From 7c7874c86ef14f2866d38d5ee85709db6e71d217 Mon Sep 17 00:00:00 2001
From: Raffi Enficiaud <raffi.enficiaud@mines-paris.org>
Date: Fri, 18 Sep 2015 22:20:42 +0200
Subject: CPackDeb: preventing md5sum on symlinks

- Direct call to cmSystemTools::ComputeFileMD5
- Avoiding hashing symlinks
- Tests
---
 Source/CPack/cmCPackDebGenerator.cxx               | 29 ++++++++++++----------
 Tests/CPackComponentsDEB/CMakeLists.txt            | 19 ++++++++++++++
 ...yResult-components-lintian-dpkgdeb-checks.cmake |  2 +-
 .../CPackComponentsDEB/RunCPackVerifyResult.cmake  | 12 ++++++---
 4 files changed, 45 insertions(+), 17 deletions(-)

diff --git a/Source/CPack/cmCPackDebGenerator.cxx b/Source/CPack/cmCPackDebGenerator.cxx
index 9402689..5cdab52 100644
--- a/Source/CPack/cmCPackDebGenerator.cxx
+++ b/Source/CPack/cmCPackDebGenerator.cxx
@@ -524,21 +524,24 @@ int cmCPackDebGenerator::createDeb()
            packageFiles.begin();
          fileIt != packageFiles.end(); ++ fileIt )
       {
-      std::string cmd = "\"";
-      cmd += cmSystemTools::GetCMakeCommand();
-      cmd += "\" -E md5sum \"";
-      cmd += *fileIt;
-      cmd += "\"";
-
-      std::string output;
-      int retval = -1;
-      int res = cmSystemTools::RunSingleCommand(cmd.c_str(), &output, &output,
-          &retval, toplevel.c_str(), this->GeneratorVerbose, 0);
-      if ( !res || retval )
+      // hash only regular files
+      if(   cmSystemTools::FileIsDirectory(*fileIt)
+         || cmSystemTools::FileIsSymlink(*fileIt))
         {
-        cmCPackLogger(cmCPackLog::LOG_ERROR, "Problem running cmake -E md5sum "
-                      << cmd << std::endl);
+        continue;
         }
+
+      char md5sum[33];
+      if(!cmSystemTools::ComputeFileMD5(*fileIt, md5sum))
+        {
+        cmCPackLogger(cmCPackLog::LOG_ERROR, "Problem computing the md5 of "
+                      << *fileIt << std::endl);
+        }
+
+      md5sum[32] = 0;
+
+      std::string output(md5sum);
+      output += "  " + *fileIt + "\n";
       // debian md5sums entries are like this:
       // 014f3604694729f3bf19263bac599765  usr/bin/ccmake
       // thus strip the full path (with the trailing slash)
diff --git a/Tests/CPackComponentsDEB/CMakeLists.txt b/Tests/CPackComponentsDEB/CMakeLists.txt
index 5a5d626..98ed911 100644
--- a/Tests/CPackComponentsDEB/CMakeLists.txt
+++ b/Tests/CPackComponentsDEB/CMakeLists.txt
@@ -99,6 +99,25 @@ if(CHMOD_PROG)
   set(CPACK_DEBIAN_APPLICATIONS_PACKAGE_CONTROL_STRICT_PERMISSION TRUE)
 endif()
 
+# creates a symbolic link and a directory. Those should not be hashed.
+# warning: relocation of the symlink is not supported (symlinks with relative
+# paths)
+execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink mylibapp symtest)
+install(FILES ${CPackComponentsDEB_BINARY_DIR}/symtest
+        DESTINATION bin
+        COMPONENT applications)
+
+if(EXISTS "./dirtest")
+  execute_process(COMMAND ${CMAKE_COMMAND} -E remove_directory ./dirtest)
+endif()
+execute_process(COMMAND ${CMAKE_COMMAND} -E make_directory ./dirtest)
+# BUG: apparently cannot add an empty directory
+execute_process(COMMAND ${CMAKE_COMMAND} -E create_symlink ../mylibapp ./dirtest/symtest)
+# NOTE: we should not add the trailing "/" to dirtest
+install(DIRECTORY ${CPackComponentsDEB_BINARY_DIR}/dirtest
+        DESTINATION bin/
+        COMPONENT applications)
+
 # We may use the CPack specific config file in order
 # to tailor CPack behavior on a CPack generator specific way
 # (Behavior would be different for RPM or TGZ or DEB ...)
diff --git a/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake b/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake
index 5460b1a..ff22f8f 100644
--- a/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake
+++ b/Tests/CPackComponentsDEB/RunCPackVerifyResult-components-lintian-dpkgdeb-checks.cmake
@@ -36,7 +36,7 @@ find_program(LINTIAN_EXECUTABLE lintian)
 if(LINTIAN_EXECUTABLE)
   set(lintian_output_errors_all "")
   foreach(_f IN LISTS actual_output)
-    set(STRINGS_TO_AVOID "E:([^\r\n]*)control-file-has-bad-permissions")
+    set(STRINGS_TO_AVOID "E:([^\r\n]*)control-file-has-bad-permissions" "E:([^\r\n]*)md5sums-lists-nonexistent-file")
     lintian_check_specific_errors(lintian_output_errors
                                   FILENAME "${_f}"
                                   ERROR_REGEX_STRINGS "${STRINGS_TO_AVOID}")
diff --git a/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake b/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake
index b96669e..bf9f81d 100644
--- a/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake
+++ b/Tests/CPackComponentsDEB/RunCPackVerifyResult.cmake
@@ -137,6 +137,8 @@ endfunction()
 
 
 # This function runs dpkg-deb on a .deb and returns its output
+# the default behaviour it to run "--info" on the specified Debian package
+# ACTION is one of the option accepted by dpkg-deb
 function(run_dpkgdeb dpkg_deb_output)
   set(${dpkg_deb_output} "" PARENT_SCOPE)
 
@@ -144,7 +146,7 @@ function(run_dpkgdeb dpkg_deb_output)
   if(DPKGDEB_EXECUTABLE)
 
     set(options "")
-    set(oneValueArgs "FILENAME")
+    set(oneValueArgs "FILENAME" "ACTION")
     set(multiValueArgs "")
     cmake_parse_arguments(run_dpkgdeb_deb "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN} )
 
@@ -153,8 +155,12 @@ function(run_dpkgdeb dpkg_deb_output)
       message(FATAL_ERROR "error: run_dpkgdeb needs FILENAME to be set")
     endif()
 
-    # run lintian
-    execute_process(COMMAND ${DPKGDEB_EXECUTABLE} -I ${run_dpkgdeb_deb_FILENAME}
+    if(NOT run_dpkgdeb_deb_ACTION)
+      set(run_dpkgdeb_deb_ACTION "--info")
+    endif()
+
+    # run dpkg-deb
+    execute_process(COMMAND ${DPKGDEB_EXECUTABLE} ${run_dpkgdeb_deb_ACTION} ${run_dpkgdeb_deb_FILENAME}
       WORKING_DIRECTORY "${CPACK_TEMPORARY_DIRECTORY}"
       OUTPUT_VARIABLE DPKGDEB_OUTPUT
       RESULT_VARIABLE DPKGDEB_RESULT
-- 
cgit v0.12


From da295f450da2781e82632b6a5df29df6fbf7daad Mon Sep 17 00:00:00 2001
From: Domen Vrankar <domen.vrankar@gmail.com>
Date: Fri, 18 Sep 2015 22:31:24 +0200
Subject: CPack/Deb: checksum on symlinks release notes

---
 Help/release/dev/cpack-deb-checksum-on-symlinks.rts | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 Help/release/dev/cpack-deb-checksum-on-symlinks.rts

diff --git a/Help/release/dev/cpack-deb-checksum-on-symlinks.rts b/Help/release/dev/cpack-deb-checksum-on-symlinks.rts
new file mode 100644
index 0000000..9bfeded
--- /dev/null
+++ b/Help/release/dev/cpack-deb-checksum-on-symlinks.rts
@@ -0,0 +1,4 @@
+cpack-deb-checksum-on-symlinks
+------------------------------
+
+* The :module:`CPackDeb` module now correctly excludes symlinks during package checksum calculation.
-- 
cgit v0.12