From 0a9f7b23f1ee468e06c6b732e2ea1c59abe66f01 Mon Sep 17 00:00:00 2001
From: lingsheng <lingsheng@huawei.com>
Date: Wed, 5 Aug 2020 17:46:44 +0800
Subject: [PATCH 1/2] Fix the build with nss 3.44

---
 Fix-the-build-with-nss-3.44.patch | 42 +++++++++++++++++++++++++++++++
 pesign.spec                       |  7 +++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 Fix-the-build-with-nss-3.44.patch

diff --git a/Fix-the-build-with-nss-3.44.patch b/Fix-the-build-with-nss-3.44.patch
new file mode 100644
index 0000000..e3cc74a
--- /dev/null
+++ b/Fix-the-build-with-nss-3.44.patch
@@ -0,0 +1,42 @@
+From b535d1ac5cbcdf18a97d97a92581e38080d9e521 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Tue, 14 May 2019 11:28:38 -0400
+Subject: [PATCH] efikeygen: Fix the build with nss 3.44
+
+NSS 3.44 adds some certificate types, which changes a type and makes
+some encoding stuff weird.  As a result, we get:
+
+gcc8 -I/wrkdirs/usr/ports/sysutils/pesign/work/pesign-0.110/include -O2 -pipe  -fstack-protector-strong -Wl,-rpath=/usr/local/lib/gcc8 -isystem /usr/local/include -fno-strict-aliasing  -g -O0 -g -O0  -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants --std=gnu99 -D_GNU_SOURCE -Wno-unused-result -Wno-unused-function -I../include/  -I/usr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include/nspr  -Werror -fPIC -isystem /usr/local/include -DCONFIG_amd64 -DCONFIG_amd64 -c efikeygen.c -o efikeygen.o
+In file included from /usr/local/include/nss/nss/cert.h:22,
+                 from efikeygen.c:39:
+efikeygen.c: In function 'add_cert_type':
+/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow]
+     (NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER | NS_CERT_TYPE_EMAIL | \
+     ^
+efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP'
+  unsigned char type = NS_CERT_TYPE_APP;
+                       ^~~~~~~~~~~~~~~~
+cc1: all warnings being treated as errors
+
+This is fixed by just making it an int.
+
+Fixes github issue #48.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ src/efikeygen.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/efikeygen.c b/src/efikeygen.c
+index ede76ef..2cd953e 100644
+--- a/src/efikeygen.c
++++ b/src/efikeygen.c
+@@ -208,7 +208,7 @@ static int
+ add_cert_type(cms_context *cms, void *extHandle, int is_ca)
+ {
+ 	SECItem bitStringValue;
+-	unsigned char type = NS_CERT_TYPE_APP;
++	int type = NS_CERT_TYPE_APP;
+ 
+ 	if (is_ca)
+ 		type |= NS_CERT_TYPE_SSL_CA |
diff --git a/pesign.spec b/pesign.spec
index e1e270f..3a1af03 100644
--- a/pesign.spec
+++ b/pesign.spec
@@ -2,7 +2,7 @@
 Name:          pesign
 Summary:       Signing utility for UEFI binaries
 Version:       0.113
-Release:       1
+Release:       2
 License:       GPLv2
 URL:           https://github.com/vathpela/pesign
 Source0:       pesign-%{version}.tar.gz
@@ -16,6 +16,8 @@ BuildRequires: nspr nss nss-util popt-devel nss-tools nspr-devel >= 4.9.2-1
 BuildRequires: nss-devel >= 3.13.6-1 efivar-devel >= 31-1 libuuid-devel tar xz
 BuildRequires: python3-rpm-macros python3 systemd python3-devel
 
+Patch0001:     Fix-the-build-with-nss-3.44.patch
+
 %description
 pesign is a command line tool for manipulating signatures and
 cryptographic digests of UEFI applications.
@@ -91,6 +93,9 @@ exit 0
 %{_mandir}/man*/*
 
 %changelog
+* Wed Aug 05 2020 lingsheng <lingsheng@huawei.com> - 0.113-2
+- Fix the build with nss 3.44
+
 * Mon Jan 13 2020 openEuler Buildteam <buildteam@openeuler.org> - 0.113-1
 - Type:bugfix
 - Id:NA
-- 
Gitee


From b25d48a70848722bb2873beb5fefc9b06a2cdf37 Mon Sep 17 00:00:00 2001
From: baizg1107 <preloyalwhite@163.com>
Date: Mon, 14 Sep 2020 14:04:33 +0800
Subject: [PATCH 2/2] Modify source0 and rename package

---
 pesign-0.113.tar.gz => 113.tar.gz | Bin
 pesign.spec                       |   7 +++++--
 2 files changed, 5 insertions(+), 2 deletions(-)
 rename pesign-0.113.tar.gz => 113.tar.gz (100%)

diff --git a/pesign-0.113.tar.gz b/113.tar.gz
similarity index 100%
rename from pesign-0.113.tar.gz
rename to 113.tar.gz
diff --git a/pesign.spec b/pesign.spec
index 3a1af03..06c93dd 100644
--- a/pesign.spec
+++ b/pesign.spec
@@ -2,10 +2,10 @@
 Name:          pesign
 Summary:       Signing utility for UEFI binaries
 Version:       0.113
-Release:       2
+Release:       3
 License:       GPLv2
 URL:           https://github.com/vathpela/pesign
-Source0:       pesign-%{version}.tar.gz
+Source0:       https://github.com/rhboot/pesign/archive/113.tar.gz
 Source1:       certs.tar.xz
 Source2:       pesign.py
 Source3:       euleros-certs.tar.bz2
@@ -93,6 +93,9 @@ exit 0
 %{_mandir}/man*/*
 
 %changelog
+* Thu Sep 10 2020 baizhonggui <baizhonggui@huawei.com> - 0.113-3
+- Modify source0 and replace package
+
 * Wed Aug 05 2020 lingsheng <lingsheng@huawei.com> - 0.113-2
 - Fix the build with nss 3.44
 
-- 
Gitee