reorder patches by priority and generality

patches/0001-include-time.h-for-clock_gettime.patch

@@ -1,7 +1,7 @@
 From 53006c85af7c8b69afa3847e12107588c1460c5a Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 08:58:26 -0600
-Subject: [PATCH 01/12] include time.h for clock_gettime
+Subject: [PATCH 01/16] include time.h for clock_gettime
 
 ---
  src/usr.sbin/ntpd/ntpd.c | 1 +

patches/0002-removed-unused-libevent-header-and-structures.patch

@@ -1,7 +1,7 @@
 From da6f7a99e25c9fa0fca75576eaf29f0e8fe67441 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 08:59:19 -0600
-Subject: [PATCH 02/12] removed unused libevent header and structures
+Subject: [PATCH 02/16] removed unused libevent header and structures
 
 ---
  src/usr.sbin/ntpd/ntpd.h | 10 ----------

patches/0004-remove-unused-dns_pid.patch → patches/0003-remove-unused-dns_pid.patch

@@ -1,7 +1,7 @@
-From f67a51ea7b11f1082dac77beb632f4d71f397584 Mon Sep 17 00:00:00 2001
+From be678b846a8bbeede06d66a630a64a19c589c45f Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:01:57 -0600
-Subject: [PATCH 04/12] remove unused dns_pid
+Subject: [PATCH 03/16] remove unused dns_pid
 
 ---
  src/usr.sbin/ntpd/ntp.c | 4 ++--

patches/0014-add-MAX-macro.patch → patches/0004-add-MAX-macro.patch

@@ -1,14 +1,14 @@
-From 802b2ccf5257b840ed252a2bc1a6cb70a37b3f57 Mon Sep 17 00:00:00 2001
+From 06c8339b3a1bde6f71d437d792ae01d118832fb4 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 22:39:58 -0600
-Subject: [PATCH 14/14] add MAX macro
+Subject: [PATCH 04/16] add MAX macro
 
 ---
  src/usr.sbin/ntpd/ntpd.h | 4 ++++
  1 file changed, 4 insertions(+)
 
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
-index f8d6382..5ac0bbb 100644
+index aa9858b..61a447f 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
 @@ -72,6 +72,10 @@

patches/0005-be-more-verbose-when-logging-privsep-errors.patch

@@ -0,0 +1,38 @@
+From b0d68d365d6b4512a5a07d14e56f0c51cdeae0c3 Mon Sep 17 00:00:00 2001
+From: Brent Cook <busterb@gmail.com>
+Date: Thu, 1 Jan 2015 13:06:38 -0600
+Subject: [PATCH 05/16] be more verbose when logging privsep errors
+
+Make it easy for a sysadmin to diagnose a privilege separation path
+problem without looking at the source code.
+---
+ src/usr.sbin/ntpd/ntp.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
+index ddbcedd..26701c8 100644
+--- a/src/usr.sbin/ntpd/ntp.c
++++ b/src/usr.sbin/ntpd/ntp.c
+@@ -121,10 +121,15 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
+ 	ntp_dns(pipe_dns, nconf, pw);
+ 	close(pipe_dns[1]);
+ 
+-	if (stat(pw->pw_dir, &stb) == -1)
+-		fatal("stat");
+-	if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
+-		fatalx("bad privsep dir permissions");
++	if (stat(pw->pw_dir, &stb) == -1) {
++		log_warn("privsep dir %s could not be opened", pw->pw_dir);
++		exit(1);
++	}
++	if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
++		log_warnx("bad privsep dir %s permissions: %o",
++		    pw->pw_dir, stb.st_mode);
++		exit(1);
++	}
+ 	if (chroot(pw->pw_dir) == -1)
+ 		fatal("chroot");
+ 	if (chdir("/") == -1)
+-- 
+1.9.1
+

patches/0006-do-not-allow-privsep-user-to-be-a-privileged-user.patch

@@ -0,0 +1,31 @@
+From 555e4346d4a441e2385b91c3188edbe9b093cfd5 Mon Sep 17 00:00:00 2001
+From: Brent Cook <busterb@gmail.com>
+Date: Thu, 1 Jan 2015 13:26:29 -0600
+Subject: [PATCH 06/16] do not allow privsep user to be a privileged user
+
+This may need to be a function call for different platforms with
+different capability / privilege mechanisms.
+---
+ src/usr.sbin/ntpd/ntp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
+index 26701c8..a24f305 100644
+--- a/src/usr.sbin/ntpd/ntp.c
++++ b/src/usr.sbin/ntpd/ntp.c
+@@ -147,6 +147,12 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
+ 	conf = nconf;
+ 	setup_listeners(se, conf, &listener_cnt);
+ 
++	if (pw->pw_uid == 0 || pw->pw_gid == 0)
++		fatal("privsep user cannot be root");
++
++	if (pw->pw_uid == geteuid() || pw->pw_gid == getegid())
++		fatal("privsep user cannot be the privileged user");
++
+ 	if (setgroups(1, &pw->pw_gid) ||
+ 	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+ 	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+-- 
+1.9.1
+

patches/0008-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch → patches/0007-Handle-IPv6-DNS-records-on-IPv4-networks-more-libera.patch

@@ -1,7 +1,7 @@
-From c26c6628e7ea92d6f3f1c128db15da199787a1fd Mon Sep 17 00:00:00 2001
+From 42535b62e78e5869fd6fef0f075eb17fb0148559 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:10:22 -0600
-Subject: [PATCH 08/12] Handle IPv6 DNS records on IPv4 networks more liberally
+Subject: [PATCH 07/16] Handle IPv6 DNS records on IPv4 networks more liberally
 
 Rather than fail on IPv4 only networks when seeing an IPv6 DNS record,
 just give a warning.
@@ -9,14 +9,14 @@ just give a warning.
 Debian bug ID: 500676.
 Original Author: Stefan Praszalowicz <stefan.praszalowicz@avedya.com>
 ---
- src/usr.sbin/ntpd/client.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
+ src/usr.sbin/ntpd/client.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
 
 diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
-index 9b9b522..0271068 100644
+index e59112a..36d0d9e 100644
 --- a/src/usr.sbin/ntpd/client.c
 +++ b/src/usr.sbin/ntpd/client.c
-@@ -138,9 +138,15 @@ client_query(struct ntp_peer *p)
+@@ -138,9 +138,16 @@ client_query(struct ntp_peer *p)
  	if (p->query->fd == -1) {
  		struct sockaddr *sa = (struct sockaddr *)&p->addr->ss;
  
@@ -24,7 +24,7 @@ index 9b9b522..0271068 100644
 -		    0)) == -1)
 -			fatal("client_query socket");
 +		p->query->fd = socket(p->addr->ss.ss_family, SOCK_DGRAM, 0);
-+		if (p->query->fd == -1)
++		if (p->query->fd == -1) {
 +			if (errno == EAFNOSUPPORT) {
 +				log_warn("client_query socket");
 +				client_nextaddr(p);
@@ -32,9 +32,10 @@ index 9b9b522..0271068 100644
 +				return (-1);
 +			} else
 +				fatal("client_query socket");
++		}
  
- #ifdef SO_RTABLE
  		if (p->rtable != -1 &&
+ 		    setsockopt(p->query->fd, SOL_SOCKET, SO_RTABLE,
 -- 
 1.9.1
 

patches/0013-rename-socket-to-avoid-a-variable-called-sun.patch → patches/0008-rename-socket-to-avoid-a-variable-called-sun.patch

@@ -1,7 +1,7 @@
-From 4283830eb8ae4cc1919271bb11f452d87c717b73 Mon Sep 17 00:00:00 2001
+From 8c872d895d50214a23aad90a7cb31a7a51a08e29 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 22:08:09 -0600
-Subject: [PATCH 13/13] rename socket to avoid a variable called 'sun'
+Subject: [PATCH 08/16] rename socket to avoid a variable called 'sun'
 
 Solaris defines 'sun' as a constant.
 ---
@@ -63,10 +63,10 @@ index 6c5b05d..eb3575b 100644
  			log_warn("control_accept: accept");
  		return (0);
 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
-index b45f4ca..b6b3663 100644
+index 17ebf67..d764a50 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
-@@ -554,7 +554,7 @@ writefreq(double d)
+@@ -527,7 +527,7 @@ writefreq(double d)
  void
  ctl_main(int argc, char *argv[])
  {
@@ -75,7 +75,7 @@ index b45f4ca..b6b3663 100644
  	struct imsg		 imsg;
  	struct imsgbuf		*ibuf_ctl;
  	int			 fd, n, done, ch, action;
-@@ -607,12 +607,12 @@ ctl_main(int argc, char *argv[])
+@@ -580,12 +580,12 @@ ctl_main(int argc, char *argv[])
  	if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
  		err(1, "ntpctl: socket");
  

patches/0011-Fix-DNS-timeout-lookup.patch → patches/0009-Fix-DNS-timeout-lookup.patch

@@ -1,7 +1,7 @@
-From 6f091765d6ee996ad679868deb7f196c240c314e Mon Sep 17 00:00:00 2001
+From b3c2b2c8c9c4e59ad3518d10d3765cf35934d76c Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 08:31:20 -0600
-Subject: [PATCH 11/12] Fix DNS timeout lookup
+Subject: [PATCH 09/16] Fix DNS timeout lookup
 
 Author: Paul B. Henson <henson@acm.org>
 Origin: https://bugs.gentoo.org/show_bug.cgi?id=493358
@@ -10,10 +10,10 @@ Origin: https://bugs.gentoo.org/show_bug.cgi?id=493358
  1 file changed, 5 insertions(+), 1 deletion(-)
 
 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
-index 2d5809c..b45f4ca 100644
+index d764a50..3622a13 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
-@@ -123,6 +123,7 @@ main(int argc, char *argv[])
+@@ -111,6 +111,7 @@ main(int argc, char *argv[])
  	int			 pipe_chld[2];
  	struct passwd		*pw;
  	extern char 		*__progname;
@@ -21,7 +21,7 @@ index 2d5809c..b45f4ca 100644
  
  	if (strcmp(__progname, "ntpctl") == 0) {
  		ctl_main (argc, argv);
-@@ -222,6 +223,8 @@ main(int argc, char *argv[])
+@@ -205,6 +206,8 @@ main(int argc, char *argv[])
  		fatal(NULL);
  	imsg_init(ibuf, pipe_chld[0]);
  
@@ -30,7 +30,7 @@ index 2d5809c..b45f4ca 100644
  	while (quit == 0) {
  		pfd[PFD_PIPE].fd = ibuf->fd;
  		pfd[PFD_PIPE].events = POLLIN;
-@@ -234,7 +237,8 @@ main(int argc, char *argv[])
+@@ -217,7 +220,8 @@ main(int argc, char *argv[])
  				quit = 1;
  			}
  

patches/0003-Use-LOG_NTP-syslog-facility.patch → patches/0010-Use-LOG_NTP-syslog-facility.patch

@@ -1,7 +1,7 @@
-From 20911c235ab4af36242a9b913bc41a3b1b0958cb Mon Sep 17 00:00:00 2001
+From 204f212fd5905b8af28f22c49254be4a29923c94 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:00:12 -0600
-Subject: [PATCH 03/12] Use LOG_NTP syslog facility.
+Subject: [PATCH 10/16] Use LOG_NTP syslog facility.
 
 FreeBSD PR:     114191
 Submitted by:   Robert Archer <freebsd@deathbeforedecaf.net>

patches/0005-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch → patches/0011-conditionally-fill-in-sin_len-sin6_len-if-they-exist.patch

@@ -1,7 +1,7 @@
-From e73468f4e08442681c79e84edc62cf8e9f3b733a Mon Sep 17 00:00:00 2001
+From e6c8f113fb20f3768e3c35b2f23c694a61c7c5f2 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:02:50 -0600
-Subject: [PATCH 05/12] conditionally fill in sin_len/sin6_len if they exist
+Subject: [PATCH 11/16] conditionally fill in sin_len/sin6_len if they exist
 
 Should we even be setting these at all? Does anything really rely in
 this anymore?

patches/0006-EAI_NODATA-does-not-exist-everywhere.patch → patches/0012-EAI_NODATA-does-not-exist-everywhere.patch

@@ -1,7 +1,7 @@
-From ec73e05867d8e80b1f5d056f35eea8f9011b8c3c Mon Sep 17 00:00:00 2001
+From d874a2d6c44f3656289437b49002ba0f19ca63a2 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:04:08 -0600
-Subject: [PATCH 06/14] EAI_NODATA does not exist everywhere
+Subject: [PATCH 12/16] EAI_NODATA does not exist everywhere
 
 FreeBSD says it is deprecated and should be removed.
 ---

patches/0012-don-t-be-too-stingy-on-braces.patch

@@ -1,34 +0,0 @@
-From 47a111a45a541316d7ff9d844362b901f24f41e1 Mon Sep 17 00:00:00 2001
-From: Brent Cook <busterb@gmail.com>
-Date: Wed, 31 Dec 2014 08:47:45 -0600
-Subject: [PATCH 12/12] don't be too stingy on braces
-
-Match if bracing of the block below it to improve readability.
----
- src/usr.sbin/ntpd/client.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
-index 0271068..4bfbf90 100644
---- a/src/usr.sbin/ntpd/client.c
-+++ b/src/usr.sbin/ntpd/client.c
-@@ -139,7 +139,7 @@ client_query(struct ntp_peer *p)
- 		struct sockaddr *sa = (struct sockaddr *)&p->addr->ss;
- 
- 		p->query->fd = socket(p->addr->ss.ss_family, SOCK_DGRAM, 0);
--		if (p->query->fd == -1)
-+		if (p->query->fd == -1) {
- 			if (errno == EAFNOSUPPORT) {
- 				log_warn("client_query socket");
- 				client_nextaddr(p);
-@@ -147,6 +147,7 @@ client_query(struct ntp_peer *p)
- 				return (-1);
- 			} else
- 				fatal("client_query socket");
-+		}
- 
- #ifdef SO_RTABLE
- 		if (p->rtable != -1 &&
--- 
-1.9.1
-

patches/0007-check-if-rdomain-support-is-available.patch → patches/0013-check-if-rdomain-support-is-available.patch

@@ -1,7 +1,7 @@
-From 0ec5710f4872d4feb8ff96b61d4d4a7ca0fa7b09 Mon Sep 17 00:00:00 2001
+From 7774d16dece25b907809a2cba3ede6195798a641 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:05:46 -0600
-Subject: [PATCH 07/12] check if rdomain support is available
+Subject: [PATCH 13/16] check if rdomain support is available
 
 ---
  src/usr.sbin/ntpd/client.c |  4 ++++
@@ -10,12 +10,12 @@ Subject: [PATCH 07/12] check if rdomain support is available
  3 files changed, 16 insertions(+), 1 deletion(-)
 
 diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c
-index e59112a..9b9b522 100644
+index 36d0d9e..4bfbf90 100644
 --- a/src/usr.sbin/ntpd/client.c
 +++ b/src/usr.sbin/ntpd/client.c
-@@ -142,10 +142,12 @@ client_query(struct ntp_peer *p)
- 		    0)) == -1)
- 			fatal("client_query socket");
+@@ -149,10 +149,12 @@ client_query(struct ntp_peer *p)
+ 				fatal("client_query socket");
+ 		}
  
 +#ifdef SO_RTABLE
  		if (p->rtable != -1 &&
@@ -26,7 +26,7 @@ index e59112a..9b9b522 100644
  		if (connect(p->query->fd, sa, SA_LEN(sa)) == -1) {
  			if (errno == ECONNREFUSED || errno == ENETUNREACH ||
  			    errno == EHOSTUNREACH || errno == EADDRNOTAVAIL) {
-@@ -248,10 +250,12 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime)
+@@ -255,10 +257,12 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime)
  		return (0);
  	}
  

patches/0009-update-ntpd.conf-to-indicate-OS-dependent-options.patch → patches/0014-update-ntpd.conf-to-indicate-OS-dependent-options.patch

@@ -1,7 +1,7 @@
-From 84100327370fec7ef44555c380e09e94b8a21c7c Mon Sep 17 00:00:00 2001
+From edb43d28257d62671d7b364a55375bcf1332a1b9 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Tue, 30 Dec 2014 09:20:03 -0600
-Subject: [PATCH 09/12] update ntpd.conf to indicate OS-dependent options
+Subject: [PATCH 14/16] update ntpd.conf to indicate OS-dependent options
 
 Also, clarify listening behavior based on a patch from
 Dererk <dererk@debian.org>

patches/0015-allow-overriding-default-user-and-file-locations.patch

@@ -1,7 +1,7 @@
-From b427630990b65377a7369b3d61e51ce02be1ec93 Mon Sep 17 00:00:00 2001
+From 6f9277a636cdd1c1a69d609f99b5c6ce00f1581b Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Thu, 1 Jan 2015 07:18:11 -0600
-Subject: [PATCH 15/15] allow overriding default user and file locations
+Subject: [PATCH 15/16] allow overriding default user and file locations
 
 Allow the build process to override the default ntpd file paths and
 default user.
@@ -10,7 +10,7 @@ default user.
  1 file changed, 13 insertions(+), 3 deletions(-)
 
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
-index 5ac0bbb..136bdd2 100644
+index 61a447f..efb0c61 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
 @@ -33,10 +33,20 @@

patches/0010-add-p-option-to-create-a-pid-file.patch.disabled → patches/0016-add-p-option-to-create-a-pid-file.patch.disabled

@@ -1,7 +1,7 @@
-From 9a6c847be092266d0cc6d7d1010b614e1253ba65 Mon Sep 17 00:00:00 2001
+From 4bf1b65f3ca244e47e9a7d6f0c475f402aea0d44 Mon Sep 17 00:00:00 2001
 From: Brent Cook <busterb@gmail.com>
 Date: Wed, 31 Dec 2014 08:26:41 -0600
-Subject: [PATCH 10/12] add -p option to create a pid file
+Subject: [PATCH 16/16] add -p option to create a pid file
 
 This is used in both the Gentoo and Debian ports.
 
@@ -35,7 +35,7 @@ index 18b12e8..9eb1fee 100644
  Do not set the time immediately at startup.
  This is the default.
 diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
-index 17ebf67..2d5809c 100644
+index 3622a13..b6b3663 100644
 --- a/src/usr.sbin/ntpd/ntpd.c
 +++ b/src/usr.sbin/ntpd/ntpd.c
 @@ -84,6 +84,18 @@ sighdlr(int sig)
@@ -66,7 +66,7 @@ index 17ebf67..2d5809c 100644
  		    __progname);
  	exit(1);
  }
-@@ -123,7 +135,7 @@ main(int argc, char *argv[])
+@@ -124,7 +136,7 @@ main(int argc, char *argv[])
  
  	log_init(1);		/* log to stderr until daemonized */
  
@@ -75,7 +75,7 @@ index 17ebf67..2d5809c 100644
  		switch (ch) {
  		case 'd':
  			lconf.debug = 1;
-@@ -134,6 +146,9 @@ main(int argc, char *argv[])
+@@ -135,6 +147,9 @@ main(int argc, char *argv[])
  		case 'n':
  			lconf.noaction = 1;
  			break;
@@ -85,7 +85,7 @@ index 17ebf67..2d5809c 100644
  		case 's':
  			lconf.settime = 1;
  			break;
-@@ -174,9 +189,11 @@ main(int argc, char *argv[])
+@@ -175,9 +190,11 @@ main(int argc, char *argv[])
  	reset_adjtime();
  	if (!lconf.settime) {
  		log_init(lconf.debug);
@@ -98,7 +98,7 @@ index 17ebf67..2d5809c 100644
  	} else
  		timeout = SETTIME_TIMEOUT * 1000;
  
-@@ -223,9 +240,11 @@ main(int argc, char *argv[])
+@@ -227,9 +244,11 @@ main(int argc, char *argv[])
  			log_init(lconf.debug);
  			log_debug("no reply received in time, skipping initial "
  			    "time setting");
@@ -111,7 +111,7 @@ index 17ebf67..2d5809c 100644
  		}
  
  		if (nfds > 0 && (pfd[PFD_PIPE].revents & POLLOUT))
-@@ -264,6 +283,8 @@ main(int argc, char *argv[])
+@@ -268,6 +287,8 @@ main(int argc, char *argv[])
  	msgbuf_clear(&ibuf->w);
  	free(ibuf);
  	log_info("Terminating");
@@ -120,7 +120,7 @@ index 17ebf67..2d5809c 100644
  	return (0);
  }
  
-@@ -339,9 +360,11 @@ dispatch_imsg(struct ntpd_conf *lconf)
+@@ -343,9 +364,11 @@ dispatch_imsg(struct ntpd_conf *lconf)
  			memcpy(&d, imsg.data, sizeof(d));
  			ntpd_settime(d);
  			/* daemonize now */
@@ -134,10 +134,10 @@ index 17ebf67..2d5809c 100644
  			timeout = INFTIM;
  			break;
 diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h
-index aa9858b..f8d6382 100644
+index efb0c61..136bdd2 100644
 --- a/src/usr.sbin/ntpd/ntpd.h
 +++ b/src/usr.sbin/ntpd/ntpd.h
-@@ -187,6 +187,7 @@ struct ntpd_conf {
+@@ -201,6 +201,7 @@ struct ntpd_conf {
  	u_int8_t					debug;
  	u_int8_t					noaction;
  	u_int8_t					filters;