diff options
author | hannken <hannken@pkgsrc.org> | 2015-04-13 10:03:21 +0000 |
---|---|---|
committer | hannken <hannken@pkgsrc.org> | 2015-04-13 10:03:21 +0000 |
commit | e654735740cfdb3ebc6d0d3625798a33254610e8 (patch) | |
tree | 85e6b37991d4bf48b51dd7b1992de0b1a1d9d015 /net | |
parent | 9a69f59d66659521c23b3672d1330aed8c173777 (diff) | |
download | pkgsrc-e654735740cfdb3ebc6d0d3625798a33254610e8.tar.gz |
Update chrony to version 1.31.1. For a full list of changes
since 1.29 see file NEWS in the distfile.
Security fixes since 1.29:
* Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021)
(incompatible with previous protocol version, chronyc supports both)
* Protect authenticated symmetric NTP associations against DoS attacks
(CVE-2015-1799)
* Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
* Fix initialization of reply slots for authenticated commands (CVE-2015-1822)
Diffstat (limited to 'net')
-rw-r--r-- | net/chrony/Makefile | 8 | ||||
-rw-r--r-- | net/chrony/distinfo | 21 | ||||
-rw-r--r-- | net/chrony/patches/patch-Makefile.in (renamed from net/chrony/patches/patch-aa) | 12 | ||||
-rw-r--r-- | net/chrony/patches/patch-ab | 34 | ||||
-rw-r--r-- | net/chrony/patches/patch-ac | 14 | ||||
-rw-r--r-- | net/chrony/patches/patch-ag | 15 | ||||
-rw-r--r-- | net/chrony/patches/patch-conf.c (renamed from net/chrony/patches/patch-ad) | 2 | ||||
-rw-r--r-- | net/chrony/patches/patch-examples_chrony.conf.example (renamed from net/chrony/patches/patch-ae) | 6 | ||||
-rw-r--r-- | net/chrony/patches/patch-examples_chrony.keys.example (renamed from net/chrony/patches/patch-af) | 4 | ||||
-rw-r--r-- | net/chrony/patches/patch-ntp__io.c | 14 |
10 files changed, 33 insertions, 97 deletions
diff --git a/net/chrony/Makefile b/net/chrony/Makefile index 8bf9e272f95..f211861c50b 100644 --- a/net/chrony/Makefile +++ b/net/chrony/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.29 2013/08/16 08:30:20 hannken Exp $ +# $NetBSD: Makefile,v 1.30 2015/04/13 10:03:21 hannken Exp $ -DISTNAME= chrony-1.29 +DISTNAME= chrony-1.31.1 CATEGORIES= net MASTER_SITES= http://download.tuxfamily.org/chrony/ @@ -32,8 +32,8 @@ SUBST_STAGE.paths= post-patch post-install: set -e; for file in ${EGFILES}; do \ - ${INSTALL_DATA} ${WRKSRC}/examples/$${file} \ - ${DESTDIR}${EGDIR}/$${file}; \ + ${INSTALL_DATA} "${WRKSRC}/examples/$${file}" \ + "${DESTDIR}${EGDIR}/$${file}"; \ done .include "../../mk/readline.buildlink3.mk" diff --git a/net/chrony/distinfo b/net/chrony/distinfo index a7852698578..5afbcb8c2ab 100644 --- a/net/chrony/distinfo +++ b/net/chrony/distinfo @@ -1,13 +1,10 @@ -$NetBSD: distinfo,v 1.9 2013/08/31 14:53:45 joerg Exp $ +$NetBSD: distinfo,v 1.10 2015/04/13 10:03:21 hannken Exp $ -SHA1 (chrony-1.29.tar.gz) = 442fb7d62a6f23bf1057864a3dbdfa55e1b6eb35 -RMD160 (chrony-1.29.tar.gz) = 53518efdd90c4695005d7cc929077985f16887d7 -Size (chrony-1.29.tar.gz) = 392880 bytes -SHA1 (patch-aa) = c28f5b7ff6c3ebc67b68d574c1b10bd54334b6a3 -SHA1 (patch-ab) = 1af7c5699147d4c05165c4e1f90bf127814511ce -SHA1 (patch-ac) = 5830215f11573ca88541f661fffb17365e7d206c -SHA1 (patch-ad) = df47df974995f9f947b731a4812fb7633fd874a4 -SHA1 (patch-ae) = 133e90d0614ef5961305b952d9a7a4047a2edcc7 -SHA1 (patch-af) = 43c5e0f14aa8a980af83ba4ea5691705a4738064 -SHA1 (patch-ag) = 165daaab8507cca8b29a61af576711c0ec05a3a6 -SHA1 (patch-ntp__io.c) = 9b9503cf63fba28f57aa6da9020ca02b5d198bf9 +SHA1 (chrony-1.31.1.tar.gz) = 8e92871e164dad89b315a5dda99d94ff7b31770a +RMD160 (chrony-1.31.1.tar.gz) = 7dd53fb95c1ecf30099bb580adeccd1a808c4dff +Size (chrony-1.31.1.tar.gz) = 395797 bytes +SHA1 (patch-Makefile.in) = 28abbbf1cfd037f018a92c3827642e749fd8768a +SHA1 (patch-conf.c) = df47df974995f9f947b731a4812fb7633fd874a4 +SHA1 (patch-examples_chrony.conf.example) = ed17d749b1e4ad1c168da7a0393ef35a5e68aac0 +SHA1 (patch-examples_chrony.keys.example) = 5be7672dc40a1a1cb4451db05a4318185ef4f4d2 +SHA1 (patch-ntp__io.c) = edd1b5cf49fc24d3bfed128cd686b17633335a4d diff --git a/net/chrony/patches/patch-aa b/net/chrony/patches/patch-Makefile.in index f825d251641..cc6d03713e2 100644 --- a/net/chrony/patches/patch-aa +++ b/net/chrony/patches/patch-Makefile.in @@ -1,13 +1,13 @@ -$NetBSD: patch-aa,v 1.5 2013/08/16 08:30:20 hannken Exp $ +$NetBSD: patch-Makefile.in,v 1.1 2015/04/13 10:03:21 hannken Exp $ Adapt install target for pkgsrc. ---- Makefile.in.orig 2013-08-08 13:58:07.000000000 +0000 +--- Makefile.in.orig 2015-04-07 14:35:16.000000000 +0000 +++ Makefile.in -@@ -93,35 +93,17 @@ getdate : +@@ -96,35 +96,15 @@ getdate : # seem to vary between systems. - install: chronyd chronyc + install: chronyd chronyc chrony.txt - [ -d $(DESTDIR)$(SYSCONFDIR) ] || mkdir -p $(DESTDIR)$(SYSCONFDIR) - [ -d $(DESTDIR)$(SBINDIR) ] || mkdir -p $(DESTDIR)$(SBINDIR) - [ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR) @@ -15,8 +15,8 @@ Adapt install target for pkgsrc. - [ -d $(DESTDIR)$(MANDIR)/man1 ] || mkdir -p $(DESTDIR)$(MANDIR)/man1 - [ -d $(DESTDIR)$(MANDIR)/man5 ] || mkdir -p $(DESTDIR)$(MANDIR)/man5 - [ -d $(DESTDIR)$(MANDIR)/man8 ] || mkdir -p $(DESTDIR)$(MANDIR)/man8 - [ -d $(DESTDIR)$(DOCDIR) ] || mkdir -p $(DESTDIR)$(DOCDIR) - [ -d $(DESTDIR)$(CHRONYVARDIR) ] || mkdir -p $(DESTDIR)$(CHRONYVARDIR) +- [ -d $(DESTDIR)$(DOCDIR) ] || mkdir -p $(DESTDIR)$(DOCDIR) +- [ -d $(DESTDIR)$(CHRONYVARDIR) ] || mkdir -p $(DESTDIR)$(CHRONYVARDIR) - if [ -f $(DESTDIR)$(SBINDIR)/chronyd ]; then rm -f $(DESTDIR)$(SBINDIR)/chronyd ; fi - if [ -f $(DESTDIR)$(BINDIR)/chronyc ]; then rm -f $(DESTDIR)$(BINDIR)/chronyc ; fi - cp chronyd $(DESTDIR)$(SBINDIR)/chronyd diff --git a/net/chrony/patches/patch-ab b/net/chrony/patches/patch-ab deleted file mode 100644 index 00fdce9abe9..00000000000 --- a/net/chrony/patches/patch-ab +++ /dev/null @@ -1,34 +0,0 @@ -$NetBSD: patch-ab,v 1.5 2013/08/16 08:30:20 hannken Exp $ - -The ctype functions work on integers. - ---- cmdparse.c.orig 2013-08-08 13:58:07.000000000 +0000 -+++ cmdparse.c -@@ -203,7 +203,7 @@ CPS_NormalizeLine(char *line) - - /* Remove white-space at beginning and replace white-spaces with space char */ - for (p = q = line; *p; p++) { -- if (isspace(*p)) { -+ if (isspace((unsigned char)(*p))) { - if (!space) - *q++ = ' '; - space = 1; -@@ -233,15 +233,15 @@ CPS_SplitWord(char *line) - char *p = line, *q = line; - - /* Skip white-space before the word */ -- while (*q && isspace(*q)) -+ while (*q && isspace((unsigned char)(*q))) - q++; - - /* Move the word to the beginning */ -- while (*q && !isspace(*q)) -+ while (*q && !isspace((unsigned char)(*q))) - *p++ = *q++; - - /* Find the next word */ -- while (*q && isspace(*q)) -+ while (*q && isspace((unsigned char)(*q))) - q++; - - *p = '\0'; diff --git a/net/chrony/patches/patch-ac b/net/chrony/patches/patch-ac deleted file mode 100644 index 4f3acb3e40d..00000000000 --- a/net/chrony/patches/patch-ac +++ /dev/null @@ -1,14 +0,0 @@ -$NetBSD: patch-ac,v 1.5 2013/08/16 08:30:20 hannken Exp $ - -Remove unused variable. - ---- sys_netbsd.c.orig 2013-08-08 13:58:07.000000000 +0000 -+++ sys_netbsd.c -@@ -281,7 +281,6 @@ SYS_NetBSD_Initialise(void) - }; - - kvm_t *kt; -- FILE *fp; - - kt = kvm_open(NULL, NULL, NULL, O_RDONLY, NULL); - if (!kt) { diff --git a/net/chrony/patches/patch-ag b/net/chrony/patches/patch-ag deleted file mode 100644 index a2569ac370b..00000000000 --- a/net/chrony/patches/patch-ag +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-ag,v 1.4 2013/08/16 08:30:20 hannken Exp $ - -The ctype functions work on integers. - ---- getdate.c.orig 2013-08-08 13:58:07.000000000 +0000 -+++ getdate.c -@@ -2547,7 +2547,7 @@ LookupWord (buff) - /* Make it lowercase. */ - for (p = buff; *p; p++) - if (ISUPPER ((unsigned char) *p)) -- *p = tolower (*p); -+ *p = tolower ((unsigned char)(*p)); - - if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0) - { diff --git a/net/chrony/patches/patch-ad b/net/chrony/patches/patch-conf.c index f0f8a81ba1a..3f69b4daaf6 100644 --- a/net/chrony/patches/patch-ad +++ b/net/chrony/patches/patch-conf.c @@ -1,4 +1,4 @@ -$NetBSD: patch-ad,v 1.4 2013/08/16 08:30:20 hannken Exp $ +$NetBSD: patch-conf.c,v 1.1 2015/04/13 10:03:21 hannken Exp $ Prepare for SUBST, not processed by configure. diff --git a/net/chrony/patches/patch-ae b/net/chrony/patches/patch-examples_chrony.conf.example index 99d84fe8027..c933f37de7d 100644 --- a/net/chrony/patches/patch-ae +++ b/net/chrony/patches/patch-examples_chrony.conf.example @@ -1,8 +1,8 @@ -$NetBSD: patch-ae,v 1.5 2013/08/16 08:30:20 hannken Exp $ +$NetBSD: patch-examples_chrony.conf.example,v 1.1 2015/04/13 10:03:21 hannken Exp $ Prepare for SUBST, not processed by configure. ---- examples/chrony.conf.example.orig 2013-08-08 13:58:07.000000000 +0000 +--- examples/chrony.conf.example.orig 2015-04-07 14:35:16.000000000 +0000 +++ examples/chrony.conf.example @@ -1,7 +1,7 @@ ####################################################################### @@ -31,7 +31,7 @@ Prepare for SUBST, not processed by configure. # Tell chronyd which numbered key in the file is used as the password # for chronyc. (You can pick any integer up to 2**32-1. '1' is just a -@@ -129,7 +129,7 @@ commandkey 1 +@@ -132,7 +132,7 @@ generatecommandkey # still running and bail out. If you want to change the path to the PID # file, uncomment this line and edit it. The default path is shown. diff --git a/net/chrony/patches/patch-af b/net/chrony/patches/patch-examples_chrony.keys.example index 250291b4831..27ff10aec3c 100644 --- a/net/chrony/patches/patch-af +++ b/net/chrony/patches/patch-examples_chrony.keys.example @@ -1,8 +1,8 @@ -$NetBSD: patch-af,v 1.4 2013/08/16 08:30:20 hannken Exp $ +$NetBSD: patch-examples_chrony.keys.example,v 1.1 2015/04/13 10:03:21 hannken Exp $ Prepare for SUBST, not processed by configure. ---- examples/chrony.keys.example.orig 2013-08-08 13:58:07.000000000 +0000 +--- examples/chrony.keys.example.orig 2015-04-07 14:35:16.000000000 +0000 +++ examples/chrony.keys.example @@ -1,6 +1,6 @@ ####################################################################### diff --git a/net/chrony/patches/patch-ntp__io.c b/net/chrony/patches/patch-ntp__io.c index 54652f69751..0f33ef74c43 100644 --- a/net/chrony/patches/patch-ntp__io.c +++ b/net/chrony/patches/patch-ntp__io.c @@ -1,9 +1,11 @@ -$NetBSD: patch-ntp__io.c,v 1.1 2013/08/31 14:53:45 joerg Exp $ +$NetBSD: patch-ntp__io.c,v 1.2 2015/04/13 10:03:21 hannken Exp $ ---- ntp_io.c.orig 2013-08-31 11:51:32.000000000 +0000 +Don't use IP_PKTINFO on NetBSD. + +--- ntp_io.c.orig 2015-04-07 14:35:16.000000000 +0000 +++ ntp_io.c -@@ -350,7 +350,7 @@ read_from_socket(void *anything) - } +@@ -506,7 +506,7 @@ read_from_socket(void *anything) + local_addr.sock_fd = sock_fd; for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { -#ifdef IP_PKTINFO @@ -11,12 +13,12 @@ $NetBSD: patch-ntp__io.c,v 1.1 2013/08/31 14:53:45 joerg Exp $ if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_PKTINFO) { struct in_pktinfo ipi; -@@ -449,7 +449,7 @@ send_packet(void *packet, int packetlen, +@@ -623,7 +623,7 @@ send_packet(void *packet, int packetlen, msg.msg_flags = 0; cmsglen = 0; -#ifdef IP_PKTINFO +#if defined(IP_PKTINFO) && !defined(__NetBSD__) - if (remote_addr->local_ip_addr.family == IPADDR_INET4) { + if (local_addr->ip_addr.family == IPADDR_INET4) { struct cmsghdr *cmsg; struct in_pktinfo *ipi; |