main/nss: fix pkcs11n.h:365:26: error: "__GNUC_MINOR" is not defined

Affects networkmanager compilation and probably also pidgin.
https://bugzilla.mozilla.org/show_bug.cgi?id=702090

3 files changed, 28 insertions, 147 deletions

diff --git a/main/nss/APKBUILD b/main/nss/APKBUILD
index 7d79c9d6b..16fbb59bf 100644
--- a/main/nss/APKBUILD
+++ b/main/nss/APKBUILD
@@ -2,7 +2,7 @@
 pkgname=nss
 pkgver=3.13.1
 _ver=${pkgver//./_}
-pkgrel=0
+pkgrel=1
 pkgdesc="Mozilla Network Security Services"
 url="http://www.mozilla.org/projects/security/pki/nss/"
 arch="all"
@@ -16,16 +16,18 @@ source="ftp://ftp.mozilla.org/pub/security/$pkgname/releases/NSS_${_ver}_RTM/src
 	nss-config.in
 	add_spi+cacert_ca_certs.patch
 	ssl-renegotiate-transitional.patch
-	cve-2011-3640.patch
+	bmo702090.patch
 	"
 depends_dev="nspr-dev"
 
 _builddir="$srcdir"/$pkgname-$pkgver
 prepare() { 
 	cd "$_builddir"
-	patch -Np1 -i ""$srcdir"/add_spi+cacert_ca_certs.patch" || return 1
-	patch -Np1 -i ""$srcdir"/ssl-renegotiate-transitional.patch" || return 1
-	patch -Np0 -i ""$srcdir"/nss-no-rpath.patch" || return 1
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
 
 	# Respect LDFLAGS
 	sed -i -e 's/\$(MKSHLIB) -o/\$(MKSHLIB) \$(LDFLAGS) -o/g' \
@@ -145,4 +147,4 @@ c547b030c57fe1ed8b77c73bf52b3ded  nss.pc.in
 46bee81908f1e5b26d6a7a2e14c64d9f  nss-config.in
 7f39c19b1dfd62d7db7d8bf19f156fed  add_spi+cacert_ca_certs.patch
 d83c7b61abb7e9f8f7bcd157183d1ade  ssl-renegotiate-transitional.patch
-6fa44457270956d634abe15d1f3340ab  cve-2011-3640.patch"
+af8c6c19a3ef6df87141a67c6c600c13  bmo702090.patch"
diff --git a/main/nss/bmo702090.patch b/main/nss/bmo702090.patch
new file mode 100644
index 000000000..e25148554
--- /dev/null
+++ b/main/nss/bmo702090.patch
@@ -0,0 +1,20 @@
+--- ./mozilla/security/nss/lib/util/pkcs11n.h.orig	2011-09-14 10:21:10.000000000 +0900
++++ ./mozilla/security/nss/lib/util/pkcs11n.h	2011-11-19 00:45:01.131860104 +0900
+@@ -346,7 +346,7 @@
+  * labels have never been accurate to what was really implemented.
+  * The new labels correctly reflect what the values effectively mean.
+  */
+-#if __GNUC__ > 3
++#if defined(__GNUC__) && (__GNUC__ > 3)
+ /* make GCC warn when we use these #defines */
+ /*
+  *  This is really painful because GCC doesn't allow us to mark random
+@@ -362,7 +362,7 @@
+  *  cast the resulting value to the deprecated type in the #define, thus
+  *  producting the warning when the #define is used.
+  */
+-#if (__GNUC__  == 4) && (__GNUC_MINOR < 5)
++#if (__GNUC__  == 4) && (__GNUC_MINOR__ < 5)
+ /* The mac doesn't like the friendlier deprecate messages. I'm assuming this
+  * is a gcc version issue rather than mac or ppc specific */
+ typedef CK_TRUST __CKT_NSS_UNTRUSTED __attribute__((deprecated));
diff --git a/main/nss/cve-2011-3640.patch b/main/nss/cve-2011-3640.patch
deleted file mode 100644
index ced991510..000000000
--- a/main/nss/cve-2011-3640.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-Index: mozilla/security/nss/lib/softoken/sftkmod.c
-===================================================================
-RCS file: /cvsroot/mozilla/security/nss/lib/softoken/sftkmod.c,v
-retrieving revision 1.8
-diff -p -u -r1.8 sftkmod.c
---- a/mozilla/security/nss/lib/softoken/sftkmod.c	15 Jan 2011 20:59:11 -0000	1.8
-+++ b/mozilla/security/nss/lib/softoken/sftkmod.c	2 Oct 2011 14:45:28 -0000
-@@ -179,15 +179,18 @@ char *sftk_getOldSecmodName(const char *
-     char *sep;
- 
-     sep = PORT_Strrchr(dirPath,*PATH_SEPARATOR);
--#ifdef WINDOWS
-+#ifdef _WIN32
-     if (!sep) {
--	sep = PORT_Strrchr(dirPath,'/');
-+	/* pkcs11i.h defines PATH_SEPARATOR as "/" for all platforms. */
-+	sep = PORT_Strrchr(dirPath,'\\');
-     }
- #endif
-     if (sep) {
--	*(sep)=0;
-+	*sep = 0;
-+	file = PR_smprintf("%s"PATH_SEPARATOR"%s", dirPath, filename);
-+    } else {
-+	file = PR_smprintf("%s", filename);
-     }
--    file= PR_smprintf("%s"PATH_SEPARATOR"%s", dirPath, filename);
-     PORT_Free(dirPath);
-     return file;
- }
-@@ -242,13 +245,18 @@ sftkdb_ReadSecmodDB(SDBType dbType, cons
-     char *paramsValue=NULL;
-     PRBool failed = PR_TRUE;
- 
--    if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) {
-+    if ((dbname != NULL) &&
-+		((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS))) {
- 	return sftkdbCall_ReadSecmodDB(appName, filename, dbname, params, rw);
-     }
- 
-     moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
-     if (moduleList == NULL) return NULL;
- 
-+    if (dbname == NULL) {
-+	goto return_default;
-+    }
-+
-     /* do we really want to use streams here */
-     fd = fopen(dbname, "r");
-     if (fd == NULL) goto done;
-@@ -405,7 +413,11 @@ sftkdb_ReadSecmodDB(SDBType dbType, cons
- 	moduleString = NULL;
-     }
- done:
--    /* if we couldn't open a pkcs11 database, look for the old one */
-+    /* If we couldn't open a pkcs11 database, look for the old one.
-+     * This is necessary to maintain the semantics of the transition from
-+     * old to new DB's. If there is an old DB and not new DB, we will
-+     * automatically use the old DB. If the DB was opened read/write, we
-+     * create a new db and upgrade it from the old one. */
-     if (fd == NULL) {
- 	char *olddbname = sftk_getOldSecmodName(dbname,filename);
- 	PRStatus status;
-@@ -462,6 +474,8 @@ bail:
- 	    PR_smprintf_free(olddbname);
- 	}
-     }
-+
-+return_default:
- 	
-     if (!moduleList[0]) {
- 	char * newParams;
-@@ -515,7 +529,8 @@ sftkdb_ReleaseSecmodDBData(SDBType dbTyp
- 			const char *filename, const char *dbname, 
- 			char **moduleSpecList, PRBool rw)
- {
--    if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) {
-+    if ((dbname != NULL) &&
-+		((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS))) {
- 	return sftkdbCall_ReleaseSecmodDBData(appName, filename, dbname, 
- 					  moduleSpecList, rw);
-     }
-@@ -546,6 +561,10 @@ sftkdb_DeleteSecmodDB(SDBType dbType, co
-     PRBool skip = PR_FALSE;
-     PRBool found = PR_FALSE;
- 
-+    if (dbname == NULL) {
-+	return SECFailure;
-+    }
-+
-     if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) {
- 	return sftkdbCall_DeleteSecmodDB(appName, filename, dbname, args, rw);
-     }
-@@ -669,6 +688,10 @@ sftkdb_AddSecmodDB(SDBType dbType, const
-     char *block = NULL;
-     PRBool libFound = PR_FALSE;
- 
-+    if (dbname == NULL) {
-+	return SECFailure;
-+    }
-+
-     if ((dbType == SDB_LEGACY) || (dbType == SDB_MULTIACCESS)) {
- 	return sftkdbCall_AddSecmodDB(appName, filename, dbname, module, rw);
-     }
-Index: mozilla/security/nss/lib/softoken/sftkpars.c
-===================================================================
-RCS file: /cvsroot/mozilla/security/nss/lib/softoken/sftkpars.c,v
-retrieving revision 1.11
-diff -p -u -r1.11 sftkpars.c
---- a/mozilla/security/nss/lib/softoken/sftkpars.c	18 Jun 2010 04:09:27 -0000	1.11
-+++ b/mozilla/security/nss/lib/softoken/sftkpars.c	2 Oct 2011 14:45:29 -0000
-@@ -607,6 +607,7 @@ sftk_getSecmodName(char *param, SDBType 
-     char *value = NULL;
-     char *save_params = param;
-     const char *lconfigdir;
-+    PRBool noModDB = PR_FALSE;
-     param = sftk_argStrip(param);
- 	
- 
-@@ -631,7 +632,10 @@ sftk_getSecmodName(char *param, SDBType 
- 
-    if (sftk_argHasFlag("flags","noModDB",save_params)) {
- 	/* there isn't a module db, don't load the legacy support */
-+	noModDB = PR_TRUE;
- 	*dbType = SDB_SQL;
-+	PORT_Free(*filename);
-+	*filename = NULL;
-         *rw = PR_FALSE;
-    }
- 
-@@ -640,7 +644,9 @@ sftk_getSecmodName(char *param, SDBType 
- 	secmodName="pkcs11.txt";
-    }
- 
--   if (lconfigdir) {
-+   if (noModDB) {
-+	value = NULL;
-+   } else if (lconfigdir && lconfigdir[0] != '\0') {
- 	value = PR_smprintf("%s" PATH_SEPARATOR "%s",lconfigdir,secmodName);
-    } else {
- 	value = PR_smprintf("%s",secmodName);