commit: ce46fc22b9579eed7f0f3778cf4f53016dc215f0 Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> AuthorDate: Wed Jun 13 13:04:37 2018 +0000 Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> CommitDate: Wed Jun 13 13:04:58 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce46fc22
sys-apps/ipmitool: Fixed build against openssl-1.1 Closes: https://bugs.gentoo.org/592494 Package-Manager: Portage-2.3.40, Repoman-2.3.9 .../files/ipmitool-1.8.18-openssl-1.1.patch | 145 +++++++++++++++++++++ sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild | 6 +- 2 files changed, 150 insertions(+), 1 deletion(-) diff --git a/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch new file mode 100644 index 00000000000..9e5a876f00a --- /dev/null +++ b/sys-apps/ipmitool/files/ipmitool-1.8.18-openssl-1.1.patch @@ -0,0 +1,145 @@ +Taken from various upstream commits: + +https://github.com/ipmitool/ipmitool/commit/b57487e360916ab3eaa50aa6d021c73b6337a4a0 +https://github.com/ipmitool/ipmitool/commit/77fe5635037ebaf411cae46cf5045ca819b5c145 +https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 +https://github.com/ipmitool/ipmitool/commit/f004b4b7197fc83e7d47ec8cbcaefffa9a922717 + +--- ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c ++++ ipmitool-1.8.18/src/plugins/lanplus/lanplus_crypt_impl.c +@@ -164,11 +164,7 @@ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); +- ++ EVP_CIPHER_CTX *ctx = NULL; + + *bytes_written = 0; + +@@ -182,6 +178,14 @@ + printbuf(input, input_length, "encrypting this data"); + } + ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); ++ return; ++ } ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); + + /* + * The default implementation adds a whole block of padding if the input +@@ -191,28 +195,28 @@ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + *bytes_written = 0; +- return; + } + else + { + uint32_t tmplen; + +- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { ++ /* Error */ + *bytes_written = 0; +- return; /* Error */ + } + else + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); + } + } ++ /* performs cleanup and free */ ++ EVP_CIPHER_CTX_free(ctx); + } + + +@@ -239,11 +243,7 @@ + uint8_t * output, + uint32_t * bytes_written) + { +- EVP_CIPHER_CTX ctx; +- EVP_CIPHER_CTX_init(&ctx); +- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); +- ++ EVP_CIPHER_CTX *ctx = NULL; + + if (verbose >= 5) + { +@@ -252,12 +252,20 @@ + printbuf(input, input_length, "decrypting this data"); + } + +- + *bytes_written = 0; + + if (input_length == 0) + return; + ++ ctx = EVP_CIPHER_CTX_new(); ++ if (ctx == NULL) { ++ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); ++ return; ++ } ++ EVP_CIPHER_CTX_init(ctx); ++ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); ++ EVP_CIPHER_CTX_set_padding(ctx, 0); ++ + /* + * The default implementation adds a whole block of padding if the input + * data is perfectly aligned. We would like to keep that from happening. +@@ -266,33 +274,33 @@ + assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); + + +- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) ++ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) + { + /* Error */ + lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); + *bytes_written = 0; +- return; + } + else + { + uint32_t tmplen; + +- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) ++ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) + { ++ /* Error */ + char buffer[1000]; + ERR_error_string(ERR_get_error(), buffer); + lprintf(LOG_DEBUG, "the ERR error %s", buffer); + lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); + *bytes_written = 0; +- return; /* Error */ + } + else + { + /* Success */ + *bytes_written += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); + } + } ++ /* performs cleanup and free */ ++ EVP_CIPHER_CTX_free(ctx); + + if (verbose >= 5) + { diff --git a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild index 62f5859016f..6c26d8e0980 100644 --- a/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild +++ b/sys-apps/ipmitool/ipmitool-1.8.18-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -29,6 +29,10 @@ DEPEND="${RDEPEND} # ipmitool CAN build against || ( sys-libs/openipmi sys-libs/freeipmi ) # but it doesn't actually need either. +PATCHES=( + "${FILESDIR}"/${P}-openssl-1.1.patch +) + src_prepare() { default [ -d "${S}"/debian ] && mv "${S}"/debian{,.package}
