-
Henrique de Moraes Holschuh authored
Override the autoconf default CFLAGS, CPPFLAGS and LDFLAGS for a more optimized, hardened build by default. Also, print the value of these variables in configure output. The standard methods to override the default CFLAGS, CPPFLAGS and LDFLAGS in configure still work, and will bypass the new defaults. Linux distros that override these on every build should not see any changes. Should the compiler not be detected as gcc-compatible, no change to CFLAGS/CPPFLAGS/LDFLAGS will be made. Note that clang is explicitly supported, and works just fine. The build will default to a baseline of "-O3 -g" and will attempt to selectively enable the following warning options: -Wall -Wextra -Wformat=2 -Werror=format-security -Wtrampolines -Wformat-signedness -Wformat-overflow=2 -Wformat-truncation=2 -Wtrampolines -Wcast-align -Wsign-conversion -Wnull-dereference -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wstrict-overflow -Winit-self -Wshadow -Wrestrict -Wpointer-arith -Wlogical-op -Wbad-function-cast -Wwrite-strings -Wduplicated-branches -Wduplicated-cond -Walloca -Wvla -Walloc-zero -Walloc-size-larger-than=1073741824 and the following hardening options: -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wstack-protector -fPIE -Wl,-z,relro -Wl,-z,now -pie configure will attempt to detect the set of compiler and linker driver flags that would work from the above list. Caveats: autoconf 2.69 and automake 1.13 or later are now required.
19d13848