Fincer
/
openntpd-portable
mirror of https://github.com/Fincer/openntpd-portable
1
0
Fork 0
Code Issues 0 Projects 0 Releases 10 Wiki Activity
Browse Source

resync patches 

update manpage and add more fatal logging
OPENBSD_5_7
Brent Cook 9 years ago
parent
2c04ab7158
commit
b15e6b2575
13 changed files with 200 additions and 34 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      patches/0001-be-more-verbose-when-logging-privsep-errors.patch
  2. +2
    -2
      patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch
  3. +3
    -3
      patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
  4. +4
    -4
      patches/0004-EAI_NODATA-does-not-exist-everywhere.patch
  5. +2
    -2
      patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch
  6. +6
    -6
      patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
  7. +3
    -3
      patches/0007-check-if-rdomain-support-is-available.patch
  8. +2
    -2
      patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch
  9. +2
    -2
      patches/0009-allow-overriding-default-user-and-file-locations.patch
  10. +3
    -3
      patches/0010-add-p-option-to-create-a-pid-file.patch
  11. +3
    -3
      patches/0011-initialize-setproctitle-where-needed.patch
  12. +2
    -2
      patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch
  13. +166
    -0
      patches/0013-log-context-of-all-fatal-allocations.patch

+ 2
- 2
patches/0001-be-more-verbose-when-logging-privsep-errors.patch View File

@ -1,7 +1,7 @@
From f5c4350929461db34ac5e50472a5f5246c6cb6f6 Mon Sep 17 00:00:00 2001
From 3358e0e85bf40351bc4a8357a878c844c4190ef2 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:06:38 -0600
Subject: [PATCH 01/12] be more verbose when logging privsep errors
Subject: [PATCH 01/13] be more verbose when logging privsep errors
Make it easy for a sysadmin to diagnose a privilege separation path
problem without looking at the source code.


+ 2
- 2
patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch View File

@ -1,7 +1,7 @@
From e22f798bc68930e81a9303606550a693962ce3fb Mon Sep 17 00:00:00 2001
From fb62935494233b756bfbe48b3652c07c378ef55e Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:26:29 -0600
Subject: [PATCH 02/12] do not allow privsep user to be a privileged user
Subject: [PATCH 02/13] do not allow privsep user to be a privileged user
This may need to be a function call for different platforms with
different capability / privilege mechanisms.


+ 3
- 3
patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch View File

@ -1,7 +1,7 @@
From a48c8c8a78028f7dc07ceb23c47a4ed31f0dfaa6 Mon Sep 17 00:00:00 2001
From 1f533ce93b5826f3c3e3b16b237571c9c62dc1eb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:10:22 -0600
Subject: [PATCH 03/12] Handle IPv6 DNS records on IPv4 networks more liberally
Subject: [PATCH 03/13] Handle IPv6 DNS records on IPv4 networks more liberally
Rather than fail on IPv4 only networks when seeing an IPv6 DNS record,
just give a warning.
@ -13,7 +13,7 @@ Original Author: Stefan Praszalowicz <stefan.praszalowicz@avedya.com>
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
index ced1a8b..3d4714e 100644
index 3ae2c18..9a499b1 100644
--- a/src/usr.sbin/ntpd/client.c
+++ b/src/usr.sbin/ntpd/client.c
@@ -138,9 +138,16 @@ client_query(struct ntp_peer *p)


+ 4
- 4
patches/0004-EAI_NODATA-does-not-exist-everywhere.patch View File

@ -1,7 +1,7 @@
From e885aae66f83f69ba38e33ef0ac706e9fe25f609 Mon Sep 17 00:00:00 2001
From aff999eff42db8c1022fc4c95cd4f2bc689e0708 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:04:08 -0600
Subject: [PATCH 04/12] EAI_NODATA does not exist everywhere
Subject: [PATCH 04/13] EAI_NODATA does not exist everywhere
FreeBSD says it is deprecated #ifdef's it out.
@ -15,10 +15,10 @@ portable software now has to have a special check instead.
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index c814183..ce5d860 100644
index 8904bc4..677139e 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -133,8 +133,14 @@ host_dns(const char *s, struct ntp_addr **hn)
@@ -131,8 +131,14 @@ host_dns(const char *s, struct ntp_addr **hn)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_DGRAM; /* DUMMY */
error = getaddrinfo(s, NULL, &hints, &res0);


+ 2
- 2
patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch View File

@ -1,7 +1,7 @@
From 889a119fa8e26239f09c38f55f5570b322793faf Mon Sep 17 00:00:00 2001
From 0a55dd5a69636bcb8047e84e63f41cac6d8ac4ae Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:16:54 -0600
Subject: [PATCH 05/12] Use LOG_NTP syslog facility if it is available
Subject: [PATCH 05/13] Use LOG_NTP syslog facility if it is available
FreeBSD PR: 114191
Submitted by: Robert Archer <freebsd@deathbeforedecaf.net>


+ 6
- 6
patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch View File

@ -1,17 +1,17 @@
From 7f1cdb9b4cf9d20c59a3d7adf84cf8aeaaab3b0b Mon Sep 17 00:00:00 2001
From a4991f440faa3e9b073c522b62438a32b7fb6ef3 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:02:50 -0600
Subject: [PATCH 06/12] conditionally fill in sin_len/sin6_len if they exist
Subject: [PATCH 06/13] conditionally fill in sin_len/sin6_len if they exist
---
src/usr.sbin/ntpd/config.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index ce5d860..58e387f 100644
index 677139e..9777110 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -73,7 +73,9 @@ host_v4(const char *s)
@@ -71,7 +71,9 @@ host_v4(const char *s)
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
fatal(NULL);
sa_in = (struct sockaddr_in *)&h->ss;
@ -21,7 +21,7 @@ index ce5d860..58e387f 100644
sa_in->sin_family = AF_INET;
sa_in->sin_addr.s_addr = ina.s_addr;
@@ -95,7 +97,9 @@ host_v6(const char *s)
@@ -93,7 +95,9 @@ host_v6(const char *s)
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
fatal(NULL);
sa_in6 = (struct sockaddr_in6 *)&h->ss;
@ -31,7 +31,7 @@ index ce5d860..58e387f 100644
sa_in6->sin6_family = AF_INET6;
memcpy(&sa_in6->sin6_addr,
&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr,
@@ -156,12 +160,16 @@ host_dns(const char *s, struct ntp_addr **hn)
@@ -154,12 +158,16 @@ host_dns(const char *s, struct ntp_addr **hn)
h->ss.ss_family = res->ai_family;
if (res->ai_family == AF_INET) {
sa_in = (struct sockaddr_in *)&h->ss;


+ 3
- 3
patches/0007-check-if-rdomain-support-is-available.patch View File

@ -1,7 +1,7 @@
From 991f5af3c5543d4e1870e35392c9eda53ae89dcc Mon Sep 17 00:00:00 2001
From 682b4ff97c28a1def8192c4eeb9ea8c6b92e3b6c Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:05:46 -0600
Subject: [PATCH 07/12] check if rdomain support is available.
Subject: [PATCH 07/13] check if rdomain support is available.
Handle FreeBSD's calling rdomain 'FIB'.
- from naddy@openbsd.org
@ -13,7 +13,7 @@ Handle FreeBSD's calling rdomain 'FIB'.
4 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
index 3d4714e..339120b 100644
index 9a499b1..fc9186a 100644
--- a/src/usr.sbin/ntpd/client.c
+++ b/src/usr.sbin/ntpd/client.c
@@ -149,10 +149,12 @@ client_query(struct ntp_peer *p)


+ 2
- 2
patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch View File

@ -1,7 +1,7 @@
From 2fc3020dd19b54b7b2da4641304cb7ecdefc13f8 Mon Sep 17 00:00:00 2001
From 41b570b1794534abe338dfc6dc0d0ff002c211c0 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:20:03 -0600
Subject: [PATCH 08/12] update ntpd.conf to indicate OS-dependent options
Subject: [PATCH 08/13] update ntpd.conf to indicate OS-dependent options
Also, clarify listening behavior based on a patch from
Dererk <dererk@debian.org>


+ 2
- 2
patches/0009-allow-overriding-default-user-and-file-locations.patch View File

@ -1,7 +1,7 @@
From 84f1acc50280f93c444c8211f4ee384d58002180 Mon Sep 17 00:00:00 2001
From e432380f8540be3021efa57c723e00c50073f953 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 07:18:11 -0600
Subject: [PATCH 09/12] allow overriding default user and file locations
Subject: [PATCH 09/13] allow overriding default user and file locations
Allow the build process to override the default ntpd file paths and
default user.


+ 3
- 3
patches/0010-add-p-option-to-create-a-pid-file.patch View File

@ -1,7 +1,7 @@
From b5d9a8e7f8991c6a50992171d836aff3d92b7fea Mon Sep 17 00:00:00 2001
From 1f659267b350fadc3b430a9723c69c780d2eea6f Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Wed, 31 Dec 2014 08:26:41 -0600
Subject: [PATCH 10/12] add -p option to create a pid file
Subject: [PATCH 10/13] add -p option to create a pid file
This is used in both the Gentoo and Debian ports.
@ -35,7 +35,7 @@ index 18b12e8..9eb1fee 100644
Do not set the time immediately at startup.
This is the default.
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index 052c240..d7efc25 100644
index ee1ecb5..f89532f 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -83,6 +83,18 @@ sighdlr(int sig)


+ 3
- 3
patches/0011-initialize-setproctitle-where-needed.patch View File

@ -1,14 +1,14 @@
From eb870881c4da0b69676b13a528c40e026e2149f6 Mon Sep 17 00:00:00 2001
From 198aa5cd7cf86d9c10dbdf24291e1f8afbb12410 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 06:18:31 -0600
Subject: [PATCH 11/12] initialize setproctitle where needed
Subject: [PATCH 11/13] initialize setproctitle where needed
---
src/usr.sbin/ntpd/ntpd.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index d7efc25..fb870ad 100644
index f89532f..ea8cf70 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -111,6 +111,11 @@ usage(void)


+ 2
- 2
patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch View File

@ -1,7 +1,7 @@
From 9eb62464e9d323197ee5f0aee210c70927989e43 Mon Sep 17 00:00:00 2001
From 1da8b11e25548aa48f055b7c8c1c97310af73fdb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:17:35 -0600
Subject: [PATCH 12/12] document SIGUSR1 fallback if SIGINFO is not
Subject: [PATCH 12/13] document SIGUSR1 fallback if SIGINFO is not
implemented.
---


+ 166
- 0
patches/0013-log-context-of-all-fatal-allocations.patch View File

@ -0,0 +1,166 @@
From c33a7dbd5827d8cf3e81193ea128d9b29a596c4c Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 19 Jan 2015 04:37:59 -0600
Subject: [PATCH 13/13] log context of all fatal allocations
---
src/usr.sbin/ntpd/config.c | 8 ++++----
src/usr.sbin/ntpd/ntp.c | 8 ++++----
src/usr.sbin/ntpd/ntp_dns.c | 2 +-
src/usr.sbin/ntpd/ntpd.c | 6 +++---
src/usr.sbin/ntpd/parse.y | 6 +++---
5 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index 9777110..56b50d2 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -41,7 +41,7 @@ host(const char *s, struct ntp_addr **hn)
if (!strcmp(s, "*"))
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
/* IPv4 address? */
if (h == NULL)
@@ -69,7 +69,7 @@ host_v4(const char *s)
return (NULL);
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
sa_in = (struct sockaddr_in *)&h->ss;
#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
sa_in->sin_len = sizeof(struct sockaddr_in);
@@ -93,7 +93,7 @@ host_v6(const char *s)
hints.ai_flags = AI_NUMERICHOST;
if (getaddrinfo(s, "0", &hints, &res) == 0) {
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
sa_in6 = (struct sockaddr_in6 *)&h->ss;
#ifdef SIN6_LEN
sa_in6->sin6_len = sizeof(struct sockaddr_in6);
@@ -154,7 +154,7 @@ host_dns(const char *s, struct ntp_addr **hn)
res->ai_family != AF_INET6)
continue;
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
h->ss.ss_family = res->ai_family;
if (res->ai_family == AF_INET) {
sa_in = (struct sockaddr_in *)&h->ss;
diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
index c8f095e..7db98f6 100644
--- a/src/usr.sbin/ntpd/ntp.c
+++ b/src/usr.sbin/ntpd/ntp.c
@@ -112,7 +112,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
fatal("getservbyname");
if ((nullfd = open(_PATH_DEVNULL, O_RDWR, 0)) == -1)
- fatal(NULL);
+ fatal("open /dev/null");
hotplugfd = sensor_hotplugfd();
close(pipe_prnt[0]);
@@ -166,10 +166,10 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
signal(SIGCHLD, SIG_DFL);
if ((ibuf_main = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("ibuf_main malloc");
imsg_init(ibuf_main, pipe_prnt[1]);
if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("ibuf_dns malloc");
imsg_init(ibuf_dns, pipe_dns[0]);
TAILQ_FOREACH(p, &conf->ntp_peers, entry)
@@ -508,7 +508,7 @@ ntp_dispatch_imsg_dns(void)
while (dlen >= sizeof(struct sockaddr_storage)) {
if ((h = calloc(1, sizeof(struct ntp_addr))) ==
NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
memcpy(&h->ss, p, sizeof(h->ss));
p += sizeof(h->ss);
dlen -= sizeof(h->ss);
diff --git a/src/usr.sbin/ntpd/ntp_dns.c b/src/usr.sbin/ntpd/ntp_dns.c
index 7d0236f..6abe3a4 100644
--- a/src/usr.sbin/ntpd/ntp_dns.c
+++ b/src/usr.sbin/ntpd/ntp_dns.c
@@ -87,7 +87,7 @@ ntp_dns(int pipe_ntp[2], struct ntpd_conf *nconf, struct passwd *pw)
signal(SIGHUP, sighdlr_dns);
if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("imsgbuf malloc");
imsg_init(ibuf_dns, pipe_ntp[1]);
while (quit_dns == 0) {
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index ea8cf70..65503d9 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -235,7 +235,7 @@ main(int argc, char *argv[])
close(pipe_chld[1]);
if ((ibuf = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("imsgbuf malloc");
imsg_init(ibuf, pipe_chld[0]);
while (quit == 0) {
@@ -619,7 +619,7 @@ ctl_main(int argc, char *argv[])
break;
}
}
- if (action == -1)
+ if (action == -1)
usage();
/* NOTREACHED */
@@ -635,7 +635,7 @@ ctl_main(int argc, char *argv[])
err(1, "connect: %s", sockname);
if ((ibuf_ctl = malloc(sizeof(struct imsgbuf))) == NULL)
- err(1, NULL);
+ err(1, "malloc: imsgbuf");
imsg_init(ibuf_ctl, fd);
switch (action) {
diff --git a/src/usr.sbin/ntpd/parse.y b/src/usr.sbin/ntpd/parse.y
index 42a49f7..285fae8 100644
--- a/src/usr.sbin/ntpd/parse.y
+++ b/src/usr.sbin/ntpd/parse.y
@@ -161,7 +161,7 @@ main : LISTEN ON address listen_opts {
p->addr_head.pool = 1;
p->addr_head.name = strdup($2->name);
if (p->addr_head.name == NULL)
- fatal(NULL);
+ fatal("servers strdup");
if (p->addr != NULL)
p->state = STATE_DNS_DONE;
if (!(p->rtable > 0 && p->addr))
@@ -200,7 +200,7 @@ main : LISTEN ON address listen_opts {
p->addr_head.pool = 0;
p->addr_head.name = strdup($2->name);
if (p->addr_head.name == NULL)
- fatal(NULL);
+ fatal("server strdup");
if (p->addr != NULL)
p->state = STATE_DNS_DONE;
if (!(p->rtable > 0 && p->addr))
@@ -224,7 +224,7 @@ main : LISTEN ON address listen_opts {
address : STRING {
if (($$ = calloc(1, sizeof(struct ntp_addr_wrap))) ==
NULL)
- fatal(NULL);
+ fatal("ntp_addr_wrap calloc");
host($1, &$$->a);
$$->name = $1;
}
--
1.9.1

Write Preview
Loading…
Cancel
Save