[Reproducible-commits] [strip-nondeterminism] 01/01: jar: ignore signed JAR files

[Andrew Ayer]

This is an automated email from the git hooks/post-receive script.

agwa-guest pushed a commit to branch master
in repository strip-nondeterminism.

commit 37eed7897dd10de1545084c954f15bb2fbe6b863
Author: Andrew Ayer <agwa at andrewayer.name>
Date:   Wed Jan 27 11:56:28 2016 -0800

    jar: ignore signed JAR files
    
    We can't normalize them since our modifications would break the signature.
    Instead, print a warning and ignore.
    
    Closes: #807876, #807669
---
 lib/File/StripNondeterminism/handlers/jar.pm | 20 ++++++++++++++++++++
 lib/File/StripNondeterminism/handlers/zip.pm |  3 +++
 2 files changed, 23 insertions(+)

diff --git a/lib/File/StripNondeterminism/handlers/jar.pm b/lib/File/StripNondeterminism/handlers/jar.pm
index b3c3461..b3afcb8 100644
--- a/lib/File/StripNondeterminism/handlers/jar.pm
+++ b/lib/File/StripNondeterminism/handlers/jar.pm
@@ -86,9 +86,29 @@ sub _jar_normalize_member {
 	}
 }
 
+sub _jar_archive_filter {
+	my ($zip) = @_;
+
+	# Don't normalize signed JARs, since our modifications will break the signature.
+	# Alternatively, we could strip the signature.  However, if a JAR file is signed,
+	# it is highly likely that the JAR file was part of the source and not produced
+	# as part of the build, and therefore contains no non-determinism.  Thus, ignoring
+	# the file makes more sense.
+	#
+	# According to the jarsigner(1) man page, a signed JAR has a .SF file in the
+	# META-INF directory.
+	if (scalar($zip->membersMatching('^META-INF/.*\.SF$')) > 0) {
+		warn "strip-nondeterminism: " . $zip->fileName() . ": ignoring signed JAR file\n";
+		return 0;
+	}
+
+	return 1;
+}
+
 sub normalize {
 	my ($jar_filename) = @_;
 	return File::StripNondeterminism::handlers::zip::normalize($jar_filename,
+							archive_filter => \&_jar_archive_filter,
 							filename_cmp => \&_jar_filename_cmp,
 							member_normalizer => \&_jar_normalize_member);
 }
diff --git a/lib/File/StripNondeterminism/handlers/zip.pm b/lib/File/StripNondeterminism/handlers/zip.pm
index a4ce2e1..3d36934 100644
--- a/lib/File/StripNondeterminism/handlers/zip.pm
+++ b/lib/File/StripNondeterminism/handlers/zip.pm
@@ -144,6 +144,9 @@ sub normalize {
 			die "Reading ZIP archive failed: " . join("\n", @errors);
 		}
 	}
+	if (exists($options{archive_filter}) && not($options{archive_filter}->($zip))) {
+		return 0;
+	}
 	my @filenames = sort $filename_cmp $zip->memberNames();
 	for my $filename (@filenames) {
 		my $member = $zip->removeMember($filename);

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/strip-nondeterminism.git