Menu
▾
▴
[Levent-commits] [Libevent/master 2/2] Implement --enable-gcc-hardening configure option
|
From: Nick M. <ni...@us...> - 2011-09-12 14:14:59
|
Author: Sebastian Hahn <seb...@to...>
Date: Sun, 10 Apr 2011 18:25:05 +0200
Subject: Implement --enable-gcc-hardening configure option
Commit: 755026771a6ec3c7da41010940ddbade43c77f22
Using --enable-gcc-hardening enables some additional safety features
that gcc makes available such as stack smashing protection using
canaries and ASLR.
This commit is based on a patch for Tor:
(git commit 04fa935e02270bc90aca0f1c652d31c7a872175b by Jacob Appelbaum)
Copyright (c) 2007-2011, The Tor Project, Inc.
---
configure.in | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/configure.in b/configure.in
index 539af4c..532c629 100644
--- a/configure.in
+++ b/configure.in
@@ -56,6 +56,13 @@ fi
AC_ARG_ENABLE(gcc-warnings,
AS_HELP_STRING(--disable-gcc-warnings, disable verbose warnings with GCC))
+AC_ARG_ENABLE(gcc-hardening,
+ AS_HELP_STRING(--enable-gcc-hardening, enable compiler security checks),
+[if test x$enableval = xyes; then
+ CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all"
+ CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector"
+ CFLAGS="$CFLAGS --param ssp-buffer-size=1"
+fi])
AC_ARG_ENABLE(thread-support,
AS_HELP_STRING(--disable-thread-support, disable support for threading),
--
1.7.4.1
|