From f2aa612c5a2a99e1186853a3d00d43607bdc6aa2 Mon Sep 17 00:00:00 2001
From: "Bernhard M. Wiedemann" <bwiedemann@suse.de>
Date: Sun, 13 Mar 2016 10:20:47 +0100
Subject: [PATCH 3/4] Allow SOURCE_DATE_EPOCH to override file timestamps

Limit the maximum date to SOURCE_DATE_EPOCH or use origtime if not defined
similar to the tar --clamp-mtime option

based on a patch by Nicolas Vigier <boklm at torproject.org>

(cherry picked from commit 8d84878ee05b2e63858af3a5a49d98e9e2933b1b)
---
 build/files.c | 22 ++++++++++++++++++++++
 macros.in     |  5 +++++
 2 files changed, 27 insertions(+)

diff --git build/files.c build/files.c
index b76ce04..48b03e9 100644
--- build/files.c
+++ build/files.c
@@ -9,6 +9,7 @@
 #define	MYALLPERMS	07777
 
 #include <errno.h>
+#include <stdlib.h>
 #include <regex.h>
 #if WITH_CAP
 #include <sys/capability.h>
@@ -939,6 +940,24 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
     uint32_t defaultalgo = PGPHASHALGO_MD5, digestalgo;
     rpm_loff_t totalFileSize = 0;
     Header h = pkg->header; /* just a shortcut */
+    int override_date = 0;
+    time_t source_date_epoch;
+    char *srcdate = getenv("SOURCE_DATE_EPOCH");
+
+    /* Limit the maximum date to SOURCE_DATE_EPOCH if defined
+     * similar to the tar --clamp-mtime option
+     * https://reproducible-builds.org/specs/source-date-epoch/
+     */
+    if (srcdate && rpmExpandNumeric("%{?clamp_mtime_to_source_date_epoch}")) {
+	char *endptr;
+	errno = 0;
+	source_date_epoch = strtol(srcdate, &endptr, 10);
+	if (srcdate == endptr || *endptr || errno != 0) {
+	    rpmlog(RPMLOG_ERR, _("unable to parse %s=%s\n"), "SOURCE_DATE_EPOCH", srcdate);
+	    exit(28);
+	}
+	override_date = 1;
+    }
 
     /*
      * See if non-md5 file digest algorithm is requested. If not
@@ -1070,6 +1089,9 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
 	    }
 	}
 	
+	if (override_date && flp->fl_mtime > source_date_epoch) {
+	    flp->fl_mtime = source_date_epoch;
+	}
 	/*
  	 * For items whose size varies between systems, always explicitly 
  	 * cast to the header type before inserting.
diff --git macros.in macros.in
index 85f172a..e0d7b7f 100644
--- macros.in
+++ macros.in
@@ -214,6 +214,11 @@ package or when debugging this package.\
 #	to the timestamp of the topmost changelog entry
 %source_date_epoch_from_changelog 0
 
+#	If true, make sure that timestamps in built rpms
+#	are not later than the value of SOURCE_DATE_EPOCH.
+#	Is ignored when SOURCE_DATE_EPOCH is not set.
+%clamp_mtime_to_source_date_epoch 0
+
 #	The directory where newly built binary packages will be written.
 %_rpmdir		%{_topdir}/RPMS
 
-- 
2.10.2