ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/external/subpack/net/chrony/files/chrony.conf b/external/subpack/net/chrony/files/chrony.conf
new file mode 100644
index 0000000..a4d24a7
--- /dev/null
+++ b/external/subpack/net/chrony/files/chrony.conf
@@ -0,0 +1,20 @@
+# Load UCI configuration
+confdir /var/etc/chrony.d
+
+# Load NTP servers from DHCP if enabled in UCI
+sourcedir /var/run/chrony-dhcp
+
+# Log clock errors above 0.5 seconds
+logchange 0.5
+
+# Don't log client accesses
+noclientlog
+
+# Mark the system clock as synchronized
+rtcsync
+
+# Record the clock's drift
+driftfile /var/run/chrony/drift
+
+# Save NTS keys and cookies
+ntsdumpdir /var/run/chrony
diff --git a/external/subpack/net/chrony/files/chrony.config b/external/subpack/net/chrony/files/chrony.config
new file mode 100644
index 0000000..7214ce4
--- /dev/null
+++ b/external/subpack/net/chrony/files/chrony.config
@@ -0,0 +1,19 @@
+config pool
+ option hostname '2.openwrt.pool.ntp.org'
+ option maxpoll '12'
+ option iburst 'yes'
+
+config dhcp_ntp_server
+ option iburst 'yes'
+ option disabled 'no'
+
+config allow
+ option interface 'lan'
+
+config makestep
+ option threshold '1.0'
+ option limit '3'
+
+config nts
+ option rtccheck 'yes'
+ option systemcerts 'yes'
diff --git a/external/subpack/net/chrony/files/chrony.hotplug b/external/subpack/net/chrony/files/chrony.hotplug
new file mode 100644
index 0000000..2083439
--- /dev/null
+++ b/external/subpack/net/chrony/files/chrony.hotplug
@@ -0,0 +1,46 @@
+#!/bin/sh
+# Set chronyd online/offline status, allow NTP access and add servers from DHCP
+
+SOURCEFILE="/var/run/chrony-dhcp/$INTERFACE.sources"
+
+run_command() {
+ /usr/bin/chronyc -n "$*" > /dev/null 2>&1
+}
+
+run_command onoffline
+
+if [ "$ACTION" = ifdown ] && [ -f "$SOURCEFILE" ]; then
+ rm -f "$SOURCEFILE"
+ run_command reload sources
+fi
+
+[ "$ACTION" = ifup ] || exit 0
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+. /etc/init.d/chronyd
+
+config_load chrony
+
+config_foreach handle_allow allow | while read command; do
+ run_command "$command"
+done
+
+# Add servers from DHCP only if the config has a dhcp_ntp_server section
+[ -z "$(config_foreach echo dhcp_ntp_server)" ] && exit 0
+
+. /usr/share/libubox/jshn.sh
+
+json_load "$(ifstatus "$INTERFACE")"
+json_select data
+json_get_var dhcp_ntp_servers ntpserver
+
+[ -z "$dhcp_ntp_servers" ] && exit 0
+
+mkdir -p "$(dirname "$SOURCEFILE")"
+
+for NTP_SOURCE_HOSTNAME in $dhcp_ntp_servers; do
+ config_foreach handle_source dhcp_ntp_server server
+done > "$SOURCEFILE"
+
+run_command reload sources
diff --git a/external/subpack/net/chrony/files/chronyd.init b/external/subpack/net/chrony/files/chronyd.init
new file mode 100644
index 0000000..a734d43
--- /dev/null
+++ b/external/subpack/net/chrony/files/chronyd.init
@@ -0,0 +1,93 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2006-2015 OpenWrt.org
+
+START=15
+USE_PROCD=1
+PROG=/usr/sbin/chronyd
+CONFIGFILE=/etc/chrony/chrony.conf
+INCLUDEFILE=/var/etc/chrony.d/10-uci.conf
+RTCDEVICE=/dev/rtc0
+
+handle_source() {
+ local cfg=$1 sourcetype=$2 disabled hostname minpoll maxpoll iburst nts
+
+ config_get_bool disabled "$cfg" disabled 0
+ [ "$disabled" = "1" ] && return
+ hostname=$NTP_SOURCE_HOSTNAME
+ [ -z "$hostname" ] && config_get hostname "$cfg" hostname
+ [ -z "$hostname" ] && return
+ config_get minpoll "$cfg" minpoll
+ config_get maxpoll "$cfg" maxpoll
+ config_get_bool iburst "$cfg" iburst 0
+ config_get_bool nts "$cfg" nts 0
+ echo $(
+ echo $sourcetype $hostname
+ [ -n "$minpoll" ] && echo minpoll $minpoll
+ [ -n "$maxpoll" ] && echo maxpoll $maxpoll
+ [ "$iburst" = "1" ] && echo iburst
+ [ "$nts" = "1" ] && echo nts
+ )
+}
+
+handle_allow() {
+ local cfg=$1 iface wan_iface wan6_iface subnet subnets subnets6
+
+ network_find_wan wan_iface true
+ network_find_wan6 wan6_iface true
+ config_get iface "$cfg" interface
+
+ if [ "$wan_iface" = "$iface" ]; then
+ echo allow 0/0
+ elif [ "$wan6_iface" = "$iface" ]; then
+ echo allow ::/0
+ else
+ network_get_subnets subnets $iface
+ network_get_subnets6 subnets6 $iface
+ for subnet in $subnets $subnets6; do
+ echo allow $subnet
+ done
+ fi
+}
+
+handle_makestep() {
+ local cfg=$1 threshold limit
+
+ config_get threshold "$cfg" threshold
+ config_get limit "$cfg" limit
+ [ -z "$threshold" -o -z "$limit" ] && return
+ echo makestep $threshold $limit
+}
+
+handle_nts() {
+ local cfg=$1 threshold limit
+
+ config_get_bool rtccheck "$cfg" rtccheck 0
+ config_get_bool systemcerts "$cfg" systemcerts 1
+ config_get trustedcerts "$cfg" trustedcerts
+ # Disable certificate time checks if no RTC is present
+ [ "$rtccheck" = "1" ] && ! [ -c $RTCDEVICE ] && echo nocerttimecheck 1
+ [ "$systemcerts" = "0" ] && echo nosystemcert
+ [ -n "$trustedcerts" ] && echo ntstrustedcerts "$trustedcerts"
+}
+
+start_service() {
+ . /lib/functions/network.sh
+
+ procd_open_instance
+ procd_set_param command $PROG -n
+ procd_set_param file $CONFIGFILE
+ procd_set_param file $INCLUDEFILE
+ procd_close_instance
+
+ config_load chrony
+ mkdir -p $(dirname $INCLUDEFILE)
+
+ (
+ config_foreach handle_source server server
+ config_foreach handle_source pool pool
+ config_foreach handle_source peer peer
+ config_foreach handle_allow allow
+ config_foreach handle_makestep makestep
+ config_foreach handle_nts nts
+ ) > $INCLUDEFILE
+}