Add support for reproducable builds, and other minor build system fixes

.github/workflows/build.yml

@@ -27,7 +27,7 @@ jobs:
         - "--disable-lvs --enable-snmp-vrrp --enable-snmp-rfc --enable-json --enable-dbus --disable-routes --enable-bfd --disable-iptables --disable-linkbeat"
         - "--disable-vrrp --enable-snmp-checker --enable-regex"
         - "--disable-hardening --enable-dump-threads --enable-epoll-debug --enable-snmp-rfcv3 --enable-log-file --disable-libipset"
-        - "--enable-snmp-rfc --enable-snmp --enable-dbus --enable-json --enable-bfd --enable-regex --enable-sockaddr-storage"
+        - "--enable-snmp-rfc --enable-snmp --enable-dbus --enable-json --enable-bfd --enable-regex --enable-sockaddr-storage --enable-reproducible-build"
     steps:
     - uses: actions/checkout@v2
     - name: Install Dependencies

configure.ac

@@ -189,6 +189,8 @@ AC_ARG_ENABLE(clang,
   [AS_HELP_STRING([--enable-clang], [use clang compiler])])
 AC_ARG_ENABLE(lto,
   [AS_HELP_STRING([--enable-lto], [use Link Time Optimisation])])
+AC_ARG_ENABLE(reproducible-build,
+  [AS_HELP_STRING([--enable-reproducible-build], [make builds reproducible])])
 AC_ARG_WITH(init,
   [AS_HELP_STRING([--with-init=(upstart|systemd|SYSV|SUSE|openrc)], [specify init type])],
   [init_type="$withval"], [init_type=""])
@@ -356,7 +358,7 @@ AS_IF([test -n "$with_samples_dir"],
     AS_IF([test $with_samples_dir = yes -o $with_samples_dir = no],
 	  [AC_MSG_ERROR([--with-samples-dir requires a directory])])
     SAMPLES_DIR=$with_samples_dir
-  ],[SAMPLES_DIR="\$(sysconfdir)/$PACKAGE/samples"])
+  ],[SAMPLES_DIR="\${sysconfdir}/$PACKAGE/samples"])
 AC_SUBST([SAMPLES_DIR])
 
 CPPFLAGS="$kernelinc $CPPFLAGS"
@@ -3078,6 +3080,20 @@ AS_IF([test $? -eq 0],
   ])
 WANT_PREFIX=0
 FOUND_PREFIX=0
+
+# $prefix defaults to NONE, which we need to get rid of
+sysconfdir_real=${sysconfdir}
+# while [[[ $sysconfdir_real =~ '\${' ]]]; do
+# 	eval sysconfdir_real=$sysconfdir_real
+# done
+sysconfdir_sav=${sysconfdir_real}
+eval sysconfdir_real=$sysconfdir_real
+while [[ $sysconfdir_real != $sysconfdir_sav ]]; do
+	sysconfdir_sav=${sysconfdir_real}
+	eval sysconfdir_real=$sysconfdir_real
+done
+
+AS_IF([test ${sysconfdir_real:0:5} = "NONE/"], [ sysconfdir_real=${sysconfdir_real:4} ])
 AS_IF([test -n "$default_config_file"],
   [
     AS_IF([test $default_config_file = yes -o $default_config_file = no],
@@ -3088,11 +3104,15 @@ AS_IF([test -n "$default_config_file"],
 	CONFIG_FILE="$default_config_file"
 	WANT_PREFIX=1
       ],
-      [CONFIG_FILE="\$(sysconfdir)/$PACKAGE/$default_config_file"])
+      [
+        CONFIG_FILE=${sysconfdir_real}/$PACKAGE/$default_config_file
+      ])
     add_config_opt([DEFAULT_CONFIG_FILE=$CONFIG_FILE])
     default_config_file=$CONFIG_FILE
   ],
-  [default_config_file="\$(sysconfdir)/$PACKAGE/$PACKAGE.conf"])
+  [
+    default_config_file=${sysconfdir_real}/$PACKAGE/$PACKAGE.conf
+  ])
 dir=`echo $default_config_file | $SED -e "s|/[[^/]]*$||"`
 name=`echo $default_config_file | $SED -e "s|.*/||"`
 AC_SUBST([DEFAULT_CONFIG_FILE], [$default_config_file])
@@ -3128,6 +3148,16 @@ AS_IF([test .$dcf != .$dcf_old],
     AC_SUBST([OLD_DEFAULT_CONFIG_FILE], [$dcf_old])
   ])
 
+AS_IF([test .$enable_reproducible_build = .yes],
+  [
+    AC_DEFINE([_REPRODUCIBLE_BUILD_], [ 1 ], [Make the build reproducible])
+    KEEPALIVED_CONFIG_OPTIONS="$args"
+    AC_SUBST([KEEPALIVED_CONFIG_OPTIONS])
+    primary_config_opts=${sysconfdir_real}/$PACKAGE/$PACKAGE.config-opts
+    AC_DEFINE_UNQUOTED([CONFIG_OPTS_FILE_PRIMARY], ["$primary_config_opts"], [Primary file to read build config options from])
+  ])
+AM_CONDITIONAL([REPRODUCIBLE_BUILD], [test .$enable_reproducible_build = .yes])
+
 if test -z "$INIT_TYPE"; then
   INIT_TYPE=undetected
 elif test $INIT_TYPE = systemd; then

doc/Makefile.am

@@ -10,9 +10,9 @@ endif
 EXTRA_DIST	= source samples keepalived.conf.SYNOPSIS NOTE_vrrp_vmac.txt KEEPALIVED-MIB.txt VRRP-MIB.txt VRRPv3-MIB.txt
 
 sampledir	= @SAMPLES_DIR@
-sample_DATA	= $(srcdir)/samples/*
+sample_DATA	= @srcdir@/samples/*
 
-mibsdir		= $(datarootdir)/snmp/mibs
+mibsdir		= @datarootdir@/snmp/mibs
 mibs_DATA	=
 if SNMP_KEEPALIVED
 mibs_DATA	+= KEEPALIVED-MIB.txt

keepalived/.gitignore

@@ -1,2 +1,3 @@
 keepalived
 keepalived*.service
+keepalived.config-opts

keepalived/Makefile.am

@@ -19,7 +19,8 @@ edit = echo "  EDIT     $@"; \
 	 -e 's|@SNMP_SERVICE[@]|$(SNMP_SERVICE)|g' \
 	 -e 's|@SYSTEMD_SERVICE_TYPE[@]|$(SYSTEMD_SERVICE_TYPE)|g' \
 	 -e 's|@SYSTEMD_EXEC_START_OPTIONS[@]|$(SYSTEMD_EXEC_START_OPTIONS)|g' \
-	 -e '/^Wants= *$$/d'
+	 -e '/^Wants= *$$/d' \
+	 -e 's|@CONFIG_OPTIONS[@]|$(KEEPALIVED_CONFIG_OPTIONS)|g'
 
 sbin_PROGRAMS		= keepalived
 keepalived_SOURCES	= main.c
@@ -60,12 +61,14 @@ endif
 
 SUBDIRS			= core $(VRRP_SUBDIR) $(IPVS_SUBDIR) $(DBUS_SUBDIR) $(BFD_SUBDIR) $(TRACKER_SUBDIR) etc
 
-EXTRA_DIST		= keepalived.service.in keepalived-non-root.service.in
+EXTRA_DIST		= keepalived.service.in keepalived-non-root.service.in keepalived.config-opts.in
 
 keepalived_LDADD	= core/libcore.a $(IPVS_LIB) $(VRRP_LIB) $(BFD_LIB) core/libcore.a $(TRACKER_LIB) ../lib/liblib.a $(KA_LIBS)
 
+MOSTLYCLEANFILES	=
+
 if INIT_SYSTEMD
-MOSTLYCLEANFILES	= keepalived.service keeplived-non-root.service
+MOSTLYCLEANFILES	+= keepalived.service keeplived-non-root.service
 endif
 
 MAINTAINERCLEANFILES	= @MAINTAINERCLEANFILES@
@@ -80,6 +83,19 @@ initdir			= $(sysconfdir)/init.d
 init_DATA		= etc/openrc/keepalived
 endif
 
+if REPRODUCIBLE_BUILD
+MOSTLYCLEANFILES	+= keepalived.config-opts
+
+configdir               = @DEFAULT_CONFIG_DIR@
+config_DATA             = keepalived.config-opts
+
+keepalived.config-opts: $(builddir)/Makefile
+	@rm -f $@ [email protected]
+	@$(edit) '$(srcdir)/[email protected]' >$@
+
+keepalived.config-opts: $(srcdir)/keepalived.config-opts.in
+endif
+
 if WITH_IPVS
 # checks for realpath, and also not busybox version which does not support --relative-to
 install-exec-hook:

keepalived/core/main.c

@@ -339,6 +339,10 @@ free_parent_mallocs_exit(void)
 #endif
 
 	FREE_CONST_PTR(config_id);
+
+#ifdef _REPRODUCIBLE_BUILD_
+	FREE_CONST_PTR(config_opts);
+#endif
 }
 
 const char *
@@ -1777,6 +1781,41 @@ report_distro(void)
 	fclose(fp);
 }
 
+#ifdef _REPRODUCIBLE_BUILD_
+static char *
+read_config_opts(const char *filename)
+{
+	struct stat statbuf;
+	int fd;
+	char *opts_buf;
+
+	if (stat(filename, &statbuf))
+		return NULL;
+
+	if ((fd = open(filename, O_RDONLY)) == -1) {
+		fprintf(stderr, "Failed to open %s\n", filename);
+		return NULL;
+	}
+
+	opts_buf = malloc(statbuf.st_size);
+
+	/* Read, skipping trailing \n */
+	if (read(fd, opts_buf, statbuf.st_size - 1) != statbuf.st_size - 1) {
+		fprintf(stderr, "Failed to read %s\n", filename);
+
+		close(fd);
+		free(opts_buf);
+
+		return NULL;
+	}
+
+	opts_buf[statbuf.st_size - 1] = '\0';
+	close(fd);
+
+	return opts_buf;
+}
+#endif
+
 /* Usage function */
 static void
 usage(const char *prog)
@@ -2077,7 +2116,7 @@ parse_cmdline(int argc, char **argv)
 			fprintf(stderr, "Running on %s %s %s\n", uname_buf.sysname, uname_buf.release, uname_buf.version);
 			report_distro();
 			fprintf(stderr, "\n");
-			fprintf(stderr, "configure options: %s\n\n", KEEPALIVED_CONFIGURE_OPTIONS);
+			fprintf(stderr, "configure options: %s\n\n", config_opts);
 			fprintf(stderr, "Config options: %s\n\n", CONFIGURATION_OPTIONS);
 			fprintf(stderr, "System options: %s\n", SYSTEM_OPTIONS);
 			exit(0);
@@ -2420,6 +2459,29 @@ keepalived_main(int argc, char **argv)
 	}
 #endif
 
+#ifdef _REPRODUCIBLE_BUILD_
+	char *config_opts_read;
+
+	if (!(config_opts_read = read_config_opts(CONFIG_OPTS_FILE_PRIMARY))) {
+		/* Look for the config-opts file in same location as executable */
+		const char *suffix = ".config-opts";
+		char *file = malloc(strlen(argv[0]) + strlen(suffix) + 1);
+
+		strcpy(file, argv[0]);
+		strcat(file, suffix);
+
+		config_opts_read = read_config_opts(file);
+		free(file);
+	}
+
+	if (!config_opts_read) {
+		fprintf(stderr, "Unable to read build config options file\n");
+		exit(1);
+	}
+
+	config_opts = config_opts_read;
+#endif
+
 #ifdef _MEM_CHECK_
 	__set_bit(MEM_CHECK_BIT, &debug);
 #endif
@@ -2521,6 +2583,13 @@ keepalived_main(int argc, char **argv)
 	/* Handle any core file requirements */
 	core_dump_init();
 
+#ifdef _REPRODUCIBLE_BUILD_
+	/* We want to use our MALLOC functions */
+	char *new_config_opts_str = STRDUP(config_opts);
+	free(config_opts_read);
+	config_opts = new_config_opts_str;
+#endif
+
 	if (os_major) {
 		if (KERNEL_VERSION(os_major, os_minor, os_release) < LINUX_VERSION_CODE) {
 			/* keepalived was built for a later kernel version */
@@ -2835,5 +2904,10 @@ keepalived_main(int argc, char **argv)
 #endif
 	close_std_fd();
 
+#ifdef _REPRODUCIBLE_BUILD_
+	FREE_CONST_PTR(config_opts);
+	config_opts = "removed";
+#endif
+
 	return exit_code;
 }

keepalived/keepalived.config-opts.in

@@ -0,0 +1 @@
+@CONFIG_OPTIONS@

lib/scheduler.c

@@ -83,6 +83,11 @@ bool do_epoll_thread_dump;
 #ifdef _SCRIPT_DEBUG_
 bool do_script_debug;
 #endif
+#ifndef _REPRODUCIBLE_BUILD_
+const char *config_opts = KEEPALIVED_CONFIGURE_OPTIONS;
+#else
+const char *config_opts = "not read";
+#endif
 
 /* local variables */
 static bool shutting_down;
@@ -593,7 +598,7 @@ report_child_status(int status, pid_t pid, char const *prog_name)
 			uname(&uname_buf);
 			log_message(LOG_INFO, "  Running on %s %s %s", uname_buf.sysname, uname_buf.release, uname_buf.version);
 			log_command_line(2);
-			log_options("configure options", KEEPALIVED_CONFIGURE_OPTIONS, 2);
+			log_options("configure options", config_opts, 2);
 			log_options("Config options", CONFIGURATION_OPTIONS, 2);
 			log_options("System options", SYSTEM_OPTIONS, 2);
 

lib/scheduler.h

@@ -239,6 +239,7 @@ extern bool do_epoll_thread_dump;
 #ifdef _SCRIPT_DEBUG_
 extern bool do_script_debug;
 #endif
+extern const char *config_opts;
 
 /* Prototypes. */
 extern void set_child_finder_name(char const * (*)(pid_t));