Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 200672 - dev-lang/php - configure-string for wrong sapi
Summary: dev-lang/php - configure-string for wrong sapi
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Eclasses (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: PHP Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-11-28 18:09 UTC by Hanno Böck
Modified: 2008-05-01 16:31 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
phpinfo output from fastcgi-setup (phpinfo.php.html,52.73 KB, text/html)
2007-11-29 13:13 UTC, Hanno Böck 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2007-11-28 18:09:15 UTC 
Today I noticed that my phpinfo on fcgi says
'--disable-discard-path' '--disable-force-cgi-redirect'
for configure.

This would be a security-issue, but it isn't the case, it just seems that the wrong configure-string get's passed somewhere so one could think it's a security issue. hoffie just jabbered me that somehow in the build process the configure-string gets patched in afterwards.
Comment 1 Luca Longinotti (RETIRED) gentoo-dev 2007-11-28 21:24:53 UTC 
This is expected and normal if you have "fastbuild" USE flag activated, as for that one we first do a "general" configure that works for all SAPIs and then put in afterwards SAPI-specific changes, so in the end your CGI build will have those two features activated, thus there is no problem and nothing to fix. :)
Best regards, CHTEKK.
Comment 2 Christian Hoffmann (RETIRED) gentoo-dev 2007-11-28 21:27:45 UTC 
I still think it is confusing and makes it hard to verify that certain security-relevant options (-> force-cgi-redirect) are really enabled.
On a side note, hanno told me he uses USE="-fastbuild".
Comment 3 Luca Longinotti (RETIRED) gentoo-dev 2007-11-28 22:55:47 UTC 
Well in that case it would actually re-execute configure 3 times (or 2, depends on number of enabled SAPIs), each time with the correct options, so in one of the tree configure-runs you would see force-cgi-redirect etc. enabled.
And I rectify what I said earlier, when fastbuild is enabled, it adds all options directly, thus in that one configure-run it does, you would see them enabled/disabled correctly. So in the end I fail to see the issue here...
USE="fastbuild": one configure run, where it is correct
USE="-fastbuild": multiple configure runs (= number of selected SAPIs), where for the CGI one you would correctly see those options
All well, closing again. :)
Best regards, CHTEKK.
Comment 4 Hanno Böck gentoo-dev 2007-11-29 13:12:57 UTC 
chktekk, did you actually read hoffies comment above? It also happens WITHOUT fastbuild.

I'll attach phpinfo-output from my local system with USE="-fastbuild". Please don't close bugs claiming there's no issue without even testing it or properly reading other's comments.
Comment 5 Hanno Böck gentoo-dev 2007-11-29 13:13:30 UTC 
Created attachment 137312 [details]
phpinfo output from fastcgi-setup
Comment 6 Christian Hoffmann (RETIRED) gentoo-dev 2008-05-01 14:52:41 UTC 
Hm, I'm still not able to reproduce this. Do you still see the problem?
Comment 7 Hanno Böck gentoo-dev 2008-05-01 16:31:59 UTC 
I wasn't aware that this bug is still open...

This got fixed a while back, though I don't remember when. I just re-checked and everything seems ok.