Navigation:
Browse pkgsrc
(this page)Log Message: ntpsec: update to 1.1.9 == 2020-05-23: 1.1.9 == Correctly parse ntpq :config output on Python 3 and check return MACs. Add AES and other algorithm support to ntpq and ntpdig, from OpenSSL. Remove support for NetInfo. NetInfo was last supported in Mac OS X v10.4 The configure step now supports --disable-nts for running on systems with older versions of OpenSSL. The default restrictions now start with noquery and limited to reduce the opportunities for being used for DDoS-ing. The draft RFC for NTS has dropped support for TLSv1.2 We now need OpenSSL with TLSv1.3 support (version 1.1.1 or newer). The config keyword +tlsciphers+ has been removed. Additional filtering and sort options have been added to ntpq/mrulist Details are in the man page. Rate limiting has been cleaned up. With "restrict limited", traffic is now limited to an average of 1 packet per second with bursts of 20. (needs doc and maybe config) SIGHUP and hourly checks have been unified. Both now check for a new log file check for a new certificate file check for a new leap file SIGHUP also restarts all pending DNS and NTS probes. NTS client now requires ALPN on TLSv1.3. asciidoctor (1.5.8 or newer) is now supported and is the preferred AsciiDoc processor. asciidoc is still supported, but the minimum supported version has been raised from 8.6.0 to 8.6.8. asciidoc3 (3.0.2 or newer) is also supported. HTML docs are now built by default if an AsciiDoc processor is installed. If you do not want HTML docs, configure with --disable-doc. (Note: Man pages are controlled by a separate --disable-manpage.) Analysis shows that CVE-2020-11868, affecting NTP Classic, cannot affect us, as the peer mode involved has been removed. == 2019-11-17: 1.1.8 == Fix bug in NTS-KE client so that NTP server names work. Fix/tweak several NTS logging messages. == 2019-09-02: 1.1.7 == The numeric literal argument of the 'time1' fudge option on a clock can now have one or more letter suffixes that compensate for era rollover in a GPS device. Each "g" adds the number of seconds in a 1024-week (10-bit) GPS era. Each "G" adds the number of seconds in a 8192-week (13-bit) GPS era. The neoclock4x driver has been removed, due to the hardware and the vendor having utterly vanished from the face of the earth. The NTS ALPN negotiation sequence has been modified for improved interoperability with other NTS implementations. NTS key rotation now happens every 24 hours. It used to rotate every hour to enable testing of recovery from stale cookies. == 2019-07-10: 1.1.6 == Fixes to code quality checks. Fixes to NTS server list. Fix to bug #600. == 2019-06-30: 1.1.5 == Add ALPN for the NTS server, as required by the NTP draft. Revert some ntpq behavior. == 2019-06-21: 1.1.4 == NTS is now implemented. See .../devel/nts.adoc https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp We thank Cisco for sponsoring the NTS development. Lots of fixes and cleanups to PPS, both implementation and documentation. Pthread support is now required. --disable-dns-lookup is gone. NIST lockclock mode is now a runtime option set by the (previously unused) flag1 mode bit of the local-clock driver. As always, lots of minor fixups and cleanups everywhere. See the git log.
New packages: