From owner-svn-ports-all@freebsd.org Wed Oct 7 17:40:57 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 605B043469C; Wed, 7 Oct 2020 17:40:57 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C61pK1xv2z3ZVc; Wed, 7 Oct 2020 17:40:57 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 264D31B491; Wed, 7 Oct 2020 17:40:57 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 097Hevag050599; Wed, 7 Oct 2020 17:40:57 GMT (envelope-from mandree@FreeBSD.org) Received: (from mandree@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 097Heulb050595; Wed, 7 Oct 2020 17:40:56 GMT (envelope-from mandree@FreeBSD.org) Message-Id: <202010071740.097Heulb050595@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mandree set sender to mandree@FreeBSD.org using -f From: Matthias Andree Date: Wed, 7 Oct 2020 17:40:56 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r551656 - in head/net/chrony: . files X-SVN-Group: ports-head X-SVN-Commit-Author: mandree X-SVN-Commit-Paths: in head/net/chrony: . files X-SVN-Commit-Revision: 551656 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2020 17:40:57 -0000 Author: mandree Date: Wed Oct 7 17:40:55 2020 New Revision: 551656 URL: https://svnweb.freebsd.org/changeset/ports/551656 Log: net/chrony: update to 4.0 release Changelog: https://git.tuxfamily.org/chrony/chrony.git/tree/NEWS?id=4.0#n1 Update options (unfortunately the crypto stuff is a bit contorted with NSS <-> Nettle incompatibilities and NTS requiring GnuTLS and Nettle). Modified: head/net/chrony/Makefile head/net/chrony/distinfo head/net/chrony/files/patch-examples_chrony.conf.example1 head/net/chrony/files/patch-examples_chrony.conf.example2 head/net/chrony/files/patch-examples_chrony.conf.example3 Modified: head/net/chrony/Makefile ============================================================================== --- head/net/chrony/Makefile Wed Oct 7 17:14:19 2020 (r551655) +++ head/net/chrony/Makefile Wed Oct 7 17:40:55 2020 (r551656) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= chrony -PORTVERSION= 3.5.1 +DISTVERSION= 4.0 CATEGORIES= net MASTER_SITES= https://download.tuxfamily.org/chrony/ \ LOCAL/mandree @@ -20,46 +20,56 @@ CPE_VENDOR= tuxfamily USE_RC_SUBR= chronyd HAS_CONFIGURE= yes -CONFIGURE_ARGS= --prefix=${PREFIX} \ - --chronyvardir=/var/db/${PORTNAME} \ - --sysconfdir=${PREFIX}/etc --mandir=${MANPREFIX}/man \ - --datarootdir=${DATADIR} --docdir=${DOCSDIR} \ - --with-readline-library=${LOCALBASE}/lib \ +CONFIGURE_ARGS= --chronyvardir=/var/db/${PORTNAME} \ + --datarootdir=${DATADIR} \ + --docdir=${DOCSDIR} \ + --mandir=${MANPREFIX}/man \ + --prefix=${PREFIX} \ + --sysconfdir=${PREFIX}/etc \ --without-tomcrypt ALL_TARGET= all INSTALL_TARGET= install PORTDOCS= FAQ NEWS README -PORTEXAMPLES= chrony.conf.example1 chrony.conf.example2 \ - chrony.conf.example3 chrony.keys.example +LDFLAGS+= -L${LOCALBASE}/lib + +PORTEXAMPLES= chrony.conf.example1 chrony.conf.example2 chrony.conf.example3 \ + chrony.keys.example + # XXX: there are also other potentially useful options worth looking into: # --disable-pps Disable PPS API support -OPTIONS_DEFINE= DOCS HTMLDOCS EXAMPLES IPV6 USER -OPTIONS_DEFAULT= NETTLE USER -OPTIONS_RADIO= CRYPTLIB -OPTIONS_RADIO_CRYPTLIB= NETTLE NSS +OPTIONS_DEFINE= DOCS EXAMPLES HTMLDOCS NTS USER +OPTIONS_DEFAULT= NETTLE NTS USER +OPTIONS_GROUP= SECHASH +OPTIONS_GROUP_SECHASH= NETTLE NSS OPTIONS_SUB= yes +NTS_IMPLIES= NETTLE +NETTLE_PREVENTS= NSS -HTMLDOCS_DESC= Build HTML docs (IMPLIES DOCS, needs ruby, asciidoctor) -NETTLE_DESC= Nettle crypto library support -NSS_DESC= NSS-based support for more hashing algorithms -USER_DESC= Run as user/group chronyd (unset: user/group ntpd) +HTMLDOCS_DESC= Build HTML docs (IMPLIES DOCS, needs ruby, asciidoctor) +NETTLE_DESC= Nettle crypto library support for secure hash and NTS +NSS_DESC= NSS-based support for more hashing algorithms +NTS_DESC= Support Network Time Security (NTS, uses GnuTLS & Nettle) +SECHASH_DESC= Support for secure hash functions +USER_DESC= Run as user/group chronyd (unset: user/group ntpd) HTMLDOCS_IMPLIES= DOCS -HTMLDOCS_BUILD_DEPENDS+=asciidoctor:textproc/rubygem-asciidoctor -HTMLDOCS_ALL_TARGET= docs -HTMLDOCS_INSTALL_TARGET=docs -IPV6_CONFIGURE_OFF= --disable-ipv6 -NETTLE_LIB_DEPENDS= libnettle.so:security/nettle -NETTLE_CONFIGURE_OFF= --without-nettle -NSS_LIB_DEPENDS= libfreebl3.so:security/nss -NSS_CONFIGURE_OFF= --without-nss -USER_CONFIGURE_ON= --with-user=chronyd -USER_CONFIGURE_OFF= --with-user=ntpd +HTMLDOCS_BUILD_DEPENDS+= asciidoctor:textproc/rubygem-asciidoctor +HTMLDOCS_ALL_TARGET= docs +HTMLDOCS_INSTALL_TARGET= docs +NETTLE_LIB_DEPENDS= libnettle.so:security/nettle +NETTLE_CONFIGURE_OFF= --without-nettle +NSS_LIB_DEPENDS= libfreebl3.so:security/nss +NSS_CONFIGURE_OFF= --without-nss +NTS_LIB_DEPENDS= libgnutls.so:security/gnutls +NTS_CONFIGURE_OFF= --without-gnutls +USER_CONFIGURE_ON= --with-user=chronyd +USER_CONFIGURE_OFF= --with-user=ntpd -USER_VARS= USERS=chronyd GROUPS=chronyd +USER_VARS= GROUPS=chronyd \ + USERS=chronyd .include @@ -68,12 +78,14 @@ CONFIGURE_ARGS+= --enable-debug .endif .if ${PORT_OPTIONS:MHTMLDOCS} -PORTDOCS+= doc/*.html +PORTDOCS+= doc/*.html .endif post-patch: cd ${WRKSRC}/examples && \ - ${REINPLACE_CMD} -e 's!%%PREFIX%%!${PREFIX}!g' ${PORTEXAMPLES} + ${REINPLACE_CMD} -e 's!%%PREFIX%%!${PREFIX}!g' \ + -e 's!/var/lib!/var/db!g' \ + ${PORTEXAMPLES:M*.conf.example*} post-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/chronyc Modified: head/net/chrony/distinfo ============================================================================== --- head/net/chrony/distinfo Wed Oct 7 17:14:19 2020 (r551655) +++ head/net/chrony/distinfo Wed Oct 7 17:40:55 2020 (r551656) @@ -1,3 +1,3 @@ -TIMESTAMP = 1598090949 -SHA256 (chrony-3.5.1.tar.gz) = 1ba82f70db85d414cd7420c39858e3ceca4b9eb8b028cbe869512c3a14a2dca7 -SIZE (chrony-3.5.1.tar.gz) = 459902 +TIMESTAMP = 1602089678 +SHA256 (chrony-4.0.tar.gz) = be27ea14c55e7a4434b2fa51d53018c7051c42fa6a3198c9aa6a1658bae0c625 +SIZE (chrony-4.0.tar.gz) = 546939 Modified: head/net/chrony/files/patch-examples_chrony.conf.example1 ============================================================================== --- head/net/chrony/files/patch-examples_chrony.conf.example1 Wed Oct 7 17:14:19 2020 (r551655) +++ head/net/chrony/files/patch-examples_chrony.conf.example1 Wed Oct 7 17:40:55 2020 (r551656) @@ -1,13 +1,9 @@ ---- examples/chrony.conf.example1.orig 2017-01-31 10:22:11 UTC +--- examples/chrony.conf.example1.orig 2020-09-16 10:09:52 UTC +++ examples/chrony.conf.example1 -@@ -1,8 +1,8 @@ +@@ -1,5 +1,5 @@ # Use public NTP servers from the pool.ntp.org project. -pool pool.ntp.org iburst +pool 0.freebsd.pool.ntp.org iburst # Record the rate at which the system clock gains/losses time. --driftfile /var/lib/chrony/drift -+driftfile /var/db/chrony/drift - - # Allow the system clock to be stepped in the first three updates - # if its offset is larger than 1 second. + driftfile /var/lib/chrony/drift Modified: head/net/chrony/files/patch-examples_chrony.conf.example2 ============================================================================== --- head/net/chrony/files/patch-examples_chrony.conf.example2 Wed Oct 7 17:14:19 2020 (r551655) +++ head/net/chrony/files/patch-examples_chrony.conf.example2 Wed Oct 7 17:40:55 2020 (r551656) @@ -1,23 +1,19 @@ ---- examples/chrony.conf.example2.orig 2017-01-31 10:22:11 UTC +--- examples/chrony.conf.example2.orig 2020-09-16 10:09:52 UTC +++ examples/chrony.conf.example2 -@@ -1,9 +1,9 @@ +@@ -1,6 +1,6 @@ # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). -pool pool.ntp.org iburst +pool 0.freebsd.pool.ntp.org iburst # Record the rate at which the system clock gains/losses time. --driftfile /var/lib/chrony/drift -+driftfile /var/db/chrony/drift + driftfile /var/lib/chrony/drift +@@ -29,7 +29,7 @@ rtcsync + #authselectmode require - # Allow the system clock to be stepped in the first three updates - # if its offset is larger than 1 second. -@@ -26,7 +26,7 @@ rtcsync - #local stratum 10 - # Specify file containing keys for NTP authentication. -#keyfile /etc/chrony.keys +#keyfile %%PREFIX%%/etc/chrony.keys - # Specify directory for log files. - logdir /var/log/chrony + # Save NTS keys and cookies. + ntsdumpdir /var/lib/chrony Modified: head/net/chrony/files/patch-examples_chrony.conf.example3 ============================================================================== --- head/net/chrony/files/patch-examples_chrony.conf.example3 Wed Oct 7 17:14:19 2020 (r551655) +++ head/net/chrony/files/patch-examples_chrony.conf.example3 Wed Oct 7 17:40:55 2020 (r551656) @@ -1,4 +1,4 @@ ---- examples/chrony.conf.example3.orig 2017-01-31 10:22:11 UTC +--- examples/chrony.conf.example3.orig 2020-09-16 10:09:52 UTC +++ examples/chrony.conf.example3 @@ -1,7 +1,7 @@ ####################################################################### @@ -20,31 +20,16 @@ ####################################################################### ### AVOIDING POTENTIALLY BOGUS CHANGES TO YOUR CLOCK -@@ -65,12 +67,12 @@ - # immediately so that it doesn't gain or lose any more time. You - # generally want this, so it is uncommented. - --driftfile /var/lib/chrony/drift -+driftfile /var/db/chrony/drift - +@@ -84,7 +86,7 @@ driftfile /var/lib/chrony/drift # If you want to enable NTP authentication with symmetric keys, you will need # to uncomment the following line and edit the file to set up the keys. -! keyfile /etc/chrony.keys +! keyfile %%PREFIX%%/etc/chrony.keys - # chronyd can save the measurement history for the servers to files when - # it it exits. This is useful in 2 situations: -@@ -88,7 +90,7 @@ driftfile /var/lib/chrony/drift - # Enable these two options to use this. - - ! dumponexit --! dumpdir /var/lib/chrony -+! dumpdir /var/db/chrony - - # chronyd writes its process ID to a file. If you try to start a second - # copy of chronyd, it will detect that the process named in the file is -@@ -117,6 +119,10 @@ driftfile /var/lib/chrony/drift + # If you specify an NTP server with the nts option to enable authentication + # with the Network Time Security (NTS) mechanism, or enable server NTS with +@@ -164,6 +166,10 @@ ntsdumpdir /var/lib/chrony # only need this if you really enjoy looking at the logs, you want to # produce some graphs of your system's timekeeping performance, or you # need help in debugging a problem. @@ -55,12 +40,3 @@ ! logdir /var/log/chrony ! log measurements statistics tracking -@@ -253,7 +259,7 @@ driftfile /var/lib/chrony/drift - # You need to have 'enhanced RTC support' compiled into your Linux - # kernel. (Note, these options apply only to Linux.) - --! rtcfile /var/lib/chrony/rtc -+! rtcfile /var/db/chrony/rtc - - # Your RTC can be set to keep Universal Coordinated Time (UTC) or local - # time. (Local time means UTC +/- the effect of your timezone.) If you