diff options
author | Matthew Bauer <mjbauer95@gmail.com> | 2019-08-21 14:11:08 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-21 14:11:08 -0400 |
commit | 856d10a9b8338f76d4a76e7f026d5327b5cb665d (patch) | |
tree | a03521955e6860687d7fac462302216cf523be56 /pkgs/development/libraries/libressl | |
parent | 27d0689e60f681cd161a90806120317461d5ddfb (diff) | |
parent | fdd78a53878be5421aeb76295d6f98b7994d4b04 (diff) | |
download | nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar.gz nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar.bz2 nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar.lz nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar.xz nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.tar.zst nixpkgs-856d10a9b8338f76d4a76e7f026d5327b5cb665d.zip |
Merge pull request #66454 from ruuda/libcrypto-noexecstack
libressl: build libcrypto with noexecstack
Diffstat (limited to 'pkgs/development/libraries/libressl')
-rw-r--r-- | pkgs/development/libraries/libressl/default.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libressl/default.nix b/pkgs/development/libraries/libressl/default.nix index 932cc2e329d..7fbe25addc0 100644 --- a/pkgs/development/libraries/libressl/default.nix +++ b/pkgs/development/libraries/libressl/default.nix @@ -13,7 +13,15 @@ let nativeBuildInputs = [ cmake ]; - cmakeFlags = [ "-DENABLE_NC=ON" "-DBUILD_SHARED_LIBS=ON" ]; + cmakeFlags = [ + "-DENABLE_NC=ON" + "-DBUILD_SHARED_LIBS=ON" + # Ensure that the output libraries do not require an executable stack. + # Without this define, assembly files in libcrypto do not include a + # .note.GNU-stack section, and if that section is missing from any object, + # the linker will make the stack executable. + "-DCMAKE_C_FLAGS=-DHAVE_GNU_STACK" + ]; # The autoconf build is broken as of 2.9.1, resulting in the following error: # libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'. |