MFH: r527800

Update ntp-4.2.8p13 --> 4.2.8p14.

The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele

No CVEs have been documented yet.

Security:	http://support.ntp.org/bin/view/Main/NtpBug3610
		http://support.ntp.org/bin/view/Main/NtpBug3596
		http://support.ntp.org/bin/view/Main/NtpBug3592

Approved by:	portmgr (joneum)

net/ntp/Makefile

@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	ntp
-PORTVERSION=	4.2.8p13
-PORTREVISION=	6
+PORTVERSION=	4.2.8p14
 CATEGORIES=	net
 MASTER_SITES=	http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ \
 		http://archive.ntp.org/ntp4/ntp-4.2/ \

net/ntp/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1550804538
-SHA256 (ntp-4.2.8p13.tar.gz) = 288772cecfcd9a53694ffab108d1825a31ba77f3a8466b0401baeca3bc232a38
-SIZE (ntp-4.2.8p13.tar.gz) = 6949363
+TIMESTAMP = 1583329796
+SHA256 (ntp-4.2.8p14.tar.gz) = 1960e4f081f6aafd108d721bc3ab15f9e8dfd08dc08339aa95bca9d2545e4eb7
+SIZE (ntp-4.2.8p14.tar.gz) = 7007263

net/ntp/files/patch-include_libssl__compat.h

@@ -1,11 +0,0 @@
---- include/libssl_compat.h.orig	2016-11-21 12:28:40 UTC
-+++ include/libssl_compat.h
-@@ -25,7 +25,7 @@
- #include "openssl/rsa.h"
- 
- /* ----------------------------------------------------------------- */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- /* ----------------------------------------------------------------- */
- 
- # include <openssl/objects.h>

net/ntp/files/patch-ntpd__ntp.conf.html

@@ -1,5 +1,5 @@
---- ntpd/ntp.conf.html.orig	2019-02-20 09:56:39.000000000 -0800
-+++ ntpd/ntp.conf.html	2019-12-04 07:10:45.833804000 -0800
+--- ntpd/ntp.conf.html.orig	2020-03-03 17:40:59.000000000 -0800
++++ ntpd/ntp.conf.html	2020-03-04 06:05:59.693497000 -0800
 @@ -280,7 +280,7 @@
  <dt><code>pool</code></dt>
  <dd><p>For type s addresses, this command mobilizes a persistent
@@ -9,12 +9,12 @@
  remote server, but the remote server can never be synchronized to
  the local clock.
  </p></dd>
-@@ -3094,7 +3094,7 @@
+@@ -3120,7 +3120,7 @@
  when dropping root (the
  <code>-i</code>
  option).
 -The default is 32 megabytes on non-Linux machines, and -1 under Linux.
-+The default -1.
++The default is -1.
  -1 means &quot;do not lock the process into memory&quot;.
  0 means &quot;lock whatever memory the process wants into memory&quot;.
  </p></dd>

net/ntp/files/patch-ntpd_ntpd.c

@@ -1,48 +0,0 @@
---- ntpd/ntpd.c.orig	2019-02-20 09:21:44.000000000 -0800
-+++ ntpd/ntpd.c	2019-11-15 08:03:34.800596000 -0800
-@@ -138,6 +138,17 @@
- # include <seccomp.h>
- #endif /* LIBSECCOMP and KERN_SECCOMP */
- 
-+#ifdef __FreeBSD__
-+#include <sys/procctl.h>
-+#ifndef PROC_STACKGAP_CTL
-+/*
-+ * Even if we compile on an older system we can still run on a newer one.
-+ */
-+#define	PROC_STACKGAP_CTL	17
-+#define	PROC_STACKGAP_DISABLE	0x0002
-+#endif
-+#endif
-+
- #ifdef HAVE_DNSREGISTRATION
- # include <dns_sd.h>
- DNSServiceRef mdns;
-@@ -402,6 +413,18 @@
- 	char *argv[]
- 	)
- {
-+#ifdef __FreeBSD__
-+	{
-+		/*
-+		 * We Must disable ASLR stack gap on FreeBSD to avoid a
-+		 * segfault. See PR/241421 and PR/241960.
-+		 */
-+		int aslr_var = PROC_STACKGAP_DISABLE;
-+
-+		pid_t my_pid = getpid();
-+		procctl(P_PID, my_pid, PROC_STACKGAP_CTL, &aslr_var); 
-+	}
-+#endif
- 	return ntpdmain(argc, argv);
- }
- #endif /* !SYS_WINNT */
-@@ -999,7 +1022,7 @@
- # if defined(HAVE_MLOCKALL)
- #  ifdef HAVE_SETRLIMIT
- 	ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k");
--#   ifdef RLIMIT_MEMLOCK
-+#   if defined(RLIMIT_MEMLOCK) && defined(DFLT_RLIMIT_MEMLOCK) && DFLT_RLIMIT_MEMLOCK != -1
- 	/*
- 	 * The default RLIMIT_MEMLOCK is very low on Linux systems.
- 	 * Unless we increase this limit malloc calls are likely to