summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--composer.json30
-rwxr-xr-xphp-typo3-phar-stream-wrapper2-get-source.sh73
-rw-r--r--php-typo3-phar-stream-wrapper2.spec167
3 files changed, 270 insertions, 0 deletions
diff --git a/composer.json b/composer.json
new file mode 100644
index 0000000..e36b09e
--- /dev/null
+++ b/composer.json
@@ -0,0 +1,30 @@
+{
+ "name": "typo3/phar-stream-wrapper",
+ "description": "Interceptors for PHP's native phar:// stream handling",
+ "type": "library",
+ "license": "MIT",
+ "homepage": "https://typo3.org/",
+ "keywords": ["php", "phar", "stream-wrapper", "security"],
+ "require": {
+ "php": "^5.3.3|^7.0",
+ "ext-json": "*",
+ "brumann/polyfill-unserialize": "^1.0"
+ },
+ "require-dev": {
+ "ext-xdebug": "*",
+ "phpunit/phpunit": "^4.8.36"
+ },
+ "suggest": {
+ "ext-fileinfo": "For PHP builtin file type guessing, otherwise uses internal processing"
+ },
+ "autoload": {
+ "psr-4": {
+ "TYPO3\\PharStreamWrapper\\": "src/"
+ }
+ },
+ "autoload-dev": {
+ "psr-4": {
+ "TYPO3\\PharStreamWrapper\\Tests\\": "tests/"
+ }
+ }
+}
diff --git a/php-typo3-phar-stream-wrapper2-get-source.sh b/php-typo3-phar-stream-wrapper2-get-source.sh
new file mode 100755
index 0000000..b2ac62b
--- /dev/null
+++ b/php-typo3-phar-stream-wrapper2-get-source.sh
@@ -0,0 +1,73 @@
+#/bin/sh
+
+GIT=`which git`
+RPM=`which rpm`
+
+if [ -z "$GIT" ]
+then
+ echo "ERROR: 'git' command not found" 1>&2
+ exit 1
+elif [ -z "$RPM" ]
+then
+ echo "ERROR: 'rpm' command not found" 1>&2
+ exit 1
+fi
+
+function print {
+ echo -e "\e[0;33m>>>>> ${1}\e[0m"
+}
+
+if [ -x "$1" ]
+then
+ SPEC=$1
+else
+ SPEC=`ls *.spec | head -1`
+fi
+
+SPEC_DIR=`pwd`
+
+print "SPEC_DIR = $SPEC_DIR"
+
+NAME=`echo $SPEC | sed 's#\.spec##'`
+VERSION=`egrep '%global\s*github_version' $SPEC | awk '{print $3}'`
+
+print "SPEC = $SPEC"
+print "NAME = $NAME"
+
+GIT_OWNER=`egrep '%global\s*github_owner' $SPEC | awk '{print $3}'`
+GIT_NAME=`egrep '%global\s*github_name' $SPEC | awk '{print $3}'`
+GIT_COMMIT=`egrep '%global\s*github_commit' $SPEC | awk '{print $3}'`
+GIT_REPO=https://github.com/${GIT_OWNER}/${GIT_NAME}
+GIT_DIR=`echo $GIT_REPO | sed 's#.*/##'`
+
+print "GIT_OWNER = $GIT_OWNER"
+print "GIT_NAME = $GIT_NAME"
+print "GIT_COMMIT = $GIT_COMMIT"
+print "GIT_REPO = $GIT_REPO"
+print "GIT_DIR = $GIT_DIR"
+
+TEMP_DIR=$(mktemp --dir)
+
+pushd $TEMP_DIR
+ print "Cloning git repo..."
+ $GIT clone $GIT_REPO
+
+ pushd $GIT_DIR
+ print "Checking out commit..."
+ $GIT checkout $GIT_COMMIT
+ popd
+
+ TAR_DIR=${GIT_NAME}-${GIT_COMMIT}
+ print "TAR_DIR = $TAR_DIR"
+
+ mv $GIT_DIR $TAR_DIR
+
+ TAR_FILE=${SPEC_DIR}/${NAME}-${VERSION}-${GIT_COMMIT}.tar.gz
+ print "TAR_FILE = $TAR_FILE"
+
+ [ -e $TAR_FILE ] && rm -f $TAR_FILE
+ tar --exclude-vcs -czf $TAR_FILE $TAR_DIR
+ chmod 0644 $TAR_FILE
+popd
+
+rm -rf $TEMP_DIR
diff --git a/php-typo3-phar-stream-wrapper2.spec b/php-typo3-phar-stream-wrapper2.spec
new file mode 100644
index 0000000..98c7a10
--- /dev/null
+++ b/php-typo3-phar-stream-wrapper2.spec
@@ -0,0 +1,167 @@
+#
+# Fedora spec file for php-typo3-phar-stream-wrapper2
+#
+# Copyright (c) 2019 Shawn Iwinski <shawn@iwin.ski>
+#
+# License: MIT
+# http://opensource.org/licenses/MIT
+#
+# Please preserve changelog entries
+#
+
+%global github_owner TYPO3
+%global github_name phar-stream-wrapper
+%global github_version 2.1.2
+%global github_commit 057622f5a3b92a5ffbea0fbaadce573500a62870
+
+%global composer_vendor typo3
+%global composer_project phar-stream-wrapper
+
+# "php": "^5.3.3|^7.0"
+%global php_min_ver 5.3.3
+# "brumann/polyfill-unserialize": "^1.0"
+%global polyfill_unserialize_min_ver 1.0
+%global polyfill_unserialize_max_ver 2.0
+
+# Build using "--without tests" to disable tests
+%global with_tests 0%{!?_without_tests:1}
+
+%{!?phpdir: %global phpdir %{_datadir}/php}
+
+Name: php-%{composer_vendor}-%{composer_project}2
+Version: %{github_version}
+Release: 1%{?github_release}%{?dist}
+Summary: Interceptors for PHP's native phar:// stream handling (v2)
+
+License: MIT
+URL: https://github.com/%{github_owner}/%{github_name}
+
+# GitHub export does not include tests.
+# Run php-typo3-phar-stream-wrapper2-get-source.sh to create full source.
+Source0: %{name}-%{github_version}-%{github_commit}.tar.gz
+Source1: %{name}-get-source.sh
+
+BuildArch: noarch
+# Tests
+%if %{with_tests}
+## composer.json
+BuildRequires: php(language) >= %{php_min_ver}
+BuildRequires: php-composer(phpunit/phpunit)
+BuildRequires: php-fileinfo
+BuildRequires: php-json
+%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
+BuildRequires: (php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} with php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver})
+%else
+BuildRequires: php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver}
+BuildRequires: php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver}
+%endif
+## phpcompatinfo for version 2.1.2
+BuildRequires: php-pcre
+BuildRequires: php-pecl(opcache)
+BuildRequires: php-reflection
+BuildRequires: php-spl
+## Autoloader
+BuildRequires: php-composer(fedora/autoloader)
+%endif
+
+# composer.json
+Requires: php(language) >= %{php_min_ver}
+Requires: php-json
+%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
+Requires: (php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} with php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver})
+%else
+Requires: php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver}
+Requires: php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver}
+%endif
+# phpcompatinfo for version 2.1.2
+Requires: php-pcre
+Requires: php-spl
+# Autoloader
+Requires: php-composer(fedora/autoloader)
+
+# Weak dependencies
+%if 0%{?fedora} >= 21 || 0%{?rhel} >= 8
+Suggests: php-fileinfo
+Suggests: php-pecl(opcache)
+%endif
+
+# Composer
+Provides: php-composer(%{composer_vendor}/%{composer_project}) = %{version}
+
+%description
+%{summary}.
+
+Autoloader: %{phpdir}/TYPO3/PharStreamWrapper2/autoload.php
+
+
+%prep
+%setup -qn %{github_name}-%{github_commit}
+
+
+%build
+: Create autoloader
+cat <<'AUTOLOAD' | tee src/autoload.php
+<?php
+/**
+ * Autoloader for %{name} and its' dependencies
+ * (created by %{name}-%{version}-%{release}).
+ */
+require_once '%{phpdir}/Fedora/Autoloader/autoload.php';
+
+\Fedora\Autoloader\Autoload::addPsr4('TYPO3\\PharStreamWrapper\\', __DIR__);
+
+\Fedora\Autoloader\Dependencies::required(array(
+ '%{phpdir}/Brumann/Polyfill/autoload.php',
+));
+AUTOLOAD
+
+
+%install
+mkdir -p %{buildroot}%{phpdir}/TYPO3
+cp -rp src %{buildroot}%{phpdir}/TYPO3/PharStreamWrapper2
+
+
+%check
+%if %{with_tests}
+: Create tests bootstrap
+cat <<'BOOTSTRAP' | tee bootstrap.php
+<?php
+require '%{buildroot}%{phpdir}/TYPO3/PharStreamWrapper2/autoload.php';
+\Fedora\Autoloader\Autoload::addPsr4('TYPO3\\PharStreamWrapper\\Tests\\', __DIR__.'/tests');
+BOOTSTRAP
+
+: Upstream tests
+RETURN_CODE=0
+PHPUNIT=$(which phpunit)
+for PHP_EXEC in php php70 php71 php72 php73 php74; do
+ if [ "php" == "$PHP_EXEC" ] || which $PHP_EXEC; then
+ $PHP_EXEC $PHPUNIT --verbose \
+ --testsuite "unit tests" \
+ --bootstrap bootstrap.php || RETURN_CODE=1
+ fi
+done
+exit $RETURN_CODE
+%else
+: Tests skipped
+%endif
+
+
+%files
+%{!?_licensedir:%global license %%doc}
+%license LICENSE
+%doc *.md
+%doc composer.json
+%dir %{phpdir}/TYPO3
+ %{phpdir}/TYPO3/PharStreamWrapper2
+
+
+%changelog
+* Sun Jun 16 2019 Shawn Iwinski <shawn@iwin.ski> - 2.1.2-1
+- Update to 2.1.2 (RHBZ #1708652, #1708653, #1708646, #1708649)
+- https://typo3.org/security/advisory/typo3-psa-2019-007/
+- https://nvd.nist.gov/vuln/detail/CVE-2019-11831
+- https://typo3.org/security/advisory/typo3-psa-2019-008/
+- https://nvd.nist.gov/vuln/detail/CVE-2019-11830
+
+* Sat Feb 23 2019 Shawn Iwinski <shawn@iwin.ski> - 2.0.1-1
+- Initial package