Brent Cook
c3f5624f31
add infrastructure for checking out branches
9 years ago
Brent Cook
7ec2068906
remove unnecessary header defines, condense md5
9 years ago
Brent Cook
15a611b230
pare back the unconditional MD5/SHA builtins patch
e0ed8ed664
went too far and broke the
backward compat headers for Linux systems.
9 years ago
Brent Cook
ee9bac45b9
disable strict aliasing
9 years ago
kinichiro
9d7e230cc7
add stdio.h for definition of asprintf and vasprintf
10 years ago
kinichiro
ee0dfcfd61
add sys/mman.h for MAP_ANON and MAP_ANONYMOUS
10 years ago
Brent Cook
5d27eaaaea
rebase patches
9 years ago
Brent Cook
cc8e1790f3
define SHA2_SMALL to remove unneeded SHA hashes
This also removes the need for __weak_alias shims
9 years ago
Brent Cook
366b8de487
include a daemon prototype if needed
9 years ago
Brent Cook
f100b7bdd1
undef MODEMASK from Solaris 10
9 years ago
Brent Cook
8f13cf4a96
include the missing return type for _warn
9 years ago
Brent Cook
464e12bba1
update to etc/examples/ntpd.conf
9 years ago
Brent Cook
87be206389
ensure that sys/types.h includes endian definitions
9 years ago
Brent Cook
6759f143ed
add cdefs shim for defining __weak_alias on platforms without it
9 years ago
Paul B. Henson
a4b54ce35a
Deal with missing SO_TIMESTAMP by falling back to the previous client.c
implementation when it's not found. SO_TIMESTAMP was added in CVS rev 1.85
by henning@.
9 years ago
Paul B. Henson
3a575d5270
Add daemon function for Solaris 10 which lacks it.
9 years ago
Paul B. Henson
1248e2b50a
Add ifaddrs.h stub header file for systems (such as Solaris 10) which
do not have it, and a getifaddrs substitute for Solaris 10.
9 years ago
Paul B. Henson
f427a68fd0
Add paths.h stub for systems (such as Solaris 10) without it.
9 years ago
Brent Cook
ed06bf2eb2
move __progname initialization to before first use
Thanks to pbhenson for noticing this.
9 years ago
Brent Cook
4d333bee2d
rebase the imsg patch
9 years ago
Brent Cook
e2450a51a3
rebase patches on current
9 years ago
Brent Cook
e0ed8ed664
do not link -lmd to get MD5* functions
There are crypto hash function symbol overlaps between libmd and libcrypto on
FreeBSD, which causes hashing of the certificates store to fail as a
side-effect when using TLS constraints. Since all we really need is MD5, just
use the embedded OpenBSD versions instead.
9 years ago
Brent Cook
aacd89e84a
disable RDOMAIN FreeBSD compatibility
9 years ago
Brent Cook
993ab7afa5
add shim for constraint_add
9 years ago
Brent Cook
7523d1ea94
do not override CFLAGS during configure, remove USER_CFLAGS
9 years ago
Brent Cook
ff76a641e3
enable foreign mode, remove unused NEWS file
9 years ago
Brent Cook
f3bb8bae60
rebase patches
9 years ago
Brent Cook
70b6d21af6
signal time sync to the OS
This is used to ensure that the time is written to the RTC when it is
synced. Problem noticed and patched by Christian Weisgerber.
9 years ago
Brent Cook
3efb0d135f
remove unused stub functions, init code
9 years ago
Brent Cook
22bd0a37e9
Update patches: remove integer overflow, add constraint helper
9 years ago
Brent Cook
a9874d0652
add sys/sysctl.h check
9 years ago
Brent Cook
45577a4ab5
bump version
9 years ago
Brent Cook
9aee72e432
bump release one day
9 years ago
Brent Cook
8fedfe3985
ensure that the default value gets substituted for config variables
Remove unneeded AC_SUBST's, call AC_DEFINE for default and user-specified
cases.
Thanks to naddy@ for reporting and suggesting the fixes.
9 years ago
Brent Cook
2994ccfee9
update ChangeLog for the next release
9 years ago
Brent Cook
8511d5afcd
add 32-bit time_t overflow fix, reported by @Romua1d
9 years ago
Brent Cook
35ae470907
define the correct variable for CONSTRAINT_CA
from naddy@
9 years ago
Brent Cook
5ee53acb25
update the example configuration file from upstream
9 years ago
Brent Cook
70ed567131
re-add the configurable --with-privsep-path install-time sanity check
While this still doesn't affect the behavior of the daemon, the
configuration option can at least be set to check the correct privsep
directory for permissions. Revisit in 5.8 as a possible extension to the
runtime check instead to remove the 'knob'.
9 years ago
Brent Cook
7933741802
work around quirky behavior of Solaris adjtime
I could not find a lot of precedence for this, because most time
daemons do not actually look at the value of olddelta. Account for
olddelta getting stuck at 1ms, and for a NULL value of delta being
treated as an error condition.
9 years ago
Brent Cook
128bd48fe2
include tls.h with the distribution package
9 years ago
Brent Cook
ddbf99be57
note libtls dependency for HTTPS constraint
Document CA path option.
9 years ago
Brent Cook
f4da13d519
allow configuring the CA cert path
this is only necessary if constraints are enabled
9 years ago
Brent Cook
d29a678524
allow updating the CA cert path as well
9 years ago
Brent Cook
5daa36f023
remove --with-privsep-path
This has effectively been a no-op during the 5.7 release series and
nobody has yelped (other than being slightly confused about its
purpose). Remove it as an option, since the home dir of the privsep user
is always used as the actual privsep directory anyway.
9 years ago
Brent Cook
21d17b2984
don't assume libtls has linker scripts to resolve dependencies
found this testing on OpenBSD itself :)
9 years ago
Brent Cook
bff382a60f
we don't need a dummy constraint_cmp
9 years ago
Brent Cook
5035e4decb
constraint_init needs to return 0 if we have no constraints
9 years ago
degretr
63d2b407d0
fix typo at line 79
replace "this this" by "like this"
10 years ago
Brent Cook
b493f59fb8
refresh for the latest ntpd upstream code
- add closefrom fallback for OS X / Linux systems, extracted from sudo,
but without the optimized versions, since they cannot work in a
chroot environment (and we're not performance critical here.)
- enable detecting libtls
- conditionally enable https constraint support
9 years ago