From 7c7874c86ef14f2866d38d5ee85709db6e71d217 Mon Sep 17 00:00:00 2001 From: Raffi Enficiaud Date: Fri, 18 Sep 2015 22:20:42 +0200 Subject: [PATCH 1/2] CPackDeb: preventing md5sum on symlinks - Direct call to cmSystemTools::ComputeFileMD5 - Avoiding hashing symlinks - Tests --- Source/CPack/cmCPackDebGenerator.cxx | 29 ++++++++++--------- Tests/CPackComponentsDEB/CMakeLists.txt | 19 ++++++++++++ ...lt-components-lintian-dpkgdeb-checks.cmake | 2 +- .../RunCPackVerifyResult.cmake | 12 ++++++-- 4 files changed, 45 insertions(+), 17 deletions(-) diff --git a/Source/CPack/cmCPackDebGenerator.cxx b/Source/CPack/cmCPackDebGenerator.cxx index 9402689cb..5cdab5228 100644 --- a/Source/CPack/cmCPackDebGenerator.cxx +++ b/Source/CPack/cmCPackDebGenerator.cxx @@ -524,21 +524,24 @@ int cmCPackDebGenerator::createDeb() packageFiles.begin(); fileIt != packageFiles.end(); ++ fileIt ) { - std::string cmd = "\""; - cmd += cmSystemTools::GetCMakeCommand(); - cmd += "\" -E md5sum \""; - cmd += *fileIt; - cmd += "\""; - - std::string output; - int retval = -1; - int res = cmSystemTools::RunSingleCommand(cmd.c_str(), &output, &output, - &retval, toplevel.c_str(), this->GeneratorVerbose, 0); - if ( !res || retval ) + // hash only regular files + if( cmSystemTools::FileIsDirectory(*fileIt) + || cmSystemTools::FileIsSymlink(*fileIt)) { - cmCPackLogger(cmCPackLog::LOG_ERROR, "Problem running cmake -E md5sum " - << cmd << std::endl); + continue; } + + char md5sum[33]; + if(!cmSystemTools::ComputeFileMD5(*fileIt, md5sum)) + { + cmCPackLogger(cmCPackLog::LOG_ERROR, "Problem computing the md5 of " + << *fileIt << std::endl); + } + + md5sum[32] = 0; + + std::string output(md5sum); + output += " " + *fileIt + "\n"; // debian md5sums entries are like this: // 014f3604694729f3bf19263bac599765 usr/bin/ccmake // thus strip the full path (with the trailing slash) diff --git a/Tests/CPackComponentsDEB/CMakeLists.txt b/Tests/CPackComponentsDEB/CMakeLists.txt index 5a5d626c3..98ed911c5 100644 --- a/Tests/CPackComponentsDEB/CMakeLists.txt +++ b/Tests/CPackComponentsDEB/CMakeLists.txt @@ -99,6 +99,25 @@ if(CHMOD_PROG) set(CPACK_DEBIAN_APPLICATIONS_PACKAGE_CONTROL_STRICT_PERMISSION TRUE) endif() +# creates a symbolic link and a directory. Those should not be hashed. +# warning: relocation of the symlink is not supported (symlinks with relative +# paths) +execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink mylibapp symtest) +install(FILES ${CPackComponentsDEB_BINARY_DIR}/symtest + DESTINATION bin + COMPONENT applications) + +if(EXISTS "./dirtest") + execute_process(COMMAND ${CMAKE_COMMAND} -E remove_directory ./dirtest) +endif() +execute_process(COMMAND ${CMAKE_COMMAND} -E make_directory ./dirtest) +# BUG: apparently cannot add an empty directory +execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink ../mylibapp ./dirtest/symtest) +# NOTE: we should not add the trailing "/" to dirtest +install(DIRECTORY ${CPackComponentsDEB_BINARY_DIR}/dirtest + DESTINATION bin/ + COMPONENT applications) + # We may use the CPack specific config file in order # to tailor CPack behavior on a CPack generator specific way # (Behavior would be different for RPM or TGZ or DEB ...) diff --git a/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake b/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake index 5460b1a47..ff22f8f9f 100644 --- a/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake +++ b/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake @@ -36,7 +36,7 @@ find_program(LINTIAN_EXECUTABLE lintian) if(LINTIAN_EXECUTABLE) set(lintian_output_errors_all "") foreach(_f IN LISTS actual_output) - set(STRINGS_TO_AVOID "E:([^\r\n]*)control-file-has-bad-permissions") + set(STRINGS_TO_AVOID "E:([^\r\n]*)control-file-has-bad-permissions" "E:([^\r\n]*)md5sums-lists-nonexistent-file") lintian_check_specific_errors(lintian_output_errors FILENAME "${_f}" ERROR_REGEX_STRINGS "${STRINGS_TO_AVOID}") diff --git a/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake b/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake index b96669efd..bf9f81d9f 100644 --- a/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake +++ b/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake @@ -137,6 +137,8 @@ endfunction() # This function runs dpkg-deb on a .deb and returns its output +# the default behaviour it to run "--info" on the specified Debian package +# ACTION is one of the option accepted by dpkg-deb function(run_dpkgdeb dpkg_deb_output) set(${dpkg_deb_output} "" PARENT_SCOPE) @@ -144,7 +146,7 @@ function(run_dpkgdeb dpkg_deb_output) if(DPKGDEB_EXECUTABLE) set(options "") - set(oneValueArgs "FILENAME") + set(oneValueArgs "FILENAME" "ACTION") set(multiValueArgs "") cmake_parse_arguments(run_dpkgdeb_deb "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN} ) @@ -153,8 +155,12 @@ function(run_dpkgdeb dpkg_deb_output) message(FATAL_ERROR "error: run_dpkgdeb needs FILENAME to be set") endif() - # run lintian - execute_process(COMMAND ${DPKGDEB_EXECUTABLE} -I ${run_dpkgdeb_deb_FILENAME} + if(NOT run_dpkgdeb_deb_ACTION) + set(run_dpkgdeb_deb_ACTION "--info") + endif() + + # run dpkg-deb + execute_process(COMMAND ${DPKGDEB_EXECUTABLE} ${run_dpkgdeb_deb_ACTION} ${run_dpkgdeb_deb_FILENAME} WORKING_DIRECTORY "${CPACK_TEMPORARY_DIRECTORY}" OUTPUT_VARIABLE DPKGDEB_OUTPUT RESULT_VARIABLE DPKGDEB_RESULT From da295f450da2781e82632b6a5df29df6fbf7daad Mon Sep 17 00:00:00 2001 From: Domen Vrankar Date: Fri, 18 Sep 2015 22:31:24 +0200 Subject: [PATCH 2/2] CPack/Deb: checksum on symlinks release notes --- Help/release/dev/cpack-deb-checksum-on-symlinks.rts | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 Help/release/dev/cpack-deb-checksum-on-symlinks.rts diff --git a/Help/release/dev/cpack-deb-checksum-on-symlinks.rts b/Help/release/dev/cpack-deb-checksum-on-symlinks.rts new file mode 100644 index 000000000..9bfeded08 --- /dev/null +++ b/Help/release/dev/cpack-deb-checksum-on-symlinks.rts @@ -0,0 +1,4 @@ +cpack-deb-checksum-on-symlinks +------------------------------ + +* The :module:`CPackDeb` module now correctly excludes symlinks during package checksum calculation.