Fincer
/
openntpd-portable
mirror of https://github.com/Fincer/openntpd-portable
1
0
Fork 0
Code Issues 0 Projects 0 Releases 10 Wiki Activity
Browse Source

resync patches 

update manpage and add more fatal logging
OPENBSD_5_7
Brent Cook 10 years ago
parent
2c04ab7158
commit
b15e6b2575
13 changed files with 200 additions and 34 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      patches/0001-be-more-verbose-when-logging-privsep-errors.patch
  2. +2
    -2
      patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch
  3. +3
    -3
      patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch
  4. +4
    -4
      patches/0004-EAI_NODATA-does-not-exist-everywhere.patch
  5. +2
    -2
      patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch
  6. +6
    -6
      patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch
  7. +3
    -3
      patches/0007-check-if-rdomain-support-is-available.patch
  8. +2
    -2
      patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch
  9. +2
    -2
      patches/0009-allow-overriding-default-user-and-file-locations.patch
  10. +3
    -3
      patches/0010-add-p-option-to-create-a-pid-file.patch
  11. +3
    -3
      patches/0011-initialize-setproctitle-where-needed.patch
  12. +2
    -2
      patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch
  13. +166
    -0
      patches/0013-log-context-of-all-fatal-allocations.patch

+ 2
- 2
patches/0001-be-more-verbose-when-logging-privsep-errors.patch View File

@ -1,7 +1,7 @@
From f5c4350929461db34ac5e50472a5f5246c6cb6f6 Mon Sep 17 00:00:00 2001
From 3358e0e85bf40351bc4a8357a878c844c4190ef2 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:06:38 -0600
Subject: [PATCH 01/12] be more verbose when logging privsep errors
Subject: [PATCH 01/13] be more verbose when logging privsep errors
Make it easy for a sysadmin to diagnose a privilege separation path
problem without looking at the source code.


+ 2
- 2
patches/0002-do-not-allow-privsep-user-to-be-a-privileged-user.patch View File

@ -1,7 +1,7 @@
From e22f798bc68930e81a9303606550a693962ce3fb Mon Sep 17 00:00:00 2001
From fb62935494233b756bfbe48b3652c07c378ef55e Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:26:29 -0600
Subject: [PATCH 02/12] do not allow privsep user to be a privileged user
Subject: [PATCH 02/13] do not allow privsep user to be a privileged user
This may need to be a function call for different platforms with
different capability / privilege mechanisms.


+ 3
- 3
patches/0003-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch View File

@ -1,7 +1,7 @@
From a48c8c8a78028f7dc07ceb23c47a4ed31f0dfaa6 Mon Sep 17 00:00:00 2001
From 1f533ce93b5826f3c3e3b16b237571c9c62dc1eb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:10:22 -0600
Subject: [PATCH 03/12] Handle IPv6 DNS records on IPv4 networks more liberally
Subject: [PATCH 03/13] Handle IPv6 DNS records on IPv4 networks more liberally
Rather than fail on IPv4 only networks when seeing an IPv6 DNS record,
just give a warning.
@ -13,7 +13,7 @@ Original Author: Stefan Praszalowicz <stefan.praszalowicz@avedya.com>
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
index ced1a8b..3d4714e 100644
index 3ae2c18..9a499b1 100644
--- a/src/usr.sbin/ntpd/client.c
+++ b/src/usr.sbin/ntpd/client.c
@@ -138,9 +138,16 @@ client_query(struct ntp_peer *p)


+ 4
- 4
patches/0004-EAI_NODATA-does-not-exist-everywhere.patch View File

@ -1,7 +1,7 @@
From e885aae66f83f69ba38e33ef0ac706e9fe25f609 Mon Sep 17 00:00:00 2001
From aff999eff42db8c1022fc4c95cd4f2bc689e0708 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:04:08 -0600
Subject: [PATCH 04/12] EAI_NODATA does not exist everywhere
Subject: [PATCH 04/13] EAI_NODATA does not exist everywhere
FreeBSD says it is deprecated #ifdef's it out.
@ -15,10 +15,10 @@ portable software now has to have a special check instead.
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index c814183..ce5d860 100644
index 8904bc4..677139e 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -133,8 +133,14 @@ host_dns(const char *s, struct ntp_addr **hn)
@@ -131,8 +131,14 @@ host_dns(const char *s, struct ntp_addr **hn)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_DGRAM; /* DUMMY */
error = getaddrinfo(s, NULL, &hints, &res0);


+ 2
- 2
patches/0005-Use-LOG_NTP-syslog-facility-if-it-is-available.patch View File

@ -1,7 +1,7 @@
From 889a119fa8e26239f09c38f55f5570b322793faf Mon Sep 17 00:00:00 2001
From 0a55dd5a69636bcb8047e84e63f41cac6d8ac4ae Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:16:54 -0600
Subject: [PATCH 05/12] Use LOG_NTP syslog facility if it is available
Subject: [PATCH 05/13] Use LOG_NTP syslog facility if it is available
FreeBSD PR: 114191
Submitted by: Robert Archer <freebsd@deathbeforedecaf.net>


+ 6
- 6
patches/0006-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch View File

@ -1,17 +1,17 @@
From 7f1cdb9b4cf9d20c59a3d7adf84cf8aeaaab3b0b Mon Sep 17 00:00:00 2001
From a4991f440faa3e9b073c522b62438a32b7fb6ef3 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:02:50 -0600
Subject: [PATCH 06/12] conditionally fill in sin_len/sin6_len if they exist
Subject: [PATCH 06/13] conditionally fill in sin_len/sin6_len if they exist
---
src/usr.sbin/ntpd/config.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index ce5d860..58e387f 100644
index 677139e..9777110 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -73,7 +73,9 @@ host_v4(const char *s)
@@ -71,7 +71,9 @@ host_v4(const char *s)
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
fatal(NULL);
sa_in = (struct sockaddr_in *)&h->ss;
@ -21,7 +21,7 @@ index ce5d860..58e387f 100644
sa_in->sin_family = AF_INET;
sa_in->sin_addr.s_addr = ina.s_addr;
@@ -95,7 +97,9 @@ host_v6(const char *s)
@@ -93,7 +95,9 @@ host_v6(const char *s)
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
fatal(NULL);
sa_in6 = (struct sockaddr_in6 *)&h->ss;
@ -31,7 +31,7 @@ index ce5d860..58e387f 100644
sa_in6->sin6_family = AF_INET6;
memcpy(&sa_in6->sin6_addr,
&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr,
@@ -156,12 +160,16 @@ host_dns(const char *s, struct ntp_addr **hn)
@@ -154,12 +158,16 @@ host_dns(const char *s, struct ntp_addr **hn)
h->ss.ss_family = res->ai_family;
if (res->ai_family == AF_INET) {
sa_in = (struct sockaddr_in *)&h->ss;


+ 3
- 3
patches/0007-check-if-rdomain-support-is-available.patch View File

@ -1,7 +1,7 @@
From 991f5af3c5543d4e1870e35392c9eda53ae89dcc Mon Sep 17 00:00:00 2001
From 682b4ff97c28a1def8192c4eeb9ea8c6b92e3b6c Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:05:46 -0600
Subject: [PATCH 07/12] check if rdomain support is available.
Subject: [PATCH 07/13] check if rdomain support is available.
Handle FreeBSD's calling rdomain 'FIB'.
- from naddy@openbsd.org
@ -13,7 +13,7 @@ Handle FreeBSD's calling rdomain 'FIB'.
4 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
index 3d4714e..339120b 100644
index 9a499b1..fc9186a 100644
--- a/src/usr.sbin/ntpd/client.c
+++ b/src/usr.sbin/ntpd/client.c
@@ -149,10 +149,12 @@ client_query(struct ntp_peer *p)


+ 2
- 2
patches/0008-update-ntpd.conf-to-indicate-OS-dependent-options.patch View File

@ -1,7 +1,7 @@
From 2fc3020dd19b54b7b2da4641304cb7ecdefc13f8 Mon Sep 17 00:00:00 2001
From 41b570b1794534abe338dfc6dc0d0ff002c211c0 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Tue, 30 Dec 2014 09:20:03 -0600
Subject: [PATCH 08/12] update ntpd.conf to indicate OS-dependent options
Subject: [PATCH 08/13] update ntpd.conf to indicate OS-dependent options
Also, clarify listening behavior based on a patch from
Dererk <dererk@debian.org>


+ 2
- 2
patches/0009-allow-overriding-default-user-and-file-locations.patch View File

@ -1,7 +1,7 @@
From 84f1acc50280f93c444c8211f4ee384d58002180 Mon Sep 17 00:00:00 2001
From e432380f8540be3021efa57c723e00c50073f953 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 07:18:11 -0600
Subject: [PATCH 09/12] allow overriding default user and file locations
Subject: [PATCH 09/13] allow overriding default user and file locations
Allow the build process to override the default ntpd file paths and
default user.


+ 3
- 3
patches/0010-add-p-option-to-create-a-pid-file.patch View File

@ -1,7 +1,7 @@
From b5d9a8e7f8991c6a50992171d836aff3d92b7fea Mon Sep 17 00:00:00 2001
From 1f659267b350fadc3b430a9723c69c780d2eea6f Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Wed, 31 Dec 2014 08:26:41 -0600
Subject: [PATCH 10/12] add -p option to create a pid file
Subject: [PATCH 10/13] add -p option to create a pid file
This is used in both the Gentoo and Debian ports.
@ -35,7 +35,7 @@ index 18b12e8..9eb1fee 100644
Do not set the time immediately at startup.
This is the default.
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index 052c240..d7efc25 100644
index ee1ecb5..f89532f 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -83,6 +83,18 @@ sighdlr(int sig)


+ 3
- 3
patches/0011-initialize-setproctitle-where-needed.patch View File

@ -1,14 +1,14 @@
From eb870881c4da0b69676b13a528c40e026e2149f6 Mon Sep 17 00:00:00 2001
From 198aa5cd7cf86d9c10dbdf24291e1f8afbb12410 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 06:18:31 -0600
Subject: [PATCH 11/12] initialize setproctitle where needed
Subject: [PATCH 11/13] initialize setproctitle where needed
---
src/usr.sbin/ntpd/ntpd.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index d7efc25..fb870ad 100644
index f89532f..ea8cf70 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -111,6 +111,11 @@ usage(void)


+ 2
- 2
patches/0012-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch View File

@ -1,7 +1,7 @@
From 9eb62464e9d323197ee5f0aee210c70927989e43 Mon Sep 17 00:00:00 2001
From 1da8b11e25548aa48f055b7c8c1c97310af73fdb Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 12 Jan 2015 21:17:35 -0600
Subject: [PATCH 12/12] document SIGUSR1 fallback if SIGINFO is not
Subject: [PATCH 12/13] document SIGUSR1 fallback if SIGINFO is not
implemented.
---


+ 166
- 0
patches/0013-log-context-of-all-fatal-allocations.patch View File

@ -0,0 +1,166 @@
From c33a7dbd5827d8cf3e81193ea128d9b29a596c4c Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Mon, 19 Jan 2015 04:37:59 -0600
Subject: [PATCH 13/13] log context of all fatal allocations
---
src/usr.sbin/ntpd/config.c | 8 ++++----
src/usr.sbin/ntpd/ntp.c | 8 ++++----
src/usr.sbin/ntpd/ntp_dns.c | 2 +-
src/usr.sbin/ntpd/ntpd.c | 6 +++---
src/usr.sbin/ntpd/parse.y | 6 +++---
5 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c
index 9777110..56b50d2 100644
--- a/src/usr.sbin/ntpd/config.c
+++ b/src/usr.sbin/ntpd/config.c
@@ -41,7 +41,7 @@ host(const char *s, struct ntp_addr **hn)
if (!strcmp(s, "*"))
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
/* IPv4 address? */
if (h == NULL)
@@ -69,7 +69,7 @@ host_v4(const char *s)
return (NULL);
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
sa_in = (struct sockaddr_in *)&h->ss;
#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
sa_in->sin_len = sizeof(struct sockaddr_in);
@@ -93,7 +93,7 @@ host_v6(const char *s)
hints.ai_flags = AI_NUMERICHOST;
if (getaddrinfo(s, "0", &hints, &res) == 0) {
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
sa_in6 = (struct sockaddr_in6 *)&h->ss;
#ifdef SIN6_LEN
sa_in6->sin6_len = sizeof(struct sockaddr_in6);
@@ -154,7 +154,7 @@ host_dns(const char *s, struct ntp_addr **hn)
res->ai_family != AF_INET6)
continue;
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
h->ss.ss_family = res->ai_family;
if (res->ai_family == AF_INET) {
sa_in = (struct sockaddr_in *)&h->ss;
diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
index c8f095e..7db98f6 100644
--- a/src/usr.sbin/ntpd/ntp.c
+++ b/src/usr.sbin/ntpd/ntp.c
@@ -112,7 +112,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
fatal("getservbyname");
if ((nullfd = open(_PATH_DEVNULL, O_RDWR, 0)) == -1)
- fatal(NULL);
+ fatal("open /dev/null");
hotplugfd = sensor_hotplugfd();
close(pipe_prnt[0]);
@@ -166,10 +166,10 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
signal(SIGCHLD, SIG_DFL);
if ((ibuf_main = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("ibuf_main malloc");
imsg_init(ibuf_main, pipe_prnt[1]);
if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("ibuf_dns malloc");
imsg_init(ibuf_dns, pipe_dns[0]);
TAILQ_FOREACH(p, &conf->ntp_peers, entry)
@@ -508,7 +508,7 @@ ntp_dispatch_imsg_dns(void)
while (dlen >= sizeof(struct sockaddr_storage)) {
if ((h = calloc(1, sizeof(struct ntp_addr))) ==
NULL)
- fatal(NULL);
+ fatal("ntp_addr calloc");
memcpy(&h->ss, p, sizeof(h->ss));
p += sizeof(h->ss);
dlen -= sizeof(h->ss);
diff --git a/src/usr.sbin/ntpd/ntp_dns.c b/src/usr.sbin/ntpd/ntp_dns.c
index 7d0236f..6abe3a4 100644
--- a/src/usr.sbin/ntpd/ntp_dns.c
+++ b/src/usr.sbin/ntpd/ntp_dns.c
@@ -87,7 +87,7 @@ ntp_dns(int pipe_ntp[2], struct ntpd_conf *nconf, struct passwd *pw)
signal(SIGHUP, sighdlr_dns);
if ((ibuf_dns = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("imsgbuf malloc");
imsg_init(ibuf_dns, pipe_ntp[1]);
while (quit_dns == 0) {
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
index ea8cf70..65503d9 100644
--- a/src/usr.sbin/ntpd/ntpd.c
+++ b/src/usr.sbin/ntpd/ntpd.c
@@ -235,7 +235,7 @@ main(int argc, char *argv[])
close(pipe_chld[1]);
if ((ibuf = malloc(sizeof(struct imsgbuf))) == NULL)
- fatal(NULL);
+ fatal("imsgbuf malloc");
imsg_init(ibuf, pipe_chld[0]);
while (quit == 0) {
@@ -619,7 +619,7 @@ ctl_main(int argc, char *argv[])
break;
}
}
- if (action == -1)
+ if (action == -1)
usage();
/* NOTREACHED */
@@ -635,7 +635,7 @@ ctl_main(int argc, char *argv[])
err(1, "connect: %s", sockname);
if ((ibuf_ctl = malloc(sizeof(struct imsgbuf))) == NULL)
- err(1, NULL);
+ err(1, "malloc: imsgbuf");
imsg_init(ibuf_ctl, fd);
switch (action) {
diff --git a/src/usr.sbin/ntpd/parse.y b/src/usr.sbin/ntpd/parse.y
index 42a49f7..285fae8 100644
--- a/src/usr.sbin/ntpd/parse.y
+++ b/src/usr.sbin/ntpd/parse.y
@@ -161,7 +161,7 @@ main : LISTEN ON address listen_opts {
p->addr_head.pool = 1;
p->addr_head.name = strdup($2->name);
if (p->addr_head.name == NULL)
- fatal(NULL);
+ fatal("servers strdup");
if (p->addr != NULL)
p->state = STATE_DNS_DONE;
if (!(p->rtable > 0 && p->addr))
@@ -200,7 +200,7 @@ main : LISTEN ON address listen_opts {
p->addr_head.pool = 0;
p->addr_head.name = strdup($2->name);
if (p->addr_head.name == NULL)
- fatal(NULL);
+ fatal("server strdup");
if (p->addr != NULL)
p->state = STATE_DNS_DONE;
if (!(p->rtable > 0 && p->addr))
@@ -224,7 +224,7 @@ main : LISTEN ON address listen_opts {
address : STRING {
if (($$ = calloc(1, sizeof(struct ntp_addr_wrap))) ==
NULL)
- fatal(NULL);
+ fatal("ntp_addr_wrap calloc");
host($1, &$$->a);
$$->name = $1;
}
--
1.9.1

Write Preview
Loading…
Cancel
Save