[pkgsrc/trunk]: pkgsrc/net/chrony chrony: Update to 4.0

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/chrony chrony: Update to 4.0
From: nia <nia%pkgsrc.org@localhost>
Date: Fri, 12 Mar 2021 10:59:10 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/f3270c0a1da8
branches:  trunk
changeset: 448672:f3270c0a1da8
user:      nia <nia%pkgsrc.org@localhost>
date:      Fri Mar 12 09:57:18 2021 +0000

description:
chrony: Update to 4.0

New in version 4.0
==================

Enhancements
------------
* Add support for Network Time Security (NTS) authentication
* Add support for AES-CMAC keys (AES128, AES256) with Nettle
* Add authselectmode directive to control selection of unauthenticated sources
* Add binddevice, bindacqdevice, bindcmddevice directives
* Add confdir directive to better support fragmented configuration
* Add sourcedir directive and "reload sources" command to support dynamic
  NTP sources specified in files
* Add clockprecision directive
* Add dscp directive to set Differentiated Services Code Point (DSCP)
* Add -L option to limit log messages by severity
* Add -p option to print whole configuration with included files
* Add -U option to allow start under non-root user
* Allow maxsamples to be set to 1 for faster update with -q/-Q option
* Avoid replacing NTP sources with sources that have unreachable address
* Improve pools to repeat name resolution to get "maxsources" sources
* Improve source selection with trusted sources
* Improve NTP loop test to prevent synchronisation to itself
* Repeat iburst when NTP source is switched from offline state to online
* Update clock synchronisation status and leap status more frequently
* Update seccomp filter
* Add "add pool" command
* Add "reset sources" command to drop all measurements
* Add authdata command to print details about NTP authentication
* Add selectdata command to print details about source selection
* Add -N option and sourcename command to print original names of sources
* Add -a option to some commands to print also unresolved sources
* Add -k, -p, -r options to clients command to select, limit, reset data

Bug fixes
---------
* Don't set interface for NTP responses to allow asymmetric routing
* Handle RTCs that don't support interrupts
* Respond to command requests with correct address on multihomed hosts

Removed features
----------------
* Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320)
* Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x
  clients using non-MD5/SHA1 keys need to use option "version 3")
* Drop support for line editing with GNU Readline

diffstat:

 net/chrony/Makefile                                    |  10 +--
 net/chrony/distinfo                                    |  14 +++--
 net/chrony/options.mk                                  |  13 +++--
 net/chrony/patches/patch-client.c                      |  16 +++++++
 net/chrony/patches/patch-configure                     |  16 +++++++
 net/chrony/patches/patch-examples_chrony.conf.example3 |  37 +++++++++++++----
 6 files changed, 80 insertions(+), 26 deletions(-)

diffs (195 lines):

diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/Makefile
--- a/net/chrony/Makefile       Fri Mar 12 09:40:37 2021 +0000
+++ b/net/chrony/Makefile       Fri Mar 12 09:57:18 2021 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.43 2020/08/27 07:00:51 hannken Exp $
+# $NetBSD: Makefile,v 1.44 2021/03/12 09:57:18 nia Exp $
 
-DISTNAME=      chrony-3.5.1
+DISTNAME=      chrony-4.0
 CATEGORIES=    net
-MASTER_SITES=  http://download.tuxfamily.org/chrony/
+MASTER_SITES=  https://download.tuxfamily.org/chrony/
 
 MAINTAINER=    hannken%NetBSD.org@localhost
 HOMEPAGE=      https://chrony.tuxfamily.org/
@@ -22,7 +22,6 @@
 OWN_DIRS=              ${VARBASE}/lib/chrony
 
 EGDIR=                 ${PREFIX}/share/examples/chrony
-EGFILES=               chrony.conf.example3 chrony.keys.example
 RCD_SCRIPTS=           chronyd
 
 SUBST_CLASSES+=                paths
@@ -37,6 +36,5 @@
            "${DESTDIR}${EGDIR}/chrony.keys.example";
 
 .include "options.mk"
-
-.include "../../mk/readline.buildlink3.mk"
+.include "../../devel/editline/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/distinfo
--- a/net/chrony/distinfo       Fri Mar 12 09:40:37 2021 +0000
+++ b/net/chrony/distinfo       Fri Mar 12 09:57:18 2021 +0000
@@ -1,9 +1,11 @@
-$NetBSD: distinfo,v 1.14 2020/08/27 07:00:51 hannken Exp $
+$NetBSD: distinfo,v 1.15 2021/03/12 09:57:18 nia Exp $
 
-SHA1 (chrony-3.5.1.tar.gz) = 3decde1c1d56e87d89b34cba662266a945453b3a
-RMD160 (chrony-3.5.1.tar.gz) = 30e2c1a329f3fe8ef897615def9d95fd6332e2fc
-SHA512 (chrony-3.5.1.tar.gz) = 489cf614bfb2c1e024343af1316c339b287ed5c7b6cec15b44ef3d90512036fb1da3fd627d291a193c59d9c5c095afa66c529eeb6fd0c1bbc8256ed8873b7984
-Size (chrony-3.5.1.tar.gz) = 459902 bytes
+SHA1 (chrony-4.0.tar.gz) = 628340e7ff3311ea5b5a6198bacde2a8b05b6ae4
+RMD160 (chrony-4.0.tar.gz) = 2c83cf187a5041333e972fe84cb3c825f1e2e941
+SHA512 (chrony-4.0.tar.gz) = a1c11a386c43f495910f7f2e9b5fbb1652c3631471d182b9b8203dfef98611d11535ad547a879856551263aed0ae2e30e4135b8ed89553684706166bc1c725c9
+Size (chrony-4.0.tar.gz) = 546939 bytes
 SHA1 (patch-Makefile.in) = 42ebfcdbce472a173890571625efc4fef583d5b6
+SHA1 (patch-client.c) = 4155d6de9899ed599ace4a516f62847dfa723f53
+SHA1 (patch-configure) = bf8ab3d81dafafb329402dd0eb4ac276eed10a2f
 SHA1 (patch-doc_Makefile.in) = 8e9902690ff431fd47429d53346faf2ac8f1b923
-SHA1 (patch-examples_chrony.conf.example3) = 9566820e1db21435580f134cefc0bcb94d619dda
+SHA1 (patch-examples_chrony.conf.example3) = e26c69b806b970a2e958c94725531e7cbbcfae1c
diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/options.mk
--- a/net/chrony/options.mk     Fri Mar 12 09:40:37 2021 +0000
+++ b/net/chrony/options.mk     Fri Mar 12 09:57:18 2021 +0000
@@ -1,14 +1,17 @@
-# $NetBSD: options.mk,v 1.1 2019/03/10 19:16:46 wiz Exp $
+# $NetBSD: options.mk,v 1.2 2021/03/12 09:57:18 nia Exp $
 
-PKG_OPTIONS_VAR=       PKG_OPTIONS.chrony
-PKG_SUPPORTED_OPTIONS= nettle
-PKG_SUGGESTED_OPTIONS= nettle
+PKG_OPTIONS_VAR=               PKG_OPTIONS.chrony
+PKG_SUPPORTED_OPTIONS=         gnutls
+PKG_SUGGESTED_OPTIONS=         gnutls
+PKG_OPTIONS_LEGACY_OPTS+=      nettle:gnutls
 
 .include "../../mk/bsd.options.mk"
 
-.if !empty(PKG_OPTIONS:Mnettle)
+.if !empty(PKG_OPTIONS:Mgnutls)
 USE_TOOLS+=    pkg-config
+.include "../../security/gnutls/buildlink3.mk"
 .include "../../security/nettle/buildlink3.mk"
 .else
+CONFIGURE_ARGS+=       --without-gnutls
 CONFIGURE_ARGS+=       --without-nettle
 .endif
diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/patches/patch-client.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/chrony/patches/patch-client.c Fri Mar 12 09:57:18 2021 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-client.c,v 1.1 2021/03/12 09:57:18 nia Exp $
+
+NetBSD provides libedit-as-readline, but chrony wants libedit.
+just include the fake readline header.
+
+--- client.c.orig      2020-10-07 15:27:34.000000000 +0000
++++ client.c
+@@ -44,7 +44,7 @@
+ #include "util.h"
+ 
+ #ifdef FEAT_READLINE
+-#include <editline/readline.h>
++#include <readline.h>
+ #endif
+ 
+ /* ================================================== */
diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/patches/patch-configure
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/chrony/patches/patch-configure        Fri Mar 12 09:57:18 2021 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-configure,v 1.1 2021/03/12 09:57:18 nia Exp $
+
+NetBSD provides libedit-as-readline, but chrony wants libedit.
+just include the fake readline header.
+
+--- configure.orig     2020-10-07 15:27:34.000000000 +0000
++++ configure
+@@ -858,7 +858,7 @@ fi
+ READLINE_LINK=""
+ if [ $feat_readline = "1" ]; then
+   if [ $try_editline = "1" ]; then
+-    if test_code editline 'stdio.h editline/readline.h' '' '-ledit' \
++    if test_code editline 'stdio.h readline.h' '' '-ledit' \
+       'add_history(readline("prompt"));'
+     then
+       add_def FEAT_READLINE
diff -r 80e83c0259ac -r f3270c0a1da8 net/chrony/patches/patch-examples_chrony.conf.example3
--- a/net/chrony/patches/patch-examples_chrony.conf.example3    Fri Mar 12 09:40:37 2021 +0000
+++ b/net/chrony/patches/patch-examples_chrony.conf.example3    Fri Mar 12 09:57:18 2021 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-examples_chrony.conf.example3,v 1.1 2018/10/01 15:53:58 nia Exp $
+$NetBSD: patch-examples_chrony.conf.example3,v 1.2 2021/03/12 09:57:18 nia Exp $
 
 Prepare for SUBST, not processed by configure.
 
---- examples/chrony.conf.example3.orig 2018-09-19 14:38:15.000000000 +0000
+--- examples/chrony.conf.example3.orig 2020-10-07 15:27:34.000000000 +0000
 +++ examples/chrony.conf.example3
 @@ -1,7 +1,7 @@
  #######################################################################
@@ -13,7 +13,7 @@
  # want to enable.  The more obscure options are not included.  Refer
  # to the documentation for these.
  #
-@@ -65,12 +65,12 @@
+@@ -79,12 +79,12 @@
  # immediately so that it doesn't gain or lose any more time.  You
  # generally want this, so it is uncommented.
  
@@ -26,12 +26,31 @@
 -! keyfile /etc/chrony.keys
 +! keyfile @PKG_SYSCONFDIR@/chrony.keys
  
+ # If you specify an NTP server with the nts option to enable authentication
+ # with the Network Time Security (NTS) mechanism, or enable server NTS with
+@@ -92,15 +92,15 @@ driftfile /var/lib/chrony/drift
+ # allow the client/server to save the NTS keys and cookies in order to reduce
+ # the number of key establishments (NTS-KE sessions).
+ 
+-ntsdumpdir /var/lib/chrony
++ntsdumpdir @VARBASE@/lib/chrony
+ 
+ # If chronyd is configured to act as an NTP server and you want to enable NTS
+ # for its clients, you will need a TLS certificate and private key.  Uncomment
+ # and edit the following lines to specify the locations of the certificate and
+ # key.
+ 
+-! ntsservercert /etc/.../foo.example.net.crt
+-! ntsserverkey /etc/.../foo.example.net.key
++! ntsservercert @PKG_SYSCONFDIR@/.../foo.example.net.crt
++! ntsserverkey @PKG_SYSCONFDIR@/.../foo.example.net.key
+ 
  # chronyd can save the measurement history for the servers to files when
- # it it exits.  This is useful in 2 situations:
-@@ -88,14 +88,14 @@ driftfile /var/lib/chrony/drift
- # Enable these two options to use this.
+ # it exits.  This is useful in 2 situations:
+@@ -117,14 +117,14 @@ ntsdumpdir /var/lib/chrony
+ #
+ # Uncomment the following line to use this.
  
- ! dumponexit
 -! dumpdir /var/lib/chrony
 +! dumpdir @VARBASE@/lib/chrony
  
@@ -45,7 +64,7 @@
  
  # If the system timezone database is kept up to date and includes the
  # right/UTC timezone, chronyd can use it to determine the current
-@@ -124,7 +124,7 @@ driftfile /var/lib/chrony/drift
+@@ -165,7 +165,7 @@ ntsdumpdir /var/lib/chrony
  # produce some graphs of your system's timekeeping performance, or you
  # need help in debugging a problem.
  
@@ -54,7 +73,7 @@
  ! log measurements statistics tracking
  
  # If you have real time clock support enabled (see below), you might want
-@@ -259,7 +259,7 @@ driftfile /var/lib/chrony/drift
+@@ -289,7 +289,7 @@ ntsdumpdir /var/lib/chrony
  # You need to have 'enhanced RTC support' compiled into your Linux
  # kernel.  (Note, these options apply only to Linux.)
Prev by Date: [pkgsrc/trunk]: pkgsrc/archivers/star archivers/star: Update to 1.6.1nb14
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated net/chrony to 4.0
Previous by Thread: [pkgsrc/trunk]: pkgsrc/archivers/star archivers/star: Update to 1.6.1nb14
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated net/chrony to 4.0
Indexes:
Home | Main Index | Thread Index | Old Index