ipmitool: Fix build with OpenSSL 1.1.x

Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Khem Raj <raj.khem@gmail.com> 2018-09-05 22:23:19 -0700
committer: Khem Raj <raj.khem@gmail.com> 2018-09-08 13:32:12 -0700
commit: 19246b82df1981ec82da8cac25e6dc148be3a85a (patch)
tree: 7457351073386d9c263e4a829ffa0d0d7ae3f82f /meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
parent: 4a811e78f13a72356c65e06e2bc236a3f8c3f9e9 (diff)
download: meta-openembedded-19246b82df1981ec82da8cac25e6dc148be3a85a.tar.gz
1 files changed, 152 insertions, 0 deletions
diff --git a/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch b/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
new file mode 100644
index 000000000..394aa16ad
--- /dev/null
+++ b/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
@@ -0,0 +1,152 @@
+From c9dcb6afef9c343d070aaff208d11a997a45a105 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Wed, 5 Sep 2018 22:19:38 -0700
+Subject: [PATCH] Migrate to openssl 1.1
+Upstream-Status: Backport [https://sourceforge.net/p/ipmitool/source/ci/1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1/]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/plugins/lanplus/lanplus_crypt_impl.c | 50 ++++++++++++++----------
+ 1 file changed, 29 insertions(+), 21 deletions(-)
+diff --git a/src/plugins/lanplus/lanplus_crypt_impl.c b/src/plugins/lanplus/lanplus_crypt_impl.c
+index d5fac37..9652a5e 100644
+--- a/src/plugins/lanplus/lanplus_crypt_impl.c
+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
+@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
+                                                        uint8_t       * output,
+                                                        uint32_t        * bytes_written)
+ {
+-       EVP_CIPHER_CTX ctx;
+-       EVP_CIPHER_CTX_init(&ctx);
+-       EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+-       EVP_CIPHER_CTX_set_padding(&ctx, 0);
+-       
+       EVP_CIPHER_CTX *ctx = NULL;
+ 
+        *bytes_written = 0;
+ 
+@@ -182,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
+                printbuf(input, input_length, "encrypting this data");
+        }
+ 
+       ctx = EVP_CIPHER_CTX_new();
+       if (ctx == NULL) {
+               lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+               return;
+       }
+       EVP_CIPHER_CTX_init(ctx);
+       EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+       EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 
+        /*
+         * The default implementation adds a whole block of padding if the input
+@@ -191,28 +195,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
+        assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+ 
+ 
+-       if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+       if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+        {
+                /* Error */
+                *bytes_written = 0;
+-               return;
+        }
+        else
+        {
+                uint32_t tmplen;
+ 
+-               if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+               if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+                {
+                       /* Error */
+                        *bytes_written = 0;
+-                       return; /* Error */
+                }
+                else
+                {
+                        /* Success */
+                        *bytes_written += tmplen;
+-                       EVP_CIPHER_CTX_cleanup(&ctx);
+                }
+        }
+       /* performs cleanup and free */
+       EVP_CIPHER_CTX_free(ctx);
+ }
+ 
+ 
+@@ -239,11 +243,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
+                                                        uint8_t       * output,
+                                                        uint32_t        * bytes_written)
+ {
+-       EVP_CIPHER_CTX ctx;
+-       EVP_CIPHER_CTX_init(&ctx);
+-       EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
+-       EVP_CIPHER_CTX_set_padding(&ctx, 0);
+-
+       EVP_CIPHER_CTX *ctx = NULL;
+ 
+        if (verbose >= 5)
+        {
+@@ -252,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
+                printbuf(input, input_length, "decrypting this data");
+        }
+ 
+-
+        *bytes_written = 0;
+ 
+        if (input_length == 0)
+                return;
+ 
+       ctx = EVP_CIPHER_CTX_new();
+       if (ctx == NULL) {
+               lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+               return;
+       }
+       EVP_CIPHER_CTX_init(ctx);
+       EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+       EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+        /*
+         * The default implementation adds a whole block of padding if the input
+         * data is perfectly aligned.  We would like to keep that from happening.
+@@ -266,33 +274,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
+        assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
+ 
+ 
+-       if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+       if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
+        {
+                /* Error */
+                lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
+                *bytes_written = 0;
+-               return;
+        }
+        else
+        {
+                uint32_t tmplen;
+ 
+-               if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+               if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
+                {
+                       /* Error */
+                        char buffer[1000];
+                        ERR_error_string(ERR_get_error(), buffer);
+                        lprintf(LOG_DEBUG, "the ERR error %s", buffer);
+                        lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
+                        *bytes_written = 0;
+-                       return; /* Error */
+                }
+                else
+                {
+                        /* Success */
+                        *bytes_written += tmplen;
+-                       EVP_CIPHER_CTX_cleanup(&ctx);
+                }
+        }
+       /* performs cleanup and free */
+       EVP_CIPHER_CTX_free(ctx);
+ 
+        if (verbose >= 5)
+        {
author	Khem Raj <raj.khem@gmail.com>	2018-09-05 22:23:19 -0700
committer	Khem Raj <raj.khem@gmail.com>	2018-09-08 13:32:12 -0700
commit	19246b82df1981ec82da8cac25e6dc148be3a85a (patch)
tree	7457351073386d9c263e4a829ffa0d0d7ae3f82f /meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
parent	4a811e78f13a72356c65e06e2bc236a3f8c3f9e9 (diff)
download	meta-openembedded-19246b82df1981ec82da8cac25e6dc148be3a85a.tar.gz

diff --git a/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch b/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch new file mode 100644 index 000000000..394aa16ad --- /dev/null +++ b/meta-oe/recipes-kernel/ipmitool/ipmitool/0001-Migrate-to-openssl-1.1.patch
@@ -0,0 +1,152 @@
	1	From c9dcb6afef9c343d070aaff208d11a997a45a105 Mon Sep 17 00:00:00 2001
	2	From: Khem Raj <raj.khem@gmail.com>
	3	Date: Wed, 5 Sep 2018 22:19:38 -0700
	4	Subject: [PATCH] Migrate to openssl 1.1
	5
	6	Upstream-Status: Backport [https://sourceforge.net/p/ipmitool/source/ci/1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1/]
	7
	8	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	9	---
	10	src/plugins/lanplus/lanplus_crypt_impl.c \| 50 ++++++++++++++----------
	11	1 file changed, 29 insertions(+), 21 deletions(-)
	12
	13	diff --git a/src/plugins/lanplus/lanplus_crypt_impl.c b/src/plugins/lanplus/lanplus_crypt_impl.c
	14	index d5fac37..9652a5e 100644
	15	--- a/src/plugins/lanplus/lanplus_crypt_impl.c
	16	+++ b/src/plugins/lanplus/lanplus_crypt_impl.c
	17	@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
	18	uint8_t * output,
	19	uint32_t * bytes_written)
	20	{
	21	- EVP_CIPHER_CTX ctx;
	22	- EVP_CIPHER_CTX_init(&ctx);
	23	- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
	24	- EVP_CIPHER_CTX_set_padding(&ctx, 0);
	25	-
	26	+ EVP_CIPHER_CTX *ctx = NULL;
	27
	28	*bytes_written = 0;
	29
	30	@@ -182,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
	31	printbuf(input, input_length, "encrypting this data");
	32	}
	33
	34	+ ctx = EVP_CIPHER_CTX_new();
	35	+ if (ctx == NULL) {
	36	+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
	37	+ return;
	38	+ }
	39	+ EVP_CIPHER_CTX_init(ctx);
	40	+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
	41	+ EVP_CIPHER_CTX_set_padding(ctx, 0);
	42
	43	/*
	44	* The default implementation adds a whole block of padding if the input
	45	@@ -191,28 +195,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
	46	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
	47
	48
	49	- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
	50	+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
	51	{
	52	/* Error */
	53	*bytes_written = 0;
	54	- return;
	55	}
	56	else
	57	{
	58	uint32_t tmplen;
	59
	60	- if(!EVP_EncryptFinal_ex(&ctx, output + bytes_written, (int )&tmplen))
	61	+ if(!EVP_EncryptFinal_ex(ctx, output + bytes_written, (int )&tmplen))
	62	{
	63	+ /* Error */
	64	*bytes_written = 0;
	65	- return; /* Error */
	66	}
	67	else
	68	{
	69	/* Success */
	70	*bytes_written += tmplen;
	71	- EVP_CIPHER_CTX_cleanup(&ctx);
	72	}
	73	}
	74	+ /* performs cleanup and free */
	75	+ EVP_CIPHER_CTX_free(ctx);
	76	}
	77
	78
	79	@@ -239,11 +243,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
	80	uint8_t * output,
	81	uint32_t * bytes_written)
	82	{
	83	- EVP_CIPHER_CTX ctx;
	84	- EVP_CIPHER_CTX_init(&ctx);
	85	- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
	86	- EVP_CIPHER_CTX_set_padding(&ctx, 0);
	87	-
	88	+ EVP_CIPHER_CTX *ctx = NULL;
	89
	90	if (verbose >= 5)
	91	{
	92	@@ -252,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
	93	printbuf(input, input_length, "decrypting this data");
	94	}
	95
	96	-
	97	*bytes_written = 0;
	98
	99	if (input_length == 0)
	100	return;
	101
	102	+ ctx = EVP_CIPHER_CTX_new();
	103	+ if (ctx == NULL) {
	104	+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
	105	+ return;
	106	+ }
	107	+ EVP_CIPHER_CTX_init(ctx);
	108	+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
	109	+ EVP_CIPHER_CTX_set_padding(ctx, 0);
	110	+
	111	/*
	112	* The default implementation adds a whole block of padding if the input
	113	* data is perfectly aligned. We would like to keep that from happening.
	114	@@ -266,33 +274,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
	115	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
	116
	117
	118	- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
	119	+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
	120	{
	121	/* Error */
	122	lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
	123	*bytes_written = 0;
	124	- return;
	125	}
	126	else
	127	{
	128	uint32_t tmplen;
	129
	130	- if (!EVP_DecryptFinal_ex(&ctx, output + bytes_written, (int )&tmplen))
	131	+ if (!EVP_DecryptFinal_ex(ctx, output + bytes_written, (int )&tmplen))
	132	{
	133	+ /* Error */
	134	char buffer[1000];
	135	ERR_error_string(ERR_get_error(), buffer);
	136	lprintf(LOG_DEBUG, "the ERR error %s", buffer);
	137	lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
	138	*bytes_written = 0;
	139	- return; /* Error */
	140	}
	141	else
	142	{
	143	/* Success */
	144	*bytes_written += tmplen;
	145	- EVP_CIPHER_CTX_cleanup(&ctx);
	146	}
	147	}
	148	+ /* performs cleanup and free */
	149	+ EVP_CIPHER_CTX_free(ctx);
	150
	151	if (verbose >= 5)
	152	{