Menu
I'm trying to build OpenSSL with -Wa,--noexecstack, but can't find anywhere in its config command-line to provide this flag. I've tried to set CFLAGS, but it appears to ignore that and just use its own.
This is an automated build working off a clean copy of the OpenSSL source, so a one-time hack of the config script isn't really an option.
Is there a way to pass custom flags to OpenSSL's build process?
965
Download the ARM GCC toolchain through your package manager; on Ubuntu, sudo apt-get install gcc-arm-linux-gnueabihf . Download a build of the toolchain from Linaro. If you are on Linux, grab the i686 version (non-mingw32). You can find the actual binaries under the bin/ directory after expanding the archive.
LDFLAGS: Extra flags to give to compilers when they are supposed to invoke the linker, 'ld', such as -L. Libraries (-lfoo) should be added to the LDLIBS variable instead. LDLIBS: Library flags or names given to compilers when they are supposed to invoke the linker, 'ld'.
Later to the party, but this seems to be the correct way of doing this.
From the config script help:
$ ./config -h
Usage: config [options]
-d Add a debug- prefix to machine choice.
-t Test mode, do not run the Configure perl script.
-h This help.
Any other text will be passed to the Configure perl script.
See INSTALL for instructions.
So the config script forwards "unexpected" options to the Configure script. Well, lets see what the Configure script has to say about that:
$ ./Configure --help
Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]
See the [:flags] part at the end of that long line? There is also a comment inside the file:
# -<xxx> +<xxx> compiler options are passed through
It's not that obvious since it does not follow well known standards but the answer is: just append the options to the end of the config command line.
As a long time has passed since you posted the question, I must add:
186
The config script ignores CFLAGS, but not CC. So you can specify your compiler and give it the flags at the same time:
export CC="gcc -Wall -DHELLO_WORLD"; ./config
Alternatively, since config auto detects your platform and then runs Configure with preset compiler settings, you can add the compiler flags to your platform configuration. E.g., for my mac, I see this line when I first run config:
Operating system: i386-apple-darwinDarwin Kernel Version 10.8.0: Tue Jun 7 16:33:36 PDT 2011; root:xnu-1504.15.3~1/RELEASE_I386
Configuring for darwin-i386-cc
So if I open Configure, I can search for darwin-i386-cc and add the flags to the presets.
If you're not using a preset configuration, then you'd just pass the flags directly to Configure on the command line and it'll use them.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
