token: sort paths for reproducible extract

p11-glue / p11-kit

Provides a way to load and enumerate PKCS#11 modules.

https://p11-glue.github.io/p11-glue/p11-kit.html

Other

151 stars 95 forks source link

token: sort paths for reproducible extract #656

Closed katexochen closed 2 months ago

katexochen commented 2 months ago

There is no defined order in which readdir will return the entries of a directory. In practice, order can depend on inode number or similar. If we run p11-kit on different files systems with similar directory structure but different inode order the output of extract can change.

To get a stable and reproducible output, sort the paths returned by readdir before extracting.

coveralls commented 2 months ago

coverage: 69.539% (+0.001%) from 69.538% when pulling a57afabad39ed03ae3bdd31cfb6c89c9904372f9 on katexochen:sort-paths into e6c69724b362a05603aa67eee7401d21cba6f568 on p11-glue:master.

katexochen commented 2 months ago

The change looks good overall, but I would like to see some things fixed before I can merge it.

Thanks for your feedback, I tried to incorporate the requested changes. Let me know if I overlooked something. :)

ZoltanFridrich commented 2 months ago

@katexochen please rebase it to master so I can merge.