Author: cy Date: Wed Jun 24 01:51:05 2020 New Revision: 362568 URL: https://svnweb.freebsd.org/changeset/base/362568
Log: MFV r362565: Update 4.2.8p14 --> 4.2.8p15 Summary: Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed. MFC after: 3 days Security: NTP Bug 3661 Modified: head/contrib/ntp/ChangeLog head/contrib/ntp/CommitLog head/contrib/ntp/NEWS head/contrib/ntp/config.h.in head/contrib/ntp/configure head/contrib/ntp/configure.ac head/contrib/ntp/html/drivers/driver40-ja.html head/contrib/ntp/html/drivers/driver40.html head/contrib/ntp/include/l_stdlib.h head/contrib/ntp/include/ntp.h head/contrib/ntp/include/ntp_config.h head/contrib/ntp/include/recvbuff.h head/contrib/ntp/lib/isc/win32/include/isc/int.h head/contrib/ntp/libntp/a_md5encrypt.c head/contrib/ntp/libntp/decodenetnum.c head/contrib/ntp/libntp/recvbuff.c head/contrib/ntp/libntp/strdup.c head/contrib/ntp/libntp/timexsup.c head/contrib/ntp/ntpd/invoke-ntp.conf.texi head/contrib/ntp/ntpd/invoke-ntp.keys.texi head/contrib/ntp/ntpd/invoke-ntpd.texi head/contrib/ntp/ntpd/ntp.conf.5man head/contrib/ntp/ntpd/ntp.conf.5mdoc head/contrib/ntp/ntpd/ntp.conf.html head/contrib/ntp/ntpd/ntp.conf.man.in head/contrib/ntp/ntpd/ntp.conf.mdoc.in head/contrib/ntp/ntpd/ntp.keys.5man head/contrib/ntp/ntpd/ntp.keys.5mdoc head/contrib/ntp/ntpd/ntp.keys.html head/contrib/ntp/ntpd/ntp.keys.man.in head/contrib/ntp/ntpd/ntp.keys.mdoc.in head/contrib/ntp/ntpd/ntp_config.c head/contrib/ntp/ntpd/ntp_io.c head/contrib/ntp/ntpd/ntp_proto.c head/contrib/ntp/ntpd/ntp_refclock.c head/contrib/ntp/ntpd/ntp_request.c head/contrib/ntp/ntpd/ntp_timer.c head/contrib/ntp/ntpd/ntpd-opts.c head/contrib/ntp/ntpd/ntpd-opts.h head/contrib/ntp/ntpd/ntpd.1ntpdman head/contrib/ntp/ntpd/ntpd.1ntpdmdoc head/contrib/ntp/ntpd/ntpd.html head/contrib/ntp/ntpd/ntpd.man.in head/contrib/ntp/ntpd/ntpd.mdoc.in head/contrib/ntp/ntpd/refclock_jjy.c head/contrib/ntp/ntpd/refclock_nmea.c head/contrib/ntp/ntpd/refclock_palisade.c head/contrib/ntp/ntpd/refclock_parse.c head/contrib/ntp/ntpdate/ntpdate.c head/contrib/ntp/ntpdc/invoke-ntpdc.texi head/contrib/ntp/ntpdc/ntpdc-opts.c head/contrib/ntp/ntpdc/ntpdc-opts.h head/contrib/ntp/ntpdc/ntpdc.1ntpdcman head/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc head/contrib/ntp/ntpdc/ntpdc.html head/contrib/ntp/ntpdc/ntpdc.man.in head/contrib/ntp/ntpdc/ntpdc.mdoc.in head/contrib/ntp/ntpq/invoke-ntpq.texi head/contrib/ntp/ntpq/ntpq-opts.c head/contrib/ntp/ntpq/ntpq-opts.h head/contrib/ntp/ntpq/ntpq.1ntpqman head/contrib/ntp/ntpq/ntpq.1ntpqmdoc head/contrib/ntp/ntpq/ntpq.html head/contrib/ntp/ntpq/ntpq.man.in head/contrib/ntp/ntpq/ntpq.mdoc.in head/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi head/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c head/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h head/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman head/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc head/contrib/ntp/ntpsnmpd/ntpsnmpd.html head/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in head/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in head/contrib/ntp/packageinfo.sh head/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman head/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc head/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html head/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in head/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in head/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi head/contrib/ntp/scripts/invoke-plot_summary.texi head/contrib/ntp/scripts/invoke-summary.texi head/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi head/contrib/ntp/scripts/ntp-wait/ntp-wait-opts head/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman head/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc head/contrib/ntp/scripts/ntp-wait/ntp-wait.html head/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in head/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in head/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi head/contrib/ntp/scripts/ntpsweep/ntpsweep-opts head/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman head/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc head/contrib/ntp/scripts/ntpsweep/ntpsweep.html head/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in head/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in head/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi head/contrib/ntp/scripts/ntptrace/ntptrace-opts head/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman head/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc head/contrib/ntp/scripts/ntptrace/ntptrace.html head/contrib/ntp/scripts/ntptrace/ntptrace.man.in head/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in head/contrib/ntp/scripts/plot_summary-opts head/contrib/ntp/scripts/plot_summary.1plot_summaryman head/contrib/ntp/scripts/plot_summary.1plot_summarymdoc head/contrib/ntp/scripts/plot_summary.html head/contrib/ntp/scripts/plot_summary.man.in head/contrib/ntp/scripts/plot_summary.mdoc.in head/contrib/ntp/scripts/summary-opts head/contrib/ntp/scripts/summary.1summaryman head/contrib/ntp/scripts/summary.1summarymdoc head/contrib/ntp/scripts/summary.html head/contrib/ntp/scripts/summary.man.in head/contrib/ntp/scripts/summary.mdoc.in head/contrib/ntp/scripts/update-leap/invoke-update-leap.texi head/contrib/ntp/scripts/update-leap/update-leap-opts head/contrib/ntp/scripts/update-leap/update-leap.1update-leapman head/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc head/contrib/ntp/scripts/update-leap/update-leap.html head/contrib/ntp/scripts/update-leap/update-leap.man.in head/contrib/ntp/scripts/update-leap/update-leap.mdoc.in head/contrib/ntp/sntp/configure head/contrib/ntp/sntp/crypto.c head/contrib/ntp/sntp/include/version.def head/contrib/ntp/sntp/include/version.texi head/contrib/ntp/sntp/invoke-sntp.texi head/contrib/ntp/sntp/m4/version.m4 head/contrib/ntp/sntp/sntp-opts.c head/contrib/ntp/sntp/sntp-opts.h head/contrib/ntp/sntp/sntp.1sntpman head/contrib/ntp/sntp/sntp.1sntpmdoc head/contrib/ntp/sntp/sntp.html head/contrib/ntp/sntp/sntp.man.in head/contrib/ntp/sntp/sntp.mdoc.in head/contrib/ntp/sntp/version.c head/contrib/ntp/util/invoke-ntp-keygen.texi head/contrib/ntp/util/ntp-keygen-opts.c head/contrib/ntp/util/ntp-keygen-opts.h head/contrib/ntp/util/ntp-keygen.1ntp-keygenman head/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc head/contrib/ntp/util/ntp-keygen.html head/contrib/ntp/util/ntp-keygen.man.in head/contrib/ntp/util/ntp-keygen.mdoc.in head/usr.sbin/ntp/config.h head/usr.sbin/ntp/scripts/mkver Directory Properties: head/contrib/ntp/ (props changed) Modified: head/contrib/ntp/ChangeLog ============================================================================== --- head/contrib/ntp/ChangeLog Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/ChangeLog Wed Jun 24 01:51:05 2020 (r362568) @@ -1,4 +1,33 @@ --- +(4.2.8p15) 2020/06/23 Released by Harlan Stenn <[email protected]> +(4.2.8p15) 2020/06/23 Released by Harlan Stenn <[email protected]> + +* [Sec 3661] memory leak with AES128CMAC keys <[email protected]> +* [Bug 3670] Regression from bad merge of 3592 and 3596 <[email protected]> + - fixed a bad merge that happened before 4.2.8-p14. Thanks to + Sylar Tao for noticing this! +* [Bug 3667] decodenetnum fails with numeric port <[email protected]> + - rewrite 'decodenetnum()' in terms of inet_pton +* [Bug 3666] avoid unlimited receive buffer allocation <[email protected]> + - limit number of receive buffers, with an iron reserve for refclocks +* [Bug 3664] Enable openSSL CMAC support on Windows <[email protected]> +* [Bug 3662] Fix build errors on Windows with VS2008 <[email protected]> +* [Bug 3660] Manycast orphan mode startup discovery problem. <[email protected]> + - integrated patch from Charles Claggett +* [Bug 3659] Move definition of psl[] from ntp_config.h to + ntp_config.h <[email protected]> +* [Bug 3657] Wrong "Autokey group mismatch" debug message <[email protected]> +* [Bug 3655] ntpdc memstats hash counts <[email protected]> + - fix by Gerry garvey +* [Bug 3653] Refclock jitter RMS calculation <[email protected]> + - thanks to Gerry Garvey +* [Bug 3646] Avoid sync with unsync orphan <[email protected]> + - patch by Gerry Garvey +* [Bug 3644] Unsynchronized server [...] selected as candidate <[email protected]> +* [Bug 3639] refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. <[email protected]> + - applied patch by Takao Abe + +--- (4.2.8p14) 2020/03/03 Released by Harlan Stenn <[email protected]> * [Sec 3610] process_control() should bail earlier on short packets. stenn@ Modified: head/contrib/ntp/CommitLog ============================================================================== --- head/contrib/ntp/CommitLog Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/CommitLog Wed Jun 24 01:51:05 2020 (r362568) @@ -1,3 +1,700 @@ [email protected], 2020-06-23 02:22:19-07:00, [email protected] + NTP_4_2_8P15 + TAG: NTP_4_2_8P15 + + [email protected] +1 -0 + NTP_4_2_8P15 + + ntpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +7 -7 + NTP_4_2_8P15 + + ntpd/[email protected] +3 -3 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +7 -7 + NTP_4_2_8P15 + + ntpdc/[email protected] +3 -3 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpdc/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +7 -7 + NTP_4_2_8P15 + + ntpq/[email protected] +3 -3 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpq/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +7 -7 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +3 -3 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +1 -1 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +2 -2 + NTP_4_2_8P15 + + ntpsnmpd/[email protected] +2 -2 + NTP_4_2_8P15 + + [email protected] +2 -2 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +1 -1 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/calc_tickadj/[email protected] +1 -1 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntp-wait/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntpsweep/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/ntptrace/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +1 -1 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +1 -1 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +2 -2 + NTP_4_2_8P15 + + scripts/update-leap/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +7 -7 + NTP_4_2_8P15 + + sntp/[email protected] +3 -3 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + sntp/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +7 -7 + NTP_4_2_8P15 + + util/[email protected] +3 -3 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + + util/[email protected] +2 -2 + NTP_4_2_8P15 + [email protected], 2020-06-23 02:05:32-07:00, [email protected] + ntp-4.2.8p15 + + [email protected] +1 -1 + ntp-4.2.8p15 + [email protected], 2020-06-09 07:12:27-04:00, [email protected] + p15 updates + + [email protected] +1 -1 + p15 updates + + [email protected] +1 -1 + p15 updates + [email protected], 2020-06-09 07:09:18-04:00, [email protected] + 3670 + + [email protected] +1 -1 + 3670 + + [email protected] +3 -1 + 3670 + [email protected], 2020-06-09 08:39:26+02:00, [email protected] + [Bug 3670] Deleted statements come back + + [email protected] +3 -0 + [Bug 3670] Deleted statements come back + + ntpd/[email protected] +4 -19 + [Bug 3670] Deleted statements come back + [email protected], 2020-05-31 09:52:14+00:00, [email protected] + update the expected releease date + + [email protected] +1 -1 + update the expected releease date + [email protected], 2020-05-31 09:49:39+00:00, [email protected] + Update ChangeLog and NEWS files for 3644 + + [email protected] +1 -3 + Update ChangeLog and NEWS files for 3644 + + [email protected] +2 -1 + Update ChangeLog and NEWS files for 3644 + [email protected], 2020-05-31 09:47:05+00:00, [email protected] + [Bug 3644]: Do we want to log an event in this case? + + ntpd/[email protected] +2 -0 + [Bug 3644]: Do we want to log an event in this case? + [email protected], 2020-05-31 11:13:45+02:00, [email protected] + [Bug 3644] Unsynchronized server (minsane not satisfied) selected as candidate + + [email protected] +3 -0 + [Bug 3644] Unsynchronized server (minsane not satisfied) selected as candidate + + include/[email protected] +1 -1 + [Bug 3644] Unsynchronized server [...] selected as candidate + - comment typo + + ntpd/[email protected] +2 -3 + [Bug 3644] Unsynchronized server (minsane not satisfied) selected as candidate + + ntpd/[email protected] +24 -9 + [Bug 3644] Unsynchronized server (minsane not satisfied) selected as candidate + - according to DLM, we should go S16/UNSYNCED if we have no proper orphan config + [email protected], 2020-05-25 12:42:46+02:00, [email protected] + [Bug 3667] decodenetnum fails with numeric port + - windows compilation issues + + libntp/[email protected] +1 -1 + [Bug 3667] decodenetnum fails with numeric port + - windows compilation issues ('sa_family_t' is POSIX, now ANSI/MSVC) + + libntp/[email protected] +3 -3 + [Bug 3667] decodenetnum fails with numeric port + - windows compilation issues (typo+cast in memchr replacement) + + ports/winnt/include/[email protected] +2 -0 + [Bug 3667] decodenetnum fails with numeric port + - windows compilation issues (have memchr() and strnlen() in MSVC) + [email protected], 2020-05-22 06:07:28+00:00, [email protected] + Update NEWS file with 3667 + + [email protected] +3 -1 + Update NEWS file with 3667 + [email protected], 2020-05-22 06:05:45+00:00, [email protected] + cleanup + + [email protected] +2 -4 + cleanup + [email protected], 2020-05-22 06:04:57+00:00, [email protected] + indentation tweaks + + tests/libntp/[email protected] +7 -7 + indentation tweaks + [email protected], 2020-05-20 09:44:15+02:00, [email protected] + [Bug 3667] decodenetnum fails with numeric port + + [email protected] +4 -0 + [Bug 3667] decodenetnum fails with numeric port + + [email protected] +1 -1 + [Bug 3667] decodenetnum fails with numeric port + sidekick: implement strnlen() and memchr() for ancient hosts (pogo.udel.edu...) + + include/[email protected] +9 -0 + [Bug 3667] decodenetnum fails with numeric port + sidekick: implement strnlen() and memchr() for ancient hosts (pogo.udel.edu...) + + libntp/[email protected] +123 -77 + [Bug 3667] decodenetnum fails with numeric port + - rewrite in terms of inet_pton() and strtoul(), no getaddrinfo() any more + + libntp/[email protected] +29 -3 + [Bug 3667] decodenetnum fails with numeric port + sidekick: implement strnlen() and memchr() for ancient hosts (pogo.udel.edu...) + + tests/libntp/[email protected] +94 -6 + [Bug 3667] decodenetnum fails with numeric port + - additional tests + + tests/libntp/[email protected] +2 -0 + Bug 3667 - decodenetnum fails with numeric port + - clear address buffers before use + + tests/libntp/[email protected] +8 -2 + [Bug 3667] decodenetnum fails with numeric port + - regenerated + + tests/libntp/[email protected] +2 -1 + [Bug 3667] decodenetnum fails with numeric port + - include scope id in IPv6 compare + [email protected], 2020-05-14 03:45:40-07:00, [email protected] + Added 3660 to the NEWS file + + [email protected] +3 -1 + Added 3660 to the NEWS file + [email protected], 2020-05-14 03:14:44-07:00, [email protected] + [Bug 3660] Manycast orphan mode startup discovery problem + + [email protected] +5 -0 + [Bug 3660] Manycast orphan mode startup discovery problem + + ntpd/[email protected] +2 -1 + [Bug 3660] Manycast orphan mode startup discovery problem + [email protected], 2020-05-10 11:26:21+00:00, [email protected] + Update NEWS + + [email protected] +3 -1 + Update NEWS + [email protected], 2020-05-10 09:44:50+00:00, [email protected] + Merge cleanup + + [email protected] +2 -4 + Merge cleanup + [email protected], 2020-05-09 08:20:44+02:00, [email protected] + [Bug 3666] avoid unlimited receive buffer allocation + + BitKeeper/etc/[email protected] +1 -0 + [Bug 3666] avoid unlimited receive buffer allocation + - (sidekick) ignore the '.vs' directory of VS2017 & above + + [email protected] +4 -0 + [Bug 3666] avoid unlimited receive buffer allocation + + include/[email protected] +23 -7 + [Bug 3666] avoid unlimited receive buffer allocation + - buffer count limit is 4096 now, always enforced + - API change for urgent buffers + + lib/isc/win32/include/isc/[email protected] +3 -1 + [Bug 3666] avoid unlimited receive buffer allocation + - (sidekick) define standard reserved macros only if not yet defined! + + libntp/[email protected] +131 -73 + [Bug 3666] avoid unlimited receive buffer allocation + - don't exceed RECV_TOOMANY allocated buffers + - keep emergency reserve for clocks + + libntp/[email protected] +3 -4 + [bug 3666] avoid unlimited receive buffer allocation + - (sidekick) fix some warnings of clang on lp64 targets + + ntpd/[email protected] +23 -13 + [Bug 3666] avoid unlimited receive buffer allocation + - support urgent buffer reserve for refclocks + + ntpd/[email protected] +1 -1 + [Bug 3666] avoid unlimited receive buffer allocation + - support urgent buffer reserve for refclocks + + ntpdate/[email protected] +1 -1 + [Bug 3666] avoid unlimited receive buffer allocation + - get_free_recv_buffer() API change + + ports/winnt/libntp/[email protected] +1 -1 + [Bug 3666] avoid unlimited receive buffer allocation + - (sidekick) regenerated + + ports/winnt/ntpd/[email protected] +63 -38 + [Bug 3666] avoid unlimited receive buffer allocation + - reuse last buffer ASAP if no new buffer available + - typos and some internal renaming + + tests/libntp/[email protected] +2 -2 + [Bug 3666] avoid unlimited receive buffer allocation + - internal API changes + [email protected], 2020-05-05 03:53:50+00:00, [email protected] + Update NEWS with 3639 + + [email protected] +3 -1 + Update NEWS with 3639 + [email protected], 2020-04-20 08:14:39+00:00, [email protected] + NEWS and bug 3664 + + [email protected] +2 -1 + NEWS and bug 3664 + [email protected], 2020-04-16 17:50:44+02:00, [email protected] + Enable openSSL CMAC support on Windows. + + [email protected] +2 -0 + Enable openSSL CMAC support on Windows. + + ports/winnt/include/[email protected] +2 -0 + Enable openSSL CMAC support on Windows. + [email protected], 2020-04-11 09:59:23+00:00, [email protected] + update + + [email protected] +1 -0 + update + [email protected], 2020-04-11 09:35:19+00:00, [email protected] + update + + [email protected] +2 -2 + update + [email protected], 2020-04-11 08:10:59+00:00, [email protected] + update + + [email protected] +3 -1 + update + [email protected], 2020-04-11 07:21:36+00:00, [email protected] + update + + [email protected] +1 -0 + update + [email protected], 2020-04-11 07:12:47+00:00, [email protected] + update + + [email protected] +22 -0 + update + [email protected], 2020-04-07 17:51:25+02:00, [email protected] + [Bug 3662] Fix build errors on Windows with VS2008. + + [email protected] +2 -0 + [Bug 3662] Fix build errors on Windows with VS2008. + [email protected], 2020-04-07 17:49:08+02:00, [email protected] + Fix unused variable warning in ntpdate.c. + + ntpdate/[email protected] +2 -1 + Fix unused variable warning. + [email protected], 2020-04-07 17:48:25+02:00, [email protected] + Fix compiling refclock_palisade.c + Don't have variable declarations after code. + + ntpd/[email protected] +25 -23 + Don't have variable declarations after code. + [email protected], 2020-04-07 17:47:02+02:00, [email protected] + Fix prototype in ntpd/refclock_nmea.c + + ntpd/[email protected] +1 -1 + Fix prototype in ntpd/refclock_nmea.c + [email protected], 2020-04-05 10:10:12+02:00, [email protected] + [Bug 3646] Avoid sync with unsync orphan + + [email protected] +4 -0 + [Bug 3646] Avoid sync with unsync orphan + + ntpd/[email protected] +21 -0 + [Bug 3646] Avoid sync with unsync orphan + [email protected], 2020-04-05 09:53:25+02:00, [email protected] + [Bug 3653] Refclock jitter RMS calculation + + [email protected] +4 -0 + [Bug 3653] Refclock jitter RMS calculation + + ntpd/[email protected] +36 -36 + [Bug 3653] Refclock jitter RMS calculation + [email protected], 2020-04-04 08:57:51+02:00, [email protected] + [Bug 3655] ntpdc memstats hash counts + + [email protected] +4 -0 + [Bug 3655] ntpdc memstats hash counts + + ntpd/[email protected] +1 -1 + [Bug 3655] ntpdc memstats hash counts + [email protected], 2020-04-04 08:48:51+02:00, [email protected] + [Bug 3657] Wrong "Autokey group mismatch" debug message + + [email protected] +3 -0 + [Bug 3657] Wrong "Autokey group mismatch" debug message + + ntpd/[email protected] +3 -2 + [Bug 3657] Wrong "Autokey group mismatch" debug message + [email protected], 2020-04-04 08:38:06+02:00, [email protected] + [Bug 3659] ntp-4.2.8p14 fails to build <[email protected]> + + [email protected] +3 -0 + [Bug 3659] ntp-4.2.8p14 fails to build <[email protected]> + + include/[email protected] +0 -10 + [Bug 3659] ntp-4.2.8p14 fails to build <[email protected]> + - move global declaration of 'psl' from header to static declaration in code + + ntpd/[email protected] +10 -0 + [Bug 3659] ntp-4.2.8p14 fails to build <[email protected]> + - move global declaration of 'psl' from header to static declaration in code + [email protected], 2020-04-01 16:49:43+02:00, [email protected] + [Bug 3661] memory leak with AES128CMAC keys + + [email protected] +3 -0 + [Bug 3661] memory leak with AES128CMAC keys + + libntp/[email protected] +1 -1 + [Bug 3661] memory leak with AES128CMAC keys + - free context, not just cleaning up internally + + sntp/[email protected] +2 -1 + [Bug 3661] memory leak with AES128CMAC keys + - free context, not just cleaning up internally + [email protected], 2020-03-03 17:42:43-08:00, [email protected] NTP_4_2_8P14 TAG: NTP_4_2_8P14 @@ -675,7 +1372,7 @@ [email protected], 2020-03-03 16:05:38-08:00, ntpreleng ntpd/[email protected] +2 -2 provide get_pollskew() for simulator [email protected], 2020-03-03 03:30:13-08:00, [email protected] [email protected], 2020-03-03 03:30:13-08:00, [email protected] NTP_4_2_8P13 TAG: NTP_4_2_8P13 (currently on 1.3894) @@ -933,7 +1630,7 @@ [email protected], 2020-02-17 08:48:45+00:00, stenn@psp [email protected], 2020-02-17 08:11:42+00:00, [email protected] updates - [email protected] +2 -0 + [email protected] +2 -0 [email protected], 2020-02-08 23:00:11+00:00, [email protected] html/confopt.html cleanup @@ -1288,6 +1985,22 @@ [email protected], 2020-01-29 06:03:13+00:00, stenn@psp ntpd/[email protected] +8 -0 Initial pass at fixes for bug 3596 + [email protected], 2020-01-21 12:49:14+00:00, [email protected] + driver40.html, refclock_jjy.c, driver40-ja.html, ChangeLog: + refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. + + [email protected] +3 -0 + refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. + + html/drivers/[email protected] +10 -2 + refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. + + html/drivers/[email protected] +9 -2 + refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. + + ntpd/[email protected] +76 -32 + refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. [email protected], 2020-01-18 04:46:30-05:00, [email protected] [Bug 3637] Emit the version of ntpd in saveconfig Modified: head/contrib/ntp/NEWS ============================================================================== --- head/contrib/ntp/NEWS Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/NEWS Wed Jun 24 01:51:05 2020 (r362568) @@ -1,4 +1,42 @@ --- +NTP 4.2.8p15 (Harlan Stenn <[email protected]>, 2020 Jun 23) + +Focus: Security, Bug fixes + +Severity: MEDIUM + +This release fixes one vulnerability: Associations that use CMAC +authentication between ntpd from versions 4.2.8p11/4.3.97 and +4.2.8p14/4.3.100 will leak a small amount of memory for each packet. +Eventually, ntpd will run out of memory and abort. + +It also fixes 13 other bugs. + +* [Sec 3661] memory leak with AES128CMAC keys <[email protected]> +* [Bug 3670] Regression from bad merger between 3592 and 3596 <perlinger@> + - Thanks to Sylar Tao +* [Bug 3667] decodenetnum fails with numeric port <[email protected]> + - rewrite 'decodenetnum()' in terms of inet_pton +* [Bug 3666] avoid unlimited receive buffer allocation <[email protected]> + - limit number of receive buffers, with an iron reserve for refclocks +* [Bug 3664] Enable openSSL CMAC support on Windows <[email protected]> +* [Bug 3662] Fix build errors on Windows with VS2008 <[email protected]> +* [Bug 3660] Manycast orphan mode startup discovery problem. <[email protected]> + - integrated patch from Charles Claggett +* [Bug 3659] Move definition of psl[] from ntp_config.h to + ntp_config.h <[email protected]> +* [Bug 3657] Wrong "Autokey group mismatch" debug message <[email protected]> +* [Bug 3655] ntpdc memstats hash counts <[email protected]> + - fix by Gerry garvey +* [Bug 3653] Refclock jitter RMS calculation <[email protected]> + - thanks to Gerry Garvey +* [Bug 3646] Avoid sync with unsync orphan <[email protected]> + - patch by Gerry Garvey +* [Bug 3644] Unsynchronized server [...] selected as candidate <[email protected]> +* [Bug 3639] refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. <[email protected]> + - applied patch by Takao Abe + +--- NTP 4.2.8p14 (Harlan Stenn <[email protected]>, 2020 Mar 03) Focus: Security, Bug fixes, enhancements. Modified: head/contrib/ntp/config.h.in ============================================================================== --- head/contrib/ntp/config.h.in Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/config.h.in Wed Jun 24 01:51:05 2020 (r362568) @@ -583,6 +583,9 @@ /* Define to 1 if you have the <md5.h> header file. */ #undef HAVE_MD5_H +/* Define to 1 if you have the `memchr' function. */ +#undef HAVE_MEMCHR + /* Define to 1 if you have the `memlk' function. */ #undef HAVE_MEMLK @@ -894,6 +897,9 @@ /* Define to 1 if you have the `strlcpy' function. */ #undef HAVE_STRLCPY + +/* Define to 1 if you have the `strnlen' function. */ +#undef HAVE_STRNLEN /* Define to 1 if you have the <stropts.h> header file. */ #undef HAVE_STROPTS_H Modified: head/contrib/ntp/configure ============================================================================== --- head/contrib/ntp/configure Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/configure Wed Jun 24 01:51:05 2020 (r362568) @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ntp 4.2.8p14. +# Generated by GNU Autoconf 2.69 for ntp 4.2.8p15. # # Report bugs to <http://bugs.ntp.org./>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ntp' PACKAGE_TARNAME='ntp' -PACKAGE_VERSION='4.2.8p14' -PACKAGE_STRING='ntp 4.2.8p14' +PACKAGE_VERSION='4.2.8p15' +PACKAGE_STRING='ntp 4.2.8p15' PACKAGE_BUGREPORT='http://bugs.ntp.org./' PACKAGE_URL='http://www.ntp.org./' @@ -1617,7 +1617,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ntp 4.2.8p14 to adapt to many kinds of systems. +\`configure' configures ntp 4.2.8p15 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1687,7 +1687,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ntp 4.2.8p14:";; + short | recursive ) echo "Configuration of ntp 4.2.8p15:";; esac cat <<\_ACEOF @@ -1930,7 +1930,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ntp configure 4.2.8p14 +ntp configure 4.2.8p15 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2639,7 +2639,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ntp $as_me 4.2.8p14, which was +It was created by ntp $as_me 4.2.8p15, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3640,7 +3640,7 @@ fi # Define the identity of the package. PACKAGE='ntp' - VERSION='4.2.8p14' + VERSION='4.2.8p15' cat >>confdefs.h <<_ACEOF @@ -27308,7 +27308,7 @@ _ACEOF fi done -for ac_func in strdup strerror setrlimit strchr +for ac_func in strdup strnlen memchr strerror setrlimit strchr do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -34174,7 +34174,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ntp $as_me 4.2.8p14, which was +This file was extended by ntp $as_me 4.2.8p15, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -34241,7 +34241,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ntp config.status 4.2.8p14 +ntp config.status 4.2.8p15 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Modified: head/contrib/ntp/configure.ac ============================================================================== --- head/contrib/ntp/configure.ac Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/configure.ac Wed Jun 24 01:51:05 2020 (r362568) @@ -912,7 +912,7 @@ case "$host" in ;; esac AC_CHECK_FUNCS([setlinebuf setpgid setpriority setsid setvbuf]) -AC_CHECK_FUNCS([strdup strerror setrlimit strchr]) +AC_CHECK_FUNCS([strdup strnlen memchr strerror setrlimit strchr]) case "$host" in *-*-aix[[4-9]]*) # XXX only verified thru AIX6. Modified: head/contrib/ntp/html/drivers/driver40-ja.html ============================================================================== Binary file (source and/or target). No diff available. Modified: head/contrib/ntp/html/drivers/driver40.html ============================================================================== --- head/contrib/ntp/html/drivers/driver40.html Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/html/drivers/driver40.html Wed Jun 24 01:51:05 2020 (r362568) @@ -52,14 +52,20 @@ <dl> <dt>server 127.127.40.X mode 1</dt> <dd><br></dd> - <dt>fudge 127.127.40.X time1 0.NNN flag1 0|1</dt> + <dt>fudge 127.127.40.X time1 0.NNN flag1 0|1 flag2 0|1 time2 H</dt> <dd> <p>Time1 may specify a constant to be added to the time offset for the time from the receiver, a fixed-point decimal number in seconds. You may specify the time offset from several tens of milli-seconds ( 0.0NN seconds ) to a hundred and several tens of milli-seconds ( 0.1NN seconds ) for this clock.</p> - <p>Flag1 has no effect for time synchronization. When flag1 is set to 1, status commands are issued before DATE and STIM commands, and write a response text into the clockstats file.</p> + <p>Time2 may specify a grace period in hours after the 'adjusted' reply of the STUS command stopped coming.<br>This hours is effective when both flag1 and flag2 are set to 1.</p> + <p>Flag1 has no effect for time synchronization unless flag2 is set to 1.<br>When flag1 is set to 1, status commands are issued before DATE and STIM commands, and write a response text into the clockstats file.</p> <table border="1" summary="fudge flag1"> <tr><td>0 (Default)</td><td>DCST and STUS commands are not issued</td></tr> <tr><td>1</td><td>DCST and STUS commands are issued</td></tr> </table> + <p>Flag2 enables the time synchronization only when the reply of the STUS is 'adjusted'. When this functionality is used, flag1 must be set to 1 together.</p> + <table border="1" summary="fudge flag2"> + <tr><td>0 (Default)</td><td>Always</td></tr> + <tr><td>1</td><td>'adjusted' only</td></tr> + </table> </dd> </dl> <br> @@ -193,6 +199,7 @@ <li> <p><a name="mode-4">CITIZEN T.I.C. CO.,LTD. JJY-200</a> <a href="http://www.tic-citizen.co.jp/";>http://www.tic-citizen.co.jp/</a> (Japanese only)</p><br> + <p>The JJY-200 became the end of sales in 2013.</p><br> <dl> <dt>NTP configuration ( ntp.conf )</dt> <dd><br> Modified: head/contrib/ntp/include/l_stdlib.h ============================================================================== --- head/contrib/ntp/include/l_stdlib.h Wed Jun 24 01:29:40 2020 (r362567) +++ head/contrib/ntp/include/l_stdlib.h Wed Jun 24 01:51:05 2020 (r362568) @@ -221,4 +221,13 @@ extern int errno; extern int h_errno; #endif +#ifndef HAVE_MEMCHR +extern void *memchr(const void *s, int c, size_t n); +#endif + +#ifndef HAVE_STRNLEN +extern size_t strnlen(const char *s, size_t n); +#endif + + #endif /* L_STDLIB_H */ *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "[email protected]"
