rpm/libtomcrypt
SHA256
1
0
Fork 0
forked from pool/libtomcrypt
Code Pull Requests Activity

Accepting request 498991 from home:bmwiedemann:branches:security

Browse Source 
Add reproducible.patch to sort input files to make build reproducible (boo#1041090)

OBS-URL: https://build.opensuse.org/request/show/498991
OBS-URL: https://build.opensuse.org/package/show/security/libtomcrypt?expand=0&rev=10
This commit is contained in:
Alexander Naumov 2017-05-29 20:42:12 +00:00 committed by Git OBS Bridge
parent 689e4155c6
commit 6e3dab8ec6
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libtomcrypt.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Mon May 29 13:08:06 UTC 2017 - bwiedemann@suse.com
- Add reproducible.patch to sort input files to make build reproducible
(boo#1041090)
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Feb 12 22:03:58 UTC 2016 - mpluskal@suse.com Fri Feb 12 22:03:58 UTC 2016 - mpluskal@suse.com

3
libtomcrypt.spec
View File

@ -31,6 +31,8 @@ Source2: %{name}.keyring
Source3: %{name}.changes Source3: %{name}.changes
# PATCH-FIX-UPSTREAM libtomcrypt-makefile.shared.patch # PATCH-FIX-UPSTREAM libtomcrypt-makefile.shared.patch
Patch0: %{name}-makefile.shared.patch Patch0: %{name}-makefile.shared.patch
# PATCH-FIX-UPSTREAM https://github.com/libtom/libtomcrypt/pull/222
Patch1: reproducible.patch
BuildRequires: libtool BuildRequires: libtool
BuildRequires: texlive-latex BuildRequires: texlive-latex
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -84,6 +86,7 @@ This package contains example *.c files showing how to use TomCrypt library.
%prep %prep
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1
modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE3}")" modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE3}")"
DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
TIME="\"$(date -d "${modified}" "+%%R")\"" TIME="\"$(date -d "${modified}" "+%%R")\""

36
reproducible.patch Normal file
View File

@ -0,0 +1,36 @@
https://github.com/libtom/libtomcrypt/pull/222
sort input files
when building packages (e.g. for openSUSE Linux)
(random) filesystem order of input files
influences ordering of functions in the output,
thus without the patch, builds (in disposable VMs) would differ.
See https://reproducible-builds.org/ for why this matters.
Index: libtomcrypt-1.17/makefile.shared
===================================================================
--- libtomcrypt-1.17.orig/makefile.shared
+++ libtomcrypt-1.17/makefile.shared
@@ -249,7 +249,7 @@ testprof/$(LIBTEST):
objs: $(OBJECTS)
$(LIBNAME): $(OBJECTS) testprof/$(LIBTEST)
- libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION)
+ libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | grep "src/" | sort | xargs` $(EXTRALIBS) -o $(LIBNAME) -rpath $(LIBPATH) -version-info $(VERSION)
install: $(LIBNAME)
install -d $(DESTDIR)$(LIBPATH)
Index: libtomcrypt-1.17/testprof/makefile.shared
===================================================================
--- libtomcrypt-1.17.orig/testprof/makefile.shared
+++ libtomcrypt-1.17/testprof/makefile.shared
@@ -18,7 +18,7 @@ endif
default: $(LIBTEST)
$(LIBTEST): $(OBJECTS)
- libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION)
+ libtool --silent --mode=link gcc $(CFLAGS) `find . -type f | grep "[.]lo" | sort | xargs` -o $@ -rpath $(LIBPATH) -version-info $(VERSION)
install: $(LIBTEST)
libtool --silent --mode=install install -c $(LIBTEST) $(DESTDIR)$(LIBPATH)/$(LIBTEST)