#!/bin/sh # # Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com> # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # 1. Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # Set our operating platform PLATFORM=`/bin/cat /usr/local/etc/platform` if [ -d /usr/local/lib/php/20131226 ]; then # PHP 5.6 EXTENSIONSDIR="/usr/local/lib/php/20131226/" else echo "No supported PHP version was found." exit 1 fi # Set upload directory if [ "$PLATFORM" = "nanobsd" ]; then UPLOADTMPDIR=`/usr/bin/grep upload_path /usr/local/etc/inc/globals.inc | /usr/bin/cut -d'"' -f4` else UPLOADTMPDIR="/tmp" fi # Define php modules. Do not add .so, it will # be done automatically by the script below. PHPMODULES="standard" # Config read/write PHPMODULES="$PHPMODULES xml libxml dom" PHPMODULES="$PHPMODULES simplexml" # Downloading via HTTP/FTP (pkg mgr, etc) PHPMODULES="$PHPMODULES curl date" # Internationalization PHPMODULES="$PHPMODULES gettext" # User manager PHPMODULES="$PHPMODULES ldap openssl pcntl" PHPMODULES="$PHPMODULES hash" PHPMODULES="$PHPMODULES mcrypt" # Regexs, PERL style! PHPMODULES="$PHPMODULES pcre" # The mighty posix! PHPMODULES="$PHPMODULES posix" PHPMODULES="$PHPMODULES readline" # Login sessions PHPMODULES="$PHPMODULES session" # Extra sanity seatbelts PHPMODULES="$PHPMODULES suhosin" # Firewall rules edit PHPMODULES="$PHPMODULES ctype" # firewall_rules_edit.php PHPMODULES="$PHPMODULES mbstring" # Synchronization primitives PHPMODULES="$PHPMODULES shmop" # Page compression PHPMODULES="$PHPMODULES zlib" # SQLlite & Database PHPMODULES="$PHPMODULES spl" PHPMODULES="$PHPMODULES pdo" PHPMODULES="$PHPMODULES pdo_sqlite" PHPMODULES="$PHPMODULES sqlite3" # RADIUS PHPMODULES="$PHPMODULES radius" # SSH2 PHPMODULES="$PHPMODULES ssh2" # pfSense extensions PHPMODULES="$PHPMODULES pfSense" # json PHPMODULES="$PHPMODULES json" # bcmath PHPMODULES="$PHPMODULES bcmath" # filter PHPMODULES="$PHPMODULES filter" # OPNsense PHPMODULES="$PHPMODULES phalcon" PHPMODULES="$PHPMODULES tokenizer" # Clear the .ini file to make sure we are clean rm -f /usr/local/etc/php/extensions.ini rm -f /usr/local/etc/php.ini rm -f /usr/local/lib/php.ini LOADED_MODULES=`/usr/local/bin/php -m | /usr/bin/grep -v "\["` # Fetch the timezone from the XML and set it here. We set it later too in the running scripts TIMEZONE=Etc/UTC if [ -f /conf/config.xml ]; then TIMEZONE=`cat /conf/config.xml | egrep -E '<timezone>(.*?)</timezone>' | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` fi # Get a loaded module list in the stock php # Populate a dummy php.ini to avoid # the file being clobbered and the firewall # not being able to boot back up. /bin/cat >/usr/local/lib/php.ini <<EOF ; File generated via rc.php_ini_setup output_buffering = "0" expose_php = Off implicit_flush = true magic_quotes_gpc = Off max_execution_time = 900 max_input_time = 1800 register_argc_argv = On register_long_arrays = Off variables_order = "GPCS" file_uploads = On upload_tmp_dir = ${UPLOADTMPDIR} upload_max_filesize = 200M post_max_size = 200M html_errors = Off zlib.output_compression = Off zlib.output_compression_level = 1 include_path = ".:/usr/local/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/opnsense/mvc:/usr/local/share/pear" ignore_repeated_errors = on error_reporting = E_ALL ^ (E_WARNING | E_NOTICE | E_DEPRECATED | E_STRICT) display_errors=on log_errors=on error_log=/tmp/PHP_errors.log extension_dir=${EXTENSIONSDIR} date.timezone="${TIMEZONE}" ; Extensions EOF # Copy php.ini file to etc/ too (cli) /bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini # Ensure directory exists if [ ! -d /etc/php_dynamodules ]; then /bin/mkdir /etc/php_dynamodules fi if [ ! -d /etc/php_dynamodules_zend ]; then /bin/mkdir /etc/php_dynamodules_zend fi if [ ! -d /etc/php_dynamodules_zend_ts ]; then /bin/mkdir /etc/php_dynamodules_zend_ts fi # Read in dynamodules if [ -d /etc/php_dynamodules ]; then DYNA_MODULES=`/bin/ls -Utr /etc/php_dynamodules/` PHPMODULES="$PHPMODULES $DYNA_MODULES" fi # Loop through and generate modules to load. # Take into account modules built into php. for EXT in $PHPMODULES; do SHOULDADD="true" # Check to see if module is compiled into php statically for LM in $LOADED_MODULES; do if [ "$EXT" = "$LM" ]; then SHOULDADD="false" fi done if [ "$SHOULDADD" = "true" ]; then # Ensure extension exists before adding. if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then echo "extension=${EXT}.so" >> /usr/local/lib/php.ini fi fi done /bin/cat >>/usr/local/lib/php.ini <<EOF [suhosin] suhosin.get.max_array_depth = 5000 suhosin.get.max_array_index_length = 256 suhosin.get.max_vars = 5000 suhosin.get.max_value_length = 500000 suhosin.post.max_array_depth = 5000 suhosin.post.max_array_index_length = 256 suhosin.post.max_vars = 5000 suhosin.post.max_value_length = 500000 suhosin.request.max_array_depth = 5000 suhosin.request.max_array_index_length = 256 suhosin.request.max_vars = 5000 suhosin.request.max_value_length = 500000 suhosin.memory_limit = 512435456 EOF # Copy php.ini file to etc/ too (cli) /bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini # Remove old log file if it exists. if [ -f /var/run/php_modules_load_errors.txt ]; then /bin/rm /var/run/php_modules_load_errors.txt fi for EXT in $PHPMODULES; do PHPMODULESLC="$PHPMODULESLC `echo "$EXT" | /usr/bin/tr '[:upper:]' '[:lower:]'`" done # Check loaded modules and remove anything that did not load correctly LOADED_MODULES=`/usr/local/bin/php -m | /usr/bin/tr '[:upper:]' '[:lower:]' 2>/dev/null | /usr/bin/grep -v "\["` for EXT in $PHPMODULESLC; do SHOULDREMOVE="true" for LM in $LOADED_MODULES; do if [ "$EXT" = "$LM" ]; then SHOULDREMOVE="false" fi done if [ "$SHOULDREMOVE" = "true" ]; then if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then echo ">>> ${EXT} did not load correctly. Removing from php.ini..." >> /var/run/php_modules_load_errors.txt /bin/cat /usr/local/lib/php.ini | /usr/bin/grep -v $EXT > /tmp/php.ini /bin/rm -f /usr/local/lib/php.ini /bin/mv /tmp/php.ini /usr/local/lib/php.ini fi fi done # Copy php.ini file to etc/ too (cli) /bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini