Replace RTLD_LAZY with RTLD_NOW in g_load_library

[matt335672]

This has been prompted by #1986

Fedora hardening guidelines now pass -z now to the linker for packages. Consequently, when calling g_load_library() to load a backend module, all symbols are checked for at the point-of-loading, rather than at the point-of-use.

The reason we are resolving symbols at the point-of use by default, rather than when g_load_library() is called is that g_load_library() is passing the flag RTLD_LAZY to dlopen(3). This appears to be historic; the flag value is present through the whole git history, so for at least the last 17 years.

I managed to introduce a regression for 0.9.17 (see #1986/#1989 for details) in teh VNC module which wasn't picked up in my module testing. Essentially, I renamed a function get_eds_status_msg to rfb_get_eds_status_msg at the point of call and at the point of declaration, but not at the point of definition. The call in question is unlikely to be made as it happens, but if it is, xrdp will fail when it is called.

Also, I landed @bsmojver with a lot of detective work which I'm sure he could have done without.

If I'd been building with -z now for the linker, I'd have picked this up during module testing.

My proposal is to apply this patch:-

--- a/common/os_calls.c
+++ b/common/os_calls.c
@@ -2517,7 +2517,13 @@ g_load_library(char *in)
 #if defined(_WIN32)
     return (long)LoadLibraryA(in);
 #else
-    return (long)dlopen(in, RTLD_LOCAL | RTLD_LAZY);
+    long rv = (long)dlopen(in, RTLD_LOCAL | RTLD_NOW);
+    if (rv == 0)
+    {
+        LOG(LOG_LEVEL_ERROR,
+            "Error loading %s : %s", in, dlerror());
+    }
+    return rv;
 #endif
 }
 

With this patch, the following error appears in the xrdp.log when VNC is invoked:-

[20210907-17:02:42] [ERROR] [g_load_library(os_calls.c:2523)] Error loading /usr/local/lib/xrdp/libvnc.so : /usr/local/lib/xrdp/libvnc.so: undefined symbol: rfb_get_eds_status_msg

Another option might be to modify the build process to link each module into an executable as part of make check to ensure all symbols are resolved. It's a bit complex, but doable.

I can't see we're gaining a lot from RTLD_LAZY. The module is loaded in a fraction of a second with RTLD_NOW, and then we have the certainty that it won't suddenly blow up under us.

Thoughts?