diff --git a/apr-1.7.0-deepbind.patch b/apr-1.7.0-deepbind.patch index ceaa9ab..3a40d22 100644 --- a/apr-1.7.0-deepbind.patch +++ b/apr-1.7.0-deepbind.patch @@ -1,6 +1,5 @@ -Conflicting e.g. libldap vs libldap_r problems still exist -inside httpd. Use RTLD_DEEPBIND by default. +Add $APR_DEEPBIND to enable use of RTLD_DEEPBIND in apr_dso_open(). --- apr-1.7.0/dso/unix/dso.c.deepbind +++ apr-1.7.0/dso/unix/dso.c @@ -19,10 +18,43 @@ inside httpd. Use RTLD_DEEPBIND by default. void *os_handle; + + if (use_deepbind == 0) -+ use_deepbind = getenv("APR_DEEPBIND") != NULL ? 1 : -1; ++ use_deepbind = secure_getenv("APR_DEEPBIND") != NULL ? 1 : -1; + if (use_deepbind == 1) + flags |= RTLD_DEEPBIND; + #ifdef _AIX if (strchr(path + 1, '(') && path[strlen(path) - 1] == ')') { +--- apr-1.7.0/README.deepbind.deepbind ++++ apr-1.7.0/README.deepbind +@@ -0,0 +1,30 @@ ++This distribution of APR contains a modification of the behaviour of ++the apr_dso_open() function which allows users enable the ++"RTLD_DEEPBIND" flag when dlopen() is called. ++ ++If the "APR_DEEPBIND" environment variable is set at runtime, the ++RTLD_DEEPBIND flag is always added to the flags passed to dlopen(). ++ ++With normal use of dlopen(), dynamically loaded objects will use ++global symbols in preference to any symbols defined within the object. ++Using RTLD_DEEPBIND reverses this binding order. See the dlopen(3) ++man page for more information. ++ ++This can be useful with Apache httpd, where two different modules are ++loaded like: ++ ++1. mod_foo.so uses library "libfoo.so" ++ libfoo.so defines a function "SomeSym" ++2. mod_bar.so uses library "libbar.so" ++ libbar.so defines a different "SomeSym" function ++ ++By default, mod_bar or mod_foo would use the "SomeSym" definition from ++the "wrong" library depending on the load order. If RTLD_DEEPBIND is ++used, the "SomeSym" definition will always be mapped to the definition ++from the corresponding dependent library. This can avoid symbol ++conflicts. ++ ++There are some risks with using RTLD_DEEPBIND, in particular potential ++issues with modules written in C++. It is not recommended to enable ++$APR_DEEPBIND unless it solves a specific problem and after thorough ++testing of the configuration. diff --git a/apr.spec b/apr.spec index 0a7219d..4e85afe 100644 --- a/apr.spec +++ b/apr.spec @@ -6,7 +6,7 @@ Summary: Apache Portable Runtime library Name: apr Version: 1.7.0 -Release: 9%{?dist} +Release: 10%{?dist} # ASL 2.0: everything # ISC: network_io/apr-1.4.6/network_io/unix/inet_?to?.c # BSD with advertising: strings/apr_snprintf.c, strings/apr_fnmatch.c, @@ -109,7 +109,7 @@ popd %ldconfig_scriptlets %files -%doc CHANGES LICENSE NOTICE +%doc CHANGES LICENSE NOTICE README* %{_libdir}/libapr-%{aprver}.so.* %files devel @@ -127,6 +127,9 @@ popd %{_datadir}/aclocal/*.m4 %changelog +* Fri Jun 18 2021 Joe Orton - 1.7.0-10 +- document APR_DEEPBIND and use secure_getenv() (thanks to mturk) + * Mon Apr 12 2021 Lubos Uhliarik - 1.7.0-9 - Resolves: #1942985 - apr: FTBFS with upcoming autoconf-2.71