Bug 1302232 - Update Taskcluster to use clang-3.9 r=mt

2 files changed, 25 insertions, 18 deletions

diff --git a/lib/certhigh/ocsp.c b/lib/certhigh/ocsp.c
index 3f89fb673..40c56bb67 100644
--- a/lib/certhigh/ocsp.c
+++ b/lib/certhigh/ocsp.c
@@ -2200,7 +2200,7 @@ CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
                                 SECOidTag responseType0, ...)
 {
     void *extHandle;
-    va_list ap;
+    va_list ap, ap2;
     int i, count;
     SECOidTag responseType;
     SECOidData *responseOid;
@@ -2217,7 +2217,15 @@ CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
     /* Count number of OIDS going into the extension value. */
     count = 1;
     if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wvarargs"
+#endif
         va_start(ap, responseType0);
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
+        va_copy(ap2, ap);
         do {
             count++;
             responseType = va_arg(ap, SECOidTag);
@@ -2233,13 +2241,12 @@ CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
     responseOid = SECOID_FindOIDByTag(responseType0);
     acceptableResponses[i++] = &(responseOid->oid);
     if (count > 1) {
-        va_start(ap, responseType0);
         for (; i < count; i++) {
-            responseType = va_arg(ap, SECOidTag);
+            responseType = va_arg(ap2, SECOidTag);
             responseOid = SECOID_FindOIDByTag(responseType);
             acceptableResponses[i] = &(responseOid->oid);
         }
-        va_end(ap);
+        va_end(ap2);
     }
     acceptableResponses[i] = NULL;
 
diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c
index a56bca3f6..ab0a654d7 100644
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -11151,20 +11151,20 @@ ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
         ss->sec.keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB;
     } else
     skip:
-    if (kea_def->ephemeral) {
-        sslEphemeralKeyPair *keyPair;
-        /* There should be exactly one pair. */
-        PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
-        PORT_Assert(PR_PREV_LINK(&ss->ephemeralKeyPairs) ==
-                    PR_NEXT_LINK(&ss->ephemeralKeyPairs));
-        keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
-        serverKeyPair = keyPair->keys;
-        ss->sec.keaKeyBits =
-            SECKEY_PublicKeyStrengthInBits(serverKeyPair->pubKey);
-    } else {
-        serverKeyPair = ss->sec.serverCert->serverKeyPair;
-        ss->sec.keaKeyBits = ss->sec.serverCert->serverKeyBits;
-    }
+        if (kea_def->ephemeral) {
+            sslEphemeralKeyPair *keyPair;
+            /* There should be exactly one pair. */
+            PORT_Assert(!PR_CLIST_IS_EMPTY(&ss->ephemeralKeyPairs));
+            PORT_Assert(PR_PREV_LINK(&ss->ephemeralKeyPairs) ==
+                        PR_NEXT_LINK(&ss->ephemeralKeyPairs));
+            keyPair = (sslEphemeralKeyPair *)PR_NEXT_LINK(&ss->ephemeralKeyPairs);
+            serverKeyPair = keyPair->keys;
+            ss->sec.keaKeyBits =
+                SECKEY_PublicKeyStrengthInBits(serverKeyPair->pubKey);
+        } else {
+            serverKeyPair = ss->sec.serverCert->serverKeyPair;
+            ss->sec.keaKeyBits = ss->sec.serverCert->serverKeyBits;
+        }
 
     if (!serverKeyPair) {
         SSL3_SendAlert(ss, alert_fatal, handshake_failure);