From 12a73062d84fec27536b09fd275ea248d14b93e5 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Jun 11 2013 14:32:25 +0000
Subject: rpm: Use hardened flags for RPM build


https://fedorahosted.org/sssd/ticket/1797

This patch adds the _hardened_build macro on platforms where it is
defined by the RPM. The macro amounts to compiling with cc
--spec=/usr/lib/rpm/redhat/redhat-hardened-cc1 and then linking with ld
--spec=/usr/lib/rpm/redhat/redhat-hardened-ld.

On Fedora 19, the gcc spec files contain -z now and fPIC or fPIE.

---

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 6583216..c48a5de 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -41,6 +41,10 @@
 # Determine the location of the LDB modules directory
 %global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
 
+%if (0%{?fedora} > 15 || 0%{?rhel} >= 7)
+%define _hardened_build 1
+%endif
+
 Name: @PACKAGE_NAME@
 Version: @PACKAGE_VERSION@
 Release: 0@PRERELEASE_VERSION@%{?dist}