# -D_FORTIFY_SOURCE: detect some buffer overflow errors
# ***>> requires compiler optimization level 1 or above <<***
# see : https://gcc.gnu.org/legacy-ml/gcc-patches/2004-09/msg02055.html
-# The diffence between -D_FORTIFY_SOURCE=1 and -D_FORTIFY_SOURCE=2 is e.g. for
+# The difference between -D_FORTIFY_SOURCE=1 and -D_FORTIFY_SOURCE=2 is e.g. for
# struct S { struct T { char buf[5]; int x; } t; char buf[20]; } var;
# With -D_FORTIFY_SOURCE=1,
# strcpy (&var.t.buf[1], "abcdefg");
LDFLAGS="${LDFLAGS} -Wl,--nxcompat"
# https://en.wikipedia.org/wiki/Data_Execution_Prevention
# Enable DEP with -Wl,--nxcompat
+# also called NX or nxcompat for "no execute" see: https://en.wikipedia.org/wiki/NX_bit
+# $ peflags -v privoxy.exe
+# privoxy.exe: coff(0x0106[+executable_image,+line_nums_stripped,+32bit_machine]) pe(0x0140[+dynamicbase,+nxcompat])
+
LDFLAGS="${LDFLAGS} -Wl,--dynamicbase,--export-all-symbols"
# https://en.wikipedia.org/wiki/Address_space_layout_randomization
# see: http://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
# -Wall doesn't actually turn on all warnings, so add -Wextra
# but then plenty too many complaints by
-# -Wimplicit-fallthrough=3
-# too many warnings in pcre/study.c & pcre.c
# -Wmissing-field-initializers
# -Wsign-compare
# -Wtype-limits
# using const in declarations and prototypes.
# >>> Otherwise, it is just a nuisance. <<< -- this, very much this
+# why does the mingw library _not_ include .a files for libpcre?
+# *sigh* build my own pcre so I can do static linking
+# Get the 8.x PCRE library from
+# https://sourceforge.net/projects/pcre/files/pcre/
+inc="/source/pcre-8.45/"
+lib="/source/pcre-8.45/.libs"
+CPPFLAGS="${CPPFLAGS} -I${inc}"
+LDFLAGS="${LDFLAGS} -L${lib}"
+
+# mbedtls
+## https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.16.12
+## This is the last release of the 2.16 long-time support branch.
+## Users who want a long-time branch should move to mbedtls-2.28,
+## which is backward-compatible and will be supported for at least
+## 3 years.
+# Get the 2.28.x mbedtls library from https://github.com/Mbed-TLS/mbedtls/tags
+inc="/source/mbedtls-2.28.2/include"
+lib="/source/mbedtls-2.28.2/library"
+
+MITMOPT="--with-mbedtls"
+CPPFLAGS="${CPPFLAGS} -I${inc}"
+LDFLAGS="${LDFLAGS} -L${lib}"
+
+# brotli
+# Get the brotli library from https://github.com/google/brotli/releases
+inc="/source/brotli-1.0.9/c/include"
+lib="/source/brotli-1.0.9/.libs"
+BROTLIOPT="--with-brotli"
+CPPFLAGS="${CPPFLAGS} -I${inc}"
+LDFLAGS="${LDFLAGS} -L${lib}"
+
+###
echo "CFLAGS=${CFLAGS}"
echo "CPPFLAGS=${CPPFLAGS}"
echo "LDFLAGS=${LDFLAGS}"
# --target: only used to build a cross-compiling toolchain.
./configure --host=i686-w64-mingw32 --enable-mingw32 --enable-zlib \
+ --enable-extended-statistics \
+ --enable-pcre-host-patterns \
--enable-static-linking \
--enable-strptime-sanity-checks \
--disable-pthread \
- --disable-dynamic-pcre \
- --enable-extended-statistics \
- --enable-pcre-host-patterns \
+ --with-brotli \
+ --with-mbedtls \
--with-docbook=yes
# -- done --