| [chrony-dev] [GIT] chrony/chrony.git branch master updated. 4.0-pre3-19-gc0b19b3 |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
This is an automated email from git. It was generated because a ref
change was pushed to the "chrony/chrony.git" repository.
The branch, master has been updated
via c0b19b3fea0c18a7a64672aea82ba4afb6835ab3 (commit)
via 8235da68855314b5e2af2fd3c4e19f75b957fc11 (commit)
via f6625717cdb00c7d7039debaf03ee4f166a1b333 (commit)
via fdfcabd79bd3a6a8377e7d5f608d79d6a1ba4313 (commit)
via 2bb88b45c621368513a76686d7adf48298c1d057 (commit)
via 9820c22c1d6aa78575cd23dec191a1564dc7d337 (commit)
via bcd7bad467a83bfdc9805f8d7e2d4328a0834121 (commit)
via 83ea9fe284c75f96ce07fe5fa3186edbf5445cf7 (commit)
via c74d6e458dfb57f30672190c2f826218f097b358 (commit)
via ff466439fc22d6a47594f5dda33a5bdb726e92b8 (commit)
via 0fcdf4389b8fab4eab53f4e3ea14fc0e2a996d67 (commit)
via 9cb9021c8774e865d0ea669583ec5b252bf1eaea (commit)
via 9c36236742f9578f51acb2f914bb5f29e0a5c717 (commit)
from adebb027be5d091cf3368ec27689e7bdc288095e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c0b19b3fea0c18a7a64672aea82ba4afb6835ab3
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Thu Sep 10 15:04:27 2020 +0200
doc: improve chrony.conf man page
commit 8235da68855314b5e2af2fd3c4e19f75b957fc11
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Thu Sep 10 14:16:48 2020 +0200
doc: improve chronyc man page
commit f6625717cdb00c7d7039debaf03ee4f166a1b333
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Thu Sep 10 11:53:42 2020 +0200
test: improve ntp_core unit test
commit fdfcabd79bd3a6a8377e7d5f608d79d6a1ba4313
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Thu Sep 10 10:22:27 2020 +0200
ntp: drop support for long NTPv4 MACs
Don't accept NTPv4 packets which have a MAC longer than 24 octets to
strictly follow RFC 7822, which specifies the maximum length of a MAC
and the minimum length of the last extension field to avoid an ambiguity
in parsing of the packet.
This removes an ugly hack that was needed to accept packets that
contained one or more extension fields without a MAC, before RFC 7822
was written and NTP implementations started using truncated MACs.
The long MACs were used by chrony in versions 2.x when configured to
authenticate a server or peer with a key using a 256-bit or longer hash
(e.g. SHA256). For compatibility with chrony >= 4.0, these clients/peers
will need to have "version 3" added to the server/peer line in
chrony.conf.
commit 2bb88b45c621368513a76686d7adf48298c1d057
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Wed Sep 9 14:00:32 2020 +0200
siv: return error if key is not set
Avoid encryption or decryption using uninitialized data, or causing a
crash, if a key was not set for the SIV instance.
commit 9820c22c1d6aa78575cd23dec191a1564dc7d337
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Wed Sep 9 09:43:01 2020 +0200
nts: improve NTP client code
Reset the client instance more thoroughly and make sure the
nonce cannot be reused.
commit bcd7bad467a83bfdc9805f8d7e2d4328a0834121
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Wed Sep 9 08:36:59 2020 +0200
client: improve help message for sources command
commit 83ea9fe284c75f96ce07fe5fa3186edbf5445cf7
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Tue Sep 8 11:17:48 2020 +0200
cmdmon: rename status constants
Change the naming of reported selection status in the sources report to
better match the internal status.
commit c74d6e458dfb57f30672190c2f826218f097b358
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Tue Sep 8 10:45:24 2020 +0200
sources: don't report untrusted sources as selectable
Show untrusted sources with the '?' symbol instead of '-' to make them
consistent with not selectable and selectable sources in the selectdata
description.
commit ff466439fc22d6a47594f5dda33a5bdb726e92b8
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Tue Sep 8 09:45:13 2020 +0200
configure: fix building with -NTP -CMDMON +SCFILTER
Don't enable privileged operations using the nameserv code unless
NTP is enabled.
commit 0fcdf4389b8fab4eab53f4e3ea14fc0e2a996d67
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Tue Sep 8 09:41:12 2020 +0200
nts: log early client NTS-KE socket errors
Log an error message when SCK_OpenTcpSocket() fails in the NTS-KE
client, e.g. when connect() fails due to the port not being allowed in
the SELinux policy.
commit 9cb9021c8774e865d0ea669583ec5b252bf1eaea
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Mon Sep 7 10:45:03 2020 +0200
cmdmon: remove unused test code
commit 9c36236742f9578f51acb2f914bb5f29e0a5c717
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date: Mon Sep 7 10:42:33 2020 +0200
cmdmon: check response length before sending
Before sending a cmdmon response, make sure it is not longer than the
request to avoid amplification in case the response/padding length is
incorrectly specified for a request.
-----------------------------------------------------------------------
Summary of changes:
candm.h | 8 +--
client.c | 12 ++---
cmdmon.c | 46 +++++++---------
configure | 10 ++--
doc/chrony.conf.adoc | 118 +++++++++++++++++++++++++++++-------------
doc/chronyc.adoc | 56 ++++++++++++--------
ntp_auth.c | 17 +-----
ntp_core.c | 12 ++---
nts_ke_client.c | 10 ++--
nts_ntp_client.c | 29 +++++++----
reports.h | 9 +++-
siv_gnutls.c | 6 +++
siv_nettle.c | 10 ++++
sources.c | 9 ++--
stubs.c | 2 +-
test/compilation/001-features | 3 ++
test/unit/ntp_core.c | 61 ++++++++++++++++------
test/unit/siv.c | 11 ++++
18 files changed, 267 insertions(+), 162 deletions(-)
hooks/post-receive
--
chrony/chrony.git
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.