Hi David, On Fri, Sep 16, 2011 at 2:54 AM, David Coppa <dco...@gmail.com> wrote: > On Thu, Sep 15, 2011 at 8:23 PM, Jeffrey Walton <noloa...@gmail.com> wrote: >> Hi All, >> >> Is anyone working on a Crypto++ port? http://www.cryptopp.com/. > > ports/devel/cryptopp :-) :-) Doh....
Probably off topic: I did not see Crypto++ in packages (http://mirror.ece.vt.edu/pub/OpenBSD/4.9/packages/i386/). When does a program or library move from ports and packages (http://www.openbsd.org/faq/faq15.html#PkgVsPorts)? If interested, attached is a patch I use to add linker hardening. I apply it against Crypto++'s source tree (which should not be too different from OpenBSD's copy). -z relro and -z,now mitigate GOT and PLT attacks, while PIE adds ASLR (I'm not clear if its a stock setting for OpenBSD). The patch also adds the shared object and the archive as a target of 'make all', handles a missing archive gracefully on 'make install', adds a 'make remove', and adds the shared object to 'make clean'. I believe the linker switches are consistent with the Security Recommendations outlined at http://www.openbsd.org/porting.html. If the project is interested, its a public domain patch. Jeff
cryptopp.patch
Description: Binary data
