rpms/jss
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .

Browse Source
This commit is contained in:
Kevin Wright 2011-09-13 00:53:07 -07:00
parent fca747ec0d
commit 35a6b620b3
5 changed files with 1371 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
clog
View File

@ -1,2 +1 @@
Bug 670980 - Cannot create system certs when using LunaSA HSM in FIPS Mode
and ECC algorithms (support tokens that don't do ECDH)
Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .

80
jss-PKCS12-FIPS.patch Normal file
View File

@ -0,0 +1,80 @@
diff -up jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c.fix jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c
--- jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c.fix 2011-08-15 15:39:56.633158000 -0700
+++ jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-08-15 20:43:34.947749000 -0700
@@ -239,40 +239,47 @@ print_secitem(SECItem *item) {
* TokenException if an error occurs.
*/
static PK11SymKey*
-constructSHA1PBAKey(JNIEnv *env, SECItem *pwitem, SECItem *salt,
+constructSHA1PBAKey(JNIEnv *env, PK11SlotInfo *slot, SECItem *pwitem, SECItem *salt,
int iterationCount)
{
- PBEBitGenContext* pbeCtxt=NULL;
- SECItem *keyBits=NULL;
PK11SymKey *key=NULL;
- pbeCtxt = PBE_CreateContext( SEC_OID_SHA1, pbeBitGenIntegrityKey,
- pwitem, salt, 160 /* SHA1 key length */, iterationCount);
- if( pbeCtxt == NULL ) {
- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to create PBE context");
+ unsigned char ivData[8];
+ SECItem mechItem;
+ CK_PBE_PARAMS pbe_params;
+
+ if( pwitem == NULL ) {
+ JSS_throwMsg(env, TOKEN_EXCEPTION,
+ "constructSHA1PAKey:"
+ " pwitem NULL");
goto finish;
}
-
- keyBits = PBE_GenerateBits(pbeCtxt);
- if( keyBits == NULL ) {
- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to generate bits from"
- "PBE context");
+ if( salt == NULL ) {
+ JSS_throwMsg(env, TOKEN_EXCEPTION,
+ "constructSHA1PAKey:"
+ " salt NULL");
goto finish;
}
- key = PK11_ImportSymKey( PK11_GetInternalSlot(), CKM_SHA_1,
- PK11_OriginGenerated, CKA_SIGN, keyBits, NULL);
+ pbe_params.pInitVector = ivData;
+ pbe_params.pPassword = pwitem->data;
+ pbe_params.ulPasswordLen = pwitem->len;
+ pbe_params.pSalt = salt->data;
+ pbe_params.ulSaltLen = salt->len;
+ pbe_params.ulIteration = iterationCount;
+ mechItem.data = (unsigned char *) &pbe_params;
+ mechItem.len = sizeof(pbe_params);
+
+ key = PK11_RawPBEKeyGen(slot, CKM_PBA_SHA1_WITH_SHA1_HMAC, &mechItem, pwitem, PR_FALSE, NULL);
+
if( key == NULL ) {
- JSS_throwMsg(env, TOKEN_EXCEPTION, "Failed to import PBA key from"
- " PBA-generated bits");
+ JSS_throwMsg(env, TOKEN_EXCEPTION,
+ "PK11_RawPBEKeyGen:"
+ " failed to generate key");
goto finish;
}
finish:
- if( pbeCtxt ) {
- PBE_DestroyContext(pbeCtxt);
- }
- /* keyBits == pbeCtxt, so we don't need to free it */
return key;
}
@@ -324,7 +331,7 @@ Java_org_mozilla_jss_pkcs11_PK11KeyGener
/* special case, construct key by hand. Bug #336587 */
- skey = constructSHA1PBAKey(env, pwitem, salt, iterationCount);
+ skey = constructSHA1PBAKey(env, slot, pwitem, salt, iterationCount);
if( skey==NULL ) {
/* exception was thrown */
goto finish;

641
jss-eliminate-java-compiler-warnings.patch Normal file
View File

@ -0,0 +1,641 @@
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java 2011-08-10 16:21:30.837765000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.java 2011-08-12 13:13:34.449664000 -0700
@@ -1125,7 +1125,7 @@ public final class CryptoManager impleme
* Imports a single certificate into the permanent certificate
* database.
*
- * @param derCert the certificate you want to add
+ * @param cert the certificate you want to add
* @param nickname the nickname you want to refer to the certificate as
* (must not be null)
*/
@@ -1391,11 +1391,11 @@ public final class CryptoManager impleme
public static final String
JAR_JDK_VERSION = "JDK_VERSION = N/A";
public static final String
- JAR_NSS_VERSION = "NSS_VERSION = NSS_3_11_9_RTM";
+ JAR_NSS_VERSION = "NSS_VERSION = N/A";
public static final String
JAR_DBM_VERSION = "DBM_VERSION = N/A";
public static final String
- JAR_NSPR_VERSION = "NSPR_VERSION = NSPR_4_7_RTM";
+ JAR_NSPR_VERSION = "NSPR_VERSION = N/A";
/**
* Loads the JSS dynamic library if necessary.
@@ -1433,8 +1433,8 @@ public final class CryptoManager impleme
* this thread's token to <tt>null</tt> will also cause the
* InternalKeyStorageToken to be used.
*
- * @param The token to use for crypto operations. Specifying <tt>null</tt>
- * will cause the InternalKeyStorageToken to be used.
+ * @param token The token to use for crypto operations. Specifying
+ * <tt>null</tt> will cause the InternalKeyStorageToken to be used.
*/
public void setThreadToken(CryptoToken token) {
if( token != null ) {
@@ -1579,7 +1579,7 @@ public final class CryptoManager impleme
* Verify a certificate in memory. Check if
* valid and that we trust the issuer. Verify time
* against Now.
- * @param certificate in memory
+ * @param certPackage certificate in memory
* @param checkSig verify the signature of the certificate
* @param certUsage see exposed certUsage defines to verify Certificate
* @return true for success; false otherwise
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java 2011-08-10 17:29:33.476661000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/JSSProvider.java 2011-08-12 11:00:26.456852000 -0700
@@ -51,7 +51,7 @@ public final class JSSProvider extends j
private static int JSS_MAJOR_VERSION = 4;
private static int JSS_MINOR_VERSION = 2;
- private static int JSS_PATCH_VERSION = 5;
+ private static int JSS_PATCH_VERSION = 6;
private static double JSS_VERSION = JSS_MAJOR_VERSION +
(JSS_MINOR_VERSION * 100 +
JSS_PATCH_VERSION)/10000.0;
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java 2004-04-25 08:02:21.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/Cipher.java 2011-08-12 13:10:50.781827000 -0700
@@ -144,8 +144,8 @@ public abstract class Cipher {
* <i>B</i> is the block size, the padding string consists of
* <i>B</i> - (<i>M</i> mod <i>B</i>) octets, each having the value
* <i>B</i> - (<i>M</i> mod <i>B</i>).
- * @param The block size of the encryption algorithm. Must be greater
- * than zero.
+ * @param blockSize The block size of the encryption algorithm.
+ * Must be greater than zero.
* @see #unPad
*/
public static byte[]
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java 2007-11-09 16:37:56.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/CryptoToken.java 2011-08-12 11:07:20.326438000 -0700
@@ -194,7 +194,7 @@ public interface CryptoToken {
* Login to the token. If a token is logged in, it will not trigger
* password callbacks.
*
- * @param password The password for this token.
+ * @param pwcb The password callback for this token.
* @exception IncorrectPasswordException If the supplied password is
* incorrect.
* @see #setLoginMode
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java 2004-04-25 08:02:21.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/JSSMessageDigest.java 2011-08-12 11:08:37.747360000 -0700
@@ -88,7 +88,7 @@ public abstract class JSSMessageDigest {
* Completes digestion.
*
* @return The, ahem, output of the digest operation.
- * @param If an error occurs while digesting.
+ * @exception DigestException If an error occurs while digesting.
*/
public byte[] digest() throws DigestException {
byte[] output = new byte[getOutputSize()];
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java 2004-04-25 08:02:21.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PBEKeyGenParams.java 2011-08-12 11:09:41.345296000 -0700
@@ -60,7 +60,7 @@ public class PBEKeyGenParams implements
* Must not be null. It is the responsibility of the caller to
* use the right salt length for the algorithm. Most algorithms
* use 8 bytes of salt.
- * @param The iteration count for the PBE algorithm.
+ * @param iterations The iteration count for the PBE algorithm.
*/
public PBEKeyGenParams(Password pass, byte[] salt, int iterations) {
if(pass==null || salt==null) {
@@ -80,7 +80,7 @@ public class PBEKeyGenParams implements
* Must not be null. It is the responsibility of the caller to
* use the right salt length for the algorithm. Most algorithms
* use 8 bytes of salt.
- * @param The iteration count for the PBE algorithm.
+ * @param iterations The iteration count for the PBE algorithm.
*/
public PBEKeyGenParams(char[] pass, byte[] salt, int iterations) {
if(pass==null || salt==null) {
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java 2007-11-09 16:37:57.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.java 2011-08-12 11:13:51.807047000 -0700
@@ -228,8 +228,8 @@ public final class PK11Token implements
* Initialize PIN. This sets the user's new PIN, using the current
* security officer PIN for authentication.
*
- * @param ssopw The security officer's current password.
- * @param userpw The user's new password.
+ * @param ssopwcb The security officer's current password callback.
+ * @param userpwcb The user's new password callback.
* @exception IncorrectPinException If the security officer PIN is
* incorrect.
* @exception TokenException If the PIN was already initialized,
@@ -322,8 +322,8 @@ public final class PK11Token implements
* Change password. This changes the user's PIN after it has already
* been initialized.
*
- * @param oldPIN The user's old PIN.
- * @param newPIN The new PIN.
+ * @param oldPINcb The user's old PIN callback.
+ * @param newPINcb The new PIN callback.
* @exception IncorrectPasswordException If the old PIN is incorrect.
* @exception TokenException If some other error occurs on the token.
*
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java 2005-09-22 10:58:35.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs12/SafeBag.java 2011-08-12 11:14:44.011995000 -0700
@@ -288,7 +288,7 @@ public final class SafeBag implements AS
* as the nickname of the associated cert.
* @param localKeyID The localKeyID for the key; should be the same as
* the localKeyID of the associated cert.
- * @param The password used to encrypt the private key.
+ * @param password The password used to encrypt the private key.
*/
public static SafeBag
createEncryptedPrivateKeyBag(PrivateKeyInfo privk, String friendlyName,
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java 2004-04-25 08:02:23.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java 2011-08-12 11:12:13.957145000 -0700
@@ -430,7 +430,6 @@ public class SignerInfo implements ASN1V
* SignerInfo.
* @param contentType The type of the content that is signed by this
* SignerInfo.
- * @param pubkey The public key to use to verify the signature.
* @exception NoSuchObjectException If no certificate matching the
* the issuer name and serial number can be found.
*/
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java 2004-11-18 14:56:11.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmc/CMCStatusInfo.java 2011-08-12 11:20:39.240639000 -0700
@@ -108,7 +108,7 @@ public class CMCStatusInfo implements AS
* @param status A CMCStatus constant.
* @param bodyList The sequence of bodyPartID.
* @param statusString A String.
- * @param OtherInfo The OtherInfo choice.
+ * @param otherInfo The OtherInfo choice.
*/
public CMCStatusInfo(int status, SEQUENCE bodyList, String
statusString, OtherInfo otherInfo) {
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java 2006-05-23 20:18:17.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/cmmf/PKIStatusInfo.java 2011-08-12 11:21:27.389591000 -0700
@@ -88,7 +88,6 @@ public class PKIStatusInfo implements AS
/**
* Create a PKIStatusInfo with no failure info.
* @param status A PKIStatus constant.
- * @param failInfo The bitwise AND of the PKIFailureInfo constants.
*/
public PKIStatusInfo(int status) {
this.status = new INTEGER(status);
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java 2004-04-25 08:02:26.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkix/primitive/DirectoryString.java 2011-08-12 11:20:11.194667000 -0700
@@ -115,10 +115,6 @@ public class DirectoryString implements
/**
* Converts an ASN.1 DirectoryString to a Java string.
- *
- * @param dirstr An ANY containing a BER-encoded DirectoryString.
- * @exception InvalidBERException If the encoding does not contain a
- * valid DirectoryString.
*/
public String toString() {
return asn1String.toString();
@@ -176,6 +172,8 @@ public class DirectoryString implements
/**
* @param implicitTag <b>This paramter is ignored</b>, because
* DirectoryStrings (being CHOICEs) cannot have implicit tags.
+ * @exception InvalidBERException If the encoding does not contain a
+ * valid DirectoryString.
*/
public ASN1Value decode(Tag implicitTag, InputStream istream)
throws IOException, InvalidBERException
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java 2003-04-28 14:48:33.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/javax/crypto/JSSSecretKeyFactorySpi.java 2011-08-12 10:58:39.589958000 -0700
@@ -91,14 +91,18 @@ class JSSSecretKeyFactorySpi extends Sec
// versions is to use the reflection API.
Class specClass = spec.getClass();
try {
- Method getSaltMethod = specClass.getMethod("getSalt", null);
+ Method getSaltMethod = specClass.getMethod("getSalt",
+ (java.lang.Class) null);
Method getIterationMethod =
- specClass.getMethod("getIterationCount", null);
+ specClass.getMethod("getIterationCount",
+ (java.lang.Class) null);
- byte[] salt = (byte[]) getSaltMethod.invoke(spec, null);
+ byte[] salt = (byte[]) getSaltMethod.invoke(spec,
+ (java.lang.Class) null);
Integer itCountObj =
- (Integer) getIterationMethod.invoke(spec,null);
+ (Integer) getIterationMethod.invoke(spec,
+ (java.lang.Class) null);
int iterationCount = itCountObj.intValue();
Password pass = new Password(spec.getPassword());
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java 2011-08-10 16:21:30.412765000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.java 2011-08-12 11:47:38.385021000 -0700
@@ -182,11 +182,11 @@ public class SSLSocket extends java.net.
}
/**
- * Creates an SSL client socket and connects to the specified host and
+ * Creates an SSL client socket and connects to the specified address and
* port. Binds to the given local address and port. Installs the given
* callbacks for certificate approval and client certificate selection.
*
- * @param host The hostname to connect to.
+ * @param address The IP address to connect to.
* @param port The port to connect to.
* @param localAddr The local address to bind to. It can be null, in which
* case an unspecified local address will be chosen.
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java 2006-02-23 08:47:17.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/HMACTest.java 2011-08-12 13:11:11.790805000 -0700
@@ -96,7 +96,7 @@ public class HMACTest {
/**
* Main test method.
- * @params args[]
+ * @param argv
*/
public static void main(String []argv) {
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java 2011-08-10 16:21:30.337766000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JCASymKeyGen.java 2011-08-12 11:53:56.192644000 -0700
@@ -116,9 +116,9 @@ public class JCASymKeyGen {
}
/**
*
- * @param key
- * @param kg
- * @return
+ * @param keyType
+ * @param provider
+ * @return javax.crypto.SecretKey key
*/
public javax.crypto.SecretKey genSecretKey(String keyType, String provider){
javax.crypto.SecretKey key = null;
@@ -155,7 +155,7 @@ public class JCASymKeyGen {
*
* @param keyType
* @param provider
- * @return
+ * @return javax.crypto.SecretKey key
*/
public javax.crypto.SecretKey genPBESecretKey(String keyType,
String provider){
@@ -197,8 +197,10 @@ public class JCASymKeyGen {
/**
*
* @param sKey
- * @param AlgType
- * @param provider
+ * @param algFamily
+ * @param algType
+ * @param providerForEncrypt
+ * @param providerForDecrypt
*/
public void testCipher(javax.crypto.SecretKey sKey, String algFamily,
String algType, String providerForEncrypt, String providerForDecrypt)
@@ -304,8 +306,10 @@ public class JCASymKeyGen {
/**
*
* @param sKey
- * @param AlgType
- * @param provider
+ * @param algFamily
+ * @param algType
+ * @param providerForEncrypt
+ * @param providerForDecrypt
*/
public void testMultiPartCipher(javax.crypto.SecretKey sKey, String algFamily,
String algType, String providerForEncrypt, String providerForDecrypt)
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java 2007-11-15 13:30:19.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLClient.java 2011-08-12 12:56:15.480701000 -0700
@@ -78,7 +78,7 @@ public class JSSE_SSLClient {
/**
* Set the protocol type and revision
- * @param String sslRevision
+ * @param fSslRevision
*/
public void setSslRevision(String fSslRevision) {
@@ -91,7 +91,7 @@ public class JSSE_SSLClient {
/**
* Set the host name to connect to.
- * @param String hostname
+ * @param fHost
*/
public void setHost(String fHost) {
this.host = fHost;
@@ -99,7 +99,7 @@ public class JSSE_SSLClient {
/**
* Set the port number to connect to.
- * @param int portnumber
+ * @param fPort
*/
public void setPort(int fPort) {
this.port = fPort;
@@ -107,7 +107,7 @@ public class JSSE_SSLClient {
/**
* Set the cipher suite name to use.
- * @param String cipherSuiteName
+ * @param fCipherSuite
*/
public void setCipherSuite(String fCipherSuite) {
this.cipherName = fCipherSuite;
@@ -115,7 +115,7 @@ public class JSSE_SSLClient {
/**
* Set the location of rsa.pfx
- * @param String fKeystoreLoc
+ * @param fKeystoreLoc
*/
public void setKeystoreLoc(String fKeystoreLoc) {
keystoreLoc = fKeystoreLoc + "/" + keystoreLoc;
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java 2007-11-15 13:30:19.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSSE_SSLServer.java 2011-08-12 12:57:18.987637000 -0700
@@ -75,7 +75,7 @@ public class JSSE_SSLServer {
/**
* Set the provider to use.
- * @param String p
+ * @param p
*/
public void setProvider(String p) {
provider = p;
@@ -90,7 +90,7 @@ public class JSSE_SSLServer {
}
/**
* Set the location of keystore file.
- * @param String fconfigDir
+ * @param fconfigDir
*/
public void setKeystore(String fconfigDir) {
configDir = fconfigDir;
@@ -117,7 +117,7 @@ public class JSSE_SSLServer {
/**
* Start SSLServer and accept connections.
- * @param args[]
+ * @param args
*/
public void startSSLServer(String[] args) throws Exception {
String configDir = "";
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java 2005-08-11 11:28:59.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_FileUploadClient.java 2011-08-12 12:50:45.946239000 -0700
@@ -79,7 +79,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the desired cipher to be set
* on the socket.
- * @param int Cipher
+ * @param aCipher
*/
public void setCipher(int aCipher) {
fCipher = aCipher;
@@ -87,7 +87,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the hostname to run the server
- * @param String ServerName
+ * @param aHostName
*/
public void setHostName(String aHostName) {
serverHost = aHostName;
@@ -95,7 +95,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the port to run the server
- * @param int port
+ * @param aPort
*/
public void setPort(int aPort) {
port = aPort;
@@ -103,7 +103,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the passwords file name
- * @param String passwords
+ * @param aPasswordFile
*/
public void setPasswordFile(String aPasswordFile) {
fPasswordFile = aPasswordFile;
@@ -111,7 +111,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the cert db path name
- * @param String CertDbPath
+ * @param aCertDbPath
*/
public void setCertDbPath(String aCertDbPath) {
fCertDbPath = aCertDbPath;
@@ -120,7 +120,7 @@ public class JSS_FileUploadClient {
/**
* Initialize the name of the file to
* be used for testing along with full path.
- * @param String UploadFile
+ * @param aUploadFile
*/
public void setUploadFile(String aUploadFile) {
fUploadFile = aUploadFile;
@@ -128,7 +128,7 @@ public class JSS_FileUploadClient {
/**
* Enable/disable Test Cert Callback.
- * @param boolean
+ * @param aTestCertCallback
*/
public void setTestCertCallback(boolean aTestCertCallback) {
TestCertCallBack = aTestCertCallback;
@@ -136,7 +136,7 @@ public class JSS_FileUploadClient {
/**
* Set client certificate
- * @param String Certificate Nick Name
+ * @param aClientCertNick Certificate Nick Name
*/
public void setClientCertNick(String aClientCertNick) {
clientCertNick = aClientCertNick;
@@ -170,7 +170,7 @@ public class JSS_FileUploadClient {
/**
* Set EOF for closinng server socket
- * @param null for closing server socket
+ * @param fEof null for closing server socket
*/
public void setEOF(String fEof) {
this.EOF = fEof;
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java 2007-08-20 17:07:58.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SSLClient.java 2011-08-12 12:54:46.978789000 -0700
@@ -99,7 +99,7 @@ public class JSS_SSLClient {
/**
* Initialize the desired cipher to be set
* on the socket.
- * @param int Cipher
+ * @param aCipher
*/
public void setCipher(int aCipher) {
fCipher = aCipher;
@@ -107,7 +107,7 @@ public class JSS_SSLClient {
/**
* Initialize the hostname to run the server
- * @param String ServerName
+ * @param aHostName
*/
public void setHostName(String aHostName) {
serverHost = aHostName;
@@ -115,7 +115,7 @@ public class JSS_SSLClient {
/**
* Initialize the port to run the server
- * @param int port
+ * @param aPort
*/
public void setPort(int aPort) {
port = aPort;
@@ -123,7 +123,7 @@ public class JSS_SSLClient {
/**
* Initialize the passwords file name
- * @param String passwords
+ * @param aPasswordFile
*/
public void setPasswordFile(String aPasswordFile) {
fPasswordFile = aPasswordFile;
@@ -131,7 +131,7 @@ public class JSS_SSLClient {
/**
* Initialize the cert db path name
- * @param String CertDbPath
+ * @param aCertDbPath
*/
public static void setCertDbPath(String aCertDbPath) {
fCertDbPath = aCertDbPath;
@@ -147,7 +147,7 @@ public class JSS_SSLClient {
/**
* Enable/disable Test Cert Callback.
- * @param boolean
+ * @param bypass
*/
public void setBypass(boolean bypass) {
testBypass = bypass;
@@ -155,7 +155,7 @@ public class JSS_SSLClient {
/**
* Enable/disable Test Cert Callback.
- * @param boolean
+ * @param aTestCertCallback
*/
public void setTestCertCallback(boolean aTestCertCallback) {
TestCertCallBack = aTestCertCallback;
@@ -163,7 +163,7 @@ public class JSS_SSLClient {
/**
* Set client certificate
- * @param String Certificate Nick Name
+ * @param aClientCertNick Certificate Nick Name
*/
public void setClientCertNick(String aClientCertNick) {
clientCertNick = aClientCertNick;
@@ -197,7 +197,7 @@ public class JSS_SSLClient {
/**
* Set EOF for closinng server socket
- * @param null for closing server socket
+ * @param fEof null for closing server socket
*/
public void setEOF(String fEof) {
this.EOF = fEof;
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java 2007-11-15 13:30:19.000000000 -0800
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/JSS_SelfServClient.java 2011-08-12 12:52:43.644913000 -0700
@@ -326,7 +326,7 @@ public class JSS_SelfServClient implemen
/**
* Initialize the desired ciphersuite to be set
* on the socket.
- * @param int Cipher
+ * @param aCipher
*/
public void setCipher(int aCipher) {
@@ -378,7 +378,7 @@ public class JSS_SelfServClient implemen
/**
* Initialize the hostname to run the server
- * @param String ServerName
+ * @param aHostName
*/
public void setHostName(String aHostName) {
serverHost = aHostName;
@@ -386,7 +386,7 @@ public class JSS_SelfServClient implemen
/**
* Initialize the port to run the server
- * @param int port
+ * @param aPort
*/
public void setPort(int aPort) {
port = aPort;
@@ -394,7 +394,7 @@ public class JSS_SelfServClient implemen
/**
* Initialize the passwords file name
- * @param String passwords
+ * @param aPasswordFile
*/
public void setPasswordFile(String aPasswordFile) {
fPasswordFile = aPasswordFile;
@@ -402,7 +402,7 @@ public class JSS_SelfServClient implemen
/**
* Initialize the cert db path name
- * @param String CertDbPath
+ * @param aCertDbPath
*/
public void setCertDbPath(String aCertDbPath) {
fCertDbPath = aCertDbPath;
@@ -410,7 +410,7 @@ public class JSS_SelfServClient implemen
/**
* Enable/disable Test Cert Callback.
- * @param boolean
+ * @param aTestCertCallback
*/
public void setTestCertCallback(boolean aTestCertCallback) {
TestCertCallBack = aTestCertCallback;
@@ -418,7 +418,7 @@ public class JSS_SelfServClient implemen
/**
* Set client certificate
- * @param String Certificate Nick Name
+ * @param aClientCertNick Certificate Nick Name
*/
public void setClientCertNick(String aClientCertNick) {
clientCertNick = aClientCertNick;
diff -rupN alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java
--- alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java 2007-08-23 16:21:13.000000000 -0700
+++ java-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/tests/SSLClientAuth.java 2011-08-12 12:58:27.925569000 -0700
@@ -78,7 +78,7 @@ public class SSLClientAuth implements Ru
* @param rand
* @param extensions
* @throws java.lang.Exception
- * @return
+ * @return Certificate
*/
public static Certificate makeCert(String issuerName, String subjectName,
int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand,

621
jss-eliminate-native-compiler-warnings.patch Normal file
View File

@ -0,0 +1,621 @@
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c 2011-08-10 16:21:30.609765000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/CryptoManager.c 2011-08-11 17:54:57.255176000 -0700
@@ -55,7 +55,7 @@
#include "pk11util.h"
-#if defined(AIX) || defined(HPUX) || defined(LINUX)
+#if defined(AIX) || defined(HPUX)
#include <signal.h>
#endif
@@ -90,11 +90,11 @@ const char * jss_sccsid() {
/********************************************************************/
/* JSS_VERSION from mozilla/security/jss/org/mozilla/jss/util/jssver.h */
-static const char* DLL_JSS_VERSION = "JSS_VERSION = " JSS_VERSION;
+static const char* VARIABLE_MAY_NOT_BE_USED DLL_JSS_VERSION = "JSS_VERSION = " JSS_VERSION;
/* NSS_VERSION from mozilla/security/nss/lib/nss/nss.h */
-static const char* DLL_NSS_VERSION = "NSS_VERSION = " NSS_VERSION;
+static const char* VARIABLE_MAY_NOT_BE_USED DLL_NSS_VERSION = "NSS_VERSION = " NSS_VERSION;
/* NSPR_version from mozilla/nsprpub/pr/include/prinit.h */
-static const char* DLL_NSPR_VERSION = "NSPR_VERSION = " PR_VERSION;
+static const char* VARIABLE_MAY_NOT_BE_USED DLL_NSPR_VERSION = "NSPR_VERSION = " PR_VERSION;
@@ -106,13 +106,13 @@ static char*
getPWFromCallback(PK11SlotInfo *slot, PRBool retry, void *arg);
/*************************************************************
- * AIX, HP, and Linux signal handling madness
+ * AIX and HP signal handling madness
*
* In order for the JVM, kernel, and NSPR to work together, we setup
* a signal handler for SIGCHLD that does nothing. This is only done
- * on AIX, HP, and Linux.
+ * on AIX and HP.
*************************************************************/
-#if defined(AIX) || defined(HPUX) || defined(LINUX)
+#if defined(AIX) || defined(HPUX)
static PRStatus
handleSigChild(JNIEnv *env) {
@@ -333,8 +333,6 @@ Java_org_mozilla_jss_CryptoManager_initi
jboolean initializeJavaOnly )
{
SECStatus rv = SECFailure;
- JavaVM *VMs[5];
- jint numVMs;
char *szConfigDir = NULL;
char *szCertPrefix = NULL;
char *szKeyPrefix = NULL;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c 2011-08-10 16:21:30.849767000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/PK11Finder.c 2011-08-10 18:22:37.887077000 -0700
@@ -263,7 +263,7 @@ JNIEXPORT jobject JNICALL
Java_org_mozilla_jss_CryptoManager_findPrivKeyByCertNative
(JNIEnv *env, jobject this, jobject Cert)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread=NULL;
CERTCertificate *cert;
PK11SlotInfo *slot;
SECKEYPrivateKey *privKey=NULL;
@@ -458,7 +458,7 @@ JNIEXPORT jobjectArray JNICALL
Java_org_mozilla_jss_CryptoManager_buildCertificateChainNative
(JNIEnv *env, jobject this, jobject leafCert)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread=NULL;
CERTCertificate *leaf;
jobjectArray chainArray=NULL;
CERTCertDBHandle *certdb;
@@ -812,7 +812,7 @@ Java_org_mozilla_jss_CryptoManager_impor
SECItem *derCerts=NULL;
int certi= -1;
SECItem theDerCert;
- int numCerts;
+ int numCerts = 0;
jbyte *packageBytes=NULL;
jsize packageLen;
SECStatus status;
@@ -1486,7 +1486,7 @@ Java_org_mozilla_jss_CryptoManager_impor
CERTSignedCrl *crl = NULL;
SECItem *packageItem = NULL;
int status = SECFailure;
- char *url;
+ char *url = NULL;
char *errmsg = NULL;
/***************************************************
@@ -1651,7 +1651,7 @@ JNIEXPORT jint JNICALL
Java_org_mozilla_jss_CryptoManager_verifyCertificateNowCUNative(JNIEnv *env,
jobject self, jstring nickString, jboolean checkSig)
{
- SECStatus rv = SECFailure;
+ SECStatus VARIABLE_MAY_NOT_BE_USED rv = SECFailure;
SECCertificateUsage currUsage = 0x0000;
rv = verifyCertificateNow(env, self, nickString, checkSig, 0, &currUsage);
@@ -1736,7 +1736,6 @@ Java_org_mozilla_jss_CryptoManager_verif
SECStatus rv = SECFailure;
SECCertUsage certUsage;
SECItem *derCerts[2];
- SECStatus status;
CERTCertificate **certArray = NULL;
CERTCertDBHandle *certdb = CERT_GetDefaultCertDB();
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c 2003-12-19 11:36:30.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/SecretDecoderRing/KeyManager.c 2011-08-10 16:58:52.527501000 -0700
@@ -358,7 +358,6 @@ Java_org_mozilla_jss_SecretDecoderRing_K
{
PK11SlotInfo *slot = NULL;
PK11SymKey *symk = NULL;
- SECStatus status;
/* get the slot */
if( JSS_PK11_getTokenSlotPtr(env, tokenObj, &slot) != PR_SUCCESS ) {
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c 2004-04-25 08:02:21.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/crypto/PQGParams.c 2011-08-11 09:40:34.001421000 -0700
@@ -371,7 +371,7 @@ Java_org_mozilla_jss_crypto_PQGParams_pa
/***********************************************************************
* Perform the verification.
*/
- if( PK11_PQG_VerifyParams(pParams, pVfy, &verifyResult) != PR_SUCCESS) {
+ if( PK11_PQG_VerifyParams(pParams, pVfy, &verifyResult) != SECSuccess) {
JSS_throw(env, OUT_OF_MEMORY_ERROR);
goto finish;
}
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c 2004-04-25 08:02:22.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cert.c 2011-08-10 18:30:07.942629000 -0700
@@ -62,7 +62,7 @@
JNIEXPORT jbyteArray JNICALL Java_org_mozilla_jss_pkcs11_PK11Cert_getEncoded
(JNIEnv *env, jobject this)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
CERTCertificate *cert;
SECItem *derCert;
jbyteArray derArray=NULL;
@@ -118,9 +118,9 @@ finish:
JNIEXPORT jint JNICALL Java_org_mozilla_jss_pkcs11_PK11Cert_getVersion
(JNIEnv *env, jobject this)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
CERTCertificate *cert;
- long lVersion;
+ long lVersion = 0;
pThread = PR_AttachThread(PR_SYSTEM_THREAD, 0, NULL);
PR_ASSERT(pThread != NULL);
@@ -165,7 +165,7 @@ Java_org_mozilla_jss_pkcs11_PK11Cert_get
{
CERTCertificate *cert;
SECKEYPublicKey *pubk=NULL;
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
jobject pubKey=NULL;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -210,7 +210,7 @@ Java_org_mozilla_jss_pkcs11_CertProxy_re
(JNIEnv *env, jobject this)
{
CERTCertificate *cert;
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
PR_ASSERT(env!=NULL && this!=NULL);
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c 2004-04-25 08:02:22.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Cipher.c 2011-08-10 16:42:43.822494000 -0700
@@ -73,7 +73,7 @@ Java_org_mozilla_jss_pkcs11_PK11Cipher_i
SECItem *iv=NULL;
PK11Context *context=NULL;
CK_ATTRIBUTE_TYPE op;
- jobject contextObj;
+ jobject contextObj = NULL;
PR_ASSERT(env!=NULL && clazz!=NULL && keyObj!=NULL && algObj!=NULL);
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2005-11-14 14:15:06.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyGenerator.c 2011-08-11 09:23:03.220470000 -0700
@@ -207,7 +207,7 @@ finish:
}
#endif
-static void
+static void FUNCTION_MAY_NOT_BE_USED
print_secitem(SECItem *item) {
int i;
int online;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c 2011-08-10 16:21:30.270767000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyPairGenerator.c 2011-08-10 18:33:11.773445000 -0700
@@ -450,7 +450,7 @@ DumpItem(SECItem *item)
for (i=0; i < item->len; i++) {
printf(" %02x",data[i]);
}
- printf(" : 0x%08x %d\n", data, item->len);
+ printf(" : %8p %d\n", data, item->len);
}
/**********************************************************************
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c 2006-02-22 17:21:42.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.c 2011-08-10 16:52:03.052910000 -0700
@@ -562,7 +562,7 @@ Java_org_mozilla_jss_pkcs11_PK11KeyWrapp
jint keyLen, jbyteArray ivBA, jint usageEnum)
{
PK11SymKey *symKey=NULL;
- CK_MECHANISM_TYPE wrappingMech, keyTypeMech;
+ CK_MECHANISM_TYPE wrappingMech=0, keyTypeMech=0;
SECItem *wrappedKey=NULL, *iv=NULL, *param=NULL;
jobject keyObj=NULL;
SECKEYPrivateKey *wrappingKey=NULL;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c 2004-04-25 08:02:22.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c 2011-08-10 16:52:54.951857000 -0700
@@ -88,7 +88,6 @@ Java_org_mozilla_jss_pkcs11_PK11MessageD
PK11Context *context = NULL;
CK_MECHANISM_TYPE mech;
SECItem param;
- PK11SlotInfo *slot=NULL;
jobject contextObj=NULL;
mech = JSS_getPK11MechFromAlg(env, algObj);
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c 2007-02-23 09:40:21.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Module.c 2011-08-10 16:53:28.788823000 -0700
@@ -254,7 +254,7 @@ Java_org_mozilla_jss_pkcs11_ModuleProxy_
{
SECMODModule *module;
- if (JSS_getPtrFromProxy(env, this, &module) != PR_SUCCESS) {
+ if (JSS_getPtrFromProxy(env, this, (void **)&module) != PR_SUCCESS) {
ASSERT_OUTOFMEM(env);
goto finish;
}
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c 2006-04-24 18:26:42.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PrivKey.c 2011-08-10 18:34:20.954376000 -0700
@@ -174,7 +174,7 @@ JNIEXPORT jobject JNICALL
Java_org_mozilla_jss_pkcs11_PK11PrivKey_getKeyType
(JNIEnv *env, jobject this)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
SECKEYPrivateKey *privk;
KeyType keyType;
char* keyTypeFieldName;
@@ -259,7 +259,7 @@ Java_org_mozilla_jss_pkcs11_PrivateKeyPr
(JNIEnv *env, jobject this)
{
SECKEYPrivateKey *privk;
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -358,7 +358,6 @@ Java_org_mozilla_jss_pkcs11_PK11PrivKey_
(JNIEnv *env, jobject this)
{
SECKEYPrivateKey *key = NULL;
- PK11SlotInfo *slot = NULL;
SECItem *idItem = NULL;
jbyteArray byteArray = NULL;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2006-02-22 17:21:42.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.c 2011-08-10 18:35:04.390333000 -0700
@@ -62,7 +62,7 @@ JNIEXPORT void JNICALL Java_org_mozilla_
(JNIEnv *env, jobject this)
{
SECKEYPublicKey *pubk;
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -179,7 +179,7 @@ JNIEXPORT void JNICALL
Java_org_mozilla_jss_pkcs11_PK11PubKey_verifyKeyIsOnToken
(JNIEnv *env, jobject this, jobject token)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
SECKEYPublicKey *key = NULL;
PK11SlotInfo *slot = NULL;
PK11SlotInfo *keySlot = NULL;
@@ -231,7 +231,7 @@ JNIEXPORT jobject JNICALL
Java_org_mozilla_jss_pkcs11_PK11PubKey_getKeyType
(JNIEnv *env, jobject this)
{
- PRThread *pThread;
+ PRThread * VARIABLE_MAY_NOT_BE_USED pThread;
SECKEYPublicKey *pubk;
KeyType keyType;
char* keyTypeFieldName;
@@ -454,7 +454,7 @@ get_public_key_info
{
SECKEYPublicKey *pubk;
jbyteArray byteArray=NULL;
- SECItem *item;
+ SECItem *item=NULL;
PR_ASSERT(env!=NULL && this!=NULL);
@@ -526,7 +526,6 @@ pubkFromRaw(JNIEnv *env, CK_KEY_TYPE typ
{
jobject pubkObj=NULL;
SECKEYPublicKey *pubk=NULL;
- SECStatus rv;
SECItem *pubkDER=NULL;
/* validate args */
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c 2005-01-28 11:16:11.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SecureRandom.c 2011-08-10 18:36:05.252271000 -0700
@@ -112,7 +112,7 @@ Java_org_mozilla_jss_pkcs11_PK11SecureRa
* "C" data members
*/
- PRThread* pThread = NULL;
+ PRThread* VARIABLE_MAY_NOT_BE_USED pThread = NULL;
SECStatus status = PR_FALSE;
PK11SlotInfo* slot = NULL;
@@ -262,7 +262,7 @@ Java_org_mozilla_jss_pkcs11_PK11SecureRa
* "C" data members
*/
- PRThread* pThread = NULL;
+ PRThread* VARIABLE_MAY_NOT_BE_USED pThread = NULL;
SECStatus status = PR_FALSE;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c 2006-04-03 16:09:49.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Store.c 2011-08-10 18:38:12.365145000 -0700
@@ -319,7 +319,7 @@ Java_org_mozilla_jss_pkcs11_PK11Store_de
(JNIEnv *env, jobject this, jobject certObject)
{
CERTCertificate *cert;
- SECStatus status;
+ SECStatus VARIABLE_MAY_NOT_BE_USED status;
PR_ASSERT(env!=NULL && this!=NULL);
if(certObject == NULL) {
@@ -349,7 +349,7 @@ Java_org_mozilla_jss_pkcs11_PK11Store_de
(JNIEnv *env, jobject this, jobject certObject)
{
CERTCertificate *cert;
- SECStatus status;
+ SECStatus VARIABLE_MAY_NOT_BE_USED status;
PR_ASSERT(env!=NULL && this!=NULL);
if(certObject == NULL) {
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c 2004-04-25 08:02:22.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11SymKey.c 2011-08-11 09:42:52.967282000 -0700
@@ -233,7 +233,7 @@ Java_org_mozilla_jss_pkcs11_PK11SymKey_g
jfieldID typeField=NULL;
jobject typeObject=NULL;
- if( JSS_PK11_getSymKeyPtr(env, this, &key) != SECSuccess ) {
+ if( JSS_PK11_getSymKeyPtr(env, this, &key) != PR_SUCCESS ) {
ASSERT_OUTOFMEM(env);
goto finish;
}
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2007-11-09 16:37:57.000000000 -0800
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11Token.c 2011-08-10 18:38:52.421104000 -0700
@@ -961,9 +961,9 @@ JNIEXPORT jstring JNICALL Java_org_mozil
jstring keyType, jbyteArray P, jbyteArray Q, jbyteArray G)
{
PK11SlotInfo *slot;
- const char* c_subject;
+ const char* c_subject=NULL;
jboolean isCopy;
- unsigned char *b64request;
+ unsigned char *b64request=NULL;
SECItem p, q, g;
PQGParams *dsaParams=NULL;
const char* c_keyType;
@@ -1080,7 +1080,7 @@ GenerateCertRequest(JNIEnv *env,
SECStatus rv;
PRArenaPool *arena;
SECItem result_der, result;
- SECItem *blob;
+ SECItem * VARIABLE_MAY_NOT_BE_USED blob;
CK_MECHANISM_TYPE signMech;
CK_MECHANISM_TYPE keygenMech;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c 2003-09-24 15:20:05.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/provider/java/security/JSSKeyStoreSpi.c 2011-08-10 16:57:42.991570000 -0700
@@ -89,7 +89,6 @@ traverseTokenObjects
SECKEYPublicKeyList* pubkList = NULL;
PK11SymKey *symKey = NULL;
CERTCertList *certList = NULL;
- SECStatus secstat;
/*
* Get all private keys
@@ -508,7 +507,6 @@ lookupCertByNickname(JNIEnv *env, jobjec
{
PK11SlotInfo *slot;
EngineGetCertificateCBInfo cbinfo = {NULL,NULL};
- jbyteArray derCertBA = NULL;
PRStatus status = PR_FAILURE;
if( alias == NULL ) goto finish;
@@ -813,7 +811,6 @@ Java_org_mozilla_jss_provider_java_secur
PK11SlotInfo *slot;
EngineGetCertificateCBInfo cbinfo = {NULL,NULL};
jboolean retVal = JNI_FALSE;
- SECKEYPrivateKey *privk = NULL;
if( alias == NULL ) goto finish;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c 2011-08-10 16:21:30.395765000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/SSLSocket.c 2011-08-10 17:05:15.363117000 -0700
@@ -397,7 +397,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_getSo
{
PRSocketOptionData sockOptions;
JSSL_SocketData *sock = NULL;
- jint retval;
+ jint retval=-1;
PRStatus status;
if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) {
@@ -874,7 +874,7 @@ JNIEXPORT jint JNICALL
Java_org_mozilla_jss_ssl_SSLSocket_socketAvailable(
JNIEnv *env, jobject self)
{
- jint available;
+ jint available=0;
JSSL_SocketData *sock = NULL;
if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) {
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c 2011-08-10 16:21:30.434766000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/common.c 2011-08-11 09:44:12.310202000 -0700
@@ -64,7 +64,7 @@ JSSL_throwSSLSocketException(JNIEnv *env
jmethodID excepCons;
jobject excepObj;
jstring msgString;
- jint result;
+ jint VARIABLE_MAY_NOT_BE_USED result;
/*
* get the error code and error string
@@ -149,8 +149,8 @@ Java_org_mozilla_jss_ssl_SocketBase_sock
jbyteArray sdArray = NULL;
JSSL_SocketData *sockdata = NULL;
SECStatus status;
- PRFileDesc *newFD;
- PRFileDesc *tmpFD;
+ PRFileDesc *newFD = NULL;
+ PRFileDesc *tmpFD = NULL;
PRFilePrivate *priv = NULL;
int socketFamily = 0;
@@ -627,7 +627,7 @@ Java_org_mozilla_jss_ssl_SocketBase_getS
SECStatus status = SECSuccess;
PRBool bOption = PR_FALSE;
- if( JSSL_getSockData(env, self, &sock) != SECSuccess ) {
+ if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) {
goto finish;
}
@@ -649,7 +649,7 @@ JSSL_getSockAddr
(JNIEnv *env, jobject self, PRNetAddr *addr, LocalOrPeer localOrPeer)
{
JSSL_SocketData *sock = NULL;
- PRStatus status;
+ PRStatus status=PR_FAILURE;
/* get my fd */
if( JSSL_getSockData(env, self, &sock) != PR_SUCCESS ) {
@@ -893,7 +893,7 @@ JSS_SSL_processExceptions(JNIEnv *env, P
finish:
if( currentExcep != NULL && (*env)->ExceptionOccurred(env) == NULL) {
- int ret = (*env)->Throw(env, currentExcep);
+ int VARIABLE_MAY_NOT_BE_USED ret = (*env)->Throw(env, currentExcep);
PR_ASSERT(ret == 0);
}
}
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c 2011-08-10 16:21:30.446765000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/ssl/javasock.c 2011-08-10 17:03:48.769206000 -0700
@@ -92,7 +92,7 @@ writebuf(JNIEnv *env, PRFileDesc *fd, jo
jmethodID getOutputStream, writeMethod;
jclass sockClass, osClass;
jobject outputStream;
- jint arrayLen;
+ jint arrayLen=-1;
PRInt32 retval;
/*
@@ -211,7 +211,7 @@ jsock_write(PRFileDesc *fd, const PRIOVe
jobject sockObj;
JNIEnv *env;
jbyteArray outbufArray;
- PRInt32 retval;
+ PRInt32 retval=-1;
if( GET_ENV(fd->secret->javaVM, env) ) goto finish;
@@ -500,7 +500,7 @@ static PRInt32
jsock_recv(PRFileDesc *fd, void *buf, PRInt32 amount,
PRIntn flags, PRIntervalTime timeout)
{
- PRInt32 retval;
+ PRInt32 retval=-1;
JNIEnv *env;
jobject sockObj;
jbyteArray byteArray;
@@ -637,7 +637,7 @@ getIntProperty(JNIEnv *env, jobject sock
{
jclass sockClass;
jmethodID method;
- jint retval;
+ jint retval=0;
sockClass = (*env)->GetObjectClass(env, sock);
if( sockClass == NULL ) goto finish;
@@ -1001,12 +1001,6 @@ static const PRIOMethods jsockMethods =
(PRReservedFN) invalidInt
};
-static const PRIOMethods*
-getJsockMethods()
-{
- return &jsockMethods;
-}
-
static void
jsockDestructor(PRFileDesc *fd)
{
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c 2004-04-25 08:02:29.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.c 2011-08-10 18:24:58.470937000 -0700
@@ -115,7 +115,7 @@ void
JSS_throwMsg(JNIEnv *env, char *throwableClassName, char *message) {
jclass throwableClass;
- jint result;
+ jint VARIABLE_MAY_NOT_BE_USED result;
/* validate arguments */
PR_ASSERT(env!=NULL && throwableClassName!=NULL && message!=NULL);
@@ -156,7 +156,7 @@ JSS_throw(JNIEnv *env, char *throwableCl
jclass throwableClass;
jobject throwable;
jmethodID constructor;
- jint result;
+ jint VARIABLE_MAY_NOT_BE_USED result;
PR_ASSERT( (*env)->ExceptionOccurred(env) == NULL );
@@ -222,7 +222,9 @@ JSS_throw(JNIEnv *env, char *throwableCl
PRStatus
JSS_getPtrFromProxy(JNIEnv *env, jobject nativeProxy, void **ptr)
{
+#ifdef DEBUG
jclass nativeProxyClass;
+#endif
jclass proxyClass;
jfieldID byteArrayField;
jbyteArray byteArray;
@@ -745,7 +747,7 @@ JSS_trace(JNIEnv *env, jint level, char
void
JSS_assertOutOfMem(JNIEnv *env)
{
- jclass memErrClass;
+ jclass VARIABLE_MAY_NOT_BE_USED memErrClass;
jthrowable excep;
PR_ASSERT(env != NULL);
@@ -804,7 +806,7 @@ JSS_SECItemToByteArray(JNIEnv *env, SECI
goto finish;
}
- (*env)->SetByteArrayRegion(env, array, 0, item->len, item->data);
+ (*env)->SetByteArrayRegion(env, array, 0, item->len, (jbyte*)item->data);
finish:
return array;
diff -rupN patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h
--- patched-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h 2004-04-25 08:02:29.000000000 -0700
+++ alt-jss-4.2.6/mozilla/security/jss/org/mozilla/jss/util/jssutil.h 2011-08-11 18:12:56.926098000 -0700
@@ -36,6 +36,19 @@
#ifndef JSS_NATIVE_UTIL_H
#define JSS_NATIVE_UTIL_H
+/* The following #defines are used to suppress undesired compiler warnings
+ * that have been deemed inappropriate.
+ *
+ * IMPORTANT: These are ONLY used on an "as-needed" basis!
+ */
+#ifdef __GNUC__
+#define FUNCTION_MAY_NOT_BE_USED __attribute__ ((unused))
+#define VARIABLE_MAY_NOT_BE_USED __attribute__ ((unused))
+#else
+#define FUNCTION_MAY_NOT_BE_USED
+#define VARIABLE_MAY_NOT_BE_USED
+#endif
+
/* Need to include these first.
* #include <nspr.h>
* #include <jni.h>

29
jss.spec
View File

@ -1,6 +1,6 @@
Name: jss
Version: 4.2.6
Release: 17%{?dist}
Release: 19.1%{?dist}
Summary: Java Security Services (JSS)
Group: System Environment/Libraries
@ -34,6 +34,9 @@ Patch9: jss-bad-error-string-pointer.patch
Patch10: jss-VerifyCertificateReturnCU.patch
#Patch11: jss-slots-not-freed.patch
Patch12: jss-ECC-HSM-FIPS.patch
Patch13: jss-eliminate-native-compiler-warnings.patch
Patch14: jss-eliminate-java-compiler-warnings.patch
Patch15: jss-PKCS12-FIPS.patch
%description
@ -63,6 +66,9 @@ This package contains the API documentation for JSS.
%patch10 -p1
#%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%build
[ -z "$JAVA_HOME" ] && export JAVA_HOME=%{_jvmdir}/java
@ -97,6 +103,11 @@ USE_64=1
export USE_64
%endif
%if 0%{?fedora} >= 16
cp -p mozilla/security/coreconf/Linux2.6.mk mozilla/security/coreconf/Linux3.1.mk
sed -i -e 's;LINUX2_1;LINUX3_1;' mozilla/security/coreconf/Linux3.1.mk
%endif
# The Makefile is not thread-safe
make -C mozilla/security/coreconf
make -C mozilla/security/jss
@ -113,12 +124,17 @@ cp -p %{SOURCE3} .
# There is no install target so we'll do it by hand
# jars
%if 0%{?fedora} >= 16
install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir}
install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_jnidir}/jss4.jar
%else
install -d -m 0755 $RPM_BUILD_ROOT%{_libdir}/jss
install -m 644 mozilla/dist/xpclass.jar ${RPM_BUILD_ROOT}%{_libdir}/jss/jss4-%{version}.jar
ln -fs jss4-%{version}.jar $RPM_BUILD_ROOT%{_libdir}/jss/jss4.jar
install -d -m 0755 $RPM_BUILD_ROOT%{_jnidir}
ln -fs %{_libdir}/jss/jss4.jar $RPM_BUILD_ROOT%{_jnidir}/jss4.jar
%endif
# We have to use the name libjss4.so because this is dynamically
# loaded by the jar file.
@ -146,6 +162,17 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Wed Aug 31 2011 Matthew Harmsen <mharmsen@redhat.com> - 4.2.6-19.1
- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .
* Mon Aug 15 2011 Christina Fu <cfu@redhat.com> - 4.2.6-19
- Bugzilla Bug 733550 - DRM failed to recovery keys when in FIPS mode
(HSM + NSS)
* Fri Aug 12 2011 Matthew Harmsen <mharmsen@redhat.com> - 4.2.6-18
- Bugzilla Bug #660436 - Warnings should be cleaned up in JSS build
(jdennis, mharmsen)
* Wed May 18 2011 Christina Fu <cfu@redhat.com> - 4.2.6-17
- Bug 670980 - Cannot create system certs when using LunaSA HSM in FIPS Mode
and ECC algorithms (support tokens that don't do ECDH)