This is an automated email from git. It was generated because a ref change was pushed to the "chrony/chrony.git" repository.
The branch, master has been updated via de678ff780a6902a7969db9add2e5a4b77a25f01 (commit) via e16bcca61787788dd42fca6cbae9b87176e8a213 (commit) via b57d7040b3c9c65abb2043de42d65a4e10820af2 (commit) via c80858f7388afa128fa05621d4122e8fa6e210e8 (commit) via 81bf7cdcdc0a871ef3a3a3f1430f17d0ca217b9d (commit) via b8b3830dc4b51265d3a3e0e85fb143ad13a7dbc3 (commit) from d4738e1259f97ee14687300ee01e6e6da4701bb4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit de678ff780a6902a7969db9add2e5a4b77a25f01 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Wed May 24 15:41:45 2023 +0200 doc: clarify limitation of refresh command commit e16bcca61787788dd42fca6cbae9b87176e8a213 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Wed May 24 10:56:07 2023 +0200 sys_linux: allow membarrier in seccomp filter This system call is used by musl. Reported-by: jvoisin <julien.voi...@dustri.org> commit b57d7040b3c9c65abb2043de42d65a4e10820af2 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Tue May 23 16:36:25 2023 +0200 configure: add option to disable AES-GCM-SIV support commit c80858f7388afa128fa05621d4122e8fa6e210e8 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Tue May 23 15:40:47 2023 +0200 nts: remove superfluous semicolon commit 81bf7cdcdc0a871ef3a3a3f1430f17d0ca217b9d Author: Miroslav Lichvar <mlich...@redhat.com> Date: Tue May 23 15:37:06 2023 +0200 nts: initialize unused part of server key Initialize the unused part of shorter server NTS keys (AES-128-GCM-SIV) loaded from ntsdumpdir to avoid sending uninitialized data in requests to the NTS-KE helper process. Do that also for newly generated keys in case the memory will be allocated dynamically. Fixes: b1230efac333 ("nts: add support for encrypting cookies with AES-128-GCM-SIV") commit b8b3830dc4b51265d3a3e0e85fb143ad13a7dbc3 Author: Miroslav Lichvar <mlich...@redhat.com> Date: Mon May 22 11:58:41 2023 +0200 ntp: randomize address selection on all source replacements If the resolver orders addresses by IP family, there is more than one address in the preferred IP family, and they are all reachable, but not selectable (e.g. falsetickers in a small pool which cannot remove them from DNS), chronyd is unable to switch to addresses in the other IP family as it follows the resolver's order. Enable randomization of the address selection for all source replacements and not just replacement of (unreachable) tentative sources. If the system doesn't have connectivity in the other family, the addresses will be skipped and no change in behavior should be observed. ----------------------------------------------------------------------- Summary of changes: configure | 7 ++++++- doc/chronyc.adoc | 6 +++--- ntp_sources.c | 10 +++++----- nts_ke_server.c | 4 +++- sys_linux.c | 3 +++ test/compilation/003-sanitizers | 1 + test/unit/nts_ke_server.c | 10 +++++++--- 7 files changed, 28 insertions(+), 13 deletions(-) hooks/post-receive -- chrony/chrony.git -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.