FS#24145 - [openssl] Add system CFLAGS/LDFLAGS in PKGBUILD.

Attached to Project: Arch Linux
Opened by Kristoffer Tidemann (ktide) - Saturday, 07 May 2011, 14:05 GMT
Last edited by Pierre Schmitz (Pierre) - Saturday, 23 July 2011, 18:43 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Pierre Schmitz (Pierre)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Something like this

./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib \
shared zlib -Wa,--noexecstack ${CFLAGS} ${LDFLAGS}

should suffice.

The LDFLAGS should show up in EX_LIBS in the Summary ./config prints (Make sure to scroll up immediately :p)

Note that OpenSSL will always build with -O3 since it's used later in the GCC command line and thus supersedes our -O2 which is probably a good thing and intended.

Severity is medium since this needs to be fixed before the new CFLAGS/LDFLAGS are eventually introduced by Allan.
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Saturday, 23 July 2011, 18:43 GMT
Reason for closing:  Implemented
Comment by Kristoffer Tidemann (ktide) - Saturday, 07 May 2011, 14:10 GMT
This should be in Packages: Core - but I suck.
Comment by Kristoffer Tidemann (ktide) - Saturday, 07 May 2011, 17:28 GMT
The above ./config fails (I think) when something in CFLAGS has arguments that do not begin with - such as as --param ssp-buffer-size=4. I guess the weird target config options are the fault of this but I have no time to look into this now.
Comment by Pierre Schmitz (Pierre) - Sunday, 08 May 2011, 09:34 GMT
I think this should be fixed in trunk now. Compiling with the following lines added to the PKGBUILD it compiles and passes the test suite:

export CFLAGS="${CFLAGS} -fstack-protector-all -D_FORTIFY_SOURCE=2 --param=ssp-buffer-size=4"
export LDFLAGS="${LDFLAGS} -Wl,-z,relro"

Loading...