Stephen Wadeley [Fri, 3 Jun 2016 07:33:34 +0000 (09:33 +0200)]
doc: improve chrony.conf man page
- fix word order, articles, consistency, and some typos
- avoid slashes, contractions, `may`, dashes in running text
- use colons before example and code blocks
- add Oxford commas
Miroslav Lichvar [Mon, 30 May 2016 11:59:01 +0000 (13:59 +0200)]
reference: suppress orphan option in special reference modes
This allows a server that will become the orphan source to initialize
its time with the initstepslew directive from the current orphan source
or its clients.
Miroslav Lichvar [Tue, 17 May 2016 10:49:52 +0000 (12:49 +0200)]
ntp: fix definition of minimum and maximum MAC length
The NTP_*_MAC_LENGTH macros didn't include the key ID, which caused the
NTP authentication check to ignore MACs with 512-bit hashes (SHA512,
WHIRLPOOL).
Miroslav Lichvar [Thu, 12 May 2016 13:43:42 +0000 (15:43 +0200)]
ntp: don't check for synchronization loop in special reference modes
If a special reference mode is enabled, always pass the test for
synchronization loop. This allows chronyd using the initstepslew
directive (or the -q/-Q option) to accept time from its own clients
after restart as is documented in the chrony.conf man page.
Miroslav Lichvar [Wed, 11 May 2016 14:31:51 +0000 (16:31 +0200)]
refclock: avoid reallocation of refclock instances
Change the array with refclock instances to store just pointers and
avoid reallocation of the instances. This fixes a bug with the SOCK
refclock, which uses the pointer to the instance in a file handler and
which was invalid when the instance was reallocated (after adding
another refclock).
Miroslav Lichvar [Fri, 15 Apr 2016 12:49:03 +0000 (14:49 +0200)]
sched: fix handling of signals after finalization
Don't require the scheduler to be initialized in SCH_QuitProgram().
This fixes a crash when a signal is received between scheduler
finalization and chronyd exit.
Miroslav Lichvar [Wed, 13 Apr 2016 09:43:36 +0000 (11:43 +0200)]
sources: consider only reachable orphans for selection
Ignore orphan sources that are unreachable (but still have usable stats)
to have a quick and consistent source selection between orphans.
This also fixes the "Unknown local refid in orphan mode" error appearing
when a selected orphan source is removed, as the source is marked as
unreachable and the selection runs with disabled NTP instance before the
source instance is actually removed.
Instead of using a timer for switching the reference to the
unsynchronised state (which activates the local reference), check
if it should be active when returning the reference parameters.
reference: return real sync status in REF_GetReferenceParams()
If local reference is active, return normal leap, but unsynchronised
status. Update the callers of the function to work with the leap
directly and not change their behaviour.
reference: report same values in tracking command as in NTP
Use REF_GetReferenceParams() in the tracking command to simplify the
code and report the same values as what NTP clients of the server see.
When the local reference mode is active, this changes the leap status to
synchronised and reference time to one second behind current time. When
not synchronised, the root delay and root dispersion are now 1 second.
ntp: ignore order of resolved addresses when replacing tentative source
If the replaced source never had a valid reply (e.g. because it was a
bad replacement), ignore the order of addresses from the resolver to not
get stuck to a pair of addresses if the order doesn't change, or a group
of IPv4/IPv6 addresses if the resolver prefers inaccessible IP family.
ntp: don't check reference timestamp in received packets
When ntpd as an NTP server has active orphan mode, it doesn't update
its reference time and the reference timestamp may fail the NTP test
3 and 7. (https://bugs.ntp.org/show_bug.cgi?id=1098)
Remove both checks of the timestamp to allow chronyd to operate as
a client of ntpd server in the orphan mode. When ntpd is fixed and
old versions are no longer used, this may be reverted.
Miroslav Lichvar [Wed, 30 Mar 2016 15:39:49 +0000 (17:39 +0200)]
sources: add support for orphan sources
When the local reference is configured with the orphan option, NTP
sources that have stratum equal to the configured local stratum are
considered to be orphans (i.e. serving local time while not being
synchronised with real time) and are excluded from the normal source
selection. Sources with stratum larger than the local stratum are
considered to be directly on indirectly synchronised to an orphan and
are always ignored.
If no selectable source is available and all orphan sources have
reference IDs larger than the local ID, no source will be selected and
the local reference mode will be activated at some point, i.e. this host
will become an orphan. Otherwise, the orphan source with the smallest
reference ID will be selected. This ensures a group of servers polling
each other (with the same orphan configuration) which have no external
source can settle down to a state where only one server is serving its
local unsychronised time and others are synchronised to it.
Miroslav Lichvar [Wed, 30 Mar 2016 15:12:12 +0000 (17:12 +0200)]
reference: activate local reference with large root distance
Since the update to NTPv4, when the clock is in the synchronised state
and the clock updates stop (e.g. sources become unreachable), it doesn't
switch to the unsynchronised state and the local reference is never
activate. This can be a problem for clients that rely on the server to
always have root distance below some value (e.g. chronyd's maxdistance).
Add a timer that will activate the local reference when the root
distance reaches a specified threshold. It can be configured with the
distance option in the local directive (by default 1.0 second).
Miroslav Lichvar [Wed, 30 Mar 2016 13:58:45 +0000 (15:58 +0200)]
conf: rework local directive to have default stratum
Allow the local directive to be specified without the stratum field.
It's an option now, with default value 10. Also, move the parsing code
to cmdparse.c to make it available to the client.
Miroslav Lichvar [Wed, 30 Mar 2016 09:02:04 +0000 (11:02 +0200)]
ntp: add function to get local reference ID
When a valid NTP reply is received, save the local address (e.g. from
IP_PKTINFO), so the reference ID which would the source use for this
host can be calculated when needed.
Miroslav Lichvar [Tue, 22 Mar 2016 16:07:46 +0000 (17:07 +0100)]
local: make maximum frequency offset configurable
Add maxdrift directive to set the maximum assumed drift of the clock,
which sets the maximum frequency offset chronyd is allowed to use to
to correct the drift.
Miroslav Lichvar [Tue, 22 Mar 2016 16:01:38 +0000 (17:01 +0100)]
sources: try to replace NTP sources with bad distance
Similarly to unreachable sources and falsetickers, try to replace
sources with distance larger than the limit set by the maxdistance
directive with a newly resolved address of the hostname.
Miroslav Lichvar [Thu, 17 Mar 2016 13:28:45 +0000 (14:28 +0100)]
util: fix UTI_FloatNetworkToHost() with very small exponents
Fix conversion of floating point numbers from the cmdmon format with
very small exponents, as for instance could be in the smoothing report
when the smoothing process ends.
Miroslav Lichvar [Wed, 16 Mar 2016 14:50:47 +0000 (15:50 +0100)]
client: add CSV output mode
Add a new option (-c) to chronyc to enable printing of reports in a
column-separated values (CSV) format. IP addresses will not be resolved
to hostnames, time will be printed as number of seconds since the epoch
and values in seconds will not be converted to other units.
Miroslav Lichvar [Wed, 16 Mar 2016 11:05:42 +0000 (12:05 +0100)]
client: rework printing of reports
Add a new printf-like function to allow printing of all fields at once
and rework all commands which print a report to use it. Add functions
for printing of headers and information fields, and formatting of IP
addresses and reference IDs.
Miroslav Lichvar [Mon, 14 Mar 2016 17:06:56 +0000 (18:06 +0100)]
util: randomize hashing of IP addresses
Include a random (constant) value in the hash in UTI_IPToHash() to
randomize the order in which NTP sources are stored in the hash table
and polled on start. This change also randomizes the order of clientlog
records.
Split and convert the manual into four AsciiDoc documents, a document
about installation and three documents in the manpage type for
chrony.conf, chronyd and chronyc. The minimal man pages that were
maintained separately from the manual are replaced by full man pages
generated from AsciiDoc. Info files will no longer be provided.
Some parts of the manual are rewritten, updated or trimmed. The
introduction chapter is partially merged with README. The chapter about
typical operating scenarios is included in the chrony.conf man page.
Remove automatic download and compilation of clknetsim. If clknetsim is
not found, skip all simulation tests, but don't fail "make check".
Also, respect the CLKNETSIM_PATH environment variable.
Miroslav Lichvar [Fri, 29 Jan 2016 14:46:56 +0000 (15:46 +0100)]
cmdmon: define new types for CLIENT_ACCESSES_BY_INDEX command
There was an incompatible change in the client access report. To avoid
bumping the protocol version drop support for the original request/reply
types and define new CLIENT_ACCESSES_BY_INDEX2 types as a newer version
of the command.
Miroslav Lichvar [Fri, 29 Jan 2016 12:46:38 +0000 (13:46 +0100)]
cmdmon: use 32-bit fields in client access report
The clientlog record still uses 16-bit integers to count dropped
packets, but this will avoid an incompatible change in the command
reply if there will be a need to count more than 2^16 drops.
Miroslav Lichvar [Mon, 25 Jan 2016 15:50:51 +0000 (16:50 +0100)]
keys: warn about short key only if used by source
After restricting authentication of servers and peers to the specified
key, a short key in the key file is a security problem from the client's
point of view only if it's specified for a source.
Miroslav Lichvar [Mon, 18 Jan 2016 16:08:23 +0000 (17:08 +0100)]
clientlog: count total number of hits and drops
Count total number of NTP and command hits. Count also number of log
records that were replaced when the hash table couldn't be resized due
to the memory limit.