security/rubygem-omniauth-rails_csrf_protection: new port, required for gitlab-ce

security/Makefile

@@ -1097,6 +1097,7 @@
     SUBDIR += rubygem-omniauth-jwt
     SUBDIR += rubygem-omniauth-multipassword
     SUBDIR += rubygem-omniauth-oauth2-generic
+    SUBDIR += rubygem-omniauth-rails_csrf_protection
     SUBDIR += rubygem-omniauth-saml
     SUBDIR += rubygem-omniauth-shibboleth
     SUBDIR += rubygem-omniauth1

security/rubygem-omniauth-rails_csrf_protection/Makefile

@@ -0,0 +1,21 @@
+PORTNAME=	omniauth-rails_csrf_protection
+PORTVERSION=	1.0.1
+CATEGORIES=	security rubygems
+MASTER_SITES=	RG
+
+MAINTAINER=	mfechner@FreeBSD.org
+COMMENT=	Mitigation against CVE-2015-9284 for OmniAuth
+WWW=		https://github.com/cookpad/omniauth-rails_csrf_protection
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE.txt
+
+RUN_DEPENDS=	rubygem-actionpack61>=4.2:www/rubygem-actionpack61 \
+		rubygem-omniauth>=2.0<3:security/rubygem-omniauth
+
+USES=		gem
+USE_RUBY=	yes
+
+NO_ARCH=	yes
+
+.include <bsd.port.mk>

security/rubygem-omniauth-rails_csrf_protection/distinfo

@@ -0,0 +1,3 @@
+TIMESTAMP = 1665830346
+SHA256 (rubygem/omniauth-rails_csrf_protection-1.0.1.gem) = fc546aeb7d43b7b9d7737051c380156e61c8f080b898cd4934d523eaa7e59acf
+SIZE (rubygem/omniauth-rails_csrf_protection-1.0.1.gem) = 10752

security/rubygem-omniauth-rails_csrf_protection/pkg-descr

@@ -0,0 +1,5 @@
+This gem provides a mitigation against CVE-2015-9284
+(Cross-Site Request Forgery on the request phrase when
+using OmniAuth gem with a Ruby on Rails application) by
+implementing a CSRF token verifier that directly utilize
+`ActionController::RequestForgeryProtection` code from Rails.