[chrony-dev] [GIT] chrony/chrony.git branch master updated. 4.0-35-g26ce610

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


This is an automated email from git. It was generated because a ref
change was pushed to the "chrony/chrony.git" repository.

The branch, master has been updated
       via  26ce610155d0bf856ea592389f602a9182b727fc (commit)
       via  316d47e3b40c28c9d6e38fe18900b7828f497649 (commit)
       via  90557cf1babe6830bf775cdfb96f3e49ad4c555d (commit)
       via  80e627c86ba9927801a4c08f0fe12dd3a3d8bd81 (commit)
       via  0e4995e10b71c2de7df7ef1464bd1e3c33464651 (commit)
       via  a598983f9b59de2303755850594e831e2f440eef (commit)
       via  27641876c57348e700acc31ef618723a19e4502e (commit)
       via  4d139eeca6579975ddae1f3f2bf7f67c1d625511 (commit)
       via  3f2806c19c7e0c7bd5cae6e8f5104a4d9c156c66 (commit)
       via  e297df78e4a49b52b56a046d80459e1fde8c8960 (commit)
       via  c1d56ede3ffb4c49bc0b73a0a0d81ba0f3bbca1f (commit)
       via  2e52aca3bf99b316fe78e6ac17d14838c3e8c86a (commit)
       via  b0fc5832f4bac39e879495a7e2f8c0268fb83cdb (commit)
      from  cf6af112e100afaa496ea21cd0b50f25233b3e03 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 26ce610155d0bf856ea592389f602a9182b727fc
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Feb 11 15:43:49 2021 +0100

    nts: allow ntstrustedcerts to specify directory
    
    If the specified path is a directory, load all certificates in the
    directory.

commit 316d47e3b40c28c9d6e38fe18900b7828f497649
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Feb 11 12:20:59 2021 +0100

    nts: allow multiple files with trusted certificates
    
    Allow the ntstrustedcerts directive to be specified multiple times.

commit 90557cf1babe6830bf775cdfb96f3e49ad4c555d
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Feb 11 12:26:35 2021 +0100

    nts: allow multiple server keys and certificates
    
    Allow the ntsservercert and ntsserverkey directives to be specified
    multiple times to enable the NTS-KE server to operate under multiple
    names.

commit 80e627c86ba9927801a4c08f0fe12dd3a3d8bd81
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Feb 11 11:05:25 2021 +0100

    nts: define type for credentials
    
    Add a NKSN_Credentials type to avoid referring to it as void *.

commit 0e4995e10b71c2de7df7ef1464bd1e3c33464651
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Thu Feb 11 10:52:06 2021 +0100

    nts: split creating server and client credentials

commit a598983f9b59de2303755850594e831e2f440eef
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Feb 10 12:16:18 2021 +0100

    client: fix sourcename command to accept ID addresses
    
    Fix the command to print the name corresponding to an unresolved
    address.

commit 27641876c57348e700acc31ef618723a19e4502e
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Feb 10 13:35:51 2021 +0100

    ntp: simplify NSR_Finalise()

commit 4d139eeca6579975ddae1f3f2bf7f67c1d625511
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Feb 10 13:21:37 2021 +0100

    ntp: limit number of sources
    
    Don't rely on assertions and running out of memory to terminate if
    an extremely large number of sources is added. Set the maximum number
    to 65536 to have a practical limit where chronyd still has a chance to
    appear functional with some operations having a quadratic time
    complexity.

commit 3f2806c19c7e0c7bd5cae6e8f5104a4d9c156c66
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Feb 10 16:15:15 2021 +0100

    nts: reset NTP address/port if removed in NTS-KE
    
    When an NTS-KE server stops providing the NTP address or port, change
    them to the original values to avoid the client getting stuck
    with a non-responding address/port.

commit e297df78e4a49b52b56a046d80459e1fde8c8960
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Wed Feb 10 12:23:13 2021 +0100

    nts: load cookies early
    
    Instead of waiting for the first request, try to load the cookies as
    soon as the instance is created, or the NTS address is changed.
    
    This enables loading of dump files for servers that are negotiated in
    NTS-KE.

commit c1d56ede3ffb4c49bc0b73a0a0d81ba0f3bbca1f
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Feb 9 17:40:17 2021 +0100

    nts: rework update of NTP server address
    
    In the NTS-NTP client instance, maintain a local copy of the NTP address
    instead of using a pointer to the NCR's address, which may change at
    unexpected times.
    
    Also, change the NNC_CreateInstance() to accept only the NTP port to
    make it clear the initial NTP address is the same as the NTS-KE address
    and to make it consistent with NNC_ChangeAddress(), which accepts only
    one address.

commit 2e52aca3bf99b316fe78e6ac17d14838c3e8c86a
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Feb 9 16:06:36 2021 +0100

    ntp: avoid recursive update of address
    
    Allow NSR_UpdateSourceNtpAddress() to be (indirectly) called from
    NCR_CreateInstance() and NCR_ChangeRemoteAddress(). In these cases, save
    the addresses and make the update later when the function calls return.

commit b0fc5832f4bac39e879495a7e2f8c0268fb83cdb
Author: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
Date:   Tue Feb 9 13:07:37 2021 +0100

    ntp: require port match in address update
    
    In NSR_UpdateSourceNtpAddress() and other updates of the address require
    that the old port matches the current source's port.

-----------------------------------------------------------------------

Summary of changes:
 client.c                   |  2 +-
 conf.c                     | 79 ++++++++++++++++++++++++++++-----------
 conf.h                     |  5 +--
 doc/chrony.conf.adoc       | 19 +++++++---
 ntp_auth.c                 |  4 +-
 ntp_auth.h                 |  2 +-
 ntp_core.c                 |  3 +-
 ntp_sources.c              | 92 ++++++++++++++++++++++++++++++++++++++++------
 ntp_sources.h              |  3 +-
 nts_ke_client.c            |  8 +++-
 nts_ke_server.c            | 17 ++++-----
 nts_ke_session.c           | 69 +++++++++++++++++++++++++---------
 nts_ke_session.h           | 15 +++++---
 nts_ntp_client.c           | 36 ++++++++++--------
 nts_ntp_client.h           |  2 +-
 nts_ntp_server.c           |  4 +-
 stubs.c                    |  2 +-
 test/unit/ntp_auth.c       |  2 +-
 test/unit/nts_ke_session.c | 10 +++--
 test/unit/nts_ntp_client.c |  2 +-
 20 files changed, 270 insertions(+), 106 deletions(-)


hooks/post-receive
-- 
chrony/chrony.git

-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/