On Mon, May 21, 2012 at 02:09:56AM +0200, Simon Ruderich wrote: > The second problem is that TEST_LDFLAGS is not used when > configuring (./configure lines 765-793) and therefore not passed > to the Makefile when building. Additionally TEST_LDFLAGS is > missing in two compiler commands.
This isn't a problem at all - it's not like any of the test programs are actually shipped. I'm not sure why I bothered even pass it in to be honest, I think I was just too mystified as to what your patch was all about. > I think just patching in LDFLAGS is simpler than fixing configure > and adding TEST_LDFLAGS in a few places. This is a really invasive change to upstream and is going to be fragile going forward, it's fine for drive by people like you who don't care about maintianing the package but it's not helpful to people who have some ongoing interest in the package. Since upstream already provides a way of doing this we should use it, if you have a burning desire to change the upstream build system you should as Jonathan say speak to them. > To check if all hardening flags were correctly applied you can > use hardening-check (hardening-includes package) and blhc [1] > which checks the build log for missing hardening flags. hardening-check is really not very useful for this purpose, it's absurdly verbose when run over the whole package even for a tiny little one like this and doesn't tell you what the expected output is either which makes things a little illegible. blhc doesn't seem to be packaged. There's really no meaningful way of checking this stuff with the standard Debian tools. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
