Fixed

• Fixed mistake in the calculation of root dispersion used in serving and observability.

Added

• Support draft versions of NTPv5 with configuration changes.
• Allow disabling ntp versions in the server.

Changed

• NTPv5 draft support now targets draft 4.
• Time jumps now emit warnings.
• Updated dependencies.

Fixed

• Fixed a crash in force-sync when using many servers.
• Fixed root dispersion of the server not properly updating over time.
• Fixed a bug in handling unsigned ntp deny messages.

This releases fixes two related low severity vulnerabilities in our NTS cookie parsing, please see the related advisory.

Added

• Support for PPS based sources (this support can be disabled with a compile flag for now)
• Per source configuration of poll intervals
• Allow setting a custom reference id for stratum 1 servers

Changed

• Our algorithm can now handle periodic sources
• ntpd-rs runs single-threaded when only configured as a client, servers still run multithreaded
• The reference timestamp field is now set to the truncated receive timestamp instead of being zero
• Support of rustls 0.21 and 0.22 is removed
• Certificate validation is now done through rustls-platform-verifier, following platform certificate validation more closely
• Updated dependencies

Fixed

• Fixed parsing of IPv6 addresses
• Fixed incorrect display of date in force-sync command
• Fixed a client denial of service vulnerability with zero-sized NTS cookies
• Fixed a client denial of service vulnerability with NTS cookies that are too large

Added

• Support for GPS based sources via a GPSd socket
• Added a setting to allow disabling of colors in our logs (observability.ansi-colors)

Changed

• Fallback to V4 should V5 not work for some reason (if NTPv5 is enabled)
• Make the NTP version of a source configurable
• We now support rustls from 0.21 and up, to allow compilation on more targets

Fixed

• Force sync did not work when a single source was configured
• Fix incorrect indexing in decode of ReferenceIdRequest for NTPv5 messages

Changed

• Updated dependencies. Includes fixes for RUSTSEC-2024-0399.

Added

• Added force-sync command to ntp-ctl to help with getting a decent initial time if the clock is far away from reality.
• Added information on NTS to the ntp-ctl status overview.

Changed

• Made the logs a little less chatty
• Updated dependencies

Fixed

• On startup, if the clock needed a jump to get in line, this could cause oscillations.

Fixed

• Metrics exporter should wait for an actual request before sending a response

Changed

• Updated dependencies

Fixed

• Fixed a bug in network change detection that prevented startup on FreeBSD.
• Fixed a bug in leap second flag handling where previous flags weren't explicitly unset.
• Fixed a bug that caused NTS-KE sessions from clients with a large request to hang.
• Fixed a bug that caused NTS-KE error records never to be sent.

Note: An error was made during the build of this release that means it was built on an older commit than intended. This release is kept for posterity, but is likely not what you are looking for.

Changed

• Updated dependencies

Fixed

• Fixed a bug in network change detection that prevented startup on FreeBSD
• Fixed a bug in leap second flag handling where previous flags weren't explicitly unset.

Added

• Pool mode sources can be set up to ignore some addresses returned by the pool
• NTP sources use a random client port for every request sent
• The metrics exporter will keep trying to startup while its network interface is not yet available
• Added option for server to only respond to NTS messages.

Changed

• Updated dependencies
• ntp-udp and ntp-os-clock were replaced by timestamped-socket and clock-steering
• Minor improvements to NTS keyset storage errors
• Loop detection is handled globally instead of per source
• The MSRV was raised to 1.70
• The metrics exporter is better able to handle multiple simultaneous connections
• Pendulum is now part of Trifecta Tech Foundation (copyright was updated)
• Large parts of the daemon code have been refactored to simplify the code

Fixed

• Metrics would not synchronize if the metrics data was too large
• ntpd-rs would ignore responses from servers implementing NTPv3