boxtec
/
bitcoin
mirror of https://github.com/bitcoin/bitcoin
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

depends: add NO_HARDEN option

Browse Source 
Add an option that when passed, will disable hardening options, and
pass `--disable-hardening` through to configure. Due to the way
we link libssp for Windows builds, they now fail (after #27118),
if building with depends, and configuring with --disable-hardening.
See:
https://github.com/bitcoin/bitcoin/pull/27118#issuecomment-1492606272.

This change would add a depends opiton such that, if someone wants to
build with, for windows, without hardening, they can do so. This may
also be useful when building for debugging.
pull/27406/head
fanquake 2 years ago
parent 369d4c03b7
commit 436df1e826
No known key found for this signature in database
GPG Key ID: 2EEB9F5CC09526C1
5 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File

6
depends/Makefile
Unescape View File

@ -45,6 +45,7 @@ NO_USDT ?=
NO_NATPMP ?= NO_NATPMP ?=
MULTIPROCESS ?= MULTIPROCESS ?=
LTO ?= LTO ?=
NO_HARDEN ?=
FALLBACK_DOWNLOAD_PATH ?= https://bitcoincore.org/depends-sources FALLBACK_DOWNLOAD_PATH ?= https://bitcoincore.org/depends-sources
C_STANDARD ?= c11 C_STANDARD ?= c11
@ -146,8 +147,8 @@ include packages/packages.mk
# 2. Before including packages/*.mk (excluding packages/packages.mk), since # 2. Before including packages/*.mk (excluding packages/packages.mk), since
# they rely on the build_id variables # they rely on the build_id variables
# #
build_id:=$(shell env CC='$(build_CC)' C_STANDARD='$(C_STANDARD)' CXX='$(build_CXX)' CXX_STANDARD='$(CXX_STANDARD)' AR='$(build_AR)' RANLIB='$(build_RANLIB)' STRIP='$(build_STRIP)' SHA256SUM='$(build_SHA256SUM)' DEBUG='$(DEBUG)' LTO='$(LTO)' ./gen_id '$(BUILD_ID_SALT)' 'GUIX_ENVIRONMENT=$(realpath $(GUIX_ENVIRONMENT))') build_id:=$(shell env CC='$(build_CC)' C_STANDARD='$(C_STANDARD)' CXX='$(build_CXX)' CXX_STANDARD='$(CXX_STANDARD)' AR='$(build_AR)' RANLIB='$(build_RANLIB)' STRIP='$(build_STRIP)' SHA256SUM='$(build_SHA256SUM)' DEBUG='$(DEBUG)' LTO='$(LTO)' NO_HARDEN='$(NO_HARDEN)' ./gen_id '$(BUILD_ID_SALT)' 'GUIX_ENVIRONMENT=$(realpath $(GUIX_ENVIRONMENT))')
$(host_arch)_$(host_os)_id:=$(shell env CC='$(host_CC)' C_STANDARD='$(C_STANDARD)' CXX='$(host_CXX)' CXX_STANDARD='$(CXX_STANDARD)' AR='$(host_AR)' RANLIB='$(host_RANLIB)' STRIP='$(host_STRIP)' SHA256SUM='$(build_SHA256SUM)' DEBUG='$(DEBUG)' LTO='$(LTO)' ./gen_id '$(HOST_ID_SALT)' 'GUIX_ENVIRONMENT=$(realpath $(GUIX_ENVIRONMENT))') $(host_arch)_$(host_os)_id:=$(shell env CC='$(host_CC)' C_STANDARD='$(C_STANDARD)' CXX='$(host_CXX)' CXX_STANDARD='$(CXX_STANDARD)' AR='$(host_AR)' RANLIB='$(host_RANLIB)' STRIP='$(host_STRIP)' SHA256SUM='$(build_SHA256SUM)' DEBUG='$(DEBUG)' LTO='$(LTO)' NO_HARDEN='$(NO_HARDEN)' ./gen_id '$(HOST_ID_SALT)' 'GUIX_ENVIRONMENT=$(realpath $(GUIX_ENVIRONMENT))')
boost_packages_$(NO_BOOST) = $(boost_packages) boost_packages_$(NO_BOOST) = $(boost_packages)
@ -253,6 +254,7 @@ $(host_prefix)/share/config.site : config.site.in $(host_prefix)/.stamp_$(final_
-e 's|@no_natpmp@|$(NO_NATPMP)|' \ -e 's|@no_natpmp@|$(NO_NATPMP)|' \
-e 's|@multiprocess@|$(MULTIPROCESS)|' \ -e 's|@multiprocess@|$(MULTIPROCESS)|' \
-e 's|@lto@|$(LTO)|' \ -e 's|@lto@|$(LTO)|' \
-e 's|@no_harden@|$(NO_HARDEN)|' \
-e 's|@debug@|$(DEBUG)|' \ -e 's|@debug@|$(DEBUG)|' \
$< > $@ $< > $@
touch $@ touch $@

1
depends/README.md
Unescape View File

@ -123,6 +123,7 @@ The following can be set when running make: `make FOO=bar`
resides in the `depends` directory, and the log file is printed out automatically in case resides in the `depends` directory, and the log file is printed out automatically in case
of build error. After successful build log files are moved along with package archives of build error. After successful build log files are moved along with package archives
- `LTO`: Use LTO when building packages. - `LTO`: Use LTO when building packages.
- `NO_HARDEN=1`: Don't use hardening options when building packages
If some packages are not built, for example `make NO_WALLET=1`, the appropriate If some packages are not built, for example `make NO_WALLET=1`, the appropriate
options will be passed to bitcoin's configure. In this case, `--disable-wallet`. options will be passed to bitcoin's configure. In this case, `--disable-wallet`.

4
depends/config.site.in
Unescape View File

@ -82,6 +82,10 @@ if test -z "$enable_lto" && test -n "@lto@"; then
enable_lto=yes enable_lto=yes
fi fi
if test -z "$enable_hardening" && test -n "@no_harden@"; then
enable_hardening=no
fi
PKG_CONFIG="$(which pkg-config) --static" PKG_CONFIG="$(which pkg-config) --static"
PKG_CONFIG_PATH="${depends_prefix}/share/pkgconfig:${depends_prefix}/lib/pkgconfig" PKG_CONFIG_PATH="${depends_prefix}/share/pkgconfig:${depends_prefix}/lib/pkgconfig"

6
depends/gen_id
Unescape View File

@ -2,7 +2,7 @@
# Usage: env [ CC=... ] [ C_STANDARD=...] [ CXX=... ] [CXX_STANDARD=...] \ # Usage: env [ CC=... ] [ C_STANDARD=...] [ CXX=... ] [CXX_STANDARD=...] \
# [ AR=... ] [ RANLIB=... ] [ STRIP=... ] [ DEBUG=... ] \ # [ AR=... ] [ RANLIB=... ] [ STRIP=... ] [ DEBUG=... ] \
# [ LTO=... ] ./build-id [ID_SALT]... # [ LTO=... ] [ NO_HARDEN=... ] ./build-id [ID_SALT]...
# #
# Prints to stdout a SHA256 hash representing the current toolset, used by # Prints to stdout a SHA256 hash representing the current toolset, used by
# depends/Makefile as a build id for caching purposes (detecting when the # depends/Makefile as a build id for caching purposes (detecting when the
@ -70,6 +70,10 @@
echo "LTO=${LTO}" echo "LTO=${LTO}"
echo "END LTO" echo "END LTO"
echo "BEGIN NO_HARDEN"
echo "NO_HARDEN=${NO_HARDEN}"
echo "END NO_HARDEN"
echo "END ALL" echo "END ALL"
) | if [ -n "$DEBUG" ] && command -v tee > /dev/null 2>&1; then ) | if [ -n "$DEBUG" ] && command -v tee > /dev/null 2>&1; then
# When debugging and `tee` is available, output the preimage to stderr # When debugging and `tee` is available, output the preimage to stderr

5
depends/packages/libevent.mk
Unescape View File

@ -16,8 +16,11 @@ define $(package)_set_vars
$(package)_config_opts_netbsd=--with-pic $(package)_config_opts_netbsd=--with-pic
$(package)_config_opts_openbsd=--with-pic $(package)_config_opts_openbsd=--with-pic
$(package)_config_opts_android=--with-pic $(package)_config_opts_android=--with-pic
$(package)_cppflags+=-D_FORTIFY_SOURCE=3
$(package)_cppflags_mingw32=-D_WIN32_WINNT=0x0601 $(package)_cppflags_mingw32=-D_WIN32_WINNT=0x0601
ifeq ($(NO_HARDEN),)
$(package)_cppflags+=-D_FORTIFY_SOURCE=3
endif
endef endef
define $(package)_preprocess_cmds define $(package)_preprocess_cmds

Write Preview
Loading…
Cancel
Save