/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2019-07-14 22:39:15 UTC
  • Revision ID: teddy@recompile.se-20190714223915-aqjkms3t3taa6tye
Only use sanitizing options when debugging

The C compiler's sanitizing options introduce code in the output
binary which is fragile and not very security conscious.  It has
become clear that sanitizing is only really meant for use while
debugging.

As a side effect, this makes compilation faster, as the Makefile, for
production builds, no longer runs the compiler repeatedly to find all
its currently supported sanitizing options.

* Makefile (DEBUG): Add "$(SANITIZE)".
  (SANITIZE): Comment out.
  (CFLAGS): Remove "$(SANITIZE)".
  (plugins.d/mandos-client): Revert back to use plain $(LINK.c), since
                             we no longer need to remove the leak
                             sanitizer by overriding CFLAGS.

Show diffs side-by-side

added added

removed removed

Lines of Context:
Makefile
10
10
        -Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
11
        -Wredundant-decls -Wnested-externs -Winline -Wvla \
12
12
        -Wvolatile-register-var -Woverlength-strings
13
 
#DEBUG:=-ggdb3 -fsanitize=address 
14
 
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
15
 
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
16
 
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
 
13
 
 
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
 
15
## Check which sanitizing options can be used
 
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
 
17
#       echo 'int main(){}' | $(CC) --language=c $(option) \
 
18
#       /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
17
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
18
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
19
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
24
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
25
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
26
28
        -fsanitize=enum
27
 
# Check which sanitizing options can be used
28
 
SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
29
 
        echo 'int main(){}' | $(CC) --language=c $(option) /dev/stdin \
30
 
        -o /dev/null >/dev/null 2>&1 && echo $(option)))
 
29
 
 
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
 
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
 
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
31
33
LINK_FORTIFY_LD:=-z relro -z now
32
34
LINK_FORTIFY:=
33
35
 
40
42
OPTIMIZE:=-Os -fno-strict-aliasing
41
43
LANGUAGE:=-std=gnu11
42
44
htmldir:=man
43
 
version:=1.7.18
 
45
version:=1.8.4
44
46
SED:=sed
45
47
 
46
48
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
88
90
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
89
91
 
90
92
# Do not change these two
91
 
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(SANITIZE) $(COVERAGE) \
92
 
        $(OPTIMIZE) $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) \
93
 
        $(GPGME_CFLAGS) -DVERSION='"$(version)"'
 
93
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
 
94
        $(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
94
95
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
95
96
 
96
97
# Commands to format a DocBook <refentry> document into a manual page
253
254
                --expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
254
255
                $@)
255
256
 
256
 
# Need to add the GnuTLS, Avahi and GPGME libraries, and can't use
257
 
# -fsanitize=leak because GnuTLS and GPGME both leak memory.
 
257
# Need to add the GnuTLS, Avahi and GPGME libraries
258
258
plugins.d/mandos-client: plugins.d/mandos-client.c
259
 
        $(CC) $(filter-out -fsanitize=leak,$(CFLAGS)) $(strip\
260
 
                ) $(CPPFLAGS) $(LDFLAGS) $(TARGET_ARCH) $^ $(strip\
261
 
                ) -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
262
 
                ) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
 
259
        $(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
 
260
                ) $(GPGME_CFLAGS) -lrt $(GNUTLS_LIBS) $(strip\
 
261
                ) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
 
262
                ) $(LDLIBS) -o $@
263
263
 
264
264
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
265
265
        $(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
284
284
        ./mandos-ctl --check
285
285
 
286
286
# Run the client with a local config and key
287
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
 
287
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
288
288
        @echo "###################################################################"
289
289
        @echo "# The following error messages are harmless and can be safely     #"
290
290
        @echo "# ignored:                                                        #"
303
303
        ./plugin-runner --plugin-dir=plugins.d \
304
304
                --plugin-helper-dir=plugin-helpers \
305
305
                --config-file=plugin-runner.conf \
306
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
 
306
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
307
307
                --env-for=mandos-client:GNOME_KEYRING_CONTROL= \
308
308
                $(CLIENTARGS)
309
309
 
310
310
# Used by run-client
311
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
 
311
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
312
312
        install --directory keydir
313
313
        ./mandos-keygen --dir keydir --force
314
314
 
321
321
confdir/mandos.conf: mandos.conf
322
322
        install --directory confdir
323
323
        install --mode=u=rw,go=r $^ $@
324
 
confdir/clients.conf: clients.conf keydir/seckey.txt
 
324
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
325
325
        install --directory confdir
326
326
        install --mode=u=rw $< $@
327
327
# Add a client password
396
396
                "$(CONFDIR)/network-hooks.d"
397
397
        install --mode=u=rwx,go=rx \
398
398
                --target-directory=$(LIBDIR)/mandos plugin-runner
 
399
        install --mode=u=rwx,go=rx \
 
400
                --target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock
399
401
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
400
402
                mandos-keygen
401
403
        install --mode=u=rwx,go=rx \
421
423
                plugin-helpers/mandos-client-iprouteadddel
422
424
        install initramfs-tools-hook \
423
425
                $(INITRAMFSTOOLS)/hooks/mandos
424
 
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
425
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
 
426
        install --mode=u=rw,go=r initramfs-tools-conf \
 
427
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
 
428
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
 
429
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
426
430
        install initramfs-tools-script \
427
431
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
 
432
        install initramfs-tools-script-stop \
 
433
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
428
434
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
429
435
        gzip --best --to-stdout mandos-keygen.8 \
430
436
                > $(MANDIR)/man8/mandos-keygen.8.gz
504
510
        -rmdir $(CONFDIR)
505
511
 
506
512
purge-client: uninstall-client
507
 
        -shred --remove $(KEYDIR)/seckey.txt
 
513
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
508
514
        -rm --force $(CONFDIR)/plugin-runner.conf \
509
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
 
515
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
 
516
                $(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
510
517
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)