Bug#948759: marked as done (apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map)

To: Xavier Guimard <yadd@debian.org>
Subject: Bug#948759: marked as done (apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Mon, 13 Jan 2020 06:36:07 +0000
Message-id: <[🔎] handler.948759.D948759.157889726531073.ackdone@bugs.debian.org>
Reply-to: 948759@bugs.debian.org
References: <E1iqtIs-0001S0-4m@fasolo.debian.org> <[🔎] 875zhg9jo9.fsf@yucca>

Your message dated Mon, 13 Jan 2020 06:34:22 +0000
with message-id <E1iqtIs-0001S0-4m@fasolo.debian.org>
and subject line Bug#948759: fixed in apache2 2.4.41-2
has caused the Debian Bug report #948759,
regarding apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
948759: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948759
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Sun, 12 Jan 2020 18:25:42 -0800
Message-id: <[🔎] 875zhg9jo9.fsf@yucca>

Source: apache2
Version: 2.4.41-1
Severity: wishlist
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: buildpath environment
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org

The CXXFLAGS variable was not getting cleaned in
debian/clean_config_vars, which meant that while -fdebug-prefix-map was
cleaned from CFLAGS, it was still present in CXXFLAGS.

Additionally, support for -ffile-prefix-map was added to GCC and dpkg
and is used in the tests.reproducible-builds.org infrastructure when
testing unstable and experimental.

The attached patch fixes both issues, and I believe should result in
apache2 being reproducible again in Debian.

Thanks for maintaining apache2!

live well,
  vagrant

From 6ef03f7cce3b45999a81485e9bfa178971115d60 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Sun, 12 Jan 2020 18:04:01 -0800
Subject: [PATCH 2/2] Also clean CXXFLAGS and -ffile-prefix-map.

---
 debian/clean_config_vars | 6 ++++--
 debian/rules             | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/debian/clean_config_vars b/debian/clean_config_vars
index f88ab3ca..90867080 100755
--- a/debian/clean_config_vars
+++ b/debian/clean_config_vars
@@ -6,6 +6,7 @@ my %FLAGS = {
 	'CFLAGS' => $ARGV[0],
 	'CPPFLAGS' => $ARGV[1],
 	'LDDFLAGS' => $ARGV[2],
+	'CXXFLAGS' => $ARGV[3],
 };
 
 
@@ -22,7 +23,8 @@ sub clean_and_deduplicate
 		$return_flags .= "$flag " unless
 			$flag =~ m/PLATFORM/ ||
 			$flag =~ m/-DBUILD_DATETIME/ ||
-			$flag =~ m/-fdebug-prefix-map/;
+			$flag =~ m/-fdebug-prefix-map/ ||
+			$flag =~ m/-ffile-prefix-map/;
 	}
 	return $return_flags;
 }
@@ -36,7 +38,7 @@ open(TMP_CONFIG_VARS, ">", "tmp_config_vars.mk") || die("tmp_config_vars.mk: $1"
 while(my $line = <CONFIG_VARS>)
 {
 	chomp $line;
-	unless ($line =~ m/(^|_)(LD|CPP|C)FLAGS/)
+	unless ($line =~ m/(^|_)(LD|CPP|C|CXX)FLAGS/)
 	{
 		print TMP_CONFIG_VARS "$line\n";
 	}
diff --git a/debian/rules b/debian/rules
index 508dde96..954da288 100755
--- a/debian/rules
+++ b/debian/rules
@@ -74,7 +74,7 @@ clean-config-vars-stamp: debian/tmp/usr/share/apache2/build/config_vars.mk debia
 	# Clean up config_vars.mk so that flags that are only intended for the
 	# compilation of apache2 itself are not used by apxs for compiling
 	# modules.
-	perl ./debian/clean_config_vars '$(AP2_CFLAGS)' '$(AP2_CPPFLAGS)' '$(AP2_LDFLAGS)'
+	perl ./debian/clean_config_vars '$(AP2_CFLAGS)' '$(AP2_CPPFLAGS)' '$(AP2_LDFLAGS)' '$(CXXFLAGS)'
 	touch $@
 
 %: %.in
-- 
2.20.1

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: 948759-close@bugs.debian.org
Subject: Bug#948759: fixed in apache2 2.4.41-2
From: Xavier Guimard <yadd@debian.org>
Date: Mon, 13 Jan 2020 06:34:22 +0000
Message-id: <E1iqtIs-0001S0-4m@fasolo.debian.org>

Source: apache2
Source-Version: 2.4.41-2

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 948759@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Xavier Guimard <yadd@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 13 Jan 2020 06:14:45 +0100
Source: apache2
Architecture: source
Version: 2.4.41-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Xavier Guimard <yadd@debian.org>
Closes: 948757 948759
Changes:
 apache2 (2.4.41-2) unstable; urgency=medium
 .
   [ Stefan Fritsch ]
   * Add *.load file for mod_socache_redis
 .
   [ Vagrant Cascadian ]
   * Embeds path to EGREP in config_vars.mk (Closes: #948757)
   * Sanitize CXXFLAGS/-ffile-prefix-map in config_vars.mk (Closes: #948759)
Checksums-Sha1: 
 544d9e7f01590d3ec95abe66194670f666303015 3493 apache2_2.4.41-2.dsc
 6a05bd3add873f7d2cab0c892fa3ad729a52c6fd 1015900 apache2_2.4.41-2.debian.tar.xz
Checksums-Sha256: 
 0ac873426ba8265afb9f5cc4dc86b7c7255a416b27eafefd15018986cef3570e 3493 apache2_2.4.41-2.dsc
 e58fb4685492ff940673696dfb6c59c6b64bc0a67080716f34617013d38576ed 1015900 apache2_2.4.41-2.debian.tar.xz
Files: 
 45574908a8690bc0a56c878c0da350aa 3493 httpd optional apache2_2.4.41-2.dsc
 12693d9a473e85e3b85c427f08153fca 1015900 httpd optional apache2_2.4.41-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAl4cDBsACgkQ9tdMp8mZ
7ulwOg/9HdKa4XuDgVV2L4qlyyihy8gjo4nVO9VLgn3ExiHh9mi14Mxmn9N/vLhg
gBSIn+Rd7ZAWuOMJ5VK0KGt67Gu1/XXymI57nEy83aLO6EaeOKl3DitsbQRJ4wmA
oo4WGpmbJc4XIsilPTDTAsdzun8G5oOUR7BlkDI9uNaou8qZ8xQr+TL3/lWpPFMS
UrMnI0VDc04FsrWDzJdL5e9VO98mppJCmMbEZQ+AaVnKnt8UTSwmMOfAVwIYXctu
aY/irdfRTls2eprscRkzAuF/eP1/RXEvdIz3qXFrmMhpoWL7QlTsip/9vnB4HvuN
H47E4vd3XfqRLT9P5eUF46wj1JdmBgVPA1RZMlCMQTqyd8YVFWjg8yg1ii+9Y+Kg
oKH5785xojYKgKCJVXhayBYJ1J46TBWZgeAm2noZaAbxVBmYXayQ94QoFqV1/5Yy
WLt5tOoW+z9psO7VMFxWixrBzOtHvBL631VpY+PH32iA3WPWwZg2VRY2Rh+wFnZJ
2s1AsUiWWB30eq4fl+hW7W1NPlZlNi3wyTvsDfNr7dKqqRnD3hNIQnsAaU3b8pGU
ImbjyTn9Xd8CgxoFEzafYDSla/l5DvFW+MK5/dV5cYA8OCZgNtS+7yoaAgvtAQmh
+u944N8Z8m9EqguFq0m2VFMIvGq7vsOx6dL8UWe4ex37Lwlcc/o=
=+DaI
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#948759: apache2: config_vars.mk contains unsanitized CXXFLAGS/-ffile-prefix-map
  - From: Vagrant Cascadian <vagrant@reproducible-builds.org>

Prev by Date: Bug#948757: marked as done (apache2: embeds path to EGREP in config_vars.mk)
Next by Date: Processing of apache2_2.4.41-2_sourceonly.changes
Previous by thread: Processed: Bug#948759 marked as pending in apache2
Next by thread: Processing of apache2_2.4.41-2_sourceonly.changes
Index(es):
- Date
- Thread