The curl configure script contains sanity checks for unexpected
options being passed via CFLAGS, LDFLAGS, etc. environment variables.
These sanity checks catch -Dxxx options in CFLAGS, which clashes with
OE's approach of using CFLAGS to pass -D_FORTIFY_SOURCE (curl's
configure script suggests, quite correctly, that -Dxxx options should
be passed via CPPFLAGS instead).
These sanity checks previously generated fatal errors, but have been
downgraded to warnings since curl v7.32. Therefore the workaround of
avoiding -D_FORTIFY_SOURCE for curl is obsolete and can be removed.
https://github.com/bagder/curl/commit/
5d3cbde72ece7d83c280492957a26e26ab4e5cca
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
SECURITY_CFLAGS_pn-beecrypt = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-blktrace = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-coreutils = "${SECURITY_NO_PIE_CFLAGS}"
-# Curl seems to check for FORTIFY_SOURCE in CFLAGS, but even assigned
-# to CPPFLAGS it gets picked into CFLAGS in bitbake.
-#TARGET_CPPFLAGS_pn-curl += "-D_FORTIFY_SOURCE=2"
SECURITY_CFLAGS_pn-cups = "${SECURITY_NO_PIE_CFLAGS}"
-SECURITY_CFLAGS_pn-curl = "-fstack-protector-all -pie -fpie"
SECURITY_CFLAGS_pn-db = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-directfb = "${SECURITY_NO_PIE_CFLAGS}"
SECURITY_CFLAGS_pn-glibc = ""
projects / thirdparty / openembedded / openembedded-core-contrib.git / commitdiff
