diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Makefile | 28 | ||||
| -rw-r--r-- | lib/lanplus/lanplus_crypt.c | 27 | ||||
| -rw-r--r-- | lib/lanplus/lanplus_crypt_impl.c | 56 | ||||
| -rw-r--r-- | lib/libipmiutil.pc | 2 | 
4 files changed, 71 insertions, 42 deletions
| diff --git a/lib/Makefile b/lib/Makefile index 1bf1b0d..e4b621d 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -47,12 +47,12 @@ CONFIG_CLEAN_VPATH_FILES =  SOURCES =  DIST_SOURCES =  DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run aclocal-1.11 -AMTAR = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run tar +ACLOCAL = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run aclocal-1.11 +AMTAR = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run tar  AR = ar -AUTOCONF = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run autoconf -AUTOHEADER = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run autoheader -AUTOMAKE = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run automake-1.11 +AUTOCONF = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run autoconf +AUTOHEADER = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run autoheader +AUTOMAKE = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run automake-1.11  AWK = gawk  CC = gcc  CCDEPMODE = depmode=gcc3 @@ -101,7 +101,7 @@ LIB_DIR = /usr/lib64  LIPO =   LN_S = ln -s  LTLIBOBJS =  -MAKEINFO = ${SHELL} /usr/dev/ipmiutil-3.0.0/missing --run makeinfo +MAKEINFO = ${SHELL} /usr/dev/ipmiutil-3.0.1/missing --run makeinfo  MKDIR_P = /bin/mkdir -p  NM = /usr/bin/nm -B  NMEDIT =  @@ -115,9 +115,9 @@ OTOOL64 =  PACKAGE = ipmiutil  PACKAGE_BUGREPORT =   PACKAGE_NAME = ipmiutil -PACKAGE_STRING = ipmiutil 3.0.0 +PACKAGE_STRING = ipmiutil 3.0.1  PACKAGE_TARNAME = ipmiutil -PACKAGE_VERSION = 3.0.0 +PACKAGE_VERSION = 3.0.1  PATH_SEPARATOR = :  PKG_DIR = /root/rpmbuild  RANLIB = ranlib @@ -129,11 +129,11 @@ SHR_LINK = libipmiutil.so.1  STRIP = strip  SUBDIR_S = doc scripts lib util  SYSTEMD_DIR = /usr/share/ipmiutil -VERSION = 3.0.0 -abs_builddir = /usr/dev/ipmiutil-3.0.0/lib -abs_srcdir = /usr/dev/ipmiutil-3.0.0/lib -abs_top_builddir = /usr/dev/ipmiutil-3.0.0 -abs_top_srcdir = /usr/dev/ipmiutil-3.0.0 +VERSION = 3.0.1 +abs_builddir = /usr/dev/ipmiutil-3.0.1/lib +abs_srcdir = /usr/dev/ipmiutil-3.0.1/lib +abs_top_builddir = /usr/dev/ipmiutil-3.0.1 +abs_top_srcdir = /usr/dev/ipmiutil-3.0.1  ac_ct_CC = gcc  ac_ct_DUMPBIN =   am__include = include @@ -161,7 +161,7 @@ host_vendor = redhat  htmldir = ${docdir}  includedir = ${prefix}/include  infodir = ${datarootdir}/info -install_sh = ${SHELL} /usr/dev/ipmiutil-3.0.0/install-sh +install_sh = ${SHELL} /usr/dev/ipmiutil-3.0.1/install-sh  libdir = $(iprefix)/lib  libexecdir = ${exec_prefix}/libexec  localedir = ${datarootdir}/locale diff --git a/lib/lanplus/lanplus_crypt.c b/lib/lanplus/lanplus_crypt.c index 7f3095e..5554898 100644 --- a/lib/lanplus/lanplus_crypt.c +++ b/lib/lanplus/lanplus_crypt.c @@ -623,11 +623,14 @@ int lanplus_generate_sik(struct ipmi_session * session)  	switch(session->v2_data.auth_alg)  	{  	case IPMI_AUTH_RAKP_HMAC_SHA1  :  -		if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1; break; +		if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1;  +		break;  	case IPMI_AUTH_RAKP_HMAC_MD5   :  -		if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1; break; +		if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1;  +		break;  	case IPMI_AUTH_RAKP_HMAC_SHA256:  -		if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1; break; +		if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1;  +		break;  	default                        : unsupported = 1; break;  	}  	if (unsupported) {  /*was assert*/ @@ -685,11 +688,14 @@ int lanplus_generate_k1(struct ipmi_session * session)  		switch(session->v2_data.auth_alg)  		{  		case IPMI_AUTH_RAKP_HMAC_SHA1  :  -		if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1;  +			break;  		case IPMI_AUTH_RAKP_HMAC_MD5   :  -		if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1;  +			break;  		case IPMI_AUTH_RAKP_HMAC_SHA256:  -		if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1;  +			break;  		default                        : unsupported = 1; break;  		}  		if (unsupported) {  /*was assert*/ @@ -743,11 +749,14 @@ int lanplus_generate_k2(struct ipmi_session * session)  		switch(session->v2_data.auth_alg)  		{  		case IPMI_AUTH_RAKP_HMAC_SHA1  :  -		if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != SHA_DIGEST_LENGTH) unsupported = 1;  +			break;  		case IPMI_AUTH_RAKP_HMAC_MD5   :  -		if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != MD5_DIGEST_LENGTH) unsupported = 1;  +			break;  		case IPMI_AUTH_RAKP_HMAC_SHA256:  -		if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1; break; +			if (mac_length != SHA256_DIGEST_LENGTH) unsupported = 1;  +			break;  		default                        : unsupported = 1; break;  		}  		if (unsupported) {  /*was assert*/ diff --git a/lib/lanplus/lanplus_crypt_impl.c b/lib/lanplus/lanplus_crypt_impl.c index d12ad9c..1daf230 100644 --- a/lib/lanplus/lanplus_crypt_impl.c +++ b/lib/lanplus/lanplus_crypt_impl.c @@ -196,10 +196,17 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,  {  	int nwritten = 0;  	int inlen = 0; +	EVP_CIPHER_CTX *pctx; +#ifdef SSL11 +	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); +	pctx = ctx; +#else  	EVP_CIPHER_CTX ctx; -	EVP_CIPHER_CTX_init(&ctx); -	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -	EVP_CIPHER_CTX_set_padding(&ctx, 0); +	pctx = &ctx; +#endif +	EVP_CIPHER_CTX_init(pctx); +	EVP_EncryptInit_ex(pctx, EVP_aes_128_cbc(), NULL, key, iv); +	EVP_CIPHER_CTX_set_padding(pctx, 0);  	*bytes_written = 0;  	if (input_length == 0) return; @@ -219,28 +226,29 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,  	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);  	inlen = input_length; -	if(!EVP_EncryptUpdate(&ctx, output, &nwritten, input, inlen)) +	if(!EVP_EncryptUpdate(pctx, output, &nwritten, input, inlen))  	{ -		/* Error */ -		*bytes_written = 0; -		return; +		*bytes_written = 0; /* Error */  	}  	else  	{  		int tmplen; -		if(!EVP_EncryptFinal_ex(&ctx, output + nwritten, &tmplen)) +		if(!EVP_EncryptFinal_ex(pctx, output + nwritten, &tmplen))  		{ -			*bytes_written = 0; -			return; /* Error */ +			*bytes_written = 0; /* Error */  		}  		else  		{  			/* Success */  			*bytes_written = nwritten + tmplen; -			EVP_CIPHER_CTX_cleanup(&ctx); +			EVP_CIPHER_CTX_cleanup(pctx);  		}  	} +#ifdef SSL11 +    EVP_CIPHER_CTX_free(ctx); +#endif +    return;  } @@ -268,10 +276,17 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,  {  	int nwritten = 0;  	int inlen = 0; +	EVP_CIPHER_CTX *pctx; +#ifdef SSL11 +	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); +	pctx = ctx; +#else  	EVP_CIPHER_CTX ctx; -	EVP_CIPHER_CTX_init(&ctx); -	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -	EVP_CIPHER_CTX_set_padding(&ctx, 0); +	pctx = &ctx; +#endif +	EVP_CIPHER_CTX_init(pctx); +	EVP_DecryptInit_ex(pctx, EVP_aes_128_cbc(), NULL, key, iv); +	EVP_CIPHER_CTX_set_padding(pctx, 0);  	if (verbose >= 5)  	{ @@ -291,7 +306,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,  	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);  	inlen = input_length; -	if (!EVP_DecryptUpdate(&ctx, output, &nwritten, input, inlen)) +	if (!EVP_DecryptUpdate(pctx, output, &nwritten, input, inlen))  	{  		/* Error */  		lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); @@ -302,20 +317,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,  	{  		int tmplen; -		if (!EVP_DecryptFinal_ex(&ctx, output + nwritten, &tmplen)) +		if (!EVP_DecryptFinal_ex(pctx, output + nwritten, &tmplen))  		{  			char buffer[1000];  			ERR_error_string(ERR_get_error(), buffer);  			lprintf(LOG_DEBUG, "the ERR error %s", buffer);  			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");  			*bytes_written = 0; -			return; /* Error */ +			goto evpfin2;  		}  		else  		{  			/* Success */  			*bytes_written = nwritten + tmplen; -			EVP_CIPHER_CTX_cleanup(&ctx); +			EVP_CIPHER_CTX_cleanup(pctx);  		}  	} @@ -324,4 +339,9 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,  		lprintf(LOG_DEBUG, "Decrypted %d encrypted bytes",input_length);  		printbuf(output, *bytes_written, "Decrypted this data");  	} +evpfin2: +#ifdef SSL11 +    EVP_CIPHER_CTX_free(ctx); +#endif +    return;  } diff --git a/lib/libipmiutil.pc b/lib/libipmiutil.pc index 6e717f1..e88343c 100644 --- a/lib/libipmiutil.pc +++ b/lib/libipmiutil.pc @@ -8,6 +8,6 @@ nutuser=@RUN_AS_USER@  Name: libipmiutil  Description: Library for ipmiutil -Version: 3.0.0 +Version: 3.0.1  Libs: -L${libdir} -lipmi_lanplus  Cflags: -I${includedir} | 
