Source: smartdns
Version: 33+dfsg-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Hi,
Whilst working on the Reproducible Builds effort [0] we noticed that
smartdns could not be built reproducibly.
A fairly invasive patch is attached that drops a bunch of references
to __DATE__ and __TIMESTAMP__, etc. Not sure about the removal of the
cache version/date routines, but this did not feel very reliable to
begin with... but I am not in the best position to know.
[0] https://reproducible-builds.org/
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`---- a/debian/patches/reproducible-build.patch 1970-01-01 01:00:00.000000000
+0100
--- b/debian/patches/reproducible-build.patch 2020-09-25 10:47:38.001506633
+0100
@@ -0,0 +1,103 @@
+Description: Make the build reproducible
+Author: Chris Lamb <la...@debian.org>
+Last-Update: 2020-09-25
+
+--- smartdns-33+dfsg.orig/src/smartdns.c
++++ smartdns-33+dfsg/src/smartdns.c
+@@ -77,10 +77,7 @@ static void _show_version(void)
+ const char *ver = SMARTDNS_VERION;
+ snprintf(str_ver, sizeof(str_ver), "%s", ver);
+ #else
+- struct tm tm;
+- get_compiled_time(&tm);
+- snprintf(str_ver, sizeof(str_ver), "1.%.4d%.2d%.2d-%.2d%.2d",
tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday,
+- tm.tm_hour, tm.tm_min);
++ snprintf(str_ver, sizeof(str_ver), "(unknown)");
+ #endif
+ printf("smartdns %s\n", str_ver);
+ }
+@@ -266,8 +263,7 @@ static int _smartdns_init(void)
+ tlog_setlogscreen(verbose_screen);
+ tlog_setlevel(dns_conf_log_level);
+
+- tlog(TLOG_NOTICE, "smartdns starting...(Copyright (C) Nick Peng
<pym...@gmail.com>, build:%s %s)", __DATE__,
+- __TIME__);
++ tlog(TLOG_NOTICE, "smartdns starting...(Copyright (C) Nick Peng
<pym...@gmail.com>)");
+
+ if (_smartdns_init_ssl() != 0) {
+ tlog(TLOG_ERROR, "init ssl failed.");
+@@ -359,10 +355,10 @@ static void _sig_error_exit(int signo, s
+ arch = "mips";
+ #endif
+ tlog(TLOG_FATAL,
+- "process exit with signal %d, code = %d, errno = %d, pid = %d,
self = %d, pc = %#lx, addr = %#lx, build(%s "
+- "%s %s)\n",
++ "process exit with signal %d, code = %d, errno = %d, pid = %d,
self = %d, pc = %#lx, addr = %#lx, build("
++ "%s)\n",
+ signo, siginfo->si_code, siginfo->si_errno, siginfo->si_pid,
getpid(), PC, (unsigned long)siginfo->si_addr,
+- __DATE__, __TIME__, arch);
++ arch);
+
+ sleep(1);
+ _exit(0);
+--- smartdns-33+dfsg.orig/src/util.c
++++ smartdns-33+dfsg/src/util.c
+@@ -929,25 +929,6 @@ static int parse_server_name_extension(c
+ return -2;
+ }
+
+-void get_compiled_time(struct tm *tm)
+-{
+- char s_month[5];
+- int month, day, year;
+- int hour, min, sec;
+- static const char *month_names = "JanFebMarAprMayJunJulAugSepOctNovDec";
+-
+- sscanf(__DATE__, "%5s %d %d", s_month, &day, &year);
+- month = (strstr(month_names, s_month) - month_names) / 3;
+- sscanf(__TIME__, "%d:%d:%d", &hour, &min, &sec);
+- tm->tm_year = year - 1900;
+- tm->tm_mon = month;
+- tm->tm_mday = day;
+- tm->tm_isdst = -1;
+- tm->tm_hour = hour;
+- tm->tm_min = min;
+- tm->tm_sec = sec;
+-}
+-
+ int is_numeric(const char *str)
+ {
+ while (*str != '\0') {
+--- smartdns-33+dfsg.orig/src/util.h
++++ smartdns-33+dfsg/src/util.h
+@@ -96,8 +96,6 @@ int create_pid_file(const char *pid_file
+ */
+ int parse_tls_header(const char *data, size_t data_len, char *hostname, const
char **hostname_ptr);
+
+-void get_compiled_time(struct tm *tm);
+-
+ int is_numeric(const char *str);
+
+ int has_network_raw_cap(void);
+--- smartdns-33+dfsg.orig/src/dns_cache.c
++++ smartdns-33+dfsg/src/dns_cache.c
+@@ -581,11 +581,6 @@ int dns_cache_load(const char *file)
+ goto errout;
+ }
+
+- if (strncmp(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN)
!= 0) {
+- tlog(TLOG_WARN, "cache version is different, skip load cache.");
+- goto errout;
+- }
+-
+ if (_dns_cache_read_record(fd, cache_file.cache_number) != 0) {
+ goto errout;
+ }
+@@ -665,7 +660,6 @@ int dns_cache_save(const char *file)
+ struct dns_cache_file cache_file;
+ memset(&cache_file, 0, sizeof(cache_file));
+ cache_file.magic = MAGIC_NUMBER;
+- safe_strncpy(cache_file.version, __TIMESTAMP__, DNS_CACHE_VERSION_LEN);
+ cache_file.cache_number = 0;
+
+ if (lseek(fd, sizeof(cache_file), SEEK_SET) < 0) {
--- a/debian/patches/series 2020-09-25 10:34:16.368518837 +0100
--- b/debian/patches/series 2020-09-25 10:44:09.895001147 +0100
@@ -1 +1,2 @@
init.patch
+reproducible-build.patch
--- a/debian/rules 2020-09-25 10:34:16.368518837 +0100
--- b/debian/rules 2020-09-25 10:51:25.636315039 +0100
@@ -1,4 +1,8 @@
#!/usr/bin/make -f
+
+include /usr/share/dpkg/default.mk
+
+export VER=$(DEB_VERSION)
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
%:
