aboutsummaryrefslogtreecommitdiff
path: root/www/phpbb
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2006-05-07 17:30:59 +0000
committerXin LI <delphij@FreeBSD.org>2006-05-07 17:30:59 +0000
commit048d6d4065faff5ee390f070b2c3459d94197211 (patch)
treeb0f9b29d6a52ce3792903880aaaf184e2d307067 /www/phpbb
parentedab74313c449f0cd86473a96695cf4ee180b285 (diff)
downloadports-048d6d4065faff5ee390f070b2c3459d94197211.tar.gz
ports-048d6d4065faff5ee390f070b2c3459d94197211.zip
Notes
Diffstat (limited to 'www/phpbb')
-rw-r--r--www/phpbb/Makefile8
-rw-r--r--www/phpbb/files/security-patch-includes-sessions.php (renamed from www/phpbb/files/patch-includes-sessions.php)0
2 files changed, 8 insertions, 0 deletions
diff --git a/www/phpbb/Makefile b/www/phpbb/Makefile
index 0490e4d65982..a629909a6f27 100644
--- a/www/phpbb/Makefile
+++ b/www/phpbb/Makefile
@@ -7,6 +7,7 @@
PORTNAME= phpbb
PORTVERSION= 2.0.20
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
@@ -31,6 +32,13 @@ WWWGRP?= www
#
# End of user-configurable variables.
+# XXX The phpBB folks does not seem to care about the session table DoS
+# issue. You can disable the patch at your own risk to make the
+# visual authentication work.
+.if !defined(WITHOUT_ANTI_SESSIONTAB_DOS_PATCH)
+EXTRA_PATCHES= ${FILESDIR}/security-patch-includes-sessions.php
+.endif
+
# Set/override/append to variables from bsd.port.mk:
#
WRKSRC= ${WRKDIR}/phpBB2
diff --git a/www/phpbb/files/patch-includes-sessions.php b/www/phpbb/files/security-patch-includes-sessions.php
index a84aa2f04322..a84aa2f04322 100644
--- a/www/phpbb/files/patch-includes-sessions.php
+++ b/www/phpbb/files/security-patch-includes-sessions.php