fi
if test "$enable_hardening" != "no"; then
- if test -n "$GCC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector-strong" >&5
-$as_echo_n "checking whether C compiler accepts -fstack-protector-strong... " >&6; }
-if ${ax_cv_check_cflags___fstack_protector_strong+:} false; then :
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compiler stack protector support" >&5
+$as_echo_n "checking for compiler stack protector support... " >&6; }
+if ${sudo_cv_var_stack_protector+:} false; then :
$as_echo_n "(cached) " >&6
else
- ax_check_save_flags=$CFLAGS
- CFLAGS="$CFLAGS -fstack-protector-strong"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ sudo_cv_var_stack_protector=no
+ _CFLAGS="$CFLAGS"
+ _LDFLAGS="$LDFLAGS"
+ CFLAGS="-fstack-protector-strong"
+ LDFLAGS="-fstack-protector-strong"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
+ $ac_includes_default
int
main ()
{
-
+char buf[1024]; buf[1023] = '\0';
;
return 0;
}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ax_cv_check_cflags___fstack_protector_strong=yes
-else
- ax_cv_check_cflags___fstack_protector_strong=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- CFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_protector_strong" >&5
-$as_echo "$ax_cv_check_cflags___fstack_protector_strong" >&6; }
-if test x"$ax_cv_check_cflags___fstack_protector_strong" = xyes; then :
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector-strong" >&5
-$as_echo_n "checking whether the linker accepts -fstack-protector-strong... " >&6; }
-if ${ax_cv_check_ldflags___fstack_protector_strong+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
- ax_check_save_flags=$LDFLAGS
- LDFLAGS="$LDFLAGS -fstack-protector-strong"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
- ;
- return 0;
-}
_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ax_cv_check_ldflags___fstack_protector_strong=yes
-else
- ax_cv_check_ldflags___fstack_protector_strong=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- LDFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___fstack_protector_strong" >&5
-$as_echo "$ax_cv_check_ldflags___fstack_protector_strong" >&6; }
-if test x"$ax_cv_check_ldflags___fstack_protector_strong" = xyes; then :
-
- SSP_CFLAGS="-fstack-protector-strong"
- SSP_LDFLAGS="-Wc,-fstack-protector-strong"
-
-else
- :
-fi
-
+if ac_fn_c_try_compile "$LINENO"; then :
-else
- :
-fi
+ sudo_cv_var_stack_protector="-fstack-protector-strong"
- if test -z "$SSP_CFLAGS"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector-all" >&5
-$as_echo_n "checking whether C compiler accepts -fstack-protector-all... " >&6; }
-if ${ax_cv_check_cflags___fstack_protector_all+:} false; then :
- $as_echo_n "(cached) " >&6
else
- ax_check_save_flags=$CFLAGS
- CFLAGS="$CFLAGS -fstack-protector-all"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ CFLAGS="-fstack-protector-all"
+ LDFLAGS="-fstack-protector-all"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
+ $ac_includes_default
int
main ()
{
-
+char buf[1024]; buf[1023] = '\0';
;
return 0;
}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ax_cv_check_cflags___fstack_protector_all=yes
-else
- ax_cv_check_cflags___fstack_protector_all=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- CFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_protector_all" >&5
-$as_echo "$ax_cv_check_cflags___fstack_protector_all" >&6; }
-if test x"$ax_cv_check_cflags___fstack_protector_all" = xyes; then :
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector-all" >&5
-$as_echo_n "checking whether the linker accepts -fstack-protector-all... " >&6; }
-if ${ax_cv_check_ldflags___fstack_protector_all+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
- ax_check_save_flags=$LDFLAGS
- LDFLAGS="$LDFLAGS -fstack-protector-all"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
- ;
- return 0;
-}
_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ax_cv_check_ldflags___fstack_protector_all=yes
-else
- ax_cv_check_ldflags___fstack_protector_all=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- LDFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___fstack_protector_all" >&5
-$as_echo "$ax_cv_check_ldflags___fstack_protector_all" >&6; }
-if test x"$ax_cv_check_ldflags___fstack_protector_all" = xyes; then :
-
- SSP_CFLAGS="-fstack-protector-all"
- SSP_LDFLAGS="-Wc,-fstack-protector-all"
-
-else
- :
-fi
-
+if ac_fn_c_try_compile "$LINENO"; then :
-else
- :
-fi
+ sudo_cv_var_stack_protector="-fstack-protector-all"
- if test -z "$SSP_CFLAGS"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector" >&5
-$as_echo_n "checking whether C compiler accepts -fstack-protector... " >&6; }
-if ${ax_cv_check_cflags___fstack_protector+:} false; then :
- $as_echo_n "(cached) " >&6
else
- ax_check_save_flags=$CFLAGS
- CFLAGS="$CFLAGS -fstack-protector"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ CFLAGS="-fstack-protector"
+ LDFLAGS="-fstack-protector"
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
+ $ac_includes_default
int
main ()
{
-
+char buf[1024]; buf[1023] = '\0';
;
return 0;
}
+
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
- ax_cv_check_cflags___fstack_protector=yes
-else
- ax_cv_check_cflags___fstack_protector=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- CFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_protector" >&5
-$as_echo "$ax_cv_check_cflags___fstack_protector" >&6; }
-if test x"$ax_cv_check_cflags___fstack_protector" = xyes; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector" >&5
-$as_echo_n "checking whether the linker accepts -fstack-protector... " >&6; }
-if ${ax_cv_check_ldflags___fstack_protector+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
- ax_check_save_flags=$LDFLAGS
- LDFLAGS="$LDFLAGS -fstack-protector"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
+ sudo_cv_var_stack_protector="-fstack-protector"
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ax_cv_check_ldflags___fstack_protector=yes
-else
- ax_cv_check_ldflags___fstack_protector=no
fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- LDFLAGS=$ax_check_save_flags
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___fstack_protector" >&5
-$as_echo "$ax_cv_check_ldflags___fstack_protector" >&6; }
-if test x"$ax_cv_check_ldflags___fstack_protector" = xyes; then :
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- SSP_CFLAGS="-fstack-protector"
- SSP_LDFLAGS="-Wc,-fstack-protector"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-else
- :
fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ CFLAGS="$_CFLAGS"
+ LDFLAGS="$_LDFLAGS"
-else
- :
fi
-
- fi
- fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_var_stack_protector" >&5
+$as_echo "$sudo_cv_var_stack_protector" >&6; }
+ if test X"$sudo_cv_var_stack_protector" != X"no"; then
+ SSP_CFLAGS="$sudo_cv_var_stack_protector"
+ SSP_LDFLAGS="-Wc,$sudo_cv_var_stack_protector"
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,relro" >&5
$as_echo_n "checking whether the linker accepts -Wl,-z,relro... " >&6; }
dnl This test relies on AC_LANG_WERROR
dnl
if test "$enable_hardening" != "no"; then
- if test -n "$GCC"; then
- AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [
- AX_CHECK_LINK_FLAG([-fstack-protector-strong], [
- SSP_CFLAGS="-fstack-protector-strong"
- SSP_LDFLAGS="-Wc,-fstack-protector-strong"
- ])
- ])
- if test -z "$SSP_CFLAGS"; then
- AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [
- AX_CHECK_LINK_FLAG([-fstack-protector-all], [
- SSP_CFLAGS="-fstack-protector-all"
- SSP_LDFLAGS="-Wc,-fstack-protector-all"
+ AC_CACHE_CHECK([for compiler stack protector support],
+ [sudo_cv_var_stack_protector],
+ [
+ sudo_cv_var_stack_protector=no
+ _CFLAGS="$CFLAGS"
+ _LDFLAGS="$LDFLAGS"
+ CFLAGS="-fstack-protector-strong"
+ LDFLAGS="-fstack-protector-strong"
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT],
+ [[char buf[1024]; buf[1023] = '\0';]])
+ ], [
+ sudo_cv_var_stack_protector="-fstack-protector-strong"
+ ], [
+ CFLAGS="-fstack-protector-all"
+ LDFLAGS="-fstack-protector-all"
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT],
+ [[char buf[1024]; buf[1023] = '\0';]])
+ ], [
+ sudo_cv_var_stack_protector="-fstack-protector-all"
+ ], [
+ CFLAGS="-fstack-protector"
+ LDFLAGS="-fstack-protector"
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT],
+ [[char buf[1024]; buf[1023] = '\0';]])
+ ], [
+ sudo_cv_var_stack_protector="-fstack-protector"
+ ], [])
])
])
- if test -z "$SSP_CFLAGS"; then
- AX_CHECK_COMPILE_FLAG([-fstack-protector], [
- AX_CHECK_LINK_FLAG([-fstack-protector], [
- SSP_CFLAGS="-fstack-protector"
- SSP_LDFLAGS="-Wc,-fstack-protector"
- ])
- ])
- fi
- fi
+ CFLAGS="$_CFLAGS"
+ LDFLAGS="$_LDFLAGS"
+ ]
+ )
+ if test X"$sudo_cv_var_stack_protector" != X"no"; then
+ SSP_CFLAGS="$sudo_cv_var_stack_protector"
+ SSP_LDFLAGS="-Wc,$sudo_cv_var_stack_protector"
fi
AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"])
fi
projects / sudo / commitdiff