.gitignore

@@ -1 +1 @@
-SOURCES/ipmitool-1.8.18.tar.gz
+SOURCES/ipmitool-1.8.18.tar.bz2

.ipmitool.metadata

@@ -1 +0,0 @@
-ebb7c4387c11130ea874531beedba774f6431839 SOURCES/ipmitool-1.8.18.tar.gz

SOURCES/0008-add-extern.patch

@@ -1,40 +0,0 @@
-From 95f666fa10c32233ee202d8b99d05b5e13528a25 Mon Sep 17 00:00:00 2001
-From: Vaclav Dolezal <vdolezal@redhat.com>
-Date: Thu, 23 Jan 2020 11:26:32 +0100
-Subject: [PATCH] hpmfwupg: move variable definition to .c file
-
-Signed-off-by: Vaclav Dolezal <vdolezal@redhat.com>
----
- include/ipmitool/ipmi_hpmfwupg.h | 2 +-
- lib/ipmi_hpmfwupg.c              | 2 ++
- 2 files changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/include/ipmitool/ipmi_hpmfwupg.h b/include/ipmitool/ipmi_hpmfwupg.h
-index de65292..07f597b 100644
---- a/include/ipmitool/ipmi_hpmfwupg.h
-+++ b/include/ipmitool/ipmi_hpmfwupg.h
-@@ -800,7 +800,7 @@ typedef struct _VERSIONINFO {
- 	char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
- }VERSIONINFO, *PVERSIONINFO;
- 
--VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+extern VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
- 
- #define TARGET_VER (0x01)
- #define ROLLBACK_VER (0x02)
-diff --git a/lib/ipmi_hpmfwupg.c b/lib/ipmi_hpmfwupg.c
-index bbcffc0..d7cdcd6 100644
---- a/lib/ipmi_hpmfwupg.c
-+++ b/lib/ipmi_hpmfwupg.c
-@@ -58,6 +58,8 @@ ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf);
- 
- extern int verbose;
- 
-+VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+
- int HpmfwupgUpgrade(struct ipmi_intf *intf, char *imageFilename,
- 		int activate, int, int);
- int HpmfwupgValidateImageIntegrity(struct HpmfwupgUpgradeCtx *pFwupgCtx);
--- 
-2.20.1
-

SOURCES/0008-use-best-cipher.patch

@@ -1,4 +1,4 @@
-From f2df2aa5a010544d53589a5b048677406eb40ee8 Mon Sep 17 00:00:00 2001
+From 260293c0ee5a268bc7fc1483e5304546745122a6 Mon Sep 17 00:00:00 2001
 From: Vernon Mauery <vernon.mauery@intel.com>
 Date: Mon, 9 Apr 2018 12:28:57 -0700
 Subject: [PATCH] lanplus: Auto-select 'best' cipher suite available

SOURCES/0009-CVE-2020-5208.patch

@@ -1,4 +1,4 @@
-From b3e74778c65ba3ffc8a9b3133c87588ee5d18a74 Mon Sep 17 00:00:00 2001
+From a1732e68bce148255785e67eb035520729274d86 Mon Sep 17 00:00:00 2001
 From: Chrostoper Ertl <chertl@microsoft.com>
 Date: Thu, 28 Nov 2019 16:33:59 +0000
 Subject: [PATCH] Fixes for CVE-2020-5208
@@ -13,17 +13,20 @@ pick 41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22 session: Fix buffer overflow in ip
 pick 9452be87181a6e83cfcc768b3ed8321763db50e4 channel: Fix buffer overflow
 pick d45572d71e70840e0d4c50bf48218492b79c1a10 lanp: Fix buffer overflows in get_lan_param_select
 pick 7ccea283dd62a05a320c1921e3d8d71a87772637 fru, sdr: Fix id_string buffer overflows
+
+[vdolezal@redhat.com]: fixed memleak of `spd_data` in
+    lib/dimm_spd.c:ipmi_spd_print_fru()
 ---
- lib/dimm_spd.c     |  9 ++++++++-
+ lib/dimm_spd.c     | 11 ++++++++++-
  lib/ipmi_channel.c |  5 ++++-
  lib/ipmi_fru.c     | 35 ++++++++++++++++++++++++++++++++---
  lib/ipmi_lanp.c    | 14 +++++++-------
  lib/ipmi_sdr.c     | 40 ++++++++++++++++++++++++----------------
  lib/ipmi_session.c | 12 ++++++++----
- 6 files changed, 83 insertions(+), 32 deletions(-)
+ 6 files changed, 85 insertions(+), 32 deletions(-)
 
 diff --git a/lib/dimm_spd.c b/lib/dimm_spd.c
-index 41e30db..68f3b4f 100644
+index 41e30db..ebcc94c 100644
 --- a/lib/dimm_spd.c
 +++ b/lib/dimm_spd.c
 @@ -1621,7 +1621,7 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
@@ -35,7 +38,7 @@ index 41e30db..68f3b4f 100644
  
  	msg_data[0] = id;
  
-@@ -1697,6 +1697,13 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
+@@ -1697,6 +1697,15 @@ ipmi_spd_print_fru(struct ipmi_intf * intf, uint8_t id)
  		}
  
  		len = rsp->data[0];
@@ -44,6 +47,8 @@ index 41e30db..68f3b4f 100644
 +		   || len > fru.size - offset)
 +		{
 +			printf(" Not enough buffer size");
++			free(spd_data);
++			spd_data = NULL;
 +			return -1;
 +		}
  		memcpy(&spd_data[offset], rsp->data + 1, len);
@@ -248,7 +253,7 @@ index 65d881b..022c7f1 100644
  		if (str2uchar(argv[1], &data[3]) != 0) {
  			lprintf(LOG_ERR, "Invalid retry: %s", argv[1]);
 diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
-index 0f6faab..9890132 100644
+index fd2c02d..01d81f7 100644
 --- a/lib/ipmi_sdr.c
 +++ b/lib/ipmi_sdr.c
 @@ -2086,7 +2086,7 @@ ipmi_sdr_print_sensor_eventonly(struct ipmi_intf *intf,

SOURCES/0011-expand-sensor-name-column.patch

@@ -1,57 +0,0 @@
-From 57b57b27fe2c17e3030c41ee5566af36ccd33941 Mon Sep 17 00:00:00 2001
-From: Vaclav Dolezal <vdolezal@redhat.com>
-Date: Thu, 30 Jan 2020 16:18:37 +0100
-Subject: [PATCH] Expand column with name in ipmitool sdr/sensor output
-
----
- lib/ipmi_sdr.c    | 4 ++--
- lib/ipmi_sensor.c | 4 ++--
- 2 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/lib/ipmi_sdr.c b/lib/ipmi_sdr.c
-index fd2c02d..0f6faab 100644
---- a/lib/ipmi_sdr.c
-+++ b/lib/ipmi_sdr.c
-@@ -1619,7 +1619,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf,
- 		/*
- 		 * print sensor name, reading, state
- 		 */
--		printf("%-16s | ", sr->s_id);
-+		printf("%-24s | ", sr->s_id);
- 
- 		memset(sval, 0, sizeof (sval));
- 
-@@ -1657,7 +1657,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_intf *intf,
- 		/*
- 		 * print sensor name, number, state, entity, reading
- 		 */
--		printf("%-16s | %02Xh | ",
-+		printf("%-24s | %02Xh | ",
- 		       sr->s_id, sensor->keys.sensor_num);
- 
- 		if (IS_THRESHOLD_SENSOR(sensor)) {
-diff --git a/lib/ipmi_sensor.c b/lib/ipmi_sensor.c
-index a0b7eb8..7328508 100644
---- a/lib/ipmi_sensor.c
-+++ b/lib/ipmi_sensor.c
-@@ -175,7 +175,7 @@ ipmi_sensor_print_fc_discrete(struct ipmi_intf *intf,
- 			/* output format
- 			 *   id value units status thresholds....
- 			 */
--			printf("%-16s ", sr->s_id);
-+			printf("%-24s ", sr->s_id);
- 			if (sr->s_reading_valid) {
- 				if (sr->s_has_analog_value) {
- 					/* don't show discrete component */
-@@ -276,7 +276,7 @@ ipmi_sensor_print_fc_threshold(struct ipmi_intf *intf,
- 			/* output format
- 			 *   id value units status thresholds....
- 			 */
--			printf("%-16s ", sr->s_id);
-+			printf("%-24s ", sr->s_id);
- 			if (sr->s_reading_valid) {
- 				if (sr->s_has_analog_value)
- 					printf("| %-10.3f | %-10s | %-6s",
--- 
-2.20.1
-

SOURCES/0011-pef-missing-newline.patch

@@ -1,4 +1,4 @@
-From f65ea137f0d03f883219a791a49cf8ea7e16776a Mon Sep 17 00:00:00 2001
+From a365e624fff752bfe79438f6c177399492ccfdde Mon Sep 17 00:00:00 2001
 From: Vaclav Dolezal <vdolezal@redhat.com>
 Date: Fri, 1 Mar 2019 14:46:12 +0100
 Subject: [PATCH] Fix "ipmitool pef {status,info}" not printing final newline
@@ -29,5 +29,5 @@ index bbf25f2..4be749e 100644
  }
  
 -- 
-2.20.1
+2.25.4
 

SOURCES/ipmievd.service

@@ -7,7 +7,7 @@ After=ipmi.service
 EnvironmentFile=-/etc/sysconfig/ipmievd
 ExecStart=/usr/sbin/ipmievd $IPMIEVD_OPTIONS
 Type=forking
-PIDFile=/run/ipmievd.pid
+PIDFile=/var/run/ipmievd.pid
 
 [Install]
 WantedBy=multi-user.target

SOURCES/openipmi-ipmievd.sysconf

@@ -1 +1 @@
-IPMIEVD_OPTIONS="sel daemon pidfile=/run/ipmievd.pid"
+IPMIEVD_OPTIONS="sel daemon pidfile=/var/run/ipmievd.pid"

SPECS/ipmitool.spec

@@ -1,13 +1,10 @@
-%global       gitname     IPMITOOL
-%global       gitversion  1_8_18
-
 Name:         ipmitool
 Summary:      Utility for IPMI control
 Version:      1.8.18
-Release:      27%{?dist}
+Release:      19%{?dist}
 License:      BSD
 URL:          http://ipmitool.sourceforge.net/
-Source0:      https://github.com/%{name}/%{name}/archive/%{gitname}_%{gitversion}/%{name}-%{version}.tar.gz
+Source0:      http://downloads.sourceforge.net/project/%{name}/%{name}/%{version}/%{name}-%{version}.tar.bz2
 Source1:      openipmi-ipmievd.sysconf
 Source2:      ipmievd.service
 Source3:      exchange-bmc-os-info.service
@@ -23,14 +20,12 @@ Patch4:       0004-slowswid.patch
 Patch5:       0005-sensor-id-length.patch
 Patch6:       0006-enable-usb.patch
 Patch7:       0007-check-input.patch
-Patch8:       0008-add-extern.patch
+Patch8:       0008-use-best-cipher.patch
-Patch9:       0009-best-cipher.patch
+Patch9:       0009-CVE-2020-5208.patch
-Patch10:      0010-pef-missing-newline.patch
+Patch10:      0010-quanta-oem-support.patch
-Patch11:      0011-expand-sensor-name-column.patch
+Patch11:      0011-pef-missing-newline.patch
-Patch12:      0012-CVE-2020-5208.patch
+Patch12:      0012-lanplus-cipher-retry.patch
-Patch13:      0013-quanta-oem-support.patch
+Patch13:      0013-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch
-Patch14:      0014-lanplus-cipher-retry.patch
-Patch15:      0015-lanplus-Cleanup.-Refix-6dec83ff-fix-be2c0c4b.patch
 Patch20:      0020-plugins-open-Fix-for-interrupted-select.patch
 Patch21:      0021-open-checking-received-msg-id-against-expectation.patch
 Patch22:      0022-nvidia-iana.patch
@@ -88,7 +83,6 @@ Requires: ipmitool
 BuildArch: noarch
 %{?systemd_requires}
 BuildRequires: systemd
-BuildRequires: make
 
 Summary: Let OS and BMC exchange info
 
@@ -99,7 +93,7 @@ for the host OS to use.
 
 
 %prep
-%autosetup -n %{name}-%{gitname}_%{gitversion} -p1
+%autosetup -p1
 
 for f in AUTHORS ChangeLog; do
     iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8
@@ -123,7 +117,9 @@ autoconf
 automake --foreign
 # end: release auto-tools
 
-%configure --disable-dependency-tracking --enable-file-security --disable-intf-free
+%configure \
+    CFLAGS="%{optflags} -fno-strict-aliasing" \
+    --disable-dependency-tracking --enable-file-security --disable-intf-free
 make %{?_smp_mflags}
 
 %install
@@ -194,68 +190,43 @@ install -Dm 755 contrib/bmc-snmp-proxy         %{buildroot}%{_libexecdir}/bmc-sn
 %{_libexecdir}/bmc-snmp-proxy
 
 %changelog
-* Thu Jul 27 2023 Pavel Cahyna <pcahyna@redhat.com> - 1.8.18-27
+* Mon Jul 31 2023 Pavel Cahyna <pcahyna@redhat.com> - 1.8.18-19
 - Backport upstream PR 120 to fix segfault on invalid unit types
   Resolves: rhbz#2224578
 - Add vendor ID for NVIDIA BMCs
   Resolves: rhbz#2218358
-- Update /var/run to /run in ipmievd.service that systemd warns about
-  Resolves: rhbz#2100475
 - Add upstream ipmievd patch to check received msg id against expectation
   Fixes problem where SEL response is not recognized correctly
   when SEL request times out
   Resolves: rhbz#2224569
 
-* Mon Feb  7 2022 Pavel Cahyna <pcahyna@redhat.com> - 1.8.18-25
+* Mon Jul 19 2021 Pavel Cahyna <pcahyna@redhat.com> - 1.8.18-18
-- Apply changes from RHEL 8 (#1811941, #1831158, #1951480)
+- Protect against negative values to memmove that caused
-  Resolves: rhbz#2051621
+  "ipmitool sol activate" to crash against an IBM DataPower appliance
+  (#1951480)
+  Cherry-picked from upstream PR#78. 
 
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.8.18-24
+* Wed Jun 03 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-17
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Disable retry of pre-session "Get cipher suites" command as some
-  Related: rhbz#1991688
+  BMCs are ignoring it (#1831158)
 
-* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.8.18-23
+* Thu Apr 30 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-16
-- Rebuilt for RHEL 9 BETA for openssl 3.0
+- Fix "ipmitool pef {status,info}" not printing final newline (#1840546)
-  Related: rhbz#1971065
 
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.8.18-22
+* Thu Apr 30 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-15
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+- Backport OEM support for Quanta (#1811941)
 
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-21
+* Fri Feb 07 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-14
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+- Fix memory leak (found by covscan)
 
-* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-20
+* Fri Feb 07 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-13
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+- Backport fix for CVE-2020-5208 (#1799039)
 
-* Thu Feb 06 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-19
+* Fri Nov 15 2019 Václav Doležal <vdolezal@redhat.com> - 1.8.18-12
-- Backport fix for CVE-2020-5208 (#1798722); for details see
+- Disable -fstrict-aliasing (RPMDiff issue)
-  https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
 
-* Mon Feb 03 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-18
+* Tue Oct 15 2019 Václav Doležal <vdolezal@redhat.com> - 1.8.18-11
-- Backport patch to autoselect best cipher suite when working over lanplus backend
+- Choose the best cipher suite available when connecting over LAN (#1749360)
-- Fixed 'ipmitool pef status/info' not printing final newline
-- Expanded column for sensor name in 'ipmi sdr/sensor' output so longer names are aligned
-
-* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-17
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Thu Jan 23 2020 Václav Doležal <vdolezal@redhat.com> - 1.8.18-16
-- Fix FTBFS with GCC 10
-
-* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-15
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.18-14
-- Rebuild for readline 8.0
-
-* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-13
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.18-12
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Tue Apr 10 2018 Josef Ridky <jridky@redhat.com> - 1.8.18-11
-- Project moved to github
 
 * Thu Feb 22 2018 Josef Ridky <jridky@redhat.com> - 1.8.18-10
 - Spec clean up