From f48b85426580431c5931de8a0cdab5bc94b5fad6 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Sun, 6 Dec 2015 22:37:20 -0600 Subject: [PATCH] rebase and update patches --- ...records-on-IPv4-networks-more-libera.patch | 12 ++--- ...EAI_NODATA-does-not-exist-everywhere.patch | 8 +-- ...P-syslog-facility-if-it-is-available.patch | 6 +-- ...ll-in-sin_len-sin6_len-if-they-exist.patch | 8 +-- ...heck-if-rdomain-support-is-available.patch | 49 ++++--------------- ...onf-to-indicate-OS-dependent-options.patch | 8 +-- ...ding-default-user-and-file-locations.patch | 12 ++--- ...08-add-p-option-to-create-a-pid-file.patch | 30 ++++++------ ...initialize-setproctitle-where-needed.patch | 25 ++++------ ...when-constraint-support-is-disabled.patch} | 46 ++++++++--------- ...-fallback-if-SIGINFO-is-not-implemen.patch | 30 ------------ ...updating-the-realtime-clock-on-sync.patch} | 12 ++--- ...0012-Deal-with-missing-SO_TIMESTAMP.patch} | 25 +++++----- src/Makefile.am | 2 +- 14 files changed, 102 insertions(+), 171 deletions(-) rename patches/{0011-Notify-the-user-when-constraint-support-is-disabled.patch => 0010-Notify-the-user-when-constraint-support-is-disabled.patch} (62%) delete mode 100644 patches/0010-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch rename patches/{0012-add-a-method-for-updating-the-realtime-clock-on-sync.patch => 0011-add-a-method-for-updating-the-realtime-clock-on-sync.patch} (72%) rename patches/{0013-Deal-with-missing-SO_TIMESTAMP.patch => 0012-Deal-with-missing-SO_TIMESTAMP.patch} (71%) diff --git a/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch b/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch index 0beffc6..635d3a6 100644 --- a/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch +++ b/patches/0001-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch @@ -1,7 +1,7 @@ -From 23bd483c6f15ae1237eb7764110590706f13c108 Mon Sep 17 00:00:00 2001 +From 7e3c2f022bd8f008d6db389c06b340972d3e0cc8 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Tue, 30 Dec 2014 09:10:22 -0600 -Subject: [PATCH 01/13] Handle IPv6 DNS records on IPv4 networks more liberally +Subject: [PATCH 01/12] Handle IPv6 DNS records on IPv4 networks more liberally Rather than fail on IPv4 only networks when seeing an IPv6 DNS record, just give a warning. @@ -13,7 +13,7 @@ Original Author: Stefan Praszalowicz 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c -index 1d982d6..e717d69 100644 +index a92382b..7ce3b38 100644 --- a/src/usr.sbin/ntpd/client.c +++ b/src/usr.sbin/ntpd/client.c @@ -138,9 +138,16 @@ client_query(struct ntp_peer *p) @@ -34,8 +34,8 @@ index 1d982d6..e717d69 100644 + fatal("client_query socket"); + } - if (p->rtable != -1 && - setsockopt(p->query->fd, SOL_SOCKET, SO_RTABLE, + if (connect(p->query->fd, sa, SA_LEN(sa)) == -1) { + if (errno == ECONNREFUSED || errno == ENETUNREACH || -- -2.4.5 +2.6.3 diff --git a/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch b/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch index 36015e6..0a3d3a7 100644 --- a/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch +++ b/patches/0002-EAI_NODATA-does-not-exist-everywhere.patch @@ -1,7 +1,7 @@ -From 68baaf4eb14d9e6a1ce6c289580a561a878285f5 Mon Sep 17 00:00:00 2001 +From 8fee6e437f4adf331a76c704c8c5cba4df255f19 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Tue, 30 Dec 2014 09:04:08 -0600 -Subject: [PATCH 02/13] EAI_NODATA does not exist everywhere +Subject: [PATCH 02/12] EAI_NODATA does not exist everywhere FreeBSD says it is deprecated #ifdef's it out. @@ -15,7 +15,7 @@ portable software now has to have a special check instead. 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c -index 3945405..8c1baa2 100644 +index b2f688e..c0a99b1 100644 --- a/src/usr.sbin/ntpd/config.c +++ b/src/usr.sbin/ntpd/config.c @@ -133,8 +133,14 @@ host_dns(const char *s, struct ntp_addr **hn) @@ -36,5 +36,5 @@ index 3945405..8c1baa2 100644 log_warnx("could not parse \"%s\": %s", s, gai_strerror(error)); -- -2.4.5 +2.6.3 diff --git a/patches/0003-Use-LOG_NTP-syslog-facility-if-it-is-available.patch b/patches/0003-Use-LOG_NTP-syslog-facility-if-it-is-available.patch index b66ad81..4e57d4f 100644 --- a/patches/0003-Use-LOG_NTP-syslog-facility-if-it-is-available.patch +++ b/patches/0003-Use-LOG_NTP-syslog-facility-if-it-is-available.patch @@ -1,7 +1,7 @@ -From 34d5195a0a360967ebf3694467512ada27f81650 Mon Sep 17 00:00:00 2001 +From ec9ba68b495b4d866b3f8542ff054541aaae87fd Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Mon, 12 Jan 2015 21:16:54 -0600 -Subject: [PATCH 03/13] Use LOG_NTP syslog facility if it is available +Subject: [PATCH 03/12] Use LOG_NTP syslog facility if it is available FreeBSD PR: 114191 Submitted by: Robert Archer @@ -51,5 +51,5 @@ index 1d8304b..5d34709 100644 tzset(); } -- -2.4.5 +2.6.3 diff --git a/patches/0004-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch b/patches/0004-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch index 905d318..64c014a 100644 --- a/patches/0004-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch +++ b/patches/0004-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch @@ -1,14 +1,14 @@ -From 3537c0e956f9f67085fa9e76f303689df8753d2e Mon Sep 17 00:00:00 2001 +From c936d099934f3d85dae03e3ac54af2056788a96e Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Tue, 30 Dec 2014 09:02:50 -0600 -Subject: [PATCH 04/13] conditionally fill in sin_len/sin6_len if they exist +Subject: [PATCH 04/12] conditionally fill in sin_len/sin6_len if they exist --- src/usr.sbin/ntpd/config.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c -index 8c1baa2..2e39604 100644 +index c0a99b1..87de17a 100644 --- a/src/usr.sbin/ntpd/config.c +++ b/src/usr.sbin/ntpd/config.c @@ -72,7 +72,9 @@ host_v4(const char *s) @@ -49,5 +49,5 @@ index 8c1baa2..2e39604 100644 res->ai_addr)->sin6_addr, sizeof(struct in6_addr)); } -- -2.4.5 +2.6.3 diff --git a/patches/0005-check-if-rdomain-support-is-available.patch b/patches/0005-check-if-rdomain-support-is-available.patch index be0fd39..d186ce1 100644 --- a/patches/0005-check-if-rdomain-support-is-available.patch +++ b/patches/0005-check-if-rdomain-support-is-available.patch @@ -1,56 +1,25 @@ -From 2e02b774dc28b1db74bd9c1837fd056c57234080 Mon Sep 17 00:00:00 2001 +From 9dcb2008acca9650e4cf05f10a051c1a94bde77e Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Tue, 30 Dec 2014 09:05:46 -0600 -Subject: [PATCH 05/13] check if rdomain support is available. +Subject: [PATCH 05/12] check if rdomain support is available. Handle FreeBSD's calling rdomain 'FIB'. - from naddy@openbsd.org --- - src/usr.sbin/ntpd/client.c | 4 ++++ src/usr.sbin/ntpd/ntpd.h | 6 ++++++ src/usr.sbin/ntpd/parse.y | 2 ++ src/usr.sbin/ntpd/server.c | 15 ++++++++++++++- - 4 files changed, 26 insertions(+), 1 deletion(-) + 3 files changed, 22 insertions(+), 1 deletion(-) -diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c -index e717d69..2be1f93 100644 ---- a/src/usr.sbin/ntpd/client.c -+++ b/src/usr.sbin/ntpd/client.c -@@ -149,10 +149,12 @@ client_query(struct ntp_peer *p) - fatal("client_query socket"); - } - -+#ifdef SO_RTABLE - if (p->rtable != -1 && - setsockopt(p->query->fd, SOL_SOCKET, SO_RTABLE, - &p->rtable, sizeof(p->rtable)) == -1) - fatal("client_query setsockopt SO_RTABLE"); -+#endif - if (connect(p->query->fd, sa, SA_LEN(sa)) == -1) { - if (errno == ECONNREFUSED || errno == ENETUNREACH || - errno == EHOSTUNREACH || errno == EADDRNOTAVAIL) { -@@ -255,10 +257,12 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) - return (0); - } - -+#ifdef SO_RTABLE - if (p->rtable != -1 && - setsockopt(p->query->fd, SOL_SOCKET, SO_RTABLE, &p->rtable, - sizeof(p->rtable)) == -1) - fatal("client_dispatch setsockopt SO_RTABLE"); -+#endif - - for (cmsg = CMSG_FIRSTHDR(&somsg); cmsg != NULL; - cmsg = CMSG_NXTHDR(&somsg, cmsg)) { diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h -index de4cd84..5bdd7a7 100644 +index f6507f2..fa2eb7a 100644 --- a/src/usr.sbin/ntpd/ntpd.h +++ b/src/usr.sbin/ntpd/ntpd.h @@ -41,6 +41,12 @@ #define DRIFTFILE "/var/db/ntpd.drift" #define CTLSOCKET "/var/run/ntpd.sock" -+#if defined(SO_SETFIB) && defined(FREEBSD_SO_RTABLE_ENABLED) ++#if defined(SO_SETFIB) +#define SO_RTABLE SO_SETFIB +#define SIOCGIFRDOMAIN SIOCGIFFIB +#define ifr_rdomainid ifr_fib @@ -60,10 +29,10 @@ index de4cd84..5bdd7a7 100644 #define INTERVAL_QUERY_PATHETIC 60 #define INTERVAL_QUERY_AGGRESSIVE 5 diff --git a/src/usr.sbin/ntpd/parse.y b/src/usr.sbin/ntpd/parse.y -index 4b9ef49..375f609 100644 +index 6d50795..33fe13d 100644 --- a/src/usr.sbin/ntpd/parse.y +++ b/src/usr.sbin/ntpd/parse.y -@@ -412,11 +412,13 @@ weight : WEIGHT NUMBER { +@@ -404,11 +404,13 @@ weight : WEIGHT NUMBER { opts.weight = $2; } rtable : RTABLE NUMBER { @@ -78,7 +47,7 @@ index 4b9ef49..375f609 100644 } ; diff --git a/src/usr.sbin/ntpd/server.c b/src/usr.sbin/ntpd/server.c -index ef448d3..618cd8f 100644 +index fb297d7..2e28b9b 100644 --- a/src/usr.sbin/ntpd/server.c +++ b/src/usr.sbin/ntpd/server.c @@ -35,11 +35,16 @@ setup_listeners(struct servent *se, struct ntpd_conf *lconf, u_int *cnt) @@ -143,5 +112,5 @@ index ef448d3..618cd8f 100644 if (bind(la->fd, (struct sockaddr *)&la->sa, SA_LEN((struct sockaddr *)&la->sa)) == -1) { -- -2.4.5 +2.6.3 diff --git a/patches/0006-update-ntpd.conf-to-indicate-OS-dependent-options.patch b/patches/0006-update-ntpd.conf-to-indicate-OS-dependent-options.patch index 5d166c6..242db62 100644 --- a/patches/0006-update-ntpd.conf-to-indicate-OS-dependent-options.patch +++ b/patches/0006-update-ntpd.conf-to-indicate-OS-dependent-options.patch @@ -1,7 +1,7 @@ -From 48d02d4b495a95851b1f709ea38d51c61f1be4e1 Mon Sep 17 00:00:00 2001 +From 7ff884df5fdca1cf65650db6cc06235f5cc042ef Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Tue, 30 Dec 2014 09:20:03 -0600 -Subject: [PATCH 06/13] update ntpd.conf to indicate OS-dependent options +Subject: [PATCH 06/12] update ntpd.conf to indicate OS-dependent options Also, clarify listening behavior based on a patch from Dererk @@ -11,7 +11,7 @@ Debian bug ID: 575705 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/usr.sbin/ntpd/ntpd.conf.5 b/src/usr.sbin/ntpd/ntpd.conf.5 -index 65b51b0..5dd584d 100644 +index af11a7e..87f94e8 100644 --- a/src/usr.sbin/ntpd/ntpd.conf.5 +++ b/src/usr.sbin/ntpd/ntpd.conf.5 @@ -38,9 +38,14 @@ The basic configuration options are as follows: @@ -49,5 +49,5 @@ index 65b51b0..5dd584d 100644 .Xr ntpd 8 will use each given sensor that actually exists. -- -2.4.5 +2.6.3 diff --git a/patches/0007-allow-overriding-default-user-and-file-locations.patch b/patches/0007-allow-overriding-default-user-and-file-locations.patch index 8607fbd..a63daac 100644 --- a/patches/0007-allow-overriding-default-user-and-file-locations.patch +++ b/patches/0007-allow-overriding-default-user-and-file-locations.patch @@ -1,7 +1,7 @@ -From 8f37bf27e304caa46054962b6c285ad0ce0e050c Mon Sep 17 00:00:00 2001 +From eb72af64c3304396f355b54cba266b4ed300b8c9 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Thu, 1 Jan 2015 07:18:11 -0600 -Subject: [PATCH 07/13] allow overriding default user and file locations +Subject: [PATCH 07/12] allow overriding default user and file locations Allow the build process to override the default ntpd file paths and default user. @@ -10,7 +10,7 @@ default user. 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h -index 5bdd7a7..5172c45 100644 +index fa2eb7a..1383056 100644 --- a/src/usr.sbin/ntpd/ntpd.h +++ b/src/usr.sbin/ntpd/ntpd.h @@ -36,10 +36,20 @@ @@ -35,9 +35,9 @@ index 5bdd7a7..5172c45 100644 +#define DRIFTFILE LOCALSTATEDIR "/db/ntpd.drift" +#define CTLSOCKET LOCALSTATEDIR "/run/ntpd.sock" - #if defined(SO_SETFIB) && defined(FREEBSD_SO_RTABLE_ENABLED) + #if defined(SO_SETFIB) #define SO_RTABLE SO_SETFIB -@@ -88,7 +98,9 @@ +@@ -87,7 +97,9 @@ #define CONSTRAINT_PORT "443" /* HTTPS port */ #define CONSTRAINT_MAXHEADERLENGTH 8192 #define CONSTRAINT_PASSFD (STDERR_FILENO + 1) @@ -48,5 +48,5 @@ index 5bdd7a7..5172c45 100644 enum client_state { STATE_NONE, -- -2.4.5 +2.6.3 diff --git a/patches/0008-add-p-option-to-create-a-pid-file.patch b/patches/0008-add-p-option-to-create-a-pid-file.patch index 91bbcd3..941597b 100644 --- a/patches/0008-add-p-option-to-create-a-pid-file.patch +++ b/patches/0008-add-p-option-to-create-a-pid-file.patch @@ -1,7 +1,7 @@ -From 5e7e9b21cbc8ed49aed22e67cf6315477a76db4d Mon Sep 17 00:00:00 2001 +From 735b7714af879176149a9861d781b275e7079fb7 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Wed, 31 Dec 2014 08:26:41 -0600 -Subject: [PATCH 08/13] add -p option to create a pid file +Subject: [PATCH 08/12] add -p option to create a pid file This is used in both the Gentoo and Debian ports. @@ -13,7 +13,7 @@ Origin: https://bugs.gentoo.org/show_bug.cgi?id=493082 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/src/usr.sbin/ntpd/ntpd.8 b/src/usr.sbin/ntpd/ntpd.8 -index af56fb9..b11b5ca 100644 +index dcfb6d2..1b885a1 100644 --- a/src/usr.sbin/ntpd/ntpd.8 +++ b/src/usr.sbin/ntpd/ntpd.8 @@ -25,6 +25,7 @@ @@ -35,10 +35,10 @@ index af56fb9..b11b5ca 100644 Do not set the time immediately at startup. This is the default. diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c -index 045bdd4..c7935bf 100644 +index 83b42ee..40570ee 100644 --- a/src/usr.sbin/ntpd/ntpd.c +++ b/src/usr.sbin/ntpd/ntpd.c -@@ -83,6 +83,18 @@ sighdlr(int sig) +@@ -86,6 +86,18 @@ sighdlr(int sig) } } @@ -57,7 +57,7 @@ index 045bdd4..c7935bf 100644 __dead void usage(void) { -@@ -92,7 +104,7 @@ usage(void) +@@ -95,7 +107,7 @@ usage(void) fprintf(stderr, "usage: ntpctl -s all | peers | Sensors | status\n"); else @@ -66,7 +66,7 @@ index 045bdd4..c7935bf 100644 __progname); exit(1); } -@@ -123,7 +135,7 @@ main(int argc, char *argv[]) +@@ -133,7 +145,7 @@ main(int argc, char *argv[]) log_init(1); /* log to stderr until daemonized */ @@ -75,7 +75,7 @@ index 045bdd4..c7935bf 100644 switch (ch) { case 'd': lconf.debug = 1; -@@ -135,6 +147,9 @@ main(int argc, char *argv[]) +@@ -145,6 +157,9 @@ main(int argc, char *argv[]) case 'n': lconf.noaction = 1; break; @@ -85,7 +85,7 @@ index 045bdd4..c7935bf 100644 case 's': lconf.settime = 1; break; -@@ -175,9 +190,11 @@ main(int argc, char *argv[]) +@@ -189,9 +204,11 @@ main(int argc, char *argv[]) reset_adjtime(); if (!lconf.settime) { log_init(lconf.debug); @@ -98,7 +98,7 @@ index 045bdd4..c7935bf 100644 } else timeout = SETTIME_TIMEOUT * 1000; -@@ -224,9 +241,11 @@ main(int argc, char *argv[]) +@@ -269,9 +286,11 @@ main(int argc, char *argv[]) log_init(lconf.debug); log_warnx("no reply received in time, skipping initial " "time setting"); @@ -111,7 +111,7 @@ index 045bdd4..c7935bf 100644 } if (nfds > 0 && (pfd[PFD_PIPE].revents & POLLOUT)) -@@ -265,6 +284,8 @@ main(int argc, char *argv[]) +@@ -314,6 +333,8 @@ main(int argc, char *argv[]) msgbuf_clear(&ibuf->w); free(ibuf); log_info("Terminating"); @@ -120,7 +120,7 @@ index 045bdd4..c7935bf 100644 return (0); } -@@ -337,9 +358,11 @@ dispatch_imsg(struct ntpd_conf *lconf) +@@ -396,9 +417,11 @@ dispatch_imsg(struct ntpd_conf *lconf, const char *pw_dir, memcpy(&d, imsg.data, sizeof(d)); ntpd_settime(d); /* daemonize now */ @@ -134,10 +134,10 @@ index 045bdd4..c7935bf 100644 timeout = INFTIM; break; diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h -index 5172c45..f31d9f8 100644 +index 1383056..e542849 100644 --- a/src/usr.sbin/ntpd/ntpd.h +++ b/src/usr.sbin/ntpd/ntpd.h -@@ -239,6 +239,7 @@ struct ntpd_conf { +@@ -242,6 +242,7 @@ struct ntpd_conf { u_int constraint_errors; u_int8_t *ca; size_t ca_len; @@ -146,5 +146,5 @@ index 5172c45..f31d9f8 100644 struct ctl_show_status { -- -2.4.5 +2.6.3 diff --git a/patches/0009-initialize-setproctitle-where-needed.patch b/patches/0009-initialize-setproctitle-where-needed.patch index 7271e7d..5322fba 100644 --- a/patches/0009-initialize-setproctitle-where-needed.patch +++ b/patches/0009-initialize-setproctitle-where-needed.patch @@ -1,7 +1,7 @@ -From fd8a742d7e3f2ff92e812cdccfb3477b948340fc Mon Sep 17 00:00:00 2001 +From 3f56ed57c9f7dcf2c77d29fadb307d10664c5075 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Mon, 12 Jan 2015 06:18:31 -0600 -Subject: [PATCH 09/13] initialize setproctitle where needed +Subject: [PATCH 09/12] initialize setproctitle where needed We need to save a copy of argv and __progname to avoid setproctitle clobbering them. @@ -10,12 +10,12 @@ clobbering them. 1 file changed, 20 insertions(+) diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c -index c7935bf..310e808 100644 +index 40570ee..b86d6ed 100644 --- a/src/usr.sbin/ntpd/ntpd.c +++ b/src/usr.sbin/ntpd/ntpd.c -@@ -112,6 +112,13 @@ usage(void) - #define POLL_MAX 8 +@@ -116,6 +116,13 @@ usage(void) #define PFD_PIPE 0 + #define PFD_MAX 1 +/* Saves a copy of argv for setproctitle emulation */ +#ifndef HAVE_SETPROCTITLE @@ -27,19 +27,12 @@ index c7935bf..310e808 100644 int main(int argc, char *argv[]) { -@@ -124,6 +131,8 @@ main(int argc, char *argv[]) - struct passwd *pw; - extern char *__progname; - -+ __progname = get_progname(argv[0]); -+ - if (strcmp(__progname, "ntpctl") == 0) { - ctl_main(argc, argv); - /* NOTREACHED */ -@@ -135,6 +144,17 @@ main(int argc, char *argv[]) +@@ -145,6 +152,19 @@ main(int argc, char *argv[]) log_init(1); /* log to stderr until daemonized */ ++ __progname = get_progname(argv[0]); ++ +#ifndef HAVE_SETPROCTITLE + int i; + /* Prepare for later setproctitle emulation */ @@ -55,5 +48,5 @@ index c7935bf..310e808 100644 switch (ch) { case 'd': -- -2.4.5 +2.6.3 diff --git a/patches/0011-Notify-the-user-when-constraint-support-is-disabled.patch b/patches/0010-Notify-the-user-when-constraint-support-is-disabled.patch similarity index 62% rename from patches/0011-Notify-the-user-when-constraint-support-is-disabled.patch rename to patches/0010-Notify-the-user-when-constraint-support-is-disabled.patch index 94bc355..3300e72 100644 --- a/patches/0011-Notify-the-user-when-constraint-support-is-disabled.patch +++ b/patches/0010-Notify-the-user-when-constraint-support-is-disabled.patch @@ -1,24 +1,24 @@ -From 12e4fcd674dd852fe8838c60fee6168344df8b5f Mon Sep 17 00:00:00 2001 +From bdbcdad24473d94d2871650e65adba694e078a7b Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Fri, 27 Mar 2015 23:14:15 -0500 -Subject: [PATCH 11/13] Notify the user when constraint support is disabled. +Subject: [PATCH 10/12] Notify the user when constraint support is disabled. Update the manpage and make a constraint line a fatal error if it is configured but ntpd is built without libtls present. From Paul B. Henson. --- - src/usr.sbin/ntpd/config.c | 3 +++ - src/usr.sbin/ntpd/ntp.c | 2 ++ - src/usr.sbin/ntpd/ntpd.conf.5 | 7 +++++-- + src/usr.sbin/ntpd/config.c | 3 +++ + src/usr.sbin/ntpd/constraint.c | 2 ++ + src/usr.sbin/ntpd/ntpd.conf.5 | 7 +++++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c -index 2e39604..779aed6 100644 +index 87de17a..5a75030 100644 --- a/src/usr.sbin/ntpd/config.c +++ b/src/usr.sbin/ntpd/config.c -@@ -218,6 +218,9 @@ new_constraint(void) - fatal("new_constraint calloc"); +@@ -219,6 +219,9 @@ new_constraint(void) p->id = ++constraint_maxid; + p->fd = -1; +#ifndef HAVE_LIBTLS + fatal("constraint configured without libtls support"); @@ -26,30 +26,30 @@ index 2e39604..779aed6 100644 return (p); } -diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c -index 50fc468..566fd74 100644 ---- a/src/usr.sbin/ntpd/ntp.c -+++ b/src/usr.sbin/ntpd/ntp.c -@@ -109,12 +109,14 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf, - return (pid); - } +diff --git a/src/usr.sbin/ntpd/constraint.c b/src/usr.sbin/ntpd/constraint.c +index 3fc837f..72b3980 100644 +--- a/src/usr.sbin/ntpd/constraint.c ++++ b/src/usr.sbin/ntpd/constraint.c +@@ -288,12 +288,14 @@ priv_constraint_child(struct constraint *cstr, struct ntp_addr_msg *am, + if (setpriority(PRIO_PROCESS, 0, 0) == -1) + log_warn("could not set priority"); +#ifdef HAVE_LIBTLS - tls_init(); - - /* Verification will be turned off if CA is not found */ + /* Init TLS and load cert before chroot() */ + if (tls_init() == -1) + fatalx("tls_init"); if ((conf->ca = tls_load_file(CONSTRAINT_CA, &conf->ca_len, NULL)) == NULL) log_warnx("constraint certificate verification turned off"); +#endif - /* in this case the parent didn't init logging and didn't daemonize */ - if (nconf->settime && !nconf->debug) { + if (chroot(pw_dir) == -1) + fatal("chroot"); diff --git a/src/usr.sbin/ntpd/ntpd.conf.5 b/src/usr.sbin/ntpd/ntpd.conf.5 -index 5dd584d..7b09932 100644 +index 87f94e8..7f729d2 100644 --- a/src/usr.sbin/ntpd/ntpd.conf.5 +++ b/src/usr.sbin/ntpd/ntpd.conf.5 -@@ -191,8 +191,11 @@ authenticated constraint, +@@ -185,8 +185,11 @@ authenticated constraint, thereby reducing the impact of unauthenticated NTP man-in-the-middle attacks. Received NTP packets with time information falling outside of a range @@ -64,5 +64,5 @@ index 5dd584d..7b09932 100644 .It Ic constraint from Ar url Specify the URL, IP address or the hostname of an HTTPS server to -- -2.4.5 +2.6.3 diff --git a/patches/0010-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch b/patches/0010-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch deleted file mode 100644 index 848bdbc..0000000 --- a/patches/0010-document-SIGUSR1-fallback-if-SIGINFO-is-not-implemen.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 60c072f759cadd167a929e035b33877b1f08103a Mon Sep 17 00:00:00 2001 -From: Brent Cook -Date: Mon, 12 Jan 2015 21:17:35 -0600 -Subject: [PATCH 10/13] document SIGUSR1 fallback if SIGINFO is not - implemented. - ---- - src/usr.sbin/ntpd/ntpd.8 | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/src/usr.sbin/ntpd/ntpd.8 b/src/usr.sbin/ntpd/ntpd.8 -index b11b5ca..24f08e0 100644 ---- a/src/usr.sbin/ntpd/ntpd.8 -+++ b/src/usr.sbin/ntpd/ntpd.8 -@@ -129,7 +129,11 @@ When - .Pq engine - receives a - .Dv SIGINFO --signal, it writes its peer and sensor status to -+signal (or a -+.Dv SIGUSR1 -+signal on systems without -+.Dv SIGINFO), -+it writes its peer and sensor status to - .Xr syslog 3 . - .Sh FILES - .Bl -tag -width "/var/db/ntpd.driftXXX" -compact --- -2.4.5 - diff --git a/patches/0012-add-a-method-for-updating-the-realtime-clock-on-sync.patch b/patches/0011-add-a-method-for-updating-the-realtime-clock-on-sync.patch similarity index 72% rename from patches/0012-add-a-method-for-updating-the-realtime-clock-on-sync.patch rename to patches/0011-add-a-method-for-updating-the-realtime-clock-on-sync.patch index 3067eca..587fb5e 100644 --- a/patches/0012-add-a-method-for-updating-the-realtime-clock-on-sync.patch +++ b/patches/0011-add-a-method-for-updating-the-realtime-clock-on-sync.patch @@ -1,7 +1,7 @@ -From 0ae8358adca5935a76b908938104ef9cb1ee60c1 Mon Sep 17 00:00:00 2001 +From c826fa9409c17c67c347707fb146b22915815449 Mon Sep 17 00:00:00 2001 From: Brent Cook Date: Mon, 4 May 2015 04:27:29 -0500 -Subject: [PATCH 12/13] add a method for updating the realtime clock on sync +Subject: [PATCH 11/12] add a method for updating the realtime clock on sync from Christian Weisgerber --- @@ -9,10 +9,10 @@ from Christian Weisgerber 1 file changed, 2 insertions(+) diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c -index 310e808..2f89aed 100644 +index b86d6ed..7cccb75 100644 --- a/src/usr.sbin/ntpd/ntpd.c +++ b/src/usr.sbin/ntpd/ntpd.c -@@ -53,6 +53,7 @@ const char *ctl_lookup_option(char *, const char **); +@@ -54,6 +54,7 @@ const char *ctl_lookup_option(char *, const char **); void show_status_msg(struct imsg *); void show_peer_msg(struct imsg *, int); void show_sensor_msg(struct imsg *, int); @@ -20,7 +20,7 @@ index 310e808..2f89aed 100644 volatile sig_atomic_t quit = 0; volatile sig_atomic_t reconfig = 0; -@@ -423,6 +424,7 @@ ntpd_adjtime(double d) +@@ -487,6 +488,7 @@ ntpd_adjtime(double d) else if (!firstadj && olddelta.tv_sec == 0 && olddelta.tv_usec == 0) synced = 1; firstadj = 0; @@ -29,5 +29,5 @@ index 310e808..2f89aed 100644 } -- -2.4.5 +2.6.3 diff --git a/patches/0013-Deal-with-missing-SO_TIMESTAMP.patch b/patches/0012-Deal-with-missing-SO_TIMESTAMP.patch similarity index 71% rename from patches/0013-Deal-with-missing-SO_TIMESTAMP.patch rename to patches/0012-Deal-with-missing-SO_TIMESTAMP.patch index db1a30e..2d0fe32 100644 --- a/patches/0013-Deal-with-missing-SO_TIMESTAMP.patch +++ b/patches/0012-Deal-with-missing-SO_TIMESTAMP.patch @@ -1,21 +1,20 @@ -From 90c47e06db660d4de455769fc291b1580a9f9414 Mon Sep 17 00:00:00 2001 +From 38933e5e9b3aa2d1b6d2b6fcb609494694fdfe44 Mon Sep 17 00:00:00 2001 From: Brent Cook -Date: Sat, 18 Jul 2015 01:14:55 -0500 -Subject: [PATCH 13/13] Deal with missing SO_TIMESTAMP +Date: Sun, 6 Dec 2015 22:35:38 -0600 +Subject: [PATCH 12/12] Deal with missing SO_TIMESTAMP from Paul B. Henson" Fall back to the previous client.c implementation when it is not found. -SO_TIMESTAMP was added in CVS rev 1.85 by henning@. --- src/usr.sbin/ntpd/client.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c -index 2be1f93..e2076f8 100644 +index 7ce3b38..edca87c 100644 --- a/src/usr.sbin/ntpd/client.c +++ b/src/usr.sbin/ntpd/client.c -@@ -169,10 +169,12 @@ client_query(struct ntp_peer *p) +@@ -163,10 +163,12 @@ client_query(struct ntp_peer *p) if (p->addr->ss.ss_family == AF_INET && setsockopt(p->query->fd, IPPROTO_IP, IP_TOS, &val, sizeof(val)) == -1) log_warn("setsockopt IPTOS_LOWDELAY"); @@ -28,7 +27,7 @@ index 2be1f93..e2076f8 100644 } /* -@@ -219,7 +221,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) +@@ -213,7 +215,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) struct cmsghdr hdr; char buf[CMSG_SPACE(sizeof(tv))]; } cmsgbuf; @@ -38,7 +37,7 @@ index 2be1f93..e2076f8 100644 ssize_t size; double T1, T2, T3, T4; time_t interval; -@@ -232,7 +236,6 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) +@@ -226,7 +230,6 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) somsg.msg_control = cmsgbuf.buf; somsg.msg_controllen = sizeof(cmsgbuf.buf); @@ -46,16 +45,16 @@ index 2be1f93..e2076f8 100644 if ((size = recvmsg(p->query->fd, &somsg, 0)) == -1) { if (errno == EHOSTUNREACH || errno == EHOSTDOWN || errno == ENETUNREACH || errno == ENETDOWN || -@@ -264,6 +267,8 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) - fatal("client_dispatch setsockopt SO_RTABLE"); - #endif +@@ -251,6 +254,8 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) + return (0); + } +#ifdef SO_TIMESTAMP + T4 = getoffset(); for (cmsg = CMSG_FIRSTHDR(&somsg); cmsg != NULL; cmsg = CMSG_NXTHDR(&somsg, cmsg)) { if (cmsg->cmsg_level == SOL_SOCKET && -@@ -273,6 +278,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) +@@ -260,6 +265,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) break; } } @@ -66,5 +65,5 @@ index 2be1f93..e2076f8 100644 if (T4 < JAN_1970) { client_log_error(p, "recvmsg control format", EBADF); -- -2.4.5 +2.6.3 diff --git a/src/Makefile.am b/src/Makefile.am index 4e386b7..69bcbc1 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -28,7 +28,7 @@ ntpd_CFLAGS = $(CFLAGS) ntpd_CFLAGS += -DSYSCONFDIR=\"$(sysconfdir)\" ntpd_CFLAGS += -DLOCALSTATEDIR=\"$(localstatedir)\" -ntpd_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD) +ntpd_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD) -lm ntpd_LDADD += $(top_builddir)/compat/libcompat.la ntpd_LDADD += $(top_builddir)/compat/libcompatnoopt.la