Re: [OTR-users] libotr/pidgin-otr 4.0.0 "beta2" release and win32 build

Jacob Appelbaum Tue, 10 Jul 2012 03:05:26 -0700

Hi Ian,

tl;dr


Apply the patches, you get automatic build hardening and a few new
Makefile targets that are useful for various things.

Ian Goldberg:
> On Fri, Jun 22, 2012 at 07:50:44PM -0700, Jacob Appelbaum wrote:
>>> Jake, as you say in your subsequent email, we'd love to see a patch to
>>> this effect.  Paul, we'd also like your opinion on it before we'd merge
>>> it.
>>

Great, here's the output of my additions to the configure.ac for pidgin-otr:

checking for win32... no
checking whether the compiler accepts -fstack-protector-all... yes
checking whether the compiler accepts -Wstack-protector... yes
checking whether the compiler accepts -fwrapv... yes
checking whether the compiler accepts --param ssp-buffer-size=1... yes
checking whether the compiler accepts -fPIE... yes
checking whether the linker accepts -pie... yes
checking whether the linker accepts -z relro -z now... yes

Here's the output for libotr:

checking for win32... no
checking whether the compiler accepts -fstack-protector-all... yes
checking whether the compiler accepts -Wstack-protector... yes
checking whether the compiler accepts -fwrapv... yes
checking whether the compiler accepts --param ssp-buffer-size=1... yes
checking whether the compiler accepts -fPIE... yes
checking whether the linker accepts -pie... yes
checking whether the linker accepts -z relro -z now... yes

That's building on a Debian variant and I have not tested it on Windows.
Tor has tested it on Windows and it seems to work just fine. I suspect
libotr/pidgin-otr won't be much different but if you want to test it on
Windows, I'll help debug it.

>> I'll hack something up - is there a git repo that I can easily clone or
>> should I base my patches on pidgin-otr-4.0.0-beta2.tar.gz?
> 
> Yes, it's git://otr.git.sourceforge.net/gitroot/otr/{libotr,pidgin-otr}
> 

Great, I've attached two patches that basically straight up crib Tor's
autoconf hardening that we originally wrote years ago. It's now on by
default for Tor, so I think we've given it a lot of testing and it
should work with gcc, clang and other compilers.

>> Great!
>>
>> Is there a plan to integrate that into the Makefile? I assume you're
>> using '-c' or perhaps '--check-format' in your checks?
> 
> I used -c --check-accelerators=_  (-c includes --check-format, of
> course).
> 
> I'm not actually sure how best to get it into the Makefile, as the
> Makefile, Makefile.in, and Makefile.in.in are all auto-generated.  Any
> intltool experts that can suggest something?

I've also attached a patch that gives you such a target as well as a few
other useful targets for both libotr and pidgin-otr.

You now have the following targets:

make {check-translations, git-tag, git-push}

Furthermore, a few notes:

I noticed that the libotr,pidgin-otr repos are missing their respective
LICENSE files. It would be nice if it was added to both.

There aren't any signed git tags. The real release should have a signed
tag. I sign my releases like so:

git-tag:
        git tag -u 0xD81D840E -s $(VERSION)

I've included such a target in both Makefile.am files.

I suspect you'll want to use the same target but with your proper
release gpg key. I'll give you a few GPG hardware tokens when I see you
next, so you can have a role key in hardware, if you want.

I tested that everything builds and I haven't introduced any compiler
warnings or anything else.

Either apply the patches with patch or with git patch to get my commit
messages and other git stuff.

Patch:

  cd libotr/
  patch < /tmp/libotr-Makefile.am.patch
  patch < /tmp/libotr-autoconf-hardening.patch

  cd pidgin-otr/
  patch < /tmp/pidgin-otr-4.0.0-beta2-Makefile.am.patch
  patch < /tmp/pidgin-otr-4.0.0-beta2-autoconf-hardening.patch

git patch:

  # You may have to `git repack` before this will work...
  # if you abort, you will need to git rebase --abort or git am --abort
  # if you do that, you can start again
  cd libotr/
  git am -i --signoff
/tmp/0001-libotr-Add-new-compiler-and-linker-hardening-options.patch
  git am -i --signoff /tmp/0002-libotr-Add-git-tag-git-push-targets.patch

  cd pidgin-otr/
  git am -i --signoff
/tmp/0001-pidgin-otr-Add-check-translations-git-tag-git-push-targets.patch
  git am -i --signoff
/tmp/0002-pidgin-otr-add-new-compiler-and-linker-hardening-options.patch

Paul - can you test on Mac OS X, RedHat and other platforms that these
patches are fine from your perspective?

All the best,
Jake

P.S.

I noticed that the translations aren't quite checking out...

 % make check-translations
msgfmt -c --check-accelerators=_ po/*.po
po/de.po:8: duplicate message definition...
po/ar.po:10: ...this is the location of the first definition
po/de.po:23: duplicate message definition...
po/ar.po:64: ...this is the location of the first definition
po/de.po:63: duplicate message definition...
po/ar.po:45: ...this is the location of the first definition
po/de.po:72: duplicate message definition...
po/ar.po:49: ...this is the location of the first definition
po/de.po:89: duplicate message definition...
po/ar.po:176: ...this is the location of the first definition
po/de.po:107: duplicate message definition...
po/ar.po:205: ...this is the location of the first definition
po/de.po:113: duplicate message definition...
po/ar.po:98: ...this is the location of the first definition
po/de.po:118: duplicate message definition...
po/ar.po:215: ...this is the location of the first definition
po/de.po:166: duplicate message definition...
po/ar.po:76: ...this is the location of the first definition
po/de.po:184: duplicate message definition...
po/ar.po:84: ...this is the location of the first definition
po/de.po:188: duplicate message definition...
po/ar.po:88: ...this is the location of the first definition
po/de.po:194: duplicate message definition...
po/ar.po:104: ...this is the location of the first definition
po/de.po:199: duplicate message definition...
po/ar.po:109: ...this is the location of the first definition
po/de.po:204: duplicate message definition...
po/ar.po:114: ...this is the location of the first definition
po/de.po:213: duplicate message definition...
po/ar.po:119: ...this is the location of the first definition
po/de.po:222: duplicate message definition...
po/ar.po:124: ...this is the location of the first definition
po/de.po:227: duplicate message definition...
po/ar.po:129: ...this is the location of the first definition
po/de.po:232: duplicate message definition...
po/ar.po:134: ...this is the location of the first definition
po/de.po:236: duplicate message definition...
po/ar.po:139: ...this is the location of the first definition
po/de.po:248: duplicate message definition...
po/ar.po:159: ...this is the location of the first definition
po/de.po:253: duplicate message definition...
po/ar.po:163: ...this is the location of the first definition
po/de.po:258: duplicate message definition...
po/ar.po:167: ...this is the location of the first definition
po/de.po:264: duplicate message definition...
po/ar.po:172: ...this is the location of the first definition
po/de.po:269: duplicate message definition...
po/ar.po:201: ...this is the location of the first definition
po/de.po:292: duplicate message definition...
po/ar.po:180: ...this is the location of the first definition
po/de.po:300: duplicate message definition...
po/ar.po:225: ...this is the location of the first definition
po/de.po:310: duplicate message definition...
po/ar.po:230: ...this is the location of the first definition
po/de.po:318: duplicate message definition...
po/ar.po:243: ...this is the location of the first definition
po/de.po:322: duplicate message definition...
po/ar.po:247: ...this is the location of the first definition
po/de.po:334: duplicate message definition...
po/ar.po:251: ...this is the location of the first definition
po/de.po:357: duplicate message definition...
po/ar.po:273: ...this is the location of the first definition
po/de.po:381: duplicate message definition...
po/ar.po:278: ...this is the location of the first definition
po/de.po:386: duplicate message definition...
po/ar.po:283: ...this is the location of the first definition
po/de.po:394: duplicate message definition...
po/ar.po:288: ...this is the location of the first definition
po/de.po:399: duplicate message definition...
po/ar.po:293: ...this is the location of the first definition
po/de.po:410: duplicate message definition...
po/ar.po:300: ...this is the location of the first definition
po/de.po:415: duplicate message definition...
po/ar.po:305: ...this is the location of the first definition
po/de.po:420: duplicate message definition...
po/ar.po:310: ...this is the location of the first definition
po/de.po:424: duplicate message definition...
po/ar.po:151: ...this is the location of the first definition
po/de.po:428: duplicate message definition...
po/ar.po:155: ...this is the location of the first definition
po/de.po:436: duplicate message definition...
po/ar.po:335: ...this is the location of the first definition
po/de.po:444: duplicate message definition...
po/ar.po:26: ...this is the location of the first definition
po/de.po:448: duplicate message definition...
po/ar.po:322: ...this is the location of the first definition
po/de.po:493: duplicate message definition...
po/ar.po:318: ...this is the location of the first definition
po/de.po:498: duplicate message definition...
po/ar.po:340: ...this is the location of the first definition
po/de.po:503: duplicate message definition...
po/ar.po:345: ...this is the location of the first definition
po/de.po:508: duplicate message definition...
po/ar.po:350: ...this is the location of the first definition
po/de.po:512: duplicate message definition...
po/ar.po:354: ...this is the location of the first definition
po/de.po:516: duplicate message definition...
po/ar.po:358: ...this is the location of the first definition
po/de.po:520: duplicate message definition...
po/ar.po:362: ...this is the location of the first definition
po/de.po:524: duplicate message definition...
po/ar.po:366: ...this is the location of the first definition
po/de.po:528: duplicate message definition...
po/ar.po:370: ...this is the location of the first definition
po/de.po:532: duplicate message definition...
po/ar.po:374: ...this is the location of the first definition
po/de.po:536: duplicate message definition...
po/ar.po:378: ...this is the location of the first definition
po/de.po:544: duplicate message definition...
po/ar.po:382: ...this is the location of the first definition
po/de.po:548: duplicate message definition...
po/ar.po:386: ...this is the location of the first definition
po/de.po:552: duplicate message definition...
po/ar.po:390: ...this is the location of the first definition
po/de.po:556: duplicate message definition...
po/ar.po:394: ...this is the location of the first definition
po/de.po:564: duplicate message definition...
po/ar.po:398: ...this is the location of the first definition
po/de.po:568: duplicate message definition...
po/ar.po:402: ...this is the location of the first definition
po/de.po:572: duplicate message definition...
po/ar.po:406: ...this is the location of the first definition
po/de.po:576: duplicate message definition...
po/ar.po:410: ...this is the location of the first definition
po/de.po:580: duplicate message definition...
po/ar.po:414: ...this is the location of the first definition
po/de.po:584: duplicate message definition...
po/ar.po:418: ...this is the location of the first definition
po/de.po:588: duplicate message definition...
po/ar.po:422: ...this is the location of the first definition
po/de.po:592: duplicate message definition...
po/ar.po:426: ...this is the location of the first definition
po/de.po:596: duplicate message definition...
po/ar.po:430: ...this is the location of the first definition
po/de.po:600: duplicate message definition...
po/ar.po:434: ...this is the location of the first definition
po/de.po:604: duplicate message definition...
po/ar.po:439: ...this is the location of the first definition
po/de.po:610: duplicate message definition...
po/ar.po:445: ...this is the location of the first definition
po/de.po:615: duplicate message definition...
po/ar.po:450: ...this is the location of the first definition
po/de.po:620: duplicate message definition...
po/ar.po:455: ...this is the location of the first definition
po/de.po:624: duplicate message definition...
po/ar.po:459: ...this is the location of the first definition
po/de.po:629: duplicate message definition...
po/ar.po:464: ...this is the location of the first definition
po/de.po:634: duplicate message definition...
po/ar.po:469: ...this is the location of the first definition
po/de.po:639: duplicate message definition...
po/ar.po:474: ...this is the location of the first definition
po/de.po:643: duplicate message definition...
po/ar.po:478: ...this is the location of the first definition
po/de.po:872: duplicate message definition...
po/ar.po:482: ...this is the location of the first definition
po/de.po:876: duplicate message definition...
po/ar.po:486: ...this is the location of the first definition
po/de.po:880: duplicate message definition...
po/ar.po:490: ...this is the location of the first definition
po/de.po:889: duplicate message definition...
po/ar.po:495: ...this is the location of the first definition
po/de.po:893: duplicate message definition...
po/ar.po:499: ...this is the location of the first definition
msgfmt: po/de.po: warning: PO file header missing or invalid
                  warning: charset conversion will not work
msgfmt: found 83 fatal errors
make: *** [check-translations] Error 1

diff --git a/Makefile.am b/Makefile.am
index d2944fb..b6cc7fc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -7,3 +7,13 @@ aclocal_DATA = libotr.m4
 
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libotr.pc
+
+
+.PHONY: git-tag git-push
+
+git-tag:
+	git tag -u 0xYOURRELEASEGPGKEYIDHERE -s libotr-$(VERSION)
+
+git-push:
+	git push --tags
+	git push

diff --git a/configure.ac b/configure.ac
index 54d7ab0..ed6d189 100644
--- a/configure.ac
+++ b/configure.ac
@@ -23,9 +23,137 @@ AC_SUBST(LIBOTR_LIBTOOL_VERSION)
 
 AC_PROG_CC
 
+
 AM_PROG_LIBTOOL
 
 AM_PATH_LIBGCRYPT(1:1.2.0,,AC_MSG_ERROR(libgcrypt 1.2.0 or newer is required.))
 
-AC_OUTPUT([Makefile src/Makefile toolkit/Makefile libotr.pc])
+dnl 1:flags
+dnl Taken from Tor's autoconf magic repository
+AC_DEFUN([OTR_CHECK_CFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_cflags_$1])
+  AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    CFLAGS="$CFLAGS -pedantic -Werror $1"
+    AC_TRY_COMPILE([], [return 0;],
+                   [AS_VAR_SET(VAR,yes)],
+                   [AS_VAR_SET(VAR,no)])
+    CFLAGS="$otr_saved_CFLAGS"
+  ])
+  if test x$VAR = xyes; then
+    CFLAGS="$CFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+dnl 1:flags
+dnl 2:extra ldflags
+dnl 3:extra libraries
+AC_DEFUN([OTR_CHECK_LDFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_ldflags_$1])
+  AC_CACHE_CHECK([whether the linker accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    otr_saved_LDFLAGS="$LDFLAGS"
+    otr_saved_LIBS="$LIBS"
+    CFLAGS="$CFLAGS -pedantic -Werror"
+    LDFLAGS="$LDFLAGS $2 $1"
+    LIBS="$LIBS $3"
+    AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
+                  [AS_VAR_SET(VAR,yes)],
+                  [AS_VAR_SET(VAR,no)],
+           [AC_TRY_LINK([], [return 0;],
+                                   [AS_VAR_SET(VAR,yes)],
+                                   [AS_VAR_SET(VAR,no)])])
+    CFLAGS="$otr_saved_CFLAGS"
+    LDFLAGS="$otr_saved_LDFLAGS"
+    LIBS="$otr_saved_LIBS"
+  ])
+  if test x$VAR = xyes; then
+    LDFLAGS="$LDFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+
+dnl If _WIN32 is defined and non-zero, we are building for win32
+AC_MSG_CHECKING([for win32])
+AC_RUN_IFELSE([AC_LANG_SOURCE([
+int main(int c, char **v) {
+#ifdef _WIN32
+#if _WIN32
+  return 0;
+#else
+  return 1;
+#endif
+#else
+  return 2;
+#endif
+}])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]),
+bwin32=cross; AC_MSG_RESULT([cross])
+)
+
+if test "$bwin32" = cross; then
+AC_MSG_CHECKING([for win32 (cross)])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([
+#ifdef _WIN32
+int main(int c, char **v) {return 0;}
+#else
+#error
+int main(int c, char **v) {return x(y);}
+#endif
+])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]))
+fi
+
+AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
+
+dnl Adam Shostack suggests the following for Windows:
+dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
+dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
+dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
+AC_ARG_ENABLE(gcc-hardening,
+    AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
 
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+    AS_HELP_STRING(--disable-linker-hardening, disable linker security fixups))
+
+dnl ---------------------------------------------------------------------
+dnl Now that we know about our major libraries, we can check for compiler
+dnl and linker hardening options.  We need to do this with the libraries known,
+dnl since sometimes the linker will like an option but not be willing to
+dnl use it with a build of a library.
+
+all_ldflags_for_check="$LDFLAGS"
+all_libs_for_check="$LIBGCRYPT_LIBS"
+
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
+#if !defined(__clang__)
+#error
+#endif
+])], have_clang=yes, have_clang=no)
+
+if test x$enable_gcc_hardening != xno; then
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+    if test x$have_clang = xyes; then
+       OTR_CHECK_CFLAGS(-Qunused-arguments)
+    fi
+    OTR_CHECK_CFLAGS(-fstack-protector-all)
+    OTR_CHECK_CFLAGS(-Wstack-protector)
+    OTR_CHECK_CFLAGS(-fwrapv)
+    OTR_CHECK_CFLAGS(--param ssp-buffer-size=1)
+    if test "$bwin32" = "false"; then
+       OTR_CHECK_CFLAGS(-fPIE)
+       OTR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
+    fi
+fi
+
+if test x$enable_linker_hardening != xno; then
+    OTR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
+fi
+
+AC_OUTPUT([Makefile src/Makefile toolkit/Makefile libotr.pc])

diff --git a/Makefile.am b/Makefile.am
index b11d604..f1ba9d9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -22,3 +22,15 @@ EXTRA_DIST=		dialogs.h gtk-dialog.h gtk-ui.h otr-plugin.h ui.h \
 			intltool-update.in Makefile.static INSTALL.mingw
 
 DISTCLEANFILES=		intltool-extract intltool-merge intltool-update
+
+.PHONY: check-translations git-tag git-push
+
+git-tag:
+	git tag -u 0xYOURRELEASEGPGKEYIDHERE -s pidgin-otr-$(VERSION)
+
+git-push:
+	git push --tags
+	git push
+
+check-translations:
+	msgfmt -c --check-accelerators=_ $(SUBDIRS)/*.po

diff --git a/configure.ac b/configure.ac
index 7e3093c..8540446 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,4 +27,132 @@ AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE, ["$GETTEXT_PACKAGE"], [Define the gettext pa
 ALL_LINGUAS="ar de el es fa fr hu it my_MM nl nn pl ru sk sv vi zh_CN"
 AM_GLIB_GNU_GETTEXT
 
+dnl 1:flags
+dnl Taken from Tor's autoconf magic repository
+AC_DEFUN([OTR_CHECK_CFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_cflags_$1])
+  AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    CFLAGS="$CFLAGS -pedantic -Werror $1"
+    AC_TRY_COMPILE([], [return 0;],
+                   [AS_VAR_SET(VAR,yes)],
+                   [AS_VAR_SET(VAR,no)])
+    CFLAGS="$otr_saved_CFLAGS"
+  ])
+  if test x$VAR = xyes; then
+    CFLAGS="$CFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+dnl 1:flags
+dnl 2:extra ldflags
+dnl 3:extra libraries
+AC_DEFUN([OTR_CHECK_LDFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_ldflags_$1])
+  AC_CACHE_CHECK([whether the linker accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    otr_saved_LDFLAGS="$LDFLAGS"
+    otr_saved_LIBS="$LIBS"
+    CFLAGS="$CFLAGS -pedantic -Werror"
+    LDFLAGS="$LDFLAGS $2 $1"
+    LIBS="$LIBS $3"
+    AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
+                  [AS_VAR_SET(VAR,yes)],
+                  [AS_VAR_SET(VAR,no)],
+           [AC_TRY_LINK([], [return 0;],
+                                   [AS_VAR_SET(VAR,yes)],
+                                   [AS_VAR_SET(VAR,no)])])
+    CFLAGS="$otr_saved_CFLAGS"
+    LDFLAGS="$otr_saved_LDFLAGS"
+    LIBS="$otr_saved_LIBS"
+  ])
+  if test x$VAR = xyes; then
+    LDFLAGS="$LDFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+
+dnl If _WIN32 is defined and non-zero, we are building for win32
+AC_MSG_CHECKING([for win32])
+AC_RUN_IFELSE([AC_LANG_SOURCE([
+int main(int c, char **v) {
+#ifdef _WIN32
+#if _WIN32
+  return 0;
+#else
+  return 1;
+#endif
+#else
+  return 2;
+#endif
+}])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]),
+bwin32=cross; AC_MSG_RESULT([cross])
+)
+
+if test "$bwin32" = cross; then
+AC_MSG_CHECKING([for win32 (cross)])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([
+#ifdef _WIN32
+int main(int c, char **v) {return 0;}
+#else
+#error
+int main(int c, char **v) {return x(y);}
+#endif
+])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]))
+fi
+
+AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
+
+dnl Adam Shostack suggests the following for Windows:
+dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
+dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
+dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
+AC_ARG_ENABLE(gcc-hardening,
+    AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
+
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+    AS_HELP_STRING(--disable-linker-hardening, disable linker security fixups))
+
+dnl ---------------------------------------------------------------------
+dnl Now that we know about our major libraries, we can check for compiler
+dnl and linker hardening options.  We need to do this with the libraries known,
+dnl since sometimes the linker will like an option but not be willing to
+dnl use it with a build of a library.
+
+all_ldflags_for_check="$LDFLAGS"
+all_libs_for_check="$LIBGCRYPT_LIBS"
+
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
+#if !defined(__clang__)
+#error
+#endif
+])], have_clang=yes, have_clang=no)
+
+if test x$enable_gcc_hardening != xno; then
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+    if test x$have_clang = xyes; then
+       OTR_CHECK_CFLAGS(-Qunused-arguments)
+    fi
+    OTR_CHECK_CFLAGS(-fstack-protector-all)
+    OTR_CHECK_CFLAGS(-Wstack-protector)
+    OTR_CHECK_CFLAGS(-fwrapv)
+    OTR_CHECK_CFLAGS(--param ssp-buffer-size=1)
+    if test "$bwin32" = "false"; then
+       OTR_CHECK_CFLAGS(-fPIE)
+       OTR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
+    fi
+fi
+
+if test x$enable_linker_hardening != xno; then
+    OTR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
+fi
+
 AC_OUTPUT([Makefile po/Makefile.in])

From 78a235066dbf7b24f9ba13ae254bb0b5b00b73be Mon Sep 17 00:00:00 2001
From: Jacob Appelbaum <[email protected]>
Date: Tue, 10 Jul 2012 10:40:06 +0200
Subject: [PATCH 2/2] Add new compiler and linker hardening options

These new compiler and linker hardening options may be disabled at
your own peril with the following options to configure:

  --disable-gcc-hardening, disable compiler security checks
  --disable-linker-hardening, disable linker security fixups
---
 configure.ac |  128 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 128 insertions(+), 0 deletions(-)

diff --git a/configure.ac b/configure.ac
index 7e3093c..8540446 100644
--- a/configure.ac
+++ b/configure.ac
@@ -27,4 +27,132 @@ AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE, ["$GETTEXT_PACKAGE"], [Define the gettext pa
 ALL_LINGUAS="ar de el es fa fr hu it my_MM nl nn pl ru sk sv vi zh_CN"
 AM_GLIB_GNU_GETTEXT
 
+dnl 1:flags
+dnl Taken from Tor's autoconf magic repository
+AC_DEFUN([OTR_CHECK_CFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_cflags_$1])
+  AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    CFLAGS="$CFLAGS -pedantic -Werror $1"
+    AC_TRY_COMPILE([], [return 0;],
+                   [AS_VAR_SET(VAR,yes)],
+                   [AS_VAR_SET(VAR,no)])
+    CFLAGS="$otr_saved_CFLAGS"
+  ])
+  if test x$VAR = xyes; then
+    CFLAGS="$CFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+dnl 1:flags
+dnl 2:extra ldflags
+dnl 3:extra libraries
+AC_DEFUN([OTR_CHECK_LDFLAGS], [
+  AS_VAR_PUSHDEF([VAR],[otr_cv_ldflags_$1])
+  AC_CACHE_CHECK([whether the linker accepts $1], VAR, [
+    otr_saved_CFLAGS="$CFLAGS"
+    otr_saved_LDFLAGS="$LDFLAGS"
+    otr_saved_LIBS="$LIBS"
+    CFLAGS="$CFLAGS -pedantic -Werror"
+    LDFLAGS="$LDFLAGS $2 $1"
+    LIBS="$LIBS $3"
+    AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
+                  [AS_VAR_SET(VAR,yes)],
+                  [AS_VAR_SET(VAR,no)],
+           [AC_TRY_LINK([], [return 0;],
+                                   [AS_VAR_SET(VAR,yes)],
+                                   [AS_VAR_SET(VAR,no)])])
+    CFLAGS="$otr_saved_CFLAGS"
+    LDFLAGS="$otr_saved_LDFLAGS"
+    LIBS="$otr_saved_LIBS"
+  ])
+  if test x$VAR = xyes; then
+    LDFLAGS="$LDFLAGS $1"
+  fi
+  AS_VAR_POPDEF([VAR])
+])
+
+
+dnl If _WIN32 is defined and non-zero, we are building for win32
+AC_MSG_CHECKING([for win32])
+AC_RUN_IFELSE([AC_LANG_SOURCE([
+int main(int c, char **v) {
+#ifdef _WIN32
+#if _WIN32
+  return 0;
+#else
+  return 1;
+#endif
+#else
+  return 2;
+#endif
+}])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]),
+bwin32=cross; AC_MSG_RESULT([cross])
+)
+
+if test "$bwin32" = cross; then
+AC_MSG_CHECKING([for win32 (cross)])
+AC_COMPILE_IFELSE([AC_LANG_SOURCE([
+#ifdef _WIN32
+int main(int c, char **v) {return 0;}
+#else
+#error
+int main(int c, char **v) {return x(y);}
+#endif
+])],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]))
+fi
+
+AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
+
+dnl Adam Shostack suggests the following for Windows:
+dnl -D_FORTIFY_SOURCE=2 -fstack-protector-all
+dnl Others suggest '/gs /safeseh /nxcompat /dynamicbase' for non-gcc on Windows
+dnl This requires that we use gcc and that we add -O2 to the CFLAGS.
+AC_ARG_ENABLE(gcc-hardening,
+    AS_HELP_STRING(--disable-gcc-hardening, disable compiler security checks))
+
+dnl Linker hardening options
+dnl Currently these options are ELF specific - you can't use this with MacOSX
+AC_ARG_ENABLE(linker-hardening,
+    AS_HELP_STRING(--disable-linker-hardening, disable linker security fixups))
+
+dnl ---------------------------------------------------------------------
+dnl Now that we know about our major libraries, we can check for compiler
+dnl and linker hardening options.  We need to do this with the libraries known,
+dnl since sometimes the linker will like an option but not be willing to
+dnl use it with a build of a library.
+
+all_ldflags_for_check="$LDFLAGS"
+all_libs_for_check="$LIBGCRYPT_LIBS"
+
+AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
+#if !defined(__clang__)
+#error
+#endif
+])], have_clang=yes, have_clang=no)
+
+if test x$enable_gcc_hardening != xno; then
+    CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+    if test x$have_clang = xyes; then
+       OTR_CHECK_CFLAGS(-Qunused-arguments)
+    fi
+    OTR_CHECK_CFLAGS(-fstack-protector-all)
+    OTR_CHECK_CFLAGS(-Wstack-protector)
+    OTR_CHECK_CFLAGS(-fwrapv)
+    OTR_CHECK_CFLAGS(--param ssp-buffer-size=1)
+    if test "$bwin32" = "false"; then
+       OTR_CHECK_CFLAGS(-fPIE)
+       OTR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
+    fi
+fi
+
+if test x$enable_linker_hardening != xno; then
+    OTR_CHECK_LDFLAGS(-z relro -z now, "$all_ldflags_for_check", "$all_libs_for_check")
+fi
+
 AC_OUTPUT([Makefile po/Makefile.in])
-- 
1.7.4.1

From 2c836694c4bd9a55b454d889925fe98bfe13cb61 Mon Sep 17 00:00:00 2001
From: Jacob Appelbaum <[email protected]>
Date: Tue, 10 Jul 2012 10:38:03 +0200
Subject: [PATCH 1/2] Add check-translations git-tag git-push targets

check-translations is a Make filetarget to check all .po files for correctnes

git-tag is a Makefile target to tag and sign git release

git-push is a Makefile target to push everything upstream
---
 Makefile.am |   12 ++++++++++++
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index b11d604..f1ba9d9 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -22,3 +22,15 @@ EXTRA_DIST=		dialogs.h gtk-dialog.h gtk-ui.h otr-plugin.h ui.h \
 			intltool-update.in Makefile.static INSTALL.mingw
 
 DISTCLEANFILES=		intltool-extract intltool-merge intltool-update
+
+.PHONY: check-translations git-tag git-push
+
+git-tag:
+	git tag -u 0xYOURRELEASEGPGKEYIDHERE -s pidgin-otr-$(VERSION)
+
+git-push:
+	git push --tags
+	git push
+
+check-translations:
+	msgfmt -c --check-accelerators=_ $(SUBDIRS)/*.po
-- 
1.7.4.1

signature.asc
Description: OpenPGP digital signature

_______________________________________________
OTR-users mailing list
[email protected]
http://lists.cypherpunks.ca/mailman/listinfo/otr-users

Re: [OTR-users] libotr/pidgin-otr 4.0.0 "beta2" release and win32 build

Reply via email to