r5 - 2009-04-28 - 10:35:30 - VitorBaptistaYou are here: NTP >  Dev Web > GoogleSummerOfCode > GSoC2009AutomatedBuildFramework
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Automated Build Framework (GSoC 2009)


The Automated Build Framework (ABF) aims to minimize the problem faced by NTP (and many other projects) in building the software in as many different operating systems and architectures as possible, by providing a way where anyone could download a daemon, which regularly monitors if a new version of the software was launched, downloads, compile and send the (compile) log back the developers.

Benefits to the NTP Community

When finished, NTP's developers could guarantee that the changes made to each new version don't breaks the compile procedures against lots of different operating systems and architectures. Something that would be very difficult (nearly impossible) to do without this system (and many volunteers).

Project Details

The Automated Build Framework will use a server-client architecture.

The server consists of a webpage where the user could register and download a pre-compiled daemon for his/her operating system and architecture. It will have a way to receive compile logs, sent either manually or by the client, and an administrative interface where you could check the results sent grouped by OS and architecture.

The client will run in background in the volunteer's machine regularly checking for new NTP versions. Once found, it will be downloaded, compiled with low priority, so the user will not have a noticeable loss in performance, and the resulting log sent back to NTP's servers. This system could be useful to other projects. So it will be done, where possible, in a software agnostic way.


Date Task Description % Done
090420   Accepted student proposals announced on the Google Summer of Code 2009 site. DONE
090522 Community Bonding Students get to know mentors, read documentation, get up to speed to begin working on their projects.  
090523 Coding begins Students begin coding for their GSoC projects  
090707 Start mid-term evaluations Mentors and students can begin submitting mid-term evaluations.  
090713 Mid-term evaluations Mid-term evaluations deadline  
090810 Wrap-up Suggested 'pencils down' date. Take a week to scrub code, write tests, improve documentation, etc.  
090817 Firm 'pencils down' date. Mentors, students and organization administrators can begin submitting final evaluations to Google.  
090824 Final evaluation Final evaluation deadline  
090903 Code samples Students can begin submitting required code samples to Google  


  • Requirements document: details, in a high abstraction level, the features to be implemented;
  • Architecture document: contains the technical solution to implement the defined requirements;
  • ABF server;
  • ABF client for GNU/Linux and Windows.

Discussion and Comments

We want the "client" code to be as portable as possible, as one goal of this project is to make it easy to run builds on many different platforms.

-- HarlanStenn - 23 Apr 2009

It would be nice if we could run "hook" or "trigger" scripts at the end of a run. For example, at ntp.org we have machines where we want to run the latest -dev code if it compiles. Other folks might want to also run make test and report those results separately from the build reports.

-- HarlanStenn - 23 Apr 2009

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r5 < r4 < r3 < r2 < r1 | More topic actions
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback