From owner-svn-src-all@freebsd.org  Sun Jun 24 14:15:33 2018
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 82306100139D
 for <svn-src-all@mailman.ysv.freebsd.org>;
 Sun, 24 Jun 2018 14:15:33 +0000 (UTC) (envelope-from ian@freebsd.org)
Received: from pmta2.delivery6.ore.mailhop.org
 (pmta2.delivery6.ore.mailhop.org [54.200.129.228])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0AA628B5F8
 for <svn-src-all@freebsd.org>; Sun, 24 Jun 2018 14:15:32 +0000 (UTC)
 (envelope-from ian@freebsd.org)
X-MHO-RoutePath: aGlwcGll
X-MHO-User: 09956ac5-77b9-11e8-b829-b3adae557cda
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 67.177.211.60
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from ilsoft.org (unknown [67.177.211.60])
 by outbound2.ore.mailhop.org (Halon) with ESMTPSA
 id 09956ac5-77b9-11e8-b829-b3adae557cda;
 Sun, 24 Jun 2018 14:15:25 +0000 (UTC)
Received: from rev (rev [172.22.42.240])
 by ilsoft.org (8.15.2/8.15.2) with ESMTP id w5OEFOBl093214;
 Sun, 24 Jun 2018 08:15:24 -0600 (MDT) (envelope-from ian@freebsd.org)
Message-ID: <1529849724.24573.59.camel@freebsd.org>
Subject: Re: svn commit: r335595 - head/etc
From: Ian Lepore <ian@freebsd.org>
To: Xin LI <delphij@gmail.com>
Cc: "src-committers@freebsd.org" <src-committers@freebsd.org>,
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>,
 "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Date: Sun, 24 Jun 2018 08:15:24 -0600
In-Reply-To: <CAGMYy3uwTnK_RC-HrJ1yX_3G94huR84FAmNNzg_sy5qd-FP6bg@mail.gmail.com>
References: <201806240329.w5O3T0kq033162@repo.freebsd.org>
 <CAGMYy3uwTnK_RC-HrJ1yX_3G94huR84FAmNNzg_sy5qd-FP6bg@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jun 2018 14:15:33 -0000

On Sat, 2018-06-23 at 21:24 -0700, Xin LI wrote:
> Oh thanks for that.  Is there a plan to MFC?

Yes, I plan to mfc to 10 and 11 after a short while.

-- Ian

> On Sat, Jun 23, 2018 at 8:29 PM Ian Lepore <ian@freebsd.org> wrote:
> > 
> > 
> > Author: ian
> > Date: Sun Jun 24 03:29:00 2018
> > New Revision: 335595
> > URL: https://svnweb.freebsd.org/changeset/base/335595
> > 
> > Log:
> >   Modernize usage of "restrict" keyword in ntp.conf
> > 
> >   It is no longer necessary to specify a -4/-6 flag on any ntp.conf
> >   keyword.  The address type is inferred from the address itself as
> >   necessary.  "restrict default" statements always apply to both
> > address
> >   families regardless of any -4/-6 flag that may be present.
> > 
> >   So this change just tidies up our default config by removing the
> > redundant
> >   restrict -6 statement and comment, and by removing the -6 flag
> > from the
> >   restrict keyword that allows access from localhost.
> > 
> >   This change was inspired by the patches provided in PRs 201803
> > and 210245,
> >   and included some contrib/ntp code inspection to verify that the
> > -4/-6
> >   keywords are basically no-ops in all contexts now.
> > 
> >   PR:           201803 210245
> >   Differential Revision:        https://reviews.freebsd.org/D15974
> > 
> > Modified:
> >   head/etc/ntp.conf
> > 
> > Modified: head/etc/ntp.conf
> > ===================================================================
> > ===========
> > --- head/etc/ntp.conf   Sat Jun 23 23:44:36 2018        (r335594)
> > +++ head/etc/ntp.conf   Sun Jun 24 03:29:00 2018        (r335595)
> > @@ -62,15 +62,13 @@ pool 0.freebsd.pool.ntp.org iburst
> >  # See http://support.ntp.org/bin/view/Support/AccessRestrictions
> >  # for more information.
> >  #
> > -restrict    default limited kod nomodify notrap noquery nopeer
> > -restrict -6 default limited kod nomodify notrap noquery nopeer
> > -restrict    source  limited kod nomodify notrap noquery
> > +restrict default limited kod nomodify notrap noquery nopeer
> > +restrict source  limited kod nomodify notrap noquery
> > 
> >  #
> >  # Alternatively, the following rules would block all unauthorized
> > access.
> >  #
> >  #restrict default ignore
> > -#restrict -6 default ignore
> >  #
> >  # In this case, all remote NTP time servers also need to be
> > explicitly
> >  # allowed or they would not be able to exchange time information
> > with
> > @@ -85,7 +83,7 @@ restrict    source  limited kod nomodify notrap
> > noquer
> >  #
> >  # The following settings allow unrestricted access from the
> > localhost
> >  restrict 127.0.0.1
> > -restrict -6 ::1
> > +restrict ::1
> > 
> >  #
> >  # If a server loses sync with all upstream servers, NTP clients
> >