Accepting request 453438 from Printing

1

OBS-URL: https://build.opensuse.org/request/show/453438
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ghostscript?expand=0&rev=26

0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch

@@ -0,0 +1,49 @@
+From 495b79d8e9a44ad0ada965add3a046120646e7e0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stefan=20Br=C3=83=C2=BCns?= <stefan.bruens@rwth-aachen.de>
+Date: Thu, 12 Jan 2017 18:04:57 +0100
+Subject: [PATCH 1/2] mkromfs: make build reproducible, use buildtime from
+ SOURCE_DATE_EPOCH
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The environment variable SOURCE_DATE_EPOCH is the common approach for
+getting reproducible timestamps and thus builds. In case the variable
+is not set, keep using the current time of the mkromfs run.
+
+Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
+---
+ base/mkromfs.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/base/mkromfs.c b/base/mkromfs.c
+index b7bc6bf..9b81c46 100644
+--- a/base/mkromfs.c
++++ b/base/mkromfs.c
+@@ -2280,6 +2280,8 @@ main(int argc, char *argv[])
+     int compaction = 0;
+     Xlist_element *Xlist_scan = NULL, *Xlist_head = NULL;
+     char pa[PATH_STR_LEN];
++    time_t buildtime = 0;
++    char* env_source_date_epoch;
+ 
+     memset(pa, 0x00, PATH_STR_LEN);
+ 
+@@ -2336,7 +2338,13 @@ main(int argc, char *argv[])
+ #endif
+     fprintf(out,"\n#include \"stdint_.h\"\n");
+     fprintf(out,"\n#include \"time_.h\"\n\n");
+-    fprintf(out,"    time_t gs_romfs_buildtime = %ld;\n\n", time(NULL));
++
++    if ((env_source_date_epoch = getenv("SOURCE_DATE_EPOCH"))) {
++        buildtime = strtoul(env_source_date_epoch, NULL, 10);
++    }
++    if (!buildtime)
++        buildtime = time(NULL);
++    fprintf(out,"    time_t gs_romfs_buildtime = %ld;\n\n", buildtime);
+ 
+     /* process the remaining arguments (options interspersed with paths) */
+     for (; atarg < argc; atarg++) {
+-- 
+2.11.0
+

0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch

@@ -0,0 +1,75 @@
+From ec602a6eadfe7680e0a1008a67afa18903a07ad9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Stefan=20Br=C3=BCns?= <stefan.bruens@rwth-aachen.de>
+Date: Thu, 12 Jan 2017 20:55:11 +0100
+Subject: [PATCH 2/2] mkromfs: sort gp_enumerate_files output for deterministic
+ ROM contents
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+gp_enumerate_files_next returns dir entries in the same order as returned
+by readdir. Sort by name to generate deterministic output.
+
+Signed-off-by: Stefan Brüns <stefan.bruens@rwth-aachen.de>
+---
+ base/mkromfs.c | 23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+
+diff --git a/base/mkromfs.c b/base/mkromfs.c
+index 9b81c46..b7799ae 100644
+--- a/base/mkromfs.c
++++ b/base/mkromfs.c
+@@ -344,6 +344,7 @@ const gs_malloc_memory_t minimal_memory = {
+     0  /* max used */
+ };
+ 
++int cmpstringp(const void *p1, const void *p2);
+ void put_uint32(FILE *out, const unsigned int q);
+ void put_bytes_padded(FILE *out, unsigned char *p, unsigned int len);
+ void inode_clear(romfs_inode* node);
+@@ -1542,6 +1543,15 @@ static unsigned long pscompact_getcompactedblock(pscompstate *psc, unsigned char
+     return out-ubuf;
+ }
+ 
++int cmpstringp(const void *p1, const void *p2)
++{
++   /* The actual arguments to this function are "pointers to
++      pointers to char", but strcmp(3) arguments are "pointers
++      to char", hence the following cast plus dereference */
++
++   return strcmp(* (char * const *) p1, * (char * const *) p2);
++}
++
+ /* This relies on the gp_enumerate_* which should not return directories, nor	*/
+ /* should it recurse into directories (unlike Adobe's implementation)		*/
+ /* paths are checked to see if they are an ordinary file or a path		*/
+@@ -1561,6 +1571,8 @@ void process_path(char *path, const char *os_prefix, const char *rom_prefix,
+     FILE *in;
+     unsigned long psc_len;
+     pscompstate psc = { 0 };
++    unsigned long numfiles = 0;
++    char **foundfiles = NULL;
+ 
+     prefixed_path = malloc(PATH_STR_LEN);
+     found_path = malloc(PATH_STR_LEN);
+@@ -1598,6 +1610,17 @@ void process_path(char *path, const char *os_prefix, const char *rom_prefix,
+         if (excluded)
+             continue;
+ 
++        numfiles++;
++        foundfiles = realloc(foundfiles, sizeof(char *) * numfiles);
++        foundfiles[numfiles - 1] = strdup(found_path);
++    }
++
++    qsort(foundfiles, numfiles, sizeof(char *), cmpstringp);
++
++    while (numfiles--) {
++        found_path = *foundfiles;
++        foundfiles++;
++
+         /* process a file */
+         node = calloc(1, sizeof(romfs_inode));
+         /* get info for this file */
+-- 
+2.11.0
+

ghostscript-mini.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Jan 12 17:13:58 UTC 2017 - stefan.bruens@rwth-aachen.de
+
+- Set SOURCE_DATE_EPOCH based on changelog head
+- Add 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+  * Use SOURCE_DATE_EPOCH for mkromfs output for reproducible build
+- Add 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
+  * Sort ROM contents for deterministic output
+
 -------------------------------------------------------------------
 Mon Oct 17 13:36:57 CEST 2016 - jsmeix@suse.de
 

ghostscript-mini.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package ghostscript-mini
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -96,6 +96,11 @@ Patch5:         CVE-2016-8602.patch
 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
 # see http://bugs.ghostscript.com/show_bug.cgi?id=695544
 Patch11:        ppc64le-support.patch
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+Patch12:        0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+# Patch13 sorts the ROM contents by name for deterministic contents
+Patch13:        0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
 # Source100...Source999 is for sources from SUSE which are not intended for upstream:
 # Patch100...Patch999 is for patches from SUSE which are not intended for upstream:
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
@@ -199,6 +204,11 @@ This package contains the development files for Minimal Ghostscript.
 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
 # see http://bugs.ghostscript.com/show_bug.cgi?id=695544
 %patch11 -p1 -b ppc64le-support.orig
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+%patch12 -p1 -b mkromfs-buildtime.orig
+# Patch13 sorts the ROM contents by name for deterministic contents
+%patch13 -p1 -b mkromfs-sort-contents.orig
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 %patch100 -p1 -b remove-zlib-h-dependency.orig
@@ -210,6 +220,8 @@ This package contains the development files for Minimal Ghostscript.
 rm -rf freetype jpeg libpng tiff zlib
 
 %build
+# Derive build timestamp from latest changelog entry
+export SOURCE_DATE_EPOCH=$(date -d "$(head -n 2 %{_sourcedir}/%{name}.changes | tail -n 1 | cut -d- -f1 )" +%s)
 # Set our preferred architecture-specific flags for the compiler and linker:
 export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
 export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"

ghostscript.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Jan 12 17:13:58 UTC 2017 - stefan.bruens@rwth-aachen.de
+
+- Set SOURCE_DATE_EPOCH based on changelog head
+- Add 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+  * Use SOURCE_DATE_EPOCH for mkromfs output for reproducible build
+- Add 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
+  * Sort ROM contents for deterministic output
+
 -------------------------------------------------------------------
 Mon Oct 17 13:36:57 CEST 2016 - jsmeix@suse.de
 

ghostscript.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package ghostscript
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -116,6 +116,11 @@ Patch5:         CVE-2016-8602.patch
 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
 # see http://bugs.ghostscript.com/show_bug.cgi?id=695544
 Patch11:        ppc64le-support.patch
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+Patch12:        0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+# Patch13 sorts the ROM contents by name for deterministic contents
+Patch13:        0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
 # Source100...Source999 is for sources from SUSE which are not intended for upstream:
 # Patch100...Patch999 is for patches from SUSE which are not intended for upstream:
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
@@ -335,6 +340,11 @@ This package contains the development files for Ghostscript.
 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
 # see http://bugs.ghostscript.com/show_bug.cgi?id=695544
 %patch11 -p1 -b ppc64le-support.orig
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+%patch12 -p1 -b mkromfs-buildtime.orig
+# Patch13 sorts the ROM contents by name for deterministic contents
+%patch13 -p1 -b mkromfs-sort-contents.orig
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 %patch100 -p1 -b remove-zlib-h-dependency.orig
@@ -346,6 +356,8 @@ This package contains the development files for Ghostscript.
 rm -rf freetype jpeg libpng tiff zlib
 
 %build
+# Derive build timestamp from latest changelog entry
+export SOURCE_DATE_EPOCH=$(date -d "$(head -n 2 %{_sourcedir}/%{name}.changes | tail -n 1 | cut -d- -f1 )" +%s)
 # Set our preferred architecture-specific flags for the compiler and linker:
 export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
 export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"