Re: sponsor upload aghermann-0.7.0-1 please

[andrei zavada <jh@johnhommer.com>]

Hi Yaroslav,

I'm here again and I've got a new version of aghermann for the great good.  It
builds for these arches (verified by nd_build):

 aghermann_0.7.0-1~nd70+2_i386.build     OK      7:17.54 real, 218.66 user, 19.49 sys, 0 out
 aghermann_0.7.0-1~nd70+2_amd64.build    OK      7:29.61 real, 221.45 user, 25.02 sys, 0 out
 aghermann_0.7.0-1~nd+2_i386.build       OK      7:53.33 real, 244.25 user, 21.06 sys, 0 out
 aghermann_0.7.0-1~nd+2_amd64.build      OK      8:04.76 real, 247.06 user, 27.54 sys, 0 out

Recently lintian has grown clever enough to require -D_FORTIFY_SOURCE
and other nifty things as described here: http://wiki.debian.org/Hardening.
I now duly added the recommended flags to CXXFLAGS, which is not representing
an issue to write about per se except for the fact that I had to omit -fPIE
and -pie.  With these latter two, my private libsigfile.so fails to build.

However, adding the following to my debian/rules happens to be enough to
silence lintian:

 export DEB_BUILD_HARDENING=1

 CXXFLAGS=$(shell dpkg-buildflags --get CFLAGS)
 LDFLAGS=$(shell dpkg-buildflags --get LDFLAGS)
 # CXXFLAGS+=$(HARDENING_CFLAGS)
 # LDFLAGS+=$(HARDENING_LDFLAGS)
 ## hardening-wrapper doesn't seem to be available
 ## on all target arches yet, so try adding these flags manually
 export CXXFLAGS += -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -fstack-protector --param ssp-buffer-size=4
 export LDFLAGS += -z relro -z now

Here's the link to .DSC file:
http://johnhommer.com/academic/code/aghermann/source/deb/aghermann_0.7.0-1.dsc.
Hope all will build well.

Cheers,
Andrei