From 35a6b620b3c4d2f08ee3addd146eb6ccff6ac9e8 Mon Sep 17 00:00:00 2001 From: Kevin Wright Date: Tue, 13 Sep 2011 00:53:07 -0700 Subject: [PATCH] Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . --- clog | 3 +- jss-PKCS12-FIPS.patch | 80 +++ jss-eliminate-java-compiler-warnings.patch | 641 +++++++++++++++++++ jss-eliminate-native-compiler-warnings.patch | 621 ++++++++++++++++++ jss.spec | 29 +- 5 files changed, 1371 insertions(+), 3 deletions(-) create mode 100644 jss-PKCS12-FIPS.patch create mode 100644 jss-eliminate-java-compiler-warnings.patch create mode 100644 jss-eliminate-native-compiler-warnings.patch diff --git a/clog b/clog index 6903c7f..39ce8b2 100644 --- a/clog +++ b/clog @@ -1,2 +1 @@ -Bug 670980 - Cannot create system certs when using LunaSA HSM in FIPS Mode -and ECC algorithms (support tokens that don't do ECDH) +Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . diff --git a/jss-PKCS12-FIPS.patch b/jss-PKCS12-FIPS.patch new file mode 100644 index 0000000..b2aa854 --- /dev/null +++ b/jss-PKCS12-FIPS.patch @@ -0,0 +1,80 @@ +diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c.fix jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c +--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c.fix 2011-08-15 15:39:56.633158000 -0700 ++++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-08-15 20:43:34.947749000 -0700 +@@ -239,40 +239,47 @@ print_secitem(SECItem *item) { + * TokenException if an error occurs. + */ + static PK11SymKey* +-constructSHA1PBAKey(JNIEnv *env, SECItem *pwitem, SECItem *salt, ++constructSHA1PBAKey(JNIEnv *env, PK11SlotInfo *slot, SECItem *pwitem, SECItem *salt, + int iterationCount) + { +- PBEBitGenContext* pbeCtxt=NULL; +- SECItem *keyBits=NULL; + PK11SymKey *key=NULL; + +- pbeCtxt = PBE_CreateContext( SEC_OID_SHA1, pbeBitGenIntegrityKey, +- pwitem, salt, 160 /* SHA1 key length */, iterationCount); +- if( pbeCtxt == NULL ) { +- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to create PBE context"); ++ unsigned char ivData[8]; ++ SECItem mechItem; ++ CK_PBE_PARAMS pbe_params; ++ ++ if( pwitem == NULL ) { ++ JSS_throwMsg(env, TOKEN_EXCEPTION, ++ "constructSHA1PAKey:" ++ " pwitem NULL"); + goto finish; + } +- +- keyBits = PBE_GenerateBits(pbeCtxt); +- if( keyBits == NULL ) { +- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to generate bits from" +- "PBE context"); ++ if( salt == NULL ) { ++ JSS_throwMsg(env, TOKEN_EXCEPTION, ++ "constructSHA1PAKey:" ++ " salt NULL"); + goto finish; + } + +- key = PK11_ImportSymKey( PK11_GetInternalSlot(), CKM_SHA_1, +- PK11_OriginGenerated, CKA_SIGN, keyBits, NULL); ++ pbe_params.pInitVector = ivData; ++ pbe_params.pPassword = pwitem->data; ++ pbe_params.ulPasswordLen = pwitem->len; ++ pbe_params.pSalt = salt->data; ++ pbe_params.ulSaltLen = salt->len; ++ pbe_params.ulIteration = iterationCount; ++ mechItem.data = (unsigned char *) &pbe_params; ++ mechItem.len = sizeof(pbe_params); ++ ++ key = PK11_RawPBEKeyGen(slot, CKM_PBA_SHA1_WITH_SHA1_HMAC, &mechItem, pwitem, PR_FALSE, NULL); ++ + if( key == NULL ) { +- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to import PBA key from" +- " PBA-generated bits"); ++ JSS_throwMsg(env, TOKEN_EXCEPTION, ++ "PK11_RawPBEKeyGen:" ++ " failed to generate key"); + goto finish; + } + + finish: +- if( pbeCtxt ) { +- PBE_DestroyContext(pbeCtxt); +- } +- /* keyBits == pbeCtxt, so we don't need to free it */ + return key; + } + +@@ -324,7 +331,7 @@ Java_org_mozilla_jss_pkcs11_PK11KeyGener + + /* special case, construct key by hand. Bug #336587 */ + +- skey = constructSHA1PBAKey(env, pwitem, salt, iterationCount); ++ skey = constructSHA1PBAKey(env, slot, pwitem, salt, iterationCount); + if( skey==NULL ) { + /* exception was thrown */ + goto finish; diff --git a/jss-eliminate-java-compiler-warnings.patch b/jss-eliminate-java-compiler-warnings.patch new file mode 100644 index 0000000..1df99d3 --- /dev/null +++ b/jss-eliminate-java-compiler-warnings.patch @@ -0,0 +1,641 @@ +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java 2011-08-10 16:21:30.837765000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java 2011-08-12 13:13:34.449664000 -0700 +@@ -1125,7 +1125,7 @@ public final class CryptoManager impleme + * Imports a single certificate into the permanent certificate + * database. + * +- * @param derCert the certificate you want to add ++ * @param cert the certificate you want to add + * @param nickname the nickname you want to refer to the certificate as + * (must not be null) + */ +@@ -1391,11 +1391,11 @@ public final class CryptoManager impleme + public static final String + JAR_JDK_VERSION = "JDK_VERSION = N/A"; + public static final String +- JAR_NSS_VERSION = "NSS_VERSION = NSS_3_11_9_RTM"; ++ JAR_NSS_VERSION = "NSS_VERSION = N/A"; + public static final String + JAR_DBM_VERSION = "DBM_VERSION = N/A"; + public static final String +- JAR_NSPR_VERSION = "NSPR_VERSION = NSPR_4_7_RTM"; ++ JAR_NSPR_VERSION = "NSPR_VERSION = N/A"; + + /** + * Loads the JSS dynamic library if necessary. +@@ -1433,8 +1433,8 @@ public final class CryptoManager impleme + * this thread's token to null will also cause the + * InternalKeyStorageToken to be used. + * +- * @param The token to use for crypto operations. Specifying null +- * will cause the InternalKeyStorageToken to be used. ++ * @param token The token to use for crypto operations. Specifying ++ * null will cause the InternalKeyStorageToken to be used. + */ + public void setThreadToken(CryptoToken token) { + if( token != null ) { +@@ -1579,7 +1579,7 @@ public final class CryptoManager impleme + * Verify a certificate in memory. Check if + * valid and that we trust the issuer. Verify time + * against Now. +- * @param certificate in memory ++ * @param certPackage certificate in memory + * @param checkSig verify the signature of the certificate + * @param certUsage see exposed certUsage defines to verify Certificate + * @return true for success; false otherwise +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java 2011-08-10 17:29:33.476661000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java 2011-08-12 11:00:26.456852000 -0700 +@@ -51,7 +51,7 @@ public final class JSSProvider extends j + + private static int JSS_MAJOR_VERSION = 4; + private static int JSS_MINOR_VERSION = 2; +- private static int JSS_PATCH_VERSION = 5; ++ private static int JSS_PATCH_VERSION = 6; + private static double JSS_VERSION = JSS_MAJOR_VERSION + + (JSS_MINOR_VERSION * 100 + + JSS_PATCH_VERSION)/10000.0; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java 2004-04-25 08:02:21.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java 2011-08-12 13:10:50.781827000 -0700 +@@ -144,8 +144,8 @@ public abstract class Cipher { + * B is the block size, the padding string consists of + * B - (M mod B) octets, each having the value + * B - (M mod B). +- * @param The block size of the encryption algorithm. Must be greater +- * than zero. ++ * @param blockSize The block size of the encryption algorithm. ++ * Must be greater than zero. + * @see #unPad + */ + public static byte[] +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java 2007-11-09 16:37:56.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java 2011-08-12 11:07:20.326438000 -0700 +@@ -194,7 +194,7 @@ public interface CryptoToken { + * Login to the token. If a token is logged in, it will not trigger + * password callbacks. + * +- * @param password The password for this token. ++ * @param pwcb The password callback for this token. + * @exception IncorrectPasswordException If the supplied password is + * incorrect. + * @see #setLoginMode +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java 2004-04-25 08:02:21.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java 2011-08-12 11:08:37.747360000 -0700 +@@ -88,7 +88,7 @@ public abstract class JSSMessageDigest { + * Completes digestion. + * + * @return The, ahem, output of the digest operation. +- * @param If an error occurs while digesting. ++ * @exception DigestException If an error occurs while digesting. + */ + public byte[] digest() throws DigestException { + byte[] output = new byte[getOutputSize()]; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java 2004-04-25 08:02:21.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java 2011-08-12 11:09:41.345296000 -0700 +@@ -60,7 +60,7 @@ public class PBEKeyGenParams implements + * Must not be null. It is the responsibility of the caller to + * use the right salt length for the algorithm. Most algorithms + * use 8 bytes of salt. +- * @param The iteration count for the PBE algorithm. ++ * @param iterations The iteration count for the PBE algorithm. + */ + public PBEKeyGenParams(Password pass, byte[] salt, int iterations) { + if(pass==null || salt==null) { +@@ -80,7 +80,7 @@ public class PBEKeyGenParams implements + * Must not be null. It is the responsibility of the caller to + * use the right salt length for the algorithm. Most algorithms + * use 8 bytes of salt. +- * @param The iteration count for the PBE algorithm. ++ * @param iterations The iteration count for the PBE algorithm. + */ + public PBEKeyGenParams(char[] pass, byte[] salt, int iterations) { + if(pass==null || salt==null) { +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java 2007-11-09 16:37:57.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java 2011-08-12 11:13:51.807047000 -0700 +@@ -228,8 +228,8 @@ public final class PK11Token implements + * Initialize PIN. This sets the user's new PIN, using the current + * security officer PIN for authentication. + * +- * @param ssopw The security officer's current password. +- * @param userpw The user's new password. ++ * @param ssopwcb The security officer's current password callback. ++ * @param userpwcb The user's new password callback. + * @exception IncorrectPinException If the security officer PIN is + * incorrect. + * @exception TokenException If the PIN was already initialized, +@@ -322,8 +322,8 @@ public final class PK11Token implements + * Change password. This changes the user's PIN after it has already + * been initialized. + * +- * @param oldPIN The user's old PIN. +- * @param newPIN The new PIN. ++ * @param oldPINcb The user's old PIN callback. ++ * @param newPINcb The new PIN callback. + * @exception IncorrectPasswordException If the old PIN is incorrect. + * @exception TokenException If some other error occurs on the token. + * +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java 2005-09-22 10:58:35.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java 2011-08-12 11:14:44.011995000 -0700 +@@ -288,7 +288,7 @@ public final class SafeBag implements AS + * as the nickname of the associated cert. + * @param localKeyID The localKeyID for the key; should be the same as + * the localKeyID of the associated cert. +- * @param The password used to encrypt the private key. ++ * @param password The password used to encrypt the private key. + */ + public static SafeBag + createEncryptedPrivateKeyBag(PrivateKeyInfo privk, String friendlyName, +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java 2004-04-25 08:02:23.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java 2011-08-12 11:12:13.957145000 -0700 +@@ -430,7 +430,6 @@ public class SignerInfo implements ASN1V + * SignerInfo. + * @param contentType The type of the content that is signed by this + * SignerInfo. +- * @param pubkey The public key to use to verify the signature. + * @exception NoSuchObjectException If no certificate matching the + * the issuer name and serial number can be found. + */ +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java 2004-11-18 14:56:11.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java 2011-08-12 11:20:39.240639000 -0700 +@@ -108,7 +108,7 @@ public class CMCStatusInfo implements AS + * @param status A CMCStatus constant. + * @param bodyList The sequence of bodyPartID. + * @param statusString A String. +- * @param OtherInfo The OtherInfo choice. ++ * @param otherInfo The OtherInfo choice. + */ + public CMCStatusInfo(int status, SEQUENCE bodyList, String + statusString, OtherInfo otherInfo) { +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java 2006-05-23 20:18:17.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java 2011-08-12 11:21:27.389591000 -0700 +@@ -88,7 +88,6 @@ public class PKIStatusInfo implements AS + /** + * Create a PKIStatusInfo with no failure info. + * @param status A PKIStatus constant. +- * @param failInfo The bitwise AND of the PKIFailureInfo constants. + */ + public PKIStatusInfo(int status) { + this.status = new INTEGER(status); +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java 2004-04-25 08:02:26.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java 2011-08-12 11:20:11.194667000 -0700 +@@ -115,10 +115,6 @@ public class DirectoryString implements + + /** + * Converts an ASN.1 DirectoryString to a Java string. +- * +- * @param dirstr An ANY containing a BER-encoded DirectoryString. +- * @exception InvalidBERException If the encoding does not contain a +- * valid DirectoryString. + */ + public String toString() { + return asn1String.toString(); +@@ -176,6 +172,8 @@ public class DirectoryString implements + /** + * @param implicitTag This paramter is ignored, because + * DirectoryStrings (being CHOICEs) cannot have implicit tags. ++ * @exception InvalidBERException If the encoding does not contain a ++ * valid DirectoryString. + */ + public ASN1Value decode(Tag implicitTag, InputStream istream) + throws IOException, InvalidBERException +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java 2003-04-28 14:48:33.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java 2011-08-12 10:58:39.589958000 -0700 +@@ -91,14 +91,18 @@ class JSSSecretKeyFactorySpi extends Sec + // versions is to use the reflection API. + Class specClass = spec.getClass(); + try { +- Method getSaltMethod = specClass.getMethod("getSalt", null); ++ Method getSaltMethod = specClass.getMethod("getSalt", ++ (java.lang.Class) null); + Method getIterationMethod = +- specClass.getMethod("getIterationCount", null); ++ specClass.getMethod("getIterationCount", ++ (java.lang.Class) null); + +- byte[] salt = (byte[]) getSaltMethod.invoke(spec, null); ++ byte[] salt = (byte[]) getSaltMethod.invoke(spec, ++ (java.lang.Class) null); + + Integer itCountObj = +- (Integer) getIterationMethod.invoke(spec,null); ++ (Integer) getIterationMethod.invoke(spec, ++ (java.lang.Class) null); + int iterationCount = itCountObj.intValue(); + + Password pass = new Password(spec.getPassword()); +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java 2011-08-10 16:21:30.412765000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java 2011-08-12 11:47:38.385021000 -0700 +@@ -182,11 +182,11 @@ public class SSLSocket extends java.net. + } + + /** +- * Creates an SSL client socket and connects to the specified host and ++ * Creates an SSL client socket and connects to the specified address and + * port. Binds to the given local address and port. Installs the given + * callbacks for certificate approval and client certificate selection. + * +- * @param host The hostname to connect to. ++ * @param address The IP address to connect to. + * @param port The port to connect to. + * @param localAddr The local address to bind to. It can be null, in which + * case an unspecified local address will be chosen. +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java 2006-02-23 08:47:17.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java 2011-08-12 13:11:11.790805000 -0700 +@@ -96,7 +96,7 @@ public class HMACTest { + + /** + * Main test method. +- * @params args[] ++ * @param argv + */ + public static void main(String []argv) { + +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java 2011-08-10 16:21:30.337766000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java 2011-08-12 11:53:56.192644000 -0700 +@@ -116,9 +116,9 @@ public class JCASymKeyGen { + } + /** + * +- * @param key +- * @param kg +- * @return ++ * @param keyType ++ * @param provider ++ * @return javax.crypto.SecretKey key + */ + public javax.crypto.SecretKey genSecretKey(String keyType, String provider){ + javax.crypto.SecretKey key = null; +@@ -155,7 +155,7 @@ public class JCASymKeyGen { + * + * @param keyType + * @param provider +- * @return ++ * @return javax.crypto.SecretKey key + */ + public javax.crypto.SecretKey genPBESecretKey(String keyType, + String provider){ +@@ -197,8 +197,10 @@ public class JCASymKeyGen { + /** + * + * @param sKey +- * @param AlgType +- * @param provider ++ * @param algFamily ++ * @param algType ++ * @param providerForEncrypt ++ * @param providerForDecrypt + */ + public void testCipher(javax.crypto.SecretKey sKey, String algFamily, + String algType, String providerForEncrypt, String providerForDecrypt) +@@ -304,8 +306,10 @@ public class JCASymKeyGen { + /** + * + * @param sKey +- * @param AlgType +- * @param provider ++ * @param algFamily ++ * @param algType ++ * @param providerForEncrypt ++ * @param providerForDecrypt + */ + public void testMultiPartCipher(javax.crypto.SecretKey sKey, String algFamily, + String algType, String providerForEncrypt, String providerForDecrypt) +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java 2007-11-15 13:30:19.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java 2011-08-12 12:56:15.480701000 -0700 +@@ -78,7 +78,7 @@ public class JSSE_SSLClient { + + /** + * Set the protocol type and revision +- * @param String sslRevision ++ * @param fSslRevision + */ + public void setSslRevision(String fSslRevision) { + +@@ -91,7 +91,7 @@ public class JSSE_SSLClient { + + /** + * Set the host name to connect to. +- * @param String hostname ++ * @param fHost + */ + public void setHost(String fHost) { + this.host = fHost; +@@ -99,7 +99,7 @@ public class JSSE_SSLClient { + + /** + * Set the port number to connect to. +- * @param int portnumber ++ * @param fPort + */ + public void setPort(int fPort) { + this.port = fPort; +@@ -107,7 +107,7 @@ public class JSSE_SSLClient { + + /** + * Set the cipher suite name to use. +- * @param String cipherSuiteName ++ * @param fCipherSuite + */ + public void setCipherSuite(String fCipherSuite) { + this.cipherName = fCipherSuite; +@@ -115,7 +115,7 @@ public class JSSE_SSLClient { + + /** + * Set the location of rsa.pfx +- * @param String fKeystoreLoc ++ * @param fKeystoreLoc + */ + public void setKeystoreLoc(String fKeystoreLoc) { + keystoreLoc = fKeystoreLoc + "/" + keystoreLoc; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java 2007-11-15 13:30:19.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java 2011-08-12 12:57:18.987637000 -0700 +@@ -75,7 +75,7 @@ public class JSSE_SSLServer { + + /** + * Set the provider to use. +- * @param String p ++ * @param p + */ + public void setProvider(String p) { + provider = p; +@@ -90,7 +90,7 @@ public class JSSE_SSLServer { + } + /** + * Set the location of keystore file. +- * @param String fconfigDir ++ * @param fconfigDir + */ + public void setKeystore(String fconfigDir) { + configDir = fconfigDir; +@@ -117,7 +117,7 @@ public class JSSE_SSLServer { + + /** + * Start SSLServer and accept connections. +- * @param args[] ++ * @param args + */ + public void startSSLServer(String[] args) throws Exception { + String configDir = ""; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java 2005-08-11 11:28:59.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java 2011-08-12 12:50:45.946239000 -0700 +@@ -79,7 +79,7 @@ public class JSS_FileUploadClient { + /** + * Initialize the desired cipher to be set + * on the socket. +- * @param int Cipher ++ * @param aCipher + */ + public void setCipher(int aCipher) { + fCipher = aCipher; +@@ -87,7 +87,7 @@ public class JSS_FileUploadClient { + + /** + * Initialize the hostname to run the server +- * @param String ServerName ++ * @param aHostName + */ + public void setHostName(String aHostName) { + serverHost = aHostName; +@@ -95,7 +95,7 @@ public class JSS_FileUploadClient { + + /** + * Initialize the port to run the server +- * @param int port ++ * @param aPort + */ + public void setPort(int aPort) { + port = aPort; +@@ -103,7 +103,7 @@ public class JSS_FileUploadClient { + + /** + * Initialize the passwords file name +- * @param String passwords ++ * @param aPasswordFile + */ + public void setPasswordFile(String aPasswordFile) { + fPasswordFile = aPasswordFile; +@@ -111,7 +111,7 @@ public class JSS_FileUploadClient { + + /** + * Initialize the cert db path name +- * @param String CertDbPath ++ * @param aCertDbPath + */ + public void setCertDbPath(String aCertDbPath) { + fCertDbPath = aCertDbPath; +@@ -120,7 +120,7 @@ public class JSS_FileUploadClient { + /** + * Initialize the name of the file to + * be used for testing along with full path. +- * @param String UploadFile ++ * @param aUploadFile + */ + public void setUploadFile(String aUploadFile) { + fUploadFile = aUploadFile; +@@ -128,7 +128,7 @@ public class JSS_FileUploadClient { + + /** + * Enable/disable Test Cert Callback. +- * @param boolean ++ * @param aTestCertCallback + */ + public void setTestCertCallback(boolean aTestCertCallback) { + TestCertCallBack = aTestCertCallback; +@@ -136,7 +136,7 @@ public class JSS_FileUploadClient { + + /** + * Set client certificate +- * @param String Certificate Nick Name ++ * @param aClientCertNick Certificate Nick Name + */ + public void setClientCertNick(String aClientCertNick) { + clientCertNick = aClientCertNick; +@@ -170,7 +170,7 @@ public class JSS_FileUploadClient { + + /** + * Set EOF for closinng server socket +- * @param null for closing server socket ++ * @param fEof null for closing server socket + */ + public void setEOF(String fEof) { + this.EOF = fEof; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java 2007-08-20 17:07:58.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java 2011-08-12 12:54:46.978789000 -0700 +@@ -99,7 +99,7 @@ public class JSS_SSLClient { + /** + * Initialize the desired cipher to be set + * on the socket. +- * @param int Cipher ++ * @param aCipher + */ + public void setCipher(int aCipher) { + fCipher = aCipher; +@@ -107,7 +107,7 @@ public class JSS_SSLClient { + + /** + * Initialize the hostname to run the server +- * @param String ServerName ++ * @param aHostName + */ + public void setHostName(String aHostName) { + serverHost = aHostName; +@@ -115,7 +115,7 @@ public class JSS_SSLClient { + + /** + * Initialize the port to run the server +- * @param int port ++ * @param aPort + */ + public void setPort(int aPort) { + port = aPort; +@@ -123,7 +123,7 @@ public class JSS_SSLClient { + + /** + * Initialize the passwords file name +- * @param String passwords ++ * @param aPasswordFile + */ + public void setPasswordFile(String aPasswordFile) { + fPasswordFile = aPasswordFile; +@@ -131,7 +131,7 @@ public class JSS_SSLClient { + + /** + * Initialize the cert db path name +- * @param String CertDbPath ++ * @param aCertDbPath + */ + public static void setCertDbPath(String aCertDbPath) { + fCertDbPath = aCertDbPath; +@@ -147,7 +147,7 @@ public class JSS_SSLClient { + + /** + * Enable/disable Test Cert Callback. +- * @param boolean ++ * @param bypass + */ + public void setBypass(boolean bypass) { + testBypass = bypass; +@@ -155,7 +155,7 @@ public class JSS_SSLClient { + + /** + * Enable/disable Test Cert Callback. +- * @param boolean ++ * @param aTestCertCallback + */ + public void setTestCertCallback(boolean aTestCertCallback) { + TestCertCallBack = aTestCertCallback; +@@ -163,7 +163,7 @@ public class JSS_SSLClient { + + /** + * Set client certificate +- * @param String Certificate Nick Name ++ * @param aClientCertNick Certificate Nick Name + */ + public void setClientCertNick(String aClientCertNick) { + clientCertNick = aClientCertNick; +@@ -197,7 +197,7 @@ public class JSS_SSLClient { + + /** + * Set EOF for closinng server socket +- * @param null for closing server socket ++ * @param fEof null for closing server socket + */ + public void setEOF(String fEof) { + this.EOF = fEof; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java 2007-11-15 13:30:19.000000000 -0800 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java 2011-08-12 12:52:43.644913000 -0700 +@@ -326,7 +326,7 @@ public class JSS_SelfServClient implemen + /** + * Initialize the desired ciphersuite to be set + * on the socket. +- * @param int Cipher ++ * @param aCipher + */ + public void setCipher(int aCipher) { + +@@ -378,7 +378,7 @@ public class JSS_SelfServClient implemen + + /** + * Initialize the hostname to run the server +- * @param String ServerName ++ * @param aHostName + */ + public void setHostName(String aHostName) { + serverHost = aHostName; +@@ -386,7 +386,7 @@ public class JSS_SelfServClient implemen + + /** + * Initialize the port to run the server +- * @param int port ++ * @param aPort + */ + public void setPort(int aPort) { + port = aPort; +@@ -394,7 +394,7 @@ public class JSS_SelfServClient implemen + + /** + * Initialize the passwords file name +- * @param String passwords ++ * @param aPasswordFile + */ + public void setPasswordFile(String aPasswordFile) { + fPasswordFile = aPasswordFile; +@@ -402,7 +402,7 @@ public class JSS_SelfServClient implemen + + /** + * Initialize the cert db path name +- * @param String CertDbPath ++ * @param aCertDbPath + */ + public void setCertDbPath(String aCertDbPath) { + fCertDbPath = aCertDbPath; +@@ -410,7 +410,7 @@ public class JSS_SelfServClient implemen + + /** + * Enable/disable Test Cert Callback. +- * @param boolean ++ * @param aTestCertCallback + */ + public void setTestCertCallback(boolean aTestCertCallback) { + TestCertCallBack = aTestCertCallback; +@@ -418,7 +418,7 @@ public class JSS_SelfServClient implemen + + /** + * Set client certificate +- * @param String Certificate Nick Name ++ * @param aClientCertNick Certificate Nick Name + */ + public void setClientCertNick(String aClientCertNick) { + clientCertNick = aClientCertNick; +diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java +--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java 2007-08-23 16:21:13.000000000 -0700 ++++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java 2011-08-12 12:58:27.925569000 -0700 +@@ -78,7 +78,7 @@ public class SSLClientAuth implements Ru + * @param rand + * @param extensions + * @throws java.lang.Exception +- * @return ++ * @return Certificate + */ + public static Certificate makeCert(String issuerName, String subjectName, + int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand, diff --git a/jss-eliminate-native-compiler-warnings.patch b/jss-eliminate-native-compiler-warnings.patch new file mode 100644 index 0000000..d981eb7 --- /dev/null +++ b/jss-eliminate-native-compiler-warnings.patch @@ -0,0 +1,621 @@ +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c 2011-08-10 16:21:30.609765000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c 2011-08-11 17:54:57.255176000 -0700 +@@ -55,7 +55,7 @@ + + #include "pk11util.h" + +-#if defined(AIX) || defined(HPUX) || defined(LINUX) ++#if defined(AIX) || defined(HPUX) + #include + #endif + +@@ -90,11 +90,11 @@ const char * jss_sccsid() { + /********************************************************************/ + + /* JSS_VERSION from mozilla/security/jss/org/mozilla/jss/util/jssver.h */ +-static const char* DLL_JSS_VERSION = "JSS_VERSION = " JSS_VERSION; ++static const char* VARIABLE_MAY_NOT_BE_USED DLL_JSS_VERSION = "JSS_VERSION = " JSS_VERSION; + /* NSS_VERSION from mozilla/security/nss/lib/nss/nss.h */ +-static const char* DLL_NSS_VERSION = "NSS_VERSION = " NSS_VERSION; ++static const char* VARIABLE_MAY_NOT_BE_USED DLL_NSS_VERSION = "NSS_VERSION = " NSS_VERSION; + /* NSPR_version from mozilla/nsprpub/pr/include/prinit.h */ +-static const char* DLL_NSPR_VERSION = "NSPR_VERSION = " PR_VERSION; ++static const char* VARIABLE_MAY_NOT_BE_USED DLL_NSPR_VERSION = "NSPR_VERSION = " PR_VERSION; + + + +@@ -106,13 +106,13 @@ static char* + getPWFromCallback(PK11SlotInfo *slot, PRBool retry, void *arg); + + /************************************************************* +- * AIX, HP, and Linux signal handling madness ++ * AIX and HP signal handling madness + * + * In order for the JVM, kernel, and NSPR to work together, we setup + * a signal handler for SIGCHLD that does nothing. This is only done +- * on AIX, HP, and Linux. ++ * on AIX and HP. + *************************************************************/ +-#if defined(AIX) || defined(HPUX) || defined(LINUX) ++#if defined(AIX) || defined(HPUX) + + static PRStatus + handleSigChild(JNIEnv *env) { +@@ -333,8 +333,6 @@ Java_org_mozilla_jss_CryptoManager_initi + jboolean initializeJavaOnly ) + { + SECStatus rv = SECFailure; +- JavaVM *VMs[5]; +- jint numVMs; + char *szConfigDir = NULL; + char *szCertPrefix = NULL; + char *szKeyPrefix = NULL; +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c 2011-08-10 16:21:30.849767000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c 2011-08-10 18:22:37.887077000 -0700 +@@ -263,7 +263,7 @@ JNIEXPORT jobject JNICALL + Java_org_mozilla_jss_CryptoManager_findPrivKeyByCertNative + (JNIEnv *env, jobject this, jobject Cert) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread=NULL; + CERTCertificate *cert; + PK11SlotInfo *slot; + SECKEYPrivateKey *privKey=NULL; +@@ -458,7 +458,7 @@ JNIEXPORT jobjectArray JNICALL + Java_org_mozilla_jss_CryptoManager_buildCertificateChainNative + (JNIEnv *env, jobject this, jobject leafCert) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread=NULL; + CERTCertificate *leaf; + jobjectArray chainArray=NULL; + CERTCertDBHandle *certdb; +@@ -812,7 +812,7 @@ Java_org_mozilla_jss_CryptoManager_impor + SECItem *derCerts=NULL; + int certi= -1; + SECItem theDerCert; +- int numCerts; ++ int numCerts = 0; + jbyte *packageBytes=NULL; + jsize packageLen; + SECStatus status; +@@ -1486,7 +1486,7 @@ Java_org_mozilla_jss_CryptoManager_impor + CERTSignedCrl *crl = NULL; + SECItem *packageItem = NULL; + int status = SECFailure; +- char *url; ++ char *url = NULL; + char *errmsg = NULL; + + /*************************************************** +@@ -1651,7 +1651,7 @@ JNIEXPORT jint JNICALL + Java_org_mozilla_jss_CryptoManager_verifyCertificateNowCUNative(JNIEnv *env, + jobject self, jstring nickString, jboolean checkSig) + { +- SECStatus rv = SECFailure; ++ SECStatus VARIABLE_MAY_NOT_BE_USED rv = SECFailure; + SECCertificateUsage currUsage = 0x0000; + + rv = verifyCertificateNow(env, self, nickString, checkSig, 0, &currUsage); +@@ -1736,7 +1736,6 @@ Java_org_mozilla_jss_CryptoManager_verif + SECStatus rv = SECFailure; + SECCertUsage certUsage; + SECItem *derCerts[2]; +- SECStatus status; + CERTCertificate **certArray = NULL; + CERTCertDBHandle *certdb = CERT_GetDefaultCertDB(); + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c 2003-12-19 11:36:30.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c 2011-08-10 16:58:52.527501000 -0700 +@@ -358,7 +358,6 @@ Java_org_mozilla_jss_SecretDecoderRing_K + { + PK11SlotInfo *slot = NULL; + PK11SymKey *symk = NULL; +- SECStatus status; + + /* get the slot */ + if( JSS_PK11_getTokenSlotPtr(env, tokenObj, &slot) != PR_SUCCESS ) { +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c 2004-04-25 08:02:21.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c 2011-08-11 09:40:34.001421000 -0700 +@@ -371,7 +371,7 @@ Java_org_mozilla_jss_crypto_PQGParams_pa + /*********************************************************************** + * Perform the verification. + */ +- if( PK11_PQG_VerifyParams(pParams, pVfy, &verifyResult) != PR_SUCCESS) { ++ if( PK11_PQG_VerifyParams(pParams, pVfy, &verifyResult) != SECSuccess) { + JSS_throw(env, OUT_OF_MEMORY_ERROR); + goto finish; + } +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c 2004-04-25 08:02:22.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c 2011-08-10 18:30:07.942629000 -0700 +@@ -62,7 +62,7 @@ + JNIEXPORT jbyteArray JNICALL Java_org_mozilla_jss_pkcs11_PK11Cert_getEncoded + (JNIEnv *env, jobject this) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + CERTCertificate *cert; + SECItem *derCert; + jbyteArray derArray=NULL; +@@ -118,9 +118,9 @@ finish: + JNIEXPORT jint JNICALL Java_org_mozilla_jss_pkcs11_PK11Cert_getVersion + (JNIEnv *env, jobject this) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + CERTCertificate *cert; +- long lVersion; ++ long lVersion = 0; + + pThread = PR_AttachThread(PR_SYSTEM_THREAD, 0, NULL); + PR_ASSERT(pThread != NULL); +@@ -165,7 +165,7 @@ Java_org_mozilla_jss_pkcs11_PK11Cert_get + { + CERTCertificate *cert; + SECKEYPublicKey *pubk=NULL; +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + jobject pubKey=NULL; + + PR_ASSERT(env!=NULL && this!=NULL); +@@ -210,7 +210,7 @@ Java_org_mozilla_jss_pkcs11_CertProxy_re + (JNIEnv *env, jobject this) + { + CERTCertificate *cert; +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + + PR_ASSERT(env!=NULL && this!=NULL); + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c 2004-04-25 08:02:22.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c 2011-08-10 16:42:43.822494000 -0700 +@@ -73,7 +73,7 @@ Java_org_mozilla_jss_pkcs11_PK11Cipher_i + SECItem *iv=NULL; + PK11Context *context=NULL; + CK_ATTRIBUTE_TYPE op; +- jobject contextObj; ++ jobject contextObj = NULL; + + PR_ASSERT(env!=NULL && clazz!=NULL && keyObj!=NULL && algObj!=NULL); + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2005-11-14 14:15:06.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-08-11 09:23:03.220470000 -0700 +@@ -207,7 +207,7 @@ finish: + } + #endif + +-static void ++static void FUNCTION_MAY_NOT_BE_USED + print_secitem(SECItem *item) { + int i; + int online; +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c 2011-08-10 16:21:30.270767000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c 2011-08-10 18:33:11.773445000 -0700 +@@ -450,7 +450,7 @@ DumpItem(SECItem *item) + for (i=0; i < item->len; i++) { + printf(" %02x",data[i]); + } +- printf(" : 0x%08x %d\n", data, item->len); ++ printf(" : %8p %d\n", data, item->len); + } + + /********************************************************************** +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c 2006-02-22 17:21:42.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c 2011-08-10 16:52:03.052910000 -0700 +@@ -562,7 +562,7 @@ Java_org_mozilla_jss_pkcs11_PK11KeyWrapp + jint keyLen, jbyteArray ivBA, jint usageEnum) + { + PK11SymKey *symKey=NULL; +- CK_MECHANISM_TYPE wrappingMech, keyTypeMech; ++ CK_MECHANISM_TYPE wrappingMech=0, keyTypeMech=0; + SECItem *wrappedKey=NULL, *iv=NULL, *param=NULL; + jobject keyObj=NULL; + SECKEYPrivateKey *wrappingKey=NULL; +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c 2004-04-25 08:02:22.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c 2011-08-10 16:52:54.951857000 -0700 +@@ -88,7 +88,6 @@ Java_org_mozilla_jss_pkcs11_PK11MessageD + PK11Context *context = NULL; + CK_MECHANISM_TYPE mech; + SECItem param; +- PK11SlotInfo *slot=NULL; + jobject contextObj=NULL; + + mech = JSS_getPK11MechFromAlg(env, algObj); +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c 2007-02-23 09:40:21.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c 2011-08-10 16:53:28.788823000 -0700 +@@ -254,7 +254,7 @@ Java_org_mozilla_jss_pkcs11_ModuleProxy_ + { + SECMODModule *module; + +- if (JSS_getPtrFromProxy(env, this, &module) != PR_SUCCESS) { ++ if (JSS_getPtrFromProxy(env, this, (void **)&module) != PR_SUCCESS) { + ASSERT_OUTOFMEM(env); + goto finish; + } +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c 2006-04-24 18:26:42.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c 2011-08-10 18:34:20.954376000 -0700 +@@ -174,7 +174,7 @@ JNIEXPORT jobject JNICALL + Java_org_mozilla_jss_pkcs11_PK11PrivKey_getKeyType + (JNIEnv *env, jobject this) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + SECKEYPrivateKey *privk; + KeyType keyType; + char* keyTypeFieldName; +@@ -259,7 +259,7 @@ Java_org_mozilla_jss_pkcs11_PrivateKeyPr + (JNIEnv *env, jobject this) + { + SECKEYPrivateKey *privk; +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + + PR_ASSERT(env!=NULL && this!=NULL); + +@@ -358,7 +358,6 @@ Java_org_mozilla_jss_pkcs11_PK11PrivKey_ + (JNIEnv *env, jobject this) + { + SECKEYPrivateKey *key = NULL; +- PK11SlotInfo *slot = NULL; + SECItem *idItem = NULL; + jbyteArray byteArray = NULL; + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2006-02-22 17:21:42.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2011-08-10 18:35:04.390333000 -0700 +@@ -62,7 +62,7 @@ JNIEXPORT void JNICALL Java_org_mozilla_ + (JNIEnv *env, jobject this) + { + SECKEYPublicKey *pubk; +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + + PR_ASSERT(env!=NULL && this!=NULL); + +@@ -179,7 +179,7 @@ JNIEXPORT void JNICALL + Java_org_mozilla_jss_pkcs11_PK11PubKey_verifyKeyIsOnToken + (JNIEnv *env, jobject this, jobject token) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + SECKEYPublicKey *key = NULL; + PK11SlotInfo *slot = NULL; + PK11SlotInfo *keySlot = NULL; +@@ -231,7 +231,7 @@ JNIEXPORT jobject JNICALL + Java_org_mozilla_jss_pkcs11_PK11PubKey_getKeyType + (JNIEnv *env, jobject this) + { +- PRThread *pThread; ++ PRThread * VARIABLE_MAY_NOT_BE_USED pThread; + SECKEYPublicKey *pubk; + KeyType keyType; + char* keyTypeFieldName; +@@ -454,7 +454,7 @@ get_public_key_info + { + SECKEYPublicKey *pubk; + jbyteArray byteArray=NULL; +- SECItem *item; ++ SECItem *item=NULL; + + PR_ASSERT(env!=NULL && this!=NULL); + +@@ -526,7 +526,6 @@ pubkFromRaw(JNIEnv *env, CK_KEY_TYPE typ + { + jobject pubkObj=NULL; + SECKEYPublicKey *pubk=NULL; +- SECStatus rv; + SECItem *pubkDER=NULL; + + /* validate args */ +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c 2005-01-28 11:16:11.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c 2011-08-10 18:36:05.252271000 -0700 +@@ -112,7 +112,7 @@ Java_org_mozilla_jss_pkcs11_PK11SecureRa + * "C" data members + */ + +- PRThread* pThread = NULL; ++ PRThread* VARIABLE_MAY_NOT_BE_USED pThread = NULL; + SECStatus status = PR_FALSE; + PK11SlotInfo* slot = NULL; + +@@ -262,7 +262,7 @@ Java_org_mozilla_jss_pkcs11_PK11SecureRa + * "C" data members + */ + +- PRThread* pThread = NULL; ++ PRThread* VARIABLE_MAY_NOT_BE_USED pThread = NULL; + SECStatus status = PR_FALSE; + + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c 2006-04-03 16:09:49.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c 2011-08-10 18:38:12.365145000 -0700 +@@ -319,7 +319,7 @@ Java_org_mozilla_jss_pkcs11_PK11Store_de + (JNIEnv *env, jobject this, jobject certObject) + { + CERTCertificate *cert; +- SECStatus status; ++ SECStatus VARIABLE_MAY_NOT_BE_USED status; + + PR_ASSERT(env!=NULL && this!=NULL); + if(certObject == NULL) { +@@ -349,7 +349,7 @@ Java_org_mozilla_jss_pkcs11_PK11Store_de + (JNIEnv *env, jobject this, jobject certObject) + { + CERTCertificate *cert; +- SECStatus status; ++ SECStatus VARIABLE_MAY_NOT_BE_USED status; + + PR_ASSERT(env!=NULL && this!=NULL); + if(certObject == NULL) { +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c 2004-04-25 08:02:22.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c 2011-08-11 09:42:52.967282000 -0700 +@@ -233,7 +233,7 @@ Java_org_mozilla_jss_pkcs11_PK11SymKey_g + jfieldID typeField=NULL; + jobject typeObject=NULL; + +- if( JSS_PK11_getSymKeyPtr(env, this, &key) != SECSuccess ) { ++ if( JSS_PK11_getSymKeyPtr(env, this, &key) != PR_SUCCESS ) { + ASSERT_OUTOFMEM(env); + goto finish; + } +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2007-11-09 16:37:57.000000000 -0800 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2011-08-10 18:38:52.421104000 -0700 +@@ -961,9 +961,9 @@ JNIEXPORT jstring JNICALL Java_org_mozil + jstring keyType, jbyteArray P, jbyteArray Q, jbyteArray G) + { + PK11SlotInfo *slot; +- const char* c_subject; ++ const char* c_subject=NULL; + jboolean isCopy; +- unsigned char *b64request; ++ unsigned char *b64request=NULL; + SECItem p, q, g; + PQGParams *dsaParams=NULL; + const char* c_keyType; +@@ -1080,7 +1080,7 @@ GenerateCertRequest(JNIEnv *env, + SECStatus rv; + PRArenaPool *arena; + SECItem result_der, result; +- SECItem *blob; ++ SECItem * VARIABLE_MAY_NOT_BE_USED blob; + CK_MECHANISM_TYPE signMech; + CK_MECHANISM_TYPE keygenMech; + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c 2003-09-24 15:20:05.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c 2011-08-10 16:57:42.991570000 -0700 +@@ -89,7 +89,6 @@ traverseTokenObjects + SECKEYPublicKeyList* pubkList = NULL; + PK11SymKey *symKey = NULL; + CERTCertList *certList = NULL; +- SECStatus secstat; + + /* + * Get all private keys +@@ -508,7 +507,6 @@ lookupCertByNickname(JNIEnv *env, jobjec + { + PK11SlotInfo *slot; + EngineGetCertificateCBInfo cbinfo = {NULL,NULL}; +- jbyteArray derCertBA = NULL; + PRStatus status = PR_FAILURE; + + if( alias == NULL ) goto finish; +@@ -813,7 +811,6 @@ Java_org_mozilla_jss_provider_java_secur + PK11SlotInfo *slot; + EngineGetCertificateCBInfo cbinfo = {NULL,NULL}; + jboolean retVal = JNI_FALSE; +- SECKEYPrivateKey *privk = NULL; + + if( alias == NULL ) goto finish; + +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c 2011-08-10 16:21:30.395765000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c 2011-08-10 17:05:15.363117000 -0700 +@@ -397,7 +397,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getSo + { + PRSocketOptionData sockOptions; + JSSL_SocketData *sock = NULL; +- jint retval; ++ jint retval=-1; + PRStatus status; + + if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) { +@@ -874,7 +874,7 @@ JNIEXPORT jint JNICALL + Java_org_mozilla_jss_ssl_SSLSocket_socketAvailable( + JNIEnv *env, jobject self) + { +- jint available; ++ jint available=0; + JSSL_SocketData *sock = NULL; + + if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) { +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c 2011-08-10 16:21:30.434766000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c 2011-08-11 09:44:12.310202000 -0700 +@@ -64,7 +64,7 @@ JSSL_throwSSLSocketException(JNIEnv *env + jmethodID excepCons; + jobject excepObj; + jstring msgString; +- jint result; ++ jint VARIABLE_MAY_NOT_BE_USED result; + + /* + * get the error code and error string +@@ -149,8 +149,8 @@ Java_org_mozilla_jss_ssl_SocketBase_sock + jbyteArray sdArray = NULL; + JSSL_SocketData *sockdata = NULL; + SECStatus status; +- PRFileDesc *newFD; +- PRFileDesc *tmpFD; ++ PRFileDesc *newFD = NULL; ++ PRFileDesc *tmpFD = NULL; + PRFilePrivate *priv = NULL; + int socketFamily = 0; + +@@ -627,7 +627,7 @@ Java_org_mozilla_jss_ssl_SocketBase_getS + SECStatus status = SECSuccess; + PRBool bOption = PR_FALSE; + +- if( JSSL_getSockData(env, self, &sock) != SECSuccess ) { ++ if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) { + goto finish; + } + +@@ -649,7 +649,7 @@ JSSL_getSockAddr + (JNIEnv *env, jobject self, PRNetAddr *addr, LocalOrPeer localOrPeer) + { + JSSL_SocketData *sock = NULL; +- PRStatus status; ++ PRStatus status=PR_FAILURE; + + /* get my fd */ + if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) { +@@ -893,7 +893,7 @@ JSS_SSL_processExceptions(JNIEnv *env, P + + finish: + if( currentExcep != NULL && (*env)->ExceptionOccurred(env) == NULL) { +- int ret = (*env)->Throw(env, currentExcep); ++ int VARIABLE_MAY_NOT_BE_USED ret = (*env)->Throw(env, currentExcep); + PR_ASSERT(ret == 0); + } + } +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c 2011-08-10 16:21:30.446765000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c 2011-08-10 17:03:48.769206000 -0700 +@@ -92,7 +92,7 @@ writebuf(JNIEnv *env, PRFileDesc *fd, jo + jmethodID getOutputStream, writeMethod; + jclass sockClass, osClass; + jobject outputStream; +- jint arrayLen; ++ jint arrayLen=-1; + PRInt32 retval; + + /* +@@ -211,7 +211,7 @@ jsock_write(PRFileDesc *fd, const PRIOVe + jobject sockObj; + JNIEnv *env; + jbyteArray outbufArray; +- PRInt32 retval; ++ PRInt32 retval=-1; + + if( GET_ENV(fd->secret->javaVM, env) ) goto finish; + +@@ -500,7 +500,7 @@ static PRInt32 + jsock_recv(PRFileDesc *fd, void *buf, PRInt32 amount, + PRIntn flags, PRIntervalTime timeout) + { +- PRInt32 retval; ++ PRInt32 retval=-1; + JNIEnv *env; + jobject sockObj; + jbyteArray byteArray; +@@ -637,7 +637,7 @@ getIntProperty(JNIEnv *env, jobject sock + { + jclass sockClass; + jmethodID method; +- jint retval; ++ jint retval=0; + + sockClass = (*env)->GetObjectClass(env, sock); + if( sockClass == NULL ) goto finish; +@@ -1001,12 +1001,6 @@ static const PRIOMethods jsockMethods = + (PRReservedFN) invalidInt + }; + +-static const PRIOMethods* +-getJsockMethods() +-{ +- return &jsockMethods; +-} +- + static void + jsockDestructor(PRFileDesc *fd) + { +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c 2004-04-25 08:02:29.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c 2011-08-10 18:24:58.470937000 -0700 +@@ -115,7 +115,7 @@ void + JSS_throwMsg(JNIEnv *env, char *throwableClassName, char *message) { + + jclass throwableClass; +- jint result; ++ jint VARIABLE_MAY_NOT_BE_USED result; + + /* validate arguments */ + PR_ASSERT(env!=NULL && throwableClassName!=NULL && message!=NULL); +@@ -156,7 +156,7 @@ JSS_throw(JNIEnv *env, char *throwableCl + jclass throwableClass; + jobject throwable; + jmethodID constructor; +- jint result; ++ jint VARIABLE_MAY_NOT_BE_USED result; + + PR_ASSERT( (*env)->ExceptionOccurred(env) == NULL ); + +@@ -222,7 +222,9 @@ JSS_throw(JNIEnv *env, char *throwableCl + PRStatus + JSS_getPtrFromProxy(JNIEnv *env, jobject nativeProxy, void **ptr) + { ++#ifdef DEBUG + jclass nativeProxyClass; ++#endif + jclass proxyClass; + jfieldID byteArrayField; + jbyteArray byteArray; +@@ -745,7 +747,7 @@ JSS_trace(JNIEnv *env, jint level, char + void + JSS_assertOutOfMem(JNIEnv *env) + { +- jclass memErrClass; ++ jclass VARIABLE_MAY_NOT_BE_USED memErrClass; + jthrowable excep; + + PR_ASSERT(env != NULL); +@@ -804,7 +806,7 @@ JSS_SECItemToByteArray(JNIEnv *env, SECI + goto finish; + } + +- (*env)->SetByteArrayRegion(env, array, 0, item->len, item->data); ++ (*env)->SetByteArrayRegion(env, array, 0, item->len, (jbyte*)item->data); + + finish: + return array; +diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h +--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h 2004-04-25 08:02:29.000000000 -0700 ++++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h 2011-08-11 18:12:56.926098000 -0700 +@@ -36,6 +36,19 @@ + #ifndef JSS_NATIVE_UTIL_H + #define JSS_NATIVE_UTIL_H + ++/* The following #defines are used to suppress undesired compiler warnings ++ * that have been deemed inappropriate. ++ * ++ * IMPORTANT: These are ONLY used on an "as-needed" basis! ++ */ ++#ifdef __GNUC__ ++#define FUNCTION_MAY_NOT_BE_USED __attribute__ ((unused)) ++#define VARIABLE_MAY_NOT_BE_USED __attribute__ ((unused)) ++#else ++#define FUNCTION_MAY_NOT_BE_USED ++#define VARIABLE_MAY_NOT_BE_USED ++#endif ++ + /* Need to include these first. + * #include + * #include diff --git a/jss.spec b/jss.spec index d69e6a0..13b29c0 100644 --- a/jss.spec +++ b/jss.spec @@ -1,6 +1,6 @@ Name: jss Version: 4.2.6 -Release: 17%{?dist} +Release: 19.1%{?dist} Summary: Java Security Services (JSS) Group: System Environment/Libraries @@ -34,6 +34,9 @@ Patch9: jss-bad-error-string-pointer.patch Patch10: jss-VerifyCertificateReturnCU.patch #Patch11: jss-slots-not-freed.patch Patch12: jss-ECC-HSM-FIPS.patch +Patch13: jss-eliminate-native-compiler-warnings.patch +Patch14: jss-eliminate-java-compiler-warnings.patch +Patch15: jss-PKCS12-FIPS.patch %description @@ -63,6 +66,9 @@ This package contains the API documentation for JSS. %patch10 -p1 #%patch11 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 %build [ -z "$JAVA_HOME" ] && export JAVA_HOME=%{_jvmdir}/java @@ -97,6 +103,11 @@ USE_64=1 export USE_64 %endif +%if 0%{?fedora} >= 16 +cp -p mozilla/security/coreconf/Linux2.6.mk mozilla/security/coreconf/Linux3.1.mk +sed -i -e 's;LINUX2_1;LINUX3_1;' mozilla/security/coreconf/Linux3.1.mk +%endif + # The Makefile is not thread-safe make -C mozilla/security/coreconf make -C mozilla/security/jss @@ -113,12 +124,17 @@ cp -p %{SOURCE3} . # There is no install target so we'll do it by hand # jars +%if 0%{?fedora} >= 16 +install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir} +install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_jnidir}/jss4.jar +%else install -d -m 0755 $RPM_BUILD_ROOT%{_libdir}/jss install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_libdir}/jss/jss4-%{version}.jar ln -fs jss4-%{version}.jar $RPM_BUILD_ROOT%{_libdir}/jss/jss4.jar install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir} ln -fs %{_libdir}/jss/jss4.jar $RPM_BUILD_ROOT%{_jnidir}/jss4.jar +%endif # We have to use the name libjss4.so because this is dynamically # loaded by the jar file. @@ -146,6 +162,17 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Wed Aug 31 2011 Matthew Harmsen - 4.2.6-19.1 +- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . + +* Mon Aug 15 2011 Christina Fu - 4.2.6-19 +- Bugzilla Bug 733550 - DRM failed to recovery keys when in FIPS mode + (HSM + NSS) + +* Fri Aug 12 2011 Matthew Harmsen - 4.2.6-18 +- Bugzilla Bug #660436 - Warnings should be cleaned up in JSS build + (jdennis, mharmsen) + * Wed May 18 2011 Christina Fu - 4.2.6-17 - Bug 670980 - Cannot create system certs when using LunaSA HSM in FIPS Mode and ECC algorithms (support tokens that don't do ECDH)