diff options
| author | Robbie Harwood <rharwood@redhat.com> | 2016-09-06 22:38:57 +0000 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2016-09-08 14:47:17 -0400 |
| commit | 4ac6451491e8d4dfc4e371eee4c162b297283c0a (patch) | |
| tree | 0e5fa9ef7675d2f0ecb1f848df64cdb6d22967fc | |
| parent | 1e8afa96f74fb01790cc65b40abfba2c5cf1a250 (diff) | |
| download | gss-proxy-4ac6451491e8d4dfc4e371eee4c162b297283c0a.tar.gz gss-proxy-4ac6451491e8d4dfc4e371eee4c162b297283c0a.tar.xz gss-proxy-4ac6451491e8d4dfc4e371eee4c162b297283c0a.zip | |
Add configure option for build hardening
Ticket: https://fedorahosted.org/gss-proxy/ticket/147
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Merges #30
| -rw-r--r-- | proxy/Makefile.am | 14 | ||||
| -rw-r--r-- | proxy/conf_macros.m4 | 11 | ||||
| -rw-r--r-- | proxy/configure.ac | 1 |
3 files changed, 24 insertions, 2 deletions
diff --git a/proxy/Makefile.am b/proxy/Makefile.am index f03f3ea..4359938 100644 --- a/proxy/Makefile.am +++ b/proxy/Makefile.am @@ -31,7 +31,9 @@ pkgconfigdir = $(libdir)/pkgconfig gpstatedir = @gpstatedir@ gpclidir = @gpstatedir@/clients +AM_CPPFLAGS = AM_CFLAGS = +AM_LDFLAGS = if WANT_AUX_INFO AM_CFLAGS += -aux-info $@.X endif @@ -41,7 +43,15 @@ if HAVE_GCC AM_CFLAGS += -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith \ -Wcast-qual -Wcast-align -Wwrite-strings \ -fstrict-aliasing -Wstrict-aliasing -Werror=strict-aliasing \ - -Werror-implicit-function-declaration + -Werror-implicit-function-declaration \ + -Werror=format-security + + AM_CPPFLAGS += -Wdate-time +endif +if BUILD_HARDENING + AM_CPPFLAGS += -D_FORTIFY_SOURCE=2 + AM_CFLAGS += -fPIE -fstack-protector-strong + AM_LDFLAGS += -fPIE -pie -fPIC -Wl,-z,relro -Wl,-z,now endif dist_pkgconfig_DATA = @@ -65,7 +75,7 @@ dist_noinst_DATA = # Global compilation settings # ############################### -AM_CPPFLAGS = \ +AM_CPPFLAGS += \ -Wall \ -Iinclude \ -I.. \ diff --git a/proxy/conf_macros.m4 b/proxy/conf_macros.m4 index a0ecb13..b35eae1 100644 --- a/proxy/conf_macros.m4 +++ b/proxy/conf_macros.m4 @@ -281,3 +281,14 @@ AC_DEFUN([WITH_GPP_DEFAULT_BEHAVIOR], AC_DEFINE_UNQUOTED(GPP_DEFAULT_BEHAVIOR, $default_behavior, [Default gssproxy interposer plugin behavior]) ]) +AC_DEFUN([WITH_HARDENING], + [ AC_ARG_WITH([hardening], + [AC_HELP_STRING([--with-hardening], + [Whether to add extra hardening flags [no]] + ) + ], + [], + with_hardening=no + ) + AM_CONDITIONAL([BUILD_HARDENING], [test x"$with_hardening" = xyes]) + ]) diff --git a/proxy/configure.ac b/proxy/configure.ac index 409584d..c75515e 100644 --- a/proxy/configure.ac +++ b/proxy/configure.ac @@ -68,6 +68,7 @@ WITH_SELINUX WITH_GSSIDEBUG WITH_GPSTATE_PATH WITH_GPP_DEFAULT_BEHAVIOR +WITH_HARDENING m4_include([external/pkg.m4]) m4_include([external/libpopt.m4]) |