diff --git a/0001-fix-prototype-deprecated-and-expression-result-unuse.patch b/0001-fix-prototype-deprecated-and-expression-result-unuse.patch new file mode 100644 index 0000000000000000000000000000000000000000..cf456520dd32df22ed0aca2e7f1ae93afb8f8a31 --- /dev/null +++ b/0001-fix-prototype-deprecated-and-expression-result-unuse.patch @@ -0,0 +1,59 @@ +From 8012e240a0427945fe9726ad8e6821984415f24f Mon Sep 17 00:00:00 2001 +From: yuncang123 <1050706328@qq.com> +Date: Sat, 31 Aug 2024 02:13:17 +0800 +Subject: [PATCH] fix prototype deprecated and expression result unused + +--- + lib/libswan/ckaid.c | 2 +- + lib/libswan/subnettypeof.c | 3 +-- + lib/libswan/ultot.c | 7 ++----- + 3 files changed, 4 insertions(+), 8 deletions(-) + +diff --git a/lib/libswan/ckaid.c b/lib/libswan/ckaid.c +index 5365946..d13fa38 100644 +--- a/lib/libswan/ckaid.c ++++ b/lib/libswan/ckaid.c +@@ -81,7 +81,7 @@ ckaid_t ckaid_from_secitem(const SECItem *const nss_ckaid) + /* ckaid = { .len = min(...), } barfs with gcc 11.2.1 */ + ckaid_t ckaid = {0}; + /* should not be truncated but can be */ +- ckaid.len = min(nss_ckaid_len, sizeof(ckaid.ptr/*array*/)), ++ ckaid.len = min(nss_ckaid_len, sizeof(ckaid.ptr/*array*/)); + pexpect(ckaid.len == nss_ckaid_len); + memmove(ckaid.ptr, nss_ckaid->data, ckaid.len); + return ckaid; +diff --git a/lib/libswan/subnettypeof.c b/lib/libswan/subnettypeof.c +index 0413547..cbe8ee4 100644 +--- a/lib/libswan/subnettypeof.c ++++ b/lib/libswan/subnettypeof.c +@@ -20,8 +20,7 @@ + * masktocount - convert a mask, expressed as an address, to a bit count + */ + int /* -1 if not valid mask */ +-masktocount(src) +-const ip_address * src; ++masktocount(const ip_address * src) + { + int b; + const unsigned char *p; +diff --git a/lib/libswan/ultot.c b/lib/libswan/ultot.c +index 0e7b413..9d90cf4 100644 +--- a/lib/libswan/ultot.c ++++ b/lib/libswan/ultot.c +@@ -21,11 +21,8 @@ + - ultot - convert unsigned long to text + */ + size_t /* length required for full conversion */ +-ultot(n, base, dst, dstlen) +-unsigned long n; +-int base; +-char *dst; /* need not be valid if dstlen is 0 */ +-size_t dstlen; ++ultot(unsigned long n, int base, char *dst, size_t dstlen) ++ /* char *dst need not be valid if dstlen is 0 */ + { + char buf[3 * sizeof(unsigned long) + 1]; + char *bufend = buf + sizeof(buf); +-- +2.43.0 + diff --git a/libreswan.spec b/libreswan.spec index 922ad09a8c1bcd5f02b7f84dcdccd9f8b87cf515..8cd32edc93ea0c027ffa49f7117d22c580047fea 100644 --- a/libreswan.spec +++ b/libreswan.spec @@ -26,7 +26,7 @@ Name: libreswan Summary: IKE implementation for IPsec with IKEv1 and IKEv2 support Version: 4.15 -Release: 1 +Release: 2 License: GPL-2.0-only Url: https://libreswan.org/ Source0: https://download.libreswan.org/%{name}-%{version}.tar.gz @@ -35,6 +35,7 @@ Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2 Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2 Source4: openeuler-libreswan-sysctl.conf +Patch0001: 0001-fix-prototype-deprecated-and-expression-result-unuse.patch BuildRequires: audit-libs-devel BuildRequires: bison @@ -107,13 +108,23 @@ sed -i '/ipsec --checknss/s/$/ --nssdir \/etc\/ipsec.d/' ./initsystems/systemd/i linux_variant=`sed -n -e 's/"//g' -e 's/^ID_LIKE=//p' -e 's/^ID=//p' /etc/os-release|tr '\n' ' ' && echo` sed -i "s/filter fedora/filter fedora $linux_variant/" mk/defaults/linux.mk + %build +%if "%toolchain"=="clang" +make %{?_smp_mflags} \ + OPTIMIZE_CFLAGS="%{optflags}" \ + WERROR_CFLAGS="-Werror -Wno-missing-field-initializers" \ + USERLINK="-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -flto -fno-lto" \ + %{libreswan_config} \ + programs +%else make %{?_smp_mflags} \ OPTIMIZE_CFLAGS="%{optflags}" \ WERROR_CFLAGS="-Werror -Wno-missing-field-initializers -Wno-lto-type-mismatch -Wno-maybe-uninitialized" \ USERLINK="-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -flto --no-lto" \ %{libreswan_config} \ programs +%endif FS=$(pwd) %install @@ -191,6 +202,9 @@ certutil -N -d sql:$tmpdir --empty-password %attr(0644,root,root) %doc %{_mandir}/*/* %changelog +* Sat Aug 31 2024 yuanchao <1050706328@qq.com> - 4.15-2 +- Fix prototype deprecated and expression result unused,support clang build + * Tue Apr 30 2024 wangkai <13474090681@163.com> - 4.15-1 - Update to 4.15 for fix CVE-2024-3652