Add two patches to fix warning treaded as errors build bustage

- One patch has been accepted upstream - Other patch will be removed when we rebase to nss-3.23
2016-02-07 19:11:06 -08:00 · 2016-02-07 19:11:06 -08:00 · dc759e0041
parent d825e8736c
commit dc759e0041
3 changed files with 148 additions and 4 deletions
--- a/fix_warnings_treated_as_errors.patch
+++ b/fix_warnings_treated_as_errors.patch
@ -0,0 +1,124 @@
+diff -up ./cmd/p7sign/p7sign.c.fix_warnings ./cmd/p7sign/p7sign.c
+--- ./cmd/p7sign/p7sign.c.fix_warnings	2016-02-07 15:29:48.459494920 -0800
+++ ./cmd/p7sign/p7sign.c	2016-02-07 15:55:04.920963101 -0800
+@@ -92,21 +92,24 @@ SignFile(FILE *outFile, PRFileDesc *inFi
+     SEC_PKCS7ContentInfo *cinfo;
+     SECStatus rv;
+ 
+-    if (outFile == NULL || inFile == NULL || cert == NULL)
+-	return -1;
+    if (outFile == NULL || inFile == NULL || cert == NULL) {
+        return -1;
+	}
+ 
+     /* suck the file in */
+-	if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE,
+-	                         PR_FALSE) != SECSuccess)
+-	return -1;
+    if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE,
+	                         PR_FALSE) != SECSuccess) {
+        return -1;
+    }
+ 
+     if (!encapsulated) {
+ 	/* unfortunately, we must create the digest ourselves */
+ 	/* SEC_PKCS7CreateSignedData should have a flag to not include */
+ 	/* the content for non-encapsulated content at encode time, but */
+ 	/* should always compute the hash itself */
+-	if (CreateDigest(&data2sign, digestdata, &len, 32) < 0)
+-	    return -1;
+	if (CreateDigest(&data2sign, digestdata, &len, 32) < 0) {
+		return -1;
+	}
+ 	digest.data = (unsigned char *)digestdata;
+ 	digest.len = len;
+     }
+@@ -116,9 +119,9 @@ SignFile(FILE *outFile, PRFileDesc *inFi
+ 				       SEC_OID_SHA1,
+ 				       encapsulated ? NULL : &digest,
+ 				       NULL, NULL);
+-    if (cinfo == NULL)
+    if (cinfo == NULL) {
+ 	return -1;
+-
+	}
+     if (encapsulated) {
+ 	SEC_PKCS7SetContent(cinfo, (char *)data2sign.data, data2sign.len);
+     }
+@@ -134,8 +137,9 @@ SignFile(FILE *outFile, PRFileDesc *inFi
+ 
+     SEC_PKCS7DestroyContentInfo (cinfo);
+ 
+-    if (rv != SECSuccess)
+    if (rv != SECSuccess) {
+ 	return -1;
+    }
+ 
+     return 0;
+ }
+diff -up ./cmd/vfychain/vfychain.c.fix_warnings ./cmd/vfychain/vfychain.c
+--- ./cmd/vfychain/vfychain.c.fix_warnings	2016-02-07 16:03:13.189775733 -0800
+++ ./cmd/vfychain/vfychain.c	2016-02-07 16:22:33.709073372 -0800
+@@ -439,7 +439,7 @@ main(int argc, char *argv[], char *envp[
+ 	case  0  : /* positional parameter */  goto breakout;
+ 	case 'a' : isAscii  = PR_TRUE;                        break;
+ 	case 'b' : secStatus = DER_AsciiToTime(&time, optstate->value);
+-	           if (secStatus != SECSuccess) Usage(progName); break;
+	           if (secStatus != SECSuccess) { Usage(progName); } break;
+ 	case 'd' : certDir  = PL_strdup(optstate->value);     break;
+ 	case 'e' : ocsp_fetchingFailureIsAFailure = PR_FALSE;  break;
+ 	case 'f' : certFetching = PR_TRUE;                    break;
+@@ -484,9 +484,9 @@ main(int argc, char *argv[], char *envp[
+ 	case 't' : trusted  = PR_TRUE;                        break;
+ 	case 'T' : onlyTrustAnchors = PR_FALSE;               break;
+ 	case 'u' : usage    = PORT_Atoi(optstate->value);
+-	           if (usage < 0 || usage > 62) Usage(progName);
+	           if (usage < 0 || usage > 62) { Usage(progName); }
+ 		   certUsage = ((SECCertificateUsage)1) << usage; 
+-		   if (certUsage > certificateUsageHighest) Usage(progName);
+		   if (certUsage > certificateUsageHighest) { Usage(progName); }
+ 		   break;
+         case 'w':
+                   pwdata.source = PW_PLAINTEXT;
+diff -up ./lib/dbm/src/hash.c.fix_warnings ./lib/dbm/src/hash.c
+--- ./lib/dbm/src/hash.c.fix_warnings	2016-02-07 15:18:54.006925157 -0800
+++ ./lib/dbm/src/hash.c	2016-02-07 15:21:02.151491099 -0800
+@@ -815,9 +815,9 @@ hash_access(
+ 			}
+ 
+             ovfl_loop_count++;
+-            if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS)
+            if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS) {
+     			return (DATABASE_CORRUPTED_ERROR);
+-
+    		}
+ 			/* FOR LOOP INIT */
+ 			bp = (uint16 *)rbufp->page;
+ 			n = *bp++;
+@@ -825,8 +825,9 @@ hash_access(
+ 			off = hashp->BSIZE;
+ 		} else if (bp[1] < REAL_KEY) {
+ 			if ((ndx =
+-			    __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0)
+			    __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0) {
+ 				goto found;
+			}
+ 			if (ndx == -2) {
+ 				bufp = rbufp;
+ 				if (!(pageno =
+diff -up ./lib/dbm/src/h_page.c.fix_warnings ./lib/dbm/src/h_page.c
+--- ./lib/dbm/src/h_page.c.fix_warnings	2016-01-29 02:30:10.000000000 -0800
+++ ./lib/dbm/src/h_page.c	2016-02-07 15:10:42.439250993 -0800
+@@ -114,9 +114,9 @@ long new_lseek(int fd, long offset, int
+ 
+ 	if(origin == SEEK_CUR)
+       {	
+-      	if(offset < 1)							  
+-	    	return(lseek(fd, offset, SEEK_CUR));
+-
+		if(offset < 1) {						  
+			return(lseek(fd, offset, SEEK_CUR));
+		}
+ 		cur_pos = lseek(fd, 0, SEEK_CUR);
+ 
+ 		if(cur_pos < 0)
--- a/nss.spec
+++ b/nss.spec
@ -21,7 +21,7 @@ Name:             nss
 Version:          3.22.0
 # for Rawhide, please always use release >= 2
 # for Fedora release branches, please use release < 2 (1.0, 1.1, ...)
-Release:          0.2%{?dist}.test.1
+Release:          2%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Group:            System Environment/Libraries
@ -107,6 +107,8 @@ Patch58: rhbz1185708-enable-ecc-3des-ciphers-by-default.patch
 Patch59: pem-compile-with-Werror.patch
 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1246499
 Patch60: vfyserv-defined-but-not-used.patch
+# TODO: Util we rebase to nss-3.23 which already has this fixed
+Patch61: fix_warnings_treated_as_errors.patch

 %description
 Network Security Services (NSS) is a set of libraries designed to
@ -199,6 +201,7 @@ popd
 %patch59 -p0 -b .compile_Werror
 pushd nss
 %patch60 -p1 -b .defined_not_used
+%patch61 -p1 -b .fix_warnings
 popd

 #########################################################
@ -311,8 +314,7 @@ export IN_TREE_FREEBL_HEADERS_FIRST=1

 ##### phase 2: build the rest of nss
 # nss supports pluggable ecc with more than suite-b
-NSS_ECC_MORE_THAN_SUITE_B=1
-export NSS_ECC_MORE_THAN_SUITE_B
+export NSS_ECC_MORE_THAN_SUITE_B=1

 export NSS_BLTEST_NOT_AVAILABLE=1
 %{__make} -C ./nss/coreconf
@ -832,7 +834,7 @@ fi


 %changelog
-* Sat Feb 06 2016 Elio Maldonado <emaldona@redhat.com> - 3.22.0-0.2.test.1
+* Sat Feb 06 2016 Elio Maldonado <emaldona@redhat.com> - 3.22.0-2
 - Rebase to nss 3.22

 * Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.21.0-7
--- a/vfyserv-defined-but-not-used.patch
+++ b/vfyserv-defined-but-not-used.patch
@ -0,0 +1,18 @@
+diff -up ./cmd/vfyserv/vfyserv.h.defined_not_used ./cmd/vfyserv/vfyserv.h
+--- ./cmd/vfyserv/vfyserv.h.defined_not_used	2016-02-06 18:32:54.143216370 -0800
+++ ./cmd/vfyserv/vfyserv.h	2016-02-06 18:33:24.943636231 -0800
+@@ -135,14 +135,4 @@ void lockedVars_WaitForDone(lockedVars *
+ 
+ int lockedVars_AddToCount(lockedVars *lv, int addend);
+ 
+-/* Buffer stuff. */
+-
+-static const char stopCmd[] = { "GET /stop " };
+-static const char defaultHeader[] = {
+-	"HTTP/1.0 200 OK\r\n"
+-	"Server: SSL sample server\r\n"
+-	"Content-type: text/plain\r\n"
+-	"\r\n"
+-};
+-
+ #endif