diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/.gitignore | 1 | ||||
| -rw-r--r-- | scripts/Dpkg/Control.pm | 13 | ||||
| -rw-r--r-- | scripts/Dpkg/Control/FieldsCore.pm | 41 | ||||
| -rw-r--r-- | scripts/Dpkg/Control/Types.pm | 3 | ||||
| -rw-r--r-- | scripts/Dpkg/Vendor/Debian.pm | 2 | ||||
| -rw-r--r-- | scripts/Dpkg/Vendor/Default.pm | 12 | ||||
| -rw-r--r-- | scripts/Makefile.am | 2 | ||||
| -rw-r--r-- | scripts/Test/Dpkg.pm | 1 | ||||
| -rwxr-xr-x | scripts/dpkg-buildpackage.pl | 35 | ||||
| -rwxr-xr-x | scripts/dpkg-genbuildinfo.pl | 491 | ||||
| -rw-r--r-- | scripts/po/POTFILES.in | 1 | ||||
| -rw-r--r-- | scripts/t/dpkg_buildpackage/test-source_0_all.changes | 3 | ||||
| -rw-r--r-- | scripts/t/dpkg_buildpackage/test-source_0_any.changes | 3 | ||||
| -rw-r--r-- | scripts/t/dpkg_buildpackage/test-source_0_binary.changes | 3 | ||||
| -rw-r--r-- | scripts/t/dpkg_buildpackage/test-source_0_full.changes | 3 |
15 files changed, 603 insertions, 11 deletions
diff --git a/scripts/.gitignore b/scripts/.gitignore index 380ad9182..0d1f29ac9 100644 --- a/scripts/.gitignore +++ b/scripts/.gitignore @@ -3,6 +3,7 @@ dpkg-buildflags dpkg-buildpackage dpkg-checkbuilddeps dpkg-distaddfile +dpkg-genbuildinfo dpkg-genchanges dpkg-gencontrol dpkg-gensymbols diff --git a/scripts/Dpkg/Control.pm b/scripts/Dpkg/Control.pm index e65891f3a..f41f250d5 100644 --- a/scripts/Dpkg/Control.pm +++ b/scripts/Dpkg/Control.pm @@ -18,7 +18,7 @@ package Dpkg::Control; use strict; use warnings; -our $VERSION = '1.02'; +our $VERSION = '1.03'; our @EXPORT = qw( CTRL_UNKNOWN CTRL_INFO_SRC @@ -28,6 +28,7 @@ our @EXPORT = qw( CTRL_REPO_RELEASE CTRL_PKG_SRC CTRL_PKG_DEB + CTRL_FILE_BUILDINFO CTRL_FILE_CHANGES CTRL_FILE_VENDOR CTRL_FILE_STATUS @@ -104,6 +105,10 @@ Corresponds to a .dsc file of a Debian source package. Corresponds to the F<control> file generated by dpkg-gencontrol (F<DEBIAN/control>) and to the same file inside .deb packages. +=item CTRL_FILE_BUILDINFO + +Corresponds to a .buildinfo file. + =item CTRL_FILE_CHANGES Corresponds to a .changes file. @@ -210,6 +215,8 @@ sub set_options { $$self->{name} = sprintf(g_('%s file'), '.dsc'); } elsif ($t == CTRL_PKG_DEB) { $$self->{name} = g_('control info of a .deb package'); + } elsif ($t == CTRL_FILE_BUILDINFO) { + $$self->{name} = g_('build information file'); } elsif ($t == CTRL_FILE_CHANGES) { $$self->{name} = sprintf(g_('%s file'), '.changes'); } elsif ($t == CTRL_FILE_VENDOR) { @@ -240,6 +247,10 @@ sub get_type { =head1 CHANGES +=head2 Version 1.03 (dpkg 1.18.11) + +New type: CTRL_FILE_BUILDINFO. + =head2 Version 1.02 (dpkg 1.18.8) New type: CTRL_TESTS. diff --git a/scripts/Dpkg/Control/FieldsCore.pm b/scripts/Dpkg/Control/FieldsCore.pm index bbc19aa83..4c0ae50c8 100644 --- a/scripts/Dpkg/Control/FieldsCore.pm +++ b/scripts/Dpkg/Control/FieldsCore.pm @@ -66,7 +66,7 @@ use constant { # Deprecated fields of dpkg's status file are also not listed our %FIELDS = ( 'Architecture' => { - allowed => (ALL_PKG | ALL_SRC | CTRL_FILE_CHANGES) & (~CTRL_INFO_SRC), + allowed => (ALL_PKG | ALL_SRC | CTRL_FILE_BUILDINFO | CTRL_FILE_CHANGES) & (~CTRL_INFO_SRC), separator => FIELD_SEP_SPACE, }, 'Architectures' => { @@ -74,7 +74,7 @@ our %FIELDS = ( separator => FIELD_SEP_SPACE, }, 'Binary' => { - allowed => CTRL_PKG_SRC | CTRL_FILE_CHANGES, + allowed => CTRL_PKG_SRC | CTRL_FILE_BUILDINFO | CTRL_FILE_CHANGES, # XXX: This field values are separated either by space or comma # depending on the context. separator => FIELD_SEP_SPACE | FIELD_SEP_COMMA, @@ -82,6 +82,9 @@ our %FIELDS = ( 'Binary-Only' => { allowed => ALL_CHANGES, }, + 'Binary-Only-Changes' => { + allowed => CTRL_FILE_BUILDINFO, + }, 'Breaks' => { allowed => ALL_PKG, separator => FIELD_SEP_COMMA, @@ -91,6 +94,9 @@ our %FIELDS = ( 'Bugs' => { allowed => (ALL_PKG | CTRL_INFO_SRC | CTRL_FILE_VENDOR) & (~CTRL_INFO_PKG), }, + 'Build-Architecture' => { + allowed => CTRL_FILE_BUILDINFO, + }, 'Build-Conflicts' => { allowed => ALL_SRC, separator => FIELD_SEP_COMMA, @@ -130,6 +136,12 @@ our %FIELDS = ( 'Build-Essential' => { allowed => ALL_PKG, }, + 'Build-Origin' => { + allowed => CTRL_FILE_BUILDINFO, + }, + 'Build-Path' => { + allowed => CTRL_FILE_BUILDINFO, + }, 'Build-Profiles' => { allowed => CTRL_INFO_PKG, separator => FIELD_SEP_SPACE, @@ -214,6 +226,10 @@ our %FIELDS = ( dependency => 'union', dep_order => 5, }, + 'Environment' => { + allowed => CTRL_FILE_BUILDINFO, + separator => FIELD_SEP_LINE, + }, 'Essential' => { allowed => ALL_PKG, }, @@ -230,11 +246,17 @@ our %FIELDS = ( separator => FIELD_SEP_LINE | FIELD_SEP_SPACE, }, 'Format' => { - allowed => CTRL_PKG_SRC | CTRL_FILE_CHANGES | CTRL_COPYRIGHT_HEADER, + allowed => CTRL_PKG_SRC | CTRL_FILE_CHANGES | CTRL_COPYRIGHT_HEADER | CTRL_FILE_BUILDINFO, }, 'Homepage' => { allowed => ALL_SRC | ALL_PKG, }, + 'Installed-Build-Depends' => { + allowed => CTRL_FILE_BUILDINFO, + separator => FIELD_SEP_COMMA, + dependency => 'union', + dep_order => 11, + }, 'Installed-Size' => { allowed => ALL_PKG & ~CTRL_INFO_PKG, }, @@ -311,7 +333,7 @@ our %FIELDS = ( separator => FIELD_SEP_LINE | FIELD_SEP_SPACE, }, 'Source' => { - allowed => (ALL_PKG | ALL_SRC | ALL_CHANGES | CTRL_COPYRIGHT_HEADER) & + allowed => (ALL_PKG | ALL_SRC | ALL_CHANGES | CTRL_COPYRIGHT_HEADER | CTRL_FILE_BUILDINFO) & (~(CTRL_INDEX_SRC | CTRL_INFO_PKG)), }, 'Standards-Version' => { @@ -419,7 +441,7 @@ our %FIELDS = ( allowed => CTRL_FILE_VENDOR, }, 'Version' => { - allowed => (ALL_PKG | ALL_SRC | ALL_CHANGES) & + allowed => (ALL_PKG | ALL_SRC | CTRL_FILE_BUILDINFO | ALL_CHANGES) & (~(CTRL_INFO_SRC | CTRL_INFO_PKG)), }, ); @@ -427,7 +449,7 @@ our %FIELDS = ( my @checksum_fields = map { &field_capitalize("Checksums-$_") } checksums_get_list(); my @sum_fields = map { $_ eq 'md5' ? 'MD5sum' : &field_capitalize($_) } checksums_get_list(); -&field_register($_, CTRL_PKG_SRC | CTRL_FILE_CHANGES) foreach @checksum_fields; +&field_register($_, CTRL_PKG_SRC | CTRL_FILE_CHANGES | CTRL_FILE_BUILDINFO) foreach @checksum_fields; &field_register($_, CTRL_INDEX_PKG | CTRL_REPO_RELEASE, separator => FIELD_SEP_LINE | FIELD_SEP_SPACE) foreach @sum_fields; @@ -446,6 +468,13 @@ our %FIELD_ORDER = ( Vcs-Svn Testsuite Testsuite-Triggers), &field_list_src_dep(), qw(Package-List), @checksum_fields, qw(Files) ], + CTRL_FILE_BUILDINFO() => [ + qw(Format Source Binary Architecture Version + Binary-Only-Changes), + @checksum_fields, + qw(Build-Origin Build-Architecture Build-Path + Installed-Build-Depends Environment), + ], CTRL_FILE_CHANGES() => [ qw(Format Date Source Binary Binary-Only Built-For-Profiles Architecture Version Distribution Urgency Maintainer Changed-By Description diff --git a/scripts/Dpkg/Control/Types.pm b/scripts/Dpkg/Control/Types.pm index 1bb3e0ae4..445079d41 100644 --- a/scripts/Dpkg/Control/Types.pm +++ b/scripts/Dpkg/Control/Types.pm @@ -26,6 +26,7 @@ our @EXPORT = qw( CTRL_INDEX_PKG CTRL_PKG_SRC CTRL_PKG_DEB + CTRL_FILE_BUILDINFO CTRL_FILE_CHANGES CTRL_FILE_VENDOR CTRL_FILE_STATUS @@ -86,6 +87,8 @@ use constant { CTRL_COPYRIGHT_LICENSE => 8192, # Package test suite control file in debian/tests/control. CTRL_TESTS => 16384, + # .buildinfo file + CTRL_FILE_BUILDINFO => 32768, }; =head1 CHANGES diff --git a/scripts/Dpkg/Vendor/Debian.pm b/scripts/Dpkg/Vendor/Debian.pm index 560db2de8..bbba00d52 100644 --- a/scripts/Dpkg/Vendor/Debian.pm +++ b/scripts/Dpkg/Vendor/Debian.pm @@ -83,6 +83,8 @@ sub run_hook { $self->_add_reproducible_flags(@params); $self->_add_sanitize_flags(@params); $self->_add_hardening_flags(@params); + } elsif ($hook eq 'builtin-system-build-paths') { + return qw(/build/); } else { return $self->SUPER::run_hook($hook, @params); } diff --git a/scripts/Dpkg/Vendor/Default.pm b/scripts/Dpkg/Vendor/Default.pm index 9d53097f9..40815efde 100644 --- a/scripts/Dpkg/Vendor/Default.pm +++ b/scripts/Dpkg/Vendor/Default.pm @@ -130,6 +130,16 @@ The hook is called in Dpkg::BuildFlags to allow the vendor to override the default values set for the various build flags. $flags is a Dpkg::BuildFlags object. +=item builtin-system-build-paths () + +The hook is called by dpkg-genbuildinfo to determine if the current path +should be recorded in the B<Build-Path> field (since dpkg 1.18.11). It takes +no parameters, but returns a (possibly empty) list of root paths considered +acceptable. As an example, if the list contains "/build/", a Build-Path +field will be created if the current directory is "/build/dpkg-1.18.0". If +the list contains "/", the path will always be recorded. If the list is +empty, the current path will never be recorded. + =back =cut @@ -160,6 +170,8 @@ sub run_hook { my ($textref, $ch_info) = @params; } elsif ($hook eq 'update-buildflags') { my $flags = shift @params; + } elsif ($hook eq 'builtin-system-build-paths') { + return (); } # Default return value for unknown/unimplemented hooks diff --git a/scripts/Makefile.am b/scripts/Makefile.am index dba3d7777..417e3b3e4 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -8,6 +8,7 @@ bin_SCRIPTS = \ dpkg-buildpackage \ dpkg-checkbuilddeps \ dpkg-distaddfile \ + dpkg-genbuildinfo \ dpkg-genchanges \ dpkg-gencontrol \ dpkg-gensymbols \ @@ -27,6 +28,7 @@ EXTRA_DIST = \ dpkg-buildpackage.pl \ dpkg-checkbuilddeps.pl \ dpkg-distaddfile.pl \ + dpkg-genbuildinfo.pl \ dpkg-genchanges.pl \ dpkg-gencontrol.pl \ dpkg-gensymbols.pl \ diff --git a/scripts/Test/Dpkg.pm b/scripts/Test/Dpkg.pm index e0395dec6..5dc8732c0 100644 --- a/scripts/Test/Dpkg.pm +++ b/scripts/Test/Dpkg.pm @@ -111,6 +111,7 @@ sub test_neutralize_checksums open my $fh, '<', $filename or die; while (<$fh>) { s/^ ([0-9a-f]{32,}) [1-9][0-9]* /q{ } . $1 =~ tr{0-9a-f}{0}r . q{ 0 }/e; + s/^( 0{32,} 0(?: [\w]* [\w]*)? [^_]*_[^_]*)_[^.]*\.(buildinfo)$/$1_20160101T123000z-00000000.$2/; print { $fhnew } $_; } close $fh or die; diff --git a/scripts/dpkg-buildpackage.pl b/scripts/dpkg-buildpackage.pl index 52aec0495..2a1b78266 100755 --- a/scripts/dpkg-buildpackage.pl +++ b/scripts/dpkg-buildpackage.pl @@ -38,6 +38,7 @@ use Dpkg::BuildProfiles qw(set_build_profiles); use Dpkg::Conf; use Dpkg::Compression; use Dpkg::Checksums; +use Dpkg::Package; use Dpkg::Version; use Dpkg::Control; use Dpkg::Control::Info; @@ -92,8 +93,11 @@ sub usage { command to check the .changes file (no default). --check-option=<opt> pass <opt> to check <command>. --hook-<name>=<command> set <command> as the hook <name>, known hooks: - init preclean source build binary changes - postclean check sign done + init preclean source build binary buildinfo + changes postclean check sign done + --buildinfo-id=<id> set the <id> part of the .buildinfo filename. + --buildinfo-option=<opt> + pass option <opt> to dpkg-genbuildinfo. -p, --sign-command=<command> command to sign .dsc and/or .changes files (default is gpg2 or gpg). @@ -168,9 +172,11 @@ my $since; my $maint; my $changedby; my $desc; +my $buildinfo_id; +my @buildinfo_opts; my @changes_opts; my @hook_names = qw( - init preclean source build binary changes postclean check sign done + init preclean source build binary buildinfo changes postclean check sign done ); my %hook; $hook{$_} = undef foreach @hook_names; @@ -205,6 +211,8 @@ while (@ARGV) { $admindir = $1; } elsif (/^--source-option=(.*)$/) { push @source_opts, $1; + } elsif (/^--buildinfo-option=(.*)$/) { + push @buildinfo_opts, $1; } elsif (/^--changes-option=(.*)$/) { push @changes_opts, $1; } elsif (/^(?:-j|--jobs=)(\d*|auto)$/) { @@ -227,6 +235,8 @@ while (@ARGV) { usageerr(g_('missing hook %s command'), $hook_name) if not defined $hook_cmd; $hook{$hook_name} = $hook_cmd; + } elsif (/^--buildinfo-id=(.*)$/) { + $buildinfo_id = $1; } elsif (/^(?:-p|--sign-command=)(.*)$/) { $signcommand = $1; } elsif (/^(?:-k|--sign-key=)(.*)$/) { @@ -389,6 +399,14 @@ if (defined $parallel) { $build_opts->export(); } +if (defined $buildinfo_id) { + # The .buildinfo identifiers have the same restrictions as package names. + my $err = pkg_name_is_illegal($buildinfo_id); + if ($err) { + error(g_("illegal .buildinfo ID '%s': %s"), $buildinfo_id, $err); + } +} + set_build_profiles(@build_profiles) if @build_profiles; my $cwd = cwd(); @@ -530,15 +548,24 @@ run_hook('build', build_has_any(BUILD_BINARY)); # This is a temporary measure to not break too many packages on a flag day. build_target_fallback(); +my $build_types = get_build_options_from_type(); + if (build_has_any(BUILD_BINARY)) { withecho(@debian_rules, $buildtarget); run_hook('binary', 1); withecho(@rootcommand, @debian_rules, $binarytarget); } +run_hook('buildinfo', 1); + +push @buildinfo_opts, "--build=$build_types" if build_has_none(BUILD_DEFAULT); +push @buildinfo_opts, "--buildinfo-id=$buildinfo_id" if $buildinfo_id; +push @buildinfo_opts, "--admindir=$admindir" if $admindir; + +withecho('dpkg-genbuildinfo', @buildinfo_opts); + run_hook('changes', 1); -my $build_types = get_build_options_from_type(); push @changes_opts, "--build=$build_types" if build_has_none(BUILD_DEFAULT); push @changes_opts, "-m$maint" if defined $maint; push @changes_opts, "-e$changedby" if defined $changedby; diff --git a/scripts/dpkg-genbuildinfo.pl b/scripts/dpkg-genbuildinfo.pl new file mode 100755 index 000000000..cbb052327 --- /dev/null +++ b/scripts/dpkg-genbuildinfo.pl @@ -0,0 +1,491 @@ +#!/usr/bin/perl +# +# dpkg-genbuildinfo +# +# Copyright © 1996 Ian Jackson +# Copyright © 2000,2001 Wichert Akkerman +# Copyright © 2003-2013 Yann Dirson <dirson@debian.org> +# Copyright © 2006-2016 Guillem Jover <guillem@debian.org> +# Copyright © 2014 Niko Tyni <ntyni@debian.org> +# Copyright © 2014-2015 Jérémy Bobbio <lunar@debian.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +use strict; +use warnings; + +use Cwd; +use File::Basename; +use POSIX qw(:fcntl_h strftime); + +use Dpkg (); +use Dpkg::Gettext; +use Dpkg::Checksums; +use Dpkg::ErrorHandling; +use Dpkg::Arch qw(get_build_arch); +use Dpkg::Build::Types; +use Dpkg::BuildFlags; +use Dpkg::BuildProfiles qw(get_build_profiles); +use Dpkg::Control::Info; +use Dpkg::Control::Fields; +use Dpkg::Control; +use Dpkg::Changelog::Parse; +use Dpkg::Deps; +use Dpkg::Dist::Files; +use Dpkg::Util qw(:list); +use Dpkg::File; +use Dpkg::Version; +use Dpkg::Vendor qw(get_current_vendor run_vendor_hook); + +textdomain('dpkg-dev'); + +my $controlfile = 'debian/control'; +my $changelogfile = 'debian/changelog'; +my $changelogformat; +my $fileslistfile = 'debian/files'; +my $uploadfilesdir = '..'; +my $outputfile; +my $stdout = 0; +my $admindir = $Dpkg::ADMINDIR; +my $always_include_path = 0; +my @build_profiles = get_build_profiles(); +my $buildinfo_format = '0.1'; +my $buildinfo_id; +my $buildinfo; + +my $checksums = Dpkg::Checksums->new(); +my %archadded; +my @archvalues; + +# There is almost the same function in dpkg-checkbuilddeps, they probably +# should be factored out. +sub parse_status { + my $status = shift; + + my $facts = Dpkg::Deps::KnownFacts->new(); + my %depends; + my @essential_pkgs; + + local $/ = ''; + open my $status_fh, '<', $status or syserr(g_('cannot open %s'), $status); + while (<$status_fh>) { + next unless /^Status: .*ok installed$/m; + + my ($package) = /^Package: (.*)$/m; + my ($version) = /^Version: (.*)$/m; + my ($arch) = /^Architecture: (.*)$/m; + my ($multiarch) = /^Multi-Arch: (.*)$/m; + + $facts->add_installed_package($package, $version, $arch, $multiarch); + + if (/^Essential: yes$/m) { + push @essential_pkgs, $package; + } + + if (/^Provides: (.*)$/m) { + my $provides = deps_parse($1, reduce_arch => 1, union => 1); + + next if not defined $provides; + + deps_iterate($provides, sub { + my $dep = shift; + $facts->add_provided_package($dep->{package}, $dep->{relation}, + $dep->{version}, $package); + }); + } + + if (/^(?:Pre-)?Depends: (.*)$/m) { + foreach (split /,\s*/, $1) { + push @{$depends{"$package:$arch"}}, $_; + } + } + } + close $status_fh; + + return ($facts, \%depends, \@essential_pkgs); +} + +sub append_deps { + my $pkgs = shift; + + foreach my $dep_str (@_) { + next unless $dep_str; + + my $deps = deps_parse($dep_str, reduce_restrictions => 1, + build_dep => 1, + build_profiles => \@build_profiles); + + # We add every sub-dependencies as we cannot know which package in + # an OR dependency has been effectively used. + deps_iterate($deps, sub { + push @{$pkgs}, + $_[0]->{package} . (defined $_[0]->{archqual} ? ':' . $_[0]->{archqual} : ''); + 1 + }); + } +} + +sub collect_installed_builddeps { + my $control = shift; + + my ($facts, $depends, $essential_pkgs) = parse_status("$admindir/status"); + my %seen_pkgs; + my @unprocessed_pkgs; + + # Parse essential packages list. + append_deps(\@unprocessed_pkgs, + @{$essential_pkgs}, + run_vendor_hook('builtin-build-depends'), + $control->get_source->{'Build-Depends'}); + + if (build_has_any(BUILD_ARCH_DEP)) { + append_deps(\@unprocessed_pkgs, + $control->get_source->{'Build-Depends-Arch'}); + } + + if (build_has_any(BUILD_ARCH_INDEP)) { + append_deps(\@unprocessed_pkgs, + $control->get_source->{'Build-Depends-Indep'}); + } + + my $installed_deps = Dpkg::Deps::AND->new(); + + while (my $pkg_name = shift @unprocessed_pkgs) { + next if $seen_pkgs{$pkg_name}; + $seen_pkgs{$pkg_name} = 1; + + my $required_architecture; + if ($pkg_name =~ /\A(.*):(.*)\z/) { + $pkg_name = $1; + my $arch = $2; + $required_architecture = $arch if $arch !~ /\A(?:all|any|native)\Z/ + } + my $pkg; + my $qualified_pkg_name; + foreach my $installed_pkg (@{$facts->{pkg}->{$pkg_name}}) { + if (!defined $required_architecture || + $required_architecture eq $installed_pkg->{architecture}) { + $pkg = $installed_pkg; + $qualified_pkg_name = $pkg_name . ':' . $installed_pkg->{architecture}; + last; + } + } + if (defined $pkg) { + my $version = $pkg->{version}; + my $architecture = $pkg->{architecture}; + my $new_deps_str = defined $depends->{$qualified_pkg_name} ? deps_concat(@{$depends->{$qualified_pkg_name}}) : ''; + my $new_deps = deps_parse($new_deps_str); + if (!defined $required_architecture) { + $installed_deps->add(Dpkg::Deps::Simple->new("$pkg_name (= $version)")); + } else { + $installed_deps->add(Dpkg::Deps::Simple->new("$qualified_pkg_name (= $version)")); + + # Dependencies of foreign packages are also foreign packages + # (or Arch:all) so we need to qualify them as well. We figure + # out if the package is actually foreign by searching for an + # installed package of the right architecture. + deps_iterate($new_deps, sub { + my $dep = shift; + $dep->{archqual} //= $architecture + if any { $_[0]->{architecture} eq $architecture }, @{$facts->{pkg}->{$dep->{package}}}; + 1; + }); + } + + # We add every sub-dependencies as we cannot know which package + # in an OR dependency has been effectively used. + deps_iterate($new_deps, sub { + push @unprocessed_pkgs, + $_[0]->{package} . (defined $_[0]->{archqual} ? ':' . $_[0]->{archqual} : ''); + 1 + }); + } elsif (defined $facts->{virtualpkg}->{$pkg_name}) { + # virtual package: we cannot know for sure which implementation + # is the one that has been used, so let's add them all... + foreach my $provided (@{$facts->{virtualpkg}->{$pkg_name}}) { + my ($provided_by, $provided_rel, $provided_ver) = @{$provided}; + push @unprocessed_pkgs, $provided_by; + } + } + # else: it is a package in an OR dependency that has been otherwise + # satisfied. + } + $installed_deps->simplify_deps(Dpkg::Deps::KnownFacts->new()); + $installed_deps->sort(); + $installed_deps = "\n" . $installed_deps->output(); + $installed_deps =~ s/, /,\n/g; + + return $installed_deps; +} + +my @env_whitelist = ( + # Toolchain. + qw(CC CPP CXX OBJC OBJCXX PC FC M2C AS LD AR RANLIB MAKE AWK LEX YACC), + # Toolchain flags. + qw(CFLAGS CPPFLAGS CXXFLAGS OBJCFLAGS OBJCXXFLAGS GCJFLAGS FFLAGS + LDFLAGS ARFLAGS MAKEFLAGS), + # Dynamic linker, see ld(1). + qw(LD_LIBRARY_PATH), + # Locale, see locale(1). + qw(LANG LC_ALL LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY + LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT + LC_IDENTIFICATION), + # Build flags, see dpkg-buildpackage(1). + qw(DEB_BUILD_OPTIONS DEB_BUILD_PROFILES), + # DEB_flag_{SET,STRIP,APPEND,PREPEND} will be recorded after being merged + # with system config and user config. + qw(DEB_VENDOR), # See deb-vendor(1). + qw(DPKG_ORIGINS_DIR), # See Dpkg::Vendor(3). + # See <https://reproducible-builds.org/specs/source-date-epoch>. + qw(SOURCE_DATE_EPOCH), +); + +sub cleansed_environment { + # Consider only whitelisted variables which are not supposed to leak + # local user information. + my %env = map { $_ => $ENV{$_} } grep { exists $ENV{$_} } @env_whitelist; + + # Record flags from dpkg-buildflags. + my $bf = Dpkg::BuildFlags->new(); + $bf->load_system_config(); + $bf->load_user_config(); + $bf->load_environment_config(); + foreach my $flag ($bf->list()) { + next if $bf->get_origin($flag) eq 'vendor'; + + # We do not need to record *_{STRIP,APPEND,PREPEND} as they + # have been used already to compute the above value. + $env{"DEB_${flag}_SET"} = $bf->get($flag); + } + + return join "\n", map { $_ . '="' . ($env{$_} =~ s/"/\\"/gr) . '"' } + sort keys %env; +} + +sub version { + printf g_("Debian %s version %s.\n"), $Dpkg::PROGNAME, $Dpkg::PROGVERSION; + + printf g_(' +This is free software; see the GNU General Public License version 2 or +later for copying conditions. There is NO warranty. +'); +} + +sub usage { + printf g_( +'Usage: %s [<option>...]') + . "\n\n" . g_( +"Options: + --build=<type>[,...] specify the build <type>: full, source, binary, + any, all (default is \'full\'). + -c<control-file> get control info from this file. + -l<changelog-file> get per-version info from this file. + -f<files-list-file> get .deb files list from this file. + -F<changelog-format> force changelog format. + -O[<buildinfo-file>] write to stdout (or <buildinfo-file>). + -u<upload-files-dir> directory with files (default is '..'). + --buildinfo-id=<id> specify the buildinfo id for the output file. + --always-include-path always include Build-Path. + --admindir=<directory> change the administrative directory. + -?, --help show this help message. + --version show the version. +"), $Dpkg::PROGNAME; +} + +while (@ARGV) { + $_ = shift @ARGV ; + if (m/^--build=(.*)$/) { + set_build_type_from_options($1, $_); + } elsif (m/^-c(.*)$/) { + $controlfile = $1; + } elsif (m/^-l(.*)$/) { + $changelogfile = $1; + } elsif (m/^-f(.*)$/) { + $fileslistfile = $1; + } elsif (m/^-F([0-9a-z]+)$/) { + $changelogformat = $1; + } elsif (m/^-u(.*)$/) { + $uploadfilesdir = $1; + } elsif (m/^-O$/) { + $stdout = 1; + } elsif (m/^-O(.*)$/) { + $outputfile = $1; + } elsif (m/^--buildinfo-id=(.*)$/) { + $buildinfo_id = $1; + } elsif (m/^--always-include-path$/) { + $always_include_path = 1; + } elsif (m/^--admindir=(.*)$/) { + $admindir = $1; + } elsif (m/^-(?:\?|-help)$/) { + usage(); + exit(0); + } elsif (m/^--version$/) { + version(); + exit(0); + } else { + usageerr(g_("unknown option '%s'"), $_); + } +} + +my $control = Dpkg::Control::Info->new($controlfile); +my $fields = Dpkg::Control->new(type => CTRL_FILE_BUILDINFO); +my $dist = Dpkg::Dist::Files->new(); + +# Retrieve info from the current changelog entry. +my %options = (file => $changelogfile); +$options{changelogformat} = $changelogformat if $changelogformat; +my $changelog = changelog_parse(%options); + +# Retrieve info from the former changelog entry to handle binNMUs. +$options{count} = 1; +$options{offset} = 1; +my $prev_changelog = changelog_parse(%options); + +my $sourceversion = $changelog->{'Binary-Only'} ? + $prev_changelog->{'Version'} : $changelog->{'Version'}; +my $binaryversion = $changelog->{'Version'}; + +# Include .dsc if available. +my $spackage = $changelog->{'Source'}; +(my $sversion = $sourceversion) =~ s/^\d+://; + +if (build_has_any(BUILD_SOURCE)) { + my $dsc = "${spackage}_${sversion}.dsc"; + my $dsc_pathname = "$uploadfilesdir/$dsc"; + + if (-e $dsc_pathname) { + $checksums->add_from_file($dsc_pathname, key => $dsc); + push @archvalues, 'source'; + } else { + warning(g_('no .dsc file found: the resulting .buildinfo will not be ' . + 'usable to verify the provenance of the binaries.')); + } +} + +my $dist_count = 0; + +$dist_count = $dist->load($fileslistfile) if -e $fileslistfile; + +warning(g_('binary build with no binary artifacts found; .buildinfo will be meaningless')) + if $dist_count == 0; + +foreach my $file ($dist->get_files()) { + my $path = "$uploadfilesdir/$file->{filename}"; + $checksums->add_from_file($path, key => $file->{filename}); + + if (defined $file->{package_type} and $file->{package_type} =~ m/^u?deb$/) { + push @archvalues, $file->{arch} + if defined $file->{arch} and not $archadded{$file->{arch}}++; + } +} + +$fields->{'Format'} = $buildinfo_format; +$fields->{'Source'} = $spackage; +$fields->{'Binary'} = join(' ', map { $_->{'Package'} } $control->get_packages()); +# Avoid overly long line by splitting over multiple lines. +if (length($fields->{'Binary'}) > 980) { + $fields->{'Binary'} =~ s/(.{0,980}) /$1\n/g; +} + +$fields->{'Architecture'} = join ' ', sort @archvalues; +$fields->{'Version'} = $binaryversion; + +if ($changelog->{'Binary-Only'}) { + $fields->{'Source'} .= ' (' . $sourceversion . ')'; + $fields->{'Binary-Only-Changes'} = + $changelog->{'Changes'} . "\n\n" + . ' -- ' . $changelog->{'Maintainer'} + . ' ' . $changelog->{'Date'}; +} + +$fields->{'Build-Origin'} = get_current_vendor(); + +$fields->{'Build-Architecture'} = get_build_arch(); + +my $cwd = cwd(); +if ($always_include_path) { + $fields->{'Build-Path'} = $cwd; +} else { + # Only include the build path if its root path is considered acceptable + # by the vendor. + foreach my $root_path (run_vendor_hook('builtin-system-build-paths')) { + if (index($cwd, $root_path) == 0) { + $fields->{'Build-Path'} = $cwd; + last; + } + } +} + +$checksums->export_to_control($fields); + +$fields->{'Installed-Build-Depends'} = collect_installed_builddeps($control); + +$fields->{'Environment'} = "\n" . cleansed_environment(); + +# Generate the buildinfo filename. +if ($stdout) { + # Nothing to do. +} elsif (defined $outputfile) { + $buildinfo = basename($outputfile); +} else { + if (not defined $buildinfo_id) { + require Digest::MD5; + + my $buildinfo_contents = $fields->output(); + + my $timestamp = strftime('%Y%m%dT%H%M%Sz', gmtime); + my $buildinfo_md5 = Digest::MD5::md5_hex($buildinfo_contents); + $buildinfo_id = "$timestamp-" . substr($buildinfo_md5, 0, 8); + } + + $buildinfo = "${spackage}_${sversion}_${buildinfo_id}.buildinfo"; + $outputfile = "$uploadfilesdir/$buildinfo"; +} + +# Write out the generated .buildinfo file. + +if ($stdout) { + $fields->output(\*STDOUT); +} else { + my $section = $control->get_source->{'Section'} || '-'; + my $priority = $control->get_source->{'Priority'} || '-'; + + # Obtain a lock on debian/control to avoid simultaneous updates + # of debian/files when parallel building is in use + my $lockfh; + my $lockfile = 'debian/control'; + $lockfile = $controlfile if not -e $lockfile; + + sysopen $lockfh, $lockfile, O_WRONLY + or syserr(g_('cannot write %s'), $lockfile); + file_lock($lockfh, $lockfile); + + $dist = Dpkg::Dist::Files->new(); + $dist->load($fileslistfile) if -e $fileslistfile; + $dist->add_file($buildinfo, $section, $priority); + $dist->save("$fileslistfile.new"); + + rename "$fileslistfile.new", $fileslistfile + or syserr(g_('install new files list file')); + + # Release the lock + close $lockfh or syserr(g_('cannot close %s'), $lockfile); + + $fields->save("$outputfile.new"); + + rename "$outputfile.new", $outputfile + or syserr(g_("cannot install output buildinfo file '%s'"), $outputfile); +} + +1; diff --git a/scripts/po/POTFILES.in b/scripts/po/POTFILES.in index ab99f47e9..2ba1705d7 100644 --- a/scripts/po/POTFILES.in +++ b/scripts/po/POTFILES.in @@ -5,6 +5,7 @@ scripts/dpkg-buildflags.pl scripts/dpkg-buildpackage.pl scripts/dpkg-checkbuilddeps.pl scripts/dpkg-distaddfile.pl +scripts/dpkg-genbuildinfo.pl scripts/dpkg-genchanges.pl scripts/dpkg-gencontrol.pl scripts/dpkg-gensymbols.pl diff --git a/scripts/t/dpkg_buildpackage/test-source_0_all.changes b/scripts/t/dpkg_buildpackage/test-source_0_all.changes index 7e57baf8b..9c4bdb4b0 100644 --- a/scripts/t/dpkg_buildpackage/test-source_0_all.changes +++ b/scripts/t/dpkg_buildpackage/test-source_0_all.changes @@ -18,7 +18,10 @@ Changes: * Entry. Closes: #12345 Checksums-Sha1: 0000000000000000000000000000000000000000 0 test-binary-all_0_all.deb + 0000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Checksums-Sha256: 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-all_0_all.deb + 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Files: 00000000000000000000000000000000 0 test optional test-binary-all_0_all.deb + 00000000000000000000000000000000 0 test optional test-source_0_20160101T123000z-00000000.buildinfo diff --git a/scripts/t/dpkg_buildpackage/test-source_0_any.changes b/scripts/t/dpkg_buildpackage/test-source_0_any.changes index 4ccaf69bf..6b2c29715 100644 --- a/scripts/t/dpkg_buildpackage/test-source_0_any.changes +++ b/scripts/t/dpkg_buildpackage/test-source_0_any.changes @@ -18,7 +18,10 @@ Changes: * Entry. Closes: #12345 Checksums-Sha1: 0000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Checksums-Sha256: 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Files: 00000000000000000000000000000000 0 test optional test-binary-any_0_amd64.deb + 00000000000000000000000000000000 0 test optional test-source_0_20160101T123000z-00000000.buildinfo diff --git a/scripts/t/dpkg_buildpackage/test-source_0_binary.changes b/scripts/t/dpkg_buildpackage/test-source_0_binary.changes index 15d23784c..cd57b7f94 100644 --- a/scripts/t/dpkg_buildpackage/test-source_0_binary.changes +++ b/scripts/t/dpkg_buildpackage/test-source_0_binary.changes @@ -19,9 +19,12 @@ Changes: Checksums-Sha1: 0000000000000000000000000000000000000000 0 test-binary-all_0_all.deb 0000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Checksums-Sha256: 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-all_0_all.deb 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Files: 00000000000000000000000000000000 0 test optional test-binary-all_0_all.deb 00000000000000000000000000000000 0 test optional test-binary-any_0_amd64.deb + 00000000000000000000000000000000 0 test optional test-source_0_20160101T123000z-00000000.buildinfo diff --git a/scripts/t/dpkg_buildpackage/test-source_0_full.changes b/scripts/t/dpkg_buildpackage/test-source_0_full.changes index 77cb41244..6eec5523a 100644 --- a/scripts/t/dpkg_buildpackage/test-source_0_full.changes +++ b/scripts/t/dpkg_buildpackage/test-source_0_full.changes @@ -21,13 +21,16 @@ Checksums-Sha1: 0000000000000000000000000000000000000000 0 test-source_0.tar.xz 0000000000000000000000000000000000000000 0 test-binary-all_0_all.deb 0000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Checksums-Sha256: 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0.dsc 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0.tar.xz 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-all_0_all.deb 0000000000000000000000000000000000000000000000000000000000000000 0 test-binary-any_0_amd64.deb + 0000000000000000000000000000000000000000000000000000000000000000 0 test-source_0_20160101T123000z-00000000.buildinfo Files: 00000000000000000000000000000000 0 test optional test-source_0.dsc 00000000000000000000000000000000 0 test optional test-source_0.tar.xz 00000000000000000000000000000000 0 test optional test-binary-all_0_all.deb 00000000000000000000000000000000 0 test optional test-binary-any_0_amd64.deb + 00000000000000000000000000000000 0 test optional test-source_0_20160101T123000z-00000000.buildinfo |