ntp: update 4.2.8p6

QA error fix: ERROR: QA Issue: ntp: Files/directories were installed but not shipped in any package: /usr/libexec CVES addressed: Bug 2948 / CVE-2015-8158 Bug 2945 / CVE-2015-8138: origin: Zero Origin Timestamp Bypass Bug 2942 / CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode Bug 2940 / CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list Bug 2939 / CVE-2015-7977: reslist NULL pointer dereference Bug 2938 / CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames Bug 2937 / CVE-2015-7975: nextvar() missing length check Bug 2936 / CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers Bug 2935 / CVE-2015-7973: Deja Vu: Replay attack on authenticated broadcast mode Bug 2947 / CVE-2015-8140: ntpq vulnerable to replay attacks Bug 2946 / CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin NTP-4.2.8p5 NtpBug2956: Small-step/Big-step CVE-2015-5300 Bug #2829 Clean up pipe_fds in ntpd.c Bug #2887 stratum -1 config results as showing value 99. Bug #2932 Update leapsecond file info in miscopt.html. Bug #2934 tests/ntpd/t-ntp_scanner.c has a magic constant wired in. Bug #2944 errno is not preserved properly in ntpdate after sendto call. Bug #2952 peer associations were broken by the fix for NtpBug2901 CVE-2015-7704 Bug #2954 Version 4.2.8p4 crashes on startup on some OSes. Bug #2957 'unsigned int' vs 'size_t' format clash. Bug #2958 ntpq: fatal error messages need a final newline. Bug #2962 truncation of size_t/ptrdiff_t on 64bit targets. Bug #2965 Local clock didn't work since 4.2.8p4. Bug #2967 ntpdate command suffers an assertion failure Bug #2969 Seg fault from ntpq/mrulist when looking at server with lots of clients. Bug #2971 ntpq bails on ^C: select fails: Interrupted system call Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
author: Armin Kuster <akuster808@gmail.com> 2016-01-29 12:14:26 -0800
committer: Joe MacDonald <joe_macdonald@mentor.com> 2016-02-22 15:51:19 -0500
commit: 1ddc9a5e653d0869df5fd9ccf16128cee88008c6 (patch)
tree: 057425d269aa05823f6527dc98aad0ea79efe633 /meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb
parent: bb7fafbc7c8756f5905bc1ae65242a308ad9e23a (diff)
download: meta-openembedded-1ddc9a5e653d0869df5fd9ccf16128cee88008c6.tar.gz
1 files changed, 157 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb
new file mode 100644
index 000000000..1836dd9bc
--- /dev/null
+++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb
@@ -0,0 +1,157 @@
+SUMMARY = "Network Time Protocol daemon and utilities"
+DESCRIPTION = "The Network Time Protocol (NTP) is used to \
+synchronize the time of a computer client or server to \
+another server or reference time source, such as a radio \
+or satellite receiver or modem."
+HOMEPAGE = "http://support.ntp.org"
+SECTION = "net"
+LICENSE = "NTP"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=f41fedb22dffefcbfafecc85b0f79cfa"
+DEPENDS = "libevent"
+SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.gz \
+           file://ntp-4.2.4_p6-nano.patch \
+           file://ntpd \
+           file://ntp.conf \
+           file://ntpdate \
+           file://ntpdate.default \
+           file://ntpdate.service \
+           file://ntpd.service \
+           file://sntp.service \
+           file://sntp \
+           file://ntpd.list \
+"
+SRC_URI[md5sum] = "60049f51e9c8305afe30eb22b711c5c6"
+SRC_URI[sha256sum] = "583d0e1c573ace30a9c6afbea0fc52cae9c8c916dbc15c026e485a0dda4ba048"
+inherit autotools update-rc.d useradd systemd pkgconfig
+# The ac_cv_header_readline_history is to stop ntpdc depending on either
+# readline or curses
+EXTRA_OECONF += "--with-net-snmp-config=no \
+                 --without-ntpsnmpd \
+                 ac_cv_header_readline_history_h=no \
+                 --with-yielding_select=yes \
+                 --with-locfile=redhat \
+                 --without-rpath \
+                 "
+CFLAGS_append = " -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED"
+USERADD_PACKAGES = "${PN}"
+NTP_USER_HOME ?= "/var/lib/ntp"
+USERADD_PARAM_${PN} = "--system --home-dir ${NTP_USER_HOME} \
+                       --no-create-home \
+                       --shell /bin/false --user-group ntp"
+# NB: debug is default-enabled by NTP; keep it default-enabled here.
+PACKAGECONFIG ??= "cap debug refclocks"
+PACKAGECONFIG[openssl] = "--with-openssl-libdir=${STAGING_LIBDIR} \
+                          --with-openssl-incdir=${STAGING_INCDIR} \
+                          --with-crypto, \
+                          --without-openssl --without-crypto, \
+                          openssl"
+PACKAGECONFIG[cap] = "--enable-linuxcaps,--disable-linuxcaps,libcap"
+PACKAGECONFIG[readline] = "--with-lineeditlibs,--without-lineeditlibs,readline"
+PACKAGECONFIG[refclocks] = "--enable-all-clocks,--disable-all-clocks,pps-tools"
+PACKAGECONFIG[debug] = "--enable-debugging,--disable-debugging"
+do_install_append() {
+    install -d ${D}${sysconfdir}/init.d
+    install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
+    install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
+    install -d ${D}${bindir}
+    install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
+    install -m 755 -d ${D}${NTP_USER_HOME}
+    chown ntp:ntp ${D}${NTP_USER_HOME}
+    # Fix hardcoded paths in scripts
+    sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+    sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+    sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+    sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+    sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${bindir}/ntpdate-sync
+    sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace
+    sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace
+    sed -i '1s,#!.*perl,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait
+    sed -i '/use/i use warnings;' ${D}${sbindir}/ntp-wait
+    sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/calc_tickadj
+    sed -i '/use/i use warnings;' ${D}${sbindir}/calc_tickadj
+    install -d ${D}/${sysconfdir}/default
+    install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
+    install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
+    install -d ${D}/${sysconfdir}/network/if-up.d
+    ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
+    install -d ${D}${systemd_unitdir}/system
+    install -m 0644 ${WORKDIR}/ntpdate.service ${D}${systemd_unitdir}/system/
+    install -m 0644 ${WORKDIR}/ntpd.service ${D}${systemd_unitdir}/system/
+    install -m 0644 ${WORKDIR}/sntp.service ${D}${systemd_unitdir}/system/
+    install -d ${D}${systemd_unitdir}/ntp-units.d
+    install -m 0644 ${WORKDIR}/ntpd.list ${D}${systemd_unitdir}/ntp-units.d/60-ntpd.list
+}
+PACKAGES += "ntpdate sntp ${PN}-tickadj ${PN}-utils"
+# NOTE: you don't need ntpdate, use "ntpd -q -g -x"
+# ntp originally includes tickadj. It's split off for inclusion in small firmware images on platforms
+# with wonky clocks (e.g. OpenSlug)
+RDEPENDS_${PN} = "${PN}-tickadj"
+# Handle move from bin to utils package
+RPROVIDES_${PN}-utils = "${PN}-bin"
+RREPLACES_${PN}-utils = "${PN}-bin"
+RCONFLICTS_${PN}-utils = "${PN}-bin"
+SYSTEMD_PACKAGES = "${PN} ntpdate sntp"
+SYSTEMD_SERVICE_${PN} = "ntpd.service"
+SYSTEMD_SERVICE_ntpdate = "ntpdate.service"
+SYSTEMD_SERVICE_sntp = "sntp.service"
+RPROVIDES_${PN} += "${PN}-systemd"
+RREPLACES_${PN} += "${PN}-systemd"
+RCONFLICTS_${PN} += "${PN}-systemd"
+RPROVIDES_ntpdate += "ntpdate-systemd"
+RREPLACES_ntpdate += "ntpdate-systemd"
+RCONFLICTS_ntpdate += "ntpdate-systemd"
+RSUGGESTS_${PN} = "iana-etc"
+FILES_${PN} = "${sbindir}/ntpd ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/ntpd ${libdir} \
+    ${NTP_USER_HOME} \
+    ${systemd_unitdir}/ntp-units.d/60-ntpd.list ${libexecdir}\
+"
+FILES_${PN}-tickadj = "${sbindir}/tickadj"
+FILES_${PN}-utils = "${sbindir} ${datadir}/ntp/lib"
+RDEPENDS_${PN}-utils += "perl"
+FILES_ntpdate = "${sbindir}/ntpdate \
+    ${sysconfdir}/network/if-up.d/ntpdate-sync \
+    ${bindir}/ntpdate-sync \
+    ${sysconfdir}/default/ntpdate \
+    ${systemd_unitdir}/system/ntpdate.service \
+"
+FILES_sntp = "${sbindir}/sntp \
+              ${sysconfdir}/default/sntp \
+              ${systemd_unitdir}/system/sntp.service \
+             "
+CONFFILES_${PN} = "${sysconfdir}/ntp.conf"
+CONFFILES_ntpdate = "${sysconfdir}/default/ntpdate"
+INITSCRIPT_NAME = "ntpd"
+# No dependencies, so just go in at the standard level (20)
+INITSCRIPT_PARAMS = "defaults"
+pkg_postinst_ntpdate() {
+    if ! grep -q -s ntpdate $D/var/spool/cron/root; then
+        echo "adding crontab"
+        test -d $D/var/spool/cron || mkdir -p $D/var/spool/cron
+        echo "30 * * * *    ${bindir}/ntpdate-sync silent" >> $D/var/spool/cron/root
+    fi
+}
author	Armin Kuster <akuster808@gmail.com>	2016-01-29 12:14:26 -0800
committer	Joe MacDonald <joe_macdonald@mentor.com>	2016-02-22 15:51:19 -0500
commit	1ddc9a5e653d0869df5fd9ccf16128cee88008c6 (patch)
tree	057425d269aa05823f6527dc98aad0ea79efe633 /meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb
parent	bb7fafbc7c8756f5905bc1ae65242a308ad9e23a (diff)
download	meta-openembedded-1ddc9a5e653d0869df5fd9ccf16128cee88008c6.tar.gz

diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb new file mode 100644 index 000000000..1836dd9bc --- /dev/null +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p6.bb
@@ -0,0 +1,157 @@
	1	SUMMARY = "Network Time Protocol daemon and utilities"
	2	DESCRIPTION = "The Network Time Protocol (NTP) is used to \
	3	synchronize the time of a computer client or server to \
	4	another server or reference time source, such as a radio \
	5	or satellite receiver or modem."
	6	HOMEPAGE = "http://support.ntp.org"
	7	SECTION = "net"
	8	LICENSE = "NTP"
	9	LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=f41fedb22dffefcbfafecc85b0f79cfa"
	10
	11	DEPENDS = "libevent"
	12
	13	SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.gz \
	14	file://ntp-4.2.4_p6-nano.patch \
	15	file://ntpd \
	16	file://ntp.conf \
	17	file://ntpdate \
	18	file://ntpdate.default \
	19	file://ntpdate.service \
	20	file://ntpd.service \
	21	file://sntp.service \
	22	file://sntp \
	23	file://ntpd.list \
	24	"
	25
	26	SRC_URI[md5sum] = "60049f51e9c8305afe30eb22b711c5c6"
	27	SRC_URI[sha256sum] = "583d0e1c573ace30a9c6afbea0fc52cae9c8c916dbc15c026e485a0dda4ba048"
	28
	29	inherit autotools update-rc.d useradd systemd pkgconfig
	30
	31	# The ac_cv_header_readline_history is to stop ntpdc depending on either
	32	# readline or curses
	33	EXTRA_OECONF += "--with-net-snmp-config=no \
	34	--without-ntpsnmpd \
	35	ac_cv_header_readline_history_h=no \
	36	--with-yielding_select=yes \
	37	--with-locfile=redhat \
	38	--without-rpath \
	39	"
	40	CFLAGS_append = " -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED"
	41
	42	USERADD_PACKAGES = "${PN}"
	43	NTP_USER_HOME ?= "/var/lib/ntp"
	44	USERADD_PARAM_${PN} = "--system --home-dir ${NTP_USER_HOME} \
	45	--no-create-home \
	46	--shell /bin/false --user-group ntp"
	47
	48	# NB: debug is default-enabled by NTP; keep it default-enabled here.
	49	PACKAGECONFIG ??= "cap debug refclocks"
	50	PACKAGECONFIG[openssl] = "--with-openssl-libdir=${STAGING_LIBDIR} \
	51	--with-openssl-incdir=${STAGING_INCDIR} \
	52	--with-crypto, \
	53	--without-openssl --without-crypto, \
	54	openssl"
	55	PACKAGECONFIG[cap] = "--enable-linuxcaps,--disable-linuxcaps,libcap"
	56	PACKAGECONFIG[readline] = "--with-lineeditlibs,--without-lineeditlibs,readline"
	57	PACKAGECONFIG[refclocks] = "--enable-all-clocks,--disable-all-clocks,pps-tools"
	58	PACKAGECONFIG[debug] = "--enable-debugging,--disable-debugging"
	59
	60	do_install_append() {
	61	install -d ${D}${sysconfdir}/init.d
	62	install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
	63	install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
	64	install -d ${D}${bindir}
	65	install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
	66
	67	install -m 755 -d ${D}${NTP_USER_HOME}
	68	chown ntp:ntp ${D}${NTP_USER_HOME}
	69
	70	# Fix hardcoded paths in scripts
	71	sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
	72	sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
	73	sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
	74	sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
	75	sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${bindir}/ntpdate-sync
	76	sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace
	77	sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace
	78	sed -i '1s,#!.*perl,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait
	79	sed -i '/use/i use warnings;' ${D}${sbindir}/ntp-wait
	80	sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/calc_tickadj
	81	sed -i '/use/i use warnings;' ${D}${sbindir}/calc_tickadj
	82
	83	install -d ${D}/${sysconfdir}/default
	84	install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
	85	install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
	86
	87	install -d ${D}/${sysconfdir}/network/if-up.d
	88	ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
	89
	90	install -d ${D}${systemd_unitdir}/system
	91	install -m 0644 ${WORKDIR}/ntpdate.service ${D}${systemd_unitdir}/system/
	92	install -m 0644 ${WORKDIR}/ntpd.service ${D}${systemd_unitdir}/system/
	93	install -m 0644 ${WORKDIR}/sntp.service ${D}${systemd_unitdir}/system/
	94
	95	install -d ${D}${systemd_unitdir}/ntp-units.d
	96	install -m 0644 ${WORKDIR}/ntpd.list ${D}${systemd_unitdir}/ntp-units.d/60-ntpd.list
	97	}
	98
	99	PACKAGES += "ntpdate sntp ${PN}-tickadj ${PN}-utils"
	100	# NOTE: you don't need ntpdate, use "ntpd -q -g -x"
	101
	102	# ntp originally includes tickadj. It's split off for inclusion in small firmware images on platforms
	103	# with wonky clocks (e.g. OpenSlug)
	104	RDEPENDS_${PN} = "${PN}-tickadj"
	105	# Handle move from bin to utils package
	106	RPROVIDES_${PN}-utils = "${PN}-bin"
	107	RREPLACES_${PN}-utils = "${PN}-bin"
	108	RCONFLICTS_${PN}-utils = "${PN}-bin"
	109
	110	SYSTEMD_PACKAGES = "${PN} ntpdate sntp"
	111	SYSTEMD_SERVICE_${PN} = "ntpd.service"
	112	SYSTEMD_SERVICE_ntpdate = "ntpdate.service"
	113	SYSTEMD_SERVICE_sntp = "sntp.service"
	114
	115	RPROVIDES_${PN} += "${PN}-systemd"
	116	RREPLACES_${PN} += "${PN}-systemd"
	117	RCONFLICTS_${PN} += "${PN}-systemd"
	118
	119	RPROVIDES_ntpdate += "ntpdate-systemd"
	120	RREPLACES_ntpdate += "ntpdate-systemd"
	121	RCONFLICTS_ntpdate += "ntpdate-systemd"
	122
	123	RSUGGESTS_${PN} = "iana-etc"
	124
	125	FILES_${PN} = "${sbindir}/ntpd ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/ntpd ${libdir} \
	126	${NTP_USER_HOME} \
	127	${systemd_unitdir}/ntp-units.d/60-ntpd.list ${libexecdir}\
	128	"
	129	FILES_${PN}-tickadj = "${sbindir}/tickadj"
	130	FILES_${PN}-utils = "${sbindir} ${datadir}/ntp/lib"
	131	RDEPENDS_${PN}-utils += "perl"
	132	FILES_ntpdate = "${sbindir}/ntpdate \
	133	${sysconfdir}/network/if-up.d/ntpdate-sync \
	134	${bindir}/ntpdate-sync \
	135	${sysconfdir}/default/ntpdate \
	136	${systemd_unitdir}/system/ntpdate.service \
	137	"
	138	FILES_sntp = "${sbindir}/sntp \
	139	${sysconfdir}/default/sntp \
	140	${systemd_unitdir}/system/sntp.service \
	141	"
	142
	143	CONFFILES_${PN} = "${sysconfdir}/ntp.conf"
	144	CONFFILES_ntpdate = "${sysconfdir}/default/ntpdate"
	145
	146	INITSCRIPT_NAME = "ntpd"
	147	# No dependencies, so just go in at the standard level (20)
	148	INITSCRIPT_PARAMS = "defaults"
	149
	150	pkg_postinst_ntpdate() {
	151	if ! grep -q -s ntpdate $D/var/spool/cron/root; then
	152	echo "adding crontab"
	153	test -d $D/var/spool/cron \|\| mkdir -p $D/var/spool/cron
	154	echo "30 * * * * ${bindir}/ntpdate-sync silent" >> $D/var/spool/cron/root
	155	fi
	156	}
	157