Update to 6.0p1. Notable fixes:

* Set MOD_MAXERROR to avoid unsynced time status when using ntp_adjtime.
* Hardened TLS for ntpd constraints, enabling server name verification.

PR:		210056

7 files changed, 46 insertions, 38 deletions

diff --git a/net/openntpd/Makefile b/net/openntpd/Makefile
index a302e4626d9e..d78aba95a047 100644
--- a/net/openntpd/Makefile
+++ b/net/openntpd/Makefile
@@ -1,8 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	openntpd
-PORTVERSION=	5.9p1
-PORTREVISION=	1
+PORTVERSION=	6.0p1
 PORTEPOCH=	2
 CATEGORIES=	net
 MASTER_SITES=	OPENBSD/OpenNTPD
diff --git a/net/openntpd/distinfo b/net/openntpd/distinfo
index 7dd80e83bc37..9984db081b93 100644
--- a/net/openntpd/distinfo
+++ b/net/openntpd/distinfo
@@ -1,2 +1,3 @@
-SHA256 (openntpd-5.9p1.tar.gz) = 200c04056d4d6441653cac71d515611f3903aa7b15b8f5661a40dab3fb3697b3
-SIZE (openntpd-5.9p1.tar.gz) = 432844
+TIMESTAMP = 1465311084
+SHA256 (openntpd-6.0p1.tar.gz) = b1ab80094788912adb12b33cb1f251cc58db39294c1b5c6376972f5f7ba577e8
+SIZE (openntpd-6.0p1.tar.gz) = 432696
diff --git a/net/openntpd/files/patch-include_signal.h b/net/openntpd/files/patch-include_signal.h
deleted file mode 100644
index 703a6cbc2da6..000000000000
--- a/net/openntpd/files/patch-include_signal.h
+++ /dev/null
@@ -1,10 +0,0 @@
---- include/signal.h.orig	2015-05-04 09:54:32 UTC
-+++ include/signal.h
-@@ -8,3 +8,7 @@
- #ifndef SIGINFO
- #define SIGINFO SIGUSR1
- #endif
-+
-+#ifndef _NSIG
-+#define _NSIG NSIG
-+#endif
diff --git a/net/openntpd/files/patch-src_constraint.c b/net/openntpd/files/patch-src_constraint.c
deleted file mode 100644
index a6f46a88dde2..000000000000
--- a/net/openntpd/files/patch-src_constraint.c
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/constraint.c.orig	2016-03-28 13:51:51 UTC
-+++ src/constraint.c
-@@ -905,7 +905,7 @@ httpsdate_request(struct httpsdate *http
- 		 * or ANSI C's asctime() - the latter doesn't include
- 		 * the timezone which is required here.
- 		 */
--		if (strptime(p, "%a, %d %h %Y %T %Z",
-+		if (strptime(p, "%a, %d %h %Y %T GMT",
- 		    &httpsdate->tls_tm) == NULL) {
- 			log_warnx("unsupported date format");
- 			free(line);
diff --git a/net/openntpd/files/patch-src_ntpd.8 b/net/openntpd/files/patch-src_ntpd.8
index 11dd15c89dd0..050631b2c2c3 100644
--- a/net/openntpd/files/patch-src_ntpd.8
+++ b/net/openntpd/files/patch-src_ntpd.8
@@ -1,4 +1,4 @@
---- src/ntpd.8.orig	2016-03-28 13:51:51 UTC
+--- src/ntpd.8.orig	2016-05-30 22:50:02 UTC
 +++ src/ntpd.8
 @@ -56,7 +56,7 @@ Use
  .Ar file
diff --git a/net/openntpd/files/patch-src_ntpd.conf.5 b/net/openntpd/files/patch-src_ntpd.conf.5
index bafd70764599..f1cebae8b319 100644
--- a/net/openntpd/files/patch-src_ntpd.conf.5
+++ b/net/openntpd/files/patch-src_ntpd.conf.5
@@ -1,4 +1,4 @@
---- src/ntpd.conf.5.orig	2016-03-28 13:51:51 UTC
+--- src/ntpd.conf.5.orig	2016-05-30 22:50:02 UTC
 +++ src/ntpd.conf.5
 @@ -218,8 +218,8 @@ constraints from "https://www.google.com
  .Ed
diff --git a/net/openntpd/files/patch-src_server.c b/net/openntpd/files/patch-src_server.c
index 52e37f601d9f..8fde14f99608 100644
--- a/net/openntpd/files/patch-src_server.c
+++ b/net/openntpd/files/patch-src_server.c
@@ -1,23 +1,28 @@
---- src/server.c.orig	2016-03-28 13:51:51 UTC
+--- src/server.c.orig	2016-05-30 22:50:02 UTC
 +++ src/server.c
-@@ -36,14 +36,14 @@ setup_listeners(struct servent *se, stru
+@@ -35,8 +35,8 @@ setup_listeners(struct servent *se, stru
+ 	struct listen_addr	*la, *nla, *lap;
  	struct ifaddrs		*ifa, *ifap;
  	struct sockaddr		*sa;
- #ifdef SO_RTABLE
+-#ifdef SO_RTABLE
 -	struct if_data		*ifd;
++#ifdef SO_SETFIB
 +	struct ifreq		 ifr;
  #endif
  	u_int8_t		*a6;
  	size_t			 sa6len = sizeof(struct in6_addr);
- 	u_int			 new_cnt = 0;
- 	int			 tos = IPTOS_LOWDELAY;
- #ifdef SO_RTABLE
+@@ -45,8 +45,8 @@ setup_listeners(struct servent *se, stru
+ #ifdef IPV6_V6ONLY
+ 	int			 on = 1;
+ #endif
+-#ifdef SO_RTABLE
 -	int			 rdomain = 0;
++#ifdef SO_SETFIB
 +	int			 rdomain, fd;
  #endif
  
  	TAILQ_FOREACH(lap, &lconf->listen_addrs, entry) {
-@@ -56,16 +56,21 @@ setup_listeners(struct servent *se, stru
+@@ -59,16 +59,20 @@ setup_listeners(struct servent *se, stru
  				sa = ifap->ifa_addr;
  				if (sa == NULL || SA_LEN(sa) == 0)
  					continue;
@@ -30,18 +35,42 @@
  				if (sa->sa_family != AF_INET &&
  				    sa->sa_family != AF_INET6)
  					continue;
- #ifdef SO_RTABLE
+-#ifdef SO_RTABLE
++#ifdef SO_SETFIB
 +				strlcpy(ifr.ifr_name, ifap->ifa_name,
 +				    sizeof(ifr.ifr_name));
 +
 +				fd = socket(AF_INET, SOCK_DGRAM, 0);
-+				if (ioctl(fd, SIOCGIFRDOMAIN,
-+				    (caddr_t)&ifr) == -1)
++				if (ioctl(fd, SIOCGIFFIB, (caddr_t)&ifr) == -1)
 +					rdomain = 0;
 +				else
-+					rdomain = ifr.ifr_rdomainid;
++					rdomain = ifr.ifr_fib;
 +				close(fd);
 +
  				if (lap->rtable != -1 && rdomain != lap->rtable)
  					continue;
  #endif
+@@ -90,7 +94,7 @@ setup_listeners(struct servent *se, stru
+ 					fatal("setup_listeners calloc");
+ 
+ 				memcpy(&la->sa, sa, SA_LEN(sa));
+-#ifdef SO_RTABLE
++#ifdef SO_SETFIB
+ 				la->rtable = rdomain;
+ #endif
+ 
+@@ -143,11 +147,11 @@ setup_listeners(struct servent *se, stru
+ 			log_warn("setsockopt IPV6_V6ONLY");
+ #endif
+ 
+-#ifdef SO_RTABLE
++#ifdef SO_SETFIB
+ 		if (la->rtable != -1 &&
+-		    setsockopt(la->fd, SOL_SOCKET, SO_RTABLE, &la->rtable,
++		    setsockopt(la->fd, SOL_SOCKET, SO_SETFIB, &la->rtable,
+ 		    sizeof(la->rtable)) == -1)
+-			fatal("setup_listeners setsockopt SO_RTABLE");
++			fatal("setup_listeners setsockopt SO_SETFIB");
+ #endif
+ 
+ 		if (bind(la->fd, (struct sockaddr *)&la->sa,