diff options
| author | Vincent Blut <vincent.debian@free.fr> | 2016-02-09 01:20:01 +0100 |
|---|---|---|
| committer | Vincent Blut <vincent.debian@free.fr> | 2016-02-09 01:20:01 +0100 |
| commit | 7ec69159b0384aa0167c4f20d374ebbf37b96916 (patch) | |
| tree | 34fdaa612e9734dfd3cad2d4bd5bd391ba4a2c39 | |
| parent | 5f57308e2b565c300d66cfc2325f2d0da829b0d3 (diff) | |
Imported Upstream version 2.2.1
| -rw-r--r-- | FAQ | 2 | ||||
| -rw-r--r-- | INSTALL | 53 | ||||
| -rw-r--r-- | NEWS | 7 | ||||
| -rw-r--r-- | chrony.conf.5.in | 2 | ||||
| -rw-r--r-- | chrony.texi.in | 3 | ||||
| -rw-r--r-- | chronyc.1.in | 2 | ||||
| -rw-r--r-- | chronyd.8.in | 2 | ||||
| -rw-r--r-- | examples/chrony.spec | 2 | ||||
| -rw-r--r-- | getdate.c | 106 | ||||
| -rw-r--r-- | ntp_core.c | 14 | ||||
| -rwxr-xr-x | test/simulation/105-ntpauth | 20 | ||||
| -rw-r--r-- | test/simulation/test.common | 10 | ||||
| -rw-r--r-- | version.txt | 2 |
13 files changed, 132 insertions, 93 deletions
@@ -375,7 +375,7 @@ contribute it back to the project. __________________________________________________________________ - Last updated 2015-10-19 11:18:37 CEST + Last updated 2016-01-18 17:37:21 CET References @@ -3,73 +3,73 @@ The source code is supplied in the form of a gzipped tar file, which unpacks to a subdirectory identifying the name and version of the program. - After unpacking the source code, change directory into it, and type +After unpacking the source code, change directory into it, and type ./configure - This is a shell script that automatically determines the system type. +This is a shell script that automatically determines the system type. There is a single optional parameter, '--prefix' which indicates the directory tree where the software should be installed. For example, ./configure --prefix=/opt/free - will install the 'chronyd' daemon into /opt/free/sbin and the -'chronyc' control program into /opt/free/bin. The default value for the -prefix is /usr/local. +will install the 'chronyd' daemon into /opt/free/sbin and the 'chronyc' +control program into /opt/free/bin. The default value for the prefix is +/usr/local. - The configure script assumes you want to use gcc as your compiler. -If you want to use a different compiler, you can configure this way: +The configure script assumes you want to use gcc as your compiler. If +you want to use a different compiler, you can configure this way: CC=cc CFLAGS=-O ./configure --prefix=/opt/free - for Bourne-family shells, or +for Bourne-family shells, or setenv CC cc setenv CFLAGS -O ./configure --prefix=/opt/free - for C-family shells. +for C-family shells. - If the software cannot (yet) be built on your system, an error -message will be shown. Otherwise, 'Makefile' will be generated. +If the software cannot (yet) be built on your system, an error message +will be shown. Otherwise, 'Makefile' will be generated. - If editline or readline library is available, chronyc will be built -with line editing support. If you don't want this, specify the +If editline or readline library is available, chronyc will be built with +line editing support. If you don't want this, specify the -disable-readline flag to configure. Please refer to *note line editing support:: for more information. - If a 'timepps.h' header is available (e.g. from the LinuxPPS project +If a 'timepps.h' header is available (e.g. from the LinuxPPS project (http://linuxpps.org/)), 'chronyd' will be built with PPS API reference clock driver. If the header is installed in a location that isn't normally searched by the compiler, you can add it to the searched locations by setting 'CPPFLAGS' variable to '-I/path/to/timepps'. - Now type +Now type make - to build the programs. +to build the programs. - If you want to build the manual in plain text, HTML and info -versions, type +If you want to build the manual in plain text, HTML and info versions, +type make docs - Once the programs have been successfully compiled, they need to be +Once the programs have been successfully compiled, they need to be installed in their target locations. This step normally needs to be performed by the superuser, and requires the following command to be entered. make install - This will install the binaries and manpages. +This will install the binaries and manpages. - To install the plain text, HTML and info versions of the manual, -enter the command +To install the plain text, HTML and info versions of the manual, enter +the command make install-docs - If you want chrony to appear in the top level info directory listing, +If you want chrony to appear in the top level info directory listing, you need to run the 'install-info' command manually after this step. 'install-info' takes 2 arguments. The first is the path to the 'chrony.info' file you have just installed. This will be the argument @@ -80,8 +80,8 @@ location of the file called 'dir'. This will typically be install-info /usr/local/share/info/chrony.info /usr/share/info/dir - Now that the software is successfully installed, the next step is to -set up a configuration file. The default location of the file is +Now that the software is successfully installed, the next step is to set +up a configuration file. The default location of the file is '/etc/chrony.conf'. Several examples of configuration with comments are included in the examples directory. Suppose you want to use public NTP servers from the pool.ntp.org project as your time reference. A minimal @@ -91,5 +91,4 @@ useful configuration file could be makestep 1.0 3 rtcsync - Then, 'chronyd' can be run. - +Then, 'chronyd' can be run. @@ -1,3 +1,10 @@ +New in version 2.2.1 +==================== + +Security fixes +-------------- +* Restrict authentication of NTP server/peer to specified key (CVE-2016-1567) + New in version 2.2 ================== diff --git a/chrony.conf.5.in b/chrony.conf.5.in index 4432816..0ad8ad6 100644 --- a/chrony.conf.5.in +++ b/chrony.conf.5.in @@ -1,4 +1,4 @@ -.TH chrony.conf 5 "October 2015" "chrony 2.2" "Configuration Files" +.TH chrony.conf 5 "January 2016" "chrony 2.2.1" "Configuration Files" .SH NAME chrony.conf \- chronyd configuration file diff --git a/chrony.texi.in b/chrony.texi.in index b56fb81..25f807b 100644 --- a/chrony.texi.in +++ b/chrony.texi.in @@ -2508,6 +2508,9 @@ The syntax of this directive is identical to that for the @code{server} directive (@pxref{server directive}), except that it is used to specify an NTP peer rather than an NTP server. +When a key is specified by the @code{key} option to enable authentication, both +peers must be configured to use the same key and the same key number. + Please note that NTP peers that are not configured with a key to enable authentication are vulnerable to a denial-of-service attack. An attacker knowing that NTP hosts A and B are peering with each other can send a packet diff --git a/chronyc.1.in b/chronyc.1.in index df8ca9f..daf362c 100644 --- a/chronyc.1.in +++ b/chronyc.1.in @@ -1,4 +1,4 @@ -.TH CHRONYC 1 "October 2015" "chrony 2.2" "User's Manual" +.TH CHRONYC 1 "January 2016" "chrony 2.2.1" "User's Manual" .SH NAME chronyc \- command-line interface for chronyd diff --git a/chronyd.8.in b/chronyd.8.in index 22edec7..144d5e7 100644 --- a/chronyd.8.in +++ b/chronyd.8.in @@ -1,4 +1,4 @@ -.TH CHRONYD 8 "October 2015" "chrony 2.2" "System Administration" +.TH CHRONYD 8 "January 2016" "chrony 2.2.1" "System Administration" .SH NAME chronyd \- chrony background daemon diff --git a/examples/chrony.spec b/examples/chrony.spec index d8f9e31..fd164c9 100644 --- a/examples/chrony.spec +++ b/examples/chrony.spec @@ -1,4 +1,4 @@ -%global chrony_version 2.2 +%global chrony_version 2.2.1 %if 0%(echo %{chrony_version} | grep -q pre && echo 1) %global prerelease %(echo %{chrony_version} | sed 's/.*-//') %endif @@ -1,8 +1,8 @@ -/* A Bison parser, made by GNU Bison 3.0.2. */ +/* A Bison parser, made by GNU Bison 3.0.4. */ /* Bison implementation for Yacc-like parsers in C - Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc. + Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -44,7 +44,7 @@ #define YYBISON 1 /* Bison version. */ -#define YYBISON_VERSION "3.0.2" +#define YYBISON_VERSION "3.0.4" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" @@ -288,7 +288,7 @@ extern int yydebug; /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED -typedef union YYSTYPE YYSTYPE; + union YYSTYPE { #line 177 "getdate.y" /* yacc.c:355 */ @@ -298,6 +298,8 @@ union YYSTYPE #line 300 "getdate.c" /* yacc.c:355 */ }; + +typedef union YYSTYPE YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define YYSTYPE_IS_DECLARED 1 #endif @@ -311,7 +313,7 @@ int yyparse (void); /* Copy the second part of user declarations. */ -#line 315 "getdate.c" /* yacc.c:358 */ +#line 317 "getdate.c" /* yacc.c:358 */ #ifdef short # undef short @@ -1430,7 +1432,7 @@ yyreduce: { yyHaveTime++; } -#line 1434 "getdate.c" /* yacc.c:1646 */ +#line 1436 "getdate.c" /* yacc.c:1646 */ break; case 5: @@ -1438,7 +1440,7 @@ yyreduce: { yyHaveZone++; } -#line 1442 "getdate.c" /* yacc.c:1646 */ +#line 1444 "getdate.c" /* yacc.c:1646 */ break; case 6: @@ -1446,7 +1448,7 @@ yyreduce: { yyHaveDate++; } -#line 1450 "getdate.c" /* yacc.c:1646 */ +#line 1452 "getdate.c" /* yacc.c:1646 */ break; case 7: @@ -1454,7 +1456,7 @@ yyreduce: { yyHaveDay++; } -#line 1458 "getdate.c" /* yacc.c:1646 */ +#line 1460 "getdate.c" /* yacc.c:1646 */ break; case 8: @@ -1462,7 +1464,7 @@ yyreduce: { yyHaveRel++; } -#line 1466 "getdate.c" /* yacc.c:1646 */ +#line 1468 "getdate.c" /* yacc.c:1646 */ break; case 10: @@ -1473,7 +1475,7 @@ yyreduce: yySeconds = 0; yyMeridian = (yyvsp[0].Meridian); } -#line 1477 "getdate.c" /* yacc.c:1646 */ +#line 1479 "getdate.c" /* yacc.c:1646 */ break; case 11: @@ -1484,7 +1486,7 @@ yyreduce: yySeconds = 0; yyMeridian = (yyvsp[0].Meridian); } -#line 1488 "getdate.c" /* yacc.c:1646 */ +#line 1490 "getdate.c" /* yacc.c:1646 */ break; case 12: @@ -1498,7 +1500,7 @@ yyreduce: ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); } -#line 1502 "getdate.c" /* yacc.c:1646 */ +#line 1504 "getdate.c" /* yacc.c:1646 */ break; case 13: @@ -1509,7 +1511,7 @@ yyreduce: yySeconds = (yyvsp[-1].Number); yyMeridian = (yyvsp[0].Meridian); } -#line 1513 "getdate.c" /* yacc.c:1646 */ +#line 1515 "getdate.c" /* yacc.c:1646 */ break; case 14: @@ -1524,7 +1526,7 @@ yyreduce: ? -(yyvsp[0].Number) % 100 + (-(yyvsp[0].Number) / 100) * 60 : - ((yyvsp[0].Number) % 100 + ((yyvsp[0].Number) / 100) * 60)); } -#line 1528 "getdate.c" /* yacc.c:1646 */ +#line 1530 "getdate.c" /* yacc.c:1646 */ break; case 15: @@ -1532,7 +1534,7 @@ yyreduce: { yyTimezone = (yyvsp[0].Number); } -#line 1536 "getdate.c" /* yacc.c:1646 */ +#line 1538 "getdate.c" /* yacc.c:1646 */ break; case 16: @@ -1540,7 +1542,7 @@ yyreduce: { yyTimezone = (yyvsp[0].Number) - 60; } -#line 1544 "getdate.c" /* yacc.c:1646 */ +#line 1546 "getdate.c" /* yacc.c:1646 */ break; case 17: @@ -1548,7 +1550,7 @@ yyreduce: { yyTimezone = (yyvsp[-1].Number) - 60; } -#line 1552 "getdate.c" /* yacc.c:1646 */ +#line 1554 "getdate.c" /* yacc.c:1646 */ break; case 18: @@ -1557,7 +1559,7 @@ yyreduce: yyDayOrdinal = 1; yyDayNumber = (yyvsp[0].Number); } -#line 1561 "getdate.c" /* yacc.c:1646 */ +#line 1563 "getdate.c" /* yacc.c:1646 */ break; case 19: @@ -1566,7 +1568,7 @@ yyreduce: yyDayOrdinal = 1; yyDayNumber = (yyvsp[-1].Number); } -#line 1570 "getdate.c" /* yacc.c:1646 */ +#line 1572 "getdate.c" /* yacc.c:1646 */ break; case 20: @@ -1575,7 +1577,7 @@ yyreduce: yyDayOrdinal = (yyvsp[-1].Number); yyDayNumber = (yyvsp[0].Number); } -#line 1579 "getdate.c" /* yacc.c:1646 */ +#line 1581 "getdate.c" /* yacc.c:1646 */ break; case 21: @@ -1584,7 +1586,7 @@ yyreduce: yyMonth = (yyvsp[-2].Number); yyDay = (yyvsp[0].Number); } -#line 1588 "getdate.c" /* yacc.c:1646 */ +#line 1590 "getdate.c" /* yacc.c:1646 */ break; case 22: @@ -1607,7 +1609,7 @@ yyreduce: yyYear = (yyvsp[0].Number); } } -#line 1611 "getdate.c" /* yacc.c:1646 */ +#line 1613 "getdate.c" /* yacc.c:1646 */ break; case 23: @@ -1618,7 +1620,7 @@ yyreduce: yyMonth = -(yyvsp[-1].Number); yyDay = -(yyvsp[0].Number); } -#line 1622 "getdate.c" /* yacc.c:1646 */ +#line 1624 "getdate.c" /* yacc.c:1646 */ break; case 24: @@ -1629,7 +1631,7 @@ yyreduce: yyMonth = (yyvsp[-1].Number); yyYear = -(yyvsp[0].Number); } -#line 1633 "getdate.c" /* yacc.c:1646 */ +#line 1635 "getdate.c" /* yacc.c:1646 */ break; case 25: @@ -1638,7 +1640,7 @@ yyreduce: yyMonth = (yyvsp[-1].Number); yyDay = (yyvsp[0].Number); } -#line 1642 "getdate.c" /* yacc.c:1646 */ +#line 1644 "getdate.c" /* yacc.c:1646 */ break; case 26: @@ -1648,7 +1650,7 @@ yyreduce: yyDay = (yyvsp[-2].Number); yyYear = (yyvsp[0].Number); } -#line 1652 "getdate.c" /* yacc.c:1646 */ +#line 1654 "getdate.c" /* yacc.c:1646 */ break; case 27: @@ -1657,7 +1659,7 @@ yyreduce: yyMonth = (yyvsp[0].Number); yyDay = (yyvsp[-1].Number); } -#line 1661 "getdate.c" /* yacc.c:1646 */ +#line 1663 "getdate.c" /* yacc.c:1646 */ break; case 28: @@ -1667,7 +1669,7 @@ yyreduce: yyDay = (yyvsp[-2].Number); yyYear = (yyvsp[0].Number); } -#line 1671 "getdate.c" /* yacc.c:1646 */ +#line 1673 "getdate.c" /* yacc.c:1646 */ break; case 29: @@ -1680,7 +1682,7 @@ yyreduce: yyRelMonth = -yyRelMonth; yyRelYear = -yyRelYear; } -#line 1684 "getdate.c" /* yacc.c:1646 */ +#line 1686 "getdate.c" /* yacc.c:1646 */ break; case 31: @@ -1688,7 +1690,7 @@ yyreduce: { yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1692 "getdate.c" /* yacc.c:1646 */ +#line 1694 "getdate.c" /* yacc.c:1646 */ break; case 32: @@ -1696,7 +1698,7 @@ yyreduce: { yyRelYear += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1700 "getdate.c" /* yacc.c:1646 */ +#line 1702 "getdate.c" /* yacc.c:1646 */ break; case 33: @@ -1704,7 +1706,7 @@ yyreduce: { yyRelYear += (yyvsp[0].Number); } -#line 1708 "getdate.c" /* yacc.c:1646 */ +#line 1710 "getdate.c" /* yacc.c:1646 */ break; case 34: @@ -1712,7 +1714,7 @@ yyreduce: { yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1716 "getdate.c" /* yacc.c:1646 */ +#line 1718 "getdate.c" /* yacc.c:1646 */ break; case 35: @@ -1720,7 +1722,7 @@ yyreduce: { yyRelMonth += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1724 "getdate.c" /* yacc.c:1646 */ +#line 1726 "getdate.c" /* yacc.c:1646 */ break; case 36: @@ -1728,7 +1730,7 @@ yyreduce: { yyRelMonth += (yyvsp[0].Number); } -#line 1732 "getdate.c" /* yacc.c:1646 */ +#line 1734 "getdate.c" /* yacc.c:1646 */ break; case 37: @@ -1736,7 +1738,7 @@ yyreduce: { yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1740 "getdate.c" /* yacc.c:1646 */ +#line 1742 "getdate.c" /* yacc.c:1646 */ break; case 38: @@ -1744,7 +1746,7 @@ yyreduce: { yyRelDay += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1748 "getdate.c" /* yacc.c:1646 */ +#line 1750 "getdate.c" /* yacc.c:1646 */ break; case 39: @@ -1752,7 +1754,7 @@ yyreduce: { yyRelDay += (yyvsp[0].Number); } -#line 1756 "getdate.c" /* yacc.c:1646 */ +#line 1758 "getdate.c" /* yacc.c:1646 */ break; case 40: @@ -1760,7 +1762,7 @@ yyreduce: { yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1764 "getdate.c" /* yacc.c:1646 */ +#line 1766 "getdate.c" /* yacc.c:1646 */ break; case 41: @@ -1768,7 +1770,7 @@ yyreduce: { yyRelHour += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1772 "getdate.c" /* yacc.c:1646 */ +#line 1774 "getdate.c" /* yacc.c:1646 */ break; case 42: @@ -1776,7 +1778,7 @@ yyreduce: { yyRelHour += (yyvsp[0].Number); } -#line 1780 "getdate.c" /* yacc.c:1646 */ +#line 1782 "getdate.c" /* yacc.c:1646 */ break; case 43: @@ -1784,7 +1786,7 @@ yyreduce: { yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1788 "getdate.c" /* yacc.c:1646 */ +#line 1790 "getdate.c" /* yacc.c:1646 */ break; case 44: @@ -1792,7 +1794,7 @@ yyreduce: { yyRelMinutes += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1796 "getdate.c" /* yacc.c:1646 */ +#line 1798 "getdate.c" /* yacc.c:1646 */ break; case 45: @@ -1800,7 +1802,7 @@ yyreduce: { yyRelMinutes += (yyvsp[0].Number); } -#line 1804 "getdate.c" /* yacc.c:1646 */ +#line 1806 "getdate.c" /* yacc.c:1646 */ break; case 46: @@ -1808,7 +1810,7 @@ yyreduce: { yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1812 "getdate.c" /* yacc.c:1646 */ +#line 1814 "getdate.c" /* yacc.c:1646 */ break; case 47: @@ -1816,7 +1818,7 @@ yyreduce: { yyRelSeconds += (yyvsp[-1].Number) * (yyvsp[0].Number); } -#line 1820 "getdate.c" /* yacc.c:1646 */ +#line 1822 "getdate.c" /* yacc.c:1646 */ break; case 48: @@ -1824,7 +1826,7 @@ yyreduce: { yyRelSeconds += (yyvsp[0].Number); } -#line 1828 "getdate.c" /* yacc.c:1646 */ +#line 1830 "getdate.c" /* yacc.c:1646 */ break; case 49: @@ -1859,7 +1861,7 @@ yyreduce: } } } -#line 1863 "getdate.c" /* yacc.c:1646 */ +#line 1865 "getdate.c" /* yacc.c:1646 */ break; case 50: @@ -1867,7 +1869,7 @@ yyreduce: { (yyval.Meridian) = MER24; } -#line 1871 "getdate.c" /* yacc.c:1646 */ +#line 1873 "getdate.c" /* yacc.c:1646 */ break; case 51: @@ -1875,11 +1877,11 @@ yyreduce: { (yyval.Meridian) = (yyvsp[0].Meridian); } -#line 1879 "getdate.c" /* yacc.c:1646 */ +#line 1881 "getdate.c" /* yacc.c:1646 */ break; -#line 1883 "getdate.c" /* yacc.c:1646 */ +#line 1885 "getdate.c" /* yacc.c:1646 */ default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -1099,7 +1099,7 @@ static int receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Instance inst, NTP_Local_Address *local_addr, int length) { int pkt_leap; - uint32_t pkt_refid; + uint32_t pkt_refid, pkt_key_id; double pkt_root_delay; double pkt_root_dispersion; @@ -1190,11 +1190,13 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins function is called only for known sources. */ /* Test 5 checks for authentication failure. If we expect authenticated info - from this peer/server and the packet doesn't have it or the authentication - is bad, it's got to fail. If the peer or server sends us an authenticated - frame, but we're not bothered about whether he authenticates or not, just - ignore the test. */ - test5 = inst->do_auth ? check_packet_auth(message, length, NULL, NULL) : 1; + from this peer/server and the packet doesn't have it, the authentication + is bad, or it's authenticated with a different key than expected, it's got + to fail. If we don't expect the packet to be authenticated, just ignore + the test. */ + test5 = !inst->do_auth || + (check_packet_auth(message, length, NULL, &pkt_key_id) && + pkt_key_id == inst->auth_key_id); /* Test 6 checks for unsynchronised server */ test6 = pkt_leap != LEAP_Unsynchronised && diff --git a/test/simulation/105-ntpauth b/test/simulation/105-ntpauth index 66ea2a5..6968e08 100755 --- a/test/simulation/105-ntpauth +++ b/test/simulation/105-ntpauth @@ -39,4 +39,24 @@ check_chronyd_exit || test_fail # This check must fail as the client doesn't know the key check_sync && test_fail check_packet_interval || test_fail + +client_conf="keyfile tmp/keys" +clients=2 +peers=2 +max_sync_time=300 +base_delay="$default_base_delay (* -1 (equal 0.1 from 3) (equal 0.1 to 1))" +client_lpeer_options="key 1" +client_rpeer_options="key 1" + +run_test || test_fail +check_chronyd_exit || test_fail +check_sync || test_fail + +client_rpeer_options="key 2" + +run_test || test_fail +check_chronyd_exit || test_fail +# This check must fail as the peers are using different keys" +check_sync && test_fail + test_pass diff --git a/test/simulation/test.common b/test/simulation/test.common index 03476fd..fbde820 100644 --- a/test/simulation/test.common +++ b/test/simulation/test.common @@ -69,7 +69,11 @@ default_client_server_conf="" default_server_server_options="" default_client_server_options="" default_server_peer_options="" +default_server_lpeer_options="" +default_server_rpeer_options="" default_client_peer_options="" +default_client_lpeer_options="" +default_client_rpeer_options="" default_server_conf="" default_client_conf="" default_chronyc_conf="" @@ -189,7 +193,8 @@ get_chronyd_conf() { done for i in $(seq 1 $peers); do [ $i -eq $peer -o $i -gt $servers ] && continue - echo "peer 192.168.123.$[$servers * ($stratum - 1) + $i] $server_peer_options" + echo -n "peer 192.168.123.$[$servers * ($stratum - 1) + $i] $server_peer_options " + [ $i -lt $peer ] && echo "$server_lpeer_options" || echo "$server_rpeer_options" done echo "$server_conf" else @@ -202,7 +207,8 @@ get_chronyd_conf() { fi for i in $(seq 1 $peers); do [ $i -eq $peer -o $i -gt $clients ] && continue - echo "peer 192.168.123.$[$servers * ($stratum - 1) + $i] $client_peer_options" + echo -n "peer 192.168.123.$[$servers * ($stratum - 1) + $i] $client_peer_options " + [ $i -lt $peer ] && echo "$client_lpeer_options" || echo "$client_rpeer_options" done echo "$client_conf" fi diff --git a/version.txt b/version.txt index 8bbe6cf..c043eea 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -2.2 +2.2.1 |