diff options
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/0005-gcc10.patch | 63 | ||||
-rw-r--r-- | debian/patches/0100-fix_buf_overflow.patch | 4 | ||||
-rw-r--r-- | debian/patches/0105-sensor_reading.patch | 35 | ||||
-rw-r--r-- | debian/patches/0110-getpass-prototype.patch | 23 | ||||
-rw-r--r-- | debian/patches/0110-unpdate_IANA_URL.patch | 72 | ||||
-rw-r--r-- | debian/patches/0115-hurd_PATH_MAX.patch | 21 | ||||
-rw-r--r-- | debian/patches/0115-typo.patch | 164 | ||||
-rw-r--r-- | debian/patches/0120-openssl1.1.patch | 150 | ||||
-rw-r--r-- | debian/patches/0125-nvidia-iana.patch | 36 | ||||
-rw-r--r-- | debian/patches/0130-Correct_lanplus_segment_violation.patch | 29 | ||||
-rw-r--r-- | debian/patches/0500-fix_CVE-2011-4339.patch | 21 | ||||
-rw-r--r-- | debian/patches/0600-manpage_longlines.patch | 56 | ||||
-rw-r--r-- | debian/patches/0615-manpage_typo.patch | 49 | ||||
-rw-r--r-- | debian/patches/0620-manpage_typo.patch | 370 | ||||
-rw-r--r-- | debian/patches/0625-manpage_wrong_time_set.patch | 24 | ||||
-rw-r--r-- | debian/patches/0700-build.patch | 105 | ||||
-rw-r--r-- | debian/patches/series | 15 |
17 files changed, 635 insertions, 602 deletions
diff --git a/debian/patches/0005-gcc10.patch b/debian/patches/0005-gcc10.patch deleted file mode 100644 index a4e5d8a..0000000 --- a/debian/patches/0005-gcc10.patch +++ /dev/null @@ -1,63 +0,0 @@ -Description: Fix ftbfs with gcc-10 -Author: Jörg Frings-Fürst <debian@jff.email> -Bug: https://github.com/ipmitool/ipmitool/issues/220 -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957371 -Last-Update: 2020-07-28 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/include/ipmitool/ipmi_hpmfwupg.h -=================================================================== ---- trunk.orig/include/ipmitool/ipmi_hpmfwupg.h -+++ trunk/include/ipmitool/ipmi_hpmfwupg.h -@@ -30,9 +30,22 @@ - * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - */ - -+ - #ifndef IPMI_HPMFWUPG_H - #define IPMI_HPMFWUPG_H - -+ -+#ifdef IPMI_HPMFWUPG_MOD -+ -+ #define EXTERN -+ -+#else -+ -+ #define EXTERN extern -+ -+#endif -+ -+ - #include <inttypes.h> - #include <ipmitool/ipmi.h> - -@@ -800,10 +813,12 @@ typedef struct _VERSIONINFO { - char descString[HPMFWUPG_DESC_STRING_LENGTH + 1]; - }VERSIONINFO, *PVERSIONINFO; - --VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; -+EXTERN VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX]; - - #define TARGET_VER (0x01) - #define ROLLBACK_VER (0x02) - #define IMAGE_VER (0x04) - - #endif /* IPMI_KFWUM_H */ -+ -+#undef EXTERN -Index: trunk/lib/ipmi_hpmfwupg.c -=================================================================== ---- trunk.orig/lib/ipmi_hpmfwupg.c -+++ trunk/lib/ipmi_hpmfwupg.c -@@ -37,7 +37,10 @@ - - #include <ipmitool/ipmi_intf.h> - #include <ipmitool/ipmi_mc.h> -+ -+#define IPMI_HPMFWUPG_MOD - #include <ipmitool/ipmi_hpmfwupg.h> -+ - #include <ipmitool/helper.h> - #include <ipmitool/ipmi_strings.h> - #include <ipmitool/log.h> diff --git a/debian/patches/0100-fix_buf_overflow.patch b/debian/patches/0100-fix_buf_overflow.patch index 174d205..1651487 100644 --- a/debian/patches/0100-fix_buf_overflow.patch +++ b/debian/patches/0100-fix_buf_overflow.patch @@ -11,12 +11,12 @@ Index: trunk/lib/ipmi_tsol.c =================================================================== --- trunk.orig/lib/ipmi_tsol.c +++ trunk/lib/ipmi_tsol.c -@@ -375,7 +375,7 @@ ipmi_tsol_main(struct ipmi_intf *intf, i +@@ -374,7 +374,7 @@ ipmi_tsol_main(struct ipmi_intf *intf, i char *recvip = NULL; char in_buff[IPMI_BUF_SIZE]; char out_buff[IPMI_BUF_SIZE * 8]; - char buff[IPMI_BUF_SIZE + 4]; + char buff[IPMI_BUF_SIZE * 8 + 4]; int fd_socket, result, i; - int out_buff_fill, in_buff_fill; + size_t out_buff_fill, in_buff_fill; int ip1, ip2, ip3, ip4; diff --git a/debian/patches/0105-sensor_reading.patch b/debian/patches/0105-sensor_reading.patch new file mode 100644 index 0000000..edde4a0 --- /dev/null +++ b/debian/patches/0105-sensor_reading.patch @@ -0,0 +1,35 @@ +Description: Fix soensor reading +Author: mareedu srinivasa rao +Origin: upstream, https://sourceforge.net/p/ipmitool/bugs/490/ +Bug: https://sourceforge.net/p/ipmitool/bugs/490/ +Bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983082 +Forwarded: not-needed +Last-Update: 2022-10-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/lib/ipmi_sdr.c +=================================================================== +--- trunk.orig/lib/ipmi_sdr.c ++++ trunk/lib/ipmi_sdr.c +@@ -1799,7 +1799,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_int + sr->s_a_units); + } else /* Discrete */ + snprintf(sval, sizeof(sval), +- "0x%02x", sr->s_reading); ++ "0x%02x", sr->s_data2); + } + else if (sr->s_scanning_disabled) + snprintf(sval, sizeof (sval), sr->full ? "disabled" : "Not Readable"); +Index: trunk/lib/ipmi_sensor.c +=================================================================== +--- trunk.orig/lib/ipmi_sensor.c ++++ trunk/lib/ipmi_sensor.c +@@ -201,7 +201,7 @@ ipmi_sensor_print_fc_discrete(struct ipm + sr->s_a_str, sr->s_a_units, "ok"); + } else { + printf("| 0x%-8x | %-10s | 0x%02x%02x", +- sr->s_reading, "discrete", ++ sr->s_data2, "discrete", + sr->s_data2, sr->s_data3); + } + } else { diff --git a/debian/patches/0110-getpass-prototype.patch b/debian/patches/0110-getpass-prototype.patch deleted file mode 100644 index ecd8ee9..0000000 --- a/debian/patches/0110-getpass-prototype.patch +++ /dev/null @@ -1,23 +0,0 @@ -Description: use necessary source dialect to ensure getpass() availability - getpass is a deprecated function, and building with either c99 or gnu99 - does not ensure this function's availability. So instead, declare - _DEFAULT_SOURCE so that the function remains available. -Author: Steve Langasek <steve.langasek@ubuntu.com> -Origin: <upstream|backport|vendor|other>, <URL, required except if Author is present> -Bug: <URL to the upstream bug report if any, implies patch has been forwarded, optional> -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819340 -Last-Update: 2016-05-15 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/lib/ipmi_main.c -=================================================================== ---- trunk.orig/lib/ipmi_main.c -+++ trunk/lib/ipmi_main.c -@@ -34,6 +34,7 @@ - (_XOPEN_SOURCE >= 500 || \ - _XOPEN_SOURCE && _XOPEN_SOURCE_EXTENDED) && \ - !(_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) -+#define _DEFAULT_SOURCE - - #include <stdlib.h> - #include <stdio.h> diff --git a/debian/patches/0110-unpdate_IANA_URL.patch b/debian/patches/0110-unpdate_IANA_URL.patch new file mode 100644 index 0000000..6239c4c --- /dev/null +++ b/debian/patches/0110-unpdate_IANA_URL.patch @@ -0,0 +1,72 @@ +Description: Fix IANA url +Author: <name and email of author, optional> +Origin: upstream, https://github.com/siderolabs/pkgs/pull/634/commits/5a39853823255f3715857fb4907bca13573e76d0 +Bug: https://github.com/ipmitool/ipmitool/issues/377 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023312 +Forwarded: not-needed +Applied-Upstream: https://github.com/siderolabs/pkgs/pull/634/commits/5a39853823255f3715857fb4907bca13573e76d0 +Last-Update: 2022-12-25 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/Makefile.am +=================================================================== +--- trunk.orig/Makefile.am ++++ trunk/Makefile.am +@@ -41,7 +41,7 @@ MAINTAINERCLEANFILES = Makefile.in acloc + $(distdir).tar.gz $(distdir).tar.bz2 + + SUBDIRS = lib src include doc contrib control +-IANA_PEN = http://www.iana.org/assignments/enterprise-numbers ++IANA_PEN = http://www.iana.org/assignments/enterprise-numbers.txt + + dist-hook: + cp control/ipmitool.spec $(distdir) +Index: trunk/lib/ipmi_strings.c +=================================================================== +--- trunk.orig/lib/ipmi_strings.c ++++ trunk/lib/ipmi_strings.c +@@ -1489,7 +1489,7 @@ size_t count_bytes(const char *s, unsign + * That is, IANA PEN at position 0, enterprise name at position 2. + */ + #define IANA_NAME_OFFSET 2 +-#define IANA_PEN_REGISTRY "enterprise-numbers" ++#define IANA_PEN_REGISTRY "enterprise-numbers.txt" + static + int oem_info_list_load(oem_valstr_list_t **list) + { +Index: trunk/doc/ipmitool.1.in +=================================================================== +--- trunk.orig/doc/ipmitool.1.in ++++ trunk/doc/ipmitool.1.in +@@ -3830,10 +3830,10 @@ Chassis Power Control: Up/On + + .SH FILES + .TP +-.B @IANADIR@/enterprise-numbers +-system IANA PEN registry taken from http://www.iana.org/assignments/enterprise-numbers ++.B @IANADIR@/enterprise-numbers.txt ++system IANA PEN registry taken from https://www.iana.org/assignments/enterprise-numbers.txt + .TP +-.B ~/@IANAUSERDIR@/enterprise-numbers ++.B ~/@IANAUSERDIR@/enterprise-numbers.txt + user's override for the system IANA PEN registry, this file if it exists is loaded instead + of the system registry (see above). + +Index: trunk/doc/ipmievd.8.in +=================================================================== +--- trunk.orig/doc/ipmievd.8.in ++++ trunk/doc/ipmievd.8.in +@@ -220,10 +220,10 @@ Waiting for Events... + + .SH FILES + .TP +-.B @IANADIR@/enterprise-numbers +-system IANA PEN registry taken from http://www.iana.org/assignments/enterprise-numbers ++.B @IANADIR@/enterprise-numbers.txt ++system IANA PEN registry taken from https://www.iana.org/assignments/enterprise-numbers.txt + .TP +-.B ~/@IANAUSERDIR@/enterprise-numbers ++.B ~/@IANAUSERDIR@/enterprise-numbers.txt + user's override for the system IANA PEN registry, this file if it exists is loaded instead + of the system registry (see above). + diff --git a/debian/patches/0115-hurd_PATH_MAX.patch b/debian/patches/0115-hurd_PATH_MAX.patch new file mode 100644 index 0000000..83d30e5 --- /dev/null +++ b/debian/patches/0115-hurd_PATH_MAX.patch @@ -0,0 +1,21 @@ +Description: Add missing PATH_MAX for hurd-i386 +Author: Jörg Frings-Fürst <debian@jff.email> +Forwarded: not-needed +Last-Update: 2022-12-26 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/include/ipmitool/ipmi_strings.h +=================================================================== +--- trunk.orig/include/ipmitool/ipmi_strings.h ++++ trunk/include/ipmitool/ipmi_strings.h +@@ -36,6 +36,10 @@ + + #define CC_STRING(cc) val2str(cc, completion_code_vals) + ++#ifndef PATH_MAX ++ #define PATH_MAX 1024 ++#endif ++ + extern const struct valstr completion_code_vals[]; + extern const struct valstr entity_id_vals[]; + extern const struct valstr entity_device_type_vals[]; diff --git a/debian/patches/0115-typo.patch b/debian/patches/0115-typo.patch deleted file mode 100644 index e8f762c..0000000 --- a/debian/patches/0115-typo.patch +++ /dev/null @@ -1,164 +0,0 @@ -Description: source typos -Author: Jörg Frings-Fürst <debian@jff-webhosting.net> -Forwarded: not-needed -Last-Update: 2017-08-13 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/lib/dimm_spd.c -=================================================================== ---- trunk.orig/lib/dimm_spd.c -+++ trunk/lib/dimm_spd.c -@@ -798,7 +798,7 @@ const struct valstr jedec_id5_vals[] = { - { 0xE3, "WIS Technologies" }, - { 0x64, "GateChange Technologies" }, - { 0xE5, "High Density Devices AS" }, -- { 0xE6, "Synopsys" }, -+ { 0xE6, "Synopsis" }, - { 0x67, "Gigaram" }, - { 0x68, "Enigma Semiconductor Inc." }, - { 0xE9, "Century Micro Inc." }, -Index: trunk/lib/ipmi_hpmfwupg.c -=================================================================== ---- trunk.orig/lib/ipmi_hpmfwupg.c -+++ trunk/lib/ipmi_hpmfwupg.c -@@ -1507,7 +1507,7 @@ HpmfwupgGetTargetUpgCapabilities(struct - pCtx->resp.GlobalCapabilities.bitField.autRollbackOverride ? 'y' : 'n'); - lprintf(LOG_NOTICE, "IPMC degraded...........[%c] ", - pCtx->resp.GlobalCapabilities.bitField.ipmcDegradedDurinUpg ? 'y' : 'n'); -- lprintf(LOG_NOTICE, "Defered activation......[%c] ", -+ lprintf(LOG_NOTICE, "Deferred activation......[%c] ", - pCtx->resp.GlobalCapabilities.bitField.deferActivation ? 'y' : 'n'); - lprintf(LOG_NOTICE, "Service affected........[%c] ", - pCtx->resp.GlobalCapabilities.bitField.servAffectDuringUpg ? 'y' : 'n'); -Index: trunk/lib/ipmi_kontronoem.c -=================================================================== ---- trunk.orig/lib/ipmi_kontronoem.c -+++ trunk/lib/ipmi_kontronoem.c -@@ -85,7 +85,7 @@ ipmi_kontronoem_main(struct ipmi_intf *i - return (-1); - } - if (ipmi_kontron_set_serial_number(intf) > 0) { -- printf("FRU serial number setted successfully\n"); -+ printf("FRU serial number set successfully\n"); - } else { - printf("FRU serial number set failed\n"); - rc = (-1); -@@ -96,7 +96,7 @@ ipmi_kontronoem_main(struct ipmi_intf *i - return (-1); - } - if (ipmi_kontron_set_mfg_date(intf) > 0) { -- printf("FRU manufacturing date setted successfully\n"); -+ printf("FRU manufacturing date set successfully\n"); - } else { - printf("FRU manufacturing date set failed\n"); - rc = (-1); -Index: trunk/lib/ipmi_ekanalyzer.c -=================================================================== ---- trunk.orig/lib/ipmi_ekanalyzer.c -+++ trunk/lib/ipmi_ekanalyzer.c -@@ -3398,7 +3398,7 @@ ipmi_ek_display_board_p2p_record(struct - printf("ShMC Cross-connect (two-pair)\n"); - break; - default: -- printf("Unknwon\n"); -+ printf("Unknown\n"); - break; - } - } else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_ETHERNET) { -@@ -3413,17 +3413,17 @@ ipmi_ek_display_board_p2p_record(struct - printf("FC-PI\n"); - break; - default: -- printf("Unknwon\n"); -+ printf("Unknown\n"); - break; - } - } else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_INFINIBAND) { -- printf("Unknwon\n"); -+ printf("Unknown\n"); - } else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_STAR) { -- printf("Unknwon\n"); -+ printf("Unknown\n"); - } else if (d->type == FRU_PICMGEXT_LINK_TYPE_PCIE) { -- printf("Unknwon\n"); -+ printf("Unknown\n"); - } else { -- printf("Unknwon\n"); -+ printf("Unknown\n"); - } - printf("\tLink Type:\t\t0x%02x - ", d->type); - if (d->type == 0 || d->type == 0xff) { -Index: trunk/src/ipmievd.c -=================================================================== ---- trunk.orig/src/ipmievd.c -+++ trunk/src/ipmievd.c -@@ -125,7 +125,7 @@ static int openipmi_wait(struct ipmi_eve - static int openipmi_read(struct ipmi_event_intf * eintf); - static struct ipmi_event_intf openipmi_event_intf = { - .name = "open", -- .desc = "OpenIPMI asyncronous notification of events", -+ .desc = "OpenIPMI asynchronous notification of events", - .prefix = "", - .setup = openipmi_setup, - .wait = openipmi_wait, -@@ -864,7 +864,7 @@ ipmievd_open_main(struct ipmi_intf * int - - struct ipmi_cmd ipmievd_cmd_list[] = { - #ifdef IPMI_INTF_OPEN -- { ipmievd_open_main, "open", "Use OpenIPMI for asyncronous notification of events" }, -+ { ipmievd_open_main, "open", "Use OpenIPMI for asynchronous notification of events" }, - #endif - { ipmievd_sel_main, "sel", "Poll SEL for notification of events" }, - { NULL } -Index: trunk/include/ipmitool/ipmi_pef.h -=================================================================== ---- trunk.orig/include/ipmitool/ipmi_pef.h -+++ trunk/include/ipmitool/ipmi_pef.h -@@ -178,7 +178,7 @@ BIT_DESC_MAP_LIST, - {"Entity presence", 37}, - {"Monitor ASIC/IC", 38}, - {"LAN", 39}, -- {"Management subsytem health",40}, -+ {"Management subsystem health",40}, - {"Battery", 41}, - {NULL} - } }; -Index: trunk/doc/ipmievd.8 -=================================================================== ---- trunk.orig/doc/ipmievd.8 -+++ trunk/doc/ipmievd.8 -@@ -145,7 +145,7 @@ placed at the end of commands to get opt - > ipmievd help - .br - Commands: -- open Use OpenIPMI for asyncronous notification of events -+ open Use OpenIPMI for asynchronous notification of events - sel Poll SEL for notification of events - - .TP -Index: trunk/lib/ipmi_lanp.c -=================================================================== ---- trunk.orig/lib/ipmi_lanp.c -+++ trunk/lib/ipmi_lanp.c -@@ -1271,7 +1271,7 @@ print_lan_set_bad_pass_thresh_usage(void - { - lprintf(LOG_NOTICE, - "lan set <chanel> bad_pass_thresh <thresh_num> <1|0> <reset_interval> <lockout_interval>\n" --" <thresh_num> Bad Pasword Threshold number.\n" -+" <thresh_num> Bad Password Threshold number.\n" - " <1|0> 1 = generate a Session Audit sensor event.\n" - " 0 = do not generate an event.\n" - " <reset_interval> Attempt Count Reset Interval. In tens of seconds.\n" -Index: trunk/lib/ipmi_mc.c -=================================================================== ---- trunk.orig/lib/ipmi_mc.c -+++ trunk/lib/ipmi_mc.c -@@ -583,7 +583,7 @@ static int ipmi_mc_get_selftest(struct i - printf(" -> SEL device not accessible\n"); - } - if (sft_res->test & IPM_SELFTEST_SDR_ERROR) { -- printf(" -> SDR repository not accesible\n"); -+ printf(" -> SDR repository not accessible\n"); - } - if (sft_res->test & IPM_SELFTEST_FRU_ERROR) { - printf("FRU device not accessible\n"); diff --git a/debian/patches/0120-openssl1.1.patch b/debian/patches/0120-openssl1.1.patch deleted file mode 100644 index a7523fd..0000000 --- a/debian/patches/0120-openssl1.1.patch +++ /dev/null @@ -1,150 +0,0 @@ -Description: Migrate to openssl 1.1 - Cherry-picked from upstream -Author: Jörg Frings-Fürst <debian@jff-webhosting.net> -Origin: upstream https://sourceforge.net/p/ipmitool/source/ci/1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1/ -Bug: https://sourceforge.net/p/ipmitool/bugs/461/ -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853782 -Forwarded: not-needed -Last-Update: 2017-08-13 <YYYY-MM-DD, last update of the meta-information, optional> ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/src/plugins/lanplus/lanplus_crypt_impl.c -=================================================================== ---- trunk.orig/src/plugins/lanplus/lanplus_crypt_impl.c -+++ trunk/src/plugins/lanplus/lanplus_crypt_impl.c -@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - uint8_t * output, - uint32_t * bytes_written) - { -- EVP_CIPHER_CTX ctx; -- EVP_CIPHER_CTX_init(&ctx); -- EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -- EVP_CIPHER_CTX_set_padding(&ctx, 0); -- -+ EVP_CIPHER_CTX *ctx = NULL; - - *bytes_written = 0; - -@@ -182,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - printbuf(input, input_length, "encrypting this data"); - } - -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) { -+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); -+ return; -+ } -+ EVP_CIPHER_CTX_init(ctx); -+ EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); -+ EVP_CIPHER_CTX_set_padding(ctx, 0); - - /* - * The default implementation adds a whole block of padding if the input -@@ -191,28 +195,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); - - -- if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) -+ if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) - { - /* Error */ - *bytes_written = 0; -- return; - } - else - { - uint32_t tmplen; - -- if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) -+ if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) - { -+ /* Error */ - *bytes_written = 0; -- return; /* Error */ - } - else - { - /* Success */ - *bytes_written += tmplen; -- EVP_CIPHER_CTX_cleanup(&ctx); - } - } -+ /* performs cleanup and free */ -+ EVP_CIPHER_CTX_free(ctx); - } - - -@@ -239,11 +243,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - uint8_t * output, - uint32_t * bytes_written) - { -- EVP_CIPHER_CTX ctx; -- EVP_CIPHER_CTX_init(&ctx); -- EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv); -- EVP_CIPHER_CTX_set_padding(&ctx, 0); -- -+ EVP_CIPHER_CTX *ctx = NULL; - - if (verbose >= 5) - { -@@ -252,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - printbuf(input, input_length, "decrypting this data"); - } - -- - *bytes_written = 0; - - if (input_length == 0) - return; - -+ ctx = EVP_CIPHER_CTX_new(); -+ if (ctx == NULL) { -+ lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed"); -+ return; -+ } -+ EVP_CIPHER_CTX_init(ctx); -+ EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv); -+ EVP_CIPHER_CTX_set_padding(ctx, 0); -+ - /* - * The default implementation adds a whole block of padding if the input - * data is perfectly aligned. We would like to keep that from happening. -@@ -266,33 +274,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_ - assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0); - - -- if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length)) -+ if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length)) - { - /* Error */ - lprintf(LOG_DEBUG, "ERROR: decrypt update failed"); - *bytes_written = 0; -- return; - } - else - { - uint32_t tmplen; - -- if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen)) -+ if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen)) - { -+ /* Error */ - char buffer[1000]; - ERR_error_string(ERR_get_error(), buffer); - lprintf(LOG_DEBUG, "the ERR error %s", buffer); - lprintf(LOG_DEBUG, "ERROR: decrypt final failed"); - *bytes_written = 0; -- return; /* Error */ - } - else - { - /* Success */ - *bytes_written += tmplen; -- EVP_CIPHER_CTX_cleanup(&ctx); - } - } -+ /* performs cleanup and free */ -+ EVP_CIPHER_CTX_free(ctx); - - if (verbose >= 5) - { diff --git a/debian/patches/0125-nvidia-iana.patch b/debian/patches/0125-nvidia-iana.patch deleted file mode 100644 index 28276f8..0000000 --- a/debian/patches/0125-nvidia-iana.patch +++ /dev/null @@ -1,36 +0,0 @@ -Description: Add IANA ID for NVIDIA hardware - Add the NVIDIA IANA ID to the hardcoded list used in ipmitool <= 1.8.18. - After upstream commit "9d41136 ID:491 - Fetch vendor IDs from IANA", ipmitool - generates a list of vendor IDs dynamically at build time, so we can drop this - patch in future releases. -Author: dann frazier <dannf@debian.org> -Origin: backport -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903616 -Forwarded: not-needed -Last-Update: 2018-07-11 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: ipmitool-1.8.18/include/ipmitool/ipmi.h -=================================================================== ---- ipmitool-1.8.18.orig/include/ipmitool/ipmi.h -+++ ipmitool-1.8.18/include/ipmitool/ipmi.h -@@ -279,6 +279,7 @@ typedef enum IPMI_OEM { - /* 4769 for [IBM Corporation] */ - IPMI_OEM_IBM_4769 = 4769, - IPMI_OEM_MAGNUM = 5593, -+ IPMI_OEM_NVIDIA = 5703, - IPMI_OEM_TYAN = 6653, - IPMI_OEM_QUANTA = 7244, - IPMI_OEM_NEWISYS = 9237, -Index: ipmitool-1.8.18/lib/ipmi_strings.c -=================================================================== ---- ipmitool-1.8.18.orig/lib/ipmi_strings.c -+++ ipmitool-1.8.18/lib/ipmi_strings.c -@@ -96,6 +96,7 @@ const struct valstr ipmi_oem_info[] = { - { IPMI_OEM_IBM_4769, "IBM Corporation" }, - { IPMI_OEM_IBM_20301, "IBM eServer X" }, - { IPMI_OEM_ADLINK_24339, "ADLINK Technology Inc." }, -+ { IPMI_OEM_NVIDIA, "NVIDIA Corporation" }, - { 0xffff , NULL }, - }; - diff --git a/debian/patches/0130-Correct_lanplus_segment_violation.patch b/debian/patches/0130-Correct_lanplus_segment_violation.patch deleted file mode 100644 index 17e8fe5..0000000 --- a/debian/patches/0130-Correct_lanplus_segment_violation.patch +++ /dev/null @@ -1,29 +0,0 @@ -Description: Fix lanplus segment violation for truncated response -Origin: upstream, https://github.com/pjdhpe/ipmitool/commit/815aae70cf8dc9f0e1ba1923fc4ec3cc16d0d2f1?diff=unified -Bug: https://github.com/ipmitool/ipmitool/issues/72 -Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945764 -Last-Update: 2019-12-22 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/src/plugins/lanplus/lanplus.c -=================================================================== ---- trunk.orig/src/plugins/lanplus/lanplus.c -+++ trunk/src/plugins/lanplus/lanplus.c -@@ -819,7 +819,7 @@ ipmi_lan_poll_single(struct ipmi_intf * - * rsp->data_len becomes the length of that data - */ - extra_data_length = payload_size - (offset - payload_start) - 1; -- if (extra_data_length) { -+ if (extra_data_length > 0) { - rsp->data_len = extra_data_length; - memmove(rsp->data, rsp->data + offset, extra_data_length); - } else { -@@ -873,7 +873,7 @@ ipmi_lan_poll_single(struct ipmi_intf * - } - read_sol_packet(rsp, &offset); - extra_data_length = payload_size - (offset - payload_start); -- if (rsp && extra_data_length) { -+ if (rsp && extra_data_length > 0) { - rsp->data_len = extra_data_length; - memmove(rsp->data, rsp->data + offset, extra_data_length); - } else { diff --git a/debian/patches/0500-fix_CVE-2011-4339.patch b/debian/patches/0500-fix_CVE-2011-4339.patch deleted file mode 100644 index 62a9d0c..0000000 --- a/debian/patches/0500-fix_CVE-2011-4339.patch +++ /dev/null @@ -1,21 +0,0 @@ -Description: CVE-2011-4339 - insecure file permission when creating PID files - based on 112_fix_CVE-2011-4339 -Author: Jörg Frings-Fürst <debian@jff-webhosting.net> -Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917 -Forwarded: https://sourceforge.net/p/ipmitool/patches/99/ -Last-Update: 2014-12-01 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/lib/helper.c -=================================================================== ---- trunk.orig/lib/helper.c -+++ trunk/lib/helper.c -@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf - #endif - - chdir("/"); -- umask(0); - - for (fd=0; fd<64; fd++) { - if (fd != intf->fd) diff --git a/debian/patches/0600-manpage_longlines.patch b/debian/patches/0600-manpage_longlines.patch deleted file mode 100644 index 8fae0a9..0000000 --- a/debian/patches/0600-manpage_longlines.patch +++ /dev/null @@ -1,56 +0,0 @@ -Description: long lines in man-page - prevent "can't break line" warnings -Author: Jörg Frings-Fürst <debian@jff-webhosting.net> -Forwarded: not-needed -Last-Update: 2014-05-20 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/doc/ipmitool.1 -=================================================================== ---- trunk.orig/doc/ipmitool.1 -+++ trunk/doc/ipmitool.1 -@@ -1035,7 +1035,7 @@ Display point to point physical connecti - AMC slot B2 topology: - Port 0 =====> On Carrier Device ID 0, Port 3 - Port 2 =====> AMC slot B1, Port 2 -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -+ *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-* - From Carrier file: carrierfru - On Carrier Device ID 0 topology: - Port 0 =====> AMC slot B1, Port 4 -@@ -1091,7 +1091,7 @@ and an AMC module or between 2 AMC modul - \-Link Type: AMC.2 Ethernet - \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link - \-Link Group ID: 0 || Link Asym. Match: exact match -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -+ *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-* - AMC slot B1 port 1 ==> On-Carrier Device 0 port 12 - Matching Result - - From On-Carrier Device ID 0 -@@ -1104,7 +1104,7 @@ and an AMC module or between 2 AMC modul - \-Link Type: AMC.2 Ethernet - \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link - \-Link Group ID: 0 || Link Asym. Match: exact match -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -+ *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-* - On-Carrier Device vs AMC slot A2 - AMC slot A2 port 0 ==> On-Carrier Device 0 port 3 - Matching Result -@@ -1118,7 +1118,7 @@ and an AMC module or between 2 AMC modul - \-Link Type: AMC.2 Ethernet - \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link - \-Link Group ID: 0 || Link Asym. Match: exact match -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -+ *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-* - AMC slot B1 vs AMC slot A2 - AMC slot A2 port 2 ==> AMC slot B1 port 2 - Matching Result -@@ -1132,7 +1132,7 @@ and an AMC module or between 2 AMC modul - \-Link Type: AMC.3 Storage - \-Link Type extension: Serial Attached SCSI (SAS/SATA) - \-Link Group ID: 0 || Link Asym. Match: FC or SAS interface {exact match} -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* -+ *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-* - .TP - \fIunmatch\fP <\fBxx=filename\fR> <\fBxx=filename\fR> \fB...\fr - .br diff --git a/debian/patches/0615-manpage_typo.patch b/debian/patches/0615-manpage_typo.patch deleted file mode 100644 index b1196d7..0000000 --- a/debian/patches/0615-manpage_typo.patch +++ /dev/null @@ -1,49 +0,0 @@ -Description: typo in man-pages -Author: Jörg Frings-Fürst <debian@jff.email> -Last-Update: 2019-07-18 ---- -This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ -Index: trunk/doc/ipmitool.1 -=================================================================== ---- trunk.orig/doc/ipmitool.1 -+++ trunk/doc/ipmitool.1 -@@ -2478,7 +2478,7 @@ Discover Node Manager presence as well a - .br - - Add a new power policy, or overwrite an existing policy. --The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto. -+The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto. - The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535. - The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535. - If domain is not supplied a default of platform is used. -@@ -2489,7 +2489,7 @@ If domain is not supplied a default of p - .br - - Add a new inlet temp policy, or overwrite an existing policy. --The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto. -+The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto. - The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535. - The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535. - If domain is not supplied a default of platform is used. -@@ -3657,7 +3657,7 @@ and encryption algorithms to use for for - on the cipher suite ID found in the IPMIv2.0 specification in table - 22\-19. The default cipher suite is \fI3\fP which specifies - RAKP\-HMAC\-SHA1 authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 --encryption algorightms. -+encryption algorithms. - - .SH "FREE INTERFACE" - .LP -Index: trunk/doc/ipmievd.8 -=================================================================== ---- trunk.orig/doc/ipmievd.8 -+++ trunk/doc/ipmievd.8 -@@ -56,7 +56,7 @@ This is not available with all commands. - The remote server authentication, integrity, and encryption algorithms - to use for IPMIv2 \fIlanplus\fP connections. See table 22\-19 in the - IPMIv2 specification. The default is 3 which specifies RAKP\-HMAC\-SHA1 --authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorightms. -+authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorithms. - .TP - \fB\-E\fR - The remote server password is specified by the environment diff --git a/debian/patches/0620-manpage_typo.patch b/debian/patches/0620-manpage_typo.patch new file mode 100644 index 0000000..63ed5d4 --- /dev/null +++ b/debian/patches/0620-manpage_typo.patch @@ -0,0 +1,370 @@ +Description: Fix man page typos +Author: Jörg Frings-Fürst <debian@jff.email> +Forwarded: not-needed +Last-Update: 2022-10-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/doc/ipmitool.1.in +=================================================================== +--- trunk.orig/doc/ipmitool.1.in ++++ trunk/doc/ipmitool.1.in +@@ -3,7 +3,7 @@ + ipmitool \- utility for controlling IPMI\-enabled devices + .SH "SYNOPSIS" + +-.BR ipmitool ++.br ipmitool + [ <options> ] <command> [ <sub-commands and sub-options> ] + + <options> := [ <general-options> | <conditional-opts> ] +@@ -68,7 +68,7 @@ On Solaris this driver is called \fIBMC\ + Management of a remote station requires the IPMI\-over\-LAN interface to be + enabled and configured. Depending on the particular requirements of each + system it may be possible to enable the LAN interface using +-.BR ipmitool ++.br ipmitool + over the system interface. + .SH "OPTIONS" + .TP +@@ -102,7 +102,7 @@ IPMI v2.0 specification. The default is + authentication, HMAC\-SHA256\-128 integrity, and AES\-CBC\-128 encryption algorithms. + + NOTE: In +-.BR ipmitool ++.br ipmitool + 1.8.18 and earlier the default was 3, which was insecure and was not supported + by some more recent BMC implementations. + .TP +@@ -242,7 +242,7 @@ Change Size of Communication Channel. (O + + .LP + If no password method is specified then +-.BR ipmitool ++.br ipmitool + will prompt the user for a password. If no password is entered at the prompt, + the remote server password will default to NULL. + .SH "SECURITY" +@@ -267,17 +267,17 @@ local station. + For IPMI v1.5, the maximum password length is 16 characters; longer + passwords might be truncated or rejected by the server, or rejected + by +-.BR ipmitool . ++.br ipmitool . + + For IPMI v2.0, the maximum password length is 20 characters; longer + passwords will be rejected by +-.BR ipmitool . ++.br ipmitool . + + .SH "COMMANDS" + .TP + \fIhelp\fP + This can be used to get command\-line help on +-.BR ipmitool ++.br ipmitool + commands. It may also be placed at the end of commands to get option usage help. + + > ipmitool help +@@ -1223,7 +1223,7 @@ Get a list of all the possible Sensor St + Shortcuts available for a particular sensor. \fBsensorid\fR is the character + string representation of the sensor and must be enclosed in double quotes + if it includes white space. Several different commands including +-.BR ipmitool ++.br ipmitool + \fIsensor list\fP may be used to obtain a list that includes + the \fBsensorid\fR strings representing the sensors on a given system. + .RS +@@ -1287,7 +1287,7 @@ Finding sensor PS 2T Fan Fault... ok + + .RS + Execute +-.BR ipmitool ++.br ipmitool + commands from \fIfilename\fR. Each line is a + complete command. The syntax of the commands are defined by the + COMMANDS section in this manpage. Each line may have an optional +@@ -1698,7 +1698,7 @@ user, operator, admin, oem. + .br + + Causes +-.BR ipmitool ++.br ipmitool + to enter Intel IPMI v1.5 Serial Over LAN mode. An RMCP+ + connection is made to the BMC, the terminal is set to raw mode, and user + input is sent to the serial console on the remote server. On exit, +@@ -1752,7 +1752,7 @@ Select the next boot order on the Kontro + + These commands will allow you to configure IPMI LAN channels + with network information so they can be used with the +-..BR ipmitool ++.br ipmitool + \fIlan\fP and \fIlanplus\fP interfaces. \fINOTE\fR: To + determine on which channel the LAN interface is located, issue + the `channel info \fInumber\fR' command until you come across +@@ -2035,7 +2035,7 @@ Display the Management Controller Global + .br + + This is the default behavior for +-.BR ipmitool (1). ++.br ipmitool (1). + + Try to automatically detect the encoding based on the value of the + version field and (for version 1) the timestamp. The version is +@@ -2049,11 +2049,11 @@ neither one has that, then the precedenc + \fIsmbios\fP, \fIipmi\fP, \fIrfc4122\fP. + + If neither encoding yields a valid version field, then +-.BR ipmitool (1) ++.br ipmitool (1) + defaults to \fIdump\fP mode. + + If this option is in use, then +-.BR ipmitool (1) ++.br ipmitool (1) + will also print out the detected encoding and warn + regarding IPMI specification violation if the encoding isn't \fIipmi\fP. + +@@ -2551,7 +2551,7 @@ Discover Node Manager presence as well a + .br + + Add a new power policy, or overwrite an existing policy. +-The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto. ++The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto. + The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535. + The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535. + If domain is not supplied a default of platform is used. +@@ -2562,7 +2562,7 @@ If domain is not supplied a default of p + .br + + Add a new inlet temp policy, or overwrite an existing policy. +-The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto. ++The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto. + The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535. + The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535. + If domain is not supplied a default of platform is used. +@@ -2960,7 +2960,7 @@ A list of all entity ids can be found in + Dumps raw SDR data to a file. This data file can then be used as + a local SDR cache of the remote managed system with the \fI\-S <file>\fP + option on the +-.BR ipmitool ++.br ipmitool + command line. This can greatly improve performance + over system interface or remote LAN. + .TP +@@ -3045,7 +3045,7 @@ Print information on the specified SEL R + + Save SEL records to a text file that can be fed back into the + \fIevent file\fP +-.BR ipmitool ++.br ipmitool + command. This can be useful for + testing Event generation by building an appropriate Platform + Event Message file based on existing events. Please see the +@@ -3056,14 +3056,14 @@ the format of this file. + + Save SEL records to a file in raw, binary format. This file can + be fed back to the \fIsel readraw\fP +-.BR ipmitool ++.br ipmitool + command for viewing. + .TP + \fIreadraw\fP <\fBfile\fR> + + Read and display SEL records from a binary file. Such a file can + be created using the \fIsel writeraw\fP +-.BR ipmitool ++.br ipmitool + command. + .TP + \fItime\fP +@@ -3194,10 +3194,10 @@ Verbosity level. + .RS + This command will launch an interactive shell which you can use + to send multiple +-.BR ipmitool ++.br ipmitool + commands to a BMC and see the responses. This can be useful instead of + running the full +-.BR ipmitool ++.br ipmitool + command each time. Some commands will make use of a Sensor Data Record cache + and you will see marked improvement in speed if these commands + are able to reuse the same cache in a shell session. LAN sessions +@@ -3275,7 +3275,7 @@ by the IPMI over serial channel. + .br + + Causes +-.BR ipmitool ++.br ipmitool + to enter Serial Over LAN + mode, and is only available when using the lanplus + interface. An RMCP+ connection is made to the BMC, +@@ -3568,7 +3568,7 @@ Determine whether a password has been st + + .SH "OPEN INTERFACE" + The +-.BR ipmitool ++.br ipmitool + \fIopen\fP interface utilizes the OpenIPMI + kernel device driver. This driver is present in all modern + 2.4 and all 2.6 kernels and it should be present in recent +@@ -3579,7 +3579,7 @@ the OpenIPMI homepage. + The required kernel modules is different for 2.4 and 2.6 + kernels. The following kernel modules must be loaded on + a 2.4\-based kernel in order for +-.BR ipmitool ++.br ipmitool + to work: + .TP + .B ipmi_msghandler +@@ -3593,7 +3593,7 @@ Linux character device interface for the + .LP + The following kernel modules must be loaded on + a 2.6\-based kernel in order for +-.BR ipmitool ++.br ipmitool + to work: + .TP + .B ipmi_msghandler +@@ -3622,12 +3622,12 @@ entry with: + + .I mknod /dev/ipmi0 c 254 0 + +-.BR ipmitool ++.br ipmitool + includes some sample initialization scripts that + can perform this task automatically at start\-up. + + In order to have +-.BR ipmitool ++.br ipmitool + use the OpenIPMI device interface + you can specify it on the command line: + .PP +@@ -3652,16 +3652,16 @@ The following files are associated with + Character device node used to communicate with the bmc driver. + .SH "LIPMI INTERFACE" + The +-.BR ipmitool ++.br ipmitool + \fIlipmi\fP interface uses the Solaris 9 IPMI kernel device driver. + It has been superceeded by the \fIbmc\fP interface on Solaris 10. You can tell +-.BR ipmitool ++.br ipmitool + to use this interface by specifying it on the command line. + + > ipmitool \fB\-I\fR \fIlipmi\fP <\fIexpression\fP> + .SH "LAN INTERFACE" + The +-.BR ipmitool ++.br ipmitool + \fIlan\fP interface communicates with the BMC + over an Ethernet LAN connection using UDP under IPv4. UDP + datagrams are formatted to contain IPMI request/response +@@ -3676,12 +3676,12 @@ The LAN interface is an authentication m + messages delivered to the BMC can (and should) be authenticated + with a challenge/response protocol with either straight + password/key or MD5 message\-digest algorithm. +-.BR ipmitool ++.br ipmitool + will attempt to connect with administrator privilege level as this + is required to perform chassis power functions. + + You can tell +-.BR ipmitool ++.br ipmitool + to use the lan interface with the + \fB\-I\fR \fIlan\fP option: + +@@ -3692,7 +3692,7 @@ to use the lan interface with the + A hostname must be given on the command line in order to use the + lan interface with \fBipmitool\fR. The password field is optional; + if you do not provide a password on the command line, +-.BR ipmitool ++.br ipmitool + will attempt to connect without authentication. If you specify a + password it will use MD5 authentication if supported by the BMC + and straight password/key otherwise, unless overridden with a +@@ -3706,14 +3706,14 @@ specification. RMCP+ allows for improve + integrity checks, as well as encryption and the ability to carry + multiple types of payloads. Generic Serial Over LAN support + requires RMCP+, so the +-.BR ipmitool ++.br ipmitool + \fIsol activate\fP command + requires the use of the \fIlanplus\fP interface. + + RMCP+ session establishment uses a symmetric challenge\-response + protocol called RAKP (\fBRemote Authenticated Key\-Exchange Protocol\fR) + which allows the negotiation of many options. +-.BR ipmitool ++.br ipmitool + does not + yet allow the user to specify the value of every option, defaulting + to the most obvious settings marked as required in the v2.0 +@@ -3721,14 +3721,14 @@ specification. Authentication and integ + SHA1, and encryption is performed with AES\-CBC\-128. Role\-level logins + are not yet supported. + +-.BR ipmitool ++.br ipmitool + must be linked with the \fIOpenSSL\fP library in order to + perform the encryption functions and support the \fIlanplus\fP + interface. If the required packages are not found it will not be + compiled in and supported. + + You can tell +-.BR ipmitool ++.br ipmitool + to use the lanplus interface with the + \fB\-I\fR \fIlanplus\fP option: + +@@ -3749,17 +3749,17 @@ and encryption algorithms to use for for + on the cipher suite ID found in the IPMIv2.0 specification in table + 22\-20. The default cipher suite is \fI17\fP which specifies + RAKP\-HMAC\-SHA256 authentication, HMAC\-SHA256\-128 integrity, and +-AES\-CBC\-128 encryption algorightms. ++AES\-CBC\-128 encryption algorithms. + + .SH "FREE INTERFACE" + .LP + The +-.BR ipmitool ++.br ipmitool + \fIfree\fP interface utilizes the FreeIPMI libfreeipmi + drivers. + .LP + You can tell +-.BR ipmitool ++.br ipmitool + to use the FreeIPMI interface with the \-I option: + .PP + > ipmitool \fB\-I\fR \fIfree\fP <\fIcommand\fP> +@@ -3768,12 +3768,12 @@ to use the FreeIPMI interface with the \ + .SH "IMB INTERFACE" + .LP + The +-.BR ipmitool ++.br ipmitool + \fIimb\fP interface supports the Intel IMB (Intel + Inter-module Bus) Interface through the /dev/imb device. + .LP + You can tell +-.BR ipmitool ++.br ipmitool + to use the IMB interface with the \-I option: + .PP + > ipmitool \fB\-I\fR \fIimb\fP <\fIcommand\fP> +Index: trunk/doc/ipmievd.8.in +=================================================================== +--- trunk.orig/doc/ipmievd.8.in ++++ trunk/doc/ipmievd.8.in +@@ -56,7 +56,7 @@ This is not available with all commands. + The remote server authentication, integrity, and encryption algorithms + to use for IPMIv2 \fIlanplus\fP connections. See table 22\-19 in the + IPMIv2 specification. The default is 3 which specifies RAKP\-HMAC\-SHA1 +-authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorightms. ++authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorithms. + .TP + \fB\-E\fR + The remote server password is specified by the environment diff --git a/debian/patches/0625-manpage_wrong_time_set.patch b/debian/patches/0625-manpage_wrong_time_set.patch new file mode 100644 index 0000000..41d6b48 --- /dev/null +++ b/debian/patches/0625-manpage_wrong_time_set.patch @@ -0,0 +1,24 @@ +Description: Fix description of "sel time set" +Author: Jörg Frings-Fürst <debian@jff.email> +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058711 +Forwarded: https://codeberg.org/IPMITool/ipmitool/issues/18 +Last-Update: 2023-12-17 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/doc/ipmitool.1.in +=================================================================== +--- trunk.orig/doc/ipmitool.1.in ++++ trunk/doc/ipmitool.1.in +@@ -3077,9 +3077,9 @@ Displays the SEL clock's current time. + .br + + Sets the SEL clock. Future SEL entries will use the time +-set by this command. <\fBtime string\fR> is of the +-form "MM/DD/YYYY HH:MM:SS". Note that hours are in 24\-hour +-form. It is recommended that the SEL be cleared before ++set by this command. <\fBtime string\fR> is using the ++locale's date / time format. It is ++recommended that the SEL be cleared before + setting the time. + .RE + .RE diff --git a/debian/patches/0700-build.patch b/debian/patches/0700-build.patch new file mode 100644 index 0000000..5334bf6 --- /dev/null +++ b/debian/patches/0700-build.patch @@ -0,0 +1,105 @@ +Description: Remove downloads at build time +Author: Jörg Frings-Fürst <debian@jff.email> +Forwarded: not-needed +Last-Update: 2022-10-29 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/configure.ac +=================================================================== +--- trunk.orig/configure.ac ++++ trunk/configure.ac +@@ -56,22 +56,22 @@ if test "x$exec_prefix" = "xNONE"; then + exec_prefix="$prefix" + fi + +-if test "x$WGET" = "x"; then +- if test "x$CURL" = "x"; then +- AC_MSG_WARN([** Neither wget nor curl could be found.]) +- AC_MSG_WARN([** IANA PEN database will not be installed by `make install` !]) +- else +- DOWNLOAD="$CURL --location --progress-bar" +- AM_CONDITIONAL([DOWNLOAD], [true]) +- fi +-else +- DOWNLOAD="$WGET -c -nd -O -" +- AM_CONDITIONAL([DOWNLOAD], [true]) +-fi ++#if test "x$WGET" = "x"; then ++# if test "x$CURL" = "x"; then ++# AC_MSG_WARN([** Neither wget nor curl could be found.]) ++# AC_MSG_WARN([** IANA PEN database will not be installed by `make install` !]) ++# else ++# DOWNLOAD="$CURL --location --progress-bar" ++# AM_CONDITIONAL([DOWNLOAD], [true]) ++# fi ++#else ++# DOWNLOAD="$WGET -c -nd -O -" ++# AM_CONDITIONAL([DOWNLOAD], [true]) ++#fi + +-AC_MSG_WARN([** Download is:]) +-AC_MSG_WARN($DOWNLOAD) +-AC_SUBST(DOWNLOAD, $DOWNLOAD) ++#AC_MSG_WARN([** Download is:]) ++#AC_MSG_WARN($DOWNLOAD) ++#AC_SUBST(DOWNLOAD, $DOWNLOAD) + + dnl + dnl set default option values +Index: trunk/Makefile.am +=================================================================== +--- trunk.orig/Makefile.am ++++ trunk/Makefile.am +@@ -49,25 +49,25 @@ dist-hook: + .PHONY: install-pen-database uninstall-pen-database + .INTERMEDIATE: %.o %.la enterprise-numbers + +-if DOWNLOAD ++#if DOWNLOAD + +-enterprise-numbers: +- @echo Downloading IANA PEN database... +- @$(DOWNLOAD) "$(IANA_PEN)" > tmpfile.$$PPID || {\ +- echo "FAILED to download the IANA PEN database"; \ +- rm tmpfile.$$PPID; \ +- false; \ +- } +- @mv tmpfile.$$PPID $@ +- +-install-pen-database: enterprise-numbers +- mkdir -m 755 -p $(DESTDIR)$(IANADIR) +- $(INSTALL_DATA) $< $(DESTDIR)$(IANADIR)/ +- +-uninstall-pen-database: +- -rm -rf $(DESTDIR)$(IANADIR)/enterprise-numbers +- +-else ++#enterprise-numbers: ++# @echo Downloading IANA PEN database... ++# @$(DOWNLOAD) "$(IANA_PEN)" > tmpfile.$$PPID || {\ ++# echo "FAILED to download the IANA PEN database"; \ ++# rm tmpfile.$$PPID; \ ++# false; \ ++# } ++# @mv tmpfile.$$PPID $@ ++# ++#install-pen-database: enterprise-numbers ++# mkdir -m 755 -p $(DESTDIR)$(IANADIR) ++# $(INSTALL_DATA) $< $(DESTDIR)$(IANADIR)/ ++# ++#uninstall-pen-database: ++# -rm -rf $(DESTDIR)$(IANADIR)/enterprise-numbers ++# ++#else + + install-pen-database: + @echo "*** NOT installing the IANA PEN database." +@@ -77,7 +77,7 @@ uninstall-pen-database: + @echo "*** NOT uninstalling the IANA PEN database." + @echo "*** It was installed manually (if ever)." + +-endif ++#endif + + install-data-local: install-pen-database + mkdir -p $(DESTDIR)$(DOCDIR) diff --git a/debian/patches/series b/debian/patches/series index 3c1cb0a..9d62f03 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,11 +1,8 @@ -0120-openssl1.1.patch +0105-sensor_reading.patch +0620-manpage_typo.patch +0700-build.patch 0100-fix_buf_overflow.patch -0500-fix_CVE-2011-4339.patch -0600-manpage_longlines.patch -0110-getpass-prototype.patch -0115-typo.patch -0125-nvidia-iana.patch -0615-manpage_typo.patch -0130-Correct_lanplus_segment_violation.patch -0005-gcc10.patch 0010-utf8.patch +0110-unpdate_IANA_URL.patch +0115-hurd_PATH_MAX.patch +0625-manpage_wrong_time_set.patch |