rpms
/
tcp_wrappers
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Properly inject LDFLAGS and handle hardening system-wide (#1548669)

This commit is contained in:
Jakub Jelen 2018-03-08 10:34:40 +01:00
parent a61e0e36f5
commit 75a86a6d6d
3 changed files with 12 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
tcp_wrappers-7.6-ldflags.patch
View File

@ -1,7 +1,13 @@
diff -up tcp_wrappers_7.6/Makefile.patch14 tcp_wrappers_7.6/Makefile
--- tcp_wrappers_7.6/Makefile.patch14 2008-08-29 09:45:12.000000000 +0200
+++ tcp_wrappers_7.6/Makefile 2008-08-29 09:45:12.000000000 +0200
@@ -732,26 +732,26 @@ $(SHLIB): $(LIB_OBJ)
diff -up tcp_wrappers_7.6-ipv6.4/Makefile.cflags tcp_wrappers_7.6-ipv6.4/Makefile
--- tcp_wrappers_7.6-ipv6.4/Makefile.cflags 2018-03-08 09:59:29.854718081 +0100
+++ tcp_wrappers_7.6-ipv6.4/Makefile 2018-03-08 09:59:49.282840150 +0100
@@ -741,31 +741,31 @@ $(LIB): $(LIB_OBJ)
$(SHLIB): $(LIB_OBJ)
gcc -shared -fPIC -Wl,-soname -Wl,$(SHLIB).$(MAJOR) \
- -o $(SHLIB).$(MAJOR).$(MINOR).$(REL) $^ $(LIBS)
+ -o $(SHLIB).$(MAJOR).$(MINOR).$(REL) $^ $(LDFLAGS) $(LIBS)
ln -s $(SHLIB).$(MAJOR).$(MINOR).$(REL) $(SHLIB).$(MAJOR)
ln -s $(SHLIB).$(MAJOR).$(MINOR).$(REL) $(SHLIB)
tcpd: tcpd.o $(LIB)

12
tcp_wrappers-7.6-relro.patch
View File

@ -1,12 +0,0 @@
diff -up tcp_wrappers_7.6/Makefile.relro tcp_wrappers_7.6/Makefile
--- tcp_wrappers_7.6/Makefile.relro 2011-08-10 03:33:25.457892277 +0200
+++ tcp_wrappers_7.6/Makefile 2011-08-10 03:33:39.565892352 +0200
@@ -726,7 +726,7 @@ $(LIB): $(LIB_OBJ)
-$(RANLIB) $(LIB)
$(SHLIB): $(LIB_OBJ)
- gcc -shared -fPIC -Wl,-soname -Wl,$(SHLIB).$(MAJOR) \
+ gcc -shared -fPIC -Wl,-z,relro -Wl,-soname -Wl,$(SHLIB).$(MAJOR) \
-o $(SHLIB).$(MAJOR).$(MINOR).$(REL) $^ $(LIBS)
ln -s $(SHLIB).$(MAJOR).$(MINOR).$(REL) $(SHLIB).$(MAJOR)
ln -s $(SHLIB).$(MAJOR).$(MINOR).$(REL) $(SHLIB)

6
tcp_wrappers.spec
View File

@ -33,7 +33,6 @@ Patch21: tcp_wrappers-7.6-196326.patch
Patch22: tcp_wrappers_7.6-249430.patch
Patch23: tcp_wrappers-7.6-inetdconf.patch
Patch24: tcp_wrappers-7.6-bug698464.patch
Patch25: tcp_wrappers-7.6-relro.patch
Patch26: tcp_wrappers-7.6-xgets.patch
Patch27: tcp_wrappers-7.6-initgroups.patch
Patch28: tcp_wrappers-7.6-warnings.patch
@ -78,7 +77,7 @@ tcp_wrappers-libs contains the libraries of the tcp_wrappers package.
%patch9 -p1 -b .usagi-ipv6
%patch11 -p1 -b .shared
%patch12 -p1 -b .sig
%patch14 -p1 -b .cflags
%patch14 -p1 -b .ldflags
%patch15 -p1 -b .fix_sig
%patch16 -p1 -b .162412
%patch17 -p1 -b .220015
@ -88,7 +87,6 @@ tcp_wrappers-libs contains the libraries of the tcp_wrappers package.
%patch22 -p1 -b .249430
%patch23 -p1 -b .inetdconf
%patch24 -p1 -b .698464
%patch25 -p1 -b .relro
%patch26 -p1 -b .xgets
%patch27 -p1 -b .initgroups
%patch29 -p1 -b .uchart_fix
@ -99,7 +97,7 @@ tcp_wrappers-libs contains the libraries of the tcp_wrappers package.
%build
make \
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fPIC -DPIC -D_REENTRANT -DHAVE_STRERROR -DACLEXEC" \
LDFLAGS="-pie -z relro -z now" \
LDFLAGS="$RPM_LD_FLAGS" \
MAJOR=%{LIB_MAJOR} MINOR=%{LIB_MINOR} REL=%{LIB_REL} linux %{?_smp_mflags}