Cross Reference: /netbsd-current/external/bsd/ntp/dist/ntpd/invoke-ntp.conf.texi

History log of /netbsd-current/external/bsd/ntp/dist/ntpd/invoke-ntp.conf.texi
Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
Revision tags: ntp-4-2-8p15
# 1.1.1.14	09-Oct-2022	christos	(4.2.8p15) 2020/06/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3661] memory leak with AES128CMAC keys <perlinger@ntp.org> * [Bug 3670] Regression from bad merge of 3592 and 3596 <perlinger@ntp.org> - fixed a bad merge that happened before 4.2.8-p14. Thanks to Sylar Tao for noticing this! * [Bug 3667] decodenetnum fails with numeric port <perlinger@ntp.org> - rewrite 'decodenetnum()' in terms of inet_pton * [Bug 3666] avoid unlimited receive buffer allocation <perlinger@ntp.org> - limit number of receive buffers, with an iron reserve for refclocks * [Bug 3664] Enable openSSL CMAC support on Windows <burnicki@ntp.org> * [Bug 3662] Fix build errors on Windows with VS2008 <burnicki@ntp.org> * [Bug 3660] Manycast orphan mode startup discovery problem. <stenn@ntp.org> - integrated patch from Charles Claggett * [Bug 3659] Move definition of psl[] from ntp_config.h to ntp_config.h <perlinger@ntp.org> * [Bug 3657] Wrong "Autokey group mismatch" debug message <perlinger@ntp.org> * [Bug 3655] ntpdc memstats hash counts <perlinger@ntp.org> - fix by Gerry garvey * [Bug 3653] Refclock jitter RMS calculation <perlinger@ntp.org> - thanks to Gerry Garvey * [Bug 3646] Avoid sync with unsync orphan <perlinger@ntp.org> - patch by Gerry Garvey * [Bug 3644] Unsynchronized server [...] selected as candidate <perlinger@ntp.org> * [Bug 3639] refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply. <abe@ntp.org> - applied patch by Takao Abe
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base ntp-4-2-8p14
# 1.1.1.13	25-May-2020	christos	(4.2.8p14) 2020/03/03 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3610] process_control() should bail earlier on short packets. stenn@ - Reported by Philippe Antoine * [Sec 3596] Highly predictable timestamp attack. <stenn@ntp.org> - Reported by Miroslav Lichvar * [Sec 3592] DoS attack on client ntpd <perlinger@ntp.org> - Reported by Miroslav Lichvar * [Bug 3637] Emit the version of ntpd in saveconfig. stenn@ * [Bug 3636] NMEA: combine time/date from multiple sentences <perlinger@ntp.org> * [Bug 3635] Make leapsecond file hash check optional <perlinger@ntp.org> * [Bug 3634] Typo in discipline.html, reported by Jason Harrison. stenn@ * [Bug 3628] raw DCF decoding - improve robustness with Zeller's congruence - implement Zeller's congruence in libparse and libntp <perlinger@ntp.org> * [Bug 3627] SIGSEGV on FreeBSD-12 with stack limit and stack gap <perlinger@ntp.org> - integrated patch by Cy Schubert * [Bug 3620] memory leak in ntpq sysinfo <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3619] Honour drefid setting in cooked mode and sysinfo <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3617] Add support for ACE III and Copernicus II receivers <perlinger@ntp.org> - integrated patch by Richard Steedman * [Bug 3615] accelerate refclock startup <perlinger@ntp.org> * [Bug 3613] Propagate noselect to mobilized pool servers <stenn@ntp.org> - Reported by Martin Burnicki * [Bug 3612] Use-of-uninitialized-value in receive function <perlinger@ntp.org> - Reported by Philippe Antoine * [Bug 3611] NMEA time interpreted incorrectly <perlinger@ntp.org> - officially document new "trust date" mode bit for NMEA driver - restore the (previously undocumented) "trust date" feature lost with [bug 3577] * [Bug 3609] Fixing wrong falseticker in case of non-statistic jitter <perlinger@ntp.org> - mostly based on a patch by Michael Haardt, implementing 'fudge minjitter' * [Bug 3608] libparse fails to compile on S11.4SRU13 and later <perlinger@ntp.org> - removed ffs() and fls() prototypes as per Brian Utterback * [Bug 3604] Wrong param byte order passing into record_raw_stats() in ntp_io.c <perlinger@ntp.org> - fixed byte and paramter order as suggested by wei6410@sina.com * [Bug 3601] Tests fail to link on platforms with ntp_cv_gc_sections_runs=no <perlinger@ntp.org> * [Bug 3599] Build fails on linux-m68k due to alignment issues <perlinger@ntp.org> - added padding as suggested by John Paul Adrian Glaubitz * [Bug 3594] ntpd discards messages coming through nmead <perlinger@ntp.org> * [Bug 3593] ntpd discards silently nmea messages after the 5th string <perlinger@ntp.org> * [Bug 3590] Update refclock_oncore.c to the new GPS date API <perlinger@ntp.org> * [Bug 3585] Unity tests mix buffered and unbuffered output <perlinger@ntp.org> - stdout+stderr are set to line buffered during test setup now * [Bug 3583] synchronization error <perlinger@ntp.org> - set clock to base date if system time is before that limit * [Bug 3582] gpsdjson refclock fudgetime1 adjustment is doubled <perlinger@ntp.org> * [Bug 3580] Possible bug ntpq-subs (NULL dereference in dogetassoc) <perlinger@ntp.org> - Reported by Paulo Neves * [Bug 3577] Update refclock_zyfer.c to the new GPS date API <perlinger@ntp.org> - also updates for refclock_nmea.c and refclock_jupiter.c * [Bug 3576] New GPS date function API <perlinger@ntp.org> * [Bug 3573] nptdate: missleading error message <perlinger@ntp.org> * [Bug 3570] NMEA driver docs: talker ID not mentioned, typo <perlinger@ntp.org> * [Bug 3569] cleanup MOD_NANO/STA_NANO handling for 'ntpadjtimex()' <perlinger@ntp.org> - sidekick: service port resolution in 'ntpdate' * [Bug 3550] Reproducible build: Respect SOURCE_DATE_EPOCH <perlinger@ntp.org> - applied patch by Douglas Royds * [Bug 3542] ntpdc monlist parameters cannot be set <perlinger@ntp.org> * [Bug 3533] ntpdc peer_info ipv6 issues <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3531] make check: test-decodenetnum fails <perlinger@ntp.org> - try to harden 'decodenetnum()' against 'getaddrinfo()' errors - fix wrong cond-compile tests in unit tests * [Bug 3517] Reducing build noise <perlinger@ntp.org> * [Bug 3516] Require tooling from this decade <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3515] Refactor ntpdmain() dispatcher loop and group common code <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3511] Get rid of AC_LANG_SOURCE() warnings <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3510] Flatten out the #ifdef nesting in ntpdmain() <perlinger@ntp.org> - partial application of patch by Philipp Prindeville * [Bug 3491] Signed values of LFP datatypes should always display a sign - applied patch by Gerry Garvey & fixed unit tests <perlinger@ntp.org> * [Bug 3490] Patch to support Trimble Resolution Receivers <perlinger@ntp.org> - applied (modified) patch by Richard Steedman * [Bug 3473] RefID of refclocks should always be text format <perlinger@ntp.org> - applied patch by Gerry Garvey (with minor formatting changes) * [Bug 3132] Building 4.2.8p8 with disabled local libopts fails <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3094] ntpd trying to listen for broadcasts on a completely ipv6 network <perlinger@ntp.org> * [Bug 2420] ntpd doesn't run and exits with retval 0 when invalid user is specified with -u <perlinger@ntp.org> - monitor daemon child startup & propagate exit codes * [Bug 1433] runtime check whether the kernel really supports capabilities - (modified) patch by Kurt Roeckx <perlinger@ntp.org> * Clean up sntp/networking.c:sendpkt() error message. <stenn@ntp.org> * Provide more detail on unrecognized config file parser tokens. <stenn@ntp.org> * Startup log improvements. <stenn@ntp.org> * Update the copyright year. * html/confopt.html: cleanup. <stenn@ntp.org> --- (4.2.8p13) 2019/03/07 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3565] Crafted null dereference attack in authenticated mode 6 packet <perlinger@ntp.org> - reported by Magnus Stubman * [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org> - applied patch by Ian Lepore * [Bug 3558] Crash and integer size bug <perlinger@ntp.org> - isolate and fix linux/windows specific code issue * [Bug 3556] ntp_loopfilter.c snprintf compilation warnings <perlinger@ntp.org> - provide better function for incremental string formatting * [Bug 3555] Tidy up print alignment of debug output from ntpdate <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3554] config revoke stores incorrect value <perlinger@ntp.org> - original finding by Gerry Garvey, additional cleanup needed * [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org> - patch by Christous Zoulas * [Bug 3548] Signature not verified on windows system <perlinger@ntp.org> - finding by Chen Jiabin, plus another one by me * [Bug 3541] patch to fix STA_NANO struct timex units <perlinger@ntp.org> - applied patch by Maciej Szmigiero * [Bug 3540] Cannot set minsane to 0 anymore <perlinger@ntp.org> - applied patch by Andre Charbonneau * [Bug 3539] work_fork build fails when droproot is not supported <perlinger@ntp.org> - applied patch by Baruch Siach * [Bug 3538] Build fails for no-MMU targets <perlinger@ntp.org> - applied patch by Baruch Siach * [Bug 3535] libparse won't handle GPS week rollover <perlinger@ntp.org> - refactored handling of GPS era based on 'tos basedate' for parse (TSIP) and JUPITER clocks * [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra) <perlinger@ntp.org> - patch by Daniel J. Luke; this does not fix a potential linker regression issue on MacOS. * [Bug 3527 - Backward Incompatible] mode7 clockinfo fudgeval2 packet anomaly <perlinger@ntp.org>, reported by GGarvey. - --enable-bug3527-fix support by HStenn * [Bug 3526] Incorrect poll interval in packet <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. <perlinger@ntp.org> - added missing check, reported by Reinhard Max <perlinger@ntp.org> * [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64 - this is a variant of [bug 3558] and should be fixed with it * Implement --disable-signalled-io
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 ntp-4-2-8p12
# 1.1.1.12	29-Sep-2018	christos	--- (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability - fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC <perlinger@ntp.org> * [Sec 3012] noepeer tweaks. <stenn@ntp.org> * [Bug 3521] Fix a logic bug in the INVALIDNAK checks. <stenn@ntp.org> * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms - applied patch by Ian Lepore <perlinger@ntp.org> * [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org> - changed interaction with SCM to signal pending startup * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org> - rework of ntpq 'nextvar()' key/value parsing * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though * [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. HStenn. - add #define ENABLE_CMAC support in configure. HStenn. * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org> * [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger@ntp.org> - patch by Stephen Friedl * [Bug 3467] Potential memory fault in ntpq [...] <perlinger@ntp.org> - fixed IO redirection and CTRL-C handling in ntq and ntpdc * [Bug 3465] Default TTL values cannot be used <perlinger@ntp.org> * [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger@ntp.org> - initial patch by Hal Murray; also fixed refclock_report() trouble * [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph. <stenn@ntp.org> * [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer - According to Brooks Davis, there was only one location <perlinger@ntp.org> * [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3445] Symmetric peer won't sync on startup <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey, with modifications New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. * [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3426] ntpdate.html -t default is 2 seconds. Leonid Evdokimov. * [Bug 3121] Drop root privileges for the forked DNS worker <perlinger@ntp.org> - integrated patch by Reinhard Max * [Bug 2821] minor build issues <perlinger@ntp.org> - applied patches by Christos Zoulas, including real bug fixes * html/authopt.html: cleanup, from <stenn@ntp.org> * ntpd/ntpd.c: DROPROOT cleanup. <stenn@ntp.org> * Symmetric key range is 1-65535. Update docs. <stenn@ntp.org> * html/authentic.html: cleanup, from <stenn@ntp.org>
Revision tags: pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 ntp-4-2-8p11
# 1.1.1.11	07-Apr-2018	christos	branches: 1.1.1.11.2; --- * [Sec 3454] Unauthenticated packet can reset authenticated interleave associations. HStenn. * [Sec 3453] Interleaved symmetric mode cannot recover from bad state. HStenn. * [Sec 3415] Permit blocking authenticated symmetric/passive associations. Implement ippeerlimit. HStenn, JPerlinger. * [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits - initial patch by <stenn@ntp.org>, extended by <perlinger@ntp.org> * [Sec 3412] ctl_getitem(): Don't compare names past NUL. <perlinger@ntp.org> * [Sec 3012] Sybil vulnerability: noepeer support. HStenn, JPerlinger. * [Bug 3457] OpenSSL FIPS mode regression <perlinger@ntp.org> * [Bug 3455] ntpd doesn't use scope id when binding multicast <perlinger@ntp.org> - applied patch by Sean Haugh * [Bug 3452] PARSE driver prints uninitialized memory. <perlinger@ntp.org> * [Bug 3450] Dubious error messages from plausibility checks in get_systime() - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org> * [Bug 3447] AES-128-CMAC (fixes) <perlinger@ntp.org> - refactoring the MAC code, too * [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org * [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger@ntp.org> - applied patch by ggarvey * [Bug 3438] Negative values and values > 999 days in... <perlinger@ntp.org> - applied patch by ggarvey (with minor mods) * [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org> * [Bug 3435] anchor NTP era alignment <perlinger@ntp.org> * [Bug 3433] sntp crashes when run with -a. <stenn@ntp.org> * [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" - fixed several issues with hash algos in ntpd, sntp, ntpq, ntpdc and the test suites <perlinger@ntp.org> * [Bug 3424] Trimble Thunderbolt 1024 week millenium bug <perlinger@ntp.org> - initial patch by Daniel Pouzzner * [Bug 3423] QNX adjtime() implementation error checking is wrong <perlinger@ntp.org> * [Bug 3417] ntpq ifstats packet counters can be negative made IFSTATS counter quantities unsigned <perlinger@ntp.org> * [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 - raised receive buffer size to 1200 <perlinger@ntp.org> * [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static analysis tool. <abe@ntp.org> * [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. * [Bug 3404] Fix openSSL DLL usage under Windows <perlinger@ntp.org> - fix/drop assumptions on OpenSSL libs directory layout * [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation - initial patch by timeflies@mail2tor.com <perlinger@ntp.org> * [Bug 3398] tests fail with core dump <perlinger@ntp.org> - patch contributed by Alexander Bluhm * [Bug 3397] ctl_putstr() asserts that data fits in its buffer rework of formatting & data transfer stuff in 'ntp_control.c' avoids unecessary buffers and size limitations. <perlinger@ntp.org> * [Bug 3394] Leap second deletion does not work on ntpd clients - fixed handling of dynamic deletion w/o leap file <perlinger@ntp.org> * [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size - increased mimimum stack size to 32kB <perlinger@ntp.org> * [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 <perlinger@ntp.org> - reverted handling of PPS kernel consumer to 4.2.6 behavior * [Bug 3365] Updates driver40(-ja).html and miscopt.html <abe@ntp.org> * [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. * [Bug 3016] wrong error position reported for bad ":config pool" - fixed location counter & ntpq output <perlinger@ntp.org> * [Bug 2900] libntp build order problem. HStenn. * [Bug 2878] Tests are cluttering up syslog <perlinger@ntp.org> * [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, perlinger@ntp.org * [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. * [Bug 948] Trustedkey config directive leaks memory. <perlinger@ntp.org> * Use strlcpy() to copy strings, not memcpy(). HStenn. * Typos. HStenn. * test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. * refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. * Build ntpq and libntpq.a with NTP_HARD_FLAGS. perlinger@ntp.org Fix trivial warnings from 'make check'. perlinger@ntp.org * Fix bug in the override portion of the compiler hardening macro. HStenn. * record_raw_stats(): Log entire packet. Log writes. HStenn. * AES-128-CMAC support. BInglis, HStenn, JPerlinger. * sntp: tweak key file logging. HStenn. * sntp: pkt_output(): Improve debug output. HStenn. * update-leap: updates from Paul McMath. * When using pkg-config, report --modversion. HStenn. * Clean up libevent configure checks. HStenn. * sntp: show the IP of who sent us a crypto-NAK. HStenn. * Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. * authistrustedip() - use it in more places. HStenn, JPerlinger. * New sysstats: sys_lamport, sys_tsrounding. HStenn. * Update ntp.keys .../N documentation. HStenn. * Distribute testconf.yml. HStenn. * Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. * Rename the configuration flag fifo variables. HStenn. * Improve saveconfig output. HStenn. * Decode restrict flags on receive() debug output. HStenn. * Decode interface flags on receive() debug output. HStenn. * Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. * Update the documentation in ntp.conf.def . HStenn. * restrictions() must return restrict flags and ippeerlimit. HStenn. * Update ntpq peer documentation to describe the 'p' type. HStenn. * Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. * Provide dump_restricts() for debugging. HStenn. * Use consistent 4th arg type for [gs]etsockopt. JPerlinger. * Some tests might need LIBM. HStenn. * update-leap: Allow -h/--help early. HStenn.
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 ntp-4-2-8p10
# 1.1.1.10	13-Apr-2017	christos	branches: 1.1.1.10.4; 1.1.1.10.10; Import ntp 4.2.8p10
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 ntp-4-2-8p9
# 1.1.1.9	22-Nov-2016	christos	branches: 1.1.1.9.2; (4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3119] Trap crash <perlinger@ntp.org> * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org> - TRAP config via mode 6 packet requires AUTH now. * [Sec 3114] Broadcast Mode Replay Prevention DoS - applied patches by Matthew Van Gundy. <perlinger@ntp.org> - with bcpollbstep, tweaks and cleanup by stenn@ntp.org * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org> - applied fix as suggested by Matthew Van Gundy * [Sec 3110] Windows: ntpd DoS by oversized UDP packet - fixed error handling for truncated UDP packets. <perlinger@ntp.org> * [Sec 3102] Zero origin issues. HStenn. * [Sec 3082] null pointer dereference in _IO_str_init_static_internal() - more hardening to read_mru_list(). perlinger@ntp.org * [Sec 3072] Attack on interface selection <perlinger@ntp.org> - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion to skip interface updates based on incoming packets * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org> * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org * [Bug 3129] Unknown hosts can put resolver thread into a hard loop - moved retry decision where it belongs. <perlinger@ntp.org> * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order using the loopback-ppsapi-provider.dll <perlinger@ntp.org> * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org> * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org> - fixed extended sysvar lookup (bug introduced with bug 3008 fix) * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org> - applied patches by Kurt Roeckx <kurt@roeckx.be> to source - added shim layer for SSL API calls with issues (both directions) * [Bug 3089] Serial Parser does not work anymore for hopfser like device - simplified / refactored hex-decoding in driver. <perlinger@ntp.org> * [Bug 3084] update-leap mis-parses the leapfile name. HStenn. * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com> * [Bug 3067] Root distance calculation needs improvement. HStenn. * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org - PPS-HACK works again. * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org> - applied patch by Brian Utterback <brian.utterback@oracle.com> * [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. * [Bug 3050] Fix for bug #2960 causes [...] spurious error message. <perlinger@ntp.org> - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no> * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org - Patch provided by Kuramatsu. * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org> - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer and JPerlinger. * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org> - fixed GPS week expansion to work based on build date. Special thanks to Craig Leres for initial patch and testing. * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' - fixed Makefile.am <perlinger@ntp.org> * [Bug 2689] ATOM driver processes last PPS pulse at startup, even if it is very old <perlinger@ntp.org> - make sure PPS source is alive before processing samples - improve stability close to the 500ms phase jump (phase gate) * Fix typos in include/ntp.h. * Shim X509_get_signature_nid() if needed. * git author attribution cleanup * bk ignore file cleanup * remove locks in Windows IO, use rpc-like thread synchronisation instead
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8
# 1.1.1.8	03-Jun-2016	christos	branches: 1.1.1.8.2; Import ntp 4.2.8p8
Revision tags: ntp-4-2-8p7
# 1.1.1.7	01-May-2016	christos	--- (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn. * [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve time. Include passive servers in this check. HStenn. * [Sec 2945] Additional KoD packet checks. HStenn. * [Sec 2978] Interleave can be partially triggered. HStenn. * [Sec 3007] Validate crypto-NAKs. Danny Mayer. * [Sec 3008] Always check the return value of ctl_getitem(). - initial work by HStenn - Additional cleanup of ctl_getitem by perlinger@ntp.org * [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org - added more stringent checks on packet content * [Sec 3010] remote configuration trustedkey/requestkey values are not properly validated. perlinger@ntp.org - sidekick: Ignore keys that have an unsupported MAC algorithm but are otherwise well-formed * [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch - graciously accept the same IP multiple times. perlinger@ntp.org * [Sec 3020] Refclock impersonation. HStenn. * [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org - fixed yet another race condition in the threaded resolver code. * [Bug 2858] bool support. Use stdbool.h when available. HStenn. * [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org - integrated patches by Loganaden Velvidron <logan@ntp.org> with some modifications & unit tests * [Bug 2952] Symmetric active/passive mode is broken. HStenn. * [Bug 2960] async name resolution fixes for chroot() environments. Reinhard Max. * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org * [Bug 2995] Fixes to compile on Windows * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org * [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org - Patch provided by Ch. Weisgerber * [Bug 3015] ntpq: config-from-file: "request contains an unprintable character" - A change related to [Bug 2853] forbids trailing white space in remote config commands. perlinger@ntp.org * [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE - report and patch from Aleksandr Kostikov. - Overhaul of Windows IO completion port handling. perlinger@ntp.org * [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org - fixed memory leak in access list (auth[read]keys.c) - refactored handling of key access lists (auth[read]keys.c) - reduced number of error branches (authreadkeys.c) * [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org * [Bug 3030] ntpq needs a general way to specify refid output format. HStenn. * [Bug 3031] ntp broadcastclient unable to synchronize to an server when the time of server changed. perlinger@ntp.org - Check the initial delay calculation and reject/unpeer the broadcast server if the delay exceeds 50ms. Retry again after the next broadcast packet. * [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn. * Document ntp.key's optional IP list in authenetic.html. Harlan Stenn. * Update html/xleave.html documentation. Harlan Stenn. * Update ntp.conf documentation. Harlan Stenn. * Fix some Credit: attributions in the NEWS file. Harlan Stenn. * Fix typo in html/monopt.html. Harlan Stenn. * Add README.pullrequests. Harlan Stenn. * Cleanup to include/ntp.h. Harlan Stenn. --- (4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. * [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. * [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org * [Sec 2938] ntpq saveconfig command allows dangerous characters in filenames. perlinger@ntp.org * [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org * [Sec 2940] Stack exhaustion in recursive traversal of restriction list. perlinger@ntp.org * [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. * [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org * [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org * [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org * [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org - applied patch by shenpeng11@huawei.com with minor adjustments * [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org * [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org * [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build. perlinger@ntp.org - Found this already fixed, but validation led to cleanup actions. * [Bug 2905] DNS lookups broken. perlinger@ntp.org - added limits to stack consumption, fixed some return code handling * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * [Bug 2980] reduce number of warnings. perlinger@ntp.org - integrated several patches from Havard Eidnes (he@uninett.no) * [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org - implement 'auth_log2()' using integer bithack instead of float calculation * Make leapsec_query debug messages less verbose. Harlan Stenn. * Disable incomplete t-ntp_signd.c test. Harlan Stenn. ---
Revision tags: ntp-4-2-8p5
# 1.1.1.6	08-Jan-2016	christos	Import ntp 4.2.8p5
Revision tags: ntp-4-2-8p4
# 1.1.1.5	23-Oct-2015	christos	Import ntp 4.2.8p4
Revision tags: ntp-4-2-8p3
# 1.1.1.4	10-Jul-2015	christos	Import ntp 4.2.8p3
Revision tags: ntp-4-2-8p2
# 1.1.1.3	07-Apr-2015	christos	--- (4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org> (4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2763] Fix for different thresholds for forward and backward steps. --- (4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c. * [Bug 2769] New script: update-leap * [Bug 2769] cleannup for update-leap * [Bug 2788] New flag -G (force_step_once). * [Bug 2794] Clean up kernel clock status reports. * [Bug 2795] Cannot build without OpenSLL (on Win32). Provided a Win32 specific wrapper around libevent/arc4random.c. fixed some minor warnings. * [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32. * [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys on big-endian machines. * [Bug 2798] sntp should decode and display the leap indicator. * Simple cleanup to html/build.html --- (4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2794] Don't let reports on normal kernel status changes look like errors. * [Bug 2788] New flag -G (force_step_once). * [Bug 2592] Account for PPS sources which can provide an accurate absolute time stamp, and status information. Fixed indention and removed trailing whitespace. * [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003. * [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument. * [Bug 2346] "graceful termination" signals do not do peer cleanup. * [Bug 2728] See if C99-style structure initialization works. * [Bug 2747] Upgrade libevent to 2.1.5-beta. * [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. . * [Bug 2751] jitter.h has stale copies of l_fp macros. * [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM. * [Bug 2757] Quiet compiler warnings. * [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq. * [Bug 2763] Allow different thresholds for forward and backward steps. * [Bug 2766] ntp-keygen output files should not be world-readable. * [Bug 2767] ntp-keygen -M should symlink to ntp.keys. * [Bug 2771] nonvolatile value is documented in wrong units. * [Bug 2773] Early leap announcement from Palisade/Thunderbolt * [Bug 2774] Unreasonably verbose printout - leap pending/warning * [Bug 2775] ntp-keygen.c fails to compile under Windows. * [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info. Removed non-ASCII characters from some copyright comments. Removed trailing whitespace. Updated definitions for Meinberg clocks from current Meinberg header files. Now use C99 fixed-width types and avoid non-ASCII characters in comments. Account for updated definitions pulled from Meinberg header files. Updated comments on Meinberg GPS receivers which are not only called GPS16x. Replaced some constant numbers by defines from ntp_calendar.h Modified creation of parse-specific variables for Meinberg devices in gps16x_message(). Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates. Modified mbg_tm_str() which now expexts an additional parameter controlling if the time status shall be printed. * [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto. * [Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks. * [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE. * [Bug 2789] Quiet compiler warnings from libevent. * [Bug 2790] If ntpd sets the Windows MM timer highest resolution pause briefly before measuring system clock precision to yield correct results. * Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer. * Use predefined function types for parse driver functions used to set up function pointers. Account for changed prototype of parse_inp_fnc_t functions. Cast parse conversion results to appropriate types to avoid compiler warnings. Let ioctl() for Windows accept a (void ) to avoid compiler warnings when called with pointers to different types. --- (4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org> Update the NEWS file. * [Sec 2671] vallen in extension fields are not validated. --- (4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access rework: reverted sense of mode bit (so default reflects previous behaviour) and updated ducumentation. * [Bug 2732] - Leap second not handled correctly on Windows 8 use 'GetTickCount()' to get the true elapsed time of slew (This should work for all versions of Windows >= W2K) * [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate(). * [Bug 2739] Parse driver with PPS enabled occasionally evaluates PPS timestamp with wrong sign. Removed some German umlauts. * [Bug 2740] Removed some obsolete code from the parse driver. * [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus(). --- (4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org> * Start the RC for 4.2.8p1. * [Bug 2187] Update version number generation scripts. * [Bug 2617] Fix sntp Usage documentation section. * [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed... * [Bug 2736] Show error message if we cannot open the config file. * Copyright update. * Fix the package name. --- (4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2695] Windows build: __func__ not supported under Windows. * [Bug 2728] Work around C99-style structure initialization code for older compilers, specifically Visual Studio prior to VS2013. --- (4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org> * [Bug 1084] PPSAPI for ntpd on Windows with DLL backends * [Bug 2695] Build problem on Windows (sys/socket.h). * [Bug 2715] mdnstries option for ntp.conf from NetBSD. * Fix a regression introduced to timepps-Solaris.h as part of: [Bug 1206] Required compiler changes for Windows (4.2.5p181) 2009/06/06 --- (4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are always private. * [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems. * [Bug 2695] 4.2.8 does not build on Windows. * [bug 2700] mrulist stopped working in 4.2.8. * [Bug 2706] libparse/info_trimble.c build dependencies are broken. * [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD. * [Bug 2714] libevent may need to be built independently of any build of sntp. * [Bug 2715] mdnstries option for ntp.conf from NetBSD. --- (4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2674] Install sntp in sbin on NetBSD. * [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp. * [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c. * [Bug 2709] see if we have a C99 compiler (not yet required). --- (4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. * [Bug 2693] ntp-keygen doesn't build without OpenSSL. * [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes. * [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c. ---
Revision tags: ntp-4-2-8
# 1.1.1.2	19-Dec-2014	christos	branches: 1.1.1.2.2; 1.1.1.2.4; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.10; 1.1.1.2.12; Import ntp 4.2.8
Revision tags: tls-maxphys-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404
# 1.1.1.1	27-Dec-2013	christos	branches: 1.1.1.1.4; 1.1.1.1.6; 1.1.1.1.8; import devel ntpd to avoid amplification attacks.
Revision tags: ntp-4-2-8p14
# 1.1.1.13	25-May-2020	christos	(4.2.8p14) 2020/03/03 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3610] process_control() should bail earlier on short packets. stenn@ - Reported by Philippe Antoine * [Sec 3596] Highly predictable timestamp attack. <stenn@ntp.org> - Reported by Miroslav Lichvar * [Sec 3592] DoS attack on client ntpd <perlinger@ntp.org> - Reported by Miroslav Lichvar * [Bug 3637] Emit the version of ntpd in saveconfig. stenn@ * [Bug 3636] NMEA: combine time/date from multiple sentences <perlinger@ntp.org> * [Bug 3635] Make leapsecond file hash check optional <perlinger@ntp.org> * [Bug 3634] Typo in discipline.html, reported by Jason Harrison. stenn@ * [Bug 3628] raw DCF decoding - improve robustness with Zeller's congruence - implement Zeller's congruence in libparse and libntp <perlinger@ntp.org> * [Bug 3627] SIGSEGV on FreeBSD-12 with stack limit and stack gap <perlinger@ntp.org> - integrated patch by Cy Schubert * [Bug 3620] memory leak in ntpq sysinfo <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3619] Honour drefid setting in cooked mode and sysinfo <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3617] Add support for ACE III and Copernicus II receivers <perlinger@ntp.org> - integrated patch by Richard Steedman * [Bug 3615] accelerate refclock startup <perlinger@ntp.org> * [Bug 3613] Propagate noselect to mobilized pool servers <stenn@ntp.org> - Reported by Martin Burnicki * [Bug 3612] Use-of-uninitialized-value in receive function <perlinger@ntp.org> - Reported by Philippe Antoine * [Bug 3611] NMEA time interpreted incorrectly <perlinger@ntp.org> - officially document new "trust date" mode bit for NMEA driver - restore the (previously undocumented) "trust date" feature lost with [bug 3577] * [Bug 3609] Fixing wrong falseticker in case of non-statistic jitter <perlinger@ntp.org> - mostly based on a patch by Michael Haardt, implementing 'fudge minjitter' * [Bug 3608] libparse fails to compile on S11.4SRU13 and later <perlinger@ntp.org> - removed ffs() and fls() prototypes as per Brian Utterback * [Bug 3604] Wrong param byte order passing into record_raw_stats() in ntp_io.c <perlinger@ntp.org> - fixed byte and paramter order as suggested by wei6410@sina.com * [Bug 3601] Tests fail to link on platforms with ntp_cv_gc_sections_runs=no <perlinger@ntp.org> * [Bug 3599] Build fails on linux-m68k due to alignment issues <perlinger@ntp.org> - added padding as suggested by John Paul Adrian Glaubitz * [Bug 3594] ntpd discards messages coming through nmead <perlinger@ntp.org> * [Bug 3593] ntpd discards silently nmea messages after the 5th string <perlinger@ntp.org> * [Bug 3590] Update refclock_oncore.c to the new GPS date API <perlinger@ntp.org> * [Bug 3585] Unity tests mix buffered and unbuffered output <perlinger@ntp.org> - stdout+stderr are set to line buffered during test setup now * [Bug 3583] synchronization error <perlinger@ntp.org> - set clock to base date if system time is before that limit * [Bug 3582] gpsdjson refclock fudgetime1 adjustment is doubled <perlinger@ntp.org> * [Bug 3580] Possible bug ntpq-subs (NULL dereference in dogetassoc) <perlinger@ntp.org> - Reported by Paulo Neves * [Bug 3577] Update refclock_zyfer.c to the new GPS date API <perlinger@ntp.org> - also updates for refclock_nmea.c and refclock_jupiter.c * [Bug 3576] New GPS date function API <perlinger@ntp.org> * [Bug 3573] nptdate: missleading error message <perlinger@ntp.org> * [Bug 3570] NMEA driver docs: talker ID not mentioned, typo <perlinger@ntp.org> * [Bug 3569] cleanup MOD_NANO/STA_NANO handling for 'ntpadjtimex()' <perlinger@ntp.org> - sidekick: service port resolution in 'ntpdate' * [Bug 3550] Reproducible build: Respect SOURCE_DATE_EPOCH <perlinger@ntp.org> - applied patch by Douglas Royds * [Bug 3542] ntpdc monlist parameters cannot be set <perlinger@ntp.org> * [Bug 3533] ntpdc peer_info ipv6 issues <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3531] make check: test-decodenetnum fails <perlinger@ntp.org> - try to harden 'decodenetnum()' against 'getaddrinfo()' errors - fix wrong cond-compile tests in unit tests * [Bug 3517] Reducing build noise <perlinger@ntp.org> * [Bug 3516] Require tooling from this decade <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3515] Refactor ntpdmain() dispatcher loop and group common code <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3511] Get rid of AC_LANG_SOURCE() warnings <perlinger@ntp.org> - patch by Philipp Prindeville * [Bug 3510] Flatten out the #ifdef nesting in ntpdmain() <perlinger@ntp.org> - partial application of patch by Philipp Prindeville * [Bug 3491] Signed values of LFP datatypes should always display a sign - applied patch by Gerry Garvey & fixed unit tests <perlinger@ntp.org> * [Bug 3490] Patch to support Trimble Resolution Receivers <perlinger@ntp.org> - applied (modified) patch by Richard Steedman * [Bug 3473] RefID of refclocks should always be text format <perlinger@ntp.org> - applied patch by Gerry Garvey (with minor formatting changes) * [Bug 3132] Building 4.2.8p8 with disabled local libopts fails <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3094] ntpd trying to listen for broadcasts on a completely ipv6 network <perlinger@ntp.org> * [Bug 2420] ntpd doesn't run and exits with retval 0 when invalid user is specified with -u <perlinger@ntp.org> - monitor daemon child startup & propagate exit codes * [Bug 1433] runtime check whether the kernel really supports capabilities - (modified) patch by Kurt Roeckx <perlinger@ntp.org> * Clean up sntp/networking.c:sendpkt() error message. <stenn@ntp.org> * Provide more detail on unrecognized config file parser tokens. <stenn@ntp.org> * Startup log improvements. <stenn@ntp.org> * Update the copyright year. * html/confopt.html: cleanup. <stenn@ntp.org> --- (4.2.8p13) 2019/03/07 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3565] Crafted null dereference attack in authenticated mode 6 packet <perlinger@ntp.org> - reported by Magnus Stubman * [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org> - applied patch by Ian Lepore * [Bug 3558] Crash and integer size bug <perlinger@ntp.org> - isolate and fix linux/windows specific code issue * [Bug 3556] ntp_loopfilter.c snprintf compilation warnings <perlinger@ntp.org> - provide better function for incremental string formatting * [Bug 3555] Tidy up print alignment of debug output from ntpdate <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3554] config revoke stores incorrect value <perlinger@ntp.org> - original finding by Gerry Garvey, additional cleanup needed * [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org> - patch by Christous Zoulas * [Bug 3548] Signature not verified on windows system <perlinger@ntp.org> - finding by Chen Jiabin, plus another one by me * [Bug 3541] patch to fix STA_NANO struct timex units <perlinger@ntp.org> - applied patch by Maciej Szmigiero * [Bug 3540] Cannot set minsane to 0 anymore <perlinger@ntp.org> - applied patch by Andre Charbonneau * [Bug 3539] work_fork build fails when droproot is not supported <perlinger@ntp.org> - applied patch by Baruch Siach * [Bug 3538] Build fails for no-MMU targets <perlinger@ntp.org> - applied patch by Baruch Siach * [Bug 3535] libparse won't handle GPS week rollover <perlinger@ntp.org> - refactored handling of GPS era based on 'tos basedate' for parse (TSIP) and JUPITER clocks * [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra) <perlinger@ntp.org> - patch by Daniel J. Luke; this does not fix a potential linker regression issue on MacOS. * [Bug 3527 - Backward Incompatible] mode7 clockinfo fudgeval2 packet anomaly <perlinger@ntp.org>, reported by GGarvey. - --enable-bug3527-fix support by HStenn * [Bug 3526] Incorrect poll interval in packet <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. <perlinger@ntp.org> - added missing check, reported by Reinhard Max <perlinger@ntp.org> * [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64 - this is a variant of [bug 3558] and should be fixed with it * Implement --disable-signalled-io
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 ntp-4-2-8p12
# 1.1.1.12	29-Sep-2018	christos	--- (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability - fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC <perlinger@ntp.org> * [Sec 3012] noepeer tweaks. <stenn@ntp.org> * [Bug 3521] Fix a logic bug in the INVALIDNAK checks. <stenn@ntp.org> * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms - applied patch by Ian Lepore <perlinger@ntp.org> * [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org> - changed interaction with SCM to signal pending startup * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org> - rework of ntpq 'nextvar()' key/value parsing * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though * [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. HStenn. - add #define ENABLE_CMAC support in configure. HStenn. * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org> * [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger@ntp.org> - patch by Stephen Friedl * [Bug 3467] Potential memory fault in ntpq [...] <perlinger@ntp.org> - fixed IO redirection and CTRL-C handling in ntq and ntpdc * [Bug 3465] Default TTL values cannot be used <perlinger@ntp.org> * [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger@ntp.org> - initial patch by Hal Murray; also fixed refclock_report() trouble * [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph. <stenn@ntp.org> * [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer - According to Brooks Davis, there was only one location <perlinger@ntp.org> * [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3445] Symmetric peer won't sync on startup <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey, with modifications New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. * [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3426] ntpdate.html -t default is 2 seconds. Leonid Evdokimov. * [Bug 3121] Drop root privileges for the forked DNS worker <perlinger@ntp.org> - integrated patch by Reinhard Max * [Bug 2821] minor build issues <perlinger@ntp.org> - applied patches by Christos Zoulas, including real bug fixes * html/authopt.html: cleanup, from <stenn@ntp.org> * ntpd/ntpd.c: DROPROOT cleanup. <stenn@ntp.org> * Symmetric key range is 1-65535. Update docs. <stenn@ntp.org> * html/authentic.html: cleanup, from <stenn@ntp.org>
Revision tags: pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 ntp-4-2-8p11
# 1.1.1.11	07-Apr-2018	christos	branches: 1.1.1.11.2; --- * [Sec 3454] Unauthenticated packet can reset authenticated interleave associations. HStenn. * [Sec 3453] Interleaved symmetric mode cannot recover from bad state. HStenn. * [Sec 3415] Permit blocking authenticated symmetric/passive associations. Implement ippeerlimit. HStenn, JPerlinger. * [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits - initial patch by <stenn@ntp.org>, extended by <perlinger@ntp.org> * [Sec 3412] ctl_getitem(): Don't compare names past NUL. <perlinger@ntp.org> * [Sec 3012] Sybil vulnerability: noepeer support. HStenn, JPerlinger. * [Bug 3457] OpenSSL FIPS mode regression <perlinger@ntp.org> * [Bug 3455] ntpd doesn't use scope id when binding multicast <perlinger@ntp.org> - applied patch by Sean Haugh * [Bug 3452] PARSE driver prints uninitialized memory. <perlinger@ntp.org> * [Bug 3450] Dubious error messages from plausibility checks in get_systime() - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org> * [Bug 3447] AES-128-CMAC (fixes) <perlinger@ntp.org> - refactoring the MAC code, too * [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org * [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger@ntp.org> - applied patch by ggarvey * [Bug 3438] Negative values and values > 999 days in... <perlinger@ntp.org> - applied patch by ggarvey (with minor mods) * [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org> * [Bug 3435] anchor NTP era alignment <perlinger@ntp.org> * [Bug 3433] sntp crashes when run with -a. <stenn@ntp.org> * [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" - fixed several issues with hash algos in ntpd, sntp, ntpq, ntpdc and the test suites <perlinger@ntp.org> * [Bug 3424] Trimble Thunderbolt 1024 week millenium bug <perlinger@ntp.org> - initial patch by Daniel Pouzzner * [Bug 3423] QNX adjtime() implementation error checking is wrong <perlinger@ntp.org> * [Bug 3417] ntpq ifstats packet counters can be negative made IFSTATS counter quantities unsigned <perlinger@ntp.org> * [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 - raised receive buffer size to 1200 <perlinger@ntp.org> * [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static analysis tool. <abe@ntp.org> * [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. * [Bug 3404] Fix openSSL DLL usage under Windows <perlinger@ntp.org> - fix/drop assumptions on OpenSSL libs directory layout * [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation - initial patch by timeflies@mail2tor.com <perlinger@ntp.org> * [Bug 3398] tests fail with core dump <perlinger@ntp.org> - patch contributed by Alexander Bluhm * [Bug 3397] ctl_putstr() asserts that data fits in its buffer rework of formatting & data transfer stuff in 'ntp_control.c' avoids unecessary buffers and size limitations. <perlinger@ntp.org> * [Bug 3394] Leap second deletion does not work on ntpd clients - fixed handling of dynamic deletion w/o leap file <perlinger@ntp.org> * [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size - increased mimimum stack size to 32kB <perlinger@ntp.org> * [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 <perlinger@ntp.org> - reverted handling of PPS kernel consumer to 4.2.6 behavior * [Bug 3365] Updates driver40(-ja).html and miscopt.html <abe@ntp.org> * [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. * [Bug 3016] wrong error position reported for bad ":config pool" - fixed location counter & ntpq output <perlinger@ntp.org> * [Bug 2900] libntp build order problem. HStenn. * [Bug 2878] Tests are cluttering up syslog <perlinger@ntp.org> * [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, perlinger@ntp.org * [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. * [Bug 948] Trustedkey config directive leaks memory. <perlinger@ntp.org> * Use strlcpy() to copy strings, not memcpy(). HStenn. * Typos. HStenn. * test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. * refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. * Build ntpq and libntpq.a with NTP_HARD_FLAGS. perlinger@ntp.org Fix trivial warnings from 'make check'. perlinger@ntp.org * Fix bug in the override portion of the compiler hardening macro. HStenn. * record_raw_stats(): Log entire packet. Log writes. HStenn. * AES-128-CMAC support. BInglis, HStenn, JPerlinger. * sntp: tweak key file logging. HStenn. * sntp: pkt_output(): Improve debug output. HStenn. * update-leap: updates from Paul McMath. * When using pkg-config, report --modversion. HStenn. * Clean up libevent configure checks. HStenn. * sntp: show the IP of who sent us a crypto-NAK. HStenn. * Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. * authistrustedip() - use it in more places. HStenn, JPerlinger. * New sysstats: sys_lamport, sys_tsrounding. HStenn. * Update ntp.keys .../N documentation. HStenn. * Distribute testconf.yml. HStenn. * Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. * Rename the configuration flag fifo variables. HStenn. * Improve saveconfig output. HStenn. * Decode restrict flags on receive() debug output. HStenn. * Decode interface flags on receive() debug output. HStenn. * Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. * Update the documentation in ntp.conf.def . HStenn. * restrictions() must return restrict flags and ippeerlimit. HStenn. * Update ntpq peer documentation to describe the 'p' type. HStenn. * Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. * Provide dump_restricts() for debugging. HStenn. * Use consistent 4th arg type for [gs]etsockopt. JPerlinger. * Some tests might need LIBM. HStenn. * update-leap: Allow -h/--help early. HStenn.
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 ntp-4-2-8p10
# 1.1.1.10	13-Apr-2017	christos	branches: 1.1.1.10.4; 1.1.1.10.10; Import ntp 4.2.8p10
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 ntp-4-2-8p9
# 1.1.1.9	22-Nov-2016	christos	branches: 1.1.1.9.2; (4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3119] Trap crash <perlinger@ntp.org> * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org> - TRAP config via mode 6 packet requires AUTH now. * [Sec 3114] Broadcast Mode Replay Prevention DoS - applied patches by Matthew Van Gundy. <perlinger@ntp.org> - with bcpollbstep, tweaks and cleanup by stenn@ntp.org * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org> - applied fix as suggested by Matthew Van Gundy * [Sec 3110] Windows: ntpd DoS by oversized UDP packet - fixed error handling for truncated UDP packets. <perlinger@ntp.org> * [Sec 3102] Zero origin issues. HStenn. * [Sec 3082] null pointer dereference in _IO_str_init_static_internal() - more hardening to read_mru_list(). perlinger@ntp.org * [Sec 3072] Attack on interface selection <perlinger@ntp.org> - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion to skip interface updates based on incoming packets * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org> * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org * [Bug 3129] Unknown hosts can put resolver thread into a hard loop - moved retry decision where it belongs. <perlinger@ntp.org> * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order using the loopback-ppsapi-provider.dll <perlinger@ntp.org> * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org> * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org> - fixed extended sysvar lookup (bug introduced with bug 3008 fix) * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org> - applied patches by Kurt Roeckx <kurt@roeckx.be> to source - added shim layer for SSL API calls with issues (both directions) * [Bug 3089] Serial Parser does not work anymore for hopfser like device - simplified / refactored hex-decoding in driver. <perlinger@ntp.org> * [Bug 3084] update-leap mis-parses the leapfile name. HStenn. * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com> * [Bug 3067] Root distance calculation needs improvement. HStenn. * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org - PPS-HACK works again. * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org> - applied patch by Brian Utterback <brian.utterback@oracle.com> * [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. * [Bug 3050] Fix for bug #2960 causes [...] spurious error message. <perlinger@ntp.org> - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no> * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org - Patch provided by Kuramatsu. * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org> - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer and JPerlinger. * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org> - fixed GPS week expansion to work based on build date. Special thanks to Craig Leres for initial patch and testing. * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' - fixed Makefile.am <perlinger@ntp.org> * [Bug 2689] ATOM driver processes last PPS pulse at startup, even if it is very old <perlinger@ntp.org> - make sure PPS source is alive before processing samples - improve stability close to the 500ms phase jump (phase gate) * Fix typos in include/ntp.h. * Shim X509_get_signature_nid() if needed. * git author attribution cleanup * bk ignore file cleanup * remove locks in Windows IO, use rpc-like thread synchronisation instead
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8
# 1.1.1.8	03-Jun-2016	christos	branches: 1.1.1.8.2; Import ntp 4.2.8p8
Revision tags: ntp-4-2-8p7
# 1.1.1.7	01-May-2016	christos	--- (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn. * [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve time. Include passive servers in this check. HStenn. * [Sec 2945] Additional KoD packet checks. HStenn. * [Sec 2978] Interleave can be partially triggered. HStenn. * [Sec 3007] Validate crypto-NAKs. Danny Mayer. * [Sec 3008] Always check the return value of ctl_getitem(). - initial work by HStenn - Additional cleanup of ctl_getitem by perlinger@ntp.org * [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org - added more stringent checks on packet content * [Sec 3010] remote configuration trustedkey/requestkey values are not properly validated. perlinger@ntp.org - sidekick: Ignore keys that have an unsupported MAC algorithm but are otherwise well-formed * [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch - graciously accept the same IP multiple times. perlinger@ntp.org * [Sec 3020] Refclock impersonation. HStenn. * [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org - fixed yet another race condition in the threaded resolver code. * [Bug 2858] bool support. Use stdbool.h when available. HStenn. * [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org - integrated patches by Loganaden Velvidron <logan@ntp.org> with some modifications & unit tests * [Bug 2952] Symmetric active/passive mode is broken. HStenn. * [Bug 2960] async name resolution fixes for chroot() environments. Reinhard Max. * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org * [Bug 2995] Fixes to compile on Windows * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org * [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org - Patch provided by Ch. Weisgerber * [Bug 3015] ntpq: config-from-file: "request contains an unprintable character" - A change related to [Bug 2853] forbids trailing white space in remote config commands. perlinger@ntp.org * [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE - report and patch from Aleksandr Kostikov. - Overhaul of Windows IO completion port handling. perlinger@ntp.org * [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org - fixed memory leak in access list (auth[read]keys.c) - refactored handling of key access lists (auth[read]keys.c) - reduced number of error branches (authreadkeys.c) * [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org * [Bug 3030] ntpq needs a general way to specify refid output format. HStenn. * [Bug 3031] ntp broadcastclient unable to synchronize to an server when the time of server changed. perlinger@ntp.org - Check the initial delay calculation and reject/unpeer the broadcast server if the delay exceeds 50ms. Retry again after the next broadcast packet. * [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn. * Document ntp.key's optional IP list in authenetic.html. Harlan Stenn. * Update html/xleave.html documentation. Harlan Stenn. * Update ntp.conf documentation. Harlan Stenn. * Fix some Credit: attributions in the NEWS file. Harlan Stenn. * Fix typo in html/monopt.html. Harlan Stenn. * Add README.pullrequests. Harlan Stenn. * Cleanup to include/ntp.h. Harlan Stenn. --- (4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. * [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. * [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org * [Sec 2938] ntpq saveconfig command allows dangerous characters in filenames. perlinger@ntp.org * [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org * [Sec 2940] Stack exhaustion in recursive traversal of restriction list. perlinger@ntp.org * [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. * [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org * [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org * [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org * [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org - applied patch by shenpeng11@huawei.com with minor adjustments * [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org * [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org * [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build. perlinger@ntp.org - Found this already fixed, but validation led to cleanup actions. * [Bug 2905] DNS lookups broken. perlinger@ntp.org - added limits to stack consumption, fixed some return code handling * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * [Bug 2980] reduce number of warnings. perlinger@ntp.org - integrated several patches from Havard Eidnes (he@uninett.no) * [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org - implement 'auth_log2()' using integer bithack instead of float calculation * Make leapsec_query debug messages less verbose. Harlan Stenn. * Disable incomplete t-ntp_signd.c test. Harlan Stenn. ---
Revision tags: ntp-4-2-8p5
# 1.1.1.6	08-Jan-2016	christos	Import ntp 4.2.8p5
Revision tags: ntp-4-2-8p4
# 1.1.1.5	23-Oct-2015	christos	Import ntp 4.2.8p4
Revision tags: ntp-4-2-8p3
# 1.1.1.4	10-Jul-2015	christos	Import ntp 4.2.8p3
Revision tags: ntp-4-2-8p2
# 1.1.1.3	07-Apr-2015	christos	--- (4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org> (4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2763] Fix for different thresholds for forward and backward steps. --- (4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c. * [Bug 2769] New script: update-leap * [Bug 2769] cleannup for update-leap * [Bug 2788] New flag -G (force_step_once). * [Bug 2794] Clean up kernel clock status reports. * [Bug 2795] Cannot build without OpenSLL (on Win32). Provided a Win32 specific wrapper around libevent/arc4random.c. fixed some minor warnings. * [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32. * [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys on big-endian machines. * [Bug 2798] sntp should decode and display the leap indicator. * Simple cleanup to html/build.html --- (4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2794] Don't let reports on normal kernel status changes look like errors. * [Bug 2788] New flag -G (force_step_once). * [Bug 2592] Account for PPS sources which can provide an accurate absolute time stamp, and status information. Fixed indention and removed trailing whitespace. * [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003. * [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument. * [Bug 2346] "graceful termination" signals do not do peer cleanup. * [Bug 2728] See if C99-style structure initialization works. * [Bug 2747] Upgrade libevent to 2.1.5-beta. * [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. . * [Bug 2751] jitter.h has stale copies of l_fp macros. * [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM. * [Bug 2757] Quiet compiler warnings. * [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq. * [Bug 2763] Allow different thresholds for forward and backward steps. * [Bug 2766] ntp-keygen output files should not be world-readable. * [Bug 2767] ntp-keygen -M should symlink to ntp.keys. * [Bug 2771] nonvolatile value is documented in wrong units. * [Bug 2773] Early leap announcement from Palisade/Thunderbolt * [Bug 2774] Unreasonably verbose printout - leap pending/warning * [Bug 2775] ntp-keygen.c fails to compile under Windows. * [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info. Removed non-ASCII characters from some copyright comments. Removed trailing whitespace. Updated definitions for Meinberg clocks from current Meinberg header files. Now use C99 fixed-width types and avoid non-ASCII characters in comments. Account for updated definitions pulled from Meinberg header files. Updated comments on Meinberg GPS receivers which are not only called GPS16x. Replaced some constant numbers by defines from ntp_calendar.h Modified creation of parse-specific variables for Meinberg devices in gps16x_message(). Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates. Modified mbg_tm_str() which now expexts an additional parameter controlling if the time status shall be printed. * [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto. * [Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks. * [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE. * [Bug 2789] Quiet compiler warnings from libevent. * [Bug 2790] If ntpd sets the Windows MM timer highest resolution pause briefly before measuring system clock precision to yield correct results. * Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer. * Use predefined function types for parse driver functions used to set up function pointers. Account for changed prototype of parse_inp_fnc_t functions. Cast parse conversion results to appropriate types to avoid compiler warnings. Let ioctl() for Windows accept a (void ) to avoid compiler warnings when called with pointers to different types. --- (4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org> Update the NEWS file. * [Sec 2671] vallen in extension fields are not validated. --- (4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access rework: reverted sense of mode bit (so default reflects previous behaviour) and updated ducumentation. * [Bug 2732] - Leap second not handled correctly on Windows 8 use 'GetTickCount()' to get the true elapsed time of slew (This should work for all versions of Windows >= W2K) * [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate(). * [Bug 2739] Parse driver with PPS enabled occasionally evaluates PPS timestamp with wrong sign. Removed some German umlauts. * [Bug 2740] Removed some obsolete code from the parse driver. * [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus(). --- (4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org> * Start the RC for 4.2.8p1. * [Bug 2187] Update version number generation scripts. * [Bug 2617] Fix sntp Usage documentation section. * [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed... * [Bug 2736] Show error message if we cannot open the config file. * Copyright update. * Fix the package name. --- (4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2695] Windows build: __func__ not supported under Windows. * [Bug 2728] Work around C99-style structure initialization code for older compilers, specifically Visual Studio prior to VS2013. --- (4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org> * [Bug 1084] PPSAPI for ntpd on Windows with DLL backends * [Bug 2695] Build problem on Windows (sys/socket.h). * [Bug 2715] mdnstries option for ntp.conf from NetBSD. * Fix a regression introduced to timepps-Solaris.h as part of: [Bug 1206] Required compiler changes for Windows (4.2.5p181) 2009/06/06 --- (4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are always private. * [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems. * [Bug 2695] 4.2.8 does not build on Windows. * [bug 2700] mrulist stopped working in 4.2.8. * [Bug 2706] libparse/info_trimble.c build dependencies are broken. * [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD. * [Bug 2714] libevent may need to be built independently of any build of sntp. * [Bug 2715] mdnstries option for ntp.conf from NetBSD. --- (4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2674] Install sntp in sbin on NetBSD. * [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp. * [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c. * [Bug 2709] see if we have a C99 compiler (not yet required). --- (4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. * [Bug 2693] ntp-keygen doesn't build without OpenSSL. * [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes. * [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c. ---
Revision tags: ntp-4-2-8
# 1.1.1.2	19-Dec-2014	christos	branches: 1.1.1.2.2; 1.1.1.2.4; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.10; 1.1.1.2.12; Import ntp 4.2.8
Revision tags: tls-maxphys-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404
# 1.1.1.1	27-Dec-2013	christos	branches: 1.1.1.1.4; 1.1.1.1.6; 1.1.1.1.8; import devel ntpd to avoid amplification attacks.
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 ntp-4-2-8p12
# 1.1.1.12	29-Sep-2018	christos	--- (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability - fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC <perlinger@ntp.org> * [Sec 3012] noepeer tweaks. <stenn@ntp.org> * [Bug 3521] Fix a logic bug in the INVALIDNAK checks. <stenn@ntp.org> * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms - applied patch by Ian Lepore <perlinger@ntp.org> * [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org> - changed interaction with SCM to signal pending startup * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org> - rework of ntpq 'nextvar()' key/value parsing * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though * [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. HStenn. - add #define ENABLE_CMAC support in configure. HStenn. * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org> * [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger@ntp.org> - patch by Stephen Friedl * [Bug 3467] Potential memory fault in ntpq [...] <perlinger@ntp.org> - fixed IO redirection and CTRL-C handling in ntq and ntpdc * [Bug 3465] Default TTL values cannot be used <perlinger@ntp.org> * [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger@ntp.org> - initial patch by Hal Murray; also fixed refclock_report() trouble * [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph. <stenn@ntp.org> * [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer - According to Brooks Davis, there was only one location <perlinger@ntp.org> * [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3445] Symmetric peer won't sync on startup <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey, with modifications New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. * [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3426] ntpdate.html -t default is 2 seconds. Leonid Evdokimov. * [Bug 3121] Drop root privileges for the forked DNS worker <perlinger@ntp.org> - integrated patch by Reinhard Max * [Bug 2821] minor build issues <perlinger@ntp.org> - applied patches by Christos Zoulas, including real bug fixes * html/authopt.html: cleanup, from <stenn@ntp.org> * ntpd/ntpd.c: DROPROOT cleanup. <stenn@ntp.org> * Symmetric key range is 1-65535. Update docs. <stenn@ntp.org> * html/authentic.html: cleanup, from <stenn@ntp.org>
Revision tags: pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 ntp-4-2-8p11
# 1.1.1.11	07-Apr-2018	christos	--- * [Sec 3454] Unauthenticated packet can reset authenticated interleave associations. HStenn. * [Sec 3453] Interleaved symmetric mode cannot recover from bad state. HStenn. * [Sec 3415] Permit blocking authenticated symmetric/passive associations. Implement ippeerlimit. HStenn, JPerlinger. * [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits - initial patch by <stenn@ntp.org>, extended by <perlinger@ntp.org> * [Sec 3412] ctl_getitem(): Don't compare names past NUL. <perlinger@ntp.org> * [Sec 3012] Sybil vulnerability: noepeer support. HStenn, JPerlinger. * [Bug 3457] OpenSSL FIPS mode regression <perlinger@ntp.org> * [Bug 3455] ntpd doesn't use scope id when binding multicast <perlinger@ntp.org> - applied patch by Sean Haugh * [Bug 3452] PARSE driver prints uninitialized memory. <perlinger@ntp.org> * [Bug 3450] Dubious error messages from plausibility checks in get_systime() - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org> * [Bug 3447] AES-128-CMAC (fixes) <perlinger@ntp.org> - refactoring the MAC code, too * [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org * [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger@ntp.org> - applied patch by ggarvey * [Bug 3438] Negative values and values > 999 days in... <perlinger@ntp.org> - applied patch by ggarvey (with minor mods) * [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org> * [Bug 3435] anchor NTP era alignment <perlinger@ntp.org> * [Bug 3433] sntp crashes when run with -a. <stenn@ntp.org> * [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" - fixed several issues with hash algos in ntpd, sntp, ntpq, ntpdc and the test suites <perlinger@ntp.org> * [Bug 3424] Trimble Thunderbolt 1024 week millenium bug <perlinger@ntp.org> - initial patch by Daniel Pouzzner * [Bug 3423] QNX adjtime() implementation error checking is wrong <perlinger@ntp.org> * [Bug 3417] ntpq ifstats packet counters can be negative made IFSTATS counter quantities unsigned <perlinger@ntp.org> * [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 - raised receive buffer size to 1200 <perlinger@ntp.org> * [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static analysis tool. <abe@ntp.org> * [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. * [Bug 3404] Fix openSSL DLL usage under Windows <perlinger@ntp.org> - fix/drop assumptions on OpenSSL libs directory layout * [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation - initial patch by timeflies@mail2tor.com <perlinger@ntp.org> * [Bug 3398] tests fail with core dump <perlinger@ntp.org> - patch contributed by Alexander Bluhm * [Bug 3397] ctl_putstr() asserts that data fits in its buffer rework of formatting & data transfer stuff in 'ntp_control.c' avoids unecessary buffers and size limitations. <perlinger@ntp.org> * [Bug 3394] Leap second deletion does not work on ntpd clients - fixed handling of dynamic deletion w/o leap file <perlinger@ntp.org> * [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size - increased mimimum stack size to 32kB <perlinger@ntp.org> * [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 <perlinger@ntp.org> - reverted handling of PPS kernel consumer to 4.2.6 behavior * [Bug 3365] Updates driver40(-ja).html and miscopt.html <abe@ntp.org> * [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. * [Bug 3016] wrong error position reported for bad ":config pool" - fixed location counter & ntpq output <perlinger@ntp.org> * [Bug 2900] libntp build order problem. HStenn. * [Bug 2878] Tests are cluttering up syslog <perlinger@ntp.org> * [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, perlinger@ntp.org * [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. * [Bug 948] Trustedkey config directive leaks memory. <perlinger@ntp.org> * Use strlcpy() to copy strings, not memcpy(). HStenn. * Typos. HStenn. * test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. * refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. * Build ntpq and libntpq.a with NTP_HARD_FLAGS. perlinger@ntp.org Fix trivial warnings from 'make check'. perlinger@ntp.org * Fix bug in the override portion of the compiler hardening macro. HStenn. * record_raw_stats(): Log entire packet. Log writes. HStenn. * AES-128-CMAC support. BInglis, HStenn, JPerlinger. * sntp: tweak key file logging. HStenn. * sntp: pkt_output(): Improve debug output. HStenn. * update-leap: updates from Paul McMath. * When using pkg-config, report --modversion. HStenn. * Clean up libevent configure checks. HStenn. * sntp: show the IP of who sent us a crypto-NAK. HStenn. * Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. * authistrustedip() - use it in more places. HStenn, JPerlinger. * New sysstats: sys_lamport, sys_tsrounding. HStenn. * Update ntp.keys .../N documentation. HStenn. * Distribute testconf.yml. HStenn. * Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. * Rename the configuration flag fifo variables. HStenn. * Improve saveconfig output. HStenn. * Decode restrict flags on receive() debug output. HStenn. * Decode interface flags on receive() debug output. HStenn. * Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. * Update the documentation in ntp.conf.def . HStenn. * restrictions() must return restrict flags and ippeerlimit. HStenn. * Update ntpq peer documentation to describe the 'p' type. HStenn. * Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. * Provide dump_restricts() for debugging. HStenn. * Use consistent 4th arg type for [gs]etsockopt. JPerlinger. * Some tests might need LIBM. HStenn. * update-leap: Allow -h/--help early. HStenn.
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 ntp-4-2-8p10
# 1.1.1.10	13-Apr-2017	christos	branches: 1.1.1.10.4; 1.1.1.10.10; Import ntp 4.2.8p10
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 ntp-4-2-8p9
# 1.1.1.9	22-Nov-2016	christos	branches: 1.1.1.9.2; (4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3119] Trap crash <perlinger@ntp.org> * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org> - TRAP config via mode 6 packet requires AUTH now. * [Sec 3114] Broadcast Mode Replay Prevention DoS - applied patches by Matthew Van Gundy. <perlinger@ntp.org> - with bcpollbstep, tweaks and cleanup by stenn@ntp.org * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org> - applied fix as suggested by Matthew Van Gundy * [Sec 3110] Windows: ntpd DoS by oversized UDP packet - fixed error handling for truncated UDP packets. <perlinger@ntp.org> * [Sec 3102] Zero origin issues. HStenn. * [Sec 3082] null pointer dereference in _IO_str_init_static_internal() - more hardening to read_mru_list(). perlinger@ntp.org * [Sec 3072] Attack on interface selection <perlinger@ntp.org> - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion to skip interface updates based on incoming packets * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org> * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org * [Bug 3129] Unknown hosts can put resolver thread into a hard loop - moved retry decision where it belongs. <perlinger@ntp.org> * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order using the loopback-ppsapi-provider.dll <perlinger@ntp.org> * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org> * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org> - fixed extended sysvar lookup (bug introduced with bug 3008 fix) * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org> - applied patches by Kurt Roeckx <kurt@roeckx.be> to source - added shim layer for SSL API calls with issues (both directions) * [Bug 3089] Serial Parser does not work anymore for hopfser like device - simplified / refactored hex-decoding in driver. <perlinger@ntp.org> * [Bug 3084] update-leap mis-parses the leapfile name. HStenn. * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com> * [Bug 3067] Root distance calculation needs improvement. HStenn. * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org - PPS-HACK works again. * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org> - applied patch by Brian Utterback <brian.utterback@oracle.com> * [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. * [Bug 3050] Fix for bug #2960 causes [...] spurious error message. <perlinger@ntp.org> - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no> * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org - Patch provided by Kuramatsu. * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org> - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer and JPerlinger. * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org> - fixed GPS week expansion to work based on build date. Special thanks to Craig Leres for initial patch and testing. * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' - fixed Makefile.am <perlinger@ntp.org> * [Bug 2689] ATOM driver processes last PPS pulse at startup, even if it is very old <perlinger@ntp.org> - make sure PPS source is alive before processing samples - improve stability close to the 500ms phase jump (phase gate) * Fix typos in include/ntp.h. * Shim X509_get_signature_nid() if needed. * git author attribution cleanup * bk ignore file cleanup * remove locks in Windows IO, use rpc-like thread synchronisation instead
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8
# 1.1.1.8	03-Jun-2016	christos	branches: 1.1.1.8.2; Import ntp 4.2.8p8
Revision tags: ntp-4-2-8p7
# 1.1.1.7	01-May-2016	christos	--- (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn. * [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve time. Include passive servers in this check. HStenn. * [Sec 2945] Additional KoD packet checks. HStenn. * [Sec 2978] Interleave can be partially triggered. HStenn. * [Sec 3007] Validate crypto-NAKs. Danny Mayer. * [Sec 3008] Always check the return value of ctl_getitem(). - initial work by HStenn - Additional cleanup of ctl_getitem by perlinger@ntp.org * [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org - added more stringent checks on packet content * [Sec 3010] remote configuration trustedkey/requestkey values are not properly validated. perlinger@ntp.org - sidekick: Ignore keys that have an unsupported MAC algorithm but are otherwise well-formed * [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch - graciously accept the same IP multiple times. perlinger@ntp.org * [Sec 3020] Refclock impersonation. HStenn. * [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org - fixed yet another race condition in the threaded resolver code. * [Bug 2858] bool support. Use stdbool.h when available. HStenn. * [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org - integrated patches by Loganaden Velvidron <logan@ntp.org> with some modifications & unit tests * [Bug 2952] Symmetric active/passive mode is broken. HStenn. * [Bug 2960] async name resolution fixes for chroot() environments. Reinhard Max. * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org * [Bug 2995] Fixes to compile on Windows * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org * [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org - Patch provided by Ch. Weisgerber * [Bug 3015] ntpq: config-from-file: "request contains an unprintable character" - A change related to [Bug 2853] forbids trailing white space in remote config commands. perlinger@ntp.org * [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE - report and patch from Aleksandr Kostikov. - Overhaul of Windows IO completion port handling. perlinger@ntp.org * [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org - fixed memory leak in access list (auth[read]keys.c) - refactored handling of key access lists (auth[read]keys.c) - reduced number of error branches (authreadkeys.c) * [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org * [Bug 3030] ntpq needs a general way to specify refid output format. HStenn. * [Bug 3031] ntp broadcastclient unable to synchronize to an server when the time of server changed. perlinger@ntp.org - Check the initial delay calculation and reject/unpeer the broadcast server if the delay exceeds 50ms. Retry again after the next broadcast packet. * [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn. * Document ntp.key's optional IP list in authenetic.html. Harlan Stenn. * Update html/xleave.html documentation. Harlan Stenn. * Update ntp.conf documentation. Harlan Stenn. * Fix some Credit: attributions in the NEWS file. Harlan Stenn. * Fix typo in html/monopt.html. Harlan Stenn. * Add README.pullrequests. Harlan Stenn. * Cleanup to include/ntp.h. Harlan Stenn. --- (4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. * [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. * [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org * [Sec 2938] ntpq saveconfig command allows dangerous characters in filenames. perlinger@ntp.org * [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org * [Sec 2940] Stack exhaustion in recursive traversal of restriction list. perlinger@ntp.org * [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. * [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org * [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org * [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org * [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org - applied patch by shenpeng11@huawei.com with minor adjustments * [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org * [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org * [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build. perlinger@ntp.org - Found this already fixed, but validation led to cleanup actions. * [Bug 2905] DNS lookups broken. perlinger@ntp.org - added limits to stack consumption, fixed some return code handling * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * [Bug 2980] reduce number of warnings. perlinger@ntp.org - integrated several patches from Havard Eidnes (he@uninett.no) * [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org - implement 'auth_log2()' using integer bithack instead of float calculation * Make leapsec_query debug messages less verbose. Harlan Stenn. * Disable incomplete t-ntp_signd.c test. Harlan Stenn. ---
Revision tags: ntp-4-2-8p5
# 1.1.1.6	08-Jan-2016	christos	Import ntp 4.2.8p5
Revision tags: ntp-4-2-8p4
# 1.1.1.5	23-Oct-2015	christos	Import ntp 4.2.8p4
Revision tags: ntp-4-2-8p3
# 1.1.1.4	10-Jul-2015	christos	Import ntp 4.2.8p3
Revision tags: ntp-4-2-8p2
# 1.1.1.3	07-Apr-2015	christos	--- (4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org> (4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2763] Fix for different thresholds for forward and backward steps. --- (4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c. * [Bug 2769] New script: update-leap * [Bug 2769] cleannup for update-leap * [Bug 2788] New flag -G (force_step_once). * [Bug 2794] Clean up kernel clock status reports. * [Bug 2795] Cannot build without OpenSLL (on Win32). Provided a Win32 specific wrapper around libevent/arc4random.c. fixed some minor warnings. * [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32. * [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys on big-endian machines. * [Bug 2798] sntp should decode and display the leap indicator. * Simple cleanup to html/build.html --- (4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2794] Don't let reports on normal kernel status changes look like errors. * [Bug 2788] New flag -G (force_step_once). * [Bug 2592] Account for PPS sources which can provide an accurate absolute time stamp, and status information. Fixed indention and removed trailing whitespace. * [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003. * [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument. * [Bug 2346] "graceful termination" signals do not do peer cleanup. * [Bug 2728] See if C99-style structure initialization works. * [Bug 2747] Upgrade libevent to 2.1.5-beta. * [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. . * [Bug 2751] jitter.h has stale copies of l_fp macros. * [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM. * [Bug 2757] Quiet compiler warnings. * [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq. * [Bug 2763] Allow different thresholds for forward and backward steps. * [Bug 2766] ntp-keygen output files should not be world-readable. * [Bug 2767] ntp-keygen -M should symlink to ntp.keys. * [Bug 2771] nonvolatile value is documented in wrong units. * [Bug 2773] Early leap announcement from Palisade/Thunderbolt * [Bug 2774] Unreasonably verbose printout - leap pending/warning * [Bug 2775] ntp-keygen.c fails to compile under Windows. * [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info. Removed non-ASCII characters from some copyright comments. Removed trailing whitespace. Updated definitions for Meinberg clocks from current Meinberg header files. Now use C99 fixed-width types and avoid non-ASCII characters in comments. Account for updated definitions pulled from Meinberg header files. Updated comments on Meinberg GPS receivers which are not only called GPS16x. Replaced some constant numbers by defines from ntp_calendar.h Modified creation of parse-specific variables for Meinberg devices in gps16x_message(). Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates. Modified mbg_tm_str() which now expexts an additional parameter controlling if the time status shall be printed. * [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto. * [Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks. * [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE. * [Bug 2789] Quiet compiler warnings from libevent. * [Bug 2790] If ntpd sets the Windows MM timer highest resolution pause briefly before measuring system clock precision to yield correct results. * Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer. * Use predefined function types for parse driver functions used to set up function pointers. Account for changed prototype of parse_inp_fnc_t functions. Cast parse conversion results to appropriate types to avoid compiler warnings. Let ioctl() for Windows accept a (void ) to avoid compiler warnings when called with pointers to different types. --- (4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org> Update the NEWS file. * [Sec 2671] vallen in extension fields are not validated. --- (4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access rework: reverted sense of mode bit (so default reflects previous behaviour) and updated ducumentation. * [Bug 2732] - Leap second not handled correctly on Windows 8 use 'GetTickCount()' to get the true elapsed time of slew (This should work for all versions of Windows >= W2K) * [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate(). * [Bug 2739] Parse driver with PPS enabled occasionally evaluates PPS timestamp with wrong sign. Removed some German umlauts. * [Bug 2740] Removed some obsolete code from the parse driver. * [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus(). --- (4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org> * Start the RC for 4.2.8p1. * [Bug 2187] Update version number generation scripts. * [Bug 2617] Fix sntp Usage documentation section. * [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed... * [Bug 2736] Show error message if we cannot open the config file. * Copyright update. * Fix the package name. --- (4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2695] Windows build: __func__ not supported under Windows. * [Bug 2728] Work around C99-style structure initialization code for older compilers, specifically Visual Studio prior to VS2013. --- (4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org> * [Bug 1084] PPSAPI for ntpd on Windows with DLL backends * [Bug 2695] Build problem on Windows (sys/socket.h). * [Bug 2715] mdnstries option for ntp.conf from NetBSD. * Fix a regression introduced to timepps-Solaris.h as part of: [Bug 1206] Required compiler changes for Windows (4.2.5p181) 2009/06/06 --- (4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are always private. * [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems. * [Bug 2695] 4.2.8 does not build on Windows. * [bug 2700] mrulist stopped working in 4.2.8. * [Bug 2706] libparse/info_trimble.c build dependencies are broken. * [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD. * [Bug 2714] libevent may need to be built independently of any build of sntp. * [Bug 2715] mdnstries option for ntp.conf from NetBSD. --- (4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2674] Install sntp in sbin on NetBSD. * [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp. * [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c. * [Bug 2709] see if we have a C99 compiler (not yet required). --- (4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. * [Bug 2693] ntp-keygen doesn't build without OpenSSL. * [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes. * [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c. ---
Revision tags: ntp-4-2-8
# 1.1.1.2	19-Dec-2014	christos	branches: 1.1.1.2.2; 1.1.1.2.4; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.10; 1.1.1.2.12; Import ntp 4.2.8
Revision tags: tls-maxphys-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404
# 1.1.1.1	27-Dec-2013	christos	branches: 1.1.1.1.4; 1.1.1.1.6; 1.1.1.1.8; import devel ntpd to avoid amplification attacks.
Revision tags: prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 ntp-4-2-8p10
# 1.1.1.10	13-Apr-2017	christos	Import ntp 4.2.8p10
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 ntp-4-2-8p9
# 1.1.1.9	22-Nov-2016	christos	branches: 1.1.1.9.2; (4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3119] Trap crash <perlinger@ntp.org> * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org> - TRAP config via mode 6 packet requires AUTH now. * [Sec 3114] Broadcast Mode Replay Prevention DoS - applied patches by Matthew Van Gundy. <perlinger@ntp.org> - with bcpollbstep, tweaks and cleanup by stenn@ntp.org * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org> - applied fix as suggested by Matthew Van Gundy * [Sec 3110] Windows: ntpd DoS by oversized UDP packet - fixed error handling for truncated UDP packets. <perlinger@ntp.org> * [Sec 3102] Zero origin issues. HStenn. * [Sec 3082] null pointer dereference in _IO_str_init_static_internal() - more hardening to read_mru_list(). perlinger@ntp.org * [Sec 3072] Attack on interface selection <perlinger@ntp.org> - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion to skip interface updates based on incoming packets * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org> * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org * [Bug 3129] Unknown hosts can put resolver thread into a hard loop - moved retry decision where it belongs. <perlinger@ntp.org> * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order using the loopback-ppsapi-provider.dll <perlinger@ntp.org> * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org> * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org> - fixed extended sysvar lookup (bug introduced with bug 3008 fix) * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org> - applied patches by Kurt Roeckx <kurt@roeckx.be> to source - added shim layer for SSL API calls with issues (both directions) * [Bug 3089] Serial Parser does not work anymore for hopfser like device - simplified / refactored hex-decoding in driver. <perlinger@ntp.org> * [Bug 3084] update-leap mis-parses the leapfile name. HStenn. * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com> * [Bug 3067] Root distance calculation needs improvement. HStenn. * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org - PPS-HACK works again. * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org> - applied patch by Brian Utterback <brian.utterback@oracle.com> * [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. * [Bug 3050] Fix for bug #2960 causes [...] spurious error message. <perlinger@ntp.org> - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no> * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org - Patch provided by Kuramatsu. * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org> - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer and JPerlinger. * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org> - fixed GPS week expansion to work based on build date. Special thanks to Craig Leres for initial patch and testing. * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' - fixed Makefile.am <perlinger@ntp.org> * [Bug 2689] ATOM driver processes last PPS pulse at startup, even if it is very old <perlinger@ntp.org> - make sure PPS source is alive before processing samples - improve stability close to the 500ms phase jump (phase gate) * Fix typos in include/ntp.h. * Shim X509_get_signature_nid() if needed. * git author attribution cleanup * bk ignore file cleanup * remove locks in Windows IO, use rpc-like thread synchronisation instead
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8
# 1.1.1.8	03-Jun-2016	christos	branches: 1.1.1.8.2; Import ntp 4.2.8p8
Revision tags: ntp-4-2-8p7
# 1.1.1.7	01-May-2016	christos	--- (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn. * [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve time. Include passive servers in this check. HStenn. * [Sec 2945] Additional KoD packet checks. HStenn. * [Sec 2978] Interleave can be partially triggered. HStenn. * [Sec 3007] Validate crypto-NAKs. Danny Mayer. * [Sec 3008] Always check the return value of ctl_getitem(). - initial work by HStenn - Additional cleanup of ctl_getitem by perlinger@ntp.org * [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org - added more stringent checks on packet content * [Sec 3010] remote configuration trustedkey/requestkey values are not properly validated. perlinger@ntp.org - sidekick: Ignore keys that have an unsupported MAC algorithm but are otherwise well-formed * [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch - graciously accept the same IP multiple times. perlinger@ntp.org * [Sec 3020] Refclock impersonation. HStenn. * [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org - fixed yet another race condition in the threaded resolver code. * [Bug 2858] bool support. Use stdbool.h when available. HStenn. * [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org - integrated patches by Loganaden Velvidron <logan@ntp.org> with some modifications & unit tests * [Bug 2952] Symmetric active/passive mode is broken. HStenn. * [Bug 2960] async name resolution fixes for chroot() environments. Reinhard Max. * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org * [Bug 2995] Fixes to compile on Windows * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org * [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org - Patch provided by Ch. Weisgerber * [Bug 3015] ntpq: config-from-file: "request contains an unprintable character" - A change related to [Bug 2853] forbids trailing white space in remote config commands. perlinger@ntp.org * [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE - report and patch from Aleksandr Kostikov. - Overhaul of Windows IO completion port handling. perlinger@ntp.org * [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org - fixed memory leak in access list (auth[read]keys.c) - refactored handling of key access lists (auth[read]keys.c) - reduced number of error branches (authreadkeys.c) * [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org * [Bug 3030] ntpq needs a general way to specify refid output format. HStenn. * [Bug 3031] ntp broadcastclient unable to synchronize to an server when the time of server changed. perlinger@ntp.org - Check the initial delay calculation and reject/unpeer the broadcast server if the delay exceeds 50ms. Retry again after the next broadcast packet. * [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn. * Document ntp.key's optional IP list in authenetic.html. Harlan Stenn. * Update html/xleave.html documentation. Harlan Stenn. * Update ntp.conf documentation. Harlan Stenn. * Fix some Credit: attributions in the NEWS file. Harlan Stenn. * Fix typo in html/monopt.html. Harlan Stenn. * Add README.pullrequests. Harlan Stenn. * Cleanup to include/ntp.h. Harlan Stenn. --- (4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. * [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. * [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org * [Sec 2938] ntpq saveconfig command allows dangerous characters in filenames. perlinger@ntp.org * [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org * [Sec 2940] Stack exhaustion in recursive traversal of restriction list. perlinger@ntp.org * [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. * [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org * [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org * [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org * [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org - applied patch by shenpeng11@huawei.com with minor adjustments * [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org * [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org * [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build. perlinger@ntp.org - Found this already fixed, but validation led to cleanup actions. * [Bug 2905] DNS lookups broken. perlinger@ntp.org - added limits to stack consumption, fixed some return code handling * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * [Bug 2980] reduce number of warnings. perlinger@ntp.org - integrated several patches from Havard Eidnes (he@uninett.no) * [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org - implement 'auth_log2()' using integer bithack instead of float calculation * Make leapsec_query debug messages less verbose. Harlan Stenn. * Disable incomplete t-ntp_signd.c test. Harlan Stenn. ---
Revision tags: ntp-4-2-8p5
# 1.1.1.6	08-Jan-2016	christos	Import ntp 4.2.8p5
Revision tags: ntp-4-2-8p4
# 1.1.1.5	23-Oct-2015	christos	Import ntp 4.2.8p4
Revision tags: ntp-4-2-8p3
# 1.1.1.4	10-Jul-2015	christos	Import ntp 4.2.8p3
Revision tags: ntp-4-2-8p2
# 1.1.1.3	07-Apr-2015	christos	--- (4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org> (4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2763] Fix for different thresholds for forward and backward steps. --- (4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c. * [Bug 2769] New script: update-leap * [Bug 2769] cleannup for update-leap * [Bug 2788] New flag -G (force_step_once). * [Bug 2794] Clean up kernel clock status reports. * [Bug 2795] Cannot build without OpenSLL (on Win32). Provided a Win32 specific wrapper around libevent/arc4random.c. fixed some minor warnings. * [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32. * [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys on big-endian machines. * [Bug 2798] sntp should decode and display the leap indicator. * Simple cleanup to html/build.html --- (4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2794] Don't let reports on normal kernel status changes look like errors. * [Bug 2788] New flag -G (force_step_once). * [Bug 2592] Account for PPS sources which can provide an accurate absolute time stamp, and status information. Fixed indention and removed trailing whitespace. * [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003. * [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument. * [Bug 2346] "graceful termination" signals do not do peer cleanup. * [Bug 2728] See if C99-style structure initialization works. * [Bug 2747] Upgrade libevent to 2.1.5-beta. * [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. . * [Bug 2751] jitter.h has stale copies of l_fp macros. * [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM. * [Bug 2757] Quiet compiler warnings. * [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq. * [Bug 2763] Allow different thresholds for forward and backward steps. * [Bug 2766] ntp-keygen output files should not be world-readable. * [Bug 2767] ntp-keygen -M should symlink to ntp.keys. * [Bug 2771] nonvolatile value is documented in wrong units. * [Bug 2773] Early leap announcement from Palisade/Thunderbolt * [Bug 2774] Unreasonably verbose printout - leap pending/warning * [Bug 2775] ntp-keygen.c fails to compile under Windows. * [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info. Removed non-ASCII characters from some copyright comments. Removed trailing whitespace. Updated definitions for Meinberg clocks from current Meinberg header files. Now use C99 fixed-width types and avoid non-ASCII characters in comments. Account for updated definitions pulled from Meinberg header files. Updated comments on Meinberg GPS receivers which are not only called GPS16x. Replaced some constant numbers by defines from ntp_calendar.h Modified creation of parse-specific variables for Meinberg devices in gps16x_message(). Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates. Modified mbg_tm_str() which now expexts an additional parameter controlling if the time status shall be printed. * [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto. * [Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks. * [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE. * [Bug 2789] Quiet compiler warnings from libevent. * [Bug 2790] If ntpd sets the Windows MM timer highest resolution pause briefly before measuring system clock precision to yield correct results. * Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer. * Use predefined function types for parse driver functions used to set up function pointers. Account for changed prototype of parse_inp_fnc_t functions. Cast parse conversion results to appropriate types to avoid compiler warnings. Let ioctl() for Windows accept a (void ) to avoid compiler warnings when called with pointers to different types. --- (4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org> Update the NEWS file. * [Sec 2671] vallen in extension fields are not validated. --- (4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access rework: reverted sense of mode bit (so default reflects previous behaviour) and updated ducumentation. * [Bug 2732] - Leap second not handled correctly on Windows 8 use 'GetTickCount()' to get the true elapsed time of slew (This should work for all versions of Windows >= W2K) * [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate(). * [Bug 2739] Parse driver with PPS enabled occasionally evaluates PPS timestamp with wrong sign. Removed some German umlauts. * [Bug 2740] Removed some obsolete code from the parse driver. * [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus(). --- (4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org> * Start the RC for 4.2.8p1. * [Bug 2187] Update version number generation scripts. * [Bug 2617] Fix sntp Usage documentation section. * [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed... * [Bug 2736] Show error message if we cannot open the config file. * Copyright update. * Fix the package name. --- (4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2695] Windows build: __func__ not supported under Windows. * [Bug 2728] Work around C99-style structure initialization code for older compilers, specifically Visual Studio prior to VS2013. --- (4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org> * [Bug 1084] PPSAPI for ntpd on Windows with DLL backends * [Bug 2695] Build problem on Windows (sys/socket.h). * [Bug 2715] mdnstries option for ntp.conf from NetBSD. * Fix a regression introduced to timepps-Solaris.h as part of: [Bug 1206] Required compiler changes for Windows (4.2.5p181) 2009/06/06 --- (4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are always private. * [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems. * [Bug 2695] 4.2.8 does not build on Windows. * [bug 2700] mrulist stopped working in 4.2.8. * [Bug 2706] libparse/info_trimble.c build dependencies are broken. * [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD. * [Bug 2714] libevent may need to be built independently of any build of sntp. * [Bug 2715] mdnstries option for ntp.conf from NetBSD. --- (4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2674] Install sntp in sbin on NetBSD. * [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp. * [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c. * [Bug 2709] see if we have a C99 compiler (not yet required). --- (4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. * [Bug 2693] ntp-keygen doesn't build without OpenSSL. * [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes. * [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c. ---
Revision tags: ntp-4-2-8
# 1.1.1.2	19-Dec-2014	christos	branches: 1.1.1.2.2; 1.1.1.2.4; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.10; 1.1.1.2.12; Import ntp 4.2.8
Revision tags: tls-maxphys-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404
# 1.1.1.1	27-Dec-2013	christos	branches: 1.1.1.1.4; 1.1.1.1.6; 1.1.1.1.8; import devel ntpd to avoid amplification attacks.
Revision tags: ntp-4-2-8p9
# 1.1.1.9	22-Nov-2016	christos	(4.2.8p9) 2016/11/21 Released by Harlan Stenn <stenn@ntp.org> * [Sec 3119] Trap crash <perlinger@ntp.org> * [Sec 3118] Mode 6 information disclosure and DDoS vector <perlinger@ntp.org> - TRAP config via mode 6 packet requires AUTH now. * [Sec 3114] Broadcast Mode Replay Prevention DoS - applied patches by Matthew Van Gundy. <perlinger@ntp.org> - with bcpollbstep, tweaks and cleanup by stenn@ntp.org * [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS <perlinger@ntp.org> - applied fix as suggested by Matthew Van Gundy * [Sec 3110] Windows: ntpd DoS by oversized UDP packet - fixed error handling for truncated UDP packets. <perlinger@ntp.org> * [Sec 3102] Zero origin issues. HStenn. * [Sec 3082] null pointer dereference in _IO_str_init_static_internal() - more hardening to read_mru_list(). perlinger@ntp.org * [Sec 3072] Attack on interface selection <perlinger@ntp.org> - implemented Miroslav Lichvars <mlichvar@redhat.com> suggestion to skip interface updates based on incoming packets * [Bug 3142] bug in netmask prefix length detection <perlinger@ntp.org> * [Bug 3138] gpsdjson refclock should honor fudgetime1. stenn@ntp.org * [Bug 3129] Unknown hosts can put resolver thread into a hard loop - moved retry decision where it belongs. <perlinger@ntp.org> * [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order using the loopback-ppsapi-provider.dll <perlinger@ntp.org> * [Bug 3116] unit tests for NTP time stamp expansion. <perlinger@ntp.org> * [Bug 3100] ntpq can't retrieve daemon_version <perlinger@ntp.org> - fixed extended sysvar lookup (bug introduced with bug 3008 fix) * [Bug 3095] Compatibility with openssl 1.1 <perlinger@ntp.org> - applied patches by Kurt Roeckx <kurt@roeckx.be> to source - added shim layer for SSL API calls with issues (both directions) * [Bug 3089] Serial Parser does not work anymore for hopfser like device - simplified / refactored hex-decoding in driver. <perlinger@ntp.org> * [Bug 3084] update-leap mis-parses the leapfile name. HStenn. * [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org - applied patch thanks to Andrew Stormont <andyjstormont@gmail.com> * [Bug 3067] Root distance calculation needs improvement. HStenn. * [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org - PPS-HACK works again. * [Bug 3059] Potential buffer overrun from oversized hash <perlinger@ntp.org> - applied patch by Brian Utterback <brian.utterback@oracle.com> * [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. * [Bug 3050] Fix for bug #2960 causes [...] spurious error message. <perlinger@ntp.org> - patches by Reinhard Max <max@suse.com> and Havard Eidnes <he@uninett.no> * [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org - Patch provided by Kuramatsu. * [Bug 3021] unity_fixture.c needs pragma weak <perlinger@ntp.org> - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' * [Bug 3019] Windows: ERROR_HOST_UNREACHABLE block packet processing. DMayer and JPerlinger. * [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger * [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. * [Bug 2959] refclock_jupiter: gps week correction <perlinger@ntp.org> - fixed GPS week expansion to work based on build date. Special thanks to Craig Leres for initial patch and testing. * [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' - fixed Makefile.am <perlinger@ntp.org> * [Bug 2689] ATOM driver processes last PPS pulse at startup, even if it is very old <perlinger@ntp.org> - make sure PPS source is alive before processing samples - improve stability close to the 500ms phase jump (phase gate) * Fix typos in include/ntp.h. * Shim X509_get_signature_nid() if needed. * git author attribution cleanup * bk ignore file cleanup * remove locks in Windows IO, use rpc-like thread synchronisation instead
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8
# 1.1.1.8	03-Jun-2016	christos	Import ntp 4.2.8p8
Revision tags: ntp-4-2-8p7
# 1.1.1.7	01-May-2016	christos	--- (4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn. * [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve time. Include passive servers in this check. HStenn. * [Sec 2945] Additional KoD packet checks. HStenn. * [Sec 2978] Interleave can be partially triggered. HStenn. * [Sec 3007] Validate crypto-NAKs. Danny Mayer. * [Sec 3008] Always check the return value of ctl_getitem(). - initial work by HStenn - Additional cleanup of ctl_getitem by perlinger@ntp.org * [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org - added more stringent checks on packet content * [Sec 3010] remote configuration trustedkey/requestkey values are not properly validated. perlinger@ntp.org - sidekick: Ignore keys that have an unsupported MAC algorithm but are otherwise well-formed * [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch - graciously accept the same IP multiple times. perlinger@ntp.org * [Sec 3020] Refclock impersonation. HStenn. * [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org - fixed yet another race condition in the threaded resolver code. * [Bug 2858] bool support. Use stdbool.h when available. HStenn. * [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org - integrated patches by Loganaden Velvidron <logan@ntp.org> with some modifications & unit tests * [Bug 2952] Symmetric active/passive mode is broken. HStenn. * [Bug 2960] async name resolution fixes for chroot() environments. Reinhard Max. * [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org * [Bug 2995] Fixes to compile on Windows * [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org * [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org - Patch provided by Ch. Weisgerber * [Bug 3015] ntpq: config-from-file: "request contains an unprintable character" - A change related to [Bug 2853] forbids trailing white space in remote config commands. perlinger@ntp.org * [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE - report and patch from Aleksandr Kostikov. - Overhaul of Windows IO completion port handling. perlinger@ntp.org * [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org - fixed memory leak in access list (auth[read]keys.c) - refactored handling of key access lists (auth[read]keys.c) - reduced number of error branches (authreadkeys.c) * [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org * [Bug 3030] ntpq needs a general way to specify refid output format. HStenn. * [Bug 3031] ntp broadcastclient unable to synchronize to an server when the time of server changed. perlinger@ntp.org - Check the initial delay calculation and reject/unpeer the broadcast server if the delay exceeds 50ms. Retry again after the next broadcast packet. * [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn. * Document ntp.key's optional IP list in authenetic.html. Harlan Stenn. * Update html/xleave.html documentation. Harlan Stenn. * Update ntp.conf documentation. Harlan Stenn. * Fix some Credit: attributions in the NEWS file. Harlan Stenn. * Fix typo in html/monopt.html. Harlan Stenn. * Add README.pullrequests. Harlan Stenn. * Cleanup to include/ntp.h. Harlan Stenn. --- (4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn. * [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn. * [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org * [Sec 2938] ntpq saveconfig command allows dangerous characters in filenames. perlinger@ntp.org * [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org * [Sec 2940] Stack exhaustion in recursive traversal of restriction list. perlinger@ntp.org * [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn. * [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org * [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org * [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org * [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org - applied patch by shenpeng11@huawei.com with minor adjustments * [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org * [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org * [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build. perlinger@ntp.org - Found this already fixed, but validation led to cleanup actions. * [Bug 2905] DNS lookups broken. perlinger@ntp.org - added limits to stack consumption, fixed some return code handling * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call - changed stacked/nested handling of CTRL-C. perlinger@ntp.org - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org * [Bug 2980] reduce number of warnings. perlinger@ntp.org - integrated several patches from Havard Eidnes (he@uninett.no) * [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org - implement 'auth_log2()' using integer bithack instead of float calculation * Make leapsec_query debug messages less verbose. Harlan Stenn. * Disable incomplete t-ntp_signd.c test. Harlan Stenn. ---
Revision tags: ntp-4-2-8p5
# 1.1.1.6	08-Jan-2016	christos	Import ntp 4.2.8p5
Revision tags: ntp-4-2-8p4
# 1.1.1.5	23-Oct-2015	christos	Import ntp 4.2.8p4
Revision tags: ntp-4-2-8p3
# 1.1.1.4	10-Jul-2015	christos	Import ntp 4.2.8p3
Revision tags: ntp-4-2-8p2
# 1.1.1.3	07-Apr-2015	christos	--- (4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org> (4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2763] Fix for different thresholds for forward and backward steps. --- (4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c. * [Bug 2769] New script: update-leap * [Bug 2769] cleannup for update-leap * [Bug 2788] New flag -G (force_step_once). * [Bug 2794] Clean up kernel clock status reports. * [Bug 2795] Cannot build without OpenSLL (on Win32). Provided a Win32 specific wrapper around libevent/arc4random.c. fixed some minor warnings. * [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32. * [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys on big-endian machines. * [Bug 2798] sntp should decode and display the leap indicator. * Simple cleanup to html/build.html --- (4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2794] Don't let reports on normal kernel status changes look like errors. * [Bug 2788] New flag -G (force_step_once). * [Bug 2592] Account for PPS sources which can provide an accurate absolute time stamp, and status information. Fixed indention and removed trailing whitespace. * [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003. * [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument. * [Bug 2346] "graceful termination" signals do not do peer cleanup. * [Bug 2728] See if C99-style structure initialization works. * [Bug 2747] Upgrade libevent to 2.1.5-beta. * [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. . * [Bug 2751] jitter.h has stale copies of l_fp macros. * [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM. * [Bug 2757] Quiet compiler warnings. * [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq. * [Bug 2763] Allow different thresholds for forward and backward steps. * [Bug 2766] ntp-keygen output files should not be world-readable. * [Bug 2767] ntp-keygen -M should symlink to ntp.keys. * [Bug 2771] nonvolatile value is documented in wrong units. * [Bug 2773] Early leap announcement from Palisade/Thunderbolt * [Bug 2774] Unreasonably verbose printout - leap pending/warning * [Bug 2775] ntp-keygen.c fails to compile under Windows. * [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info. Removed non-ASCII characters from some copyright comments. Removed trailing whitespace. Updated definitions for Meinberg clocks from current Meinberg header files. Now use C99 fixed-width types and avoid non-ASCII characters in comments. Account for updated definitions pulled from Meinberg header files. Updated comments on Meinberg GPS receivers which are not only called GPS16x. Replaced some constant numbers by defines from ntp_calendar.h Modified creation of parse-specific variables for Meinberg devices in gps16x_message(). Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates. Modified mbg_tm_str() which now expexts an additional parameter controlling if the time status shall be printed. * [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto. * [Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks. * [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE. * [Bug 2789] Quiet compiler warnings from libevent. * [Bug 2790] If ntpd sets the Windows MM timer highest resolution pause briefly before measuring system clock precision to yield correct results. * Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer. * Use predefined function types for parse driver functions used to set up function pointers. Account for changed prototype of parse_inp_fnc_t functions. Cast parse conversion results to appropriate types to avoid compiler warnings. Let ioctl() for Windows accept a (void ) to avoid compiler warnings when called with pointers to different types. --- (4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org> Update the NEWS file. * [Sec 2671] vallen in extension fields are not validated. --- (4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access rework: reverted sense of mode bit (so default reflects previous behaviour) and updated ducumentation. * [Bug 2732] - Leap second not handled correctly on Windows 8 use 'GetTickCount()' to get the true elapsed time of slew (This should work for all versions of Windows >= W2K) * [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate(). * [Bug 2739] Parse driver with PPS enabled occasionally evaluates PPS timestamp with wrong sign. Removed some German umlauts. * [Bug 2740] Removed some obsolete code from the parse driver. * [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus(). --- (4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org> * Start the RC for 4.2.8p1. * [Bug 2187] Update version number generation scripts. * [Bug 2617] Fix sntp Usage documentation section. * [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed... * [Bug 2736] Show error message if we cannot open the config file. * Copyright update. * Fix the package name. --- (4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2695] Windows build: __func__ not supported under Windows. * [Bug 2728] Work around C99-style structure initialization code for older compilers, specifically Visual Studio prior to VS2013. --- (4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org> * [Bug 1084] PPSAPI for ntpd on Windows with DLL backends * [Bug 2695] Build problem on Windows (sys/socket.h). * [Bug 2715] mdnstries option for ntp.conf from NetBSD. * Fix a regression introduced to timepps-Solaris.h as part of: [Bug 1206] Required compiler changes for Windows (4.2.5p181) 2009/06/06 --- (4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2627] shm refclock allows only two units with owner-only access Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are always private. * [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems. * [Bug 2695] 4.2.8 does not build on Windows. * [bug 2700] mrulist stopped working in 4.2.8. * [Bug 2706] libparse/info_trimble.c build dependencies are broken. * [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD. * [Bug 2714] libevent may need to be built independently of any build of sntp. * [Bug 2715] mdnstries option for ntp.conf from NetBSD. --- (4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org> * [Bug 2674] Install sntp in sbin on NetBSD. * [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp. * [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c. * [Bug 2709] see if we have a C99 compiler (not yet required). --- (4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org> * [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs. * [Bug 2693] ntp-keygen doesn't build without OpenSSL. * [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes. * [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c. ---
Revision tags: ntp-4-2-8
# 1.1.1.2	19-Dec-2014	christos	branches: 1.1.1.2.2; 1.1.1.2.4; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.10; 1.1.1.2.12; Import ntp 4.2.8
Revision tags: tls-maxphys-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404
# 1.1.1.1	27-Dec-2013	christos	branches: 1.1.1.1.4; 1.1.1.1.6; 1.1.1.1.8; import devel ntpd to avoid amplification attacks.