Attached is an untested debdiff. This is the upstream change refreshed
to apply to the package. You should be able to apply it and build a
package locally like this:
sudo apt update
sudo apt install build-essential devscripts
sudo apt build-dep ntpsec
apt source ntpsec
cd ntpsec-1.1.3+dfsg1
patch -p1 < ~/ntpsec_1.1.3+dfsg1-3~1.gbpdde9c0.debdiff
debuild -uc -us
Can you try that and see if it fixes the issue for you?
I'm sorry I'm short on time today and couldn't do further testing
myself. I hope this helps.
--
Richard
diff -Nru ntpsec-1.1.3+dfsg1/debian/changelog
ntpsec-1.1.3+dfsg1/debian/changelog
--- ntpsec-1.1.3+dfsg1/debian/changelog 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/changelog 2019-03-19 12:07:34.000000000 -0500
@@ -1,3 +1,11 @@
+ntpsec (1.1.3+dfsg1-3~1.gbpdde9c0) UNRELEASED; urgency=medium
+
+ ** SNAPSHOT build @dde9c0d5f1cc978b7542c64b660465b6ecd0d0fa **
+
+ * Backport fix for slow DNS retries (Closes: 924192)
+
+ -- Richard Laager <rlaa...@wiktel.com> Tue, 19 Mar 2019 12:07:34 -0500
+
ntpsec (1.1.3+dfsg1-2) unstable; urgency=medium
* Suppress lintian warning
diff -Nru
ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch
ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch
--- ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch
1969-12-31 18:00:00.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch
2019-03-19 11:59:46.000000000 -0500
@@ -0,0 +1,56 @@
+From bf3dfbe30ad16b4d345dfe9d6c6d842d9321355f Mon Sep 17 00:00:00 2001
+From: Hal Murray <mur...@shuksan.example.com>
+Date: Sat, 16 Mar 2019 11:07:41 -0700
+Subject: [PATCH] Fix for #577, DNS retry sloth
+
+There is only one thread for DNS (and NTS-KE) work. If an attempt
+was made while the thread was busy, it waited for the retry timer
+rather than trying again as soon as the previous DNS work finished.
+---
+ ntpd/ntp_proto.c | 20 +++++++++++++++++---
+ 1 file changed, 17 insertions(+), 3 deletions(-)
+
+--- a/ntpd/ntp_proto.c
++++ b/ntpd/ntp_proto.c
+@@ -811,7 +811,11 @@
+ if ((peer_associations <= 2 * sys_maxclock) &&
+ (peer_associations < sys_maxclock ||
+ sys_survivors < sys_minclock))
+- if (!dns_probe(peer)) return;
++ if (!dns_probe(peer)) {
++ /* DNS thread busy, try again soon */
++ peer->nextdate = current_time;
++ return;
++ }
+ poll_update(peer, hpoll);
+ return;
+ }
+@@ -819,7 +823,10 @@
+ /* Does server need DNS lookup? */
+ if (peer->cfg.flags & FLAG_DNS) {
+ peer->outdate = current_time;
+- if (!dns_probe(peer)) return;
++ if (!dns_probe(peer)) {
++ peer->nextdate = current_time;
++ return;
++ }
+ poll_update(peer, hpoll);
+ return;
+ }
+@@ -2419,8 +2426,15 @@
+ hpoll = 8;
+ break;
+ case DNS_temp:
++ /* DNS not working yet. ??
++ * Want to retry soon,
++ * but also want to avoid log clutter.
++ * Beware, Fedora 29 lies:
++ * What I expect to be temp (no Wifi)
++ * gets EAI_NONAME, Name or service not known
++ */
+ txt = "temp";
+- hpoll += 1;
++ hpoll = 3;
+ break;
+ case DNS_error:
+ txt = "error";
diff -Nru ntpsec-1.1.3+dfsg1/debian/patches/series
ntpsec-1.1.3+dfsg1/debian/patches/series
--- ntpsec-1.1.3+dfsg1/debian/patches/series 2019-02-04 01:37:36.000000000
-0600
+++ ntpsec-1.1.3+dfsg1/debian/patches/series 2019-03-19 11:47:37.000000000
-0500
@@ -42,6 +42,8 @@
0001-Use-.egg-info-for-the-Python-info-file.patch
## Fix a spelling error
0001-Fix-a-typo.2.patch
+## Fix DNS timeouts
+0001-Fix-for-577-DNS-retry-sloth.patch
# Forwarded
0001-Add-Documentation-to-ntp-wait.service.patch
