alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

postfix28 and postfix211: hardening with Canary, PIE, Full RELRO and FORTIFY_SOURCE

Browse source
This commit is contained in:
Andrey Arapov 2015-04-05 19:26:13 +02:00
parent 8300898f98
commit 0449962869
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pkgs/servers/mail/postfix/2.11.nix
View file

@ -33,8 +33,9 @@ stdenv.mkDerivation rec {
export sendmail_path=$out/bin/sendmail export sendmail_path=$out/bin/sendmail
make makefiles \ make makefiles \
CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${cyrus_sasl}/include/sasl' \ CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${cyrus_sasl}/include/sasl \
AUXLIBS='-ldb -lnsl -lresolv -lsasl2 -lcrypto -lssl' -fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2' \
AUXLIBS='-ldb -lnsl -lresolv -lsasl2 -lcrypto -lssl -pie -Wl,-z,relro,-z,now'
''; '';
installTargets = [ "non-interactive-package" ]; installTargets = [ "non-interactive-package" ];

2
pkgs/servers/mail/postfix/default.nix
View file

@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
export sample_directory=$out/share/postfix/doc/samples export sample_directory=$out/share/postfix/doc/samples
export readme_directory=$out/share/postfix/doc export readme_directory=$out/share/postfix/doc
make makefiles CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${cyrus_sasl}/include/sasl' AUXLIBS='-lssl -lcrypto -lsasl2 -ldb -lnsl' make makefiles CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${cyrus_sasl}/include/sasl -fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2' AUXLIBS='-lssl -lcrypto -lsasl2 -ldb -lnsl -pie -Wl,-z,relro,-z,now'
''; '';
installPhase = '' installPhase = ''