Date: Wed, 6 Oct 2010 11:57:59 +0200 From: Erik Cederstrand <erik@cederstrand.dk> To: perryh@pluto.rain.com Cc: hackers@freebsd.org Subject: Re: Timestamps in static libraries Message-ID: <9C53E6F3-82AB-4D95-B61A-ED49AC030B7A@cederstrand.dk> In-Reply-To: <4cac2dfb.tcWd/AxzVjqyrL09%perryh@pluto.rain.com> References: <52C32EA5-A380-4237-A27C-9E2DF2D4E022@cederstrand.dk> <20101005135906.GA3430@owl.midgard.homeip.net> <C5C85BF7-3989-461E-A9C8-9D16AE779359@cederstrand.dk> <4cac2dfb.tcWd/AxzVjqyrL09%perryh@pluto.rain.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Den 06/10/2010 kl. 10.06 skrev perryh@pluto.rain.com: > Erik Cederstrand <erik@cederstrand.dk> wrote: > >> It seems I can at least normalize the .a files using something >> like the following to weed out timestamps and uid/gid: >> >> % ar -x /usr/lib/libfetch.a >> % chown 0:0 * >> % touch -t 197001010000 * >> % ar -r libfetch.a `ar -t /usr/lib/libfetch.a` >> >> ... Unfortunately it seems there's still a creation time of the >> archive itself that I cant alter using the above, so the md5 sums >> still don't match: >> >> % diff mod.strings orig.strings >> 2c2 >> < / 1286312209 0 0 0 958 ` >> --- >>> / 1269146263 0 0 0 958 ` > > Any particular reason to recollect them into an archive, if the > point is just to check md5 signatures? I'm pretty sure collecting > them with tar instead will avoid this problem. That's of course another option. I could unpack the archive and be satisfied if all contained files have matching md5's. I guess the perfectionist in me is protesting. If I build FreeBSD twice from the same source code, the result should be exactly the same. It would be useful in a number of cases, e.g. IDS. ccache also relies on the assumption that checksums will match on identical source code and compiler version, although I know that's a level beneath where ar operates. Thanks, Erik
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9C53E6F3-82AB-4D95-B61A-ED49AC030B7A>