Commit Graph

51 Commits

Author SHA1 Message Date
Ollivier Robert
eb6d21b4ca Merge 4.2.4p8 into contrib (r200452 & r200454).
Subversion is being difficult here so take a hammer and get it in.

MFC after:		2 weeks
Security:		CVE-2009-3563
2009-12-15 14:58:10 +00:00
Hajimu UMEMOTO
0fa2c497a6 Don't try to bind to an anycast addeess. The KAME IPv6 stack doesn't
allow bind to an anycast addeess.  It does away with an annoying
message.

Reviewed by:	bz, roberto
MFC after:	2 weeks
2009-12-01 16:07:50 +00:00
Colin Percival
7d845dde8d Remove build timestamps from the following files:
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc

There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.

After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).

Reviewed by:	scottl (hptrr), gshapiro (sendmail), simon (openssl),
		roberto (ntp), jkim (acpica)
Approved by:	re (kib)
2009-07-11 22:30:37 +00:00
Colin Percival
9a1bde1808 Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]

Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]

Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]

Approved by:	so (cperciva)
Approved by:	re (not really, but SVN wants this...)
Security:	FreeBSD-SA-09:09.pipe
Security:	FreeBSD-SA-09:10.ipv6
Security:	FreeBSD-SA-09:11.ntpd
2009-06-10 10:31:11 +00:00
Ollivier Robert
0963cc7dac Merge r191298 into HEAD.
Prevent a buffer overflow in ntpq.  Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.

It will be MFH to the upcoming 7.2 pending re approval.

Obtained from:  https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after:      3 days
Security:       http://www.securityfocus.com/bid/34481
                CVE-2009-0159
2009-04-20 09:59:08 +00:00
Simon L. B. Nielsen
2568138fcd Correct ntpd(8) cryptographic signature bypass [SA-09:04].
Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].

Security:	FreeBSD-SA-09:03.ntpd
Security:	FreeBSD-SA-09:04.bind
Obtained from:	ISC [SA-09:04]
Approved by:	so (simon)
2009-01-13 21:19:27 +00:00
Ollivier Robert
f8b329f0ed Merge from vendor/ntp/dist: r182856:
Apply updated patch from bin/92839 to avoid two possible buffer overflows.

PR:		bin/92839
Submitted by:	Helge Oldach <freebsdntpd@oldach.net>
2008-09-07 22:15:41 +00:00
Ollivier Robert
ea906c4152 Merge ntpd & friends 4.2.4p5 from vendor/ntp/dist into head. Next commit
will update usr.sbin/ntp to match this.

MFC after:	2 weeks
2008-08-22 15:58:00 +00:00
Ollivier Robert
0814f601e6 Move FREEBSD-upgrade as well. 2008-08-18 14:37:44 +00:00
Ollivier Robert
7d7bbd7429 Move FREEBSD-Xlist in a more proper location. 2008-08-18 14:36:57 +00:00
Ollivier Robert
cce65f4396 Flatten the dist and various 4.n.n trees in preparation of future ntp imports. 2008-08-17 17:37:33 +00:00
Ollivier Robert
8c24a1e0ff Fix compilation with gcc 4.1. This is imported on the vendor branch as it
was applied in the mainstream source and a later complete import of
4.2.2p3 will complete the fix.

Submitted by:	kan
2006-09-28 16:02:34 +00:00
Ollivier Robert
3fa694fea6 This commit was generated by cvs2svn to compensate for changes in r162735,
which included commits to RCS files with non-trunk default branches.
2006-09-28 16:02:34 +00:00
Ollivier Robert
b9bb0f5d00 Merge from the main BK repository for ntp: put two midly annoying messages
under #ifdef DEBUG. Merge of revision 1.45 by H. Stenn.

Done on the vendor branch to minimise future imports.

Reminded by:	obrien
2004-12-06 14:33:29 +00:00
Ollivier Robert
0003d12e46 This commit was generated by cvs2svn to compensate for changes in r138451,
which included commits to RCS files with non-trunk default branches.
2004-12-06 14:33:29 +00:00
Ollivier Robert
5e91a9b700 The following patch has been taken from the ntp-stable vendor branch.
Put everything OpenSSL related between #ifdef OPENSSL..#endif.

This also fixes bugs #252, #275 & #293.

See
<http://ntp.bkbits.net:8080/ntp-stable/hist/util/ntp-keygen.c?nav=index.html|src/+|src/util>
for reference.

Submitted by:	Marius Strobl <marius@alchemy.franken.de>
2004-07-22 09:16:04 +00:00
Ollivier Robert
afe2c78208 This commit was generated by cvs2svn to compensate for changes in r132536,
which included commits to RCS files with non-trunk default branches.
2004-07-22 09:16:04 +00:00
Ollivier Robert
a6feea2410 Remove an extra '}'. 2004-07-20 15:51:00 +00:00
Ollivier Robert
95d51a965d Update information on build/import. 2004-07-20 15:25:19 +00:00
Ollivier Robert
f0adf7f5cd Merge conflicts.
Lots of added files, some removed and quite a large number of renames :(
2004-07-20 15:19:51 +00:00
Ollivier Robert
4a0fa52fa0 Merge conflicts (see also previous commit).
Reinsert our local changes to ntp_control.c:

1.4:    Do not log every potential exploit attempt since a denial-of-service
        may result
1.5:    int -> unsigned char fixes
2004-07-20 15:18:31 +00:00
Ollivier Robert
9ab5ee2e96 Revert this file to the vendor version, we don't need to have our own
version of it.  Will help further upgrades.
2004-07-20 15:15:00 +00:00
Ollivier Robert
9c2daa00c2 Virgin import of ntpd 4.2.0 2004-07-20 15:01:56 +00:00
Ollivier Robert
3e986f5ba8 This commit was generated by cvs2svn to compensate for changes in r132451,
which included commits to RCS files with non-trunk default branches.
2004-07-20 15:01:56 +00:00
Ollivier Robert
c9be7fa5ce Merge conflicts.
MFC after:	1 month
2002-11-04 19:38:46 +00:00
Ollivier Robert
ba371819a7 Virgin import of ntpd 4.1.1b 2002-11-04 19:36:11 +00:00
Ollivier Robert
f8bf23591a This commit was generated by cvs2svn to compensate for changes in r106424,
which included commits to RCS files with non-trunk default branches.
2002-11-04 19:36:11 +00:00
Ollivier Robert
bd921852dc Update for 4.1.1a.
Tested on:	Sparc64 (panther), Alpha (beast) & i386
2002-10-29 20:30:43 +00:00
Ollivier Robert
eaabcee53b Remove files not present in 4.1.1a import. 2002-10-29 20:11:45 +00:00
Ollivier Robert
dab0d83382 This commit was generated by cvs2svn to compensate for changes in r106167,
which included commits to RCS files with non-trunk default branches.
2002-10-29 20:11:45 +00:00
Ollivier Robert
8fe9403f63 Merge conflicts.
MFC after:	1 month
2002-10-29 20:04:27 +00:00
Ollivier Robert
ce265a549d Virgin import of ntpd 4.1.1a 2002-10-29 19:58:12 +00:00
Ollivier Robert
17de533074 This commit was generated by cvs2svn to compensate for changes in r106163,
which included commits to RCS files with non-trunk default branches.
2002-10-29 19:58:12 +00:00
Ollivier Robert
5364982f9f Merge after 4.1.0 import. 2001-08-29 15:15:59 +00:00
Ollivier Robert
9893808986 Update for 4.1.0 import. 2001-08-29 15:02:12 +00:00
Ollivier Robert
ced70873ca Redo the int -> unsigned changes jedgar did. It should have been submitted
back but it was off the vendor branch anyway so...
2001-08-29 15:01:06 +00:00
Ollivier Robert
224ba2bd37 Virgin import of ntpd 4.1.0 2001-08-29 14:35:15 +00:00
Ollivier Robert
9df3f33935 This commit was generated by cvs2svn to compensate for changes in r82498,
which included commits to RCS files with non-trunk default branches.
2001-08-29 14:35:15 +00:00
Chris D. Faulhaber
0873af5d5f Do not log every potential exploit attempt since a denial-of-service
may result.
2001-04-06 14:34:15 +00:00
Chris D. Faulhaber
12695b686a - Correct off-by-one error and buffer underflow from previous fix
- int -> unsigned char fixes

Submitted by:	ache, dillon, Mark Andrews, et.al. (on -security)
2001-04-06 14:15:38 +00:00
Poul-Henning Kamp
0cad4cb4e6 Fix a potential ROOT-exploit in NTPD.
PR:		26358
Reviewed by:	dima
2001-04-04 23:07:22 +00:00
Ollivier Robert
1c80946020 Fix potential alignement problems on Alpha + IPv6.
This is done on the vendor branch to avoid spamming the tree. It has been
sent to the NTP maintainers already.

Submitted by:	shin
2000-03-03 17:06:31 +00:00
Ollivier Robert
8938a0f430 This commit was generated by cvs2svn to compensate for changes in r57738,
which included commits to RCS files with non-trunk default branches.
2000-03-03 17:06:31 +00:00
Ollivier Robert
0567936b95 Update for ntp 4.0.99b. 2000-01-28 15:13:45 +00:00
Ollivier Robert
b073df1269 Merge conflicts with the import of 4.0.99b. 2000-01-28 15:02:35 +00:00
Ollivier Robert
a151a66c2a Virgin import of ntpd 4.0.99b 2000-01-28 14:55:50 +00:00
Ollivier Robert
4edd720b8a This commit was generated by cvs2svn to compensate for changes in r56746,
which included commits to RCS files with non-trunk default branches.
2000-01-28 14:55:50 +00:00
Ollivier Robert
f055f4f966 This is the list of files excluded from the original tarball.
Reviewed by:	peter, obrien
1999-12-09 13:26:04 +00:00
Ollivier Robert
4a3e65fbac Commit a fix several warnings on alpha for sysctlbyname arguments. It could
have resulted in stack corruption. A patch has been sent to the ntp author
for inclusion in next version.

Obtained from:	peter
1999-12-09 13:17:01 +00:00
Ollivier Robert
1d45332d46 Please all welcome the long-awaited upgrade from our ancient xntpd 3.4f
to a brand new and shiny ntpd 4.0.98f.

I got tired of waiting for 4.1.0 and there is the feature freeze deadline
so here it is. This is the contrib/ part of the upgrade. The Makefile glue
will be added very soon in usr.sbin.

It builds and runs on both i386 and alpha (Thanks Peter!).

The bad news is that manpages no longer exist, everything is in HTML. I'll
commit the text version of each HTML file in /usr/share/doc/ntp soon to have
at least the help files w/o needing to get the entire contrib/ntp tree.

I'll commit FREEBSD-Xlist as soon as I can skip over $FreeBSD$ checks...

Reviewed by:	peter, obrien
Pushed by:	phk
1999-12-09 13:13:26 +00:00