From nobody Fri Jul 19 19:31:52 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WQfvB073gz5QCpS for ; Fri, 19 Jul 2024 19:32:06 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WQfv944RFz4H5D for ; Fri, 19 Jul 2024 19:32:05 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-pl1-x630.google.com with SMTP id d9443c01a7336-1fa9ecfb321so18785025ad.0 for ; Fri, 19 Jul 2024 12:32:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1721417524; x=1722022324; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Mxf0zR/wNtg0SCPP5PJMEvxqy/dFOVQdJqMvlWz34is=; b=cFJGDFa3g29nWFmvNb8aIqsrlE4fqG8b7URTgdIxHoRO6JzHwbYkxWORuajb2SrNvf l5Vqf0OBzeyW8aeMk26FBxnYnQNaK876J+tWEB1dvjSoRpUwZQlUS8MGDF6l/pmqv/t0 vbduQPawJTflvAqRkXoEQAbY2dPbqZ125pjQ2Au8MgcElpx/V1RFUyIKG1Pa+teVW2N+ r/u2z0veUaDIvJSWUiGeVneJqxzJvwtWWV6Q/FzYxheTvWGIJQDpwJDQaXEoDpUy6Zt2 XZqnLmhF1CkZiWRaPJIONYEh8XroV+W4Vl3ZibuuHpDBxGVfw620hUaY6t1mK7CiuagC K2hQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721417524; x=1722022324; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Mxf0zR/wNtg0SCPP5PJMEvxqy/dFOVQdJqMvlWz34is=; b=RX92mvksN4B4jtATACCppb4psMHr8He1SBcrjv20lSkBzVNVgtqBPyYxxk+mcfIstx zlHo8CNWgnHYi7kUgvzLNJwioHHJwn1Y1EGLOZbTsbizWE2tYXWBmJ+4CBqLznBRtbK0 g7CFpdH7ONFZGgq/rszod4FUDfyBMeqc/YUAxrqHRWkuSdhzj+nrspUyhX9BS2k1pIsB s1r4mawdpHI+OpdiKBsSkU83zfVDru7vMCVhdaEc8SpLhO97cyoPQL/WyZ+M+C0YgRS7 pfY1CBSx8LWCU6rmawpC+EK1ki3nUiwfcC43plI2JJWEJo9q8pwwqM8/iKbKrluksAOp lNIA== X-Forwarded-Encrypted: i=1; AJvYcCVzA44PeTm4GTk9X8fmkS/S5dut43mF9iuw0ylC39quWsCbE8d0MgVhcaxNSSgqtW1obyei6nHUYNDM17wqn2rrB1HhLFPVartyikhHbv2l X-Gm-Message-State: AOJu0YxhO9UpeoNbV13tvY9zasxNKR49QxuxDapOy0aDXCjz1c2FRArB VZTksTDPYVjKyTI/QCitXjiqZSEsYo3g2OnyKhAKyL7OThR9ROWuofo+D3kOQm3e14i4Ut/II2t EKJkX1PjPX7/wJlVR6ma5ElasHqXd+cYrns5jaA== X-Google-Smtp-Source: AGHT+IE6+3ZI3kzbqoYtlVbFpPzPCR481KhqAOJQChLyWZ+sJplqWVT7jH86tyCGCiPZ4SAgoasC84KxiL/5elYwaXI= X-Received: by 2002:a17:90b:23d2:b0:2c9:7cc8:8e33 with SMTP id 98e67ed59e1d1-2cb52691feamr7610299a91.13.1721417523621; Fri, 19 Jul 2024 12:32:03 -0700 (PDT) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 References: <202407191825.46JIPS14063151@gitrepo.freebsd.org> In-Reply-To: <202407191825.46JIPS14063151@gitrepo.freebsd.org> From: Warner Losh Date: Fri, 19 Jul 2024 13:31:52 -0600 Message-ID: Subject: Re: git: 66f360515d28 - main - rc.conf: Leap-seconds sources: Add IANA back To: Cy Schubert Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: multipart/alternative; boundary="000000000000018cd9061d9ec017" X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Queue-Id: 4WQfv944RFz4H5D --000000000000018cd9061d9ec017 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable There's risk to our IPv6 folks if we MFC this. This file is the old one still (and it took them 6 weeks to get the last one updated past its expiration date). The IERS one is up to date, expires Jun 2025. The IANA has a december expiration date finally, though we leared 3 weeks ago there's no leap in December, so that's why the IERS one was updated. So this is better than nothing, but we're setting ourselves up for a problem this December / January.... The last time this issue came up, I was kinda opposed to FreeBSD running this since IERS did. However, I either didn't know at the time, or didn't appreciate at the time the lack of IPv6 for this data source would be a problem. Since we have no other reliable source, maybe we need to stand up a FreeBSD mirror after all. So this is better than nothing, but we may need to do more. Warner On Fri, Jul 19, 2024 at 12:25=E2=80=AFPM Cy Schubert wrote= : > The branch main has been updated by cy: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=3D66f360515d2829d261c0ad7bd516e9d= d18c2dd83 > > commit 66f360515d2829d261c0ad7bd516e9dd18c2dd83 > Author: Cy Schubert > AuthorDate: 2024-07-19 18:04:43 +0000 > Commit: Cy Schubert > CommitDate: 2024-07-19 18:24:31 +0000 > > rc.conf: Leap-seconds sources: Add IANA back > > 11da791920ba switched Leap-seconds source from IANA to IERS, as IERS > is the canonoical source. The problem ist that IERS is not accessible > from IPv6 only networks. To work around this we must add IANA back in > order to provide IPv6-only users a source for leap-seconds fetch. > > PR: 279413 > Fixes: 11da791920ba > MFC after: 3 days > --- > libexec/rc/rc.conf | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf > index 1ee1573bbdba..583d4fd2970e 100644 > --- a/libexec/rc/rc.conf > +++ b/libexec/rc/rc.conf > @@ -420,7 +420,7 @@ ntp_src_leapfile=3D"/etc/ntp/leap-seconds" > # Initial source for ntpd leapfile > ntp_db_leapfile=3D"/var/db/ntpd.leap-seconds.list" > # Canonical place to get the leap seconds > from > -ntp_leapfile_sources=3D" > https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list" > +ntp_leapfile_sources=3D" > https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list > https://data.iana.org/time-zones/tzdb/leap-seconds.list" > # Source from which to fetch leapfile > ntp_leapfile_fetch_opts=3D"-mq" # Options to use for ntp leapfile fetch= , > # e.g. --no-verify-peer > --000000000000018cd9061d9ec017 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
There's risk to our IPv6 folks=C2=A0if we MFC thi= s. This file is the old one still (and it took them 6 weeks to get the last= one updated past its expiration date).

The IERS o= ne is up to date, expires Jun 2025. The IANA has a december expiration date= finally, though we leared 3 weeks ago there's no leap in December, so = that's why the IERS one was updated.

So this i= s better than nothing, but we're setting ourselves up for a problem thi= s December / January....

The last time this issue = came up, I was kinda opposed to FreeBSD running this since IERS did. Howeve= r, I either didn't know at the time, or didn't appreciate at the ti= me the lack of IPv6 for this data source would be a problem. Since we have = no other reliable source, maybe we need to stand up a FreeBSD mirror after = all.

So this is better than nothing, but we may ne= ed to do more.

Warner

On Fri, Jul 19, 2024 at= 12:25=E2=80=AFPM Cy Schubert <cy@free= bsd.org> wrote:
The branch main has been updated by cy:

URL: https://cgit.= FreeBSD.org/src/commit/?id=3D66f360515d2829d261c0ad7bd516e9dd18c2dd83
commit 66f360515d2829d261c0ad7bd516e9dd18c2dd83
Author:=C2=A0 =C2=A0 =C2=A0Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2024-07-19 18:04:43 +0000
Commit:=C2=A0 =C2=A0 =C2=A0Cy Schubert <cy@FreeBSD.org>
CommitDate: 2024-07-19 18:24:31 +0000

=C2=A0 =C2=A0 rc.conf: Leap-seconds sources: Add IANA back

=C2=A0 =C2=A0 11da791920ba switched Leap-seconds source from IANA to IERS, = as IERS
=C2=A0 =C2=A0 is the canonoical source. The problem ist that IERS is not ac= cessible
=C2=A0 =C2=A0 from IPv6 only networks. To work around this we must add IANA= back in
=C2=A0 =C2=A0 order to provide IPv6-only users a source for leap-seconds fe= tch.

=C2=A0 =C2=A0 PR:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0279413
=C2=A0 =C2=A0 Fixes:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 11da791920ba
=C2=A0 =C2=A0 MFC after:=C2=A0 =C2=A0 =C2=A0 3 days
---
=C2=A0libexec/rc/rc.conf | 2 +-
=C2=A01 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index 1ee1573bbdba..583d4fd2970e 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -420,7 +420,7 @@ ntp_src_leapfile=3D"/etc/ntp/leap-seconds" =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # Initial source for ntpd leapfile =C2=A0ntp_db_leapfile=3D"/var/db/ntpd.leap-seconds.list"
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # Canonical place to get the leap se= conds from
-ntp_leapfile_sources=3D"https://hpi= ers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list"
+ntp_leapfile_sources=3D"https://hpi= ers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list https://data.iana.org/time-zones/tzdb/leap-seconds.list" =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # Source from which to fetch leapfil= e
=C2=A0ntp_leapfile_fetch_opts=3D"-mq"=C2=A0 # Options to use for = ntp leapfile fetch,
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 # e.g. --no-verify-peer
--000000000000018cd9061d9ec017--