[chrony-dev] [GIT] chrony/chrony.git branch, master, updated. 2.2-14-gd28d644

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]

This is an automated email from git. It was enerated because a ref
change was pushed to the repository "chrony/chrony.git".

The branch, master has been updated
       via  d28d644b04743a3a6c1c889a67efa33a6f7b2156 (commit)
       via  a634fd3a2d087f83ced70cae12068e9afd4391e3 (commit)
       via  045794df4c1fb6ce582b300c0eb0d968fadd2eb5 (commit)
       via  dfc96e4702164a5daa0e8d554d419843b10f353c (commit)
       via  8225bf01f7eec88df8a6399767903bc342058ce6 (commit)
       via  116c6972827819bbff03a1bc32363f56bc8b9290 (commit)
       via  6199a89170273c507df58cec136040f8805ab799 (commit)
       via  cbd77c9752a9fc65e6fa885e3cf8def72cad09a1 (commit)
       via  df9b5d8c22ece5bca2fea8ace79f177e6ac8d8e7 (commit)
       via  66d534417b2dc9960ec8d3cfee28afb01d885414 (commit)
       via  8803ab27c628eed3e4205131a8dba77490e9ecbe (commit)
       via  38910424f28727e9c99dcf0430adb6545a53f474 (commit)
       via  0076458e9d03365d667db6ef6c797cccc8d443a9 (commit)
       via  bdb1650ed81570e36238e9f09892525acf0a1373 (commit)
      from  a030ed4f396215a239d7c67c8e1a998abd221bbe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d28d644b04743a3a6c1c889a67efa33a6f7b2156
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Mon Nov 16 15:21:32 2015 +0100

    ntp: ignore poll in KoD RATE packets
    The meaning of the poll value in KoD RATE packets is not currently
    defined in the NTP specification (RFC 5905). In the reference NTP
    implementation it signals the minimum acceptable polling interval to the
    clients. In chrony the minimum poll is set to the KoD RATE poll if it's
    larger, but not to a larger value than 10.
    The problem is that ntpd as a server sets the KoD RATE poll to the
    maximum of the client's poll and the configured rate limiting interval.
    An attacker can send a burst of spoofed packets to the server to trigger
    the client's request rate limit. When the client sends its next request
    and the server responds with a KoD RATE packet, the client will set its
    minimum poll to the current poll and it will no longer be able to switch
    to a shorter poll when needed.
    ntpd could be fixed to always set the KoD RATE poll to the rate limiting
    interval. Unfortunately, ntpd as a client seems to depend on the current
    behavior. It tries to follow the server poll and if the KoD RATE poll
    was shorter than the current poll, the polling interval would be
    reduced, defeating the purpose of KoD RATE. The server fix will probably
    need to wait until clients are fixed and that could take a very long
    For now, ignore the poll value in KoD RATE packets. Just add an extra
    delay based on the current poll to the next transmit timeout and stop an
    ongoing burst.

commit a634fd3a2d087f83ced70cae12068e9afd4391e3
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Mon Nov 16 14:50:57 2015 +0100

    doc: update description of offline command
    Reachability and online/offline mode has no effect on source selection
    since version 2.0.

commit 045794df4c1fb6ce582b300c0eb0d968fadd2eb5
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Mon Nov 16 12:28:42 2015 +0100

    ntp: adjust initial delay for polling interval
    First packet after setting a source to online was sent with constant
    delay (0.2s). If the period in which the source was offline was shorter
    than the current polling interval, the new packet was sent sooner than
    it would be if the source wasn't switched to offline and back.
    Don't reset the local tx timestamp when mode is changed. When starting
    the initial transmit timeout, adjust the delay to make the interval
    between the two packets at least as long as the current polling

commit dfc96e4702164a5daa0e8d554d419843b10f353c
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Fri Nov 13 16:08:02 2015 +0100

    sched: update timeout randomization
    Use UTI_GetRandomBytes() instead of random() to calculate the random
    part of the timeout. This was the only remaining use of random() in the
    code and the srandom() call can be removed.

commit 8225bf01f7eec88df8a6399767903bc342058ce6
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Nov 10 17:59:49 2015 +0100

    ntp: don't reveal local clock in client packets
    In client packets set the leap, stratum, reference ID, reference time,
    root delay and root dispersion to constant values to not reveal the
    state of the synchronization. Use precision 32 to make the receive and
    transmit timestamps completely random and not reveal the local time.

commit 116c6972827819bbff03a1bc32363f56bc8b9290
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Nov 10 17:26:59 2015 +0100

    util: rework timestamp fuzzing
    Use UTI_GetRandomBytes() instead of random() to generate random bits
    below precision. Save the result in NTP_int64 in the network order and
    allow precision in the full range from -32 to 32. With precision 32
    the fuzzing now makes the timestamp completely random and can be used to
    hide the time.

commit 6199a89170273c507df58cec136040f8805ab799
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Nov 10 16:46:40 2015 +0100

    util: add function to generate random bytes
    Add a function to fill a buffer with random bytes which uses a better
    PRNG than random(). Use arc4random() if it's available on the system.
    Fall back to reading from /dev/urandom, which should be available on
    all currently supported systems.

commit cbd77c9752a9fc65e6fa885e3cf8def72cad09a1
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Nov 5 16:43:40 2015 +0100

    ntp: don't keep client sockets open for longer than necessary
    After sending a client packet, schedule a timeout to close the socket
    at the time when all server replies would fail the delay test, so the
    socket is not open for longer than necessary (e.g. when the server is
    unreachable). With the default maxdelay of 3 seconds the timeout is 7

commit df9b5d8c22ece5bca2fea8ace79f177e6ac8d8e7
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Nov 4 15:47:40 2015 +0100

    ntp: check remote interval in client mode
    For testA in the client mode require also that the time the server
    needed to process the client request is not longer than 4 seconds.
    With maximum peer delay this limits the interval in which the client can
    accept a server reply.

commit 66d534417b2dc9960ec8d3cfee28afb01d885414
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Nov 5 13:14:57 2015 +0100

    sched: use shorter data type for timeout IDs

commit 8803ab27c628eed3e4205131a8dba77490e9ecbe
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Nov 10 14:29:52 2015 +0100

    sched: don't allow SCH_RemoveTimeout() with invalid non-zero ID

commit 38910424f28727e9c99dcf0430adb6545a53f474
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Nov 10 14:41:19 2015 +0100

    sched: don't return currently used timeout ID
    To avoid problems in the very unlikely case where a timeout is so long
    and new IDs are allocated so frequently that they would have a chance
    to overflow and catch up with it, make sure before returning new ID that
    it's currently not in use.

commit 0076458e9d03365d667db6ef6c797cccc8d443a9
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Nov 5 14:29:11 2015 +0100

    sched: always return non-zero timeout ID
    Timeout ID of zero can be now safely used to indicate that the timer is
    not running. Remove the extra timer_running variables that were
    necessary to track that.

commit bdb1650ed81570e36238e9f09892525acf0a1373
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Nov 4 14:53:00 2015 +0100

    sys_linux: allow more syscalls in seccomp filter
    These seem to be needed by getaddrinfo() in default NSS configuration
    on recent Fedora.


Summary of changes:
 chrony.texi.in |   12 +---
 configure      |    4 ++
 ntp_core.c     |  194 +++++++++++++++++++++++++++++++++-----------------------
 reference.c    |   26 +++-----
 rtc_linux.c    |   24 ++-----
 sched.c        |   39 ++++++++++--
 sched.h        |    3 +-
 sys_generic.c  |   17 ++---
 sys_linux.c    |   12 ++--
 sys_macosx.c   |    6 +-
 util.c         |   61 +++++++++++++-----
 util.h         |    9 ++-
 12 files changed, 238 insertions(+), 169 deletions(-)


To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/