sync with latest OpenBSD source, adjust patch queue

9 years ago · 0ee203eeb0
--- a/.gitignore
+++ b/.gitignore
@ -35,6 +35,7 @@ openntpd*.tar.gz

 compat/arc4random.c
 compat/arc4random_freebsd.h
 compat/arc4random_hpux.h
 compat/arc4random_linux.h
 compat/arc4random_osx.h
 compat/arc4random_solaris.h
@ -43,6 +44,7 @@ compat/arc4random_win.h
 compat/chacha_private.h
 compat/explicit_bzero.c
 compat/getentropy_freebsd.c
 compat/getentropy_hpux.c
 compat/getentropy_linux.c
 compat/getentropy_osx.c
 compat/getentropy_solaris.c
@ -65,6 +67,7 @@ include/imsg.h
 include/md5_openbsd.h
 include/sha2_openbsd.h
 log.c
 log.h
 ntp.c
 ntp.h
 ntp_dns.c
--- a/Makefile.am
+++ b/Makefile.am
@ -36,6 +36,7 @@ ntpd_SOURCES = client.c
 ntpd_SOURCES += config.c
 ntpd_SOURCES += control.c
 ntpd_SOURCES += log.c
 ntpd_SOURCES += log.h
 ntpd_SOURCES += ntp.c
 ntpd_SOURCES += ntp.h
 ntpd_SOURCES += ntp_dns.c
--- a/patches/0001-be-more-verbose-when-logging-privsep-errors.patch
+++ b/patches/0001-be-more-verbose-when-logging-privsep-errors.patch
@ -1,7 +1,7 @@
 From 137e34d4af16d3f4c4b15de019e50a719db6cc5a Mon Sep 17 00:00:00 2001
 From 76505eff3c813ccdc4bece27e96f26cf04a1ffca Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Thu, 1 Jan 2015 13:06:38 -0600
 Subject: [PATCH 02/12] be more verbose when logging privsep errors
 Subject: [PATCH 01/11] be more verbose when logging privsep errors

 Make it easy for a sysadmin to diagnose a privilege separation path
 problem without looking at the source code.
--- a/patches/0001-make-fatal-fatalx-variadic-like-the-other-logging-fu.patch
+++ b/patches/0001-make-fatal-fatalx-variadic-like-the-other-logging-fu.patch
@ -1,120 +0,0 @@
 From 7720c6cbb7ff30abc1c4d85aada869294cc3db47 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Sun, 4 Jan 2015 22:19:51 -0600
 Subject: [PATCH 01/12] make fatal/fatalx variadic like the other logging
 functions

 this factors out the guts of log_warn and adds logerr
 ---
 src/usr.sbin/ntpd/log.c  | 54 +++++++++++++++++++++++++++---------------------
 src/usr.sbin/ntpd/ntpd.h |  4 ++--
 2 files changed, 32 insertions(+), 26 deletions(-)

 diff --git a/src/usr.sbin/ntpd/log.c b/src/usr.sbin/ntpd/log.c
 index 618f4cc..e92924e 100644
 --- a/src/usr.sbin/ntpd/log.c
 +++ b/src/usr.sbin/ntpd/log.c
@@ -71,29 +71,33 @@ vlog(int pri, const char *fmt, va_list ap)
 		vsyslog(pri, fmt, ap);
 }
 
 -
 void
 -log_warn(const char *emsg, ...)
 +vlogerr(int pri, const char *fmt, va_list ap)
 {
 	char	*nfmt;
 -	va_list	 ap;
 
 	/* best effort to even work in out of memory situations */
 -	if (emsg == NULL)
 -		logit(LOG_CRIT, "%s", strerror(errno));
 -	else {
 -		va_start(ap, emsg);
 -
 -		if (asprintf(&nfmt, "%s: %s", emsg, strerror(errno)) == -1) {
 +	if (fmt) {
 +		if (asprintf(&nfmt, "%s: %s", fmt, strerror(errno)) == -1) {
 			/* we tried it... */
 -			vlog(LOG_CRIT, emsg, ap);
 +			vlog(LOG_CRIT, fmt, ap);
 			logit(LOG_CRIT, "%s", strerror(errno));
 		} else {
 			vlog(LOG_CRIT, nfmt, ap);
 			free(nfmt);
 		}
 -		va_end(ap);
 -	}
 +	} else
 +		logit(LOG_CRIT, "%s", strerror(errno));
 +}
 +
 +void
 +log_warn(const char *emsg, ...)
 +{
 +	va_list	 ap;
 +
 +	va_start(ap, emsg);
 +	vlogerr(LOG_CRIT, emsg, ap);
 +	va_end(ap);
 }
 
 void
@@ -129,25 +133,27 @@ log_debug(const char *emsg, ...)
 }
 
 void
 -fatal(const char *emsg)
 +fatal(const char *emsg, ...)
 {
 -	if (emsg == NULL)
 -		logit(LOG_CRIT, "fatal: %s", strerror(errno));
 -	else
 -		if (errno)
 -			logit(LOG_CRIT, "fatal: %s: %s",
 -			    emsg, strerror(errno));
 -		else
 -			logit(LOG_CRIT, "fatal: %s", emsg);
 +	va_list	 ap;
 +
 +	va_start(ap, emsg);
 +	vlogerr(LOG_CRIT, emsg, ap);
 +	va_end(ap);
 
 	exit(1);
 }
 
 void
 -fatalx(const char *emsg)
 +fatalx(const char *emsg, ...)
 {
 -	errno = 0;
 -	fatal(emsg);
 +	va_list	 ap;
 +
 +	va_start(ap, emsg);
 +	vlog(LOG_CRIT, emsg, ap);
 +	va_end(ap);
 +
 +	exit(1);
 }
 
 const char *
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
 index 4a768d8..31bc5a0 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
@@ -269,8 +269,8 @@ void		 log_warn(const char *, ...);
 void		 log_warnx(const char *, ...);
 void		 log_info(const char *, ...);
 void		 log_debug(const char *, ...);
 -void		 fatal(const char *);
 -void		 fatalx(const char *);
 +void		 fatal(const char *, ...);
 +void		 fatalx(const char *, ...);
 const char	*log_sockaddr(struct sockaddr *);
 
 /* ntp.c */
 -- 
 1.9.1

--- a/patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch
+++ b/patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch
@ -1,7 +1,7 @@
 From a27d00d02e1c1bba00bcb5195c1aa90fc557fd60 Mon Sep 17 00:00:00 2001
 From 360d2de5b706fda9555348d4df4eb78a5eed7b3d Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Thu, 1 Jan 2015 13:26:29 -0600
 Subject: [PATCH 03/12] do not allow privsep user to be a privileged user
 Subject: [PATCH 02/11] do not allow privsep user to be a privileged user

 This may need to be a function call for different platforms with
 different capability / privilege mechanisms.
--- a/patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
+++ b/patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
@ -1,7 +1,7 @@
 From 9d6d657754752aa3530e4669a91a7293039c9e81 Mon Sep 17 00:00:00 2001
 From fa13ece45c6f03bcbd2c19255c9b8b71f740ef7f Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:10:22 -0600
 Subject: [PATCH 04/12] Handle IPv6 DNS records on IPv4 networks more liberally
 Subject: [PATCH 03/11] Handle IPv6 DNS records on IPv4 networks more liberally

 Rather than fail on IPv4 only networks when seeing an IPv6 DNS record,
 just give a warning.
--- a/patches/0004-Fix-DNS-timeout-lookup.patch
+++ b/patches/0004-Fix-DNS-timeout-lookup.patch
@ -1,7 +1,7 @@
 From 0b6965286d45f91bac192a7983c76a38bff2d783 Mon Sep 17 00:00:00 2001
 From e600fb2d0a4423ecad5d3961b51fb55b70889918 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 08:31:20 -0600
 Subject: [PATCH 05/12] Fix DNS timeout lookup
 Subject: [PATCH 04/11] Fix DNS timeout lookup

 Author: Paul B. Henson <henson@acm.org>
 Origin: https://bugs.gentoo.org/show_bug.cgi?id=493358
@ -10,10 +10,10 @@ Origin: https://bugs.gentoo.org/show_bug.cgi?id=493358
 1 file changed, 5 insertions(+), 1 deletion(-)

 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
 index b674ab4..f891c56 100644
 index cfc7e56..9ce169c 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
@@ -111,6 +111,7 @@ main(int argc, char *argv[])
@@ -110,6 +110,7 @@ main(int argc, char *argv[])
 	int			 pipe_chld[2];
 	struct passwd		*pw;
 	extern char 		*__progname;
--- a/patches/0005-EAI_NODATA-does-not-exist-everywhere.patch
+++ b/patches/0005-EAI_NODATA-does-not-exist-everywhere.patch
@ -1,7 +1,7 @@
 From 7fe3c31fe71685b88e88af88c64802735b7661ec Mon Sep 17 00:00:00 2001
 From d15a3b100ee3b497582df84d91c9ff989654cd37 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:04:08 -0600
 Subject: [PATCH 06/12] EAI_NODATA does not exist everywhere
 Subject: [PATCH 05/11] EAI_NODATA does not exist everywhere

 FreeBSD says it is deprecated #ifdef's it out.

--- a/patches/0006-Use-LOG_NTP-syslog-facility-if-it-is-available.patch
+++ b/patches/0006-Use-LOG_NTP-syslog-facility-if-it-is-available.patch
@ -0,0 +1,46 @@
 From ce2a92acf47861cf55d00a7f8ccd7037758c0f63 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:00:12 -0600
 Subject: [PATCH 06/11] Use LOG_NTP syslog facility if it is available

 FreeBSD PR:     114191
 Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>
 ---
 src/usr.sbin/ntpd/log.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

 diff --git a/src/usr.sbin/ntpd/log.c b/src/usr.sbin/ntpd/log.c
 index 1d8304b..3b751b5 100644
 --- a/src/usr.sbin/ntpd/log.c
 +++ b/src/usr.sbin/ntpd/log.c
@@ -30,6 +30,10 @@
 
 #include "log.h"
 
 +#ifndef LOG_NTP
 +#define LOG_NTP	LOG_DAEMON
 +#endif
 +
 #define	TRACE_DEBUG	0x1
 
 static int	 foreground;
@@ -39,7 +43,6 @@ void	 vlog(int, const char *, va_list);
 void	 logit(int, const char *, ...)
     __attribute__((format (printf, 2, 3)));
 
 -
 void
 log_init(int n_foreground)
 {
@@ -47,7 +50,7 @@ log_init(int n_foreground)
 
 	foreground = n_foreground;
 	if (! foreground)
 -		openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
 +		openlog(__progname, LOG_PID | LOG_NDELAY, LOG_NTP);
 
 	tzset();
 }
 -- 
 1.9.1

--- a/patches/0007-Use-LOG_NTP-syslog-facility.patch
+++ b/patches/0007-Use-LOG_NTP-syslog-facility.patch
@ -1,38 +0,0 @@
 From 89d3d178a801c9fdaa59bf05def788a1eec9662b Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:00:12 -0600
 Subject: [PATCH 07/12] Use LOG_NTP syslog facility.

 FreeBSD PR:     114191
 Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>
 ---
 src/usr.sbin/ntpd/log.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

 diff --git a/src/usr.sbin/ntpd/log.c b/src/usr.sbin/ntpd/log.c
 index e92924e..22e1f05 100644
 --- a/src/usr.sbin/ntpd/log.c
 +++ b/src/usr.sbin/ntpd/log.c
@@ -26,6 +26,10 @@
 
 #include "ntpd.h"
 
 +#ifndef LOG_NTP
 +#define LOG_NTP	LOG_DAEMON
 +#endif
 +
 int	 debug;
 extern int debugsyslog;
 
@@ -37,7 +41,7 @@ log_init(int n_debug)
 	debug = n_debug;
 
 	if (!debug)
 -		openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
 +		openlog(__progname, LOG_PID | LOG_NDELAY, LOG_NTP);
 
 	tzset();
 }
 -- 
 1.9.1

--- a/patches/0007-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
+++ b/patches/0007-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
@ -1,7 +1,7 @@
 From 1c97bf8f63a68525d343216fec27565192c001e0 Mon Sep 17 00:00:00 2001
 From 69da53e369dc71809ea54003f4c20c5f1a11eb0d Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:02:50 -0600
 Subject: [PATCH 08/12] conditionally fill in sin_len/sin6_len if they exist
 Subject: [PATCH 07/11] conditionally fill in sin_len/sin6_len if they exist

 ---
 src/usr.sbin/ntpd/config.c | 8 ++++++++
--- a/patches/0008-check-if-rdomain-support-is-available.patch
+++ b/patches/0008-check-if-rdomain-support-is-available.patch
@ -1,13 +1,16 @@
 From a89812ee1a8d97346d6410206d9dbf49b1915076 Mon Sep 17 00:00:00 2001
 From f63703fb97ea4c24e89908aa8041fc059b860abf Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:05:46 -0600
 Subject: [PATCH 09/12] check if rdomain support is available
 Subject: [PATCH 08/11] check if rdomain support is available.

 Handle FreeBSD's calling rdomain 'FIB'.
 - from naddy@openbsd.org
 ---
 src/usr.sbin/ntpd/client.c |  4 ++++
 src/usr.sbin/ntpd/ntpd.h   |  6 ++++++
 src/usr.sbin/ntpd/parse.y  |  2 ++
 src/usr.sbin/ntpd/server.c | 11 ++++++++++-
 3 files changed, 16 insertions(+), 1 deletion(-)
 4 files changed, 22 insertions(+), 1 deletion(-)

 diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
 index c18d8c5..a06d5fe 100644
@ -39,8 +42,25 @@ index c18d8c5..a06d5fe 100644
 
 	for (cmsg = CMSG_FIRSTHDR(&somsg); cmsg != NULL;
 	    cmsg = CMSG_NXTHDR(&somsg, cmsg)) {
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
 index 464353c..e5e7f4e 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
@@ -41,6 +41,12 @@
 #define DRIFTFILE	"/var/db/ntpd.drift"
 #define	CTLSOCKET	"/var/run/ntpd.sock"
 
 +#if defined(SO_SETFIB)
 +#define	SO_RTABLE	SO_SETFIB
 +#define	SIOCGIFRDOMAIN	SIOCGIFFIB
 +#define	ifr_rdomainid	ifr_fib
 +#endif
 +
 #define	INTERVAL_QUERY_NORMAL		30	/* sync to peers every n secs */
 #define	INTERVAL_QUERY_PATHETIC		60
 #define	INTERVAL_QUERY_AGGRESSIVE	5
 diff --git a/src/usr.sbin/ntpd/parse.y b/src/usr.sbin/ntpd/parse.y
 index fb6e2f1..3f4065f 100644
 index 74e3fcd..09a6d9d 100644
 --- a/src/usr.sbin/ntpd/parse.y
 +++ b/src/usr.sbin/ntpd/parse.y
@@ -313,10 +313,12 @@ weight		: WEIGHT NUMBER	{
--- a/patches/0009-update-ntpd.conf-to-indicate-OS-dependent-options.patch
+++ b/patches/0009-update-ntpd.conf-to-indicate-OS-dependent-options.patch
@ -1,7 +1,7 @@
 From 67a166ce4c0e337b3315ea0c6b21a87e60198fcf Mon Sep 17 00:00:00 2001
 From 9c3c4a91d822a4abf6c204a73ffde3abc4b8aad8 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:20:03 -0600
 Subject: [PATCH 10/12] update ntpd.conf to indicate OS-dependent options
 Subject: [PATCH 09/11] update ntpd.conf to indicate OS-dependent options

 Also, clarify listening behavior based on a patch from
 Dererk <dererk@debian.org>
--- a/patches/0010-allow-overriding-default-user-and-file-locations.patch
+++ b/patches/0010-allow-overriding-default-user-and-file-locations.patch
@ -1,7 +1,7 @@
 From 4187fea16db20522667368b0753061b159e963e3 Mon Sep 17 00:00:00 2001
 From 6494b18b609fafa19fd99abf8bcd57351afcd463 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Thu, 1 Jan 2015 07:18:11 -0600
 Subject: [PATCH 11/12] allow overriding default user and file locations
 Subject: [PATCH 10/11] allow overriding default user and file locations

 Allow the build process to override the default ntpd file paths and
 default user.
@ -10,10 +10,10 @@ default user.
 1 file changed, 13 insertions(+), 3 deletions(-)

 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
 index 31bc5a0..1bcd3ad 100644
 index e5e7f4e..2be060a 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
@@ -35,10 +35,20 @@
@@ -36,10 +36,20 @@
 
 #define MAXIMUM(a, b)	((a) > (b) ? (a) : (b))
 
@ -35,8 +35,8 @@ index 31bc5a0..1bcd3ad 100644
 +#define	DRIFTFILE	LOCALSTATEDIR "/db/ntpd.drift"
 +#define	CTLSOCKET	LOCALSTATEDIR "/run/ntpd.sock"
 
 #define	INTERVAL_QUERY_NORMAL		30	/* sync to peers every n secs */
 #define	INTERVAL_QUERY_PATHETIC		60
 #if defined(SO_SETFIB)
 #define	SO_RTABLE	SO_SETFIB
 -- 
 1.9.1

--- a/patches/0011-add-p-option-to-create-a-pid-file.patch
+++ b/patches/0011-add-p-option-to-create-a-pid-file.patch
@ -1,7 +1,7 @@
 From de91ec8c1d059734ee4a5d8ce8074f969ffb66c9 Mon Sep 17 00:00:00 2001
 From 0dd5d9f3c994fc02889bdb90b937a38916a7da22 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 08:26:41 -0600
 Subject: [PATCH 12/12] add -p option to create a pid file
 Subject: [PATCH 11/11] add -p option to create a pid file

 This is used in both the Gentoo and Debian ports.

@ -35,10 +35,10 @@ index 18b12e8..9eb1fee 100644
 Do not set the time immediately at startup.
 This is the default.
 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
 index f891c56..a0a31b4 100644
 index 9ce169c..c36bbbb 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
@@ -84,6 +84,18 @@ sighdlr(int sig)
@@ -83,6 +83,18 @@ sighdlr(int sig)
 	}
 }
 
@ -57,7 +57,7 @@ index f891c56..a0a31b4 100644
 __dead void
 usage(void)
 {
@@ -92,7 +104,7 @@ usage(void)
@@ -91,7 +103,7 @@ usage(void)
 	if (strcmp(__progname, "ntpctl") == 0)
 		fprintf(stderr, "usage: ntpctl [-s all | peers | Sensors | status]\n");
 	else
@ -66,7 +66,7 @@ index f891c56..a0a31b4 100644
 		    __progname);
 	exit(1);
 }
@@ -124,7 +136,7 @@ main(int argc, char *argv[])
@@ -123,7 +135,7 @@ main(int argc, char *argv[])
 
 	log_init(1);		/* log to stderr until daemonized */
 
@ -134,10 +134,10 @@ index f891c56..a0a31b4 100644
 			timeout = INFTIM;
 			break;
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
 index 1bcd3ad..927dc21 100644
 index 2be060a..01d8e24 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
@@ -199,6 +199,7 @@ struct ntpd_conf {
@@ -206,6 +206,7 @@ struct ntpd_conf {
 	u_int8_t					debug;
 	u_int8_t					noaction;
 	u_int8_t					filters;
--- a/update.sh
+++ b/update.sh
@ -50,7 +50,7 @@ for i in $libcrypto_src/crypto/getentropy_*.c; do
 done
 $CP $libcrypto_src/crypto/arc4random_*.h compat

 for i in client.c config.c control.c log.c ntp.c ntp.h ntp_dns.c ntp_msg.c \
 for i in client.c config.c control.c log.c log.h ntp.c ntp.h ntp_dns.c ntp_msg.c \
 	ntpd.c ntpd.h parse.y sensors.c server.c util.c \
 	ntpctl.8 ntpd.8 ntpd.conf.5 ; do
 	file=`basename $i`