Attachment #198087 for bug #232217

View | Details | Raw Unified | Return to bug 232217
Collapse All | Expand All

Lines 3-9 Link Here

(-)sysutils/ipmitool/Makefile (-3 / +1 lines)
3		3
4	PORTNAME= ipmitool	4	PORTNAME= ipmitool
5	PORTVERSION= 1.8.18	5	PORTVERSION= 1.8.18
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= sysutils	7	CATEGORIES= sysutils
8	MASTER_SITES= SF	8	MASTER_SITES= SF
9		9
Lines 13-20 Link Here
13	LICENSE= BSD3CLAUSE	13	LICENSE= BSD3CLAUSE
14	LICENSE_FILE= ${WRKSRC}/COPYING	14	LICENSE_FILE= ${WRKSRC}/COPYING
15		15
16	BROKEN_SSL= openssl-devel
17
18	USES= cpe tar:bzip2 gmake readline ssl	16	USES= cpe tar:bzip2 gmake readline ssl
19	CPE_VENDOR= sun	17	CPE_VENDOR= sun
20	GNU_CONFIGURE= yes	18	GNU_CONFIGURE= yes




--- src/plugins/lanplus/lanplus_crypt_impl.c.orig	2018-10-13 04:26:25 UTC
+++ src/plugins/lanplus/lanplus_crypt_impl.c
@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
 							uint8_t       * output,
 							uint32_t        * bytes_written)
 {
-	EVP_CIPHER_CTX ctx;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
-	
+	EVP_CIPHER_CTX *ctx = NULL;	
 
 	*bytes_written = 0;
 
@@ -182,7 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
 		printbuf(input, input_length, "encrypting this data");
 	}
 
-
+	ctx = EVP_CIPHER_CTX_new();
+	if (ctx == NULL) {
+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+		return;
+	}
+	EVP_CIPHER_CTX_init(ctx);
+	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+	EVP_CIPHER_CTX_set_padding(ctx, 0);
 	/*
 	 * The default implementation adds a whole block of padding if the input
 	 * data is perfectly aligned.  We would like to keep that from happening.
@@ -191,28 +194,27 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
 
 
-	if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+	if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
 	{
 		/* Error */
 		*bytes_written = 0;
-		return;
 	}
 	else
 	{
 		uint32_t tmplen;
 
-		if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
 		{
 			*bytes_written = 0;
-			return; /* Error */
 		}
 		else
 		{
 			/* Success */
 			*bytes_written += tmplen;
-			EVP_CIPHER_CTX_cleanup(&ctx);
 		}
 	}
+	/* performs cleanup and free */
+	EVP_CIPHER_CTX_free(ctx);
 }
 
 
@@ -239,12 +241,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
 							uint8_t       * output,
 							uint32_t        * bytes_written)
 {
-	EVP_CIPHER_CTX ctx;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+	EVP_CIPHER_CTX *ctx = NULL;
 
-
 	if (verbose >= 5)
 	{
 		printbuf(iv,  16, "decrypting with this IV");
@@ -257,6 +255,14 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
 
 	if (input_length == 0)
 		return;
+	ctx = EVP_CIPHER_CTX_new();
+	if (ctx == NULL) {
+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
+		return;
+		}
+	EVP_CIPHER_CTX_init(ctx);
+	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
+	EVP_CIPHER_CTX_set_padding(ctx, 0);
 
 	/*
 	 * The default implementation adds a whole block of padding if the input
@@ -266,33 +272,32 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
 
 
-	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
+	if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
 	{
 		/* Error */
 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
 		*bytes_written = 0;
-		return;
 	}
 	else
 	{
 		uint32_t tmplen;
 
-		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
+		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
 		{
+			/* Error */
 			char buffer[1000];
 			ERR_error_string(ERR_get_error(), buffer);
 			lprintf(LOG_DEBUG, "the ERR error %s", buffer);
 			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
 			*bytes_written = 0;
-			return; /* Error */
 		}
 		else
 		{
-			/* Success */
-			*bytes_written += tmplen;
-			EVP_CIPHER_CTX_cleanup(&ctx);
+		
+		
 		}
 	}
+	EVP_CIPHER_CTX_free(ctx);
 
 	if (verbose >= 5)
 	{

Return to bug 232217

Line 0 Link Here

(-)sysutils/ipmitool/files/patch-src_plugins_lanplus_lanplus__crypt__impl.c (+133 lines)
		1	--- src/plugins/lanplus/lanplus_crypt_impl.c.orig 2018-10-13 04:26:25 UTC
		2	+++ src/plugins/lanplus/lanplus_crypt_impl.c
		3	@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
		4	uint8_t * output,
		5	uint32_t * bytes_written)
		6	{
		7	- EVP_CIPHER_CTX ctx;
		8	- EVP_CIPHER_CTX_init(&ctx);
		9	- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
		10	- EVP_CIPHER_CTX_set_padding(&ctx, 0);
		11	-
		12	+ EVP_CIPHER_CTX *ctx = NULL;
		13
		14	*bytes_written = 0;
		15
		16	@@ -182,7 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
		17	printbuf(input, input_length, "encrypting this data");
		18	}
		19
		20	-
		21	+ ctx = EVP_CIPHER_CTX_new();
		22	+ if (ctx == NULL) {
		23	+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
		24	+ return;
		25	+ }
		26	+ EVP_CIPHER_CTX_init(ctx);
		27	+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
		28	+ EVP_CIPHER_CTX_set_padding(ctx, 0);
		29	/*
		30	* The default implementation adds a whole block of padding if the input
		31	* data is perfectly aligned. We would like to keep that from happening.
		32	@@ -191,28 +194,27 @@ lanplus_encrypt_aes_cbc_128(const uint8_t * iv,
		33	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
		34
		35
		36	- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
		37	+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
		38	{
		39	/* Error */
		40	*bytes_written = 0;
		41	- return;
		42	}
		43	else
		44	{
		45	uint32_t tmplen;
		46
		47	- if(!EVP_EncryptFinal_ex(&ctx, output + bytes_written, (int )&tmplen))
		48	+ if(!EVP_EncryptFinal_ex(ctx, output + bytes_written, (int )&tmplen))
		49	{
		50	*bytes_written = 0;
		51	- return; /* Error */
		52	}
		53	else
		54	{
		55	/* Success */
		56	*bytes_written += tmplen;
		57	- EVP_CIPHER_CTX_cleanup(&ctx);
		58	}
		59	}
		60	+ /* performs cleanup and free */
		61	+ EVP_CIPHER_CTX_free(ctx);
		62	}
		63
		64
65	@@ -239,12 +241,8 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
66	uint8_t * output,
67	uint32_t * bytes_written)
68	{
69	- EVP_CIPHER_CTX ctx;
70	- EVP_CIPHER_CTX_init(&ctx);
71	- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
72	- EVP_CIPHER_CTX_set_padding(&ctx, 0);
73	+ EVP_CIPHER_CTX *ctx = NULL;
74
75	-
76	if (verbose >= 5)
77	{
78	printbuf(iv, 16, "decrypting with this IV");
79	@@ -257,6 +255,14 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
80
81	if (input_length == 0)
82	return;
83	+ ctx = EVP_CIPHER_CTX_new();
84	+ if (ctx == NULL) {
85	+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
86	+ return;
87	+ }
88	+ EVP_CIPHER_CTX_init(ctx);
89	+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
90	+ EVP_CIPHER_CTX_set_padding(ctx, 0);
91
92	/*
93	* The default implementation adds a whole block of padding if the input
94	@@ -266,33 +272,32 @@ lanplus_decrypt_aes_cbc_128(const uint8_t * iv,
95	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
96
97
98	- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
99	+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
100	{
101	/* Error */
102	lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
103	*bytes_written = 0;
104	- return;
105	}
106	else
107	{
108	uint32_t tmplen;
109
110	- if (!EVP_DecryptFinal_ex(&ctx, output + bytes_written, (int )&tmplen))
111	+ if (!EVP_DecryptFinal_ex(ctx, output + bytes_written, (int )&tmplen))
112	{
113	+ /* Error */
114	char buffer[1000];
115	ERR_error_string(ERR_get_error(), buffer);
116	lprintf(LOG_DEBUG, "the ERR error %s", buffer);
117	lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
118	*bytes_written = 0;
119	- return; /* Error */
120	}
121	else
122	{
123	- /* Success */
124	- *bytes_written += tmplen;
125	- EVP_CIPHER_CTX_cleanup(&ctx);
126	+
127	+
128	}
129	}
130	+ EVP_CIPHER_CTX_free(ctx);
131
132	if (verbose >= 5)
133	{