diff options
| author | Jochen Neumeister <joneum@FreeBSD.org> | 2017-12-24 13:11:41 +0000 |
|---|---|---|
| committer | Jochen Neumeister <joneum@FreeBSD.org> | 2017-12-24 13:11:41 +0000 |
| commit | e3f0c0346664f0dc03d861169921e633a550d318 (patch) | |
| tree | e1f6adcca6a88b4d13893b9f6e399f5888a0a4f4 /security/snuffleupagus | |
| parent | ff2bee6b2a28d6c4dd1bc281398f258e392a5fa2 (diff) | |
| download | ports-e3f0c0346664f0dc03d861169921e633a550d318.tar.gz ports-e3f0c0346664f0dc03d861169921e633a550d318.zip | |
New port: security/snuffleupagus
Snuffleupagus is a PHP7+ module designed to drastically raise the cost
of attacks against websites. This is achieved by killing entire bug
classes and providing a powerful virtual-patching system, allowing the
administrator to fix specific vulnerabilities without having to touch
the PHP code.
WWW: https://snuffleupagus.readthedocs.io/
PR: 224545
Submitted by: Franco Fichtner <franco@opnsense.org> (maintainer)
Approved by: rene (mentor)
Differential Revision: https://reviews.freebsd.org/D13606
Notes
Notes:
svn path=/head/; revision=457156
Diffstat (limited to 'security/snuffleupagus')
| -rw-r--r-- | security/snuffleupagus/Makefile | 28 | ||||
| -rw-r--r-- | security/snuffleupagus/distinfo | 3 | ||||
| -rw-r--r-- | security/snuffleupagus/files/patch-sp__network__utils.c | 18 | ||||
| -rw-r--r-- | security/snuffleupagus/pkg-descr | 7 |
4 files changed, 56 insertions, 0 deletions
diff --git a/security/snuffleupagus/Makefile b/security/snuffleupagus/Makefile new file mode 100644 index 000000000000..dc4748d36bd3 --- /dev/null +++ b/security/snuffleupagus/Makefile @@ -0,0 +1,28 @@ +# $FreeBSD$ + +PORTNAME= snuffleupagus +DISTVERSIONPREFIX=v +DISTVERSION= 0.1.0 +CATEGORIES= security + +MAINTAINER= franco@opnsense.org +COMMENT= Security module for PHP 7+ + +LICENSE= LGPL3 +LICENSE_FILE= ${WRKSRC}/../LICENSE + +IGNORE_WITH_PHP=56 + +LIB_DEPENDS= libpcre.so:devel/pcre + +WRKSRC_SUBDIR= src + +USES= localbase:ldflags php:ext +USE_PHP= hash:build + +USE_GITHUB= yes +GH_ACCOUNT= nbs-system + +CONFIGURE_ARGS= --enable-snuffleupagus + +.include <bsd.port.mk> diff --git a/security/snuffleupagus/distinfo b/security/snuffleupagus/distinfo new file mode 100644 index 000000000000..cfc74de7b7d6 --- /dev/null +++ b/security/snuffleupagus/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1513844643 +SHA256 (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 7b3432e46ecdd1eb78666ee03475bbc2e50b1bd4de71a8d5a03c7d90168a004a +SIZE (nbs-system-snuffleupagus-v0.1.0_GH0.tar.gz) = 3898803 diff --git a/security/snuffleupagus/files/patch-sp__network__utils.c b/security/snuffleupagus/files/patch-sp__network__utils.c new file mode 100644 index 000000000000..801a355db758 --- /dev/null +++ b/security/snuffleupagus/files/patch-sp__network__utils.c @@ -0,0 +1,18 @@ +--- sp_network_utils.c.orig 2017-12-21 22:34:33 UTC ++++ sp_network_utils.c +@@ -23,15 +23,8 @@ static inline bool cidr4_match(const str + + static inline bool cidr6_match(const struct in6_addr address, + const struct in6_addr network, uint8_t bits) { +- //#ifdef LINUX +- const uint32_t *a = address.s6_addr32; +- const uint32_t *n = network.s6_addr32; +- /* +-#else + const uint32_t *a = address.__u6_addr.__u6_addr32; + const uint32_t *n = network.__u6_addr.__u6_addr32; +-#endif +-*/ + int bits_whole = bits >> 5; // number of whole u32 + int bits_incomplete = bits & 0x1F; // number of bits in incomplete u32 + if (bits_whole) { diff --git a/security/snuffleupagus/pkg-descr b/security/snuffleupagus/pkg-descr new file mode 100644 index 000000000000..9cd8f5ff0e1f --- /dev/null +++ b/security/snuffleupagus/pkg-descr @@ -0,0 +1,7 @@ +Snuffleupagus is a PHP7+ module designed to drastically raise the cost +of attacks against websites. This is achieved by killing entire bug +classes and providing a powerful virtual-patching system, allowing the +administrator to fix specific vulnerabilities without having to touch +the PHP code. + +WWW: https://snuffleupagus.readthedocs.io/ |