diff options
-rw-r--r-- | composer.json | 30 | ||||
-rwxr-xr-x | php-typo3-phar-stream-wrapper2-get-source.sh | 73 | ||||
-rw-r--r-- | php-typo3-phar-stream-wrapper2.spec | 167 |
3 files changed, 270 insertions, 0 deletions
diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..e36b09e --- /dev/null +++ b/composer.json @@ -0,0 +1,30 @@ +{ + "name": "typo3/phar-stream-wrapper", + "description": "Interceptors for PHP's native phar:// stream handling", + "type": "library", + "license": "MIT", + "homepage": "https://typo3.org/", + "keywords": ["php", "phar", "stream-wrapper", "security"], + "require": { + "php": "^5.3.3|^7.0", + "ext-json": "*", + "brumann/polyfill-unserialize": "^1.0" + }, + "require-dev": { + "ext-xdebug": "*", + "phpunit/phpunit": "^4.8.36" + }, + "suggest": { + "ext-fileinfo": "For PHP builtin file type guessing, otherwise uses internal processing" + }, + "autoload": { + "psr-4": { + "TYPO3\\PharStreamWrapper\\": "src/" + } + }, + "autoload-dev": { + "psr-4": { + "TYPO3\\PharStreamWrapper\\Tests\\": "tests/" + } + } +} diff --git a/php-typo3-phar-stream-wrapper2-get-source.sh b/php-typo3-phar-stream-wrapper2-get-source.sh new file mode 100755 index 0000000..b2ac62b --- /dev/null +++ b/php-typo3-phar-stream-wrapper2-get-source.sh @@ -0,0 +1,73 @@ +#/bin/sh + +GIT=`which git` +RPM=`which rpm` + +if [ -z "$GIT" ] +then + echo "ERROR: 'git' command not found" 1>&2 + exit 1 +elif [ -z "$RPM" ] +then + echo "ERROR: 'rpm' command not found" 1>&2 + exit 1 +fi + +function print { + echo -e "\e[0;33m>>>>> ${1}\e[0m" +} + +if [ -x "$1" ] +then + SPEC=$1 +else + SPEC=`ls *.spec | head -1` +fi + +SPEC_DIR=`pwd` + +print "SPEC_DIR = $SPEC_DIR" + +NAME=`echo $SPEC | sed 's#\.spec##'` +VERSION=`egrep '%global\s*github_version' $SPEC | awk '{print $3}'` + +print "SPEC = $SPEC" +print "NAME = $NAME" + +GIT_OWNER=`egrep '%global\s*github_owner' $SPEC | awk '{print $3}'` +GIT_NAME=`egrep '%global\s*github_name' $SPEC | awk '{print $3}'` +GIT_COMMIT=`egrep '%global\s*github_commit' $SPEC | awk '{print $3}'` +GIT_REPO=https://github.com/${GIT_OWNER}/${GIT_NAME} +GIT_DIR=`echo $GIT_REPO | sed 's#.*/##'` + +print "GIT_OWNER = $GIT_OWNER" +print "GIT_NAME = $GIT_NAME" +print "GIT_COMMIT = $GIT_COMMIT" +print "GIT_REPO = $GIT_REPO" +print "GIT_DIR = $GIT_DIR" + +TEMP_DIR=$(mktemp --dir) + +pushd $TEMP_DIR + print "Cloning git repo..." + $GIT clone $GIT_REPO + + pushd $GIT_DIR + print "Checking out commit..." + $GIT checkout $GIT_COMMIT + popd + + TAR_DIR=${GIT_NAME}-${GIT_COMMIT} + print "TAR_DIR = $TAR_DIR" + + mv $GIT_DIR $TAR_DIR + + TAR_FILE=${SPEC_DIR}/${NAME}-${VERSION}-${GIT_COMMIT}.tar.gz + print "TAR_FILE = $TAR_FILE" + + [ -e $TAR_FILE ] && rm -f $TAR_FILE + tar --exclude-vcs -czf $TAR_FILE $TAR_DIR + chmod 0644 $TAR_FILE +popd + +rm -rf $TEMP_DIR diff --git a/php-typo3-phar-stream-wrapper2.spec b/php-typo3-phar-stream-wrapper2.spec new file mode 100644 index 0000000..98c7a10 --- /dev/null +++ b/php-typo3-phar-stream-wrapper2.spec @@ -0,0 +1,167 @@ +# +# Fedora spec file for php-typo3-phar-stream-wrapper2 +# +# Copyright (c) 2019 Shawn Iwinski <shawn@iwin.ski> +# +# License: MIT +# http://opensource.org/licenses/MIT +# +# Please preserve changelog entries +# + +%global github_owner TYPO3 +%global github_name phar-stream-wrapper +%global github_version 2.1.2 +%global github_commit 057622f5a3b92a5ffbea0fbaadce573500a62870 + +%global composer_vendor typo3 +%global composer_project phar-stream-wrapper + +# "php": "^5.3.3|^7.0" +%global php_min_ver 5.3.3 +# "brumann/polyfill-unserialize": "^1.0" +%global polyfill_unserialize_min_ver 1.0 +%global polyfill_unserialize_max_ver 2.0 + +# Build using "--without tests" to disable tests +%global with_tests 0%{!?_without_tests:1} + +%{!?phpdir: %global phpdir %{_datadir}/php} + +Name: php-%{composer_vendor}-%{composer_project}2 +Version: %{github_version} +Release: 1%{?github_release}%{?dist} +Summary: Interceptors for PHP's native phar:// stream handling (v2) + +License: MIT +URL: https://github.com/%{github_owner}/%{github_name} + +# GitHub export does not include tests. +# Run php-typo3-phar-stream-wrapper2-get-source.sh to create full source. +Source0: %{name}-%{github_version}-%{github_commit}.tar.gz +Source1: %{name}-get-source.sh + +BuildArch: noarch +# Tests +%if %{with_tests} +## composer.json +BuildRequires: php(language) >= %{php_min_ver} +BuildRequires: php-composer(phpunit/phpunit) +BuildRequires: php-fileinfo +BuildRequires: php-json +%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8 +BuildRequires: (php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} with php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver}) +%else +BuildRequires: php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} +BuildRequires: php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver} +%endif +## phpcompatinfo for version 2.1.2 +BuildRequires: php-pcre +BuildRequires: php-pecl(opcache) +BuildRequires: php-reflection +BuildRequires: php-spl +## Autoloader +BuildRequires: php-composer(fedora/autoloader) +%endif + +# composer.json +Requires: php(language) >= %{php_min_ver} +Requires: php-json +%if 0%{?fedora} >= 27 || 0%{?rhel} >= 8 +Requires: (php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} with php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver}) +%else +Requires: php-composer(brumann/polyfill-unserialize) >= %{polyfill_unserialize_min_ver} +Requires: php-composer(brumann/polyfill-unserialize) < %{polyfill_unserialize_max_ver} +%endif +# phpcompatinfo for version 2.1.2 +Requires: php-pcre +Requires: php-spl +# Autoloader +Requires: php-composer(fedora/autoloader) + +# Weak dependencies +%if 0%{?fedora} >= 21 || 0%{?rhel} >= 8 +Suggests: php-fileinfo +Suggests: php-pecl(opcache) +%endif + +# Composer +Provides: php-composer(%{composer_vendor}/%{composer_project}) = %{version} + +%description +%{summary}. + +Autoloader: %{phpdir}/TYPO3/PharStreamWrapper2/autoload.php + + +%prep +%setup -qn %{github_name}-%{github_commit} + + +%build +: Create autoloader +cat <<'AUTOLOAD' | tee src/autoload.php +<?php +/** + * Autoloader for %{name} and its' dependencies + * (created by %{name}-%{version}-%{release}). + */ +require_once '%{phpdir}/Fedora/Autoloader/autoload.php'; + +\Fedora\Autoloader\Autoload::addPsr4('TYPO3\\PharStreamWrapper\\', __DIR__); + +\Fedora\Autoloader\Dependencies::required(array( + '%{phpdir}/Brumann/Polyfill/autoload.php', +)); +AUTOLOAD + + +%install +mkdir -p %{buildroot}%{phpdir}/TYPO3 +cp -rp src %{buildroot}%{phpdir}/TYPO3/PharStreamWrapper2 + + +%check +%if %{with_tests} +: Create tests bootstrap +cat <<'BOOTSTRAP' | tee bootstrap.php +<?php +require '%{buildroot}%{phpdir}/TYPO3/PharStreamWrapper2/autoload.php'; +\Fedora\Autoloader\Autoload::addPsr4('TYPO3\\PharStreamWrapper\\Tests\\', __DIR__.'/tests'); +BOOTSTRAP + +: Upstream tests +RETURN_CODE=0 +PHPUNIT=$(which phpunit) +for PHP_EXEC in php php70 php71 php72 php73 php74; do + if [ "php" == "$PHP_EXEC" ] || which $PHP_EXEC; then + $PHP_EXEC $PHPUNIT --verbose \ + --testsuite "unit tests" \ + --bootstrap bootstrap.php || RETURN_CODE=1 + fi +done +exit $RETURN_CODE +%else +: Tests skipped +%endif + + +%files +%{!?_licensedir:%global license %%doc} +%license LICENSE +%doc *.md +%doc composer.json +%dir %{phpdir}/TYPO3 + %{phpdir}/TYPO3/PharStreamWrapper2 + + +%changelog +* Sun Jun 16 2019 Shawn Iwinski <shawn@iwin.ski> - 2.1.2-1 +- Update to 2.1.2 (RHBZ #1708652, #1708653, #1708646, #1708649) +- https://typo3.org/security/advisory/typo3-psa-2019-007/ +- https://nvd.nist.gov/vuln/detail/CVE-2019-11831 +- https://typo3.org/security/advisory/typo3-psa-2019-008/ +- https://nvd.nist.gov/vuln/detail/CVE-2019-11830 + +* Sat Feb 23 2019 Shawn Iwinski <shawn@iwin.ski> - 2.0.1-1 +- Initial package |