On Sun, Jan 29, 2012 at 02:02:31PM +0100, Moritz Muehlenhoff wrote:
> Package: perl
> Version: 5.14.2-6
> Severity: important
>
> Please enable hardened build flags through dpkg-buildflags.
While perl builds fine on amd64 with the attached patch, I'm slightly
uneasy about pushing it to unstable without wider testing.
Possibly we should do an experimental upload first to verify that it builds
on all architectures, and then do a test rebuild of (say) lib*-perl to catch
any obvious regressions. Dominic, thoughts?
--
Niko Tyni nt...@debian.org
diff --git a/debian/config.debian b/debian/config.debian
index 280b762..50918c4 100644
--- a/debian/config.debian
+++ b/debian/config.debian
@@ -8,6 +8,7 @@ SETsubver= PERL_SUBVERSION' | gcc -E -DPERL_PATCHLEVEL_H_IMPLICIT - \
fullver="$ver.$subver"
nextver="$ver."$(($subver+1))
ccflags=-DDEBIAN
+ldflags=
arch_cpu=${DEB_BUILD_ARCH_CPU:-$(dpkg-architecture -qDEB_BUILD_ARCH_CPU)}
gnu_type=${DEB_BUILD_GNU_TYPE:-$(dpkg-architecture -qDEB_BUILD_GNU_TYPE)}
optimize=-O2
@@ -80,6 +81,12 @@ case ",$DEB_BUILD_OPTIONS," in
optimize="$optimize${optimize:+ }-O0";;
esac
+if which dpkg-buildflags >/dev/null 2>&1; then
+ ccflags="$ccflags $(dpkg-buildflags --get CPPFLAGS)"
+ ccflags="$ccflags $(dpkg-buildflags --get CFLAGS)"
+ ldflags="$ldflags $(dpkg-buildflags --get LDFLAGS)"
+fi
+
# post-configure tweaks
cp debian/config.over .
@@ -88,6 +95,8 @@ eval /bin/bash Configure \
-Dusethreads \
-Duselargefiles \
-Dccflags=\'$ccflags\' \
+ -Dldflags=\'$ldflags\' \
+ -Dlddlflags=\'-shared $ldflags\' \
-Dcccdlflags=-fPIC \
-Darchname=$gnu_type \
-Dprefix=/usr \
