Limit some of the hardening tests to compilers that define __GNUC__.

This should avoid false positives on other compilers.

configure

@@ -31317,7 +31317,7 @@ then :
 fi
 
 
-if test -n "$GCC" -a "$lt_cv_prog_gnu_ld" != "yes" -a -n "$GCC"; then
+if test -n "$GCC" -a "$lt_cv_prog_gnu_ld" != "yes"; then
     { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -static-libgcc" >&5
 printf %s "checking whether C compiler accepts -static-libgcc... " >&6; }
 if test ${ax_cv_check_cflags___static_libgcc+y}
@@ -32930,7 +32930,7 @@ printf "%s\n" "$sudo_cv_use_fortify_source" >&6; }
 	    CPPFLAGS="$O_CPPFLAGS"
 	fi
 
-				if test "$enable_ssp" != "no"; then
+				if test -n "$GCC" -a "$enable_ssp" != "no"; then
 	    { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for compiler stack protector support" >&5
 printf %s "checking for compiler stack protector support... " >&6; }
 if test ${sudo_cv_var_stack_protector+y}
@@ -33048,6 +33048,7 @@ printf "%s\n" "$sudo_cv_var_stack_protector" >&6; }
 	# machine-specific code does not support it.  We use a test program
 	# with a large stack allocation to try to cause the compiler to
 	# insert the stack clash protection code, or fail if not supported.
+	if test -n "$GCC"; then
 	    { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether C compiler supports -fstack-clash-protection" >&5
 printf %s "checking whether C compiler supports -fstack-clash-protection... " >&6; }
 if test ${sudo_cv_check_cflags___fstack_clash_protection+y}
@@ -33346,6 +33347,7 @@ else case e in #(
 esac
 fi
 
+	fi
 
 	# Linker-specific hardening flags.
 	{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,relro" >&5

configure.ac

@@ -4024,7 +4024,7 @@ dnl If compiler supports the -static-libgcc flag use it unless we have
 dnl GNU ld (which can avoid linking in libgcc when it is not needed).
 dnl This test relies on AC_LANG_WERROR
 dnl
-if test -n "$GCC" -a "$lt_cv_prog_gnu_ld" != "yes" -a -n "$GCC"; then
+if test -n "$GCC" -a "$lt_cv_prog_gnu_ld" != "yes"; then
     AX_CHECK_COMPILE_FLAG([-static-libgcc], [AX_APPEND_FLAG([-Wc,-static-libgcc], [LT_LDFLAGS])])
 fi
 

m4/hardening.m4

@@ -30,7 +30,7 @@ AC_DEFUN([SUDO_CHECK_HARDENING], [
 	dnl
 	dnl The following tests rely on AC_LANG_WERROR.
 	dnl
-	if test "$enable_ssp" != "no"; then
+	if test -n "$GCC" -a "$enable_ssp" != "no"; then
 	    AC_CACHE_CHECK([for compiler stack protector support],
 		[sudo_cv_var_stack_protector],
 		[
@@ -86,6 +86,7 @@ AC_DEFUN([SUDO_CHECK_HARDENING], [
 	# machine-specific code does not support it.  We use a test program
 	# with a large stack allocation to try to cause the compiler to
 	# insert the stack clash protection code, or fail if not supported.
+	if test -n "$GCC"; then
 	    AC_CACHE_CHECK([whether C compiler supports -fstack-clash-protection],
 		[sudo_cv_check_cflags___fstack_clash_protection],
 		[
@@ -111,6 +112,7 @@ AC_DEFUN([SUDO_CHECK_HARDENING], [
 		    AX_APPEND_FLAG([-Wc,-fcf-protection], [HARDENING_LDFLAGS])
 		])
 	    ])
+	fi
 
 	# Linker-specific hardening flags.
 	AX_CHECK_LINK_FLAG([-Wl,-z,relro], [AX_APPEND_FLAG([-Wl,-z,relro], [HARDENING_LDFLAGS])])