add --enable-static configure argument. disable conflicting harden flags

2025-02-07 05:17:28 +00:00 · 2017-06-27 22:37:46 +08:00 · 2017-06-27 22:37:46 +08:00 · a9a3746d09
commit a9a3746d09
parent 74ace058a6
2 changed files with 47 additions and 31 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -94,6 +94,8 @@ LDFLAGS=@LDFLAGS@

 EXEEXT=@EXEEXT@

+STATIC=@STATIC@
+
 # whether we're building client, server, or both for the common objects.
 # evilness so we detect 'dropbear' by itself as a word
 space:= $(empty) $(empty)
--- a/configure.ac
+++ b/configure.ac
@ -33,6 +33,17 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])],
    [AC_MSG_RESULT(no); CFLAGS="$OLDCFLAGS" ]
    )

+STATIC=0
+AC_ARG_ENABLE(static,
+	[  --enable-static        Build static binaries],
+	[
+		if test "x$enableval" = "xyes"; then
+			STATIC=1
+			AC_MSG_NOTICE(Static Build)
+		fi
+	], [])
+AC_SUBST(STATIC)
+
 hardenbuild=1
 AC_ARG_ENABLE(harden,
 	[  --disable-harden        Don't set hardened build flags],
@ -45,37 +56,40 @@ AC_ARG_ENABLE(harden,

 if test "$hardenbuild" -eq 1; then
 	AC_MSG_NOTICE(Checking for available hardened build flags:)
-	# pie
-	OLDCFLAGS="$CFLAGS"
-	TESTFLAGS="-fPIE"
-	CFLAGS="$CFLAGS $TESTFLAGS"
-	AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], 
-	    [AC_MSG_NOTICE([Setting $TESTFLAGS])], 
-	    [AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ]
-	    )
-	OLDLDFLAGS="$LDFLAGS"
-	TESTFLAGS="-Wl,-pie"
-	LDFLAGS="$LDFLAGS $TESTFLAGS"
-	AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
-	    [AC_MSG_NOTICE([Setting $TESTFLAGS])], 
-		[
-			LDFLAGS="$OLDLDFLAGS"
-			TESTFLAGS="-pie"
-			LDFLAGS="$LDFLAGS $TESTFLAGS"
-			AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
-				[AC_MSG_NOTICE([Setting $TESTFLAGS])], 
-				[AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ]
-				)
-		]
-	    )
-	# readonly elf relocation sections (relro)
-	OLDLDFLAGS="$LDFLAGS"
-	TESTFLAGS="-Wl,-z,now -Wl,-z,relro"
-	LDFLAGS="$LDFLAGS $TESTFLAGS"
-	AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
-	    [AC_MSG_NOTICE([Setting $TESTFLAGS])], 
-	    [AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ]
-	    )
+	# relocation flags don't make sense for static builds
+	if test "$STATIC" -ne 1; then
+		# pie
+		OLDCFLAGS="$CFLAGS"
+		TESTFLAGS="-fPIE"
+		CFLAGS="$CFLAGS $TESTFLAGS"
+		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([])], 
+			[AC_MSG_NOTICE([Setting $TESTFLAGS])], 
+			[AC_MSG_NOTICE([Not setting $TESTFLAGS]); CFLAGS="$OLDCFLAGS" ]
+			)
+		OLDLDFLAGS="$LDFLAGS"
+		TESTFLAGS="-Wl,-pie"
+		LDFLAGS="$LDFLAGS $TESTFLAGS"
+		AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
+			[AC_MSG_NOTICE([Setting $TESTFLAGS])], 
+			[
+				LDFLAGS="$OLDLDFLAGS"
+				TESTFLAGS="-pie"
+				LDFLAGS="$LDFLAGS $TESTFLAGS"
+				AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
+					[AC_MSG_NOTICE([Setting $TESTFLAGS])], 
+					[AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ]
+					)
+			]
+			)
+		# readonly elf relocation sections (relro)
+		OLDLDFLAGS="$LDFLAGS"
+		TESTFLAGS="-Wl,-z,now -Wl,-z,relro"
+		LDFLAGS="$LDFLAGS $TESTFLAGS"
+		AC_LINK_IFELSE([AC_LANG_PROGRAM([])], 
+			[AC_MSG_NOTICE([Setting $TESTFLAGS])], 
+			[AC_MSG_NOTICE([Not setting $TESTFLAGS]); LDFLAGS="$OLDLDFLAGS" ]
+			)
+	fi # non-static
 	# stack protector. -strong is good but only in gcc 4.9 or later
 	OLDCFLAGS="$CFLAGS"
 	TESTFLAGS="-fstack-protector-strong"