<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/ntp, branch 2017.11.2</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2018-01-08T21:40:56+00:00</updated>
<entry>
<title>ntp: does not work with libressl</title>
<updated>2018-01-08T21:40:56+00:00</updated>
<author>
<name>Peter Korsgaard</name>
<email>peter@korsgaard.com</email>
</author>
<published>2018-01-07T22:59:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f8bff449e5e4f90d777b1ba9b9ca216fd47d3128'/>
<id>urn:sha1:f8bff449e5e4f90d777b1ba9b9ca216fd47d3128</id>
<content type='text'>
Fixes #10556

The --with-crypto handling in ntp only works with libopenssl, not with
libressl, where it ends up with compilation issues like:

ntp_control.c:(.text+0x64): undefined reference to `EVP_MD_CTX_new'
ntp_control.c:(.text+0x10c): undefined reference to `EVP_MD_CTX_free'
libntpd.a(ntp_crypto.o): In function `bighash':
ntp_crypto.c:(.text+0x2e8): undefined reference to `EVP_MD_CTX_new'
ntp_crypto.c:(.text+0x328): undefined reference to `EVP_MD_CTX_free'
libntpd.a(ntp_crypto.o): In function `crypto_verify':
ntp_crypto.c:(.text+0x6cc): undefined reference to `EVP_MD_CTX_new'
ntp_crypto.c:(.text+0x710): undefined reference to `EVP_MD_CTX_free'
ntp_crypto.c:(.text+0x72c): undefined reference to `EVP_MD_CTX_free'

So ensure we only pass --with-crypto when libopenssl is used.

Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
(cherry picked from commit 522111f81c7d535f4f362ad4a15d141d0eb39ec5)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>ntp: no longer require openssl</title>
<updated>2017-11-08T12:33:20+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-11-07T21:29:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=8a2111258ace2fc4d01a6bb3d3287ec0115eef29'/>
<id>urn:sha1:8a2111258ace2fc4d01a6bb3d3287ec0115eef29</id>
<content type='text'>
4.2.8p10 no longer requires openssl to compile.

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>ntp: enable/disable sntp support depending on BR2_PACKAGE_NTP_SNTP</title>
<updated>2017-06-19T20:11:10+00:00</updated>
<author>
<name>Vicente Olivert Riera</name>
<email>Vincent.Riera@imgtec.com</email>
</author>
<published>2017-06-19T14:33:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=79ee9b7e692824886bc19b21f55ac25e36e238f1'/>
<id>urn:sha1:79ee9b7e692824886bc19b21f55ac25e36e238f1</id>
<content type='text'>
We already have an option for selecting sntp support in ntp that can be
chosen from the menuconfig, and ntp's configure script has a --with-sntp
option (with its --without counterpart) which can be used for disabling
sntp support in ntp. However, we are not using it. This patch will make
use of it.

Signed-off-by: Vicente Olivert Riera &lt;Vincent.Riera@imgtec.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>ntp: add patch to fix -fPIC issue</title>
<updated>2017-05-17T19:46:14+00:00</updated>
<author>
<name>Thomas Petazzoni</name>
<email>thomas.petazzoni@free-electrons.com</email>
</author>
<published>2017-05-17T19:45:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=7fde83cdf0da338937dae13144eea2923e5c2730'/>
<id>urn:sha1:7fde83cdf0da338937dae13144eea2923e5c2730</id>
<content type='text'>
This commit adds a patch that fixes the build on AArch64 and MIPS of the
ntp package, which was caused by some parts of ntp being built without
-fPIC.

Fixes:

  [aarch64] http://autobuild.buildroot.net/results/866b1d28595efd8b6becf83d0a64b596538d58b0
  [mips]    http://autobuild.buildroot.net/results/c2a945855172970736a8ffea9c564f029a023344

Thanks to Romain Naour for the initial analysis.

Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>ntp: use SPDX short identifier for ntp license</title>
<updated>2017-04-01T20:38:42+00:00</updated>
<author>
<name>Rahul Bedarkar</name>
<email>rahulbedarkar89@gmail.com</email>
</author>
<published>2017-04-01T19:06:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=24a48374ae4a6a3445f5c194fc36469fba409f24'/>
<id>urn:sha1:24a48374ae4a6a3445f5c194fc36469fba409f24</id>
<content type='text'>
Signed-off-by: Rahul Bedarkar &lt;rahulbedarkar89@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>package/ntp: fix build for toolchains without ssp</title>
<updated>2017-03-25T13:55:24+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-03-23T19:37:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=00968bcac0674250956e99b6fafbf9b373446488'/>
<id>urn:sha1:00968bcac0674250956e99b6fafbf9b373446488</id>
<content type='text'>
ntp defaults to use ssp support
http://bk1.ntp.org/ntp-stable/sntp/harden/README

by using these flags
http://bk1.ntp.org/ntp-stable/sntp/harden/linux

If the toolchain lacks SSP support this patch forces ntp to use an
empty set of flags: http://bk1.ntp.org/ntp-stable/sntp/harden/default

Fixes
http://autobuild.buildroot.net/results/1d5/1d58bd8745b22c8eb71fea4c7255d3ace69f6f7a/

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>package/ntp: security bump to 4.2.8p10</title>
<updated>2017-03-22T21:44:27+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-03-22T21:03:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=b47aec79d2e19ef7e3f04d2758c3a2930d47cebe'/>
<id>urn:sha1:b47aec79d2e19ef7e3f04d2758c3a2930d47cebe</id>
<content type='text'>
Changed NTP_SITE to https to circumvent "URL transformed to HTTPS due
to an HSTS policy" during download.

For details about the bugs fixed see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
http://www.kb.cert.org/vuls/id/633847

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>ntp: security bump to verserion 4.2.8p9</title>
<updated>2017-02-07T14:26:22+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>Aduskett@gmail.com</email>
</author>
<published>2017-02-06T14:12:25+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=ebf6f64b76059e31a85f982cb04f80ad5982dac3'/>
<id>urn:sha1:ebf6f64b76059e31a85f982cb04f80ad5982dac3</id>
<content type='text'>
This version of ntp fixes several vulnerabilities.

CVE-2016-9311
CVE-2016-9310
CVE-2016-7427
CVE-2016-7428
CVE-2016-9312
CVE-2016-7431
CVE-2016-7434
CVE-2016-7429
CVE-2016-7426
CVE-2016-7433

http://www.kb.cert.org/vuls/id/633847

In addition, libssl_compat.h is now included in many files, which
references openssl/evp.h, openssl/dsa.h, and openssl/rsa.h.
Even if a you pass --disable-ssl as a configuration option, these
files are now required.

As such, I have also added openssl as a dependency, and it is now
automatically selected when you select ntp.

Signed-off-by: Adam Duskett &lt;aduskett@codeblue.com&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>ntp: fix missing optional dependencies</title>
<updated>2016-11-28T21:45:35+00:00</updated>
<author>
<name>Jérôme Pouiller</name>
<email>jezz@sysmic.org</email>
</author>
<published>2016-11-14T13:22:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=008ab8d590e59b34bb5d0eebd48bd97e1a553dd0'/>
<id>urn:sha1:008ab8d590e59b34bb5d0eebd48bd97e1a553dd0</id>
<content type='text'>
ntpq and ntpdc may depends on libedit and libcap.

$ arm-linux-readelf -d ./usr/bin/ntpdc | grep NEEDED
 0x00000001 (NEEDED)                     Shared library: [libcap.so.2]
 0x00000001 (NEEDED)                     Shared library: [libm.so.6]
 0x00000001 (NEEDED)                     Shared library: [libedit.so.0]
 0x00000001 (NEEDED)                     Shared library: [libncursesw.so.6]
 0x00000001 (NEEDED)                     Shared library: [libssl.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libcrypto.so.1.0.0]
 0x00000001 (NEEDED)                     Shared library: [libpthread.so.0]
 0x00000001 (NEEDED)                     Shared library: [libc.so.6]

However, build order with these libraries is not defined.

In order to keep things simple, we enforce build order even if ntpq/ntpdc are
not selected.

Signed-off-by: Jérôme Pouiller &lt;jezz@sysmic.org&gt;
[Thomas: use --without-lineeditlibs.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>ntp: disable debugging</title>
<updated>2016-08-07T20:57:40+00:00</updated>
<author>
<name>Vicente Bergas</name>
<email>vicencb@gmail.com</email>
</author>
<published>2016-08-07T15:18:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=a2ce4167e230415e0dbc1349112790b07e104e88'/>
<id>urn:sha1:a2ce4167e230415e0dbc1349112790b07e104e88</id>
<content type='text'>
When running ntp it randomly aborts at ntp-4.2.8p8/libntp/recvbuff.c:326
which seems to be a debugging feature. This patch just disables
debugging, it does not fix the root cause of the problem.

Signed-off-by: Vicente Bergas &lt;vicencb@gmail.com&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
</feed>
