From a81a4241f572034a999e413259a9fac08e743d36 Mon Sep 17 00:00:00 2001 From: Josef Ridky Date: Tue, 21 Feb 2017 09:36:04 +0100 Subject: [PATCH] Resolves: #1423743 - add support for OpenSSL-1.1.0 library --- 0002-openssl.patch | 87 ++++++++++++++++++++++++++++++++++++++++++++++ ipmitool.spec | 7 +++- sources | 1 - 3 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 0002-openssl.patch diff --git a/0002-openssl.patch b/0002-openssl.patch new file mode 100644 index 0000000..a3ded98 --- /dev/null +++ b/0002-openssl.patch @@ -0,0 +1,87 @@ +diff -urNp old/src/plugins/lanplus/lanplus_crypt_impl.c new/src/plugins/lanplus/lanplus_crypt_impl.c +--- old/src/plugins/lanplus/lanplus_crypt_impl.c 2016-05-28 10:20:20.000000000 +0200 ++++ new/src/plugins/lanplus/lanplus_crypt_impl.c 2017-02-21 09:03:15.498930188 +0100 +@@ -164,10 +164,10 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx; ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + *bytes_written = 0; +@@ -191,7 +191,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + *bytes_written = 0; +@@ -201,7 +201,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + { + uint32_t tmplen; + +- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + *bytes_written = 0; + return; /* Error */ +@@ -210,7 +210,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); + } + } + } +@@ -239,10 +239,10 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); ++ EVP_CIPHER_CTX *ctx; ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + + if (verbose >= 5) +@@ -266,7 +266,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); +@@ -277,7 +277,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + { + uint32_t tmplen; + +- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { + char buffer[1000]; + ERR_error_string(ERR_get_error(), buffer); +@@ -290,7 +290,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++ EVP_CIPHER_CTX_cleanup(ctx); + } + } + diff --git a/ipmitool.spec b/ipmitool.spec index 3d065ed..944c8cc 100644 --- a/ipmitool.spec +++ b/ipmitool.spec @@ -1,7 +1,7 @@ Name: ipmitool Summary: Utility for IPMI control Version: 1.8.18 -Release: 3%{?dist} +Release: 4%{?dist} License: BSD Group: System Environment/Base URL: http://ipmitool.sourceforge.net/ @@ -13,6 +13,7 @@ Source4: exchange-bmc-os-info.sysconf Source5: set-bmc-url.sh Source6: exchange-bmc-os-info Patch1: 0001-CVE-2011-4339-OpenIPMI.patch +Patch2: 0002-openssl.patch BuildRequires: openssl-devel readline-devel ncurses-devel BuildRequires: systemd-units @@ -81,6 +82,7 @@ for the host OS to use. %setup -q %patch1 -p1 +%patch2 -p1 for f in AUTHORS ChangeLog; do iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8 @@ -175,6 +177,9 @@ install -Dm 755 contrib/bmc-snmp-proxy %{buildroot}%{_libexecdir}/bmc-sn %{_libexecdir}/bmc-snmp-proxy %changelog +* Tue Feb 21 2017 Josef Ridky - 1.8.18-4 +- Add support for OpenSSL-1.1.0 library (#1423743) + * Fri Feb 10 2017 Fedora Release Engineering - 1.8.18-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/sources b/sources index 8f4b1b4..ab8a0ed 100644 --- a/sources +++ b/sources @@ -1,4 +1,3 @@ -7089cc93e59449f4fe2d0c36ce7142e9 ipmitool-1.8.16.tar.bz2 95bd2072031533893cd9d5d9c9603d92 exchange-bmc-os-info 6598ee7c4ba2c8f69ef2ad48e502cada exchange-bmc-os-info.service 3a728964cb3990f3fd6febef36b4e8af exchange-bmc-os-info.sysconf