BINDIR=/usr/bin/
SYSCONFDIR=/etc/powerdns/
LOCALSTATEDIR=/var/run/
-OPTFLAGS?=-O3
+OPTFLAGS?=@CF_PIE@ @CF_FORTIFY@ @CF_STACK@ -O3
CXXFLAGS:= $(CXXFLAGS) -Iext/rapidjson/include -I$(CURDIR)/ext/polarssl/include -Wall $(OPTFLAGS) $(PROFILEFLAGS) $(ARCHFLAGS) -pthread -Iext/yahttp
CFLAGS:=$(CFLAGS) -Wall $(OPTFLAGS) $(PROFILEFLAGS) $(ARCHFLAGS) -I$(CURDIR)/ext/polarssl/include -pthread
-LDFLAGS:=$(LDFLAGS) $(ARCHFLAGS) -pthread
+LDFLAGS:=$(LDFLAGS) $(ARCHFLAGS) -pthread @LD_RELRO@ @LD_PIE@
STRIP_BINARIES?=1
-
+CXX?=g++
LINKCC=$(CXX)
CC?=gcc
REC_CONTROL_OBJECTS=rec_channel.o rec_control.o arguments.o misc.o \
unix_utility.o logger.o qtype.o
-# what we need
+# what we need
all: message version_generated.h build
# OS specific instructions
STATICFLAGS=-Wl,-Bstatic -lstdc++ $(LUALIBS) -lgcc -Wl,-Bdynamic -static-libgcc -lm -lc -ldl
LINKCC=$(CC)
LDFLAGS += -lm
-else
+else
ifeq ($(STATIC),full)
- STATICFLAGS=-lstdc++ $(LUALIBS) -ldl -lm -static
+ STATICFLAGS=-lstdc++ $(LUALIBS) -ldl -lm -static
LINKCC=$(CC)
else
LDFLAGS += $(LUALIBS)
echo '#define BUILD_HOST "$(build_host)"' >> $@
echo '#endif //!VERSION_GENERATED_H' >> $@
-message:
+message:
@echo
@echo PLEASE READ: If you get an error mentioning \#include '<boost/something.hpp>', please read README
@echo PLEASE READ: for an easy fix!
- @echo
+ @echo
-basic_checks:
+basic_checks:
@-rm -f pdns_hw
- -$(CXX) $(CXXFLAGS) pdns_hw.cc -o pdns_hw
+ -$(CXX) $(CXXFLAGS) pdns_hw.cc -o pdns_hw
@echo
@if test -x ./pdns_hw ; \
then if ./pdns_hw; then echo Everything ok, now run $(MAKE) using same settings \(if any\) you passed ./configure; else echo Could compile binary, but not run it, read README please ; fi; \
$(DESTDIR)/$(SBINDIR)/pdns_recursor --config > $(DESTDIR)/$(SYSCONFDIR)/recursor.conf-dist
-mkdir -p $(DESTDIR)/usr/share/man/man1
cp pdns_recursor.1 rec_control.1 $(DESTDIR)/usr/share/man/man1
- $(OS_SPECIFIC_INSTALL)
+ $(OS_SPECIFIC_INSTALL)
clean: binclean
-rm -f dep *~ *.gcda *.gcno optional/*.gcda optional/*.gcno
optional:
mkdir optional
-pdns_recursor: optional $(OPTIONALS) $(PDNS_RECURSOR_OBJECTS)
+pdns_recursor: optional $(OPTIONALS) $(PDNS_RECURSOR_OBJECTS)
$(LINKCC) $(PDNS_RECURSOR_OBJECTS) $(wildcard optional/*.o) $(LDFLAGS) -o $@
rec_control: $(REC_CONTROL_OBJECTS)
#!/bin/sh
+
+set -e
+
+if [ "$CXX" = "" ]; then
+ CXX="g++"
+fi
+
+set -u
+
+LD_RELRO=""
+CF_PIE=""
+LD_PIE=""
+CF_FORTIFY=""
+CF_STACK=""
+
+test_flags() {
+ # test for relocation
+
+ relro=`$CXX -Wl,-help | grep -om1 -- '-z relro'`
+ now=`$CXX -Wl,-help | grep -om1 -- '-z now'`
+
+ if [ "$relro" = "-z relro" ]; then
+ export LD_RELRO="-Wl,-z -Wl,relro"
+ if [ "$now" = "-z now" ]; then
+ export LD_RELRO="$LD_RELRO -Wl,-z -Wl,now"
+ fi
+ fi
+
+ src=conftest.cc
+ cat >$src <<EOF
+int
+main ()
+{
+ return 0;
+}
+EOF
+
+ # test for PIE
+
+ if $CXX $src -c -o a.out -fPIE -fPIC -DPIE; then
+ if $CXX -pie -o a2.out a.out; then
+ export CF_PIE="-fPIE -fPIC -DPIE"
+ export LD_PIE="-pie"
+ fi
+ rm -f a2.out
+ rm -f a.out
+ fi
+
+ # test for fortified source
+ if $CXX $src -c -o a.out -O3 -D_FORTIFY_SOURCE=2; then
+ export CF_FORTIFY="-D_FORTIFY_SOURCE=2"
+ rm -f a.out
+ fi
+
+ # test for stack protector
+ if $CXX $src -c -o a.out -O3 -fstack-protector; then
+ export CF_STACK="-fstack-protector"
+ if $CXX $src -c -o a.out -O3 -fstack-protector --param ssp-buffer-size=4; then
+ export CF_STACK="$CF_STACK --param ssp-buffer-size=4"
+ fi
+ rm -f a.out
+ fi
+
+ rm -f $src
+}
+
echo Testing dependencies and compiler.
+test_flags
+
+sed -e "s/@CF_PIE@/$CF_PIE/g" -e "s/@LD_PIE@/$LD_PIE/g" -e "s/@CF_FORTIFY@/$CF_FORTIFY/g" -e "s/@CF_STACK@/$CF_STACK/g" -e "s/@LD_RELRO@/$LD_RELRO/g" < Makefile.in > Makefile
+
+set +e
GMAKE=`which gmake`
+set -e
+
if test -z "$GMAKE"
then
- make basic_checks
+ make basic_checks
else
- echo Using gmake to build
- gmake basic_checks
+ echo Using gmake to build
+ gmake basic_checks
fi
projects / pdns / commitdiff