# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1617113294 -28800
# Node ID 552bb9b4f16a923751d07b02f40cc2804d54d6f0
# Parent  7dc92355a9860295d5f28e65876a1e1f7cd5ae56
Make releases tarballs more deterministic

Not fully tested on different systems yet

diff -r 7dc92355a986 -r 552bb9b4f16a release.sh
--- a/release.sh	Tue Mar 30 20:42:04 2021 +0800
+++ b/release.sh	Tue Mar 30 22:08:14 2021 +0800
@@ -1,4 +1,7 @@
 #!/bin/sh
+
+set -e
+
 VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh)
 echo Releasing version "$VERSION" ...
 if ! head -n1 CHANGES | grep -q $VERSION ; then
@@ -13,7 +16,11 @@
 
 head -n1 CHANGES
 
-#sleep 3
+if tar --version | grep -q 'GNU tar'; then
+	TAR=tar
+else
+	TAR=gtar
+fi
 
 RELDIR=$PWD/../dropbear-$VERSION
 ARCHIVE=${RELDIR}.tar.bz2
@@ -35,7 +42,11 @@
 
 rm "$RELDIR/.hgtags"
 
-(cd "$RELDIR/.." && tar cjf $ARCHIVE `basename "$RELDIR"`) || exit 2
+RELDATE=$(head -n1 CHANGES | cut -d - -f 2)
+
+# from https://reproducible-builds.org/docs/archives/
+TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"
+(cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE" `basename "$RELDIR"`) || exit 2
 
 ls -l $ARCHIVE
 openssl sha256 $ARCHIVE