summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wendler <polynomial-c@gentoo.org>2018-06-13 15:04:37 +0200
committerLars Wendler <polynomial-c@gentoo.org>2018-06-13 15:04:58 +0200
commitce46fc22b9579eed7f0f3778cf4f53016dc215f0 (patch)
treee6d1f420ade82d4e7659a5f8315a0846ade9380e /sys-apps/ipmitool
parentsys-apps/ipmitool: Removed old. (diff)
downloadgentoo-ce46fc22b9579eed7f0f3778cf4f53016dc215f0.tar.gz
gentoo-ce46fc22b9579eed7f0f3778cf4f53016dc215f0.tar.bz2
gentoo-ce46fc22b9579eed7f0f3778cf4f53016dc215f0.zip
sys-apps/ipmitool: Fixed build against openssl-1.1
Closes: https://bugs.gentoo.org/592494 Package-Manager: Portage-2.3.40, Repoman-2.3.9
Diffstat (limited to 'sys-apps/ipmitool')
-rw-r--r--sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch145
-rw-r--r--sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild6
2 files changed, 150 insertions, 1 deletions
diff --git a/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch
new file mode 100644
index 000000000000..9e5a876f00a3
--- /dev/null
+++ b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch
@@ -0,0 +1,145 @@
+Taken from various upstream commits:
+
+https://github.com/ipmitool/ipmitool/commit/b57487e360916ab3eaa50aa6d021c73b6337a4a0
+https://github.com/ipmitool/ipmitool/commit/77fe5635037ebaf411cae46cf5045ca819b5c145
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717
+https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717
+
+--- ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c
++++ ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c
+@@ -164,11 +164,7 @@
+ uint8_t * output,
+ uint32_t * bytes_written)
+ {
+- EVP_CIPHER_CTX ctx;
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+-
++ EVP_CIPHER_CTX *ctx = NULL;
+
+ *bytes_written = 0;
+
+@@ -182,6 +178,14 @@
+ printbuf(input, input_length, "encrypting this data");
+ }
+
++ ctx = EVP_CIPHER_CTX_new();
++ if (ctx == NULL) {
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
++ return;
++ }
++ EVP_CIPHER_CTX_init(ctx);
++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
++ EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+ /*
+ * The default implementation adds a whole block of padding if the input
+@@ -191,28 +195,28 @@
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+
+
+- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+ {
+ /* Error */
+ *bytes_written = 0;
+- return;
+ }
+ else
+ {
+ uint32_t tmplen;
+
+- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+ {
++ /* Error */
+ *bytes_written = 0;
+- return; /* Error */
+ }
+ else
+ {
+ /* Success */
+ *bytes_written += tmplen;
+- EVP_CIPHER_CTX_cleanup(&ctx);
+ }
+ }
++ /* performs cleanup and free */
++ EVP_CIPHER_CTX_free(ctx);
+ }
+
+
+@@ -239,11 +243,7 @@
+ uint8_t * output,
+ uint32_t * bytes_written)
+ {
+- EVP_CIPHER_CTX ctx;
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+-
++ EVP_CIPHER_CTX *ctx = NULL;
+
+ if (verbose >= 5)
+ {
+@@ -252,12 +252,20 @@
+ printbuf(input, input_length, "decrypting this data");
+ }
+
+-
+ *bytes_written = 0;
+
+ if (input_length == 0)
+ return;
+
++ ctx = EVP_CIPHER_CTX_new();
++ if (ctx == NULL) {
++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
++ return;
++ }
++ EVP_CIPHER_CTX_init(ctx);
++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
++ EVP_CIPHER_CTX_set_padding(ctx, 0);
++
+ /*
+ * The default implementation adds a whole block of padding if the input
+ * data is perfectly aligned. We would like to keep that from happening.
+@@ -266,33 +274,33 @@
+ assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+
+
+- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+ {
+ /* Error */
+ lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
+ *bytes_written = 0;
+- return;
+ }
+ else
+ {
+ uint32_t tmplen;
+
+- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+ {
++ /* Error */
+ char buffer[1000];
+ ERR_error_string(ERR_get_error(), buffer);
+ lprintf(LOG_DEBUG, "the ERR error %s", buffer);
+ lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
+ *bytes_written = 0;
+- return; /* Error */
+ }
+ else
+ {
+ /* Success */
+ *bytes_written += tmplen;
+- EVP_CIPHER_CTX_cleanup(&ctx);
+ }
+ }
++ /* performs cleanup and free */
++ EVP_CIPHER_CTX_free(ctx);
+
+ if (verbose >= 5)
+ {
diff --git a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild
index 62f5859016f1..6c26d8e0980c 100644
--- a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild
+++ b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -29,6 +29,10 @@ DEPEND="${RDEPEND}
# ipmitool CAN build against || ( sys-libs/openipmi sys-libs/freeipmi )
# but it doesn't actually need either.
+PATCHES=(
+ "${FILESDIR}"/${P}-openssl-1.1.patch
+)
+
src_prepare() {
default
[ -d "${S}"/debian ] && mv "${S}"/debian{,.package}