enable CFI checks (no effect on older CPUs, does this on modern x86; the article is about the kernel, but the tech is similar). Ubuntu has been doing that for years.
add more stack smashing checks (and make stack non-executable)
enable more warnings on top of -Wall -Wextra (particularly warn about VLAs which we cannot use anymore because of MSVC, and about missing enum cases, which helps when adding new values to enums)
fix warnings triggered by new flags
since doing that involves adding a bunch of __attribute__((format)), use the opportunity to add __attribute__((malloc(dealloc)) so newer GCC warn us about using wrong deallocators
fix a couple of leaks found by -fanalyzer (gives lots of false positives, so it's a bit early to enable it permanently)
use current year in copyright messages
Currently tinc --version says the copyright expired 3 years ago, tincd --version has its own opinion on this.
Let's just get the year from the OS and never touch the message again.
I would have posted this separately, but only cbadb52f011cb8b5a79640ee6bd71d9a2b43f60e can be split off without causing more conflicts (of which are are enough already from previous PRs), and it's only three lines.
Bits and pieces that are somewhat related:
-Wall -Wextra(particularly warn about VLAs which we cannot use anymore because of MSVC, and about missing enumcases, which helps when adding new values to enums)__attribute__((format)), use the opportunity to add__attribute__((malloc(dealloc))so newer GCC warn us about using wrong deallocators-fanalyzer(gives lots of false positives, so it's a bit early to enable it permanently)Currently
tinc --versionsays the copyright expired 3 years ago,tincd --versionhas its own opinion on this. Let's just get the year from the OS and never touch the message again.I would have posted this separately, but only cbadb52f011cb8b5a79640ee6bd71d9a2b43f60e can be split off without causing more conflicts (of which are are enough already from previous PRs), and it's only three lines.