aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support/ntp/files
diff options
context:
space:
mode:
Diffstat (limited to 'meta-networking/recipes-support/ntp/files')
-rw-r--r--meta-networking/recipes-support/ntp/files/CVE-2013-5211.patch112
-rw-r--r--meta-networking/recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch17
-rw-r--r--meta-networking/recipes-support/ntp/files/ntp.conf17
-rwxr-xr-xmeta-networking/recipes-support/ntp/files/ntpd84
-rwxr-xr-xmeta-networking/recipes-support/ntp/files/ntpdate54
-rw-r--r--meta-networking/recipes-support/ntp/files/ntpdate.default7
-rw-r--r--meta-networking/recipes-support/ntp/files/openssl-check.patch59
-rw-r--r--meta-networking/recipes-support/ntp/files/tickadj.c.patch32
8 files changed, 0 insertions, 382 deletions
diff --git a/meta-networking/recipes-support/ntp/files/CVE-2013-5211.patch b/meta-networking/recipes-support/ntp/files/CVE-2013-5211.patch
deleted file mode 100644
index ddcb044e60..0000000000
--- a/meta-networking/recipes-support/ntp/files/CVE-2013-5211.patch
+++ /dev/null
@@ -1,112 +0,0 @@
-ntp: fix CVE-2013-5211
-
-Upstream-status: Backport
-
-The monlist feature in ntp_request.c in ntpd in NTP before
-4.2.7p26 allows remote attackers to cause a denial of service
-(traffic amplification) via forged (1) REQ_MON_GETLIST or
-(2) REQ_MON_GETLIST_1 requests, as exploited in the wild
-in December 2013.
-
-Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
-
---- a/ntpd/ntp_request.c
-+++ b/ntpd/ntp_request.c
-@@ -1912,44 +1912,11 @@ mon_getlist_0(
- struct req_pkt *inpkt
- )
- {
-- register struct info_monitor *im;
-- register struct mon_data *md;
-- extern struct mon_data mon_mru_list;
-- extern int mon_enabled;
--
- #ifdef DEBUG
- if (debug > 2)
- printf("wants monitor 0 list\n");
- #endif
-- if (!mon_enabled) {
-- req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
-- return;
-- }
-- im = (struct info_monitor *)prepare_pkt(srcadr, inter, inpkt,
-- v6sizeof(struct info_monitor));
-- for (md = mon_mru_list.mru_next; md != &mon_mru_list && im != 0;
-- md = md->mru_next) {
-- im->lasttime = htonl((u_int32)((current_time -
-- md->firsttime) / md->count));
-- im->firsttime = htonl((u_int32)(current_time - md->lasttime));
-- im->restr = htonl((u_int32)md->flags);
-- im->count = htonl((u_int32)(md->count));
-- if (IS_IPV6(&md->rmtadr)) {
-- if (!client_v6_capable)
-- continue;
-- im->addr6 = SOCK_ADDR6(&md->rmtadr);
-- im->v6_flag = 1;
-- } else {
-- im->addr = NSRCADR(&md->rmtadr);
-- if (client_v6_capable)
-- im->v6_flag = 0;
-- }
-- im->port = md->rmtport;
-- im->mode = md->mode;
-- im->version = md->version;
-- im = (struct info_monitor *)more_pkt();
-- }
-- flush_pkt();
-+ req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
- }
-
- /*
-@@ -1962,50 +1929,7 @@ mon_getlist_1(
- struct req_pkt *inpkt
- )
- {
-- register struct info_monitor_1 *im;
-- register struct mon_data *md;
-- extern struct mon_data mon_mru_list;
-- extern int mon_enabled;
--
-- if (!mon_enabled) {
-- req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
-- return;
-- }
-- im = (struct info_monitor_1 *)prepare_pkt(srcadr, inter, inpkt,
-- v6sizeof(struct info_monitor_1));
-- for (md = mon_mru_list.mru_next; md != &mon_mru_list && im != 0;
-- md = md->mru_next) {
-- im->lasttime = htonl((u_int32)((current_time -
-- md->firsttime) / md->count));
-- im->firsttime = htonl((u_int32)(current_time - md->lasttime));
-- im->restr = htonl((u_int32)md->flags);
-- im->count = htonl((u_int32)md->count);
-- if (IS_IPV6(&md->rmtadr)) {
-- if (!client_v6_capable)
-- continue;
-- im->addr6 = SOCK_ADDR6(&md->rmtadr);
-- im->v6_flag = 1;
-- im->daddr6 = SOCK_ADDR6(&md->interface->sin);
-- } else {
-- im->addr = NSRCADR(&md->rmtadr);
-- if (client_v6_capable)
-- im->v6_flag = 0;
-- if (MDF_BCAST == md->cast_flags)
-- im->daddr = NSRCADR(&md->interface->bcast);
-- else if (md->cast_flags) {
-- im->daddr = NSRCADR(&md->interface->sin);
-- if (!im->daddr)
-- im->daddr = NSRCADR(&md->interface->bcast);
-- } else
-- im->daddr = 4;
-- }
-- im->flags = htonl(md->cast_flags);
-- im->port = md->rmtport;
-- im->mode = md->mode;
-- im->version = md->version;
-- im = (struct info_monitor_1 *)more_pkt();
-- }
-- flush_pkt();
-+ req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
- }
-
- /*
diff --git a/meta-networking/recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch b/meta-networking/recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch
deleted file mode 100644
index cb1e2f7341..0000000000
--- a/meta-networking/recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch
+++ /dev/null
@@ -1,17 +0,0 @@
---- a/include/ntp_syscall.h.orig 2009-05-19 16:44:55.048156467 -0400
-+++ b/include/ntp_syscall.h 2009-05-19 16:46:19.293323686 -0400
-@@ -14,6 +14,14 @@
- # include <sys/timex.h>
- #endif
-
-+#if defined(ADJ_NANO) && !defined(MOD_NANO)
-+#define MOD_NANO ADJ_NANO
-+#endif
-+
-+#if defined(ADJ_TAI) && !defined(MOD_TAI)
-+#define MOD_TAI ADJ_TAI
-+#endif
-+
- #ifndef NTP_SYSCALLS_LIBC
- #ifdef NTP_SYSCALLS_STD
- # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t))
diff --git a/meta-networking/recipes-support/ntp/files/ntp.conf b/meta-networking/recipes-support/ntp/files/ntp.conf
deleted file mode 100644
index 676e186453..0000000000
--- a/meta-networking/recipes-support/ntp/files/ntp.conf
+++ /dev/null
@@ -1,17 +0,0 @@
-# This is the most basic ntp configuration file
-# The driftfile must remain in a place specific to this
-# machine - it records the machine specific clock error
-driftfile /var/lib/ntp/drift
-# This should be a server that is close (in IP terms)
-# to the machine. Add other servers as required.
-# Unless you un-comment the line below ntpd will sync
-# only against the local system clock.
-#
-# server time.server.example.com
-#
-# Using local hardware clock as fallback
-# Disable this when using ntpd -q -g -x as ntpdate or it will sync to itself
-server 127.127.1.0
-fudge 127.127.1.0 stratum 14
-# Defining a default security setting
-restrict default
diff --git a/meta-networking/recipes-support/ntp/files/ntpd b/meta-networking/recipes-support/ntp/files/ntpd
deleted file mode 100755
index d1b9c49076..0000000000
--- a/meta-networking/recipes-support/ntp/files/ntpd
+++ /dev/null
@@ -1,84 +0,0 @@
-#! /bin/sh
-
-### BEGIN INIT INFO
-# Provides: ntp
-# Required-Start: $network $remote_fs $syslog
-# Required-Stop: $network $remote_fs $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop:
-# Short-Description: Start NTP daemon
-### END INIT INFO
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-
-DAEMON=/usr/sbin/ntpd
-PIDFILE=/var/run/ntpd.pid
-
-# ntpd init.d script for ntpdc from ntp.isc.org
-test -x $DAEMON -a -r /etc/ntp.conf || exit 0
-
-# rcS contains TICKADJ
-test -r /etc/default/rcS && . /etc/default/rcS
-
-# Source function library.
-. /etc/init.d/functions
-
-# Functions to do individual actions
-settick(){
- # If TICKADJ is set we *must* adjust it before we start, because the
- # driftfile relies on the correct setting
- test -n "$TICKADJ" -a -x /usr/sbin/tickadj && {
- echo -n "Setting tick to $TICKADJ: "
- /usr/sbin/tickadj "$TICKADJ"
- echo "done"
- }
-}
-startdaemon(){
- # The -g option allows ntpd to step the time to correct it just
- # once. The daemon will exit if the clock drifts too much after
- # this. If ntpd seems to disappear after a while assume TICKADJ
- # above is set to a totally incorrect value.
- echo -n "Starting ntpd: "
- start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --startas $DAEMON -- -u ntp:ntp -p $PIDFILE "$@"
- echo "done"
-}
-stopdaemon(){
- echo -n "Stopping ntpd: "
- start-stop-daemon --stop --quiet --oknodo -p $PIDFILE
- echo "done"
-}
-
-case "$1" in
- start)
- settick
- startdaemon -g
- ;;
- stop)
- stopdaemon
- ;;
- force-reload)
- stopdaemon
- settick
- startdaemon -g
- ;;
- restart)
- # Don't reset the tick here
- stopdaemon
- startdaemon -g
- ;;
- reload)
- # Must do this by hand, but don't do -g
- stopdaemon
- startdaemon
- ;;
- status)
- status /usr/sbin/ntpd;
- exit $?
- ;;
- *)
- echo "Usage: ntpd { start | stop | status | restart | reload }" >&2
- exit 1
- ;;
-esac
-
-exit 0
diff --git a/meta-networking/recipes-support/ntp/files/ntpdate b/meta-networking/recipes-support/ntp/files/ntpdate
deleted file mode 100755
index 17b64d1335..0000000000
--- a/meta-networking/recipes-support/ntp/files/ntpdate
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-
-PATH=/sbin:/bin:/usr/bin:/usr/sbin
-
-test -x /usr/sbin/ntpdate || exit 0
-
-if test -f /etc/default/ntpdate ; then
-. /etc/default/ntpdate
-fi
-
-if [ "$NTPSERVERS" = "" ] ; then
- if [ "$METHOD" = "" -a "$1" != "silent" ] ; then
- echo "Please set NTPSERVERS in /etc/default/ntpdate"
- exit 1
- else
- exit 0
- fi
-fi
-
-# This is a heuristic: The idea is that if a static interface is brought
-# up, that is a major event, and we can put in some extra effort to fix
-# the system time. Feel free to change this, especially if you regularly
-# bring up new network interfaces.
-if [ "$METHOD" = static ]; then
- OPTS="-b"
-fi
-
-if [ "$METHOD" = loopback ]; then
- exit 0
-fi
-
-(
-
-LOCKFILE=/var/lock/ntpdate
-
-# Avoid running more than one at a time
-if [ -x /usr/bin/lockfile-create ]; then
- lockfile-create $LOCKFILE
- lockfile-touch $LOCKFILE &
- LOCKTOUCHPID="$!"
-fi
-
-if /usr/sbin/ntpdate -s $OPTS $NTPSERVERS 2>/dev/null; then
- if [ "$UPDATE_HWCLOCK" = "yes" ]; then
- hwclock --systohc || :
- fi
-fi
-
-if [ -x /usr/bin/lockfile-create ] ; then
- kill $LOCKTOUCHPID
- lockfile-remove $LOCKFILE
-fi
-
-) &
diff --git a/meta-networking/recipes-support/ntp/files/ntpdate.default b/meta-networking/recipes-support/ntp/files/ntpdate.default
deleted file mode 100644
index 486b6e07d3..0000000000
--- a/meta-networking/recipes-support/ntp/files/ntpdate.default
+++ /dev/null
@@ -1,7 +0,0 @@
-# Configuration script used by ntpdate-sync script
-
-NTPSERVERS=""
-
-# Set to "yes" to write time to hardware clock on success
-UPDATE_HWCLOCK="no"
-
diff --git a/meta-networking/recipes-support/ntp/files/openssl-check.patch b/meta-networking/recipes-support/ntp/files/openssl-check.patch
deleted file mode 100644
index 8b4a6733cd..0000000000
--- a/meta-networking/recipes-support/ntp/files/openssl-check.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-Hack OpenSSL check to work when libssl and libcrypto aren't in same dir
-
-Upstream-Status: Inappropriate [config]
-
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
----
- configure | 4 ++--
- m4/ntp_openssl.m4 | 4 ++--
- sntp/configure | 4 ++--
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/configure b/configure
-index aae2c01..6a3c15e 100755
---- a/configure
-+++ b/configure
-@@ -22868,8 +22868,8 @@ case "$ans" in
- test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break
- ;;
- *)
-- test -f $i/libcrypto.so -a -f $i/libssl.so && break
-- test -f $i/libcrypto.a -a -f $i/libssl.a && break
-+ test -f $i/libssl.so && break
-+ test -f $i/libssl.a && break
- ;;
- esac
- done
-diff --git a/m4/ntp_openssl.m4 b/m4/ntp_openssl.m4
-index 7d9f477..67bdd55 100644
---- a/m4/ntp_openssl.m4
-+++ b/m4/ntp_openssl.m4
-@@ -41,8 +41,8 @@ case "$ans" in
- test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break
- ;;
- *)
-- test -f $i/libcrypto.so -a -f $i/libssl.so && break
-- test -f $i/libcrypto.a -a -f $i/libssl.a && break
-+ test -f $i/libssl.so && break
-+ test -f $i/libssl.a && break
- ;;
- esac
- done
-diff --git a/sntp/configure b/sntp/configure
-index 7782c29..55e82d9 100755
---- a/sntp/configure
-+++ b/sntp/configure
-@@ -14810,8 +14810,8 @@ case "$ans" in
- test -f $i/libcrypto.dylib -a -f $i/libssl.dylib && break
- ;;
- *)
-- test -f $i/libcrypto.so -a -f $i/libssl.so && break
-- test -f $i/libcrypto.a -a -f $i/libssl.a && break
-+ test -f $i/libssl.so && break
-+ test -f $i/libssl.a && break
- ;;
- esac
- done
---
-1.7.1
-
diff --git a/meta-networking/recipes-support/ntp/files/tickadj.c.patch b/meta-networking/recipes-support/ntp/files/tickadj.c.patch
deleted file mode 100644
index 9ef9de9e1f..0000000000
--- a/meta-networking/recipes-support/ntp/files/tickadj.c.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-Index: ntp-4.2.2p3-r0/ntp-4.2.2p3/util/tickadj.c
-===================================================================
---- ntp-4.2.2p3/util/tickadj.c 2004-02-25 06:58:33.000000000 +0100
-+++ ntp-4.2.2p3/util/tickadj.c 2007-07-07 01:00:54.000000000 +0200
-@@ -21,7 +21,8 @@
- # include <unistd.h>
- #endif /* HAVE_UNISTD_H */
-
--#ifdef HAVE___ADJTIMEX /* Linux */
-+/* proper handling here has been moved to upstream ntp bugzilla */
-+#ifdef linux
-
- #include <sys/timex.h>
- struct timex txc;
-@@ -91,7 +92,7 @@
- }
-
- if (!errflg) {
-- if (__adjtimex(&txc) < 0)
-+ if (adjtimex(&txc) < 0)
- perror("adjtimex");
- else if (!quiet)
- printf("tick = %ld\ntick_adj = %d\n",
-@@ -146,7 +147,7 @@
- #endif
- }
-
-- if (__adjtimex(&txc) < 0)
-+ if (adjtimex(&txc) < 0)
- {
- perror("adjtimex");
- }