d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
164,310 Commits 72 Branches 135 Tags 3.2 GiB
a9b3947837
Commit Graph

53 Commits

Author SHA1 Message Date
Bjoern A. Zeeb
a9b3947837 Compare port numbers correctly. They are stored by SRCPORT() 
in host byte order, so we need to compare them as such.
Properly compare IPv6 addresses as well.

This allows the, by default, 8 badaddrs slots per address
family to work correctly and only print sendto() errors once.

The change is no longer applicable to any latest upstream versions.

Approved by:	roberto
Sponsored by:	Sandvine Incorporated
MFC after:	1 week
 2011-06-28 09:46:25 +00:00
Bjoern A. Zeeb
541ab6a6c5 The argument to setsockopt for IP_MULTICAST_LOOP depends on operating 
system and is decided upon by configure and could be an u_int or a
u_char.  For FreeBSD it is a u_char.

For IPv6 however RFC 3493, 5.2 defines the argument to
IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always
use that using a second variable for the IPV6 case.
This is to get rid of these error messages every 5 minutes on some
systems:
ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument
  on socket 22, addr fe80::... for multicast address ff02::101

While here also fix the copy&paste error in the log message for
IPV6_MULTICAST_LOOP.

Reviewed by:	roberto
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	10 days
Filed as:	Bug 1936 on ntp.org
 2011-05-29 07:40:48 +00:00
Ollivier Robert
eb6d21b4ca Merge 4.2.4p8 into contrib (r200452 & r200454). 
Subversion is being difficult here so take a hammer and get it in.

MFC after:		2 weeks
Security:		CVE-2009-3563
 2009-12-15 14:58:10 +00:00
Hajimu UMEMOTO
0fa2c497a6 Don't try to bind to an anycast addeess. The KAME IPv6 stack doesn't 
allow bind to an anycast addeess.  It does away with an annoying
message.

Reviewed by:	bz, roberto
MFC after:	2 weeks
 2009-12-01 16:07:50 +00:00
Colin Percival
7d845dde8d Remove build timestamps from the following files: 
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc

There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.

After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).

Reviewed by:	scottl (hptrr), gshapiro (sendmail), simon (openssl),
		roberto (ntp), jkim (acpica)
Approved by:	re (kib)
 2009-07-11 22:30:37 +00:00
Colin Percival
9a1bde1808 Prevent integer overflow in direct pipe write code from circumventing 
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
 2009-06-10 10:31:11 +00:00
Ollivier Robert
0963cc7dac Merge r191298 into HEAD. 
Prevent a buffer overflow in ntpq.  Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.

It will be MFH to the upcoming 7.2 pending re approval.

Obtained from:  https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after:      3 days
Security:       http://www.securityfocus.com/bid/34481
                CVE-2009-0159
 2009-04-20 09:59:08 +00:00
Simon L. B. Nielsen
2568138fcd Correct ntpd(8) cryptographic signature bypass [SA-09:04]. 
Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
 2009-01-13 21:19:27 +00:00
Ollivier Robert
f8b329f0ed Merge from vendor/ntp/dist: r182856: 
Apply updated patch from bin/92839 to avoid two possible buffer overflows.

PR:		bin/92839
Submitted by:	Helge Oldach <freebsdntpd@oldach.net>
 2008-09-07 22:15:41 +00:00
Ollivier Robert
ea906c4152 Merge ntpd & friends 4.2.4p5 from vendor/ntp/dist into head. Next commit 
will update usr.sbin/ntp to match this.

MFC after:	2 weeks
 2008-08-22 15:58:00 +00:00
Ollivier Robert
0814f601e6 Move FREEBSD-upgrade as well. 2008-08-18 14:37:44 +00:00
Ollivier Robert
7d7bbd7429 Move FREEBSD-Xlist in a more proper location. 2008-08-18 14:36:57 +00:00
Ollivier Robert
cce65f4396 Flatten the dist and various 4.n.n trees in preparation of future ntp imports. 2008-08-17 17:37:33 +00:00
Ollivier Robert
8c24a1e0ff Fix compilation with gcc 4.1. This is imported on the vendor branch as it 
was applied in the mainstream source and a later complete import of
4.2.2p3 will complete the fix.

Submitted by:	kan
 2006-09-28 16:02:34 +00:00
Ollivier Robert
3fa694fea6 This commit was generated by cvs2svn to compensate for changes in r162735, 
which included commits to RCS files with non-trunk default branches.
 2006-09-28 16:02:34 +00:00
Ollivier Robert
b9bb0f5d00 Merge from the main BK repository for ntp: put two midly annoying messages 
under #ifdef DEBUG. Merge of revision 1.45 by H. Stenn.

Done on the vendor branch to minimise future imports.

Reminded by:	obrien
 2004-12-06 14:33:29 +00:00
Ollivier Robert
0003d12e46 This commit was generated by cvs2svn to compensate for changes in r138451, 
which included commits to RCS files with non-trunk default branches.
 2004-12-06 14:33:29 +00:00
Ollivier Robert
5e91a9b700 The following patch has been taken from the ntp-stable vendor branch. 
Put everything OpenSSL related between #ifdef OPENSSL..#endif.

This also fixes bugs #252, #275 & #293.

See
<http://ntp.bkbits.net:8080/ntp-stable/hist/util/ntp-keygen.c?nav=index.html|src/+|src/util>
for reference.

Submitted by:	Marius Strobl <marius@alchemy.franken.de>
 2004-07-22 09:16:04 +00:00
Ollivier Robert
afe2c78208 This commit was generated by cvs2svn to compensate for changes in r132536, 
which included commits to RCS files with non-trunk default branches.
 2004-07-22 09:16:04 +00:00
Ollivier Robert
a6feea2410 Remove an extra '}'. 2004-07-20 15:51:00 +00:00
Ollivier Robert
95d51a965d Update information on build/import. 2004-07-20 15:25:19 +00:00
Ollivier Robert
f0adf7f5cd Merge conflicts. 
Lots of added files, some removed and quite a large number of renames :(
 2004-07-20 15:19:51 +00:00
Ollivier Robert
4a0fa52fa0 Merge conflicts (see also previous commit). 
Reinsert our local changes to ntp_control.c:

1.4:    Do not log every potential exploit attempt since a denial-of-service
        may result
1.5:    int -> unsigned char fixes
 2004-07-20 15:18:31 +00:00
Ollivier Robert
9ab5ee2e96 Revert this file to the vendor version, we don't need to have our own 
version of it.  Will help further upgrades.
 2004-07-20 15:15:00 +00:00
Ollivier Robert
9c2daa00c2 Virgin import of ntpd 4.2.0 2004-07-20 15:01:56 +00:00
Ollivier Robert
3e986f5ba8 This commit was generated by cvs2svn to compensate for changes in r132451, 
which included commits to RCS files with non-trunk default branches.
 2004-07-20 15:01:56 +00:00
Ollivier Robert
c9be7fa5ce Merge conflicts. 
MFC after:	1 month
 2002-11-04 19:38:46 +00:00
Ollivier Robert
ba371819a7 Virgin import of ntpd 4.1.1b 2002-11-04 19:36:11 +00:00
Ollivier Robert
f8bf23591a This commit was generated by cvs2svn to compensate for changes in r106424, 
which included commits to RCS files with non-trunk default branches.
 2002-11-04 19:36:11 +00:00
Ollivier Robert
bd921852dc Update for 4.1.1a. 
Tested on:	Sparc64 (panther), Alpha (beast) & i386
 2002-10-29 20:30:43 +00:00
Ollivier Robert
eaabcee53b Remove files not present in 4.1.1a import. 2002-10-29 20:11:45 +00:00
Ollivier Robert
dab0d83382 This commit was generated by cvs2svn to compensate for changes in r106167, 
which included commits to RCS files with non-trunk default branches.
 2002-10-29 20:11:45 +00:00
Ollivier Robert
8fe9403f63 Merge conflicts. 
MFC after:	1 month
 2002-10-29 20:04:27 +00:00
Ollivier Robert
ce265a549d Virgin import of ntpd 4.1.1a 2002-10-29 19:58:12 +00:00
Ollivier Robert
17de533074 This commit was generated by cvs2svn to compensate for changes in r106163, 
which included commits to RCS files with non-trunk default branches.
 2002-10-29 19:58:12 +00:00
Ollivier Robert
5364982f9f Merge after 4.1.0 import. 2001-08-29 15:15:59 +00:00
Ollivier Robert
9893808986 Update for 4.1.0 import. 2001-08-29 15:02:12 +00:00
Ollivier Robert
ced70873ca Redo the int -> unsigned changes jedgar did. It should have been submitted 
back but it was off the vendor branch anyway so...
 2001-08-29 15:01:06 +00:00
Ollivier Robert
224ba2bd37 Virgin import of ntpd 4.1.0 2001-08-29 14:35:15 +00:00
Ollivier Robert
9df3f33935 This commit was generated by cvs2svn to compensate for changes in r82498, 
which included commits to RCS files with non-trunk default branches.
 2001-08-29 14:35:15 +00:00
Chris D. Faulhaber
0873af5d5f Do not log every potential exploit attempt since a denial-of-service 
may result.
 2001-04-06 14:34:15 +00:00
Chris D. Faulhaber
12695b686a - Correct off-by-one error and buffer underflow from previous fix 
- int -> unsigned char fixes

Submitted by:	ache, dillon, Mark Andrews, et.al. (on -security)
 2001-04-06 14:15:38 +00:00
Poul-Henning Kamp
0cad4cb4e6 Fix a potential ROOT-exploit in NTPD. 
PR:		26358
Reviewed by:	dima
 2001-04-04 23:07:22 +00:00
Ollivier Robert
1c80946020 Fix potential alignement problems on Alpha + IPv6. 
This is done on the vendor branch to avoid spamming the tree. It has been
sent to the NTP maintainers already.

Submitted by:	shin
 2000-03-03 17:06:31 +00:00
Ollivier Robert
8938a0f430 This commit was generated by cvs2svn to compensate for changes in r57738, 
which included commits to RCS files with non-trunk default branches.
 2000-03-03 17:06:31 +00:00
Ollivier Robert
0567936b95 Update for ntp 4.0.99b. 2000-01-28 15:13:45 +00:00
Ollivier Robert
b073df1269 Merge conflicts with the import of 4.0.99b. 2000-01-28 15:02:35 +00:00
Ollivier Robert
a151a66c2a Virgin import of ntpd 4.0.99b 2000-01-28 14:55:50 +00:00
Ollivier Robert
4edd720b8a This commit was generated by cvs2svn to compensate for changes in r56746, 
which included commits to RCS files with non-trunk default branches.
 2000-01-28 14:55:50 +00:00
Ollivier Robert
f055f4f966 This is the list of files excluded from the original tarball. 
Reviewed by:	peter, obrien
 1999-12-09 13:26:04 +00:00