From 83b495b0c10f065897cc420a92afc7ac41448c26 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20Andr=C3=A9=20Tanner?= <mat@brain-dump.org>
Date: Mon, 21 Mar 2016 16:40:18 +0100
Subject: configure: probe for hardening flags

---
 configure | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/configure b/configure
index 4769121..22e0446 100755
--- a/configure
+++ b/configure
@@ -198,7 +198,7 @@ tryflag   CFLAGS_TRY  -Werror=unused-command-line-argument
 tryldflag LDFLAGS_TRY -Werror=unknown-warning-option
 tryldflag LDFLAGS_TRY -Werror=unused-command-line-argument
 
-CFLAGS_STD="-std=c99 -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DNDEBUG"
+CFLAGS_STD="-std=c99 -D_POSIX_C_SOURCE=200809L -D_XOPEN_SOURCE=700 -DNDEBUG -D_FORTIFY_SOURCE=2"
 LDFLAGS_STD="-lc"
 
 OS=$(uname)
@@ -217,6 +217,13 @@ tryflag CFLAGS_AUTO -Os
 #tryflag CFLAGS_AUTO -fdata-sections
 #tryldflag LDFLAGS_AUTO -Wl,--gc-sections
 
+# Try hardening flags
+tryflag CFLAGS_AUTO -fPIE
+tryflag CFLAGS_AUTO -fstack-protector-all
+tryldflag LDFLAGS_AUTO "-z now"
+tryldflag LDFLAGS_AUTO "-z relro"
+tryldflag LDFLAGS_AUTO -pie
+
 have_pkgconfig=no
 printf "checking for pkg-config... "
 cmdexists pkg-config && have_pkgconfig=yes
-- 
cgit v1.2.3