* Add support for AES-GCM-SIV in GnuTLS
* Add support for corrections from PTP transparent clocks
* Add support for systemd socket activation
* Fix presend in interleaved mode
* Fix reloading of modified sources from sourcedir
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=119
This speeds up building everywhere and gets rid of the timeout on
slower architectures. Unfortunately those sometimes fail the 124-tai
test because the tolerances are too tight (0.001004s > 0.001000).
Something for upstream?
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
OBS-URL: https://build.opensuse.org/request/show/1108478
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=117
* Add support for AES-GCM-SIV with Nettle >= 3.9 to shorten NTS
cookies to avoid some length-specific blocking of NTP on
Internet.
* Add support for multiple refclocks using extpps option on one
PHC.
* Add maxpoll option to hwtimestamp directive to improve PHC
tracking with low packet rates
* Add hwtstimeout directive to configure timeout for late
timestamps.
* Handle late hardware transmit timestamps of NTP requests on
all sockets.
* Handle mismatched 32/64-bit time_t in SOCK refclock samples
* Improve source replacement
* Log important changes made by command requests (chronyc)
* Refresh address of NTP sources periodically
* Set DSCP for IPv6 packets
* Shorten NTS-KE retry interval when network is down
* Update seccomp filter for musl
* Warn if loading keys from file with unexpected permissions
* Warn if source selection fails or falseticker is detected
* Add selectopts command to modify source-specific selection
options.
* Add timestamp sources to serverstats report and make its fields
64-bit.
* Add -e option to chronyc to indicate end of response
- Update clknetsim to snapshot ef2a7a9.
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=115
* Add local option to refclock directive to stabilise system
clock with more stable free-running clock (e.g. TCXO, OCXO).
* Add maxdelayquant option to server/pool/peer directive to
replace maxdelaydevratio filter with long-term quantile-based
filtering.
* Add selection option to log directive.
* Allow external PPS in PHC refclock without configurable pin.
* Don't accept first interleaved response to minimise error in
delay.
* Don't use arc4random on Linux to avoid server performance loss.
* Improve filter option to better handle missing NTP samples.
* Improve stability with hardware timestamping and PHC refclock.
* Update seccomp filter
- Update clknetsim to snapshot f00531b.
- Use a more specific conditional for the /usr/etc stuff.
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=111
* Add support for NTPv4 extension field improving synchronisation
stability and resolution of root delay and dispersion
(experimental)
* Add support for NTP over PTP (experimental)
* Add support for AES-CMAC and hash functions in GnuTLS
* Improve server interleaved mode to be more reliable and support
multiple clients behind NAT
* Update seccomp filter
* Fix RTC support with 64-bit time_t on 32-bit Linux
* Fix seccomp filter to work correctly with bind*device directives
- Obsoleted patches:
* chrony-refid-internal-md5.patch
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch
- Update clknetsim to snapshot 470b5e9.
- Add chrony-htonl.patch to work around undocumented behaviour of
htonl() in older glibc versions (SLE-12) on 64 bit big endian
architectures (s390x).
- SLE bugs that have been fixed in openSUSE up to this point
without explicit references: bsc#1183783, bsc#1184400,
bsc#1171806, bsc#1161119, bsc#1159840.
- Obsoleted SLE patches:
* chrony-fix-open.patch
* chrony-gettimeofday.patch
* chrony-ntp-era-split.patch
* chrony-pidfile.patch
* chrony-select-timeout.patch
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=106
but needed for calculating refids from IPv6 addresses as part of
the NTP protocol (rfc5905). As this is a non-cryptographic use of
MD5 we can use our own implementation without violating FIPS
rules: chrony-refid-internal-md5.patch .
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=103
* Add support for NTS servers specified by IP address (matching
Subject Alternative Name in server certificate)
* Add source-specific configuration of trusted certificates
* Allow multiple files and directories with trusted certificates
* Allow multiple pairs of server keys and certificates
* Add copy option to server/pool directive
* Increase PPS lock limit to 40% of pulse interval
* Perform source selection immediately after loading dump files
* Reload dump files for addresses negotiated by NTS-KE server
* Update seccomp filter and add less restrictive level
* Restart ongoing name resolution on online command
* Fix dump files to not include uncorrected offset
* Fix initstepslew to accept time from own NTP clients
* Reset NTP address and port when no longer negotiated by NTS-KE
server
- Update clknetsim to snapshot f89702d.
- Refresh chrony.keyring from
https://chrony.tuxfamily.org/gpgkey-8F375C7E8D0EE125A3D3BD51537E2B76F7680DAC.asc
- Ensure the correct pool packages are installed for openSUSE
and SLE (bsc#1180689).
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=97
preconfigure chrony to use NTP servers from the respective
pools for SUSE and openSUSE (bsc#1156884, SLE-11424).
- Add chrony-pool-empty to still allow installing chrony without
preconfigured servers.
- Use iburst in the default pool statements to speed up initial
synchronisation (bsc#1172113).
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=85
- fix chrony-service-helper.patch
- Update to 3.5:
+ Add support for more accurate reading of PHC on Linux 5.0
+ Add support for hardware timestamping on interfaces with read-only timestamping configuration
+ Add support for memory locking and real-time priority on FreeBSD, NetBSD, Solaris
+ Update seccomp filter to work on more architectures
+ Validate refclock driver options
+ Fix bindaddress directive on FreeBSD
+ Fix transposition of hardware RX timestamp on Linux 4.13 and later
+ Fix building on non-glibc systems
OBS-URL: https://build.opensuse.org/request/show/741213
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=71
- Fix formatting of changelog
- Drop reference to change is not present
* Enhancements:
+ Add burst option to server/pool directive
+ Add stratum and tai options to refclock directive
+ Add support for Nettle crypto library
+ Add workaround for missing kernel receive timestamps on Linux
+ Wait for late hardware transmit timestamps
+ Improve source selection with unreachable sources
+ Improve protection against replay attacks on symmetric mode
+ Allow PHC refclock to use socket in /var/run/chrony
+ Add shutdown command to stop chronyd
+ Simplify format of response to manual list command
+ Improve handling of unknown responses in chronyc
* Bug fixes:
+ Respond to NTPv1 client requests with zero mode
+ Fix -x option to not require CAP_SYS_TIME under non-root user
+ Fix acquisitionport directive to work with privilege separation
+ Fix handling of socket errors on Linux to avoid high CPU usage
+ Fix chronyc to not get stuck in infinite loop after clock step
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=49
- Update to version 3.3
ed
+ Enhancements:
Add burst option to server/pool directive
Add stratum and tai options to refclock directive
Add support for Nettle crypto library
Add workaround for missing kernel receive timestamps on Linux
Wait for late hardware transmit timestamps
Improve source selection with unreachable sources
Improve protection against replay attacks on symmetric mode
Allow PHC refclock to use socket in /var/run/chrony
Add shutdown command to stop chronyd
Simplify format of response to manual list command
Improve handling of unknown responses in chronyc
+ Bug fixes:
Respond to NTPv1 client requests with zero mode
Fix -x option to not require CAP_SYS_TIME under non-root user
Fix acquisitionport directive to work with privilege separation
Fix handling of socket errors on Linux to avoid high CPU usage
Fix chronyc to not get stuck in infinite loop after clock step
+ make package build reproducible (boo#1047218)
via https://www.mail-archive.com/chrony-dev@chrony.tuxfamily.org/msg01685.html
OBS-URL: https://build.opensuse.org/request/show/626940
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=48
