MFV r308954:

ntp 4.2.8p9. Approved by: so
svn path=/head/; revision=308957
2024-11-29 08:08:37 +00:00 · 2016-11-22 08:27:49 +00:00 · 2016-11-22 08:27:49 +00:00 · f391d6bc1d · 2020-12-20 02:59:44 +00:00
commit f391d6bc1d
parent e65d4e8abc 01b922f62c
183 changed files with 7435 additions and 3841 deletions
--- a/contrib/ntp/ChangeLog
+++ b/contrib/ntp/ChangeLog
@ -1,3 +1,72 @@
 ---
 (4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org>
 (4.2.8p9) 2016/MM/DD Released by Harlan Stenn <stenn@ntp.org>
 * [Sec 3119] Trap crash <perlinger@ntp.org>
 * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org>
  - TRAP config via mode 6 packet requires AUTH now.
 * [Sec 3114] Broadcast Mode Replay Prevention DoS
  - applied patches by Matthew Van Gundy. <perlinger@ntp.org>
  - with bcpollbstep, tweaks and cleanup by stenn@ntp.org
 * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org>
  - applied fix as suggested by Matthew Van Gundy
 * [Sec 3110] Windows: ntpd DoS by oversized UDP packet
  - fixed error handling for truncated UDP packets. <perlinger@ntp.org>
 * [Sec 3102] Zero origin issues.  HStenn.
 * [Sec 3082] null pointer dereference in _IO_str_init_static_internal()
  - more hardening to read_mru_list(). perlinger@ntp.org
 * [Sec 3072] Attack on interface selection <perlinger@ntp.org>
  - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion
    to skip interface updates based on incoming packets
 * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org>
 * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org
 * [Bug 3129] Unknown hosts can put resolver thread into a hard loop
  - moved retry decision where it belongs. <perlinger@ntp.org>
 * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order
  using the loopback-ppsapi-provider.dll <perlinger@ntp.org>
 * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org>
 * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org>
  - fixed extended sysvar lookup (bug introduced with bug 3008 fix)
 * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org>
  - applied patches by Kurt Roeckx <kurt@roeckx.be> to source
  - added shim layer for SSL API calls with issues (both directions)
 * [Bug 3089] Serial Parser does not work anymore for hopfser like device
  - simplified / refactored hex-decoding in driver. <perlinger@ntp.org>
 * [Bug 3084] update-leap mis-parses the leapfile name.  HStenn.
 * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org
  - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com>
 * [Bug 3067] Root distance calculation needs improvement.  HStenn.
 * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org
  - PPS-HACK works again.
 * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org>
  - applied patch by Brian Utterback <brian.utterback@oracle.com>
 * [Bug 3053] ntp_loopfilter.c frequency calc precedence error.  Sarah White.
 * [Bug 3050]  Fix for bug #2960 causes [...] spurious error message.
  <perlinger@ntp.org>
  - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no>
 * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org
  - Patch provided by Kuramatsu.
 * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org>
  - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()'
 * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing.
  DMayer and JPerlinger.
 * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger
 * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY.  HStenn.
 * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org>
  - fixed GPS week expansion to work based on build date. Special thanks
    to Craig Leres for initial patch and testing.
 * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd'
  - fixed Makefile.am <perlinger@ntp.org>
 * [Bug 2689] ATOM driver processes last PPS pulse at startup,
             even if it is very old <perlinger@ntp.org>
  - make sure PPS source is alive before processing samples
  - improve stability close to the 500ms phase jump (phase gate)
 * Fix typos in include/ntp.h.
 * Shim X509_get_signature_nid() if needed.
 * git author attribution cleanup
 * bk ignore file cleanup
 * remove locks in Windows IO, use rpc-like thread synchronisation instead
 ---
 (4.2.8p8) 2016/06/02 Released by Harlan Stenn <stenn@ntp.org>
@ -19,7 +88,7 @@
 * Fix typo in ntp-wait and plot_summary.  HStenn.
 * Make sure we have an "author" file for git imports.  HStenn.
 * Update the sntp problem tests for MacOS.  HStenn.
-  
+
 ---
 (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org>
--- a/contrib/ntp/CommitLog
+++ b/contrib/ntp/CommitLog
--- a/contrib/ntp/NEWS
+++ b/contrib/ntp/NEWS
@ -1,3 +1,310 @@
 ---
 NTP 4.2.8p9 (Harlan Stenn <stenn@ntp.org>, 2016/11/21) 
 Focus: Security, Bug fixes, enhancements.
 Severity: HIGH
 In addition to bug fixes and enhancements, this release fixes the
 following 1 high- (Windows only), 2 medium-, 2 medium-/low, and
 5 low-severity vulnerabilities, and provides 28 other non-security
 fixes and improvements:
 * Trap crash
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3119 / CVE-2016-9311 / VU#633847
   Affects: ntp-4.0.90 (21 July 1999), possibly earlier, up to but not
   	including 4.2.8p9, and ntp-4.3.0 up to but not including ntp-4.3.94.
   CVSS2: MED 4.9 (AV:N/AC:H/Au:N/C:N/I:N/A:C)
   CVSS3: MED 4.4 CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
   Summary: 
 	ntpd does not enable trap service by default. If trap service
 	has been explicitly enabled, an attacker can send a specially
 	crafted packet to cause a null pointer dereference that will
 	crash ntpd, resulting in a denial of service. 
   Mitigation:
        Implement BCP-38.
 	Use "restrict default noquery ..." in your ntp.conf file. Only
 	    allow mode 6 queries from trusted networks and hosts. 
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Matthew Van Gundy of Cisco.
 * Mode 6 information disclosure and DDoS vector
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3118 / CVE-2016-9310 / VU#633847
   Affects: ntp-4.0.90 (21 July 1999), possibly earlier, up to but not
 	including 4.2.8p9, and ntp-4.3.0 up to but not including ntp-4.3.94.
   CVSS2: MED 6.4 (AV:A/AC:L/Au:N/C:N/I:N/A:P)
   CVSS3: MED 6.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
   Summary: 
 	An exploitable configuration modification vulnerability exists
 	in the control mode (mode 6) functionality of ntpd. If, against
 	long-standing BCP recommendations, "restrict default noquery ..."
 	is not specified, a specially crafted control mode packet can set
 	ntpd traps, providing information disclosure and DDoS
 	amplification, and unset ntpd traps, disabling legitimate
 	monitoring. A remote, unauthenticated, network attacker can
 	trigger this vulnerability. 
   Mitigation:
        Implement BCP-38.
 	Use "restrict default noquery ..." in your ntp.conf file.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Matthew Van Gundy of Cisco.
 * Broadcast Mode Replay Prevention DoS
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3114 / CVE-2016-7427 / VU#633847
   Affects: ntp-4.2.8p6, up to but not including ntp-4.2.8p9, and 
 	ntp-4.3.90 up to, but not including ntp-4.3.94.
   CVSS2: LOW 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P)
   CVSS3: MED 4.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
   Summary: 
 	The broadcast mode of NTP is expected to only be used in a
 	trusted network. If the broadcast network is accessible to an
 	attacker, a potentially exploitable denial of service
 	vulnerability in ntpd's broadcast mode replay prevention
 	functionality can be abused. An attacker with access to the NTP
 	broadcast domain can periodically inject specially crafted
 	broadcast mode NTP packets into the broadcast domain which,
 	while being logged by ntpd, can cause ntpd to reject broadcast
 	mode packets from legitimate NTP broadcast servers. 
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Matthew Van Gundy of Cisco.
 * Broadcast Mode Poll Interval Enforcement DoS
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3113 / CVE-2016-7428 / VU#633847
   Affects: ntp-4.2.8p6, up to but not including ntp-4.2.8p9, and
 	ntp-4.3.90 up to, but not including ntp-4.3.94
   CVSS2: LOW 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P)
   CVSS3: MED 4.3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
   Summary: 
 	The broadcast mode of NTP is expected to only be used in a
 	trusted network. If the broadcast network is accessible to an
 	attacker, a potentially exploitable denial of service
 	vulnerability in ntpd's broadcast mode poll interval enforcement
 	functionality can be abused. To limit abuse, ntpd restricts the
 	rate at which each broadcast association will process incoming
 	packets. ntpd will reject broadcast mode packets that arrive
 	before the poll interval specified in the preceding broadcast
 	packet expires. An attacker with access to the NTP broadcast
 	domain can send specially crafted broadcast mode NTP packets to
 	the broadcast domain which, while being logged by ntpd, will
 	cause ntpd to reject broadcast mode packets from legitimate NTP
 	broadcast servers. 
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Matthew Van Gundy of Cisco.
 * Windows: ntpd DoS by oversized UDP packet
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3110 / CVE-2016-9312 / VU#633847
   Affects Windows only: ntp-4.?.?, up to but not including ntp-4.2.8p9,
 	and ntp-4.3.0 up to, but not including ntp-4.3.94. 
   CVSS2: HIGH 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
   CVSS3: HIGH 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
   Summary: 
 	If a vulnerable instance of ntpd on Windows receives a crafted
 	malicious packet that is "too big", ntpd will stop working. 
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Robert Pajak of ABB.
 * 0rigin (zero origin) issues
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3102 / CVE-2016-7431 / VU#633847
   Affects: ntp-4.2.8p8, and ntp-4.3.93.
   CVSS2: MED 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
   CVSS3: MED 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
   Summary: 
 	Zero Origin timestamp problems were fixed by Bug 2945 in
 	ntp-4.2.8p6. However, subsequent timestamp validation checks
 	introduced a regression in the handling of some Zero origin
 	timestamp checks.
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Sharon Goldberg and Aanchal
 	Malhotra of Boston University.
 * read_mru_list() does inadequate incoming packet checks
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3082 / CVE-2016-7434 / VU#633847
   Affects: ntp-4.2.7p22, up to but not including ntp-4.2.8p9, and
 	ntp-4.3.0 up to, but not including ntp-4.3.94.
   CVSS2: LOW 3.8 (AV:L/AC:H/Au:S/C:N/I:N/A:C)
   CVSS3: LOW 3.8 CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
   Summary: 
 	If ntpd is configured to allow mrulist query requests from a
 	server that sends a crafted malicious packet, ntpd will crash
 	on receipt of that crafted malicious mrulist query packet.
   Mitigation:
 	Only allow mrulist query packets from trusted hosts.
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Magnus Stubman.
 * Attack on interface selection
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3072 / CVE-2016-7429 / VU#633847
   Affects: ntp-4.2.7p385, up to but not including ntp-4.2.8p9, and
 	ntp-4.3.0 up to, but not including ntp-4.3.94
   CVSS2: LOW 1.0 (AV:L/AC:H/Au:S/C:N/I:N/A:P)
   CVSS3: LOW 1.6 CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L
   Summary: 
 	When ntpd receives a server response on a socket that corresponds
 	to a different interface than was used for the request, the peer
 	structure is updated to use the interface for new requests. If
 	ntpd is running on a host with multiple interfaces in separate
 	networks and the operating system doesn't check source address in
 	received packets (e.g. rp_filter on Linux is set to 0), an
 	attacker that knows the address of the source can send a packet
 	with spoofed source address which will cause ntpd to select wrong
 	interface for the source and prevent it from sending new requests
 	until the list of interfaces is refreshed, which happens on
 	routing changes or every 5 minutes by default. If the attack is
 	repeated often enough (once per second), ntpd will not be able to
 	synchronize with the source.
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
 	If you are going to configure your OS to disable source address
 	    checks, also configure your firewall configuration to control
 	    what interfaces can receive packets from what networks.
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Miroslav Lichvar of Red Hat.
 * Client rate limiting and server responses
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3071 / CVE-2016-7426 / VU#633847
   Affects: ntp-4.2.5p203, up to but not including ntp-4.2.8p9, and
 	ntp-4.3.0 up to, but not including ntp-4.3.94
   CVSS2: LOW 1.0 (AV:L/AC:H/Au:S/C:N/I:N/A:P)
   CVSS3: LOW 1.6 CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L
   Summary: 
 	When ntpd is configured with rate limiting for all associations
 	(restrict default limited in ntp.conf), the limits are applied
 	also to responses received from its configured sources. An
 	attacker who knows the sources (e.g., from an IPv4 refid in
 	server response) and knows the system is (mis)configured in this
 	way can periodically send packets with spoofed source address to
 	keep the rate limiting activated and prevent ntpd from accepting
 	valid responses from its sources. 
 	While this blanket rate limiting can be useful to prevent
 	brute-force attacks on the origin timestamp, it allows this DoS
 	attack. Similarly, it allows the attacker to prevent mobilization
 	of ephemeral associations.  
   Mitigation:
        Implement BCP-38.
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered by Miroslav Lichvar of Red Hat.
 * Fix for bug 2085 broke initial sync calculations 
   Date Resolved: 21 November 2016; Dev (4.3.94) 21 November 2016
   References: Sec 3067 / CVE-2016-7433 / VU#633847
   Affects: ntp-4.2.7p385, up to but not including ntp-4.2.8p9, and
 	ntp-4.3.0 up to, but not including ntp-4.3.94. But the
 	root-distance calculation in general is incorrect in all versions
 	of ntp-4 until this release. 
   CVSS2: LOW 1.2 (AV:L/AC:H/Au:N/C:N/I:N/A:P)
   CVSS3: LOW 1.6 CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
   Summary: 
 	Bug 2085 described a condition where the root delay was included
 	twice, causing the jitter value to be higher than expected. Due
 	to a misinterpretation of a small-print variable in The Book, the
 	fix for this problem was incorrect, resulting in a root distance
 	that did not include the peer dispersion. The calculations and
 	formulae have been reviewed and reconciled, and the code has been
 	updated accordingly. 
   Mitigation:
        Upgrade to 4.2.8p9, or later, from the NTP Project Download Page
 	    or the NTP Public Services Project Download Page
        Properly monitor your ntpd instances, and auto-restart ntpd
 	    (without -g) if it stops running. 
   Credit: This weakness was discovered independently by Brian Utterback of
 	Oracle, and Sharon Goldberg and Aanchal Malhotra of Boston University. 
 Other fixes:
 * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org>
 * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org
 * [Bug 3129] Unknown hosts can put resolver thread into a hard loop
  - moved retry decision where it belongs. <perlinger@ntp.org>
 * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order
  using the loopback-ppsapi-provider.dll <perlinger@ntp.org>
 * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org>
 * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org>
  - fixed extended sysvar lookup (bug introduced with bug 3008 fix)
 * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org>
  - applied patches by Kurt Roeckx <kurt@roeckx.be> to source
  - added shim layer for SSL API calls with issues (both directions)
 * [Bug 3089] Serial Parser does not work anymore for hopfser like device
  - simplified / refactored hex-decoding in driver. <perlinger@ntp.org>
 * [Bug 3084] update-leap mis-parses the leapfile name.  HStenn.
 * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org
  - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com>
 * [Bug 3067] Root distance calculation needs improvement.  HStenn
 * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org
  - PPS-HACK works again.
 * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org>
  - applied patch by Brian Utterback <brian.utterback@oracle.com>
 * [Bug 3053] ntp_loopfilter.c frequency calc precedence error.  Sarah White.
 * [Bug 3050] Fix for bug #2960 causes [...] spurious error message.
  <perlinger@ntp.org>
  - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no>
 * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org
  - Patch provided by Kuramatsu.
 * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org>
  - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()'
 * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer
 * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger
 * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY.  HStenn.
 * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org>
  - fixed GPS week expansion to work based on build date. Special thanks
    to Craig Leres for initial patch and testing.
 * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd'
  - fixed Makefile.am <perlinger@ntp.org>
 * [Bug 2689] ATOM driver processes last PPS pulse at startup,
             even if it is very old <perlinger@ntp.org>
  - make sure PPS source is alive before processing samples
  - improve stability close to the 500ms phase jump (phase gate)
 * Fix typos in include/ntp.h.
 * Shim X509_get_signature_nid() if needed
 * git author attribution cleanup
 * bk ignore file cleanup
 * remove locks in Windows IO, use rpc-like thread synchronisation instead
 ---
 NTP 4.2.8p8 (Harlan Stenn <stenn@ntp.org>, 2016/06/02) 
--- a/contrib/ntp/configure
+++ b/contrib/ntp/configure
@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ntp 4.2.8p8.
+# Generated by GNU Autoconf 2.69 for ntp 4.2.8p9.
 #
 # Report bugs to <http://bugs.ntp.org./>.
 #
@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='ntp'
 PACKAGE_TARNAME='ntp'
-PACKAGE_VERSION='4.2.8p8'
+PACKAGE_VERSION='4.2.8p9'
-PACKAGE_STRING='ntp 4.2.8p8'
+PACKAGE_STRING='ntp 4.2.8p9'
 PACKAGE_BUGREPORT='http://bugs.ntp.org./'
 PACKAGE_URL='http://www.ntp.org./'
@ -1618,7 +1618,7 @@ if test "$ac_init_help" = "long"; then
  # Omit some internal or obsolete options to make the list less imposing.
  # This message is too long to be a string in the A/UX 3.1 sh.
  cat <<_ACEOF
-\`configure' configures ntp 4.2.8p8 to adapt to many kinds of systems.
+\`configure' configures ntp 4.2.8p9 to adapt to many kinds of systems.
 Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1688,7 +1688,7 @@ fi
 if test -n "$ac_init_help"; then
  case $ac_init_help in
-     short | recursive ) echo "Configuration of ntp 4.2.8p8:";;
+     short | recursive ) echo "Configuration of ntp 4.2.8p9:";;
   esac
  cat <<\_ACEOF
@ -1924,7 +1924,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
  cat <<\_ACEOF
-ntp configure 4.2.8p8
+ntp configure 4.2.8p9
 generated by GNU Autoconf 2.69
 Copyright (C) 2012 Free Software Foundation, Inc.
@ -2754,7 +2754,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
-It was created by ntp $as_me 4.2.8p8, which was
+It was created by ntp $as_me 4.2.8p9, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
  $ $0 $@
@ -3755,7 +3755,7 @@ fi
 # Define the identity of the package.
 PACKAGE='ntp'
- VERSION='4.2.8p8'
+ VERSION='4.2.8p9'
 cat >>confdefs.h <<_ACEOF
@ -38003,7 +38003,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ntp $as_me 4.2.8p8, which was
+This file was extended by ntp $as_me 4.2.8p9, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
  CONFIG_FILES    = $CONFIG_FILES
@ -38070,7 +38070,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ntp config.status 4.2.8p8
+ntp config.status 4.2.8p9
 configured by $0, generated by GNU Autoconf 2.69,
  with options \\"\$ac_cs_config\\"
--- a/contrib/ntp/html/drivers/driver40-ja.html
+++ b/contrib/ntp/html/drivers/driver40-ja.html
@ -16,7 +16,7 @@
 	<body>
 		<h3>JJY Receivers</h3>
 <p>Last update:
-  <!-- #BeginDate format:En2m -->15-May-2015  00:00<!-- #EndDate -->
+  <!-- #BeginDate format:En2m -->08-May-2016  00:00<!-- #EndDate -->
  UTC &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<a href="driver40.html">ENGLISH（英語）</a> &nbsp; <a href="driver40-ja.html">JAPANESE（日本語）</a></p>
 		<hr>
 		<h4>Synopsis</h4>
@ -137,7 +137,7 @@
 							<tr>
 								<td><code>{ENQ}1J{ETX}</code></td>
 								<td>&nbsp;--&gt;&nbsp;</td>
-								<td><code>{STX}JYYMMDD HHMMSSS{ETX}</code></td>
+								<td><code>{STX}JYYMMDDWHHMMSSS{ETX}</code></td>
 							</tr>
 						</table>
 						<br>
--- a/contrib/ntp/html/drivers/driver40.html
+++ b/contrib/ntp/html/drivers/driver40.html
@ -16,7 +16,7 @@
 	<body>
 		<h3>JJY Receivers</h3>
 <p>Last update:
-  <!-- #BeginDate format:En2m -->15-May-2015  00:00<!-- #EndDate -->
+  <!-- #BeginDate format:En2m -->08-May-2016  00:00<!-- #EndDate -->
  UTC &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<a href="driver40.html">ENGLISH</a> &nbsp; <a href="driver40-ja.html">JAPANESE</a></p>
 		<hr>
 		<h4>Synopsis</h4>
@ -136,7 +136,7 @@
 							<tr>
 								<td><code>{ENQ}1J{ETX}</code></td>
 								<td>&nbsp;--&gt;&nbsp;</td>
-								<td><code>{STX}JYYMMDD HHMMSSS{ETX}</code></td>
+								<td><code>{STX}JYYMMDDWHHMMSSS{ETX}</code></td>
 							</tr>
 						</table>
 						<br>
--- a/contrib/ntp/html/miscopt.html
+++ b/contrib/ntp/html/miscopt.html
@ -11,7 +11,7 @@
 <img src="pic/boom3.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/~mills/pictures.html">from <i>Pogo</i>, Walt Kelly</a>
 <p>We have three, now looking for more.</p>
 <p>Last update:
-  <!-- #BeginDate format:En2m -->17-May-2016  06:26<!-- #EndDate -->
+  <!-- #BeginDate format:En2m -->9-Nov-2016  12:26<!-- #EndDate -->
    UTC</p>
 <br clear="left">
 <h4>Related Links</h4>
@ -145,10 +145,12 @@
      <dd>Specifies the stepout threshold in seconds. The default without this command is 300 s. Since this option also affects the training and startup intervals, it should not be set less than the default. Further details are on the <a href="clock.html">Clock State Machine</a> page.</dd>
    </dl>
  </dd>
-  <dt id="tos"><tt>tos [beacon <i>beacon</i> | ceiling <i>ceiling</i> | cohort {0 | 1} | floor <i>floor</i> | maxclock <i>maxclock </i>| maxdist <i>maxdist</i> | minclock <i>minclock</i> | mindist <i>mindist </i>| minsane <i>minsane</i> | orphan <i>stratum</i> | orphanwait <em>delay</em>]</tt></dt>
+  <dt id="tos"><tt>tos [bcpollbstep <i>poll-gate</i> | beacon <i>beacon</i> | ceiling <i>ceiling</i> | cohort {0 | 1} | floor <i>floor</i> | maxclock <i>maxclock </i>| maxdist <i>maxdist</i> | minclock <i>minclock</i> | mindist <i>mindist </i>| minsane <i>minsane</i> | orphan <i>stratum</i> | orphanwait <em>delay</em>]</tt></dt>
  <dd>This command alters certain system variables used by the the clock selection and clustering algorithms. The default values of these variables have been carefully optimized for a wide range of network speeds and reliability expectations. Very rarely is it necessary to change the default values; but, some folks can't resist twisting the knobs. It can be used to select the quality and quantity of peers used to synchronize the system clock and is most useful in dynamic server discovery schemes. The options are as follows:</dd>
  <dd>
    <dl>
      <dt><tt>bcpollbstep <i>poll-gate</i></tt></dt>
      <dd>This option will cause the client to delay believing backward time steps from a broadcast server for <tt>bcpollbstep</tt> poll intervals.  NTP Broadcast networks are expected to be trusted, and if the server's time gets stepped backwards then it's desireable that the clients follow this change as soon as possible.  However, in spite of various protections built-in to the broadcast protocol, it is possible that an attacker could perform a carefully-constructed replay attack and cause clients to erroneously step their clocks backward.  If the risk of a successful broadcast replay attack is greater than the risk of the clients being out of sync in the event that there is a backward step on the broadcast time servers, this option may be used to cause the clients to delay beliveving backward time steps until <i>poll-gate</i> consecutive polls have been received.  The default is 0, which means the client will accept these steps upon receipt.  Any value from 0 to 4 can be specified.</dd>
      <dt><tt>beacon <i>beacon</i></tt></dt>
      <dd>The manycast server sends packets at intervals of 64 s if less than <tt>maxclock</tt> servers are available. Otherwise, it sends packets at the <i><tt>beacon</tt></i> interval in seconds. The default is 3600 s. See the <a href="discover.html">Automatic Server Discovery</a> page for further details.</dd>
      <dt><tt>ceiling <i>ceiling</i></tt></dt>
--- a/contrib/ntp/include/Makefile.am
+++ b/contrib/ntp/include/Makefile.am
@ -16,6 +16,7 @@ noinst_HEADERS =	\
 	intreswork.h	\
 	iosignal.h	\
 	l_stdlib.h	\
 	libssl_compat.h	\
 	lib_strbuf.h	\
 	libntp.h	\
 	mbg_gps166.h	\
--- a/contrib/ntp/include/Makefile.in
+++ b/contrib/ntp/include/Makefile.in
@ -501,6 +501,7 @@ noinst_HEADERS = \
 	intreswork.h	\
 	iosignal.h	\
 	l_stdlib.h	\
 	libssl_compat.h	\
 	lib_strbuf.h	\
 	libntp.h	\
 	mbg_gps166.h	\
--- a/contrib/ntp/include/libssl_compat.h
+++ b/contrib/ntp/include/libssl_compat.h
@ -0,0 +1,100 @@
 /*
 * libssl_compat.h -- OpenSSL v1.1 compatibility shims
 *
 * ---------------------------------------------------------------------
 *
 * Written by Juergen Perlinger <perlinger@ntp.org> for the NTP project
 *
 * Based on an idea by Kurt Roeckx <kurt@roeckx.be>
 *
 * ---------------------------------------------------------------------
 * This is a clean room implementation of shim functions that have
 * counterparts in the OpenSSL v1.1 API but not in earlier versions.
 *
 * If the OpenSSL version used for compilation needs the shims (that is,
 * does not provide the new functions) the names of these functions are
 * redirected to our shims.
 * ---------------------------------------------------------------------
 */
 #ifndef NTP_LIBSSL_COMPAT_H
 #define NTP_LIBSSL_COMPAT_H
 #include "openssl/evp.h"
 #include "openssl/dsa.h"
 #include "openssl/rsa.h"
 /* ----------------------------------------------------------------- */
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
 /* ----------------------------------------------------------------- */
 # include <openssl/objects.h>
 # include <openssl/x509.h>
 /* shim the new-style API on an old-style OpenSSL */
 extern BN_GENCB*	sslshimBN_GENCB_new(void);
 extern void		sslshimBN_GENCB_free(BN_GENCB*);
 extern EVP_MD_CTX*	sslshim_EVP_MD_CTX_new(void);
 extern void		sslshim_EVP_MD_CTX_free(EVP_MD_CTX *ctx);
 extern int	sslshim_EVP_PKEY_id(const EVP_PKEY * pkey);
 extern int	sslshim_EVP_PKEY_base_id(const EVP_PKEY * pkey);
 extern RSA*	sslshim_EVP_PKEY_get0_RSA(EVP_PKEY * pkey);
 extern DSA*	sslshim_EVP_PKEY_get0_DSA(EVP_PKEY * pkey);
 extern void	sslshim_RSA_get0_key(const RSA *prsa, const BIGNUM **pn,
 				     const BIGNUM **pe, const BIGNUM **pd);
 extern int	sslshim_RSA_set0_key(RSA *prsa, BIGNUM *n,
 				     BIGNUM *e, BIGNUM *d);
 extern void	sslshim_RSA_get0_factors(const RSA *prsa, const BIGNUM **pp,
 					 const BIGNUM **pq);
 extern int 	sslshim_RSA_set0_factors(RSA *prsar, BIGNUM *p, BIGNUM *q);
 extern int	sslshim_RSA_set0_crt_params(RSA *prsa, BIGNUM *dmp1,
 					BIGNUM *dmq1, BIGNUM *iqmp);
 extern void	sslshim_DSA_SIG_get0(const DSA_SIG *psig, const BIGNUM **pr,
 				     const BIGNUM **ps);
 extern int	sslshim_DSA_SIG_set0(DSA_SIG *psig, BIGNUM *r, BIGNUM *s);
 extern void	sslshim_DSA_get0_pqg(const DSA *pdsa, const BIGNUM **pp,
 				 const BIGNUM **pq, const BIGNUM **pg);
 extern int	sslshim_DSA_set0_pqg(DSA *pdsa, BIGNUM *p, BIGNUM *q, BIGNUM *g);
 extern void	sslshim_DSA_get0_key(const DSA *pdsa, const BIGNUM **ppub_key,
 				 const BIGNUM **ppriv_key);
 extern int	sslshim_DSA_set0_key(DSA *pdsa, BIGNUM *pub_key,
 				     BIGNUM *priv_key);
 extern int	sslshim_X509_get_signature_nid(const X509 *x);
 #define	BN_GENCB_new		sslshimBN_GENCB_new
 #define	BN_GENCB_free		sslshimBN_GENCB_free
 #define EVP_MD_CTX_new		sslshim_EVP_MD_CTX_new
 #define EVP_MD_CTX_free		sslshim_EVP_MD_CTX_free
 #define EVP_PKEY_id		sslshim_EVP_PKEY_id
 #define EVP_PKEY_base_id	sslshim_EVP_PKEY_base_id
 #define EVP_PKEY_get0_RSA	sslshim_EVP_PKEY_get0_RSA
 #define EVP_PKEY_get0_DSA	sslshim_EVP_PKEY_get0_DSA
 #define RSA_get0_key		sslshim_RSA_get0_key
 #define RSA_set0_key		sslshim_RSA_set0_key
 #define RSA_get0_factors	sslshim_RSA_get0_factors
 #define RSA_set0_factors	sslshim_RSA_set0_factors
 #define RSA_set0_crt_params	sslshim_RSA_set0_crt_params
 #define DSA_SIG_get0		sslshim_DSA_SIG_get0
 #define DSA_SIG_set0		sslshim_DSA_SIG_set0
 #define DSA_get0_pqg		sslshim_DSA_get0_pqg
 #define DSA_set0_pqg		sslshim_DSA_set0_pqg
 #define DSA_get0_key		sslshim_DSA_get0_key
 #define DSA_set0_key		sslshim_DSA_set0_key
 #define X509_get_signature_nid	sslshim_X509_get_signature_nid
 /* ----------------------------------------------------------------- */
 #endif /* OPENSSL_VERSION_NUMBER < v1.1.0 */
 /* ----------------------------------------------------------------- */
 #endif /* NTP_LIBSSL_COMPAT_H */
--- a/contrib/ntp/include/ntp.h
+++ b/contrib/ntp/include/ntp.h
@ -391,7 +391,7 @@ struct peer {
 	 * Statistic counters
 	 */
 	u_long	timereset;	/* time stat counters were reset */
-	u_long	timelastrec;	/* last packet received time */
+	u_long	timelastrec;	/* last packet received time, incl. trash */
 	u_long	timereceived;	/* last (clean) packet received time */
 	u_long	timereachable;	/* last reachable/unreachable time */
@ -419,8 +419,7 @@ struct peer {
 * MODE_BROADCAST and MODE_BCLIENT appear in the transition
 * function. MODE_CONTROL and MODE_PRIVATE can appear in packets,
 * but those never survive to the transition function.
- * is a
+ */
 / */
 #define	MODE_UNSPEC	0	/* unspecified (old version) */
 #define	MODE_ACTIVE	1	/* symmetric active mode */
 #define	MODE_PASSIVE	2	/* symmetric passive mode */
@ -433,7 +432,7 @@ struct peer {
 #define	MODE_CONTROL	6	/* control mode */
 #define	MODE_PRIVATE	7	/* private mode */
 /*
- * This is a madeup mode for broadcast client.
+ * This is a made-up mode for broadcast client.
 */
 #define	MODE_BCLIENT	6	/* broadcast client mode */
@ -724,6 +723,7 @@ struct pkt {
 #define	PROTO_UECRYPTONAK	30
 #define	PROTO_UEDIGEST		31
 #define	PROTO_PCEDIGEST		32
 #define	PROTO_BCPOLLBSTEP	33
 /*
 * Configuration items for the loop filter
@ -731,7 +731,7 @@ struct pkt {
 #define	LOOP_DRIFTINIT		1	/* iniitialize frequency */
 #define	LOOP_KERN_CLEAR		2	/* set initial frequency offset */
 #define LOOP_MAX		3	/* set both step offsets */
-#define LOOP_MAX_BACK		4	/* set bacward-step offset */
+#define LOOP_MAX_BACK		4	/* set backward-step offset */
 #define LOOP_MAX_FWD		5	/* set forward-step offset */
 #define LOOP_PANIC		6	/* set panic offseet */
 #define LOOP_PHI		7	/* set dispersion rate */
--- a/contrib/ntp/include/ntp_intres.h
+++ b/contrib/ntp/include/ntp_intres.h
@ -9,6 +9,9 @@
 #ifdef WORKER
 #define	INITIAL_DNS_RETRY	2	/* seconds between queries */
 /* flags for extended addrinfo version */
 #define GAIR_F_IGNDNSERR	0x0001	/* ignore DNS errors */
 /*
 * you call getaddrinfo_sometime(name, service, &hints, retry, callback_func, context);
 * later (*callback_func)(rescode, gai_errno, context, name, service, hints, ai_result) is called.
@ -19,6 +22,9 @@ typedef void	(*gai_sometime_callback)
 extern int	getaddrinfo_sometime(const char *, const char *,
 				     const struct addrinfo *, int,
 				     gai_sometime_callback, void *);
 extern int	getaddrinfo_sometime_ex(const char *, const char *,
 				     const struct addrinfo *, int,
 				     gai_sometime_callback, void *, u_int);
 /*
 * In gai_sometime_callback routines, the resulting addrinfo list is
 * only available until the callback returns.  To hold on to the list
--- a/contrib/ntp/include/ntpd.h
+++ b/contrib/ntp/include/ntpd.h
@ -483,6 +483,7 @@ extern int	sys_bclient;		/* we set our time to broadcasts */
 extern double	sys_bdelay; 		/* broadcast client default delay */
 extern int	sys_authenticate;	/* requre authentication for config */
 extern l_fp	sys_authdelay;		/* authentication delay */
 extern u_char	sys_bcpollbstep;	/* broadcast poll backstep gate */
 extern u_long 	sys_epoch;		/* last clock update time */
 extern keyid_t	sys_private;		/* private value for session seed */
 extern int	sys_manycastserver;	/* respond to manycast client pkts */
--- a/contrib/ntp/lib/isc/netaddr.c
+++ b/contrib/ntp/lib/isc/netaddr.c
@ -280,7 +280,6 @@ isc_netaddr_masktoprefixlen(const isc_netaddr_t *s, unsigned int *lenp) {
 	for (; i < ipbytes; i++) {
 		if (p[i] != 0)
 			return (ISC_R_MASKNONCONTIG);
 		i++;
 	}
 	*lenp = nbytes * 8 + nbits;
 	return (ISC_R_SUCCESS);
--- a/contrib/ntp/libntp/Makefile.am
+++ b/contrib/ntp/libntp/Makefile.am
@ -73,6 +73,7 @@ libntp_a_SRCS =						\
 	iosignal.c					\
 	is_ip_address.c					\
 	lib_strbuf.c					\
 	libssl_compat.c					\
 	machines.c					\
 	mktime.c					\
 	modetoa.c					\
--- a/contrib/ntp/libntp/Makefile.in
+++ b/contrib/ntp/libntp/Makefile.in
@ -150,15 +150,15 @@ am__libntp_a_SOURCES_DIST = systime.c a_md5encrypt.c adjtime.c \
 	calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
 	dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
 	hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
-	is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
+	is_ip_address.c lib_strbuf.c libssl_compat.c machines.c \
-	mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
+	mktime.c modetoa.c mstolfp.c msyslog.c netof.c ntp_calendar.c \
-	ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
+	ntp_crypto_rnd.c ntp_intres.c ntp_libopts.c ntp_lineedit.c \
-	ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
+	ntp_random.c ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c \
-	prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
+	octtoint.c prettydate.c refidsmear.c recvbuff.c refnumtoa.c \
-	socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
+	snprintf.c socket.c socktoa.c socktohost.c ssl_init.c \
-	strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
+	statestr.c strdup.c strl_obsd.c syssignal.c timetoa.c \
-	vint64ops.c work_fork.c work_thread.c ymd2yd.c \
+	timevalops.c uglydate.c vint64ops.c work_fork.c work_thread.c \
-	$(srcdir)/../lib/isc/assertions.c \
+	ymd2yd.c $(srcdir)/../lib/isc/assertions.c \
 	$(srcdir)/../lib/isc/buffer.c \
 	$(srcdir)/../lib/isc/backtrace-emptytbl.c \
 	$(srcdir)/../lib/isc/backtrace.c \
@ -209,20 +209,21 @@ am__objects_4 = a_md5encrypt.$(OBJEXT) adjtime.$(OBJEXT) \
 	getopt.$(OBJEXT) hextoint.$(OBJEXT) hextolfp.$(OBJEXT) \
 	humandate.$(OBJEXT) icom.$(OBJEXT) iosignal.$(OBJEXT) \
 	is_ip_address.$(OBJEXT) lib_strbuf.$(OBJEXT) \
-	machines.$(OBJEXT) mktime.$(OBJEXT) modetoa.$(OBJEXT) \
+	libssl_compat.$(OBJEXT) machines.$(OBJEXT) mktime.$(OBJEXT) \
-	mstolfp.$(OBJEXT) msyslog.$(OBJEXT) netof.$(OBJEXT) \
+	modetoa.$(OBJEXT) mstolfp.$(OBJEXT) msyslog.$(OBJEXT) \
-	ntp_calendar.$(OBJEXT) ntp_crypto_rnd.$(OBJEXT) \
+	netof.$(OBJEXT) ntp_calendar.$(OBJEXT) \
-	ntp_intres.$(OBJEXT) ntp_libopts.$(OBJEXT) \
+	ntp_crypto_rnd.$(OBJEXT) ntp_intres.$(OBJEXT) \
-	ntp_lineedit.$(OBJEXT) ntp_random.$(OBJEXT) \
+	ntp_libopts.$(OBJEXT) ntp_lineedit.$(OBJEXT) \
-	ntp_rfc2553.$(OBJEXT) ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) \
+	ntp_random.$(OBJEXT) ntp_rfc2553.$(OBJEXT) \
-	numtohost.$(OBJEXT) octtoint.$(OBJEXT) prettydate.$(OBJEXT) \
+	ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) numtohost.$(OBJEXT) \
-	refidsmear.$(OBJEXT) recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) \
+	octtoint.$(OBJEXT) prettydate.$(OBJEXT) refidsmear.$(OBJEXT) \
-	snprintf.$(OBJEXT) socket.$(OBJEXT) socktoa.$(OBJEXT) \
+	recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) snprintf.$(OBJEXT) \
-	socktohost.$(OBJEXT) ssl_init.$(OBJEXT) statestr.$(OBJEXT) \
+	socket.$(OBJEXT) socktoa.$(OBJEXT) socktohost.$(OBJEXT) \
-	strdup.$(OBJEXT) strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) \
+	ssl_init.$(OBJEXT) statestr.$(OBJEXT) strdup.$(OBJEXT) \
-	timetoa.$(OBJEXT) timevalops.$(OBJEXT) uglydate.$(OBJEXT) \
+	strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) timetoa.$(OBJEXT) \
-	vint64ops.$(OBJEXT) work_fork.$(OBJEXT) work_thread.$(OBJEXT) \
+	timevalops.$(OBJEXT) uglydate.$(OBJEXT) vint64ops.$(OBJEXT) \
-	ymd2yd.$(OBJEXT) $(am__objects_3) $(am__objects_1)
+	work_fork.$(OBJEXT) work_thread.$(OBJEXT) ymd2yd.$(OBJEXT) \
 	$(am__objects_3) $(am__objects_1)
 am_libntp_a_OBJECTS = systime.$(OBJEXT) $(am__objects_4)
 libntp_a_OBJECTS = $(am_libntp_a_OBJECTS)
 libntpsim_a_AR = $(AR) $(ARFLAGS)
@ -233,15 +234,15 @@ am__libntpsim_a_SOURCES_DIST = systime_s.c a_md5encrypt.c adjtime.c \
 	calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
 	dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
 	hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
-	is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
+	is_ip_address.c lib_strbuf.c libssl_compat.c machines.c \
-	mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
+	mktime.c modetoa.c mstolfp.c msyslog.c netof.c ntp_calendar.c \
-	ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
+	ntp_crypto_rnd.c ntp_intres.c ntp_libopts.c ntp_lineedit.c \
-	ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
+	ntp_random.c ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c \
-	prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
+	octtoint.c prettydate.c refidsmear.c recvbuff.c refnumtoa.c \
-	socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
+	snprintf.c socket.c socktoa.c socktohost.c ssl_init.c \
-	strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
+	statestr.c strdup.c strl_obsd.c syssignal.c timetoa.c \
-	vint64ops.c work_fork.c work_thread.c ymd2yd.c \
+	timevalops.c uglydate.c vint64ops.c work_fork.c work_thread.c \
-	$(srcdir)/../lib/isc/assertions.c \
+	ymd2yd.c $(srcdir)/../lib/isc/assertions.c \
 	$(srcdir)/../lib/isc/buffer.c \
 	$(srcdir)/../lib/isc/backtrace-emptytbl.c \
 	$(srcdir)/../lib/isc/backtrace.c \
@ -665,6 +666,7 @@ libntp_a_SRCS = \
 	iosignal.c					\
 	is_ip_address.c					\
 	lib_strbuf.c					\
 	libssl_compat.c					\
 	machines.c					\
 	mktime.c					\
 	modetoa.c					\
@ -813,6 +815,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/is_ip_address.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib_strbuf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libssl_compat.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/machines.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5.Po@am__quote@
--- a/contrib/ntp/libntp/a_md5encrypt.c
+++ b/contrib/ntp/libntp/a_md5encrypt.c
@ -11,6 +11,7 @@
 #include "ntp.h"
 #include "ntp_md5.h"	/* provides OpenSSL digest API */
 #include "isc/string.h"
 #include "libssl_compat.h"
 /*
 * MD5authencrypt - generate message digest
 *
@ -26,7 +27,7 @@ MD5authencrypt(
 {
 	u_char	digest[EVP_MAX_MD_SIZE];
 	u_int	len;
-	EVP_MD_CTX ctx;
+	EVP_MD_CTX *ctx;
 	/*
 	 * Compute digest of key concatenated with packet. Note: the
@ -34,18 +35,20 @@ MD5authencrypt(
 	 * was creaded.
 	 */
 	INIT_SSL();
-#if defined(OPENSSL) && OPENSSL_VERSION_NUMBER >= 0x0090700fL
+	ctx = EVP_MD_CTX_new();
-	if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
+	if (!(ctx && EVP_DigestInit(ctx, EVP_get_digestbynid(type)))) {
 		msyslog(LOG_ERR,
 		    "MAC encrypt: digest init failed");
 		EVP_MD_CTX_free(ctx);
 		return (0);
 	}
-#else
+	EVP_DigestUpdate(ctx, key, cache_secretsize);
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
+	EVP_DigestUpdate(ctx, (u_char *)pkt, length);
-#endif
+	EVP_DigestFinal(ctx, digest, &len);
-	EVP_DigestUpdate(&ctx, key, cache_secretsize);
+	EVP_MD_CTX_free(ctx);
-	EVP_DigestUpdate(&ctx, (u_char *)pkt, length);
+	/* If the MAC is longer than the MAX then truncate it. */
-	EVP_DigestFinal(&ctx, digest, &len);
+	if (len > MAX_MAC_LEN - 4)
 	    len = MAX_MAC_LEN - 4;
 	memmove((u_char *)pkt + length + 4, digest, len);
 	return (len + 4);
 }
@ -67,7 +70,7 @@ MD5authdecrypt(
 {
 	u_char	digest[EVP_MAX_MD_SIZE];
 	u_int	len;
-	EVP_MD_CTX ctx;
+	EVP_MD_CTX *ctx;
 	/*
 	 * Compute digest of key concatenated with packet. Note: the
@ -75,24 +78,26 @@ MD5authdecrypt(
 	 * was created.
 	 */
 	INIT_SSL();
-#if defined(OPENSSL) && OPENSSL_VERSION_NUMBER >= 0x0090700fL
+	ctx = EVP_MD_CTX_new();
-	if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
+	if (!(ctx && EVP_DigestInit(ctx, EVP_get_digestbynid(type)))) {
 		msyslog(LOG_ERR,
 		    "MAC decrypt: digest init failed");
 		EVP_MD_CTX_free(ctx);
 		return (0);
 	}
-#else
+	EVP_DigestUpdate(ctx, key, cache_secretsize);
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
+	EVP_DigestUpdate(ctx, (u_char *)pkt, length);
-#endif
+	EVP_DigestFinal(ctx, digest, &len);
-	EVP_DigestUpdate(&ctx, key, cache_secretsize);
+	EVP_MD_CTX_free(ctx);
-	EVP_DigestUpdate(&ctx, (u_char *)pkt, length);
+	/* If the MAC is longer than the MAX then truncate it. */
-	EVP_DigestFinal(&ctx, digest, &len);
+	if (len > MAX_MAC_LEN - 4)
 	    len = MAX_MAC_LEN - 4;
 	if (size != (size_t)len + 4) {
 		msyslog(LOG_ERR,
 		    "MAC decrypt: MAC length error");
 		return (0);
 	}
-	return !isc_tsmemcmp(digest, (const char *)pkt + length + 4, len);
+	return !isc_tsmemcmp(digest, (u_char *)pkt + length + 4, len);
 }
 /*
@ -106,7 +111,7 @@ addr2refid(sockaddr_u *addr)
 {
 	u_char		digest[20];
 	u_int32		addr_refid;
-	EVP_MD_CTX	ctx;
+	EVP_MD_CTX	*ctx;
 	u_int		len;
 	if (IS_IPV4(addr))
@ -114,24 +119,23 @@ addr2refid(sockaddr_u *addr)
 	INIT_SSL();
-#if defined(OPENSSL) && OPENSSL_VERSION_NUMBER >= 0x0090700fL
+	ctx = EVP_MD_CTX_new();
-	EVP_MD_CTX_init(&ctx);
+	EVP_MD_CTX_init(ctx);
 #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
 	/* MD5 is not used as a crypto hash here. */
-	EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+	EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
 #endif
-	if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) {
+	if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) {
 		msyslog(LOG_ERR,
 		    "MD5 init failed");
 		EVP_MD_CTX_free(ctx);	/* pedantic... but safe */
 		exit(1);
 	}
 #else
 	EVP_DigestInit(&ctx, EVP_md5());
 #endif
-	EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
+	EVP_DigestUpdate(ctx, (u_char *)PSOCK_ADDR6(addr),
 	    sizeof(struct in6_addr));
-	EVP_DigestFinal(&ctx, digest, &len);
+	EVP_DigestFinal(ctx, digest, &len);
 	EVP_MD_CTX_free(ctx);
 	memcpy(&addr_refid, digest, sizeof(addr_refid));
 	return (addr_refid);
 }
--- a/contrib/ntp/libntp/audio.c
+++ b/contrib/ntp/libntp/audio.c
@ -55,7 +55,7 @@ static struct audio_device device; /* audio device ident */
 #ifdef PCM_STYLE_SOUND
 # define INIT_FILE "/etc/ntp.audio"
 int agc =	SOUND_MIXER_WRITE_RECLEV; /* or IGAIN or LINE */
-int monitor =	SOUND_MIXER_WRITE_VOLUME; /* or OGAIN */
+int audiomonitor =     SOUND_MIXER_WRITE_VOLUME; /* or OGAIN */
 int devmask = 0;
 int recmask = 0;
 char cf_c_dev[100], cf_i_dev[100], cf_agc[100], cf_monitor[100];
@ -334,7 +334,7 @@ audio_init(
 		/* devmask */
 		i = mixer_name(cf_monitor, devmask);
 		if (i >= 0)
-			monitor = MIXER_WRITE(i);
+                       audiomonitor = MIXER_WRITE(i);
 		else
 			printf("monitor %s not in devmask %#x\n",
 			       cf_monitor, devmask);
@ -412,7 +412,7 @@ audio_gain(
 # endif
 		l |= r << 8;
 		if (cf_monitor[0] != '\0')
-			rval = ioctl(ctl_fd, monitor, &l );
+                       rval = ioctl(ctl_fd, audiomonitor, &l );
 		else 
 			rval = ioctl(ctl_fd, SOUND_MIXER_WRITE_VOLUME,
 				     &l);
--- a/contrib/ntp/libntp/libssl_compat.c
+++ b/contrib/ntp/libntp/libssl_compat.c
@ -0,0 +1,335 @@
 /*
 * libssl_compat.c -- OpenSSL v1.1 compatibility functions
 *
 * ---------------------------------------------------------------------
 * Written by Juergen Perlinger <perlinger@ntp.org> for the NTP project
 *
 * Based on an idea by Kurt Roeckx <kurt@roeckx.be>
 *
 * ---------------------------------------------------------------------
 * This is a clean room implementation of shim functions that have
 * counterparts in the OpenSSL v1.1 API but not in earlier versions. So
 * while OpenSSL broke binary compatibility with v1.1, this shim module
 * should provide the necessary source code compatibility with older
 * versions of OpenSSL.
 * ---------------------------------------------------------------------
 */
 #include "config.h"
 #include <string.h>
 #include <openssl/bn.h>
 #include <openssl/evp.h>
 #include "ntp_types.h"
 /* ----------------------------------------------------------------- */
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
 /* ----------------------------------------------------------------- */
 #include "libssl_compat.h"
 #include "ntp_assert.h"
 /* --------------------------------------------------------------------
 * replace a BIGNUM owned by the caller with another one if it's not
 * NULL, taking over the ownership of the new value. This clears & frees
 * the old value -- the clear might be overkill, but it's better to err
 * on the side of paranoia here.
 */
 static void
 replace_bn_nn(
 	BIGNUM **	ps,
 	BIGNUM *	n
 	)
 {
 	if (n) {
 		REQUIRE(*ps != n);
 		BN_clear_free(*ps);
 		*ps = n;
 	}
 }
 /* --------------------------------------------------------------------
 * allocation and deallocation of prime number callbacks
 */
 BN_GENCB*
 sslshimBN_GENCB_new(void)
 {
 	return calloc(1,sizeof(BN_GENCB));
 }
 void
 sslshimBN_GENCB_free(
 	BN_GENCB	*cb
 	)
 {
 	free(cb);
 }
 /* --------------------------------------------------------------------
 * allocation and deallocation of message digests
 */
 EVP_MD_CTX*
 sslshim_EVP_MD_CTX_new(void)
 {
 	return calloc(1, sizeof(EVP_MD_CTX));
 }
 void
 sslshim_EVP_MD_CTX_free(
 	EVP_MD_CTX *	pctx
 	)
 {
 	free(pctx);
 }
 /* --------------------------------------------------------------------
 * get EVP keys and key type
 */
 int
 sslshim_EVP_PKEY_id(
 	const EVP_PKEY *pkey
 	)
 {
 	return (pkey) ? pkey->type : EVP_PKEY_NONE;
 }
 int
 sslshim_EVP_PKEY_base_id(
 	const EVP_PKEY *pkey
 	)
 {
 	return (pkey) ? EVP_PKEY_type(pkey->type) : EVP_PKEY_NONE;
 }
 RSA*
 sslshim_EVP_PKEY_get0_RSA(
 	EVP_PKEY *	pkey
 	)
 {
 	return (pkey) ? pkey->pkey.rsa : NULL;
 }
 DSA*
 sslshim_EVP_PKEY_get0_DSA(
 	EVP_PKEY *	pkey
 	)
 {
 	return (pkey) ? pkey->pkey.dsa : NULL;
 }
 /* --------------------------------------------------------------------
 * set/get RSA params
 */
 void
 sslshim_RSA_get0_key(
 	const RSA *	prsa,
 	const BIGNUM **	pn,
 	const BIGNUM **	pe,
 	const BIGNUM **	pd
 	)
 {
 	REQUIRE(prsa != NULL);
 	if (pn)
 		*pn = prsa->n;
 	if (pe)
 		*pe = prsa->e;
 	if (pd)
 		*pd = prsa->d;
 }
 int
 sslshim_RSA_set0_key(
 	RSA *		prsa,
 	BIGNUM *	n,
 	BIGNUM *	e,
 	BIGNUM *	d
 	)
 {
 	REQUIRE(prsa != NULL);
 	if (!((prsa->n || n) && (prsa->e || e)))
 		return 0;
 	replace_bn_nn(&prsa->n, n);
 	replace_bn_nn(&prsa->e, e);
 	replace_bn_nn(&prsa->d, d);
 	return 1;
 }
 void
 sslshim_RSA_get0_factors(
 	const RSA *	prsa,
 	const BIGNUM **	pp,
 	const BIGNUM **	pq
 	)
 {
 	REQUIRE(prsa != NULL);
 	if (pp)
 		*pp = prsa->p;
 	if (pq)
 		*pq = prsa->q;
 }
 int
 sslshim_RSA_set0_factors(
 	RSA    *	prsa,
 	BIGNUM *	p,
 	BIGNUM *	q
 	)
 {
 	REQUIRE(prsa != NULL);
 	if (!((prsa->p || p) && (prsa->q || q)))
 		return 0;
 	replace_bn_nn(&prsa->p, p);
 	replace_bn_nn(&prsa->q, q);
 	return 1;
 }
 int
 sslshim_RSA_set0_crt_params(
 	RSA    *	prsa,
 	BIGNUM *	dmp1,
 	BIGNUM *	dmq1,
 	BIGNUM *	iqmp
 	)
 {
 	REQUIRE(prsa != NULL);
 	if (!((prsa->dmp1 || dmp1) &&
 	      (prsa->dmq1 || dmq1) &&
 	      (prsa->iqmp || iqmp) ))
 		return 0;
 	replace_bn_nn(&prsa->dmp1, dmp1);
 	replace_bn_nn(&prsa->dmq1, dmq1);
 	replace_bn_nn(&prsa->iqmp, iqmp);
 	return 1;
 }
 /* --------------------------------------------------------------------
 * set/get DSA signature parameters
 */
 void
 sslshim_DSA_SIG_get0(
 	const DSA_SIG *	psig,
 	const BIGNUM **	pr,
 	const BIGNUM **	ps
 	)
 {
 	REQUIRE(psig != NULL);
 	if (pr != NULL)
 		*pr = psig->r;
 	if (ps != NULL)
 		*ps = psig->s;
 }
 int
 sslshim_DSA_SIG_set0(
 	DSA_SIG *	psig,
 	BIGNUM *	r,
 	BIGNUM *	s
 	)
 {
 	REQUIRE(psig != NULL);
 	if (!(r && s))
 		return 0;
 	replace_bn_nn(&psig->r, r);
 	replace_bn_nn(&psig->s, s);
 	return 1;
 }
 /* --------------------------------------------------------------------
 * get/set DSA parameters
 */
 void
 sslshim_DSA_get0_pqg(
 	const DSA *	pdsa,
 	const BIGNUM **	pp,
 	const BIGNUM **	pq,
 	const BIGNUM **	pg
 	)
 {
 	REQUIRE(pdsa != NULL);
 	if (pp != NULL)
 		*pp = pdsa->p;
 	if (pq != NULL)
 		*pq = pdsa->q;
 	if (pg != NULL)
 		*pg = pdsa->g;
 }
 int
 sslshim_DSA_set0_pqg(
 	DSA *		pdsa,
 	BIGNUM *	p,
 	BIGNUM *	q,
 	BIGNUM *	g
 	)
 {
 	if (!((pdsa->p || p) && (pdsa->q || q) && (pdsa->g || g)))
 		return 0;
 	replace_bn_nn(&pdsa->p, p);
 	replace_bn_nn(&pdsa->q, q);
 	replace_bn_nn(&pdsa->g, g);
 	return 1;
 }
 void
 sslshim_DSA_get0_key(
 	const DSA *	pdsa,
 	const BIGNUM **	ppub_key,
 	const BIGNUM **	ppriv_key
 	)
 {
 	REQUIRE(pdsa != NULL);
 	if (ppub_key != NULL)
 		*ppub_key = pdsa->pub_key;
 	if (ppriv_key != NULL)
 		*ppriv_key = pdsa->priv_key;
 }
 int
 sslshim_DSA_set0_key(
 	DSA *		pdsa,
 	BIGNUM *	pub_key,
 	BIGNUM *	priv_key
 	)
 {
 	REQUIRE(pdsa != NULL);
 	if (!(pdsa->pub_key || pub_key))
 		return 0;
 	replace_bn_nn(&pdsa->pub_key, pub_key);
 	replace_bn_nn(&pdsa->priv_key, priv_key);
 	return 1;
 }
 int
 sslshim_X509_get_signature_nid(
 	const X509 *x
 	)
 {
 	return OBJ_obj2nid(x->sig_alg->algorithm);
 }
 /* ----------------------------------------------------------------- */
 #else /* OPENSSL_VERSION_NUMBER >= v1.1.0 */
 /* ----------------------------------------------------------------- */
 NONEMPTY_TRANSLATION_UNIT
 /* ----------------------------------------------------------------- */
 #endif
 /* ----------------------------------------------------------------- */
--- a/contrib/ntp/libntp/ntp_calendar.c
+++ b/contrib/ntp/libntp/ntp_calendar.c
@ -91,7 +91,7 @@
 /*
 *---------------------------------------------------------------------
 * replacing the 'time()' function
- * --------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 static systime_func_ptr systime_func = &time;
@ -395,7 +395,7 @@ ntpcal_get_build_date(
 /*
 *---------------------------------------------------------------------
 * basic calendar stuff
- * --------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 /* month table for a year starting with March,1st */
@ -443,11 +443,11 @@ static const uint16_t real_month_table[2][13] = {
 */
 /*
- * ==================================================================
+ * ====================================================================
 *
 * General algorithmic stuff
 *
- * ==================================================================
+ * ====================================================================
 */
 /*
@ -495,7 +495,7 @@ static const uint16_t real_month_table[2][13] = {
 * 32/16bit divisions and is still performant is a bit more
 * difficult. Since most usecases can be coded in a way that does only
 * require the 32-bit version a 64bit version is NOT provided here.
- * ---------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 int32_t
 ntpcal_periodic_extend(
@ -542,8 +542,35 @@ ntpcal_periodic_extend(
 	return pivot;
 }
 /*---------------------------------------------------------------------
 * Note to the casual reader
 *
 * In the next two functions you will find (or would have found...)
 * the expression
 *
 *   res.Q_s -= 0x80000000;
 *
 * There was some ruckus about a possible programming error due to
 * integer overflow and sign propagation.
 *
 * This assumption is based on a lack of understanding of the C
 * standard. (Though this is admittedly not one of the most 'natural'
 * aspects of the 'C' language and easily to get wrong.)
 *
 * see 
 *	http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf
 *	"ISO/IEC 9899:201x Committee Draft — April 12, 2011"
 *	6.4.4.1 Integer constants, clause 5
 *
 * why there is no sign extension/overflow problem here.
 *
 * But to ease the minds of the doubtful, I added back the 'u' qualifiers
 * that somehow got lost over the last years. 
 */
 /*
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 * Convert a timestamp in NTP scale to a 64bit seconds value in the UN*X
 * scale with proper epoch unfolding around a given pivot or the current
 * system time. This function happily accepts negative pivot values as
@ -553,7 +580,7 @@ ntpcal_periodic_extend(
 * This is also a periodic extension, but since the cycle is 2^32 and
 * the shift is 2^31, we can do some *very* fast math without explicit
 * divisions.
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 vint64
 ntpcal_ntp_to_time(
@ -568,7 +595,7 @@ ntpcal_ntp_to_time(
 	res.q_s = (pivot != NULL)
 		      ? *pivot
 		      : now();
-	res.Q_s -= 0x80000000;		/* unshift of half range */
+	res.Q_s -= 0x80000000u;		/* unshift of half range */
 	ntp	-= (uint32_t)JAN_1970;	/* warp into UN*X domain */
 	ntp	-= res.D_s.lo;		/* cycle difference	 */
 	res.Q_s += (uint64_t)ntp;	/* get expanded time	 */
@ -581,7 +608,7 @@ ntpcal_ntp_to_time(
 		  ? *pivot
 		  : now();
 	res = time_to_vint64(&tmp);
-	M_SUB(res.D_s.hi, res.D_s.lo, 0, 0x80000000);
+	M_SUB(res.D_s.hi, res.D_s.lo, 0, 0x80000000u);
 	ntp -= (uint32_t)JAN_1970;	/* warp into UN*X domain */
 	ntp -= res.D_s.lo;		/* cycle difference	 */
 	M_ADD(res.D_s.hi, res.D_s.lo, 0, ntp);
@ -592,7 +619,7 @@ ntpcal_ntp_to_time(
 }
 /*
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 * Convert a timestamp in NTP scale to a 64bit seconds value in the NTP
 * scale with proper epoch unfolding around a given pivot or the current
 * system time.
@ -602,7 +629,7 @@ ntpcal_ntp_to_time(
 * This is also a periodic extension, but since the cycle is 2^32 and
 * the shift is 2^31, we can do some *very* fast math without explicit
 * divisions.
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 vint64
 ntpcal_ntp_to_ntp(
@ -617,7 +644,7 @@ ntpcal_ntp_to_ntp(
 	res.q_s = (pivot)
 		      ? *pivot
 		      : now();
-	res.Q_s -= 0x80000000;		/* unshift of half range */
+	res.Q_s -= 0x80000000u;		/* unshift of half range */
 	res.Q_s += (uint32_t)JAN_1970;	/* warp into NTP domain	 */
 	ntp	-= res.D_s.lo;		/* cycle difference	 */
 	res.Q_s += (uint64_t)ntp;	/* get expanded time	 */
@ -642,20 +669,20 @@ ntpcal_ntp_to_ntp(
 /*
- * ==================================================================
+ * ====================================================================
 *
 * Splitting values to composite entities
 *
- * ==================================================================
+ * ====================================================================
 */
 /*
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 * Split a 64bit seconds value into elapsed days in 'res.hi' and
 * elapsed seconds since midnight in 'res.lo' using explicit floor
 * division. This function happily accepts negative time values as
 * timestamps before the respective epoch start.
- * -------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 ntpcal_split
 ntpcal_daysplit(
@ -736,11 +763,11 @@ ntpcal_daysplit(
 }
 /*
- *-------------------------------------------------------------------
+ *---------------------------------------------------------------------
 * Split a 32bit seconds value into h/m/s and excessive days.  This
 * function happily accepts negative time values as timestamps before
 * midnight.
- * -------------------------------------------------------------------
+ *---------------------------------------------------------------------
 */
 static int32_t
 priv_timesplit(
@ -773,7 +800,7 @@ priv_timesplit(
 }
 /*
- * ---------------------------------------------------------------------
+ *---------------------------------------------------------------------
 * Given the number of elapsed days in the calendar era, split this
 * number into the number of elapsed years in 'res.hi' and the number
 * of elapsed days of that year in 'res.lo'.
@ -1053,11 +1080,11 @@ ntpcal_time_to_date(
 /*
- * ==================================================================
+ * ====================================================================
 *
 * merging composite entities
 *
- * ==================================================================
+ * ====================================================================
 */
 /*
@ -1251,8 +1278,8 @@ ntpcal_edate_to_eradays(
 * Convert ELAPSED years/months/days of gregorian calendar to elapsed
 * days in year.
 *
- * Note: This will give the true difference to the start of the given year,
+ * Note: This will give the true difference to the start of the given
- * even if months & days are off-scale.
+ * year, even if months & days are off-scale.
 *---------------------------------------------------------------------
 */
 int32_t
@ -1434,11 +1461,11 @@ ntpcal_date_to_time(
 /*
- * ==================================================================
+ * ====================================================================
 *
 * extended and unchecked variants of caljulian/caltontp
 *
- * ==================================================================
+ * ====================================================================
 */
 int
 ntpcal_ntp64_to_date(
@ -1500,11 +1527,11 @@ ntpcal_date_to_ntp(
 /*
- * ==================================================================
+ * ====================================================================
 *
 * day-of-week calculations
 *
- * ==================================================================
+ * ====================================================================
 */
 /*
 * Given a RataDie and a day-of-week, calculate a RDN that is reater-than,
@ -1557,7 +1584,7 @@ ntpcal_weekday_lt(
 }
 /*
- * ==================================================================
+ * ====================================================================
 *
 * ISO week-calendar conversions
 *
@ -1601,7 +1628,7 @@ ntpcal_weekday_lt(
 * smallest possible powers of two, so the division can be implemented
 * as shifts if the optimiser chooses to do so.
 *
- * ==================================================================
+ * ====================================================================
 */
 /*
--- a/contrib/ntp/libntp/ntp_intres.c
+++ b/contrib/ntp/libntp/ntp_intres.c
@ -118,14 +118,16 @@
 * is managed by the code which calls the *_complete routines.
 */
 /* === typedefs === */
 typedef struct blocking_gai_req_tag {	/* marshalled args */
 	size_t			octets;
 	u_int			dns_idx;
 	time_t			scheduled;
 	time_t			earliest;
 	struct addrinfo		hints;
 	int			retry;
 	struct addrinfo		hints;
 	u_int			qflags;
 	gai_sometime_callback	callback;
 	void *			context;
 	size_t			nodesize;
@ -205,8 +207,8 @@ static	dnsworker_ctx *	get_worker_context(blocking_child *, u_int);
 static	void		scheduled_sleep(time_t, time_t,
 					dnsworker_ctx *);
 static	void		manage_dns_retry_interval(time_t *, time_t *,
-						  int *,
+						  int *, time_t *,
-						  time_t *);
+						  int/*BOOL*/);
 static	int		should_retry_dns(int, int);
 #ifdef HAVE_RES_INIT
 static	void		reload_resolv_conf(dnsworker_ctx *);
@ -230,13 +232,14 @@ static	void		getnameinfo_sometime_complete(blocking_work_req,
 *			  invokes provided callback completion function.
 */
 int
-getaddrinfo_sometime(
+getaddrinfo_sometime_ex(
 	const char *		node,
 	const char *		service,
 	const struct addrinfo *	hints,
 	int			retry,
 	gai_sometime_callback	callback,
-	void *			context
+	void *			context,
 	u_int			qflags
 	)
 {
 	blocking_gai_req *	gai_req;
@ -277,6 +280,7 @@ getaddrinfo_sometime(
 	gai_req->context = context;
 	gai_req->nodesize = nodesize;
 	gai_req->servsize = servsize;
 	gai_req->qflags = qflags;
 	memcpy((char *)gai_req + sizeof(*gai_req), node, nodesize);
 	memcpy((char *)gai_req + sizeof(*gai_req) + nodesize, service,
@ -451,6 +455,20 @@ blocking_getaddrinfo(
 	return 0;
 }
 int
 getaddrinfo_sometime(
 	const char *		node,
 	const char *		service,
 	const struct addrinfo *	hints,
 	int			retry,
 	gai_sometime_callback	callback,
 	void *			context
 	)
 {
 	return getaddrinfo_sometime_ex(node, service, hints, retry,
 				       callback, context, 0);
 }
 static void
 getaddrinfo_sometime_complete(
@ -470,7 +488,7 @@ getaddrinfo_sometime_complete(
 	char *			service;
 	char *			canon_start;
 	time_t			time_now;
-	int			again;
+	int			again, noerr;
 	int			af;
 	const char *		fam_spec;
 	int			i;
@ -498,8 +516,9 @@ getaddrinfo_sometime_complete(
 				  gai_req->dns_idx, humantime(time_now)));
 		}
 	} else {
-		again = should_retry_dns(gai_resp->retcode,
+		noerr = !!(gai_req->qflags & GAIR_F_IGNDNSERR);
-					 gai_resp->gai_errno);
+		again = noerr || should_retry_dns(
 					gai_resp->retcode, gai_resp->gai_errno);
 		/*
 		 * exponential backoff of DNS retries to 64s
 		 */
@ -528,9 +547,10 @@ getaddrinfo_sometime_complete(
 							gai_strerror(gai_resp->retcode),
 							gai_resp->retcode);
 				}
-			manage_dns_retry_interval(&gai_req->scheduled,
+			manage_dns_retry_interval(
-			    &gai_req->earliest, &gai_req->retry,
+				&gai_req->scheduled, &gai_req->earliest,
-			    &child_ctx->next_dns_timeslot);
+				&gai_req->retry, &child_ctx->next_dns_timeslot,
 				noerr);
 			if (!queue_blocking_request(
 					BLOCKING_GETADDRINFO,
 					gai_req,
@ -826,7 +846,7 @@ getnameinfo_sometime_complete(
 		if (gni_req->retry > 0)
 			manage_dns_retry_interval(&gni_req->scheduled,
 			    &gni_req->earliest, &gni_req->retry,
-			    &child_ctx->next_dns_timeslot);
+						  &child_ctx->next_dns_timeslot, FALSE);
 		if (gni_req->retry > 0 && again) {
 			if (!queue_blocking_request(
@ -1033,18 +1053,32 @@ manage_dns_retry_interval(
 	time_t *	pscheduled,
 	time_t *	pwhen,
 	int *		pretry,
-	time_t *	pnext_timeslot
+	time_t *	pnext_timeslot,
 	int		forever
 	)
 {
 	time_t	now;
 	time_t	when;
 	int	retry;
 	int	retmax;
 	now = time(NULL);
 	retry = *pretry;
 	when = max(now + retry, *pnext_timeslot);
 	*pnext_timeslot = when;
-	retry = min(64, retry << 1);
+
 	/* this exponential backoff is slower than doubling up: The
 	 * sequence goes 2-3-4-6-8-12-16-24-32... and the upper limit is
 	 * 64 seconds for things that should not repeat forever, and
 	 * 1024 when repeated forever.
 	 */
 	retmax = forever ? 1024 : 64;
 	retry <<= 1;
 	if (retry & (retry - 1))
 		retry &= (retry - 1);
 	else
 		retry -= (retry >> 2);
 	retry = min(retmax, retry);
 	*pscheduled = now;
 	*pwhen = when;
--- a/contrib/ntp/libntp/ssl_init.c
+++ b/contrib/ntp/libntp/ssl_init.c
@ -15,6 +15,7 @@
 #ifdef OPENSSL
 #include "openssl/err.h"
 #include "openssl/evp.h"
 #include "libssl_compat.h"
 void	atexit_ssl_cleanup(void);
@ -62,6 +63,7 @@ ssl_check_version(void)
 	INIT_SSL();
 }
 #endif	/* OPENSSL */
@ -84,7 +86,6 @@ keytype_from_text(
 	u_char		digest[EVP_MAX_MD_SIZE];
 	char *		upcased;
 	char *		pch;
 	EVP_MD_CTX	ctx;
 	/*
 	 * OpenSSL digest short names are capitalized, so uppercase the
@ -110,8 +111,12 @@ keytype_from_text(
 	if (NULL != pdigest_len) {
 #ifdef OPENSSL
-		EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
+		EVP_MD_CTX	*ctx;
-		EVP_DigestFinal(&ctx, digest, &digest_len);
+
 		ctx = EVP_MD_CTX_new();
 		EVP_DigestInit(ctx, EVP_get_digestbynid(key_type));
 		EVP_DigestFinal(ctx, digest, &digest_len);
 		EVP_MD_CTX_free(ctx);
 		if (digest_len > max_digest_len) {
 			fprintf(stderr,
 				"key type %s %u octet digests are too big, max %lu\n",
--- a/contrib/ntp/libntp/work_fork.c
+++ b/contrib/ntp/libntp/work_fork.c
@ -114,18 +114,24 @@ interrupt_worker_sleep(void)
 /*
 * harvest_child_status() runs in the parent.
 *
 * Note the error handling -- this is an interaction with SIGCHLD.
 * SIG_IGN on SIGCHLD on some OSes means do not wait but reap
 * automatically. Since we're not really interested in the result code,
 * we simply ignore the error.
 */
 static void
 harvest_child_status(
 	blocking_child *	c
 	)
 {
-	if (c->pid)
+	if (c->pid) {
 	{
 		/* Wait on the child so it can finish terminating */
 		if (waitpid(c->pid, NULL, 0) == c->pid)
 			TRACE(4, ("harvested child %d\n", c->pid));
-		else msyslog(LOG_ERR, "error waiting on child %d: %m", c->pid);
+		else if (errno != ECHILD)
 			msyslog(LOG_ERR, "error waiting on child %d: %m", c->pid);
 		c->pid = 0;
 	}
 }
@ -162,7 +168,6 @@ cleanup_after_child(
 		close(c->resp_read_pipe);
 		c->resp_read_pipe = -1;
 	}
 	c->pid = 0;
 	c->resp_read_ctx = NULL;
 	DEBUG_INSIST(-1 == c->req_read_pipe);
 	DEBUG_INSIST(-1 == c->resp_write_pipe);
@ -461,7 +466,10 @@ fork_blocking_child(
 	fflush(stdout);
 	fflush(stderr);
-	signal_no_reset(SIGCHLD, SIG_IGN);
+	/* [BUG 3050] setting SIGCHLD to SIG_IGN likely causes unwanted
 	 * or undefined effects. We don't do it and leave SIGCHLD alone.
 	 */
 	/* signal_no_reset(SIGCHLD, SIG_IGN); */
 	childpid = fork();
 	if (-1 == childpid) {
--- a/contrib/ntp/libparse/clk_hopf6021.c
+++ b/contrib/ntp/libparse/clk_hopf6021.c
@ -113,13 +113,10 @@ static struct format hopf6021_fmt =
 #define OFFS(x) format->field_offsets[(x)].offset
 #define STOI(x, y) Stoi(&buffer[OFFS(x)], y, format->field_offsets[(x)].length)
 #define hexval(x) (('0' <= (x) && (x) <= '9') ? (x) - '0' : \
 		   ('a' <= (x) && (x) <= 'f') ? (x) - 'a' + 10 : \
 		   ('A' <= (x) && (x) <= 'F') ? (x) - 'A' + 10 : \
 		   -1)
 static parse_cvt_fnc_t cvt_hopf6021;
 static parse_inp_fnc_t inp_hopf6021;
 static unsigned char   hexval(unsigned char);
 clockformat_t clock_hopf6021 =
 {
@ -160,40 +157,40 @@ cvt_hopf6021(
 		return CVT_FAIL|CVT_BADFMT;
 	}
-	clock_time->usecond   = 0;
+	clock_time->usecond = 0;
-	clock_time->utcoffset = 0;
+	clock_time->flags   = 0;
-	status = (u_char) hexval(buffer[OFFS(O_FLAGS)]);
+	status  = hexval(buffer[OFFS(O_FLAGS)]);
-	weekday= (u_char) hexval(buffer[OFFS(O_WDAY)]);
+	weekday = hexval(buffer[OFFS(O_WDAY)]);
 	if ((status == 0xFF) || (weekday == 0xFF))
 	{
 		return CVT_FAIL|CVT_BADFMT;
 	}
 	clock_time->flags  = 0;
 	if (weekday & HOPF_UTC)
 	{
-		clock_time->flags |= PARSEB_UTC;
+		clock_time->flags     |= PARSEB_UTC;
 		clock_time->utcoffset  = 0;
 	}
 	else if (status & HOPF_DST)
 	{
 		clock_time->flags     |= PARSEB_DST;
 		clock_time->utcoffset  = -2*60*60; /* MET DST */
 	}
 	else
 	{
-		if (status & HOPF_DST)
+		clock_time->utcoffset  = -1*60*60; /* MET */
 		{
 			clock_time->flags     |= PARSEB_DST;
 			clock_time->utcoffset  = -2*60*60; /* MET DST */
 		}
 		else
 		{
 			clock_time->utcoffset  = -1*60*60; /* MET */
 		}
 	}
-	clock_time->flags |= (status & HOPF_DSTWARN)  ? PARSEB_ANNOUNCE : 0;
+	if (status & HOPF_DSTWARN)
-
+	{
 		clock_time->flags |= PARSEB_ANNOUNCE;
 	}
 	switch (status & HOPF_MODE)
 	{
 	    default:	/* dummy: we cover all 4 cases. */
 	    case HOPF_INVALID:  /* Time/Date invalid */
 		clock_time->flags |= PARSEB_POWERUP;
 		break;
@ -205,9 +202,6 @@ cvt_hopf6021(
 	    case HOPF_RADIO:    /* Radio clock */
 	    case HOPF_RADIOHP:  /* Radio clock high precision */
 		break;
 	    default:
 		return CVT_FAIL|CVT_BADFMT;
 	}
 	return CVT_OK;
@ -244,6 +238,30 @@ inp_hopf6021(
 	}
 }
 /*
 * convert a hex-digit to numeric value
 */
 static unsigned char
 hexval(
 	unsigned char ch
 	)
 {
 	unsigned int dv;
 	if ((dv = ch - '0') >= 10u)
 	{
 		if ((dv -= 'A'-'0') < 6u || (dv -= 'a'-'A') < 6u)
 		{
 			dv += 10;
 		}
 		else
 		{
 			dv = 0xFF;
 		}
 	}
 	return (unsigned char)dv;
 }
 #else /* not (REFCLOCK && CLOCK_PARSE && CLOCK_HOPF6021) */
 int clk_hopf6021_bs;
 #endif /* not (REFCLOCK && CLOCK_PARSE && CLOCK_HOPF6021) */
--- a/contrib/ntp/ntpd/complete.conf.in
+++ b/contrib/ntp/ntpd/complete.conf.in
@ -26,7 +26,7 @@ controlkey 12
 requestkey 12
 enable auth ntp monitor stats
 disable bclient calibrate kernel mode7 peer_clear_digest_early unpeer_crypto_early unpeer_crypto_nak_early unpeer_digest_early
-tos beacon 3600 ceiling 16 cohort 0 floor 1 maxclock 10 maxdist 1.5 minclock 3 mindist 0.001 minsane 1 orphan 16 orphanwait 300
+tos beacon 3600 ceiling 16 cohort 0 floor 1 maxclock 10 maxdist 1.5 minclock 3 mindist 0.001 minsane 1 orphan 16 orphanwait 300 bcpollbstep 3
 rlimit@HAVE_RLIMIT_MEMLOCK@@HAVE_RLIMIT_STACK@
 tinker allan 1500 dispersion 15 freq 0 huffpuff 7200 panic 1000 step 0.128 stepout 900 tick 0.01
 broadcastclient
--- a/contrib/ntp/ntpd/invoke-ntp.conf.texi
+++ b/contrib/ntp/ntpd/invoke-ntp.conf.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.conf.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:36:07 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:01:55 AM by AutoGen 5.18.5
 # From the definitions    ntp.conf.def
 # and the template file   agtexi-file.tpl
@end ignore
@ -1925,6 +1925,21 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
@subsubsection Broadcast Options
@table @asis
@item @code{tos} @code{[@code{bcpollbstep} @kbd{gate}]}
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
@subsubsection Manycast Options
@table @asis
@item @code{tos} @code{[@code{ceiling} @kbd{ceiling} | @code{cohort} @code{@{} @code{0} | @code{1} @code{@}} | @code{floor} @kbd{floor} | @code{minclock} @kbd{minclock} | @code{minsane} @kbd{minsane}]}
--- a/contrib/ntp/ntpd/invoke-ntp.keys.texi
+++ b/contrib/ntp/ntpd/invoke-ntp.keys.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.keys.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:36:10 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:01:58 AM by AutoGen 5.18.5
 # From the definitions    ntp.keys.def
 # and the template file   agtexi-file.tpl
@end ignore
--- a/contrib/ntp/ntpd/invoke-ntpd.texi
+++ b/contrib/ntp/ntpd/invoke-ntpd.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpd.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:36:12 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:02:00 AM by AutoGen 5.18.5
 # From the definitions    ntpd-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -142,7 +142,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntpd - NTP daemon program - Ver. 4.2.8p8
+ntpd - NTP daemon program - Ver. 4.2.8p9
 Usage:  ntpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... \
                [ <server1> ... <serverN> ]
  Flg Arg Option-Name    Description
--- a/contrib/ntp/ntpd/keyword-gen-utd
+++ b/contrib/ntp/ntpd/keyword-gen-utd
@ -1 +1 @@
- *	 Generated 2016-05-19 06:35:34 UTC	  diff_ignore_line
+ *	 Generated 2016-11-09 11:39:28 UTC	  diff_ignore_line
--- a/contrib/ntp/ntpd/keyword-gen.c
+++ b/contrib/ntp/ntpd/keyword-gen.c
@ -148,6 +148,7 @@ struct key_tok ntp_keywords[] = {
 { "cohort",		T_Cohort,		FOLLBY_TOKEN },
 { "mindist",		T_Mindist,		FOLLBY_TOKEN },
 { "maxdist",		T_Maxdist,		FOLLBY_TOKEN },
 { "bcpollbstep",	T_Bcpollbstep,		FOLLBY_TOKEN },
 { "beacon",		T_Beacon,		FOLLBY_TOKEN },
 { "orphan",		T_Orphan,		FOLLBY_TOKEN },
 { "orphanwait",		T_Orphanwait,		FOLLBY_TOKEN },
--- a/contrib/ntp/ntpd/ntp.conf.5man
+++ b/contrib/ntp/ntpd/ntp.conf.5man
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5man "02 Jun 2016" "4.2.8p8" "File Formats"
+.TH ntp.conf 5man "21 Nov 2016" "4.2.8p9" "File Formats"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-OzaOIT/ag-3zaGHT)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Q_ai3f/ag-2_aa2f)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:35:50 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:01:41 AM by AutoGen 5.18.5
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@ -2174,7 +2174,23 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
 .SS Broadcast Options
 .TP 7
 .NOP \f\*[B-Font]tos\f[] [\f\*[B-Font]bcpollbstep\f[] \f\*[I-Font]gate\f[]]
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 .SS Manycast Options
 .RS
 .TP 7
 .NOP \f\*[B-Font]tos\f[] [\f\*[B-Font]ceiling\f[] \f\*[I-Font]ceiling\f[] | \f\*[B-Font]cohort\f[] { \f\*[B-Font]0\f[] | \f\*[B-Font]1\f[] } | \f\*[B-Font]floor\f[] \f\*[I-Font]floor\f[] | \f\*[B-Font]minclock\f[] \f\*[I-Font]minclock\f[] | \f\*[B-Font]minsane\f[] \f\*[I-Font]minsane\f[]]
 This command affects the clock selection and clustering
@ -2244,7 +2260,7 @@ In manycast mode these values are used in turn
 in an expanding-ring search.
 The default is eight
 multiples of 32 starting at 31.
-.PP
+.RE
 .SH Reference Clock Support
 The NTP Version 4 daemon supports some three dozen different radio,
 satellite and modem reference clocks plus a special pseudo-clock
@ -2411,6 +2427,7 @@ option is used for this purpose.
 Except where noted,
 these options apply to all clock drivers.
 .SS Reference Clock Commands
 .RS
 .TP 7
 .NOP \f\*[B-Font]server\f[] \f[C]127.127.\f[]\f\*[I-Font]t\f[].\f\*[I-Font]u\f[] [\f\*[B-Font]prefer\f[]] [\f\*[B-Font]mode\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]minpoll\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]maxpoll\f[] \f\*[I-Font]int\f[]]
 This command can be used to configure reference clocks in
@ -2559,8 +2576,9 @@ Further information on the
 command can be found in
 \fIMonitoring\f[] \fIOptions\f[].
 .RE
-.PP
+.RE
 .SH Miscellaneous Options
 .RS
 .TP 7
 .NOP \f\*[B-Font]broadcastdelay\f[] \f\*[I-Font]seconds\f[]
 The broadcast and multicast modes require a special calibration
@ -3079,8 +3097,9 @@ In manycast mode these values are used in turn in
 an expanding-ring search.
 The default is eight multiples of 32 starting at
 31.
-.PP
+.RE
 .SH "OPTIONS"
 .RS
 .TP
 .NOP \f\*[B-Font]\-\-help\f[]
 Display usage information and exit.
@ -3092,7 +3111,7 @@ Pass the extended usage information through a pager.
 Output version of program and exit.  The default mode is `v', a simple
 version.  The `c' mode will print copyright information and `n' will
 print the full copyright notice.
-.PP
+.RE
 .SH "OPTION PRESETS"
 Any option that is not marked as \fInot presettable\fP may be preset
 by loading values from environment variables named:
@ -3103,6 +3122,7 @@ by loading values from environment variables named:
 .SH "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .SH FILES
 .RS
 .TP 15
 .NOP \fI/etc/ntp.conf\f[]
 the default name of the configuration file
@ -3126,9 +3146,10 @@ RSA public key
 .TP 15
 .NOP \fIntp_dh\f[]
 Diffie-Hellman agreement parameters
-.PP
+.RE
 .SH "EXIT STATUS"
 One of the following exit values will be returned:
 .RS
 .TP
 .NOP 0 " (EXIT_SUCCESS)"
 Successful program execution.
@ -3139,7 +3160,7 @@ The operation failed or the command syntax was not valid.
 .NOP 70 " (EX_SOFTWARE)"
 libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
-.PP
+.RE
 .SH "SEE ALSO"
 \fCntpd\f[]\fR(1ntpdmdoc)\f[],
 \fCntpdc\f[]\fR(1ntpdcmdoc)\f[],
--- a/contrib/ntp/ntpd/ntp.conf.5mdoc
+++ b/contrib/ntp/ntpd/ntp.conf.5mdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTP_CONF 5mdoc File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:16 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:03 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@ -1995,6 +1995,25 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
 .Ss Broadcast Options
 .Bl -tag -width indent
 .It Xo Ic tos
 .Oo
 .Cm bcpollbstep Ar gate
 .Oc
 .Xc
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 .Ss Manycast Options
 .Bl -tag -width indent
 .It Xo Ic tos
--- a/contrib/ntp/ntpd/ntp.conf.def
+++ b/contrib/ntp/ntpd/ntp.conf.def
@ -1997,6 +1997,25 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
 .Ss Broadcast Options
 .Bl -tag -width indent
 .It Xo Ic tos
 .Oo
 .Cm bcpollbstep Ar gate
 .Oc
 .Xc
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 .Ss Manycast Options
 .Bl -tag -width indent
 .It Xo Ic tos
--- a/contrib/ntp/ntpd/ntp.conf.html
+++ b/contrib/ntp/ntpd/ntp.conf.html
@ -33,9 +33,9 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>This document describes the configuration file for the NTP Project's
 <code>ntpd</code> program.
-  <p>This document applies to version 4.2.8p8 of <code>ntp.conf</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntp.conf</code>.
-  <div class="shortcontents">
+       <div class="shortcontents">
 <h2>Short Contents</h2>
 <ul>
 <a href="#Top">NTP's Configuration File User Manual</a>
@ -1926,9 +1926,25 @@ scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
-<h5 class="subsubsection">Manycast Options</h5>
+<h5 class="subsubsection">Broadcast Options</h5>
     <dl>
 <dt><code>tos</code> <code>[bcpollbstep </code><kbd>gate</kbd><code>]</code><dd>This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server. 
 Broadcast time networks are expected to be trusted. 
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible. 
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible. 
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 <h5 class="subsubsection">Manycast Options</h5>
          <dl>
 <dt><code>tos</code> <code>[ceiling </code><kbd>ceiling</kbd><code> | cohort { 0 | 1 } | floor </code><kbd>floor</kbd><code> | minclock </code><kbd>minclock</kbd><code> | minsane </code><kbd>minsane</kbd><code>]</code><dd>This command affects the clock selection and clustering
 algorithms. 
 It can be used to select the quality and
@ -1936,7 +1952,7 @@ quantity of peers used to synchronize the system clock
 and is most useful in manycast mode. 
 The variables operate
 as follows:
-          <dl>
+               <dl>
 <dt><code>ceiling</code> <kbd>ceiling</kbd><dd>Peers with strata above
 <code>ceiling</code>
 will be discarded if there are at least
@ -1978,14 +1994,14 @@ Byzantine agreement,
 should be at least 4 in order to detect and discard
 a single falseticker. 
 </dl>
-     <br><dt><code>ttl</code> <kbd>hop</kbd> <kbd>...</kbd><dd>This command specifies a list of TTL values in increasing
+          <br><dt><code>ttl</code> <kbd>hop</kbd> <kbd>...</kbd><dd>This command specifies a list of TTL values in increasing
 order, up to 8 values can be specified. 
 In manycast mode these values are used in turn
 in an expanding-ring search. 
 The default is eight
 multiples of 32 starting at 31. 
 </dl>
-<div class="node">
+     <div class="node">
 <p><hr>
 <a name="Reference-Clock-Support"></a>
 <br>
@ -1993,7 +2009,7 @@ multiples of 32 starting at 31.
 <h4 class="subsection">Reference Clock Support</h4>
-<p>The NTP Version 4 daemon supports some three dozen different radio,
+     <p>The NTP Version 4 daemon supports some three dozen different radio,
 satellite and modem reference clocks plus a special pseudo-clock
 used for backup or when no other clock source is available. 
 Detailed descriptions of individual device drivers and options can
@ -2030,7 +2046,7 @@ page
 provided in
 <span class="file">/usr/share/doc/ntp</span>).
-  <p>A reference clock will generally (though not always) be a radio
+       <p>A reference clock will generally (though not always) be a radio
 timecode receiver which is synchronized to a source of standard
 time such as the services offered by the NRC in Canada and NIST and
 USNO in the US. 
@ -2046,7 +2062,7 @@ or the hardware port has not been appropriately configured results
 in a scalding remark to the system log file, but is otherwise non
 hazardous.
-  <p>For the purposes of configuration,
+       <p>For the purposes of configuration,
 <code>ntpd(1ntpdmdoc)</code>
 treats
 reference clocks in a manner analogous to normal NTP peers as much
@ -2067,7 +2083,7 @@ While it may seem overkill, it is in fact
 sometimes useful to configure multiple reference clocks of the same
 type, in which case the unit numbers must be unique.
-  <p>The
+       <p>The
 <code>server</code>
 command is used to configure a reference
 clock, where the
@ -2105,7 +2121,7 @@ meaning only for selected clock drivers.
 See the individual clock
 driver document pages for additional information.
-  <p>The
+       <p>The
 <code>fudge</code>
 command is used to provide additional
 information for individual clock drivers and normally follows
@ -2127,7 +2143,7 @@ in the
 <code>fudge</code>
 command as well.
-  <p>The stratum number of a reference clock is by default zero. 
+       <p>The stratum number of a reference clock is by default zero. 
 Since the
 <code>ntpd(1ntpdmdoc)</code>
 daemon adds one to the stratum of each
@ -2150,11 +2166,11 @@ these options apply to all clock drivers.
 <h5 class="subsubsection">Reference Clock Commands</h5>
-     <dl>
+          <dl>
 <dt><code>server</code> <code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd> <code>[prefer]</code> <code>[mode </code><kbd>int</kbd><code>]</code> <code>[minpoll </code><kbd>int</kbd><code>]</code> <code>[maxpoll </code><kbd>int</kbd><code>]</code><dd>This command can be used to configure reference clocks in
 special ways. 
 The options are interpreted as follows:
-          <dl>
+               <dl>
 <dt><code>prefer</code><dd>Marks the reference clock as preferred. 
 All other things being
 equal, this host will be chosen for synchronization among a set of
@ -2187,7 +2203,7 @@ defaults to 10 (17.1 m) and
 defaults to 14 (4.5 h). 
 The allowable range is 4 (16 s) to 17 (36.4 h) inclusive. 
 </dl>
-     <br><dt><code>fudge</code> <code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd> <code>[time1 </code><kbd>sec</kbd><code>]</code> <code>[time2 </code><kbd>sec</kbd><code>]</code> <code>[stratum </code><kbd>int</kbd><code>]</code> <code>[refid </code><kbd>string</kbd><code>]</code> <code>[mode </code><kbd>int</kbd><code>]</code> <code>[flag1 0 | 1]</code> <code>[flag2 0 | 1]</code> <code>[flag3 0 | 1]</code> <code>[flag4 0 | 1]</code><dd>This command can be used to configure reference clocks in
+          <br><dt><code>fudge</code> <code>127.127.</code><kbd>t</kbd>.<kbd>u</kbd> <code>[time1 </code><kbd>sec</kbd><code>]</code> <code>[time2 </code><kbd>sec</kbd><code>]</code> <code>[stratum </code><kbd>int</kbd><code>]</code> <code>[refid </code><kbd>string</kbd><code>]</code> <code>[mode </code><kbd>int</kbd><code>]</code> <code>[flag1 0 | 1]</code> <code>[flag2 0 | 1]</code> <code>[flag3 0 | 1]</code> <code>[flag4 0 | 1]</code><dd>This command can be used to configure reference clocks in
 special ways. 
 It must immediately follow the
 <code>server</code>
@ -2198,7 +2214,7 @@ is possible at run time using the
 program. 
 The options are interpreted as
 follows:
-          <dl>
+               <dl>
 <dt><code>time1</code> <kbd>sec</kbd><dd>Specifies a constant to be added to the time offset produced by
 the driver, a fixed-point decimal number in seconds. 
 This is used
@ -2269,8 +2285,8 @@ Further information on the
 command can be found in
 <a href="#Monitoring-Options">Monitoring Options</a>. 
 </dl>
-     </dl>
+          </dl>
-<div class="node">
+     <div class="node">
 <p><hr>
 <a name="Miscellaneous-Options"></a>
 <br>
@ -2278,7 +2294,7 @@ command can be found in
 <h4 class="subsection">Miscellaneous Options</h4>
-     <dl>
+          <dl>
 <dt><code>broadcastdelay</code> <kbd>seconds</kbd><dd>The broadcast and multicast modes require a special calibration
 to determine the network delay between the local and remote
 servers. 
@ -2311,7 +2327,7 @@ frequency of zero and creates the file when writing it for the first time.
 If this command is not given, the daemon will always start with an initial
 frequency of zero.
-     <p>The file format consists of a single line containing a single
+          <p>The file format consists of a single line containing a single
 floating point number, which records the frequency offset measured
 in parts-per-million (PPM). 
 The file is updated by first writing
@ -2331,7 +2347,7 @@ Note that all of these flags
 can be controlled remotely using the
 <code>ntpdc(1ntpdcmdoc)</code>
 utility program.
-          <dl>
+               <dl>
 <dt><code>auth</code><dd>Enables the server to synchronize with unconfigured peers only if the
 peer has been correctly authenticated using either public key or
 private key cryptography. 
@ -2466,7 +2482,7 @@ The
 default for this flag is
 <code>enable</code>. 
 </dl>
-     <br><dt><code>includefile</code> <kbd>includefile</kbd><dd>This command allows additional configuration commands
+          <br><dt><code>includefile</code> <kbd>includefile</kbd><dd>This command allows additional configuration commands
 to be included from a separate file. 
 Include files may
 be nested to a depth of five; upon reaching the end of any
@ -2527,7 +2543,7 @@ and
 status messages
 (<code>status</code>).
-     <p>Configuration keywords are formed by concatenating the message class with
+          <p>Configuration keywords are formed by concatenating the message class with
 the event class. 
 The
 <code>all</code>
@ -2539,20 +2555,20 @@ keyword to enable/disable all
 messages of the respective message class. 
 Thus, a minimal log configuration
 could look like this:
-<pre class="verbatim">     
+<pre class="verbatim">          
-     logconfig =syncstatus +sysevents
+          logconfig =syncstatus +sysevents
-</pre>
+     </pre>
-     <p>This would just list the synchronizations state of
+          <p>This would just list the synchronizations state of
 <code>ntpd(1ntpdmdoc)</code>
 and the major system events. 
 For a simple reference server, the
 following minimum message configuration could be useful:
-<pre class="verbatim">     
+<pre class="verbatim">          
-     logconfig =syncall +clockall
+          logconfig =syncall +clockall
-</pre>
+     </pre>
-     <p>This configuration will list all clock information and
+          <p>This configuration will list all clock information and
 synchronization information. 
 All other events and messages about
 peers, system events and so on is suppressed. 
@ -2611,8 +2627,8 @@ for them.
 Emphasis added: twisters are on their own and can expect
 no help from the support group.
-     <p>The variables operate as follows:
+          <p>The variables operate as follows:
-          <dl>
+               <dl>
 <dt><code>allan</code> <kbd>allan</kbd><dd>The argument becomes the new value for the minimum Allan
 intercept, which is a parameter of the PLL/FLL clock discipline
 algorithm. 
@ -2661,8 +2677,8 @@ be set to any positive number in seconds.
 If set to zero, the stepout
 pulses will not be suppressed. 
 </dl>
-     <br><dt><code>rlimit</code> <code>[memlock </code><kbd>Nmegabytes</kbd><code> | stacksize </code><kbd>N4kPages</kbd><code> filenum </code><kbd>Nfiledescriptors</kbd><code>]</code><dd>
+          <br><dt><code>rlimit</code> <code>[memlock </code><kbd>Nmegabytes</kbd><code> | stacksize </code><kbd>N4kPages</kbd><code> filenum </code><kbd>Nfiledescriptors</kbd><code>]</code><dd>
-          <dl>
+               <dl>
 <dt><code>memlock</code> <kbd>Nmegabytes</kbd><dd>Specify the number of megabytes of memory that should be
 allocated and locked. 
 Probably only available under Linux, this option may be useful
@ -2679,7 +2695,7 @@ Defaults to 50 4k pages (200 4k pages in OpenBSD).
 <br><dt><code>filenum</code> <kbd>Nfiledescriptors</kbd><dd>Specifies the maximum number of file descriptors ntpd may have open at once. 
 Defaults to the system default. 
 </dl>
-     <br><dt><code>trap</code> <kbd>host_address</kbd> <code>[port </code><kbd>port_number</kbd><code>]</code> <code>[interface </code><kbd>interface_address</kbd><code>]</code><dd>This command configures a trap receiver at the given host
+          <br><dt><code>trap</code> <kbd>host_address</kbd> <code>[port </code><kbd>port_number</kbd><code>]</code> <code>[interface </code><kbd>interface_address</kbd><code>]</code><dd>This command configures a trap receiver at the given host
 address and port number for sending messages with the specified
 local interface address. 
 If the port number is unspecified, a value
@ -2690,7 +2706,7 @@ message is sent through.
 Note that on a multihomed host the
 interface used may vary from time to time with routing changes.
-     <p>The trap receiver will generally log event messages and other
+          <p>The trap receiver will generally log event messages and other
 information from the server in a log file. 
 While such monitor
 programs may also request their own trap dynamically, configuring a
@ -2704,11 +2720,11 @@ The default is eight multiples of 32 starting at
 31. 
 </dl>
-  <p>This section was generated by <strong>AutoGen</strong>,
+       <p>This section was generated by <strong>AutoGen</strong>,
 using the <code>agtexi-cmd</code> template and the option descriptions for the <code>ntp.conf</code> program. 
 This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
-<ul class="menu">
+     <ul class="menu">
 <li><a accesskey="1" href="#ntp_002econf-Files">ntp.conf Files</a>:                   Files
 <li><a accesskey="2" href="#ntp_002econf-See-Also">ntp.conf See Also</a>:                See Also
 <li><a accesskey="3" href="#ntp_002econf-Bugs">ntp.conf Bugs</a>:                    Bugs
@ -2723,14 +2739,14 @@ This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
 <h4 class="subsection">ntp.conf Files</h4>
-     <dl>
+          <dl>
 <dt><span class="file">/etc/ntp.conf</span><dd>the default name of the configuration file
 <br><dt><span class="file">ntp.keys</span><dd>private MD5 keys
 <br><dt><span class="file">ntpkey</span><dd>RSA private key
 <br><dt><span class="file">ntpkey_</span><kbd>host</kbd><dd>RSA public key
 <br><dt><span class="file">ntp_dh</span><dd>Diffie-Hellman agreement parameters
 </dl>
-<div class="node">
+     <div class="node">
 <p><hr>
 <a name="ntp_002econf-See-Also"></a>
 <br>
@ -2738,11 +2754,11 @@ This software is released under the NTP license, &lt;http://ntp.org/license&gt;.
 <h4 class="subsection">ntp.conf See Also</h4>
-<p><code>ntpd(1ntpdmdoc)</code>,
+     <p><code>ntpd(1ntpdmdoc)</code>,
 <code>ntpdc(1ntpdcmdoc)</code>,
 <code>ntpq(1ntpqmdoc)</code>
-  <p>In addition to the manual pages provided,
+       <p>In addition to the manual pages provided,
 comprehensive documentation is available on the world wide web
 at
 <code>http://www.ntp.org/</code>. 
@ -2750,7 +2766,7 @@ A snapshot of this documentation is available in HTML format in
 <span class="file">/usr/share/doc/ntp</span>. 
 <br>
-  <p><br>
+       <p><br>
 David L. Mills, <em>Network Time Protocol (Version 4)</em>, RFC5905
 <div class="node">
 <p><hr>
@ -2760,11 +2776,11 @@ David L. Mills, <em>Network Time Protocol (Version 4)</em>, RFC5905
 <h4 class="subsection">ntp.conf Bugs</h4>
-<p>The syntax checking is not picky; some combinations of
+     <p>The syntax checking is not picky; some combinations of
 ridiculous and even hilarious options and modes may not be
 detected.
-  <p>The
+       <p>The
 <span class="file">ntpkey_</span><kbd>host</kbd>
 files are really digital
 certificates. 
@ -2778,7 +2794,7 @@ services when they become universally available.
 <h4 class="subsection">ntp.conf Notes</h4>
-<p>This document was derived from FreeBSD.
+     <p>This document was derived from FreeBSD.
 </body></html>
--- a/contrib/ntp/ntpd/ntp.conf.man.in
+++ b/contrib/ntp/ntpd/ntp.conf.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5 "02 Jun 2016" "4.2.8p8" "File Formats"
+.TH ntp.conf 5 "21 Nov 2016" "4.2.8p9" "File Formats"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-OzaOIT/ag-3zaGHT)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Q_ai3f/ag-2_aa2f)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:35:50 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:01:41 AM by AutoGen 5.18.5
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@ -2174,7 +2174,23 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
 .SS Broadcast Options
 .TP 7
 .NOP \f\*[B-Font]tos\f[] [\f\*[B-Font]bcpollbstep\f[] \f\*[I-Font]gate\f[]]
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 .SS Manycast Options
 .RS
 .TP 7
 .NOP \f\*[B-Font]tos\f[] [\f\*[B-Font]ceiling\f[] \f\*[I-Font]ceiling\f[] | \f\*[B-Font]cohort\f[] { \f\*[B-Font]0\f[] | \f\*[B-Font]1\f[] } | \f\*[B-Font]floor\f[] \f\*[I-Font]floor\f[] | \f\*[B-Font]minclock\f[] \f\*[I-Font]minclock\f[] | \f\*[B-Font]minsane\f[] \f\*[I-Font]minsane\f[]]
 This command affects the clock selection and clustering
@ -2244,7 +2260,7 @@ In manycast mode these values are used in turn
 in an expanding-ring search.
 The default is eight
 multiples of 32 starting at 31.
-.PP
+.RE
 .SH Reference Clock Support
 The NTP Version 4 daemon supports some three dozen different radio,
 satellite and modem reference clocks plus a special pseudo-clock
@ -2411,6 +2427,7 @@ option is used for this purpose.
 Except where noted,
 these options apply to all clock drivers.
 .SS Reference Clock Commands
 .RS
 .TP 7
 .NOP \f\*[B-Font]server\f[] \f[C]127.127.\f[]\f\*[I-Font]t\f[].\f\*[I-Font]u\f[] [\f\*[B-Font]prefer\f[]] [\f\*[B-Font]mode\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]minpoll\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]maxpoll\f[] \f\*[I-Font]int\f[]]
 This command can be used to configure reference clocks in
@ -2559,8 +2576,9 @@ Further information on the
 command can be found in
 \fIMonitoring\f[] \fIOptions\f[].
 .RE
-.PP
+.RE
 .SH Miscellaneous Options
 .RS
 .TP 7
 .NOP \f\*[B-Font]broadcastdelay\f[] \f\*[I-Font]seconds\f[]
 The broadcast and multicast modes require a special calibration
@ -3079,8 +3097,9 @@ In manycast mode these values are used in turn in
 an expanding-ring search.
 The default is eight multiples of 32 starting at
 31.
-.PP
+.RE
 .SH "OPTIONS"
 .RS
 .TP
 .NOP \f\*[B-Font]\-\-help\f[]
 Display usage information and exit.
@ -3092,7 +3111,7 @@ Pass the extended usage information through a pager.
 Output version of program and exit.  The default mode is `v', a simple
 version.  The `c' mode will print copyright information and `n' will
 print the full copyright notice.
-.PP
+.RE
 .SH "OPTION PRESETS"
 Any option that is not marked as \fInot presettable\fP may be preset
 by loading values from environment variables named:
@ -3103,6 +3122,7 @@ by loading values from environment variables named:
 .SH "ENVIRONMENT"
 See \fBOPTION PRESETS\fP for configuration environment variables.
 .SH FILES
 .RS
 .TP 15
 .NOP \fI/etc/ntp.conf\f[]
 the default name of the configuration file
@ -3126,9 +3146,10 @@ RSA public key
 .TP 15
 .NOP \fIntp_dh\f[]
 Diffie-Hellman agreement parameters
-.PP
+.RE
 .SH "EXIT STATUS"
 One of the following exit values will be returned:
 .RS
 .TP
 .NOP 0 " (EXIT_SUCCESS)"
 Successful program execution.
@ -3139,7 +3160,7 @@ The operation failed or the command syntax was not valid.
 .NOP 70 " (EX_SOFTWARE)"
 libopts had an internal operational error.  Please report
 it to autogen-users@lists.sourceforge.net.  Thank you.
-.PP
+.RE
 .SH "SEE ALSO"
 \fCntpd\f[]\fR(@NTPD_MS@)\f[],
 \fCntpdc\f[]\fR(@NTPDC_MS@)\f[],
--- a/contrib/ntp/ntpd/ntp.conf.mdoc.in
+++ b/contrib/ntp/ntpd/ntp.conf.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTP_CONF 5 File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:16 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:03 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@ -1995,6 +1995,25 @@ At the same time, the manycast
 scheme starts all over from the beginning and
 the expanding ring shrinks to the minimum and increments
 from there while collecting all servers in scope.
 .Ss Broadcast Options
 .Bl -tag -width indent
 .It Xo Ic tos
 .Oo
 .Cm bcpollbstep Ar gate
 .Oc
 .Xc
 This command provides a way to delay,
 by the specified number of broadcast poll intervals,
 believing backward time steps from a broadcast server.
 Broadcast time networks are expected to be trusted.
 In the event a broadcast server's time is stepped backwards,
 there is clear benefit to having the clients notice this change
 as soon as possible.
 Attacks such as replay attacks can happen, however,
 and even though there are a number of protections built in to
 broadcast mode, attempts to perform  a replay attack are possible.
 This value defaults to 0, but can be changed
 to any number of poll intervals between 0 and 4.
 .Ss Manycast Options
 .Bl -tag -width indent
 .It Xo Ic tos
--- a/contrib/ntp/ntpd/ntp.keys.5man
+++ b/contrib/ntp/ntpd/ntp.keys.5man
@ -1,8 +1,8 @@
-.TH ntp.keys 5man "02 Jun 2016" "4.2.8p8" "File Formats"
+.TH ntp.keys 5man "21 Nov 2016" "4.2.8p9" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:35:57 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:01:46 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/ntp.keys.5mdoc
+++ b/contrib/ntp/ntpd/ntp.keys.5mdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTP_KEYS 5mdoc File Formats
 .Os SunOS 5.10
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:20 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:06 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/ntp.keys.html
+++ b/contrib/ntp/ntpd/ntp.keys.html
@ -33,7 +33,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>This document describes the symmetric key file for the NTP Project's
 <code>ntpd</code> program.
-  <p>This document applies to version 4.2.8p8 of <code>ntp.keys</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntp.keys</code>.
  <div class="shortcontents">
 <h2>Short Contents</h2>
--- a/contrib/ntp/ntpd/ntp.keys.man.in
+++ b/contrib/ntp/ntpd/ntp.keys.man.in
@ -1,8 +1,8 @@
-.TH ntp.keys 5 "02 Jun 2016" "4.2.8p8" "File Formats"
+.TH ntp.keys 5 "21 Nov 2016" "4.2.8p9" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:35:57 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:01:46 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/ntp.keys.mdoc.in
+++ b/contrib/ntp/ntpd/ntp.keys.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTP_KEYS 5 File Formats
 .Os SunOS 5.10
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:20 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:06 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/ntp_config.c
+++ b/contrib/ntp/ntpd/ntp_config.c
@ -53,6 +53,12 @@
 #include "ntp_parser.h"
 #include "ntpd-opts.h"
 #ifndef IGNORE_DNS_ERRORS
 # define DNSFLAGS 0
 #else
 # define DNSFLAGS GAIR_F_IGNDNSERR
 #endif
 extern int yyparse(void);
 /* Bug 2817 */
@ -2002,6 +2008,21 @@ config_tos(
 			INSIST(0);
 			break;
 		case T_Bcpollbstep:
 			if (val > 4) {
 				msyslog(LOG_WARNING,
 					"Using maximum bcpollbstep ceiling %d, %g requested",
 					4, val);
 				val = 4;
 			} else if (val < 0) {
 				msyslog(LOG_WARNING,
 					"Using minimum bcpollbstep floor %d, %g requested",
 					0, val);
 				val = 0;
 			}
 			item = PROTO_BCPOLLBSTEP;
 			break;
 		case T_Ceiling:
 			if (val > STRATUM_UNSPEC - 1) {
 				msyslog(LOG_WARNING,
@ -3813,11 +3834,11 @@ config_peers(
 			hints.ai_socktype = SOCK_DGRAM;
 			hints.ai_protocol = IPPROTO_UDP;
-			getaddrinfo_sometime(*cmdline_servers,
+			getaddrinfo_sometime_ex(*cmdline_servers,
 					     "ntp", &hints,
 					     INITIAL_DNS_RETRY,
 					     &peer_name_resolved,
-					     (void *)ctx);
+					     (void *)ctx, DNSFLAGS);
 # else	/* !WORKER follows */
 			msyslog(LOG_ERR,
 				"hostname %s can not be used, please use IP address instead.",
@ -3891,10 +3912,11 @@ config_peers(
 			hints.ai_socktype = SOCK_DGRAM;
 			hints.ai_protocol = IPPROTO_UDP;
-			getaddrinfo_sometime(curr_peer->addr->address,
+			getaddrinfo_sometime_ex(curr_peer->addr->address,
 					     "ntp", &hints,
 					     INITIAL_DNS_RETRY,
-					     &peer_name_resolved, ctx);
+					     &peer_name_resolved, ctx,
 					     DNSFLAGS);
 # else	/* !WORKER follows */
 			msyslog(LOG_ERR,
 				"hostname %s can not be used, please use IP address instead.",
@ -3935,16 +3957,10 @@ peer_name_resolved(
 	DPRINTF(1, ("peer_name_resolved(%s) rescode %d\n", name, rescode));
 	if (rescode) {
 #ifndef IGNORE_DNS_ERRORS
 		free(ctx);
 		msyslog(LOG_ERR,
 			"giving up resolving host %s: %s (%d)",
 			name, gai_strerror(rescode), rescode);
 #else	/* IGNORE_DNS_ERRORS follows */
 		getaddrinfo_sometime(name, service, hints,
 				     INITIAL_DNS_RETRY,
 				     &peer_name_resolved, context);
 #endif
 		return;
 	}
--- a/contrib/ntp/ntpd/ntp_control.c
+++ b/contrib/ntp/ntpd/ntp_control.c
@ -33,6 +33,7 @@
 # include "ntp_syscall.h"
 #endif
 #include "libssl_compat.h"
 /*
 * Structure to hold request procedure information
@ -120,14 +121,14 @@ static const struct ctl_proc control_codes[] = {
 	{ CTL_OP_READVAR,		NOAUTH,	read_variables },
 	{ CTL_OP_WRITEVAR,		AUTH,	write_variables },
 	{ CTL_OP_READCLOCK,		NOAUTH,	read_clockstatus },
-	{ CTL_OP_WRITECLOCK,		NOAUTH,	write_clockstatus },
+	{ CTL_OP_WRITECLOCK,		AUTH,	write_clockstatus },
-	{ CTL_OP_SETTRAP,		NOAUTH,	set_trap },
+	{ CTL_OP_SETTRAP,		AUTH,	set_trap },
 	{ CTL_OP_CONFIGURE,		AUTH,	configure },
 	{ CTL_OP_SAVECONFIG,		AUTH,	save_config },
 	{ CTL_OP_READ_MRU,		NOAUTH,	read_mru_list },
 	{ CTL_OP_READ_ORDLIST_A,	AUTH,	read_ordlist },
 	{ CTL_OP_REQ_NONCE,		NOAUTH,	req_nonce },
-	{ CTL_OP_UNSETTRAP,		NOAUTH,	unset_trap },
+	{ CTL_OP_UNSETTRAP,		AUTH,	unset_trap },
 	{ NO_REQUEST,			0,	NULL }
 };
@ -3158,15 +3159,21 @@ ctl_getitem(
 	for (v = var_list; !(EOV & v->flags); ++v)
 		if (!(PADDING & v->flags)) {
-			/* check if the var name matches the buffer */
+			/* Check if the var name matches the buffer. The
 			 * name is bracketed by [reqpt..tp] and not NUL
 			 * terminated, and it contains no '=' char. The
 			 * lookup value IS NUL-terminated but might
 			 * include a '='... We have to look out for
 			 * that!
 			 */
 			const char *sp1 = reqpt;
 			const char *sp2 = v->text;
-			
+
-			while ((sp1 != tp) && *sp2 && (*sp1 == *sp2)) {
+			while ((sp1 != tp) && (*sp1 == *sp2)) {
 				++sp1;
 				++sp2;
 			}
-			if (sp1 == tp && !*sp2)
+			if (sp1 == tp && (*sp2 == '\0' || *sp2 == '='))
 				break;
 		}
@ -3649,7 +3656,7 @@ static u_int32 derive_nonce(
 		u_char	digest[EVP_MAX_MD_SIZE];
 		u_int32 extract;
 	}		d;
-	EVP_MD_CTX	ctx;
+	EVP_MD_CTX	*ctx;
 	u_int		len;
 	while (!salt[0] || current_time - last_salt_update >= 3600) {
@ -3660,19 +3667,21 @@ static u_int32 derive_nonce(
 		last_salt_update = current_time;
 	}
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
+	ctx = EVP_MD_CTX_new();
-	EVP_DigestUpdate(&ctx, salt, sizeof(salt));
+	EVP_DigestInit(ctx, EVP_get_digestbynid(NID_md5));
-	EVP_DigestUpdate(&ctx, &ts_i, sizeof(ts_i));
+	EVP_DigestUpdate(ctx, salt, sizeof(salt));
-	EVP_DigestUpdate(&ctx, &ts_f, sizeof(ts_f));
+	EVP_DigestUpdate(ctx, &ts_i, sizeof(ts_i));
 	EVP_DigestUpdate(ctx, &ts_f, sizeof(ts_f));
 	if (IS_IPV4(addr))
-		EVP_DigestUpdate(&ctx, &SOCK_ADDR4(addr),
+		EVP_DigestUpdate(ctx, &SOCK_ADDR4(addr),
 			         sizeof(SOCK_ADDR4(addr)));
 	else
-		EVP_DigestUpdate(&ctx, &SOCK_ADDR6(addr),
+		EVP_DigestUpdate(ctx, &SOCK_ADDR6(addr),
 			         sizeof(SOCK_ADDR6(addr)));
-	EVP_DigestUpdate(&ctx, &NSRCPORT(addr), sizeof(NSRCPORT(addr)));
+	EVP_DigestUpdate(ctx, &NSRCPORT(addr), sizeof(NSRCPORT(addr)));
-	EVP_DigestUpdate(&ctx, salt, sizeof(salt));
+	EVP_DigestUpdate(ctx, salt, sizeof(salt));
-	EVP_DigestFinal(&ctx, d.digest, &len);
+	EVP_DigestFinal(ctx, d.digest, &len);
 	EVP_MD_CTX_free(ctx);
 	return d.extract;
 }
@ -3954,15 +3963,17 @@ static void read_mru_list(
 	int restrict_mask
 	)
 {
-	const char		nonce_text[] =		"nonce";
+	static const char	nulltxt[1] = 		{ '\0' };	
-	const char		frags_text[] =		"frags";
+	static const char	nonce_text[] =		"nonce";
-	const char		limit_text[] =		"limit";
+	static const char	frags_text[] =		"frags";
-	const char		mincount_text[] =	"mincount";
+	static const char	limit_text[] =		"limit";
-	const char		resall_text[] =		"resall";
+	static const char	mincount_text[] =	"mincount";
-	const char		resany_text[] =		"resany";
+	static const char	resall_text[] =		"resall";
-	const char		maxlstint_text[] =	"maxlstint";
+	static const char	resany_text[] =		"resany";
-	const char		laddr_text[] =		"laddr";
+	static const char	maxlstint_text[] =	"maxlstint";
-	const char		resaxx_fmt[] =		"0x%hx";
+	static const char	laddr_text[] =		"laddr";
 	static const char	resaxx_fmt[] =		"0x%hx";
 	u_int			limit;
 	u_short			frags;
 	u_short			resall;
@ -3979,7 +3990,7 @@ static void read_mru_list(
 	char			buf[128];
 	struct ctl_var *	in_parms;
 	const struct ctl_var *	v;
-	char *			val;
+	const char *		val;
 	const char *		pch;
 	char *			pnonce;
 	int			nonce_valid;
@ -4031,46 +4042,68 @@ static void read_mru_list(
 	ZERO(last);
 	ZERO(addr);
-	while (NULL != (v = ctl_getitem(in_parms, &val)) &&
+	/* have to go through '(void*)' to drop 'const' property from pointer.
 	 * ctl_getitem()' needs some cleanup, too.... perlinger@ntp.org
 	 */
 	while (NULL != (v = ctl_getitem(in_parms, (void*)&val)) &&
 	       !(EOV & v->flags)) {
 		int si;
 		if (NULL == val)
 			val = nulltxt;
 		if (!strcmp(nonce_text, v->text)) {
-			if (NULL != pnonce)
+			free(pnonce);
-				free(pnonce);
+			pnonce = (*val) ? estrdup(val) : NULL;
 			pnonce = estrdup(val);
 		} else if (!strcmp(frags_text, v->text)) {
-			sscanf(val, "%hu", &frags);
+			if (1 != sscanf(val, "%hu", &frags))
 				goto blooper;
 		} else if (!strcmp(limit_text, v->text)) {
-			sscanf(val, "%u", &limit);
+			if (1 != sscanf(val, "%u", &limit))
 				goto blooper;
 		} else if (!strcmp(mincount_text, v->text)) {
-			if (1 != sscanf(val, "%d", &mincount) ||
+			if (1 != sscanf(val, "%d", &mincount))
-			    mincount < 0)
+				goto blooper;
 			if (mincount < 0)
 				mincount = 0;
 		} else if (!strcmp(resall_text, v->text)) {
-			sscanf(val, resaxx_fmt, &resall);
+			if (1 != sscanf(val, resaxx_fmt, &resall))
 				goto blooper;
 		} else if (!strcmp(resany_text, v->text)) {
-			sscanf(val, resaxx_fmt, &resany);
+			if (1 != sscanf(val, resaxx_fmt, &resany))
 				goto blooper;
 		} else if (!strcmp(maxlstint_text, v->text)) {
-			sscanf(val, "%u", &maxlstint);
+			if (1 != sscanf(val, "%u", &maxlstint))
 				goto blooper;
 		} else if (!strcmp(laddr_text, v->text)) {
-			if (decodenetnum(val, &laddr))
+			if (!decodenetnum(val, &laddr))
-				lcladr = getinterface(&laddr, 0);
+				goto blooper;
 			lcladr = getinterface(&laddr, 0);
 		} else if (1 == sscanf(v->text, last_fmt, &si) &&
 			   (size_t)si < COUNTOF(last)) {
-			if (2 == sscanf(val, "0x%08x.%08x", &ui, &uf)) {
+			if (2 != sscanf(val, "0x%08x.%08x", &ui, &uf))
-				last[si].l_ui = ui;
+				goto blooper;
-				last[si].l_uf = uf;
+			last[si].l_ui = ui;
-				if (!SOCK_UNSPEC(&addr[si]) &&
+			last[si].l_uf = uf;
-				    si == priors)
+			if (!SOCK_UNSPEC(&addr[si]) && si == priors)
-					priors++;
+				priors++;
 			}
 		} else if (1 == sscanf(v->text, addr_fmt, &si) &&
 			   (size_t)si < COUNTOF(addr)) {
-			if (decodenetnum(val, &addr[si])
+			if (!decodenetnum(val, &addr[si]))
-			    && last[si].l_ui && last[si].l_uf &&
+				goto blooper;
-			    si == priors)
+			if (last[si].l_ui && last[si].l_uf && si == priors)
 				priors++;
 		} else {
 			DPRINTF(1, ("read_mru_list: invalid key item: '%s' (ignored)\n",
 				    v->text));
 			continue;
 		blooper:
 			DPRINTF(1, ("read_mru_list: invalid param for '%s': '%s' (bailing)\n",
 				    v->text, val));
 			free(pnonce);
 			pnonce = NULL;
 			break;
 		}
 	}
 	free_varlist(in_parms);
@ -4997,6 +5030,22 @@ report_event(
 	if (num_ctl_traps <= 0)
 		return;
 	/* [Bug 3119]
 	 * Peer Events should be associated with a peer -- hence the
 	 * name. But there are instances where this function is called
 	 * *without* a valid peer. This happens e.g. with an unsolicited
 	 * CryptoNAK, or when a leap second alarm is going off while
 	 * currently without a system peer.
 	 *
 	 * The most sensible approach to this seems to bail out here if
 	 * this happens. Avoiding to call this function would also
 	 * bypass the log reporting in the first part of this function,
 	 * and this is probably not the best of all options.
 	 *   -*-perlinger@ntp.org-*-
 	 */
 	if ((err & PEER_EVENT) && !peer)
 		return;
 	/*
 	 * Set up the outgoing packet variables
 	 */
@ -5013,15 +5062,14 @@ report_event(
 		/* Include the core system variables and the list. */
 		for (i = 1; i <= CS_VARLIST; i++)
 			ctl_putsys(i);
-	} else {
+	} else if (NULL != peer) { /* paranoia -- skip output */
 		INSIST(peer != NULL);
 		rpkt.associd = htons(peer->associd);
 		rpkt.status = htons(ctlpeerstatus(peer));
 		/* Dump it all. Later, maybe less. */
 		for (i = 1; i <= CP_MAX_NOAUTOKEY; i++)
 			ctl_putpeer(i, peer);
-#ifdef REFCLOCK
+#	    ifdef REFCLOCK
 		/*
 		 * for clock exception events: add clock variables to
 		 * reflect info on exception
@ -5047,7 +5095,7 @@ report_event(
 						    FALSE);
 			free_varlist(cs.kv_list);
 		}
-#endif /* REFCLOCK */
+#	    endif /* REFCLOCK */
 	}
 	/*
--- a/contrib/ntp/ntpd/ntp_crypto.c
+++ b/contrib/ntp/ntpd/ntp_crypto.c
@ -22,13 +22,13 @@
 #include "ntp_calendar.h"
 #include "ntp_leapsec.h"
 #include "openssl/asn1_mac.h"
 #include "openssl/bn.h"
 #include "openssl/err.h"
 #include "openssl/evp.h"
 #include "openssl/pem.h"
 #include "openssl/rand.h"
 #include "openssl/x509v3.h"
 #include "libssl_compat.h"
 #ifdef KERNEL_PLL
 #include "ntp_syscall.h"
@ -230,7 +230,7 @@ session_key(
 	u_long	lifetime 	/* key lifetime */
 	)
 {
-	EVP_MD_CTX ctx;		/* message digest context */
+	EVP_MD_CTX *ctx;	/* message digest context */
 	u_char dgst[EVP_MAX_MD_SIZE]; /* message digest */
 	keyid_t	keyid;		/* key identifer */
 	u_int32	header[10];	/* data in network byte order */
@ -263,9 +263,11 @@ session_key(
 		hdlen = 10 * sizeof(u_int32);
 		break;
 	}
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(crypto_nid));
+	ctx = EVP_MD_CTX_new();
-	EVP_DigestUpdate(&ctx, (u_char *)header, hdlen);
+	EVP_DigestInit(ctx, EVP_get_digestbynid(crypto_nid));
-	EVP_DigestFinal(&ctx, dgst, &len);
+	EVP_DigestUpdate(ctx, (u_char *)header, hdlen);
 	EVP_DigestFinal(ctx, dgst, &len);
 	EVP_MD_CTX_free(ctx);
 	memcpy(&keyid, dgst, 4);
 	keyid = ntohl(keyid);
 	if (lifetime != 0) {
@ -299,7 +301,7 @@ make_keylist(
 	struct interface *dstadr /* interface */
 	)
 {
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	struct autokey *ap;	/* autokey pointer */
 	struct value *vp;	/* value pointer */
@ -377,14 +379,16 @@ make_keylist(
 	if (tstamp != 0) {
 		if (vp->sig == NULL)
 			vp->sig = emalloc(sign_siglen);
-		EVP_SignInit(&ctx, sign_digest);
+		ctx = EVP_MD_CTX_new();
-		EVP_SignUpdate(&ctx, (u_char *)vp, 12);
+		EVP_SignInit(ctx, sign_digest);
-		EVP_SignUpdate(&ctx, vp->ptr, sizeof(struct autokey));
+		EVP_SignUpdate(ctx, (u_char *)vp, 12);
-		if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+		EVP_SignUpdate(ctx, vp->ptr, sizeof(struct autokey));
 		if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 			INSIST(len <= sign_siglen);
 			vp->siglen = htonl(len);
 			peer->flags |= FLAG_ASSOC;
 		}
 		EVP_MD_CTX_free(ctx);
 	}
 	DPRINTF(1, ("make_keys: %d %08x %08x ts %u fs %u poll %d\n",
 		    peer->keynumber, keyid, cookie, ntohl(vp->tstamp),
@ -820,8 +824,8 @@ crypto_recv(
 			 * errors.
 			 */
 			if (vallen == (u_int)EVP_PKEY_size(host_pkey)) {
-				u_int32 *cookiebuf = malloc(
+				RSA *rsa = EVP_PKEY_get0_RSA(host_pkey);
-				    RSA_size(host_pkey->pkey.rsa));
+				u_int32 *cookiebuf = malloc(RSA_size(rsa));
 				if (!cookiebuf) {
 					rval = XEVNT_CKY;
 					break;
@ -830,7 +834,7 @@ crypto_recv(
 				if (RSA_private_decrypt(vallen,
 				    (u_char *)ep->pkt,
 				    (u_char *)cookiebuf,
-				    host_pkey->pkey.rsa,
+				    rsa,
 				    RSA_PKCS1_OAEP_PADDING) != 4) {
 					rval = XEVNT_CKY;
 					free(cookiebuf);
@ -1421,7 +1425,7 @@ crypto_verify(
 	)
 {
 	EVP_PKEY *pkey;		/* server public key */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp, tstamp1 = 0; /* timestamp */
 	tstamp_t fstamp, fstamp1 = 0; /* filestamp */
 	u_int	vallen;		/* value length */
@ -1533,12 +1537,16 @@ crypto_verify(
 	 * signature. If the identity exchange is verified, light the
 	 * proventic bit. What a relief.
 	 */
-	EVP_VerifyInit(&ctx, peer->digest);
+	ctx = EVP_MD_CTX_new();
 	EVP_VerifyInit(ctx, peer->digest);
 	/* XXX: the "+ 12" needs to be at least documented... */
-	EVP_VerifyUpdate(&ctx, (u_char *)&ep->tstamp, vallen + 12);
+	EVP_VerifyUpdate(ctx, (u_char *)&ep->tstamp, vallen + 12);
-	if (EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen,
+	if (EVP_VerifyFinal(ctx, (u_char *)&ep->pkt[i], siglen,
-	    pkey) <= 0)
+	    pkey) <= 0) {
 		EVP_MD_CTX_free(ctx);
 		return (XEVNT_SIG);
 	}
 	EVP_MD_CTX_free(ctx);
 	if (peer->crypto & CRYPTO_FLAG_VRFY)
 		peer->crypto |= CRYPTO_FLAG_PROV;
@ -1564,7 +1572,7 @@ crypto_encrypt(
 	)
 {
 	EVP_PKEY *pkey;		/* public key */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	u_int32	temp32;
 	u_char *puch;
@ -1592,7 +1600,7 @@ crypto_encrypt(
 	puch = vp->ptr;
 	temp32 = htonl(*cookie);
 	if (RSA_public_encrypt(4, (u_char *)&temp32, puch,
-	    pkey->pkey.rsa, RSA_PKCS1_OAEP_PADDING) <= 0) {
+	    EVP_PKEY_get0_RSA(pkey), RSA_PKCS1_OAEP_PADDING) <= 0) {
 		msyslog(LOG_ERR, "crypto_encrypt: %s",
 		    ERR_error_string(ERR_get_error(), NULL));
 		free(vp->ptr);
@ -1604,13 +1612,15 @@ crypto_encrypt(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, vallen);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &vallen, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, vallen);
 	if (EVP_SignFinal(ctx, vp->sig, &vallen, sign_pkey)) {
 		INSIST(vallen <= sign_siglen);
 		vp->siglen = htonl(vallen);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -1817,7 +1827,7 @@ crypto_send(
 void
 crypto_update(void)
 {
-	EVP_MD_CTX ctx;		/* message digest context */
+	EVP_MD_CTX *ctx;	/* message digest context */
 	struct cert_info *cp;	/* certificate info/value */
 	char	statstr[NTP_MAXSTRLEN]; /* statistics for filegen */
 	u_int32	*ptr;
@ -1828,6 +1838,8 @@ crypto_update(void)
 	if (hostval.tstamp == 0)
 		return;
 	ctx = EVP_MD_CTX_new();
 	/*
 	 * Sign public key and timestamps. The filestamp is derived from
 	 * the host key file extension from wherever the file was
@ -1838,10 +1850,10 @@ crypto_update(void)
 		pubkey.siglen = 0;
 		if (pubkey.sig == NULL)
 			pubkey.sig = emalloc(sign_siglen);
-		EVP_SignInit(&ctx, sign_digest);
+		EVP_SignInit(ctx, sign_digest);
-		EVP_SignUpdate(&ctx, (u_char *)&pubkey, 12);
+		EVP_SignUpdate(ctx, (u_char *)&pubkey, 12);
-		EVP_SignUpdate(&ctx, pubkey.ptr, ntohl(pubkey.vallen));
+		EVP_SignUpdate(ctx, pubkey.ptr, ntohl(pubkey.vallen));
-		if (EVP_SignFinal(&ctx, pubkey.sig, &len, sign_pkey)) {
+		if (EVP_SignFinal(ctx, pubkey.sig, &len, sign_pkey)) {
 			INSIST(len <= sign_siglen);
 			pubkey.siglen = htonl(len);
 		}
@ -1858,11 +1870,11 @@ crypto_update(void)
 		cp->cert.siglen = 0;
 		if (cp->cert.sig == NULL)
 			cp->cert.sig = emalloc(sign_siglen);
-		EVP_SignInit(&ctx, sign_digest);
+		EVP_SignInit(ctx, sign_digest);
-		EVP_SignUpdate(&ctx, (u_char *)&cp->cert, 12);
+		EVP_SignUpdate(ctx, (u_char *)&cp->cert, 12);
-		EVP_SignUpdate(&ctx, cp->cert.ptr,
+		EVP_SignUpdate(ctx, cp->cert.ptr,
 		    ntohl(cp->cert.vallen));
-		if (EVP_SignFinal(&ctx, cp->cert.sig, &len, sign_pkey)) {
+		if (EVP_SignFinal(ctx, cp->cert.sig, &len, sign_pkey)) {
 			INSIST(len <= sign_siglen);
 			cp->cert.siglen = htonl(len);
 		}
@ -1909,10 +1921,10 @@ crypto_update(void)
 	}
 	if (tai_leap.sig == NULL)
 		tai_leap.sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, (u_char *)&tai_leap, 12);
+	EVP_SignUpdate(ctx, (u_char *)&tai_leap, 12);
-	EVP_SignUpdate(&ctx, tai_leap.ptr, len);
+	EVP_SignUpdate(ctx, tai_leap.ptr, len);
-	if (EVP_SignFinal(&ctx, tai_leap.sig, &len, sign_pkey)) {
+	if (EVP_SignFinal(ctx, tai_leap.sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		tai_leap.siglen = htonl(len);
 	}
@ -1922,6 +1934,7 @@ crypto_update(void)
 	    ntohl(hostval.tstamp)); 
 	record_crypto_stats(NULL, statstr);
 	DPRINTF(1, ("crypto_update: %s\n", statstr));
 	EVP_MD_CTX_free(ctx);
 }
 /*
@ -2061,7 +2074,7 @@ bighash(
 	BIGNUM	*bk		/* BIGNUM * to */
 	)
 {
-	EVP_MD_CTX ctx;		/* message digest context */
+	EVP_MD_CTX *ctx;	/* message digest context */
 	u_char dgst[EVP_MAX_MD_SIZE]; /* message digest */
 	u_char	*ptr;		/* a BIGNUM as binary string */
 	u_int	len;
@ -2069,9 +2082,11 @@ bighash(
 	len = BN_num_bytes(bn);
 	ptr = emalloc(len);
 	BN_bn2bin(bn, ptr);
-	EVP_DigestInit(&ctx, EVP_md5());
+	ctx = EVP_MD_CTX_new();
-	EVP_DigestUpdate(&ctx, ptr, len);
+	EVP_DigestInit(ctx, EVP_md5());
-	EVP_DigestFinal(&ctx, dgst, &len);
+	EVP_DigestUpdate(ctx, ptr, len);
 	EVP_DigestFinal(ctx, dgst, &len);
 	EVP_MD_CTX_free(ctx);
 	BN_bin2bn(dgst, len, bk);
 	free(ptr);
 }
@ -2139,9 +2154,10 @@ crypto_alice(
 {
 	DSA	*dsa;		/* IFF parameters */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;
 	u_int	len;
 	const BIGNUM *q;
 	/*
 	 * The identity parameters must have correct format and content.
@ -2151,7 +2167,7 @@ crypto_alice(
 		return (XEVNT_ID);
 	}
-	if ((dsa = peer->ident_pkey->pkey->pkey.dsa) == NULL) {
+	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice: defective key");
 		return (XEVNT_PUB);
 	}
@ -2162,10 +2178,11 @@ crypto_alice(
 	if (peer->iffval != NULL)
 		BN_free(peer->iffval);
 	peer->iffval = BN_new();
-	len = BN_num_bytes(dsa->q);
+	DSA_get0_pqg(dsa, NULL, &q, NULL);
 	len = BN_num_bytes(q);
 	BN_rand(peer->iffval, len * 8, -1, 1);	/* r mod q*/
 	bctx = BN_CTX_new();
-	BN_mod(peer->iffval, peer->iffval, dsa->q, bctx);
+	BN_mod(peer->iffval, peer->iffval, q, bctx);
 	BN_CTX_free(bctx);
 	/*
@ -2182,13 +2199,15 @@ crypto_alice(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2210,11 +2229,13 @@ crypto_bob(
 	DSA	*dsa;		/* IFF parameters */
 	DSA_SIG	*sdsa;		/* DSA signature context fake */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	BIGNUM	*bn, *bk, *r;
 	u_char	*ptr;
 	u_int	len;		/* extension field value length */
 	const BIGNUM *p, *q, *g;
 	const BIGNUM *priv_key;
 	/*
 	 * If the IFF parameters are not valid, something awful
@ -2224,7 +2245,9 @@ crypto_bob(
 		msyslog(LOG_NOTICE, "crypto_bob: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	dsa = iffkey_info->pkey->pkey.dsa;
+	dsa = EVP_PKEY_get0_DSA(iffkey_info->pkey);
 	DSA_get0_pqg(dsa, &p, &q, &g);
 	DSA_get0_key(dsa, NULL, &priv_key);
 	/*
 	 * Extract r from the challenge.
@ -2245,15 +2268,14 @@ crypto_bob(
 	bctx = BN_CTX_new(); bk = BN_new(); bn = BN_new();
 	sdsa = DSA_SIG_new();
 	BN_rand(bk, len * 8, -1, 1);		/* k */
-	BN_mod_mul(bn, dsa->priv_key, r, dsa->q, bctx); /* b r mod q */
+	BN_mod_mul(bn, priv_key, r, q, bctx); /* b r mod q */
 	BN_add(bn, bn, bk);
-	BN_mod(bn, bn, dsa->q, bctx);		/* k + b r mod q */
+	BN_mod(bn, bn, q, bctx);		/* k + b r mod q */
-	sdsa->r = BN_dup(bn);
+	BN_mod_exp(bk, g, bk, p, bctx); /* g^k mod p */
 	BN_mod_exp(bk, dsa->g, bk, dsa->p, bctx); /* g^k mod p */
 	bighash(bk, bk);
-	sdsa->s = BN_dup(bk);
+	DSA_SIG_set0(sdsa, bn, bk);
 	BN_CTX_free(bctx);
-	BN_free(r); BN_free(bn); BN_free(bk);
+	BN_free(r);
 #ifdef DEBUG
 	if (debug > 1)
 		DSA_print_fp(stdout, dsa, 0);
@ -2290,13 +2312,15 @@ crypto_bob(
 	/* XXX: more validation to make sure the sign fits... */
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2323,6 +2347,9 @@ crypto_iff(
 	u_int	len;
 	const u_char *ptr;
 	int	temp;
 	const BIGNUM *p, *g;
 	const BIGNUM *r, *s;
 	const BIGNUM *pub_key;
 	/*
 	 * If the IFF parameters are not valid or no challenge was sent,
@ -2337,7 +2364,7 @@ crypto_iff(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((dsa = peer->ident_pkey->pkey->pkey.dsa) == NULL) {
+	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_iff: defective key");
 		return (XEVNT_PUB);
 	}
@ -2362,15 +2389,18 @@ crypto_iff(
 	/*
 	 * Compute g^(k + b r) g^(q - b)r mod p.
 	 */
-	BN_mod_exp(bn, dsa->pub_key, peer->iffval, dsa->p, bctx);
+	DSA_get0_key(dsa, &pub_key, NULL);
-	BN_mod_exp(bk, dsa->g, sdsa->r, dsa->p, bctx);
+	DSA_get0_pqg(dsa, &p, NULL, &g);
-	BN_mod_mul(bn, bn, bk, dsa->p, bctx);
+	DSA_SIG_get0(sdsa, &r, &s);
 	BN_mod_exp(bn, pub_key, peer->iffval, p, bctx);
 	BN_mod_exp(bk, g, r, p, bctx);
 	BN_mod_mul(bn, bn, bk, p, bctx);
 	/*
 	 * Verify the hash of the result matches hash(x).
 	 */
 	bighash(bn, bn);
-	temp = BN_cmp(bn, sdsa->s);
+	temp = BN_cmp(bn, s);
 	BN_free(bn); BN_free(bk); BN_CTX_free(bctx);
 	BN_free(peer->iffval);
 	peer->iffval = NULL;
@ -2456,9 +2486,10 @@ crypto_alice2(
 {
 	RSA	*rsa;		/* GQ parameters */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;
 	u_int	len;
 	const BIGNUM *n;
 	/*
 	 * The identity parameters must have correct format and content.
@ -2466,7 +2497,7 @@ crypto_alice2(
 	if (peer->ident_pkey == NULL)
 		return (XEVNT_ID);
-	if ((rsa = peer->ident_pkey->pkey->pkey.rsa) == NULL) {
+	if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice2: defective key");
 		return (XEVNT_PUB);
 	}
@ -2477,10 +2508,11 @@ crypto_alice2(
 	if (peer->iffval != NULL)
 		BN_free(peer->iffval);
 	peer->iffval = BN_new();
-	len = BN_num_bytes(rsa->n);
+	RSA_get0_key(rsa, &n, NULL, NULL);
 	len = BN_num_bytes(n);
 	BN_rand(peer->iffval, len * 8, -1, 1);	/* r mod n */
 	bctx = BN_CTX_new();
-	BN_mod(peer->iffval, peer->iffval, rsa->n, bctx);
+	BN_mod(peer->iffval, peer->iffval, n, bctx);
 	BN_CTX_free(bctx);
 	/*
@ -2497,13 +2529,15 @@ crypto_alice2(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2525,12 +2559,13 @@ crypto_bob2(
 	RSA	*rsa;		/* GQ parameters */
 	DSA_SIG	*sdsa;		/* DSA parameters */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	BIGNUM	*r, *k, *g, *y;
 	u_char	*ptr;
 	u_int	len;
 	int	s_len;
 	const BIGNUM *n, *p, *e;
 	/*
 	 * If the GQ parameters are not valid, something awful
@ -2540,7 +2575,8 @@ crypto_bob2(
 		msyslog(LOG_NOTICE, "crypto_bob2: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	rsa = gqkey_info->pkey->pkey.rsa;
+	rsa = EVP_PKEY_get0_RSA(gqkey_info->pkey);
 	RSA_get0_key(rsa, &n, &p, &e);
 	/*
 	 * Extract r from the challenge.
@ -2561,15 +2597,14 @@ crypto_bob2(
 	bctx = BN_CTX_new(); k = BN_new(); g = BN_new(); y = BN_new();
 	sdsa = DSA_SIG_new();
 	BN_rand(k, len * 8, -1, 1);		/* k */
-	BN_mod(k, k, rsa->n, bctx);
+	BN_mod(k, k, n, bctx);
-	BN_mod_exp(y, rsa->p, r, rsa->n, bctx); /* u^r mod n */
+	BN_mod_exp(y, p, r, n, bctx); /* u^r mod n */
-	BN_mod_mul(y, k, y, rsa->n, bctx);	/* k u^r mod n */
+	BN_mod_mul(y, k, y, n, bctx);	/* k u^r mod n */
-	sdsa->r = BN_dup(y);
+	BN_mod_exp(g, k, e, n, bctx); /* k^b mod n */
 	BN_mod_exp(g, k, rsa->e, rsa->n, bctx); /* k^b mod n */
 	bighash(g, g);
-	sdsa->s = BN_dup(g);
+	DSA_SIG_set0(sdsa, y, g);
 	BN_CTX_free(bctx);
-	BN_free(r); BN_free(k); BN_free(g); BN_free(y);
+	BN_free(r); BN_free(k);
 #ifdef DEBUG
 	if (debug > 1)
 		RSA_print_fp(stdout, rsa, 0);
@ -2599,13 +2634,15 @@ crypto_bob2(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2633,6 +2670,8 @@ crypto_gq(
 	const u_char *ptr;
 	long	len;
 	u_int	temp;
 	const BIGNUM *n, *e;
 	const BIGNUM *r, *s;
 	/*
 	 * If the GQ parameters are not valid or no challenge was sent,
@ -2649,10 +2688,11 @@ crypto_gq(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((rsa = peer->ident_pkey->pkey->pkey.rsa) == NULL) {
+	if ((rsa = EVP_PKEY_get0_RSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_gq: defective key");
 		return (XEVNT_PUB);
 	}
 	RSA_get0_key(rsa, &n, NULL, &e);
 	if (peer->iffval == NULL) {
 		msyslog(LOG_NOTICE, "crypto_gq: missing challenge");
 		return (XEVNT_ID);
@ -2671,6 +2711,7 @@ crypto_gq(
 		    ERR_error_string(ERR_get_error(), NULL));
 		return (XEVNT_ERR);
 	}
 	DSA_SIG_get0(sdsa, &r, &s);
 	/*
 	 * Compute v^r y^b mod n.
@ -2679,16 +2720,16 @@ crypto_gq(
 		msyslog(LOG_NOTICE, "crypto_gq: missing group key");
 		return (XEVNT_ID);
 	}
-	BN_mod_exp(v, peer->grpkey, peer->iffval, rsa->n, bctx);
+	BN_mod_exp(v, peer->grpkey, peer->iffval, n, bctx);
 						/* v^r mod n */
-	BN_mod_exp(y, sdsa->r, rsa->e, rsa->n, bctx); /* y^b mod n */
+	BN_mod_exp(y, r, e, n, bctx); /* y^b mod n */
-	BN_mod_mul(y, v, y, rsa->n, bctx);	/* v^r y^b mod n */
+	BN_mod_mul(y, v, y, n, bctx);	/* v^r y^b mod n */
 	/*
 	 * Verify the hash of the result matches hash(x).
 	 */
 	bighash(y, y);
-	temp = BN_cmp(y, sdsa->s);
+	temp = BN_cmp(y, s);
 	BN_CTX_free(bctx); BN_free(y); BN_free(v);
 	BN_free(peer->iffval);
 	peer->iffval = NULL;
@ -2789,9 +2830,10 @@ crypto_alice3(
 {
 	DSA	*dsa;		/* MV parameters */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;
 	u_int	len;
 	const BIGNUM *p;
 	/*
 	 * The identity parameters must have correct format and content.
@ -2799,10 +2841,11 @@ crypto_alice3(
 	if (peer->ident_pkey == NULL)
 		return (XEVNT_ID);
-	if ((dsa = peer->ident_pkey->pkey->pkey.dsa) == NULL) {
+	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_alice3: defective key");
 		return (XEVNT_PUB);
 	}
 	DSA_get0_pqg(dsa, &p, NULL, NULL);
 	/*
 	 * Roll new random r (0 < r < q).
@ -2810,10 +2853,10 @@ crypto_alice3(
 	if (peer->iffval != NULL)
 		BN_free(peer->iffval);
 	peer->iffval = BN_new();
-	len = BN_num_bytes(dsa->p);
+	len = BN_num_bytes(p);
 	BN_rand(peer->iffval, len * 8, -1, 1);	/* r mod p */
 	bctx = BN_CTX_new();
-	BN_mod(peer->iffval, peer->iffval, dsa->p, bctx);
+	BN_mod(peer->iffval, peer->iffval, p, bctx);
 	BN_CTX_free(bctx);
 	/*
@ -2830,13 +2873,15 @@ crypto_alice3(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2857,11 +2902,14 @@ crypto_bob3(
 	DSA	*dsa;		/* MV parameters */
 	DSA	*sdsa;		/* DSA signature context fake */
 	BN_CTX	*bctx;		/* BIGNUM context */
-	EVP_MD_CTX ctx;		/* signature context */
+	EVP_MD_CTX *ctx;	/* signature context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	BIGNUM	*r, *k, *u;
 	u_char	*ptr;
 	u_int	len;
 	const BIGNUM *p, *q, *g;
 	const BIGNUM *pub_key, *priv_key;
 	BIGNUM *sp, *sq, *sg;
 	/*
 	 * If the MV parameters are not valid, something awful
@ -2871,7 +2919,9 @@ crypto_bob3(
 		msyslog(LOG_NOTICE, "crypto_bob3: scheme unavailable");
 		return (XEVNT_ID);
 	}
-	dsa = mvkey_info->pkey->pkey.dsa;
+	dsa = EVP_PKEY_get0_DSA(mvkey_info->pkey);
 	DSA_get0_pqg(dsa, &p, &q, &g);
 	DSA_get0_key(dsa, &pub_key, &priv_key);
 	/*
 	 * Extract r from the challenge.
@ -2892,18 +2942,20 @@ crypto_bob3(
 	 */
 	bctx = BN_CTX_new(); k = BN_new(); u = BN_new();
 	sdsa = DSA_new();
-	sdsa->p = BN_new(); sdsa->q = BN_new(); sdsa->g = BN_new();
+	sp = BN_new(); sq = BN_new(); sg = BN_new();
 	while (1) {
-		BN_rand(k, BN_num_bits(dsa->q), 0, 0);
+		BN_rand(k, BN_num_bits(q), 0, 0);
-		BN_mod(k, k, dsa->q, bctx);
+		BN_mod(k, k, q, bctx);
-		BN_gcd(u, k, dsa->q, bctx);
+		BN_gcd(u, k, q, bctx);
 		if (BN_is_one(u))
 			break;
 	}
-	BN_mod_exp(u, dsa->g, k, dsa->p, bctx); /* A^k r */
+	BN_mod_exp(u, g, k, p, bctx); /* A^k r */
-	BN_mod_mul(sdsa->p, u, r, dsa->p, bctx);
+	BN_mod_mul(sp, u, r, p, bctx);
-	BN_mod_exp(sdsa->q, dsa->priv_key, k, dsa->p, bctx); /* gbar */
+	BN_mod_exp(sq, priv_key, k, p, bctx); /* gbar */
-	BN_mod_exp(sdsa->g, dsa->pub_key, k, dsa->p, bctx); /* ghat */
+	BN_mod_exp(sg, pub_key, k, p, bctx); /* ghat */
 	DSA_set0_key(sdsa, BN_dup(pub_key), NULL);
 	DSA_set0_pqg(sdsa, sp, sq, sg);
 	BN_CTX_free(bctx); BN_free(k); BN_free(r); BN_free(u);
 #ifdef DEBUG
 	if (debug > 1)
@ -2934,13 +2986,15 @@ crypto_bob3(
 		return (XEVNT_OK);
 	vp->sig = emalloc(sign_siglen);
-	EVP_SignInit(&ctx, sign_digest);
+	ctx = EVP_MD_CTX_new();
-	EVP_SignUpdate(&ctx, (u_char *)&vp->tstamp, 12);
+	EVP_SignInit(ctx, sign_digest);
-	EVP_SignUpdate(&ctx, vp->ptr, len);
+	EVP_SignUpdate(ctx, (u_char *)&vp->tstamp, 12);
-	if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+	EVP_SignUpdate(ctx, vp->ptr, len);
 	if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 		INSIST(len <= sign_siglen);
 		vp->siglen = htonl(len);
 	}
 	EVP_MD_CTX_free(ctx);
 	return (XEVNT_OK);
 }
@ -2968,6 +3022,9 @@ crypto_mv(
 	u_int	len;
 	const u_char *ptr;
 	int	temp;
 	const BIGNUM *p;
 	const BIGNUM *pub_key, *priv_key;
 	const BIGNUM *sp, *sq, *sg;
 	/*
 	 * If the MV parameters are not valid or no challenge was sent,
@ -2982,10 +3039,12 @@ crypto_mv(
 		    ntohl(ep->fstamp));
 		return (XEVNT_FSP);
 	}
-	if ((dsa = peer->ident_pkey->pkey->pkey.dsa) == NULL) {
+	if ((dsa = EVP_PKEY_get0_DSA(peer->ident_pkey->pkey)) == NULL) {
 		msyslog(LOG_NOTICE, "crypto_mv: defective key");
 		return (XEVNT_PUB);
 	}
 	DSA_get0_pqg(dsa, &p, NULL, NULL);
 	DSA_get0_key(dsa, &pub_key, &priv_key);
 	if (peer->iffval == NULL) {
 		msyslog(LOG_NOTICE, "crypto_mv: missing challenge");
 		return (XEVNT_ID);
@ -3002,14 +3061,15 @@ crypto_mv(
 		    ERR_error_string(ERR_get_error(), NULL));
 		return (XEVNT_ERR);
 	}
 	DSA_get0_pqg(sdsa, &sp, &sq, &sg);
 	/*
 	 * Compute (gbar^xhat ghat^xbar) mod p.
 	 */
-	BN_mod_exp(u, sdsa->q, dsa->pub_key, dsa->p, bctx);
+	BN_mod_exp(u, sq, pub_key, p, bctx);
-	BN_mod_exp(v, sdsa->g, dsa->priv_key, dsa->p, bctx);
+	BN_mod_exp(v, sg, priv_key, p, bctx);
-	BN_mod_mul(u, u, v, dsa->p, bctx);
+	BN_mod_mul(u, u, v, p, bctx);
-	BN_mod_mul(u, u, sdsa->p, dsa->p, bctx);
+	BN_mod_mul(u, u, sp, p, bctx);
 	/*
 	 * The result should match r.
@ -3080,7 +3140,7 @@ cert_sign(
 	ASN1_INTEGER *serial;	/* serial number */
 	X509_NAME *subj;	/* distinguished (common) name */
 	EVP_PKEY *pkey;		/* public key */
-	EVP_MD_CTX ctx;		/* message digest context */
+	EVP_MD_CTX *ctx;	/* message digest context */
 	tstamp_t tstamp;	/* NTP timestamp */
 	struct calendar tscal;
 	u_int	len;
@ -3176,13 +3236,15 @@ cert_sign(
 	vp->siglen = 0;
 	if (tstamp != 0) {
 		vp->sig = emalloc(sign_siglen);
-		EVP_SignInit(&ctx, sign_digest);
+		ctx = EVP_MD_CTX_new();
-		EVP_SignUpdate(&ctx, (u_char *)vp, 12);
+		EVP_SignInit(ctx, sign_digest);
-		EVP_SignUpdate(&ctx, vp->ptr, len);
+		EVP_SignUpdate(ctx, (u_char *)vp, 12);
-		if (EVP_SignFinal(&ctx, vp->sig, &len, sign_pkey)) {
+		EVP_SignUpdate(ctx, vp->ptr, len);
 		if (EVP_SignFinal(ctx, vp->sig, &len, sign_pkey)) {
 			INSIST(len <= sign_siglen);
 			vp->siglen = htonl(len);
 		}
 		EVP_MD_CTX_free(ctx);
 	}
 #ifdef DEBUG
 	if (debug > 1)
@ -3368,13 +3430,12 @@ cert_parse(
 	)
 {
 	X509	*cert;		/* X509 certificate */
 	X509_EXTENSION *ext;	/* X509v3 extension */
 	struct cert_info *ret;	/* certificate info/value */
 	BIO	*bp;
 	char	pathbuf[MAXFILENAME];
 	const u_char *ptr;
 	char	*pch;
-	int	temp, cnt, i;
+	int	cnt, i;
 	struct calendar fscal;
 	/*
@ -3422,7 +3483,7 @@ cert_parse(
 	 * objects at this time, since the real crunch can happen only
 	 * when the time is valid but not yet certificated.
 	 */
-	ret->nid = OBJ_obj2nid(cert->cert_info->signature->algorithm);
+	ret->nid = X509_get_signature_nid(cert);
 	ret->digest = (const EVP_MD *)EVP_get_digestbynid(ret->nid);
 	ret->serial =
 	    (u_long)ASN1_INTEGER_get(X509_get_serialNumber(cert));
@ -3446,9 +3507,16 @@ cert_parse(
 	 */
 	cnt = X509_get_ext_count(cert);
 	for (i = 0; i < cnt; i++) {
 		X509_EXTENSION *ext;
 		ASN1_OBJECT *obj;
 		int nid;
 		ASN1_OCTET_STRING *data;
 		ext = X509_get_ext(cert, i);
-		temp = OBJ_obj2nid(ext->object);
+		obj = X509_EXTENSION_get_object(ext);
-		switch (temp) {
+		nid = OBJ_obj2nid(obj);
 		switch (nid) {
 		/*
 		 * If a key_usage field is present, we decode whether
@ -3466,7 +3534,7 @@ cert_parse(
 			else if (strcmp(pathbuf, "Private") == 0)
 				ret->flags |= CERT_PRIV;
 			DPRINTF(1, ("cert_parse: %s: %s\n",
-				    OBJ_nid2ln(temp), pathbuf));
+				    OBJ_nid2ln(nid), pathbuf));
 			break;
 		/*
@ -3474,12 +3542,13 @@ cert_parse(
 		 * contains the GQ public key.
 		 */
 		case NID_subject_key_identifier:
-			ret->grpkey = BN_bin2bn(&ext->value->data[2],
+			data = X509_EXTENSION_get_data(ext);
-			    ext->value->length - 2, NULL);
+			ret->grpkey = BN_bin2bn(&data->data[2],
 			    data->length - 2, NULL);
 			/* fall through */
 		default:
 			DPRINTF(1, ("cert_parse: %s\n",
-				    OBJ_nid2ln(temp)));
+				    OBJ_nid2ln(nid)));
 			break;
 		}
 	}
@ -3669,10 +3738,10 @@ crypto_key(
 	DPRINTF(1, ("crypto_key: %s\n", statstr));
 #ifdef DEBUG
 	if (debug > 1) {
-		if (pkey->type == EVP_PKEY_DSA)
+		if (EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA)
-			DSA_print_fp(stdout, pkey->pkey.dsa, 0);
+			DSA_print_fp(stdout, EVP_PKEY_get0_DSA(pkey), 0);
-		else if (pkey->type == EVP_PKEY_RSA)
+		else if (EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA)
-			RSA_print_fp(stdout, pkey->pkey.rsa, 0);
+			RSA_print_fp(stdout, EVP_PKEY_get0_RSA(pkey), 0);
 	}
 #endif
 	return (pkp);
@ -3882,7 +3951,7 @@ crypto_setup(void)
 		    filename);
 		exit (-1);
 	}
-	if (pinfo->pkey->type != EVP_PKEY_RSA) {
+	if (EVP_PKEY_base_id(pinfo->pkey) != EVP_PKEY_RSA) {
 		msyslog(LOG_ERR,
 		    "crypto_setup: host key is not RSA key type");
 		exit (-1);
--- a/contrib/ntp/ntpd/ntp_keyword.h
+++ b/contrib/ntp/ntpd/ntp_keyword.h
--- a/contrib/ntp/ntpd/ntp_loopfilter.c
+++ b/contrib/ntp/ntpd/ntp_loopfilter.c
@ -701,9 +701,10 @@ local_clock(
 				 * where the FLL becomes effective.
 				 */
 				if (sys_poll >= allan_xpt)
-					clock_frequency += (fp_offset -
+					clock_frequency +=
-					    clock_offset) / max(ULOGTOD(sys_poll),
+					      (fp_offset - clock_offset)
-					    mu) * CLOCK_FLL;
+					    / ( max(ULOGTOD(sys_poll), mu)
 					       * CLOCK_FLL);
 				/*
 				 * The PLL frequency gain (numerator) depends on
@ -713,8 +714,8 @@ local_clock(
 				 */
 				etemp = min(ULOGTOD(allan_xpt), mu);
 				dtemp = 4 * CLOCK_PLL * ULOGTOD(sys_poll);
-				clock_frequency += fp_offset * etemp / (dtemp *
+				clock_frequency +=
-				    dtemp);
+				    fp_offset * etemp / (dtemp * dtemp);
 			}
 			rstclock(EVNT_SYNC, fp_offset);
 			if (fabs(fp_offset) < CLOCK_FLOOR)
--- a/contrib/ntp/ntpd/ntp_parser.c
+++ b/contrib/ntp/ntpd/ntp_parser.c
--- a/contrib/ntp/ntpd/ntp_parser.h
+++ b/contrib/ntp/ntpd/ntp_parser.h
@ -55,191 +55,192 @@ extern int yydebug;
    T_Automax = 265,
    T_Average = 266,
    T_Bclient = 267,
-    T_Beacon = 268,
+    T_Bcpollbstep = 268,
-    T_Broadcast = 269,
+    T_Beacon = 269,
-    T_Broadcastclient = 270,
+    T_Broadcast = 270,
-    T_Broadcastdelay = 271,
+    T_Broadcastclient = 271,
-    T_Burst = 272,
+    T_Broadcastdelay = 272,
-    T_Calibrate = 273,
+    T_Burst = 273,
-    T_Ceiling = 274,
+    T_Calibrate = 274,
-    T_Clockstats = 275,
+    T_Ceiling = 275,
-    T_Cohort = 276,
+    T_Clockstats = 276,
-    T_ControlKey = 277,
+    T_Cohort = 277,
-    T_Crypto = 278,
+    T_ControlKey = 278,
-    T_Cryptostats = 279,
+    T_Crypto = 279,
-    T_Ctl = 280,
+    T_Cryptostats = 280,
-    T_Day = 281,
+    T_Ctl = 281,
-    T_Default = 282,
+    T_Day = 282,
-    T_Digest = 283,
+    T_Default = 283,
-    T_Disable = 284,
+    T_Digest = 284,
-    T_Discard = 285,
+    T_Disable = 285,
-    T_Dispersion = 286,
+    T_Discard = 286,
-    T_Double = 287,
+    T_Dispersion = 287,
-    T_Driftfile = 288,
+    T_Double = 288,
-    T_Drop = 289,
+    T_Driftfile = 289,
-    T_Dscp = 290,
+    T_Drop = 290,
-    T_Ellipsis = 291,
+    T_Dscp = 291,
-    T_Enable = 292,
+    T_Ellipsis = 292,
-    T_End = 293,
+    T_Enable = 293,
-    T_False = 294,
+    T_End = 294,
-    T_File = 295,
+    T_False = 295,
-    T_Filegen = 296,
+    T_File = 296,
-    T_Filenum = 297,
+    T_Filegen = 297,
-    T_Flag1 = 298,
+    T_Filenum = 298,
-    T_Flag2 = 299,
+    T_Flag1 = 299,
-    T_Flag3 = 300,
+    T_Flag2 = 300,
-    T_Flag4 = 301,
+    T_Flag3 = 301,
-    T_Flake = 302,
+    T_Flag4 = 302,
-    T_Floor = 303,
+    T_Flake = 303,
-    T_Freq = 304,
+    T_Floor = 304,
-    T_Fudge = 305,
+    T_Freq = 305,
-    T_Host = 306,
+    T_Fudge = 306,
-    T_Huffpuff = 307,
+    T_Host = 307,
-    T_Iburst = 308,
+    T_Huffpuff = 308,
-    T_Ident = 309,
+    T_Iburst = 309,
-    T_Ignore = 310,
+    T_Ident = 310,
-    T_Incalloc = 311,
+    T_Ignore = 311,
-    T_Incmem = 312,
+    T_Incalloc = 312,
-    T_Initalloc = 313,
+    T_Incmem = 313,
-    T_Initmem = 314,
+    T_Initalloc = 314,
-    T_Includefile = 315,
+    T_Initmem = 315,
-    T_Integer = 316,
+    T_Includefile = 316,
-    T_Interface = 317,
+    T_Integer = 317,
-    T_Intrange = 318,
+    T_Interface = 318,
-    T_Io = 319,
+    T_Intrange = 319,
-    T_Ipv4 = 320,
+    T_Io = 320,
-    T_Ipv4_flag = 321,
+    T_Ipv4 = 321,
-    T_Ipv6 = 322,
+    T_Ipv4_flag = 322,
-    T_Ipv6_flag = 323,
+    T_Ipv6 = 323,
-    T_Kernel = 324,
+    T_Ipv6_flag = 324,
-    T_Key = 325,
+    T_Kernel = 325,
-    T_Keys = 326,
+    T_Key = 326,
-    T_Keysdir = 327,
+    T_Keys = 327,
-    T_Kod = 328,
+    T_Keysdir = 328,
-    T_Mssntp = 329,
+    T_Kod = 329,
-    T_Leapfile = 330,
+    T_Mssntp = 330,
-    T_Leapsmearinterval = 331,
+    T_Leapfile = 331,
-    T_Limited = 332,
+    T_Leapsmearinterval = 332,
-    T_Link = 333,
+    T_Limited = 333,
-    T_Listen = 334,
+    T_Link = 334,
-    T_Logconfig = 335,
+    T_Listen = 335,
-    T_Logfile = 336,
+    T_Logconfig = 336,
-    T_Loopstats = 337,
+    T_Logfile = 337,
-    T_Lowpriotrap = 338,
+    T_Loopstats = 338,
-    T_Manycastclient = 339,
+    T_Lowpriotrap = 339,
-    T_Manycastserver = 340,
+    T_Manycastclient = 340,
-    T_Mask = 341,
+    T_Manycastserver = 341,
-    T_Maxage = 342,
+    T_Mask = 342,
-    T_Maxclock = 343,
+    T_Maxage = 343,
-    T_Maxdepth = 344,
+    T_Maxclock = 344,
-    T_Maxdist = 345,
+    T_Maxdepth = 345,
-    T_Maxmem = 346,
+    T_Maxdist = 346,
-    T_Maxpoll = 347,
+    T_Maxmem = 347,
-    T_Mdnstries = 348,
+    T_Maxpoll = 348,
-    T_Mem = 349,
+    T_Mdnstries = 349,
-    T_Memlock = 350,
+    T_Mem = 350,
-    T_Minclock = 351,
+    T_Memlock = 351,
-    T_Mindepth = 352,
+    T_Minclock = 352,
-    T_Mindist = 353,
+    T_Mindepth = 353,
-    T_Minimum = 354,
+    T_Mindist = 354,
-    T_Minpoll = 355,
+    T_Minimum = 355,
-    T_Minsane = 356,
+    T_Minpoll = 356,
-    T_Mode = 357,
+    T_Minsane = 357,
-    T_Mode7 = 358,
+    T_Mode = 358,
-    T_Monitor = 359,
+    T_Mode7 = 359,
-    T_Month = 360,
+    T_Monitor = 360,
-    T_Mru = 361,
+    T_Month = 361,
-    T_Multicastclient = 362,
+    T_Mru = 362,
-    T_Nic = 363,
+    T_Multicastclient = 363,
-    T_Nolink = 364,
+    T_Nic = 364,
-    T_Nomodify = 365,
+    T_Nolink = 365,
-    T_Nomrulist = 366,
+    T_Nomodify = 366,
-    T_None = 367,
+    T_Nomrulist = 367,
-    T_Nonvolatile = 368,
+    T_None = 368,
-    T_Nopeer = 369,
+    T_Nonvolatile = 369,
-    T_Noquery = 370,
+    T_Nopeer = 370,
-    T_Noselect = 371,
+    T_Noquery = 371,
-    T_Noserve = 372,
+    T_Noselect = 372,
-    T_Notrap = 373,
+    T_Noserve = 373,
-    T_Notrust = 374,
+    T_Notrap = 374,
-    T_Ntp = 375,
+    T_Notrust = 375,
-    T_Ntpport = 376,
+    T_Ntp = 376,
-    T_NtpSignDsocket = 377,
+    T_Ntpport = 377,
-    T_Orphan = 378,
+    T_NtpSignDsocket = 378,
-    T_Orphanwait = 379,
+    T_Orphan = 379,
-    T_PCEdigest = 380,
+    T_Orphanwait = 380,
-    T_Panic = 381,
+    T_PCEdigest = 381,
-    T_Peer = 382,
+    T_Panic = 382,
-    T_Peerstats = 383,
+    T_Peer = 383,
-    T_Phone = 384,
+    T_Peerstats = 384,
-    T_Pid = 385,
+    T_Phone = 385,
-    T_Pidfile = 386,
+    T_Pid = 386,
-    T_Pool = 387,
+    T_Pidfile = 387,
-    T_Port = 388,
+    T_Pool = 388,
-    T_Preempt = 389,
+    T_Port = 389,
-    T_Prefer = 390,
+    T_Preempt = 390,
-    T_Protostats = 391,
+    T_Prefer = 391,
-    T_Pw = 392,
+    T_Protostats = 392,
-    T_Randfile = 393,
+    T_Pw = 393,
-    T_Rawstats = 394,
+    T_Randfile = 394,
-    T_Refid = 395,
+    T_Rawstats = 395,
-    T_Requestkey = 396,
+    T_Refid = 396,
-    T_Reset = 397,
+    T_Requestkey = 397,
-    T_Restrict = 398,
+    T_Reset = 398,
-    T_Revoke = 399,
+    T_Restrict = 399,
-    T_Rlimit = 400,
+    T_Revoke = 400,
-    T_Saveconfigdir = 401,
+    T_Rlimit = 401,
-    T_Server = 402,
+    T_Saveconfigdir = 402,
-    T_Setvar = 403,
+    T_Server = 403,
-    T_Source = 404,
+    T_Setvar = 404,
-    T_Stacksize = 405,
+    T_Source = 405,
-    T_Statistics = 406,
+    T_Stacksize = 406,
-    T_Stats = 407,
+    T_Statistics = 407,
-    T_Statsdir = 408,
+    T_Stats = 408,
-    T_Step = 409,
+    T_Statsdir = 409,
-    T_Stepback = 410,
+    T_Step = 410,
-    T_Stepfwd = 411,
+    T_Stepback = 411,
-    T_Stepout = 412,
+    T_Stepfwd = 412,
-    T_Stratum = 413,
+    T_Stepout = 413,
-    T_String = 414,
+    T_Stratum = 414,
-    T_Sys = 415,
+    T_String = 415,
-    T_Sysstats = 416,
+    T_Sys = 416,
-    T_Tick = 417,
+    T_Sysstats = 417,
-    T_Time1 = 418,
+    T_Tick = 418,
-    T_Time2 = 419,
+    T_Time1 = 419,
-    T_Timer = 420,
+    T_Time2 = 420,
-    T_Timingstats = 421,
+    T_Timer = 421,
-    T_Tinker = 422,
+    T_Timingstats = 422,
-    T_Tos = 423,
+    T_Tinker = 423,
-    T_Trap = 424,
+    T_Tos = 424,
-    T_True = 425,
+    T_Trap = 425,
-    T_Trustedkey = 426,
+    T_True = 426,
-    T_Ttl = 427,
+    T_Trustedkey = 427,
-    T_Type = 428,
+    T_Ttl = 428,
-    T_U_int = 429,
+    T_Type = 429,
-    T_UEcrypto = 430,
+    T_U_int = 430,
-    T_UEcryptonak = 431,
+    T_UEcrypto = 431,
-    T_UEdigest = 432,
+    T_UEcryptonak = 432,
-    T_Unconfig = 433,
+    T_UEdigest = 433,
-    T_Unpeer = 434,
+    T_Unconfig = 434,
-    T_Version = 435,
+    T_Unpeer = 435,
-    T_WanderThreshold = 436,
+    T_Version = 436,
-    T_Week = 437,
+    T_WanderThreshold = 437,
-    T_Wildcard = 438,
+    T_Week = 438,
-    T_Xleave = 439,
+    T_Wildcard = 439,
-    T_Year = 440,
+    T_Xleave = 440,
-    T_Flag = 441,
+    T_Year = 441,
-    T_EOC = 442,
+    T_Flag = 442,
-    T_Simulate = 443,
+    T_EOC = 443,
-    T_Beep_Delay = 444,
+    T_Simulate = 444,
-    T_Sim_Duration = 445,
+    T_Beep_Delay = 445,
-    T_Server_Offset = 446,
+    T_Sim_Duration = 446,
-    T_Duration = 447,
+    T_Server_Offset = 447,
-    T_Freq_Offset = 448,
+    T_Duration = 448,
-    T_Wander = 449,
+    T_Freq_Offset = 449,
-    T_Jitter = 450,
+    T_Wander = 450,
-    T_Prop_Delay = 451,
+    T_Jitter = 451,
-    T_Proc_Delay = 452
+    T_Prop_Delay = 452,
    T_Proc_Delay = 453
  };
 #endif
 /* Tokens.  */
@ -253,191 +254,192 @@ extern int yydebug;
 #define T_Automax 265
 #define T_Average 266
 #define T_Bclient 267
-#define T_Beacon 268
+#define T_Bcpollbstep 268
-#define T_Broadcast 269
+#define T_Beacon 269
-#define T_Broadcastclient 270
+#define T_Broadcast 270
-#define T_Broadcastdelay 271
+#define T_Broadcastclient 271
-#define T_Burst 272
+#define T_Broadcastdelay 272
-#define T_Calibrate 273
+#define T_Burst 273
-#define T_Ceiling 274
+#define T_Calibrate 274
-#define T_Clockstats 275
+#define T_Ceiling 275
-#define T_Cohort 276
+#define T_Clockstats 276
-#define T_ControlKey 277
+#define T_Cohort 277
-#define T_Crypto 278
+#define T_ControlKey 278
-#define T_Cryptostats 279
+#define T_Crypto 279
-#define T_Ctl 280
+#define T_Cryptostats 280
-#define T_Day 281
+#define T_Ctl 281
-#define T_Default 282
+#define T_Day 282
-#define T_Digest 283
+#define T_Default 283
-#define T_Disable 284
+#define T_Digest 284
-#define T_Discard 285
+#define T_Disable 285
-#define T_Dispersion 286
+#define T_Discard 286
-#define T_Double 287
+#define T_Dispersion 287
-#define T_Driftfile 288
+#define T_Double 288
-#define T_Drop 289
+#define T_Driftfile 289
-#define T_Dscp 290
+#define T_Drop 290
-#define T_Ellipsis 291
+#define T_Dscp 291
-#define T_Enable 292
+#define T_Ellipsis 292
-#define T_End 293
+#define T_Enable 293
-#define T_False 294
+#define T_End 294
-#define T_File 295
+#define T_False 295
-#define T_Filegen 296
+#define T_File 296
-#define T_Filenum 297
+#define T_Filegen 297
-#define T_Flag1 298
+#define T_Filenum 298
-#define T_Flag2 299
+#define T_Flag1 299
-#define T_Flag3 300
+#define T_Flag2 300
-#define T_Flag4 301
+#define T_Flag3 301
-#define T_Flake 302
+#define T_Flag4 302
-#define T_Floor 303
+#define T_Flake 303
-#define T_Freq 304
+#define T_Floor 304
-#define T_Fudge 305
+#define T_Freq 305
-#define T_Host 306
+#define T_Fudge 306
-#define T_Huffpuff 307
+#define T_Host 307
-#define T_Iburst 308
+#define T_Huffpuff 308
-#define T_Ident 309
+#define T_Iburst 309
-#define T_Ignore 310
+#define T_Ident 310
-#define T_Incalloc 311
+#define T_Ignore 311
-#define T_Incmem 312
+#define T_Incalloc 312
-#define T_Initalloc 313
+#define T_Incmem 313
-#define T_Initmem 314
+#define T_Initalloc 314
-#define T_Includefile 315
+#define T_Initmem 315
-#define T_Integer 316
+#define T_Includefile 316
-#define T_Interface 317
+#define T_Integer 317
-#define T_Intrange 318
+#define T_Interface 318
-#define T_Io 319
+#define T_Intrange 319
-#define T_Ipv4 320
+#define T_Io 320
-#define T_Ipv4_flag 321
+#define T_Ipv4 321
-#define T_Ipv6 322
+#define T_Ipv4_flag 322
-#define T_Ipv6_flag 323
+#define T_Ipv6 323
-#define T_Kernel 324
+#define T_Ipv6_flag 324
-#define T_Key 325
+#define T_Kernel 325
-#define T_Keys 326
+#define T_Key 326
-#define T_Keysdir 327
+#define T_Keys 327
-#define T_Kod 328
+#define T_Keysdir 328
-#define T_Mssntp 329
+#define T_Kod 329
-#define T_Leapfile 330
+#define T_Mssntp 330
-#define T_Leapsmearinterval 331
+#define T_Leapfile 331
-#define T_Limited 332
+#define T_Leapsmearinterval 332
-#define T_Link 333
+#define T_Limited 333
-#define T_Listen 334
+#define T_Link 334
-#define T_Logconfig 335
+#define T_Listen 335
-#define T_Logfile 336
+#define T_Logconfig 336
-#define T_Loopstats 337
+#define T_Logfile 337
-#define T_Lowpriotrap 338
+#define T_Loopstats 338
-#define T_Manycastclient 339
+#define T_Lowpriotrap 339
-#define T_Manycastserver 340
+#define T_Manycastclient 340
-#define T_Mask 341
+#define T_Manycastserver 341
-#define T_Maxage 342
+#define T_Mask 342
-#define T_Maxclock 343
+#define T_Maxage 343
-#define T_Maxdepth 344
+#define T_Maxclock 344
-#define T_Maxdist 345
+#define T_Maxdepth 345
-#define T_Maxmem 346
+#define T_Maxdist 346
-#define T_Maxpoll 347
+#define T_Maxmem 347
-#define T_Mdnstries 348
+#define T_Maxpoll 348
-#define T_Mem 349
+#define T_Mdnstries 349
-#define T_Memlock 350
+#define T_Mem 350
-#define T_Minclock 351
+#define T_Memlock 351
-#define T_Mindepth 352
+#define T_Minclock 352
-#define T_Mindist 353
+#define T_Mindepth 353
-#define T_Minimum 354
+#define T_Mindist 354
-#define T_Minpoll 355
+#define T_Minimum 355
-#define T_Minsane 356
+#define T_Minpoll 356
-#define T_Mode 357
+#define T_Minsane 357
-#define T_Mode7 358
+#define T_Mode 358
-#define T_Monitor 359
+#define T_Mode7 359
-#define T_Month 360
+#define T_Monitor 360
-#define T_Mru 361
+#define T_Month 361
-#define T_Multicastclient 362
+#define T_Mru 362
-#define T_Nic 363
+#define T_Multicastclient 363
-#define T_Nolink 364
+#define T_Nic 364
-#define T_Nomodify 365
+#define T_Nolink 365
-#define T_Nomrulist 366
+#define T_Nomodify 366
-#define T_None 367
+#define T_Nomrulist 367
-#define T_Nonvolatile 368
+#define T_None 368
-#define T_Nopeer 369
+#define T_Nonvolatile 369
-#define T_Noquery 370
+#define T_Nopeer 370
-#define T_Noselect 371
+#define T_Noquery 371
-#define T_Noserve 372
+#define T_Noselect 372
-#define T_Notrap 373
+#define T_Noserve 373
-#define T_Notrust 374
+#define T_Notrap 374
-#define T_Ntp 375
+#define T_Notrust 375
-#define T_Ntpport 376
+#define T_Ntp 376
-#define T_NtpSignDsocket 377
+#define T_Ntpport 377
-#define T_Orphan 378
+#define T_NtpSignDsocket 378
-#define T_Orphanwait 379
+#define T_Orphan 379
-#define T_PCEdigest 380
+#define T_Orphanwait 380
-#define T_Panic 381
+#define T_PCEdigest 381
-#define T_Peer 382
+#define T_Panic 382
-#define T_Peerstats 383
+#define T_Peer 383
-#define T_Phone 384
+#define T_Peerstats 384
-#define T_Pid 385
+#define T_Phone 385
-#define T_Pidfile 386
+#define T_Pid 386
-#define T_Pool 387
+#define T_Pidfile 387
-#define T_Port 388
+#define T_Pool 388
-#define T_Preempt 389
+#define T_Port 389
-#define T_Prefer 390
+#define T_Preempt 390
-#define T_Protostats 391
+#define T_Prefer 391
-#define T_Pw 392
+#define T_Protostats 392
-#define T_Randfile 393
+#define T_Pw 393
-#define T_Rawstats 394
+#define T_Randfile 394
-#define T_Refid 395
+#define T_Rawstats 395
-#define T_Requestkey 396
+#define T_Refid 396
-#define T_Reset 397
+#define T_Requestkey 397
-#define T_Restrict 398
+#define T_Reset 398
-#define T_Revoke 399
+#define T_Restrict 399
-#define T_Rlimit 400
+#define T_Revoke 400
-#define T_Saveconfigdir 401
+#define T_Rlimit 401
-#define T_Server 402
+#define T_Saveconfigdir 402
-#define T_Setvar 403
+#define T_Server 403
-#define T_Source 404
+#define T_Setvar 404
-#define T_Stacksize 405
+#define T_Source 405
-#define T_Statistics 406
+#define T_Stacksize 406
-#define T_Stats 407
+#define T_Statistics 407
-#define T_Statsdir 408
+#define T_Stats 408
-#define T_Step 409
+#define T_Statsdir 409
-#define T_Stepback 410
+#define T_Step 410
-#define T_Stepfwd 411
+#define T_Stepback 411
-#define T_Stepout 412
+#define T_Stepfwd 412
-#define T_Stratum 413
+#define T_Stepout 413
-#define T_String 414
+#define T_Stratum 414
-#define T_Sys 415
+#define T_String 415
-#define T_Sysstats 416
+#define T_Sys 416
-#define T_Tick 417
+#define T_Sysstats 417
-#define T_Time1 418
+#define T_Tick 418
-#define T_Time2 419
+#define T_Time1 419
-#define T_Timer 420
+#define T_Time2 420
-#define T_Timingstats 421
+#define T_Timer 421
-#define T_Tinker 422
+#define T_Timingstats 422
-#define T_Tos 423
+#define T_Tinker 423
-#define T_Trap 424
+#define T_Tos 424
-#define T_True 425
+#define T_Trap 425
-#define T_Trustedkey 426
+#define T_True 426
-#define T_Ttl 427
+#define T_Trustedkey 427
-#define T_Type 428
+#define T_Ttl 428
-#define T_U_int 429
+#define T_Type 429
-#define T_UEcrypto 430
+#define T_U_int 430
-#define T_UEcryptonak 431
+#define T_UEcrypto 431
-#define T_UEdigest 432
+#define T_UEcryptonak 432
-#define T_Unconfig 433
+#define T_UEdigest 433
-#define T_Unpeer 434
+#define T_Unconfig 434
-#define T_Version 435
+#define T_Unpeer 435
-#define T_WanderThreshold 436
+#define T_Version 436
-#define T_Week 437
+#define T_WanderThreshold 437
-#define T_Wildcard 438
+#define T_Week 438
-#define T_Xleave 439
+#define T_Wildcard 439
-#define T_Year 440
+#define T_Xleave 440
-#define T_Flag 441
+#define T_Year 441
-#define T_EOC 442
+#define T_Flag 442
-#define T_Simulate 443
+#define T_EOC 443
-#define T_Beep_Delay 444
+#define T_Simulate 444
-#define T_Sim_Duration 445
+#define T_Beep_Delay 445
-#define T_Server_Offset 446
+#define T_Sim_Duration 446
-#define T_Duration 447
+#define T_Server_Offset 447
-#define T_Freq_Offset 448
+#define T_Duration 448
-#define T_Wander 449
+#define T_Freq_Offset 449
-#define T_Jitter 450
+#define T_Wander 450
-#define T_Prop_Delay 451
+#define T_Jitter 451
-#define T_Proc_Delay 452
+#define T_Prop_Delay 452
 #define T_Proc_Delay 453
 /* Value type.  */
 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
@ -463,7 +465,7 @@ union YYSTYPE
 	script_info *		Sim_script;
 	script_info_fifo *	Sim_script_fifo;
-#line 467 "../../ntpd/ntp_parser.h" /* yacc.c:1909  */
+#line 469 "ntp_parser.h" /* yacc.c:1909  */
 };
 typedef union YYSTYPE YYSTYPE;
--- a/contrib/ntp/ntpd/ntp_peer.c
+++ b/contrib/ntp/ntpd/ntp_peer.c
@ -273,6 +273,22 @@ findexistingpeer(
 /*
 * findpeer - find and return a peer match for a received datagram in
 *	      the peer_hash table.
 *
 * [Bug 3072] To faciliate a faster reorganisation after routing changes
 * the original code re-assigned the peer address to be the destination
 * of the received packet and initiated another round on a mismatch.
 * Unfortunately this leaves us wide open for a DoS attack where the
 * attacker directs a packet with forged destination address to us --
 * this results in a wrong interface assignment, actually creating a DoS
 * situation.
 *
 * This condition would persist until the next update of the interface
 * list, but a continued attack would put us out of business again soon
 * enough. Authentication alone does not help here, since it does not
 * protect the UDP layer and leaves us open for a replay attack.
 *
 * So we do not update the adresses and wait until the next interface
 * list update does the right thing for us.
 */
 struct peer *
 findpeer(
@ -291,61 +307,50 @@ findpeer(
 	srcadr = &rbufp->recv_srcadr;
 	hash = NTP_HASH_ADDR(srcadr);
 	for (p = peer_hash[hash]; p != NULL; p = p->adr_link) {
 		if (ADDR_PORT_EQ(srcadr, &p->srcadr)) {
-			/*
+		/* [Bug 3072] ensure interface of peer matches */
-			 * if the association matching rules determine
+		if (p->dstadr != rbufp->dstadr)
-			 * that this is not a valid combination, then
+			continue;
 			 * look for the next valid peer association.
 			 */
 			*action = MATCH_ASSOC(p->hmode, pkt_mode);
-			/*
+		/* ensure peer source address matches */
-			 * A response to our manycastclient solicitation
+		if ( ! ADDR_PORT_EQ(srcadr, &p->srcadr))
-			 * might be misassociated with an ephemeral peer
+			continue;
-			 * already spun for the server.  If the packet's
+		
-			 * org timestamp doesn't match the peer's, check
+		/* If the association matching rules determine that this
-			 * if it matches the ACST prototype peer's.  If
+		 * is not a valid combination, then look for the next
-			 * so it is a redundant solicitation response,
+		 * valid peer association.
-			 * return AM_ERR to discard it.  [Bug 1762]
+		 */
-			 */
+		*action = MATCH_ASSOC(p->hmode, pkt_mode);
 			if (MODE_SERVER == pkt_mode &&
 			    AM_PROCPKT == *action) {
 				pkt = &rbufp->recv_pkt;
 				NTOHL_FP(&pkt->org, &pkt_org);
 				if (!L_ISEQU(&p->aorg, &pkt_org) &&
 				    findmanycastpeer(rbufp))
 					*action = AM_ERR;
 			}
-			/*
+		/* A response to our manycastclient solicitation might
-			 * if an error was returned, exit back right
+		 * be misassociated with an ephemeral peer already spun
-			 * here.
+		 * for the server.  If the packet's org timestamp
-			 */
+		 * doesn't match the peer's, check if it matches the
-			if (*action == AM_ERR)
+		 * ACST prototype peer's.  If so it is a redundant
-				return NULL;
+		 * solicitation response, return AM_ERR to discard it.
-
+		 * [Bug 1762]
-			/*
+		 */
-			 * if a match is found, we stop our search.
+		if (MODE_SERVER == pkt_mode && AM_PROCPKT == *action) {
-			 */
+			pkt = &rbufp->recv_pkt;
-			if (*action != AM_NOMATCH)
+			NTOHL_FP(&pkt->org, &pkt_org);
-				break;
+			if (!L_ISEQU(&p->aorg, &pkt_org) &&
 			    findmanycastpeer(rbufp))
 				*action = AM_ERR;
 		}
 		/* if an error was returned, exit back right here. */
 		if (*action == AM_ERR)
 			return NULL;
 		/* if a match is found, we stop our search. */
 		if (*action != AM_NOMATCH)
 			break;
 	}
-	/*
+	/* If no matching association is found... */
-	 * If no matching association is found
+	if (NULL == p)
 	 */
 	if (NULL == p) {
 		*action = MATCH_ASSOC(NO_PEER, pkt_mode);
-	} else if (p->dstadr != rbufp->dstadr) {
+
 		set_peerdstadr(p, rbufp->dstadr);
 		if (p->dstadr == rbufp->dstadr) {
 			DPRINTF(1, ("Changed %s local address to match response\n",
 				    stoa(&p->srcadr)));
 			return findpeer(rbufp, pkt_mode, action);
 		}
 	}
 	return p;
 }
@ -621,6 +626,12 @@ set_peerdstadr(
 {
 	struct peer *	unlinked;
 	DEBUG_INSIST(p != NULL);
 	if (p == NULL)
 		return;
 	/* check for impossible or identical assignment */
 	if (p->dstadr == dstadr)
 		return;
@ -632,6 +643,8 @@ set_peerdstadr(
 	    (INT_MCASTIF & dstadr->flags) && MODE_CLIENT == p->hmode) {
 		return;
 	}
 	/* unlink from list if we have an address prior to assignment */
 	if (p->dstadr != NULL) {
 		p->dstadr->peercnt--;
 		UNLINK_SLIST(unlinked, p->dstadr->peers, p, ilink,
@ -640,8 +653,11 @@ set_peerdstadr(
 			stoa(&p->srcadr), latoa(p->dstadr),
 			latoa(dstadr));
 	}
 	p->dstadr = dstadr;
-	if (dstadr != NULL) {
+
 	/* link to list if we have an address after assignment */
 	if (p->dstadr != NULL) {
 		LINK_SLIST(dstadr->peers, p, ilink);
 		dstadr->peercnt++;
 	}
--- a/contrib/ntp/ntpd/ntp_proto.c
+++ b/contrib/ntp/ntpd/ntp_proto.c
@ -138,6 +138,7 @@ char	*sys_ident = NULL;	/* identity scheme */
 * TOS and multicast mapping stuff
 */
 int	sys_floor = 0;		/* cluster stratum floor */
 u_char	sys_bcpollbstep = 0;	/* Broadcast Poll backstep gate */
 int	sys_ceiling = STRATUM_UNSPEC - 1; /* cluster stratum ceiling */
 int	sys_minsane = 1;	/* minimum candidates */
 int	sys_minclock = NTP_MINCLOCK; /* minimum candidates */
@ -278,7 +279,7 @@ valid_NAK(
 	  u_char hismode
 	  )
 {
-	int 		base_packet_length = MIN_V4_PKT_LEN;
+	int		base_packet_length = MIN_V4_PKT_LEN;
 	int		remainder_size;
 	struct pkt *	rpkt;
 	int		keyid;
@ -335,7 +336,7 @@ valid_NAK(
 		myorg = &peer->borg;
 	else
 		myorg = &peer->aorg;
-	
+
 	if (L_ISZERO(&p_org) ||
 	    L_ISZERO( myorg) ||
 	    !L_ISEQU(&p_org, myorg)) {
@ -1450,22 +1451,66 @@ receive(
 				++bail;
 			}
-			/* too early? worth an error, too! */
+			/* too early? worth an error, too!
 			 *
 			 * [Bug 3113] Ensure that at least one poll
 			 * interval has elapsed since the last **clean**
 			 * packet was received.  We limit the check to
 			 * **clean** packets to prevent replayed packets
 			 * and incorrectly authenticated packets, which
 			 * we'll discard, from being used to create a
 			 * denial of service condition.
 			 */
 			deadband = (1u << pkt->ppoll);
 			if (FLAG_BC_VOL & peer->flags)
 				deadband -= 3;	/* allow greater fuzz after volley */
-			if ((current_time - peer->timelastrec) < deadband) {
+			if ((current_time - peer->timereceived) < deadband) {
 				msyslog(LOG_INFO, "receive: broadcast packet from %s arrived after %lu, not %lu seconds!",
 					stoa(&rbufp->recv_srcadr),
-					(current_time - peer->timelastrec),
+					(current_time - peer->timereceived),
 					deadband);
 				++bail;
 			}
-			/* Alert if time from the server is non-monotonic */
+			/* Alert if time from the server is non-monotonic.
-			tdiff = p_xmt;
+			 *
-			L_SUB(&tdiff, &peer->bxmt);
+			 * [Bug 3114] is about Broadcast mode replay DoS.
-			if (tdiff.l_i < 0) {
+			 *
 			 * Broadcast mode *assumes* a trusted network.
 			 * Even so, it's nice to be robust in the face
 			 * of attacks.
 			 *
 			 * If we get an authenticated broadcast packet
 			 * with an "earlier" timestamp, it means one of
 			 * two things:
 			 *
 			 * - the broadcast server had a backward step.
 			 *
 			 * - somebody is trying a replay attack.
 			 *
 			 * deadband: By default, we assume the broadcast
 			 * network is trustable, so we take our accepted
 			 * broadcast packets as we receive them.  But
 			 * some folks might want to take additional poll
 			 * delays before believing a backward step. 
 			 */
 			if (sys_bcpollbstep) {
 				/* pkt->ppoll or peer->ppoll ? */
 				deadband = (1u << pkt->ppoll)
 					   * sys_bcpollbstep + 2;
 			} else {
 				deadband = 0;
 			}
 			if (L_ISZERO(&peer->bxmt)) {
 				tdiff.l_ui = tdiff.l_uf = 0;
 			} else {
 				tdiff = p_xmt;
 				L_SUB(&tdiff, &peer->bxmt);
 			}
 			if (tdiff.l_i < 0 &&
 			    (current_time - peer->timereceived) < deadband)
 			{
 				msyslog(LOG_INFO, "receive: broadcast packet from %s contains non-monotonic timestamp: %#010x.%08x -> %#010x.%08x",
 					stoa(&rbufp->recv_srcadr),
 					peer->bxmt.l_ui, peer->bxmt.l_uf,
@ -1474,8 +1519,6 @@ receive(
 				++bail;
 			}
 			peer->bxmt = p_xmt;
 			if (bail) {
 				peer->timelastrec = current_time;
 				sys_declined++;
@ -1623,7 +1666,7 @@ receive(
 				peer->borg.l_ui, peer->borg.l_uf);
 			return;
 		}
-	
+
 	/*
 	 * Basic mode checks:
 	 *
@ -1645,13 +1688,38 @@ receive(
 	} else if (peer->flip == 0) {
 		INSIST(0 != hisstratum);
 		INSIST(STRATUM_UNSPEC != hisstratum);
 		if (0) {
 		} else if (L_ISZERO(&p_org)) {
-			msyslog(LOG_INFO,
+			char *action;
-				"receive: Got 0 origin timestamp from %s@%s xmt %#010x.%08x",
+
 				hm_str, ntoa(&peer->srcadr),
 				ntohl(pkt->xmt.l_ui), ntohl(pkt->xmt.l_uf));
 			L_CLR(&peer->aorg);
 			/**/
 			switch (hismode) {
 			/* We allow 0org for: */
 			    case UCHAR_MAX:
 				action = "Allow";
 				break;
 			/* We disallow 0org for: */
 			    case MODE_UNSPEC:
 			    case MODE_ACTIVE:
 			    case MODE_PASSIVE:
 			    case MODE_CLIENT:
 			    case MODE_SERVER:
 			    case MODE_BROADCAST:
 				action = "Drop";
 				peer->bogusorg++;
 				peer->flash |= TEST2;	/* bogus */
 				break;
 			    default:
 				INSIST(!"receive(): impossible hismode");
 				break;
 			}
 			/**/
 			msyslog(LOG_INFO,
 				"receive: %s 0 origin timestamp from %s@%s xmt %#010x.%08x",
 				action, hm_str, ntoa(&peer->srcadr),
 				ntohl(pkt->xmt.l_ui), ntohl(pkt->xmt.l_uf));
 		} else if (!L_ISEQU(&p_org, &peer->aorg)) {
 			/* are there cases here where we should bail? */
 			/* Should we set TEST2 if we decide to try xleave? */
@ -1800,6 +1868,12 @@ receive(
 				"receive: Bad broadcast auth (%d) from %s",
 				is_authentic, ntoa(&peer->srcadr));
 		}
 		/*
 		 * Now that we know the packet is correctly authenticated,
 		 * update peer->bxmt.
 		 */
 		peer->bxmt = p_xmt;
 	}
@ -1878,7 +1952,7 @@ receive(
 			peer->badauth++;
 			return;
 		}
-	    	break;
+		break;
 	    case MODE_CLIENT:		/* client mode */
 #if 0		/* At this point, MODE_CONTROL is overloaded by MODE_BCLIENT */
@ -1886,14 +1960,14 @@ receive(
 #endif
 	    case MODE_PRIVATE:		/* private mode */
 	    case MODE_BCLIENT:		/* broadcast client mode */
-	    	break;
+		break;
 	    case MODE_UNSPEC:		/* unspecified (old version) */
 	    default:
 		msyslog(LOG_INFO,
 			"receive: Unexpected mode (%d) in packet from %s",
 			hismode, ntoa(&peer->srcadr));
-	    	break;
+		break;
 	}
@ -2695,6 +2769,7 @@ peer_clear(
 	)
 {
 	u_char	u;
 	l_fp	bxmt = peer->bxmt;	/* bcast clients retain this! */
 #ifdef AUTOKEY
 	/*
@ -2731,6 +2806,10 @@ peer_clear(
 	peer->flash = peer_unfit(peer);
 	peer->jitter = LOGTOD(sys_precision);
 	/* Don't throw away our broadcast replay protection */
 	if (peer->hmode == MODE_BCLIENT)
 		peer->bxmt = bxmt;
 	/*
 	 * If interleave mode, initialize the alternate origin switch.
 	 */
@ -3040,8 +3119,9 @@ clock_select(void)
 		 * Leave the island immediately if the peer is
 		 * unfit to synchronize.
 		 */
-		if (peer_unfit(peer))
+		if (peer_unfit(peer)) {
 			continue;
 		}
 		/*
 		 * If this peer is an orphan parent, elect the
@ -3081,8 +3161,9 @@ clock_select(void)
 		 * parent in ancestry so are excluded.
 		 * See http://bugs.ntp.org/2050
 		 */
-		if (peer->stratum > sys_orphan)
+		if (peer->stratum > sys_orphan) {
 			continue;
 		}
 #ifdef REFCLOCK
 		/*
 		 * The following are special cases. We deal
@ -3531,15 +3612,15 @@ root_distance(
 	/*
 	 * Root Distance (LAMBDA) is defined as:
-	 * (delta + DELTA)/2 + epsilon + EPSILON + phi
+	 * (delta + DELTA)/2 + epsilon + EPSILON + D
 	 *
 	 * where:
 	 *  delta   is the round-trip delay
 	 *  DELTA   is the root delay
-	 *  epsilon is the remote server precision + local precision
+	 *  epsilon is the peer dispersion
 	 *	    + (15 usec each second)
 	 *  EPSILON is the root dispersion
-	 *  phi     is the peer jitter statistic
+	 *  D       is sys_jitter
 	 *
 	 * NB: Think hard about why we are using these values, and what
 	 * the alternatives are, and the various pros/cons.
@ -3548,8 +3629,7 @@ root_distance(
 	 * other worse choices.
 	 */
 	dtemp = (peer->delay + peer->rootdelay) / 2
-		+ LOGTOD(peer->precision)
+		+ peer->disp
 		  + LOGTOD(sys_precision)
 		  + clock_phi * (current_time - peer->update)
 		+ peer->rootdisp
 		+ peer->jitter;
@ -3995,6 +4075,10 @@ leap_smear_add_offs(
 	L_ADD(t, &leap_smear.offset);
 	/*
 	** XXX: Should the smear be added to the root dispersion?
 	*/
 	return;
 }
@ -4425,8 +4509,9 @@ peer_unfit(
 	 */
 	if (   peer->leap == LEAP_NOTINSYNC
 	    || peer->stratum < sys_floor
-	    || peer->stratum >= sys_ceiling)
+	    || peer->stratum >= sys_ceiling) {
 		rval |= TEST10;		/* bad synch or stratum */
 	}
 	/*
 	 * A distance error for a remote peer occurs if the root
@ -4435,8 +4520,9 @@ peer_unfit(
 	 */
 	if (   !(peer->flags & FLAG_REFCLOCK)
 	    && root_distance(peer) >= sys_maxdist
-				      + clock_phi * ULOGTOD(peer->hpoll))
+				      + clock_phi * ULOGTOD(peer->hpoll)) {
 		rval |= TEST11;		/* distance exceeded */
 	}
 	/*
 	 * A loop error occurs if the remote peer is synchronized to the
@ -4444,15 +4530,17 @@ peer_unfit(
 	 * server as the local peer but only if the remote peer is
 	 * neither a reference clock nor an orphan.
 	 */
-	if (peer->stratum > 1 && local_refid(peer))
+	if (peer->stratum > 1 && local_refid(peer)) {
 		rval |= TEST12;		/* synchronization loop */
 	}
 	/*
 	 * An unreachable error occurs if the server is unreachable or
 	 * the noselect bit is set.
 	 */
-	if (!peer->reach || (peer->flags & FLAG_NOSELECT))
+	if (!peer->reach || (peer->flags & FLAG_NOSELECT)) {
 		rval |= TEST13;		/* unreachable */
 	}
 	peer->flash &= ~PEER_TEST_MASK;
 	peer->flash |= rval;
@ -4717,6 +4805,11 @@ proto_config(
 	/*
 	 * tos command - arguments are double, sometimes cast to int
 	 */
 	case PROTO_BCPOLLBSTEP:	/* Broadcast Poll Backstep gate (bcpollbstep) */
 		sys_bcpollbstep = (u_char)dvalue;
 		break;
 	case PROTO_BEACON:	/* manycast beacon (beacon) */
 		sys_beacon = (int)dvalue;
 		break;
--- a/contrib/ntp/ntpd/ntp_refclock.c
+++ b/contrib/ntp/ntpd/ntp_refclock.c
@ -710,7 +710,7 @@ process_refclock_packet(
 	if (rio->io_input == NULL || (*rio->io_input)(rb) != 0) {
 		rio->recvcount++;
 		packets_received++;
-		handler_pkts++;		
+		handler_pkts++;
 		(*rio->clock_recv)(rb);
 	}
 }
@ -1208,6 +1208,7 @@ refclock_ppsapi(
 			    "refclock_ppsapi: time_pps_create: %m");
 			return (0);
 		}
 		ZERO(ap->ts); /* [Bug 2689] defined INIT state */
 	}
 	return (1);
 }
@ -1278,7 +1279,7 @@ refclock_pps(
 	struct refclockproc *pp;
 	pps_info_t pps_info;
 	struct timespec timeout;
-	double	dtemp;
+	double	dtemp, dcorr, trash;
 	/*
 	 * We require the clock to be synchronized before setting the
@ -1293,15 +1294,14 @@ refclock_pps(
 		if (refclock_params(pp->sloppyclockflag, ap) < 1)
 			return (0);
 	}
-	timeout.tv_sec = 0;
+	ZERO(timeout);
 	timeout.tv_nsec = 0;
 	ZERO(pps_info);
 	if (time_pps_fetch(ap->handle, PPS_TSFMT_TSPEC, &pps_info,
 	    &timeout) < 0) {
 		refclock_report(peer, CEVNT_FAULT);
 		return (0);
 	}
-	timeout = ap->ts;
+	timeout = ap->ts;	/* save old timestamp for check */
 	if (ap->pps_params.mode & PPS_CAPTUREASSERT)
 		ap->ts = pps_info.assert_timestamp;
 	else if (ap->pps_params.mode & PPS_CAPTURECLEAR)
@ -1309,22 +1309,62 @@ refclock_pps(
 	else
 		return (0);
 	/* [Bug 2689] Discard the first sample we read -- if the PPS
 	 * source is currently down / disconnected, we have read a
 	 * potentially *very* stale value here. So if our old TS value
 	 * is all-zero, we consider this sample unrealiable and drop it.
 	 *
 	 * Note 1: a better check would compare the PPS time stamp to
 	 * the current system time and drop it if it's more than say 3s
 	 * away.
 	 *
 	 * Note 2: If we ever again get an all-zero PPS sample, the next
 	 * one will be discarded. This can happen every 136yrs and is
 	 * unlikely to be ever observed.
 	 */
 	if (0 == (timeout.tv_sec | timeout.tv_nsec))
 		return (0);
 	/* If the PPS source fails to deliver a new sample between
 	 * polls, it regurgitates the last sample. We do not want to
 	 * process the same sample multiple times.
 	 */
 	if (0 == memcmp(&timeout, &ap->ts, sizeof(timeout)))
 		return (0);
 	/*
-	 * Convert to signed fraction offset and stuff in median filter.
+	 * Convert to signed fraction offset, apply fudge and properly
 	 * fold the correction into the [-0.5s,0.5s] range. Handle
 	 * excessive fudge times, too.
 	 */
 	dtemp = ap->ts.tv_nsec / 1e9;
 	dcorr = modf((pp->fudgetime1 - dtemp), &trash);
 	if (dcorr > 0.5)
 		dcorr -= 1.0;
 	else if (dcorr < -0.5)
 		dcorr += 1.0;
 	/* phase gate check: avoid wobbling by +/-1s when too close to
 	 * the switch-over point. We allow +/-400ms max phase deviation.
 	 * The trade-off is clear: The smaller the limit, the less
 	 * sensitive to sampling noise the clock becomes. OTOH the
 	 * system must get into phase gate range by other means for the
 	 * PPS clock to lock in.
 	 */
 	if (fabs(dcorr) > 0.4)
 		return (0);
 	/*
 	 * record this time stamp and stuff in median filter
 	 */
 	pp->lastrec.l_ui = (u_int32)ap->ts.tv_sec + JAN_1970;
 	dtemp = ap->ts.tv_nsec / 1e9;
 	pp->lastrec.l_uf = (u_int32)(dtemp * FRAC);
-	if (dtemp > .5)
+	SAMPLE(dcorr);
-		dtemp -= 1.;
+	
 	SAMPLE(-dtemp + pp->fudgetime1);
 #ifdef DEBUG
 	if (debug > 1)
 		printf("refclock_pps: %lu %f %f\n", current_time,
-		    dtemp, pp->fudgetime1);
+		    dcorr, pp->fudgetime1);
 #endif
 	return (1);
 }
--- a/contrib/ntp/ntpd/ntpd-opts.c
+++ b/contrib/ntp/ntpd/ntpd-opts.c
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.c)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:32:42 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 07:59:43 AM by AutoGen 5.18.5
 *  From the definitions    ntpd-opts.def
 *  and the template file   options
 *
@ -75,7 +75,7 @@ extern FILE * option_usage_fp;
 *  static const strings for ntpd options
 */
 static char const ntpd_opt_strs[3129] =
-/*     0 */ "ntpd 4.2.8p8\n"
+/*     0 */ "ntpd 4.2.8p9\n"
            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
            "This is free software. It is licensed for use, modification and\n"
            "redistribution under the terms of the NTP License, copies of which\n"
@ -205,12 +205,12 @@ static char const ntpd_opt_strs[3129] =
 /*  2900 */ "output version information and exit\0"
 /*  2936 */ "version\0"
 /*  2944 */ "NTPD\0"
-/*  2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p8\n"
+/*  2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p9\n"
            "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n"
            "\t\t[ <server1> ... <serverN> ]\n\0"
 /*  3080 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  3114 */ "\n\0"
-/*  3116 */ "ntpd 4.2.8p8";
+/*  3116 */ "ntpd 4.2.8p9";
 /**
 *  ipv4 option description with
@ -1529,7 +1529,7 @@ static void bogus_function(void) {
     translate option names.
   */
  /* referenced via ntpdOptions.pzCopyright */
-  puts(_("ntpd 4.2.8p8\n\
+  puts(_("ntpd 4.2.8p9\n\
 Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
@ -1670,7 +1670,7 @@ implied warranty.\n"));
  puts(_("output version information and exit"));
  /* referenced via ntpdOptions.pzUsageTitle */
-  puts(_("ntpd - NTP daemon program - Ver. 4.2.8p8\n\
+  puts(_("ntpd - NTP daemon program - Ver. 4.2.8p9\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
 \t\t[ <server1> ... <serverN> ]\n"));
@ -1678,7 +1678,7 @@ Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
  puts(_("\n"));
  /* referenced via ntpdOptions.pzFullVersion */
-  puts(_("ntpd 4.2.8p8"));
+  puts(_("ntpd 4.2.8p9"));
  /* referenced via ntpdOptions.pzFullUsage */
  puts(_("<<<NOT-FOUND>>>"));
--- a/contrib/ntp/ntpd/ntpd-opts.h
+++ b/contrib/ntp/ntpd/ntpd-opts.h
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.h)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:32:40 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 07:59:42 AM by AutoGen 5.18.5
 *  From the definitions    ntpd-opts.def
 *  and the template file   options
 *
@ -106,9 +106,9 @@ typedef enum {
 /** count of all options for ntpd */
 #define OPTION_CT    38
 /** ntpd version */
-#define NTPD_VERSION       "4.2.8p8"
+#define NTPD_VERSION       "4.2.8p9"
 /** Full ntpd version text */
-#define NTPD_FULL_VERSION  "ntpd 4.2.8p8"
+#define NTPD_FULL_VERSION  "ntpd 4.2.8p9"
 /**
 *  Interface defines for all options.  Replace "n" with the UPPER_CASED
--- a/contrib/ntp/ntpd/ntpd.1ntpdman
+++ b/contrib/ntp/ntpd/ntpd.1ntpdman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd 1ntpdman "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpd 1ntpdman "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Jnai2U/ag-Ynaa1U)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-giaGkh/ag-tiayjh)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:36:01 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:01:50 AM by AutoGen 5.18.5
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpd/ntpd.1ntpdmdoc
+++ b/contrib/ntp/ntpd/ntpd.1ntpdmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPD 1ntpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:22 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:08 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/ntpd.html
+++ b/contrib/ntp/ntpd/ntpd.html
@ -39,7 +39,7 @@ The program can operate in any of several modes, including client/server,
 symmetric and broadcast modes, and with both symmetric-key and public-key
 cryptography.
-  <p>This document applies to version 4.2.8p8 of <code>ntpd</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntpd</code>.
 <ul class="menu">
 <li><a accesskey="1" href="#ntpd-Description">ntpd Description</a>:             Description
@ -220,7 +220,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
-<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p7
+<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p9-RC
 Usage:  ntpd [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... \
                [ &lt;server1&gt; ... &lt;serverN&gt; ]
  Flg Arg Option-Name    Description
--- a/contrib/ntp/ntpd/ntpd.man.in
+++ b/contrib/ntp/ntpd/ntpd.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd @NTPD_MS@ "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpd @NTPD_MS@ "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Jnai2U/ag-Ynaa1U)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-giaGkh/ag-tiayjh)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:36:01 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:01:50 AM by AutoGen 5.18.5
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpd/ntpd.mdoc.in
+++ b/contrib/ntp/ntpd/ntpd.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPD @NTPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:22 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:08 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpd/refclock_gpsdjson.c
+++ b/contrib/ntp/ntpd/refclock_gpsdjson.c
@ -949,7 +949,7 @@ add_clock_sample(
 	pp->lastref = stamp;
 	if (pp->coderecv == pp->codeproc)
 		refclock_report(peer, CEVNT_NOMINAL);
-	refclock_process_offset(pp, stamp, recvt, 0.0);
+	refclock_process_offset(pp, stamp, recvt, pp->fudgetime1);
 }
 /* ------------------------------------------------------------------ */
--- a/contrib/ntp/ntpd/refclock_jjy.c
+++ b/contrib/ntp/ntpd/refclock_jjy.c
@ -106,6 +106,10 @@
 /*  2015/05/15							      */
 /*    [Add]    Support the SEIKO TIME SYSTEMS TDC-300		      */
 /*								      */
 /*  2016/05/08							      */
 /*    [Fix]    C-DEX JST2000                                          */
 /*             Thanks to Mr. Kuramatsu for the report and the patch.  */
 /*								      */
 /**********************************************************************/
 #ifdef HAVE_CONFIG_H
@ -1499,9 +1503,9 @@ jjy_receive_cdex_jst2000 ( struct recvbuf *rbufp )
 		return JJY_RECEIVE_ERROR ;
 	}
-	/* JYYMMDD HHMMSSS */
+	/* JYYMMDDWHHMMSSS */
-	rc = sscanf ( pBuf, "J%2d%2d%2d %2d%2d%2d%1d",
+	rc = sscanf ( pBuf, "J%2d%2d%2d%*1d%2d%2d%2d%1d",
 		      &up->year, &up->month, &up->day,
 		      &up->hour, &up->minute, &up->second,
 		      &up->msecond ) ;
--- a/contrib/ntp/ntpd/refclock_jupiter.c
+++ b/contrib/ntp/ntpd/refclock_jupiter.c
@ -89,6 +89,11 @@
 /* Unix timestamp for the GPS epoch: January 6, 1980 */
 #define GPS_EPOCH 315964800
 /* Rata Die Number of first day of GPS epoch. This is the number of days
 * since 0000-12-31 to 1980-01-06 in the proleptic Gregorian Calendar.
 */
 #define RDN_GPS_EPOCH (4*146097 + 138431 + 1)
 /* Double short to unsigned int */
 #define DS2UI(p) ((getshort((p)[1]) << 16) | getshort((p)[0]))
@ -154,6 +159,10 @@ static	char *	jupiter_send	(struct instance *, struct jheader *);
 static	void	jupiter_shutdown(int, struct peer *);
 static	int	jupiter_start	(int, struct peer *);
 static	u_int	get_full_week(u_int base_week, u_int gpos_week);
 static	u_int	get_base_week(void);
 /*
 * Transfer vector
 */
@ -846,8 +855,14 @@ jupiter_parse_gpos(struct instance *instance, u_short *sp)
 		return ("Navigation solution not valid");
 	}
 	instance->gpos_gweek = jg->gweek;
 	instance->gpos_sweek = DS2UI(jg->sweek);
 	instance->gpos_gweek = get_full_week(get_base_week(),
 					     getshort(jg->gweek));
 	/* according to the protocol spec, the seconds-in-week cannot
 	 * exceed the nominal value: Is it really necessary to normalise
 	 * the seconds???
 	 */
 	while(instance->gpos_sweek >= WEEKSECS) {
 		instance->gpos_sweek -= WEEKSECS;
 		++instance->gpos_gweek;
@ -1115,6 +1130,56 @@ jupiter_recv(struct instance *instance)
 	return (cc);
 }
 static u_int
 get_base_week(void)
 {
 	static int 	init_done /* = 0 */;
 	static u_int	base_week;
 	/* Get the build date, convert to days since GPS epoch and
 	 * finally weeks since GPS epoch.  Note that the build stamp is
 	 * trusted once it is fetched -- only dates before the GPS epoch
 	 * are not permitted. This will permit proper synchronisation
 	 * for a time range of 1024 weeks starting with 00:00:00 of the
 	 * last Sunday on or before the build time.
 	 *
 	 * If the impossible happens and fetching the build date fails,
 	 * a 1024-week cycle starting with 2016-01-03 is assumed to
 	 * avoid catastropic errors. This will work until 2035-08-19.
 	 */
 	if (!init_done) {
 		struct calendar bd;
 		if (ntpcal_get_build_date(&bd)) {
 			int32_t days = ntpcal_date_to_rd(&bd);
 			if (days > RDN_GPS_EPOCH)
 				days -= RDN_GPS_EPOCH;
 			else
 				days = 0;
 			base_week = days / 7; 
 		} else {
 			base_week = 1878; /* 2016-01-03, Sunday */
 			msyslog(LOG_ERR,
 				"refclock_jupiter: ntpcal_get_build_date() failed: %s",
 				"using 2016-01-03 as GPS base!");
 		}
 		init_done = 1;
 	}
 	return base_week;
 }
 static u_int
 get_full_week(
 	u_int base_week,
 	u_int gpos_week
 	)
 {
 	/* Periodic extension on base week. Since the period is 1024
 	 * weeks and we do unsigned arithmetic here, we can do wonderful
 	 * things with masks and the well-defined overflow behaviour.
 	 */
 	return base_week + ((gpos_week - base_week) & 1023);
 }
 #else /* not (REFCLOCK && CLOCK_JUPITER && HAVE_PPSAPI) */
 int refclock_jupiter_bs;
 #endif /* not (REFCLOCK && CLOCK_JUPITER && HAVE_PPSAPI) */
--- a/contrib/ntp/ntpdc/invoke-ntpdc.texi
+++ b/contrib/ntp/ntpdc/invoke-ntpdc.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpdc.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:36:54 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:02:33 AM by AutoGen 5.18.5
 # From the definitions    ntpdc-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -76,7 +76,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p8
+ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p9
 Usage:  ntpdc [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
  Flg Arg Option-Name    Description
   -4 no  ipv4           Force IPv4 DNS name resolution
--- a/contrib/ntp/ntpdc/ntpdc-opts.c
+++ b/contrib/ntp/ntpdc/ntpdc-opts.c
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.c)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:36:34 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:02:18 AM by AutoGen 5.18.5
 *  From the definitions    ntpdc-opts.def
 *  and the template file   options
 *
@ -69,7 +69,7 @@ extern FILE * option_usage_fp;
 *  static const strings for ntpdc options
 */
 static char const ntpdc_opt_strs[1911] =
-/*     0 */ "ntpdc 4.2.8p8\n"
+/*     0 */ "ntpdc 4.2.8p9\n"
            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
            "This is free software. It is licensed for use, modification and\n"
            "redistribution under the terms of the NTP License, copies of which\n"
@ -128,14 +128,14 @@ static char const ntpdc_opt_strs[1911] =
 /*  1694 */ "no-load-opts\0"
 /*  1707 */ "no\0"
 /*  1710 */ "NTPDC\0"
-/*  1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p8\n"
+/*  1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p9\n"
            "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
 /*  1846 */ "$HOME\0"
 /*  1852 */ ".\0"
 /*  1854 */ ".ntprc\0"
 /*  1861 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  1895 */ "\n\0"
-/*  1897 */ "ntpdc 4.2.8p8";
+/*  1897 */ "ntpdc 4.2.8p9";
 /**
 *  ipv4 option description with
@ -796,7 +796,7 @@ static void bogus_function(void) {
     translate option names.
   */
  /* referenced via ntpdcOptions.pzCopyright */
-  puts(_("ntpdc 4.2.8p8\n\
+  puts(_("ntpdc 4.2.8p9\n\
 Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
@ -862,14 +862,14 @@ implied warranty.\n"));
  puts(_("load options from a config file"));
  /* referenced via ntpdcOptions.pzUsageTitle */
-  puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p8\n\
+  puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p9\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
  /* referenced via ntpdcOptions.pzExplain */
  puts(_("\n"));
  /* referenced via ntpdcOptions.pzFullVersion */
-  puts(_("ntpdc 4.2.8p8"));
+  puts(_("ntpdc 4.2.8p9"));
  /* referenced via ntpdcOptions.pzFullUsage */
  puts(_("<<<NOT-FOUND>>>"));
--- a/contrib/ntp/ntpdc/ntpdc-opts.h
+++ b/contrib/ntp/ntpdc/ntpdc-opts.h
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.h)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:36:34 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:02:17 AM by AutoGen 5.18.5
 *  From the definitions    ntpdc-opts.def
 *  and the template file   options
 *
@ -83,9 +83,9 @@ typedef enum {
 /** count of all options for ntpdc */
 #define OPTION_CT    15
 /** ntpdc version */
-#define NTPDC_VERSION       "4.2.8p8"
+#define NTPDC_VERSION       "4.2.8p9"
 /** Full ntpdc version text */
-#define NTPDC_FULL_VERSION  "ntpdc 4.2.8p8"
+#define NTPDC_FULL_VERSION  "ntpdc 4.2.8p9"
 /**
 *  Interface defines for all options.  Replace "n" with the UPPER_CASED
--- a/contrib/ntp/ntpdc/ntpdc.1ntpdcman
+++ b/contrib/ntp/ntpdc/ntpdc.1ntpdcman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc 1ntpdcman "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpdc 1ntpdcman "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-seaORW/ag-FeaGQW)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gTaibj/ag-tTaaaj)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:36:50 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:02:29 AM by AutoGen 5.18.5
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
+++ b/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPDC 1ntpdcmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:58 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:35 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpdc/ntpdc.html
+++ b/contrib/ntp/ntpdc/ntpdc.html
@ -36,7 +36,7 @@ display the time offset of the system clock relative to the server
 clock.  Run as root, it can correct the system clock to this offset as
 well.  It can be run as an interactive command or from a cron job.
-  <p>This document applies to version 4.2.8p8 of <code>ntpdc</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntpdc</code>.
  <p>The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
@ -152,7 +152,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
-<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p8
+<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p9
 Usage:  ntpdc [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [ host ...]
  Flg Arg Option-Name    Description
   -4 no  ipv4           Force IPv4 DNS name resolution
--- a/contrib/ntp/ntpdc/ntpdc.man.in
+++ b/contrib/ntp/ntpdc/ntpdc.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc @NTPDC_MS@ "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpdc @NTPDC_MS@ "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-seaORW/ag-FeaGQW)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gTaibj/ag-tTaaaj)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:36:50 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:02:29 AM by AutoGen 5.18.5
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpdc/ntpdc.mdoc.in
+++ b/contrib/ntp/ntpdc/ntpdc.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPDC @NTPDC_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:36:58 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:02:35 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpq/invoke-ntpq.texi
+++ b/contrib/ntp/ntpq/invoke-ntpq.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpq.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:37:46 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:03:06 AM by AutoGen 5.18.5
 # From the definitions    ntpq-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -848,7 +848,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntpq - standard NTP query program - Ver. 4.2.8p8
+ntpq - standard NTP query program - Ver. 4.2.8p9
 Usage:  ntpq [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
  Flg Arg Option-Name    Description
   -4 no  ipv4           Force IPv4 DNS name resolution
--- a/contrib/ntp/ntpq/ntpq-opts.c
+++ b/contrib/ntp/ntpq/ntpq-opts.c
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.c)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:37:05 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:02:38 AM by AutoGen 5.18.5
 *  From the definitions    ntpq-opts.def
 *  and the template file   options
 *
@ -69,7 +69,7 @@ extern FILE * option_usage_fp;
 *  static const strings for ntpq options
 */
 static char const ntpq_opt_strs[1982] =
-/*     0 */ "ntpq 4.2.8p8\n"
+/*     0 */ "ntpq 4.2.8p9\n"
            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
            "This is free software. It is licensed for use, modification and\n"
            "redistribution under the terms of the NTP License, copies of which\n"
@ -132,13 +132,13 @@ static char const ntpq_opt_strs[1982] =
 /*  1775 */ "no-load-opts\0"
 /*  1788 */ "no\0"
 /*  1791 */ "NTPQ\0"
-/*  1796 */ "ntpq - standard NTP query program - Ver. 4.2.8p8\n"
+/*  1796 */ "ntpq - standard NTP query program - Ver. 4.2.8p9\n"
            "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
 /*  1915 */ "$HOME\0"
 /*  1921 */ ".\0"
 /*  1923 */ ".ntprc\0"
 /*  1930 */ "http://bugs.ntp.org, bugs@ntp.org\0"
-/*  1964 */ "ntpq 4.2.8p8\0"
+/*  1964 */ "ntpq 4.2.8p9\0"
 /*  1977 */ "hash";
 /**
@ -841,7 +841,7 @@ static void bogus_function(void) {
     translate option names.
   */
  /* referenced via ntpqOptions.pzCopyright */
-  puts(_("ntpq 4.2.8p8\n\
+  puts(_("ntpq 4.2.8p9\n\
 Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
@ -910,11 +910,11 @@ implied warranty.\n"));
  puts(_("load options from a config file"));
  /* referenced via ntpqOptions.pzUsageTitle */
-  puts(_("ntpq - standard NTP query program - Ver. 4.2.8p8\n\
+  puts(_("ntpq - standard NTP query program - Ver. 4.2.8p9\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
  /* referenced via ntpqOptions.pzFullVersion */
-  puts(_("ntpq 4.2.8p8"));
+  puts(_("ntpq 4.2.8p9"));
  /* referenced via ntpqOptions.pzFullUsage */
  puts(_("<<<NOT-FOUND>>>"));
--- a/contrib/ntp/ntpq/ntpq-opts.h
+++ b/contrib/ntp/ntpq/ntpq-opts.h
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.h)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:37:04 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:02:38 AM by AutoGen 5.18.5
 *  From the definitions    ntpq-opts.def
 *  and the template file   options
 *
@ -84,9 +84,9 @@ typedef enum {
 /** count of all options for ntpq */
 #define OPTION_CT    16
 /** ntpq version */
-#define NTPQ_VERSION       "4.2.8p8"
+#define NTPQ_VERSION       "4.2.8p9"
 /** Full ntpq version text */
-#define NTPQ_FULL_VERSION  "ntpq 4.2.8p8"
+#define NTPQ_FULL_VERSION  "ntpq 4.2.8p9"
 /**
 *  Interface defines for all options.  Replace "n" with the UPPER_CASED
--- a/contrib/ntp/ntpq/ntpq.1ntpqman
+++ b/contrib/ntp/ntpq/ntpq.1ntpqman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq 1ntpqman "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpq 1ntpqman "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-pGa42X/ag-CGaW1X)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-nWaWmk/ag-AWaOlk)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:37:41 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:02 AM by AutoGen 5.18.5
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpq/ntpq.1ntpqmdoc
+++ b/contrib/ntp/ntpq/ntpq.1ntpqmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPQ 1ntpqmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:37:48 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:03:08 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpq/ntpq.c
+++ b/contrib/ntp/ntpq/ntpq.c
@ -34,6 +34,7 @@
 #include "openssl/evp.h"
 #include "openssl/objects.h"
 #include "openssl/err.h"
 #include "libssl_compat.h"
 #endif
 #include <ssl_applink.c>
@ -3582,7 +3583,7 @@ static void list_md_fn(const EVP_MD *m, const char *from, const char *to, void *
    size_t len, n;
    const char *name, *cp, **seen;
    struct hstate *hstate = arg;
-    EVP_MD_CTX ctx;
+    EVP_MD_CTX *ctx;
    u_int digest_len;
    u_char digest[EVP_MAX_MD_SIZE];
@ -3613,8 +3614,10 @@ static void list_md_fn(const EVP_MD *m, const char *from, const char *to, void *
     * Keep this consistent with keytype_from_text() in ssl_init.c.
     */
-    EVP_DigestInit(&ctx, EVP_get_digestbyname(name));
+    ctx = EVP_MD_CTX_new();
-    EVP_DigestFinal(&ctx, digest, &digest_len);
+    EVP_DigestInit(ctx, EVP_get_digestbyname(name));
    EVP_DigestFinal(ctx, digest, &digest_len);
    EVP_MD_CTX_free(ctx);
    if (digest_len > (MAX_MAC_LEN - sizeof(keyid_t)))
        return;
--- a/contrib/ntp/ntpq/ntpq.html
+++ b/contrib/ntp/ntpq/ntpq.html
@ -44,7 +44,7 @@ monitor the operational status
 and determine the performance of
 <code>ntpd</code>, the NTP daemon.
-  <p>This document applies to version 4.2.8p8 of <code>ntpq</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntpq</code>.
 <ul class="menu">
 <li><a accesskey="1" href="#ntpq-Description">ntpq Description</a>
@ -770,7 +770,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
-<pre class="example">ntpq - standard NTP query program - Ver. 4.2.8p7
+<pre class="example">ntpq - standard NTP query program - Ver. 4.2.8p9-RC
 Usage:  ntpq [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [ host ...]
  Flg Arg Option-Name    Description
   -4 no  ipv4           Force IPv4 DNS name resolution
--- a/contrib/ntp/ntpq/ntpq.man.in
+++ b/contrib/ntp/ntpq/ntpq.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq @NTPQ_MS@ "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpq @NTPQ_MS@ "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-pGa42X/ag-CGaW1X)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-nWaWmk/ag-AWaOlk)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:37:41 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:02 AM by AutoGen 5.18.5
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpq/ntpq.mdoc.in
+++ b/contrib/ntp/ntpq/ntpq.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPQ @NTPQ_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:37:48 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:03:08 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
+++ b/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsnmpd.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:39:15 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 08:03:22 AM by AutoGen 5.18.5
 # From the definitions    ntpsnmpd-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -47,7 +47,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p8
+ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p9
 Usage:  ntpsnmpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
  Flg Arg Option-Name    Description
   -n no  nofork         Do not fork
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.c)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:37:55 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:03:11 AM by AutoGen 5.18.5
 *  From the definitions    ntpsnmpd-opts.def
 *  and the template file   options
 *
@ -61,7 +61,7 @@ extern FILE * option_usage_fp;
 *  static const strings for ntpsnmpd options
 */
 static char const ntpsnmpd_opt_strs[1610] =
-/*     0 */ "ntpsnmpd 4.2.8p8\n"
+/*     0 */ "ntpsnmpd 4.2.8p9\n"
            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
            "This is free software. It is licensed for use, modification and\n"
            "redistribution under the terms of the NTP License, copies of which\n"
@ -101,14 +101,14 @@ static char const ntpsnmpd_opt_strs[1610] =
 /*  1414 */ "no-load-opts\0"
 /*  1427 */ "no\0"
 /*  1430 */ "NTPSNMPD\0"
-/*  1439 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p8\n"
+/*  1439 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p9\n"
            "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
 /*  1542 */ "$HOME\0"
 /*  1548 */ ".\0"
 /*  1550 */ ".ntprc\0"
 /*  1557 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  1591 */ "\n\0"
-/*  1593 */ "ntpsnmpd 4.2.8p8";
+/*  1593 */ "ntpsnmpd 4.2.8p9";
 /**
 *  nofork option description:
@ -554,7 +554,7 @@ static void bogus_function(void) {
     translate option names.
   */
  /* referenced via ntpsnmpdOptions.pzCopyright */
-  puts(_("ntpsnmpd 4.2.8p8\n\
+  puts(_("ntpsnmpd 4.2.8p9\n\
 Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
@ -599,14 +599,14 @@ implied warranty.\n"));
  puts(_("load options from a config file"));
  /* referenced via ntpsnmpdOptions.pzUsageTitle */
-  puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p8\n\
+  puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p9\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
  /* referenced via ntpsnmpdOptions.pzExplain */
  puts(_("\n"));
  /* referenced via ntpsnmpdOptions.pzFullVersion */
-  puts(_("ntpsnmpd 4.2.8p8"));
+  puts(_("ntpsnmpd 4.2.8p9"));
  /* referenced via ntpsnmpdOptions.pzFullUsage */
  puts(_("<<<NOT-FOUND>>>"));
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
@ -1,7 +1,7 @@
 /*
 *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.h)
 *
- *  It has been AutoGen-ed  June  2, 2016 at 07:37:55 AM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  November 21, 2016 at 08:03:11 AM by AutoGen 5.18.5
 *  From the definitions    ntpsnmpd-opts.def
 *  and the template file   options
 *
@ -76,9 +76,9 @@ typedef enum {
 /** count of all options for ntpsnmpd */
 #define OPTION_CT    8
 /** ntpsnmpd version */
-#define NTPSNMPD_VERSION       "4.2.8p8"
+#define NTPSNMPD_VERSION       "4.2.8p9"
 /** Full ntpsnmpd version text */
-#define NTPSNMPD_FULL_VERSION  "ntpsnmpd 4.2.8p8"
+#define NTPSNMPD_FULL_VERSION  "ntpsnmpd 4.2.8p9"
 /**
 *  Interface defines for all options.  Replace "n" with the UPPER_CASED
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd 1ntpsnmpdman "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpsnmpd 1ntpsnmpdman "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-IPay_Y/ag-WPaq.Y)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-oTaGvl/ag-ATayul)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:11 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:18 AM by AutoGen 5.18.5
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPSNMPD 1ntpsnmpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:39:18 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:03:24 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.html
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.html
@ -42,7 +42,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>The <code>ntpsnmpd</code> utility program is used to monitor NTP daemon <code>ntpd</code>
 operations and determine performance.  It uses the standard NTP mode 6 control
-  <p>This document applies to version 4.2.8p8 of <code>ntpsnmpd</code>.
+  <p>This document applies to version 4.2.8p9 of <code>ntpsnmpd</code>.
 <ul class="menu">
 <li><a accesskey="1" href="#ntpsnmpd-Description">ntpsnmpd Description</a>:             Description
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd @NTPSNMPD_MS@ "02 Jun 2016" "4.2.8p8" "User Commands"
+.TH ntpsnmpd @NTPSNMPD_MS@ "21 Nov 2016" "4.2.8p9" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-IPay_Y/ag-WPaq.Y)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-oTaGvl/ag-ATayul)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:39:11 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 08:03:18 AM by AutoGen 5.18.5
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTPSNMPD @NTPSNMPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:39:18 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 08:03:24 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/packageinfo.sh
+++ b/contrib/ntp/packageinfo.sh
@ -83,7 +83,7 @@ CLTAG=NTP_4_2_0
 # - Numeric values increment
 # - empty 'increments' to 1
 # - NEW 'increments' to empty
-point=8
+point=9
 ### betapoint is normally modified by script.
 # ntp-stable Beta number (betapoint)
--- a/contrib/ntp/scripts/build/genAuthors.in
+++ b/contrib/ntp/scripts/build/genAuthors.in
@ -34,21 +34,23 @@ use warnings;
 my $bk_u = "bk changes -and:USER: | sort -u |";
 chomp(my $bk_root = `bk root`);
-my $A_path = "$bk_root/BitKeeper/etc/authors.txt";
+my $A_dir = "$bk_root/BitKeeper/etc/Authors";
 my $A_file = "$bk_root/BitKeeper/etc/authors.txt";
 my %authors;
 my $problem = 0;
-die "bkroot: <$bk_root>, A_path: <$A_path>\n" if (! -r $A_path);
+die "bkroot: <$bk_root>, A_dir: <$A_dir>\n" if (! -r $A_dir);
 die "bkroot: <$bk_root>, A_file: <$A_file>\n" if (! -r $A_file);
 # Process the authors.txt file
-open(my $FILE, '<', $A_path) or die "Could not open <$A_path>: $!\n";
+open(my $FILE, '<', $A_file) or die "Could not open <$A_file>: $!\n";
 while (<$FILE>) {
  chomp;
  if (/^([\S]+) = ([\V]+) <([\w.-]+\@[\w.-]+)>$/) {
    # print "Got '$1 = $2 <$3>'\n";
    $authors{$1} = "";
  } else {
-    print "In $A_path: unrecognized line: '$_'\n";
+    print "In $A_file: unrecognized line: '$_'\n";
    $problem = 1;
  }
 }
@ -69,7 +71,7 @@ while (<BKU>) {
  if (!defined($authors{$Name})) {
    $problem = 1;
    print "<$Name> is not a defined author!\n";
-    open(my $FILE, '>>', "$A_path/$name.txt") || die "Cannot create '$A_path/$name.txt': $!\n";
+    open(my $FILE, '>>', "$A_dir/$name.txt") || die "Cannot create '$A_dir/$name.txt': $!\n";
    print $FILE "$Name = \n";
    close($FILE);
  }
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH calc_tickadj 1calc_tickadjman "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH calc_tickadj 1calc_tickadjman "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-3laW2J/ag-ema41J)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-OyayV3/ag-1yaGU3)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:24:25 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 07:58:34 AM by AutoGen 5.18.5
 .\" From the definitions calc_tickadj-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt CALC_TICKADJ 1calc_tickadjmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (calc_tickadj-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:24:27 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 07:58:36 AM by AutoGen 5.18.5
 .\"  From the definitions    calc_tickadj-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
@ -31,7 +31,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <h2 class="unnumbered">calc_tickadj User's Manual</h2>
 <p>This document describes the use of the NTP Project's <code>calc_tickadj</code> program. 
-This document applies to version 4.2.8p8 of <code>calc_tickadj</code>.
+This document applies to version 4.2.8p9 of <code>calc_tickadj</code>.
  <div class="shortcontents">
 <h2>Short Contents</h2>
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH calc_tickadj 1calc_tickadjman "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH calc_tickadj 1calc_tickadjman "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-3laW2J/ag-ema41J)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-OyayV3/ag-1yaGU3)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:24:25 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 07:58:34 AM by AutoGen 5.18.5
 .\" From the definitions calc_tickadj-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt CALC_TICKADJ 1calc_tickadjmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (calc_tickadj-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:24:27 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 07:58:36 AM by AutoGen 5.18.5
 .\"  From the definitions    calc_tickadj-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
+++ b/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-calc_tickadj.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:24:29 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 07:58:38 AM by AutoGen 5.18.5
 # From the definitions    calc_tickadj-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
--- a/contrib/ntp/scripts/invoke-plot_summary.texi
+++ b/contrib/ntp/scripts/invoke-plot_summary.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-plot_summary.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:25:50 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 07:59:26 AM by AutoGen 5.18.5
 # From the definitions    plot_summary-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -41,7 +41,7 @@ with a status code of 0.
@exampleindent 0
@example
-plot_summary - plot statistics generated by summary script - Ver. 4.2.8p8
+plot_summary - plot statistics generated by summary script - Ver. 4.2.8p9
 USAGE: plot_summary [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
        --directory=str          Where the summary files are
--- a/contrib/ntp/scripts/invoke-summary.texi
+++ b/contrib/ntp/scripts/invoke-summary.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-summary.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:25:58 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 07:59:32 AM by AutoGen 5.18.5
 # From the definitions    summary-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -42,7 +42,7 @@ with a status code of 0.
@exampleindent 0
@example
-summary - compute various stastics from NTP stat files - Ver. 4.2.8p8
+summary - compute various stastics from NTP stat files - Ver. 4.2.8p9
 USAGE: summary [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
        --directory=str          Directory containing stat files
--- a/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
+++ b/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp-wait.texi)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:24:39 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 07:58:47 AM by AutoGen 5.18.5
 # From the definitions    ntp-wait-opts.def
 # and the template file   agtexi-cmd.tpl
@end ignore
@ -61,7 +61,7 @@ with a status code of 0.
@exampleindent 0
@example
-ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p8
+ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p9
 USAGE: ntp-wait [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
    -n, --tries=num              Number of times to check ntpd
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (ntp-wait-opts)
 #
-# It has been AutoGen-ed  June  2, 2016 at 07:24:33 AM by AutoGen 5.18.5
+# It has been AutoGen-ed  November 21, 2016 at 07:58:41 AM by AutoGen 5.18.5
 # From the definitions    ntp-wait-opts.def
 # and the template file   perlopt
@ -40,7 +40,7 @@ sub processOptions {
        'help|?', 'more-help'));
    $usage = <<'USAGE';
-ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p8
+ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p9
 USAGE: ntp-wait [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
    -n, --tries=num              Number of times to check ntpd
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-wait 1ntp-waitman "02 Jun 2016" "ntp (4.2.8p8)" "User Commands"
+.TH ntp-wait 1ntp-waitman "21 Nov 2016" "ntp (4.2.8p9)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-IZaWqL/ag-WZa4pL)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-oRayj5/ag-CRaGi5)
 .\"
-.\" It has been AutoGen-ed June 2, 2016 at 07:24:36 AM by AutoGen 5.18.5
+.\" It has been AutoGen-ed November 21, 2016 at 07:58:43 AM by AutoGen 5.18.5
 .\" From the definitions ntp-wait-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
@ -1,9 +1,9 @@
-.Dd June 2 2016
+.Dd November 21 2016
 .Dt NTP_WAIT 1ntp-waitmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-wait-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  June  2, 2016 at 07:24:44 AM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  November 21, 2016 at 07:58:50 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-wait-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
--- a/Show More
+++ b/Show More
`@ -1 +1 @@`
	`* Generated 2016-05-19 06:35:34 UTC diff_ignore_line`	`* Generated 2016-11-09 11:39:28 UTC diff_ignore_line`