From daf6a2dbf7e4f67810581991160082211e754cba Mon Sep 17 00:00:00 2001
From: Anton Batenev <antonbatenev@yandex.ru>
Date: Thu, 19 Jul 2012 00:47:01 +0400
Subject: [PATCH] Initial

---
 .gitignore                                    |  11 +
 README.rst                                    |  24 ++
 build.sh                                      | 237 ++++++++++++++++++
 config.m4                                     |  36 +++
 debian.sh                                     |  53 ++++
 package/DEBIAN/conffiles                      |   1 +
 package/DEBIAN/control                        |  12 +
 package/etc/php5/conf.d/pdo_sqlcipher.ini     |   1 +
 .../usr/share/doc/php5-sqlcipher/copyright    |   4 +
 .../share/lintian/overrides/php5-sqlcipher    |   7 +
 10 files changed, 386 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.rst
 create mode 100755 build.sh
 create mode 100644 config.m4
 create mode 100755 debian.sh
 create mode 100644 package/DEBIAN/conffiles
 create mode 100644 package/DEBIAN/control
 create mode 100644 package/etc/php5/conf.d/pdo_sqlcipher.ini
 create mode 100644 package/usr/share/doc/php5-sqlcipher/copyright
 create mode 100644 package/usr/share/lintian/overrides/php5-sqlcipher

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..084910b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,11 @@
+build/*
+release/*
+sqlcipher.git/*
+php-*/*
+
+package/DEBIAN/md5sums
+package/usr/bin/*
+package/usr/lib/*
+
+*.tar.gz
+*.deb
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..a40eebe
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,24 @@
+PDO SQLCipher
+============
+
+Драйвер, реализующий интерфейс PDO (PHP Data Objects) для SQLCipher без замещения оригинальной версии PDO SQLite или системной версии SQLite. Основан на оригинальном коде PDO SQLite путем простого замещения имен и встраиванием кода SQLCipher (вместо динамической линковки с библиотеками SQLite).
+
+Подобное разделение позволяет работать с шифрованными базами только тем приложениям, которые в этом явно нуждаются не опасаясь потери данных или замедления работы остальнх приложений.
+
+Скрипт сборки протестирован на Debian Squeeze (PHP 5.3.3) и FreeBSD 8.2 (PHP 5.4.3)
+
+Для сборки под Debain потребуются (помимо стандартных) следующие dev пакеты:
+
+* libicu-dev
+* libreadline-dev
+* libssl-dev
+* php5-dev
+* tcl-dev
+
+SQLCipher
+=========
+
+SQLCipher является расширением SQLite, которое реализует прозрачное шифрование файлов данных посредством AES-256. Страницы базы данных шифруются перед записью на диск и расшифровываются при чтении.
+
+Официальный сайт: http://sqlcipher.net
+Репозиторий кода: https://github.com/sqlcipher/sqlcipher
diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..1f87206
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,237 @@
+#!/bin/sh
+
+#
+# Get PHP source code (installed version)
+#
+
+PHP_CONFIG=$(which php-config)
+
+if [ "x${PHP_CONFIG}" = "x" ]; then
+	echo "Error: php-config not found"
+	exit 1
+fi
+
+# 5.3.3-7+squeeze13
+PHP_VER=$(${PHP_CONFIG} --version | cut -d '-' -f 1)
+
+if [ "x${PHP_VER}" = "x" ]; then
+	echo "Error: unknown php version"
+	exit 1
+fi
+
+PHP_SRC="php-${PHP_VER}"
+PHP_TGZ="${PHP_SRC}.tar.gz"
+
+if [ ! -f "${PHP_TGZ}" ]; then
+	wget "http://museum.php.net/php5/${PHP_TGZ}"
+	if [ $? -ne 0 ]; then
+		# newest version?
+		wget -O "${PHP_TGZ}" "http://ru2.php.net/get/${PHP_TGZ}/from/this/mirror"
+		if [ $? -ne 0 ]; then
+			exit $?
+		fi
+	fi
+fi
+
+if [ ! -d "${PHP_SRC}" ]; then
+	tar -xf "${PHP_TGZ}" -C ./
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+fi
+
+#
+# Get SQLCipher source code and make SQLite Amalgamation
+#
+
+SQLCIPHER_SRC="sqlcipher.git"
+
+if [ ! -d "${SQLCIPHER_SRC}" ]; then
+	git clone "git://github.com/sqlcipher/sqlcipher.git" "${SQLCIPHER_SRC}"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+fi
+
+if [ ! -f "${SQLCIPHER_SRC}/sqlite3.c" ]; then
+	cd "${SQLCIPHER_SRC}"
+
+	make distclean
+
+	# subject to change (see http://www.sqlite.org/compile.html)
+	./configure \
+		--disable-shared \
+		--enable-tempstore=yes \
+		CFLAGS=" \
+			-DSQLITE_HAS_CODEC \
+			-DSQLITE_ENABLE_UPDATE_DELETE_LIMIT \
+			-DSQLITE_ENABLE_COLUMN_METADATA \
+			-DSQLITE_ENABLE_STAT3 \
+			-DSQLITE_ENABLE_RTREE \
+			-DSQLITE_ENABLE_FTS3 \
+			-DSQLITE_ENABLE_FTS3_PARENTHESIS \
+			-DSQLITE_ENABLE_FTS4 \
+			-DSQLITE_SECURE_DELETE \
+			-DSQLITE_ENABLE_ICU \
+			-DSQLITE_SOUNDEX \
+			-DSQLITE_DEFAULT_FOREIGN_KEYS=1 \
+			-I/usr/local/include" \
+		LDFLAGS="-lcrypto -licuuc -licui18n -L/usr/local/lib"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+
+	make
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+
+	cd ..
+fi
+
+#
+# Clone pdo_sqlite sources for pdo_sqlcipher
+#
+
+BUILD_DIR="build"
+
+if [ -d "${BUILD_DIR}" ]; then
+	rm -rf "${BUILD_DIR}"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+fi
+
+mkdir -p "${BUILD_DIR}"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+PDO_SQLITE="${PHP_SRC}/ext/pdo_sqlite"
+
+cp "${PDO_SQLITE}/"*.c "${PDO_SQLITE}"/*.h "${BUILD_DIR}/"
+
+# magic :)
+for FILE in "${BUILD_DIR}"/*
+do
+	cat "${FILE}" | \
+		sed -e 's/<sqlite3.h>/"sqlite3.h"/g'                            | \
+		sed -e 's/pdo_sqlite/pdo_sqlcipher/g'                           | \
+		sed -e 's/php_sqlite3/php_sqlcipher/g'                          | \
+		sed -e 's/sqlite_handle_/sqlcipher_handle_/g'                   | \
+		sed -e 's/sqlite_stmt_methods/sqlcipher_stmt_methods/g'         | \
+		sed -e 's/PDO_SQLITE/PDO_SQLCIPHER/g'                           | \
+		sed -e 's/HEADER(sqlite)/HEADER(sqlcipher)/g'                   | \
+		sed -e 's/PDO Driver for SQLite 3.x/PDO Driver for SQLCipher/g' | \
+		sed -e 's/SQLite Library/SQLCipher Library/g'                   > \
+		"${FILE}.tmp"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+
+	NEW_FILE=$(echo ${FILE} | sed 's/pdo_sqlite/pdo_sqlcipher/')
+
+	mv "${FILE}.tmp" "${NEW_FILE}"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+
+	if [ "${NEW_FILE}" != "${FILE}" ]; then
+		rm -f "${FILE}"
+		if [ $? -ne 0 ]; then
+			exit $?
+		fi
+	fi
+done
+
+#
+# Build pdo_sqlcipher
+#
+
+cp -r "${SQLCIPHER_SRC}" "${BUILD_DIR}/sqlcipher"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cp "config.m4" "${BUILD_DIR}/config.m4"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cd "${BUILD_DIR}"
+
+phpize --clean
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+phpize
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+./configure
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+make
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cd ..
+
+#
+# Copy binaries
+#
+
+RELEASE_DIR="release"
+
+if [ -d "${RELEASE_DIR}" ]; then
+	rm -rf "${RELEASE_DIR}"
+	if [ $? -ne 0 ]; then
+		exit $?
+	fi
+fi
+
+mkdir -p "${RELEASE_DIR}"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+# pdo_sqlite.so
+cp "${BUILD_DIR}/modules/pdo_sqlcipher.so" "${RELEASE_DIR}/pdo_sqlcipher.so"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+strip "${RELEASE_DIR}/pdo_sqlcipher.so"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+chmod 0644 "${RELEASE_DIR}/pdo_sqlcipher.so"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+# sqlcipher static binary
+cp "${SQLCIPHER_SRC}/sqlite3" "${RELEASE_DIR}/sqlcipher"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+strip "${RELEASE_DIR}/sqlcipher"
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+#
+# Clean
+#
+
+rm -rf ${PHP_SRC}
+rm -rf ${SQLCIPHER_SRC}
+rm -rf ${BUILD_DIR}
+rm -f  ${PHP_TGZ}
diff --git a/config.m4 b/config.m4
new file mode 100644
index 0000000..5201228
--- /dev/null
+++ b/config.m4
@@ -0,0 +1,36 @@
+dnl $Id$
+dnl config.m4 for extension pdo_sqlcipher
+dnl vim:et:sw=2:ts=2:
+
+PHP_ARG_ENABLE(pdo_sqlcipher, whether to enable pdo_sqlcipher support,
+[  --enable-pdo_sqlcipher  Enable pdo_sqlcipher support])
+
+if test "$PHP_PDO_SQLCIPHER" != "no"; then
+
+    if test "$PHP_PDO" = "no" && test "$ext_shared" = "no"; then
+        AC_MSG_ERROR([PDO is not enabled! Add --enable-pdo to your configure line.])
+    fi
+
+    AC_MSG_CHECKING([for PDO includes])
+    if test -f $abs_srcdir/include/php/ext/pdo/php_pdo_driver.h; then
+        pdo_inc_path=$abs_srcdir/ext
+    elif test -f $abs_srcdir/ext/pdo/php_pdo_driver.h; then
+        pdo_inc_path=$abs_srcdir/ext
+    elif test -f $prefix/include/php/ext/pdo/php_pdo_driver.h; then
+        pdo_inc_path=$prefix/include/php/ext
+    elif test -f $prefix/include/php5/ext/pdo/php_pdo_driver.h; then
+        pdo_inc_path=$prefix/include/php5/ext
+    else
+        AC_MSG_ERROR([Cannot find php_pdo_driver.h.])
+    fi
+    AC_MSG_RESULT($pdo_inc_path)
+
+    php_pdo_sqlcipher_sources_core="pdo_sqlcipher.c sqlite_driver.c sqlite_statement.c sqlcipher/sqlite3.c"
+
+    PHP_NEW_EXTENSION(pdo_sqlcipher, $php_pdo_sqlcipher_sources_core, $ext_shared,,-I$pdo_inc_path -Isqlcipher)
+
+    ifdef([PHP_ADD_EXTENSION_DEP],
+    [
+        PHP_ADD_EXTENSION_DEP(pdo_sqlcipher, pdo)
+    ])
+fi
diff --git a/debian.sh b/debian.sh
new file mode 100755
index 0000000..5fcd03f
--- /dev/null
+++ b/debian.sh
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+RELEASE_DIR="release"
+
+mkdir -p package/usr/bin
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+mkdir -p package/usr/lib/php5/20090626
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cp "${RELEASE_DIR}/pdo_sqlcipher.so" package/usr/lib/php5/20090626/
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cp "${RELEASE_DIR}/sqlcipher" package/usr/bin/
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cd package
+
+md5deep -rl etc usr > DEBIAN/md5sums
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+cd ..
+
+fakeroot dpkg-deb -z9 -b package
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+mv package.deb php5-sqlcipher.deb
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+# http://lintian.debian.org/tags.html
+lintian php5-sqlcipher.deb
+if [ $? -ne 0 ]; then
+	exit $?
+fi
+
+# clean
+rm -rf package/usr/bin
+rm -rf package/usr/lib
+rm -f  package/DEBIAN/md5sums
diff --git a/package/DEBIAN/conffiles b/package/DEBIAN/conffiles
new file mode 100644
index 0000000..ee67535
--- /dev/null
+++ b/package/DEBIAN/conffiles
@@ -0,0 +1 @@
+/etc/php5/conf.d/pdo_sqlcipher.ini
diff --git a/package/DEBIAN/control b/package/DEBIAN/control
new file mode 100644
index 0000000..91c181b
--- /dev/null
+++ b/package/DEBIAN/control
@@ -0,0 +1,12 @@
+Package: php5-sqlcipher
+Version: 5.3.3-7+squeeze13
+Architecture: amd64
+Maintainer: Anton Batenev <antonbatenev@yandex.ru>
+Installed-Size: 350
+Depends: libc6 (>= 2.11.3-3), libstdc++6 (>= 4.4.5-8), libssl0.9.8 (>= 0.9.8o-4squeeze13), libicu44 (>= 4.4.1-8), libreadline6 (>= 6.1-3), zlib1g (>= 1:1.2.3.4.dfsg-3), libgcc1 (>= 1:4.4.5-8), libncurses5 (>= 5.7+20100313-5), phpapi-20090626, php5-common (= 5.3.3-7+squeeze13)
+Section: php
+Priority: optional
+Homepage: https://github.com/abbat/pdo_sqlcipher
+Description: sqlcipher module for PHP 5
+ SQLCipher is an SQLite extension that provides transparent
+ 256-bit AES encryption of database files.
diff --git a/package/etc/php5/conf.d/pdo_sqlcipher.ini b/package/etc/php5/conf.d/pdo_sqlcipher.ini
new file mode 100644
index 0000000..324bfa4
--- /dev/null
+++ b/package/etc/php5/conf.d/pdo_sqlcipher.ini
@@ -0,0 +1 @@
+extension=pdo_sqlcipher.so
diff --git a/package/usr/share/doc/php5-sqlcipher/copyright b/package/usr/share/doc/php5-sqlcipher/copyright
new file mode 100644
index 0000000..600762d
--- /dev/null
+++ b/package/usr/share/doc/php5-sqlcipher/copyright
@@ -0,0 +1,4 @@
+This package was debianized by Anton Batenev <antonbatenev@yandex.ru>
+
+pdo_sqlite under PHP License (http://www.php.net/license/3_0.txt)
+sqlcipher under BSD-style open source license (http://sqlcipher.net/license)
diff --git a/package/usr/share/lintian/overrides/php5-sqlcipher b/package/usr/share/lintian/overrides/php5-sqlcipher
new file mode 100644
index 0000000..bac25c2
--- /dev/null
+++ b/package/usr/share/lintian/overrides/php5-sqlcipher
@@ -0,0 +1,7 @@
+php5-sqlcipher: debian-changelog-file-missing
+php5-sqlcipher: hardening-no-relro
+php5-sqlcipher: copyright-without-copyright-notice
+php5-sqlcipher: binary-or-shlib-defines-rpath
+php5-sqlcipher: embedded-library
+php5-sqlcipher: hardening-no-fortify-functions
+php5-sqlcipher: binary-without-manpage