diff --git a/mozilla-nss.changes b/mozilla-nss.changes index cc4edcc..f1bdfb4 100644 --- a/mozilla-nss.changes +++ b/mozilla-nss.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Nov 14 10:13:17 UTC 2011 - john@redux.org.uk + +- Added a patch to fix errors in the pkcs11n.h header file. + (bmo#702090) + ------------------------------------------------------------------- Sat Nov 5 10:58:20 UTC 2011 - wolfgang@rosenauer.org diff --git a/mozilla-nss.spec b/mozilla-nss.spec index 5067812..5e92149 100644 --- a/mozilla-nss.spec +++ b/mozilla-nss.spec @@ -57,6 +57,7 @@ Patch5: nss-no-rpath.patch Patch6: renegotiate-transitional.patch Patch9: malloc.patch Patch10: ckbi-1_88.patch +Patch11: pkcs11n-header-fix.patch %define nspr_ver %(rpm -q --queryformat '%{VERSION}' mozilla-nspr) PreReq: mozilla-nspr >= %nspr_ver PreReq: libfreebl3 >= %{nss_softokn_fips_version} @@ -175,6 +176,7 @@ cd mozilla %patch9 %endif %patch10 -p1 +%patch11 # additional CA certificates #cd security/nss/lib/ckfw/builtins #cat %{SOURCE2} >> certdata.txt diff --git a/pkcs11n-header-fix.patch b/pkcs11n-header-fix.patch new file mode 100644 index 0000000..252e598 --- /dev/null +++ b/pkcs11n-header-fix.patch @@ -0,0 +1,43 @@ +diff -r -U 10 nss-3.13.1.orig/mozilla/security/nss/lib/util/pkcs11n.h nss-3.13.1/mozilla/security/nss/lib/util/pkcs11n.h +--- security/nss/lib/util/pkcs11n.h 2011-11-14 09:53:46.703144803 +0000 ++++ security/nss/lib/util/pkcs11n.h 2011-11-14 09:59:07.226273312 +0000 +@@ -339,37 +339,37 @@ + * to cache resolution data. + */ + #define CKT_NSS_VALID_DELEGATOR (CKT_NSS + 11) + + + /* + * old definitions. They still exist, but the plain meaning of the + * labels have never been accurate to what was really implemented. + * The new labels correctly reflect what the values effectively mean. + */ +-#if __GNUC__ > 3 ++#if defined(__GNUC__) && (__GNUC__ > 3) + /* make GCC warn when we use these #defines */ + /* + * This is really painful because GCC doesn't allow us to mark random + * #defines as deprecated. We can only mark the following: + * functions, variables, and types. + * const variables will create extra storage for everyone including this + * header file, so it's undesirable. + * functions could be inlined to prevent storage creation, but will fail + * when constant values are expected (like switch statements). + * enum types do not seem to pay attention to the deprecated attribute. + * + * That leaves typedefs. We declare new types that we then deprecate, then + * cast the resulting value to the deprecated type in the #define, thus + * producting the warning when the #define is used. + */ +-#if (__GNUC__ == 4) && (__GNUC_MINOR < 5) ++#if (__GNUC__ == 4) && (__GNUC_MINOR__ < 5) + /* The mac doesn't like the friendlier deprecate messages. I'm assuming this + * is a gcc version issue rather than mac or ppc specific */ + typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated)); + typedef CK_TRUST __CKT_NSS_VALID __attribute__ ((deprecated)); + typedef CK_TRUST __CKT_NSS_MUST_VERIFY __attribute__((deprecated)); + #else + /* when possible, get a full deprecation warning. This works on gcc 4.5 + * it may work on earlier versions of gcc */ + typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated + ("CKT_NSS_UNTRUSTED really means CKT_NSS_MUST_VERIFY_TRUST")));