!69 [sync] PR-68: 添加netty的安全编译选项strip

From: @openeuler-sync-bot Reviewed-by: @caodongxia Signed-off-by: @caodongxia
2023-03-07 02:32:15 +00:00 · 2023-03-07 02:32:15 +00:00 · 7d22acf249
commit 7d22acf249
parent c6b50b4c6e c09eb42dac
2 changed files with 35 additions and 1 deletions
--- a/fix-strip.patch
+++ b/fix-strip.patch
@ -0,0 +1,30 @@
+diff -Nur a/transport-native-epoll/pom.xml b/transport-native-epoll/pom.xml
+--- a/transport-native-epoll/pom.xml	2023-03-05 15:42:40.947323733 +0800
+++ b/transport-native-epoll/pom.xml	2023-03-05 15:45:43.877975494 +0800
+@@ -32,7 +32,7 @@
+     <unix.common.lib.dir>${project.build.directory}/unix-common-lib</unix.common.lib.dir>
+     <unix.common.lib.unpacked.dir>${unix.common.lib.dir}/META-INF/native/lib</unix.common.lib.unpacked.dir>
+     <unix.common.include.unpacked.dir>${unix.common.lib.dir}/META-INF/native/include</unix.common.include.unpacked.dir>
+-    <jni.compiler.args.ldflags>LDFLAGS=-L${unix.common.lib.unpacked.dir} -Wl,--no-as-needed -lrt -Wl,--whole-archive -l${unix.common.lib.name} -Wl,--no-whole-archive</jni.compiler.args.ldflags>
+    <jni.compiler.args.ldflags>LDFLAGS=-L${unix.common.lib.unpacked.dir} -Wl,--no-as-needed -lrt -Wl,--whole-archive -Wl,-s -l${unix.common.lib.name} -Wl,--no-whole-archive</jni.compiler.args.ldflags>
+     <skipTests>true</skipTests>
+   </properties>
+ 
+@@ -221,7 +221,7 @@
+                   <value>${linux.sendmmsg.support}${glibc.sendmmsg.support}</value>
+                   <!-- If glibc and linux kernel are both not sufficient...then define the CFLAGS -->
+                   <regex>.*IO_NETTY_SENDMSSG_NOT_FOUND.*</regex>
+-                  <replacement>CFLAGS=-O3 -DIO_NETTY_SENDMMSG_NOT_FOUND -Werror -fno-omit-frame-pointer -Wunused-variable -I${unix.common.include.unpacked.dir}</replacement>
+                  <replacement>CFLAGS=-O3 -DIO_NETTY_SENDMMSG_NOT_FOUND -Werror -fno-omit-frame-pointer -Wunused-variable -Wl,-s -I${unix.common.include.unpacked.dir}</replacement>
+                   <failIfNoMatch>false</failIfNoMatch>
+                 </configuration>
+               </execution>
+@@ -237,7 +237,7 @@
+                   <value>${jni.compiler.args.cflags}</value>
+                   <!-- If glibc and linux kernel are both not sufficient...then define the CFLAGS -->
+                   <regex>^((?!CFLAGS=).)*$</regex>
+-                  <replacement>CFLAGS=-O3 -Werror -fno-omit-frame-pointer -Wunused-variable -I${unix.common.include.unpacked.dir}</replacement>
+                  <replacement>CFLAGS=-O3 -Werror -fno-omit-frame-pointer -Wunused-variable -Wl,-s -I${unix.common.include.unpacked.dir}</replacement>
+                   <failIfNoMatch>false</failIfNoMatch>
+                 </configuration>
+               </execution>
--- a/netty.spec
+++ b/netty.spec
@ -2,7 +2,7 @@

 Name:             netty
 Version:          4.1.13
-Release:          18
+Release:          19
 Summary:          Asynchronous event-driven network application Java framework
 License:          ASL 2.0
 URL:              https://netty.io/
@ -29,6 +29,7 @@ Patch0017:        CVE-2021-37136.patch
 Patch0018:        CVE-2021-37137.patch
 Patch0019:        CVE-2021-43797-pre.patch
 Patch0020:        CVE-2021-43797.patch
+Patch0021:        fix-strip.patch

 BuildRequires:    maven-local mvn(ant-contrib:ant-contrib)
 BuildRequires:    mvn(com.jcraft:jzlib) mvn(commons-logging:commons-logging)
@ -153,6 +154,9 @@ export CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"


 %changelog
+* Sun Mar 05 2023 wulei <wulei80@h-partners.com> - 4.1.13-19
+- Add strip
+
 * Mon Mar 07 2022 wangkai <wangkai385@huawei.com> - 4.1.13-18
 - Remove lz4-java dependency