From 1bc0dc53f916ccfa93c6ed403876e2441999a3ba Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Fri, 19 Oct 2012 22:00:17 -0400 Subject: [PATCH 1/6] Fixes for hardening flags. Additional fixes for using C++ compiler to compile. Include file pcap.h now gates sniffer for build. --- configure.ac | 28 +++-- ctaocrypt/test/test.h | 10 +- cyassl/test.h | 3 +- m4/ax_harden_compiler_flags.m4 | 221 +++++++++++++++++---------------- 4 files changed, 142 insertions(+), 120 deletions(-) diff --git a/configure.ac b/configure.ac index 50b62e6b4..e4427b766 100644 --- a/configure.ac +++ b/configure.ac @@ -268,18 +268,17 @@ fi # SNIFFER -AC_ARG_ENABLE(sniffer, - [ --enable-sniffer Enable CyaSSL sniffer support (default: disabled)], - [ ENABLED_SNIFFER=$enableval ], - [ ENABLED_SNIFFER=no ] - ) +AC_ARG_ENABLE([sniffer], + [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ + AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ + ENABLED_SNIFFER=yes + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + ],[ ENABLED_SNIFFER=no ]) ]) + ],[ + ENABLED_SNIFFER=no + ]) -if test "$ENABLED_SNIFFER" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" -fi - -AM_CONDITIONAL([BUILD_SNIFFER], [test "x$ENABLED_SNIFFER" = "xyes"]) +AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) # AES-GCM AC_ARG_ENABLE(aesgcm, @@ -711,5 +710,12 @@ echo " * CPP Flags: $CPPFLAGS" echo " * Assertions enabled: $ac_cv_assert" echo " * Debug enabled: $with_debug" echo " * Warnings as failure: $ac_cv_warnings_as_errors" +echo +echo " Features " +echo " * sniffer: $ENABLED_SNIFFER" +echo " * Enable smallest build: $ENABLED_SMALL" +echo " * Single threaded: $ENABLED_SINGLETHREADED" +echo " * DTLS: $ENABLED_DTLS" +echo " * Enable extra OpenSSL API: $ENABLED_OPENSSLEXTRA" echo "" echo "---" diff --git a/ctaocrypt/test/test.h b/ctaocrypt/test/test.h index 2f8a75f3f..3557f9773 100644 --- a/ctaocrypt/test/test.h +++ b/ctaocrypt/test/test.h @@ -1,4 +1,4 @@ -/* test.c +/* ctaocrypt/test/test.h * * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. * @@ -21,5 +21,13 @@ #pragma once +#ifdef __cplusplus + extern "C" { +#endif + void ctaocrypt_test(void* args); +#ifdef __cplusplus + } /* extern "C" */ +#endif + diff --git a/cyassl/test.h b/cyassl/test.h index e6c9167da..533aebad4 100644 --- a/cyassl/test.h +++ b/cyassl/test.h @@ -201,7 +201,8 @@ static INLINE int mygetopt(int argc, char** argv, const char* optstring) } c = *next++; - cp = strchr(optstring, c); + // The C++ strchr returns a different value + cp = (char*)strchr(optstring, c); if (cp == NULL || c == ':') return '?'; diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4 index a30639205..f65c6e14f 100644 --- a/m4/ax_harden_compiler_flags.m4 +++ b/m4/ax_harden_compiler_flags.m4 @@ -55,12 +55,12 @@ # AX_APPEND_COMPILE_FLAGS([-Wstack-protector]) -- Issues on 32bit compile # AX_APPEND_COMPILE_FLAGS([-fstack-protector-all]) -- Issues on 32bit compile # AX_APPEND_COMPILE_FLAGS([-Wlong-long]) -- Don't turn on for compatibility issues memcached_stat_st -# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_flags_extra]) -# AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_flags_extra]) -# AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_flags_extra]) -# AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_flags_extra]) +# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cflags_extra]) -#serial 3 +#serial 4 AC_DEFUN([AX_HARDEN_LINKER_FLAGS], [ AC_REQUIRE([AX_CHECK_LINK_FLAG]) @@ -68,15 +68,14 @@ AC_REQUIRE([AX_DEBUG]) AC_REQUIRE([AX_CXX_COMPILER_VERSION]) - ax_append_compile_flags_extra= - AS_IF([test "$CLANG" = "yes"],[ax_append_compile_flags_extra="-Werror"]) - + ax_append_compile_link_flags_extra= AS_IF([test "$ac_cv_vcs_checkout" = "yes"], [ AX_CHECK_LINK_FLAG([-Werror]) - ax_append_compile_flags_extra= + ],[ + AX_CHECK_LINK_FLAG([-Werror],[ax_append_compile_link_flags_extra]) ]) - AX_CHECK_LINK_FLAG([-z relro -z now],,[$ax_append_compile_flags_extra]) - AX_CHECK_LINK_FLAG([-pie],,[$ax_append_compile_flags_extra]) + AX_CHECK_LINK_FLAG([-z relro -z now],,[$ax_append_compile_link_flags_extra]) + AX_CHECK_LINK_FLAG([-pie],,[$ax_append_compile_link_flags_extra]) ]) AC_DEFUN([AX_HARDEN_CC_COMPILER_FLAGS], [ @@ -84,132 +83,140 @@ AC_REQUIRE([AX_HARDEN_LINKER_FLAGS]) AC_LANG_PUSH([C]) - CFLAGS= - - AS_IF([test "$ax_enable_debug" = "yes"], [ - AX_APPEND_COMPILE_FLAGS([-g]) - AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_flags_extra]) - ],[]) ac_cv_warnings_as_errors=no - AS_IF([test "$ac_cv_vcs_checkout" = "yes"], [ - AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_flags_extra]) + ax_append_compile_cflags_extra= + AS_IF([test "$ac_cv_vcs_checkout" = "yes"],[ + AX_APPEND_COMPILE_FLAGS([-Werror]) ac_cv_warnings_as_errors=yes ],[ - AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cflags_extra]) ]) - AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_flags_extra]) - dnl Anything below this comment please keep sorted. - AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast],,[$ax_append_compile_flags_extra]) - dnl Not in use -Wc++-compat - AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wnested-externs],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Woverride-init],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wpointer-sign],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_flags_extra]) - AC_LANG_POP + AX_APPEND_COMPILE_FLAGS([-g]) + AS_IF([test "$ax_enable_debug" = "yes"], [ + AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cflags_extra]) + ],[ + AX_APPEND_COMPILE_FLAGS([-O2],,[$ax_append_compile_cflags_extra]) + ]) + AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cflags_extra]) + + AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cflags_extra]) + dnl Anything below this comment please keep sorted. + AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast],,[$ax_append_compile_cflags_extra]) + dnl Not in use -Wc++-compat + AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnested-externs],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Woverride-init],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-sign],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cflags_extra]) + AC_LANG_POP ]) AC_DEFUN([AX_HARDEN_CXX_COMPILER_FLAGS], [ AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS]) AC_LANG_PUSH([C++]) - CXXFLAGS= - AS_IF([test "$ax_enable_debug" = "yes" ], [ - AX_APPEND_COMPILE_FLAGS([-g],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_flags_extra]) + ax_append_compile_cxxflags_extra= + AS_IF([test "$ac_cv_warnings_as_errors" = "yes"],[ + AX_APPEND_COMPILE_FLAGS([-Werror]) ],[ - AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cxxflags_extra]) + ]) + + AX_APPEND_COMPILE_FLAGS([-g],,[$ax_append_compile_cxxflags_extra]) + AS_IF([test "$ax_enable_debug" = "yes" ], [ + AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cxxflags_extra]) + ],[ + AX_APPEND_COMPILE_FLAGS([-O2],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2],,[$ax_append_compile_cxxflags_extra]) ]) AS_IF([test "$ac_cv_vcs_checkout" = "yes" ], [ - AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cxxflags_extra]) ],[ - AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cxxflags_extra]) ]) - AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cxxflags_extra]) dnl Anything below this comment please keep sorted. - AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wctor-dtor-privacy],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wnon-virtual-dtor],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Woverloaded-virtual],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wc++11-compat],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_flags_extra]) - AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wctor-dtor-privacy],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnon-virtual-dtor],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Woverloaded-virtual],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wc++11-compat],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cxxflags_extra]) AC_LANG_POP ]) AC_DEFUN([AX_HARDEN_COMPILER_FLAGS], [ - AC_REQUIRE([AX_HARDEN_CXX_COMPILER_FLAGS],,[$ax_append_compile_flags_extra]) + AC_REQUIRE([AX_HARDEN_CXX_COMPILER_FLAGS]) ]) AC_DEFUN([AX_CC_OTHER_FLAGS], [ AC_REQUIRE([AX_APPEND_COMPILE_FLAGS]) - AC_REQUIRE([AX_HARDEN_LINKER_FLAGS]) + AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS]) AC_LANG_PUSH([C]) - AX_APPEND_COMPILE_FLAGS([-pipe],,[$ax_append_compile_flags_extra]) + AX_APPEND_COMPILE_FLAGS([-pipe],,[$ax_append_compile_cflags_extra]) AC_LANG_POP ]) From b883cc55a48c3ff6fb70953e1778e94d07c2737e Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Fri, 19 Oct 2012 20:09:17 -0700 Subject: [PATCH 2/6] Fix rules around pthread usage to fix clang warning. --- configure.ac | 25 ++++++++++++------------- src/internal.c | 10 +++++++--- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/configure.ac b/configure.ac index e4427b766..3858966fc 100644 --- a/configure.ac +++ b/configure.ac @@ -119,12 +119,18 @@ fi AC_ARG_ENABLE(singleThreaded, [ --enable-singleThreaded Enable CyaSSL single threaded (default: disabled)], [ ENABLED_SINGLETHREADED=$enableval ], - [ ENABLED_SINGLETHREADED=no ] - ) -if test "$ENABLED_SINGLETHREADED" = "yes" -then - AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" -fi + [ ENABLED_SINGLETHREADED=no ]) + +AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[ + AX_PTHREAD([ + AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.]) + AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS" + ],[ + ENABLED_SINGLETHREADED=yes + ]) + ]) + +AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ]) # DTLS @@ -663,13 +669,6 @@ then fi fi -AX_PTHREAD([ - AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.]) - ], - [ - AC_DEFINE([HAVE_PTHREAD], [0], [Define if you have POSIX threads libraries and header files.]) - ]) - LIB_SOCKET_NSL AC_ARG_ENABLE(gcc-hardening, diff --git a/src/internal.c b/src/internal.c index c60e982f6..94b852192 100644 --- a/src/internal.c +++ b/src/internal.c @@ -7591,24 +7591,28 @@ int SetCipherList(Suites* s, const char* list) int InitMutex(CyaSSL_Mutex* m) { + (void)m; return 0; } -int FreeMutex(CyaSSL_Mutex* m) +int FreeMutex(CyaSSL_Mutex *m) { + (void)m; return 0; } -int LockMutex(CyaSSL_Mutex* m) +int LockMutex(CyaSSL_Mutex *m) { + (void)m; return 0; } -int UnLockMutex(CyaSSL_Mutex* m) +int UnLockMutex(CyaSSL_Mutex *m) { + (void)m; return 0; } From f3b14343a5face170ee7ec7fadc7d5545fb38586 Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Fri, 19 Oct 2012 20:21:35 -0700 Subject: [PATCH 3/6] Add support for correctly compiling on darwin12 --- m4/ax_pthread.m4 | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/m4/ax_pthread.m4 b/m4/ax_pthread.m4 index d90de34d1..e9787ce65 100644 --- a/m4/ax_pthread.m4 +++ b/m4/ax_pthread.m4 @@ -82,7 +82,7 @@ # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. -#serial 18 +#serial 19 AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) AC_DEFUN([AX_PTHREAD], [ @@ -159,8 +159,12 @@ case ${host_os} in ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" ;; + darwin12*) + ax_pthread_flags="$ax_pthread_flags" + ;; + darwin*) - ax_pthread_flags="-pthread $ax_pthread_flags" + ax_pthread_flags="-pthreads $ax_pthread_flags" ;; esac From 1be873533e1f9c1d745acba3db04c28b7035c217 Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Sat, 20 Oct 2012 04:42:34 -0400 Subject: [PATCH 4/6] This adds support for "make rpm" --- Makefile.am | 10 +-- certs/include.am | 2 +- configure.ac | 1 + doc/include.am | 2 +- examples/client/include.am | 2 +- examples/echoclient/include.am | 2 +- examples/echoserver/include.am | 2 +- examples/server/include.am | 2 +- m4/ax_harden_compiler_flags.m4 | 8 +- rpm/include.am | 37 +++++++++ rpm/spec.in | 144 +++++++++++++++++++++++++++++++++ 11 files changed, 197 insertions(+), 15 deletions(-) create mode 100644 rpm/include.am create mode 100644 rpm/spec.in diff --git a/Makefile.am b/Makefile.am index 0a30c8859..b3414841a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -15,13 +15,10 @@ check_PROGRAMS = EXTRA_HEADERS = BUILT_SOURCES= EXTRA_DIST= -doc_DATA= +dist_doc_DATA= -exampledir = $(docdir)/@PACKAGE@/example -example_DATA= -EXTRA_DIST+= $(example_DATA) - -EXTRA_DIST+= $(doc_DATA) +exampledir = $(docdir)/example +dist_example_DATA= ACLOCAL_AMFLAGS= -I m4 @@ -50,6 +47,7 @@ include examples/echoserver/include.am include testsuite/include.am include tests/include.am include sslSniffer/sslSnifferTest/include.am +include rpm/include.am TESTS += $(check_PROGRAMS) test: check diff --git a/certs/include.am b/certs/include.am index fcedd005b..197ebc46c 100644 --- a/certs/include.am +++ b/certs/include.am @@ -34,7 +34,7 @@ EXTRA_DIST += \ certs/ecc-key.der -doc_DATA+= certs/taoCert.txt +dist_doc_DATA+= certs/taoCert.txt EXTRA_DIST+= certs/ntru-key.raw diff --git a/configure.ac b/configure.ac index 3858966fc..28f8cace3 100644 --- a/configure.ac +++ b/configure.ac @@ -692,6 +692,7 @@ AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h]) AC_CONFIG_FILES([Makefile]) AC_CONFIG_FILES([cyassl/version.h]) AC_CONFIG_FILES([support/libcyassl.pc]) +AC_CONFIG_FILES([rpm/spec]) AC_OUTPUT diff --git a/doc/include.am b/doc/include.am index fa44fcf8f..5bef623aa 100644 --- a/doc/include.am +++ b/doc/include.am @@ -2,4 +2,4 @@ # included from Top Level Makefile.am # All paths should be given relative to the root -doc_DATA+= doc/README.txt +dist_doc_DATA+= doc/README.txt diff --git a/examples/client/include.am b/examples/client/include.am index 4773cc8a1..f902fbeef 100644 --- a/examples/client/include.am +++ b/examples/client/include.am @@ -10,4 +10,4 @@ EXTRA_DIST += examples/client/client.sln EXTRA_DIST += examples/client/client-ntru.vcproj EXTRA_DIST += examples/client/client.vcproj -example_DATA+= examples/client/client.c +dist_example_DATA+= examples/client/client.c diff --git a/examples/echoclient/include.am b/examples/echoclient/include.am index 37592d158..ed35bffe9 100644 --- a/examples/echoclient/include.am +++ b/examples/echoclient/include.am @@ -12,4 +12,4 @@ EXTRA_DIST += examples/echoclient/echoclient.sln EXTRA_DIST += examples/echoclient/echoclient-ntru.vcproj EXTRA_DIST += examples/echoclient/echoclient.vcproj -example_DATA+= examples/echoclient/echoclient.c +dist_example_DATA+= examples/echoclient/echoclient.c diff --git a/examples/echoserver/include.am b/examples/echoserver/include.am index 6e031e063..f5ba8b6c1 100644 --- a/examples/echoserver/include.am +++ b/examples/echoserver/include.am @@ -12,4 +12,4 @@ EXTRA_DIST += examples/echoserver/echoserver.sln EXTRA_DIST += examples/echoserver/echoserver-ntru.vcproj EXTRA_DIST += examples/echoserver/echoserver.vcproj -example_DATA+= examples/echoserver/echoserver.c +dist_example_DATA+= examples/echoserver/echoserver.c diff --git a/examples/server/include.am b/examples/server/include.am index c54eb9135..760e40034 100644 --- a/examples/server/include.am +++ b/examples/server/include.am @@ -12,4 +12,4 @@ EXTRA_DIST += examples/server/server.sln EXTRA_DIST += examples/server/server-ntru.vcproj EXTRA_DIST += examples/server/server.vcproj -example_DATA+= examples/server/server.c +dist_example_DATA+= examples/server/server.c diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4 index f65c6e14f..99916d876 100644 --- a/m4/ax_harden_compiler_flags.m4 +++ b/m4/ax_harden_compiler_flags.m4 @@ -70,10 +70,12 @@ ax_append_compile_link_flags_extra= AS_IF([test "$ac_cv_vcs_checkout" = "yes"], [ - AX_CHECK_LINK_FLAG([-Werror]) - ],[ - AX_CHECK_LINK_FLAG([-Werror],[ax_append_compile_link_flags_extra]) + AX_CHECK_LINK_FLAG([-Werror]) + ],[ + AX_CHECK_LINK_FLAG([-Werror],[ + ax_append_compile_link_flags_extra=$ax_cv_check_ldflags___Werror ]) + ]) AX_CHECK_LINK_FLAG([-z relro -z now],,[$ax_append_compile_link_flags_extra]) AX_CHECK_LINK_FLAG([-pie],,[$ax_append_compile_link_flags_extra]) ]) diff --git a/rpm/include.am b/rpm/include.am new file mode 100644 index 000000000..e5253dd15 --- /dev/null +++ b/rpm/include.am @@ -0,0 +1,37 @@ +# vim:ft=automake + +rpm-build: rpm/spec dist + @rm -f *.rpm + @rm -f ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm + @rm -f ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm + @mkdir -p ~/rpmbuild/BUILD/ + @mkdir -p ~/rpmbuild/RPMS/i386/ + @mkdir -p ~/rpmbuild/RPMS/i686/ + @mkdir -p ~/rpmbuild/RPMS/noarch/ + @mkdir -p ~/rpmbuild/RPMS/x86_64/ + @mkdir -p ~/rpmbuild/SOURCES/ + @mkdir -p ~/rpmbuild/SPECS/ + @mkdir -p ~/rpmbuild/SRPMS/ + @cp $(PACKAGE)-$(VERSION).tar.gz ~/rpmbuild/SOURCES/ + @rpmbuild -ba --clean rpm/spec + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-devel-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-debuginfo-$(VERSION)*.rpm . + @cp ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm . + +rpm-sign: rpm-build + @rpm --addsign *.rpm + @rpm --checksig *.rpm + +clean-rpm: + @rm -f *.tar.gz + @rm -f *.src.rpm + @rm -f *.rpm + +rpm: rpm-build + +release: rpm-sign + +auto-rpmbuild: + @auto-br-rpmbuild -ba rpm/spec + diff --git a/rpm/spec.in b/rpm/spec.in new file mode 100644 index 000000000..80e5daf58 --- /dev/null +++ b/rpm/spec.in @@ -0,0 +1,144 @@ +Summary: Embedded SSL Library +Name: @PACKAGE@ +Version: @VERSION@ +Release: 1 +License: BSD +Group: System Environment/Libraries +BuildRequires: bison +URL: http://www.yassl.com/yaSSL/Home.html + +Packager: Brian Aker + +Source: http://yassl.com/yaSSL/download/%{name}-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot + +%description +Misc tools for Yassl. + +%package devel +Summary: Header files and development libraries for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +This package contains the header files and development libraries +for %{name}. If you like to develop programs using %{name}, +you will need to install %{name}-devel. + +%prep +%setup -q + +%configure + + +%build +%{__make} %{?_smp_mflags} + +%install +%{__rm} -rf %{buildroot} +%{__make} install DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS="" +mkdir -p $RPM_BUILD_ROOT/ + +%check + + +%clean +%{__rm} -rf %{buildroot} + +%files +%defattr(-,root,root,-) +%doc AUTHORS ChangeLog COPYING NEWS README +%{_docdir}/cyassl/taoCert.txt +%{_docdir}/cyassl/example/echoserver.c +%{_docdir}/cyassl/example/server.c +%{_docdir}/cyassl/example/echoclient.c +%{_docdir}/cyassl/example/client.c +%{_docdir}/cyassl/README.txt + +%files devel +%defattr(-,root,root,-) +%doc AUTHORS ChangeLog COPYING NEWS README +%{_libdir}/libcyassl.a +%{_libdir}/libcyassl.la +%{_libdir}/libcyassl.so +%{_libdir}/libcyassl.so.3 +%{_libdir}/libcyassl.so.3.0.3 +%{_includedir}/cyassl/callbacks.h +%{_includedir}/cyassl/crl.h +%{_includedir}/cyassl/ctaocrypt/aes.h +%{_includedir}/cyassl/ctaocrypt/arc4.h +%{_includedir}/cyassl/ctaocrypt/asn.h +%{_includedir}/cyassl/ctaocrypt/asn_public.h +%{_includedir}/cyassl/ctaocrypt/coding.h +%{_includedir}/cyassl/ctaocrypt/des3.h +%{_includedir}/cyassl/ctaocrypt/dh.h +%{_includedir}/cyassl/ctaocrypt/dsa.h +%{_includedir}/cyassl/ctaocrypt/ecc.h +%{_includedir}/cyassl/ctaocrypt/error.h +%{_includedir}/cyassl/ctaocrypt/hc128.h +%{_includedir}/cyassl/ctaocrypt/hmac.h +%{_includedir}/cyassl/ctaocrypt/integer.h +%{_includedir}/cyassl/ctaocrypt/logging.h +%{_includedir}/cyassl/ctaocrypt/md2.h +%{_includedir}/cyassl/ctaocrypt/md4.h +%{_includedir}/cyassl/ctaocrypt/md5.h +%{_includedir}/cyassl/ctaocrypt/memory.h +%{_includedir}/cyassl/ctaocrypt/misc.h +%{_includedir}/cyassl/ctaocrypt/mpi_class.h +%{_includedir}/cyassl/ctaocrypt/mpi_superclass.h +%{_includedir}/cyassl/ctaocrypt/pwdbased.h +%{_includedir}/cyassl/ctaocrypt/rabbit.h +%{_includedir}/cyassl/ctaocrypt/random.h +%{_includedir}/cyassl/ctaocrypt/ripemd.h +%{_includedir}/cyassl/ctaocrypt/rsa.h +%{_includedir}/cyassl/ctaocrypt/settings.h +%{_includedir}/cyassl/ctaocrypt/sha.h +%{_includedir}/cyassl/ctaocrypt/sha256.h +%{_includedir}/cyassl/ctaocrypt/sha512.h +%{_includedir}/cyassl/ctaocrypt/tfm.h +%{_includedir}/cyassl/ctaocrypt/types.h +%{_includedir}/cyassl/ctaocrypt/visibility.h +%{_includedir}/cyassl/error.h +%{_includedir}/cyassl/internal.h +%{_includedir}/cyassl/ocsp.h +%{_includedir}/cyassl/openssl/asn1.h +%{_includedir}/cyassl/openssl/bio.h +%{_includedir}/cyassl/openssl/bn.h +%{_includedir}/cyassl/openssl/conf.h +%{_includedir}/cyassl/openssl/crypto.h +%{_includedir}/cyassl/openssl/des.h +%{_includedir}/cyassl/openssl/dh.h +%{_includedir}/cyassl/openssl/dsa.h +%{_includedir}/cyassl/openssl/ec.h +%{_includedir}/cyassl/openssl/ecdsa.h +%{_includedir}/cyassl/openssl/engine.h +%{_includedir}/cyassl/openssl/err.h +%{_includedir}/cyassl/openssl/evp.h +%{_includedir}/cyassl/openssl/hmac.h +%{_includedir}/cyassl/openssl/lhash.h +%{_includedir}/cyassl/openssl/md4.h +%{_includedir}/cyassl/openssl/md5.h +%{_includedir}/cyassl/openssl/ocsp.h +%{_includedir}/cyassl/openssl/opensslconf.h +%{_includedir}/cyassl/openssl/opensslv.h +%{_includedir}/cyassl/openssl/ossl_typ.h +%{_includedir}/cyassl/openssl/pem.h +%{_includedir}/cyassl/openssl/pkcs12.h +%{_includedir}/cyassl/openssl/rand.h +%{_includedir}/cyassl/openssl/ripemd.h +%{_includedir}/cyassl/openssl/rsa.h +%{_includedir}/cyassl/openssl/sha.h +%{_includedir}/cyassl/openssl/ssl.h +%{_includedir}/cyassl/openssl/stack.h +%{_includedir}/cyassl/openssl/ui.h +%{_includedir}/cyassl/openssl/x509.h +%{_includedir}/cyassl/openssl/x509v3.h +%{_includedir}/cyassl/sniffer.h +%{_includedir}/cyassl/sniffer_error.h +%{_includedir}/cyassl/ssl.h +%{_includedir}/cyassl/test.h +%{_includedir}/cyassl/version.h + +%changelog +* Fri Oct 20 2012 Brian Aker - 0.1-1 +- Initial package From db8bd91488ffe5a29fb4422c5d32318f8c87182d Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Sat, 20 Oct 2012 20:07:30 -0400 Subject: [PATCH 5/6] Fix for some platforms that didn't want to insert the harden LIB in some cases. --- configure.ac | 1 + m4/ax_harden_compiler_flags.m4 | 22 +++++++++++++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index 28f8cace3..ca5fe7fb6 100644 --- a/configure.ac +++ b/configure.ac @@ -707,6 +707,7 @@ echo " * C Flags: $CFLAGS" echo " * C++ Compiler: $CXX_VERSION" echo " * C++ Flags: $CXXFLAGS" echo " * CPP Flags: $CPPFLAGS" +echo " * LIB Flags: $LIB" echo " * Assertions enabled: $ac_cv_assert" echo " * Debug enabled: $with_debug" echo " * Warnings as failure: $ac_cv_warnings_as_errors" diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4 index 99916d876..394812d2d 100644 --- a/m4/ax_harden_compiler_flags.m4 +++ b/m4/ax_harden_compiler_flags.m4 @@ -68,16 +68,28 @@ AC_REQUIRE([AX_DEBUG]) AC_REQUIRE([AX_CXX_COMPILER_VERSION]) + dnl If we are inside of VCS we append -Werror, otherwise we just use it to test other flags + AX_HARDEN_LIB= ax_append_compile_link_flags_extra= - AS_IF([test "$ac_cv_vcs_checkout" = "yes"], [ - AX_CHECK_LINK_FLAG([-Werror]) + AS_IF([test "x$ac_cv_vcs_checkout" = "xyes"],[ + AX_CHECK_LINK_FLAG([-Werror],[ + AX_HARDEN_LIB="-Werror $AX_HARDEN_LIB" + ]) ],[ AX_CHECK_LINK_FLAG([-Werror],[ - ax_append_compile_link_flags_extra=$ax_cv_check_ldflags___Werror + ax_append_compile_link_flags_extra='-Werror' ]) ]) - AX_CHECK_LINK_FLAG([-z relro -z now],,[$ax_append_compile_link_flags_extra]) - AX_CHECK_LINK_FLAG([-pie],,[$ax_append_compile_link_flags_extra]) + + AX_CHECK_LINK_FLAG([-z relro -z now],[ + AX_HARDEN_LIB="-z relro -z now $AX_HARDEN_LIB" + ],,[$ax_append_compile_link_flags_extra]) + + AX_CHECK_LINK_FLAG([-pie],[ + AX_HARDEN_LIB="-pie $AX_HARDEN_LIB" + ],,[$ax_append_compile_link_flags_extra]) + + LIB="$LIB $AX_HARDEN_LIB" ]) AC_DEFUN([AX_HARDEN_CC_COMPILER_FLAGS], [ From ac998a0f7c9a6c8f12cf3c1e7e76ed6990ea36fa Mon Sep 17 00:00:00 2001 From: Brian Aker Date: Sat, 20 Oct 2012 21:24:28 -0400 Subject: [PATCH 6/6] Remove version (it is a generated file), also updated how visibility is done. --- configure.ac | 6 +++++- cyassl/version.h | 35 ----------------------------------- 2 files changed, 5 insertions(+), 36 deletions(-) delete mode 100644 cyassl/version.h diff --git a/configure.ac b/configure.ac index ca5fe7fb6..4ab3ca1b2 100644 --- a/configure.ac +++ b/configure.ac @@ -44,6 +44,10 @@ LT_INIT([win32-dll]) LT_LANG([C++]) LT_LANG([C]) gl_VISIBILITY +AS_IF([ test -n "$CFLAG_VISIBILITY" ], [ + AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY" + CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY" + ]) m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])]) @@ -683,7 +687,7 @@ fi]) AX_HARDEN_CC_COMPILER_FLAGS CREATE_HEX_VERSION -AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY" +AC_SUBST(AM_CPPFLAGS) AC_SUBST(AM_CFLAGS) AC_SUBST(AM_LDFLAGS) diff --git a/cyassl/version.h b/cyassl/version.h deleted file mode 100644 index 08bcd9972..000000000 --- a/cyassl/version.h +++ /dev/null @@ -1,35 +0,0 @@ -/* cyassl_version.h.in - * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - - -#pragma once - -#ifdef __cplusplus -extern "C" { -#endif - -#define LIBCYASSL_VERSION_STRING "2.4.0" -#define LIBCYASSL_VERSION_HEX 0x02004000 - -#ifdef __cplusplus -} -#endif -