From: Fred Morcos <fred.morcos@open-xchange.com>
Date: Thu, 28 Sep 2023 20:16:42 +0000 (+0200)
Subject: Meson: Revert "Full RELRO" since it breaks auth backends
X-Git-Tag: rec-5.1.0-alpha1~80^2~98
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8aa9c33d533a1e9c1b0a539d0f17256711572933;p=thirdparty%2Fpdns.git

Meson: Revert "Full RELRO" since it breaks auth backends
---

diff --git a/meson/hardening/meson.build b/meson/hardening/meson.build
index 2a0bc15bad..dd4e8dd17a 100644
--- a/meson/hardening/meson.build
+++ b/meson/hardening/meson.build
@@ -1,4 +1,5 @@
 opt_hardening = get_option('hardening')
+
 if opt_hardening.enabled() or opt_hardening.auto()
   hardening_features = []
 
@@ -24,26 +25,7 @@ if opt_hardening.enabled() or opt_hardening.auto()
       if opt_hardening.auto()
         warning(name + ' is disabled or not supported')
       else
-        error('Failing because ' + name + ' is not supported but hardening was requested')
-      endif
-    endif
-  endforeach
-endif
-
-opt_full_hardening = get_option('hardening-full')
-if opt_full_hardening.enabled() or opt_full_hardening.auto()
-  full_hardening_features = []
-  subdir('relro-full')          # Full RELRO
-
-  foreach feature: full_hardening_features
-    available = feature[0]
-    name = feature[1]
-
-    if not available
-      if opt_full_hardening.auto()
-        warning(name + ' is disabled or not supported')
-      else
-        error('Failing because ' + name + ' is not supported but full hardening was requested')
+        error('Failing because ' + name + ' is not supported but hardening was explicitly requested')
       endif
     endif
   endforeach
diff --git a/meson/hardening/relro-full/meson.build b/meson/hardening/relro-full/meson.build
deleted file mode 100644
index 77738772c5..0000000000
--- a/meson/hardening/relro-full/meson.build
+++ /dev/null
@@ -1,16 +0,0 @@
-have_full_relro = true
-full_variants = [
-  '-Wl,-z,defs',
-  '-Wl,-z,ibt,-z,shstk',
-]
-
-foreach variant: full_variants
-  if cxx.has_link_argument(variant)
-    full_hardening_features += [[true, 'Full RELRO (' + variant + ')']]
-    add_project_link_arguments(variant, language: ['c', 'cpp'])
-  else
-    have_full_relro = false
-  endif
-endforeach
-
-summary('Full RELRO', have_full_relro, bool_yn: true, section: 'Hardening')
diff --git a/meson_options.txt b/meson_options.txt
index 02cc9778da..aa766dd7b6 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -1,6 +1,5 @@
 option('lua', type: 'combo', choices: ['auto', 'luajit', 'lua'], value: 'auto', description: 'Lua implementation to use')
 option('hardening', type: 'feature', value: 'auto', description: 'Compiler security checks')
-option('hardening-full', type: 'feature', value: 'auto', description: 'Compiler security checks with a performance penalty')
 option('fortify-source', type: 'combo', choices: ['auto', 'disabled', '1', '2', '3'], value: '2', description: 'Source fortification level')
 option('rng-kiss', type: 'boolean', value: false, description: 'Use the unsafe KISS RNG')
 option('signers-libsodium', type: 'feature', value: 'auto', description: 'Enable libsodium-based signers')