* Python 2.7 is now the minimum supported version.
* waf has been upgraded to version 2.1.4
* waf install now tests the installed binaries
* waf configure --enable-Werror will turn warnings into errors
* Fix ntpviz's skewness and kurtosis formulas.
* ntpd now runs on FIPS mode systems.
* Clock fuzzing is gone. --disable-fuzz is now standard.
* Fix distinct rpeers mode in PeerSummary.summary.
* Fix addr2refid to work with FIPS-140-2 mode.
* Update the leap-seconds.list source in ntpleapfetch.
* Remove obsolete nopeer and notrap mentions from the Access
Control List documentation.
* ntpd can now listen on a second port.Add either "nts port
xxxx" or "extra port xxxx" in your config file. If either is
specified, the NTS-KE server will tell the client to use that
port. This might help get around some of the blocking or
filtering that ISPs are doing to port 123.
* Client requests will also be sent from that port.Again, that
will bypass some port 123 filtering.
* NTPsec now builds on Linux armhf.
* Remove some remnant broadcast/multicast cruft.
* Add a ntpdig option to bind to a specific address.
* Add an ntpd config file option for the NTS-KE server's
preferred TLS ciphers.
* Use ntp_gettime not than ntp_adjtime for local refclcock. Set
the lockclock member of loop_data while the config parses,
making ntp_adjtiime unusable. Don't write a drift file while
in lockclock mode and claim to slew time so that clients will
listen to us,
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=101
- Updat to version 1.2.3
* Change mode6 alignment to four, which may break some
compatibility with classic NTP.
* Seccomp should now also yield invalid syscall names when dying.
* Make ntpq stop dropping output timestamp leading zeroes.
* Update documents in quite a few places.
* Reset some stats hourly, even when not logged into files.
* Add error logging, and stats for ms-sntp.
* Add spacing between multiple peer views in ntpq.
* We think we have fixed ms-sntp but we can’t test it.
* ntpd and ntpq both treat SHA-1 as an alias for SHA1 NIST
uses SHA-1. The crypto package from OpenSSL uses SHA1.
* The default crypto type for ntpq is now AES. RFC 8573
deprecated MD5.
* There are now log files with hourly statistics for NTS and
NTS-KE traffic: filegen ntsstats and filegen ntskestats,
* Update ntpsnmpd to use python built-in to get uname information.
* Update license file names for REUSE compliance.
* Fix ntploggps issue where count_used_satellites checked before
it is initialized.
* Print out OpenSSL version at configure time.
* Enable debug symbols by default, with only an option to disable.
* Add support for ecdhcurves list.
* Fix ntpdig crash when using 2.ntp.pool.org with a host without
IPv6 support.
* Do not install libaes_siv test anymore.
* Add update option to buildprep.
* ntpdig shows packet delay in JSON output.
OBS-URL: https://build.opensuse.org/request/show/1189105
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=99
- Updated to version 1.2.2
- Restore/cleanup NTPv1 support
- ntpq sysstats now shows NTPv1 traffic.
- NTPv1 counter added to sysstats log file.
- NTS supports partial wildcards, for example *.example.com
- Work on documentation, ntpdate, ntpheat, ntploggpg, ntpq's sysstats, ntpviz, and seccomp.
- NTP auth no longer breaks on NULs.
- The NTS server now saves 10 days worth of cookie keys. This will allow clients that only poll once a day to use NTS without using NTS-KE to keep cookies up to date.
- rawstats now logs dropped packets and their BOGON code
- Only one per request to avoid DoSing the log file
- This lets you see packets that take too long.
- Add 4 or 6 to DNS/NTS RefID tags to indicate that the DNS or NTS-KE has succeeded but NTP has not worked yet.
- Build improvements
- Restore Python 2.6 support
- Restore LibreSSL support
- Add support for OpenSSL 3.0
- Fix hash validation in ntpleapfetch again.
- FreeBSD now gets nanosecond resolution on receive time stamps.
- added ntpsec.keyring
OBS-URL: https://build.opensuse.org/request/show/1063408
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=93
- Update to version 1.2.1
* Update ntpkeygen/keygone to properly filter # characters.
Fix security issue: CVE-2021-22212
* Add dextral peers mode in ntpq and ntpmon.
* Drop NTPv1 as the support was not RFC compliant, maybe v2
except mode 6 next.
* Fix argument P for ntpd parsing fixed and ntpdate improvements.
* Fix crash for raw ntpq readvar.
* Add processor usage to NTS-KE logging except on NetBSD.
* Remove --build-epoch and replace it with arbitrary
--build-desc text. Passing
'--build-desc=$(date -u +%Y-%m-%dT%H:%M:%Sz)' restores the
previous default extended version.
* The build epoch has been replaced with a hardcoded timestamp
which will be manually updated every nine years or so
(approx 512w). This makes the binaries reproducible by default.
* Compare versions of ntp.ntpc and libntpc printing a warning
if mismatched. Fix libntpc install path if using it.
* Reduce maxclocks default to 5 to reduce the NTP pool load.
* Print LIBDIR during ./waf configure.
* Add documentation, new GPG key, and other cleanups.
- Update to version 1.2.0
* The minor version bump is to indicate official official support
of RFC8915 "Network Time Security for the Network Time
Protocol" which was released 2020-09-30.
* NTS-KE client now defaults to port 4460.
* NTS-KE server now listens on port 4460. (Listening on port 123
has been removed.)
* The shebang of installed Python scripts can now be customized
with: waf configure --pyshebang="…" This has multiple uses, but
OBS-URL: https://build.opensuse.org/request/show/898852
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=90
- Update to 1.1.7 bsc#1153841:
* The numeric literal argument of the 'time1' fudge option on a clock
can now have one or more letter suffixes that compensate for era
rollover in a GPS device. Each "g" adds the number of seconds in a
1024-week (10-bit) GPS era. Each "G" adds the number of seconds in a
8192-week (13-bit) GPS era.
* The neoclock4x driver has been removed, due to the hardware and the
vendor having utterly vanished from the face of the earth.
* The NTS ALPN negotiation sequence has been modified for improved
interoperability with other NTS implementations.
* NTS key rotation now happens every 24 hours. It used to rotate
every hour to enable testing of recovery from stale cookies.
- Remove merged patch ntpsec-1.1.6-update-waf.patch
- Enable documentation build
OBS-URL: https://build.opensuse.org/request/show/738217
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ntpsec?expand=0&rev=13
* The numeric literal argument of the 'time1' fudge option on a clock
can now have one or more letter suffixes that compensate for era
rollover in a GPS device. Each "g" adds the number of seconds in a
1024-week (10-bit) GPS era. Each "G" adds the number of seconds in a
8192-week (13-bit) GPS era.
* The neoclock4x driver has been removed, due to the hardware and the
vendor having utterly vanished from the face of the earth.
* The NTS ALPN negotiation sequence has been modified for improved
interoperability with other NTS implementations.
* NTS key rotation now happens every 24 hours. It used to rotate
every hour to enable testing of recovery from stale cookies.
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=77
* Log timestamps now include the year. This is useful when
investigating bugs involving time-setting and -g.
* Many internal cleanups to clear the way for upcoming major features.
They should generally not be user visible. Refer to the git-log if
you are interested.
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=64
- Version update to 1.1.0:
* Digests longer then 20 bytes will be truncated.
* We have merged NTP Classic's fix for CVE-2018-7182.
* we have dropped support for Broadcast servers. We had kept it for
older desktop operating systems listening on the local network
broadcast domain, a use case that is now no longer in use at sane
enviroments, and no longer necessary for modern desktop OSs.
* It is now possible to unpeer refclocks using a type/unit specification
rather than a magic IP address. This was the last obligatory use of
magic IP addresses in the configuration grammar.
* OpenBSD has been removed from the list of supported platforms for
ntpd. It will be restored if and when its clock API supports drift
adjustment via ntp_adjtime() or equivalent facility.
* Mac OS X support has been dropped pending the implementation of
ntp_adjtime(2).
* A bug that caused the rejection of 33% of packets from Amazon time
service has been fixed.
OBS-URL: https://build.opensuse.org/request/show/592276
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ntpsec?expand=0&rev=8
* Digests longer then 20 bytes will be truncated.
* We have merged NTP Classic's fix for CVE-2018-7182.
* we have dropped support for Broadcast servers. We had kept it for
older desktop operating systems listening on the local network
broadcast domain, a use case that is now no longer in use at sane
enviroments, and no longer necessary for modern desktop OSs.
* It is now possible to unpeer refclocks using a type/unit specification
rather than a magic IP address. This was the last obligatory use of
magic IP addresses in the configuration grammar.
* OpenBSD has been removed from the list of supported platforms for
ntpd. It will be restored if and when its clock API supports drift
adjustment via ntp_adjtime() or equivalent facility.
* Mac OS X support has been dropped pending the implementation of
ntp_adjtime(2).
* A bug that caused the rejection of 33% of packets from Amazon time
service has been fixed.
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=62
* Remove two unnecessary functions.
* Changed MIB system to use seperate read/write callbacks
* Boolification.
* Nuke ifdefs for O_NONBLOCK and O_NOCTTY
* Drop use of pthread_addr
* Fixes instructions for disabling Apple NTP.
* Added MIB coverage
* Address GitLab issue #407: ntpdig/ntptime fails against some servers
* Removed obsolete MIB tree-list converters
* Changed ntpsnmpd to use the new MIB tree system
* Added walkMIBTree generator to replace previous MIB tree handlers
* Squelch a compiler warning.
* Address GitLab issue #406: ntpd build fails: ...
* Bump the minor version number.
* New syntax: unpeer clock <type> [unit <number>]
* In the config parser, factor out type/unit lookup into addr_from_typeunit()...
* No point in removing individual generic-driver modes...
* endian.h does not suffice, as there are no 64-bit primitives.
* Dead-code removal.
* Move some TOSO items that didn't land pre-1.0.
* Remove obsolete TODO items.
* De-dummyified several OIDs
* Added option to put a space between the value and unit in unitify()
* Typos in comments
* Some pep8/pyflakes cleanup
* First Mode 6 - SNMP contact
* Removed redundant, and non-coherent getNextOID() function from getOID()
* Added and used sendErrorPacket() method
* Added AgentX sessionID error check and response
OBS-URL: https://build.opensuse.org/package/show/network:time/ntpsec?expand=0&rev=55
- Update to version 0.9.7+git20171002.c79bc6271:
* Fix a comment that became incorrect after the autonomy change.
* Fix GitLab issue #378: Misc warnings on RasPi
* Address GitLab issue #380: ntpq should not terminate with a traceback
* Attempt to suppress some compiler warnings.
* Don't build with -Wcast-align
* Fully disable -Wcast-align.
* Suppress another useless warning.
* Abandon -Wsign-conversion, it's too flaky to be useful.
* -Wsign-conversion is unreasonably difficult to stamp out.
* Revert "Attempt to suppress some compiler warnings."
* Restore build under clang.
* Finish rationalization of config block copy.
* Thinko fix.
* Trial implementation/docs of RFE: Add fudge option to server config
* Added tests for missing values in __parse_varlist
* Fixed broken test for cook()
* Added missing tests for several functions
* Explain a scenario in which bias configuration might be useful.
* Don't scale the bias report - use units of seconds.
* Addtress GitLab issue #381: simple mathematics
* Fixed / completed test for NTPStats.__init__()
* Change prettydate() to always emit UTC, for reproducibility.
* Fixes tests for cook() to match new prettydate()
* Address GitLab issue #383: ntpq: invalid file argument ignored
* Grammar
* Fix spelling of "received"
* Typo fix.
* Suppress a false-positive Coverity warning.
* branch change
OBS-URL: https://build.opensuse.org/request/show/530459
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ntpsec?expand=0&rev=4
