Bug#932213: blhc: Avoid triggering warnings for CC_FOR_BUILD compilations

Tue, 16 Jul 2019 09:54:37 -0700 

Package: blhc
Version: 0.09-1
Severity: wishlist
Control: -1 affects + src:libgpg-error src:libassuan

libgpg-error and libassuan both use $(CC_FOR_BUILD) to compile helper
tools during build, like header generators.

Those helper programs are never redistributed, and probably do not
need all the hardening options.

Nonetheless, blhc reports them as dpkg-buildflags-missing.  see, for
example:

    https://qa.debian.org/bls/packages/l/libgpg-error.html

which warns about two helpers, :

CFLAGS missing (-fstack-protector-strong -Wformat -Werror=format-security): gcc 
-g -O0 -I. -I../../src -o mkheader ../../src/mkheader.c
LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -g -O0 -I. -I../../src -o 
mkheader ../../src/mkheader.c
CFLAGS missing (-g -fstack-protector-strong -Wformat -Werror=format-security): 
gcc -I. -I../../src -o mkerrcodes ../../src/mkerrcodes.c
LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -I. -I../../src -o mkerrcodes 
../../src/mkerrcodes.c

We don't want to simply add all the standard buildflags to those
invocations, because if we do, we'll break the ability to
cross-compile these packages because their helper tools will likely
break.

It's possible to change the source packages by stuffing some complex
build-arch-specific buildflags down into these invocations, using
something like:


CFLAGS_FOR_BUILD=$(shell dpkg-architecture -f -a$DEB_BUILD_ARCH -c 
dpkg-buildflags --get CFLAGS)
LDFLAGS_FOR_BUILD=$(shell dpkg-architecture -f -a$DEB_BUILD_ARCH -c 
dpkg-buildflags --get CFLAGS)

And then ensuring that CFLAGS_FOR_BUILD gets passed through in the
upstream Makefile.

But this is all pretty complicated and i'm not convinced that it is
worthwhile.  It might make more sense for blhc to be able to detect
and skip these local helper tools.

    --dkg

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), 
(200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages blhc depends on:
ii  libdpkg-perl  1.19.7

blhc recommends no packages.

blhc suggests no packages.

-- no debconf information

Reply via email to