[PATCH v3] Allow ./configure to explicitly set libgpg-error's build timestamp

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Sep 24 00:34:32 CEST 2014


* configure.ac: add --enable-build-timestamp

--

A group within Debian is working on making the archive rebuildable in
a reproducible way, so that the compiled binary outputs are
byte-for-byte identical when built for the same platform using the
same toolchain.  This is useful in providing auditability and
corroboration for users of the operating system.

libgpg-error is very close to reproducible except for embedding the
build timestamp in the generated binary.  This timestamp is set in
config.h during ./configure.

This patch allows an external build system to set this embedded
timestamp explicitly, which appears to make the package build
repeatably when ./configure is called with (for example)
--enable=build-timestamp=2014-09-23T01:02+0000

Debian-bug-id: 762397
---
 configure.ac | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index b32b751..c0435b0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -484,7 +484,13 @@ changequote([,])dnl
 BUILD_FILEVERSION="${BUILD_FILEVERSION}0,mym4_revision_dec"
 AC_SUBST(BUILD_FILEVERSION)
 
-BUILD_TIMESTAMP=`date -u +%Y-%m-%dT%H:%M+0000 2>/dev/null || date`
+
+AC_ARG_ENABLE([build-timestamp],
+              AC_HELP_STRING([--enable-build-timestamp],
+                             [set an explicit build timestamp for reproducibility.
+                              (default is the current time in ISO-8601 format)]),
+              [if test "$enableval" = "no"; then BUILD_TIMESTAMP="<none>"; else BUILD_TIMESTAMP="$enableval"; fi],
+              [BUILD_TIMESTAMP=`date -u +%Y-%m-%dT%H:%M+0000 2>/dev/null || date`] )
 AC_SUBST(BUILD_TIMESTAMP)
 AC_DEFINE_UNQUOTED(BUILD_TIMESTAMP, "$BUILD_TIMESTAMP",
                    [The time this package was configured for a build])
-- 
2.1.0




More information about the Gnupg-devel mailing list