628 Commits (9268532441b941fd01f247ebcf1907b8075373ff)

Author SHA1 Message Date
  otto b6720974c4 1) Re-resolve and re-get constraints once the clock is synced. Constraints 5 years ago
  otto 005e327f50 fix printing when the pool is specified as an IP address; reported by and 5 years ago
  otto ac3128b975 proper level of two messages, prompted by deraadt@ 5 years ago
  otto 4faedbcd1c Sometimes ntp peers are unreliable (looking at you pool.ntp.org!) 5 years ago
  otto 27174b5b44 Forgotten va_copy/va_end; on some archs that is really needed. ok benno@ 5 years ago
  deraadt e5e55cd690 When system calls indicate an error they return -1, not some arbitrary 5 years ago
  otto c47029baaf Allow logging to both stderr and syslog; don't reset the log level if 5 years ago
  otto 5ad888ab62 tweaks with help from jmc@ 5 years ago
  otto 56e1091d6d Tell a bit about automatic mode; ok jmc@ 5 years ago
  otto 6f5c796c99 Do a quick DNS probe to decide to stay in the forground and attempt 5 years ago
  otto 391b236846 Be more aggressive retrying dns while in settime mode. The constraint 5 years ago
  otto 46a918abc5 Fix init of syslog for childs and teach dns process about synced state. 5 years ago
  otto 0225e4f1d7 Introducing autmatic settime mode: if some preconditions are met 5 years ago
  otto 11942d45dc Use proper algorithm for median computation; use fabs() for computing 5 years ago
  otto 349011c612 If a DBS resolve was done with the Checking Disabled flag, re-resolve 5 years ago
  otto 89bf75c4ef A step in solving the bootstrap problem in a dnssec environement. 5 years ago
  deraadt 247cc87989 (unsigned) means (unsigned int) which on ptrdiff_t or size_t or other 5 years ago
  jsing 37b88a442e Improve logging for TLS certificate validity checking. 5 years ago
  jsing 64715c5af0 Explicitly check timegm() return value. 5 years ago
  jsing ec351717c5 Perform manual validity checking of the X.509 certificate for constraints. 5 years ago
  otto 7a31e61809 Don't use *a - *b as compare idiom, it does not work as expected for 5 years ago
  florian ea28228b66 Prevent multiple ntpds from tripping over each other. 5 years ago
  tedu b233898e51 log dns failures, even if temporary. ok benno 5 years ago
  tedu d1794e488e update for libtls default cert changes. 6 years ago
  jsing 3fab6cbb08 Use TLS_CA_CERT_FILE instead of a separate define. 6 years ago
  jsing cf2ba9bd55 Be stricter with TLS configuration for ntpd constraints. 6 years ago
  sashan 6d2498c22d - odd condition/test in PF lexer 6 years ago
  kn 183780a91b Make host_*() AF-agnostic 6 years ago
  deraadt 48ecc0761d the main process must chdir to /, since it cannot have daemon() do the 6 years ago
  deraadt a27b872488 ntpd unveils the cert.pem "r" file (which is passed-over-socket to the 6 years ago
  mestre 7b9d9ca1a6 Revert back previous commit, we have decided that socket files don't cause any 6 years ago
  mestre b448df251e ntpd(8) has logic in place to delete its control socket on shutdown, but it 6 years ago
  sthen 19c0bfe36b revert previous, something isn't quite right as clients see ntpd 6 years ago
  henning 8dc6551ff1 if we couldn't update the clock for ~1h due to lack of data from peers and 6 years ago
  krw b977896d36 No need to mention which memory allocation entry point failed (malloc, 6 years ago
  krw 81de90466c Be consistent in warn() and log_warn() usage when 6 years ago
  jmc a333c4129f ntpd has been on by default for over two years now, so rework 7 years ago
  naddy 8082e34065 zero out sockaddr_in before use; fixes use of stack garbage as port number 7 years ago
  job 90b075737d naddy@ reported confusion on why "query from" seemed to be ignored in 7 years ago
  jmc 20dd90153e tweak previous; 7 years ago
  benno 184c157e2f add option "query from <ip>" to ntpd.conf, to specify a local IP 7 years ago
  otto 9b92ee0342 don't manipulate hdr.len, it's used internally by libutil now; ok florian@ 7 years ago
  bluhm 21256fb318 From a syslog perspective it does not make sense to log fatal and 7 years ago
  gsoares ef079a5b2e *nargv[] holds an array of pointers, so it should be 7 years ago
  phessler af3e6c4339 add logging messages to distinguish which safty check failed 7 years ago
  reyk 99d11625c1 Stop accessing verbose and debug variables from log.c directly. 8 years ago
  krw 58841e22f6 Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with 8 years ago
  reyk ccbed53971 Sync log.c with the latest version from vmd/log.c that preserves errno 8 years ago
  jmc e78f38adba markup from jan stary; 8 years ago
  rzalamena 19841ef136 Use the stack to hold the constraint child process variables instead of 8 years ago