(4.2.8p7) 2016/04/26 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 2901] KoD packets must have non-zero transmit timestamps. HStenn.
* [Sec 2936] Skeleton Key: Any system knowing the trusted key can serve
time. Include passive servers in this check. HStenn.
* [Sec 2945] Additional KoD packet checks. HStenn.
* [Sec 2978] Interleave can be partially triggered. HStenn.
* [Sec 3007] Validate crypto-NAKs. Danny Mayer.
* [Sec 3008] Always check the return value of ctl_getitem().
- initial work by HStenn
- Additional cleanup of ctl_getitem by perlinger@ntp.org
* [Sec 3009] Crafted addpeer with hmode > 7 causes OOB error. perlinger@ntp.org
- added more stringent checks on packet content
* [Sec 3010] remote configuration trustedkey/requestkey values
are not properly validated. perlinger@ntp.org
- sidekick: Ignore keys that have an unsupported MAC algorithm
but are otherwise well-formed
* [Sec 3011] Duplicate IPs on unconfig directives will cause an assertion botch
- graciously accept the same IP multiple times. perlinger@ntp.org
* [Sec 3020] Refclock impersonation. HStenn.
* [Bug 2831] Segmentation Fault in DNS lookup during startup. perlinger@ntp.org
- fixed yet another race condition in the threaded resolver code.
* [Bug 2858] bool support. Use stdbool.h when available. HStenn.
* [Bug 2879] Improve NTP security against timing attacks. perlinger@ntp.org
- integrated patches by Loganaden Velvidron <logan@ntp.org>
with some modifications & unit tests
* [Bug 2952] Symmetric active/passive mode is broken. HStenn.
* [Bug 2960] async name resolution fixes for chroot() environments.
Reinhard Max.
* [Bug 2994] Systems with HAVE_SIGNALED_IO fail to compile. perlinger@ntp.org
* [Bug 2995] Fixes to compile on Windows
* [Bug 2999] out-of-bounds access in 'is_safe_filename()'. perlinger@ntp.org
* [Bug 3013] Fix for ssl_init.c SHA1 test. perlinger@ntp.org
- Patch provided by Ch. Weisgerber
* [Bug 3015] ntpq: config-from-file: "request contains an unprintable character"
- A change related to [Bug 2853] forbids trailing white space in
remote config commands. perlinger@ntp.org
* [Bug 3019] NTPD stops processing packets after ERROR_HOST_UNREACHABLE
- report and patch from Aleksandr Kostikov.
- Overhaul of Windows IO completion port handling. perlinger@ntp.org
* [Bug 3022] authkeys.c should be refactored. perlinger@ntp.org
- fixed memory leak in access list (auth[read]keys.c)
- refactored handling of key access lists (auth[read]keys.c)
- reduced number of error branches (authreadkeys.c)
* [Bug 3023] ntpdate cannot correct dates in the future. perlinger@ntp.org
* [Bug 3030] ntpq needs a general way to specify refid output format. HStenn.
* [Bug 3031] ntp broadcastclient unable to synchronize to an server
when the time of server changed. perlinger@ntp.org
- Check the initial delay calculation and reject/unpeer the broadcast
server if the delay exceeds 50ms. Retry again after the next
broadcast packet.
* [Bug 3036] autokey trips an INSIST in authistrustedip(). Harlan Stenn.
* Document ntp.key's optional IP list in authenetic.html. Harlan Stenn.
* Update html/xleave.html documentation. Harlan Stenn.
* Update ntp.conf documentation. Harlan Stenn.
* Fix some Credit: attributions in the NEWS file. Harlan Stenn.
* Fix typo in html/monopt.html. Harlan Stenn.
* Add README.pullrequests. Harlan Stenn.
* Cleanup to include/ntp.h. Harlan Stenn.
---
(4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn.
* [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
* [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org
* [Sec 2938] ntpq saveconfig command allows dangerous characters
in filenames. perlinger@ntp.org
* [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org
* [Sec 2940] Stack exhaustion in recursive traversal of restriction
list. perlinger@ntp.org
* [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn.
* [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org
* [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org
* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org
* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
- applied patch by shenpeng11@huawei.com with minor adjustments
* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org
* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org
* [Bug 2892] Several test cases assume IPv6 capabilities even when
IPv6 is disabled in the build. perlinger@ntp.org
- Found this already fixed, but validation led to cleanup actions.
* [Bug 2905] DNS lookups broken. perlinger@ntp.org
- added limits to stack consumption, fixed some return code handling
* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
- changed stacked/nested handling of CTRL-C. perlinger@ntp.org
- make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
* [Bug 2980] reduce number of warnings. perlinger@ntp.org
- integrated several patches from Havard Eidnes (he@uninett.no)
* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org
- implement 'auth_log2()' using integer bithack instead of float calculation
* Make leapsec_query debug messages less verbose. Harlan Stenn.
* Disable incomplete t-ntp_signd.c test. Harlan Stenn.
---
* [Sec 2956] small-step/big-step. Close the panic gate earlier. HStenn.
* CID 1339955: Free allocated memory in caljulian test. HStenn.
* CID 1339962: Explicitly initialize variable in caljulian test. HStenn.
* CID 1341527: Quiet a CHECKED_RETURN in sntp/tests/t-log.c. HStenn.
* CID 1341533: Missing assertion in sntp/tests/t-log.c. HStenn.
* CID 1341534: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
* CID 1341535: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
* CID 1341536: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
* CID 1341537: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
* CID 1341538: Memory leak in tests/ntpd/ntp_prio_q.c:262. HStenn.
* CID 1341677: Nits in sntp/tests/keyFile.c. HStenn.
* CID 1341678: Nits in sntp/tests/keyFile.c. HStenn.
* CID 1341679: Nits in sntp/tests/keyFile.c. HStenn.
* CID 1341680: Nits in sntp/tests/keyFile.c. HStenn.
* CID 1341681: Nits in sntp/tests/keyFile.c. HStenn.
* CID 1341682: Nit in libntp/authreadkeys.c. HStenn.
* CID 1341684: Nit in tests/ntpd/t-ntp_signd.c. HStenn.
* [Bug 2829] Look at pipe_fds in ntpd.c (did so. perlinger@ntp.org)
* [Bug 2887] stratum -1 config results as showing value 99
- fudge stratum should only accept values [0..16]. perlinger@ntp.org
* [Bug 2932] Update leapsecond file info in miscopt.html. CWoodbury, HStenn.
* [Bug 2934] tests/ntpd/t-ntp_scanner.c has a magic constant wired in. HMurray
* [Bug 2944] errno is not preserved properly in ntpdate after sendto call.
- applied patch by Christos Zoulas. perlinger@ntp.org
* [Bug 2952] Symmetric active/passive mode is broken. HStenn.
* [Bug 2954] Version 4.2.8p4 crashes on startup with sig fault
- fixed data race conditions in threaded DNS worker. perlinger@ntp.org
- limit threading warm-up to linux; FreeBSD bombs on it. perlinger@ntp.org
* [Bug 2957] 'unsigned int' vs 'size_t' format clash. perlinger@ntp.org
- accept key file only if there are no parsing errors
- fixed size_t/u_int format clash
- fixed wrong use of 'strlcpy'
* [Bug 2958] ntpq: fatal error messages need a final newline. Craig Leres.
* [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets. perlinger@ntp.org
- fixed several other warnings (cast-alignment, missing const, missing prototypes)
- promote use of 'size_t' for values that express a size
- use ptr-to-const for read-only arguments
- make sure SOCKET values are not truncated (win32-specific)
- format string fixes
* [Bug 2965] Local clock didn't work since 4.2.8p4. Martin Burnicki.
* [Bug 2967] ntpdate command suffers an assertion failure
- fixed ntp_rfc2553.c to return proper address length. perlinger@ntp.org
* [Bug 2969] Seg fault from ntpq/mrulist when looking at server with
lots of clients. perlinger@ntp.org
* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
- changed stacked/nested handling of CTRL-C. perlinger@ntp.org
* Unity cleanup for FreeBSD-6.4. Harlan Stenn.
* Unity test cleanup. Harlan Stenn.
* Libevent autoconf pthread fixes for FreeBSD-10. Harlan Stenn.
* Header cleanup in tests/sandbox/uglydate.c. Harlan Stenn.
* Header cleanup in tests/libntp/sfptostr.c. Harlan Stenn.
* Quiet a warning from clang. Harlan Stenn.
* Update the NEWS file. Harlan Stenn.
* Update scripts/calc_tickadj/Makefile.am. Harlan Stenn.
(4.2.8p2) 2015/04/07 Released by Harlan Stenn <stenn@ntp.org>
(4.2.8p2-RC3) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2763] Fix for different thresholds for forward and backward steps.
---
(4.2.8p2-RC2) 2015/04/03 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2592] FLAG_TSTAMP_PPS cleanup for refclock_parse.c.
* [Bug 2769] New script: update-leap
* [Bug 2769] cleannup for update-leap
* [Bug 2788] New flag -G (force_step_once).
* [Bug 2794] Clean up kernel clock status reports.
* [Bug 2795] Cannot build without OpenSLL (on Win32).
Provided a Win32 specific wrapper around libevent/arc4random.c.
fixed some minor warnings.
* [Bug 2796] ntp-keygen crashes in 'getclock()' on Win32.
* [Bug 2797] ntp-keygen trapped in endless loop for MD5 keys
on big-endian machines.
* [Bug 2798] sntp should decode and display the leap indicator.
* Simple cleanup to html/build.html
---
(4.2.8p2-RC1) 2015/03/30 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2794] Don't let reports on normal kernel status changes
look like errors.
* [Bug 2788] New flag -G (force_step_once).
* [Bug 2592] Account for PPS sources which can provide an accurate
absolute time stamp, and status information.
Fixed indention and removed trailing whitespace.
* [Bug 1787] DCF77's formerly "antenna" bit is "call bit" since 2003.
* [Bug 1960] setsockopt IPV6_MULTICAST_IF: Invalid argument.
* [Bug 2346] "graceful termination" signals do not do peer cleanup.
* [Bug 2728] See if C99-style structure initialization works.
* [Bug 2747] Upgrade libevent to 2.1.5-beta.
* [Bug 2749] ntp/lib/NTP/Util.pm needs update for ntpq -w, IPv6, .POOL. .
* [Bug 2751] jitter.h has stale copies of l_fp macros.
* [Bug 2756] ntpd hangs in startup with gcc 3.3.5 on ARM.
* [Bug 2757] Quiet compiler warnings.
* [Bug 2759] Expose nonvolatile/clk_wander_threshold to ntpq.
* [Bug 2763] Allow different thresholds for forward and backward steps.
* [Bug 2766] ntp-keygen output files should not be world-readable.
* [Bug 2767] ntp-keygen -M should symlink to ntp.keys.
* [Bug 2771] nonvolatile value is documented in wrong units.
* [Bug 2773] Early leap announcement from Palisade/Thunderbolt
* [Bug 2774] Unreasonably verbose printout - leap pending/warning
* [Bug 2775] ntp-keygen.c fails to compile under Windows.
* [Bug 2777] Fixed loops and decoding of Meinberg GPS satellite info.
Removed non-ASCII characters from some copyright comments.
Removed trailing whitespace.
Updated definitions for Meinberg clocks from current Meinberg header files.
Now use C99 fixed-width types and avoid non-ASCII characters in comments.
Account for updated definitions pulled from Meinberg header files.
Updated comments on Meinberg GPS receivers which are not only called GPS16x.
Replaced some constant numbers by defines from ntp_calendar.h
Modified creation of parse-specific variables for Meinberg devices
in gps16x_message().
Reworked mk_utcinfo() to avoid printing of ambiguous leap second dates.
Modified mbg_tm_str() which now expexts an additional parameter controlling
if the time status shall be printed.
* [Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto.
* [Sec 2781] Authentication doesn't protect symmetric associations against
DoS attacks.
* [Bug 2783] Quiet autoconf warnings about missing AC_LANG_SOURCE.
* [Bug 2789] Quiet compiler warnings from libevent.
* [Bug 2790] If ntpd sets the Windows MM timer highest resolution
pause briefly before measuring system clock precision to yield
correct results.
* Comment from Juergen Perlinger in ntp_calendar.c to make the code clearer.
* Use predefined function types for parse driver functions
used to set up function pointers.
Account for changed prototype of parse_inp_fnc_t functions.
Cast parse conversion results to appropriate types to avoid
compiler warnings.
Let ioctl() for Windows accept a (void *) to avoid compiler warnings
when called with pointers to different types.
---
(4.2.8p1) 2015/02/04 Released by Harlan Stenn <stenn@ntp.org>
* Update the NEWS file.
* [Sec 2671] vallen in extension fields are not validated.
---
(4.2.8p1-RC2) 2015/01/29 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2627] shm refclock allows only two units with owner-only access
rework: reverted sense of mode bit (so default reflects previous
behaviour) and updated ducumentation.
* [Bug 2732] - Leap second not handled correctly on Windows 8
use 'GetTickCount()' to get the true elapsed time of slew
(This should work for all versions of Windows >= W2K)
* [Bug 2738] Missing buffer initialization in refclocK_parse.c::parsestate().
* [Bug 2739] Parse driver with PPS enabled occasionally evaluates
PPS timestamp with wrong sign.
Removed some German umlauts.
* [Bug 2740] Removed some obsolete code from the parse driver.
* [Bug 2741] Incorrect buffer check in refclocK_parse.c::parsestatus().
---
(4.2.8p1-RC1) 2015/01/24 Released by Harlan Stenn <stenn@ntp.org>
* Start the RC for 4.2.8p1.
* [Bug 2187] Update version number generation scripts.
* [Bug 2617] Fix sntp Usage documentation section.
* [Sec 2672] Code cleanup: On some OSes ::1 can be spoofed...
* [Bug 2736] Show error message if we cannot open the config file.
* Copyright update.
* Fix the package name.
---
(4.2.8p1-beta5) 2015/01/07 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2695] Windows build: __func__ not supported under Windows.
* [Bug 2728] Work around C99-style structure initialization code
for older compilers, specifically Visual Studio prior to VS2013.
---
(4.2.8p1-beta4) 2015/01/04 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 1084] PPSAPI for ntpd on Windows with DLL backends
* [Bug 2695] Build problem on Windows (sys/socket.h).
* [Bug 2715] mdnstries option for ntp.conf from NetBSD.
* Fix a regression introduced to timepps-Solaris.h as part of:
[Bug 1206] Required compiler changes for Windows
(4.2.5p181) 2009/06/06
---
(4.2.8p1-beta3) 2015/01/02 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2627] shm refclock allows only two units with owner-only access
Use mode bit 0 to select public access for units >= 2 (units 0 & 1 are
always private.
* [Bug 2681] Fix display of certificate EOValidity dates on 32-bit systems.
* [Bug 2695] 4.2.8 does not build on Windows.
* [bug 2700] mrulist stopped working in 4.2.8.
* [Bug 2706] libparse/info_trimble.c build dependencies are broken.
* [Bug 2713] variable type/cast, parameter name, general cleanup from NetBSD.
* [Bug 2714] libevent may need to be built independently of any build of sntp.
* [Bug 2715] mdnstries option for ntp.conf from NetBSD.
---
(4.2.8p1-beta2) 2014/12/27 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2674] Install sntp in sbin on NetBSD.
* [Bug 2693] ntp-keygen doesn't build without OpenSSL and sntp.
* [Bug 2707] Avoid a C90 extension in libjsmn/jsmn.c.
* [Bug 2709] see if we have a C99 compiler (not yet required).
---
(4.2.8p1-beta1) 2014/12/23 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 2672] On some OSes ::1 can be spoofed, bypassing source IP ACLs.
* [Bug 2693] ntp-keygen doesn't build without OpenSSL.
* [Bug 2697] IN6_IS_ADDR_LOOPBACK build problems on some OSes.
* [Bug 2699] HAVE_SYS_SELECT_H is misspelled in refclock_gpsdjson.c.
---
christos