X-Git-Url: https://git.novaco.in/?a=blobdiff_plain;f=src%2Fmakefile.unix;h=88ca8895f1cdc09c52f72cdb8be7db6811ea1abd;hb=565c4771b6eba0eeb82f8602735100bbcf4b053e;hp=82d2a9f5c1da80d9bdcfb9d5bc952cb737df120b;hpb=ee1f884229736da6f5443157ccba97f4e8f50f82;p=novacoin.git diff --git a/src/makefile.unix b/src/makefile.unix index 82d2a9f..88ca889 100644 --- a/src/makefile.unix +++ b/src/makefile.unix @@ -4,11 +4,9 @@ CXX=g++ -WXINCLUDEPATHS=$(shell wx-config --cxxflags) +USE_UPNP:=0 -WXLIBS=$(shell wx-config --libs) - -DEFS=-DNOPCH -DFOURWAYSSE2 -DUSE_SSL +DEFS=-DNOPCH -DUSE_SSL # for boost 1.37, add -mt to the boost libraries LIBS= \ @@ -21,17 +19,10 @@ LIBS= \ -l ssl \ -l crypto -bitcoin: USE_UPNP:=1 - ifdef USE_UPNP - LIBS += -l miniupnpc - DEFS += -DUSE_UPNP=$(USE_UPNP) - endif - -bitcoind: USE_UPNP:=0 - ifdef USE_UPNP - LIBS += -l miniupnpc - DEFS += -DUSE_UPNP=$(USE_UPNP) - endif +ifdef USE_UPNP + LIBS += -l miniupnpc + DEFS += -DUSE_UPNP=$(USE_UPNP) +endif LIBS+= \ -Wl,-Bdynamic \ @@ -41,37 +32,76 @@ LIBS+= \ -l pthread -DEBUGFLAGS=-g -D__WXDEBUG__ -CXXFLAGS=-O2 -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) -HEADERS=headers.h strlcpy.h serialize.h uint256.h util.h key.h bignum.h base58.h \ - script.h db.h net.h irc.h keystore.h main.h wallet.h rpc.h uibase.h ui.h noui.h init.h +# Hardening +# Make some classes of vulnerabilities unexploitable in case one is discovered. +# + # Stack Canaries + # Put numbers at the beginning of each stack frame and check that they are the same. + # If a stack buffer if overflowed, it writes over the canary number and then on return + # when that number is checked, it won't be the same and the program will exit with + # a "Stack smashing detected" error instead of being exploited. + HARDENING=-fstack-protector-all -Wstack-protector + + # Make some important things such as the global offset table read only as soon as + # the dynamic linker is finished building it. This will prevent overwriting of addresses + # which would later be jumped to. + HARDENING+=-Wl,-z,relro -Wl,-z,now + + # Build position independent code to take advantage of Address Space Layout Randomization + # offered by some kernels. + # see doc/build-unix.txt for more information. + ifdef PIE + HARDENING+=-fPIE -pie + endif + + # -D_FORTIFY_SOURCE=2 does some checking for potentially exploitable code patterns in + # the source such overflowing a statically defined buffer. + HARDENING+=-D_FORTIFY_SOURCE=2 +# + + +DEBUGFLAGS=-g +CXXFLAGS=-O2 -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) $(HARDENING) +HEADERS = \ + base58.h \ + bignum.h \ + crypter.h \ + db.h \ + headers.h \ + init.h \ + irc.h \ + key.h \ + keystore.h \ + main.h \ + net.h \ + noui.h \ + protocol.h \ + bitcoinrpc.h \ + script.h \ + serialize.h \ + strlcpy.h \ + uint256.h \ + util.h \ + wallet.h OBJS= \ - obj/util.o \ - obj/script.o \ + obj/crypter.o \ obj/db.o \ - obj/net.o \ + obj/init.o \ obj/irc.o \ obj/keystore.o \ obj/main.o \ + obj/net.o \ + obj/protocol.o \ + obj/bitcoinrpc.o \ + obj/script.o \ + obj/util.o \ obj/wallet.o \ - obj/rpc.o \ - obj/init.o \ cryptopp/obj/sha.o \ cryptopp/obj/cpu.o -all: bitcoin - - -obj/%.o: %.cpp $(HEADERS) - $(CXX) -c $(CXXFLAGS) $(WXINCLUDEPATHS) -DGUI -o $@ $< - -cryptopp/obj/%.o: cryptopp/%.cpp - $(CXX) -c $(CXXFLAGS) -O3 -o $@ $< - -bitcoin: $(OBJS) obj/ui.o obj/uibase.o - $(CXX) $(CXXFLAGS) -o $@ $^ $(WXLIBS) $(LIBS) +all: bitcoind obj/nogui/%.o: %.cpp $(HEADERS) @@ -80,14 +110,14 @@ obj/nogui/%.o: %.cpp $(HEADERS) bitcoind: $(OBJS:obj/%=obj/nogui/%) $(CXX) $(CXXFLAGS) -o $@ $^ $(LIBS) -obj/test/%.o: test/%.cpp $(HEADERS) - $(CXX) -c $(CFLAGS) -o $@ $< +obj/test/test_bitcoin.o: $(wildcard test/*.cpp) $(HEADERS) + $(CXX) -c $(CFLAGS) -o $@ test/test_bitcoin.cpp -test_bitcoin: obj/test/test_bitcoin.o - $(CXX) $(CFLAGS) -o $@ $(LIBPATHS) $^ $(LIBS) -lboost_unit_test_framework +test_bitcoin: obj/test/test_bitcoin.o $(filter-out obj/nogui/init.o,$(OBJS:obj/%=obj/nogui/%)) + $(CXX) $(CXXFLAGS) -o $@ $(LIBPATHS) $^ -Wl,-Bstatic -lboost_unit_test_framework $(LIBS) clean: - -rm -f bitcoin bitcoind test_bitcoin + -rm -f bitcoind test_bitcoin -rm -f obj/*.o -rm -f obj/nogui/*.o -rm -f obj/test/*.o