faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
731 commits 8 branches 75 tags 4.3 MiB
Commit graph

731 commits

This branch
This branch
All branches
Author SHA1 Message Date
Miroslav Lichvar
c6fdeeb6bb Don't send uninitialized data in command replies 
The RPY_SUBNETS_ACCESSED and RPY_CLIENT_ACCESSES command replies can
contain uninitalized data from stack when the client logging is disabled
or a bad subnet is requested. These commands were never used by chronyc
and they require the client to be authenticated since version 1.25.
 2013-08-07 14:46:16 +02:00
Miroslav Lichvar
7712455d9a Fix buffer overflow when processing crafted command packets 
When the length of the REQ_SUBNETS_ACCESSED, REQ_CLIENT_ACCESSES
command requests and the RPY_SUBNETS_ACCESSED, RPY_CLIENT_ACCESSES,
RPY_CLIENT_ACCESSES_BY_INDEX, RPY_MANUAL_LIST command replies is
calculated, the number of items stored in the packet is not validated.

A crafted command request/reply can be used to crash the server/client.
Only clients allowed by cmdallow (by default only localhost) can crash
the server.

With chrony versions 1.25 and 1.26 this bug has a smaller security
impact as the server requires the clients to be authenticated in order
to process the subnet and client accesses commands. In 1.27 and 1.28,
however, the invalid calculated length is included also in the
authentication check which may cause another crash.
 2013-08-07 13:39:02 +02:00
Miroslav Lichvar
a9a5f98406 Update chrony.conf.example2 2013-08-02 15:43:44 +02:00
Miroslav Lichvar
9ac8f64d89 Don't mention pre 2.2 Linux kernels in documentation 2013-08-02 15:43:44 +02:00
Miroslav Lichvar
0da5cf9163 Update NEWS 2013-07-17 16:19:45 +02:00
Miroslav Lichvar
f6a39d75a7 Treat address bind errors as non-fatal 2013-07-17 13:45:36 +02:00
Miroslav Lichvar
25aa9f5b42 Update chrony.spec.sample 2013-07-01 19:00:06 +02:00
Miroslav Lichvar
829b3adac3 Update copyright in chronyc GPL string 2013-07-01 17:53:27 +02:00
Miroslav Lichvar
4847a3a259 Update NEWS 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
551541d9c8 Update example config files more 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
f996f4c9fb Document port directive set to 0 as random port 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
ac78ad60f3 Use texi2html only if it's available 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
42d7cf8922 Don't ship faqgen.pl 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
e811ba7b4c Fix possible leaks of temporary file names 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
cb464cac4d Fix memset calls 2013-06-21 14:39:33 +02:00
Miroslav Lichvar
fa409ddc8f Update documentation 2013-06-20 18:00:32 +02:00
Miroslav Lichvar
821226e473 Update example config files 2013-06-20 17:23:32 +02:00
Miroslav Lichvar
0e298bedf6 Create /etc and /var/lib/chrony on installation 2013-06-20 14:47:06 +02:00
Miroslav Lichvar
aa76760268 Avoid sentences written in first person 2013-06-20 13:24:24 +02:00
Miroslav Lichvar
8bf87bbfde Update comparison with ntpd 2013-06-20 13:24:24 +02:00
Miroslav Lichvar
38e889c85c Remove fixed problems from FAQ 2013-06-19 14:40:20 +02:00
Miroslav Lichvar
d5b737cce8 Update copyright years 2013-06-19 12:50:26 +02:00
Miroslav Lichvar
6ba764b5be Don't call finalise functions on fatal error 
Also, return with non-zero exit code.
 2013-06-19 12:28:00 +02:00
Miroslav Lichvar
707b857b68 Combine source frequencies by skew 2013-06-19 12:11:27 +02:00
Miroslav Lichvar
f8d609fee5 Add minimum skew limit to sourcestats 2013-06-19 10:22:49 +02:00
Miroslav Lichvar
01f797ac05 Fix printing of outlier status 2013-06-18 16:13:17 +02:00
Miroslav Lichvar
6fa11a853a Add more entries to tracking log 
Add number of combined sources, remaining offset correction from
previous update and estimated stddev of the combined offset.
 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
9c78ad708b Fix maxchange offset check 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
57f8160d6c Call maybe_log_offset and update_leap_status after adjusting clock 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
8d80ce444f Fix spelling 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
95c3acf67e Log manual entries with MANU refid in tracking log 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
561f7a66dd Fix log message to not include newline 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
0193688671 Fix printing of negative offset with settime command 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
6d7605a3d0 Reuse REF_SetReference code with manual reference 2013-06-17 18:26:47 +02:00
Miroslav Lichvar
e0171f6e96 Write freq and skew to drift file with six decimal places 2013-06-14 19:24:03 +02:00
Miroslav Lichvar
4ef1c6f2c8 Use fscanf to read drift file 2013-06-14 19:24:03 +02:00
Miroslav Lichvar
f7e2d7c2ec Modify minimum skew checking 2013-06-14 16:27:15 +02:00
Miroslav Lichvar
3d1be1cd75 Replace bzero with memset 2013-06-14 13:48:16 +02:00
Miroslav Lichvar
2d509eb8bd Remove changelog from conf.c 2013-06-14 13:44:15 +02:00
Miroslav Lichvar
6ca73bf670 Cleanup including of system headers 2013-06-14 13:41:16 +02:00
Miroslav Lichvar
f7802f0111 Don't abort on EINTR select errors 2013-06-14 12:37:24 +02:00
Miroslav Lichvar
2f3ef235a1 Replace LOG_FATAL call with assert in SCH_MailLoop 2013-06-14 12:35:51 +02:00
Miroslav Lichvar
1ad22e9a02 Don't apply outlyer penalty at beginning 
Wait until the reach register is full to allow marking a source as
outlyer for 32 updates. This makes start nicer with iburst.
 2013-06-13 18:20:53 +02:00
Miroslav Lichvar
6d2fb9f782 Add minsamples and maxsamples directives 
Allow configuration of the maximum and minimum number of samples per
source.
 2013-06-13 16:23:32 +02:00
Miroslav Lichvar
22e5ed44c2 Modify SST_GetSelectionData to return only necessary data 2013-06-12 16:06:33 +02:00
Miroslav Lichvar
9666831818 Use UTI_DiffTimevalsToDouble to calculate theta 2013-06-12 15:30:28 +02:00
Miroslav Lichvar
ff8e04f9ba Fix fabs use on delay 2013-06-12 15:30:28 +02:00
Miroslav Lichvar
52272f4dc5 Limit sources included in combining 
Combine only sources whose distance is shorter than distance of the
selected source multiplied by the value of combinelimit and their
estimated frequencies are close to the frequency of the selected source.
Add outlyer status for sources which are selectable, but not included in
the combining. The status is displayed as '-' in the chronyc sources
output.
 2013-06-12 10:25:46 +02:00
Miroslav Lichvar
18a66a2ba8 Resurrect source combining 
This is based on the code that was removed in CVS revision 1.3 of
sources.c. The weighting is simplified and the code is moved to a new
function.
 2013-06-11 16:36:50 +02:00
Miroslav Lichvar
8aa9eb19c8 Remove unnecessary adjtimex calls 2013-06-06 19:38:36 +02:00