Use git hash instead of release to build ipmitool

ipmitool has not had a stable release since a while. To keep it up to date we clone its repo, pin it to a git commit hash and compile it from there. This will also help to avoid patching the code before the compilation as the changes will be included already in the cloned code. Change-Id: Ic3c1c0ceace1559d04288b12ab52e343abe56392
1 month ago · 0fab7f5298
--- a/tinyipa/build-tinyipa.sh
+++ b/tinyipa/build-tinyipa.sh
@ -16,7 +16,7 @@ QEMU_RELEASE="v4.2.0"
 LSHW_RELEASE="B.02.18"

 BIOSDEVNAME_RELEASE="0.7.2"
 IPMITOOL_RELASE="1_8_18"
 IPMITOOL_GIT_HASH="710888479332a46bad78f3d736eff0cbdefd2d1b"

 # PYTHON_EXTRA_SOURCES_DIR_LIST is a csv list of python package dirs to include
 PYTHON_EXTRA_SOURCES_DIR_LIST=${PYTHON_EXTRA_SOURCES_DIR_LIST:-}
@ -75,10 +75,10 @@ if $TINYIPA_REQUIRE_BIOSDEVNAME; then
    wget -N -O - https://linux.dell.com/biosdevname/biosdevname-${BIOSDEVNAME_RELEASE}/biosdevname-${BIOSDEVNAME_RELEASE}.tar.gz | tar -xz -C "${BUILDDIR}/tmp" -f -
 fi
 if $TINYIPA_REQUIRE_IPMITOOL; then
    wget -N -O - https://github.com/ipmitool/ipmitool/archive/IPMITOOL_${IPMITOOL_RELASE}.tar.gz | tar -xz -C "${BUILDDIR}/tmp" -f -
    patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/src/plugins/lanplus/lanplus_crypt_impl.c < patches/ipmitool-openssl.patch
    patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/include/ipmitool/ipmi_hpmfwupg.h < patches/ipmitool-hpmfwupg_h.patch
    patch ${BUILDDIR}/tmp/ipmitool-IPMITOOL_${IPMITOOL_RELASE}/lib/ipmi_hpmfwupg.c < patches/ipmitool-hpmfwupg_c.patch
    git clone https://github.com/ipmitool/ipmitool.git "${BUILDDIR}/tmp/ipmitool-src"
    cd "${BUILDDIR}/tmp/ipmitool-src"
    git reset $IPMITOOL_GIT_HASH --hard
    cd -
 fi

 # Create directory for python local mirror
@ -241,7 +241,7 @@ fi
 if $TINYIPA_REQUIRE_IPMITOOL; then
    rm -rf $WORKDIR/build_files/ipmitool.tcz
    # NOTE(TheJulia): Explicitly add the libtool path since /usr/local/ is not in path from the chroot.
    $CHROOT_CMD /bin/sh -c "cd /tmp/ipmitool-* && env LIBTOOL='/usr/local/bin/libtool' ./bootstrap && ./configure && make && make install DESTDIR=/tmp/ipmitool"
    $CHROOT_CMD /bin/sh -c "cd /tmp/ipmitool-src && env LIBTOOL='/usr/local/bin/libtool' ./bootstrap && ./configure && make && make install DESTDIR=/tmp/ipmitool"
    find $BUILDDIR/tmp/ipmitool/ -type f -executable | xargs file | awk -F ':' '/ELF/ {print $1}' | sudo xargs strip
    cd $WORKDIR/build_files && mksquashfs $BUILDDIR/tmp/ipmitool ipmitool.tcz && md5sum ipmitool.tcz > ipmitool.tcz.md5.txt
 fi
--- a/tinyipa/patches/ipmitool-hpmfwupg_c.patch
+++ b/tinyipa/patches/ipmitool-hpmfwupg_c.patch
@ -1,9 +0,0 @@
@@ -52,6 +52,8 @@
 # include <config.h>
 #endif
 
 +static VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
 +
 /* From src/plugins/ipmi_intf.c: */
 uint16_t
 ipmi_intf_get_max_request_data_size(struct ipmi_intf * intf);
--- a/tinyipa/patches/ipmitool-hpmfwupg_h.patch
+++ b/tinyipa/patches/ipmitool-hpmfwupg_h.patch
@ -1,9 +0,0 @@
@@ -800,8 +800,6 @@
 	char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
 }VERSIONINFO, *PVERSIONINFO;
 
 -VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
 -
 #define TARGET_VER (0x01)
 #define ROLLBACK_VER (0x02)
 #define IMAGE_VER (0x04)
--- a/tinyipa/patches/ipmitool-openssl.patch
+++ b/tinyipa/patches/ipmitool-openssl.patch
@ -1,86 +0,0 @@
@@ -164,10 +164,10 @@
 							uint8_t       * output,
 							uint32_t        * bytes_written)
 {
 -	EVP_CIPHER_CTX ctx;
 -	EVP_CIPHER_CTX_init(&ctx);
 -	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
 -	EVP_CIPHER_CTX_set_padding(&ctx, 0);
 +	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
 +	EVP_CIPHER_CTX_init(ctx);
 +	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
 +	EVP_CIPHER_CTX_set_padding(ctx, 0);
 	
 
 	*bytes_written = 0;
@@ -191,7 +191,7 @@
 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
 
 
 -	if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
 +	if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
 	{
 		/* Error */
 		*bytes_written = 0;
@@ -201,7 +201,7 @@
 	{
 		uint32_t tmplen;
 
 -		if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
 +		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
 		{
 			*bytes_written = 0;
 			return; /* Error */
@@ -210,7 +210,8 @@
 		{
 			/* Success */
 			*bytes_written += tmplen;
 -			EVP_CIPHER_CTX_cleanup(&ctx);
 +			EVP_CIPHER_CTX_cleanup(ctx);
 +			EVP_CIPHER_CTX_free(ctx);
 		}
 	}
 }
@@ -239,10 +240,10 @@
 							uint8_t       * output,
 							uint32_t        * bytes_written)
 {
 -	EVP_CIPHER_CTX ctx;
 -	EVP_CIPHER_CTX_init(&ctx);
 -	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
 -	EVP_CIPHER_CTX_set_padding(&ctx, 0);
 +	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
 +	EVP_CIPHER_CTX_init(ctx);
 +	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
 +	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
 
 	if (verbose >= 5)
@@ -266,7 +267,7 @@
 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
 
 
 -	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
 +	if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
 	{
 		/* Error */
 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
@@ -277,7 +278,7 @@
 	{
 		uint32_t tmplen;
 
 -		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
 +		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
 		{
 			char buffer[1000];
 			ERR_error_string(ERR_get_error(), buffer);
@@ -290,7 +291,8 @@
 		{
 			/* Success */
 			*bytes_written += tmplen;
 -			EVP_CIPHER_CTX_cleanup(&ctx);
 +			EVP_CIPHER_CTX_cleanup(ctx);
 +			EVP_CIPHER_CTX_free(ctx);
 		}
 	}