PHP5.2.*通过构造Hash冲突可以实现拒绝服务攻击,针对此漏洞官方发布了PHP 5.3.9但不会为此发布PHP 5.2.18.
5.2.* 可以打上下面的patch来解决此问题.
https://github.com/laruence/laruence.github.com/tree/master/php-5.2-max-input-vars
目前已知的受影响的语言以及版本有::
Java, 所有版本
JRuby <= 1.6.5
PHP <= 5.3.8, <= 5.4.0RC3
Python, 所有版本
Rubinius, 所有版本
Ruby <= 1.8.7-p356
Apache Geronimo, 所有版本
Apache Tomcat <= 5.5.34, <= 6.0.34, <= 7.0.22
Oracle Glassfish <= 3.1.1
Jetty, 所有版本
Plone, 所有版本
Rack, 所有版本
V8 JavaScript Engine, 所有版本
不受此影响的语言或者修复版本的语言有::
PHP >= 5.3.9, >= 5.4.0RC4
JRuby >= 1.6.5.1
Ruby >= 1.8.7-p357, 1.9.x
Apache Tomcat >= 5.5.35, >= 6.0.35, >= 7.0.23
Oracle Glassfish, N/A (Oracle reports that the issue is fixed in the main codeline and scheduled for a future CPU)
将php从5.2.14升级到5.2.17并打上补丁
下载patch
https://github.com/laruence/laruence.github.com/zipball/master
到之前的php编译目录
- cd src/lempelf/package/
- wget http://www.php.net/get/php-5.2.17.tar.gz/from/kr.php.net/mirror
- wget http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
- tar zxvf php-5.2.17.tar.gz
- gzip -cd php-5.2.17-fpm-0.5.14.diff.gz |patch -d php-5.2.17 -p1
- patching file configure
- Hunk #7 succeeded at 110645 (offset 1324 lines).
- Hunk #9 succeeded at 119634 (offset 1324 lines).
- patching file configure.in
- patching file libevent/ChangeLog
- patching file libevent/Makefile.am
- patching file libevent/Makefile.in
- patching file libevent/README
- patching file libevent/aclocal.m4
- patching file libevent/autogen.sh
- patching file libevent/buffer.c
- patching file libevent/compat/sys/_time.h
- patching file libevent/compat/sys/queue.h
- patching file libevent/config.h.in
- patching file libevent/configure
- patching file libevent/configure.in
- patching file libevent/depcomp
- patching file libevent/devpoll.c
- patching file libevent/epoll.c
- patching file libevent/epoll_sub.c
- patching file libevent/evbuffer.c
- patching file libevent/event-config.h
- patching file libevent/event-fpm.h
- patching file libevent/event-internal.h
- patching file libevent/event.3
- patching file libevent/event.c
- patching file libevent/event.h
- patching file libevent/evhttp.h
- patching file libevent/evport.c
- patching file libevent/evsignal.h
- patching file libevent/evutil.c
- patching file libevent/evutil.h
- patching file libevent/http-internal.h
- patching file libevent/http.c
- patching file libevent/install-sh
- patching file libevent/kqueue.c
- patching file libevent/log.c
- patching file libevent/log.h
- patching file libevent/min_heap.h
- patching file libevent/missing
- patching file libevent/poll.c
- patching file libevent/select.c
- patching file libevent/signal.c
- patching file libevent/strlcpy-internal.h
- patching file libevent/strlcpy.c
- patching file main/php_config.h.in
- patching file sapi/cgi/Makefile.frag
- patching file sapi/cgi/cgi_main.c
- patching file sapi/cgi/config9.m4
- patching file sapi/cgi/fastcgi.c
- patching file sapi/cgi/fastcgi.h
- patching file sapi/cgi/fpm/Makefile.frag
- patching file sapi/cgi/fpm/acinclude.m4
- patching file sapi/cgi/fpm/conf/php-fpm.conf.in
- patching file sapi/cgi/fpm/config.m4
- patching file sapi/cgi/fpm/fpm.c
- patching file sapi/cgi/fpm/fpm.h
- patching file sapi/cgi/fpm/fpm_arrays.h
- patching file sapi/cgi/fpm/fpm_atomic.h
- patching file sapi/cgi/fpm/fpm_autoconf.h.in
- patching file sapi/cgi/fpm/fpm_children.c
- patching file sapi/cgi/fpm/fpm_children.h
- patching file sapi/cgi/fpm/fpm_cleanup.c
- patching file sapi/cgi/fpm/fpm_cleanup.h
- patching file sapi/cgi/fpm/fpm_clock.c
- patching file sapi/cgi/fpm/fpm_clock.h
- patching file sapi/cgi/fpm/fpm_conf.c
- patching file sapi/cgi/fpm/fpm_conf.h
- patching file sapi/cgi/fpm/fpm_config.h
- patching file sapi/cgi/fpm/fpm_env.c
- patching file sapi/cgi/fpm/fpm_env.h
- patching file sapi/cgi/fpm/fpm_events.c
- patching file sapi/cgi/fpm/fpm_events.h
- patching file sapi/cgi/fpm/fpm_php.c
- patching file sapi/cgi/fpm/fpm_php.h
- patching file sapi/cgi/fpm/fpm_php_trace.c
- patching file sapi/cgi/fpm/fpm_php_trace.h
- patching file sapi/cgi/fpm/fpm_process_ctl.c
- patching file sapi/cgi/fpm/fpm_process_ctl.h
- patching file sapi/cgi/fpm/fpm_request.c
- patching file sapi/cgi/fpm/fpm_request.h
- patching file sapi/cgi/fpm/fpm_shm.c
- patching file sapi/cgi/fpm/fpm_shm.h
- patching file sapi/cgi/fpm/fpm_shm_slots.c
- patching file sapi/cgi/fpm/fpm_shm_slots.h
- patching file sapi/cgi/fpm/fpm_signals.c
- patching file sapi/cgi/fpm/fpm_signals.h
- patching file sapi/cgi/fpm/fpm_sockets.c
- patching file sapi/cgi/fpm/fpm_sockets.h
- patching file sapi/cgi/fpm/fpm_stdio.c
- patching file sapi/cgi/fpm/fpm_stdio.h
- patching file sapi/cgi/fpm/fpm_str.h
- patching file sapi/cgi/fpm/fpm_trace.c
- patching file sapi/cgi/fpm/fpm_trace.h
- patching file sapi/cgi/fpm/fpm_trace_mach.c
- patching file sapi/cgi/fpm/fpm_trace_pread.c
- patching file sapi/cgi/fpm/fpm_trace_ptrace.c
- patching file sapi/cgi/fpm/fpm_unix.c
- patching file sapi/cgi/fpm/fpm_unix.h
- patching file sapi/cgi/fpm/fpm_worker_pool.c
- patching file sapi/cgi/fpm/fpm_worker_pool.h
- patching file sapi/cgi/fpm/init.d/php-fpm.in
- patching file sapi/cgi/fpm/xml_config.c
- patching file sapi/cgi/fpm/xml_config.h
- patching file sapi/cgi/fpm/zlog.c
- patching file sapi/cgi/fpm/zlog.h
- unzip laruence-laruence.github.com-43969a1.zip
- cd php-5.2.17
- patch -p1 < ../laruence-laruence.github.com-43969a1/php-5.2-max-input-vars/php-5.2.17-max-input-vars.patch
- patching file configure
- Hunk #1 succeeded at 2176 (offset 11 lines).
- patching file configure.in
- patching file main/main.c
- patching file main/php_globals.h
- patching file main/php_variables.c
- patching file main/php_version.h
打好补丁,重编译一遍php
- ./configure --prefix=/opt/php-5.2.17p1 --with-config-file-path=/opt/php-5.2.17p1/etc --with-mysql=/opt/mysql --with-mysqli=/opt/mysql/bin/mysql_config --with-iconv-dir=/usr/local --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --disable-rpath --enable-discard-path --enable-safe-mode --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --with-curlwrappers --enable-mbregex --enable-fastcgi --enable-fpm --enable-force-cgi-redirect --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-xmlrpc --enable-zip --enable-soap --enable-xml --enable-zend-multibyte --disable-debug --disable-ipv6
- make ZEND_EXTRA_LIBS='-liconv'
- make install
- cd ../memcache-3.0.5
- make clean
- /opt/php-5.2.17p1/bin/phpize
- ./configure --with-php-config=/opt/php-5.2.17p1/bin/php-config
- make
- make install
- cd ../eaccelerator-0.9.6.1
- make clean
- /opt/php-5.2.17p1/bin/phpize
- ./configure --enable-eaccelerator=shared --with-php-config=/opt/php-5.2.17p1/bin/php-config
- make
- make install
- cd ../PDO_MYSQL-1.0.2
- make clean
- /opt/php-5.2.17p1/bin/phpize
- ./configure --with-php-config=/opt/php-5.2.17p1/bin/php-config --with-pdo-mysql=/opt/mysql
- make
- make install
- cd ../imagick-2.2.2/
- make clean
- /opt/php-5.2.17p1/bin/phpize
- ./configure --with-php-config=/opt/php-5.2.17p1/bin/php-config
- make
- make install
- #32位用下面
- cp ../ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-20060613/
- #64位用下面
- cp ../ZendOptimizer-3.3.9-linux-glibc23-x86_64/data/5_2_x_comp/ZendOptimizer.so /opt/php-5.2.17p1/lib/php/extensions/no-debug-non-zts-20060613/
- mkdir -p /opt/php-5.2.17p1/eaccelerator_cache
- chown www:website /opt/php-5.2.17p1/eaccelerator_cache/
- chmod 770 /opt/php-5.2.17p1/eaccelerator_cache/
- touch /opt/php-5.2.17p1/logs/php_error.log
- chown www:website /opt/php-5.2.17p1/logs/php_error.log
- chmod 770 /opt/php-5.2.17p1/logs/php_error.log
- #升级pear (可选)
- /opt/php-5.2.17p1/bin/pear upgrade pear
- /opt/php-5.2.17p1/bin/pear install Benchmark Cache_Lite DB HTTP Mail Mail_Mime Net_SMTP Net_Socket Pager XML_Parser XML_RPC
- cp -p /opt/php/etc/php.ini /opt/php-5.2.17p1/etc/
- cp -p /opt/php/etc/php-fpm.conf /opt/php-5.2.17p1/etc/
- chown root:website /opt/php-5.2.17p1/etc/*
- chmod 660 /opt/php-5.2.17p1/etc/*
- /opt/php/sbin/php-fpm stop
- #删掉软连接,切换php
- rm /opt/php
- ln -s /opt/php-5.2.17p1/ /opt/php
- /opt/php/sbin/php-fpm start
注意phpfpm.conf,php.ini中的路径
找不到libmysqlclient.so.16
- ./conftest: error while loading shared libraries: libmysqlclient.so.16
echo /opt/mysql/lib/mysql >> /etc/ld.so.conf
ldconfig -v
eAccelerator出错
- [eAccelerator] This build of “eAccelerator” was compiled for PHP version 5.2.14. Rebuild it for your PHP version (5.2.17p1) or download precompiled binaries.
重新编译eAccelerator
参考:
http://www.laruence.com/2011/12/29/2412.html




Recent Comments