Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22596)
no-ts,
enable-weak-ssl-ciphers,
enable-zlib,
+ enable-pie,
]
runs-on: ubuntu-latest
steps:
*Damian Hobson-Garcia*
+ * Added support to build Position Independent Executables (PIE). Configuration
+ option `enable-pie` configures the cflag '-fPIE' and ldflag '-pie' to
+ support Address Space Layout Randomization (ASLR) in the openssl executable,
+ removes reliance on external toolchain configurations.
+
+ *Craig Lorentzen*
+
OpenSSL 3.3
-----------
AR => "ar",
ARFLAGS => "qc",
CC => "cc",
+ bin_cflags =>
+ sub {
+ my @flags = ();
+ if (!defined($disabled{pie})) {
+ push(@flags, "-fPIE");
+ }
+ return join(" ", @flags);
+ },
+ bin_lflags =>
+ sub {
+ my @flags = ();
+ if (!defined($disabled{pie})) {
+ push(@flags, "-pie");
+ }
+ return join(" ", @flags);
+ },
lflags =>
sub {
my @libs = ();
"ocsp",
"padlockeng",
"pic",
+ "pie",
"pinshared",
"poly1305",
"posix-io",
"external-tests" => "default",
"fuzz-afl" => "default",
"fuzz-libfuzzer" => "default",
+ "pie" => "default",
"ktls" => "default",
"md2" => "default",
"msan" => "default",
{
delete $disabled{"brotli"};
}
+ elsif ($1 eq "pie")
+ {
+ delete $disabled{"pie"};
+ }
elsif ($1 eq "zstd-dynamic")
{
delete $disabled{"zstd"};
Don't build with support for Position Independent Code.
+### enable-pie
+
+Build with support for Position Independent Execution.
+
### no-pinshared
Don't pin the shared libraries.