Disabling hardening on Windows due to tdm-gcc's poor support.
As per sigurd's trial and error: RELRO's options are unknown entirely and -fstack-protector-strong results in compile errors. Building with just PIE and _FORTIFY_SOURCE enabled does then compile, but results in a broken executable.
This commit is contained in:
Pentarctagon
parent
b96e2487fe
commit
8de4d81f20
3 changed files with 5 additions and 8 deletions
|
|
@ -230,20 +230,18 @@ if(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
|
|||
endif(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
|
||||
|
||||
# check for hardening options
|
||||
if(HARDEN)
|
||||
if(HARDEN AND NOT WIN32)
|
||||
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -fstack-protector-strong")
|
||||
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE -fstack-protector-strong")
|
||||
|
||||
if(APPLE)
|
||||
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -Wl,-pie")
|
||||
elseif(WIN32)
|
||||
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie")
|
||||
else()
|
||||
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,relro,-z,now")
|
||||
endif()
|
||||
|
||||
add_definitions(-D_FORTIFY_SOURCE=2)
|
||||
endif(HARDEN)
|
||||
endif(HARDEN AND NOT WIN32)
|
||||
|
||||
if(UNIX AND NOT CMAKE_COMPILER_IS_GNUCXX)
|
||||
# Assume the compiler is the clang compiler.
|
||||
|
|
|
|||
|
|
@ -484,9 +484,10 @@ for env in [test_env, client_env, env]:
|
|||
# #
|
||||
# Add options to provide more hardened executables
|
||||
# osx doesn't seem to support RELRO
|
||||
# windows' tdm-gcc doesn't seem to provide good support for the hardening options in general
|
||||
# #
|
||||
|
||||
if env['harden']:
|
||||
if env['harden'] and env["PLATFORM"] != 'win32':
|
||||
env.AppendUnique(CCFLAGS = ["-fPIE", "-fstack-protector-strong"])
|
||||
env.AppendUnique(CPPDEFINES = ["_FORTIFY_SOURCE=2"])
|
||||
|
||||
|
|
@ -495,8 +496,6 @@ for env in [test_env, client_env, env]:
|
|||
|
||||
if env["PLATFORM"] == 'darwin':
|
||||
env.AppendUnique(LINKFLAGS = ["-fPIE", "-Wl,-pie"])
|
||||
elif env["PLATFORM"] == 'win32':
|
||||
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie"])
|
||||
else:
|
||||
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,relro,-z,now"])
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
add-ons that have preprocessor errors (issues #1924, #1634).
|
||||
### Miscellaneous and bug fixes
|
||||
* Added an advanced preference to enable experimental PRNG combat.
|
||||
* Windows and Linux builds now enable security hardening by default.
|
||||
* Linux builds now enable security hardening by default.
|
||||
* Fixed MP admins being unable to observe private games.
|
||||
* Fixed MP faction, leader, and leader gender changes persisting even if the
|
||||
selection dialog is dismissed.
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue