Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/ntp4 net/ntp4: update to 4.2.8p14
details: https://anonhg.NetBSD.org/pkgsrc/rev/ea6711dd9585
branches: trunk
changeset: 434763:ea6711dd9585
user: taca <taca%pkgsrc.org@localhost>
date: Sun Jun 21 15:10:47 2020 +0000
description:
net/ntp4: update to 4.2.8p14
Updaet ntp4 to 4.2.8p14.
pkgsrc changes:
* Incorporate several changes from NetBSD base.
* few pkglint fixes.
Quote from release announce:
NTP 4.2.8p14 (Harlan Stenn <stenn%ntp.org@localhost>, 2020 Mar 03)
Focus: Security, Bug fixes, enhancements.
Severity: MEDIUM
This release fixes three vulnerabilities: a bug that causes causes an ntpd
instance that is explicitly configured to override the default and allow
ntpdc (mode 7) connections to be made to a server to read some uninitialized
memory; fixes the case where an unmonitored ntpd using an unauthenticated
association to its servers may be susceptible to a forged packet DoS attack;
and fixes an attack against a client instance that uses a single
unauthenticated time source. It also fixes 46 other bugs and addresses
4 other issues.
diffstat:
net/ntp4/Makefile | 8 +-
net/ntp4/distinfo | 45 +-
net/ntp4/options.mk | 5 +-
net/ntp4/patches/patch-configure | 15 +
net/ntp4/patches/patch-include-ntp__syscall.h | 4 +-
net/ntp4/patches/patch-include_ntp__md5.h | 17 +
net/ntp4/patches/patch-include_ntp__request.h | 69 +
net/ntp4/patches/patch-include_refclock__atom.h | 18 +
net/ntp4/patches/patch-lib_isc_inet__ntop.c | 20 +
net/ntp4/patches/patch-lib_isc_unix_net.c | 20 +
net/ntp4/patches/patch-libntp_ntp__calendar.c | 19 +
net/ntp4/patches/patch-libntp_socktoa.c | 17 +
net/ntp4/patches/patch-libntp_timexsup.c | 14 +
net/ntp4/patches/patch-libntp_work__fork.c | 58 +
net/ntp4/patches/patch-ntpd_ntp__config.c | 58 +
net/ntp4/patches/patch-ntpd_ntp__control.c | 18 +
net/ntp4/patches/patch-ntpd_ntp__io.c | 69 +
net/ntp4/patches/patch-ntpd_ntp__keyword.h | 1795 ++++++
net/ntp4/patches/patch-ntpd_ntp__loopfilter.c | 24 +
net/ntp4/patches/patch-ntpd_ntp__proto.c | 24 +
net/ntp4/patches/patch-ntpd_ntp__restrict.c | 24 +
net/ntp4/patches/patch-ntpd_refclock__jjy.c | 60 +
net/ntp4/patches/patch-ntpd_refclock__jupiter.c | 17 +
net/ntp4/patches/patch-ntpd_refclock__neoclock4x.c | 35 +
net/ntp4/patches/patch-ntpd_refclock__oncore.c | 48 +
net/ntp4/patches/patch-ntpd_refclock__ulink.c | 22 +
net/ntp4/patches/patch-ntpd_refclock__wwvb.c | 16 +
net/ntp4/patches/patch-ntpdate_ntpdate.c | 32 +
net/ntp4/patches/patch-ntpdc_Makefile.in | 17 +
net/ntp4/patches/patch-ntpq_ntpq.c | 34 +
net/ntp4/patches/patch-sntp_libevent_build-aux_config.guess | 1552 +++++
net/ntp4/patches/patch-sntp_libevent_build-aux_config.sub | 3015 +++++++++++
net/ntp4/patches/patch-sntp_libopts_autoopts.h | 27 +
net/ntp4/patches/patch-sntp_libopts_enum.c | 15 +
net/ntp4/patches/patch-sntp_libopts_usage.c | 15 +
net/ntp4/patches/patch-util_ntp-keygen.c | 29 +
net/ntp4/patches/patch-util_ntptime.c | 15 +
37 files changed, 7277 insertions(+), 13 deletions(-)
diffs (truncated from 7470 to 300 lines):
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/Makefile
--- a/net/ntp4/Makefile Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/Makefile Sun Jun 21 15:10:47 2020 +0000
@@ -1,9 +1,7 @@
-# $NetBSD: Makefile,v 1.103 2020/01/18 21:50:21 jperkin Exp $
+# $NetBSD: Makefile,v 1.104 2020/06/21 15:10:47 taca Exp $
#
-DISTNAME= ntp-4.2.8p13
-PKGNAME= ${DISTNAME:S/-dev-/-/}
-PKGREVISION= 2
+DISTNAME= ntp-4.2.8p14
CATEGORIES= net time
MASTER_SITES= http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
@@ -42,7 +40,7 @@
.include "../../mk/bsd.prefs.mk"
.include "options.mk"
-PLIST_VARS+= ntpsnmpd ntptime tickadj timetrim
+PLIST_VARS+= ntptime tickadj timetrim
.if ${OPSYS} == "NetBSD" || ${OPSYS} == "FreeBSD" || ${OPSYS} == "DragonFly" || ${OPSYS} == "Linux" || ${OPSYS} == "SunOS"
PLIST.ntptime= yes
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/distinfo
--- a/net/ntp4/distinfo Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/distinfo Sun Jun 21 15:10:47 2020 +0000
@@ -1,8 +1,41 @@
-$NetBSD: distinfo,v 1.30 2019/03/25 17:19:59 tnn Exp $
+$NetBSD: distinfo,v 1.31 2020/06/21 15:10:47 taca Exp $
-SHA1 (ntp-4.2.8p13.tar.gz) = cff200a987d64e891fb349a22313ecb0feaea090
-RMD160 (ntp-4.2.8p13.tar.gz) = 5d85e2a01bafa0bb755ab49e462f6dd7f96ce3d0
-SHA512 (ntp-4.2.8p13.tar.gz) = afbdbb8a37b8f4040a8a6939a3a85ad0350d359c153c297b32b8a013c7b7061fd925fa3e6e103671c5901e169156e22497813c654195ba50f890a7170b2f2075
-Size (ntp-4.2.8p13.tar.gz) = 6949363 bytes
-SHA1 (patch-include-ntp__syscall.h) = b247569339d09a88f2e143e355033ce7635ffe92
+SHA1 (ntp-4.2.8p14.tar.gz) = c6f353278cd5b7c8aa11e1189d3ac80985370b8f
+RMD160 (ntp-4.2.8p14.tar.gz) = c49cb8138678b246661cc1afe68d38f255756a7e
+SHA512 (ntp-4.2.8p14.tar.gz) = b0183b4b2f2c6ea0a49d0aca1fa28a7b5cd21e20696a2f633f5afa37c4ea2c59fa7769af82a55c626db49b9eb5a531608710dc1977c4d518583577ef95940ae8
+Size (ntp-4.2.8p14.tar.gz) = 7007263 bytes
+SHA1 (patch-configure) = cd2b6d9353282b574eea117b4b6e391a39a6267b
+SHA1 (patch-include-ntp__syscall.h) = b0587655e707b9a2e0eb9c937be47fd27e8d5435
+SHA1 (patch-include_ntp__md5.h) = 1bde85704e539ab40133f498409294d071df0cc8
+SHA1 (patch-include_ntp__request.h) = f76caeaaed595d32f249d493571f24410170e7bd
+SHA1 (patch-include_refclock__atom.h) = 72ab4f018356a006c41d041ed064072d99e75bbb
+SHA1 (patch-lib_isc_inet__ntop.c) = 8feef4a19e7762d0739345fa45aecea5b68c834a
+SHA1 (patch-lib_isc_unix_net.c) = abbe0dbc424666ef4c564870a65155cf5d355504
+SHA1 (patch-libntp_ntp__calendar.c) = f7e6a1cd37026a51288825a8a41d6337e0e10d86
+SHA1 (patch-libntp_socktoa.c) = ff469782951666834b753a55993fdd6a2f1f4f74
+SHA1 (patch-libntp_timexsup.c) = 385461d1049611921e19e7c75b94ed2788f7b1b7
+SHA1 (patch-libntp_work__fork.c) = f46501017291a0764db2240e258ae511a55baba7
+SHA1 (patch-ntpd_ntp__config.c) = 5b2107ab8ea5cac590b897b1e6709c47bce5b5d8
+SHA1 (patch-ntpd_ntp__control.c) = 3c6267aa5c36bd1d2e0fa729be86875436812783
+SHA1 (patch-ntpd_ntp__io.c) = 0ad70fe53d3c0f779842fb71ba60b8c2cbb1e456
+SHA1 (patch-ntpd_ntp__keyword.h) = 158f7e93459ea30bbf87830b939a81071fa13eaa
+SHA1 (patch-ntpd_ntp__loopfilter.c) = 381e44622a25351c470dbc7bfaef353e47370d79
+SHA1 (patch-ntpd_ntp__proto.c) = 5e5629cc5b8dc785427bc9b267d0cac6fc7b1b39
+SHA1 (patch-ntpd_ntp__restrict.c) = b659db3d7913a72f3a36c3a33ef47cfaf4545095
+SHA1 (patch-ntpd_refclock__jjy.c) = 592d010d2e19bb47beefdcb3fe5645271e2645bb
+SHA1 (patch-ntpd_refclock__jupiter.c) = bb248d2766cadddacdf9cb56bf9b29cbc538bbcb
+SHA1 (patch-ntpd_refclock__neoclock4x.c) = 66c38ba21572cb8804a39766f3b32d1b65cb0946
+SHA1 (patch-ntpd_refclock__oncore.c) = d93efa11cadc37fd9e600f80f2cbf0280be969c6
+SHA1 (patch-ntpd_refclock__ulink.c) = 55003f758fd71621db60ffad8a1880588098389e
+SHA1 (patch-ntpd_refclock__wwvb.c) = e1a7fc80df6dba9595788a8b8c56729619048ee4
+SHA1 (patch-ntpdate_ntpdate.c) = 17e2534ab7a54e5af16059ca8c02c9995d79d83c
+SHA1 (patch-ntpdc_Makefile.in) = 6afaf915ee8c6b244f94d3733545231e69dfd14d
+SHA1 (patch-ntpq_ntpq.c) = 0776827a712e2f6636b9d322ae7445d184f3709f
+SHA1 (patch-sntp_libevent_build-aux_config.guess) = 5f5fff42d04daef5fcbba2bc09b015fb4489ca59
+SHA1 (patch-sntp_libevent_build-aux_config.sub) = 178e8b39138e49db7702c4bb84fe92550d14a978
+SHA1 (patch-sntp_libopts_autoopts.h) = d4cbaa31df97e04f3637349a3d5eb1addfa847db
+SHA1 (patch-sntp_libopts_enum.c) = 7d6624ed84a6ea6f85b4de4c37480041a7603252
+SHA1 (patch-sntp_libopts_usage.c) = ec77942c98965c13de625b930db3458d5b81d28b
SHA1 (patch-sntp_loc_pkgsrc) = 6e46ffc0cc2afcfdc1d01297cbe04cb80d103575
+SHA1 (patch-util_ntp-keygen.c) = e66348e2fcf7da4bf9ee35e66e3f891cb436f338
+SHA1 (patch-util_ntptime.c) = 897c3986661a9e655eeb7a7eeb10816996c31301
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/options.mk
--- a/net/ntp4/options.mk Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/options.mk Sun Jun 21 15:10:47 2020 +0000
@@ -1,9 +1,11 @@
-# $NetBSD: options.mk,v 1.3 2016/05/14 08:13:49 bsiegert Exp $
+# $NetBSD: options.mk,v 1.4 2020/06/21 15:10:47 taca Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.ntp4
PKG_SUPPORTED_OPTIONS= inet6 snmp
PKG_SUGGESTED_OPTIONS=
+PLIST_VARS+= ntpsnmpd
+
.if empty(MISSING_FEATURES:Minet6)
PKG_SUGGESTED_OPTIONS+= inet6
.endif
@@ -19,6 +21,7 @@
.if !empty(PKG_OPTIONS:Msnmp)
CONFIGURE_ARGS+= --with-ntpsnmpd
PLIST.ntpsnmpd= yes
+USE_TOOLS+= perl
. include "../../net/net-snmp/buildlink3.mk"
.else
CONFIGURE_ARGS+= --without-ntpsnmpd
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-configure
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-configure Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-configure,v 1.4 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base; add support for setproctitle(3).
+
+--- configure.orig 2020-03-04 01:40:14.000000000 +0000
++++ configure
+@@ -27148,7 +27148,7 @@ fi
+ done
+
+
+-for ac_func in fnmatch getbootfile getuid getrusage nanosleep strsignal
++for ac_func in fnmatch getbootfile getuid getrusage nanosleep strsignal setproctitle
+ do :
+ as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include-ntp__syscall.h
--- a/net/ntp4/patches/patch-include-ntp__syscall.h Sun Jun 21 14:54:50 2020 +0000
+++ b/net/ntp4/patches/patch-include-ntp__syscall.h Sun Jun 21 15:10:47 2020 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-include-ntp__syscall.h,v 1.1 2015/10/29 11:23:47 christos Exp $
+$NetBSD: patch-include-ntp__syscall.h,v 1.2 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
--- include/ntp_syscall.h.orig 2011-03-31 10:03:53.000000000 +0000
+++ include/ntp_syscall.h
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_ntp__md5.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_ntp__md5.h Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-include_ntp__md5.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/ntp_md5.h.orig 2018-08-14 11:51:07.000000000 +0000
++++ include/ntp_md5.h
+@@ -36,8 +36,8 @@
+ # define EVP_md5() NULL
+ # define EVP_MD_CTX_init(c)
+ # define EVP_MD_CTX_set_flags(c, f)
+-# define EVP_DigestInit(c, dt) (MD5Init(c), 1)
+-# define EVP_DigestInit_ex(c, dt, i) (MD5Init(c), 1)
++# define EVP_DigestInit(c, dt) (MD5Init(c), (dt ? 1 : 1))
++# define EVP_DigestInit_ex(c, dt, i) (MD5Init(c), (dt ? 1 : 1))
+ # define EVP_DigestUpdate(c, p, s) MD5Update(c, (const void *)(p), \
+ s)
+ # define EVP_DigestFinal(c, d, pdl) \
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_ntp__request.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_ntp__request.h Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,69 @@
+$NetBSD: patch-include_ntp__request.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/ntp_request.h.orig 2020-03-03 23:41:29.000000000 +0000
++++ include/ntp_request.h
+@@ -129,6 +129,25 @@ typedef union req_data_u_tag {
+ } req_data_u; /* struct conf_peer must fit */
+
+ /*
++ * Structure for carrying system flags.
++ */
++struct conf_sys_flags {
++ u_int32 flags;
++};
++
++/*
++ * System flags we can set/clear
++ */
++#define SYS_FLAG_BCLIENT 0x01
++#define SYS_FLAG_PPS 0x02
++#define SYS_FLAG_NTP 0x04
++#define SYS_FLAG_KERNEL 0x08
++#define SYS_FLAG_MONITOR 0x10
++#define SYS_FLAG_FILEGEN 0x20
++#define SYS_FLAG_AUTH 0x40
++#define SYS_FLAG_CAL 0x80
++
++/*
+ * A request packet. These are almost a fixed length.
+ */
+ struct req_pkt {
+@@ -226,8 +245,8 @@ struct resp_pkt {
+
+ #define INFO_ERR(err_nitems) ((u_short)((ntohs(err_nitems)>>12)&0xf))
+ #define INFO_NITEMS(err_nitems) ((u_short)(ntohs(err_nitems)&0xfff))
+-#define ERR_NITEMS(err, nitems) (htons((u_short)((((u_short)(err)<<12)&0xf000)\
+- |((u_short)(nitems)&0xfff))))
++#define _ERR_EN(err) ((u_short)(((err)&0xf)<<12))
++#define ERR_NITEMS(err, nitems) ((u_short)htons(_ERR_EN(err)|(nitems&0xfff)))
+
+ #define INFO_MBZ(mbz_itemsize) ((ntohs(mbz_itemsize)>>12)&0xf)
+ #define INFO_ITEMSIZE(mbz_itemsize) ((u_short)(ntohs(mbz_itemsize)&0xfff))
+@@ -629,25 +648,6 @@ struct conf_unpeer {
+ };
+
+ /*
+- * Structure for carrying system flags.
+- */
+-struct conf_sys_flags {
+- u_int32 flags;
+-};
+-
+-/*
+- * System flags we can set/clear
+- */
+-#define SYS_FLAG_BCLIENT 0x01
+-#define SYS_FLAG_PPS 0x02
+-#define SYS_FLAG_NTP 0x04
+-#define SYS_FLAG_KERNEL 0x08
+-#define SYS_FLAG_MONITOR 0x10
+-#define SYS_FLAG_FILEGEN 0x20
+-#define SYS_FLAG_AUTH 0x40
+-#define SYS_FLAG_CAL 0x80
+-
+-/*
+ * Structure used for returning restrict entries
+ */
+ struct info_restrict {
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-include_refclock__atom.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-include_refclock__atom.h Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-include_refclock__atom.h,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- include/refclock_atom.h.orig 2011-10-09 05:08:20.000000000 +0000
++++ include/refclock_atom.h
+@@ -1,8 +1,10 @@
+ /*
+ * Definitions for the atom driver and its friends
+ */
+-#undef NANOSECOND /* some systems define it differently */
++#ifndef NANOSECOND
+ #define NANOSECOND 1000000000 /* one second (ns) */
++#endif
++#define RANGEGATE 500000 /* range gate (ns) */
+
+ struct refclock_atom {
+ pps_handle_t handle;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-lib_isc_inet__ntop.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-lib_isc_inet__ntop.c Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_isc_inet__ntop.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- lib/isc/inet_ntop.c.orig 2015-02-28 09:44:07.000000000 +0000
++++ lib/isc/inet_ntop.c
+@@ -88,11 +88,11 @@ isc_net_ntop(int af, const void *src, ch
+ static const char *
+ inet_ntop4(const unsigned char *src, char *dst, size_t size)
+ {
+- static const char *fmt = "%u.%u.%u.%u";
++#define FMT "%u.%u.%u.%u"
+ char tmp[sizeof("255.255.255.255")];
+ int len;
+
+- len = snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2], src[3]);
++ len = snprintf(tmp, sizeof(tmp), FMT, src[0], src[1], src[2], src[3]);
+ if (len < 0 || (size_t)len >= size)
+ {
+ errno = ENOSPC;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-lib_isc_unix_net.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-lib_isc_unix_net.c Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_isc_unix_net.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
+
+--- lib/isc/unix/net.c.orig 2015-02-21 10:33:37.000000000 +0000
++++ lib/isc/unix/net.c
+@@ -104,12 +104,12 @@ const struct in6_addr isc_net_in6addrloo
+
+ # if defined(WANT_IPV6)
+ static isc_once_t once_ipv6only = ISC_ONCE_INIT;
+-# endif
+
+ # if defined(ISC_PLATFORM_HAVEIPV6) && \
+ defined(WANT_IPV6) && defined(ISC_PLATFORM_HAVEIN6PKTINFO)
+ static isc_once_t once_ipv6pktinfo = ISC_ONCE_INIT;
+ # endif
++# endif
+ #endif /* ISC_PLATFORM_HAVEIPV6 */
+
+ static isc_once_t once = ISC_ONCE_INIT;
diff -r 8ef9ff7ac356 -r ea6711dd9585 net/ntp4/patches/patch-libntp_ntp__calendar.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ntp4/patches/patch-libntp_ntp__calendar.c Sun Jun 21 15:10:47 2020 +0000
@@ -0,0 +1,19 @@
+$NetBSD: patch-libntp_ntp__calendar.c,v 1.1 2020/06/21 15:10:47 taca Exp $
+
+* Changes from NetBSD base.
Home |
Main Index |
Thread Index |
Old Index