A new build will be uploaded to Debian shortly; I can carry the patch
in the packaging, but It should be considered upstream.
---------- Forwarded message ---------
From: Chris Lamb <la...@debian.org>
Date: Mon, 21 Apr 2025 at 18:57
Subject: Bug#1103800: openvpn3-client: please make the build reproducible
To: <sub...@bugs.debian.org>
Source: openvpn3-client
Version: 24+dfsg-1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps buildpath
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Hi,
Whilst working on the Reproducible Builds effort [0], we noticed that
openvpn3-client could not be built reproducibly.
This is because it embedded both the build path and the current date.
Here's the date bit:
├── ./usr/share/bash-completion/completions/openvpn2
│ @@ -1,12 +1,12 @@
│ #
│ -# Copyright (C) 2017 - 2025 OpenVPN Inc <sa...@openvpn.net>
│ +# Copyright (C) 2017 - 2026 OpenVPN Inc <sa...@openvpn.net>
The absolute build path was embedded via a utility that was called via
its full path by meson, which then emitted its own path via printing
argv[0] ... which was saved to a file that was shipped in the .deb.
Patch attached that fixes both issues.
[0] https://reproducible-builds.org/
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
--
g. Marc
GPG: 827C FD74 BA46 8152 A041 F3A0 7A6A 4F17 5995 A65B
--- a/debian/patches/0003_reproducible-build.patch 1969-12-31
16:00:00.000000000 -0800
--- b/debian/patches/0003_reproducible-build.patch 2025-04-21
09:36:45.981672305 -0700
@@ -0,0 +1,55 @@
+Description: Make the build reproducible
+Author: Chris Lamb <la...@debian.org>
+Last-Update: 2025-04-21
+
+--- openvpn3-client-24+dfsg.orig/src/python/openvpn3/gen-python-constants.cpp
++++ openvpn3-client-24+dfsg/src/python/openvpn3/gen-python-constants.cpp
+@@ -29,6 +29,8 @@
+ #include "netcfg/netcfg-changetype.hpp"
+ #include "sessionmgr/sessionmgr-events.hpp"
+
++#include <openvpn/common/path.hpp>
++
+
+ enum class FlagType
+ {
+@@ -117,7 +119,7 @@ int main(int argc, char **argv)
+ {
+
+ std::cout << "#" << std::endl
+- << "# Generated by " << argv[0] << std::endl
++ << "# Generated by " << openvpn::path::basename(argv[0]) <<
std::endl
+ << "# as part of the project build." << std::endl
+ << "#" << std::endl
+ << "# This file is part of openvpn3-linux, licensed" <<
std::endl
+---
openvpn3-client-24+dfsg.orig/src/shell/bash-completion/gen-openvpn2-completion.py
++++
openvpn3-client-24+dfsg/src/shell/bash-completion/gen-openvpn2-completion.py
+@@ -17,9 +17,12 @@
+ import importlib
+ import sys
+ import argparse
+-from datetime import date
++import os
++import time
++import datetime
+ from jinja2 import Template
+
++
+ completion_template = """# OpenVPN 3 Linux client -- Next generation OpenVPN
client
+ #
+ # SPDX-License-Identifier: AGPL-3.0-only
+@@ -122,8 +125,13 @@ if __name__ == '__main__':
+ else:
+ valid_args[opt] = '%s' % values[0]
+
++ build_date = datetime.datetime.fromtimestamp(
++ int(os.environ.get('SOURCE_DATE_EPOCH', time.time())),
++ tz=datetime.timezone.utc,
++ )
++
+ ctpl = Template(completion_template)
+ script = ctpl.render(valid_args=valid_args, option_list=option_list,
+- year=date.today().year)
++ year=build_date.year)
+
+ print(script)
--- a/debian/patches/series 2025-04-21 09:00:49.148735599 -0700
--- b/debian/patches/series 2025-04-21 09:24:09.687941086 -0700
@@ -1,2 +1,3 @@
0001_import-unicode-impl-from-llvm.patch
0002_fix-openvpn-to-_openvpn.patch
+0003_reproducible-build.patch
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
