diff options
author | delphij <delphij@FreeBSD.org> | 2016-04-29 08:02:31 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2016-04-29 08:02:31 +0000 |
commit | 39baf3a8165fd1fa06257b6812862e7113c5b905 (patch) | |
tree | 70bef1566f92531ce181ed768429104db003a1fa /contrib/ntp/ntpd/ntpd.c | |
parent | b62280e683e2d7abd347a4549c51e086b1b8911a (diff) | |
download | FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.zip FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.tar.gz |
Fix ntp multiple vulnerabilities.
Approved by: so
Diffstat (limited to 'contrib/ntp/ntpd/ntpd.c')
-rw-r--r-- | contrib/ntp/ntpd/ntpd.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/contrib/ntp/ntpd/ntpd.c b/contrib/ntp/ntpd/ntpd.c index 2c7f02e..9c6f947 100644 --- a/contrib/ntp/ntpd/ntpd.c +++ b/contrib/ntp/ntpd/ntpd.c @@ -332,6 +332,16 @@ my_pthread_warmup(void) #endif /*defined(NEED_PTHREAD_WARMUP)*/ +#ifdef NEED_EARLY_FORK +static void +dummy_callback(void) { return; } + +static void +fork_nonchroot_worker(void) { + getaddrinfo_sometime("localhost", "ntp", NULL, INITIAL_DNS_RETRY, + (gai_sometime_callback)&dummy_callback, NULL); +} +#endif /* NEED_EARLY_FORK */ void parse_cmdline_opts( @@ -931,6 +941,11 @@ ntpdmain( # ifdef HAVE_DROPROOT if (droproot) { + +#ifdef NEED_EARLY_FORK + fork_nonchroot_worker(); +#endif + /* Drop super-user privileges and chroot now if the OS supports this */ # ifdef HAVE_LINUX_CAPABILITIES |