kc3-lang/libressl

Diff

  • Show log

    Commit

  • Hash : c0a8ddc1
    Author : Jim Barlow
    Date : 2014-12-23T21:47:03 

    configure.ac: use executable hardening where available

Where available, enable stack smashing protection, fortify source,
no-strict-overflow, and read only relocations.

Many Linux distributions automatically enable most of these options.
They are no brainers. The difference introduced here is in asking for a
few more aggressive options. An option to disable the more aggressive
options is provided (--disable-hardening). When set, configure will fall
back to the default CFLAGS on the system - in many cases that will still
be hardened. There is no point in going further than that.

Options enabled are:

-fstack-protector-strong is a relatively new GCC-4.9 feature that is
supposed to give a better balance between performance and protection.
-all is considered too aggressive, but was used in Chromium and other
security critical systems until -strong became available. Follow their
lead and use -strong when possible. clang 6.0 supports -all but not
-strong.

_FORTIFY_SOURCE replaces certain unsafe C str* and mem* functions with
more robust equivalents when the compiler can determine the length of
the buffers involved.

-fno-strict-overflow instructs GCC to not make optimizations based on
the assumption that signed arithmetic will wrap around on overflow (e.g.
(short)0x7FFF + 1 == 0). This prevents the optimizer from doing some
unexpected things. Further improvements should trap signed overflows and
reduce the use of signed to refer to naturally unsigned quantities.

I did not set -fPIE (position independent executables). The critical
function of Open/LibreSSL is as a library, not an executable.

Tested on Ubuntu Linux 14.04.1 LTS, OS X 10.10.1 with "make check".

The code added to m4/ is GPLv3 but con

Signed-off-by: Jim Barlow <jim@purplerock.ca>

  • README

  • This package is the official portable version of LibreSSL
	(http://www.libressl.org).

LibreSSL is a fork of OpenSSL developed by the OpenBSD project
(http://www.openbsd.org). LibreSSL is developed on OpenBSD. This
package then adds portability shims for other operating systems.

Official release tarballs are available at your friendly neighborhood
OpenBSD mirror in directory LibreSSL, e.g.:

	http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/

although we suggest that you use a mirror:

	http://www.openbsd.org/ftp.html

The LibreSSL portable build framework is also mirrored in Github:

	https://github.com/libressl-portable/portable

If you have checked this source using Git, follow these initial steps to
prepare the source tree for building:

 1. ensure you have the following packages installed:
	automake, autoconf, bash, git, libtool, perl, pod2man
 2. run './autogen.sh' to prepare the source tree for building
    or run './dist.sh' to prepare a tarball.

Once you have a source tree from Git or FTP, run these commands to build and
install the package:

  ./configure   # see ./configure --help for configuration options
  make check    # runs builtin unit tests
  make install  # set DESTDIR= to install to an alternate location

The resulting library and 'openssl' utility is largely API-compatible with
OpenSSL 1.0.1. However, it is not ABI compatible - you will need to relink your
programs to LibreSSL in order to use it, just as in moving from OpenSSL 0.9.8
to 1.0.1.

The project attempts to provide working alternatives for operating systems with
limited or broken security primitives (e.g. arc4random(3), issetugid(2)) and
assists with improving OS-native implementations where possible.

LibreSSL portable will build on any reasonably modern version of Linux,
Solaris, or OSX with a standards-compliant compiler and C library.

kmx.io     mail     discord kmxgit v0.4.0