Commits (3)
......@@ -9,6 +9,7 @@ Uploaders:
Build-Depends:
abootimg <!nocheck>,
androguard <!nocheck>,
apksigcopier <!nocheck>,
apksigner <!nocheck>,
apktool [!ppc64el !s390x] <!nocheck>,
bash-completion,
......
......@@ -7,7 +7,7 @@
# $ mv debian/tests/control.tmp debian/tests/control
Tests: pytest-with-recommends
Depends: python3-all, diffoscope, black, python3-pytest, python3-h5py, file, linux-image-amd64 [amd64] | linux-image-generic [amd64], abootimg, acl, apksigner, apktool [!ppc64el !s390x], binutils-multiarch, bzip2, caca-utils, colord, coreboot-utils, db-util, default-jdk-headless | default-jdk | java-sdk, device-tree-compiler, docx2txt, e2fsprogs, enjarify, ffmpeg, fontforge-extras, fonttools, fp-utils [!ppc64el !s390x], genisoimage, gettext, ghc, ghostscript, giflib-tools, gnumeric, gnupg, gnupg-utils, hdf5-tools, html2text, imagemagick, jsbeautifier, libarchive-tools, libxmlb-dev, llvm, lz4 | liblz4-tool, lzip, mono-utils, ocaml-nox, odt2txt, oggvideotools [!s390x], openssh-client, openssl, pgpdump, poppler-utils, procyon-decompiler, python3-pdfminer, r-base-core, rpm2cpio, sng, sqlite3, squashfs-tools, tcpdump, u-boot-tools, unzip, wabt, xmlbeans, xxd, xz-utils, zip, zstd, androguard, python3-argcomplete, python3-binwalk, python3-defusedxml, python3-distro, python3-guestfs, python3-jsondiff, python3-progressbar, python3-pypdf2, python3-debian, python3-pyxattr, python3-rpm, python3-tlsh
Depends: python3-all, diffoscope, black, python3-pytest, python3-h5py, file, linux-image-amd64 [amd64] | linux-image-generic [amd64], abootimg, acl, apksigcopier, apksigner, apktool [!ppc64el !s390x], binutils-multiarch, bzip2, caca-utils, colord, coreboot-utils, db-util, default-jdk-headless | default-jdk | java-sdk, device-tree-compiler, docx2txt, e2fsprogs, enjarify, ffmpeg, fontforge-extras, fonttools, fp-utils [!ppc64el !s390x], genisoimage, gettext, ghc, ghostscript, giflib-tools, gnumeric, gnupg, gnupg-utils, hdf5-tools, html2text, imagemagick, jsbeautifier, libarchive-tools, libxmlb-dev, llvm, lz4 | liblz4-tool, lzip, mono-utils, ocaml-nox, odt2txt, oggvideotools [!s390x], openssh-client, openssl, pgpdump, poppler-utils, procyon-decompiler, python3-pdfminer, r-base-core, rpm2cpio, sng, sqlite3, squashfs-tools, tcpdump, u-boot-tools, unzip, wabt, xmlbeans, xxd, xz-utils, zip, zstd,
Tests: pytest
Depends: python3-all, diffoscope, python3-pytest, python3-h5py, file, python3-tlsh
......
......@@ -3,6 +3,7 @@
#
# Copyright © 2016 Reiner Herrmann <reiner@reiner-h.de>
# Copyright © 2016-2021 Chris Lamb <lamby@debian.org>
# Copyright © 2022 FC Stegerman <flx@obfusk.net>
#
# diffoscope is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
......@@ -230,7 +231,20 @@ class ApkFile(ZipFileBase):
FILE_EXTENSION_SUFFIX = {".apk"}
CONTAINER_CLASSES = [ApkContainer, ZipContainer]
@property
def as_container(self):
# If we found no differences before the APK Signing Block we return None
# here to prevent apktool from being run needlessly (which can take up a
# significant amount of extra time) via ApkContainer (since there's no
# API that allows us to selectively disable use of container classes in
# cases like these).
if getattr(self, "_disable_container_compare", False):
return None # don't run apktool
return super().as_container
def compare_details(self, other, source=None):
self.check_differences_before_signing_block(other)
differences = zipinfo_differences(self, other)
try:
......@@ -258,6 +272,42 @@ class ApkFile(ZipFileBase):
return differences
def check_differences_before_signing_block(self, other):
try:
self._check_differences_before_signing_block(other)
except (RequiredToolNotFound, ImportError):
self.add_comment(
"'apksigcopier' Python package not installed; unconditionally running 'apktool'."
)
return
@tool_required("apksigcopier")
def _check_differences_before_signing_block(self, other):
import apksigcopier
try:
offset_self, _ = apksigcopier.extract_v2_sig(self.path)
offset_other, _ = apksigcopier.extract_v2_sig(other.path)
except Exception:
return
if offset_self != offset_other:
return
with open(self.path, "rb") as fh_self:
with open(other.path, "rb") as fh_other:
while fh_self.tell() < offset_self:
size = min(offset_self - fh_self.tell(), 4096)
if fh_self.read(size) != fh_other.read(size):
return
self.add_comment(
"No differences before APK Signing Block; not running 'apktool'."
)
self._disable_container_compare = True
other._disable_container_compare = True
def get_v2_signing_keys(path):
from androguard.core.bytecodes import apk
......
......@@ -25,6 +25,7 @@ that might resolve to, for example, `/usr/bin/abootimg`.
EXTERNAL_TOOLS = {
"abootimg": {"debian": "abootimg", "guix": "abootimg"},
"androguard": {"debian": "androguard"},
"apksigcopier": {"debian": "apksigcopier"},
"apktool": {"debian": "apktool"},
"apksigner": {"debian": "apksigner"},
"db_dump": {"debian": "db-util", "guix": "bdb"},
......
......@@ -566,18 +566,19 @@ class ListMissingToolsAction(ListToolsAction):
class ListDebianSubstvarsAction(argparse._StoreTrueAction):
def __call__(self, *args, **kwargs):
tools = set()
# Attempt to import all comparators so tool_required.all is as
# populated as possible...
ComparatorManager().reload()
tools.update(tool_required.all)
# ... however for the generated substvar to be effective/deterministic
# regardless of the currently installed packages, we special-case some
# tools (NB. not package names) as their modules may not have been
# imported by the `ComparatorManager().reload()` call above. (#908072)
tools = set(
("gpg", "rpm2cpio") # comparators/debian.py # comparators/rpm.py
)
tools.update(tool_required.all)
tools.add("gpg") # comparators/debian.py
tools.add("rpm2cpio") # comparators/rpm.py
packages = set()
packages_minimal = set()
......