From: Benjamin Barenblat <bbaren@mit.edu>
Subject: Remove build flags which impede hardening
Forwarded: no

Vanilla urweb builds with -Wno-format-security and -U_FORTIFY_SOURCE.
Apparently, upstream added the former to cope with difficulties building on
OS X [1] and the latter to improve performance [2].

[1] http://hg.impredicative.com/urweb/rev/3d0cc841cafd
[2] http://hg.impredicative.com/urweb/rev/126d24ef6678
--- a/src/c/Makefile.am
+++ b/src/c/Makefile.am
@@ -7,7 +7,7 @@ liburweb_fastcgi_la_SOURCES = fastcgi.c
 liburweb_static_la_SOURCES = static.c
 
 AM_CPPFLAGS = -I$(srcdir)/../../include/urweb $(OPENSSL_INCLUDES) $(ICU_INCLUDES)
-AM_CFLAGS = -Wall -Wunused-parameter -Werror -Wno-format-security -Wno-deprecated-declarations -U_FORTIFY_SOURCE $(PTHREAD_CFLAGS)
+AM_CFLAGS = -Wall -Wunused-parameter -Werror -Wno-deprecated-declarations $(PTHREAD_CFLAGS)
 liburweb_la_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) \
 	-export-symbols-regex '^(client_pruner|pthread_create_big|strcmp_nullsafe|uw_.*)' \
 	-version-info 1:0:0