[Forensics-changes] [crack] 28/40: For now enable all hardening build flags except PIE
Giovani Augusto Ferreira
giovani-guest at moszumanska.debian.org
Wed Dec 28 02:47:55 UTC 2016
This is an automated email from the git hooks/post-receive script.
giovani-guest pushed a commit to branch debian
in repository crack.
commit 23cb83c699ec74788228857d14131031b3c72427
Author: Axel Beckert <abe at deuxchevaux.org>
Date: Mon Oct 10 02:09:00 2016 +0200
For now enable all hardening build flags except PIE
* Patch several Makefiles to properly pass the according flags.
* Merge all Makefile related patches into one patch.
---
debian/changelog | 3 +
debian/patches/Makefile.patch | 153 ++++++++++++++++++++++++++++-
debian/patches/series | 1 -
debian/patches/src___util___Makefile.patch | 69 -------------
debian/rules | 2 +
5 files changed, 156 insertions(+), 72 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 146ff50..8711669 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -24,6 +24,9 @@ crack (5.0a-10) UNRELEASED; urgency=medium
doc-base-unknown-section.
* Add patch to fix shebang line in perl-written examples. Fixes lintian
warning executable-not-elf-or-script.
+ * For now enable all hardening build flags except PIE.
+ + Patch several Makefiles to properly pass the according flags.
+ + Merge all Makefile related patches into one patch.
-- Axel Beckert <abe at debian.org> Sun, 09 Oct 2016 21:53:26 +0200
diff --git a/debian/patches/Makefile.patch b/debian/patches/Makefile.patch
index beb34e6..00ffa05 100644
--- a/debian/patches/Makefile.patch
+++ b/debian/patches/Makefile.patch
@@ -1,5 +1,7 @@
-Description: Fix up Makefile to use lib/ instead of run/
- Patch imported from .diff.gz of crack 5.0a-9.4
+Description: Fix up Makefiles
+ * Use lib/ instead of run/.
+ * Fix build flags passing, build order and hardlinks.
+ Patch based on the one imported from .diff.gz of crack 5.0a-9.4
--- crack-5.0a.orig/Makefile
+++ crack-5.0a/Makefile
@@ -28,3 +30,150 @@ Description: Fix up Makefile to use lib/ instead of run/
+ -cat lib/F-merged >> F-merged.save
+ -rm -rf lib
( cd extra ; make clean )
+
+--- a/src/util/Makefile
++++ b/src/util/Makefile
+@@ -1,6 +1,6 @@
+ ###
+ # This program was written by and is copyright Alec Muffett 1991,
+-# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
++# 1992, 1993, 1994, 1995, 1996 & 1997, and is provided as part of the
+ # Crack v5.0 Password Cracking package.
+ #
+ # The copyright holder disclaims all responsibility or liability with
+@@ -9,13 +9,12 @@
+ # document which accompanies distributions of Crack v5.0 and upwards.
+ ###
+
+-CFLAGS= $(XCFLAGS) -I../lib
++CFLAGS+= $(XCFLAGS) -I../lib -D_XOPEN_SOURCE $(CPPFLAGS)
+ CC= $(XCC)
+
+ XLIB=$(XDIR)/libc5.a $(XLIBS)
+
+ EXE= $(XDIR)/dawg \
+- $(XDIR)/dictfilt \
+ $(XDIR)/kickdict \
+ $(XDIR)/cracker
+
+@@ -41,39 +40,37 @@
+
+ $(XDIR)/stdlib-cracker: cracker.c $(XLIB)
+ $(CC) $(CFLAGS) -c elcid.c
+- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB)
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB)
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
+ date > $@
+
+ $(XDIR)/libdes-cracker: cracker.c $(XLIB)
+ $(CC) $(CFLAGS) -c elcid.c
+- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../libdes/libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../libdes/libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../libdes/libdes.a
+ date > $@
+
+ $(XDIR)/ufc-cracker: cracker.c $(XLIB)
+ $(CC) $(CFLAGS) -DINITDES -DFCRYPT -c elcid.c
+- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
+ date > $@
+
+ $(XDIR)/gnu-cracker: cracker.c $(XLIB)
+ $(CC) $(CFLAGS) -c elcid.c
+- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../crypt/libufc.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../crypt/libufc.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../crypt/libufc.a
+ date > $@
+
+ #------------------------------------------------------------------
+
+ $(XDIR)/dawg: dawg.c $(XLIB)
+- $(CC) $(CFLAGS) -o $(XDIR)/dawg dawg.c $(XLIB)
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/dawg dawg.c $(XLIB)
+ rm -f $(XDIR)/xdawg
+- ln $(XDIR)/dawg $(XDIR)/xdawg
+-
+-#------------------------------------------------------------------
+-
+-# don't you just love dependency graphs?
+-$(XDIR)/dictfilt: dictfilt.c $(XLIB) $(XDIR)/cracker
+- $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
++ ln -s dawg $(XDIR)/xdawg
+
+ #------------------------------------------------------------------
+
+ $(XDIR)/kickdict: kickdict.c $(XLIB)
+- $(CC) $(CFLAGS) -o $(XDIR)/kickdict kickdict.c $(XLIB)
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(XDIR)/kickdict kickdict.c $(XLIB)
+
+--- a/extra/Makefile
++++ b/extra/Makefile
+@@ -10,20 +10,20 @@
+ ###
+
+ CC= gcc
+-CFLAGS= -O2 -g
++#CFLAGS= -O2 -g
+ LIB= ../src/libdes/libdes.a
+ #LIB= -lcrypt
+
+ all: brute brute-gen
+
+ brute: brute.c
+- $(CC) -O2 -o $@ brute.c $(LIB)
++ $(CC) $(CLFAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ brute.c $(LIB)
+
+ brute-gen: brute.c
+- $(CC) -DBRUTEGEN=1 -O2 -o $@ brute.c
++ $(CC) -DBRUTEGEN=1 $(CLFAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ brute.c
+
+ fips: fips.o
+- $(CC) -O2 -o $@ fips.o
++ $(CC) $(CLFAGS) $(CPPFLAGS) $(LDFLAGS) -O2 -o $@ fips.o
+
+ clean:
+ rm -f *.o *~ brute brute-gen core
+--- a/src/lib/Makefile
++++ b/src/lib/Makefile
+@@ -10,7 +10,7 @@
+ ###
+
+ XLIB= $(XDIR)/libc5.a
+-CFLAGS= $(XCFLAGS)
++CFLAGS+= $(XCFLAGS) $(CPPFLAGS)
+ CC= $(XCC)
+
+ SRC= dawglib.c debug.c rules.c stringlib.c
+--- a/src/libdes/Makefile
++++ b/src/libdes/Makefile
+@@ -36,7 +36,7 @@
+ OPTS= $(OPTS0) $(OPTS1) $(OPTS2)
+
+ CC=cc
+-CFLAGS= -O $(OPTS) $(CFLAG)
++CFLAGS= -O $(OPTS) $(CFLAGS) $(CPPFLAGS)
+
+ #CC=gcc
+ #CFLAGS= -O4 -fomit-frame-pointer -funroll-loops $(OPTS) $(CFLAG)
+@@ -85,16 +85,16 @@
+ else exit 0; fi; fi
+
+ destest: destest.o libdes.a
+- $(CC) $(CFLAGS) -o destest destest.o libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o destest destest.o libdes.a
+
+ rpw: rpw.o libdes.a
+- $(CC) $(CFLAGS) -o rpw rpw.o libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o rpw rpw.o libdes.a
+
+ speed: speed.o libdes.a
+- $(CC) $(CFLAGS) -o speed speed.o libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o speed speed.o libdes.a
+
+ des: des.o libdes.a
+- $(CC) $(CFLAGS) -o des des.o libdes.a
++ $(CC) $(CFLAGS) $(LDFLAGS) -o des des.o libdes.a
+
+ tags:
+ ctags $(DES) $(TESTING) $(LIBDES)
diff --git a/debian/patches/series b/debian/patches/series
index 2ceedf3..7998131 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,5 +7,4 @@ scripts___netcrack.patch
scripts___smartcat.patch
src___libdes___read_pwd.c.patch
src___libdes___stcmuMmo.patch
-src___util___Makefile.patch
b64_shebang.patch
diff --git a/debian/patches/src___util___Makefile.patch b/debian/patches/src___util___Makefile.patch
deleted file mode 100644
index 411b955..0000000
--- a/debian/patches/src___util___Makefile.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-Description: Adapt src/util/Makefile to fix CFLAGS, build order and hardlinks
- Patch imported from .diff.gz of crack 5.0a-9.4
-
---- crack-5.0a.orig/src/util/Makefile
-+++ crack-5.0a/src/util/Makefile
-@@ -1,6 +1,6 @@
- ###
- # This program was written by and is copyright Alec Muffett 1991,
--# 1992, 1993, 1994, 1995, and 1996, and is provided as part of the
-+# 1992, 1993, 1994, 1995, 1996 & 1997, and is provided as part of the
- # Crack v5.0 Password Cracking package.
- #
- # The copyright holder disclaims all responsibility or liability with
-@@ -9,13 +9,12 @@
- # document which accompanies distributions of Crack v5.0 and upwards.
- ###
-
--CFLAGS= $(XCFLAGS) -I../lib
-+CFLAGS= $(XCFLAGS) -I../lib -D_XOPEN_SOURCE
- CC= $(XCC)
-
- XLIB=$(XDIR)/libc5.a $(XLIBS)
-
- EXE= $(XDIR)/dawg \
-- $(XDIR)/dictfilt \
- $(XDIR)/kickdict \
- $(XDIR)/cracker
-
-@@ -42,21 +41,25 @@
- $(XDIR)/stdlib-cracker: cracker.c $(XLIB)
- $(CC) $(CFLAGS) -c elcid.c
- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB)
-+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
- date > $@
-
- $(XDIR)/libdes-cracker: cracker.c $(XLIB)
- $(CC) $(CFLAGS) -c elcid.c
- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../libdes/libdes.a
-+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../libdes/libdes.a
- date > $@
-
- $(XDIR)/ufc-cracker: cracker.c $(XLIB)
- $(CC) $(CFLAGS) -DINITDES -DFCRYPT -c elcid.c
- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
-+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../ufc-crypt/libufc.a
- date > $@
-
- $(XDIR)/gnu-cracker: cracker.c $(XLIB)
- $(CC) $(CFLAGS) -c elcid.c
- $(CC) $(CFLAGS) -o $(XDIR)/cracker cracker.c elcid.o $(XLIB) ../crypt/libufc.a
-+ $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB) ../crypt/libufc.a
- date > $@
-
- #------------------------------------------------------------------
-@@ -64,13 +67,7 @@
- $(XDIR)/dawg: dawg.c $(XLIB)
- $(CC) $(CFLAGS) -o $(XDIR)/dawg dawg.c $(XLIB)
- rm -f $(XDIR)/xdawg
-- ln $(XDIR)/dawg $(XDIR)/xdawg
--
--#------------------------------------------------------------------
--
--# don't you just love dependency graphs?
--$(XDIR)/dictfilt: dictfilt.c $(XLIB) $(XDIR)/cracker
-- $(CC) $(CFLAGS) -o $(XDIR)/dictfilt dictfilt.c elcid.o $(XLIB)
-+ ln -s dawg $(XDIR)/xdawg
-
- #------------------------------------------------------------------
-
diff --git a/debian/rules b/debian/rules
index 4aa0539..3cced27 100755
--- a/debian/rules
+++ b/debian/rules
@@ -5,6 +5,8 @@
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
+
%:
dh $@
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/forensics/crack.git
More information about the forensics-changes
mailing list