Fix(#793): "./waf bin_test" results in a Python error

[ntpsec.git] / NEWS.adoc

= NTPsec project news =

For historic news from NTP Classic, see devel/HISTORIC-NEWS in the
distribution.

Not all news features are described here; see docs/ntpsec.adoc in the
distribution.

Much of the traditional function of a news file is now better addressed
by browsing the comments in the revision history.  This file will focus
on user-visible changes.

## Repository Head

* Fix ntpviz's skewness and kurtosis formulas. Fix suggested by by Frank Davis.

* ntpd now runs on FIPS mode systems.

* Clock fuzzing is gone.  --disable-fuzz is now standard.

* ntpd can now listen on a second port.  Add either "nts port xxxx"
  or "extra port xxxx" in your config file. If either is specified,
  the NTS-KE server will tell the client to use that port.  This might
  help get around some of the blocking or filtering that ISPs are
  doing to port 123.  (Don't forget to let UDP traffic for that port
  through your firewall.) I've been testing with port 8123.

* Client requests will also be sent from that port.  Again, that will
  bypass some port 123 filtering.

* NTPsec now builds on Linux armhf.  #832

## 2023-12-30: 1.2.3

* Change mode6 alignment to four, which may
  break some compatibility with classic NTP.

* Seccomp should now also yield invalid syscall names when dying.

* Make ntpq stop dropping output timestamp leading zeroes.

* Update documents in quite a few places.

* Reset some stats hourly, even when not logged into files.

* Add error logging, and stats for ms-sntp.

* Add spacing between multiple peer views in ntpq.

* We think we have fixed ms-sntp but we can't test it.
  If you can test it, please let us know if it does/doesn't work.

* ntpd and ntpq both treat SHA-1 as an alias for SHA1
  NIST uses SHA-1.  The crypto package from OpenSSL uses SHA1.

* The default crypto type for ntpq is now AES.
  RFC 8573 deprecated MD5.

* There are now log files with hourly statistics for NTS and
  NTS-KE traffic: filegen ntsstats and filegen ntskestats,

* Update ntpsnmpd to use python built-in to get uname information. NTPsec/ntpsec#791

* Update license file names for REUSE compliance.

* Fix ntploggps issue where count_used_satellites checked before it is initialized.

* Print out OpenSSL version at configure time.

* Enable debug symbols by default, with only an option to disable.

* Add support for ecdhcurves list.

* Fix build on platforms where `-fstack-protector` relies on libssp, like musl.

* Fix ntpdig crash when using 2.ntp.pool.org with a host without IPv6 support.

* Do not install libaes_siv test anymore.

* Add update option to buildprep.

* ntpdig shows packet delay in JSON output.

## 2023-08-02: 1.2.2a

Fix a crash in ntpd if NTS is disabled and an NTS-enabled client request (mode
3) is received. (CVE-2023-4012)

## 2022-12-28: 1.2.2

* Restore/cleanup NTPv1 support

** ntpq sysstats now shows NTPv1 traffic.

** NTPv1 counter added to sysstats log file.

* NTS supports partial wildcards, for example `*.example.com`

* Work on documentation, ntpdate, ntpheat, ntploggpg, ntpq's sysstats, ntpviz,
and seccomp.

* NTP auth no longer breaks on NULs.

* The NTS server now saves 10 days worth of cookie keys.  This will allow clients
that only poll once a day to use NTS without using NTS-KE to keep cookies up to
date.

* rawstats now logs dropped packets and their BOGON code

** Only one per request to avoid DoSing the log file

** This lets you see packets that take too long.

* Add 4 or 6 to DNS/NTS RefID tags to indicate that the
DNS or NTS-KE has succeeded but NTP has not worked yet.

* Build improvements

** Respect `--notests` configure option for build

** Add `--enable-attic` (default off)

** Restore Python 2.6 support

** Restore LibreSSL support

** Add support for OpenSSL 3.0

* Fix hash validation in ntpleapfetch again.

* FreeBSD now gets nanosecond resolution on receive time stamps.

== 2021-06-06: 1.2.1 ==

Update ntpkeygen/keygone to properly filter `#` characters. (CVE-2021-22212)

Add dextral peers mode in ntpq and ntpmon.

Drop NTPv1 as the support was not RFC compliant, maybe v2 except mode 6 next.

Fix argument P for ntpd parsing fixed and ntpdate improvements.

Fix crash for raw ntpq readvar.

Add processor usage to NTS-KE logging except on NetBSD.

Remove --build-epoch and replace it with arbitrary --build-desc text.
Passing '--build-desc=$(date -u +%Y-%m-%dT%H:%M:%Sz)' restores the previous
default extended version.

The build epoch has been replaced with a hardcoded timestamp which will be
manually updated every nine years or so (approx 512w).  This makes the
binaries reproducible by default.

Compare versions of ntp.ntpc and libntpc printing a warning if
mismatched. Fix libntpc install path if using it.

Reduce maxclocks default to 5 to reduce the NTP pool load.

Print LIBDIR during ./waf configure.

Add documentation, new GPG key, and other cleanups.

== 2020-10-06: 1.2.0 ==

The minor version bump is to indicate official official support of
RFC8915 "Network Time Security for the Network Time Protocol" which
was released 2020-09-30.

On this day in 1783, Benjamin Hanks received a patent for a
self-winding clock he planned to install in the Old Dutch Church in
Kingston, New York, supposedly making it the first public clock in
what became the New York City metropolitan area.

NTS-KE client now defaults to port 4460.

NTS-KE server now listens on port 4460.
(Listening on port 123 has been removed.)

The shebang of installed Python scripts can now be customized with:
  waf configure --pyshebang="..."
This has multiple uses, but one example is for distros (like CentOS 8 or
Ubuntu 20.04) with no `python` executable:
  python3 waf configure --pyshebang="/usr/bin/env python3"

NTP clients now use a shared library with Python instead of an extension.

Add flakiness option to ntpq and fixed limit=1 in mrulist.

Fixed a minor formatting issue in rate page.

== 2020-05-23: 1.1.9 ==

Today is Blursday, Maprilay 84th, 2020, of the COVID-19 panic.

Correctly parse ntpq :config output on Python 3 and check return MACs.

Add AES and other algorithm support to ntpq and ntpdig, from OpenSSL.

Remove support for NetInfo. NetInfo was last supported in Mac OS X v10.4

The configure step now supports --disable-nts for running
on systems with older versions of OpenSSL.

The default restrictions now start with noquery and limited
to reduce the opportunities for being used for DDoS-ing.

The draft RFC for NTS has dropped support for TLSv1.2
  We now need OpenSSL with TLSv1.3 support (version 1.1.1 or newer).
  The config keyword +tlsciphers+ has been removed.

Additional filtering and sort options have been added to ntpq/mrulist
  Details are in the man page.

Rate limiting has been cleaned up.
  With "restrict limited", traffic is now limited to
  an average of 1 packet per second with bursts of 20.
  (needs doc and maybe config)

SIGHUP and hourly checks have been unified.  Both now
  check for a new log file
  check for a new certificate file
  check for a new leap file
SIGHUP also restarts all pending DNS and NTS probes.

NTS client now requires ALPN on TLSv1.3.

asciidoctor (1.5.8 or newer) is now supported and is the preferred AsciiDoc
processor.  asciidoc is still supported, but the minimum supported version
has been raised from 8.6.0 to 8.6.8.  asciidoc3 (3.0.2 or newer) is also
supported.

HTML docs are now built by default if an AsciiDoc processor is installed.  If
you do not want HTML docs, configure with --disable-doc.  (Note:  Man pages
are controlled by a separate --disable-manpage.)

Analysis shows that CVE-2020-11868, affecting NTP Classic,
cannot affect us, as the peer mode involved has been removed.

== 2019-11-17: 1.1.8 ==

Fix bug in NTS-KE client so that NTP server names work.

Fix/tweak several NTS logging messages.

== 2019-09-02: 1.1.7 ==

The numeric literal argument of the 'time1' fudge option on a clock
can now have one or more letter suffixes that compensate for era
rollover in a GPS device.  Each "g" adds the number of seconds in a
1024-week (10-bit) GPS era. Each "G" adds the number of seconds in a
8192-week (13-bit) GPS era.

The neoclock4x driver has been removed, due to the hardware and the
vendor having utterly vanished from the face of the earth.

The NTS ALPN negotiation sequence has been modified for improved
interoperability with other NTS implementations.

NTS key rotation now happens every 24 hours.  It used to rotate
every hour to enable testing of recovery from stale cookies.

On this day in 1945, some important paperwork was signed by
General MacArthur aboard the USS Missouri.

== 2019-07-10: 1.1.6 ==

Fixes to code quality checks.

Fixes to NTS server list.

Fix to bug #600.

On this day in 1913, in Death Valley, the temperature was 56.7°C,
officially world's highest recorded temperature.

== 2019-06-30: 1.1.5 ==

Add ALPN for the NTS server, as required by the NTP draft.

Revert some ntpq behavior.

On this day in 1972 the first leap second is added to the UTC time system.

== 2019-06-21: 1.1.4 ==

NTS is now implemented.  See .../devel/nts.adoc
https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp

We thank Cisco for sponsoring the NTS development.

Lots of fixes and cleanups to PPS, both implementation and documentation.

Pthread support is now required.  --disable-dns-lookup is gone.

NIST lockclock mode is now a runtime option set by the (previously unused)
flag1 mode bit of the local-clock driver.

As always, lots of minor fixups and cleanups everywhere.  See the git log.

Today marks the summer solstice in the Northern Hemisphere.

== 2019-01-13: 1.1.3 ==

Security fixes for bugs inherited from NTP Classic:

* CVE-2019-6443: OOB read in ctl_getitem() in ntp_control.c (GitLab #507)
* CVE-2019-6444: OOB read in process_control() in ntp_control.c (GitLab #508)
* CVE-2019-6445: Remotely triggerable crash in ntp_control.c (GitLab #509)
* CVE-2019-6442: Authenticated OOB write in ntp_parser.y (GitLab #510)

Lots of typo fixes, documentation cleanups, test targets.

In memory of Arland D. Williams Jr.

== 2018-08-28: 1.1.2 ==

Use data minimization on client requests
  https://datatracker.ietf.org/doc/draft-ietf-ntp-data-minimization/

Support AES-128-CMAC for authentication
  https://www.rfc-editor.org/info/rfc8573

== 2018-06-11: 1.1.1 ==

Log timestamps now include the year.  This is useful when
investigating bugs involving time-setting and -g.

Many internal cleanups to clear the way for upcoming major features.
They should generally not be user visible.  Refer to the git-log if
you are interested.

== 2018-03-14: 1.1.0 ==

RIP Stephen William Hawking, CH CBE FRS FRSA. 1942-01-08 - 2018-03-14
You gave us a Brief History of Time.  We will just count it.

Enough user visible changes have been made that this is the 1.1.0 release
instead of a 1.0.1.

The code size is now 55KLOC in C, 15KLOC in Python.

Digests longer then 20 bytes will be truncated.

We have merged NTP Classic's fix for CVE-2018-7182.

The following NTP Classic CVEs announced in February 2018 do not affect NTPsec:

* CVE-2016-1549: Sybil vulnerability: ephemeral association attack
* CVE-2018-7170: Multiple authenticated ephemeral associations
* CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state
* CVE-2018-7185: Unauthenticated packet can reset authenticated interleaved association
* CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit

We have dropped support for Broadcast servers.  We had kept it for
older desktop operating systems listening on the local network
broadcast domain, a use case that is no longer employed in sane
environments, and no longer necessary for modern desktop OSs.

It is now possible to unpeer refclocks using a type/unit specification
rather than a magic IP address.  This was the last obligatory use of
magic IP addresses in the configuration grammar.

OpenBSD has been removed from the list of supported platforms for
ntpd. It will be restored if and when its clock API supports drift
adjustment via ntp_adjtime() or equivalent facility.

Mac OS X support has been dropped pending the implementation of
ntp_adjtime(2).

A bug that caused the rejection of 33% of packets from Amazon time
service has been fixed.

== 2017-10-10: 1.0.0 ==

This is the 1.0 release.
It has been a long road, getting from there to here.

The code size has been further reduced, to 55KLOC.

A bug inherited from Classic that could cause bad jitter from bad
peers to be incorrectly zeroed, producing erratic or slow startup, has
been fixed.

The dependency of local refclocks returning 4-digit years on
pre-synchronization to a network peer has been removed.  It is
thus possible to run in a fully-autonomous mode using multiple
refclocks and no network peers.

ntpmon now reports units on time figures.

ntpq now reports a count of Mode 6 messages received under sysstats.

You can now turn off restriction flags with an _unrestrict_ statement
that takes arguments exactly like a _restrict_, except that with no
argument flags it removes any filter rule associated with the
address/mask (as opposed to creating one with unrestricted
access). This is expected to be useful mainly with the "ntpq :config"
command.

Builds are fully reproducible; see SOURCE_DATE_EPOCH and BUILD_EPOCH.

== 2017-03-21: 0.9.7 ==

The code size has been further reduced, to 60KLOC.

A shell script, buildprep, has been added to the top level source directory.
It prepares your system for an NTPsec source build by installing all required
dependencies on the build host.

Extra digits of precision are now output in numerous places.  The
driftfile now stores 6 digits past the decimal point instead of 3.  The
stats files now stores 9 digits past the decimal point instead of 6 for
some fields. ntpq and ntpmon also report extra digits of precision in
multiple places.  These changes may break simple parsing scripts.

Four contrib programs: cpu-temp-log; smartctl-temp-log, temper-temp-log,
and zone-temp-log; have been combined into the new program ntplogtemp.
The new program allows for easy logging of system temperatures and is
installed by default.

The SHM refclock no longer limits the value of SHM time by default.
This allows SHM to work on systems with no RTC by default.

The following CVEs revealed by a Mozilla penetration test and reported in
CERT VU#325339 have been resolved:

CVE-2017-6464: Denial of Service via Malformed Config
CVE-2017-6463: Authenticated DoS via Malicious Config Option
CVE-2017-6458: Potential Overflows in ctl_put() functions
CVE-2017-6451: Improper use of snprintf() in mx4200_send()

A Pentest report by Cure53 noted that a previously fixed CVE had been
reintroduced into the code.  This was resolved, again.

CVE-2014-9295: Multiple stack-based buffer overflows in ntpd

The following CVEs, announced simultaneously, affected NTP Classic but
not NTPsec, because we had already removed the attack surface:

CVE-2017-6462: Buffer Overflow in DPTS Clock
CVE-2017-6455: Privileged execution of User Library code
CVE-2017-6452: Stack Buffer Overflow from Command Line
CVE-2017-6459: Data Structure terminated insufficiently
CVE-2017-6460: Buffer Overflow in ntpq when fetching reslist

We gratefully acknowledge the work of of Dr.-Ing. Mario Hederich
at cure53 in detecting these problems and his cooperation in resolving them.

== 2016-12-30: 0.9.6 ==

ntpkeygen has been moved from C to Python.  This is not a functional
change, just another move to improve maintainability and reduce attack
surface by decreasing line count.

ntpdig has also been moved from C to Python. Though this is also
mostly a move to reduce line count, the new version does have some
functional changes.  Obsolete options have been dropped, logging is
done a bit differently, and the synchronization-distance computation has
been brought up to date with ntpd's. Also, this version can be told to
collect multiple samples and use whichever has the lowest combination
of stratum and synchronization distance.

A new tool for time-service operators, ntpmon, supports real-time
monitoring of your NTP installation's status.

== 2016-11-23: 0.9.5 ==

This release includes a substantial refactoring of the core protocol
implementation. Due to unresolvable security issues, support for
broadcast/multicast clients has been dropped; broadcast servers are
still supported. Likewise, symmetric mode is now only partially
supported. The `peer` directive has become a synonym for `server`.
Servers which receive symmetric-active mode packets will immediately
give a symmetric-passive-mode response, but will not mobilize a new
association.

All remaining Perl code in the distribution has been moved to Python.

The trap feature, broken in NTP Classic at the time of the NTPSec fork,
has been removed. So has its only known client, the ntptrap script in the
distribution.

A new visualization tool, ntpviz, generates graphical summaries of
logfile data that can be helpful for identifying problems such as
misconfigured servers.  It replaces a messy and poorly documented pile
of ancient Perl, awk, and S scripts; those have been removed.

It is now possible (and sometimes useful) to say "minpoll 0" for a
1-second interval.

The ntpq tool for querying and configuring a running ntpd has been
moved from C to Python.  About the only visible effect this has is
that ntpq now resizes its peers display to accommodate wide
terminal-emulator windows.

This release includes fixes for four low and medium-severity
vulnerabilities:

CVE-2016-7434: Null pointer dereference on malformed mrulist request
CVE-2016-7429: Interface selection DoS
CVE-2016-9311: Trap crash
CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS vector

Note that the "fixes" for CVE-2016-9310/9311 consist of complete
removal of the broken trap feature. This removal occurred post-0.9.4
but prior to the discovery of these issues.

Further, an additional low-severity issue impacting 0.9.0 through
0.9.3 has come to our attention:

CVE-2016-7433: Reboot sync calculation problem

This issue was already addressed in 0.9.4 but not treated as a
vulnerability.

The following NTP Classic CVEs do not impact NTPsec: CVE-2016-7427,
CVE-2016-7428, CVE-2016-9312, CVE-2016-7431. We reject CVE-2016-7426,
as it describes known and intended behavior which is a necessary
logical consequence of rate-limiting.

For more information on these security issues, see:
https://lists.ntpsec.org/pipermail/devel/2016-November/002589.html
http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se

== 2016-08-16: 0.9.4 ==

usestats has been added to the statistics collection to record
system resource usage statistics.

A new, simpler configuration syntax for refclocks has been
implemented.  Configuration examples in the new syntax have been added
to each driver page.

Refclocks are now designated by name, not number. A list is available
from "./waf configure --list".

The rarely-used saveconfig feature in ntpd, and various associated
configuration directives, have been removed for security reasons. The
ntpd --saveconfigquit option, undocumented in NTP Classic, has
also been removed.

The ARCRON MSF refclock has been removed on the advice of last maintainer.

The Spectracom TSYNC PCI refclock has been removed. It required a
proprietary driver.  As a matter of good security policy, NTPsec will
not trust nor attempt to support code it cannot audit.

The Conrad Parallel Port radio refclock has been removed.  It required
a third-party parallel-port driver for Linux that no longer exists.

Both Hopf refclocks have been removed.  The 6039 driver required a
kernel driver that no longer exists; the 6021 driver duplicated
support in the generic driver.

The Austron refclock has been removed, on the grounds that it was
EOLed more than 20 years ago and there's been no aftermarket activity
or web chatter around it for a decade.

The audio-path drivers (IRIG and CHU) have been removed. The class
of hardware required to support them has gone essentially extinct due
to cheap DSP. The complexity/maintenance overhead of this code
was high enough to motivate dropping them.

This release contains a fix for one vulnerability inherited from
NTP Classic:

[Bug 3044] (CVE-2016-4954) Processing spoofed server packets

https://lists.ntpsec.org/pipermail/devel/2016-June/001299.html provides
additional information on this issue.

It also includes the following fix cross-ported from Classic:

[Bug 3047] refclock_jjy does not work with C-DEX JST2000

== 2016-05-17: 0.9.3 ==

The long-deprecated Autokey feature has been removed.

This release contains fixes for three vulnerabilities inherited from
NTP Classic:

[Bug 3020] (CVE-2016-1551) Refclock impersonation vulnerability
  (Credit: Matt Street et. al. of Cisco ASIG)
[Bug 3008] (CVE-2016-2519) ctl_getitem() return value not always checked
  (Credit: Yihan Lian of the Qihoo 360 cloud security team)
[Bug 2978] (CVE-2016-1548) Interleave-pivot
  (Credit: Miroslav Lichvar of RedHat and Jonathan Gardner of Cisco ASIG)

The following non-security fixes have been
forward-ported from Classic:

[Bug 2772] adj_systime overflows tv_usec
[Bug 2814] msyslog deadlock when signaled.
[Bug 2829] Look at pipe_fds in ntpd.c
[Bug 2887] fudge stratum only accepts values [0..16].
[Bug 2958] ntpq: fatal error messages need a final newline.
[Bug 2965] Local clock didn't work since 4.2.8p4.
[Bug 2969] Segfault from ntpq/mrulist when looking at server with lots of clients

We regard the following NTP Classic bug -

[Bug 3012] (CVE-2016-1549) Sybil vulnerability: ephemeral association attack
(Credit: Matthew van Gundy of Cisco ASIG)

as a duplicate of CVE-2015-7974 (see 0.9.1 release
notes) and it is WONTFIX for the time being: it is
correct-but-unfortunate behavior consequent to confusing and
inflexible semantics of ntp.conf's access control language, and we
will address it with a future redesign effort. NTP Classic has
partially addressed this pair of issues by extending the syntax of
ntp.keys to support IP ACLing. We are not currently aware of any
demand for this feature among NTPsec users and have no plans to
implement it; if you have a need for it, please file a bug at
https://gitlab.com/groups/NTPsec/issues to let us know you're out
there.

The remainder of the security issues patched in NTP Classic 4.2.8p7
either are not believed to impact NTPsec or were already fixed in a
previous release.

== 2016-03-15: 0.9.2 ==

Point release.

* can now cross-compile
* many documentation fixes
* Coverity is even more strict
* remove WWV, transmitter protocol changed, nobody builds receivers
* remove updwtmpx stuff, no longer useful

== 2016-01-25: 0.9.1 ==

Point release for security. Fixes:

* CVE-2015-7973: Replay attack on authenticated broadcast mode
  (Aanchal Malhotra)
* CVE-2015-7975: nextvar() missing length check (Jonathan Gardner)
* CVE-2015-7979: Off-path Denial of Service (DoS) attack on
  authenticated broadcast and other preemptable modes (Aanchal
  Malhotra)
* CVE-2015-8138: Zero Origin Timestamp Bypass (Matthew van Gundy &
  Jonathan Gardner)
* CVE-2015-8139: Origin Leak: ntpq and ntpdc Disclose Origin Timestamp
  to Unauthenticated Clients (Matthew van Gundy)
* CVE-2015-8158: Potential Infinite Loop in ntpq (Jonathan Gardner)
* CVE-2016-1550: Timing attack on MAC verification (Daniel Franke)
* Missing length checks in decodearr() and outputarr() (Daniel Franke)

Two additional security issues have been reported to us for which we
are not implementing code changes, but the user should be aware of
their impact.

The first (CVE-2015-8140) pertains to NTP's dynamic reconfiguration
feature, which permits on-the-fly modification of NTP's configuration
via ntpq. This feature is rarely used, typically disabled, and can
only be enabled when authentication is configured. ntpd has no means
of detecting that a request to change its configuration is a replay of
an old packet. Therefore, if an administrator sets ntpd to
configuration A and then to configuration B, an attacker who captures
the packets commanding these changes can replay the first one and
restore ntpd's state to configuration A. This is only a concern when
the configuration commands are sent over an untrusted
network. Configuration changes made via localhost are not susceptible.

This is an inherent design flaw in NTP cryptography and in the remote
reconfiguration protocol, and can be fixed only with a considerable
reworking and by changing the protocol in a way that is neither
forward nor backward compatible. This cryptographic rework is on the
horizon in the form of Network Time Security (currently a draft in the
IETF network time working group). Given that this vulnerability
impacts few if any real users, we have chosen to defer fixing it until
we have tools more suitable to the task. For the mean time, if you
rely on NTP's reconfiguration support, we recommend either restricting
its use to localhost or trusted networks, or tunneling through SSH or
a VPN. The 'nomodify' option to the 'restrict' directive may be used
to enforce this policy.

The second (CVE-2015-7974) pertains to the fact that when multiple
trusted keys are configured, no mechanism exists to associate
particular keys with particular peers or assign particular privileges.
This is not a bug, per se, but rather a lack of expressiveness in
NTP's configuration language. We intend to address in a future release
as part of a larger redesign aimed at giving clearer semantics to the
configuration language and making it easier to write safe
configurations.

Note that NTPsec is not impacted by CVE-2015-7976, CVE-2015-7977, or
CVE-2015-7978. CVE-2015-7977 and CVE-2015-7978 both pertain to mode 7
packets, support for which was completely removed before NTPsec's
first beta. CVE-2015-7976 is a feature request to restrict the format
of filenames used in saveconfig commands. Saveconfig support is
disabled at compile time in NTPsec and will not be re-enabled without
much more extensive hardening.

Other fixes:

Coverity found a slow memory leak in the asynchronous-DNS code.

== 2015-11-16: 0.9.0 ==

Initial NTPsec beta release.

* Canonical forge for git clones and issue tracking is
  https://gitlab.com/NTPsec/ntpsec

* The documentation has been extensively updated and revised.  One
  important change is that manual pages are now generated from the
  same masters as this web documentation, so the two will no longer
  drift out of synchronization.

* Internally, there is more consistent use of nanosecond precision.
  A visible effect of this is that time stepping with sufficiently
  high-precision time sources could be accurate down to nanoseconds
  rather than microseconds; this might actually matter for GPSDOs
  and high-quality radio clocks.

* The deprecated 'ntpdc' utility, long since replaced by 'ntpq', has
  been removed.

* The 'ntpsnmpd' daemon, incomplete and not conformant with RFC 5907,
  has been removed.

* A number of obsolete refclocks have been removed.

* The 'sntp' program has been renamed 'ntpdig' in order to make
  NTP installables have a uniform name prefix and take up less
  namespace. Also, ntp-keygen is now 'ntpkeygen', ntp-wait
  is 'ntpwait', and update-leap is now 'ntpleapfetch'.

* A new utility, 'ntpfrob', collects several small diagnostic functions
  for reading and tweaking the local clock hardware, including reading
  the clock tick rate, precision, and jitter. Part of it formerly
  traveled as 'tickadj'.

* The deprecated 'ntpdate' program has been replaced with a shell
  wrapper around 'ntpdig'.

* Log timestamps look a little different; they are now in ISO 8601 format.

* Autokey is not supported in this release.

== Bugfixes either ported from NTP Classic or fixed by NTPsec changes ==

These reflect fixes to NTP Classic between the 2015-06-06 fork point and
the 0.9.0 beta release.

* [Bug 2625] Deprecate flag1 in local refclock.  Hal Murray, Harlan Stenn.
* [Bug 2778] Implement "apeers"  ntpq command to include associd.
* [Bug 2823] ntpsweep with recursive peers option doesn't work.  H.Stenn.
* [Bug 2836] DCF77 patches from Frank Kardel to make decoding more
  robust, and require 2 consecutive timestamps to be consistent.
* [Bug 2845] Harden memory allocation in ntpd; implement and
  use 'eallocarray(...)' where appropriate.
* [Bug 2846] Report 'unsynchronized' status during the leap second.
* [Bug 2849] Systems with more than one default route may never
  synchronize.  Brian Utterback.  Note that this patch might need to
  be reverted once Bug 2043 has been fixed.
* [Bug 2855] Implement conditional leap smear feature; includes
  later fixes for parser support and reporting leap smear in the REFID.
* [Bug 2859] Improve raw DCF77 robustness decoding.  Frank Kardel.
* [Bug 2860] ntpq ifstats sanity check is too stringent.  Frank Kardel.
* [Bug 2866] segmentation fault at initgroups().  Harlan Stenn.
* [Bug 2867] ntpd with autokey active crashed by 'ntpq -crv'
* [Bug 2883] ntpd crashes on exit with empty driftfile.  Miroslav Lichvar.
* [Bug 2886] Misspelling: "outlyer" should be "outlier"
* [Bug 2890] Ignore ENOBUFS on routing netlink socket.  Konstantin Khlebnikov.
* [Bug 2901] Clients that receive a KoD should validate the origin
  timestamp field (CVE-2015-7704, CVE-2015-7705)
* [Bug 2902] configuration directives "pidfile" and "driftfile"
  should be local-only. (patch by Miroslav Lichvar) (CVE-2015-7703)
* [Bug 2909] Slow memory leak in CRYPTO_ASSOC (CVE-2015-7701)
* [Bug 2916] trusted key use-after-free (CVE-2015-7849)
* [Bug 2918] saveconfig Directory Traversal Vulnerability. (OpenVMS)
  (CVE-2015-7851)
* [Bug 2919] ntpq atoascii() potential memory corruption (CVE-2015-7852)
* [Bug 2920] Invalid length data provided by a custom refclock driver
  could cause a buffer overflow (CVE-2015-7853)
* [Bug 2921] Password Length Memory Corruption Vulnerability (CVE-2015-7854)
* [Bug 2922] decodenetnum() will ASSERT botch instead of returning
  FAIL on some bogus values (CVE-2015-7855)
* [Bug 2941] NAK to the Future: Symmetric association authentication
  bypass via crypto-NAK (CVE-2015-7871)

Additionally the NTPsec team is aware of the following vulnerabilities
impacting autokey: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702. NTPsec
does not support building with autokey support and therefore is not
exposed; the vulnerable code will not be fixed, but will be removed in
a future release.

NTPsec is not impacted by CVE-2015-7848 (mode 7 loop counter underrun)
because ntpdc and support for mode 7 packets have been removed.

== HISTORIC-NEWS ==

For older NEWS items, see the file devel/HISTORIC-NEWS.

// end