This version of ntp fixes several vulnerabilities.
CVE-2016-9311
CVE-2016-9310
CVE-2016-7427
CVE-2016-7428
CVE-2016-9312
CVE-2016-7431
CVE-2016-7434
CVE-2016-7429
CVE-2016-7426
CVE-2016-7433
http://www.kb.cert.org/vuls/id/633847
In addition, libssl_compat.h is now included in many files, which
references openssl/evp.h, openssl/dsa.h, and openssl/rsa.h.
Even if a you pass --disable-ssl as a configuration option, these
files are now required.
As such, I have also added openssl as a dependency, and it is now
automatically selected when you select ntp.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order for gpsd to work with the new version of ntpd, an enable
option must be added to the configure step of ntp that allows for
support of SHM clocks to be attached through shared memory.
Signed-off-by: Yugendra Sai Babu Nadupuru <yugendra.sai.babu.nadupuru@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Allow the `ntptime` utility to be included on a target.
[Peter: add comment why AUTORECONF is needed]
Signed-off-by: James Knight <james.knight@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2014-9293 - ntpd generated a weak key for its internal use, with
full administrative privileges. Attackers could use this key to
reconfigure ntpd (or to exploit other vulnerabilities).
CVE-2014-9294 - The ntp-keygen utility generated weak MD5 keys with
insufficient entropy.
CVE-2014-9295 - ntpd had several buffer overflows (both on the stack and
in the data section), allowing remote authenticated attackers to crash
ntpd or potentially execute arbitrary code.
CVE-2014-9296 - The general packet processing function in ntpd did not
handle an error case correctly.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Added an option for the ntpd application to support pps inputs.
Signed-off-by: Bryan Brinsko <bryan.brinsko@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
BR2_PACKAGE_NTP_SNMPD was pushing netsnmp into dependencies but was
never selected, and since netsnmp requires fork it wasn't filtered out
for nommu. Fixes:
http://autobuild.buildroot.net/results/776/7769afe0da09e3f4f96d9a0f4c0febb0c72cc34f/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Closes#2935
Add ntpdate option and make ntpd optional.
Based on incomplete patch by Frederik Pasch <fpasch@googlemail.com>
Also enable crypto when openssl is enabled.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Also added additional options for ntp and fixed a build issue when
IPv6 support is not available.
[Peter: small tweaks]
Signed-off-by: Martin Banky <Martin.Banky@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
