Browse Source

Use git hash instead of release to build ipmitool

ipmitool has not had a stable release since a while.
To keep it up to date we clone its repo, pin it to a git commit hash and
compile it from there.
This will also help to avoid patching the code before the compilation as
the changes will be included already in the cloned code.

Change-Id: Ic3c1c0ceace1559d04288b12ab52e343abe56392
changes/54/780554/4
Riccardo Pittau 5 months ago
parent
commit
0fab7f5298
  1. 12
      tinyipa/build-tinyipa.sh
  2. 9
      tinyipa/patches/ipmitool-hpmfwupg_c.patch
  3. 9
      tinyipa/patches/ipmitool-hpmfwupg_h.patch
  4. 86
      tinyipa/patches/ipmitool-openssl.patch

12
tinyipa/build-tinyipa.sh

@ -16,7 +16,7 @@ QEMU_RELEASE="v4.2.0"
LSHW_RELEASE="B.02.18"
BIOSDEVNAME_RELEASE="0.7.2"
IPMITOOL_RELASE="1_8_18"
IPMITOOL_GIT_HASH="710888479332a46bad78f3d736eff0cbdefd2d1b"
# PYTHON_EXTRA_SOURCES_DIR_LIST is a csv list of python package dirs to include
PYTHON_EXTRA_SOURCES_DIR_LIST=${PYTHON_EXTRA_SOURCES_DIR_LIST:-}
@ -75,10 +75,10 @@ if $TINYIPA_REQUIRE_BIOSDEVNAME; then
wget -N -O - https://linux.dell.com/biosdevname/biosdevname-${BIOSDEVNAME_RELEASE}/biosdevname-${BIOSDEVNAME_RELEASE}.tar.gz | tar -xz -C "${BUILDDIR}/tmp" -f -
fi
if $TINYIPA_REQUIRE_IPMITOOL; then
wget -N -O - https://github.com/ipmitool/ipmitool/archive/IPMITOOL_${IPMITOOL_RELASE}.tar.gz | tar -xz -C "${BUILDDIR}/tmp" -f -
patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/src/plugins/lanplus/lanplus_crypt_impl.c < patches/ipmitool-openssl.patch
patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/include/ipmitool/ipmi_hpmfwupg.h < patches/ipmitool-hpmfwupg_h.patch
patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/lib/ipmi_hpmfwupg.c < patches/ipmitool-hpmfwupg_c.patch
git clone https://github.com/ipmitool/ipmitool.git "${BUILDDIR}/tmp/ipmitool-src"
cd "${BUILDDIR}/tmp/ipmitool-src"
git reset $IPMITOOL_GIT_HASH --hard
cd -
fi
# Create directory for python local mirror
@ -241,7 +241,7 @@ fi
if $TINYIPA_REQUIRE_IPMITOOL; then
rm -rf $WORKDIR/build_files/ipmitool.tcz
# NOTE(TheJulia): Explicitly add the libtool path since /usr/local/ is not in path from the chroot.
$CHROOT_CMD /bin/sh -c "cd /tmp/ipmitool-* && env LIBTOOL='/usr/local/bin/libtool' ./bootstrap && ./configure && make && make install DESTDIR=/tmp/ipmitool"
$CHROOT_CMD /bin/sh -c "cd /tmp/ipmitool-src && env LIBTOOL='/usr/local/bin/libtool' ./bootstrap && ./configure && make && make install DESTDIR=/tmp/ipmitool"
find $BUILDDIR/tmp/ipmitool/ -type f -executable | xargs file | awk -F ':' '/ELF/ {print $1}' | sudo xargs strip
cd $WORKDIR/build_files && mksquashfs $BUILDDIR/tmp/ipmitool ipmitool.tcz && md5sum ipmitool.tcz > ipmitool.tcz.md5.txt
fi

9
tinyipa/patches/ipmitool-hpmfwupg_c.patch

@ -1,9 +0,0 @@
@@ -52,6 +52,8 @@
# include <config.h>
#endif
+static VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
+
/* From src/plugins/ipmi_intf.c: */
uint16_t
ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf);

9
tinyipa/patches/ipmitool-hpmfwupg_h.patch

@ -1,9 +0,0 @@
@@ -800,8 +800,6 @@
char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
}VERSIONINFO, *PVERSIONINFO;
-VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-
#define TARGET_VER (0x01)
#define ROLLBACK_VER (0x02)
#define IMAGE_VER (0x04)

86
tinyipa/patches/ipmitool-openssl.patch

@ -1,86 +0,0 @@
@@ -164,10 +164,10 @@
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
*bytes_written = 0;
@@ -191,7 +191,7 @@
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
*bytes_written = 0;
@@ -201,7 +201,7 @@
{
uint32_t tmplen;
- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
*bytes_written = 0;
return; /* Error */
@@ -210,7 +210,8 @@
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_cleanup(ctx);
+ EVP_CIPHER_CTX_free(ctx);
}
}
}
@@ -239,10 +240,10 @@
uint8_t * output,
uint32_t * bytes_written)
{
- EVP_CIPHER_CTX ctx;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
- EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
if (verbose >= 5)
@@ -266,7 +267,7 @@
assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
{
/* Error */
lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
@@ -277,7 +278,7 @@
{
uint32_t tmplen;
- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
{
char buffer[1000];
ERR_error_string(ERR_get_error(), buffer);
@@ -290,7 +291,8 @@
{
/* Success */
*bytes_written += tmplen;
- EVP_CIPHER_CTX_cleanup(&ctx);
+ EVP_CIPHER_CTX_cleanup(ctx);
+ EVP_CIPHER_CTX_free(ctx);
}
}
Loading…
Cancel
Save