From owner-svn-ports-head@FreeBSD.ORG  Sun Nov  2 20:01:32 2014
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id E3D01D1;
 Sun,  2 Nov 2014 20:01:32 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id B5669CB6;
 Sun,  2 Nov 2014 20:01:32 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sA2K1WQL006002;
 Sun, 2 Nov 2014 20:01:32 GMT (envelope-from bdrewery@FreeBSD.org)
Received: (from bdrewery@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id sA2K1W7R005999;
 Sun, 2 Nov 2014 20:01:32 GMT (envelope-from bdrewery@FreeBSD.org)
Message-Id: <201411022001.sA2K1W7R005999@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: bdrewery set sender to
 bdrewery@FreeBSD.org using -f
From: Bryan Drewery <bdrewery@FreeBSD.org>
Date: Sun, 2 Nov 2014 20:01:32 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r372086 - in head: . Mk
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Nov 2014 20:01:33 -0000

Author: bdrewery
Date: Sun Nov  2 20:01:31 2014
New Revision: 372086
URL: https://svnweb.freebsd.org/changeset/ports/372086
QAT: https://qat.redports.org/buildarchive/r372086/

Log:
  - Enable SSP by default.
  
    This is the culmination of years of work and testing including work by jlh@.
  
    This will enable SSP by default for all amd64 releases, and i386 releases
    10.0 and over.
  
  With hat:	portmgr
  Tested by:	multiple exp-runs, CFT package repository, CFT ports
  Discussed with:	bapt, antoine

Modified:
  head/CHANGES
  head/Mk/bsd.port.mk
  head/Mk/bsd.ssp.mk

Modified: head/CHANGES
==============================================================================
--- head/CHANGES	Sun Nov  2 19:41:43 2014	(r372085)
+++ head/CHANGES	Sun Nov  2 20:01:31 2014	(r372086)
@@ -10,6 +10,14 @@ in the release notes and/or placed into 
 
 All ports committers are allowed to commit to this file.
 
+20141102:
+AUTHOR: bdrewery@FreeBSD.org
+
+  SSP is now default. This can be disabled with WITHOUT_SSP.
+  SSP_CFLAGS defaults to -fstack-protector.
+  SSP will be used on all amd64 releases. It will only be used on i386
+  releases over 10.0.
+
 20141007:
 AUTHOR: mat@FreeBSD.org
 

Modified: head/Mk/bsd.port.mk
==============================================================================
--- head/Mk/bsd.port.mk	Sun Nov  2 19:41:43 2014	(r372085)
+++ head/Mk/bsd.port.mk	Sun Nov  2 20:01:31 2014	(r372086)
@@ -317,8 +317,9 @@ FreeBSD_MAINTAINER=	portmgr@FreeBSD.org
 #
 # WITH_DEBUG_PORTS		- A list of origins for which WITH_DEBUG will be set
 #
-# WITH_SSP_PORTS
-# 				- If set, SSP_FLAGS (defaults to -fstack-protector)
+# WITHOUT_SSP	- Disable SSP.
+#
+# SSP_CFLAGS	- Defaults to -fstack-protector. This value
 #				  is added to CFLAGS and the necessary flags
 #				  are added to LDFLAGS. Note that SSP_UNSAFE
 #				  can be used in Makefiles by port maintainers
@@ -1636,7 +1637,7 @@ INSTALL_TARGET:=	${INSTALL_TARGET:S/^ins
 .endif
 .endif
 
-.if defined(WITH_SSP) || defined(WITH_SSP_PORTS)
+.if !defined(WITHOUT_SSP)
 .include "${PORTSDIR}/Mk/bsd.ssp.mk"
 .endif
 

Modified: head/Mk/bsd.ssp.mk
==============================================================================
--- head/Mk/bsd.ssp.mk	Sun Nov  2 19:41:43 2014	(r372085)
+++ head/Mk/bsd.ssp.mk	Sun Nov  2 20:01:31 2014	(r372086)
@@ -16,7 +16,7 @@ SSP_UNSAFE=		yes
 SSP_NEED_NONSHARED=	yes
 .endif
 
-.if !defined(WITHOUT_SSP) && !defined(SSP_UNSAFE) && \
+.if !defined(SSP_UNSAFE) && \
     (${ARCH} == i386 || ${ARCH} == amd64)
 # Overridable as a user may want to use -fstack-protector-all
 SSP_CFLAGS?=	-fstack-protector