Mercurial > dropbear
comparison configure.ac @ 1446:b8764eee6bdb
add --enable-static configure argument. disable conflicting harden flags
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 27 Jun 2017 22:37:46 +0800 |
parents | bfed37d12d90 |
children | 8f88f4290b22 |
comparison
equal
deleted
inserted
replaced
1445:a3a96dbf9a58 | 1446:b8764eee6bdb |
---|---|
31 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], | 31 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], |
32 [AC_MSG_RESULT(yes)], | 32 [AC_MSG_RESULT(yes)], |
33 [AC_MSG_RESULT(no); CFLAGS="$OLDCFLAGS" ] | 33 [AC_MSG_RESULT(no); CFLAGS="$OLDCFLAGS" ] |
34 ) | 34 ) |
35 | 35 |
36 STATIC=0 | |
37 AC_ARG_ENABLE(static, | |
38 [ --enable-static Build static binaries], | |
39 [ | |
40 if test "x$enableval" = "xyes"; then | |
41 STATIC=1 | |
42 AC_MSG_NOTICE(Static Build) | |
43 fi | |
44 ], []) | |
45 AC_SUBST(STATIC) | |
46 | |
36 hardenbuild=1 | 47 hardenbuild=1 |
37 AC_ARG_ENABLE(harden, | 48 AC_ARG_ENABLE(harden, |
38 [ --disable-harden Don't set hardened build flags], | 49 [ --disable-harden Don't set hardened build flags], |
39 [ | 50 [ |
40 if test "x$enableval" = "xno"; then | 51 if test "x$enableval" = "xno"; then |
43 fi | 54 fi |
44 ], []) | 55 ], []) |
45 | 56 |
46 if test "$hardenbuild" -eq 1; then | 57 if test "$hardenbuild" -eq 1; then |
47 AC_MSG_NOTICE(Checking for available hardened build flags:) | 58 AC_MSG_NOTICE(Checking for available hardened build flags:) |
48 # pie | 59 # relocation flags don't make sense for static builds |
49 OLDCFLAGS="$CFLAGS" | 60 if test "$STATIC" -ne 1; then |
50 TESTFLAGS="-fPIE" | 61 # pie |
51 CFLAGS="$CFLAGS $TESTFLAGS" | 62 OLDCFLAGS="$CFLAGS" |
52 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], | 63 TESTFLAGS="-fPIE" |
53 [AC_MSG_NOTICE([Setting $TESTFLAGS])], | 64 CFLAGS="$CFLAGS $TESTFLAGS" |
54 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] | 65 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], |
55 ) | 66 [AC_MSG_NOTICE([Setting $TESTFLAGS])], |
56 OLDLDFLAGS="$LDFLAGS" | 67 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] |
57 TESTFLAGS="-Wl,-pie" | 68 ) |
58 LDFLAGS="$LDFLAGS $TESTFLAGS" | 69 OLDLDFLAGS="$LDFLAGS" |
59 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], | 70 TESTFLAGS="-Wl,-pie" |
60 [AC_MSG_NOTICE([Setting $TESTFLAGS])], | 71 LDFLAGS="$LDFLAGS $TESTFLAGS" |
61 [ | 72 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], |
62 LDFLAGS="$OLDLDFLAGS" | 73 [AC_MSG_NOTICE([Setting $TESTFLAGS])], |
63 TESTFLAGS="-pie" | 74 [ |
64 LDFLAGS="$LDFLAGS $TESTFLAGS" | 75 LDFLAGS="$OLDLDFLAGS" |
65 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], | 76 TESTFLAGS="-pie" |
66 [AC_MSG_NOTICE([Setting $TESTFLAGS])], | 77 LDFLAGS="$LDFLAGS $TESTFLAGS" |
67 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] | 78 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], |
68 ) | 79 [AC_MSG_NOTICE([Setting $TESTFLAGS])], |
69 ] | 80 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] |
70 ) | 81 ) |
71 # readonly elf relocation sections (relro) | 82 ] |
72 OLDLDFLAGS="$LDFLAGS" | 83 ) |
73 TESTFLAGS="-Wl,-z,now -Wl,-z,relro" | 84 # readonly elf relocation sections (relro) |
74 LDFLAGS="$LDFLAGS $TESTFLAGS" | 85 OLDLDFLAGS="$LDFLAGS" |
75 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], | 86 TESTFLAGS="-Wl,-z,now -Wl,-z,relro" |
76 [AC_MSG_NOTICE([Setting $TESTFLAGS])], | 87 LDFLAGS="$LDFLAGS $TESTFLAGS" |
77 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] | 88 AC_LINK_IFELSE([AC_LANG_PROGRAM([])], |
78 ) | 89 [AC_MSG_NOTICE([Setting $TESTFLAGS])], |
90 [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] | |
91 ) | |
92 fi # non-static | |
79 # stack protector. -strong is good but only in gcc 4.9 or later | 93 # stack protector. -strong is good but only in gcc 4.9 or later |
80 OLDCFLAGS="$CFLAGS" | 94 OLDCFLAGS="$CFLAGS" |
81 TESTFLAGS="-fstack-protector-strong" | 95 TESTFLAGS="-fstack-protector-strong" |
82 CFLAGS="$CFLAGS $TESTFLAGS" | 96 CFLAGS="$CFLAGS $TESTFLAGS" |
83 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], | 97 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], |