From bc8772441bc326c6a0bad89aef358ebb8d141344 Mon Sep 17 00:00:00 2001
From: xiagw <fxiaxiaoyu@gmail.com>
Date: Wed, 29 May 2019 08:56:40 +0800
Subject: [PATCH] add php ext "taint" (#2150)

* add php ext "taint", only support php7.
---
 docker-compose.yml    |  3 +++
 env-example           |  3 +++
 php-fpm/Dockerfile    | 15 +++++++++++++++
 php-worker/Dockerfile | 13 +++++++++++++
 workspace/Dockerfile  | 16 ++++++++++++++++
 5 files changed, 50 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 18ff561e..b49eee6f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -98,6 +98,7 @@ services:
           - INSTALL_PG_CLIENT=${WORKSPACE_INSTALL_PG_CLIENT}
           - INSTALL_PHALCON=${WORKSPACE_INSTALL_PHALCON}
           - INSTALL_SWOOLE=${WORKSPACE_INSTALL_SWOOLE}
+          - INSTALL_TAINT=${WORKSPACE_INSTALL_TAINT}
           - INSTALL_LIBPNG=${WORKSPACE_INSTALL_LIBPNG}
           - INSTALL_IONCUBE=${WORKSPACE_INSTALL_IONCUBE}
           - INSTALL_MYSQL_CLIENT=${WORKSPACE_INSTALL_MYSQL_CLIENT}
@@ -162,6 +163,7 @@ services:
           - INSTALL_LDAP=${PHP_FPM_INSTALL_LDAP}
           - INSTALL_PHALCON=${PHP_FPM_INSTALL_PHALCON}
           - INSTALL_SWOOLE=${PHP_FPM_INSTALL_SWOOLE}
+          - INSTALL_TAINT=${PHP_FPM_INSTALL_TAINT}
           - INSTALL_IMAGE_OPTIMIZERS=${PHP_FPM_INSTALL_IMAGE_OPTIMIZERS}
           - INSTALL_IMAGEMAGICK=${PHP_FPM_INSTALL_IMAGEMAGICK}
           - INSTALL_CALENDAR=${PHP_FPM_INSTALL_CALENDAR}
@@ -208,6 +210,7 @@ services:
           - INSTALL_AMQP=${PHP_WORKER_INSTALL_AMQP}
           - INSTALL_GHOSTSCRIPT=${PHP_WORKER_INSTALL_GHOSTSCRIPT}
           - INSTALL_SWOOLE=${PHP_WORKER_INSTALL_SWOOLE}
+          - INSTALL_TAINT=${PHP_WORKER_INSTALL_TAINT}
           - INSTALL_FFMPEG=${PHP_WORKER_INSTALL_FFMPEG}
           - INSTALL_GMP=${PHP_WORKER_INSTALL_GMP}
           - PUID=${PHP_WORKER_PUID}
diff --git a/env-example b/env-example
index 810dee10..84d9dd2e 100644
--- a/env-example
+++ b/env-example
@@ -129,6 +129,7 @@ WORKSPACE_INSTALL_DUSK_DEPS=false
 WORKSPACE_INSTALL_PG_CLIENT=false
 WORKSPACE_INSTALL_PHALCON=false
 WORKSPACE_INSTALL_SWOOLE=false
+WORKSPACE_INSTALL_TAINT=false
 WORKSPACE_INSTALL_LIBPNG=false
 WORKSPACE_INSTALL_IONCUBE=false
 WORKSPACE_INSTALL_MYSQL_CLIENT=false
@@ -170,6 +171,7 @@ PHP_FPM_INSTALL_GHOSTSCRIPT=false
 PHP_FPM_INSTALL_LDAP=false
 PHP_FPM_INSTALL_PHALCON=false
 PHP_FPM_INSTALL_SWOOLE=false
+PHP_FPM_INSTALL_TAINT=false
 PHP_FPM_INSTALL_PG_CLIENT=false
 PHP_FPM_INSTALL_POSTGIS=false
 PHP_FPM_INSTALL_PCNTL=false
@@ -196,6 +198,7 @@ PHP_WORKER_INSTALL_MYSQL_CLIENT=false
 PHP_WORKER_INSTALL_AMQP=false
 PHP_WORKER_INSTALL_GHOSTSCRIPT=false
 PHP_WORKER_INSTALL_SWOOLE=false
+PHP_WORKER_INSTALL_TAINT=false
 PHP_WORKER_INSTALL_FFMPEG=false
 PHP_WORKER_INSTALL_GMP=false
 
diff --git a/php-fpm/Dockerfile b/php-fpm/Dockerfile
index 9d90ee68..60fc5a9a 100644
--- a/php-fpm/Dockerfile
+++ b/php-fpm/Dockerfile
@@ -223,6 +223,21 @@ RUN if [ ${INSTALL_SWOOLE} = true ]; then \
     && php -m | grep -q 'swoole' \
 ;fi
 
+###########################################################################
+# Taint EXTENSION
+###########################################################################
+
+ARG INSTALL_TAINT=false
+
+RUN if [ ${INSTALL_TAINT} = true ]; then \
+    # Install Php TAINT Extension
+    if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
+      pecl install taint && \
+      docker-php-ext-enable taint && \
+      php -m | grep -q 'taint'; \
+    fi \
+;fi
+
 ###########################################################################
 # MongoDB:
 ###########################################################################
diff --git a/php-worker/Dockerfile b/php-worker/Dockerfile
index 328a5417..5297c7b5 100644
--- a/php-worker/Dockerfile
+++ b/php-worker/Dockerfile
@@ -135,6 +135,19 @@ RUN if [ ${INSTALL_SWOOLE} = true ]; then \
     && docker-php-ext-enable swoole \
 ;fi
 
+###########################################################################
+# Taint EXTENSION
+###########################################################################
+
+ARG INSTALL_TAINT=false
+
+RUN if [ ${INSTALL_TAINT} = true ]; then \
+    # Install Php TAINT Extension
+    if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
+      pecl install taint; \
+    fi && \
+    docker-php-ext-enable taint \
+;fi
 
 #
 #--------------------------------------------------------------------------
diff --git a/workspace/Dockerfile b/workspace/Dockerfile
index d286ecef..0ac035ea 100644
--- a/workspace/Dockerfile
+++ b/workspace/Dockerfile
@@ -435,6 +435,22 @@ RUN if [ ${INSTALL_SWOOLE} = true ]; then \
     && php -m | grep -q 'swoole' \
 ;fi
 
+###########################################################################
+# Taint EXTENSION
+###########################################################################
+
+ARG INSTALL_TAINT=false
+
+RUN if [ "${INSTALL_TAINT}" = true ]; then \
+    # Install Php TAINT Extension
+    if [ $(php -r "echo PHP_MAJOR_VERSION;") = "7" ]; then \
+      pecl install taint && \
+      echo "extension=taint.so" >> /etc/php/${LARADOCK_PHP_VERSION}/mods-available/taint.ini && \
+      ln -s /etc/php/${LARADOCK_PHP_VERSION}/mods-available/taint.ini /etc/php/${LARADOCK_PHP_VERSION}/cli/conf.d/20-taint.ini && \
+      php -m | grep -q 'taint'; \
+    fi \
+;fi
+
 ###########################################################################
 # Libpng16 EXTENSION
 ###########################################################################