Fixup for osx hardening options.

wesnoth · Jun 15, 2018 · 5f4dac2 · 5f4dac2
1 parent 7d180c9
commit 5f4dac2
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -233,7 +233,11 @@ endif(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
 if(HARDEN)
 	set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -fstack-protector-strong")
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE -fstack-protector-strong")
-	set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,now,-z,relro")
+	if(NOT APPLE)
+		set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,now,-z,relro")
+	else(NOT APPLE)
+		set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -Wl,-pie")
+	endif(NOT APPLE)
 	add_definitions(-D_FORTIFY_SOURCE=2)
 endif(HARDEN)
 

diff --git a/SConstruct b/SConstruct
@@ -483,15 +483,20 @@ for env in [test_env, client_env, env]:
 
 # #
 # Add options to provide more hardened executables
+# osx doesn't seem to support RELRO
 # #
 
         if env['harden']:
             env.AppendUnique(CCFLAGS = ["-fPIE", "-fstack-protector-strong"])
-            env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,now,-z,relro"])
             env.AppendUnique(CPPDEFINES = ["_FORTIFY_SOURCE=2"])
 
             if env["enable_lto"] == True:
                 env.AppendUnique(LINKFLAGS = ["-fstack-protector-strong"])
+
+            if env["PLATFORM"] == 'darwin':
+                env.AppendUnique(LINKFLAGS = ["-fPIE", "-Wl,-pie"])
+            else:
+                env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,relro,-z,now"])
 
 # #
 # Start determining options for debug build