Hardening compile flags wrongly exported in the pkgconfig file

[ghisvail]

Reported by Lintian:

E: libasl-dev: pkg-config-bad-directive usr/lib/x86_64-linux-gnu/pkgconfig/ASL.pc -Wno-deprecated N: N: The pkg-config file contains a wrong directive. N:
N: The following file includes a wrong directive. This could lead to FTBFS N: or leak private compile flags to another package. N:
N: Severity: serious, Certainty: possible N:
N: Check: files, Type: binary, udeb N: E: libasl-dev: pkg-config-bad-directive usr/lib/x86_64-linux-gnu/pkgconfig/ASL.pc -O2 E: libasl-dev: pkg-config-bad-directive usr/lib/x86_64-linux-gnu/pkgconfig/ASL.pc -g E: libasl-dev: pkg-config-bad-directive usr/lib/x86_64-linux-gnu/pkgconfig/ASL.pc -D_FORTIFY_SOURCE=2

It seems that the hardening flags used by Debian are exported in the pkgconfig file due to the following line in ASL.pc.cmake.in:

Cflags: -I${includedir} @CMAKE_CXX_FLAGS@

One solution would be to store the ASL specific flags in a variable ASL_CXX_FLAGS, append it to CMAKE_CXX_FLAGS and use it for substitution in ASL.pc.cmake.in.

[ghisvail]

I came up with a working patch. Will submit a PR for this.

[AvtechScientific]

Thank you!

[AvtechScientific]

Maybe it is better not to add @CMAKE_CXX_FLAGS@ at all? Right now it boils down to "-fpermissive -std=c++11" which probably should not be forced upon consumer of the library. We probably added this by mistake since we have tested the ASL.pc file on our own examples which require the flags... But I don't think it should be included; the same way it is not included anywhere in the ASLConfig.cmake. What is your opinion?

[ghisvail]

Yes, none of these compiler flags should be exported. I'll update my patch.

[AvtechScientific]

Done