Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/ntp4 net/ntp4: update to 4.2.8p14



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ea6711dd9585
branches:  trunk
changeset: 434763:ea6711dd9585
user:      taca <taca%pkgsrc.org@localhost>
date:      Sun Jun 21 15:10:47 2020 +0000

description:
net/ntp4: update to 4.2.8p14

Updaet ntp4 to 4.2.8p14.

pkgsrc changes:
* Incorporate several changes from NetBSD base.
* few pkglint fixes.


Quote from release announce:

NTP 4.2.8p14 (Harlan Stenn <stenn%ntp.org@localhost>, 2020 Mar 03)

Focus: Security, Bug fixes, enhancements.

Severity: MEDIUM

This release fixes three vulnerabilities: a bug that causes causes an ntpd
instance that is explicitly configured to override the default and allow
ntpdc (mode 7) connections to be made to a server to read some uninitialized
memory; fixes the case where an unmonitored ntpd using an unauthenticated
association to its servers may be susceptible to a forged packet DoS attack;
and fixes an attack against a client instance that uses a single
unauthenticated time source.  It also fixes 46 other bugs and addresses
4 other issues.

diffstat:

 net/ntp4/Makefile                                           |     8 +-
 net/ntp4/distinfo                                           |    45 +-
 net/ntp4/options.mk                                         |     5 +-
 net/ntp4/patches/patch-configure                            |    15 +
 net/ntp4/patches/patch-include-ntp__syscall.h               |     4 +-
 net/ntp4/patches/patch-include_ntp__md5.h                   |    17 +
 net/ntp4/patches/patch-include_ntp__request.h               |    69 +
 net/ntp4/patches/patch-include_refclock__atom.h             |    18 +
 net/ntp4/patches/patch-lib_isc_inet__ntop.c                 |    20 +
 net/ntp4/patches/patch-lib_isc_unix_net.c                   |    20 +
 net/ntp4/patches/patch-libntp_ntp__calendar.c               |    19 +
 net/ntp4/patches/patch-libntp_socktoa.c                     |    17 +
 net/ntp4/patches/patch-libntp_timexsup.c                    |    14 +
 net/ntp4/patches/patch-libntp_work__fork.c                  |    58 +
 net/ntp4/patches/patch-ntpd_ntp__config.c                   |    58 +
 net/ntp4/patches/patch-ntpd_ntp__control.c                  |    18 +
 net/ntp4/patches/patch-ntpd_ntp__io.c                       |    69 +
 net/ntp4/patches/patch-ntpd_ntp__keyword.h                  |  1795 ++++++
 net/ntp4/patches/patch-ntpd_ntp__loopfilter.c               |    24 +
 net/ntp4/patches/patch-ntpd_ntp__proto.c                    |    24 +
 net/ntp4/patches/patch-ntpd_ntp__restrict.c                 |    24 +
 net/ntp4/patches/patch-ntpd_refclock__jjy.c                 |    60 +
 net/ntp4/patches/patch-ntpd_refclock__jupiter.c             |    17 +
 net/ntp4/patches/patch-ntpd_refclock__neoclock4x.c          |    35 +
 net/ntp4/patches/patch-ntpd_refclock__oncore.c              |    48 +
 net/ntp4/patches/patch-ntpd_refclock__ulink.c               |    22 +
 net/ntp4/patches/patch-ntpd_refclock__wwvb.c                |    16 +
 net/ntp4/patches/patch-ntpdate_ntpdate.c                    |    32 +
 net/ntp4/patches/patch-ntpdc_Makefile.in                    |    17 +
 net/ntp4/patches/patch-ntpq_ntpq.c                          |    34 +
 net/ntp4/patches/patch-sntp_libevent_build-aux_config.guess |  1552 +++++
 net/ntp4/patches/patch-sntp_libevent_build-aux_config.sub   |  3015 +++++++++++
 net/ntp4/patches/patch-sntp_libopts_autoopts.h              |    27 +
 net/ntp4/patches/patch-sntp_libopts_enum.c                  |    15 +
 net/ntp4/patches/patch-sntp_libopts_usage.c                 |    15 +
 net/ntp4/patches/patch-util_ntp-keygen.c                    |    29 +
 net/ntp4/patches/patch-util_ntptime.c                       |    15 +
 37 files changed, 7277 insertions(+), 13 deletions(-)

diffs (truncated from 7470 to 300 lines):

diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/Makefile
--- a/net/ntp4/Makefile Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/Makefile Sun Jun 21 15:10:47 2020 +0000
@@ -1,9 +1,7 @@
-# $NetBSD: Makefile,v 1.103 2020/01/18 21:50:21 jperkin Exp $
+# $NetBSD: Makefile,v 1.104 2020/06/21 15:10:47 taca Exp $
 #
 
-DISTNAME=      ntp-4.2.8p13
-PKGNAME=       ${DISTNAME:S/-dev-/-/}
-PKGREVISION=   2
+DISTNAME=      ntp-4.2.8p14
 CATEGORIES=    net time
 MASTER_SITES=  http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
 
@@ -42,7 +40,7 @@
 .include "../../mk/bsd.prefs.mk"
 .include "options.mk"
 
-PLIST_VARS+=   ntpsnmpd ntptime tickadj timetrim
+PLIST_VARS+=   ntptime tickadj timetrim
 
 .if ${OPSYS} == "NetBSD" || ${OPSYS} == "FreeBSD" || ${OPSYS} == "DragonFly" || ${OPSYS} == "Linux" || ${OPSYS} == "SunOS"
 PLIST.ntptime=         yes
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/distinfo
--- a/net/ntp4/distinfo Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/distinfo Sun Jun 21 15:10:47 2020 +0000
@@ -1,8 +1,41 @@
-$NetBSD: distinfo,v 1.30 2019/03/25 17:19:59 tnn Exp $
+$NetBSD: distinfo,v 1.31 2020/06/21 15:10:47 taca Exp $
 
-SHA1 (ntp-4.2.8p13.tar.gz) = cff200a987d64e891fb349a22313ecb0feaea090
-RMD160 (ntp-4.2.8p13.tar.gz) = 5d85e2a01bafa0bb755ab49e462f6dd7f96ce3d0
-SHA512 (ntp-4.2.8p13.tar.gz) = afbdbb8a37b8f4040a8a6939a3a85ad0350d359c153c297b32b8a013c7b7061fd925fa3e6e103671c5901e169156e22497813c654195ba50f890a7170b2f2075
-Size (ntp-4.2.8p13.tar.gz) = 6949363 bytes
-SHA1 (patch-include-ntp__syscall.h) = b247569339d09a88f2e143e355033ce7635ffe92
+SHA1 (ntp-4.2.8p14.tar.gz) = c6f353278cd5b7c8aa11e1189d3ac80985370b8f
+RMD160 (ntp-4.2.8p14.tar.gz) = c49cb8138678b246661cc1afe68d38f255756a7e
+SHA512 (ntp-4.2.8p14.tar.gz) = b0183b4b2f2c6ea0a49d0aca1fa28a7b5cd21e20696a2f633f5afa37c4ea2c59fa7769af82a55c626db49b9eb5a531608710dc1977c4d518583577ef95940ae8
+Size (ntp-4.2.8p14.tar.gz) = 7007263 bytes
+SHA1 (patch-configure) = cd2b6d9353282b574eea117b4b6e391a39a6267b
+SHA1 (patch-include-ntp__syscall.h) = b0587655e707b9a2e0eb9c937be47fd27e8d5435
+SHA1 (patch-include_ntp__md5.h) = 1bde85704e539ab40133f498409294d071df0cc8
+SHA1 (patch-include_ntp__request.h) = f76caeaaed595d32f249d493571f24410170e7bd
+SHA1 (patch-include_refclock__atom.h) = 72ab4f018356a006c41d041ed064072d99e75bbb
+SHA1 (patch-lib_isc_inet__ntop.c) = 8feef4a19e7762d0739345fa45aecea5b68c834a
+SHA1 (patch-lib_isc_unix_net.c) = abbe0dbc424666ef4c564870a65155cf5d355504
+SHA1 (patch-libntp_ntp__calendar.c) = f7e6a1cd37026a51288825a8a41d6337e0e10d86
+SHA1 (patch-libntp_socktoa.c) = ff469782951666834b753a55993fdd6a2f1f4f74
+SHA1 (patch-libntp_timexsup.c) = 385461d1049611921e19e7c75b94ed2788f7b1b7
+SHA1 (patch-libntp_work__fork.c) = f46501017291a0764db2240e258ae511a55baba7
+SHA1 (patch-ntpd_ntp__config.c) = 5b2107ab8ea5cac590b897b1e6709c47bce5b5d8
+SHA1 (patch-ntpd_ntp__control.c) = 3c6267aa5c36bd1d2e0fa729be86875436812783
+SHA1 (patch-ntpd_ntp__io.c) = 0ad70fe53d3c0f779842fb71ba60b8c2cbb1e456
+SHA1 (patch-ntpd_ntp__keyword.h) = 158f7e93459ea30bbf87830b939a81071fa13eaa
+SHA1 (patch-ntpd_ntp__loopfilter.c) = 381e44622a25351c470dbc7bfaef353e47370d79
+SHA1 (patch-ntpd_ntp__proto.c) = 5e5629cc5b8dc785427bc9b267d0cac6fc7b1b39
+SHA1 (patch-ntpd_ntp__restrict.c) = b659db3d7913a72f3a36c3a33ef47cfaf4545095
+SHA1 (patch-ntpd_refclock__jjy.c) = 592d010d2e19bb47beefdcb3fe5645271e2645bb
+SHA1 (patch-ntpd_refclock__jupiter.c) = bb248d2766cadddacdf9cb56bf9b29cbc538bbcb
+SHA1 (patch-ntpd_refclock__neoclock4x.c) = 66c38ba21572cb8804a39766f3b32d1b65cb0946
+SHA1 (patch-ntpd_refclock__oncore.c) = d93efa11cadc37fd9e600f80f2cbf0280be969c6
+SHA1 (patch-ntpd_refclock__ulink.c) = 55003f758fd71621db60ffad8a1880588098389e
+SHA1 (patch-ntpd_refclock__wwvb.c) = e1a7fc80df6dba9595788a8b8c56729619048ee4
+SHA1 (patch-ntpdate_ntpdate.c) = 17e2534ab7a54e5af16059ca8c02c9995d79d83c
+SHA1 (patch-ntpdc_Makefile.in) = 6afaf915ee8c6b244f94d3733545231e69dfd14d
+SHA1 (patch-ntpq_ntpq.c) = 0776827a712e2f6636b9d322ae7445d184f3709f
+SHA1 (patch-sntp_libevent_build-aux_config.guess) = 5f5fff42d04daef5fcbba2bc09b015fb4489ca59
+SHA1 (patch-sntp_libevent_build-aux_config.sub) = 178e8b39138e49db7702c4bb84fe92550d14a978
+SHA1 (patch-sntp_libopts_autoopts.h) = d4cbaa31df97e04f3637349a3d5eb1addfa847db
+SHA1 (patch-sntp_libopts_enum.c) = 7d6624ed84a6ea6f85b4de4c37480041a7603252
+SHA1 (patch-sntp_libopts_usage.c) = ec77942c98965c13de625b930db3458d5b81d28b
 SHA1 (patch-sntp_loc_pkgsrc) = 6e46ffc0cc2afcfdc1d01297cbe04cb80d103575
+SHA1 (patch-util_ntp-keygen.c) = e66348e2fcf7da4bf9ee35e66e3f891cb436f338
+SHA1 (patch-util_ntptime.c) = 897c3986661a9e655eeb7a7eeb10816996c31301
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/options.mk
--- a/net/ntp4/options.mk       Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/options.mk       Sun Jun 21 15:10:47 2020 +0000
@@ -1,9 +1,11 @@
-# $NetBSD: options.mk,v 1.3 2016/05/14 08:13:49 bsiegert Exp $
+# $NetBSD: options.mk,v 1.4 2020/06/21 15:10:47 taca Exp $
 
 PKG_OPTIONS_VAR=       PKG_OPTIONS.ntp4
 PKG_SUPPORTED_OPTIONS= inet6 snmp
 PKG_SUGGESTED_OPTIONS=
 
+PLIST_VARS+=   ntpsnmpd
+
 .if empty(MISSING_FEATURES:Minet6)
 PKG_SUGGESTED_OPTIONS+=        inet6
 .endif
@@ -19,6 +21,7 @@
 .if !empty(PKG_OPTIONS:Msnmp)
 CONFIGURE_ARGS+=       --with-ntpsnmpd
 PLIST.ntpsnmpd=                yes
+USE_TOOLS+=            perl
 .  include "../../net/net-snmp/buildlink3.mk"
 .else
 CONFIGURE_ARGS+=       --without-ntpsnmpd
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-configure
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-configure  Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-configure,v 1.4 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base; add support for setproctitle(3).
+
+--- configure.orig     2020-03-04 01:40:14.000000000 +0000
++++ configure
+@@ -27148,7 +27148,7 @@ fi
+ done
+ 
+ 
+-for ac_func in fnmatch getbootfile getuid getrusage nanosleep strsignal
++for ac_func in fnmatch getbootfile getuid getrusage nanosleep strsignal setproctitle
+ do :
+   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include-ntp__syscall.h
--- a/net/ntp4/patches/patch-include-ntp__syscall.h     Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/patches/patch-include-ntp__syscall.h     Sun Jun 21 15:10:47 2020 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-include-ntp__syscall.h,v 1.1 2015/10/29 11:23:47 christos Exp $
+$NetBSD: patch-include-ntp__syscall.h,v 1.2 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
 
 --- include/ntp_syscall.h.orig 2011-03-31 10:03:53.000000000 +0000
 +++ include/ntp_syscall.h
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_ntp__md5.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_ntp__md5.h Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-include_ntp__md5.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/ntp_md5.h.orig     2018-08-14 11:51:07.000000000 +0000
++++ include/ntp_md5.h
+@@ -36,8 +36,8 @@
+ # define EVP_md5()                    NULL
+ # define EVP_MD_CTX_init(c)
+ # define EVP_MD_CTX_set_flags(c, f)
+-# define EVP_DigestInit(c, dt)                (MD5Init(c), 1)
+-# define EVP_DigestInit_ex(c, dt, i)  (MD5Init(c), 1)
++# define EVP_DigestInit(c, dt)                (MD5Init(c), (dt ? 1 : 1))
++# define EVP_DigestInit_ex(c, dt, i)  (MD5Init(c), (dt ? 1 : 1))
+ # define EVP_DigestUpdate(c, p, s)    MD5Update(c, (const void *)(p), \
+                                                 s)
+ # define EVP_DigestFinal(c, d, pdl)   \
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_ntp__request.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_ntp__request.h     Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,69 @@
+$NetBSD: patch-include_ntp__request.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/ntp_request.h.orig 2020-03-03 23:41:29.000000000 +0000
++++ include/ntp_request.h
+@@ -129,6 +129,25 @@ typedef union req_data_u_tag {
+ } req_data_u;                         /* struct conf_peer must fit */
+ 
+ /*
++ * Structure for carrying system flags.
++ */
++struct conf_sys_flags {
++      u_int32 flags;
++};
++
++/*
++ * System flags we can set/clear
++ */
++#define       SYS_FLAG_BCLIENT        0x01
++#define       SYS_FLAG_PPS            0x02
++#define SYS_FLAG_NTP          0x04
++#define SYS_FLAG_KERNEL               0x08
++#define SYS_FLAG_MONITOR      0x10
++#define SYS_FLAG_FILEGEN      0x20
++#define SYS_FLAG_AUTH         0x40
++#define SYS_FLAG_CAL          0x80
++
++/*
+  * A request packet.  These are almost a fixed length.
+  */
+ struct req_pkt {
+@@ -226,8 +245,8 @@ struct resp_pkt {
+ 
+ #define       INFO_ERR(err_nitems)    ((u_short)((ntohs(err_nitems)>>12)&0xf))
+ #define       INFO_NITEMS(err_nitems) ((u_short)(ntohs(err_nitems)&0xfff))
+-#define       ERR_NITEMS(err, nitems) (htons((u_short)((((u_short)(err)<<12)&0xf000)\
+-                              |((u_short)(nitems)&0xfff))))
++#define _ERR_EN(err)          ((u_short)(((err)&0xf)<<12))
++#define       ERR_NITEMS(err, nitems) ((u_short)htons(_ERR_EN(err)|(nitems&0xfff)))
+ 
+ #define       INFO_MBZ(mbz_itemsize)  ((ntohs(mbz_itemsize)>>12)&0xf)
+ #define       INFO_ITEMSIZE(mbz_itemsize)     ((u_short)(ntohs(mbz_itemsize)&0xfff))
+@@ -629,25 +648,6 @@ struct conf_unpeer {
+ };
+ 
+ /*
+- * Structure for carrying system flags.
+- */
+-struct conf_sys_flags {
+-      u_int32 flags;
+-};
+-
+-/*
+- * System flags we can set/clear
+- */
+-#define       SYS_FLAG_BCLIENT        0x01
+-#define       SYS_FLAG_PPS            0x02
+-#define SYS_FLAG_NTP          0x04
+-#define SYS_FLAG_KERNEL               0x08
+-#define SYS_FLAG_MONITOR      0x10
+-#define SYS_FLAG_FILEGEN      0x20
+-#define SYS_FLAG_AUTH         0x40
+-#define SYS_FLAG_CAL          0x80
+-
+-/*
+  * Structure used for returning restrict entries
+  */
+ struct info_restrict {
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_refclock__atom.h
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_refclock__atom.h   Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-include_refclock__atom.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/refclock_atom.h.orig       2011-10-09 05:08:20.000000000 +0000
++++ include/refclock_atom.h
+@@ -1,8 +1,10 @@
+ /*
+  * Definitions for the atom driver and its friends
+  */
+-#undef NANOSECOND     /* some systems define it differently */
++#ifndef NANOSECOND
+ #define NANOSECOND    1000000000 /* one second (ns) */
++#endif
++#define RANGEGATE     500000  /* range gate (ns) */
+ 
+ struct refclock_atom {
+       pps_handle_t handle;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-lib_isc_inet__ntop.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-lib_isc_inet__ntop.c       Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_isc_inet__ntop.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- lib/isc/inet_ntop.c.orig   2015-02-28 09:44:07.000000000 +0000
++++ lib/isc/inet_ntop.c
+@@ -88,11 +88,11 @@ isc_net_ntop(int af, const void *src, ch
+ static const char *
+ inet_ntop4(const unsigned char *src, char *dst, size_t size)
+ {
+-      static const char *fmt = "%u.%u.%u.%u";
++#define       FMT "%u.%u.%u.%u"
+       char tmp[sizeof("255.255.255.255")];
+       int len;
+ 
+-      len = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]);
++      len = snprintf(tmp, sizeof(tmp), FMT, src[0], src[1], src[2], src[3]);
+       if (len < 0 || (size_t)len >= size)
+       {
+               errno = ENOSPC;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-lib_isc_unix_net.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-lib_isc_unix_net.c Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_isc_unix_net.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- lib/isc/unix/net.c.orig    2015-02-21 10:33:37.000000000 +0000
++++ lib/isc/unix/net.c
+@@ -104,12 +104,12 @@ const struct in6_addr isc_net_in6addrloo
+ 
+ # if defined(WANT_IPV6)
+ static isc_once_t     once_ipv6only = ISC_ONCE_INIT;
+-# endif
+ 
+ # if defined(ISC_PLATFORM_HAVEIPV6) && \
+      defined(WANT_IPV6) && defined(ISC_PLATFORM_HAVEIN6PKTINFO)
+ static isc_once_t     once_ipv6pktinfo = ISC_ONCE_INIT;
+ # endif
++# endif
+ #endif /* ISC_PLATFORM_HAVEIPV6 */
+ 
+ static isc_once_t     once = ISC_ONCE_INIT;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-libntp_ntp__calendar.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-libntp_ntp__calendar.c     Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-libntp_ntp__calendar.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.



Home | Main Index | Thread Index | Old Index