[tor-commits] [tor-browser-bundle/hardened-builds] Bug 20147: (re-)dzip.sh: various improvements
gk at torproject.org
gk at torproject.org
Fri Dec 9 08:25:19 UTC 2016
commit 3efcbb345fb2cb701226d3c9c659457e7b6ef7bc
Author: Rusty Bird <rustybird at openmailbox.org>
Date: Thu Dec 8 17:18:12 2016 +0000
Bug 20147: (re-)dzip.sh: various improvements
- Don't ignore errors (except unzip exit status 1 or 2)
- Quote $@ and $1
- Work with absolute filenames and filenames starting with a dash
- Pass many files per chmod invocation (much faster)
- Pass $UNZIPOPTS, like $ZIPOPTS
- Reuse dzip.sh in re-dzip.sh
The (re)generated zip files are identical.
---
gitian/build-helpers/dzip.sh | 17 ++++++++---------
gitian/build-helpers/re-dzip.sh | 23 ++++++++++-------------
2 files changed, 18 insertions(+), 22 deletions(-)
diff --git a/gitian/build-helpers/dzip.sh b/gitian/build-helpers/dzip.sh
index 5772c8b..64fcdca 100755
--- a/gitian/build-helpers/dzip.sh
+++ b/gitian/build-helpers/dzip.sh
@@ -1,14 +1,13 @@
-#!/bin/sh
+#!/bin/sh -e
# Crappy deterministic zip wrapper
export LC_ALL=C
-ZIPFILE=$1
+ZIPFILE=${1:?}
shift
-[ -n "$REFERENCE_DATETIME" ] && \
- find $@ -exec touch --date="$REFERENCE_DATETIME" {} \;
-
-find $@ -executable -exec chmod 700 {} \;
-find $@ ! -executable -exec chmod 600 {} \;
-
-find $@ | sort | zip $ZIPOPTS -X -@ "$ZIPFILE"
+if [ -n "$REFERENCE_DATETIME" ]; then
+ find "$@" -exec touch --date="$REFERENCE_DATETIME" -- {} +
+fi
+find "$@" -executable -exec chmod 700 {} +
+find "$@" ! -executable -exec chmod 600 {} +
+find "$@" | sort | zip $ZIPOPTS -X -@ "$ZIPFILE"
diff --git a/gitian/build-helpers/re-dzip.sh b/gitian/build-helpers/re-dzip.sh
index 27828e9..8e8abbf 100755
--- a/gitian/build-helpers/re-dzip.sh
+++ b/gitian/build-helpers/re-dzip.sh
@@ -1,17 +1,14 @@
-#!/bin/sh
+#!/bin/sh -e
# Crappy deterministic zip repackager
export LC_ALL=C
-ZIPFILE=`basename $1`
+ZIPFILE_BASENAME=$(basename -- "${1:?}")
+TEMPDIR=tmp-re-dzip-$$
+RE_DZIP=$(readlink -f -- "$(which -- "$0")")
+PATH=$PATH:$(dirname "$RE_DZIP")
-mkdir tmp_dzip
-cd tmp_dzip
-unzip ../$1
-[ -n "$REFERENCE_DATETIME" ] && \
- find . -exec touch --date="$REFERENCE_DATETIME" {} \;
-find . -executable -exec chmod 700 {} \;
-find . ! -executable -exec chmod 600 {} \;
-find . | sort | zip $ZIPOPTS -X -@ $ZIPFILE
-mv $ZIPFILE ../$1
-cd ..
-rm -rf tmp_dzip
+mkdir "$TEMPDIR"
+unzip $UNZIPOPTS -d "$TEMPDIR" -- "$1" || [ $? -lt 3 ]
+(cd "$TEMPDIR"; dzip.sh ./"$ZIPFILE_BASENAME" .)
+mv -- "$TEMPDIR"/"$ZIPFILE_BASENAME" "$1"
+rm -rf "$TEMPDIR"
More information about the tor-commits
mailing list