth/Yadis/PlainHTTPFetcher.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/PlainHTTPFetcher.php 2011-03-22 21:10:55.000000000 -0600
+@@ -17,7 +17,7 @@
+ /**
+ * Interface import
+ */
+-require_once "Auth/Yadis/HTTPFetcher.php";
++require_once "Auth_OpenID/Yadis/HTTPFetcher.php";
+
+ /**
+ * This class implements a plain, hand-built socket-based fetcher
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRDS.php php-openid-2.2.2.new/Auth/Yadis/XRDS.php
+--- php-openid-2.2.2.orig/Auth/Yadis/XRDS.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/XRDS.php 2011-03-22 21:10:55.000000000 -0600
+@@ -16,7 +16,7 @@
+ /**
+ * Require the XPath implementation.
+ */
+-require_once 'Auth/Yadis/XML.php';
++require_once 'Auth_OpenID/Yadis/XML.php';
+
+ /**
+ * This match mode means a given service must match ALL filters passed
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRI.php php-openid-2.2.2.new/Auth/Yadis/XRI.php
+--- php-openid-2.2.2.orig/Auth/Yadis/XRI.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/XRI.php 2011-03-22 21:10:55.000000000 -0600
+@@ -9,9 +9,9 @@
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
+ */
+
+-require_once 'Auth/Yadis/Misc.php';
+-require_once 'Auth/Yadis/Yadis.php';
+-require_once 'Auth/OpenID.php';
++require_once 'Auth_OpenID/Yadis/Misc.php';
++require_once 'Auth_OpenID/Yadis/Yadis.php';
++require_once 'Auth_OpenID/OpenID.php';
+
+ function Auth_Yadis_getDefaultProxy()
+ {
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/XRIRes.php php-openid-2.2.2.new/Auth/Yadis/XRIRes.php
+--- php-openid-2.2.2.orig/Auth/Yadis/XRIRes.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/XRIRes.php 2011-03-22 21:10:55.000000000 -0600
+@@ -4,8 +4,8 @@
+ * Code for using a proxy XRI resolver.
+ */
+
+-require_once 'Auth/Yadis/XRDS.php';
+-require_once 'Auth/Yadis/XRI.php';
++require_once 'Auth_OpenID/Yadis/XRDS.php';
++require_once 'Auth_OpenID/Yadis/XRI.php';
+
+ class Auth_Yadis_ProxyResolver {
+ function Auth_Yadis_ProxyResolver($fetcher, $proxy_url = null)
+diff -Naur php-openid-2.2.2.orig/Auth/Yadis/Yadis.php php-openid-2.2.2.new/Auth/Yadis/Yadis.php
+--- php-openid-2.2.2.orig/Auth/Yadis/Yadis.php 2011-03-22 21:09:55.000000000 -0600
++++ php-openid-2.2.2.new/Auth/Yadis/Yadis.php 2011-03-22 21:10:55.000000000 -0600
+@@ -17,18 +17,18 @@
+ * Need both fetcher types so we can use the right one based on the
+ * presence or absence of CURL.
+ */
+-require_once "Auth/Yadis/PlainHTTPFetcher.php";
+-require_once "Auth/Yadis/ParanoidHTTPFetcher.php";
++require_once "Auth_OpenID/Yadis/PlainHTTPFetcher.php";
++require_once "Auth_OpenID/Yadis/ParanoidHTTPFetcher.php";
+
+ /**
+ * Need this for parsing HTML (looking for META tags).
+ */
+-require_once "Auth/Yadis/ParseHTML.php";
++require_once "Auth_OpenID/Yadis/ParseHTML.php";
+
+ /**
+ * Need this to parse the XRDS document during Yadis discovery.
+ */
+-require_once "Auth/Yadis/XRDS.php";
++require_once "Auth_OpenID/Yadis/XRDS.php";
+
+ /**
+ * XRDS (yadis) content type
+@@ -165,7 +165,7 @@
+ *
+ * First, require this library into your program source:
+ *
+- * <pre> require_once "Auth/Yadis/Yadis.php";</pre>
++ * <pre> require_once "Auth_OpenID/Yadis/Yadis.php";</pre>
+ *
+ * To perform Yadis discovery, first call the "discover" method
+ * statically with a URI parameter:
diff --git a/php-pear-Auth-OpenID.spec b/php-pear-Auth-OpenID.spec
new file mode 100644
index 0000000..413e080
--- /dev/null
+++ b/php-pear-Auth-OpenID.spec
@@ -0,0 +1,151 @@
+%{!?__pear: %{expand: %%global __pear %{_bindir}/pear}}
+%define pear_name Auth_OpenID
+
+Name: php-pear-Auth-OpenID
+Version: 2.2.2
+Release: 7%{?dist}
+Summary: PHP OpenID
+Group: Development/System
+License: ASL 2.0
+URL: http://www.janrain.com/openid-enabled
+# php-pear-Auth-OpenID is now hosted on github
+# https://github.com/openid/php-openid
+# downloading the tarball and repacking it from
+# openid-php-openid-2.2.2-0-ga287b2d.tar.gz to php-openid-2.2.2.tar.bz2
+Source0: php-openid-%{version}.tar.bz2
+
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
+BuildArch: noarch
+BuildRequires: php-pear >= 1:1.4.9-1.2
+BuildRequires: python
+Requires: php-pear(PEAR)
+Requires(post): php-pear
+Requires(postun): php-pear
+# Required for testing, but we need PHPUnit 1.x
+#Requires: php-pear-PHPUnit >= 1.1.1
+# part of the pear spec, but the version makes no sense
+#Requires: php-pear-DB >= 1.80
+Requires: php-pgsql
+Requires: php-mysql
+#Requires: php-sqlite
+Requires: php-bcmath
+Requires: php-pear-Net-Curl
+Provides: php-pear(%{pear_name}) = %{version}
+
+# This patch fixes the paths from Auth -> Auth_OpenID
+Patch0: php-openid-2.2.2-requires-paths.patch
+
+# Patch for CVE-2013-4701
+# https://github.com/openid/php-openid/commit/625c16bb28bb120d262b3f19f89c2c06cb9b0da9
+Patch1: php-openid-2.2.2-cve-2013-4701.patch
+
+%description
+An implementation of the OpenID single sign-on authentication
+protocol.
+
+%prep
+%setup -q -n php-openid-%{version}
+#
+# needed so we can execute packagexml.py
+#
+chmod +x admin/packagexml.py
+admin/packagexml.py %{version} admin/package2.xml README > %{pear_name}.xml
+
+# Fix the paths from Auth -> Auth_OpenID
+%patch0 -p1
+%patch1 -p1
+
+%build
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/%{pear_phpdir}/%{pear_name}/OpenID \
+ %{buildroot}/%{pear_phpdir}/%{pear_name}/Yadis
+pear install --nodeps --packagingroot %{buildroot} %{pear_name}.xml
+# The pear install is not yet complete, so we need to manually move in
+# some parts
+cp -a Auth/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/
+cp -a Auth/OpenID/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/OpenID/
+cp -a Auth/Yadis/*.php %{buildroot}/%{pear_phpdir}/%{pear_name}/Yadis/
+
+# Clean up unnecessary files
+rm -rf %{buildroot}%{pear_metadir}/.??*
+
+# Install XML package description
+mkdir -p %{buildroot}%{pear_xmldir}
+install -pm 644 %{pear_name}.xml %{buildroot}%{pear_xmldir}
+
+%clean
+rm -rf %{buildroot}
+
+%post
+pear install --nodeps --offline --soft --force --register-only \
+ %{pear_xmldir}/%{pear_name}.xml >/dev/null || :
+
+%postun
+if [ $1 -eq 0 ] ; then
+ pear uninstall --nodeps --ignore-errors --register-only \
+ %{pear_name} >/dev/null || :
+fi
+
+%files
+%defattr(-,root,root,-)
+%doc NEWS COPYING README examples
+
+%{pear_xmldir}/%{pear_name}.xml
+%{pear_phpdir}/%{pear_name}
+
+%changelog
+* Fri Aug 23 2013 Kevin Fenzi <kevin@scrye.com> 2.2.2-7
+- Patch for CVE-2013-4701
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Fri Feb 22 2013 Kevin Fenzi <kevin@scrye.com> 2.2.2-5
+- Fixed pear metadata directory location. Fixes FTBFS bug 914351
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Mar 22 2011 Kurt Seifried <kurt@seifried.org> - 2.2.2-1
+- Upgrade to 2.2.2
+- Corrected file paths for Fedora
+- Corrected chmod +x admin/packagexml.py
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Aug 1 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 2.1.1-6
+- Change documentation handling to use %%doc.
+
+* Wed Jul 30 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 2.1.1-5
+- Upgrade to 2.1.1.
+- Use php_dir instead of data_dir (Rakesh Pandit <rakesh.pandit@gmail.com>)
+- Fix CRLF (Peter Lemenkov <lemenkov@gmail.com> & R. Pandit)
+
+* Sun Feb 24 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 2.0.1-4
+- Update to 2.0.1.
+- Change license.
+- PEAR install method has regressed, some manual fixes are neccessary.
+- No testing done (needs too old PHPUnit).
+
+* Sat Feb 23 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.2.3-3
+- Update to 1.2.3.
+- Dropped PHPUnit 1.x dependency.
+
+* Mon Aug 6 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.2.2-2
+- Update to 1.2.2.
+
+* Thu Feb 1 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 1.2.1-1
+- Initial build.
+