On Wed, Apr 10, 2019, 3:01 PM Hal Murray via devel wrote:
>
> g...@rellim.com said:
> > I would go further and say that order matters not at all. What matters
> is to
> > start both as root. Depending on whether I am working on gpsd of ntpd I
> will
> > just keep restarting the one I am working
On Wed, Apr 10, 2019, 4:47 PM Hal Murray via devel wrote:
>
> I just updated the NTS code to include a Copyright, copied from another
> module.
>
> If this isn't appropriate, please tell me what it should be.
>
> /*
> * nts_cookie.c - Network Time Security (NTS) cookie processing
> * Copyright
On Sat, Jun 29, 2019, 2:06 PM Hal Murray wrote:
>
> jamesb.f...@gmail.com said:
> > It builds on the Windows Subsystem for Linux but does not currently run,
> > something about missing adjtimex support. I can't say anything definite
> about
> > mingsys, cygwin or native.
>
> Thanks.
>
> Does ntpq
On Thu, Jul 11, 2019, 1:19 PM Hal Murray via devel wrote:
>
> Description : flatpak is a system for building, distributing and running
> : sandboxed desktop applications on Linux. See
> : https://wiki.gnome.org/Projects/SandboxedApps for more
> : informatio
On Mon, Jul 15, 2019, 5:15 PM Hal Murray via devel wrote:
>
> tenterl...@gmail.com said:
> > I come from a scientific background, where we compare results somewhat as
> > analog values. If the test result is off the expected by 1000%, that's
> bad.
> > If it's off 1%, better. If the error is .000
I have set up a branch replacing the current Python version-specific
ntp.ntpc with a language-agnostic foreign function interface stub point
and a version agnostic Python ntp.ntpc using cytpes.
On build, it produces a single shared library 'libntp.so' in the ntpd
sub^n-directory and a now neat Pyt
On Wed, Aug 14, 2019 at 7:56 PM Mark Atwood, Project Manager via devel <
devel@ntpsec.org> wrote:
> Can OnCore be supported by gpsd?
>
Probably, it was discussed a bit in bug 608 on the tracker before the
discussion moved here.
And while I also like removing code, we've removed a lot, and I'm no
On Thu, Aug 15, 2019 at 9:14 AM Eric S. Raymond wrote:
> James Browning via devel :
> > And while I also like removing code, we've removed a lot, and I'm not
> > > instantly adverse to giving the hobbyests a command option to handle
> > > wraparound on their
On Sun, Aug 18, 2019 at 5:27 PM Hal Murray via devel
wrote:
>
> e...@thyrsus.com said:
> > That's covered. In the page on NTPsec changes:
> > * Broadcast- and multicast modes, which are impossible to
> > secure, have been removed.
>
> I was looking for more information. Why can't we secure it?
On Mon, Aug 19, 2019 at 6:49 PM Gary E. Miller via devel
wrote:
> Yo Matthew!
>
> On Tue, 20 Aug 2019 01:42:50 +
> Matthew Selsky wrote:
>
> > I'm not sure why Dan's fork of the repo doesn't have jobs enabled...
>
> Every MR I have looked at on gpsd and ntpsec.
>
I am not a member of gpsd/g
On Tue, Aug 20, 2019 at 11:43 AM James Browning
wrote:
> On Tue, Aug 20, 2019 at 10:55 AM Gary E. Miller via devel <
> devel@ntpsec.org> wrote:
>
>> Yo Achim!
>>
>> On Tue, 20 Aug 2019 19:52:07 +0200
>> Achim Gratz via devel wrote:
>>
>> > Gary E. Miller via devel writes:
>> > > I just pushed Da
On Fri, Aug 23, 2019, 9:43 AM Sanjeev Gupta via devel
wrote:
> We need a point release. Significant things that have happened recently:
>
>
>- The g and G suffixes
>- Removal of neoclock4x
>- Some doc changes
>- The ALPN change
>
> The last is critical, it throws into doubt all th
On Fri, Aug 23, 2019 at 9:43 AM Sanjeev Gupta via devel
wrote:
> We need a point release. Significant things that have happened recently:
>
>
>- The g and G suffixes
>- Removal of neoclock4x
>- Some doc changes
>- The ALPN change
>
> The last is critical, it throws into doubt all
On Fri, Aug 23, 2019 at 12:41 PM Eric S. Raymond wrote:
> James Browning via devel :
> > AFAICT issues 599 and 566 still affect FreeBSD.
>
> Not urgent, IMO. In particular, I'm now fweeking more pressure to get
> the NTS fix out.
>
Then they can wait. Sanjeev pointed
On Fri, Aug 23, 2019 at 9:11 PM Hal Murray via devel
wrote:
>
> > Has anybody seen anything like this before?
> > Assuming "no", I'll try bisecting tomorrow.
>
> My attempt at bisecting hit a brick wall. I backed up many months and it
> still fails.
>
> I guessed that something strange had happe
On Sun, Aug 25, 2019 at 3:49 PM Hal Murray via devel
wrote:
> I think it should be fixed for the release, but I don't know how to do it.
>
> There used to be code in the msyslog processing that handled %m if it
> wasn't
> included in the local printf. I'm guessing it was removed to eliminate
> w
On Mon, Aug 26, 2019, 8:02 PM Hal Murray via devel wrote:
>
> How do I tell waf to fail on warnings?
>
> I'm trying to use this to detect which API I'm getting.
>
> STRERROR_FRAG = """
> #include
> int main(void) {
> char buf [100];
> const char *foo = strerror_r(6, buf, sizeof(buf));
> re
On Wed, Aug 28, 2019 at 5:24 PM Eric S. Raymond via devel
wrote:
> Sanjeev Gupta :
> > Eric, there is a incompatibility break, so could we do 1.2.0 , please?
>
> Mark's call. I beliecew he's considering shipping 1.2.0 shortly after.
My impression is that he is waiting for the IETF and IANA to
On Mon, Sep 2, 2019 at 4:11 AM Hal Murray via devel
wrote:
>
> I missed some uses of strerror_r() in the ISC routines.
>
> I think all uses of UNEXPECTED_ERROR should switch to msyslog
> Then we can delete include/isc_error.h and libntp/isc_error.c
>
It is done (badly) in merge request !1029 see
While working on a script[1], I stumbled across this issue. the cmd.Cmd
class does not call its precmd function from its onecmd function in
either Python 2.7 or 3.6. I see several possible paths forward.
1. Ignore the issue and hope it goes away.
2. Report it upstream.
3. Change over to hot_config
On Wed, Sep 11, 2019 at 7:43 PM Hal Murray via devel
wrote:
>
> Any openssl command line wizards?
>
Probably, not me though.
> What do I type to find out when my certificate expires? We should make a
> script that can be called from cron.
>
generally something like the following works fairly
-- Forwarded message -
From: James Browning
Date: Mon, Sep 16, 2019 at 4:07 PM
Subject: Re: Future directions
To: Mark Atwood
On Mon, Sep 16, 2019 at 3:24 PM Mark Atwood via devel
wrote:
> On Mon, Sep 16, 2019, at 14:09, Hal Murray via devel wrote:
> > I think we should put th
On Tue, Sep 17, 2019 at 1:23 PM Richard Laager wrote:
> On 9/16/19 6:08 PM, James Browning via devel wrote:
> > - additions to the DNS code to allow non-A/ pools. (cname/srv
> probably)
>
> Is it not following CNAMEs already? I haven't checked.
>
No, it seems not
On Sat, Sep 21, 2019, 12:55 PM Paul Theodoropoulos via devel <
devel@ntpsec.org> wrote:
> Just a quick note, as I'm vetting all my installations - after running
> './waf configure --refclock=all', followed by './waf install', all of the
> applications in main/ntpclients are installed - except for
On Wed, Sep 25, 2019, at 3:22 AM Richard Laager via devel
wrote:
> At work, I have two NTP servers. They are part of the pool, with both
> IPv4 and IPv6.
>
> Internally, my systems use my NTP servers (marked with prefer) and the
> pool to provide additional sources. As is typical, ntpd prefers IP
The length of the SHM construct appears to date back to 1997 at that
time according to Wikipedia only four processor architectures had
64-bit address spaces. I have no information on the prevalence of
64-bit processors. However, I think it is reasonable to assume that
the integers of that time defa
On Sat, Oct 26, 2019 at 7:49 AM Eric S. Raymond wrote:
> James Browning via devel :
> > I would like to propose a new SHM implementation
>
> The trouble with any new SHM proposal is that the underlayer is not
> POSIX and we theefore can't count on it continuing to exist.
&
On Sat, Oct 26, 2019, at 8:24 PM Hal Murray wrote:
>
> > I do not have access to a copy of POSIX and the SuSv2 seems to have SHM
> > support.
>
> You can probably get what you need from man pages. Try man shm_overview
There are links in the documentation that I should have read before
removing
After looking at devel/HACKING, I do not see a policy on including
external python modules.
The came up because I have a merge request (!1044), which adds support
for RIPEMD160, SHA-1, and AES128CMAC. The CMAC implementation currently
requires the pycryptodome[1] module.
If external modules are n
On Mon, Nov 4, 2019, at 5:23 PM Richard Laager via devel
wrote:
> Each of these names (N.debian.pool.ntp.org) resolves to only 4 IPs.* The
> four of them resolve to (mostly) non-overlapping IPs. In other words, if
> I resolve only one name, I get 4 IPs, but if I resolve all four names, I
> get 15
On Sun, Nov 24, 2019, 6:08 AM Udo van den Heuvel via devel
wrote:
> On 24-11-2019 15:01, Eric S. Raymond wrote:
> > Udo van den Heuvel :
> >> I have an M8N on order, would that be compatible enough to this driver?
> >> If so: I could help test etc.
> >
> > That can't hurt - they speak the same pr
On Sun, Nov 24, 2019, at 12:12 AM Hal Murray via devel
wrote:
>
> Mark Atwood said:
> > On the other other other hand, can we have a Python binding on the C
> crypto
> > routines that ntpd uses?
>
I'd probably prefer a generic FFI module with a ctypes wrapper
but yes probably.
> The ntpd code
On Mon, Nov 25, 2019 at 3:15 PM Sanjeev Gupta via devel
wrote:
> From: docs/driver_shm.adoc
>
> Is the first paragraph still required, if it doesn't apply to current
> nrpsec?
>
> And I cant parse the second paragraph, especially the first line. What
> should I use? Not the ancient method, sure
On Mon, Dec 9, 2019, 11:35 AM Hal Murray via devel wrote:
>
> I haven't seen that mail recently.
>
I do not know. Quick bit of googling found
https://docs.gitlab.com/ee/user/project/integrations/emails_on_push.html
which might be related.
>
___
devel
Not much. Every distro seems to have its' tool. Most in Linux space
seem to use iptables although nftables is IMO better.
On Fri, Dec 27, 2019, at 12:31 AM Hal Murray via devel wrote:
> I recently setup a new system (Fedora) to replace a box that had died and
> thought it was working OK. Then I
The current symmetric auth scheme requires a not-an-extension which is
(formerly 10) 20 or 24 bytes of an essentially unidentifiable binary
blob. to check for it, you either need a length for the authenticated
stream or walk backward in the packet to see if the text matches a
symmetric authenticato
On Mon, Jan 13, 2020 at 5:58 PM Eric S. Raymond via devel
wrote:
>
> Hal Murray via devel :
> > A year or 2 ago, I put together a script to test as many build time options
> > as
> > I thought reasonable. It's in ./tests/option-tester.sh
> >
> > Does anybody other than me use it?
>
> I've run it
On Mon, Jan 13, 2020 at 10:40 PM Hal Murray wrote:
:::snip:::
> > Any particular distro anyone wants it to run on? j/k
>
> The idea is NOT to run it as part of a normal checkin, but have something in
> addition that could be triggered manually or by the equivalent of a cron job.
> I'm thinking of
On Sat, Jan 11, 2020, at 1:03 AM Hal Murray wrote:
> > The current symmetric auth scheme requires a not-an-extension which is
> > (formerly 10) 20 or 24 bytes of an essentially unidentifiable binary blob.
> > to
> > check for it, you either need a length for the authenticated stream or walk
> > b
On Sun, Feb 2, 2020, at 3:49 PM Gary E. Miller via devel
wrote:
>
> Yo Jason!
>
> On Sun, 02 Feb 2020 16:44:25 -0500
> Jason Azze via devel wrote:
>
> > It looks like the --enable-doc waf configuration option was removed
> > in the commit "Add support for other asciidoc processors". Was there
> >
On Sun, Feb 2, 2020 at 7:27 PM Eric S. Raymond via devel
wrote:
> Richard Laager via devel :
> > On 2/2/20 3:44 PM, Jason Azze via devel wrote:
> > > It looks like the --enable-doc waf configuration option was removed in
> > > the commit "Add support for other asciidoc processors". Was there any
On Mon, Feb 17, 2020 at 5:02 PM Hal Murray via devel wrote:
> See issue #642
> https://gitlab.com/NTPsec/ntpsec/issues/642
As handwaved the patch.
From b0b7f7b6016076c7204468cd15888eb1085782b0 Mon Sep 17 00:00:00 2001
From: James Browning
Date: Tue, 18 Feb 2020 10:32:53 -0800
Subject: [PATCH]
On Sat, Feb 22, 2020, at 6:40 PM Hal Murray wrote:
>
> Looks like the second test is backwards. It's printing the message on a
> system where pipefail works.
>
> if (set -o pipefail) 2>/dev/null
> then
> echo "### Old sh - no pipefail"
> echo "### We can't test for errors during build"
> ec
On Tue, Feb 25, 2020, 7:37 AM Richard Laager via devel
wrote:
> On 2/24/20 11:02 PM, Hal Murray via devel wrote:
> > I'm looking at strace output. There are a few calls used only once or
> twice.
> >
> > It seems obvious that we should drop root as early as possible. But
> it's not
> > obvious
On Tue, Feb 25, 2020, at 1:37 PM Eric S. Raymond wrote:
>
> James Browning via devel :
> > Is there anything preventing the possibility of an early looser
> > seccomp setup and then tightening it later possibly with a knob
> > to generate terse or verbose warnings instead
On Fri, Feb 28, 2020 at 3:26 AM Hal Murray via devel wrote:
>
> Lots of handwaving here.
:::snip:::
> Can we break the current ntpd blob into smaller chunks? How about:
> NTP server
> NTP client
> NTS-KE server
> ntpq client
I think you mean mode 6/7 server there. It might also be a
plac
[[removed clumpy textdump]]
It is not on our end. It's probably a bad mirror or three at Gentoo.
Retrying the latest failed job succeeds.
Stomping this will likely involve talking to the Gentoo Infrastructure team.
failed job output at https://gitlab.com/NTPsec/ntpsec/-/jobs/517952633
__
On Thu, May 7, 2020 at 3:43 PM Watson Ladd via devel wrote:
>
> On Thu, May 7, 2020 at 4:31 PM Hal Murray via devel wrote:
> >
> >
> > devel@ntpsec.org said:
> > > I have upgraded to ntpd ntpsec-1.1.8+ (git rev 36bb89920) and I
> > > believe I'm seeing this problem.
> >
> > You aren't connecting
On Mon, May 18, 2020, 8:45 AM Mark Atwood wrote:
> Hi!
>
> It's been a while since we tagged NTPsec_1_1_8 on 2019-11-18 and we have
> accumulated 17644 lines of diff in 245 commits since then.
>
> Unless someone pulls the stop cord, I will tag NTPsec_1_1_9 on 2020-05-23.
>
Maybe the feast day of
On Sun, May 24, 2020, at 9:03 PM Sanjeev Gupta via devel
wrote:
>
> Andrew, Daniel,
>
> I am trying to track down if MS-SNTP support was added back, and if it is
> supported.
>
> We have an entry in the news file, about removal, but none on addition.
The code was never removed, and the option ha
On Mon, May 25, 2020, at 3:31 PM Hal Murray via devel wrote:
>
> Fedora is updating from Python 3.7 to 3.8.
>
> That breaks ntpq (and friends) because the installed ntp libraries are over
> in 3.7 but ntpq is looking in 3.8
>
> Is there a good/clean fix for this? Should the code that chops the "
I copied Hals' wishlist into the issue tracker as #657 [0]. I worked
superficially on a couple of the items and came up with some of my own
that might be ready to add to the list about 1.2 for 1.3 or 2.0. I
made a couple of [1] [2] merge requests The former with commits mostly
not important enough
On Fri, Jul 3, 2020, at 6:05 AM Udo van den Heuvel via devel
wrote:
>
> On 03-07-2020 15:00, Hal Murray wrote:
> >> How can I avoid this from happening again?
> >
> > That isn't enough info to figure out what happened. Somehow, ntpd thought
> > the
> > time was way off, and you had the -g switch
On Thu, Jul 23, 2020, at 10:59 AM Gary E. Miller via devel
wrote:
>
> Yo All!
>
> Testing 1-2-3. This list has been down since 13 Jul...
Funny, It looks like there were a couple of posts two days ago, and
before that nobody posting for a week. I think it was just sleeping or
hunting rabbits.
___
On Thu, Jul 23, 2020, 3:50 PM Bernd Zeimetz via devel
wrote:
For Redhat based distros it might make sense to create a selinux policy
> (in case there is none yet!?).
>
If I understand correctly Gentoo claims to have had a gpsd selinux policy
for the last 2-1/2 years. I did not look for older inf
On Tue, Aug 11, 2020, 8:02 PM Gary E. Miller via devel
wrote:
> Yo All!
>
> I just updated my NTPsec, and it is not working.
>
> # ntpmon
> Traceback (most recent call last):
> File "/usr/local/bin/ntpmon", line 343, in
> peer.associd)
> File "/usr/local/lib/python2.7/site-packages/ntp/u
On Wed, Aug 12, 2020, 8:28 PM Richard Laager via devel wrote:
>
> I don't think I ever got an answer on this one.
flattened from listed website[0]:
>> Mitigation:
>>
>> Have enough trustworthy sources of time.
>> If you are serving time to a possibly hostile network, have your system get
>> its
On Fri, Sep 4, 2020 at 1:31 PM Hal Murray via devel wrote:
>
>
> Are any of the recent changes interesting enough to mention in NEWS?
Probably not so I'm just gonna empty the bucket. j/k
* duplicate server error message
* documentation updates/fixes
* shebang updates
* ntpkeygen can use secrets
*
On Sun, Sep 6, 2020 at 5:21 AM Eric S. Raymond via devel
wrote:
>
> Hal Murray :
> > Please do and/or please fix our local copy. I'm focused on the
> > restrict/unrestrict tangle.
>
> Bug fixed, but I cant finf any way to subnutt uissues on ther
> bugracker. Yes, I have a validayed account ob th
On Fri, Sep 4, 2020 at 3:59 PM Hal Murray via devel wrote:
> Can we run ntpd long enough to test the initialization and much of the other
> code?
Possibly, but to test some of the code paths (NTS) would take about a
day. Who wants to donate machine time for the runner?
> I'm thinking of somethi
I (re)developed a Python wrapper around a C FFI stub[1]. It is largely
based around my merge request !1010 [2].
Time to compile should be reduced because instead of compiling the
entire source N times or compiling the Python extension N times (for
an unimplemented concept), the source only compile
On Mon, Sep 7, 2020, at 5:24 PM Richard Laager via devel
wrote:
>
> On 9/7/20 11:03 AM, James Browning via devel wrote:
> > I (re)developed a Python wrapper around a C FFI stub[1]. It is largely
> > based around my merge request !1010 [2].
> I'll repeat from here, in c
On Sun, Sep 13, 2020, at 5:12 PM Gary E. Miller via devel
wrote:
>
> Yo Wis!
>
> On Sun, 13 Sep 2020 15:47:19 -0700
> Wis Macomson via devel wrote:
>
> > For setting a static IP, the "Stratum-1-Microserver HOWTO" punts to
> > the reference "[EAT-STATIC] Tutorial - How to give your Raspberry Pi
>
I think they have been ready for a while. it would appear not everyone agrees.
On Wed, Sep 16, 2020, at 11:40 PM Hal Murray via devel wrote:
>
> Is there something I should be testing?
compilers that are not clang or gcc.
platforms that are not Linux, macOS, or FreeBSD.
It would be nice to have
On Thu, Sep 24, 2020 at 7:29 PM Hal Murray via devel wrote:
>
> I have this patch is my local copy. It's leftover from when I broke something
> and discovered that the test stuff crashed here. Obviously, I screwed up by
> not keeping better notes and sending in a bug report.
>
> Does anybody und
So, I was running ntpviz rarely, I updated to a (recentish git head), I
added a gpsd module symlink under ntpclients/, and boom breakage. I
followed the traceback to a line, I patched the line a couple of times, and
I requested the following patch. Was anyone else running into this?
Also, one of th
On Wed, Oct 14, 2020, 10:08 AM Hal Murray via devel
wrote:
>
> I'm setting up a new Debian system. I'm far from a Debian wizard, but I'm
> not
> a total newbie either.
>
> I have a ntp.pth setup, so ntpq finds the python libraries.
>
Short version I screwed up and did not test installs anywhere
On Sat, Nov 28, 2020, 12:17 AM Hal Murray via devel
wrote:
>
> I've been thinking about how to make ntpd serve lots and lots of clients.
>
> I think that requires the server to be multi-threaded, especially if we
> want
> to support NTS.
>
--
>
> I think we should split ntpd into 3 chunk
On Fri, Dec 4, 2020, at 12:50 AM Hal Murray via devel
wrote:
>
> That should lead to better (earlier) time stamps. It will bypass the
> interrupt response time and the coalesce delays.
>
> As I understand it, the catch is that the clock out near the network is
> not
> directly connected to the C
On 2020 December 19, I intend to merge !1196, (the first patch of) !1167,
!1189, and !1137.
If there is a reason not to merge any of those feel compelled to comment
now. This should also close #680, !957, and !1147.
___
devel mailing list
devel@ntpsec.or
On Sat, Dec 12, 2020, at 5:53 PM Gary E. Miller via devel
wrote:
> Yo Richard!
>
> On Sat, 12 Dec 2020 19:46:22 -0600
> Richard Laager via devel wrote:
>
> > On 12/12/20 7:07 PM, Gary E. Miller via devel wrote:
> > > NTPsec git head broke Python 2.7, badly.
> >
> > I believe James B is looking a
On Sat, Dec 12, 2020 at 6:16 PM Gary E. Miller via devel
wrote:
> Yo James!
>
> On Sat, 12 Dec 2020 18:04:57 -0800
> James Browning via devel wrote:
>
> > It looks like a4c2c7921f144674402c2a3dbfc13a87b1ea3d1f can you
> > confirm?
>
> Confirmed.
>
The
On Sat, Dec 12, 2020, at 6:41 PM Gary E. Miller via devel
wrote:
> Yo James!
>
> On Sat, 12 Dec 2020 18:35:13 -0800
> James Browning via devel wrote:
>
> > The following patch clears it up on the machine I bisected on.
>
> No, that uses the installed ntp modul
On Sat, Dec 12, 2020, 10:56 PM Hal Murray via devel
wrote:
>
> I think we also want minimal post-install testing to verify that the
> libraries
> got installed in the right place. It doesn't have to be the full test
> package. I think there is some code that does version checking.
>
> It would
On Sun, Dec 13, 2020 at 6:06 AM ASSI via devel wrote:
> Hal Murray via devel writes:
> > I think you want to use DESTDIR if you are testing things after
> installing
> > them.
>
> No, never. DESTDIR is purely for packaging so that the "install" you do
> has the correct directory structure, but d
On Sun, Dec 13, 2020, at 9:49 AM Gary E. Miller via devel
wrote:
> Yo James!
>
> On Sun, 13 Dec 2020 02:00:41 -0800
> James Browning via devel wrote:
>
> > IIRC the python ntpclients compare version includes the git commit
> > (excluding releases?) And includes the b
On Sun, Dec 13, 2020, at 12:33 PM Gary E. Miller via devel
wrote:
> Yo James!
>
> On Sun, 13 Dec 2020 11:25:40 -0800
> James Browning via devel wrote:
>
> > The latter changes the extended version format to list commits since
> > the last tag (if not 0) and a dirty
On Mon, Dec 14, 2020, 1:21 PM Hal Murray via devel wrote:
> I setup a new machine over the weekend. Fedora 33, Python 3.9.0
>
> After a build and install, ntpq couldn't find ntp.ntpc
>
Error messages? Config logs?
I fixed things by setting up /etc/ld.so.conf.d/ntpd.conf
> containing /usr/local
On Wed, Dec 16, 2020, 10:06 AM Hal Murray via devel
wrote:
>
> Can somebody tell me/us what happened? Why? ...
>
My guess is that GitLab deployed a new bot and it (probably) somewhat
overzealously closed almost all of the merge requests.
>
___
devel
used too:
>
> On 12/16/20 12:06 PM, Hal Murray via devel wrote:
> > Can somebody tell me/us what happened? Why? ...
>
> On 12/16/20 2:04 PM, James Browning via devel wrote:
> > My guess is that GitLab deployed a new bot and it (probably) somewhat
> > overzealously c
On Wed, Dec 16, 2020, at 5:53 PM Sanjeev Gupta wrote:
> Ah, so not my fault.
>
> I tried updating my fork about 11 hours ago, and was to authenticate to
> pull from the NTPsec git repo. I tried with another repo, it worked, so I
> assumed one of us was modifying the security settings of the repo.
On Tue, Nov 10, 2020 at 10:29 AM Gary E. Miller via devel
wrote:
> Yo All!
>
> David L. Mills has a new proposal: NTP Lite.
>
> See below.
>
:::snip:::
> Begin forwarded message:
>
> Date: Tue, 10 Nov 2020 13:21:16 -0500
> From: "David L. Mills"
> To: NTP WG
> Subject: [Ntp] New security and p
On Thu, Dec 17, 2020 at 6:05 PM Eric S. Raymond via devel
wrote:
> Sanjeev Gupta :
> > As of 20 minutes ago, I can now pull from the repository unauthenticated.
>
> Yes, and the visibility is now :Public" in the settings.
>
> Looks like the problem is solved.
>
The ntpsec forks belonging to rlaa
On Fri, Dec 18, 2020, 7:23 AM Udo van den Heuvel via devel
wrote:
> Hello,
>
> I built another ntpsec from git using the usual spec file, without
> errors as far as I could see.
> Yet, when I run the command below, I get some 'wrong version' output.
> What is wrong here and how do I correct?
>
>
We currently do not have builders for the tags freebsd-11, freebsd-12, and
ubuntu-1604-lts. It would appear that in the late unpleasantness that the
builders detached. This should be fixable by having the
builders admin(s) reattach them in the settings. It should be possible to
migrate the cross bu
On Mon, Dec 21, 2020, at 10:48 AM Matthew Selsky via devel
wrote:
> Hi James,
>
> >We currently do not have builders for the tags freebsd-11,
> freebsd-12, and
> >ubuntu-1604-lts. It would appear that in the late unpleasantness that
> the
> >builders detached. This should be fixable b
On Wed, Jan 13, 2021, 4:21 AM Hal Murray via devel wrote:
> While looking for old mail tangled with #690, I stumbled into this, from
> Eric.
> Did we ever do anything with this? This seems like a wonderful
> opportunity.
>
> The catch may be that ntpd needs to know which interface a packet arri
On Mon, Jan 18, 2021, at 12:22 PM Gary E. Miller via devel
wrote:
> Yo All!
>
> I have not been able to build/run ntpd on one system for a while. It used
> to work. No AppArmor. This is Gentoo stable. I recompiled the world
> more than once just in case. The SD card is fine (for now).
Try
On Mon, Jan 18, 2021, 3:04 PM Gary E. Miller via devel
wrote:
> Yo Hal!
>
> On Mon, 18 Jan 2021 14:00:49 -0800
> Hal Murray wrote:
>
> > > Ideas anyone?
> >
> > Have you tried strace or gdb?
>
> strace attached.
>
> # strace -o strace ntpd -nN
>
It looks like seccomp is blocking __NR_clock_gett
On Mon, Jan 18, 2021, at 4:19 PM Gary E. Miller via devel
wrote:
> But I agree someone that cares should fix it.
>
I think NTPsec should be completely rewritten as discrete units.
I have a file of ramblings that is not ready for publication.
> Thanks to you and James for you help.
>
Hal came
On Mon, Jan 18, 2021, at 5:03 PM Gary E. Miller via devel
wrote:
> On Mon, 18 Jan 2021 16:58:11 -0800
> Hal Murray via devel wrote:
>
> > James said:
> > > I think NTPsec should be completely rewritten as discrete units.
> >
> > What does that mean?
>
> I think he is referring to reecent proposa
On Wed, Jan 20, 2021, 12:17 PM Hal Murray via devel
wrote:
>
> James Browning said:
> > The permissions required by NTPsec are a mess partly because it is not a
> do
> > one thing well daemon. Instead, you have the Lernean Hydra, which has too
> > many heads and gaining more.
>
> I don't get it.
I think it would be a not-very-good idea to add a bottleneck er mutex to
threading NTPsec, Linux worked hard to kill off their global lock IIRC.
A 24 block byte should suffice for the client-supplied data to the NTPv3/4
server threads, NTPv2 would probably need the same with perhaps a dozen
bytes
On Mon, Jan 25, 2021 at 12:03 PM Gary E. Miller via devel
wrote:
> Yo All!
>
> New coverity defects in ntpd. See below.
> Date: Sun, 24 Jan 2021 07:29:27 + (UTC)
> From: scan-ad...@coverity.com
> To: g...@rellim.com
> Subject: New Defects reported by Coverity Scan for ntpsec
>
> 4 new d
On Mon, Jan 25, 2021, at 12:17 PM Hal Murray via devel
wrote:
Actually, the inner quoted material is mine.
> Unqualified thoughts said:
> > A 24 block byte should suffice for the client-supplied data to the
> NTPv3/4
> > server threads, NTPv2 would probably need the same with perhaps a dozen
>
I submitted a couple of patches to gpsd and one to microjson resolving
issues. One where an empty string validated correctly as an object was
already posted to microjson. The other allowed pretty much any string the
same length or shorter to pass a t_check.
Three of my merge requests made it into
On Wed, Feb 3, 2021, 7:39 PM Gary E. Miller via devel
wrote:
> Yo All!
>
> I just tried NTPsec git head on Python 3.9.
>
> spidey ~ # ntpmon
> ntp.ntpc wrong version b'1.2.0+26-g8b8f0a2f9 2020-12-14T02:30:37Z' !==
> 1.2.0+26-g8b8f0a2f9 2020-12-14T02:30:37Zspidey ~ #
>
> Typical binary/texts probl
On Fri, Feb 5, 2021, at 2:42 AM Hal Murray via devel
wrote:
>
> devel@ntpsec.org said:
> > 1208. I stripped out all handling of the netlink socket and fixed around
> the
> > breaks I found. This would reduce NTPsec w/ NTS and IPv4/6 to 5 sockets.
> They
> > are UDP4, UPD6, TCP4, TCP6, and netlink
On Fri, Feb 5, 2021, at 4:04 PM Hal Murray via devel
wrote:
> > What were you looking for in the branch?
>
> The code that would get the correct source address on server replies.
>
The short version is I looked and it is not there^d^d^d^d^d anywhere I can
see it.
> I don't even know if it is p
On Fri, Feb 5, 2021, at 3:20 PM Hal Murray via devel
wrote:
>
> [Context is retrying DNS lookups when an interface appears.]
>
> James Browning said:
> > When combined with some other code in the DNS path it is wrong-headed.
> "let's
> > retry DNS every 5 minutes or whenever someone acts on the n
1 - 100 of 335 matches
Mail list logo
