Hardening ncpfs
All checks were successful
Source release / source-package (push) Successful in 2m23s
All checks were successful
Source release / source-package (push) Successful in 2m23s
This commit is contained in:
Mario Fetka
@@ -38,12 +38,23 @@ endif
|
||||
|
||||
INCLUDES := -I$(top_srcdir)/include -I$(top_srcdir)/intl -I$(top_builddir)/include
|
||||
|
||||
# Default hardening flags. They are intentionally overridable so that
|
||||
# distro/package builds can provide their own policy, for example:
|
||||
# make HARDEN_CFLAGS= HARDEN_LDFLAGS=
|
||||
HARDEN_CPPFLAGS ?=
|
||||
HARDEN_CFLAGS ?= -O2 -fstack-protector-strong -fstack-clash-protection -D_FORTIFY_SOURCE=3
|
||||
HARDEN_LDFLAGS ?= -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack
|
||||
|
||||
PIE_CFLAGS ?= -fPIE
|
||||
PIE_LDFLAGS ?= -pie
|
||||
|
||||
CFLAGS_OPTIONS += $(HARDEN_CPPFLAGS) $(HARDEN_CFLAGS)
|
||||
CFLAGS_OPTIONS += @CFLAGS@
|
||||
CFLAGS_OPTIONS += $(CWARN)
|
||||
CFLAGS_DEFINES := -DN_PLAT_LINUX -DLOCALEDIR=\"${localedir}\" -DNCPFS_VERSION=\"${VERSION}\" -DNCPFS_PACKAGE=\"${PACKAGE}\"
|
||||
|
||||
CCFLAGS := $(CFLAGS_DEFINES) $(CFLAGS_OPTIONS) $(INCLUDES)
|
||||
LDFLAGS := @LDFLAGS@
|
||||
LDFLAGS := $(HARDEN_LDFLAGS) @LDFLAGS@
|
||||
|
||||
# If your system is ELF, either also do a 'make install', or append the util/
|
||||
# directory where the dynamic library resides to the environment
|
||||
|
||||
@@ -9,7 +9,6 @@ vpath %.c ${this_srcdir}
|
||||
vpath %.8 ${this_srcdir}
|
||||
|
||||
LIBS = @INTLLIBS@ @LIBS@
|
||||
LDFLAGS = @LDFLAGS@
|
||||
|
||||
O_UTILS = ipx_configure.o ipx_cmd.o
|
||||
O_UTIIPX = ipx_interface.o ipx_internal_net.o ipx_route.o
|
||||
@@ -26,7 +25,7 @@ ALL_OBJECTS := $(O_UTIIPX) $(O_UTILS) ipxutil.o
|
||||
all: $(UTILS) $(UTIIPX) $(MAN8GZ)
|
||||
|
||||
$(ALL_OBJECTS): %.o: %.c
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) $(PIE_CFLAGS) -o $@ -c $<
|
||||
|
||||
%.d: %.c
|
||||
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
|
||||
@@ -34,10 +33,10 @@ $(ALL_OBJECTS): %.o: %.c
|
||||
[ -s $@ ] || rm -f $@
|
||||
|
||||
$(UTIIPX): %: %.o ipxutil.o
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(PIE_LDFLAGS) -o $@ $(addsuffix .o,$@) ipxutil.o ${LIBS}
|
||||
|
||||
$(UTILS): %: %.o
|
||||
$(CC) $(CFLAGS) -o $@ $(addsuffix .o,$@) ${LIBS}
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(PIE_LDFLAGS) -o $@ $(addsuffix .o,$@) ${LIBS}
|
||||
|
||||
$(MAN8GZ): %.gz: %
|
||||
gzip -9 -c $< >$@
|
||||
|
||||
@@ -11,7 +11,6 @@ ncp_if_ether_support = @ncp_if_ether_support@
|
||||
OBJECTS= ipxutil.o
|
||||
|
||||
ALL_OBJECTS := $(EXEC:%=%.o) $(OBJECTS)
|
||||
LDFLAGS = @LDFLAGS@
|
||||
|
||||
.PHONY : all install dep clean mrproper distclean
|
||||
.PHONY : dist tgz
|
||||
@@ -25,7 +24,7 @@ install: $(EXEC)
|
||||
ifeq ($(ncp_if_ether_support),yes)
|
||||
|
||||
$(EXEC): %: %.o $(OBJECTS)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(PIE_LDFLAGS) -o $@ $(addsuffix .o,$@) $(OBJECTS)
|
||||
|
||||
else
|
||||
.PHONY ipxdump ipxparse
|
||||
@@ -40,7 +39,7 @@ clean:
|
||||
modules:
|
||||
|
||||
$(ALL_OBJECTS): %.o: %.c
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) $(PIE_CFLAGS) -o $@ -c $<
|
||||
|
||||
%.d: %.c
|
||||
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
|
||||
|
||||
@@ -14,13 +14,12 @@ USE_KERNEL = @USE_KERNEL@
|
||||
NDS_SUPPORT = @NDS_SUPPORT@
|
||||
|
||||
LIBS = @INTLLIBS@ @LIBICONV@ @LIBS@
|
||||
LDFLAGS := @LDFLAGS@
|
||||
|
||||
# environ in ncpmount
|
||||
CCFLAGS += -D_GNU_SOURCE
|
||||
|
||||
PIE_CFLAGS = -fpie
|
||||
PIE_LDFLAGS = -pie
|
||||
PIE_CFLAGS ?= -fPIE
|
||||
PIE_LDFLAGS ?= -pie
|
||||
|
||||
O_UTILS := nwsfind.o
|
||||
ifeq ($(USE_KERNEL),1)
|
||||
@@ -74,7 +73,7 @@ ncplogin: ncpm_common.o mount_login.o
|
||||
ncpmap: ncpm_common.o
|
||||
|
||||
ncpmap.o: %.o: ncplogin.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) $(PIE_CFLAGS) -o $@ -c $<
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) $(PIE_CFLAGS) -o $@ -c $<
|
||||
|
||||
ncpmap.d: %.d: ncplogin.c
|
||||
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
|
||||
|
||||
@@ -15,7 +15,6 @@ NDS_SUPPORT = @NDS_SUPPORT@
|
||||
MOUNT2 = @MOUNT2@
|
||||
|
||||
LIBS = @INTLLIBS@ @LIBICONV@ @LIBS@
|
||||
LDFLAGS = @LDFLAGS@
|
||||
|
||||
O_OTHER = dsqueue.o
|
||||
O_USERUTILS = slist.o pqlist.o nwfsinfo.o pserver.o nprint.o nsend.o \
|
||||
@@ -82,7 +81,7 @@ install-dev:
|
||||
make -C $(NCPLIB_DIR) libncp.$(shlibext)
|
||||
|
||||
$(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER) ncptest.o: %.o: %.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) $(CFLAGS_$@) -o $@ -c $<
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(CFLAGS_$@) $(PIE_CFLAGS) -o $@ -c $<
|
||||
|
||||
%.d: %.c
|
||||
set -e; $(CC) -M $(CFLAGS) $(CCFLAGS) $(CFLAGS_$(@:.d=.o)) $< \
|
||||
@@ -93,10 +92,11 @@ $(O_USERUTILS) $(O_SBINUTILS) $(O_OTHER) ncptest.o: %.o: %.c
|
||||
pqstat nwpqjob nprint: dsqueue.o
|
||||
|
||||
$(UTILS): %: %.o $(LIBDEP)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR) -lncp ${LIBS}
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(PIE_LDFLAGS) -o $@ $(addsuffix .o,$@) $(ADDOBJS_$@) -L$(NCPLIB_DIR) -lncp ${LIBS}
|
||||
|
||||
ipx_probe: ipx_probe.c
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(CCFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
|
||||
$(CC) $(CFLAGS) $(CCFLAGS) $(PIE_CFLAGS) $(LDFLAGS) $(PIE_LDFLAGS) -o ipx_probe ipx_probe.c ${LIBS}
|
||||
|
||||
|
||||
dep:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user