diff --git a/httpd-2.4.33-export.patch b/httpd-2.4.33-export.patch deleted file mode 100644 index 9adf398..0000000 --- a/httpd-2.4.33-export.patch +++ /dev/null @@ -1,20 +0,0 @@ - -There is no need to "suck in" the apr/apr-util symbols when using -a shared libapr{,util}, it just bloats the symbol table; so don't. - -Upstream-HEAD: needed -Upstream-2.0: omit -Upstream-Status: EXPORT_DIRS change is conditional on using shared apr - ---- httpd-2.4.33/server/Makefile.in.export -+++ httpd-2.4.33/server/Makefile.in -@@ -60,9 +60,6 @@ - ls $$dir/*.h ; \ - done; \ - echo "$(top_srcdir)/server/mpm_fdqueue.h"; \ -- for dir in $(EXPORT_DIRS_APR); do \ -- ls $$dir/ap[ru].h $$dir/ap[ru]_*.h 2>/dev/null; \ -- done; \ - ) | sed -e s,//,/,g | sort -u > $@ - - exports.c: export_files diff --git a/httpd-2.4.39-export.patch b/httpd-2.4.39-export.patch new file mode 100644 index 0000000..e343b22 --- /dev/null +++ b/httpd-2.4.39-export.patch @@ -0,0 +1,58 @@ + +Reduce size of httpd binary by telling linker to export all symbols +from libmain.a, rather than bloating the symbol table with ap_hack_* +to do so indirectly. + +Upstream-HEAD: needed +Upstream-2.0: omit + +--- httpd-2.4.39/Makefile.in.export ++++ httpd-2.4.39/Makefile.in +@@ -4,8 +4,15 @@ + + PROGRAM_NAME = $(progname) + PROGRAM_SOURCES = modules.c +-PROGRAM_LDADD = buildmark.o $(HTTPD_LDFLAGS) $(PROGRAM_DEPENDENCIES) $(HTTPD_LIBS) $(EXTRA_LIBS) $(AP_LIBS) $(LIBS) ++PROGRAM_LDADD = buildmark.o $(HTTPD_LDFLAGS) \ ++ $(PROGRAM_LDDEPS) \ ++ $(HTTPD_LIBS) $(EXTRA_LIBS) $(AP_LIBS) $(LIBS) + PROGRAM_PRELINK = $(COMPILE) -c $(top_srcdir)/server/buildmark.c ++PROGRAM_LDDEPS = \ ++ $(BUILTIN_LIBS) \ ++ $(MPM_LIB) \ ++ -Wl,--whole-archive,server/.libs/libmain.a,--no-whole-archive \ ++ os/$(OS_DIR)/libos.la + PROGRAM_DEPENDENCIES = \ + server/libmain.la \ + $(BUILTIN_LIBS) \ +--- httpd-2.4.39/server/main.c.export ++++ httpd-2.4.39/server/main.c +@@ -835,17 +835,3 @@ + return !OK; + } + +-#ifdef AP_USING_AUTOCONF +-/* This ugly little hack pulls any function referenced in exports.c into +- * the web server. exports.c is generated during the build, and it +- * has all of the APR functions specified by the apr/apr.exports and +- * apr-util/aprutil.exports files. +- */ +-const void *ap_suck_in_APR(void); +-const void *ap_suck_in_APR(void) +-{ +- extern const void *ap_ugly_hack; +- +- return ap_ugly_hack; +-} +-#endif +--- httpd-2.4.39/server/Makefile.in.export ++++ httpd-2.4.39/server/Makefile.in +@@ -12,7 +12,7 @@ + connection.c listen.c util_mutex.c \ + mpm_common.c mpm_unix.c mpm_fdqueue.c \ + util_charset.c util_cookies.c util_debug.c util_xml.c \ +- util_filter.c util_pcre.c util_regex.c exports.c \ ++ util_filter.c util_pcre.c util_regex.c \ + scoreboard.c error_bucket.c protocol.c core.c request.c provider.c \ + eoc_bucket.c eor_bucket.c core_filters.c \ + util_expr_parse.c util_expr_scan.c util_expr_eval.c diff --git a/httpd.spec b/httpd.spec index 40af3b5..860f8af 100644 --- a/httpd.spec +++ b/httpd.spec @@ -13,7 +13,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.39 -Release: 7%{?dist} +Release: 8%{?dist} URL: https://httpd.apache.org/ Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -63,7 +63,7 @@ Patch3: httpd-2.4.1-deplibs.patch Patch19: httpd-2.4.25-detect-systemd.patch # Features/functional changes Patch21: httpd-2.4.39-r1842929+.patch -Patch23: httpd-2.4.33-export.patch +Patch23: httpd-2.4.39-export.patch Patch24: httpd-2.4.1-corelimit.patch Patch25: httpd-2.4.25-selinux.patch Patch26: httpd-2.4.4-r1337344+.patch @@ -556,19 +556,36 @@ test -f /etc/sysconfig/httpd-disable-posttrans || \ /bin/systemctl try-restart --no-block httpd.service htcacheclean.service >/dev/null 2>&1 || : %check -# Check the built modules are all PIC -if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then - : modules contain non-relocatable code - exit 1 -fi +make -C server exports.o +nm --defined httpd > exports-actual.list set +x rv=0 +nm --defined-only server/exports.o | \ + sed -n '/ap_hack_/{s/.* ap_hack_//;/^ap[ru]/d;p;}' | \ + while read sym; do + if ! grep -q " "$sym\$ exports-actual.list; then + echo ERROR: Symbol $sym missing in httpd exports + rv=1 + fi + done +if [ $rv -eq 0 ]; then + echo PASS: Symbol export list verified. +fi +# Check the built modules are all PIC +if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then + echo FAIL: Modules contain non-relocatable code + rv=1 +else + echo PASS: No non-relocatable code in module builds +fi # Ensure every mod_* that's built is loaded. for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do m=${f##*/} if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then - echo ERROR: Module $m not configured. Disable it, or load it. + echo FAIL: Module $m not configured. Disable it, or load it. rv=1 + else + echo PASS: Module $m is configured and loaded. fi done # Ensure every loaded mod_* is actually built @@ -576,8 +593,10 @@ mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.c for m in $mods; do f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m} if ! test -x $f; then - echo ERROR: Module $m is configured but not built. + echo FAIL: Module $m is configured but not built. rv=1 + else + echo PASS: Loaded module $m is installed. fi done set -x @@ -720,6 +739,10 @@ exit $rv %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Thu Jun 20 2019 Joe Orton - 2.4.39-8 +- remove superfluous ap_hack_ symbols from httpd binary +- more verbose %%check section + * Thu Jun 13 2019 Lubos Uhliarik - 2.4.39-7 - remove bundled mod_md module