Issue: Solaris 11 Apache+mod_proxy with R12.52 WebAgent causes a Segmentation Fault whenever user sends POST to an upstream application.
Finding: When I recompile the Apache by modifying the compile parameters located in /usr/apache2/2.2/build/config.nice to remove the "-mt" flag and use a built-in APR the WebAgent no longer seg faults and the POST passes through. The WebAgent install guide hints at the issue with the linux agent, saying that the Apache needs to be compiled with -lpthread. The Solaris packaged Apache (and Apache Portable Runtime) appears to be built with mixed threads.
Impact: Application owners had hoped to use the packaged Apache in order to comply with IA and mitigate IAVA/CVE findings through vendor patches (otherwise they will have to address each and every finding with a re-compile).
Question/Enhancement Request: Is it possible to build/test a WebAgent binary that is compile against the Solaris 11 environment requirements (using -lpthreads and -mt)?
PS - the environment that I used to build an Apache that works with Solaris 11 is the following:
LIBS="-lpthread";export LIBS
CC="cc"; export CC
CFLAGS="-m32 -xO4 -xchip=pentium -xregs=no%frameptr -DSSL_EXPERIMENTAL -DSSL_ENGINE"; export CFLAGS
LTFLAGS="--silent --tag=CC"; export LTFLAGS
./configure --prefix=/opt/apache2/2.2 --with-included-apr --with-expat-builtin --enable-mods-shared=all --enable-so --enable-suexec --with-suexec-caller=webservd --enable-proxy --enable-proxy-connect --enable-proxy-ftp --enable-proxy-http --enable-proxy-ajp --enable-proxy-balancer --enable-cache --enable-file-cache --enable-disk-cache --enable-mem-cache --enable-deflate --enable-cgid --enable-cgi --enable-authnz-ldap --enable-ldap --with-ldap --enable-ssl --enable-exception-hook --with-mpm=worker
Update: Further testing by adding the "-mt" flag back into the CFLAGS but still building in own APR yield positive results. I have opted to leave the -mt flag out in my own builds, regardless.