X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fmakefile.unix;fp=src%2Fmakefile.unix;h=b751e3fb8222d42b79a5a09ad95b75cb6ae241c6;hb=de71734ac41eebfe8763ce34e0443d64ea4aacc9;hp=5dbde3a04302ebe3fe0945caf75b90a8a0286cba;hpb=9b1c1c96d205849f993eaa23a6c0a3ab947e110d;p=novacoin.git diff --git a/src/makefile.unix b/src/makefile.unix index 5dbde3a..b751e3f 100644 --- a/src/makefile.unix +++ b/src/makefile.unix @@ -3,45 +3,92 @@ # Distributed under the MIT/X11 software license, see the accompanying # file license.txt or http://www.opensource.org/licenses/mit-license.php. -CXX=g++ - -WXINCLUDEPATHS=$(shell wx-config --cxxflags) +USE_UPNP:=0 -WXLIBS=$(shell wx-config --libs) +DEFS=-DNOPCH -USE_UPNP:=0 +DEFS += $(addprefix -I,$(BOOST_INCLUDE_PATH) $(BDB_INCLUDE_PATH) $(OPENSSL_INCLUDE_PATH)) +LIBS += $(addprefix -l,$(BOOST_LIB_PATH) $(BDB_LIB_PATH) $(OPENSSL_LIB_PATH)) -DEFS=-DNOPCH -DUSE_SSL +LMODE = dynamic +LMODE2 = dynamic +ifdef STATIC + LMODE = static + ifeq (${STATIC}, all) + LMODE2 = static + endif +endif # for boost 1.37, add -mt to the boost libraries LIBS= \ - -Wl,-Bstatic \ - -l boost_system \ - -l boost_filesystem \ - -l boost_program_options \ - -l boost_thread \ - -l db_cxx \ + -Wl,-B$(LMODE) \ + -l boost_system$(BOOST_LIB_SUFFIX) \ + -l boost_filesystem$(BOOST_LIB_SUFFIX) \ + -l boost_program_options$(BOOST_LIB_SUFFIX) \ + -l boost_thread$(BOOST_LIB_SUFFIX) \ + -l db_cxx$(BDB_LIB_SUFFIX) \ -l ssl \ -l crypto -ifdef USE_UPNP +ifndef USE_UPNP + override USE_UPNP = - +endif +ifneq (${USE_UPNP}, -) LIBS += -l miniupnpc DEFS += -DUSE_UPNP=$(USE_UPNP) endif +ifneq (${USE_SSL}, 0) + DEFS += -DUSE_SSL +endif + LIBS+= \ - -Wl,-Bdynamic \ - -l gthread-2.0 \ + -Wl,-B$(LMODE2) \ -l z \ -l dl \ -l pthread -DEBUGFLAGS=-g -D__WXDEBUG__ -CXXFLAGS=-O2 -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) +# Hardening +# Make some classes of vulnerabilities unexploitable in case one is discovered. +# + # This is a workaround for Ubuntu bug #691722, the default -fstack-protector causes + # -fstack-protector-all to be ignored unless -fno-stack-protector is used first. + # see: https://bugs.launchpad.net/ubuntu/+source/gcc-4.5/+bug/691722 + HARDENING=-fno-stack-protector + + # Stack Canaries + # Put numbers at the beginning of each stack frame and check that they are the same. + # If a stack buffer if overflowed, it writes over the canary number and then on return + # when that number is checked, it won't be the same and the program will exit with + # a "Stack smashing detected" error instead of being exploited. + HARDENING+=-fstack-protector-all -Wstack-protector + + # Make some important things such as the global offset table read only as soon as + # the dynamic linker is finished building it. This will prevent overwriting of addresses + # which would later be jumped to. + HARDENING+=-Wl,-z,relro -Wl,-z,now + + # Build position independent code to take advantage of Address Space Layout Randomization + # offered by some kernels. + # see doc/build-unix.txt for more information. + ifdef PIE + HARDENING+=-fPIE -pie + endif + + # -D_FORTIFY_SOURCE=2 does some checking for potentially exploitable code patterns in + # the source such overflowing a statically defined buffer. + HARDENING+=-D_FORTIFY_SOURCE=2 +# + + +DEBUGFLAGS=-g +CXXFLAGS=-O2 +xCXXFLAGS=-pthread -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) $(HARDENING) $(CXXFLAGS) HEADERS = \ base58.h \ bignum.h \ + checkpoints.h \ crypter.h \ db.h \ headers.h \ @@ -53,17 +100,16 @@ HEADERS = \ net.h \ noui.h \ protocol.h \ - rpc.h \ + bitcoinrpc.h \ script.h \ serialize.h \ strlcpy.h \ - ui.h \ - uibase.h \ uint256.h \ util.h \ wallet.h OBJS= \ + obj/checkpoints.o \ obj/crypter.o \ obj/db.o \ obj/init.o \ @@ -72,46 +118,46 @@ OBJS= \ obj/main.o \ obj/net.o \ obj/protocol.o \ - obj/rpc.o \ + obj/bitcoinrpc.o \ obj/script.o \ obj/util.o \ - obj/wallet.o \ - cryptopp/obj/sha.o \ - cryptopp/obj/cpu.o + obj/wallet.o -all: bitcoin +all: bitcoind +# auto-generated dependencies: +-include obj/nogui/*.P +-include obj/test/*.P -obj/%.o: %.cpp $(HEADERS) - $(CXX) -c $(CXXFLAGS) $(WXINCLUDEPATHS) -DGUI -o $@ $< - -cryptopp/obj/%.o: cryptopp/%.cpp - $(CXX) -c $(CXXFLAGS) -O3 -o $@ $< - -bitcoin: $(OBJS) obj/ui.o obj/uibase.o - $(CXX) $(CXXFLAGS) -o $@ $^ $(WXLIBS) $(LIBS) - - -obj/nogui/%.o: %.cpp $(HEADERS) - $(CXX) -c $(CXXFLAGS) -o $@ $< +obj/nogui/%.o: %.cpp + $(CXX) -c $(xCXXFLAGS) -MMD -o $@ $< + @cp $(@:%.o=%.d) $(@:%.o=%.P); \ + sed -e 's/#.*//' -e 's/^[^:]*: *//' -e 's/ *\\$$//' \ + -e '/^$$/ d' -e 's/$$/ :/' < $(@:%.o=%.d) >> $(@:%.o=%.P); \ + rm -f $(@:%.o=%.d) bitcoind: $(OBJS:obj/%=obj/nogui/%) - $(CXX) $(CXXFLAGS) -o $@ $^ $(LIBS) + $(CXX) $(xCXXFLAGS) -o $@ $^ $(LDFLAGS) $(LIBS) -obj/test/test_bitcoin.o: $(wildcard test/*.cpp) $(HEADERS) - $(CXX) -c $(CFLAGS) -o $@ test/test_bitcoin.cpp +obj/test/%.o: test/%.cpp + $(CXX) -c $(xCXXFLAGS) -MMD -o $@ $< + @cp $(@:%.o=%.d) $(@:%.o=%.P); \ + sed -e 's/#.*//' -e 's/^[^:]*: *//' -e 's/ *\\$$//' \ + -e '/^$$/ d' -e 's/$$/ :/' < $(@:%.o=%.d) >> $(@:%.o=%.P); \ + rm -f $(@:%.o=%.d) test_bitcoin: obj/test/test_bitcoin.o $(filter-out obj/nogui/init.o,$(OBJS:obj/%=obj/nogui/%)) - $(CXX) $(CXXFLAGS) -o $@ $(LIBPATHS) $^ -Wl,-Bstatic -lboost_unit_test_framework $(LIBS) + $(CXX) $(xCXXFLAGS) -o $@ $(LIBPATHS) $^ -Wl,-Bstatic -lboost_unit_test_framework $(LDFLAGS) $(LIBS) clean: - -rm -f bitcoin bitcoind test_bitcoin genesis + -rm -f bitcoind test_bitcoin genesis -rm -f obj/*.o -rm -f obj/nogui/*.o -rm -f obj/test/*.o - -rm -f cryptopp/obj/*.o - -rm -f headers.h.gch + -rm -f obj/*.P + -rm -f obj/nogui/*.P + -rm -f obj/test/*.P -rm -f ppcoin/obj/*.o ppcoin/obj/genesis.o: ppcoin/genesis.cpp