diff --git a/libtomcrypt.changes b/libtomcrypt.changes index 755a549..c713e71 100644 --- a/libtomcrypt.changes +++ b/libtomcrypt.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon May 29 13:08:06 UTC 2017 - bwiedemann@suse.com + +- Add reproducible.patch to sort input files to make build reproducible + (boo#1041090) + ------------------------------------------------------------------- Fri Feb 12 22:03:58 UTC 2016 - mpluskal@suse.com diff --git a/libtomcrypt.spec b/libtomcrypt.spec index def341b..3cc6ec9 100644 --- a/libtomcrypt.spec +++ b/libtomcrypt.spec @@ -31,6 +31,8 @@ Source2: %{name}.keyring Source3: %{name}.changes # PATCH-FIX-UPSTREAM libtomcrypt-makefile.shared.patch Patch0: %{name}-makefile.shared.patch +# PATCH-FIX-UPSTREAM https://github.com/libtom/libtomcrypt/pull/222 +Patch1: reproducible.patch BuildRequires: libtool BuildRequires: texlive-latex BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -84,6 +86,7 @@ This package contains example *.c files showing how to use TomCrypt library. %prep %setup -q %patch0 -p1 +%patch1 -p1 modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE3}")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\"" diff --git a/reproducible.patch b/reproducible.patch new file mode 100644 index 0000000..b5e4081 --- /dev/null +++ b/reproducible.patch @@ -0,0 +1,36 @@ +https://github.com/libtom/libtomcrypt/pull/222 +sort input files + +when building packages (e.g. for openSUSE Linux) +(random) filesystem order of input files +influences ordering of functions in the output, +thus without the patch, builds (in disposable VMs) would differ. + +See https://reproducible-builds.org/ for why this matters. + +Index: libtomcrypt-1.17/makefile.shared +=================================================================== +--- libtomcrypt-1.17.orig/makefile.shared ++++ libtomcrypt-1.17/makefile.shared +@@ -249,7 +249,7 @@ testprof/$(LIBTEST): + objs: $(OBJECTS) + + $(LIBNAME): $(OBJECTS) testprof/$(LIBTEST) +- libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION) ++ libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | sort | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION) + + install: $(LIBNAME) + install -d $(DESTDIR)$(LIBPATH) +Index: libtomcrypt-1.17/testprof/makefile.shared +=================================================================== +--- libtomcrypt-1.17.orig/testprof/makefile.shared ++++ libtomcrypt-1.17/testprof/makefile.shared +@@ -18,7 +18,7 @@ endif + default: $(LIBTEST) + + $(LIBTEST): $(OBJECTS) +- libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION) ++ libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | sort | xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION) + + install: $(LIBTEST) + libtool --silent --mode=install install -c $(LIBTEST) $(DESTDIR)$(LIBPATH)/$(LIBTEST)