This is an automated email from git. It was generated because a ref
change was pushed to the "chrony/chrony.git" repository.
The branch, master has been updated
via 26ce610155d0bf856ea592389f602a9182b727fc (commit)
via 316d47e3b40c28c9d6e38fe18900b7828f497649 (commit)
via 90557cf1babe6830bf775cdfb96f3e49ad4c555d (commit)
via 80e627c86ba9927801a4c08f0fe12dd3a3d8bd81 (commit)
via 0e4995e10b71c2de7df7ef1464bd1e3c33464651 (commit)
via a598983f9b59de2303755850594e831e2f440eef (commit)
via 27641876c57348e700acc31ef618723a19e4502e (commit)
via 4d139eeca6579975ddae1f3f2bf7f67c1d625511 (commit)
via 3f2806c19c7e0c7bd5cae6e8f5104a4d9c156c66 (commit)
via e297df78e4a49b52b56a046d80459e1fde8c8960 (commit)
via c1d56ede3ffb4c49bc0b73a0a0d81ba0f3bbca1f (commit)
via 2e52aca3bf99b316fe78e6ac17d14838c3e8c86a (commit)
via b0fc5832f4bac39e879495a7e2f8c0268fb83cdb (commit)
from cf6af112e100afaa496ea21cd0b50f25233b3e03 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 26ce610155d0bf856ea592389f602a9182b727fc
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Thu Feb 11 15:43:49 2021 +0100
nts: allow ntstrustedcerts to specify directory
If the specified path is a directory, load all certificates in the
directory.
commit 316d47e3b40c28c9d6e38fe18900b7828f497649
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Thu Feb 11 12:20:59 2021 +0100
nts: allow multiple files with trusted certificates
Allow the ntstrustedcerts directive to be specified multiple times.
commit 90557cf1babe6830bf775cdfb96f3e49ad4c555d
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Thu Feb 11 12:26:35 2021 +0100
nts: allow multiple server keys and certificates
Allow the ntsservercert and ntsserverkey directives to be specified
multiple times to enable the NTS-KE server to operate under multiple
names.
commit 80e627c86ba9927801a4c08f0fe12dd3a3d8bd81
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Thu Feb 11 11:05:25 2021 +0100
nts: define type for credentials
Add a NKSN_Credentials type to avoid referring to it as void *.
commit 0e4995e10b71c2de7df7ef1464bd1e3c33464651
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Thu Feb 11 10:52:06 2021 +0100
nts: split creating server and client credentials
commit a598983f9b59de2303755850594e831e2f440eef
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Wed Feb 10 12:16:18 2021 +0100
client: fix sourcename command to accept ID addresses
Fix the command to print the name corresponding to an unresolved
address.
commit 27641876c57348e700acc31ef618723a19e4502e
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Wed Feb 10 13:35:51 2021 +0100
ntp: simplify NSR_Finalise()
commit 4d139eeca6579975ddae1f3f2bf7f67c1d625511
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Wed Feb 10 13:21:37 2021 +0100
ntp: limit number of sources
Don't rely on assertions and running out of memory to terminate if
an extremely large number of sources is added. Set the maximum number
to 65536 to have a practical limit where chronyd still has a chance to
appear functional with some operations having a quadratic time
complexity.
commit 3f2806c19c7e0c7bd5cae6e8f5104a4d9c156c66
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Wed Feb 10 16:15:15 2021 +0100
nts: reset NTP address/port if removed in NTS-KE
When an NTS-KE server stops providing the NTP address or port, change
them to the original values to avoid the client getting stuck
with a non-responding address/port.
commit e297df78e4a49b52b56a046d80459e1fde8c8960
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Wed Feb 10 12:23:13 2021 +0100
nts: load cookies early
Instead of waiting for the first request, try to load the cookies as
soon as the instance is created, or the NTS address is changed.
This enables loading of dump files for servers that are negotiated in
NTS-KE.
commit c1d56ede3ffb4c49bc0b73a0a0d81ba0f3bbca1f
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Tue Feb 9 17:40:17 2021 +0100
nts: rework update of NTP server address
In the NTS-NTP client instance, maintain a local copy of the NTP address
instead of using a pointer to the NCR's address, which may change at
unexpected times.
Also, change the NNC_CreateInstance() to accept only the NTP port to
make it clear the initial NTP address is the same as the NTS-KE address
and to make it consistent with NNC_ChangeAddress(), which accepts only
one address.
commit 2e52aca3bf99b316fe78e6ac17d14838c3e8c86a
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Tue Feb 9 16:06:36 2021 +0100
ntp: avoid recursive update of address
Allow NSR_UpdateSourceNtpAddress() to be (indirectly) called from
NCR_CreateInstance() and NCR_ChangeRemoteAddress(). In these cases, save
the addresses and make the update later when the function calls return.
commit b0fc5832f4bac39e879495a7e2f8c0268fb83cdb
Author: Miroslav Lichvar <mlich...@redhat.com>
Date: Tue Feb 9 13:07:37 2021 +0100
ntp: require port match in address update
In NSR_UpdateSourceNtpAddress() and other updates of the address require
that the old port matches the current source's port.
-----------------------------------------------------------------------
Summary of changes:
client.c | 2 +-
conf.c | 79 ++++++++++++++++++++++++++++-----------
conf.h | 5 +--
doc/chrony.conf.adoc | 19 +++++++---
ntp_auth.c | 4 +-
ntp_auth.h | 2 +-
ntp_core.c | 3 +-
ntp_sources.c | 92 ++++++++++++++++++++++++++++++++++++++++------
ntp_sources.h | 3 +-
nts_ke_client.c | 8 +++-
nts_ke_server.c | 17 ++++-----
nts_ke_session.c | 69 +++++++++++++++++++++++++---------
nts_ke_session.h | 15 +++++---
nts_ntp_client.c | 36 ++++++++++--------
nts_ntp_client.h | 2 +-
nts_ntp_server.c | 4 +-
stubs.c | 2 +-
test/unit/ntp_auth.c | 2 +-
test/unit/nts_ke_session.c | 10 +++--
test/unit/nts_ntp_client.c | 2 +-
20 files changed, 270 insertions(+), 106 deletions(-)
hooks/post-receive
--
chrony/chrony.git
--
To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe"
in the subject.
For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the
subject.
Trouble? Email listmas...@chrony.tuxfamily.org.
