0ct0pu5/wesnoth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixup for osx hardening options.

Browse source 
(cherry-picked from commit da6ebc7423)
This commit is contained in:
Pentarctagon 2018-06-15 02:18:32 -05:00
parent 6be6646a4e
commit bc3ad71f03
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
CMakeLists.txt
View file

@ -247,7 +247,11 @@ endif(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
if(HARDEN)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -fstack-protector-strong")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE -fstack-protector-strong")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,now,-z,relro")
if(NOT APPLE)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,now,-z,relro")
else(NOT APPLE)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -Wl,-pie")
endif(NOT APPLE)
add_definitions(-D_FORTIFY_SOURCE=2)
endif(HARDEN)

7
SConstruct
View file

@ -497,15 +497,20 @@ for env in [test_env, client_env, env]:
# #
# Add options to provide more hardened executables
# osx doesn't seem to support RELRO
# #
if env['harden']:
env.AppendUnique(CCFLAGS = ["-fPIE", "-fstack-protector-strong"])
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,now,-z,relro"])
env.AppendUnique(CPPDEFINES = ["_FORTIFY_SOURCE=2"])
if env["enable_lto"] == True:
env.AppendUnique(LINKFLAGS = ["-fstack-protector-strong"])
if env["PLATFORM"] == 'darwin':
env.AppendUnique(LINKFLAGS = ["-fPIE", "-Wl,-pie"])
else:
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,relro,-z,now"])
# #
# Start determining options for debug build