Mercurial > dropbear
changeset 1446:b8764eee6bdb
add --enable-static configure argument. disable conflicting harden flags
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 27 Jun 2017 22:37:46 +0800 |
| parents | a3a96dbf9a58 |
| children | 8f88f4290b22 |
| files | Makefile.in configure.ac |
| diffstat | 2 files changed, 47 insertions(+), 31 deletions(-) [+] |
line wrap: on
line diff
--- a/Makefile.in Tue Jun 27 22:20:38 2017 +0800 +++ b/Makefile.in Tue Jun 27 22:37:46 2017 +0800 @@ -94,6 +94,8 @@ EXEEXT=@EXEEXT@ +STATIC=@STATIC@ + # whether we're building client, server, or both for the common objects. # evilness so we detect 'dropbear' by itself as a word space:= $(empty) $(empty)
--- a/configure.ac Tue Jun 27 22:20:38 2017 +0800 +++ b/configure.ac Tue Jun 27 22:37:46 2017 +0800 @@ -33,6 +33,17 @@ [AC_MSG_RESULT(no); CFLAGS="$OLDCFLAGS" ] ) +STATIC=0 +AC_ARG_ENABLE(static, + [ --enable-static Build static binaries], + [ + if test "x$enableval" = "xyes"; then + STATIC=1 + AC_MSG_NOTICE(Static Build) + fi + ], []) +AC_SUBST(STATIC) + hardenbuild=1 AC_ARG_ENABLE(harden, [ --disable-harden Don't set hardened build flags], @@ -45,37 +56,40 @@ if test "$hardenbuild" -eq 1; then AC_MSG_NOTICE(Checking for available hardened build flags:) - # pie - OLDCFLAGS="$CFLAGS" - TESTFLAGS="-fPIE" - CFLAGS="$CFLAGS $TESTFLAGS" - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] - ) - OLDLDFLAGS="$LDFLAGS" - TESTFLAGS="-Wl,-pie" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [ - LDFLAGS="$OLDLDFLAGS" - TESTFLAGS="-pie" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] - ) - ] - ) - # readonly elf relocation sections (relro) - OLDLDFLAGS="$LDFLAGS" - TESTFLAGS="-Wl,-z,now -Wl,-z,relro" - LDFLAGS="$LDFLAGS $TESTFLAGS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([])], - [AC_MSG_NOTICE([Setting $TESTFLAGS])], - [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] - ) + # relocation flags don't make sense for static builds + if test "$STATIC" -ne 1; then + # pie + OLDCFLAGS="$CFLAGS" + TESTFLAGS="-fPIE" + CFLAGS="$CFLAGS $TESTFLAGS" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ] + ) + OLDLDFLAGS="$LDFLAGS" + TESTFLAGS="-Wl,-pie" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [ + LDFLAGS="$OLDLDFLAGS" + TESTFLAGS="-pie" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] + ) + ] + ) + # readonly elf relocation sections (relro) + OLDLDFLAGS="$LDFLAGS" + TESTFLAGS="-Wl,-z,now -Wl,-z,relro" + LDFLAGS="$LDFLAGS $TESTFLAGS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([])], + [AC_MSG_NOTICE([Setting $TESTFLAGS])], + [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ] + ) + fi # non-static # stack protector. -strong is good but only in gcc 4.9 or later OLDCFLAGS="$CFLAGS" TESTFLAGS="-fstack-protector-strong"