From e1c68920c4a5d245135df8450387df6ca06fa2f6ac53d565825bd60232ae76e5 Mon Sep 17 00:00:00 2001
From: Danilo Spinella <danilo.spinella@suse.com>
Date: Tue, 22 Feb 2022 16:50:50 +0000
Subject: [PATCH] Accepting request 954300 from
 home:bmwiedemann:reproducible:test

Add 0002-unix-reproducible-directory-order-scandir.patch
  to make zip file creation reproducible
- Add build time %check

OBS-URL: https://build.opensuse.org/request/show/954300
OBS-URL: https://build.opensuse.org/package/show/Archiving/zip?expand=0&rev=21
---
 ...reproducible-directory-order-scandir.patch | 97 +++++++++++++++++++
 zip.changes                                   |  7 ++
 zip.spec                                      |  5 +
 3 files changed, 109 insertions(+)
 create mode 100644 0002-unix-reproducible-directory-order-scandir.patch

diff --git a/0002-unix-reproducible-directory-order-scandir.patch b/0002-unix-reproducible-directory-order-scandir.patch
new file mode 100644
index 0000000..59b98a6
--- /dev/null
+++ b/0002-unix-reproducible-directory-order-scandir.patch
@@ -0,0 +1,97 @@
+https://sourceforge.net/p/infozip/patches/25/
+
+From 706b9fdc032582a258f0f8e5444fde4ee5bab220 Mon Sep 17 00:00:00 2001
+From: Mingye Wang <arthur200126@gmail.com>
+Date: Sat, 25 Jan 2020 23:07:03 +0800
+Subject: [PATCH 2/2] unix: reproducible directory order (scandir)
+
+This commit replaces the readdir() loop with scandir. This means a well-
+defined, reproducible sort order, with the downside that we will need to
+store ALL directory entries in memory to sort them.
+
+I am too lazy to add a switch to change how it is supposed to work. This
+is only a proof-of-concept.
+
+Co-Authored-By: Bernhard M. Wiedemann <bwiedemann suse.de>
+---
+ unix/unix.c | 32 ++++++++++++++++++++++++--------
+ 1 file changed, 24 insertions(+), 8 deletions(-)
+
+Index: zip30/unix/unix.c
+===================================================================
+--- zip30.orig/unix/unix.c
++++ zip30/unix/unix.c
+@@ -92,6 +92,10 @@ DIR *dirp;
+ #define closedir(dirp) fclose(dirp)
+ #endif /* NO_DIR */
+ 
++#ifdef NO_SCANDIR
++/* TODO Port the FreeBSD libc version */
++#error "We need scandir now."
++#endif
+ 
+ local char *readd(d)
+ DIR *d;                 /* directory stream to read from */
+@@ -111,12 +115,14 @@ int caseflag;           /* true to force
+    an error code in the ZE_ class. */
+ {
+   char *a;              /* path and name for recursion */
+-  DIR *d;               /* directory stream from opendir() */
+-  char *e;              /* pointer to name from readd() */
++  char *e;              /* pointer to name from scandir() */
++  int c;                /* number of entries from scandir() */
++  int i;                /* entry index */
+   int m;                /* matched flag */
+   char *p;              /* path for recursion */
+   z_stat s;             /* result of stat() */
+   struct zlist far *z;  /* steps through zfiles list */
++  struct dirent **namelist;
+ 
+   if (strcmp(n, "-") == 0)   /* if compressing stdin */
+     return newname(n, 0, caseflag);
+@@ -176,14 +182,16 @@ int caseflag;           /* true to force
+       }
+     }
+     /* recurse into directory */
+-    if (recurse && (d = opendir(n)) != NULL)
++    if (recurse && (c = scandir(n, &namelist, NULL, alphasort)) >= 0)
+     {
+-      while ((e = readd(d)) != NULL) {
++      for (i = 0; i < c; i++) {
++        e = namelist[i]->d_name;
+         if (strcmp(e, ".") && strcmp(e, ".."))
+         {
+           if ((a = malloc(strlen(p) + strlen(e) + 1)) == NULL)
+           {
+-            closedir(d);
++            for (; i < c; i++) free(namelist[i]);
++            free(namelist);
+             free((zvoid *)p);
+             return ZE_MEM;
+           }
+@@ -197,8 +205,9 @@ int caseflag;           /* true to force
+           }
+           free((zvoid *)a);
+         }
++        free(namelist[i]);
+       }
+-      closedir(d);
++      free(namelist);
+     }
+     free((zvoid *)p);
+   } /* (s.st_mode & S_IFDIR) */
+Index: zip30/test.sh
+===================================================================
+--- /dev/null
++++ zip30/test.sh
+@@ -0,0 +1,10 @@
++#!/bin/sh -e
++mkdir -p test/{a,b,c}
++echo x > test/a/x
++echo y > test/a/y
++echo y > test/b/y
++export SOURCE_DATE_EPOCH=1
++./zip -X -r test.zip test
++md5sum test.zip
++echo "89057b9c9501ce122973d24b68a0522a  test.zip" | md5sum -c
++
diff --git a/zip.changes b/zip.changes
index 1af134e..00aa057 100644
--- a/zip.changes
+++ b/zip.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sun Feb 13 08:37:38 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
+
+- Add 0002-unix-reproducible-directory-order-scandir.patch
+  to make zip file creation reproducible
+- Add build time %check
+
 -------------------------------------------------------------------
 Fri May  3 10:41:10 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com>
 
diff --git a/zip.spec b/zip.spec
index 87bef84..04a31bf 100644
--- a/zip.spec
+++ b/zip.spec
@@ -36,6 +36,7 @@ Patch8:         zip-3.0-nomutilation.patch
 Patch9:         zip-3.0-fix-memory_leaks.patch
 Patch10:        reproducible.patch
 Patch11:        zip-3.0-fix-doc.patch
+Patch12:        0002-unix-reproducible-directory-order-scandir.patch
 Provides:       crzip = %{version}
 Obsoletes:      crzip < %{version}
 BuildRequires:  libbz2-devel
@@ -57,6 +58,7 @@ PKZIP(tm) 2.04g (Phil Katz ZIP) for MS-DOS systems.
 %patch9
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 
 %build
 make %{?_smp_mflags} -f unix/Makefile prefix=/usr CC="gcc %{optflags} -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" generic_gcc
@@ -66,6 +68,9 @@ mkdir -p %{buildroot}%{_prefix}/bin
 mkdir -p %{buildroot}%{_mandir}/man1
 make install -f unix/Makefile BINDIR=%{buildroot}%{_bindir} MANDIR=%{buildroot}%{_mandir}/man1
 
+%check
+sh -e ./test.sh
+
 %files
 %defattr(-,root,root)
 %doc BUGS CHANGES INSTALL LICENSE README TODO WHATSNEW WHERE