From 708c6094c55e4e3cc186a42e04cb8dd1d6efecf8 Mon Sep 17 00:00:00 2001
From: Michael Raskin <7c6f434c@mail.ru>
Date: Fri, 4 Mar 2016 16:57:47 +0100
Subject: nginx, nginxUnstable: hardening: only use when the compiler is gcc

---
 pkgs/servers/http/nginx/default.nix  | 2 +-
 pkgs/servers/http/nginx/unstable.nix | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/servers/http/nginx/default.nix b/pkgs/servers/http/nginx/default.nix
index cc95c60c7c24..178c0fcbd9e4 100644
--- a/pkgs/servers/http/nginx/default.nix
+++ b/pkgs/servers/http/nginx/default.nix
@@ -55,7 +55,7 @@ stdenv.mkDerivation rec {
   NIX_CFLAGS_COMPILE = [ "-I${libxml2}/include/libxml2" ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations -Wno-error=conditional-uninitialized";
 
   preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules)
-    + optionalString hardening ''
+    + optionalString (hardening && (stdenv.cc.cc.isGNU or false)) ''
       configureFlagsArray=(
         --with-cc-opt="-fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2"
         --with-ld-opt="-pie -Wl,-z,relro,-z,now"
diff --git a/pkgs/servers/http/nginx/unstable.nix b/pkgs/servers/http/nginx/unstable.nix
index 4ac1b0b268c1..e85fb96d2edb 100644
--- a/pkgs/servers/http/nginx/unstable.nix
+++ b/pkgs/servers/http/nginx/unstable.nix
@@ -53,7 +53,7 @@ stdenv.mkDerivation rec {
   NIX_CFLAGS_COMPILE = [ "-I${libxml2}/include/libxml2" ] ++ optional stdenv.isDarwin "-Wno-error=deprecated-declarations";
 
   preConfigure = (concatMapStringsSep "\n" (mod: mod.preConfigure or "") modules)
-    + optionalString hardening ''
+    + optionalString (hardening && (stdenv.cc.cc.isGNU or false)) ''
       configureFlagsArray=(
         --with-cc-opt="-fPIE -fstack-protector-all --param ssp-buffer-size=4 -O2 -D_FORTIFY_SOURCE=2"
         --with-ld-opt="-pie -Wl,-z,relro,-z,now"
-- 
cgit 1.4.1