subject:"Bug#828469\: openipmi\: FTBFS with openssl 1.1.0"

Bug#828469: openipmi: FTBFS with openssl 1.1.0

2016-09-25 Thread Sebastian Andrzej Siewior

control: tags -1 patch

On 2016-06-26 12:23:21 [+0200], Kurt Roeckx wrote:
> There is a libssl-dev package available in experimental that contains a recent
> snapshot, I suggest you try building against that to see if everything works.

builds.

> Kurt

Sebastian
From: Sebastian Andrzej Siewior 
Date: Sun, 25 Sep 2016 21:38:15 +
Subject: [PATCH] Add openssl 1.1.0 support

Signed-off-by: Sebastian Andrzej Siewior 
---
 lanserv/lanserv_ipmi.c | 34 +-
 lib/aes_cbc.c  | 34 +-
 2 files changed, 42 insertions(+), 26 deletions(-)

diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
index b0a2431..67bf74a 100644
--- a/lanserv/lanserv_ipmi.c
+++ b/lanserv/lanserv_ipmi.c
@@ -2217,7 +2217,7 @@ aes_cbc_encrypt(lanserv_data_t *lan, session_t *session,
 unsigned char  *d;
 unsigned char  *iv;
 unsigned int   i;
-EVP_CIPHER_CTX ctx;
+EVP_CIPHER_CTX *ctx;
 intrv;
 intoutlen;
 inttmplen;
@@ -2264,14 +2264,18 @@ aes_cbc_encrypt(lanserv_data_t *lan, session_t *session,
 *data_size += 16;
 
 /* Ok, we're set to do the crypt operation. */
-EVP_CIPHER_CTX_init();
-EVP_EncryptInit_ex(, EVP_aes_128_cbc(), NULL, a->ckey, iv);
-EVP_CIPHER_CTX_set_padding(, 0);
-if (!EVP_EncryptUpdate(, *pos, , d, l)) {
+ctx = EVP_CIPHER_CTX_new();
+if (!ctx) {
+	rv = ENOMEM;
+	goto out_cleanup;
+}
+EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, a->ckey, iv);
+EVP_CIPHER_CTX_set_padding(ctx, 0);
+if (!EVP_EncryptUpdate(ctx, *pos, , d, l)) {
 	rv = ENOMEM;
 	goto out_cleanup;
 }
-if (!EVP_EncryptFinal_ex(, (*pos) + outlen, )) {
+if (!EVP_EncryptFinal_ex(ctx, (*pos) + outlen, )) {
 	rv = ENOMEM; /* right? */
 	goto out_cleanup;
 }
@@ -2281,7 +2285,7 @@ aes_cbc_encrypt(lanserv_data_t *lan, session_t *session,
 *data_len = outlen + 16;
 
  out_cleanup:
-EVP_CIPHER_CTX_cleanup();
+EVP_CIPHER_CTX_free(ctx);
 free(d);
 return rv;
 }
@@ -2292,7 +2296,7 @@ aes_cbc_decrypt(lanserv_data_t *lan, session_t *session, msg_t *msg)
 auth_data_t*a = >auth_data;
 unsigned int   l = msg->len;
 unsigned char  *d;
-EVP_CIPHER_CTX ctx;
+EVP_CIPHER_CTX *ctx;
 intoutlen;
 unsigned char  *pad;
 intpadlen;
@@ -2312,10 +2316,14 @@ aes_cbc_decrypt(lanserv_data_t *lan, session_t *session, msg_t *msg)
 memcpy(d, msg->data+16, l);
 
 /* Ok, we're set to do the decrypt operation. */
-EVP_CIPHER_CTX_init();
-EVP_DecryptInit_ex(, EVP_aes_128_cbc(), NULL, a->k2, msg->data);
-EVP_CIPHER_CTX_set_padding(, 0);
-if (!EVP_DecryptUpdate(, msg->data+16, , d, l)) {
+ctx = EVP_CIPHER_CTX_new();
+if (!ctx) {
+	rv = ENOMEM;
+	goto out_cleanup;
+}
+EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, a->k2, msg->data);
+EVP_CIPHER_CTX_set_padding(ctx, 0);
+if (!EVP_DecryptUpdate(ctx, msg->data+16, , d, l)) {
 	rv = EINVAL;
 	goto out_cleanup;
 }
@@ -2348,7 +2356,7 @@ aes_cbc_decrypt(lanserv_data_t *lan, session_t *session, msg_t *msg)
 msg->len = outlen;
 
  out_cleanup:
-EVP_CIPHER_CTX_cleanup();
+EVP_CIPHER_CTX_free(ctx);
 free(d);
 return rv;
 }
diff --git a/lib/aes_cbc.c b/lib/aes_cbc.c
index 483cdfb..f20d69b 100644
--- a/lib/aes_cbc.c
+++ b/lib/aes_cbc.c
@@ -86,7 +86,7 @@ aes_cbc_encrypt(ipmi_con_t*ipmi,
 unsigned int   l = *payload_len;
 unsigned int   i;
 unsigned char  *d;
-EVP_CIPHER_CTX ctx;
+EVP_CIPHER_CTX *ctx;
 intrv;
 intoutlen;
 inttmplen;
@@ -133,15 +133,19 @@ aes_cbc_encrypt(ipmi_con_t*ipmi,
 *header_len -= 16;
 *max_payload_len += 16;
 
+ctx = EVP_CIPHER_CTX_new();
+if (!ctx) {
+	rv = ENOMEM;
+	goto out_cleanup;
+}
 /* Ok, we're set to do the crypt operation. */
-EVP_CIPHER_CTX_init();
-EVP_EncryptInit_ex(, EVP_aes_128_cbc(), NULL, info->k2, iv);
-EVP_CIPHER_CTX_set_padding(, 0);
-if (!EVP_EncryptUpdate(, *payload, , d, l)) {
+EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, info->k2, iv);
+EVP_CIPHER_CTX_set_padding(ctx, 0);
+if (!EVP_EncryptUpdate(ctx, *payload, , d, l)) {
 	rv = ENOMEM; /* right? */
 	goto out_cleanup;
 }
-if (!EVP_EncryptFinal_ex(, (*payload) + outlen, )) {
+if (!EVP_EncryptFinal_ex(ctx, (*payload) + outlen, )) {
 	rv = ENOMEM; /* right? */
 	goto out_cleanup;
 }
@@ -154,7 +158,7 @@ aes_cbc_encrypt(ipmi_con_t*ipmi,
 *payload_len = outlen + 16;
 
  out_cleanup:
-EVP_CIPHER_CTX_cleanup();
+EVP_CIPHER_CTX_free(ctx);
 ipmi_mem_free(d);
 
 return rv;
@@ -170,7 +174,7 @@ aes_cbc_decrypt(ipmi_con_t*ipmi,
 unsigned int   l = *payload_len;
 unsigned char  *d;
 unsigned char  *p;
-EVP_CIPHER_CTX ctx;
+EVP_CIPHER_CTX *ctx;
 int

Bug#828469: openipmi: FTBFS with openssl 1.1.0

2016-06-26 Thread Kurt Roeckx

Source: openipmi
Version: 2.0.21-1.2
Severity: important
Control: block 827061 by -1

Hi,

OpenSSL 1.1.0 is about to released.  During a rebuild of all packages using
OpenSSL this package fail to build.  A log of that build can be found at:
https://breakpoint.cc/openssl-1.1-rebuild-2016-05-29/Attempted/openipmi_2.0.21-1.2_amd64-20160529-1459

On https://wiki.openssl.org/index.php/1.1_API_Changes you can see various of the
reasons why it might fail.  There are also updated man pages at
https://www.openssl.org/docs/manmaster/ that should contain useful information.

There is a libssl-dev package available in experimental that contains a recent
snapshot, I suggest you try building against that to see if everything works.

If you have problems making things work, feel free to contact us.


Kurt

Bug#828469: openipmi: FTBFS with openssl 1.1.0

Bug#828469: openipmi: FTBFS with openssl 1.1.0

2 matches

Site Navigation

Mail list logo

Footer information