| 1 |
commit: ce46fc22b9579eed7f0f3778cf4f53016dc215f0 |
| 2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Wed Jun 13 13:04:37 2018 +0000 |
| 4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Jun 13 13:04:58 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce46fc22 |
| 7 |
|
| 8 |
sys-apps/ipmitool: Fixed build against openssl-1.1 |
| 9 |
|
| 10 |
Closes: https://bugs.gentoo.org/592494 |
| 11 |
Package-Manager: Portage-2.3.40, Repoman-2.3.9 |
| 12 |
|
| 13 |
.../files/ipmitool-1.8.18-openssl-1.1.patch | 145 +++++++++++++++++++++ |
| 14 |
sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild | 6 +- |
| 15 |
2 files changed, 150 insertions(+), 1 deletion(-) |
| 16 |
|
| 17 |
diff --git a/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch |
| 18 |
new file mode 100644 |
| 19 |
index 00000000000..9e5a876f00a |
| 20 |
--- /dev/null |
| 21 |
+++ b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch |
| 22 |
@@ -0,0 +1,145 @@ |
| 23 |
+Taken from various upstream commits: |
| 24 |
+ |
| 25 |
+https://github.com/ipmitool/ipmitool/commit/b57487e360916ab3eaa50aa6d021c73b6337a4a0 |
| 26 |
+https://github.com/ipmitool/ipmitool/commit/77fe5635037ebaf411cae46cf5045ca819b5c145 |
| 27 |
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 |
| 28 |
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 |
| 29 |
+ |
| 30 |
+--- ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c |
| 31 |
++++ ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c |
| 32 |
+@@ -164,11 +164,7 @@ |
| 33 |
+ uint8_t * output, |
| 34 |
+ uint32_t * bytes_written) |
| 35 |
+ { |
| 36 |
+- EVP_CIPHER_CTX ctx; |
| 37 |
+- EVP_CIPHER_CTX_init(&ctx); |
| 38 |
+- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); |
| 39 |
+- EVP_CIPHER_CTX_set_padding(&ctx, 0); |
| 40 |
+- |
| 41 |
++ EVP_CIPHER_CTX *ctx = NULL; |
| 42 |
+ |
| 43 |
+ *bytes_written = 0; |
| 44 |
+ |
| 45 |
+@@ -182,6 +178,14 @@ |
| 46 |
+ printbuf(input, input_length, "encrypting this data"); |
| 47 |
+ } |
| 48 |
+ |
| 49 |
++ ctx = EVP_CIPHER_CTX_new(); |
| 50 |
++ if (ctx == NULL) { |
| 51 |
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); |
| 52 |
++ return; |
| 53 |
++ } |
| 54 |
++ EVP_CIPHER_CTX_init(ctx); |
| 55 |
++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); |
| 56 |
++ EVP_CIPHER_CTX_set_padding(ctx, 0); |
| 57 |
+ |
| 58 |
+ /* |
| 59 |
+ * The default implementation adds a whole block of padding if the input |
| 60 |
+@@ -191,28 +195,28 @@ |
| 61 |
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); |
| 62 |
+ |
| 63 |
+ |
| 64 |
+- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) |
| 65 |
++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) |
| 66 |
+ { |
| 67 |
+ /* Error */ |
| 68 |
+ *bytes_written = 0; |
| 69 |
+- return; |
| 70 |
+ } |
| 71 |
+ else |
| 72 |
+ { |
| 73 |
+ uint32_t tmplen; |
| 74 |
+ |
| 75 |
+- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) |
| 76 |
++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) |
| 77 |
+ { |
| 78 |
++ /* Error */ |
| 79 |
+ *bytes_written = 0; |
| 80 |
+- return; /* Error */ |
| 81 |
+ } |
| 82 |
+ else |
| 83 |
+ { |
| 84 |
+ /* Success */ |
| 85 |
+ *bytes_written += tmplen; |
| 86 |
+- EVP_CIPHER_CTX_cleanup(&ctx); |
| 87 |
+ } |
| 88 |
+ } |
| 89 |
++ /* performs cleanup and free */ |
| 90 |
++ EVP_CIPHER_CTX_free(ctx); |
| 91 |
+ } |
| 92 |
+ |
| 93 |
+ |
| 94 |
+@@ -239,11 +243,7 @@ |
| 95 |
+ uint8_t * output, |
| 96 |
+ uint32_t * bytes_written) |
| 97 |
+ { |
| 98 |
+- EVP_CIPHER_CTX ctx; |
| 99 |
+- EVP_CIPHER_CTX_init(&ctx); |
| 100 |
+- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); |
| 101 |
+- EVP_CIPHER_CTX_set_padding(&ctx, 0); |
| 102 |
+- |
| 103 |
++ EVP_CIPHER_CTX *ctx = NULL; |
| 104 |
+ |
| 105 |
+ if (verbose >= 5) |
| 106 |
+ { |
| 107 |
+@@ -252,12 +252,20 @@ |
| 108 |
+ printbuf(input, input_length, "decrypting this data"); |
| 109 |
+ } |
| 110 |
+ |
| 111 |
+- |
| 112 |
+ *bytes_written = 0; |
| 113 |
+ |
| 114 |
+ if (input_length == 0) |
| 115 |
+ return; |
| 116 |
+ |
| 117 |
++ ctx = EVP_CIPHER_CTX_new(); |
| 118 |
++ if (ctx == NULL) { |
| 119 |
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); |
| 120 |
++ return; |
| 121 |
++ } |
| 122 |
++ EVP_CIPHER_CTX_init(ctx); |
| 123 |
++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); |
| 124 |
++ EVP_CIPHER_CTX_set_padding(ctx, 0); |
| 125 |
++ |
| 126 |
+ /* |
| 127 |
+ * The default implementation adds a whole block of padding if the input |
| 128 |
+ * data is perfectly aligned. We would like to keep that from happening. |
| 129 |
+@@ -266,33 +274,33 @@ |
| 130 |
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); |
| 131 |
+ |
| 132 |
+ |
| 133 |
+- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) |
| 134 |
++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) |
| 135 |
+ { |
| 136 |
+ /* Error */ |
| 137 |
+ lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); |
| 138 |
+ *bytes_written = 0; |
| 139 |
+- return; |
| 140 |
+ } |
| 141 |
+ else |
| 142 |
+ { |
| 143 |
+ uint32_t tmplen; |
| 144 |
+ |
| 145 |
+- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) |
| 146 |
++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) |
| 147 |
+ { |
| 148 |
++ /* Error */ |
| 149 |
+ char buffer[1000]; |
| 150 |
+ ERR_error_string(ERR_get_error(), buffer); |
| 151 |
+ lprintf(LOG_DEBUG, "the ERR error %s", buffer); |
| 152 |
+ lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); |
| 153 |
+ *bytes_written = 0; |
| 154 |
+- return; /* Error */ |
| 155 |
+ } |
| 156 |
+ else |
| 157 |
+ { |
| 158 |
+ /* Success */ |
| 159 |
+ *bytes_written += tmplen; |
| 160 |
+- EVP_CIPHER_CTX_cleanup(&ctx); |
| 161 |
+ } |
| 162 |
+ } |
| 163 |
++ /* performs cleanup and free */ |
| 164 |
++ EVP_CIPHER_CTX_free(ctx); |
| 165 |
+ |
| 166 |
+ if (verbose >= 5) |
| 167 |
+ { |
| 168 |
|
| 169 |
diff --git a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
| 170 |
index 62f5859016f..6c26d8e0980 100644 |
| 171 |
--- a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
| 172 |
+++ b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
| 173 |
@@ -1,4 +1,4 @@ |
| 174 |
-# Copyright 1999-2016 Gentoo Foundation |
| 175 |
+# Copyright 1999-2018 Gentoo Foundation |
| 176 |
# Distributed under the terms of the GNU General Public License v2 |
| 177 |
|
| 178 |
EAPI=6 |
| 179 |
@@ -29,6 +29,10 @@ DEPEND="${RDEPEND} |
| 180 |
# ipmitool CAN build against || ( sys-libs/openipmi sys-libs/freeipmi ) |
| 181 |
# but it doesn't actually need either. |
| 182 |
|
| 183 |
+PATCHES=( |
| 184 |
+ "${FILESDIR}"/${P}-openssl-1.1.patch |
| 185 |
+) |
| 186 |
+ |
| 187 |
src_prepare() { |
| 188 |
default |
| 189 |
[ -d "${S}"/debian ] && mv "${S}"/debian{,.package} |
Archives