From owner-freebsd-stable@freebsd.org Thu Aug 25 07:36:56 2016 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5F229BC33F0 for ; Thu, 25 Aug 2016 07:36:56 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0702A165C; Thu, 25 Aug 2016 07:36:55 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from spqr.komquats.com ([96.50.22.10]) by shaw.ca with SMTP id cpDNbXyZTXHJlcpDObU39u; Thu, 25 Aug 2016 01:36:49 -0600 X-Authority-Analysis: v=2.2 cv=Ffh1/926 c=1 sm=1 tr=0 a=jvE2nwUzI0ECrNeyr98KWA==:117 a=jvE2nwUzI0ECrNeyr98KWA==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=7z1cN_iqozsA:10 a=Xmgk0pk9AAAA:8 a=4oh0Co9YAAAA:8 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=6IFMsL_sn1Xtb98CyPoA:9 a=CjuIK1q_8ugA:10 a=7pooXsdeB5MEiP3-X_3Z:22 a=6Ic80tr7TKC5YoSk8s7Z:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 Received: from slippy.cwsent.com (slippy [10.1.1.91]) by spqr.komquats.com (Postfix) with ESMTPS id 505CC13753; Thu, 25 Aug 2016 00:36:41 -0700 (PDT) Received: from slippy (localhost [127.0.0.1]) by slippy.cwsent.com (8.15.2/8.15.2) with ESMTP id u7P7ae58001565; Thu, 25 Aug 2016 00:36:40 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <201608250736.u7P7ae58001565@slippy.cwsent.com> X-Mailer: exmh version 2.8.0 04/21/2012 with nmh-1.6 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Andreas Ott cc: Cy Schubert , Ian Lepore , Kevin Oberman , Randy Bush , FreeBSD Stable , Cy Schubert , pfg@freebsd.org, Xin Li Subject: Re: leapsecond file In-Reply-To: Message from Andreas Ott of "Thu, 25 Aug 2016 00:16:24 -0700." <20160825001624.H1223@naund.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 25 Aug 2016 00:36:40 -0700 X-CMAE-Envelope: MS4wfGl3V9UP7yh03+ota8810I5efQv/rbW/LqZvuWQQeBIBCQzqB8xDLCFtJIzKGL/QSJlwJ7Za0K7xByEW0dWU67MU43khD4otswPbcP/aIMyQ2DeVBDBk KIxCLiMdJwA1XhE2QooEG4nO5VRmPHcwzfO2V5Sb5sXmmoMsNX20tQpmowPvpJdeovB4qGwu8BkIL4anNQS9jhmS9S/xL2dqCzkwLoNgmtpiNSikKhQm+5aw eSy/U5lXUb2isiG3avOmqOt/Bb2JghU2Vd9kFtMqttUG0R9pJnsyDyKdLEDANgBCoJwDsyq6NentLBbKocMI29uquT0HJ4rQ9QiKU5ncQvQ3WvNRedgkNJzu ZUS4vZHRgVIJW8bcJJq07iYjyZlyJg== X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Aug 2016 07:36:56 -0000 In message <20160825001624.H1223@naund.org>, Andreas Ott writes: > Hi, > > On Wed, Aug 24, 2016 at 06:55:37PM -0700, Cy Schubert wrote: > > The file was obtained from USNO. Except for a $FreeBSD$ and a minor > > spelling fix that was brought forward from r298087, the file was not > > altered in any way. One of the problems is that the minor spelling fix > > invalidated the secure hash at the end of the file, ntpd ignores the file. > > r298087 needs to be reverted. (cc'd pfg@) I'll revert r298087. > > If I read the hash instructions towards the bottom of the file, you should > be good to fix typos or add $FreeBSD$ in a comment line, the only lines > that are hashed are the data and time stamps. Syslog shows that during the > last week the hash was considered OK on the file in 10.3-p7 with > $FreeBSD: releng/10.3/etc/ntp/leap-seconds 295461 2016-02-10 07:16:17Z cy $ > . > > 2016 Aug 18 18:26:07 [ntp.notice] mon leapsecond file ('/var/db/ntpd.leap-sec > onds.list'): good hash signature > 2016 Aug 18 18:26:07 [ntp.notice] mon leapsecond file ('/var/db/ntpd.leap-sec > onds.list'): loaded, expire=2016-06-01T00:00:00Z last=2015-07-01T00:00:00Z of > s=36 > 2016 Aug 18 18:26:07 [ntp.err] mon leapsecond file ('/var/db/ntpd.leap-second > s.list'): expired less than 79 days ago > 2016 Aug 18 18:26:07 [console.info] mon Aug 18 18:26:07 mon ntpd[584]: leapse > cond file ('/var/db/ntpd.leap-seconds.list'): expired less than 79 days ago The updated rc.d/ntpd will fix this. > > > I'll revert pfg's spelling fixup which I had brought forward and I'll need > > to remove $FreeBSD$ as well, validating the hash again. Additional code > > will need to be added to rc.d/ntpd to replace the copy in /var/db if > > $FreeBSD$ exists. > > Please check the hash instructions, I don't think it's needed to remove that. IMO it's better to use the virgin leap-seconds file anyway to avoid any confusion as to its authenticity. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.