]>
Commit | Line | Data |
---|---|---|
8b50a829 ML |
1 | New in version 4.0 |
2 | ================== | |
3 | ||
4 | Enhancements | |
5 | ------------ | |
6 | * Add support for Network Time Security (NTS) authentication | |
7 | * Add support for AES-CMAC keys (AES128, AES256) with Nettle | |
8 | * Add support for maxsamples of 1 for faster update with -q/-Q option | |
9 | * Add -L option to limit log messages by severity | |
10 | * Avoid replacing NTP sources with unreachable addresses | |
11 | * Improve NTP loop test to prevent synchronisation to itself | |
12 | * Update clock synchronisation status and leap status more frequently | |
13 | * Update seccomp filter | |
14 | * Add "add pool" command | |
15 | * Add -N option and sourcename command to print original names of sources | |
ddc27614 | 16 | * Add -a option to sources/sourcestats command to print unresolved sources |
8b50a829 ML |
17 | * Add reset command to drop all measurements |
18 | ||
19 | Bug fixes | |
20 | --------- | |
21 | * Handle RTCs that don't support interrupts | |
22 | * Respond to command requests with correct address on multihomed hosts | |
23 | ||
24 | Removed features | |
25 | ---------------- | |
26 | * Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) | |
27 | ||
c172268c ML |
28 | New in version 3.5 |
29 | ================== | |
30 | ||
31 | Enhancements | |
32 | ------------ | |
33 | * Add support for more accurate reading of PHC on Linux 5.0 | |
ffb9887c ML |
34 | * Add support for hardware timestamping on interfaces with read-only |
35 | timestamping configuration | |
c172268c ML |
36 | * Add support for memory locking and real-time priority on FreeBSD, |
37 | NetBSD, Solaris | |
38 | * Update seccomp filter to work on more architectures | |
39 | * Validate refclock driver options | |
40 | ||
41 | Bug fixes | |
42 | --------- | |
43 | * Fix bindaddress directive on FreeBSD | |
44 | * Fix transposition of hardware RX timestamp on Linux 4.13 and later | |
45 | * Fix building on non-glibc systems | |
46 | ||
d1777087 ML |
47 | New in version 3.4 |
48 | ================== | |
49 | ||
50 | Enhancements | |
51 | ------------ | |
52 | * Add filter option to server/pool/peer directive | |
53 | * Add minsamples and maxsamples options to hwtimestamp directive | |
54 | * Add support for faster frequency adjustments in Linux 4.19 | |
55 | * Change default pidfile to /var/run/chrony/chronyd.pid to allow | |
56 | chronyd without root privileges to remove it on exit | |
57 | * Disable sub-second polling intervals for distant NTP sources | |
58 | * Extend range of supported sub-second polling intervals | |
59 | * Get/set IPv4 destination/source address of NTP packets on FreeBSD | |
60 | * Make burst options and command useful with short polling intervals | |
61 | * Modify auto_offline option to activate when sending request failed | |
62 | * Respond from interface that received NTP request if possible | |
63 | * Add onoffline command to switch between online and offline state | |
64 | according to current system network configuration | |
65 | * Improve example NetworkManager dispatcher script | |
66 | ||
67 | Bug fixes | |
68 | --------- | |
69 | * Avoid waiting in Linux getrandom system call | |
70 | * Fix PPS support on FreeBSD and NetBSD | |
71 | ||
42a85f68 ML |
72 | New in version 3.3 |
73 | ================== | |
74 | ||
75 | Enhancements | |
76 | ------------ | |
77 | * Add burst option to server/pool directive | |
78 | * Add stratum and tai options to refclock directive | |
79 | * Add support for Nettle crypto library | |
80 | * Add workaround for missing kernel receive timestamps on Linux | |
81 | * Wait for late hardware transmit timestamps | |
82 | * Improve source selection with unreachable sources | |
83 | * Improve protection against replay attacks on symmetric mode | |
84 | * Allow PHC refclock to use socket in /var/run/chrony | |
85 | * Add shutdown command to stop chronyd | |
86 | * Simplify format of response to manual list command | |
87 | * Improve handling of unknown responses in chronyc | |
88 | ||
89 | Bug fixes | |
90 | --------- | |
91 | * Respond to NTPv1 client requests with zero mode | |
92 | * Fix -x option to not require CAP_SYS_TIME under non-root user | |
36634579 ML |
93 | * Fix acquisitionport directive to work with privilege separation |
94 | * Fix handling of socket errors on Linux to avoid high CPU usage | |
42a85f68 ML |
95 | * Fix chronyc to not get stuck in infinite loop after clock step |
96 | ||
554b9b06 ML |
97 | New in version 3.2 |
98 | ================== | |
99 | ||
100 | Enhancements | |
101 | ------------ | |
102 | * Improve stability with NTP sources and reference clocks | |
e0e6ec0d | 103 | * Improve stability with hardware timestamping |
554b9b06 ML |
104 | * Improve support for NTP interleaved modes |
105 | * Control frequency of system clock on macOS 10.13 and later | |
106 | * Set TAI-UTC offset of system clock with leapsectz directive | |
e0e6ec0d ML |
107 | * Minimise data in client requests to improve privacy |
108 | * Allow transmit-only hardware timestamping | |
109 | * Add support for new timestamping options introduced in Linux 4.13 | |
110 | * Add root delay, root dispersion and maximum error to tracking log | |
111 | * Add mindelay and asymmetry options to server/peer/pool directive | |
554b9b06 ML |
112 | * Add extpps option to PHC refclock to timestamp external PPS signal |
113 | * Add pps option to refclock directive to treat any refclock as PPS | |
114 | * Add width option to refclock directive to filter wrong pulse edges | |
e0e6ec0d | 115 | * Add rxfilter option to hwtimestamp directive |
554b9b06 ML |
116 | * Add -x option to disable control of system clock |
117 | * Add -l option to log to specified file instead of syslog | |
118 | * Allow multiple command-line options to be specified together | |
119 | * Allow starting without root privileges with -Q option | |
120 | * Update seccomp filter for new glibc versions | |
121 | * Dump history on exit by default with dumpdir directive | |
122 | * Use hardening compiler options by default | |
123 | ||
124 | Bug fixes | |
125 | --------- | |
126 | * Don't drop PHC samples with low-resolution system clock | |
127 | * Ignore outliers in PHC tracking, RTC tracking, manual input | |
128 | * Increase polling interval when peer is not responding | |
129 | * Exit with error message when include directive fails | |
130 | * Don't allow slash after hostname in allow/deny directive/command | |
131 | * Try to connect to all addresses in chronyc before giving up | |
132 | ||
5ac79166 ML |
133 | New in version 3.1 |
134 | ================== | |
135 | ||
136 | Enhancements | |
137 | ------------ | |
138 | * Add support for precise cross timestamping of PHC on Linux | |
139 | * Add minpoll, precision, nocrossts options to hwtimestamp directive | |
5187c08c ML |
140 | * Add rawmeasurements option to log directive and modify measurements |
141 | option to log only valid measurements from synchronised sources | |
5ac79166 ML |
142 | * Allow sub-second polling interval with NTP sources |
143 | ||
144 | Bug fixes | |
145 | --------- | |
146 | * Fix time smoothing in interleaved mode | |
147 | ||
9568ff3f ML |
148 | New in version 3.0 |
149 | ================== | |
150 | ||
151 | Enhancements | |
152 | ------------ | |
153 | * Add support for software and hardware timestamping on Linux | |
154 | * Add support for client/server and symmetric interleaved modes | |
155 | * Add support for MS-SNTP authentication in Samba | |
156 | * Add support for truncated MACs in NTPv4 packets | |
157 | * Estimate and correct for asymmetric network jitter | |
158 | * Increase default minsamples and polltarget to improve stability | |
159 | with very low jitter | |
160 | * Add maxjitter directive to limit source selection by jitter | |
161 | * Add offset option to server/pool/peer directive | |
162 | * Add maxlockage option to refclock directive | |
163 | * Add -t option to chronyd to exit after specified time | |
164 | * Add partial protection against replay attacks on symmetric mode | |
165 | * Don't reset polling interval when switching sources to online state | |
8f7ab95f | 166 | * Allow rate limiting with very short intervals |
9568ff3f ML |
167 | * Improve maximum server throughput on Linux and NetBSD |
168 | * Remove dump files after start | |
169 | * Add tab-completion to chronyc with libedit/readline | |
170 | * Add ntpdata command to print details about NTP measurements | |
16519ee2 | 171 | * Allow all source options to be set in add server/peer command |
9568ff3f ML |
172 | * Indicate truncated addresses/hostnames in chronyc output |
173 | * Print reference IDs as hexadecimal numbers to avoid confusion with | |
174 | IPv4 addresses | |
175 | ||
16519ee2 ML |
176 | Bug fixes |
177 | --------- | |
178 | * Fix crash with disabled asynchronous name resolving | |
179 | ||
db286ca6 ML |
180 | New in version 2.4.1 |
181 | ==================== | |
182 | ||
183 | Bug fixes | |
184 | --------- | |
185 | * Fix processing of kernel timestamps on non-Linux systems | |
186 | * Fix crash with smoothtime directive | |
187 | * Fix validation of refclock sample times | |
188 | * Fix parsing of refclock directive | |
189 | ||
46e1e799 ML |
190 | New in version 2.4 |
191 | ================== | |
192 | ||
193 | Enhancements | |
194 | ------------ | |
195 | * Add orphan option to local directive for orphan mode compatible with ntpd | |
196 | * Add distance option to local directive to set activation threshold | |
197 | (1 second by default) | |
198 | * Add maxdrift directive to set maximum allowed drift of system clock | |
199 | * Try to replace NTP sources exceeding maximum distance | |
200 | * Randomise source replacement to avoid getting stuck with bad sources | |
201 | * Randomise selection of sources from pools on start | |
202 | * Ignore reference timestamp as ntpd doesn't always set it correctly | |
203 | * Modify tracking report to use same values as seen by NTP clients | |
204 | * Add -c option to chronyc to write reports in CSV format | |
205 | * Provide detailed manual pages | |
206 | ||
207 | Bug fixes | |
208 | --------- | |
209 | * Fix SOCK refclock to work correctly when not specified as last refclock | |
210 | * Fix initstepslew and -q/-Q options to accept time from own NTP clients | |
b703bc32 | 211 | * Fix authentication with keys using 512-bit hash functions |
46e1e799 ML |
212 | * Fix crash on exit when multiple signals are received |
213 | * Fix conversion of very small floating-point numbers in command packets | |
214 | ||
215 | Removed features | |
216 | ---------------- | |
217 | * Drop documentation in Texinfo format | |
218 | ||
e6cc682f ML |
219 | New in version 2.3 |
220 | ================== | |
221 | ||
222 | Enhancements | |
223 | ------------ | |
224 | * Add support for NTP and command response rate limiting | |
225 | * Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris | |
226 | * Add require and trust options for source selection | |
227 | * Enable logchange by default (1 second threshold) | |
228 | * Set RTC on Mac OS X with rtcsync directive | |
229 | * Allow binding to NTP port after dropping root privileges on NetBSD | |
230 | * Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled | |
231 | * Resolve names in separate process when seccomp filter is enabled | |
232 | * Replace old records in client log when memory limit is reached | |
233 | * Don't reveal local time and synchronisation state in client packets | |
234 | * Don't keep client sockets open for longer than necessary | |
235 | * Ignore poll in KoD RATE packets as ntpd doesn't always set it correctly | |
236 | * Warn when using keys shorter than 80 bits | |
237 | * Add keygen command to generate random keys easily | |
238 | * Add serverstats command to report NTP and command packet statistics | |
239 | ||
240 | Bug fixes | |
241 | --------- | |
242 | * Fix clock correction after making step on Mac OS X | |
243 | * Fix building on Solaris | |
244 | ||
beb275a7 ML |
245 | New in version 2.2.1 |
246 | ==================== | |
247 | ||
248 | Security fixes | |
249 | -------------- | |
250 | * Restrict authentication of NTP server/peer to specified key (CVE-2016-1567) | |
251 | ||
a466395a ML |
252 | New in version 2.2 |
253 | ================== | |
254 | ||
255 | Enhancements | |
256 | ------------ | |
257 | * Add support for configuration and monitoring over Unix domain socket | |
258 | (accessible by root or chrony user when root privileges are dropped) | |
01965d14 | 259 | * Add support for system call filtering with seccomp on Linux (experimental) |
a466395a ML |
260 | * Add support for dropping root privileges on NetBSD |
261 | * Control frequency of system clock on FreeBSD, NetBSD, Solaris | |
262 | * Add system leap second handling mode on FreeBSD, NetBSD, Solaris | |
263 | * Add dynamic drift removal on Mac OS X | |
264 | * Add support for setting real-time priority on Mac OS X | |
265 | * Add maxdistance directive to limit source selection by root distance | |
a030ed4f | 266 | (3 seconds by default) |
a466395a ML |
267 | * Add refresh command to get new addresses of NTP sources |
268 | * Allow wildcard patterns in include directive | |
01965d14 ML |
269 | * Restore time from driftfile with -s option if later than RTC time |
270 | * Add configure option to set default hwclockfile | |
a466395a ML |
271 | * Add -d option to chronyc to enable debug messages |
272 | * Allow multiple addresses to be specified for chronyc with -h option | |
273 | and reconnect when no valid reply is received | |
01965d14 | 274 | * Make check interval in waitsync command configurable |
a466395a ML |
275 | |
276 | Bug fixes | |
277 | --------- | |
a030ed4f | 278 | * Fix building on NetBSD, Solaris |
a466395a ML |
279 | * Restore time from driftfile with -s option if reading RTC failed |
280 | ||
281 | Removed features | |
282 | ---------------- | |
283 | * Drop support for authentication with command key (run-time configuration | |
284 | is now allowed only for local users that can access the Unix domain socket) | |
285 | ||
7a7cf6a5 ML |
286 | New in version 2.1.1 |
287 | ==================== | |
288 | ||
289 | Bug fixes | |
290 | --------- | |
291 | * Fix clock stepping by integer number of seconds on Linux | |
292 | ||
2a299233 ML |
293 | New in version 2.1 |
294 | ================== | |
295 | ||
296 | Enhancements | |
297 | ------------ | |
1f0e6296 | 298 | * Add support for Mac OS X |
2a299233 ML |
299 | * Try to replace unreachable and falseticker servers/peers specified |
300 | by name like pool sources | |
301 | * Add leaponly option to smoothtime directive to allow synchronised | |
302 | leap smear between multiple servers | |
1f0e6296 | 303 | * Use specific reference ID when smoothing served time |
2a299233 ML |
304 | * Add smoothing command to report time smoothing status |
305 | * Add smoothtime command to activate or reset time smoothing | |
306 | ||
307 | Bug fixes | |
308 | --------- | |
309 | * Fix crash in source selection with preferred sources | |
310 | * Fix resetting of time smoothing | |
311 | * Include packet precision in peer dispersion | |
312 | * Fix crash in chronyc on invalid command syntax | |
313 | ||
7446da8c ML |
314 | New in version 2.0 |
315 | ================== | |
316 | ||
317 | Enhancements | |
318 | ------------ | |
319 | * Update to NTP version 4 (RFC 5905) | |
320 | * Add pool directive to specify pool of NTP servers | |
074dac41 ML |
321 | * Add leapsecmode directive to select how to correct clock for leap second |
322 | * Add smoothtime directive to smooth served time and enable leap smear | |
7446da8c ML |
323 | * Add minsources directive to set required number of selectable sources |
324 | * Add minsamples and maxsamples options for all sources | |
325 | * Add tempcomp configuration with list of points | |
326 | * Allow unlimited number of NTP sources, refclocks and keys | |
327 | * Allow unreachable sources to remain selected | |
328 | * Improve source selection | |
329 | * Handle offline sources as unreachable | |
330 | * Open NTP server port only when necessary (client access is allowed by | |
dc52b61d | 331 | allow directive/command or peer/broadcast is configured) |
7446da8c | 332 | * Change default bindcmdaddress to loopback address |
074dac41 | 333 | * Change default maxdelay to 3 seconds |
7446da8c ML |
334 | * Change default stratumweight to 0.001 |
335 | * Update adjtimex synchronisation status | |
336 | * Use system headers for adjtimex | |
337 | * Check for memory allocation errors | |
338 | * Reduce memory usage | |
339 | * Add configure options to compile without NTP, cmdmon, refclock support | |
340 | * Extend makestep command to set automatic clock stepping | |
341 | ||
342 | Bug fixes | |
343 | --------- | |
074dac41 ML |
344 | * Add sanity checks for time and frequency offset |
345 | * Don't report synchronised status during leap second | |
dc52b61d | 346 | * Don't combine reference clocks with close NTP sources |
074dac41 ML |
347 | * Fix accepting requests from configured sources |
348 | * Fix initial fallback drift setting | |
7446da8c | 349 | |
54bbd2b1 ML |
350 | New in version 1.31.1 |
351 | ===================== | |
352 | ||
353 | Security fixes | |
354 | -------------- | |
355 | * Protect authenticated symmetric NTP associations against DoS attacks | |
ae10664b | 356 | (CVE-2015-1853) |
54bbd2b1 ML |
357 | * Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821) |
358 | * Fix initialization of reply slots for authenticated commands (CVE-2015-1822) | |
359 | ||
b862f3e6 ML |
360 | New in version 1.31 |
361 | =================== | |
362 | ||
363 | Enhancements | |
364 | ------------ | |
365 | * Support operation in other NTP eras (next era begins in 2036), | |
366 | NTP time is mapped to [-50, +86] years around build date by default | |
367 | * Restore time from driftfile with -s when RTC is missing/unsupported | |
368 | * Close connected client sockets when not waiting for reply | |
369 | * Use one client socket with random port when acquisitionport is 0 | |
370 | * Use NTP packets instead of UDP echo for presend | |
371 | * Don't adjust polling interval when sending fails | |
372 | * Allow binding to addresses that don't exist yet | |
ebab36e8 | 373 | * Ignore measurements around leap second |
b862f3e6 | 374 | * Improve detection of unexpected time jumps |
ebab36e8 ML |
375 | * Include example of logrotate configuration, systemd services and |
376 | NetworkManager dispatcher script | |
b862f3e6 ML |
377 | |
378 | Bug fixes | |
379 | --------- | |
380 | * Reconnect client sockets for each request to follow changes | |
381 | in network configuration automatically | |
382 | * Restart timer when polling interval is changed on reset | |
383 | ||
a5c86593 ML |
384 | New in version 1.30 |
385 | =================== | |
386 | ||
387 | Enhancements | |
388 | ------------ | |
389 | * Add asynchronous name resolving with POSIX threads | |
390 | * Add PTP hardware clock (PHC) refclock driver | |
391 | * Add new generic clock driver to slew by adjusting frequency only | |
392 | (without kernel PLL or adjtime) and use it on Linux | |
393 | * Add rtcautotrim directive to trim RTC automatically | |
394 | * Add hwclockfile directive to share RTC LOCAL/UTC setting with hwclock | |
395 | * Add maxslewrate directive to set maximum allowed slew rate | |
396 | * Add maxdispersion option for refclocks | |
397 | * Add -q/-Q options to set clock/print offset once and exit | |
398 | * Allow directives to be specified on chronyd command line | |
399 | * Replace frequency scaling in Linux driver with retaining of tick | |
400 | * Try to detect unexpected forward time jumps and reset state | |
401 | * Exit with non-zero code when maxchange limit is reached | |
402 | * Improve makestep to not start and stop slew unnecessarily | |
c6245dc6 | 403 | * Change default corrtimeratio to 3.0 to improve frequency accuracy |
a5c86593 ML |
404 | * Announce leap second only on last day of June and December |
405 | * Use separate connected client sockets for each NTP server | |
406 | * Remove separate NTP implementation used for initstepslew | |
407 | * Limit maximum minpoll set by KoD RATE to default maxpoll | |
408 | * Don't send NTP requests with unknown key | |
409 | * Print warning when source is added with unknown key | |
410 | * Take leap second in PPS refclock from locked source | |
411 | * Make reading of RTC for initial trim more reliable | |
c6245dc6 | 412 | * Don't create cmdmon sockets when cmdport is 0 |
a5c86593 ML |
413 | * Add configure option to set default user to drop root privileges |
414 | * Add configure option to compile with debug messages | |
415 | * Print debug messages when -d is used more than once | |
416 | * Change format of messages written to terminal with -d | |
417 | * Write fatal messages also to stderr with -n | |
418 | * Use IP_RECVERR socket option in chronyc to not wait unnecessarily | |
419 | * Shorten default chronyc timeout for localhost | |
420 | * Change default hostname in chronyc from localhost to 127.0.0.1 | |
421 | * Print error message on invalid syntax with all chronyc commands | |
422 | * Include simulation test suite using clknetsim | |
423 | ||
424 | Bug fixes | |
425 | --------- | |
426 | * Fix crash when selecting with multiple preferred sources | |
427 | * Fix frequency calculation with large frequency offsets | |
428 | * Fix code writing drift and RTC files to compile correctly | |
429 | * Fix -4/-6 options in chronyc to not reset hostname set by -h | |
430 | * Fix refclock sample validation with sub-second polling interval | |
431 | * Set stratum correctly with non-PPS SOCK refclock and local stratum | |
432 | * Modify dispersion accounting in refclocks to prevent PPS getting | |
433 | stuck with large dispersion and not accepting new samples | |
434 | ||
2afdd454 ML |
435 | New in version 1.29.1 |
436 | ===================== | |
437 | ||
438 | Security fixes | |
439 | -------------- | |
440 | * Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021) | |
441 | (incompatible with previous protocol version, chronyc supports both) | |
442 | ||
b5658f4d ML |
443 | New in version 1.29 |
444 | =================== | |
445 | ||
446 | Security fixes | |
447 | -------------- | |
448 | * Fix crash when processing crafted commands (CVE-2012-4502) | |
449 | (possible with IP addresses allowed by cmdallow and localhost) | |
450 | * Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES | |
451 | replies (CVE-2012-4503) (not used by chronyc) | |
452 | ||
453 | Other changes | |
454 | ------------- | |
455 | * Drop support for SUBNETS_ACCESSED and CLIENT_ACCESSES commands | |
456 | ||
4847a3a2 ML |
457 | New in version 1.28 |
458 | =================== | |
459 | ||
460 | * Combine sources to improve accuracy | |
461 | * Make config and command parser strict | |
462 | * Add -a option to chronyc to authenticate automatically | |
463 | * Add -R option to ignore initstepslew and makestep directives | |
464 | * Add generatecommandkey, minsamples, maxsamples and user directives | |
465 | * Improve compatibility with NTPv1 and NTPv2 clients | |
466 | * Create sockets only in selected family with -4/-6 option | |
0da5cf91 | 467 | * Treat address bind errors as non-fatal |
4847a3a2 ML |
468 | * Extend tracking log |
469 | * Accept float values as initstepslew threshold | |
470 | * Allow hostnames in offline, online and burst commands | |
471 | * Fix and improve peer polling | |
472 | * Fix crash in config parsing with too many servers | |
473 | * Fix crash with duplicated initstepslew address | |
474 | * Fix delta calculation with extreme frequency offsets | |
475 | * Set local stratum correctly | |
476 | * Remove unnecessary adjtimex calls | |
477 | * Set paths in documentation by configure | |
0da5cf91 | 478 | * Update chrony.spec |
4847a3a2 | 479 | |
711cda6a ML |
480 | New in version 1.27 |
481 | =================== | |
482 | ||
483 | * Support for stronger keys via NSS or libtomcrypt library | |
484 | * Support reading leap second data from tz database | |
485 | * Support for precise clock stepping on Linux | |
129db63e | 486 | * Support for nanoseconds in SHM refclock |
711cda6a | 487 | * Make offset corrections smoother on Linux |
129db63e | 488 | * Make transmit timestamps random below clock precision |
711cda6a ML |
489 | * Add corrtimeratio and maxchange directives |
490 | * Extend tracking, sources and activity reports | |
491 | * Wait in foreground process until daemon is fully initialized | |
492 | * Fix crash with slow name resolving | |
493 | * Fix iburst with jittery sources | |
494 | * Fix offset stored in rtc data right after trimrtc | |
129db63e | 495 | * Fix crash and hang with RTC or manual samples |
711cda6a ML |
496 | * Don't use readonly adjtime on Linux kernels before 2.6.28 |
497 | * Changed chronyc protocol, incompatible with older versions | |
498 | ||
917c1916 ML |
499 | New in version 1.26 |
500 | =================== | |
501 | ||
502 | * Add compatibility with Linux 3.0 and later | |
503 | * Use proper source address in NTP replies on multihomed IPv6 hosts | |
504 | * Accept NTP packets with versions 4, 3 and 2 | |
505 | * Cope with unexpected backward time jumps | |
506 | * Don't reset kernel frequency on start without drift file | |
4fac8409 | 507 | * Retry on permanent DNS error by default |
917c1916 ML |
508 | * Add waitsync command |
509 | ||
9dc7ea7c ML |
510 | New in version 1.25 |
511 | =================== | |
512 | ||
513 | * Improve accuracy with NTP sources | |
514 | * Improve accuracy with reference clocks | |
515 | * Improve polling interval adjustment | |
516 | * Improve stability with temporary asymmetric delays | |
517 | * Improve source selection | |
2dcc1616 | 518 | * Improve initial synchronisation |
9dc7ea7c ML |
519 | * Add delayed server name resolving |
520 | * Add temperature compensation | |
521 | * Add nanosecond slewing to Linux driver | |
522 | * Add fallback drifts | |
523 | * Add iburst, minstratum, maxdelaydevratio, polltarget, | |
524 | prefer, noselect options | |
525 | * Add rtcsync directive to enable Linux 11-minute mode | |
55e0c6a0 ML |
526 | * Add reselectdist, stratumweight, logbanner, maxclockerror, |
527 | include directives | |
9dc7ea7c ML |
528 | * Add -n option to not detach daemon from terminal |
529 | * Fix pidfile directive | |
530 | * Fix name resolving with disabled IPv6 support | |
531 | * Fix reloading sample histories with reference clocks | |
532 | * Fix crash with auto_offline option | |
533 | * Fix online command on auto_offline sources | |
534 | * Fix file descriptor leaks | |
535 | * Increase burst polling interval and stop on KoD RATE | |
536 | * Set maxupdateskew to 1000 ppm by default | |
9dc7ea7c ML |
537 | * Require password for clients command |
538 | * Update drift file at most once per hour | |
55e0c6a0 | 539 | * Use system headers for Linux RTC support |
9dc7ea7c ML |
540 | * Reduce default chronyc timeout and make it configurable |
541 | * Avoid large values in chronyc sources and sourcestats output | |
542 | * Add reselect command to force reselecting best source | |
543 | * Add -m option to allow multiple commands on command line | |
544 | ||
e248a57d ML |
545 | New in version 1.24 |
546 | =================== | |
547 | ||
fe2dbfb6 ML |
548 | Security fixes |
549 | -------------- | |
550 | * Don't reply to invalid cmdmon packets (CVE-2010-0292) | |
551 | * Limit client log memory size (CVE-2010-0293) | |
552 | * Limit rate of syslog messages (CVE-2010-0294) | |
553 | ||
554 | Bug fixes/Enhancements | |
555 | ---------------------- | |
e248a57d ML |
556 | * Support for reference clocks (SHM, SOCK, PPS drivers) |
557 | * IPv6 support | |
558 | * Linux capabilities support (to drop root privileges) | |
559 | * Memory locking support on Linux | |
560 | * Real-time scheduler support on Linux | |
561 | * Leap second support on Linux | |
8a4313c3 ML |
562 | * Support for editline library |
563 | * Support for new Linux readonly adjtime | |
564 | * NTP client support for KoD RATE | |
565 | * Read kernel timestamps for received NTP packets | |
566 | * Reply to NTP requests with correct address on multihomed hosts | |
8a4313c3 | 567 | * Retry name resolving after temporary failure |
fe2dbfb6 ML |
568 | * Fix makestep command, make it available on all systems |
569 | * Add makestep directive for automatic clock stepping | |
570 | * Don't require _bigadj kernel symbol on NetBSD | |
8a4313c3 ML |
571 | * Avoid blocking read in Linux RTC driver |
572 | * Support for Linux on S/390 and PowerPC | |
573 | * Fix various bugs on 64-bit systems | |
574 | * Fix valgrind errors and compiler warnings | |
575 | * Improve configure to support common options and variables | |
576 | * Improve status checking and printing in chronyc | |
577 | * Return non-zero exit code on errors in chronyc | |
578 | * Reduce request timeout in chronyc | |
579 | * Print estimated offset in sourcestats | |
580 | * Changed chronyc protocol, incompatible with older versions | |
e248a57d | 581 | |
5331e1a1 RC |
582 | New in version 1.23 |
583 | =================== | |
584 | ||
585 | * Support for MIPS, x86_64, sparc, alpha, arm, FreeBSD | |
586 | * Fix serious sign-extension error in handling IP addresses | |
587 | * RTC support can be excluded at compile time | |
588 | * Make sources gcc-4 compatible | |
589 | * Fix various compiler warnings | |
590 | * Handle fluctuations in peer distance better. | |
591 | * Fixed handling of stratum zero. | |
592 | * Fix various problems for 64-bit systems | |
593 | * Flush chronyc output streams after each command, to allow it to be driven | |
594 | through pipes | |
595 | * Manpage improvements | |
596 | ||
597 | Version 1.22 | |
598 | ============ | |
599 | ||
600 | This release number was claimed by a release that Mandriva made to patch | |
601 | important bugs in 1.21. The official numbering has jumped to 1.23 as a | |
602 | consequence. | |
603 | ||
77da5b61 RC |
604 | New in version 1.21 |
605 | =================== | |
606 | ||
607 | * Don't include Linux kernel header files any longer : allows chrony to compile | |
608 | on recent distros. | |
609 | * Stop trying to use RTC if continuous streams of error messages would occur | |
610 | (Linux with HPET). | |
611 | ||
88840341 RC |
612 | New in version 1.20 |
613 | =================== | |
614 | ||
615 | * Many small tidy-ups and security improvements | |
616 | * Improve documentation (RTC support in post 2.0 kernels) | |
617 | * Remove trailing \n from syslog messages | |
618 | * Syslog messages now include IP and port number when packet cannot be sent. | |
619 | * Added the "acquisitionport" directive. (Kalle Olavi Niemitalo) | |
620 | * Use uname(2) instead of /proc/version to get kernel version. | |
621 | * Merge support for Linux on Alpha | |
622 | * Merge support for 64bit architectures | |
623 | * Don't link -lm if it's not needed | |
624 | * Fix Solaris build (broken by 64bit change) | |
88840341 RC |
625 | * Add detection of Linux 2.5 |
626 | * Allow arbitrary value of HZ in Linux kernel | |
712132f6 | 627 | * Fix for chrony.spec on SuSE (Paul Elliot) |
e3dd17c7 | 628 | * Fix handling of initstepslew if no servers are listed (John Hasler) |
7812181e | 629 | * Fix install rule in Makefile if chronyd is in use (Juliusz Chroboczek) |
77303c28 | 630 | * Replace sprintf by snprintf to remove risk of buffer overrun (John Hasler) |
73374497 | 631 | * Add --help to configure script |
88840341 RC |
632 | |
633 | New in version 1.19 | |
634 | =================== | |
635 | ||
636 | * Auto-detect kernel's timer interrupt rate (so-called 'HZ') when chronyd | |
637 | starts instead of relying on compiled-in value. | |
638 | * Fix 2 bugs in function that creates the directory for the log and dump files. | |
639 | * Amended webpage URL and contact details. | |
640 | * Generate more informative syslog messages before exiting on failed | |
641 | assertions. | |
642 | * Fix bugs in clamping code for the tick value used when slewing a large | |
643 | offset. | |
644 | * Don't chown files to root during install (should be pointless, and makes RPM | |
645 | building awkward as ordinary user.) | |
646 | * Include chrony.spec file for building RPMs | |
647 | ||
648 | New in version 1.18 | |
649 | =================== | |
650 | * Amend homepage and mailing list information to chrony.sunsite.dk | |
651 | * Delete pidfile on exit from chronyd. | |
652 | * Improvements to readline interface to chronyc | |
653 | * Only generate syslog message when synchronisation is initially lost (instead | |
654 | of on every failed synchronisation attempt) | |
655 | * Use double fork approach when initialising daemon. | |
656 | * More things in contrib directory. | |
657 | * New options to help package builders: --infodir/--mandir for configure, and | |
658 | DESTDIR=xxx for make. (See section 2.2 of chrony.txt for details). | |
659 | * Changed the wording of the messages generated by mailonchange and logchange | |
660 | directives. | |
661 | ||
662 | New in version 1.17 | |
663 | =================== | |
664 | * Port to NetBSD | |
665 | * Configuration supports Linux on PPC | |
666 | * Fix compilation warnings | |
667 | * Several documentation improvements | |
668 | * Bundled manpages (taken from the 'missing manpages project') | |
669 | * Cope with lack of bzero function for Solaris 2.3 systems | |
670 | * Store chronyd's pid in a file (default /var/run/chronyd.pid) and check if | |
671 | chronyd may already be running when starting up. New pidfile directive in | |
672 | configuration file. | |
673 | * Any size subnet is now allowed in allow and deny commands. (Example: | |
674 | 6.7.8/20 or 6.7.8.x/20 (any x) mean a 20 bit subnet). | |
675 | * The environment variables CC and CFLAGS passed to configure can now be used | |
676 | to select the compiler and optimisation/debug options to use | |
677 | * Write syslog messages when chronyd loses synchronisation. | |
678 | * Print GPL text when chronyc is run. | |
679 | * Add NTP broadcast server capability (new broadcast directive). | |
680 | * Add 'auto_offline' option to server/peer (conf file) or add server/peer (via | |
681 | chronyc). | |
682 | * Add 'activity' command to chronyc, to report how many servers/peers are | |
683 | currently online/offline. | |
684 | * Fix long-standing bug with how the system time quantum was calculated. | |
685 | * Include support for systems with HZ!=100 (HZ is the timer interrupt | |
686 | frequency). | |
687 | * Include example chrony.conf and chrony.keys files (examples subdirectory). | |
688 | * Include support for readline in chronyc. | |
689 | ||
690 | New in version 1.16.1 | |
691 | ===================== | |
692 | * Fix compilation problem on Linux 2.4.13 (spinlock.h / spinlock_t) | |
693 | ||
694 | New in version 1.16 | |
695 | =================== | |
696 | * More informative captions for 'sources' and 'sourcestats' commands in chronyc | |
697 | (use 'sources -v' and 'sourcestats -v' to get them). | |
698 | * Correct behaviour for Solaris versions>=2.6 (dosynctodr not required on these | |
699 | versions.) | |
700 | * Remove some compiler warnings (Solaris) | |
701 | * If last line of keys file doesn't have end-of-line, don't truncate final | |
702 | character of that key. | |
703 | * Change timestamp format used in logfiles to make it fully numeric (to aid | |
704 | importing data into spreadsheets etc) | |
705 | * Minor documentation updates and improvements. | |
706 | ||
707 | New in version 1.15 | |
708 | =================== | |
709 | * Add contributed change to 'configure' to support Solaris 2.8 on x86 | |
710 | * Workaround for assertion failure that arises if two received packets occur | |
711 | close together. (Still need to find out why this happens at all.) | |
712 | * Hopefully fix problem where fast slewing was incompatible with machines | |
713 | that have a large background drift rate (=> tick value went out of range | |
714 | for adjtimex() on Linux.) | |
715 | * Fix rtc_linux.c compile problems with 2.4.x kernel include files. | |
716 | * Include support for RTC device not being at /dev/rtc (new rtcdevice directive | |
717 | in configuration file). | |
718 | * Include support for restricting network interfaces for commands (new | |
719 | bindcmdaddress directive in configuration file) | |
720 | * Fix potential linking fault in pktlength.c (use of CROAK macro replaced by | |
721 | normal assert). | |
722 | * Add some material on bug reporting + contributing to the chrony.texi file | |
723 | * Made the chrony.texi file "Vim6-friendly" (removed xrefs on @node lines, | |
724 | added folding markers to chapters + sections.) | |
725 | * Switched over to GPL for the licence | |
726 | ||
727 | New in version 1.14 | |
728 | =================== | |
729 | * Fix compilation for certain other Linux distributions (including Mandrake | |
730 | 7.1) | |
731 | ||
732 | New in version 1.13 | |
733 | =================== | |
734 | * Fixed compilation problems on Redhat/SuSE installations with recent 2.2.x | |
735 | kernels. | |
736 | * Minor tidy-ups and documentation enhancements. | |
737 | * Add support for Linux 2.4 kernels | |
738 | ||
739 | New in version 1.12 | |
740 | =================== | |
741 | ||
742 | * Trial fix for long-standing bug in Linux RTC estimator when system time is | |
743 | slewed. | |
744 | * Fix bug in chronyc if -h is specified without a hostname | |
745 | * Fixes to logging various error conditions when operating in daemon mode. | |
746 | * More stuff under contrib/ | |
747 | * Changes to README file (e.g. about the new chrony-users mailing list) | |
748 | ||
749 | New in version 1.11a | |
750 | ==================== | |
751 | ||
752 | * Minor changes to contact details | |
753 | * Minor changes to installation details (chrony subdirectory under doc/) | |
754 | ||
755 | New in version 1.11 | |
756 | =================== | |
757 | ||
758 | * Improve robustness of installation procedure | |
759 | * Tidy up documenation and contact details | |
760 | * Distribute manual as .txt rather than as .ps | |
761 | * Add -n option to chronyc to work with numeric IP addresses rather than | |
762 | names. | |
763 | * Add material in contrib subdirectory | |
764 | * Improve robustness of handling drift file and RTC coefficients file | |
765 | * Improve robustness of regression algorithm | |
766 | ||
767 | New in version 1.1 | |
768 | ================== | |
769 | ||
770 | Bug fixes | |
771 | --------- | |
772 | ||
773 | * Made linear regression more resistant to rounding errors (old one | |
774 | occasionally generated negative variances which made everything go | |
775 | haywire). Trap infinite or 'not-a-number' values being used to | |
776 | alter system clock to increase robustness further. | |
777 | ||
778 | Other changes/Enhancements | |
779 | -------------------------- | |
780 | ||
781 | * Support for Linux 2.1 and 2.2 kernels | |
782 | ||
783 | * New command 'makestep' in chronyc to immediately jump the system | |
784 | time to match the NTP estimated time (Linux only) - a response to | |
785 | systems booting an hour wrong after summertime/wintertime changes, | |
786 | due to RTCs running on local time. Needs extending to Sun driver | |
787 | files too. | |
788 | ||
789 | * New directives 'logchange' and 'mailonchange' to log to syslog or | |
790 | email to a specific address respectively if chronyd detects a clock | |
791 | offset exceeding a defined threshold. | |
792 | ||
793 | * Added capability to log all client/peer NTP accesses and command | |
794 | accesses (can be turned off with conf file directive 'noclientlog'). | |
795 | Added 'clients' command to chronyc to display this data. | |
796 | ||
797 | * Improved manual mode to use robust regression rather than 2 point | |
798 | fit. | |
799 | ||
800 | * Added 'manual list' and 'manual delete' commands to chronyc to | |
801 | allow display of entered timestamps and discretionary deletion of | |
802 | outliers. | |
803 | ||
804 | * If host goes unsynchronised the dummy IP address 0.0.0.0 is detected | |
805 | to avoid attempting a reverse name lookup (to stop dial on demand IP | |
806 | links from being started) | |
807 | ||
808 | * Changed chronyc/chronyd protocol so messages are now all variable | |
809 | length. Saves on network bandwidth particularly for large replies | |
810 | from chronyd to chronyc (to support the clients command). | |
811 | ||
812 | * Added bindaddress directive to configuration file, to give | |
813 | additional control over limiting which hosts can access the local | |
814 | server. | |
815 | ||
816 | * Groundwork done for a port to Windows NT to compile with Cygwin | |
817 | toolkit. chronyc works (to monitor another host). sys_winnt.c | |
818 | needs finishing to use NT clock control API. Program structure | |
819 | needs adapting to use Windows NT service functions, so it can be | |
820 | started at boot time. Hopefully a Windows NT / Cygwin guru with | |
821 | some spare time can take this port over :-) | |
822 | ||
823 | New in version 1.02 | |
824 | =================== | |
825 | ||
826 | Bug fixes | |
827 | --------- | |
828 | ||
829 | * Fix error messages in chronyc if daemon is not reachable. | |
830 | ||
831 | * Fix config file problem for 'allow all' and 'deny all' without a | |
832 | trailing machine address. | |
833 | ||
834 | * Remove fatal failed assertion if command socket cannot be read from | |
835 | in daemon. | |
836 | ||
837 | * Rewrote timezone handling for Linux real time clock, following | |
838 | various reported problems related to daylight saving. | |
839 | ||
840 | Other changes/Enhancements | |
841 | -------------------------- | |
842 | ||
843 | * Configure script recognizes BSD/386 and uses SunOS 4.1 driver for | |
844 | it. | |
845 | ||
846 | * Log files now print date as day-month-year rather than as a day | |
847 | number. Milliseconds removed from timestamps of logged data. | |
848 | Banners included in file to give meanings of columns. | |
849 | ||
850 | * Only do 1 initial step (followed by a trimming slew) when | |
851 | initialising from RTC on Linux (previously did 2 steps). | |
852 | ||
853 | New in version 1.01 | |
854 | =================== | |
855 | ||
856 | Bug fixes | |
857 | --------- | |
858 | ||
859 | * Handle timezone of RTC correctly with respect to daylight saving | |
860 | time | |
861 | ||
862 | * Syntax check the chronyc 'local' command properly | |
863 | ||
864 | * Fixed assertion failed fault in median finder (used by RTC | |
865 | regression fitting) | |
866 | ||
867 | Other changes/Enhancements | |
868 | -------------------------- | |
869 | ||
870 | * Log selection of new NTP reference source to syslog. | |
871 | ||
872 | * Don't zero-pad IP address fields | |
873 | ||
874 | * Add new command to chronyc to allow logfiles to be cycled. | |
875 | ||
876 | * Extend allow/deny directive syntax in configuration file to so | |
877 | directive can apply to all hosts on the Internet. | |
878 | ||
879 | * Tidy up printout of timestamps to make it clear they are in UTC | |
880 | ||
881 | * Make 'configure' check the processor type as well as the operating | |
882 | system. |