From dc4f1dc1a00b8cd56d952e5618c2310e835b2476 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Apr 23 2014 12:48:27 +0000 Subject: - add numerical prefix to extension configuration files - prevent .user.ini files from being viewed by Web clients - load php directives only when mod_php is active --- diff --git a/php.conf b/php.conf index 7000043..da9b02a 100644 --- a/php.conf +++ b/php.conf @@ -1,9 +1,9 @@ # -# Cause the PHP interpreter to handle files with a .php extension. +# The following lines prevent .user.ini files from being viewed by Web clients. # - - SetHandler application/x-httpd-php - + + Require all denied + # # Allow php to handle Multiviews @@ -16,18 +16,28 @@ AddType text/html .php # DirectoryIndex index.php -# -# Uncomment the following lines to allow PHP to pretty-print .phps -# files as PHP source code: -# -# -# SetHandler application/x-httpd-php-source -# +# mod_php options + + # + # Cause the PHP interpreter to handle files with a .php extension. + # + + SetHandler application/x-httpd-php + -# -# Apache specific PHP configuration options -# those can be override in each configured vhost -# -php_value session.save_handler "files" -php_value session.save_path "/var/lib/php/session" -php_value soap.wsdl_cache_dir "/var/lib/php/wsdlcache" + # + # Uncomment the following lines to allow PHP to pretty-print .phps + # files as PHP source code: + # + # + # SetHandler application/x-httpd-php-source + # + + # + # Apache specific PHP configuration options + # those can be override in each configured vhost + # + php_value session.save_handler "files" + php_value session.save_path "/var/lib/php/session" + php_value soap.wsdl_cache_dir "/var/lib/php/wsdlcache" + diff --git a/php.spec b/php.spec index e613a0e..244b4c7 100644 --- a/php.spec +++ b/php.spec @@ -69,7 +69,7 @@ Summary: PHP scripting language for creating dynamic web sites Name: php Version: 5.5.11 -Release: 1%{?dist} +Release: 2%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend # TSRM is licensed under BSD @@ -820,7 +820,7 @@ chmod 644 README.* echo "d /run/php-fpm 755 root root" >php-fpm.tmpfiles # Some extensions have their own configuration file -cp %{SOURCE50} . +cp %{SOURCE50} 10-opcache.ini %build @@ -1298,11 +1298,17 @@ for mod in pgsql odbc ldap snmp xmlrpc imap \ zip \ %endif ; do - # for extension load order - if [ "$mod" = "wddx" ] - then ini=xml_${mod}.ini - else ini=${mod}.ini - fi + case $mod in + opcache) + # Zend extensions + ini=10-${mod}.ini;; + pdo_*|mysqlnd_*|wddx|xmlreader|xmlrpc) + # Extensions with dependencies on 20-* + ini=30-${mod}.ini;; + *) + # Extensions with no dependency + ini=20-${mod}.ini;; + esac # some extensions have their own config file if [ -f ${ini} ]; then cp -p ${ini} $RPM_BUILD_ROOT%{_sysconfdir}/php.d/${ini} @@ -1372,7 +1378,7 @@ cat files.zip >> files.common install -m 644 %{SOURCE51} $RPM_BUILD_ROOT%{_sysconfdir}/php.d/opcache-default.blacklist install -m 644 %{SOURCE51} $RPM_BUILD_ROOT%{_sysconfdir}/php-zts.d/opcache-default.blacklist sed -e '/blacklist_filename/s/php.d/php-zts.d/' \ - -i $RPM_BUILD_ROOT%{_sysconfdir}/php-zts.d/opcache.ini + -i $RPM_BUILD_ROOT%{_sysconfdir}/php-zts.d/10-opcache.ini # Install the macros file: sed -e "s/@PHP_APIVER@/%{apiver}%{isasuffix}/" \ @@ -1544,6 +1550,11 @@ exit 0 %changelog +* Wed Apr 23 2014 Remi Collet 5.5.11-2 +- add numerical prefix to extension configuration files +- prevent .user.ini files from being viewed by Web clients +- load php directives only when mod_php is active + * Thu Apr 3 2014 Remi Collet 5.5.11-1 - Update to 5.5.11 http://www.php.net/ChangeLog-5.php#5.5.11