7 changed files with 3 additions and 247 deletions
--- a/OpenIPMI-2.0.31.tar.gz
+++ b/OpenIPMI-2.0.31.tar.gz
--- a/OpenIPMI-2.0.32.tar.gz
+++ b/OpenIPMI-2.0.32.tar.gz
--- a/OpenIPMI.spec
+++ b/OpenIPMI.spec
@ -1,6 +1,6 @@
 Name:       OpenIPMI
-Version:    2.0.32
-Release:    4
+Version:    2.0.31
+Release:    1
 Summary:    IPMI (Intelligent Platform Management Interface) library and tools
 License:    LGPLv2+ and GPLv2+ or BSD
 URL:        https://sourceforge.net/projects/openipmi/
@ -10,10 +10,6 @@ Source2:    ipmi.service
 Source3:    openipmi-helper

 Patch0:     0001-man.patch
-Patch1:     backport-fix-coredump-when-use-ipmi_ui.patch
-Patch2:     backport-0001-CVE-2024-42934.patch
-Patch3:     backport-0002-CVE-2024-42934.patch
-Patch4:     backport-0003-CVE-2024-42934.patch

 BuildRequires:    gdbm-devel swig glib2-devel net-snmp-devel ncurses-devel
 BuildRequires:    openssl-devel python3-devel perl-devel perl-generators
@ -72,7 +68,6 @@ of the OpenIPMI project.
    CFLAGS="-fPIC %{optflags} -z now -fno-strict-aliasing" \
    LDFLAGS="%{__global_ldflags} -Wl,--as-needed" \
    --disable-dependency-tracking \
-    --disable-static \
    --with-pythoninstall=%{python3_sitearch} \
    --with-python=%{__python3} \
    --with-tcl=no \
@ -95,12 +90,6 @@ echo ".so man1/openipmish.1" > %{buildroot}%{_mandir}/man1/ipmish.1

 %delete_la

-%check
-#Ensure that the library file in the corresponding directory can be obtained during testcase execution
-sed -i 's#-lgdbm#-lgdbm -Wl,--rpath=\\$progdir:\\$progdir/../../utils/.libs#g' unix/test_handlers
-sed -i 's#-lpthread#-lpthread -Wl,--rpath=\\$progdir:\\$progdir/../../utils/.libs:\\$progdir/../../unix/.libs#g' lanserv/ipmi_sim
-make check
-
 %post
 %systemd_post ipmi.service

@ -142,6 +131,7 @@ make check
 %defattr(-,root,root)
 %{_includedir}/OpenIPMI
 %{_libdir}/*.so
+%{_libdir}/*.a
 %{_libdir}/pkgconfig/*.pc

 %files help
@ -151,36 +141,6 @@ make check
 %exclude %{_mandir}/man1/openipmigui.1

 %changelog
-* Fri Oct 11 2024 yanglu <yanglu72@h-partners.com> - 2.0.32-4
- Type:CVE
- CVE:CVE-2024-42934
- SUG:NA
- DESC:fix CVE-2024-42934
-
-* Tue Nov 21 2023 yanglu <yanglu72@h-partners.com> - 2.0.32-3
- Type:enhancement
- CVE:NA
- SUG:NA
- DESC:enable test
-
-* Sat Apr 01 2023 yanglu <yanglu72@h-partners.com> - 2.0.32-2
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix coredump when use ipmi_ui
-
-* Mon Oct 31 2022 yanglu <yanglu72@h-partners.com> - 2.0.32-1
- Type:Requirement
- CVE:NA
- SUG:NA
- DESC:update OpenIPMI version to 2.0.32
-
-* Fri Jun 17 2022 gaihuiying <eaglegai@163.com> - 2.0.31-2
- Type:bugfix
- CVE:
- SUG:NA
- DESC:Add the judgment on the validity of length in emu_cmd.c and session in lanserv_ipmi.c
-
 * Fri Jan 29 2021 xihaochen <xihaochen@huawei.com> - 2.0.31-1
 - Type:requirements                                                                                                                                            
 - Id:NA
--- a/backport-0001-CVE-2024-42934.patch
+++ b/backport-0001-CVE-2024-42934.patch
@ -1,46 +0,0 @@
-From b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1 Mon Sep 17 00:00:00 2001
-From: Corey Minyard <minyard@acm.org>
-Date: Mon, 29 Apr 2024 12:46:23 -0500
-Subject: [PATCH] lanserv: Check some bounds on incoming messages
- 
-Signed-off-by: Corey Minyard <minyard@acm.org>
- 
-Reference:https://sourceforge.net/p/openipmi/code/ci/b52e8e2538b2b48ef6b63bff12b5cc9e2d52eff1/
-Conflict:NA
- 
---
- lanserv/lanserv_ipmi.c | 11 +++++++++++
- 1 file changed, 11 insertions(+)
-
-diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
-index ccd6001..0ee6451 100644
--- a/lanserv/lanserv_ipmi.c
-+++ b/lanserv/lanserv_ipmi.c
-@@ -882,6 +882,12 @@ handle_temp_session(lanserv_data_t *lan, msg_t *msg)
-     }
- 
-     auth = msg->data[0] & 0xf;
-+    if (auth >= MAX_IPMI_AUTHS) {
-+       lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
-+                "Activate session failed: Invalid auth: 0x%x", auth);
-+       return;
-+    }
-+
-     user = &(lan->users[user_idx]);
-     if (! (user->valid)) {
- 	lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
-@@ -3034,6 +3040,11 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
-     }
- 
-     msg.authtype = data[4];
-+    if (msg.authtype >= MAX_IPMI_AUTHS) {
-+       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
-+                "LAN msg failure: Invalid authtype");
-+       return;
-+    }
-     msg.data = data+5;
-     msg.len = len - 5;
-     msg.channel = lan->channel.channel_num;
-- 
-2.43.0
-
--- a/backport-0002-CVE-2024-42934.patch
+++ b/backport-0002-CVE-2024-42934.patch
@ -1,71 +0,0 @@
-From 663e3cd3b6d1d9fc82267c7d7474320cb67e03a4 Mon Sep 17 00:00:00 2001
-From: Corey Minyard <minyard@acm.org>
-Date: Sun, 2 Jun 2024 14:11:16 -0500
-Subject: [PATCH] lanserv: Fix an issue logging an error on a message
- 
-A message structure was passed to the log, but it was not sufficiently
-initialized and the logging program crashed.  Rework the initialization
-to make the message data ready and legal for the logging calls.
- 
-Found-by: Fabio Massimo Di Nitto
-Signed-off-by: Corey Minyard <minyard@acm.org>
- 
-Reference:https://sourceforge.net/p/openipmi/code/ci/663e3cd3b6d1d9fc82267c7d7474320cb67e03a4/
-Conflict:NA
-
---
- lanserv/lanserv_ipmi.c | 20 ++++++++++++++++----
- 1 file changed, 16 insertions(+), 4 deletions(-)
-
-diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
-index 0ee6451..1ef5710 100644
--- a/lanserv/lanserv_ipmi.c
-+++ b/lanserv/lanserv_ipmi.c
-@@ -3022,17 +3022,33 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
- {
-     msg_t   msg;
- 
-+    memset(&msg, 0, sizeof(msg));
-+
-     msg.src_addr = from_addr;
-     msg.src_len = from_len;
- 
-     msg.oem_data = 0;
- 
-+    msg.channel = lan->channel.channel_num;
-+    msg.orig_channel = &lan->channel;
-+
-+    /*
-+     * Initialize the data so the log won't crash if it gets called, and
-+     * so the log might have useful info.
-+     */
-+    msg.data = data;
-+    msg.len = len;
-+
-     if (len < 5) {
- 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
- 		 "LAN msg failure: message too short");
- 	return;
-     }
- 
-+    /* Length is at least marginally correct, skip the first part now. */
-+    msg.data = data + 5;
-+    msg.len = len - 5;
-+
-     if (data[2] != 0xff) {
- 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
- 		 "LAN msg failure: seq not ff");
-@@ -3045,10 +3061,6 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
-                 "LAN msg failure: Invalid authtype");
-        return;
-     }
-    msg.data = data+5;
-    msg.len = len - 5;
-    msg.channel = lan->channel.channel_num;
-    msg.orig_channel = &lan->channel;
- 
-     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
- 	ipmi_handle_rmcpp_msg(lan, &msg);
-- 
-2.43.0
-
--- a/backport-0003-CVE-2024-42934.patch
+++ b/backport-0003-CVE-2024-42934.patch
@ -1,50 +0,0 @@
-From 4c129d0540f3578ecc078d8612bbf84b6cd24c87 Mon Sep 17 00:00:00 2001
-From: Corey Minyard <corey@minyard.net>
-Date: Thu, 1 Aug 2024 10:56:06 -0500
-Subject: [PATCH] lanserv: Fix an issue with authorization range checking
- 
-A recent change added a range check on authorization type, but it didn't
-take into account the RMCP authorization type that's special.  Add a
-check for that.
- 
-Fixes: b52e8e2538b2b48ef6b6 "lanserv: Check some bounds on incoming messages"
- 
-Signed-off-by: Corey Minyard <corey@minyard.net>
- 
-Reference:https://sourceforge.net/p/openipmi/code/ci/4c129d0540f3578ecc078d8612bbf84b6cd24c87/
-Conflict:NA
-
---
- lanserv/lanserv_ipmi.c | 11 ++++-------
- 1 file changed, 4 insertions(+), 7 deletions(-)
-
-diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
-index 1ef5710..5de396e 100644
--- a/lanserv/lanserv_ipmi.c
-+++ b/lanserv/lanserv_ipmi.c
-@@ -3056,18 +3056,15 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
-     }
- 
-     msg.authtype = data[4];
-    if (msg.authtype >= MAX_IPMI_AUTHS) {
-       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
-                "LAN msg failure: Invalid authtype");
-       return;
-    }
-
-     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
- 	ipmi_handle_rmcpp_msg(lan, &msg);
-+    } else if (msg.authtype >= MAX_IPMI_AUTHS) {
-+       lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
-+                         "LAN msg failure: Invalid authtype: %d", data[4]);
-+       return;
-     } else {
- 	ipmi_handle_rmcp_msg(lan, &msg);
-     }
-
- }
- 
- static void
-- 
-2.43.0
-
--- a/backport-fix-coredump-when-use-ipmi_ui.patch
+++ b/backport-fix-coredump-when-use-ipmi_ui.patch
@ -1,37 +0,0 @@
-From 732ee129ca0851081bf4c515c410dc64d7f8a6f9 Mon Sep 17 00:00:00 2001
-From: eaglegai <eaglegai@163.com>
-Date: Mon, 20 Mar 2023 09:37:50 +0800
-Subject: [PATCH] fix coredump when use ipmi_ui
-
-Signed-off-by: eaglegai <eaglegai@163.com>
-Signed-off-by: Corey Minyard <cminyard@mvista.com>
-
-Conflict: NA
-Reference: https://sourceforge.net/p/openipmi/code/ci/732ee129ca0851081bf4c515c410dc64d7f8a6f9
---
- ui/ui.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/ui/ui.c b/ui/ui.c
-index 529ff223..9c6a51f0 100644
--- a/ui/ui.c
-+++ b/ui/ui.c
-@@ -586,7 +586,6 @@ leave(int rv, char *format, ...)
- {
-     va_list ap;
- 
-    ipmi_shutdown();
- 
-     ipmi_ui_os_hnd->stop_timer(ipmi_ui_os_hnd, redisplay_timer);
-     ipmi_ui_os_hnd->free_timer(ipmi_ui_os_hnd, redisplay_timer);
-@@ -628,6 +627,7 @@ leave(int rv, char *format, ...)
-     va_start(ap, format);
-     vfprintf(stderr, format, ap);
-     va_end(ap);
-+    ipmi_shutdown();
- 
-     ipmi_debug_malloc_cleanup();
-     exit(rv);
-- 
-2.27.0
-