diff options
author | Paul Eggleton <paul.eggleton@linux.intel.com> | 2014-12-25 17:40:53 +0000 |
---|---|---|
committer | Paul Eggleton <paul.eggleton@linux.intel.com> | 2014-12-25 22:23:18 +0000 |
commit | 2a581eb64141e55750a0569e15d1203c597b7dea (patch) | |
tree | 88ecb571784a61cf681323914aebc4e84eaf2030 /meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch | |
parent | edcf03b5fb576dbeae3784471aec8c2b7a9a04a8 (diff) | |
download | meta-openembedded-contrib-paule/ntp-upgrade.tar.gz |
ntp: upgrade to 4.2.8paule/ntp-upgrade
* Upgrade to 4.2.8 which fixes several security issues, including
CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296. For
more details please see:
https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01A
* LIC_FILES_CHKSUM changed due to a number of copyright year and patch
list changes; nothing material about the license text changed.
* This version moves a number of binaries from sbindir to bindir;
there's supposed to be a configure option --with-locfile=legacy to use
the old layout but it does not seem to work. I guess we'll just have
to live with the change.
* Drop patches which are no longer applicable.
* Merge inc file into recipe; there were too many changes required to
the inc file in this version and it's unlikely it was much use split
out in any case.
* Move remaining files in files/ to ntp/
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Diffstat (limited to 'meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch')
-rw-r--r-- | meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch | 168 |
1 files changed, 168 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch b/meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch new file mode 100644 index 0000000000..9b9af63ca3 --- /dev/null +++ b/meta-networking/recipes-support/ntp/ntp/ntp-4.2.8-ntp-keygen-no-openssl.patch @@ -0,0 +1,168 @@ +Fix ntp-keygen build without OpenSSL + +Patch borrowed from Gentoo, originally from upstream +Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> +Upstream-Status: Backport + +Upstream commit: +http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5497b345z5MNTuNvJWuqPSje25NQTg +Gentoo bugzilla: https://bugs.gentoo.org/show_bug.cgi?id=533238 + +Signed-off-by: Markos Chandras <hwoarang@gentoo.org> +Index: ntp-4.2.8/Makefile.am +=================================================================== +--- ntp-4.2.8.orig/Makefile.am ++++ ntp-4.2.8/Makefile.am +@@ -2,7 +2,10 @@ ACLOCAL_AMFLAGS = -I sntp/m4 -I sntp/lib + + NULL = + ++# moved sntp first to get libtool and libevent built. ++ + SUBDIRS = \ ++ sntp \ + scripts \ + include \ + libntp \ +@@ -17,7 +20,6 @@ SUBDIRS = \ + clockstuff \ + kernel \ + util \ +- sntp \ + tests \ + $(NULL) + +@@ -64,7 +66,6 @@ BUILT_SOURCES = \ + .gcc-warning \ + 'libtool \ + html/.datecheck \ +- sntp/built-sources-only \ + $(srcdir)/COPYRIGHT \ + $(srcdir)/.checkChangeLog \ + $(NULL) +Index: ntp-4.2.8/configure.ac +=================================================================== +--- ntp-4.2.8.orig/configure.ac ++++ ntp-4.2.8/configure.ac +@@ -102,7 +102,7 @@ esac + enable_nls=no + LIBOPTS_CHECK_NOBUILD([sntp/libopts]) + +-NTP_ENABLE_LOCAL_LIBEVENT ++NTP_LIBEVENT_CHECK_NOBUILD([2], [sntp/libevent]) + + NTP_LIBNTP + +@@ -771,6 +771,10 @@ esac + + #### + ++AC_CHECK_FUNCS([arc4random_buf]) ++ ++#### ++ + saved_LIBS="$LIBS" + LIBS="$LIBS $LDADD_LIBNTP" + AC_CHECK_FUNCS([daemon]) +Index: ntp-4.2.8/libntp/ntp_crypto_rnd.c +=================================================================== +--- ntp-4.2.8.orig/libntp/ntp_crypto_rnd.c ++++ ntp-4.2.8/libntp/ntp_crypto_rnd.c +@@ -24,6 +24,21 @@ + int crypto_rand_init = 0; + #endif + ++#ifndef HAVE_ARC4RANDOM_BUF ++static void ++arc4random_buf(void *buf, size_t nbytes); ++ ++void ++evutil_secure_rng_get_bytes(void *buf, size_t nbytes); ++ ++static void ++arc4random_buf(void *buf, size_t nbytes) ++{ ++ evutil_secure_rng_get_bytes(buf, nbytes); ++ return; ++} ++#endif ++ + /* + * As of late 2014, here's how we plan to provide cryptographic-quality + * random numbers: +Index: ntp-4.2.8/sntp/configure.ac +=================================================================== +--- ntp-4.2.8.orig/sntp/configure.ac ++++ ntp-4.2.8/sntp/configure.ac +@@ -97,11 +97,14 @@ esac + enable_nls=no + LIBOPTS_CHECK + +-AM_COND_IF( +- [BUILD_SNTP], +- [NTP_LIBEVENT_CHECK], +- [NTP_LIBEVENT_CHECK_NOBUILD] +-) ++# From when we only used libevent for sntp: ++#AM_COND_IF( ++# [BUILD_SNTP], ++# [NTP_LIBEVENT_CHECK], ++# [NTP_LIBEVENT_CHECK_NOBUILD] ++#) ++ ++NTP_LIBEVENT_CHECK([2]) + + # Checks for libraries. + +Index: ntp-4.2.8/sntp/m4/ntp_libevent.m4 +=================================================================== +--- ntp-4.2.8.orig/sntp/m4/ntp_libevent.m4 ++++ ntp-4.2.8/sntp/m4/ntp_libevent.m4 +@@ -1,4 +1,25 @@ +-dnl NTP_ENABLE_LOCAL_LIBEVENT -*- Autoconf -*- ++# SYNOPSIS -*- Autoconf -*- ++# ++# NTP_ENABLE_LOCAL_LIBEVENT ++# NTP_LIBEVENT_CHECK([MINVERSION [, DIR]]) ++# NTP_LIBEVENT_CHECK_NOBUILD([MINVERSION [, DIR]]) ++# ++# DESCRIPTION ++# ++# AUTHOR ++# ++# Harlan Stenn ++# ++# LICENSE ++# ++# This file is Copyright (c) 2014 Network Time Foundation ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice, ++# author attribution and this notice are preserved. This file is offered ++# as-is, without any warranty. ++ ++dnl NTP_ENABLE_LOCAL_LIBEVENT + dnl + dnl Provide only the --enable-local-libevent command-line option. + dnl +@@ -29,7 +50,7 @@ dnl If NOBUILD is provided as the 3rd ar + dnl but DO NOT invoke DIR/configure if we are going to use our bundled + dnl version. This may be the case for nested packages. + dnl +-dnl provide --enable-local-libevent . ++dnl provides --enable-local-libevent . + dnl + dnl Examples: + dnl +Index: ntp-4.2.8/util/Makefile.am +=================================================================== +--- ntp-4.2.8.orig/util/Makefile.am ++++ ntp-4.2.8/util/Makefile.am +@@ -19,6 +19,7 @@ AM_LDFLAGS = $(LDFLAGS_NTP) + LDADD= ../libntp/libntp.a $(LDADD_LIBNTP) $(LIBM) $(PTHREAD_LIBS) + tg2_LDADD= ../libntp/libntp.a $(LDADD_LIBNTP) $(LIBM) + ntp_keygen_LDADD = version.o $(LIBOPTS_LDADD) ../libntp/libntp.a ++ntp_keygen_LDADD += $(LDADD_LIBEVENT) + ntp_keygen_LDADD += $(LDADD_LIBNTP) $(PTHREAD_LIBS) $(LDADD_NTP) $(LIBM) + ntp_keygen_SOURCES = ntp-keygen.c ntp-keygen-opts.c ntp-keygen-opts.h + |