5 changed files with 116 additions and 102 deletions
--- a/.OpenIPMI.metadata
+++ b/.OpenIPMI.metadata
@ -1 +1 @@
-73d7dce4312b006983b11367e4a43d4ec52cf888 SOURCES/OpenIPMI-2.0.32.tar.gz
+a7b8b581a32b649cbf5bc79926f97d59919c5b79 SOURCES/OpenIPMI-2.0.36.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/OpenIPMI-2.0.32.tar.gz
+SOURCES/OpenIPMI-2.0.36.tar.gz
--- a/SOURCES/OpenIPMI-CVE-2024-42934.patch
+++ b/SOURCES/OpenIPMI-CVE-2024-42934.patch
@ -1,73 +0,0 @@
-diff --git a/lanserv/lanserv_ipmi.c b/lanserv/lanserv_ipmi.c
-index ccd60015..e707454e 100644
--- a/lanserv/lanserv_ipmi.c
-+++ b/lanserv/lanserv_ipmi.c
-@@ -882,6 +882,12 @@ handle_temp_session(lanserv_data_t *lan, msg_t *msg)
-     }
- 
-     auth = msg->data[0] & 0xf;
-+    if (auth >= MAX_IPMI_AUTHS) {
-+	lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
-+		 "Activate session failed: Invalid auth: 0x%x", auth);
-+	return;
-+    }
-+
-     user = &(lan->users[user_idx]);
-     if (! (user->valid)) {
- 	lan->sysinfo->log(lan->sysinfo, NEW_SESSION_FAILED, msg,
-@@ -3016,17 +3022,33 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
- {
-     msg_t   msg;
- 
-+    memset(&msg, 0, sizeof(msg));
-+
-     msg.src_addr = from_addr;
-     msg.src_len = from_len;
- 
-     msg.oem_data = 0;
- 
-+    msg.channel = lan->channel.channel_num;
-+    msg.orig_channel = &lan->channel;
-+
-+    /*
-+     * Initialize the data so the log won't crash if it gets called, and
-+     * so the log might have useful info.
-+     */
-+    msg.data = data;
-+    msg.len = len;
-+
-     if (len < 5) {
- 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
- 		 "LAN msg failure: message too short");
- 	return;
-     }
- 
-+    /* Length is at least marginally correct, skip the first part now. */
-+    msg.data = data + 5;
-+    msg.len = len - 5;
-+
-     if (data[2] != 0xff) {
- 	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
- 		 "LAN msg failure: seq not ff");
-@@ -3034,17 +3056,15 @@ ipmi_handle_lan_msg(lanserv_data_t *lan,
-     }
- 
-     msg.authtype = data[4];
-    msg.data = data+5;
-    msg.len = len - 5;
-    msg.channel = lan->channel.channel_num;
-    msg.orig_channel = &lan->channel;
-
-     if (msg.authtype == IPMI_AUTHTYPE_RMCP_PLUS) {
- 	ipmi_handle_rmcpp_msg(lan, &msg);
-+    } else if (msg.authtype >= MAX_IPMI_AUTHS) {
-+	lan->sysinfo->log(lan->sysinfo, LAN_ERR, &msg,
-+			  "LAN msg failure: Invalid authtype: %d", data[4]);
-+	return;
-     } else {
- 	ipmi_handle_rmcp_msg(lan, &msg);
-     }
-
- }
- 
- static void
--- a/SOURCES/OpenIPMI-py313compat.patch
+++ b/SOURCES/OpenIPMI-py313compat.patch
@ -0,0 +1,12 @@
+diff -ur OpenIPMI-2.0.34/swig/OpenIPMI.i OpenIPMI-2.0.34-python/swig/OpenIPMI.i
+--- OpenIPMI-2.0.34/swig/OpenIPMI.i	2024-02-11 19:52:41.555777279 +0100
+++ OpenIPMI-2.0.34-python/swig/OpenIPMI.i	2024-02-11 20:11:59.061132776 +0100
+@@ -38,6 +38,7 @@
+ #include <config.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+#include <ctype.h>
+ 
+ #ifdef HAVE_GETADDRINFO
+ #include <netdb.h>
+Only in OpenIPMI-2.0.34-python/swig: OpenIPMI.i~
--- a/SPECS/OpenIPMI.spec
+++ b/SPECS/OpenIPMI.spec
@ -1,11 +1,14 @@
 %global _hardened_build 1

+%bcond_with python
+%bcond_with perl
+
 Summary: IPMI (Intelligent Platform Management Interface) library and tools
 Name: OpenIPMI

-Version:    2.0.32
-Release:    5%{?dist}
-License:    LGPLv2+ and GPLv2+ or BSD
+Version:    2.0.36
+Release:    3%{?dist}
+License:    LGPL-2.1-or-later AND GPL-2.0-or-later OR BSD-3-Clause
 URL:        http://sourceforge.net/projects/openipmi/
 Source:     http://downloads.sourceforge.net/openipmi/%{name}-%{version}.tar.gz
 Source1:    openipmi.sysconf
@ -13,11 +16,20 @@ Source2:    openipmi-helper
 Source3:    ipmi.service
 Patch1:     0001-man.patch
 Patch2:     include-config-h-cmdlang.patch
-Patch3:     OpenIPMI-CVE-2024-42934.patch
+Patch5:     OpenIPMI-py313compat.patch

 BuildRequires: make
-BuildRequires:    gdbm-devel swig glib2-devel net-snmp-devel ncurses-devel
-BuildRequires:    openssl-devel python3-devel perl-devel perl-generators
+BuildRequires:    gdbm-devel glib2-devel net-snmp-devel ncurses-devel
+%if %{with python} || %{with perl}
+BuildRequires:    swig
+%endif
+BuildRequires:    openssl-devel
+%if %{with python}
+BuildRequires:    python3-devel
+%endif
+%if %{with perl}
+BuildRequires:    perl-devel perl-generators
+%endif
 BuildRequires:    pkgconfig
 BuildRequires:    readline-devel
 BuildRequires:    automake
@ -43,14 +55,16 @@ Summary: The OpenIPMI runtime libraries
 The OpenIPMI-libs package contains the runtime libraries for shared binaries
 and applications.

+%if %{with perl}
 %package perl
 Summary:  IPMI Perl language bindings
-Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}

 %description perl
 The OpenIPMI-perl package contains the Perl language bindings for OpenIPMI.
+%endif

+%if %{with python}
 %package -n python3-openipmi
 %{?python_provide:%python_provide python3-openipmi}
 %{?python_provide:%python_provide python3-OpenIPMI}
@ -63,6 +77,7 @@ Requires:  %{name}-libs%{?_isa} = %{version}-%{release}

 %description -n python3-openipmi
 The OpenIPMI-python package contains the Python language bindings for OpenIPMI.
+%endif

 %package devel
 Summary:  The development environment for the OpenIPMI project
@ -94,8 +109,15 @@ This package contains a network IPMI listener.
    LDFLAGS="%{__global_ldflags} -Wl,--as-needed" \
    --disable-dependency-tracking \
    --disable-static \
+%if %{with python}
    --with-pythoninstall=%{python3_sitearch} \
    --with-python=%{__python3} \
+%else
+    --with-python=no \
+%endif
+%if %{without perl}
+    --with-perl=no \
+%endif
    --with-tcl=no \
    --with-tkinter=no

@ -172,13 +194,17 @@ echo ".so man1/openipmish.1" > %{buildroot}%{_mandir}/man1/ipmish.1
 %{_mandir}/man7/ipmi_cmdlang*
 %{_mandir}/man7/openipmi_conparms*

+%if %{with perl}
 %files perl
 %attr(644,root,root) %{perl_vendorarch}/OpenIPMI.pm
 %{perl_vendorarch}/auto/OpenIPMI
+%endif

+%if %{with python}
 %files -n python3-openipmi
 %{python3_sitearch}/*OpenIPMI*
 %{python3_sitearch}/__pycache__/OpenIPMI.*.pyc
+%endif

 %files libs
 %{_libdir}/libOpenIPMI*.so.*
@ -202,37 +228,86 @@ echo ".so man1/openipmish.1" > %{buildroot}%{_mandir}/man1/ipmish.1
 %{_mandir}/man5/ipmi_sim_cmd.5*

 %changelog
-* Thu Oct 10 2024 Pavel Cahyna <pcahyna@redhat.com> - 2.0.32-5
- Update the patch for CVE-2024-42934 to add a missing upstream
-  commit from 2.0.36: 663e3cd3
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 2.0.36-3
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
+
+* Mon Aug 26 2024 Pavel Cahyna <pcahyna@redhat.com> - 2.0.36-2
+- Correct SPDX expression syntax - operators must be uppercase

-* Thu Sep 26 2024 Pavel Cahyna <pcahyna@redhat.com> - 2.0.32-4
- Backport two commits from 2.0.36 to add checks in ipmi_sim
-  and ipmilan (CVE-2024-42934)
+* Mon Aug 26 2024 Pavel Cahyna <pcahyna@redhat.com> - 2.0.36-1
+- Update to 2.0.36

-* Fri Jan 28 2022 Pavel Cahyna <pcahyna@redhat.com> - 2.0.32-3
- Add a patch to resolve one more issue found by rpmdiff/rpminspect:
-  fix getaddrinfo detection to avoid using gethostbyname.
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.0.34-2
+- Bump release for June 2024 mass rebuild

-* Wed Jan 26 2022 Pavel Cahyna <pcahyna@redhat.com> - 2.0.32-2
+* Sun Feb 11 2024 Pavel Cahyna <pcahyna@redhat.com> - 2.0.34-1
+- Update to 2.0.34 (rhbz#2105023)
 - Resolve issues found by rpmdiff
+  - add a patch to fix getaddrinfo detection to avoid using gethostbyname
  - add explicit Requires: on subpackages to avoid the need to test
    interoperability between the various combinations of old and new
    subpackages
+- Conditional Perl & Python module build, by default disabled
+
+* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Mon Jan 08 2024 Florian Weimer <fweimer@redhat.com> - 2.0.32-11
+- Fix C compatibility issues
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue Jul 18 2023 Josef Ridky <jridky@redhat.com> - 2.0.32-9
+- Migrate to SPDX license format
+
+* Tue Jul 11 2023 Jitka Plesnikova <jplesnik@redhat.com> - 2.0.32-8
+- Perl 5.38 rebuild
+
+* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 2.0.32-7
+- Rebuilt for Python 3.12
+
+* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 2.0.32-4
+- Rebuilt for Python 3.11
+
+* Tue May 31 2022 Jitka Plesnikova <jplesnik@redhat.com> - 2.0.32-3
+- Perl 5.36 rebuild
+
+* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.32-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Mon Jan 10 2022 Josef Ridky <jridky@redhat.com> - 2.0.32-1
+- new upstream release 2.0.32 (#2020717)
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.0.31-8
+- Rebuilt with OpenSSL 3.0.0
+
+* Mon Aug 02 2021 Josef Ridky <jridky@redhat.com> - 2.0.31-7
+- replace distutils and fix FTBFS (#1948437)
+- fix collectd-ipmi crash (#1927022)

-* Sun Jan 23 2022 Igor Raits <igor.raits@gmail.com> - 2.0.32-1
- Update to 2.0.32 (rhbz#1990072)
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.31-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.31-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
+* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 2.0.31-5
+- Rebuilt for Python 3.10

-* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.31-4
- Rebuilt for RHEL 9 BETA for openssl 3.0
-  Related: rhbz#1971065
+* Fri May 21 2021 Jitka Plesnikova <jplesnik@redhat.com> - 2.0.31-4
+- Perl 5.34 rebuild

-* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.0.31-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.0.31-3
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.

 * Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.31-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild