Currently, on multihomed host, when chrony is not bound to a specific
IP address, a query is sent to an interface and the default source IP
hint for the back route differs, the reply will have a source IP
different than where the query was destinied to. This will cause
problems because connection tracking firewalls will drop the replies
and most likely the client program will get confused too.
This patch uses the IP_PKTINFO mechanism to get the IP address where
received packets where targetted to and use that IP address as source
hint when sending a reply.
GNU readline recently changed license to GPLv3+ which makes it
incompatible with chrony (GPLv2). This patch adds support for editline
library (BSD license).
The attached patch adds support for mlockall() as well as the SCHED_FIFO
real-time scheduler. It should result in reduced (and more consistent)
latency. Usage is documented in all the documents.
Leap second status is accepted and forwarded to clients if majority
of selectable sources agree. The actual insertion/deletion is supported
only on Linux now.
Attached is a patch adding a linux capabilities support to chronyd. It
adds -u option which can be used to specify the user which chronyd
should switch to.
I tried running chronyd in valgrind and the result was that there are four
places where memory is not initialized. A patch fixing the errors is in the
attachment.
John writes:
Here is a patch that should prevent the endless loop. I've changed
UTI_NormaliseTimeval() to use divide/remainder instead of a loop. It also
replaces some similar loops with calls to UTI_NormaliseTimeval() and fixes
an unrelated bug in UTI_DiffTimevals().
Thomas wrote:
I found a bug in the chrony client (chronyc) that affects its ability to talk
to remote hosts over the control port (323/udp).
For example, running "chronyc -h 192.168.1.3 sources -v" would just sit there
and hang, and eventually timeout. I found out with tcpdump that chronyc
actually tries to connect to 255.168.1.3 instead of 192.168.1.3.
(Taken from
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348412
)
Attached is a patchlet to make the "sources" command of chrony output properly
signed numbers. The chronyd code (see e.g. ntp.h) properly uses int32_t and
friends to get the right number of bits per datatype while client.c just uses
short, int, long. But long will be 64 bit or 32 bit depending on the cpu.
Further to the discussion with John Hasler, here are new diffs which
handles the incoming stratum 0 claim of a remote server by redefining the
incoming stratum as one bigger than the Max if it is zero, as per the NTP
version 4 documentation.
If the incoming stratum is zero it sets it to NTP_MAX_STRATUM+1 . If our
current stratum is larger than the NTP_MAX_STRATUM, the outgoing stratum is
also set to zero as per the suggestions in the NTP docs.
Introduces the new NTP_INVALID_STRATUM of 0 for doing these tests or
setting the outgoing stratum.
It is unclear whether chrony wants to follow NTP in setting the outgoing
stratum to zero if it is unknown or invalid, rather than a number larger
than the max stratum. Setting it to zero seems silly, since zero is already
used to define the stratum of a hardware clock (GPS, atomic, etc). This
seems ripe for confusion. But the fact that the ntp docs state to do this,
and that ntp servers (eg ntp.ubc.ca) are already doing this (using 0 to
mean invalid) means that chrony has to handle it on the incoming packets
from the servers.
2) Changes to rtc_linux.c which a) do a double read of /dev/rtc when the
PPM interupt is turned on after the wait time expires. The current read
does not block to the second, as it should, thus two reads are needed.
Also, changes so that at startup the system properly ignores the last
system time from the initial burst mode for setting the system time since
it can be way off. At present this last system time is included in the
regression, which throws it off until finally that sample is dropped.
I switch to the git version of chrony. Accidently this version did not
talk to by lokal server at 192.168.192.4. Instead it continuosly tried
255.255.192.4 :-( .
Tracked that down to "char", "unsigned char" issue in nameserv.c:
Kevin Lyda writes:
I enclose the following patch which removes all but three of the warnings. i
don't have any non-linux systems handy to test a fix to the round() function.
but having it return a double should be fine.
It doesn't actually fix anything, it just shuts up -Wall, so it's certainly an
optional type of patch.
Eric Lammerts writes:
This is known as Debian bug #195620, which is almost three years old!
The problem is that a uint32_t which comes out of ntohl() (but
actually represents a signed value) is directly promoted to long.
Therefore no sign extension takes place.
Patch below solves the problem. There are other places where this
needs to be fixed, but I'll leave that to a less lazy person.
Bernard Weiss writes:
I managed to compile the chrony 1.21 package for the MIPS architecture.
For the package to compile I had to add the following lines to io_linux.h:
[patch]
These values are taken from the ioctl.h file of linux 2.4.30 for the MIPS arch
(__ASM_MIPS_IOCTL_H).
