;;; Copyright © 2014 John Darrington <jmd@gnu.org>
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer <taylanbayirli@gmail.com>
+;;; Copyright © 2015, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2018–2021 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2019 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021 Marius Bakke <marius@gnu.org>
+;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;;
;;; This file is part of GNU Guix.
;;;
(define-module (gnu packages ntp)
#:use-module (gnu packages)
+ #:use-module (gnu packages autotools)
#:use-module (gnu packages base)
+ #:use-module (gnu packages libevent)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages nettle)
#:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages readline)
#:use-module (gnu packages tls)
- #:use-module (gnu packages libevent)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix download)
+ #:use-module (guix git-download)
#:use-module ((guix licenses) #:prefix l:)
#:use-module (guix packages)
#:use-module (guix utils)
- #:use-module (guix download)
- #:use-module (guix build-system gnu)
#:use-module (srfi srfi-1))
+(define-public chrony
+ (package
+ (name "chrony")
+ (version "4.1")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://download.tuxfamily.org/chrony/"
+ "chrony-" version ".tar.gz"))
+ (sha256
+ (base32 "0k0nf5qqzl01106lkmwc32n6a1fxagalpbci38iccyilz79z4xpd"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:modules ((srfi srfi-26)
+ (guix build utils)
+ (guix build gnu-build-system))
+ #:configure-flags
+ (list "--enable-scfilter"
+ "--with-sendmail=sendmail"
+ "--with-user=chrony")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'stay-inside-out
+ ;; Simply setting CHRONYVARDIR to something nonsensical at install
+ ;; time would result in nonsense file names in man pages.
+ (lambda _
+ (substitute* "Makefile.in"
+ (("mkdir -p \\$\\(DESTDIR\\)\\$\\(CHRONYVARDIR\\)") ":"))
+ #t))
+ (add-after 'install 'install-more-documentation
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (doc (string-append out "/share/doc/" ,name "-" ,version)))
+ (for-each (cut install-file <> doc)
+ (list "README" "FAQ"))
+ (copy-recursively "examples" (string-append doc "/examples"))
+ #t))))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("gnutls" ,gnutls)
+ ("libcap" ,libcap)
+ ("libseccomp" ,libseccomp)
+ ("nettle" ,nettle)))
+ (home-page "https://chrony.tuxfamily.org/")
+ (synopsis "System clock synchronisation service that speaks NTP")
+ (description
+ "Chrony keeps your system time accurate. It synchronises your computer's
+clock with @acronym{NTP, Network Time Protocol} servers, reference clocks such
+as GPS receivers, or even manual input of the correct time from a wristwatch.
+
+Chrony will determine the rate at which the computer gains or loses time, and
+compensate for it. It can also operate as an NTPv4 (RFC 5905) server and peer
+to tell time to other computers on the network.
+
+It's designed to perform well even under adverse conditions: congested
+networks, unreliable clocks drifting with changes in temperature, and devices
+or virtual machines that are frequently turned off and connect to the Internet
+for only a few minutes at a time.
+
+Typical accuracy when synchronised over the Internet is several milliseconds.
+On a local network this can reach tens of microseconds. With hardware
+time-stamping or reference clock, sub-microsecond accuracy is possible.")
+ (license l:gpl2)))
+
(define-public ntp
(package
(name "ntp")
- (version "4.2.8p4")
- (source (origin
- (method url-fetch)
- (uri (string-append
- "http://archive.ntp.org/ntp4/ntp-"
- (version-major+minor version)
- "/ntp-" version ".tar.gz"))
- (sha256
- (base32
- "1fgxbhv0wyiivi6kh5zpzrd0yqmc48z7d3zmjspw9lj84mbn2s8d"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; Remove the bundled copy of libevent, but we must keep
- ;; sntp/libevent/build-aux since configure.ac contains
- ;; AC_CONFIG_AUX_DIR([sntp/libevent/build-aux])
- (rename-file "sntp/libevent/build-aux"
- "sntp/libevent:build-aux")
- (delete-file-recursively "sntp/libevent")
- (mkdir "sntp/libevent")
- (rename-file "sntp/libevent:build-aux"
- "sntp/libevent/build-aux")
- #t))))
+ (version "4.2.8p15")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append
+ "https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-"
+ (version-major+minor version)
+ "/ntp-" version ".tar.gz")
+ (string-append
+ "http://archive.ntp.org/ntp4/ntp-"
+ (version-major+minor version)
+ "/ntp-" version ".tar.gz")))
+ (sha256
+ (base32 "06cwhimm71safmwvp6nhxp6hvxsg62whnbgbgiflsqb8mgg40n7n"))
+ ;; Add an upstream patch to fix build with GCC 10. Taken from
+ ;; <https://bugs.ntp.org/show_bug.cgi?id=3688>.
+ (patches (list (origin
+ (method url-fetch)
+ (uri "https://bugs.ntp.org/attachment.cgi?id=1760\
+&action=diff&context=patch&collapsed=&headers=1&format=raw")
+ (file-name "ntp-gcc-compat.patch")
+ (sha256
+ (base32
+ "13d28sg45rflc7kqiv30asrhna8n69wlpwx16l65rravgpvp90h2")))))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin
+ ;; Remove the bundled copy of libevent, but we must keep
+ ;; sntp/libevent/build-aux since configure.ac contains
+ ;; AC_CONFIG_AUX_DIR([sntp/libevent/build-aux])
+ (rename-file "sntp/libevent/build-aux"
+ "sntp/libevent:build-aux")
+ (delete-file-recursively "sntp/libevent")
+ (mkdir "sntp/libevent")
+ (rename-file "sntp/libevent:build-aux"
+ "sntp/libevent/build-aux")
+ #t))))
(native-inputs `(("which" ,which)
("pkg-config" ,pkg-config)))
(inputs
(description "NTP is a system designed to synchronize the clocks of
computers over a network.")
(license (l:x11-style
- "http://www.eecis.udel.edu/~mills/ntp/html/copyright.html"
+ "https://www.eecis.udel.edu/~mills/ntp/html/copyright.html"
"A non-copyleft free licence from the University of Delaware"))
- (home-page "http://www.ntp.org")))
+ (home-page "https://www.ntp.org")))
(define-public openntpd
(package
(name "openntpd")
- (version "5.7p3")
+ (version "6.8p1")
(source (origin
(method url-fetch)
- ;; XXX Use mirror://openbsd
(uri (string-append
- "http://ftp.openbsd.org/pub/OpenBSD/OpenNTPD/openntpd-"
- version ".tar.gz"))
+ "mirror://openbsd/OpenNTPD/openntpd-" version ".tar.gz"))
(sha256
(base32
- "0filjmb3b8rc39bvhm8q2azzj10ljfgq41qih71pxv919j57qhag"))))
+ "0ijsylc7a4jlpxsqa0jq1w1c7333id8pcakzl7a5749ria1xp0l5"))))
(build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (let* ((libressl (assoc-ref %build-inputs "libressl"))
+ (libressl-version ,(package-version
+ (car (assoc-ref (package-inputs this-package)
+ "libressl")))))
+ (list "--with-privsep-user=ntpd"
+ "--localstatedir=/var"
+ (string-append "--with-cacert=" libressl
+ "/share/libressl-" libressl-version
+ "/cert.pem")))
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'modify-install-locations
+ (lambda _
+ ;; Don't try to create /var/run or /var/db
+ (substitute* "src/Makefile.in"
+ (("DESTDIR\\)\\$\\(localstatedir") "TMPDIR"))
+ #t)))))
+ (inputs
+ `(("libressl" ,libressl))) ; enable TLS time constraints. See ntpd.conf(5).
(home-page "http://www.openntpd.org/")
(synopsis "NTP client and server by the OpenBSD Project")
(description "OpenNTPD is the OpenBSD Project's implementation of a client
minimalist than ntpd.")
;; A few of the source files are under bsd-3.
(license (list l:isc l:bsd-3))))
+
+(define-public tlsdate
+ (package
+ (name "tlsdate")
+ (version "0.0.13")
+ (home-page "https://github.com/ioerror/tlsdate")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (commit (string-append "tlsdate-" version))
+ (url home-page)))
+ (sha256
+ (base32
+ "0w3v63qmbhpqlxjsvf4k3zp90k6mdzi8cdpgshan9iphy1f44xgl"))
+ (file-name (string-append name "-" version "-checkout"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(;; Disable seccomp when it's not supported--e.g., on aarch64. See
+ ;; 'src/seccomp.c' for the list of supported systems.
+ #:configure-flags ,(if (any (lambda (system)
+ (string-contains (or
+ (%current-target-system)
+ (%current-system))
+ system))
+ '("x86_64" "i686" "arm"))
+ ''()
+ ''("--disable-seccomp-filter"))
+
+ #:phases (modify-phases %standard-phases
+ (add-after 'unpack 'autogen
+ (lambda _
+ ;; The ancestor of 'SOURCE_DATE_EPOCH'; it contains the
+ ;; date that is recorded in binaries. It must be a
+ ;; "recent date" since it is used to detect bogus dates
+ ;; received from servers.
+ (setenv "COMPILE_DATE" (number->string 1530144000))
+ (invoke "sh" "autogen.sh"))))))
+ (inputs `(("openssl" ,openssl-1.0)
+ ("libevent" ,libevent)))
+ (native-inputs `(("pkg-config" ,pkg-config)
+ ("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (synopsis "Extract remote time from TLS handshakes")
+ (description
+ "@command{tlsdate} sets the local clock by securely connecting with TLS
+to remote servers and extracting the remote time out of the secure handshake.
+Unlike ntpdate, @command{tlsdate} uses TCP, for instance connecting to a
+remote HTTPS or TLS enabled service, and provides some protection against
+adversaries that try to feed you malicious time information.")
+ (license l:bsd-3)))
HCoop / jackhill / guix / guix.git / blobdiff