The NetBSD Project

CVS log for pkgsrc/net/chrony/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / net / chrony

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.58: download - view: text, markup, annotated - select for diffs
Thu Nov 14 22:21:03 2024 UTC (3 weeks, 6 days ago) by wiz
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.57: preferred, colored
Changes since revision 1.57: +2 -2 lines
*: recursive bump for icu 76 shlib major version bump

Revision 1.57: download - view: text, markup, annotated - select for diffs
Fri Nov 1 12:53:48 2024 UTC (5 weeks, 6 days ago) by wiz
Branches: MAIN
Diff to: previous 1.56: preferred, colored
Changes since revision 1.56: +2 -2 lines
*: revbump for icu downgrade

Revision 1.56: download - view: text, markup, annotated - select for diffs
Fri Nov 1 00:53:02 2024 UTC (5 weeks, 6 days ago) by wiz
Branches: MAIN
Diff to: previous 1.55: preferred, colored
Changes since revision 1.55: +2 -2 lines
*: recursive bump for icu 76.1 shlib bump

Revision 1.55: download - view: text, markup, annotated - select for diffs
Wed May 29 16:33:49 2024 UTC (6 months, 2 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2
Diff to: previous 1.54: preferred, colored
Changes since revision 1.54: +2 -2 lines
revbump after icu and protobuf updates

Revision 1.54: download - view: text, markup, annotated - select for diffs
Thu May 16 06:15:16 2024 UTC (6 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +2 -2 lines
*: recursive bump for gnutls p11-kit option

(existing installations need the bl3.mk included, but it's now only
optionally included)

Revision 1.53: download - view: text, markup, annotated - select for diffs
Wed Nov 8 13:20:22 2023 UTC (13 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1, pkgsrc-2023Q4-base, pkgsrc-2023Q4
Diff to: previous 1.52: preferred, colored
Changes since revision 1.52: +2 -2 lines
*: recursive bump for icu 74.1

Revision 1.52: download - view: text, markup, annotated - select for diffs
Tue Oct 24 22:10:13 2023 UTC (13 months, 2 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +2 -2 lines
*: bump for openssl 3

Revision 1.51: download - view: text, markup, annotated - select for diffs
Wed Apr 19 08:11:02 2023 UTC (19 months, 3 weeks ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3, pkgsrc-2023Q2-base, pkgsrc-2023Q2
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +2 -2 lines
revbump after textproc/icu update

Revision 1.50: download - view: text, markup, annotated - select for diffs
Wed Oct 26 10:31:46 2022 UTC (2 years, 1 month ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +2 -1 lines
*: bump PKGREVISION for libunistring shlib major bump

Revision 1.49: download - view: text, markup, annotated - select for diffs
Tue Apr 12 14:19:55 2022 UTC (2 years, 8 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2022Q3-base, pkgsrc-2022Q3, pkgsrc-2022Q2-base, pkgsrc-2022Q2
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +2 -3 lines
chrony: update to 4.2

New in version 4.2
==================

Enhancements
------------
* Add support for NTPv4 extension field improving synchronisation
  stability and resolution of root delay and dispersion (experimental)
* Add support for NTP over PTP (experimental)
* Add support for AES-CMAC and hash functions in GnuTLS
* Improve server interleaved mode to be more reliable and support
  multiple clients behind NAT
* Update seccomp filter
* Add statistics about interleaved mode to serverstats report

Bug fixes
---------
* Fix RTC support with 64-bit time_t on 32-bit Linux
* Fix seccomp filter to work correctly with bind*device directives
* Suppress kernel adjustments of system clock (dosynctodr) on illumos

Other changes
-------------
* Switch Solaris support to illumos

Revision 1.48: download - view: text, markup, annotated - select for diffs
Wed Dec 8 16:05:55 2021 UTC (3 years ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +2 -2 lines
revbump for icu and libffi

Revision 1.47: download - view: text, markup, annotated - select for diffs
Wed Sep 29 19:01:05 2021 UTC (3 years, 2 months ago) by adam
Branches: MAIN
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +2 -1 lines
revbump for boost-libs

Revision 1.46: download - view: text, markup, annotated - select for diffs
Sat Jun 12 08:38:01 2021 UTC (3 years, 6 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +5 -3 lines
chrony: update to 4.1

New in version 4.1
==================

Enhancements
------------
* Add support for NTS servers specified by IP address (matching
  Subject Alternative Name in server certificate)
* Add source-specific configuration of trusted certificates
* Allow multiple files and directories with trusted certificates
* Allow multiple pairs of server keys and certificates
* Add copy option to server/pool directive
* Increase PPS lock limit to 40% of pulse interval
* Perform source selection immediately after loading dump files
* Reload dump files for addresses negotiated by NTS-KE server
* Update seccomp filter and add less restrictive level
* Restart ongoing name resolution on online command

Bug fixes
---------
* Fix responding to IPv4 command requests on FreeBSD
* Fix dump files to not include uncorrected offset
* Fix initstepslew to accept time from own NTP clients
* Reset NTP address and port when no longer negotiated by NTS-KE server

Revision 1.45: download - view: text, markup, annotated - select for diffs
Wed Apr 21 13:25:07 2021 UTC (3 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +2 -1 lines
revbump for boost-libs

Revision 1.44: download - view: text, markup, annotated - select for diffs
Fri Mar 12 09:57:18 2021 UTC (3 years, 9 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +4 -6 lines
chrony: Update to 4.0

New in version 4.0
==================

Enhancements
------------
* Add support for Network Time Security (NTS) authentication
* Add support for AES-CMAC keys (AES128, AES256) with Nettle
* Add authselectmode directive to control selection of unauthenticated sources
* Add binddevice, bindacqdevice, bindcmddevice directives
* Add confdir directive to better support fragmented configuration
* Add sourcedir directive and "reload sources" command to support dynamic
  NTP sources specified in files
* Add clockprecision directive
* Add dscp directive to set Differentiated Services Code Point (DSCP)
* Add -L option to limit log messages by severity
* Add -p option to print whole configuration with included files
* Add -U option to allow start under non-root user
* Allow maxsamples to be set to 1 for faster update with -q/-Q option
* Avoid replacing NTP sources with sources that have unreachable address
* Improve pools to repeat name resolution to get "maxsources" sources
* Improve source selection with trusted sources
* Improve NTP loop test to prevent synchronisation to itself
* Repeat iburst when NTP source is switched from offline state to online
* Update clock synchronisation status and leap status more frequently
* Update seccomp filter
* Add "add pool" command
* Add "reset sources" command to drop all measurements
* Add authdata command to print details about NTP authentication
* Add selectdata command to print details about source selection
* Add -N option and sourcename command to print original names of sources
* Add -a option to some commands to print also unresolved sources
* Add -k, -p, -r options to clients command to select, limit, reset data

Bug fixes
---------
* Don't set interface for NTP responses to allow asymmetric routing
* Handle RTCs that don't support interrupts
* Respond to command requests with correct address on multihomed hosts

Removed features
----------------
* Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320)
* Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x
  clients using non-MD5/SHA1 keys need to use option "version 3")
* Drop support for line editing with GNU Readline

Revision 1.42.2.1: download - view: text, markup, annotated - select for diffs
Fri Aug 28 16:13:26 2020 UTC (4 years, 3 months ago) by bsiegert
Branches: pkgsrc-2020Q2
Diff to: previous 1.42: preferred, colored; next MAIN 1.43: preferred, colored
Changes since revision 1.42: +2 -3 lines
Pullup ticket #6316 - requested by hannken
net/chrony: security fix

Revisions pulled up:
- net/chrony/Makefile                                           1.43
- net/chrony/distinfo                                           1.14

---
   Module Name:    pkgsrc
   Committed By:   hannken
   Date:           Thu Aug 27 07:00:51 UTC 2020

   Modified Files:
           pkgsrc/net/chrony: Makefile distinfo

   Log Message:
   chrony: update to 3.5.1.

   New in version 3.5.1
   ====================

   Security fixes
   --------------
   * Create new file when writing pidfile (CVE-2020-14367)

Revision 1.43: download - view: text, markup, annotated - select for diffs
Thu Aug 27 07:00:51 2020 UTC (4 years, 3 months ago) by hannken
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +2 -3 lines
chrony: update to 3.5.1.

New in version 3.5.1
====================

Security fixes
--------------
* Create new file when writing pidfile (CVE-2020-14367)

Revision 1.42: download - view: text, markup, annotated - select for diffs
Fri May 22 10:56:25 2020 UTC (4 years, 6 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base
Branch point for: pkgsrc-2020Q2
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +2 -2 lines
revbump after updating security/nettle

Revision 1.41: download - view: text, markup, annotated - select for diffs
Tue Apr 28 04:06:09 2020 UTC (4 years, 7 months ago) by rillig
Branches: MAIN
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +3 -4 lines
net/chrony: clean up SUBST_FILES

There is nothing to replace in chrony.keys.example or conf.c.

Revision 1.40: download - view: text, markup, annotated - select for diffs
Sun Jan 26 17:31:48 2020 UTC (4 years, 10 months ago) by rillig
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +2 -2 lines
all: migrate homepages from http to https

pkglint -r --network --only "migrate"

As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.

Revision 1.39: download - view: text, markup, annotated - select for diffs
Sat Jul 20 22:46:36 2019 UTC (5 years, 4 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +2 -1 lines
*: recursive bump for nettle 3.5.1

Revision 1.38: download - view: text, markup, annotated - select for diffs
Fri May 17 10:12:27 2019 UTC (5 years, 6 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +2 -3 lines
chrony: Update to 3.5

New in version 3.5
==================

Enhancements
------------
* Add support for more accurate reading of PHC on Linux 5.0
* Add support for hardware timestamping on interfaces with read-only
  timestamping configuration
* Add support for memory locking and real-time priority on FreeBSD,
  NetBSD, Solaris
* Update seccomp filter to work on more architectures
* Validate refclock driver options

Bug fixes
---------
* Fix bindaddress directive on FreeBSD
* Fix transposition of hardware RX timestamp on Linux 4.13 and later
* Fix building on non-glibc systems

Revision 1.37: download - view: text, markup, annotated - select for diffs
Sun Mar 10 19:16:46 2019 UTC (5 years, 9 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +6 -3 lines
chrony: update to 3.4nb1.

Add default-on nettle option.
Requested by Fabien in PR 54042, ok hannken@

Revision 1.35.2.1: download - view: text, markup, annotated - select for diffs
Sat Oct 6 12:08:32 2018 UTC (6 years, 2 months ago) by spz
Branches: pkgsrc-2018Q3
Diff to: previous 1.35: preferred, colored; next MAIN 1.36: preferred, colored
Changes since revision 1.35: +8 -8 lines
Pullup ticket #5838 - requested by nia
net/chrony: security update

Revisions pulled up:
- net/chrony/Makefile                                           1.36
- net/chrony/PLIST                                              1.7
- net/chrony/distinfo                                           1.12
- net/chrony/patches/patch-Makefile.in                          1.2
- net/chrony/patches/patch-conf.c                               deleted
- net/chrony/patches/patch-doc_Makefile.in                      1.1
- net/chrony/patches/patch-examples_chrony.conf.example3        1.1
- net/chrony/patches/patch-examples_chrony.keys.example         deleted
- net/chrony/patches/patch-ntp__io.c                            deleted

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Mon Oct  1 15:53:58 UTC 2018

   Modified Files:
   	pkgsrc/net/chrony: Makefile PLIST distinfo
   	pkgsrc/net/chrony/patches: patch-Makefile.in
   Added Files:
   	pkgsrc/net/chrony/patches: patch-doc_Makefile.in
   	    patch-examples_chrony.conf.example3
   Removed Files:
   	pkgsrc/net/chrony/patches: patch-conf.c
   	    patch-examples_chrony.keys.example patch-ntp__io.c

   Log Message:
   net/chrony: update to version 3.4.

   Changes:

   19 Sep 2018: chrony-3.4 released
   Enhancements

       Add filter option to server/pool/peer directive

       Add minsamples and maxsamples options to hwtimestamp directive

       Add support for faster frequency adjustments in Linux 4.19

       Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit

       Disable sub-second polling intervals for distant NTP sources

       Extend range of supported sub-second polling intervals

       Get/set IPv4 destination/source address of NTP packets on FreeBSD

       Make burst options and command useful with short polling intervals

       Modify auto_offline option to activate when sending request failed

       Respond from interface that received NTP request if possible

       Add onoffline command to switch between online and offline state according to current system network configuration

       Improve example NetworkManager dispatcher script

   Bug fixes

       Avoid waiting in Linux getrandom system call

       Fix PPS support on FreeBSD and NetBSD

   4 Apr 2018: chrony-3.3 released
   Enhancements

       Add burst option to server/pool directive

       Add stratum and tai options to refclock directive

       Add support for Nettle crypto library

       Add workaround for missing kernel receive timestamps on Linux

       Wait for late hardware transmit timestamps

       Improve source selection with unreachable sources

       Improve protection against replay attacks on symmetric mode

       Allow PHC refclock to use socket in /var/run/chrony

       Add shutdown command to stop chronyd

       Simplify format of response to manual list command

       Improve handling of unknown responses in chronyc

   Bug fixes

       Respond to NTPv1 client requests with zero mode

       Fix -x option to not require CAP_SYS_TIME under non-root user

       Fix acquisitionport directive to work with privilege separation

       Fix handling of socket errors on Linux to avoid high CPU usage

       Fix chronyc to not get stuck in infinite loop after clock step

   15 Sep 2017: chrony-3.2 released
   Enhancements

       Improve stability with NTP sources and reference clocks

       Improve stability with hardware timestamping

       Improve support for NTP interleaved modes

       Control frequency of system clock on macOS 10.13 and later

       Set TAI-UTC offset of system clock with leapsectz directive

       Minimise data in client requests to improve privacy

       Allow transmit-only hardware timestamping

       Add support for new timestamping options introduced in Linux 4.13

       Add root delay, root dispersion and maximum error to tracking log

       Add mindelay and asymmetry options to server/peer/pool directive

       Add extpps option to PHC refclock to timestamp external PPS signal

       Add pps option to refclock directive to treat any refclock as PPS

       Add width option to refclock directive to filter wrong pulse edges

       Add rxfilter option to hwtimestamp directive

       Add -x option to disable control of system clock

       Add -l option to log to specified file instead of syslog

       Allow multiple command-line options to be specified together

       Allow starting without root privileges with -Q option

       Update seccomp filter for new glibc versions

       Dump history on exit by default with dumpdir directive

       Use hardening compiler options by default

   Bug fixes

       Don’t drop PHC samples with low-resolution system clock

       Ignore outliers in PHC tracking, RTC tracking, manual input

       Increase polling interval when peer is not responding

       Exit with error message when include directive fails

       Don’t allow slash after hostname in allow/deny directive/command

       Try to connect to all addresses in chronyc before giving up

   31 Jan 2017: chrony-3.1 released
   Enhancements

       Add support for precise cross timestamping of PHC on Linux

       Add minpoll, precision, nocrossts options to hwtimestamp directive

       Add rawmeasurements option to log directive and modify measurements option to log only valid measurements from synchronised sources

       Allow sub-second polling interval with NTP sources

   Bug fixes

       Fix time smoothing in interleaved mode

   16 Jan 2017: chrony-3.0 released
   Enhancements

       Add support for software and hardware timestamping on Linux

       Add support for client/server and symmetric interleaved modes

       Add support for MS-SNTP authentication in Samba

       Add support for truncated MACs in NTPv4 packets

       Estimate and correct for asymmetric network jitter

       Increase default minsamples and polltarget to improve stability with very low jitter

       Add maxjitter directive to limit source selection by jitter

       Add offset option to server/pool/peer directive

       Add maxlockage option to refclock directive

       Add -t option to chronyd to exit after specified time

       Add partial protection against replay attacks on symmetric mode

       Don’t reset polling interval when switching sources to online state

       Allow rate limiting with very short intervals

       Improve maximum server throughput on Linux and NetBSD

       Remove dump files after start

       Add tab-completion to chronyc with libedit/readline

       Add ntpdata command to print details about NTP measurements

       Allow all source options to be set in add server/peer command

       Indicate truncated addresses/hostnames in chronyc output

       Print reference IDs as hexadecimal numbers to avoid confusion with IPv4 addresses

   Bug fixes

       Fix crash with disabled asynchronous name resolving

   21 Nov 2016: chrony-2.4.1 released
   Bug fixes

       Fix processing of kernel timestamps on non-Linux systems

       Fix crash with smoothtime directive

       Fix validation of refclock sample times

       Fix parsing of refclock directive

   7 Jun 2016: chrony-2.4 released
   Enhancements

       Add orphan option to local directive for orphan mode compatible with ntpd

       Add distance option to local directive to set activation threshold (1 second by default)

       Add maxdrift directive to set maximum allowed drift of system clock

       Try to replace NTP sources exceeding maximum distance

       Randomise source replacement to avoid getting stuck with bad sources

       Randomise selection of sources from pools on start

       Ignore reference timestamp as ntpd doesn’t always set it correctly

       Modify tracking report to use same values as seen by NTP clients

       Add -c option to chronyc to write reports in CSV format

       Provide detailed manual pages

   Bug fixes

       Fix SOCK refclock to work correctly when not specified as last refclock

       Fix initstepslew and -q/-Q options to accept time from own NTP clients

       Fix authentication with keys using 512-bit hash functions

       Fix crash on exit when multiple signals are received

       Fix conversion of very small floating-point numbers in command packets

   Removed features

       Drop documentation in Texinfo format

   16 Feb 2016: chrony-2.3 released
   Enhancements

       Add support for NTP and command response rate limiting

       Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris

       Add require and trust options for source selection

       Enable logchange by default (1 second threshold)

       Set RTC on Mac OS X with rtcsync directive

       Allow binding to NTP port after dropping root privileges on NetBSD

       Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled

       Resolve names in separate process when seccomp filter is enabled

       Replace old records in client log when memory limit is reached

       Don’t reveal local time and synchronisation state in client packets

       Don’t keep client sockets open for longer than necessary

       Ignore poll in KoD RATE packets as ntpd doesn’t always set it correctly

       Warn when using keys shorter than 80 bits

       Add keygen command to generate random keys easily

       Add serverstats command to report NTP and command packet statistics

   Bug fixes

       Fix clock correction after making step on Mac OS X

       Fix building on Solaris

   20 Jan 2016: chrony-2.2.1 and chrony-1.31.2 released
   Security fixes

       Restrict authentication of NTP server/peer to specified key (CVE-2016-1567)

   CVE-2016-1567: Impersonation between authenticated peers

   When a server/peer was specified with a key number to enable authentication with a symmetric key, packets received from the server/peer were accepted if they were authenticated with any of the keys contained in the key file and not just the specified key.

   This allowed an attacker who knew one key of a client/peer to modify packets from its servers/peers that were authenticated with other keys in a man-in-the-middle (MITM) attack. For example, in a network where each NTP association had a separate key and all hosts had only keys they needed, a client of a server could not attack other clients of the server, but it could attack the server and also attack its own clients (i.e. modify packets from other servers).

   To not allow the server/peer to be authenticated with other keys, the authentication test was extended to check if the key ID in the received packet is equal to the configured key number. As a consequence, it’s no longer possible to authenticate two peers to each other with two different keys, both peers have to be configured to use the same key.

   This issue was discovered by Matt Street of Cisco ASIG.
   19 Oct 2015: chrony-2.2 released
   Enhancements

       Add support for configuration and monitoring over Unix domain socket (accessible by root or chrony user when root privileges are dropped)

       Add support for system call filtering with seccomp on Linux (experimental)

       Add support for dropping root privileges on NetBSD

       Control frequency of system clock on FreeBSD, NetBSD, Solaris

       Add system leap second handling mode on FreeBSD, NetBSD, Solaris

       Add dynamic drift removal on Mac OS X

       Add support for setting real-time priority on Mac OS X

       Add maxdistance directive to limit source selection by root distance (3 seconds by default)

       Add refresh command to get new addresses of NTP sources

       Allow wildcard patterns in include directive

       Restore time from driftfile with -s option if later than RTC time

       Add configure option to set default hwclockfile

       Add -d option to chronyc to enable debug messages

       Allow multiple addresses to be specified for chronyc with -h option and reconnect when no valid reply is received

       Make check interval in waitsync command configurable

   Bug fixes

       Fix building on NetBSD, Solaris

       Restore time from driftfile with -s option if reading RTC failed

   Removed features

       Drop support for authentication with command key (run-time configuration is now allowed only for local users that can access the Unix domain socket)

   23 Jun 2015: chrony-2.1.1 released
   Bug fixes

       Fix clock stepping by integer number of seconds on Linux

   22 Jun 2015: chrony-2.1 released
   Enhancements

       Add support for Mac OS X

       Try to replace unreachable and falseticker servers/peers specified by name like pool sources

       Add leaponly option to smoothtime directive to allow synchronised leap smear between multiple servers

       Use specific reference ID when smoothing served time

       Add smoothing command to report time smoothing status

       Add smoothtime command to activate or reset time smoothing

   Bug fixes

       Fix crash in source selection with preferred sources

       Fix resetting of time smoothing

       Include packet precision in peer dispersion

       Fix crash in chronyc on invalid command syntax

   27 Apr 2015: chrony-2.0 released
   Enhancements

       Update to NTP version 4 (RFC 5905)

       Add pool directive to specify pool of NTP servers

       Add leapsecmode directive to select how to correct clock for leap second

       Add smoothtime directive to smooth served time and enable leap smear

       Add minsources directive to set required number of selectable sources

       Add minsamples and maxsamples options for all sources

       Add tempcomp configuration with list of points

       Allow unlimited number of NTP sources, refclocks and keys

       Allow unreachable sources to remain selected

       Improve source selection

       Handle offline sources as unreachable

       Open NTP server port only when necessary (client access is allowed by allow directive/command or peer/broadcast is configured)

       Change default bindcmdaddress to loopback address

       Change default maxdelay to 3 seconds

       Change default stratumweight to 0.001

       Update adjtimex synchronisation status

       Use system headers for adjtimex

       Check for memory allocation errors

       Reduce memory usage

       Add configure options to compile without NTP, cmdmon, refclock support

       Extend makestep command to set automatic clock stepping

   Bug fixes

       Add sanity checks for time and frequency offset

       Don’t report synchronised status during leap second

       Don’t combine reference clocks with close NTP sources

       Fix accepting requests from configured sources

       Fix initial fallback drift setting


   To generate a diff of this commit:
   cvs rdiff -u -r1.35 -r1.36 pkgsrc/net/chrony/Makefile
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/chrony/PLIST
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/chrony/distinfo
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/chrony/patches/patch-Makefile.in
   cvs rdiff -u -r1.1 -r0 pkgsrc/net/chrony/patches/patch-conf.c \
       pkgsrc/net/chrony/patches/patch-examples_chrony.keys.example
   cvs rdiff -u -r0 -r1.1 pkgsrc/net/chrony/patches/patch-doc_Makefile.in \
       pkgsrc/net/chrony/patches/patch-examples_chrony.conf.example3
   cvs rdiff -u -r1.2 -r0 pkgsrc/net/chrony/patches/patch-ntp__io.c

Revision 1.36: download - view: text, markup, annotated - select for diffs
Mon Oct 1 15:53:58 2018 UTC (6 years, 2 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +8 -8 lines
net/chrony: update to version 3.4.

Changes:

19 Sep 2018: chrony-3.4 released
Enhancements

    Add filter option to server/pool/peer directive

    Add minsamples and maxsamples options to hwtimestamp directive

    Add support for faster frequency adjustments in Linux 4.19

    Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit

    Disable sub-second polling intervals for distant NTP sources

    Extend range of supported sub-second polling intervals

    Get/set IPv4 destination/source address of NTP packets on FreeBSD

    Make burst options and command useful with short polling intervals

    Modify auto_offline option to activate when sending request failed

    Respond from interface that received NTP request if possible

    Add onoffline command to switch between online and offline state according to current system network configuration

    Improve example NetworkManager dispatcher script

Bug fixes

    Avoid waiting in Linux getrandom system call

    Fix PPS support on FreeBSD and NetBSD

4 Apr 2018: chrony-3.3 released
Enhancements

    Add burst option to server/pool directive

    Add stratum and tai options to refclock directive

    Add support for Nettle crypto library

    Add workaround for missing kernel receive timestamps on Linux

    Wait for late hardware transmit timestamps

    Improve source selection with unreachable sources

    Improve protection against replay attacks on symmetric mode

    Allow PHC refclock to use socket in /var/run/chrony

    Add shutdown command to stop chronyd

    Simplify format of response to manual list command

    Improve handling of unknown responses in chronyc

Bug fixes

    Respond to NTPv1 client requests with zero mode

    Fix -x option to not require CAP_SYS_TIME under non-root user

    Fix acquisitionport directive to work with privilege separation

    Fix handling of socket errors on Linux to avoid high CPU usage

    Fix chronyc to not get stuck in infinite loop after clock step

15 Sep 2017: chrony-3.2 released
Enhancements

    Improve stability with NTP sources and reference clocks

    Improve stability with hardware timestamping

    Improve support for NTP interleaved modes

    Control frequency of system clock on macOS 10.13 and later

    Set TAI-UTC offset of system clock with leapsectz directive

    Minimise data in client requests to improve privacy

    Allow transmit-only hardware timestamping

    Add support for new timestamping options introduced in Linux 4.13

    Add root delay, root dispersion and maximum error to tracking log

    Add mindelay and asymmetry options to server/peer/pool directive

    Add extpps option to PHC refclock to timestamp external PPS signal

    Add pps option to refclock directive to treat any refclock as PPS

    Add width option to refclock directive to filter wrong pulse edges

    Add rxfilter option to hwtimestamp directive

    Add -x option to disable control of system clock

    Add -l option to log to specified file instead of syslog

    Allow multiple command-line options to be specified together

    Allow starting without root privileges with -Q option

    Update seccomp filter for new glibc versions

    Dump history on exit by default with dumpdir directive

    Use hardening compiler options by default

Bug fixes

    Don’t drop PHC samples with low-resolution system clock

    Ignore outliers in PHC tracking, RTC tracking, manual input

    Increase polling interval when peer is not responding

    Exit with error message when include directive fails

    Don’t allow slash after hostname in allow/deny directive/command

    Try to connect to all addresses in chronyc before giving up

31 Jan 2017: chrony-3.1 released
Enhancements

    Add support for precise cross timestamping of PHC on Linux

    Add minpoll, precision, nocrossts options to hwtimestamp directive

    Add rawmeasurements option to log directive and modify measurements option to log only valid measurements from synchronised sources

    Allow sub-second polling interval with NTP sources

Bug fixes

    Fix time smoothing in interleaved mode

16 Jan 2017: chrony-3.0 released
Enhancements

    Add support for software and hardware timestamping on Linux

    Add support for client/server and symmetric interleaved modes

    Add support for MS-SNTP authentication in Samba

    Add support for truncated MACs in NTPv4 packets

    Estimate and correct for asymmetric network jitter

    Increase default minsamples and polltarget to improve stability with very low jitter

    Add maxjitter directive to limit source selection by jitter

    Add offset option to server/pool/peer directive

    Add maxlockage option to refclock directive

    Add -t option to chronyd to exit after specified time

    Add partial protection against replay attacks on symmetric mode

    Don’t reset polling interval when switching sources to online state

    Allow rate limiting with very short intervals

    Improve maximum server throughput on Linux and NetBSD

    Remove dump files after start

    Add tab-completion to chronyc with libedit/readline

    Add ntpdata command to print details about NTP measurements

    Allow all source options to be set in add server/peer command

    Indicate truncated addresses/hostnames in chronyc output

    Print reference IDs as hexadecimal numbers to avoid confusion with IPv4 addresses

Bug fixes

    Fix crash with disabled asynchronous name resolving

21 Nov 2016: chrony-2.4.1 released
Bug fixes

    Fix processing of kernel timestamps on non-Linux systems

    Fix crash with smoothtime directive

    Fix validation of refclock sample times

    Fix parsing of refclock directive

7 Jun 2016: chrony-2.4 released
Enhancements

    Add orphan option to local directive for orphan mode compatible with ntpd

    Add distance option to local directive to set activation threshold (1 second by default)

    Add maxdrift directive to set maximum allowed drift of system clock

    Try to replace NTP sources exceeding maximum distance

    Randomise source replacement to avoid getting stuck with bad sources

    Randomise selection of sources from pools on start

    Ignore reference timestamp as ntpd doesn’t always set it correctly

    Modify tracking report to use same values as seen by NTP clients

    Add -c option to chronyc to write reports in CSV format

    Provide detailed manual pages

Bug fixes

    Fix SOCK refclock to work correctly when not specified as last refclock

    Fix initstepslew and -q/-Q options to accept time from own NTP clients

    Fix authentication with keys using 512-bit hash functions

    Fix crash on exit when multiple signals are received

    Fix conversion of very small floating-point numbers in command packets

Removed features

    Drop documentation in Texinfo format

16 Feb 2016: chrony-2.3 released
Enhancements

    Add support for NTP and command response rate limiting

    Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris

    Add require and trust options for source selection

    Enable logchange by default (1 second threshold)

    Set RTC on Mac OS X with rtcsync directive

    Allow binding to NTP port after dropping root privileges on NetBSD

    Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled

    Resolve names in separate process when seccomp filter is enabled

    Replace old records in client log when memory limit is reached

    Don’t reveal local time and synchronisation state in client packets

    Don’t keep client sockets open for longer than necessary

    Ignore poll in KoD RATE packets as ntpd doesn’t always set it correctly

    Warn when using keys shorter than 80 bits

    Add keygen command to generate random keys easily

    Add serverstats command to report NTP and command packet statistics

Bug fixes

    Fix clock correction after making step on Mac OS X

    Fix building on Solaris

20 Jan 2016: chrony-2.2.1 and chrony-1.31.2 released
Security fixes

    Restrict authentication of NTP server/peer to specified key (CVE-2016-1567)

CVE-2016-1567: Impersonation between authenticated peers

When a server/peer was specified with a key number to enable authentication with a symmetric key, packets received from the server/peer were accepted if they were authenticated with any of the keys contained in the key file and not just the specified key.

This allowed an attacker who knew one key of a client/peer to modify packets from its servers/peers that were authenticated with other keys in a man-in-the-middle (MITM) attack. For example, in a network where each NTP association had a separate key and all hosts had only keys they needed, a client of a server could not attack other clients of the server, but it could attack the server and also attack its own clients (i.e. modify packets from other servers).

To not allow the server/peer to be authenticated with other keys, the authentication test was extended to check if the key ID in the received packet is equal to the configured key number. As a consequence, it’s no longer possible to authenticate two peers to each other with two different keys, both peers have to be configured to use the same key.

This issue was discovered by Matt Street of Cisco ASIG.
19 Oct 2015: chrony-2.2 released
Enhancements

    Add support for configuration and monitoring over Unix domain socket (accessible by root or chrony user when root privileges are dropped)

    Add support for system call filtering with seccomp on Linux (experimental)

    Add support for dropping root privileges on NetBSD

    Control frequency of system clock on FreeBSD, NetBSD, Solaris

    Add system leap second handling mode on FreeBSD, NetBSD, Solaris

    Add dynamic drift removal on Mac OS X

    Add support for setting real-time priority on Mac OS X

    Add maxdistance directive to limit source selection by root distance (3 seconds by default)

    Add refresh command to get new addresses of NTP sources

    Allow wildcard patterns in include directive

    Restore time from driftfile with -s option if later than RTC time

    Add configure option to set default hwclockfile

    Add -d option to chronyc to enable debug messages

    Allow multiple addresses to be specified for chronyc with -h option and reconnect when no valid reply is received

    Make check interval in waitsync command configurable

Bug fixes

    Fix building on NetBSD, Solaris

    Restore time from driftfile with -s option if reading RTC failed

Removed features

    Drop support for authentication with command key (run-time configuration is now allowed only for local users that can access the Unix domain socket)

23 Jun 2015: chrony-2.1.1 released
Bug fixes

    Fix clock stepping by integer number of seconds on Linux

22 Jun 2015: chrony-2.1 released
Enhancements

    Add support for Mac OS X

    Try to replace unreachable and falseticker servers/peers specified by name like pool sources

    Add leaponly option to smoothtime directive to allow synchronised leap smear between multiple servers

    Use specific reference ID when smoothing served time

    Add smoothing command to report time smoothing status

    Add smoothtime command to activate or reset time smoothing

Bug fixes

    Fix crash in source selection with preferred sources

    Fix resetting of time smoothing

    Include packet precision in peer dispersion

    Fix crash in chronyc on invalid command syntax

27 Apr 2015: chrony-2.0 released
Enhancements

    Update to NTP version 4 (RFC 5905)

    Add pool directive to specify pool of NTP servers

    Add leapsecmode directive to select how to correct clock for leap second

    Add smoothtime directive to smooth served time and enable leap smear

    Add minsources directive to set required number of selectable sources

    Add minsamples and maxsamples options for all sources

    Add tempcomp configuration with list of points

    Allow unlimited number of NTP sources, refclocks and keys

    Allow unreachable sources to remain selected

    Improve source selection

    Handle offline sources as unreachable

    Open NTP server port only when necessary (client access is allowed by allow directive/command or peer/broadcast is configured)

    Change default bindcmdaddress to loopback address

    Change default maxdelay to 3 seconds

    Change default stratumweight to 0.001

    Update adjtimex synchronisation status

    Use system headers for adjtimex

    Check for memory allocation errors

    Reduce memory usage

    Add configure options to compile without NTP, cmdmon, refclock support

    Extend makestep command to set automatic clock stepping

Bug fixes

    Add sanity checks for time and frequency offset

    Don’t report synchronised status during leap second

    Don’t combine reference clocks with close NTP sources

    Fix accepting requests from configured sources

    Fix initial fallback drift setting

Revision 1.35: download - view: text, markup, annotated - select for diffs
Wed Jul 4 13:40:27 2018 UTC (6 years, 5 months ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2018Q3-base
Branch point for: pkgsrc-2018Q3
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +2 -2 lines
*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Tue Jan 3 18:00:19 2017 UTC (7 years, 11 months ago) by roy
Branches: MAIN
CVS tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +2 -3 lines
chrony does not use curses.

Revision 1.33: download - view: text, markup, annotated - select for diffs
Thu Oct 8 09:47:33 2015 UTC (9 years, 2 months ago) by sborrill
Branches: MAIN
CVS tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +2 -2 lines
Honour chronyd in rc.conf. Prior to this, chronyd would run regardless and
could not be disabled.
Bump PKGREVISION

Revision 1.32: download - view: text, markup, annotated - select for diffs
Tue Aug 18 07:31:14 2015 UTC (9 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +2 -2 lines
Bump all packages that depend on curses.bui* or terminfo.bui* since they
might incur ncurses dependencies on some platforms, and ncurses just bumped
its shlib.
Some packages were bumped twice now, sorry for that.

Revision 1.31: download - view: text, markup, annotated - select for diffs
Mon Aug 17 17:11:27 2015 UTC (9 years, 3 months ago) by wiz
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +2 -1 lines
Bump PKGREVISION for ncurses shlib bump.

Revision 1.29.14.1: download - view: text, markup, annotated - select for diffs
Wed Apr 15 21:13:51 2015 UTC (9 years, 8 months ago) by tron
Branches: pkgsrc-2015Q1
Diff to: previous 1.29: preferred, colored; next MAIN 1.30: preferred, colored
Changes since revision 1.29: +4 -4 lines
Pullup ticket #4660 - requested by hannken
net/chrony: security update

Revisions pulled up:
- net/chrony/Makefile                                           1.30
- net/chrony/distinfo                                           1.10
- net/chrony/patches/patch-Makefile.in                          1.1
- net/chrony/patches/patch-aa                                   deleted
- net/chrony/patches/patch-ab                                   deleted
- net/chrony/patches/patch-ac                                   deleted
- net/chrony/patches/patch-ad                                   deleted
- net/chrony/patches/patch-ae                                   deleted
- net/chrony/patches/patch-af                                   deleted
- net/chrony/patches/patch-ag                                   deleted
- net/chrony/patches/patch-conf.c                               1.1
- net/chrony/patches/patch-examples_chrony.conf.example         1.1
- net/chrony/patches/patch-examples_chrony.keys.example         1.1
- net/chrony/patches/patch-ntp__io.c                            1.2

---
   Module Name:    pkgsrc
   Committed By:   hannken
   Date:           Mon Apr 13 10:03:21 UTC 2015

   Modified Files:
           pkgsrc/net/chrony: Makefile distinfo
           pkgsrc/net/chrony/patches: patch-ntp__io.c
   Added Files:
           pkgsrc/net/chrony/patches: patch-Makefile.in patch-conf.c
               patch-examples_chrony.conf.example
               patch-examples_chrony.keys.example
   Removed Files:
           pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
               patch-af patch-ag

   Log Message:
   Update chrony to version 1.31.1. For a full list of changes
   since 1.29 see file NEWS in the distfile.

   Security fixes since 1.29:

   * Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021)
     (incompatible with previous protocol version, chronyc supports both)
   * Protect authenticated symmetric NTP associations against DoS attacks
     (CVE-2015-1799)
   * Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
   * Fix initialization of reply slots for authenticated commands (CVE-2015-1822)

Revision 1.30: download - view: text, markup, annotated - select for diffs
Mon Apr 13 10:03:21 2015 UTC (9 years, 8 months ago) by hannken
Branches: MAIN
CVS tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +4 -4 lines
Update chrony to version 1.31.1. For a full list of changes
since 1.29 see file NEWS in the distfile.

Security fixes since 1.29:

* Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021)
  (incompatible with previous protocol version, chronyc supports both)
* Protect authenticated symmetric NTP associations against DoS attacks
  (CVE-2015-1799)
* Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
* Fix initialization of reply slots for authenticated commands (CVE-2015-1822)

Revision 1.27.6.1: download - view: text, markup, annotated - select for diffs
Wed Aug 21 12:59:44 2013 UTC (11 years, 3 months ago) by tron
Branches: pkgsrc-2013Q2
Diff to: previous 1.27: preferred, colored; next MAIN 1.28: preferred, colored
Changes since revision 1.27: +11 -10 lines
Pullup ticket #4215 - requested by hannken
net/chrony: security update

Revisions pulled up:
- net/chrony/Makefile                                           1.29
- net/chrony/PLIST                                              1.5
- net/chrony/distinfo                                           1.8
- net/chrony/files/chronyd.sh                                   1.5
- net/chrony/patches/patch-aa                                   1.5
- net/chrony/patches/patch-ab                                   1.5
- net/chrony/patches/patch-ac                                   1.5
- net/chrony/patches/patch-ad                                   1.4
- net/chrony/patches/patch-ae                                   1.5
- net/chrony/patches/patch-af                                   1.4
- net/chrony/patches/patch-ag                                   1.4

---
   Module Name:    pkgsrc
   Committed By:   hannken
   Date:           Fri Aug 16 08:30:20 UTC 2013

   Modified Files:
           pkgsrc/net/chrony: Makefile PLIST distinfo
           pkgsrc/net/chrony/files: chronyd.sh
           pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
               patch-af
   Added Files:
           pkgsrc/net/chrony/patches: patch-ag

   Log Message:
   Update chrony to version 1.29. For a full list of changes
   since 1.24 see file NEWS in the distfile.

   Security fixes since 1.24:

   * Fix crash when processing crafted commands (CVE-2012-4502)
     (possible with IP addresses allowed by cmdallow and localhost)
   * Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES
     replies (CVE-2012-4503) (not used by chronyc)

   Reviewed by: Joerg Sonnenberger <joerg%netbsd.org@localhost>

Revision 1.29: download - view: text, markup, annotated - select for diffs
Fri Aug 16 08:30:20 2013 UTC (11 years, 3 months ago) by hannken
Branches: MAIN
CVS tags: pkgsrc-2015Q1-base, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Branch point for: pkgsrc-2015Q1
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +11 -10 lines
Update chrony to version 1.29. For a full list of changes
since 1.24 see file NEWS in the distfile.

Security fixes since 1.24:

* Fix crash when processing crafted commands (CVE-2012-4502)
  (possible with IP addresses allowed by cmdallow and localhost)
* Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES
  replies (CVE-2012-4503) (not used by chronyc)

Reviewed by: Joerg Sonnenberger <joerg@netbsd.org>

Revision 1.28: download - view: text, markup, annotated - select for diffs
Mon Jul 15 02:02:26 2013 UTC (11 years, 5 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +2 -2 lines
* .include "../../devel/readline/buildlink3.mk" with USE_GNU_READLINE=yes
  are replaced with .include "../../devel/readline/buildlink3.mk", and
  USE_GNU_READLINE are removed,

* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
  are replaced with .include "../../mk/readline.buildlink3.mk".

Revision 1.27: download - view: text, markup, annotated - select for diffs
Tue Oct 23 17:18:14 2012 UTC (12 years, 1 month ago) by asau
Branches: MAIN
CVS tags: pkgsrc-2013Q2-base, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4
Branch point for: pkgsrc-2013Q2
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +1 -3 lines
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.25.6.1: download - view: text, markup, annotated - select for diffs
Sun Mar 7 00:10:17 2010 UTC (14 years, 9 months ago) by tron
Branches: pkgsrc-2009Q4
Diff to: previous 1.25: preferred, colored; next MAIN 1.26: preferred, colored
Changes since revision 1.25: +14 -12 lines
Pullup ticket #3041 - requested by hannken
chrony: security update

Revisions pulled up:
- net/chrony/Makefile				1.26
- net/chrony/distinfo				1.7
- net/chrony/patches/patch-aa			1.4
- net/chrony/patches/patch-ab			1.4
- net/chrony/patches/patch-ac			1.4
- net/chrony/patches/patch-ad			1.3
- net/chrony/patches/patch-ae			1.4
- net/chrony/patches/patch-ag			delete
---
Module Name:    pkgsrc
Committed By:   hannken
Date:           Fri Feb 26 09:27:43 UTC 2010

Modified Files:
        pkgsrc/doc: TODO
        pkgsrc/net/chrony: Makefile distinfo
        pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
Removed Files:
        pkgsrc/net/chrony/patches: patch-ag

Log Message:
Update to 1.24.

The changes in version 1.24 are

Security fixes
--------------
* Don't reply to invalid cmdmon packets (CVE-2010-0292)
* Limit client log memory size (CVE-2010-0293)
* Limit rate of syslog messages (CVE-2010-0294)

Bug fixes/Enhancements
----------------------
* Support for reference clocks (SHM, SOCK, PPS drivers)
* IPv6 support
* Linux capabilities support (to drop root privileges)
* Memory locking support on Linux
* Real-time scheduler support on Linux
* Leap second support on Linux
* Support for editline library
* Support for new Linux readonly adjtime
* NTP client support for KoD RATE
* Read kernel timestamps for received NTP packets
* Reply to NTP requests with correct address on multihomed hosts
* Retry name resolving after temporary failure
* Fix makestep command, make it available on all systems
* Add makestep directive for automatic clock stepping
* Don't require _bigadj kernel symbol on NetBSD
* Avoid blocking read in Linux RTC driver
* Support for Linux on S/390 and PowerPC
* Fix various bugs on 64-bit systems
* Fix valgrind errors and compiler warnings
* Improve configure to support common options and variables
* Improve status checking and printing in chronyc
* Return non-zero exit code on errors in chronyc
* Reduce request timeout in chronyc
* Print estimated offset in sourcestats
* Changed chronyc protocol, incompatible with older versions

Reviewed by: Joerg Sonnenberger <joerg@netbsd.org>

Revision 1.26: download - view: text, markup, annotated - select for diffs
Fri Feb 26 09:27:43 2010 UTC (14 years, 9 months ago) by hannken
Branches: MAIN
CVS tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +14 -12 lines
Update to 1.24.

The changes in version 1.24 are

Security fixes
--------------
* Don't reply to invalid cmdmon packets (CVE-2010-0292)
* Limit client log memory size (CVE-2010-0293)
* Limit rate of syslog messages (CVE-2010-0294)

Bug fixes/Enhancements
----------------------
* Support for reference clocks (SHM, SOCK, PPS drivers)
* IPv6 support
* Linux capabilities support (to drop root privileges)
* Memory locking support on Linux
* Real-time scheduler support on Linux
* Leap second support on Linux
* Support for editline library
* Support for new Linux readonly adjtime
* NTP client support for KoD RATE
* Read kernel timestamps for received NTP packets
* Reply to NTP requests with correct address on multihomed hosts
* Retry name resolving after temporary failure
* Fix makestep command, make it available on all systems
* Add makestep directive for automatic clock stepping
* Don't require _bigadj kernel symbol on NetBSD
* Avoid blocking read in Linux RTC driver
* Support for Linux on S/390 and PowerPC
* Fix various bugs on 64-bit systems
* Fix valgrind errors and compiler warnings
* Improve configure to support common options and variables
* Improve status checking and printing in chronyc
* Return non-zero exit code on errors in chronyc
* Reduce request timeout in chronyc
* Print estimated offset in sourcestats
* Changed chronyc protocol, incompatible with older versions

Reviewed by: Joerg Sonnenberger <joerg@netbsd.org>

Revision 1.25: download - view: text, markup, annotated - select for diffs
Wed May 20 00:58:25 2009 UTC (15 years, 6 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2009Q4-base, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2
Branch point for: pkgsrc-2009Q4
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +2 -1 lines
Recursive ABI depends update and PKGREVISION bump for readline-6.0 shlib
major change.

Reported by Robert Elz in PR 41345.

Revision 1.23.6.1: download - view: text, markup, annotated - select for diffs
Thu Aug 14 08:19:29 2008 UTC (16 years, 4 months ago) by rtr
Branches: pkgsrc-2008Q2
Diff to: previous 1.23: preferred, colored; next MAIN 1.24: preferred, colored
Changes since revision 1.23: +2 -3 lines
pullup ticket #2483 - requested by sborrill
chrony: update package for fixes

revisions pulled up:
pkgsrc/net/chrony/Makefile		1.24
pkgsrc/net/chrony/distinfo		1.6
pkgsrc/net/chrony/patches/patch-ag	1.2
pkgsrc/net/chrony/patches/patch-ah	0

   Module Name:	pkgsrc
   Committed By:	sborrill
   Date:		Tue Aug 12 16:37:32 UTC 2008

   Modified Files:
   	pkgsrc/net/chrony: Makefile distinfo
   	pkgsrc/net/chrony/patches: patch-ag
   Removed Files:
   	pkgsrc/net/chrony/patches: patch-ah

   Log Message:
   Update to 1.23 and fix coredump on NetBSD 4.0 and later.

   The changes in version 1.23 are

       * Support for MIPS, x86_64, sparc, alpha, arm, FreeBSD
       * Fix serious sign-extension error in handling IP addresses
       * RTC support can be excluded at compile time
       * Make sources gcc-4 compatible
       * Fix various compiler warnings
       * Handle fluctuations in peer distance better.
       * Fixed handling of stratum zero.
       * Fix various problems for 64-bit systems
       * Flush chronyc output streams after each command, to allow it to be
       driven through pipes
       * Manpage improvements

   The changes in version 1.21 are

       * Don't include Linux kernel header files any longer : allows chrony to
         compile on recent distros.
       * Stop trying to use RTC if continuous streams of error messages would
         occur (Linux with HPET).

Revision 1.24: download - view: text, markup, annotated - select for diffs
Tue Aug 12 16:37:32 2008 UTC (16 years, 4 months ago) by sborrill
Branches: MAIN
CVS tags: pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -3 lines
Update to 1.23 and fix coredump on NetBSD 4.0 and later.

The changes in version 1.23 are

    * Support for MIPS, x86_64, sparc, alpha, arm, FreeBSD
    * Fix serious sign-extension error in handling IP addresses
    * RTC support can be excluded at compile time
    * Make sources gcc-4 compatible
    * Fix various compiler warnings
    * Handle fluctuations in peer distance better.
    * Fixed handling of stratum zero.
    * Fix various problems for 64-bit systems
    * Flush chronyc output streams after each command, to allow it to be
    driven through pipes
    * Manpage improvements

The changes in version 1.21 are

    * Don't include Linux kernel header files any longer : allows chrony to
      compile on recent distros.
    * Stop trying to use RTC if continuous streams of error messages would
      occur (Linux with HPET).

Revision 1.23: download - view: text, markup, annotated - select for diffs
Sat Jan 5 15:04:57 2008 UTC (16 years, 11 months ago) by rillig
Branches: MAIN
CVS tags: pkgsrc-2008Q2-base, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper
Branch point for: pkgsrc-2008Q2
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +2 -1 lines
+ AUTO_MKDIRS

Revision 1.22: download - view: text, markup, annotated - select for diffs
Sun Feb 5 23:10:23 2006 UTC (18 years, 10 months ago) by joerg
Branches: MAIN
CVS tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -2 lines
Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.21: download - view: text, markup, annotated - select for diffs
Sun Jan 8 13:27:53 2006 UTC (18 years, 11 months ago) by joerg
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +8 -9 lines
Use SUBST framework, add man pages to the list of files in need of
substituation. Use PKG_SYSCONFDIR instead of PREFIX/etc, it can be
different. Bump revision.

Revision 1.20: download - view: text, markup, annotated - select for diffs
Thu Dec 29 06:21:58 2005 UTC (18 years, 11 months ago) by jlam
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +1 -2 lines
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.19: download - view: text, markup, annotated - select for diffs
Mon Dec 5 23:55:13 2005 UTC (19 years ago) by rillig
Branches: MAIN
CVS tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -2 lines
Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.18: download - view: text, markup, annotated - select for diffs
Mon Dec 5 20:50:44 2005 UTC (19 years ago) by rillig
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +4 -4 lines
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Jun 17 04:49:47 2005 UTC (19 years, 6 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3, pkgsrc-2005Q2-base, pkgsrc-2005Q2
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +2 -2 lines
Fix inappropriate uses of ${LOCALBASE} or ${X11PREFIX} instead of
${PREFIX}.

Revision 1.16: download - view: text, markup, annotated - select for diffs
Sun May 22 20:08:23 2005 UTC (19 years, 6 months ago) by jlam
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +2 -2 lines
Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions:

	USE_GNU_TOOLS	-> USE_TOOLS
	awk		-> gawk
	m4		-> gm4
	make		-> gmake
	sed		-> gsed
	yacc		-> bison

Revision 1.15: download - view: text, markup, annotated - select for diffs
Mon Apr 11 21:46:45 2005 UTC (19 years, 8 months ago) by tv
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +1 -2 lines
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.14: download - view: text, markup, annotated - select for diffs
Tue Dec 28 02:47:46 2004 UTC (19 years, 11 months ago) by reed
Branches: MAIN
CVS tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +2 -1 lines
The default location of the pkgsrc-installed rc.d scripts is now
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.

This is from ideas from Greg Woods and others.

Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).

Revision 1.13: download - view: text, markup, annotated - select for diffs
Tue Nov 30 11:26:59 2004 UTC (20 years ago) by hannken
Branches: MAIN
CVS tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +7 -3 lines
Update to version 1.20

- Many small tidy-ups and security improvements.
- Merge support for 64bit architectures.
- Generate more informative syslog messages before exiting on failed
  assertions.
- Fix bugs in clamping code for the tick value used when slewing a large
  offset.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sun Oct 3 00:17:49 2004 UTC (20 years, 2 months ago) by tv
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +2 -2 lines
Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sun Apr 25 08:14:54 2004 UTC (20 years, 7 months ago) by snj
Branches: MAIN
CVS tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3, pkgsrc-2004Q2-base, pkgsrc-2004Q2
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +4 -4 lines
Convert to buildlink3.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Sun Sep 28 09:13:58 2003 UTC (21 years, 2 months ago) by jlam
Branches: MAIN
CVS tags: pkgsrc-2004Q1-base, pkgsrc-2004Q1, pkgsrc-2003Q4-base, pkgsrc-2003Q4
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -2 lines
Back out last change related to moving ncurses/buildlink2.mk to
curses.buildlink2.mk.  This was wrong because we _really_ do want to
express that we want _n_curses when we include the buildlink2.mk file.

We should have a better way to say that the NetBSD curses doesn't
quite work well enough.  In fact, it's far better to depend on ncurses
by default, and exceptionally note when it's okay to use NetBSD curses
for specific packages.  We will look into this again in the future.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Sep 27 17:07:37 2003 UTC (21 years, 2 months ago) by grant
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +2 -2 lines
move ncurses/buildlink2.mk to mk/curses.buildlink2.mk, as it provides
support for base system curses/ncurses as well as ncurses itself.

suggested by wiz.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Jul 17 22:51:03 2003 UTC (21 years, 5 months ago) by grant
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
s/netbsd.org/NetBSD.org/

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Jul 13 13:52:48 2003 UTC (21 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -1 lines
PKGREVISION bump for libiconv update.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Tue Jan 28 22:03:49 2003 UTC (21 years, 10 months ago) by jlam
Branches: MAIN
CVS tags: netbsd-1-6-1-base, netbsd-1-6-1
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -2 lines
Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Oct 25 17:59:54 2002 UTC (22 years, 1 month ago) by wiz
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +4 -3 lines
buildlink1 -> buildlink2.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Oct 23 02:15:11 2002 UTC (22 years, 1 month ago) by jlam
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +2 -2 lines
HOMEPAGE has moved.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Thu Sep 19 09:04:14 2002 UTC (22 years, 2 months ago) by jlam
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -8 lines
Take advantage of the auto-generation and installation of rc.d scripts.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Thu Sep 19 08:41:50 2002 UTC (22 years, 2 months ago) by jlam
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -2 lines
Rename files/chronyd to files/chronyd.sh for forthcoming changes to
auto-handle rc.d scripts.

Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Fri Mar 22 23:01:52 2002 UTC (22 years, 8 months ago) by tron
Branches: TNF
CVS tags: pkgviews-base, pkgviews, pkgsrc-base, netbsd-1-6-RELEASE-base, netbsd-1-6, netbsd-1-5-PATCH003, buildlink2-base, buildlink2
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +0 -0 lines
Import new "chrony" package:
Daemon for maintaining the accuracy of computer clocks

This packages was supplied by Juergen Hannken-Illjes in PR pkg/15729.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Fri Mar 22 23:01:52 2002 UTC (22 years, 8 months ago) by tron
Branches: MAIN
Initial revision

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>