1 |
commit: ce46fc22b9579eed7f0f3778cf4f53016dc215f0 |
2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jun 13 13:04:37 2018 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jun 13 13:04:58 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce46fc22 |
7 |
|
8 |
sys-apps/ipmitool: Fixed build against openssl-1.1 |
9 |
|
10 |
Closes: https://bugs.gentoo.org/592494 |
11 |
Package-Manager: Portage-2.3.40, Repoman-2.3.9 |
12 |
|
13 |
.../files/ipmitool-1.8.18-openssl-1.1.patch | 145 +++++++++++++++++++++ |
14 |
sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild | 6 +- |
15 |
2 files changed, 150 insertions(+), 1 deletion(-) |
16 |
|
17 |
diff --git a/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch |
18 |
new file mode 100644 |
19 |
index 00000000000..9e5a876f00a |
20 |
--- /dev/null |
21 |
+++ b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch |
22 |
@@ -0,0 +1,145 @@ |
23 |
+Taken from various upstream commits: |
24 |
+ |
25 |
+https://github.com/ipmitool/ipmitool/commit/b57487e360916ab3eaa50aa6d021c73b6337a4a0 |
26 |
+https://github.com/ipmitool/ipmitool/commit/77fe5635037ebaf411cae46cf5045ca819b5c145 |
27 |
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 |
28 |
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 |
29 |
+ |
30 |
+--- ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c |
31 |
++++ ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c |
32 |
+@@ -164,11 +164,7 @@ |
33 |
+ uint8_t * output, |
34 |
+ uint32_t * bytes_written) |
35 |
+ { |
36 |
+- EVP_CIPHER_CTX ctx; |
37 |
+- EVP_CIPHER_CTX_init(&ctx); |
38 |
+- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); |
39 |
+- EVP_CIPHER_CTX_set_padding(&ctx, 0); |
40 |
+- |
41 |
++ EVP_CIPHER_CTX *ctx = NULL; |
42 |
+ |
43 |
+ *bytes_written = 0; |
44 |
+ |
45 |
+@@ -182,6 +178,14 @@ |
46 |
+ printbuf(input, input_length, "encrypting this data"); |
47 |
+ } |
48 |
+ |
49 |
++ ctx = EVP_CIPHER_CTX_new(); |
50 |
++ if (ctx == NULL) { |
51 |
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); |
52 |
++ return; |
53 |
++ } |
54 |
++ EVP_CIPHER_CTX_init(ctx); |
55 |
++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); |
56 |
++ EVP_CIPHER_CTX_set_padding(ctx, 0); |
57 |
+ |
58 |
+ /* |
59 |
+ * The default implementation adds a whole block of padding if the input |
60 |
+@@ -191,28 +195,28 @@ |
61 |
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); |
62 |
+ |
63 |
+ |
64 |
+- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) |
65 |
++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) |
66 |
+ { |
67 |
+ /* Error */ |
68 |
+ *bytes_written = 0; |
69 |
+- return; |
70 |
+ } |
71 |
+ else |
72 |
+ { |
73 |
+ uint32_t tmplen; |
74 |
+ |
75 |
+- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) |
76 |
++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) |
77 |
+ { |
78 |
++ /* Error */ |
79 |
+ *bytes_written = 0; |
80 |
+- return; /* Error */ |
81 |
+ } |
82 |
+ else |
83 |
+ { |
84 |
+ /* Success */ |
85 |
+ *bytes_written += tmplen; |
86 |
+- EVP_CIPHER_CTX_cleanup(&ctx); |
87 |
+ } |
88 |
+ } |
89 |
++ /* performs cleanup and free */ |
90 |
++ EVP_CIPHER_CTX_free(ctx); |
91 |
+ } |
92 |
+ |
93 |
+ |
94 |
+@@ -239,11 +243,7 @@ |
95 |
+ uint8_t * output, |
96 |
+ uint32_t * bytes_written) |
97 |
+ { |
98 |
+- EVP_CIPHER_CTX ctx; |
99 |
+- EVP_CIPHER_CTX_init(&ctx); |
100 |
+- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); |
101 |
+- EVP_CIPHER_CTX_set_padding(&ctx, 0); |
102 |
+- |
103 |
++ EVP_CIPHER_CTX *ctx = NULL; |
104 |
+ |
105 |
+ if (verbose >= 5) |
106 |
+ { |
107 |
+@@ -252,12 +252,20 @@ |
108 |
+ printbuf(input, input_length, "decrypting this data"); |
109 |
+ } |
110 |
+ |
111 |
+- |
112 |
+ *bytes_written = 0; |
113 |
+ |
114 |
+ if (input_length == 0) |
115 |
+ return; |
116 |
+ |
117 |
++ ctx = EVP_CIPHER_CTX_new(); |
118 |
++ if (ctx == NULL) { |
119 |
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); |
120 |
++ return; |
121 |
++ } |
122 |
++ EVP_CIPHER_CTX_init(ctx); |
123 |
++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); |
124 |
++ EVP_CIPHER_CTX_set_padding(ctx, 0); |
125 |
++ |
126 |
+ /* |
127 |
+ * The default implementation adds a whole block of padding if the input |
128 |
+ * data is perfectly aligned. We would like to keep that from happening. |
129 |
+@@ -266,33 +274,33 @@ |
130 |
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); |
131 |
+ |
132 |
+ |
133 |
+- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) |
134 |
++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) |
135 |
+ { |
136 |
+ /* Error */ |
137 |
+ lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); |
138 |
+ *bytes_written = 0; |
139 |
+- return; |
140 |
+ } |
141 |
+ else |
142 |
+ { |
143 |
+ uint32_t tmplen; |
144 |
+ |
145 |
+- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) |
146 |
++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) |
147 |
+ { |
148 |
++ /* Error */ |
149 |
+ char buffer[1000]; |
150 |
+ ERR_error_string(ERR_get_error(), buffer); |
151 |
+ lprintf(LOG_DEBUG, "the ERR error %s", buffer); |
152 |
+ lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); |
153 |
+ *bytes_written = 0; |
154 |
+- return; /* Error */ |
155 |
+ } |
156 |
+ else |
157 |
+ { |
158 |
+ /* Success */ |
159 |
+ *bytes_written += tmplen; |
160 |
+- EVP_CIPHER_CTX_cleanup(&ctx); |
161 |
+ } |
162 |
+ } |
163 |
++ /* performs cleanup and free */ |
164 |
++ EVP_CIPHER_CTX_free(ctx); |
165 |
+ |
166 |
+ if (verbose >= 5) |
167 |
+ { |
168 |
|
169 |
diff --git a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
170 |
index 62f5859016f..6c26d8e0980 100644 |
171 |
--- a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
172 |
+++ b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild |
173 |
@@ -1,4 +1,4 @@ |
174 |
-# Copyright 1999-2016 Gentoo Foundation |
175 |
+# Copyright 1999-2018 Gentoo Foundation |
176 |
# Distributed under the terms of the GNU General Public License v2 |
177 |
|
178 |
EAPI=6 |
179 |
@@ -29,6 +29,10 @@ DEPEND="${RDEPEND} |
180 |
# ipmitool CAN build against || ( sys-libs/openipmi sys-libs/freeipmi ) |
181 |
# but it doesn't actually need either. |
182 |
|
183 |
+PATCHES=( |
184 |
+ "${FILESDIR}"/${P}-openssl-1.1.patch |
185 |
+) |
186 |
+ |
187 |
src_prepare() { |
188 |
default |
189 |
[ -d "${S}"/debian ] && mv "${S}"/debian{,.package} |