Bug 968348: Remove some set-but-never-read variables, an inline a PR_LOGGING-only variable, to fix build warnings in security/manager/ssl/src/. r=keeler

security/manager/ssl/src/SSLServerCertVerification.cpp

@@ -506,8 +506,6 @@ CreateCertErrorRunnable(CertVerifier& certVerifier,
     return nullptr;
   }
 
-  SECStatus srv;
-
   PLArenaPool* log_arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
   PLArenaPoolCleanerFalseParam log_arena_cleaner(log_arena);
   if (!log_arena) {
@@ -523,17 +521,17 @@ CreateCertErrorRunnable(CertVerifier& certVerifier,
   CERTVerifyLogContentsCleaner verify_log_cleaner(verify_log);
   verify_log->arena = log_arena;
 
-  // XXX TODO: convert to VerifySSLServerCert
-  // XXX TODO: get rid of error log
-  srv = certVerifier.VerifyCert(cert, stapledOCSPResponse,
-                                certificateUsageSSLServer, now,
-                                infoObject, 0, nullptr, nullptr, verify_log);
 
-  // We ignore the result code of the cert verification.
+  // We ignore the result code of the cert verification (i.e. VerifyCert's rv)
   // Either it is a failure, which is expected, and we'll process the
   //                         verify log below.
   // Or it is a success, then a domain mismatch is the only
   //                     possible failure.
+  // XXX TODO: convert to VerifySSLServerCert
+  // XXX TODO: get rid of error log
+  certVerifier.VerifyCert(cert, stapledOCSPResponse,
+                          certificateUsageSSLServer, now,
+                          infoObject, 0, nullptr, nullptr, verify_log);
 
   PRErrorCode errorCodeMismatch = 0;
   PRErrorCode errorCodeTrust = 0;

security/manager/ssl/src/nsNSSCertificate.cpp

@@ -823,17 +823,16 @@ nsNSSCertificate::GetChain(nsIArray** _rvChain)
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting chain for \"%s\"\n", mCert->nickname));
 
   ::insanity::pkix::ScopedCERTCertList nssChain;
-  SECStatus srv;
   RefPtr<SharedCertVerifier> certVerifier(GetDefaultCertVerifier());
   NS_ENSURE_TRUE(certVerifier, NS_ERROR_UNEXPECTED);
 
   // We want to test all usages, but we start with server because most of the
   // time Firefox users care about server certs.
-  srv = certVerifier->VerifyCert(mCert.get(), nullptr,
-                                 certificateUsageSSLServer, PR_Now(),
-                                 nullptr, /*XXX fixme*/
-                                 CertVerifier::FLAG_LOCAL_ONLY,
-                                 &nssChain);
+  certVerifier->VerifyCert(mCert.get(), nullptr,
+                           certificateUsageSSLServer, PR_Now(),
+                           nullptr, /*XXX fixme*/
+                           CertVerifier::FLAG_LOCAL_ONLY,
+                           &nssChain);
   // This is the whitelist of all non-SSLServer usages that are supported by
   // verifycert.
   const int otherUsagesToTest = certificateUsageSSLClient |
@@ -851,11 +850,11 @@ nsNSSCertificate::GetChain(nsIArray** _rvChain)
     PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
            ("pipnss: PKIX attempting chain(%d) for '%s'\n",
             usage, mCert->nickname));
-    srv = certVerifier->VerifyCert(mCert.get(), nullptr,
-                                   usage, PR_Now(),
-                                   nullptr, /*XXX fixme*/
-                                   CertVerifier::FLAG_LOCAL_ONLY,
-                                   &nssChain);
+    certVerifier->VerifyCert(mCert.get(), nullptr,
+                             usage, PR_Now(),
+                             nullptr, /*XXX fixme*/
+                             CertVerifier::FLAG_LOCAL_ONLY,
+                             &nssChain);
   }
 
   if (!nssChain) {

security/manager/ssl/src/nsUsageArrayHelper.cpp

@@ -132,7 +132,6 @@ nsUsageArrayHelper::check(uint32_t previousCheckResult,
 
   PRErrorCode error = PR_GetError();
 
-  const char * errorString = PR_ErrorToName(error);
   uint32_t result = nsIX509Cert::NOT_VERIFIED_UNKNOWN;
   verifyFailed(&result, error);
 
@@ -145,7 +144,7 @@ nsUsageArrayHelper::check(uint32_t previousCheckResult,
 
   PR_LOG(gPIPNSSLog, PR_LOG_DEBUG,
           ("error validating certificate for usage %s: %s (%d) -> %ud \n",
-          typestr.get(), errorString, (int) error, (int) result));
+          typestr.get(), PR_ErrorToName(error), (int) error, (int) result));
 
   return result;
 }