#! /usr/bin/perl
use strict;
use warnings;

my @args = ();
my $debug = 0;

if (defined($ENV{'DEB_BUILD_HARDENING'}) && $ENV{'DEB_BUILD_HARDENING'}!='0') {
    # Set up defaults, based on OS and CPU
    my %default;
    $default{'DEB_BUILD_HARDENING_DEBUG'}=0;

    # #OS# #CPU#
    $default{'DEB_BUILD_HARDENING_RELRO'}=1;

    $debug =         defined($ENV{'DEB_BUILD_HARDENING_DEBUG'}) ?
                            $ENV{'DEB_BUILD_HARDENING_DEBUG'} :
                            $default{'DEB_BUILD_HARDENING_DEBUG'};

    # Enable RELRO by default
    my $force_relro = defined($ENV{'DEB_BUILD_HARDENING_RELRO'}) ?
                        $ENV{'DEB_BUILD_HARDENING_RELRO'} :
                        $default{'DEB_BUILD_HARDENING_RELRO'};

    my $index = 0;
    foreach my $arg (@ARGV) {
        if ($arg eq "relro" && $index>0 && $ARGV[$index-1] eq "-z") {
            $force_relro = 0;
        }
        $index++;
    }

    if ($force_relro) {
        push(@args,'-z','relro');
    }

}

my $self = "hardened-ld";
my $link = "";
my $tool = $0;
if ($tool =~ /$self$/ || defined($ENV{'HARDENING_USE_USR_BIN'})) {
    $tool = "/usr/bin/ld";
}
while (-l $tool && ($link = readlink($tool)) !~ /$self$/) {
    $tool = $link;
}
if (-x "$tool.real") {
    $tool = "$tool.real";
}
my @target = ($tool, @args, @ARGV);

print STDERR join(" ",@target),"\n" if ($debug);

exec @target or die "Unable to exec $target[0]: $!\n";
