From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 29 May 2019 20:08:33 +0000 (-0400)
Subject: Check whether gcc-hardening is runnable, and log an error if not
X-Git-Tag: tor-0.4.2.1-alpha~176^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=66eae4afffb35afe891ec14a3389a484ecb7b373;p=thirdparty%2Ftor.git

Check whether gcc-hardening is runnable, and log an error if not

Closes ticket 27530.
---

diff --git a/changes/ticket27530 b/changes/ticket27530
new file mode 100644
index 0000000000..8ae4f52668
--- /dev/null
+++ b/changes/ticket27530
@@ -0,0 +1,4 @@
+  o Minor features (compilation):
+    - Log a more useful error message when we are compiling and one of the
+      compile-time hardening options we have selected can be linked but
+      not executed. Closes ticket 27530.
diff --git a/configure.ac b/configure.ac
index e7f959f17a..1ecf82c662 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1188,6 +1188,17 @@ m4_ifdef([AS_VAR_IF],[
        TOR_CHECK_LDFLAGS(-pie, "$all_ldflags_for_check", "$all_libs_for_check")
     fi
     TOR_TRY_COMPILE_WITH_CFLAGS(-fwrapv, also_link, CFLAGS_FWRAPV="-fwrapv", true)
+
+   AC_MSG_CHECKING([whether we can run hardened binaries])
+   AC_RUN_IFELSE([AC_LANG_PROGRAM([], [return 0;])],
+        [AC_MSG_RESULT([yes])],
+        [AC_MSG_RESULT([no])
+         AC_MSG_ERROR([dnl
+ We can link with compiler hardening options, but we can't run with them.
+ That's a bad sign! If you must, you can pass --disable-gcc-hardening to
+ configure, but it would be better to figure out what the underlying problem
+ is.])],
+        [AC_MSG_RESULT([cross])])
 fi
 
 if test "$fragile_hardening" = "yes"; then