summary refs log tree commit diff
diff options
context:
space:
mode:
authorMaxim Cournoyer <maxim.cournoyer@gmail.com>2019-10-31 23:20:22 -0400
committerMaxim Cournoyer <maxim.cournoyer@gmail.com>2019-10-31 23:37:47 -0400
commitf37ad658eada78384764c7d6db3a7f3ad8ad283e (patch)
tree136698f9f974e3ac4ed51bd4344b80eb22eda3a1
parent28d46d9d4317180b348ad5baeddad8ef25ed430a (diff)
downloadguix-f37ad658eada78384764c7d6db3a7f3ad8ad283e.tar.gz
services: ntp: Fix a crash when using legacy configuration.
Fixes issue #37504 (see: https://bugs.gnu.org/37504).

The bug was caused by the fact that destructuring an <ntp-configuration>
record using match would bind the 'servers' field without using the
compatibility accessor.

* gnu/services/networking.scm (ntp-shepherd-service): Replace `match-lambda'
by distinct `lambda' and `match' calls, so that the 'servers' field can be
generated by applying the `ntp-configuration-servers' procedure to the
configuration object.
-rw-r--r--gnu/services/networking.scm45
1 files changed, 23 insertions, 22 deletions
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 841fbd741e..a1c1aad9f6 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -394,15 +394,16 @@ deprecated.  Please use <ntp-server> records instead.\n")
        ntp-servers))))
 
 (define ntp-shepherd-service
-  (match-lambda
-    (($ <ntp-configuration> ntp servers allow-large-adjustment?)
-     (let ()
-       ;; TODO: Add authentication support.
-       (define config
-         (string-append "driftfile /var/run/ntpd/ntp.drift\n"
-                        (string-join (map ntp-server->string servers)
-                                     "\n")
-                        "
+  (lambda (config)
+    (match config
+      (($ <ntp-configuration> ntp servers allow-large-adjustment?)
+       (let ((servers (ntp-configuration-servers config)))
+         ;; TODO: Add authentication support.
+         (define config
+           (string-append "driftfile /var/run/ntpd/ntp.drift\n"
+                          (string-join (map ntp-server->string servers)
+                                       "\n")
+                          "
 # Disable status queries as a workaround for CVE-2013-5211:
 # <http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using>.
 restrict default kod nomodify notrap nopeer noquery limited
@@ -416,20 +417,20 @@ restrict -6 ::1
 # option by default, as documented in the 'ntp.conf' manual.
 restrict source notrap nomodify noquery\n"))
 
-       (define ntpd.conf
-         (plain-file "ntpd.conf" config))
+         (define ntpd.conf
+           (plain-file "ntpd.conf" config))
 
-       (list (shepherd-service
-              (provision '(ntpd))
-              (documentation "Run the Network Time Protocol (NTP) daemon.")
-              (requirement '(user-processes networking))
-              (start #~(make-forkexec-constructor
-                        (list (string-append #$ntp "/bin/ntpd") "-n"
-                              "-c" #$ntpd.conf "-u" "ntpd"
-                              #$@(if allow-large-adjustment?
-                                     '("-g")
-                                     '()))))
-              (stop #~(make-kill-destructor))))))))
+         (list (shepherd-service
+                (provision '(ntpd))
+                (documentation "Run the Network Time Protocol (NTP) daemon.")
+                (requirement '(user-processes networking))
+                (start #~(make-forkexec-constructor
+                          (list (string-append #$ntp "/bin/ntpd") "-n"
+                                "-c" #$ntpd.conf "-u" "ntpd"
+                                #$@(if allow-large-adjustment?
+                                       '("-g")
+                                       '()))))
+                (stop #~(make-kill-destructor)))))))))
 
 (define %ntp-accounts
   (list (user-account