[ipmitool] Revert cipher defaults. Integrity from None to HMAC-SHA1-96 and confidentiality from None to AES-CBC
aledvink
aledvink at fedoraproject.org
Fri Nov 16 13:18:26 UTC 2012
commit b5bba9c49340767853d615cf53e3837295927ad2
Author: Ales Ledvinka <aledvink at redhat.com>
Date: Fri Nov 16 14:15:15 2012 +0100
Revert cipher defaults. Integrity from None to HMAC-SHA1-96
and confidentiality from None to AES-CBC-128
ipmitool-1.8.12-ciper-suite-default.patch | 12 ++++++++++++
ipmitool.spec | 7 ++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/ipmitool-1.8.12-ciper-suite-default.patch b/ipmitool-1.8.12-ciper-suite-default.patch
new file mode 100644
index 0000000..3da526e
--- /dev/null
+++ b/ipmitool-1.8.12-ciper-suite-default.patch
@@ -0,0 +1,12 @@
+diff -up ./lib/ipmi_main.c.cip ./lib/ipmi_main.c
+--- ./lib/ipmi_main.c.cip 2012-11-16 14:03:17.729119605 +0100
++++ ./lib/ipmi_main.c 2012-11-16 14:03:25.448123005 +0100
+@@ -382,7 +382,7 @@ ipmi_main(int argc, char ** argv,
+ char * seloem = NULL;
+ int port = 0;
+ int devnum = 0;
+- int cipher_suite_id = 1; /* See table 22-19 of the IPMIv2 spec */
++ int cipher_suite_id = 3; /* See table 22-19 of the IPMIv2 spec */
+ int argflag, i, found;
+ int rc = -1;
+ char sol_escape_char = SOL_ESCAPE_CHARACTER_DEFAULT;
diff --git a/ipmitool.spec b/ipmitool.spec
index 1f44d0a..9dc3ffc 100644
--- a/ipmitool.spec
+++ b/ipmitool.spec
@@ -1,7 +1,7 @@
Name: ipmitool
Summary: Utility for IPMI control
Version: 1.8.12
-Release: 5%{?dist}
+Release: 6%{?dist}
License: BSD
Group: System Environment/Base
URL: http://ipmitool.sourceforge.net/
@@ -26,6 +26,7 @@ Patch5: ipmitool-1.8.12-bigendian.patch
Patch6: ipmitool-cvs-mc-sysinfo-dell.patch
# https://sourceforge.net/tracker/?func=detail&aid=3578022&group_id=95200&atid=610550
Patch7: ipmitool-1.8.12-bigendian2.patch
+Patch8: ipmitool-1.8.12-ciper-suite-default.patch
%description
This package contains a utility for interfacing with devices that support
@@ -52,6 +53,7 @@ setting LAN configuration, and chassis power control.
%patch5 -p1 -b .bigendian
%patch6 -p1 -b .mcsysinfodell
%patch7 -p1 -b .bigendian2
+%patch8 -p1 -b .cip
for f in AUTHORS ChangeLog; do
iconv -f iso-8859-1 -t utf8 < ${f} > ${f}.utf8
@@ -102,6 +104,9 @@ install -Dpm 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/ipmievd
%changelog
+* Fri Nov 16 2012 Ales Ledvinka <aledvink at redhat.com> 1.8.12-6
+- revert default cipersuite back to 3 which includes integrity and confidentiality
+
* Thu Oct 18 2012 Dan HorĂ¡k <dan[at]danny.cz> - 1.8.12-5
- fix build on big endian arches
More information about the scm-commits
mailing list