A new build will be uploaded to Debian shortly; I can carry the patch in the packaging, but It should be considered upstream.
---------- Forwarded message --------- From: Chris Lamb <la...@debian.org> Date: Mon, 21 Apr 2025 at 18:57 Subject: Bug#1103800: openvpn3-client: please make the build reproducible To: <sub...@bugs.debian.org> Source: openvpn3-client Version: 24+dfsg-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: timestamps buildpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0], we noticed that openvpn3-client could not be built reproducibly. This is because it embedded both the build path and the current date. Here's the date bit: ├── ./usr/share/bash-completion/completions/openvpn2 │ @@ -1,12 +1,12 @@ │ # │ -# Copyright (C) 2017 - 2025 OpenVPN Inc <sa...@openvpn.net> │ +# Copyright (C) 2017 - 2026 OpenVPN Inc <sa...@openvpn.net> The absolute build path was embedded via a utility that was called via its full path by meson, which then emitted its own path via printing argv[0] ... which was saved to a file that was shipped in the .deb. Patch attached that fixes both issues. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -- g. Marc GPG: 827C FD74 BA46 8152 A041 F3A0 7A6A 4F17 5995 A65B
--- a/debian/patches/0003_reproducible-build.patch 1969-12-31 16:00:00.000000000 -0800 --- b/debian/patches/0003_reproducible-build.patch 2025-04-21 09:36:45.981672305 -0700 @@ -0,0 +1,55 @@ +Description: Make the build reproducible +Author: Chris Lamb <la...@debian.org> +Last-Update: 2025-04-21 + +--- openvpn3-client-24+dfsg.orig/src/python/openvpn3/gen-python-constants.cpp ++++ openvpn3-client-24+dfsg/src/python/openvpn3/gen-python-constants.cpp +@@ -29,6 +29,8 @@ + #include "netcfg/netcfg-changetype.hpp" + #include "sessionmgr/sessionmgr-events.hpp" + ++#include <openvpn/common/path.hpp> ++ + + enum class FlagType + { +@@ -117,7 +119,7 @@ int main(int argc, char **argv) + { + + std::cout << "#" << std::endl +- << "# Generated by " << argv[0] << std::endl ++ << "# Generated by " << openvpn::path::basename(argv[0]) << std::endl + << "# as part of the project build." << std::endl + << "#" << std::endl + << "# This file is part of openvpn3-linux, licensed" << std::endl +--- openvpn3-client-24+dfsg.orig/src/shell/bash-completion/gen-openvpn2-completion.py ++++ openvpn3-client-24+dfsg/src/shell/bash-completion/gen-openvpn2-completion.py +@@ -17,9 +17,12 @@ + import importlib + import sys + import argparse +-from datetime import date ++import os ++import time ++import datetime + from jinja2 import Template + ++ + completion_template = """# OpenVPN 3 Linux client -- Next generation OpenVPN client + # + # SPDX-License-Identifier: AGPL-3.0-only +@@ -122,8 +125,13 @@ if __name__ == '__main__': + else: + valid_args[opt] = '%s' % values[0] + ++ build_date = datetime.datetime.fromtimestamp( ++ int(os.environ.get('SOURCE_DATE_EPOCH', time.time())), ++ tz=datetime.timezone.utc, ++ ) ++ + ctpl = Template(completion_template) + script = ctpl.render(valid_args=valid_args, option_list=option_list, +- year=date.today().year) ++ year=build_date.year) + + print(script) --- a/debian/patches/series 2025-04-21 09:00:49.148735599 -0700 --- b/debian/patches/series 2025-04-21 09:24:09.687941086 -0700 @@ -1,2 +1,3 @@ 0001_import-unicode-impl-from-llvm.patch 0002_fix-openvpn-to-_openvpn.patch +0003_reproducible-build.patch
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel