rpms/apr-util
5
0
Fork 0
Code Issues Pull Requests Releases Activity

update to 1.6.0 (#1460831)

Browse Source 
move bdb support to loadable DSO in apr-util-dbd subpackage
drop NSS, freetds support
Resolves: rhbz#1460831
This commit is contained in:
Joe Orton 2017-08-21 10:55:19 +01:00
parent 67de617df7
commit 6eff04c04b
5 changed files with 44 additions and 364 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -10,3 +10,4 @@ apr-util-1.3.9.tar.bz2
/apr-util-1.5.2.tar.bz2
/apr-util-1.5.3.tar.bz2
/apr-util-1.5.4.tar.bz2
/apr-util-1.6.0.tar.bz2

63
apr-util-1.3.7-nodbmdso.patch
View File

@ -1,63 +0,0 @@
--- apr-util-1.3.7/build/dso.m4.nodbmdso
+++ apr-util-1.3.7/build/dso.m4
@@ -44,6 +44,16 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [
fi
fi
+
+ ### Hack: force static linking of DBM code.
+ objs=
+ test $apu_have_db = 1 && objs="$objs dbm/apr_dbm_berkeleydb.lo"
+ test $apu_have_gdbm = 1 && objs="$objs dbm/apr_dbm_gdbm.lo"
+ test $apu_have_ndbm = 1 && objs="$objs dbm/apr_dbm_ndbm.lo"
+ EXTRA_OBJECTS="$EXTRA_OBJECTS $objs"
+ APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm"
+ APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm"
+
if test "$apu_dso_build" = "0"; then
# Statically link the drivers:
@@ -42,9 +65,6 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [
test $apu_have_sqlite3 = 1 && objs="$objs dbd/apr_dbd_sqlite3.lo"
test $apu_have_freetds = 1 && objs="$objs dbd/apr_dbd_freetds.lo"
test $apu_have_odbc = 1 && objs="$objs dbd/apr_dbd_odbc.lo"
- test $apu_have_db = 1 && objs="$objs dbm/apr_dbm_berkeleydb.lo"
- test $apu_have_gdbm = 1 && objs="$objs dbm/apr_dbm_gdbm.lo"
- test $apu_have_ndbm = 1 && objs="$objs dbm/apr_dbm_ndbm.lo"
test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_init.lo"
test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_option.lo"
test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_rebind.lo"
@@ -81,11 +81,9 @@
APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss"
APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_freetds $LDADD_dbd_odbc"
- APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm"
APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_ldap"
APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss"
APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_freetds $LDADD_dbd_odbc"
- APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm"
APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_ldap"
else
@@ -82,9 +100,6 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [
test $apu_have_sqlite3 = 1 && dsos="$dsos dbd/apr_dbd_sqlite3.la"
test $apu_have_freetds = 1 && dsos="$dsos dbd/apr_dbd_freetds.la"
test $apu_have_odbc = 1 && dsos="$dsos dbd/apr_dbd_odbc.la"
- test $apu_have_db = 1 && dsos="$dsos dbm/apr_dbm_db.la"
- test $apu_have_gdbm = 1 && dsos="$dsos dbm/apr_dbm_gdbm.la"
- test $apu_have_ndbm = 1 && dsos="$dsos dbm/apr_dbm_ndbm.la"
test $apu_has_ldap = 1 && dsos="$dsos ldap/apr_ldap.la"
if test -n "$dsos"; then
--- apr-util-1.3.7/dbm/apr_dbm.c.nodbmdso
+++ apr-util-1.3.7/dbm/apr_dbm.c
@@ -56,6 +56,9 @@
#error a DBM implementation was not specified
#endif
+#undef APU_DSO_BUILD
+#define APU_DSO_BUILD 0
+
#if APU_DSO_BUILD
static apr_hash_t *drivers = NULL;

256
apr-util-1.5.4-openssl11.patch
View File

@ -1,256 +0,0 @@
OpenSSL 1.1.0 fixes from apr-util 1.5.x branch.
diff -uap apr-util-1.5.4/build/crypto.m4.openssl11 apr-util-1.5.4/build/crypto.m4
--- apr-util-1.5.4/build/crypto.m4.openssl11
+++ apr-util-1.5.4/build/crypto.m4
@@ -88,7 +88,7 @@
[
if test "$withval" = "yes"; then
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
fi
@@ -104,7 +104,7 @@
AC_MSG_NOTICE(checking for openssl in $withval)
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
@@ -113,7 +113,7 @@
if test "$apu_have_openssl" != "1"; then
AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1])
- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto))
if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then
apu_have_openssl=1
APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib])
diff -uap apr-util-1.5.4/crypto/apr_crypto_openssl.c.openssl11 apr-util-1.5.4/crypto/apr_crypto_openssl.c
--- apr-util-1.5.4/crypto/apr_crypto_openssl.c.openssl11
+++ apr-util-1.5.4/crypto/apr_crypto_openssl.c
@@ -64,7 +64,7 @@
apr_pool_t *pool;
const apr_crypto_driver_t *provider;
const apr_crypto_t *f;
- EVP_CIPHER_CTX cipherCtx;
+ EVP_CIPHER_CTX *cipherCtx;
int initialised;
int ivSize;
int blockSize;
@@ -111,7 +111,11 @@
static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
const apu_err_t **result)
{
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
CRYPTO_malloc_init();
+#else
+ OPENSSL_malloc_init();
+#endif
ERR_load_crypto_strings();
/* SSL_load_error_strings(); */
OpenSSL_add_all_algorithms();
@@ -124,6 +128,30 @@
return APR_SUCCESS;
}
+#if OPENSSL_VERSION_NUMBER < 0x0090802fL
+
+/* Code taken from OpenSSL 0.9.8b, see
+ * https://github.com/openssl/openssl/commit/cf6bc84148cb15af09b292394aaf2b45f0d5af0d
+ */
+
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
+{
+ EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ if (ctx)
+ EVP_CIPHER_CTX_init(ctx);
+ return ctx;
+}
+
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+{
+ if (ctx) {
+ EVP_CIPHER_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
+}
+
+#endif
+
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
@@ -134,7 +162,7 @@
{
if (ctx->initialised) {
- EVP_CIPHER_CTX_cleanup(&ctx->cipherCtx);
+ EVP_CIPHER_CTX_free(ctx->cipherCtx);
ctx->initialised = 0;
}
@@ -491,8 +519,10 @@
apr_pool_cleanup_null);
/* create a new context for encryption */
- EVP_CIPHER_CTX_init(&block->cipherCtx);
- block->initialised = 1;
+ if (!block->initialised) {
+ block->cipherCtx = EVP_CIPHER_CTX_new();
+ block->initialised = 1;
+ }
/* generate an IV, if necessary */
usedIv = NULL;
@@ -519,16 +549,16 @@
/* set up our encryption context */
#if CRYPTO_OPENSSL_CONST_BUFFERS
- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
+ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine,
key->key, usedIv)) {
#else
- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
+ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) {
#endif
return APR_EINIT;
}
/* Clear up any read padding */
- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
+ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
return APR_EPADDING;
}
@@ -582,11 +612,16 @@
}
#if CRYPT_OPENSSL_CONST_BUFFERS
- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, in, inlen)) {
+ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, in, inlen)) {
#else
- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl,
+ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl,
(unsigned char *) in, inlen)) {
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
+#else
+ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
+#endif
return APR_ECRYPT;
}
*outlen = outl;
@@ -616,14 +651,22 @@
static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
apr_size_t *outlen, apr_crypto_block_t *ctx)
{
+ apr_status_t rc = APR_SUCCESS;
int len = *outlen;
- if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
- return APR_EPADDING;
+ if (EVP_EncryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
+ rc = APR_EPADDING;
}
- *outlen = len;
+ else {
+ *outlen = len;
+ }
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
+#else
+ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
+#endif
- return APR_SUCCESS;
+ return rc;
}
@@ -662,8 +705,10 @@
apr_pool_cleanup_null);
/* create a new context for encryption */
- EVP_CIPHER_CTX_init(&block->cipherCtx);
- block->initialised = 1;
+ if (!block->initialised) {
+ block->cipherCtx = EVP_CIPHER_CTX_new();
+ block->initialised = 1;
+ }
/* generate an IV, if necessary */
if (key->ivSize) {
@@ -674,16 +719,16 @@
/* set up our encryption context */
#if CRYPTO_OPENSSL_CONST_BUFFERS
- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine,
+ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine,
key->key, iv)) {
#else
- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
+ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) {
#endif
return APR_EINIT;
}
/* Clear up any read padding */
- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) {
+ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) {
return APR_EPADDING;
}
@@ -737,11 +782,16 @@
}
#if CRYPT_OPENSSL_CONST_BUFFERS
- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, in, inlen)) {
+ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, in, inlen)) {
#else
- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, (unsigned char *) in,
+ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in,
inlen)) {
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
+#else
+ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
+#endif
return APR_ECRYPT;
}
*outlen = outl;
@@ -771,15 +821,22 @@
static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
apr_size_t *outlen, apr_crypto_block_t *ctx)
{
-
+ apr_status_t rc = APR_SUCCESS;
int len = *outlen;
- if (EVP_DecryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
- return APR_EPADDING;
+ if (EVP_DecryptFinal_ex(ctx->cipherCtx, out, &len) == 0) {
+ rc = APR_EPADDING;
+ }
+ else {
+ *outlen = len;
}
- *outlen = len;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx);
+#else
+ EVP_CIPHER_CTX_reset(ctx->cipherCtx);
+#endif
- return APR_SUCCESS;
+ return rc;
}

86
apr-util.spec
View File

@ -5,29 +5,30 @@
%define dbdep libdb-devel
%endif
%if 0%{?rhel}
%define with_freetds 0
%if 0%{?fedora} < 27 && 0%{?rhel} <= 7
%global with_nss 1
%else
%define with_freetds 1
%global with_nss 0
%endif
%define apuver 1
Summary: Apache Portable Runtime Utility library
Name: apr-util
Version: 1.5.4
Release: 7%{?dist}
Version: 1.6.0
Release: 1%{?dist}
License: ASL 2.0
Group: System Environment/Libraries
URL: http://apr.apache.org/
Source0: http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2
Patch1: apr-util-1.2.7-pkgconf.patch
Patch2: apr-util-1.3.7-nodbmdso.patch
Patch4: apr-util-1.4.1-private.patch
Patch5: apr-util-1.5.4-openssl11.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
BuildRequires: autoconf, apr-devel >= 1.3.0
BuildRequires: %{dbdep}, expat-devel, libuuid-devel
%if 0%{?fedora} < 27
Requires: apr-util-bdb%{?_isa} = %{version}-%{release}
%endif
%description
The mission of the Apache Portable Runtime (APR) is to provide a
@ -57,6 +58,16 @@ Requires: apr-util%{?_isa} = %{version}-%{release}
This package provides the PostgreSQL driver for the apr-util
DBD (database abstraction) interface.
%package bdb
Group: Development/Libraries
Summary: APR utility library Berkeley DB driver
BuildRequires: postgresql-devel
Requires: apr-util%{?_isa} = %{version}-%{release}
%description bdb
This package provides the Berkeley DB driver for the apr-util
DBM (database abstraction) interface.
%package mysql
Group: Development/Libraries
Summary: APR utility library MySQL DBD driver
@ -77,20 +88,6 @@ Requires: apr-util%{?_isa} = %{version}-%{release}
This package provides the SQLite driver for the apr-util DBD
(database abstraction) interface.
%if %{with_freetds}
%package freetds
Group: Development/Libraries
Summary: APR utility library FreeTDS DBD driver
BuildRequires: freetds-devel
Requires: apr-util%{?_isa} = %{version}-%{release}
%description freetds
This package provides the FreeTDS driver for the apr-util DBD
(database abstraction) interface.
%endif
%package odbc
Group: Development/Libraries
Summary: APR utility library ODBC DBD driver
@ -112,28 +109,28 @@ This package provides the LDAP support for the apr-util.
%package openssl
Group: Development/Libraries
Summary: APR utility library OpenSSL crytpo support
Summary: APR utility library OpenSSL crypto support
BuildRequires: openssl-devel
Requires: apr-util%{?_isa} = %{version}-%{release}
%description openssl
This package provides the OpenSSL crypto support for the apr-util.
%if %{with_nss}
%package nss
Group: Development/Libraries
Summary: APR utility library NSS crytpo support
Summary: APR utility library NSS crypto support
BuildRequires: nss-devel
Requires: apr-util%{?_isa} = %{version}-%{release}
%description nss
This package provides the NSS crypto support for the apr-util.
%endif
%prep
%setup -q
%patch1 -p1 -b .pkgconf
%patch2 -p1 -b .nodbmdso
%patch4 -p1 -b .private
%patch5 -p1 -b .openssl11
%build
autoheader && autoconf
@ -144,14 +141,14 @@ export ac_cv_ldap_set_rebind_proc_style=three
--includedir=%{_includedir}/apr-%{apuver} \
--with-ldap=ldap_r --without-gdbm \
--with-sqlite3 --with-pgsql --with-mysql --with-odbc \
%if %{with_freetds}
--with-freetds \
%else
--without-freetds \
%endif
--with-berkeley-db \
--with-dbm=db5 --with-berkeley-db \
--without-sqlite2 \
--with-crypto --with-openssl --with-nss
--with-crypto --with-openssl \
%if %{with_nss}
--with-nss
%else
--without-nss
%endif
make %{?_smp_mflags}
%install
@ -183,10 +180,8 @@ export MALLOC_CHECK_=2 MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
cd test
make %{?_smp_mflags} testall
# testall breaks with DBD DSO; ignore
export LD_LIBRARY_PATH="`echo "../dbm/.libs:../dbd/.libs:../ldap/.libs:$LD_LIBRARY_PATH" | sed -e 's/::*$//'`"
./testall -v -q || true
./testall testrmm
./testall testdbm
export LD_LIBRARY_PATH=%{buildroot}/%{_libdir}/apr-util-%{apuver}
./testall -v -q
%clean
rm -rf $RPM_BUILD_ROOT
@ -201,6 +196,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libaprutil-%{apuver}.so.*
%dir %{_libdir}/apr-util-%{apuver}
%files bdb
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_dbm_db*
%files pgsql
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_dbd_pgsql*
@ -213,14 +212,6 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_dbd_sqlite*
%if %{with_freetds}
%files freetds
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_dbd_freetds*
%endif
%files odbc
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_dbd_odbc*
@ -233,9 +224,11 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_crypto_openssl*
%if %{with_nss}
%files nss
%defattr(-,root,root,-)
%{_libdir}/apr-util-%{apuver}/apr_crypto_nss*
%endif
%files devel
%defattr(-,root,root,-)
@ -247,6 +240,11 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/aclocal/*.m4
%changelog
* Mon Aug 21 2017 Joe Orton <jorton@redhat.com> - 1.6.0-1
- update to 1.6.0 (#1460831)
- move bdb support to loadable DSO in apr-util-dbd subpackage
- drop NSS, freetds support
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
2202b18f269ad606d70e1864857ed93c apr-util-1.5.4.tar.bz2
SHA512 (apr-util-1.6.0.tar.bz2) = dc88c13ef6116ed1c67584436cb8ca94ef77d358cb60c7cafab953d36d00564776414faed43397755e79bcf1b14dfca81cad2e280a2dd4c31f6e4559583effd0