update patches

3 years ago · 78b3e58cfb
--- a/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
+++ b/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
@ -1,7 +1,7 @@
 From d6a269d214fbb8de854f8b5e7292d5c1fad5f424 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:10:22 -0600
 Subject: [PATCH 01/15] Handle IPv6 DNS records on IPv4 networks more liberally
 Subject: [PATCH 01/18] Handle IPv6 DNS records on IPv4 networks more liberally

 Rather than fail on IPv4 only networks when seeing an IPv6 DNS record,
 just give a warning.
--- a/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch
+++ b/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch
@ -1,7 +1,7 @@
 From ccda13569b027cdcc391a6efa83e03793291bf25 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:04:08 -0600
 Subject: [PATCH 02/15] EAI_NODATA does not exist everywhere
 Subject: [PATCH 02/18] EAI_NODATA does not exist everywhere

 FreeBSD says it is deprecated #ifdef's it out.

--- a/patches/0003-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
+++ b/patches/0003-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
@ -1,7 +1,7 @@
 From 30d5fa3841facc188d5332d385069cce394b4dcd Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:02:50 -0600
 Subject: [PATCH 03/15] conditionally fill in sin_len/sin6_len if they exist
 Subject: [PATCH 03/18] conditionally fill in sin_len/sin6_len if they exist

 ---
 src/usr.sbin/ntpd/parse.y | 8 +++++---
--- a/patches/0004-check-if-rdomain-support-is-available.patch
+++ b/patches/0004-check-if-rdomain-support-is-available.patch
@ -1,7 +1,7 @@
 From b83879413dbdc63ed6745f722ca59cf5942a149f Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:05:46 -0600
 Subject: [PATCH 04/15] check if rdomain support is available.
 Subject: [PATCH 04/18] check if rdomain support is available.

 Handle FreeBSD's calling rdomain 'FIB'.
 - from naddy@openbsd.org
--- a/patches/0005-update-ntpd.conf-to-indicate-OS-dependent-options.patch
+++ b/patches/0005-update-ntpd.conf-to-indicate-OS-dependent-options.patch
@ -1,7 +1,7 @@
 From 52eebc084d17e17870e69937c5c2704126e15384 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:20:03 -0600
 Subject: [PATCH 05/15] update ntpd.conf to indicate OS-dependent options
 Subject: [PATCH 05/18] update ntpd.conf to indicate OS-dependent options

 Also, clarify listening behavior based on a patch from
 Dererk <dererk@debian.org>
--- a/patches/0006-allow-overriding-default-user-and-file-locations.patch
+++ b/patches/0006-allow-overriding-default-user-and-file-locations.patch
@ -1,7 +1,7 @@
 From 2359f4e6bc17e2924739cf4af4e21335ddd8508a Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Thu, 1 Jan 2015 07:18:11 -0600
 Subject: [PATCH 06/15] allow overriding default user and file locations
 Subject: [PATCH 06/18] allow overriding default user and file locations

 Allow the build process to override the default ntpd file paths and
 default user.
--- a/patches/0007-add-p-option-to-create-a-pid-file.patch
+++ b/patches/0007-add-p-option-to-create-a-pid-file.patch
@ -1,7 +1,7 @@
 From 3275b87581b58ea6ee9d5a774afaad9314c73be0 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 08:26:41 -0600
 Subject: [PATCH 07/15] add -p option to create a pid file
 Subject: [PATCH 07/18] add -p option to create a pid file

 This is used in both the Gentoo and Debian ports.

--- a/patches/0008-initialize-setproctitle-where-needed.patch
+++ b/patches/0008-initialize-setproctitle-where-needed.patch
@ -1,7 +1,7 @@
 From 34fcb744944e651e0b26b019a3e69cbbc181a1ad Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Mon, 12 Jan 2015 06:18:31 -0600
 Subject: [PATCH 08/15] initialize setproctitle where needed
 Subject: [PATCH 08/18] initialize setproctitle where needed

 We need to save a copy of argv and __progname to avoid setproctitle
 clobbering them.
--- a/patches/0009-Notify-the-user-when-constraint-support-is-disabled.patch
+++ b/patches/0009-Notify-the-user-when-constraint-support-is-disabled.patch
@ -1,7 +1,7 @@
 From 8e59facf2906e02c93eb63c69342b622836ea384 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Fri, 27 Mar 2015 23:14:15 -0500
 Subject: [PATCH 09/15] Notify the user when constraint support is disabled.
 Subject: [PATCH 09/18] Notify the user when constraint support is disabled.

 Update the manpage and warn if constraints are
 configured but ntpd is built without libtls present.
--- a/patches/0010-add-a-method-for-updating-the-realtime-clock-on-sync.patch
+++ b/patches/0010-add-a-method-for-updating-the-realtime-clock-on-sync.patch
@ -1,7 +1,7 @@
 From fe9855dbbb553d5eccd40d24a7a356c017722f00 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Mon, 4 May 2015 04:27:29 -0500
 Subject: [PATCH 10/15] add a method for updating the realtime clock on sync
 Subject: [PATCH 10/18] add a method for updating the realtime clock on sync

 from Christian Weisgerber
 ---
--- a/patches/0011-Deal-with-missing-SO_TIMESTAMP.patch
+++ b/patches/0011-Deal-with-missing-SO_TIMESTAMP.patch
@ -1,7 +1,7 @@
 From d32c974b39575f6c61273459f943eddbdf49169a Mon Sep 17 00:00:00 2001
 From: Brent Cook <bcook@openbsd.org>
 Date: Sun, 6 Dec 2015 22:35:38 -0600
 Subject: [PATCH 11/15] Deal with missing SO_TIMESTAMP
 Subject: [PATCH 11/18] Deal with missing SO_TIMESTAMP

 from Paul B. Henson" <henson@acm.org>

--- a/patches/0012-check-result-of-ftello-ftruncate.patch
+++ b/patches/0012-check-result-of-ftello-ftruncate.patch
@ -1,7 +1,7 @@
 From e75f69a1c7c6000b7a0b51ba4d00455013db80b6 Mon Sep 17 00:00:00 2001
 From: Brent Cook <bcook@openbsd.org>
 Date: Mon, 21 Dec 2015 05:53:20 -0600
 Subject: [PATCH 12/15] check result of ftello/ftruncate
 Subject: [PATCH 12/18] check result of ftello/ftruncate

 ---
 src/usr.sbin/ntpd/ntpd.c | 7 +++++--
--- a/patches/0013-set-IPV6_V6ONLY-if-we-are-binding-to-an-IPv6-address.patch
+++ b/patches/0013-set-IPV6_V6ONLY-if-we-are-binding-to-an-IPv6-address.patch
@ -1,7 +1,7 @@
 From ba37da3170bc54b8bff0a341229d8dd20034f18e Mon Sep 17 00:00:00 2001
 From: Brent Cook <bcook@openbsd.org>
 Date: Sat, 13 Aug 2016 14:22:02 -0500
 Subject: [PATCH 13/15] set IPV6_V6ONLY if we are binding to an IPv6 address
 Subject: [PATCH 13/18] set IPV6_V6ONLY if we are binding to an IPv6 address

 ---
 src/usr.sbin/ntpd/server.c | 9 +++++++++
--- a/patches/0014-use-adjtimex-over-adjtime-check-return-value-and-adj.patch
+++ b/patches/0014-use-adjtimex-over-adjtime-check-return-value-and-adj.patch
@ -1,7 +1,7 @@
 From 9c40c5ecbbc4682a5f931a0723754a8340160860 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Sat, 19 Jan 2019 04:25:44 -0600
 Subject: [PATCH 14/15] use adjtimex over adjtime, check return value and
 Subject: [PATCH 14/18] use adjtimex over adjtime, check return value and
 adjust offset as needed

 ---
--- a/patches/0015-increase-buffer-sizes-potential-truncation.patch
+++ b/patches/0015-increase-buffer-sizes-potential-truncation.patch
@ -1,7 +1,7 @@
 From 2b3abb5914e6ee355a7eb42e99acbbecf50ed252 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Sat, 13 Apr 2019 04:45:22 -0500
 Subject: [PATCH 15/15] increase buffer sizes potential truncation
 Subject: [PATCH 15/18] increase buffer sizes potential truncation

 ---
 src/usr.sbin/ntpd/ntpd.c | 2 +-
--- a/patches/0016-Don-t-retry-DNS-if-Checking-Disable-flag-is-not-avai.patch
+++ b/patches/0016-Don-t-retry-DNS-if-Checking-Disable-flag-is-not-avai.patch
@ -0,0 +1,70 @@
 From ea1afcebbc2e1a87dddee231b48da5a891461ff9 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Mon, 8 Jun 2020 06:53:10 -0500
 Subject: [PATCH 16/18] Don't retry DNS if Checking Disable flag is not
 available.

 ---
 src/usr.sbin/ntpd/config.c  | 4 +++-
 src/usr.sbin/ntpd/ntp_dns.c | 8 +++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

 diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
 index 856c3147cc..fc9df84bc4 100644
 --- a/src/usr.sbin/ntpd/config.c
 +++ b/src/usr.sbin/ntpd/config.c
@@ -138,9 +138,10 @@ int
 host_dns(const char *s, int synced, struct ntp_addr **hn)
 {
 	int error, save_opts;
 -	
 +
 	log_debug("trying to resolve %s", s);
 	error = host_dns1(s, hn, 0);
 +#ifdef RES_USE_CD
 	if (!synced && error <= 0) {
 		log_debug("no luck, trying to resolve %s without checking", s);
 		save_opts = _res.options;
@@ -148,6 +149,7 @@ host_dns(const char *s, int synced, struct ntp_addr **hn)
 		error = host_dns1(s, hn, 1);
 		_res.options = save_opts;
 	}
 +#endif
 	log_debug("resolve %s done: %d", s, error);
 	return error;
 }
 diff --git a/src/usr.sbin/ntpd/ntp_dns.c b/src/usr.sbin/ntpd/ntp_dns.c
 index 439e7ab8a9..e74a8abe4d 100644
 --- a/src/usr.sbin/ntpd/ntp_dns.c
 +++ b/src/usr.sbin/ntpd/ntp_dns.c
@@ -226,14 +226,16 @@ probe_root_ns(void)
 	old_options = _res.options;
 	_res.retrans = 1;
 	_res.retry = 1;
 +#ifdef RES_USE_CD
 	_res.options |= RES_USE_CD;
 -		
 +#endif
 +
 	ret = res_query(".", C_IN, T_NS, buf, sizeof(buf));
 
 	_res.retrans = old_retrans;
 	_res.retry = old_retry;
 	_res.options = old_options;
 -	
 +
 	return ret;
 }
 
@@ -242,7 +244,7 @@ probe_root(void)
 {
 	int		n;
 
 -	n = probe_root_ns();	
 +	n = probe_root_ns();
 	if (n < 0) {
 		/* give programs like unwind a second chance */
 		sleep(1);
 -- 
 2.27.0

--- a/patches/0017-handle-KERN_SECURELVL-when-available.patch
+++ b/patches/0017-handle-KERN_SECURELVL-when-available.patch
@ -0,0 +1,43 @@
 From 1d973b92dd29d8d466003718f5608ce802ce9d4b Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Mon, 8 Jun 2020 06:53:53 -0500
 Subject: [PATCH 17/18] handle KERN_SECURELVL when available

 ---
 src/usr.sbin/ntpd/ntpd.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
 index bae6abd00f..7ea24dc58c 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
@@ -23,7 +23,9 @@
 #include <sys/types.h>
 #include <sys/resource.h>
 #include <sys/socket.h>
 +#ifdef KERN_SECURELVL
 #include <sys/sysctl.h>
 +#endif
 #include <sys/wait.h>
 #include <sys/un.h>
 #include <netinet/in.h>
@@ -123,12 +125,14 @@ usage(void)
 int
 auto_preconditions(const struct ntpd_conf *cnf)
 {
 +	int constraints, securelevel = 0;
 +
 +#ifdef KERN_SECURELVL
 	int mib[2] = { CTL_KERN, KERN_SECURELVL };
 -	int constraints, securelevel;
 	size_t sz = sizeof(int);
 -
 	if (sysctl(mib, 2, &securelevel, &sz, NULL, 0) == -1)
 		err(1, "sysctl");
 +#endif
 	constraints = !TAILQ_EMPTY(&cnf->constraints);
 	return !cnf->settime && (constraints || cnf->trusted_peers ||
 	    conf->trusted_sensors) && securelevel == 0;
 -- 
 2.27.0

--- a/patches/0018-initialize-deadline.patch
+++ b/patches/0018-initialize-deadline.patch
@ -0,0 +1,25 @@
 From cf2fec695318a130477875178d2f58de169306bd Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Mon, 8 Jun 2020 06:54:12 -0500
 Subject: [PATCH 18/18] initialize deadline

 ---
 src/usr.sbin/ntpd/ntpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
 index 7ea24dc58c..68514de948 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
@@ -166,7 +166,7 @@ main(int argc, char *argv[])
 	int			argc0 = argc, logdest;
 	char			**argv0 = argv;
 	char			*pname = NULL;
 -	time_t			 settime_deadline;
 +	time_t			 settime_deadline = 0;
 	int			 sopt = 0;
 
 	__progname = get_progname(argv[0]);
 -- 
 2.27.0