Fix ntp multiple vulnerabilities.

Approved by: so
author: delphij <delphij@FreeBSD.org> 2016-04-29 08:02:31 +0000
committer: delphij <delphij@FreeBSD.org> 2016-04-29 08:02:31 +0000
commit: 39baf3a8165fd1fa06257b6812862e7113c5b905 (patch)
tree: 70bef1566f92531ce181ed768429104db003a1fa /contrib/ntp/ntpd/ntpd.c
parent: b62280e683e2d7abd347a4549c51e086b1b8911a (diff)
download: FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.zip
FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.tar.gz
1 files changed, 15 insertions, 0 deletions
diff --git a/contrib/ntp/ntpd/ntpd.c b/contrib/ntp/ntpd/ntpd.c
index 2c7f02e..9c6f947 100644
--- a/contrib/ntp/ntpd/ntpd.c
+++ b/contrib/ntp/ntpd/ntpd.c
@@ -332,6 +332,16 @@ my_pthread_warmup(void)
 
 #endif /*defined(NEED_PTHREAD_WARMUP)*/
 
+#ifdef NEED_EARLY_FORK
+static void
+dummy_callback(void) { return; }
+
+static void
+fork_nonchroot_worker(void) {
+	getaddrinfo_sometime("localhost", "ntp", NULL, INITIAL_DNS_RETRY,
+			     (gai_sometime_callback)&dummy_callback, NULL);
+}
+#endif /* NEED_EARLY_FORK */
 
 void
 parse_cmdline_opts(
@@ -931,6 +941,11 @@ ntpdmain(
 
 # ifdef HAVE_DROPROOT
 	if (droproot) {
+
+#ifdef NEED_EARLY_FORK
+		fork_nonchroot_worker();
+#endif
+
 		/* Drop super-user privileges and chroot now if the OS supports this */
 
 #  ifdef HAVE_LINUX_CAPABILITIES
author	delphij <delphij@FreeBSD.org>	2016-04-29 08:02:31 +0000
committer	delphij <delphij@FreeBSD.org>	2016-04-29 08:02:31 +0000
commit	39baf3a8165fd1fa06257b6812862e7113c5b905 (patch)
tree	70bef1566f92531ce181ed768429104db003a1fa /contrib/ntp/ntpd/ntpd.c
parent	b62280e683e2d7abd347a4549c51e086b1b8911a (diff)
download	FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.zip FreeBSD-src-39baf3a8165fd1fa06257b6812862e7113c5b905.tar.gz