cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openbsd-ports/net/ntp/Makefile
sthen d237b6cb3b security update to ntp-4.2.8p2 
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

CVE-2015-1798 "When ntpd is configured to use a symmetric key to authenticate a
remote NTP server/peer, it checks if the NTP message authentication code (MAC)
in received packets is valid, but not if there actually is any MAC included."

CVE-2015-1799 "An attacker knowing that NTP hosts A and B are peering with each
other (symmetric association) can send a packet to host A with source address
of B which will set the NTP state variables on A to the values sent by the
attacker. Host A will then send on its next poll to B a packet with originate
timestamp that doesn't match the transmit timestamp of B and the packet will be
dropped. If the attacker does this periodically for both hosts, they won't be
able to synchronize to each other."
2015-04-08 14:12:44 +00:00

45 lines
1.2 KiB
Makefile
Raw Blame History

# $OpenBSD: Makefile,v 1.62 2015/04/08 14:12:44 sthen Exp $
COMMENT= Network Time Protocol reference implementation
# NTP sometimes has a 'pN' in its version number, which we don't want
# to confuse with the ports system's 'pN' convention, so convert it to
# 'pl' for local use.
VERSION= 4.2.8p2
DISTNAME= ntp-${VERSION}
PKGNAME= ntp-${VERSION:S/p/pl/}
CATEGORIES= net
MASTER_SITES= http://archive.ntp.org/ntp4/ntp-4.2/
HOMEPAGE= http://www.ntp.org/
# modified ISC
PERMIT_PACKAGE_CDROM= Yes
WANTLIB += c crypto edit event_core event_pthreads
WANTLIB += m pthread ssl termcap
# enabling SEPARATE_BUILD causes the parser to be rebuilt .y -> .c,
# which requires bison
CONFIGURE_STYLE= gnu
CONFIGURE_ARGS= --docdir=${TRUEPREFIX}/share/doc/ntp \
--enable-parse-clocks \
--with-binsubdir=sbin \
--without-ntpsnmpd
CONFIGURE_ENV= CPPFLAGS='-DCONFIG_FILE="\"${SYSCONFDIR}/ntp.conf\"" \
-DKEYFILE="\"${SYSCONFDIR}/ntp.keys\""'
LIB_DEPENDS= devel/libevent2
post-patch:
cp ${WRKSRC}/sntp/loc/freebsd ${WRKSRC}/sntp/loc/openbsd
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/ntp
@cd ${WRKSRC}/conf && pax -rw * ${PREFIX}/share/examples/ntp
.include <bsd.port.mk>
Reference in New Issue View Git Blame Copy Permalink