| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
MFH: 2024Q2
|
| |
|
|
|
|
|
|
|
|
| |
Fix build for hopf6021 and wharton reference clocks.
No PORTREVISION bump is needed since both reference clocks are not
built by default.
Fixes: de4864bd361e
MFH: 2023Q2
|
| |
|
|
|
| |
MFH: 2023Q2
Security: NtpBug3767, NtpBug3808, NtpBug3807 (CVE-2023-26555)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Restore ntp to prior to the ASLR mitigations applied.
When ASLR and subsequently PIE were committed to the FreeBSD kernel, ntpd
would segfault due to insufficient stack. This was because stack gap was
not taken into account by applications requesting stack and/or memory
limits. (BTW, this problem also affected firefox and thunderbird.)
This subsequently caused disabling of rlimit memlock, which could not be
avoided under the previous implementation of ASLR:
Cannot set RLIMIT_MEMLOCK: Operation not permitted
Since then a number of improvments to ASLR stack gap implementation have
rendered the mitigations unnecessary. The mitigations initially developed
here at FreeBSD were subsequently upstreamed (noticed by the folks at
nwtime.org and automatically upstreamed). The mitigations have been
reversed in the base system. This patch reverses the ASLR mitigations in
the port as well.
PR: 262031
Reported by: p5B2E9A8F@t-online.de
|
| |
|
|
|
|
|
|
| |
Fix stackgap build on older FreeBSD.
PR: 261491
Reported by: tomasz.sowinski@nucleus.malbork.pl
MFH: 2022Q1
|
| |
|
|
|
|
|
|
| |
There should be no minimum to 1300524.
Reported by: Scott Allendorf <scott-allendorf@uiowa.edu>
Fixes: a6e356e8f50f92acbdec6156c068e768d1835591
MFH: 2022Q1
|
| |
|
|
|
|
|
| |
As stack gap mitigations have been MFCed to stable/13, reverse
"Disable ntpd stack gap" for __FreeBSD_version < 1300524 too.
MFH: 2022Q1
|
| |
|
|
|
|
|
| |
__FreeBSD_version < 1400038 is more appropriate as it follows the
commit to resolve setrlimit(2) segfaults.
MFH: 2021Q4
|
| |
|
|
|
|
|
|
| |
Only Reverse "Disable ntpd stack gap" for __FreeBSD_version < 1400037
for now until the next __FreeBSD_version bump.
Reported by: kevans
MFH: 2021Q4
|
| |
|
|
|
|
|
|
|
|
|
|
| |
120137c822c9697c19cf94461f436f8ccc372d24 (svn r517694) disabled ntpd
ASLR stack gap, which caused ntpd to segfault. (The patch in
120137c822c9697c19cf94461f436f8ccc372d24 was subsequently submitted
to nwtime.org for inclusion into upstream ntp.) src commit
889b56c8cd84c9a9f2d9e3b019c154d6f14d9021 addressed the underlying cause
for the setrlimit segfault negating the need for this workaround. This
commit removes the workaround.
MFH: 2021Q4 (after a month)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
NTP is developed using the bitkeeper VCS. checkHtmlFileDates, uses
bitkeeper metadata to alter dates in html files. This results in
a bunch of *.old files installed in ${STAGEDIR}. As the distribution
tarball contains no bitkeeper metadata, no dates are updated at the
cost of failed build. This patch teaches scripts/build/checkHtmlFileDates
to act as if bitkeeper is not installed regardless of bitkeeper's
installatikon status.
MFH: 2021Q4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: Systems that use a CMAC algorithm in ntp.keys will not release
a bit of memory on each packet that uses a CMAC keyid, eventually causing
ntpd to run out of memory and fail. The CMAC cleanup from
https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby
the CMAC data structure was no longer completely removed.
MFH: 2020Q3
Security: NTP Bug 3661
Notes:
svn path=/head/; revision=540010
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Only a small nit here: psl should be declared extern and defined exactly
once.
-fno-common will become the default in GCC10/LLVM11.
Obtained from: src r359676 (kevans)
MFH: 2020Q2
Notes:
svn path=/head/; revision=531028
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet.
MFH: 2020Q2
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592
Notes:
svn path=/head/; revision=527800
|
| |
|
|
|
|
|
| |
is disabled by default.
Notes:
svn path=/head/; revision=519022
|
| |
|
|
|
|
|
|
|
|
|
|
| |
PR: 241421, 241960
Reported by: Vladimir Zakharov <zakharov.vv@gmail.com>,
dewayne@heuristicsystems.com.au
Reviewed by: kib, imp (previous version), ian (suggestion)
MFH: 2019Q4
Differential Revision: https://reviews.freebsd.org/D22358
Notes:
svn path=/head/; revision=517694
|
| |
|
|
|
|
|
| |
ntpd/ntpd.c.
Notes:
svn path=/head/; revision=515926
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Follow up on ports r511987 (base r352304) which disabled default
mlockall() at startup. Unfortunately though the original tarball
supports this in ./configure (for Linux), to fully support disabling
of mlockall() by default requires a little extra help otherwise the
following is logged in syslog:
Cannot set RLIMIT_MEMLOCK: Operation not permitted
Notes:
svn path=/head/; revision=512433
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
wish to restore historic BSD behaviour can add the following to ntp.conf:
rlimit memlock 32
Discussed on: freebsd-current@ between Sept 6-9, 2019
Mentioned in Differential Revision:
https://reviews.freebsd.org/D21581
Notes:
svn path=/head/; revision=511987
|
| |
|
|
|
|
|
| |
(and missed 3 missed files from previous categories.)
Notes:
svn path=/head/; revision=508903
|
| |
|
|
| |
Notes:
svn path=/head/; revision=494931
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
sysrc.
mat@ suggested this however as I'm not enamoured with sysrc, it has
been added as annother approach to add/edit rc.conf variables.
Reported by: mat@
MFH: 2018Q3
Notes:
svn path=/head/; revision=479083
|
| |
|
|
|
|
|
|
| |
Reported by: Herbert J. Skuhra <herbert@gojira.at>
MFH: 2018Q3
Notes:
svn path=/head/; revision=478840
|
| |
|
|
|
|
|
|
|
|
| |
instead of base ntp.
Reported by: adamw
MFH: 2018Q3
Notes:
svn path=/head/; revision=478512
|
| |
|
|
|
|
|
| |
MFH: 2018Q3
Notes:
svn path=/head/; revision=477703
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These changes add support for running ntpd as non-root, and improve support
for the --jaildir (chroot) option when running on freebsd. These correspond
to the changes made in the base system with r336525.
The new patches in this change are exactly what was submitted upstream in
https://bugs.ntp.org/show_bug.cgi?id=3509
Approved by: cy@
Differential Revision: https://reviews.freebsd.org/D16396
Notes:
svn path=/head/; revision=475132
|
| |
|
|
|
|
|
| |
PR: 223819
Notes:
svn path=/head/; revision=460670
|
| |
|
|
| |
Notes:
svn path=/head/; revision=436756
|
| |
|
|
|
|
|
| |
a file documented in volume 5.
Notes:
svn path=/head/; revision=435660
|
| |
|
|
| |
Notes:
svn path=/head/; revision=434561
|
| |
|
|
|
|
|
|
| |
PR: 215323
Submitted by: naddy
Notes:
svn path=/head/; revision=428634
|
| |
|
|
|
|
|
|
|
|
| |
in base.
Submitted by: Steve Kargl <sgk@troutmask.apl.washington.edu>
Discussed with: bjk@
Notes:
svn path=/head/; revision=420753
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ntp links against gettext (libintl) if it is installed on the system:
- Add an NLS OPTION to explicitly enable, disable and track libintl dependency
- Add DEBUG and THREADS OPTIONS. Keep the latter enabled by OPTIONS_DEFAULT to
preserve compatibility with existing behaviour.
- Explicitly pass OpenSSL include / library dir paths to configure
- Unsilence install command
- Enable verbose building (--disable-silent-rules)
- Use TOUCH variable instead of hardcoded command
- Add TEST_TARGET to enable test suite
- Patch sntp tests to ensure they link correctly to threading library
- Pet portlint (*_DEPENDS order, group USE{S} sections, sort OPTIONS)
Approved by: cy (maintainer)
Differential Revision: D4812
MFH: 2016Q1
Notes:
svn path=/head/; revision=405439
|
| |
|
|
| |
Notes:
svn path=/head/; revision=378414
|
| |
|
|
|
|
|
| |
Submitted by: delphij
Notes:
svn path=/head/; revision=375215
|
| |
|
|
|
|
|
| |
Submitted by: jmg (via twitter)
Notes:
svn path=/head/; revision=375210
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Security: VUXML: 4033d826-87dd-11e4-9079-3c970e169bc2
Security: http://www.kb.cert.org/vuls/id/852879
Security: CVE-2014-9293
Security CVE-2014-9294
Security CVE-2014-9295
Security CVE-2014-9296
Notes:
svn path=/head/; revision=374987
|
| |
|
|
|
|
|
|
| |
Submitted by: Harlan Stenn <stenn@nwtime.org> - ntp.org upline
Also Obtained from: ntp in base (r265465)
Notes:
svn path=/head/; revision=370263
|
| |
|
|
|
|
|
| |
Submitted by: Nick Sayer <nsayer@kfu.com>`
Notes:
svn path=/head/; revision=256044
|
| |
|
|
| |
Notes:
svn path=/head/; revision=246463
|
| |
|
|
|
|
|
| |
PR: ports/134755
Notes:
svn path=/head/; revision=234422
|
| |
|
|
| |
Notes:
svn path=/head/; revision=174655
|
| |
|
|
|
|
|
| |
PR: 103808
Notes:
svn path=/head/; revision=174570
|
| |
|
|
| |
Notes:
svn path=/head/; revision=166198
|
| |
|
|
|
|
|
|
|
| |
the port to build again.
Reminded by: ru
Notes:
svn path=/head/; revision=107652
|
| |
|
|
|
|
|
|
|
| |
commit fixes that error.
Reported by: bento
Notes:
svn path=/head/; revision=99136
|
| |
|
|
| |
Notes:
svn path=/head/; revision=92663
|
| |
|
|
| |
Notes:
svn path=/head/; revision=69167
|
| |
|
|
|
|
|
|
|
|
| |
C-DEX JST2000.
Submitted by: nork
Reviewed by: Harlan Stenn <stenn@whimsy.udel.edu>
Notes:
svn path=/head/; revision=62872
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2. Change MAINTAINER from my work email address to my FreeBSD.org
email address.
3. Patch to optionally enable RAWDCF (DCF77 raw time code).
Obtained from: Harlan Stenn <stenn@whimsy.udel.edu>
Reviewed by: nectar
Notes:
svn path=/head/; revision=52385
|
