mirror of https://git.FreeBSD.org/ports.git
Matthias Andree
parent
421cd1ecf2
commit
f6df9faf35
|
|
@ -1,7 +1,7 @@
|
|||
PORTNAME= dnsmasq
|
||||
DISTVERSION= 2.92test21 # remember to bump PORTEPOCH when going from test to rc!
|
||||
# Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps:
|
||||
PORTREVISION= 0
|
||||
PORTREVISION= 1
|
||||
PORTEPOCH= 6
|
||||
CATEGORIES= dns
|
||||
#MASTER_SITES= LOCAL/mandree/ \
|
||||
|
|
@ -18,7 +18,7 @@ LICENSE= GPLv2
|
|||
|
||||
DEPRECATED= Short-lived test branch, to be removed after v2.92 release
|
||||
|
||||
USES= cpe shebangfix tar:xz
|
||||
USES= compiler cpe shebangfix tar:xz
|
||||
CPE_VENDOR= thekelleys
|
||||
|
||||
SHEBANG_FILES= contrib/dnslist/dnslist.pl \
|
||||
|
|
@ -30,8 +30,27 @@ MAKE_ARGS= CC="${CC}" \
|
|||
LIBS="${LDFLAGS}" \
|
||||
PREFIX="${PREFIX}" \
|
||||
RPM_OPT_FLAGS="${CPPFLAGS}"
|
||||
CFLAGS+= -Wall -Wno-unused-function -Wno-unused-parameter \
|
||||
-Wno-unused-value -Wno-unused-variable
|
||||
CFLAGS+= -Wall
|
||||
# https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
|
||||
# Note there are ${ARCH}-dependent options below after .include <bsd.port.pre.mk>
|
||||
CFLAGS+= -O2 -Wall -Wformat -Wformat=2 \
|
||||
-Werror=format-security \
|
||||
-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 \
|
||||
-fstrict-flex-arrays=3 \
|
||||
-fstack-clash-protection -fstack-protector-strong \
|
||||
-fno-delete-null-pointer-checks -fno-strict-overflow \
|
||||
-fno-strict-aliasing -ftrivial-auto-var-init=zero
|
||||
LDFLAGS+= -Wl,-z,nodlopen -Wl,-z,noexecstack \
|
||||
-Wl,-z,relro -Wl,-z,now \
|
||||
-Wl,--as-needed -Wl,--no-copy-dt-needed-entries
|
||||
CFLAGS+= -fPIE
|
||||
LDFLAGS+= -pie
|
||||
# error on obsolete C constructs
|
||||
CFLAGS+= -Werror=implicit -Werror=incompatible-pointer-types \
|
||||
-Werror=int-conversion
|
||||
# tune down harmless warnings due to coding style
|
||||
CFLAGS+= -Wno-unused-function -Wno-unused-parameter \
|
||||
-Wno-unused-value -Wno-unused-variable -Wno-format-nonliteral
|
||||
CPPFLAGS+= -I${LOCALBASE}/include
|
||||
|
||||
CONFLICTS_INSTALL= dnsmasq-2*
|
||||
|
|
@ -102,6 +121,17 @@ USE_RC_SUBR= dnsmasq
|
|||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
|
||||
.if ${ARCH} == "amd64"
|
||||
CFLAGS+= -fcf-protection=full
|
||||
.endif
|
||||
.if ${ARCH} == "aarch64"
|
||||
CFLAGS+= -mbranch-protection=standard
|
||||
.endif
|
||||
.if ${CHOSEN_COMPILER_TYPE} == "gcc"
|
||||
CFLAGS+= -Wtrampolines
|
||||
.endif
|
||||
|
||||
LDFLAGS+= -L${LOCALBASE}/lib ${_intllibs} ${ICONV_LIB}
|
||||
|
||||
post-patch:
|
||||
|
|
|
|||
Loading…
Reference in New Issue