diff -Nur openntpd.orig/Manifest openntpd/Manifest --- openntpd.orig/Manifest 2015-05-25 16:58:27.898810860 -0700 +++ openntpd/Manifest 2015-05-25 16:52:29.348194427 -0700 @@ -1,6 +1,3 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - AUX openntpd-20080406-dns-timeout.patch 1225 SHA256 c7f7b28db8028bd892a31958849e61227f342f9f16efa0a51e6cb9f91b307d0e SHA512 9e7a86029185ea427b4952352ccac2a2508432b047346fe6d7823f254f9f2b59f2b3e752a0bf2e0a673daf6e0506657acf3973c67588e77fc0ed76798093fd5f WHIRLPOOL 2e5c95378b0e70723413c3d6f99e66448b1a009efa18130e4905c6733de0f9c0348899003b1af5663894e10659ef5f2ff96fe5340ee913b0c7d0c588b5f6ff94 AUX openntpd-20080406-pidfile.patch 3500 SHA256 6580ab9290ea19ec17f67b1b59a3790546b58a5c06ed82e660e79e393681ba89 SHA512 9647e53c17330a255ace93e1cc40547de57d6f7337d2cbc0bfb58d4a77f5ad79423421e1c6280db1c31fcafcd77903a8fa60d30d883ee0be671bebce10e557a0 WHIRLPOOL ac289e1a3f6ce41cf4721aa834bd88d993ff144d8b630c55f39e7b96f74de38a0ff609c30baab9e4f5f595cd8ccf7939fb4070432e8f8acca5827a04546e2797 AUX openntpd-20080406-signal.patch 1587 SHA256 06febce7828dcd351c62544685ff084157716f3ce8c8858cde87a987ed4685b5 SHA512 09cc248490ef88ca0f911d799fd513d3ce577a58a2ccbd82a561580bb79e7b9cba6a62220c8ae5bf20f1ac91fe833e4f383dac73e3bd7593ef9ebfa49287f565 WHIRLPOOL 389c86b7b6338c270f93b4c93969030790b2594d09db911311dfab667d598a35ed1dcdfb8325a44f1e5a8091e85565b4ba8a16b4f3e505adc449ceff20dc7666 @@ -9,32 +6,18 @@ AUX openntpd-5.7_p1-runpath.patch 1281 SHA256 5aad437c8c5895525a06b0d316ac4ff48b4fbfecc66fee17c1eb17131df4d6da SHA512 f3bba088d7251c6ce0ecae0d23bb30910add4a6fcd4005d4c8eaa72fdf9fe6e775e5c0e9d949186bf141274631a7c9a4975b284fcc3370a642a02011177a42fb WHIRLPOOL 05eb38b88b03d62444212242526e42b3a555d051e9ea61fe2447680640c6a63440a9773275edd54836aac40de1ca9e4f2680a776f3c3ad00414770135daefd51 AUX openntpd-5.7_p2-adjtimex.patch 1507 SHA256 f2eb984daf187a79f766954f24aee3d6be5e7b04342fcee6143b80811f252b33 SHA512 ebc0552b601f38c916a07d983d3c3ad7ca0ba68b791ac8064458b3e4de743f090dd43a3c89d0ad8b0b63df4151515f3e4236596c00039716edc3da6d7b2b3900 WHIRLPOOL ca02fe1c937a498003168d933a4c4638cb6f4e130e10fc914839399aa88617c0ce6c835208b72dc1df82b9cbb89b2f4719adac2715de91b59eb94ec9018b599d AUX openntpd-5.7_p2-proctitle.patch 10951 SHA256 3ee5f2c2f4e69fb52cbc6af06acec92f1780148030027b5bb387ca93c6865b3e SHA512 acdd88000db8144362cfea629e186ceadf58e6fc773a47d3ffbb1b127d6085805538814305f01155782b6401cb516d4c0d5dea588f930d58c76ac51b3c76b505 WHIRLPOOL 5fda1ab5043557bde4ab1787703e4e97c1632151b0b1c5e7d1b8577959dec759c07e852fa5dc2d9d8d63ccf2d1082ee6372d0aa17175988e4bd18fcd6d7ba6c6 +AUX openntpd-5.7_p4-nolibtls.patch 1871 SHA256 65f4adf317ad7919674fe380a39434f4955761879efa4bcb1e1ed8ad7f379a22 SHA512 8e62b3ee487e1b0b6f1a7567ae15bd0a376787402121a3a2c3b89ba6fb96915b83924a8b25ea8c5c83df17fbda4bec88399a83029f1f4004ccd3b3e20068a650 WHIRLPOOL 84cf77f83c46d45f515e10ea7d4e2662002b906c13cd5afaeaeaedb0ef9aa7928973e5e155d53f06098efbdb388cae554df0a55e51ed65cda7ba8a5b9f5d0bf1 AUX openntpd.conf.d-20080406-r6 255 SHA256 91fb1497b3a6ef0bb3a3d5baefdff801d8ff1cba27aaf742303415550814a09b SHA512 016094e0ac80817c8c1eb8a52a527c8a673b3ee904f2c04bef0304b5dfe1c778a34a2d5321cc5540a1dfe2e14dc878c44a1e54fd0263aca3917600827c6d9059 WHIRLPOOL 9fa127624f50b01ba1b5872262d26b18362d3784a73021e608bd8a6cead2499cabf0fe5eafeaa315548e97285228a6e70689a3cadbdb7031ac00e23bf064e3b9 AUX openntpd.init.d-20080406-r6 417 SHA256 fca7183a7676f0f471878925c8fbec20b7a0bff01551c0ad2b34d4d8a826c876 SHA512 e5ea7b26871e92a04713c93b0d60d435839f9321aeea7105330b9d9d4259d98581d6da6224274fae89cf7107329a28a9348c8c40a9372c5fc7bc7f5d47801a3b WHIRLPOOL 72626acd887bb997dae48fb717a94f046e2a3f4b01bad72cffc8da03bf388528149f37c6672362ed0661c9582851ebd77124749dcc9238bb013d6f2ccc2bf78f AUX openntpd.service-20080406-r4 196 SHA256 1171f2aff396842fee94cd3f85a7929601fffb788840aaf9f9abb6f2b0d17016 SHA512 e76196c90696855ea41464df2aab7617d2447d4dbf82cd5d135c52cea2ae1ef131707ae7b4e7800fe91f8d42893a55848b95149d8f27aa03777205fe355e830e WHIRLPOOL 5f33f400d045352f5e7f5fad718920d71c6f70526988ef87e02cf73ee98c4fb70afd928a770657b1f8d41aff46664a43dc21f3fd7bbcc6c6b95f4ad1788a52cf DIST openntpd-5.7p2.tar.gz 408421 SHA256 1640ad4a6e6475f6065d5f999b17b5dc6ab40dc17309b782b9ae390fe54bd6a5 SHA512 f320c6262eccf428428e7a3578cb0e6cf6305c93faa0dd98e5fb9d55474accd5c5e73d636b8c1339a34c2f46071fb6fc31e6fc296453eaa1501b0e2c01cf6e13 WHIRLPOOL f544e920892e4b44864febbb790affa496aca1c998257b298072903722c41cce47fd9c8a2a0707b14b24d02779d5296fb1326e0ea7fb341fc2c1d7394a463a53 DIST openntpd-5.7p3.tar.gz 409734 SHA256 4f417c8a4c21ed7ec3811107829f931404f9bf121855b8571a2ca3355695343a SHA512 289cdc60413f35a91468f914b44a97d782d700dac150fe2570f31b8eccb4e7060764b5867bd188df3b0fe7598f57685078571685f14e0cc3353ca108bb7d640f WHIRLPOOL 0d4ba1e5de33c6396534bad262d945aa767a97df2c4018a78d354ac8270ec76a53626182a5b4a0433a0eab10d41a66fcec8782ffc031e8dfc11abdc4e79821f3 +DIST openntpd-5.7p4.tar.gz 427900 SHA256 a993d95976e375acc0ab1a677fd268f55024477835633c8ae404895046bccb23 SHA512 2a185139c915482086069fa19dd3070884a415137d1688059559d2da892928afbbe2fa0a8ade70d474809710265dcc05906abaf261892d7894e70272e2e516ef WHIRLPOOL 9464941e0f055ecd1db19a03bb5264a1dce02c6c7c2be078d1e3a19b5bd0a3c4e19ee6768617c90ebed01dea32f3a63751f9ef0436f56e22b7e6bd673a065546 DIST openntpd_20080406p-6.debian.tar.gz 11849 SHA256 6718ffb52b7f34c7c3e9532d245f31ee5c749bac2cc2c2d4594d8161925a3122 SHA512 f857fbc85e29035470af0855c8fc416c188f55586ba2e1d719159ecfa4a0274ba4dd526409dfd915056a1c15f5e44cb8c40196a7e03c3026c5d73851ebb5abc8 WHIRLPOOL 35bc0ab16d161c7878d438641eede8425238fbce4d32f6b56e347252e6ad561dc1a5795e3bc3cf133fa09dccb69520cb9837c7134bc0fe6cec9ea14be314ee51 DIST openntpd_20080406p.orig.tar.gz 175923 SHA256 52f473dd8ea8864023ebcdce16a9a50571803af7ffc32a00212242c6a866c3b2 SHA512 9561788002b232786d1589f74bbe2f07a029e3407da4471d2ac9d5e20d8839dbb6e6e53493c78829058611ca23bf00560bbe7bcfe76204d206747752fd47f696 WHIRLPOOL 545125d0ee5ced7827df3d804ac63938d2614e9fb4a2bf3c6bbc17f6040175aa03c057d7a4d3da71ae944f4a556e2b66266d1c6d0463c1cad5d86de3ae896712 EBUILD openntpd-4.0_pre20080406.ebuild 3239 SHA256 fe03e1d5321b1f9a784e30c0e184a9044cde6c1aea7fff0935b9a4ed9093ec2b SHA512 4e30854e870714c65db7b68c254e66025d971638e1c8071f1b3375574b0d31e43f8d124b8a2ede9e2a3145b0b4033cdbcdfdc48f77964cc24fee128897ae8d16 WHIRLPOOL 2794104084e6856b216529fff6ab3d877b11f98c16e7ca2e81e709915e68ef4ba1bf7ce81abc82c230bbf3c004dd74dda95e27f5688c2fd000b96e12b4d0cbc3 EBUILD openntpd-5.7_p2.ebuild 2987 SHA256 57a10dde48b7f2992fca5690ba39fe0b518353924a877e73f3d4f133caf37071 SHA512 9139976066d70e2a66a8bf26d07a516fcc16263f741eec27ee7fe390c2f2980153962875b529b85be873dfbb2fe6b81f2909be5d77496de00041f57aff137e42 WHIRLPOOL 435ff52ae51df95850f69f90af8c10af6e3244fecf9645e12c13de226d7eade04c7aafb4f021749e6ad7cd8e4651b7eeba2d85224920071005008acd5c1326d2 EBUILD openntpd-5.7_p3.ebuild 3316 SHA256 22483dde636ba18c8449587aeab9330b1f622d0b6d0323b4a556a2da455ac18a SHA512 d6656fbd6813c76b23288d755287175c694704b46f6dd96c0bc039eda2f46b607478b8f7eb4f7fc044744a58f60f42b7e82af470fd8272f644c21bc5d16a8111 WHIRLPOOL c7a621e3a7976e063080d98a3ff90c0441011e00f519a869fd0b5fc1a2cf003bfab9600a0307f45ce5ec90ab8ffea671add47774857d845b76ef88ac317e62fe +EBUILD openntpd-5.7_p4.ebuild 3294 SHA256 2140fc450fdb36529d00aa9c9b897b53bceee3fb53ea790e59af6655abbc5b8d SHA512 08df82c8cf38850e23d1b71fe6acd016478fc442c8eb03ee77dea2617f6715ff7448ff0fdfdce4382308875f86316e2f8f3782ee18851f0973d796ef2fbbaa30 WHIRLPOOL 497bb1b063b520ad1240a4a32cadfe39612aab174804a9d23b99cbc9a853a5fda4e615bb0cdb313a7c5326985569866fbc00e0cb5394658b4c59c07d2fdd88c1 MISC ChangeLog 19061 SHA256 9d57b225f3c5e48040d341151f7098aa4a3f272fac33b5036bea780be4ab0a13 SHA512 92c1b7f819d42c586b172c4ed43d6e6237299ec928e02083409687c51abefa9644c598c61c3a2ac4fcad5b1b129402b98684e8b9eb912596eb8317491535a77e WHIRLPOOL 504892928cd157131fee06d79bd13e9433f891248523492a583ea6548648e85e50adcde4541d200d6459f44b6ba3fe8dd07c4ef89892d664f54e75f9cec6354a MISC metadata.xml 638 SHA256 74c7acb125483b0fc73da88b4437c5fcf34add2c3f21c488e93cea46991f3dec SHA512 c6469524ff397faa67ff1c3cc60ff2a04e819dae9e40b7389fce2d6b68f87662fe9077ab8d50b287073fc3d31d88c03fa773175763e4e05e490c0b8ff6cb89e7 WHIRLPOOL 0b73a2568412a50ad535c827a54ff8eb524e6e1d6f581585088385214a4149841ff2d9d9382f3ce53fb667fee46478f05cf209cd2fef97ff75648e6206eeedca ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2 - -iQIcBAEBCAAGBQJVH4rvAAoJEPGu1DbS6WIAKAgP/1NHEY0hSSEAlB0u8NCaBiWd -wmZ4MUnITjEfpZPagmesAybAJ4T/mCmNJPbvq9IDduN4Bm/T3a84vC/sJWFpYhT6 -Tw9izK/hCspDNq5+xBb+r6Q1Mrfl3mBshjfdHu1x0b5L4/4btXHxF9K7GOI89/X+ -bf4mxDpotm7CkF/GtHifcZwaOrMQd0/VlRKIzudCMjRA7AdWR8Gb3ZJOM6h+ch7N -nbAKQCVlQ+GtDhScaXNBWqsTUJnT59FppFW/FcxvarI6eoVnjrzt/zkx+Gezr6RJ -wWJ3b9AiYsJyN3Mc4B6mZY27QHvdE4my2BU6ji/UtH5Y3f0yTkQT3VZTnWFB1X9b -hyUHrNqcxRlz5rtQ6qAbL8c3OAGmRAPkiYgBwv1XN/rmiERVzSGam/VO5t7YuCzr -5zTMqR0f5/JrdF/EpyX51EjwVzRgzXjeolxTns4LzxfmyPVRNwlhHZUCFRqWas2r -QKx/ukj+mwmYLB+YjeM82Rp0upNIpII2OfMElvWAj8RgCXgBFVCvnrD29X91aCod -Yrhibi3HBBHTCSNdq/rzfj2F3X/SXw6MG+JJmsrwi/jg3HU6nB/5DltiUs02Lopv -/PYPDKJN04FESUYO9aULwXmhXA3NYPX35Bvw1ik24oIwj/67osKVzUEKXUZS62K1 -oUULHRjNJ6QNE+H6Fh9m -=hGuo ------END PGP SIGNATURE----- diff -Nur openntpd.orig/files/openntpd-5.7_p4-nolibtls.patch openntpd/files/openntpd-5.7_p4-nolibtls.patch --- openntpd.orig/files/openntpd-5.7_p4-nolibtls.patch 1969-12-31 16:00:00.000000000 -0800 +++ openntpd/files/openntpd-5.7_p4-nolibtls.patch 2015-05-25 16:49:58.766494701 -0700 @@ -0,0 +1,49 @@ +diff -u -r openntpd-5.7p4-orig/src/config.c openntpd-5.7p4/src/config.c +--- openntpd-5.7p4-orig/src/config.c 2015-03-24 18:18:56.000000000 -0700 ++++ openntpd-5.7p4/src/config.c 2015-05-25 16:48:59.000000000 -0700 +@@ -218,6 +218,9 @@ + fatal("new_constraint calloc"); + p->id = ++constraint_maxid; + ++#ifndef HAVE_LIBTLS ++ fatal("constraint configured without libtls support"); ++#endif + return (p); + } + +diff -u -r openntpd-5.7p4-orig/src/ntp.c openntpd-5.7p4/src/ntp.c +--- openntpd-5.7p4-orig/src/ntp.c 2015-03-11 19:15:36.000000000 -0700 ++++ openntpd-5.7p4/src/ntp.c 2015-05-25 16:48:59.000000000 -0700 +@@ -110,12 +110,14 @@ + return (pid); + } + ++#ifdef HAVE_LIBTLS + tls_init(); + + /* Verification will be turned off if CA is not found */ + if ((conf->ca = tls_load_file(CONSTRAINT_CA, + &conf->ca_len, NULL)) == NULL) + log_warnx("constraint certificate verification turned off"); ++#endif + + /* in this case the parent didn't init logging and didn't daemonize */ + if (nconf->settime && !nconf->debug) { +diff -u -r openntpd-5.7p4-orig/src/ntpd.conf.5 openntpd-5.7p4/src/ntpd.conf.5 +--- openntpd-5.7p4-orig/src/ntpd.conf.5 2015-03-24 18:18:56.000000000 -0700 ++++ openntpd-5.7p4/src/ntpd.conf.5 2015-05-25 16:48:59.000000000 -0700 +@@ -192,8 +192,11 @@ + .Sq Man-In-The-Middle + attacks. + Received NTP packets with time information falling outside of a range +-near the constraint will be discarded and such NTP servers +-will be marked as invalid. ++near the constraint will be discarded and such NTP servers will be marked as ++invalid. Contraints are only available if ++.Xr ntpd 8 ++has been compiled with libtls support. Configuring a constraint without libtls ++support will result in a fatal error. + .Bl -tag -width Ds + .It Ic constraint from Ar url + Specify the URL, IP address or the hostname of an HTTPS server to +Only in openntpd-5.7p4/src: ntpd.conf.5.orig diff -Nur openntpd.orig/openntpd-5.7_p4.ebuild openntpd/openntpd-5.7_p4.ebuild --- openntpd.orig/openntpd-5.7_p4.ebuild 1969-12-31 16:00:00.000000000 -0800 +++ openntpd/openntpd-5.7_p4.ebuild 2015-05-25 16:52:26.953767269 -0700 @@ -0,0 +1,96 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +inherit autotools eutils systemd user + +MY_P="${P/_p/p}" +DESCRIPTION="Lightweight NTP server ported from OpenBSD" +HOMEPAGE="http://www.openntpd.org/" +SRC_URI="mirror://openbsd/OpenNTPD/${MY_P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="selinux" + +DEPEND="!<=net-misc/ntp-4.2.0-r2 + !net-misc/ntp[-openntpd]" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-ntp )" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + export NTP_HOME="${NTP_HOME:=/var/lib/openntpd/chroot}" + enewgroup ntp + enewuser ntp -1 -1 "${NTP_HOME}" ntp + + # make sure user has correct HOME as flipping between the standard ntp pkg + # and this one was possible in the past + if [[ $(egethome ntp) != ${NTP_HOME} ]]; then + ewarn "From this version on, the homedir of the ntp user cannot be changed" + ewarn "dynamically after the installation. For homedir different from" + ewarn "/var/lib/openntpd/chroot set NTP_HOME in your make.conf and re-emerge." + esethome ntp "${NTP_HOME}" + fi +} + +src_prepare() { + # add fail constraints when no libtls patch (accepted upstream) + epatch "${FILESDIR}/${P}-nolibtls.patch" + # fix /run path + sed -i 's:/var/run/ntpd:/run/ntpd:g' src/ntpctl.8 src/ntpd.8 || die + sed -i 's:LOCALSTATEDIR "/run/ntpd:"/run/ntpd:' src/ntpd.h || die + # fix ntpd.drift path + sed -i 's:/var/db/ntpd.drift:/var/lib/openntpd/ntpd.drift:g' src/ntpd.8 || die + sed -i 's:"/db/ntpd.drift":"/openntpd/ntpd.drift":' src/ntpd.h || die + # fix default config to use gentoo pool + sed -i 's:servers pool.ntp.org:#servers pool.ntp.org:' ntpd.conf || die + printf "\n# Choose servers announced from Gentoo NTP Pool\nservers 0.gentoo.pool.ntp.org\nservers 1.gentoo.pool.ntp.org\nservers 2.gentoo.pool.ntp.org\nservers 3.gentoo.pool.ntp.org\n" >> ntpd.conf || die +} + +src_configure() { + econf --with-privsep-user=ntp +} + +src_install() { + default + rm -r "${ED}"/var + + newinitd "${FILESDIR}/${PN}.init.d-20080406-r6" ntpd + newconfd "${FILESDIR}/${PN}.conf.d-20080406-r6" ntpd + + systemd_newunit "${FILESDIR}/${PN}.service-20080406-r4" ntpd.service +} + +pkg_config() { + einfo "Setting up chroot for ntp in ${NTP_HOME}" + # remove localtime file from previous installations + rm -f "${EROOT%/}${NTP_HOME}"/etc/localtime + mkdir -p "${EROOT%/}${NTP_HOME}"/etc + if ! ln "${EROOT%/}"/etc/localtime "${EROOT%/}${NTP_HOME}"/etc/localtime ; then + cp "${EROOT%/}"/etc/localtime "${EROOT%/}${NTP_HOME}"/etc/localtime || die + einfo "We could not create a hardlink from /etc/localtime to ${NTP_HOME}/etc/localtime," + einfo "so please run 'emerge --config =${CATEGORY}/${PF}' whenever you change" + einfo "your timezone." + fi + chown -R root:root "${EROOT%/}${NTP_HOME}" || die +} + +pkg_postinst() { + pkg_config + + [[ -f ${EROOT}var/log/ntpd.log ]] && \ + ewarn "Logfile '${EROOT}var/log/ntpd.log' might be orphaned, please remove it if not in use via syslog." + + if [[ -f ${EROOT}var/lib/ntpd.drift ]] ; then + einfo "Moving ntpd.drift file to new location." + mv "${EROOT}var/lib/ntpd.drift" "${EROOT}var/lib/openntpd/ntpd.drift" + fi +} + +pkg_postrm() { + # remove localtime file from previous installations + rm -f "${EROOT%/}${NTP_HOME}"/etc/localtime +}