document APR_DEEPBIND and use secure_getenv() (thanks to mturk)
package additional build/* files in apr-devel (#1945078) Resolves: rhbz#1945070
This commit is contained in:
parent
7cb417b18d
commit
bdff292e39
@ -1,6 +1,5 @@
|
|||||||
|
|
||||||
Conflicting e.g. libldap vs libldap_r problems still exist
|
Add $APR_DEEPBIND to enable use of RTLD_DEEPBIND in apr_dso_open().
|
||||||
inside httpd. Use RTLD_DEEPBIND by default.
|
|
||||||
|
|
||||||
--- apr-1.7.0/dso/unix/dso.c.deepbind
|
--- apr-1.7.0/dso/unix/dso.c.deepbind
|
||||||
+++ apr-1.7.0/dso/unix/dso.c
|
+++ apr-1.7.0/dso/unix/dso.c
|
||||||
@ -19,10 +18,43 @@ inside httpd. Use RTLD_DEEPBIND by default.
|
|||||||
void *os_handle;
|
void *os_handle;
|
||||||
+
|
+
|
||||||
+ if (use_deepbind == 0)
|
+ if (use_deepbind == 0)
|
||||||
+ use_deepbind = getenv("APR_DEEPBIND") != NULL ? 1 : -1;
|
+ use_deepbind = secure_getenv("APR_DEEPBIND") != NULL ? 1 : -1;
|
||||||
+ if (use_deepbind == 1)
|
+ if (use_deepbind == 1)
|
||||||
+ flags |= RTLD_DEEPBIND;
|
+ flags |= RTLD_DEEPBIND;
|
||||||
+
|
+
|
||||||
#ifdef _AIX
|
#ifdef _AIX
|
||||||
if (strchr(path + 1, '(') && path[strlen(path) - 1] == ')')
|
if (strchr(path + 1, '(') && path[strlen(path) - 1] == ')')
|
||||||
{
|
{
|
||||||
|
--- apr-1.7.0/README.deepbind.deepbind
|
||||||
|
+++ apr-1.7.0/README.deepbind
|
||||||
|
@@ -0,0 +1,30 @@
|
||||||
|
+This distribution of APR contains a modification of the behaviour of
|
||||||
|
+the apr_dso_open() function which allows users enable the
|
||||||
|
+"RTLD_DEEPBIND" flag when dlopen() is called.
|
||||||
|
+
|
||||||
|
+If the "APR_DEEPBIND" environment variable is set at runtime, the
|
||||||
|
+RTLD_DEEPBIND flag is always added to the flags passed to dlopen().
|
||||||
|
+
|
||||||
|
+With normal use of dlopen(), dynamically loaded objects will use
|
||||||
|
+global symbols in preference to any symbols defined within the object.
|
||||||
|
+Using RTLD_DEEPBIND reverses this binding order. See the dlopen(3)
|
||||||
|
+man page for more information.
|
||||||
|
+
|
||||||
|
+This can be useful with Apache httpd, where two different modules are
|
||||||
|
+loaded like:
|
||||||
|
+
|
||||||
|
+1. mod_foo.so uses library "libfoo.so"
|
||||||
|
+ libfoo.so defines a function "SomeSym"
|
||||||
|
+2. mod_bar.so uses library "libbar.so"
|
||||||
|
+ libbar.so defines a different "SomeSym" function
|
||||||
|
+
|
||||||
|
+By default, mod_bar or mod_foo would use the "SomeSym" definition from
|
||||||
|
+the "wrong" library depending on the load order. If RTLD_DEEPBIND is
|
||||||
|
+used, the "SomeSym" definition will always be mapped to the definition
|
||||||
|
+from the corresponding dependent library. This can avoid symbol
|
||||||
|
+conflicts.
|
||||||
|
+
|
||||||
|
+There are some risks with using RTLD_DEEPBIND, in particular potential
|
||||||
|
+issues with modules written in C++. It is not recommended to enable
|
||||||
|
+$APR_DEEPBIND unless it solves a specific problem and after thorough
|
||||||
|
+testing of the configuration.
|
||||||
|
16
apr.spec
16
apr.spec
@ -6,7 +6,7 @@
|
|||||||
Summary: Apache Portable Runtime library
|
Summary: Apache Portable Runtime library
|
||||||
Name: apr
|
Name: apr
|
||||||
Version: 1.7.0
|
Version: 1.7.0
|
||||||
Release: 9%{?dist}
|
Release: 9.2%{?dist}
|
||||||
# ASL 2.0: everything
|
# ASL 2.0: everything
|
||||||
# ISC: network_io/apr-1.4.6/network_io/unix/inet_?to?.c
|
# ISC: network_io/apr-1.4.6/network_io/unix/inet_?to?.c
|
||||||
# BSD with advertising: strings/apr_snprintf.c, strings/apr_fnmatch.c,
|
# BSD with advertising: strings/apr_snprintf.c, strings/apr_fnmatch.c,
|
||||||
@ -90,6 +90,12 @@ install -c -m644 %{SOURCE1} $RPM_BUILD_ROOT%{_includedir}/apr-%{aprver}/apr.h
|
|||||||
rm -f $RPM_BUILD_ROOT%{_libdir}/apr.exp \
|
rm -f $RPM_BUILD_ROOT%{_libdir}/apr.exp \
|
||||||
$RPM_BUILD_ROOT%{_libdir}/libapr-*.a
|
$RPM_BUILD_ROOT%{_libdir}/libapr-*.a
|
||||||
|
|
||||||
|
# Additionally packaged (see https://bugzilla.redhat.com/1669589) --
|
||||||
|
sed -i '1s,/.*,/usr/bin/python3,' build/gen-build.py
|
||||||
|
for f in build/gen-build.py build/install.sh build/config.*; do
|
||||||
|
install -c -m755 $f $RPM_BUILD_ROOT%{_libdir}/apr-%{aprver}/build
|
||||||
|
done
|
||||||
|
|
||||||
%check
|
%check
|
||||||
# Fail if LFS support isn't present in a 32-bit build, since this
|
# Fail if LFS support isn't present in a 32-bit build, since this
|
||||||
# breaks ABI and the soname doesn't change: see #254241
|
# breaks ABI and the soname doesn't change: see #254241
|
||||||
@ -107,7 +113,7 @@ popd
|
|||||||
%ldconfig_scriptlets
|
%ldconfig_scriptlets
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%doc CHANGES LICENSE NOTICE
|
%doc CHANGES LICENSE NOTICE README*
|
||||||
%{_libdir}/libapr-%{aprver}.so.*
|
%{_libdir}/libapr-%{aprver}.so.*
|
||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
@ -125,6 +131,12 @@ popd
|
|||||||
%{_datadir}/aclocal/*.m4
|
%{_datadir}/aclocal/*.m4
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jun 18 2021 Joe Orton <jorton@redhat.com> - 1.7.0-9.2
|
||||||
|
- package additional build/* files in apr-devel (#1945078)
|
||||||
|
|
||||||
|
* Fri Jun 18 2021 Joe Orton <jorton@redhat.com> - 1.7.0-9.1
|
||||||
|
- document APR_DEEPBIND and use secure_getenv() (thanks to mturk)
|
||||||
|
|
||||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.7.0-9
|
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.7.0-9
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user