* Sun Mar 24 2024 Jean-Philippe Pialasse <jpp@koozali.org> 1.2.2a-2.sme

- first build for el8/SME11
2 months ago · 0622d6d5e3
parent 7764ac38ac
commit 0622d6d5e3
8 changed files with 501 additions and 57 deletions
--- a/4
+++ b/4
@ -1,8 +1,8 @@
-NAME := ${REPO_NAME}
+NAME := ntpsec
 SPECFILE = $(firstword $(wildcard *.spec))

 define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$$$d/Makefile.common ] ; then if [ -f $$$$d/CVS/Root -a -w $$$$d/Makefile.common ] ; then cd $$$$d ; cvs -Q update ; fi ; echo "$$$$d/Makefile.common" ; break ; fi ; done
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
 endef

 MAKEFILE_COMMON := $(shell $(find-makefile-common))
--- a/change-this-to-the-package-name.spec
+++ b/change-this-to-the-package-name.spec
@ -1,55 +0,0 @@
-%define name ${REPO_NAME}
-%define version 1.0
-%define release 1
-Summary: This is what ${REPO_NAME} does.
-Name: %{name}
-Version: %{version}
-Release: %{release}%{?dist}
-Source: %{name}-%{version}.tar.gz
-License: GNU GPL version 2
-Group: SMEserver/addon
-BuildRoot: %{_tmppath}/%{name}-buildroot
-Prefix: %{_prefix}
-BuildArchitectures: noarch
-BuildRequires: e-smith-devtools
-Requires: e-smith-release >= 10.0
-AutoReqProv: no
-
-%description
-${REPO_DESCRIPTION}
-
-%changelog
-* Day MMMM DD YYYY <brianr@koozali.org> 1.0-1.sme
- Initial code - create RPM [SME:99999]
-
-%prep
-
-%setup -q
-
-%build
-perl createlinks
-
-%install
-rm -rf $$RPM_BUILD_ROOT
-(cd root   ; find . -depth -print | cpio -dump $$RPM_BUILD_ROOT)
-rm -f %{name}-%{version}-filelist
-/sbin/e-smith/genfilelist $$RPM_BUILD_ROOT \
-> %{name}-%{version}-filelist
-#echo "%doc COPYING"  >> %{name}-%{version}-filelist
-#--dir <dir> 'attr(755,user,grp)' \
-#--file <file> 'attr(755,root,root)' \
-
-%clean
-cd ..
-rm -rf %{name}-%{version}
-
-%pre
-
-%preun
-
-%post
-
-%postun
-#uninstall
-%files -f %{name}-%{version}-filelist
-%defattr(-,root,root)
--- a/ntp.conf
+++ b/ntp.conf
@ -0,0 +1,21 @@
+# For more information about this file, see the ntp.conf(5) man page.
+
+# Use public servers from the pool.ntp.org project.
+# Please consider joining the pool (https://www.pool.ntp.org/join.html).
+pool 2.VENDORZONE.pool.ntp.org iburst
+
+# Reduce the maximum number of servers used from the pool.
+tos maxclock 5
+
+# Record the frequency of the system clock.
+driftfile VARNTP/drift
+
+# Disable configuration and monitoring access by default.
+restrict default nomodify noquery
+
+# Enable all access for localhost.
+restrict 127.0.0.1
+restrict ::1
+
+# Enable writing of statistics records.
+#statistics clockstats cryptostats loopstats peerstats
--- a/ntpsec-1.2.2a.tar.gz
+++ b/ntpsec-1.2.2a.tar.gz
--- a/ntpsec-1.2.2a.tar.gz.asc
+++ b/ntpsec-1.2.2a.tar.gz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEE5XI10idkEp+k8vTRf1JgjtDknXYFAmTLLB0ACgkQf1JgjtDk
+nXYjaQ//TbtOrQjqcLH41mj1odw4BmXx1Ryns7mrgYBrP76lpAHKucJx2Pm/8pp0
+MMuuF2UZ4jQesKK8mUYbFub4JIjF9BQxczbptt7YSYGROJFFbHKP6TktxBQbfpEs
+whkk/RrMouid88FZRkbASlWDjzBEHLl0IibJRYkyd4jE2EgPne482IFGTqK47GWt
+figGpGSQ0GKRKhj6MqoHUXkpi6G1TNVxLQNvo477rV7INXW9LDgPEE97Tj0pQzGB
+BVS5t87HHeG8rdwV8+90mT3dfwNBvxgt4pycPet/HHhAbZsmyl8F2dhiXHPF/4ol
+ZYlFsS+9NUo7qUSgpuZSmigiIDvsMk7quG4OYkfpCob3WHgzwOS48o5idDorSe1o
+dApFDaU3MEE5gab9v77Lv7R8Q6ksCcqMcMZNnT2hyJ4Mss7lvL8q2Ma3TXx0QJ9A
+iaRunLGP1hI9cJCFe226gm2Ur4Bejn5sd/QbrP9uOxtW2jvjnNnIYLRuDp2ewZhP
+DbKQj9+UgcE1nXWiUcEXhVkb4FfvWqpfIKH67BakRcl7vK0w7qskb1acAuHaiFgX
+H/Qg9tR3imB0ALkNH+SFjOdPh0rL14+tbP7k0+bpD0K97WMt53rvddOuYxQ+1e2a
+N+Kq7koCnB+rDyNeIdkvVg9D7gL7qmjZ5BGaNV1/2BT0NKmp/Yg=
+=LLcg
+-----END PGP SIGNATURE-----
--- a/ntpsec-weakkeys.patch
+++ b/ntpsec-weakkeys.patch
@ -0,0 +1,36 @@
+diff -up ntpsec-1.2.1/libntp/authreadkeys.c.weakkeys ntpsec-1.2.1/libntp/authreadkeys.c
+--- ntpsec-1.2.1/libntp/authreadkeys.c.weakkeys	2021-06-07 06:03:11.000000000 +0200
+++ ntpsec-1.2.1/libntp/authreadkeys.c	2021-06-17 12:19:41.555693047 +0200
+@@ -249,6 +249,7 @@ authreadkeys(
+ 	char	namebuf[NAMEBUFSIZE];
+ 	size_t	len;
+ 	int	keys = 0;
+	char *	hashchr = NULL;
+ 
+ 	/*
+ 	 * Open file.  Complain and return if it can't be opened.
+@@ -348,7 +349,7 @@ msyslog(LOG_ERR, "AUTH: authreadkeys: re
+                         continue;
+                 }
+ 
+-
+		hashchr = strchr(line, '#');
+ 
+ 		/*
+ 		 * Finally, get key and insert it.
+@@ -364,6 +365,15 @@ msyslog(LOG_ERR, "AUTH: authreadkeys: re
+ 		}
+ 		len = strlen(token);
+ 		if (len <= 20) {	/* Bug 2537 */
+			/* Detect weak keys generated by ntpkeygen
+			   (CVE-2021-22212). False positives are possible. */
+			if (token + len == hashchr) {
+				msyslog(LOG_ERR,
+					"AUTH: authreadkeys: key %u is followed by '#' (CVE-2021-22212)",
+					keyno);
+				exit(1);
+			}
+
+ 			len = check_key_length(keyno, type, name, upcased, len);
+ 			check_mac_length(keyno, type, name, upcased);
+ 			auth_setkey(keyno, type, name, (uint8_t *)token, len);
--- a/ntpsec.gpg.pub.asc
+++ b/ntpsec.gpg.pub.asc
@ -0,0 +1,134 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFcPDLMBEACenOnM3H3AGmqlVD2PUW8mH4SmtkPFyCDg4UiWu7TQCO86W7ha
+3H4tA77UpEpbfoCh3RrScgEDhQpFpjfKjxq3pg+nbPZlfId3dWsk01QeyE/JYL7A
+eUmDsR2trjnhVqjXAHHzEi2G7Mvf/xfuwvJaFN9f7l0rpm3kypuE1hsEByo4qydj
+vXkL3MEp08j3Id+fQK3sJZCfj7wyvjE6URC8UJYxMkf/lrxBWpiDTAfTrrYGofdu
+B+DywyH39Bh9vVGm+B5xLIuEkcBVE6etqzzhApB7GZsnEaJrlxqvtAf2egQk75Vg
+cYuLX9xR4I58Sve5ztAahO6FoquETMlOtFx8pEbAARWmCnO9OyQU8tJDpsDnIBSS
+ocDggJ5oKaNqd8rKgzKFk+qNXQnTpzyI4QKnHu48AKOdeJ+3Wsuhq4Nm/foSLxe3
+16e2CVSVRmiHdAr71tZZPTiSfsDWRPppnVnP1zUEUwhZjcHOOxB5hz+Z/YA5GIMl
+kvXdLLvOhgsPyvnaAsgM0jw8z2ugc9TdhxEchBnP1sw6nZKZ72a9HPSReashrBiD
+VTDM2yjHPP+0i6Cgl6iZLKTbl4pcLVj4uDgQIG+PNBfUPjW4CJjrFv7sBevRRSHi
+SyODtvZzxnqCpRFG2cGkY6OQEdhZwEJIKHXjOkxZ0WOwh3k3OnS2pwKbIwARAQAB
+tC9OVFBzZWMgU2VjdXJpdHkgUmVwb3J0aW5nIDxzZWN1cml0eUBudHBzZWMub3Jn
+PokCVgQTAQgAQAIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAFiEE2j/fd0zH
+D6ZHKexFBdmzcUd8dSgFAl9757wFCRs43gkACgkQBdmzcUd8dSjJRBAAnpoiqeT/
+D64HUOEPAlc5apNgMnGt6PFRWIrUTN9v2cXeDJWQ7DCIdlqV0rhHwRT3WL6aZY5i
+igu1FTun8bsV9hSCCQ7BveTIZFAMg+4bsjDBANNvteT/329Am1cSrlGzK6U5HVHU
+nNZhP2PrVsqg9OVIF/u3lkO8AJjYBvp8Jlvvbl2MOcojAR7DqTslmCZaacjA9zuI
+JJ6L+V56KU+l9xvO6A8XOoi8xPdxS11seZiMRODuKYC4AAdkBmcNKZVuOWqTQfxn
+txEkaI5Q3t+kivkZiclqYVojkVCm77IQI3+23w1YikW1EJJ6lf9MNzrq9DMG0A4B
+hopZ8mslazvOBMydq9wtpbXL7bZV3+a9wV+KQdIQhb0go7DaSfOxzW/+QyTL8dCd
+khmip4o/eOLuteoIBODHZE84vBU8zCZACbgjE4nSGNIit091PBN91izhWUvBD7FX
+tra69i4JoRW2sV3KZy1zsBMJ+ptULtfHD1A46Ss8fEYaRgZASXvmSrpH0hL8uA2O
+OxcHb5Vo8+O4Ofx47SrD7Lf06cw/pIfd5acQ/Td3pJj8SxYECqVtjOIuusOVawEx
+MXtaSMTQagoGmc16O7yvASibnArQxKbX6LACzEV5o3V12ZS3HT6yVSU3MN3xgsdb
+pA7O1bPEwz4zsQIhI+DvHBVlvDD0yikTWluJAj8EEwEIACkFAlcPDLMCGwMFCQWj
+moAHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRAF2bNxR3x1KCISEACHp8Ut
+Rx2ZRQ3KyBQnNF6k+RD4T9k4dQPomve8P3rWKEY373Q7jMAFp+UGerNgTIyGpus0
+UKzswrLyeSOT3lvA5nU66r95IPqpWeYBy4o1lgSDq/xdAINkRozw2CpzsUdg+APU
+WbiddKfqlcDaHOfyWT9Vo83YLX+o1FZkWE5+7Y2hIfiI5cuLYpRhCoOGVJlSHBOR
+0ihIlF9n1PACo+dd6q4++Kyw47I+OCGx2qxuWS25CrxWEupjSivQvw8DuD9VWQMa
+03sUKUUQ9MSDrt+soAUYrsShttAfy6UKTIY+inDA+e6b150qzJZ4PbMsChNAHhUA
+76lHqO1mrAISNi+vbMnXOshGQrs70svbgxYibHi636eyn1yivQND8nadVPbQQwPX
+6plKbqup4XVntT7idH5ZA99Ny7WXpRzbJ0yL/Jc1YRrZ1t5QeNYrhLld/IjN1rsp
+MS0OlQeIGMvidhCR8DEsDjQJ405QAwgwiAaum5DBiiQ12U8eAqgpF89OVca+Q3bt
+15mCNUkBF4fj7hJwbKRtqmHBi8b6I3x+dXqcl0hma6M+n7wc9sbN/fR/m0OHSV/U
+66ywRKu47199p3Yj0etSP39tgWxiUdhvx0tdbOeGA1RygXNjLTsTOa5EBHuKetWW
+4WAOgM2uYqgotTAUNjalFZbkz2AM94hMQWGrqokCHAQQAQgABgUCVw8NmgAKCRBz
+IpFyYszB5d+2EACbTkI7XkF7wBI7pzEf8avOhwg0qKA3slX7oYqrnkaaCSMISllF
+m7U2tPTOJJQOtno4NfmURcvdMg3ozyYUeeBj+yUEYhM5PGm9j47pzcCkf8/2R9Mp
+Z4oOCo9pKOuoWATG2wVMZEGh5aNs3Sq/f11ao9RSYEv1pxgy8dFBUQ+43v7WBImC
+WyU/jHWmPqewLOADzESZRriMGfaSXs1BbCfggmiV+EHe1RhbXCzdPDCIQugDTg+Z
+9kHrn44TTKXJJ3Fhord+klIwO06iR7poz8EO4ZiDqK1t2QBwtVAsUPd/RbO0lSuG
+QJ0OYDHF/6W3DJn1leGZ+4ozDWmrQEObt8ciVOYf+qPws/4qEdsw5E2r3ZsofBYC
+j4zqqJntZm4+3d98zpLIbZ/KdUAKPuDLZzxPbcvPXDM5RNUvFnnEjz6NJMcRP2CS
+UBxugndmqGQm5xXZ8DBNcfH73WtHyWedlxUaS/uY4VzvW+nA5OJLV/BvDzKTwdq4
+T4IrGX2Fevg/Sl8PUWHeUlNyFMBa6c3gB90MjkznQFwPTX9WsEXkAIYSJSEdg+aH
+nhGiQXAuETTqaEEiW76jtS6l8cJ5aFNXQa4GW5cZckJTlUHvkv8RTrTW8BUjgeAq
+azzQbTYDnhwEJms1pPASHPF4LXpmauffJ4qcKAsPTIfYSFptMMxRxn2JKokCHAQQ
+AQgABgUCVw8OCwAKCRAqfD42zCgtvsLKD/9ssv6W4gj9O5DZf+ISfo+7AdrwmjN8
+ppvhy/699I3duGevKKQS7UEHY+Sjmf9YVWRzI1AGvJsjUsb/Btfa8zNijtP3PH6v
+eTtlFOVeNP6OAjcUVgePBgHgMqu17m+EGGReH7a8ruBl7Z6wzIU60qHX27hPbZHm
+12W6X+EF7/+QevVurVdVYG3gzFM7J7Zbh05RWq0JUVimRk5zadrHRam+5yxPGsx1
+Hf5lzR2XIRoFxNzBh8eN9ilpbQ37GidTEyD4fOt3MKIEBGr1pFBnFc+ivxBsAMAI
+7a2bkku1v15d84zyjEAAgE17/AmYtqH2EIzMZ7I8a/sOIdLfaULT8uxr73yivC7Y
+nGMPamL4KMmo0XHj/TjXop4nWIP4rma8G+yPYlk8PMpEHVyQZLcG1mtFmQKMtWSe
+jiZfVNtcYzAVbrC1t0wF9b5x8VfJACVwV8JkGV8CwfabqEzouIq1dh9Sm793bwG4
+LKd+W0DP5+QSYacpCEkgPeq4jVVZ+SEN+bCstEJwxW1WJ1p3rIBIGESpX+NKFAGl
+Hl8i1fhrJ1foZr9Gx4L94GKrU4zgmB457I/t1k9iRpYVDfICgY5sy6ZHcrkhLiOZ
+hr199QWHv33Bd7u3Y5pqoLamA3bjPZEJk82p7ywMas0z4sg2kdzol7iC5OjBjySv
+gRFclkrSfKK9VrkCDQRXDwyzARAA0XTbXJBhJMaAOFvPWaw+dThy4RDlvV3hHiNJ
+9uIIROYnmiu4W6t+jrZsJ3WWdJqNggY+XLnwVyRXWbmFXf8qViStoBfs62cDzmYn
+dsfnl5ZcRdqrHJ+ErdblYU1Sc2WdnfoJQY49VaSLNJMDvU9gRdC9dVdI9Z2YR+m7
+RNXNZbqtxdDMgMFZYBq3jdWNkutpQA9PKwco4qGpQdsWLpyGXZRHF6iz63WRWhAe
+YhLftUvoTXCISN+WTSuT4tC0pDfDfcdX7ber5icVg7Uh4aizFTenS4jlsbkE1I93
+oZCaPN3t8gah+iiCkIRVYpd0jy6RpZXIHLvRrgmdpZZ59Bkg3Xi4WtggJ5jg0wc8
+csC545M0wXlgktQN8w9RibR0woJoPUkh/dWiyXU/eEsQ84G1iMBHUGBDJ9g/vu/d
+nqhRiu/A+jx2JbeYuxvR1MmL6WXJmQ8eHdJvnUQiS9nRqb8xQeSxoZlrBNw1QULk
+11fFMy0h3adOX3KXbnqZsPUvCkt5P3UyEJSQ4lnN5K/Acbd/5toENeB2kq1hLdJk
+HthrblnfkNtefY1fPHKtp56UqsuUcaLUpvLijUntR4PSwAbhDNKXKdLJroSNV0Wr
+rOH1Rn64apQlrPw0ZwUdIdjXQFCxdMsagL2TgwuULmYjQUP/noX0c4bmglqmcKel
+KrROdCEAEQEAAYkCNgQYAQgAIAIbDBYhBNo/33dMxw+mRynsRQXZs3FHfHUoBQJf
+e+dGAAoJEAXZs3FHfHUoEq8P/35SlCVQIwWv9x7Bg3rpJR1WO5VDX//+UWWP5i2+
+fF8LGgkwNNno63VSSsJmla8A6IAT5pAisixCJuXJrQ2RWUiVgCOvUIOgczQFuv83
+T+mnbFh6Y9Ic9Ag4p5sLRDiwofceB+lNIOlmjAdg1KhFbBEczyRWqho5khfKSsxM
+OtJ1LhcGwEhWF3DeHjJgGdb1SuAwpxiLpa/DgASLYXhEFfayYxlT4la+SkpGJXzK
+gEZ7vc5GB0FKAD0/Jz9Yq1fBoR0j6pyEhqa4p1okUTP8YxsNHmw9gUcwLqs44JS/
+AhTJ1pghdha0m3h4pUV7k1LpqXbCqKPl+edwNLotN9I7WlfcEJuBAudP46f9mq29
+N0cp3ATUmuZsioPkr+u+LDK7uSylAJaJ3wG+RSGjTiV4N/AlN6W4syT8PAT/cfjW
+sdboKD0Df8lVx/PUHsmeLc1vfNoawo7KwjNVaksBiXvGrXgMhTs3Koub5rMpyMB8
+OXsFGPwho62yr6euMW1zrxmlobaR5Fv3QWmANTk6HpqVmKLEDy1xDsp54sw9sQqx
+lRrxt4NqZeaCZuuBwyn+pu5icIo01rguWU2P3r8WEbgbWh+JgGHvowTQEVz7jJVg
+yTduFzQLtAuskrz81gZ0Tmy8PnD2D2JRylXSmDwKeShFeV6r1eWBjmk25LlnpQ40
+TR4EmQINBF977m0BEAC8mpXeJ4uuAXsNOaunJVk6bP0D+P4SazaxTVTu6p3c68LN
+4F2zaxeVuagmf5Yk8u42EwwKfuhoaqX79n/hZYKRoZLsm1S6l+0jJFLVoUkUegXl
+oUdifxFSSXzZB2f06xVVDb7HS9KMdxL/26i9X893hwsNuOqRP3e5kFZFQSXbLuYn
+pFPrXhb/PVoJyEqb/iIvYsMgNMbKEN3bn6NBdq5FLy7T0Rr2v9U9yOqrWDvxMk1b
+WhmhoPeMkVOI6YBXckb3T4l7CH2I7N3PHBegv5m5zQ2zblSKrCzbKMe9mZ4yejXI
+u7tNA9ZRXPt+aLaaOC7pFZ+/skBqKVMn3y8X3dR7J6NulPxTP2sHpPYZ4RXuv0E4
+6WLgeoh08c4+VIyo5SCUoYJC1Sa6Fb/w7L48ZvkKACABrK+HZuaFNjn6ECWVpXqw
+aYfTMItm70MY9wcxzw70ugnUOja+YVrQv/qyBWtRgMKTIs+wz7EEpIepqe3C2WBq
+VJbTNXsGCi7O4KjKPyYbEGbTyh3BhyZA0btwvxqStlszrXXWkLInodfUt5DmVrqt
+qFKO8DQ0fTVhFTBxZ0nDpinSbNWjCx0FIm9fVf3QYT+dmirXbyqAGgvchpx67ar2
+Fzr71+jVdV1N57WGepteIeHhhT1XwuS0G5PMF1/yRbl3b8JsaQeoOKi9Us9aSwAR
+AQABtC9OVFBzZWMgU2VjdXJpdHkgUmVwb3J0aW5nIDxzZWN1cml0eUBudHBzZWMu
+b3JnPokCUwQTAQoAPhYhBOVyNdInZBKfpPL00X9SYI7Q5J12BQJfe+5tAhsDBQkJ
+ZgGABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEH9SYI7Q5J12L9cP+PuM4Dgr
+dizgNupWj7/szlv4FKeq10MNu1wM9+XByzp4OEnkgvJK5qm9O+/AvkwIsmh5G1qQ
+OnbvrhhNlUWzlBJ9McubUQYXQBUPiwS82QavGKhDW99IlV856+qpPhN30oQsqC0o
+U00V+NT7rQ9BU0CTgTfgdJ3CktIzjoQpUwXK8PwL3hd6cs7Z7n709RNrcP0omWHf
+CHc6FAHy5gH7p+vL+4raziuXS8ScKh2bY11NA0GhJ240ryRXKd1znv1wUdv9AwwG
+lfiqWtq8r1YQNKIik2slrkD8aIze0rw6JgKskc0vFpDV9iHkfw1pD3sX1W9TRID9
+nWqT9PLaVYDvInN4T+mPEnp4jFgp7B4mmr138GGtJFyTyzgcpvJv0oDsRxshBkEF
+MF3YYn5f6ZX3OZBlzclUH9yoNEnAn+GjaeZTW4V0qwjmnZD5g0OpVP1ljrxWlhAE
+v6D5yj7RIhg7Xdau/hlYZ83onRYT3isO5QDK9SGIKT2B2cclBzEuBhRXCxnF5uzL
+ilpxUWx/0Xi8kOd1QBbfXMVCDkGSKIZQ1MatGFYQ7uGNnTNdbShTW15uXOmliC0
+kAchHHMT9rQ7i8tTe+ChgmRZ2pOdB77LyegHJ6Vp0FEH0ri4Qec2Qm6rV/nqaWTS
+GBFMncN0nu9LDJZS/S5Fdn1909Ze9sJM8YK5Ag0EX3vubQEQANseMvfX3Bxqdp2r
+BQOm4Pq8jYiRqlrUi8obgKwA6VC5IuyK+xyXd5O7Grq08DHMug1hxVsyBblTFe6m
+mmlZWrCX91441golgCGsgmGK52y37XOXEk5K7I9kHako+8xbFB4pwJqGICqTCu03
+XJsCHNrLYWB1x36FEEC80B5Riusp++i4sQPa5Bl1p+z5C8LNme0OLbDtRRNpNXDN
+q2r0GczT8uNIW5bTqXGqnv/MHnfQvcUHlapjVbsOMFFtbdrGyGPvKnwhjYg7xeeW
+IZ1id4uIfZrpm567Pailaf+bRkUVfY6tsoody/S8/4pY+XVr5DX+2Wd5rK9EGSj8
+CEy1JBTXKJ5AJa9sq2PGTzyXwA9/CgUhRRkqjyK7k1nqT6n/mD/uz2jMZIeodRes
+xl3BChnp3rs+zxb0I5kI6Kpu0zcjrMf/qA6eJciBmv9XlQwE9xG8tkzI1HB7rtds
+PFVYAP5byM387l/bX+Uev+RSSa8ZUI5HcNkiXY0MuljsTEok4f8Vl6cWjrXcZVJj
+Grgo6x0pcRMwJAOODWZxlHAxelt9x3nKDdfO/pmRYx1/sx5MtgJs0Zht+xevksa
+vypPitSKjwGoDylvkGLc+d3+iKv6yrT4Nil6uxnSIsHhWW3GG4xWyDiy3vzwnlDj
+RnD3rZv8ntfhkq4JvaGdHpJD71tdABEBAAGJAjwEGAEKACYWIQTlcjXSJ2QSn6Ty
+9NF/UmCO0OSddgUCX3vubQIbDAUJCWYBgAAKCRB/UmCO0OSddleREACpajO7uKng
+tyYE+laputykGlYeReE0Hih4hL9om6hmkiYN1GSWP1i1g7Ce71pEZfT7Sm+O3xl2
+IU/GMUZz5etQk9wGgPKkRA5fEwq1KRJ1sXNBzSNKt8bvYa05BODWz4mAFsQYIiEZ
+RNMvvsSwg3O/cvDk6xH0Yp9fIZcMG2nbk+ktQlkd7SYwSbrvpenmv90b9diW4LUn
+zLBH6DmRdL+28PXUnbuZ4gbko8+8p8kU/ITNAh9dgTmiGDc8IiGmxPiSir2bnJiz
+k9mXyHub7yipMbgvRBra+oQMIibSk9SQA4qNNUiDGdYPRKZKL3yNyOTsb4F+qpql
+m2/HHqVXH9vcFYAFDjUkKXPikfoQGMvWf1v4Db9eNMKHS45Q2UgFTXNC0C+rwXxZ
+ouzdruGeBE5p733wBo3f8yNFabifPZr7nfvdb/+Z+TLMGRGXyH1hjR3eLjUjuF9p
+uIbfcoKjKgxsYDx/f74WKarH5qTZsbVzFoQHtCSKCKdMGS2JgzAr9pU3FSRjnTSO
+pRFr64n6/qGZ+0e0OjIAzgpDI9vDw8z2p20FNUlvLqfI4IaPrnpu9+msJLneC/Hz
+RlJoPBgR/KzCo65yKT0DBBWw/w1fMD0GidwJRnHy5EvF8oha6SaOQ/EhL7rT01lF
+z7an3UhBdX8UAhjgSOt3rzVZiNxyp5N0w==
+=9YTT
+-----END PGP PUBLIC KEY BLOCK-----
--- a/ntpsec.spec
+++ b/ntpsec.spec
@ -0,0 +1,289 @@
+Name:           ntpsec
+Version:        1.2.2a
+Release:        2%{?dist}
+Summary:        NTP daemon and utilities
+
+# Primary license: MIT (NTP variant)
+# attic/ntpdate: BSD
+# include/{ascii,binio,ieee754io}.h: BSD
+# include/{ntp_assert,isc_*.h}: ISC
+# include/mbg_gps166.h: BSD
+# include/ntp_{debug,endian,filegen}.h: BSD
+# include/nts*.h: BSD
+# include/parse*.h: BSD
+# include/trimble.h: BSD
+# libaes_siv: ASL 2.0
+# libntp/emalloc.c: ISC
+# libntp/ntp_{c,endian,random}.c: BSD
+# libntp/pymodule*: BSD
+# libntp/python_compatibility.h: BSD
+# libntp/strl_obsd.c: ISC
+# libparse: BSD
+# ntpclients: BSD
+# ntpd/ntp_config.c: BSD
+# ntpd/ntp_dns.c: BSD
+# ntpd/ntp_filegen.c: BSD
+# ntpd/ntp_parser.y: BSD
+# ntpd/ntp_sandbox.c: BSD
+# ntpd/ntp_scanner.*: BSD
+# ntpd/nts*.c: BSD
+# ntpd/refclock_generic.c: BSD
+# ntpd/refclock_jjy.c: BSD
+# ntpd/refclock_oncore.c: Beerware (public domain)
+# ntpd/refclock_trimble.c: BSD with advertising
+# ntpfrob: BSD
+# pylib: BSD
+License:        MIT and BSD and BSD with advertising and ISC and ASL 2.0
+URL:            https://www.ntpsec.org/
+Source0:        https://ftp.ntpsec.org/pub/releases/ntpsec-%{version}.tar.gz
+Source1:        https://ftp.ntpsec.org/pub/releases/ntpsec-%{version}.tar.gz.asc
+Source2:        https://ftp.ntpsec.org/pub/releases/ntpsec.gpg.pub.asc
+Source3:        ntp.conf
+
+# Detect weak keys generated by ntpkeygen (CVE-2021-22212)
+Patch1:         ntpsec-weakkeys.patch
+
+BuildRequires:  bison
+BuildRequires:  gcc
+BuildRequires:  gnupg2
+BuildRequires:  libbsd-devel
+BuildRequires:  libcap-devel
+BuildRequires:  m4
+BuildRequires:  openssl-devel
+BuildRequires:  pps-tools-devel
+BuildRequires:  python3-devel
+BuildRequires:  rubygem-asciidoctor
+BuildRequires:  systemd
+BuildRequires:  waf
+
+Requires(pre):  shadow-utils
+%{?systemd_requires}
+
+Conflicts:      ntp ntp-perl ntpdate
+Obsoletes:      ntp < 4.2.10 ntp-perl < 4.2.10 ntp-doc < 4.2.10 ntpdate < 4.2.10 sntp < 4.2.10
+
+# Set pool.ntp.org vendor zone for default configuration
+%if 0%{!?vendorzone:1}
+%global vendorzone %(source /etc/os-release && echo ${ID}.)
+%endif
+
+# Private library
+%global __provides_exclude ^libntpc\\.so.*$
+%global __requires_exclude ^libntpc\\.so.*$
+
+%description
+NTPsec is a more secure and improved implementation of the Network Time
+Protocol derived from the original NTP project.
+
+%prep
+%{gpgverify} --keyring=%{SOURCE2} --signature=%{SOURCE1} --data=%{SOURCE0}
+%autosetup -p1
+
+# Fix egg info to use a shorter version which will work as an rpm provide
+sed -i 's|NTPSEC_VERSION_EXTENDED|NTPSEC_VERSION|' pylib/ntp-in.egg-info
+
+# Modify compiled-in statsdir
+sed -i 's|/var/NTP|%{_localstatedir}/log/ntpstats|' \
+        docs/includes/ntpd-body.adoc ntpd/ntp_util.c
+
+%build
+export CFLAGS="$RPM_OPT_FLAGS"
+export LDFLAGS="$RPM_LD_FLAGS"
+
+waf configure \
+        --enable-debug \
+        --enable-debug-gdb \
+        --disable-doc \
+        --refclock=all \
+        --prefix=%{_prefix} \
+        --exec-prefix=%{_exec_prefix} \
+        --bindir=%{_bindir} \
+        --sbindir=%{_sbindir} \
+        --sysconfdir=%{_sysconfdir} \
+        --datadir=%{_datadir} \
+        --includedir=%{_includedir} \
+        --libdir=%{_libdir} \
+        --libexecdir=%{_libexecdir} \
+        --localstatedir=%{_localstatedir} \
+        --sharedstatedir=%{_sharedstatedir} \
+        --mandir=%{_mandir} \
+        ;
+
+waf build
+
+%install
+waf --destdir=%{buildroot} install
+
+install -p -m755 attic/ntpdate %{buildroot}%{_sbindir}/ntpdate
+mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
+install -p -m644 etc/logrotate-config.ntpd \
+        %{buildroot}%{_sysconfdir}/logrotate.d/ntpsec.conf
+
+rm -rf %{buildroot}%{_docdir}
+rm %{buildroot}%{_bindir}/runtests
+
+pushd %{buildroot}
+
+sed -e 's|VENDORZONE\.|%{vendorzone}|' \
+        -e 's|VARNTP|%{_localstatedir}/lib/ntp|' \
+        < %{SOURCE3} > .%{_sysconfdir}/ntp.conf
+touch -r %{SOURCE3} .%{_sysconfdir}/ntp.conf
+
+for f in .%{_bindir}/*; do
+        head -c 30 "$f" | grep -q python || continue
+        %py3_shebang_fix "$f"
+done
+
+# Move ntpq to sbin for better compatibility with ntp package
+mv .%{_bindir}/ntpq .%{_sbindir}/ntpq
+
+mkdir -p .%{_localstatedir}/{lib/ntp,log/ntpstats}
+touch .%{_localstatedir}/lib/ntp/ntp.drift
+
+mkdir -p .%{_prefix}/lib/systemd/ntp-units.d
+echo 'ntpd.service' > .%{_prefix}/lib/systemd/ntp-units.d/60-ntpd.list
+
+popd
+
+%check
+waf check
+
+%pre
+# UID/GID inherited from the ntp package
+/usr/sbin/groupadd -g 38 ntp 2> /dev/null || :
+/usr/sbin/useradd -u 38 -g 38 -s /sbin/nologin -M -r \
+        -d %{_localstatedir}/lib/ntp ntp 2>/dev/null || :
+
+%post
+%systemd_post ntpd.service ntp-wait.service
+systemctl daemon-reload 2> /dev/null || :
+
+%preun
+%systemd_preun ntpd.service ntp-wait.service
+
+%postun
+%systemd_postun_with_restart ntpd.service
+
+%global service_save_file /run/ntp-ntpsec.upgrade.services
+
+%triggerprein -- ntp < 4.2.10
+[ $1 = 0 ] || exit 0
+# Save enabled ntp services and configuration (before our post)
+for s in ntpd ntp-wait; do
+        systemctl is-enabled -q "$s".service 2> /dev/null &&
+                echo "$s" 2> /dev/null >> %{service_save_file}
+done
+rm -rf %{_sysconfdir}/ntp.ntpsec
+cp -r --preserve=all %{_sysconfdir}/ntp %{_sysconfdir}/ntp.ntpsec 2> /dev/null
+:
+
+%triggerpostun -- ntp < 4.2.10
+[ $2 = 0 ] || exit 0
+# Restore the services and configuration from ntp (after its preun)
+for s in ntpd ntp-wait; do
+        grep -q "^$s$" %{service_save_file} 2> /dev/null &&
+                systemctl enable -q "$s".service 2> /dev/null
+done
+rm -f %{service_save_file}
+mv -f -T --backup=numbered %{_sysconfdir}/ntp.ntpsec %{_sysconfdir}/ntp
+# Remove unsupported restrictions
+sed -i.bak -E '/^restrict/s/no(e?peer|trap)//g' %{_sysconfdir}/ntp.conf
+:
+
+%files
+%license LICENSES/*
+%doc NEWS.adoc README.adoc
+%config(noreplace) %{_sysconfdir}/ntp.conf
+%dir %{_sysconfdir}/logrotate.d
+%config(noreplace) %{_sysconfdir}/logrotate.d/ntpsec.conf
+%{_bindir}/ntp*
+%{_sbindir}/ntp*
+%{_libdir}/libntpc.so*
+%{_mandir}/man1/ntp*.1*
+%{_mandir}/man5/ntp*.5*
+%{_mandir}/man8/ntp*.8*
+%{_unitdir}/ntp*.service
+%{_unitdir}/ntp*.timer
+%{_prefix}/lib/systemd/ntp-units.d/*ntpd.list
+%dir %attr(-,ntp,ntp) %{_localstatedir}/lib/ntp
+%ghost %attr(644,ntp,ntp) %{_localstatedir}/lib/ntp/ntp.drift
+%dir %attr(-,ntp,ntp) %{_localstatedir}/log/ntpstats
+%{python3_sitearch}/ntp-*.egg-info
+%{python3_sitearch}/ntp
+
+%changelog
+* Sun Mar 24 2024 Jean-Philippe Pialasse <jpp@koozali.org> 1.2.2a-2.sme
+- first build for el8/SME11
+
+* Thu Aug 03 2023 Miroslav Lichvar <mlichvar@redhat.com> 1.2.2a-1
+- update to 1.2.2a (CVE-2023-4012)
+
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 1.2.2-3
+- Rebuilt for Python 3.12
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Mon Jan 02 2023 Miroslav Lichvar <mlichvar@redhat.com> 1.2.2-1
+- update to 1.2.2
+
+* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.1-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 1.2.1-8
+- Rebuilt for Python 3.11
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Wed Sep 15 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.1-6
+- fix building with OpenSSL-3.0
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.2.1-5
+- Rebuilt with OpenSSL 3.0.0
+
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Thu Jun 17 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.1-3
+- detect weak keys generated by ntpkeygen (#1955859)
+
+* Mon Jun 07 2021 Python Maint <python-maint@redhat.com> - 1.2.1-2
+- Rebuilt for Python 3.10
+
+* Mon Jun 07 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.1-1
+- update to 1.2.1 (CVE-2021-22212)
+- enable refclock support (#1955859)
+- add libbsd-devel to build requirements
+
+* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1.2.0-8
+- Rebuilt for Python 3.10
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.2.0-7
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Mon Feb 01 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.0-6
+- change ntpdate defaults to follow classic ntpdate (#1917884)
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jan 18 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.0-4
+- include associd in ntpq readvar output (#1914901)
+- fix ntpq crash in raw mode (#1914901)
+
+* Wed Jan 06 2021 Miroslav Lichvar <mlichvar@redhat.com> 1.2.0-3
+- switch to flat default configuration
+- save enabled services and configuration when replacing ntp
+- move ntpdate and ntpq to /usr/sbin for better compatibility
+- extend ntp conflicts and obsoletes
+
+* Tue Dec 01 2020 Miroslav Lichvar <mlichvar@redhat.com> 1.2.0-2
+- address issues found in package review (#1896368)
+
+* Tue Nov 10 2020 Miroslav Lichvar <mlichvar@redhat.com> 1.2.0-1
+- package ntpsec