d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge ^/head r294169 through r294598.

Browse Source
This commit is contained in:
Dimitry Andric 2016-01-22 20:41:56 +00:00
commit d9b9dae1a9
990 changed files with 65007 additions and 53984 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ObsoleteFiles.inc
View File

@ -122,9 +122,9 @@ OLD_DIRS+=usr/lib/clang/3.7.1/lib/freebsd
OLD_DIRS+=usr/lib/clang/3.7.1/lib
OLD_DIRS+=usr/lib/clang/3.7.1
# 20160116: Update mandoc to cvs snapshot 20160116
OLD_FILES+=/usr/share/mdocml/example.style.css
OLD_FILES+=/usr/share/mdocml/style.css
OLD_DIRS+=/usr/share/mdocml
OLD_FILES+=usr/share/mdocml/example.style.css
OLD_FILES+=usr/share/mdocml/style.css
OLD_DIRS+=usr/share/mdocml
# 20151225: new clang import which bumps version from 3.7.0 to 3.7.1.
OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/allocator_interface.h
OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/asan_interface.h

4
UPDATING
View File

@ -31,6 +31,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11.x IS SLOW:
disable the most expensive debugging functionality run
"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
20160119:
The NONE and HPN patches has been removed from OpenSSH. They are
still available in the security/openssh-portable port.
20160113:
With the addition of ypldap(8), a new _ypldap user is now required
during installworld. "mergemaster -p" can be used to add the user

29
bin/sh/options.c
View File

@ -74,6 +74,7 @@ static void options(int);
static void minus_o(char *, int);
static void setoption(int, int);
static void setoptionbyindex(int, int);
static void setparam(int, char **);
static int getopts(char *, char *, char **, char ***, char **);
@ -224,7 +225,7 @@ options(int cmdline)
end_options2:
if (!cmdline) {
if (*argptr == NULL)
setparam(argptr);
setparam(0, argptr);
return;
}
@ -318,22 +319,20 @@ setoption(int flag, int val)
* Set the shell parameters.
*/
void
setparam(char **argv)
static void
setparam(int argc, char **argv)
{
char **newparam;
char **ap;
int nparam;
for (nparam = 0 ; argv[nparam] ; nparam++);
ap = newparam = ckmalloc((nparam + 1) * sizeof *ap);
ap = newparam = ckmalloc((argc + 1) * sizeof *ap);
while (*argv) {
*ap++ = savestr(*argv++);
}
*ap = NULL;
freeparam(&shellparam);
shellparam.malloc = 1;
shellparam.nparam = nparam;
shellparam.nparam = argc;
shellparam.p = newparam;
shellparam.optp = NULL;
shellparam.reset = 1;
@ -371,8 +370,7 @@ freeparam(struct shparam *param)
int
shiftcmd(int argc, char **argv)
{
int n;
char **ap1, **ap2;
int i, n;
n = 1;
if (argc > 1)
@ -381,12 +379,11 @@ shiftcmd(int argc, char **argv)
return 1;
INTOFF;
shellparam.nparam -= n;
for (ap1 = shellparam.p ; --n >= 0 ; ap1++) {
if (shellparam.malloc)
ckfree(*ap1);
}
ap2 = shellparam.p;
while ((*ap2++ = *ap1++) != NULL);
if (shellparam.malloc)
for (i = 0; i < n; i++)
ckfree(shellparam.p[i]);
memmove(shellparam.p, shellparam.p + n,
(shellparam.nparam + 1) * sizeof(shellparam.p[0]));
shellparam.reset = 1;
INTON;
return 0;
@ -407,7 +404,7 @@ setcmd(int argc, char **argv)
options(0);
optschanged();
if (*argptr != NULL) {
setparam(argptr);
setparam(argc - (argptr - argv), argptr);
}
INTON;
return 0;

1
bin/sh/options.h
View File

@ -108,7 +108,6 @@ extern char *nextopt_optptr; /* used by nextopt */
void procargs(int, char **);
void optschanged(void);
void setparam(char **);
void freeparam(struct shparam *);
int nextopt(const char *);
void getoptsreset(const char *);

2
bin/sh/tests/builtins/Makefile
View File

@ -112,6 +112,8 @@ FILES+= local2.0
FILES+= local3.0
FILES+= local4.0
FILES+= local5.0
FILES+= local6.0
FILES+= local7.0
.if ${MK_NLS} != "no"
FILES+= locale1.0
.endif

10
bin/sh/tests/builtins/local6.0 Normal file
View File

@ -0,0 +1,10 @@
# $FreeBSD$
f() {
local x
readonly x=2
}
x=3
f
x=4
[ "$x" = 4 ]

10
bin/sh/tests/builtins/local7.0 Normal file
View File

@ -0,0 +1,10 @@
# $FreeBSD$
f() {
local x
readonly x=2
}
unset x
f
x=4
[ "$x" = 4 ]

1
bin/sh/var.c
View File

@ -802,6 +802,7 @@ poplocalvars(void)
ckfree(lvp->text);
optschanged();
} else if ((lvp->flags & (VUNSET|VSTRFIXED)) == VUNSET) {
vp->flags &= ~VREADONLY;
(void)unsetvar(vp->text);
} else {
islocalevar = (vp->flags | lvp->flags) & VEXPORT &&

13
contrib/bsnmp/snmp_mibII/mibII.c
View File

@ -443,6 +443,7 @@ mib_fetch_ifmib(struct mibif *ifp)
size_t len;
void *newmib;
struct ifmibdata oldmib = ifp->mib;
struct ifreq irr;
if (fetch_generic_mib(ifp, &oldmib) == -1)
return (-1);
@ -514,6 +515,18 @@ mib_fetch_ifmib(struct mibif *ifp)
}
out:
strncpy(irr.ifr_name, ifp->name, sizeof(irr.ifr_name));
irr.ifr_buffer.buffer = MIBIF_PRIV(ifp)->alias;
irr.ifr_buffer.length = sizeof(MIBIF_PRIV(ifp)->alias);
if (ioctl(mib_netsock, SIOCGIFDESCR, &irr) == -1) {
MIBIF_PRIV(ifp)->alias[0] = 0;
if (errno != ENOMSG)
syslog(LOG_WARNING, "SIOCGIFDESCR (%s): %m", ifp->name);
} else if (irr.ifr_buffer.buffer == NULL) {
MIBIF_PRIV(ifp)->alias[0] = 0;
syslog(LOG_WARNING, "SIOCGIFDESCR (%s): too long (%zu)",
ifp->name, irr.ifr_buffer.length);
}
ifp->mibtick = get_ticks();
return (0);
}

6
contrib/bsnmp/snmp_mibII/mibII.h
View File

@ -57,6 +57,9 @@
#include "snmp_mibII.h"
#include "mibII_tree.h"
/* maximum size of the interface alias */
#define MIBIF_ALIAS_SIZE (64 + 1)
/*
* Interface list and flags.
*/
@ -77,6 +80,9 @@ struct mibif_private {
uint64_t hc_opackets;
uint64_t hc_imcasts;
uint64_t hc_ipackets;
/* this should be made public */
char alias[MIBIF_ALIAS_SIZE];
};
#define MIBIF_PRIV(IFP) ((struct mibif_private *)((IFP)->private))

2
contrib/bsnmp/snmp_mibII/mibII_interfaces.c
View File

@ -528,7 +528,7 @@ op_ifxtable(struct snmp_context *ctx, struct snmp_value *value,
break;
case LEAF_ifAlias:
ret = string_get(value, "", -1);
ret = string_get(value, MIBIF_PRIV(ifp)->alias, -1);
break;
case LEAF_ifCounterDiscontinuityTime:

8
contrib/compiler-rt/lib/builtins/int_lib.h
View File

@ -74,11 +74,13 @@
* global header to prevent other C files from making the detour
* through __c?zdi2() as well.
*
* This problem has only been observed on FreeBSD for sparc64 and
* mips64 with GCC 4.2.1.
* This problem has been observed on FreeBSD for sparc64 and
* mips64 with GCC 4.2.1, and for riscv with GCC 5.2.0.
* Presumably it's any version of GCC, and targeting an arch that
* does not have dedicated bit counting instructions.
*/
#if defined(__FreeBSD__) && (defined(__sparc64__) || \
defined(__mips_n64) || defined(__mips_o64))
defined(__mips_n64) || defined(__mips_o64) || defined(__riscv__))
si_int __clzsi2(si_int);
si_int __ctzsi2(si_int);
#define __builtin_clz __clzsi2

8
contrib/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
View File

@ -76,6 +76,10 @@ namespace __sanitizer {
#elif defined(__powerpc64__)
const unsigned struct_kernel_stat_sz = 144;
const unsigned struct_kernel_stat64_sz = 104;
#elif defined(__riscv__)
/* RISCVTODO: check that these values are correct */
const unsigned struct_kernel_stat_sz = 128;
const unsigned struct_kernel_stat64_sz = 128;
#elif defined(__mips__)
#if SANITIZER_WORDSIZE == 64
const unsigned struct_kernel_stat_sz = 216;
@ -103,7 +107,7 @@ namespace __sanitizer {
#if SANITIZER_LINUX || SANITIZER_FREEBSD
#if defined(__powerpc64__)
#if defined(__powerpc64__) || defined(__riscv__)
const unsigned struct___old_kernel_stat_sz = 0;
#else
const unsigned struct___old_kernel_stat_sz = 32;
@ -481,7 +485,7 @@ namespace __sanitizer {
typedef long __sanitizer___kernel_off_t;
#endif
#if defined(__powerpc__) || defined(__mips__)
#if defined(__powerpc__) || defined(__mips__) || defined(__riscv__)
typedef unsigned int __sanitizer___kernel_old_uid_t;
typedef unsigned int __sanitizer___kernel_old_gid_t;
#else

3
contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h
View File

@ -253,6 +253,9 @@ typedef unsigned szind_t;
# ifdef __powerpc__
# define LG_QUANTUM 4
# endif
# ifdef __riscv__
# define LG_QUANTUM 4
# endif
# ifdef __s390__
# define LG_QUANTUM 4
# endif

3
contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h
View File

@ -52,6 +52,9 @@
#elif defined(__powerpc__)
# define LG_SIZEOF_PTR 2
#endif
#ifdef __riscv__
# define LG_SIZEOF_PTR 3
#endif
#ifndef JEMALLOC_TLS_MODEL
# define JEMALLOC_TLS_MODEL /* Default. */

71
contrib/llvm/projects/libunwind/include/libunwind.h
View File

@ -295,6 +295,77 @@ enum {
UNW_PPC_SPEFSCR = 112
};
// 64-bit RISC-V registers
enum {
UNW_RISCV_X0 = 0,
UNW_RISCV_X1 = 1,
UNW_RISCV_RA = 1,
UNW_RISCV_X2 = 2,
UNW_RISCV_SP = 2,
UNW_RISCV_X3 = 3,
UNW_RISCV_X4 = 4,
UNW_RISCV_X5 = 5,
UNW_RISCV_X6 = 6,
UNW_RISCV_X7 = 7,
UNW_RISCV_X8 = 8,
UNW_RISCV_X9 = 9,
UNW_RISCV_X10 = 10,
UNW_RISCV_X11 = 11,
UNW_RISCV_X12 = 12,
UNW_RISCV_X13 = 13,
UNW_RISCV_X14 = 14,
UNW_RISCV_X15 = 15,
UNW_RISCV_X16 = 16,
UNW_RISCV_X17 = 17,
UNW_RISCV_X18 = 18,
UNW_RISCV_X19 = 19,
UNW_RISCV_X20 = 20,
UNW_RISCV_X21 = 21,
UNW_RISCV_X22 = 22,
UNW_RISCV_X23 = 23,
UNW_RISCV_X24 = 24,
UNW_RISCV_X25 = 25,
UNW_RISCV_X26 = 26,
UNW_RISCV_X27 = 27,
UNW_RISCV_X28 = 28,
UNW_RISCV_X29 = 29,
UNW_RISCV_X30 = 30,
UNW_RISCV_X31 = 31,
// reserved block
UNW_RISCV_D0 = 64,
UNW_RISCV_D1 = 65,
UNW_RISCV_D2 = 66,
UNW_RISCV_D3 = 67,
UNW_RISCV_D4 = 68,
UNW_RISCV_D5 = 69,
UNW_RISCV_D6 = 70,
UNW_RISCV_D7 = 71,
UNW_RISCV_D8 = 72,
UNW_RISCV_D9 = 73,
UNW_RISCV_D10 = 74,
UNW_RISCV_D11 = 75,
UNW_RISCV_D12 = 76,
UNW_RISCV_D13 = 77,
UNW_RISCV_D14 = 78,
UNW_RISCV_D15 = 79,
UNW_RISCV_D16 = 80,
UNW_RISCV_D17 = 81,
UNW_RISCV_D18 = 82,
UNW_RISCV_D19 = 83,
UNW_RISCV_D20 = 84,
UNW_RISCV_D21 = 85,
UNW_RISCV_D22 = 86,
UNW_RISCV_D23 = 87,
UNW_RISCV_D24 = 88,
UNW_RISCV_D25 = 89,
UNW_RISCV_D26 = 90,
UNW_RISCV_D27 = 91,
UNW_RISCV_D28 = 92,
UNW_RISCV_D29 = 93,
UNW_RISCV_D30 = 94,
UNW_RISCV_D31 = 95,
};
// 64-bit ARM64 registers
enum {
UNW_ARM64_X0 = 0,

258
contrib/llvm/projects/libunwind/src/Registers.hpp
View File

@ -1024,6 +1024,264 @@ inline const char *Registers_ppc::getRegisterName(int regNum) {
}
/// Registers_riscv holds the register state of a thread in a 64-bit RISC-V
/// process.
class _LIBUNWIND_HIDDEN Registers_riscv {
public:
Registers_riscv();
Registers_riscv(const void *registers);
bool validRegister(int num) const;
uint64_t getRegister(int num) const;
void setRegister(int num, uint64_t value);
bool validFloatRegister(int num) const;
double getFloatRegister(int num) const;
void setFloatRegister(int num, double value);
bool validVectorRegister(int num) const;
v128 getVectorRegister(int num) const;
void setVectorRegister(int num, v128 value);
const char *getRegisterName(int num);
void jumpto();
static int lastDwarfRegNum() { return 95; }
uint64_t getSP() const { return _registers.__x[2]; }
void setSP(uint64_t value) { _registers.__x[2] = value; }
uint64_t getIP() const { return _registers.__x[1]; }
void setIP(uint64_t value) { _registers.__x[1] = value; }
private:
struct GPRs {
uint64_t __x[32]; // x0-x31
};
GPRs _registers;
double _vectorHalfRegisters[32];
// Currently only the lower double in 128-bit vectore registers
// is perserved during unwinding. We could define new register
// numbers (> 96) which mean whole vector registers, then this
// struct would need to change to contain whole vector registers.
};
inline Registers_riscv::Registers_riscv(const void *registers) {
static_assert(sizeof(Registers_riscv) < sizeof(unw_context_t),
"riscv registers do not fit into unw_context_t");
memcpy(&_registers, registers, sizeof(_registers));
static_assert(sizeof(GPRs) == 0x100,
"expected VFP registers to be at offset 256");
memcpy(_vectorHalfRegisters,
static_cast<const uint8_t *>(registers) + sizeof(GPRs),
sizeof(_vectorHalfRegisters));
}
inline Registers_riscv::Registers_riscv() {
memset(&_registers, 0, sizeof(_registers));
memset(&_vectorHalfRegisters, 0, sizeof(_vectorHalfRegisters));
}
inline bool Registers_riscv::validRegister(int regNum) const {
if (regNum == UNW_REG_IP)
return true;
if (regNum == UNW_REG_SP)
return true;
if (regNum < 0)
return false;
if (regNum > 95)
return false;
if ((regNum > 31) && (regNum < 64))
return false;
return true;
}
inline uint64_t Registers_riscv::getRegister(int regNum) const {
if (regNum == UNW_REG_IP)
return _registers.__x[1];
if (regNum == UNW_REG_SP)
return _registers.__x[2];
if ((regNum >= 0) && (regNum < 32))
return _registers.__x[regNum];
_LIBUNWIND_ABORT("unsupported riscv register");
}
inline void Registers_riscv::setRegister(int regNum, uint64_t value) {
if (regNum == UNW_REG_IP)
_registers.__x[1] = value;
else if (regNum == UNW_REG_SP)
_registers.__x[2] = value;
else if ((regNum >= 0) && (regNum < 32))
_registers.__x[regNum] = value;
else
_LIBUNWIND_ABORT("unsupported riscv register");
}
inline const char *Registers_riscv::getRegisterName(int regNum) {
switch (regNum) {
case UNW_REG_IP:
return "ra";
case UNW_REG_SP:
return "sp";
case UNW_RISCV_X0:
return "x0";
case UNW_RISCV_X1:
return "ra";
case UNW_RISCV_X2:
return "sp";
case UNW_RISCV_X3:
return "x3";
case UNW_RISCV_X4:
return "x4";
case UNW_RISCV_X5:
return "x5";
case UNW_RISCV_X6:
return "x6";
case UNW_RISCV_X7:
return "x7";
case UNW_RISCV_X8:
return "x8";
case UNW_RISCV_X9:
return "x9";
case UNW_RISCV_X10:
return "x10";
case UNW_RISCV_X11:
return "x11";
case UNW_RISCV_X12:
return "x12";
case UNW_RISCV_X13:
return "x13";
case UNW_RISCV_X14:
return "x14";
case UNW_RISCV_X15:
return "x15";
case UNW_RISCV_X16:
return "x16";
case UNW_RISCV_X17:
return "x17";
case UNW_RISCV_X18:
return "x18";
case UNW_RISCV_X19:
return "x19";
case UNW_RISCV_X20:
return "x20";
case UNW_RISCV_X21:
return "x21";
case UNW_RISCV_X22:
return "x22";
case UNW_RISCV_X23:
return "x23";
case UNW_RISCV_X24:
return "x24";
case UNW_RISCV_X25:
return "x25";
case UNW_RISCV_X26:
return "x26";
case UNW_RISCV_X27:
return "x27";
case UNW_RISCV_X28:
return "x28";
case UNW_RISCV_X29:
return "x29";
case UNW_RISCV_X30:
return "x30";
case UNW_RISCV_X31:
return "x31";
case UNW_RISCV_D0:
return "d0";
case UNW_RISCV_D1:
return "d1";
case UNW_RISCV_D2:
return "d2";
case UNW_RISCV_D3:
return "d3";
case UNW_RISCV_D4:
return "d4";
case UNW_RISCV_D5:
return "d5";
case UNW_RISCV_D6:
return "d6";
case UNW_RISCV_D7:
return "d7";
case UNW_RISCV_D8:
return "d8";
case UNW_RISCV_D9:
return "d9";
case UNW_RISCV_D10:
return "d10";
case UNW_RISCV_D11:
return "d11";
case UNW_RISCV_D12:
return "d12";
case UNW_RISCV_D13:
return "d13";
case UNW_RISCV_D14:
return "d14";
case UNW_RISCV_D15:
return "d15";
case UNW_RISCV_D16:
return "d16";
case UNW_RISCV_D17:
return "d17";
case UNW_RISCV_D18:
return "d18";
case UNW_RISCV_D19:
return "d19";
case UNW_RISCV_D20:
return "d20";
case UNW_RISCV_D21:
return "d21";
case UNW_RISCV_D22:
return "d22";
case UNW_RISCV_D23:
return "d23";
case UNW_RISCV_D24:
return "d24";
case UNW_RISCV_D25:
return "d25";
case UNW_RISCV_D26:
return "d26";
case UNW_RISCV_D27:
return "d27";
case UNW_RISCV_D28:
return "d28";
case UNW_RISCV_D29:
return "d29";
case UNW_RISCV_D30:
return "d30";
case UNW_RISCV_D31:
return "d31";
default:
return "unknown register";
}
}
inline bool Registers_riscv::validFloatRegister(int regNum) const {
if (regNum < UNW_RISCV_D0)
return false;
if (regNum > UNW_RISCV_D31)
return false;
return true;
}
inline double Registers_riscv::getFloatRegister(int regNum) const {
assert(validFloatRegister(regNum));
return _vectorHalfRegisters[regNum - UNW_RISCV_D0];
}
inline void Registers_riscv::setFloatRegister(int regNum, double value) {
assert(validFloatRegister(regNum));
_vectorHalfRegisters[regNum - UNW_RISCV_D0] = value;
}
inline bool Registers_riscv::validVectorRegister(int) const {
return false;
}
inline v128 Registers_riscv::getVectorRegister(int) const {
_LIBUNWIND_ABORT("no riscv vector register support yet");
}
inline void Registers_riscv::setVectorRegister(int, v128) {
_LIBUNWIND_ABORT("no riscv vector register support yet");
}
/// Registers_arm64 holds the register state of a thread in a 64-bit arm
/// process.

4
contrib/llvm/projects/libunwind/src/UnwindCursor.hpp
View File

@ -562,6 +562,10 @@ class UnwindCursor : public AbstractUnwindCursor{
compact_unwind_encoding_t dwarfEncoding(Registers_or1k &) const {
return 0;
}
compact_unwind_encoding_t dwarfEncoding(Registers_riscv &) const {
return 0;
}
#endif // _LIBUNWIND_SUPPORT_DWARF_UNWIND

4
contrib/llvm/projects/libunwind/src/UnwindRegistersRestore.S
View File

@ -478,4 +478,8 @@ DEFINE_LIBUNWIND_PRIVATE_FUNCTION(_ZN9libunwind14Registers_or1k6jumptoEv)
l.jr r9
l.nop
#elif defined(__riscv__)
/* RISCVTODO */
#endif

5
contrib/llvm/projects/libunwind/src/UnwindRegistersSave.S
View File

@ -463,4 +463,9 @@ DEFINE_LIBUNWIND_FUNCTION(unw_getcontext)
l.sw 116(r3), r29
l.sw 120(r3), r30
l.sw 124(r3), r31
#elif defined(__riscv__)
/* RISCVTODO */
#endif

3
contrib/llvm/projects/libunwind/src/config.h
View File

@ -74,7 +74,8 @@
#define _LIBUNWIND_BUILD_ZERO_COST_APIS (defined(__i386__) || \
defined(__x86_64__) || \
defined(__arm__) || \
defined(__aarch64__))
defined(__aarch64__) || \
defined(__riscv__))
#define _LIBUNWIND_BUILD_SJLJ_APIS 0
#define _LIBUNWIND_SUPPORT_FRAME_APIS (defined(__i386__) || \
defined(__x86_64__))

3
contrib/llvm/projects/libunwind/src/libunwind.cpp
View File

@ -66,6 +66,9 @@ _LIBUNWIND_EXPORT int unw_init_local(unw_cursor_t *cursor,
context, LocalAddressSpace::sThisAddressSpace);
#elif defined(__mips__)
#warning The MIPS architecture is not supported.
#elif defined(__riscv__)
new ((void *)cursor) UnwindCursor<LocalAddressSpace, Registers_riscv>(
context, LocalAddressSpace::sThisAddressSpace);
#else
#error Architecture not supported
#endif

2
contrib/mdocml/main.c
View File

@ -720,7 +720,7 @@ parse(struct curparse *curp, int fd, const char *file)
/* Begin by parsing the file itself. */
assert(file);
assert(fd > 0);
assert(fd >= 0);
rctmp = mparse_readfd(curp->mp, fd, file);
if (fd != STDIN_FILENO)

38
contrib/ntp/ChangeLog
View File

@ -1,3 +1,37 @@
---
(4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn.
* [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
* [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org
* [Sec 2938] ntpq saveconfig command allows dangerous characters
in filenames. perlinger@ntp.org
* [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org
* [Sec 2940] Stack exhaustion in recursive traversal of restriction
list. perlinger@ntp.org
* [Sec 2942]: Off-path DoS attack on auth broadcast mode. HStenn.
* [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org
* [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org
* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org
* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
- applied patch by shenpeng11@huawei.com with minor adjustments
* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org
* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org
* [Bug 2892] Several test cases assume IPv6 capabilities even when
IPv6 is disabled in the build. perlinger@ntp.org
- Found this already fixed, but validation led to cleanup actions.
* [Bug 2905] DNS lookups broken. perlinger@ntp.org
- added limits to stack consumption, fixed some return code handling
* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
- changed stacked/nested handling of CTRL-C. perlinger@ntp.org
- make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
* [Bug 2980] reduce number of warnings. perlinger@ntp.org
- integrated several patches from Havard Eidnes (he@uninett.no)
* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org
- implement 'auth_log2()' using integer bithack instead of float calculation
* Make leapsec_query debug messages less verbose. Harlan Stenn.
* Disable incomplete t-ntp_signd.c test. Harlan Stenn.
---
(4.2.8p5) 2016/01/07 Released by Harlan Stenn <stenn@ntp.org>
@ -47,6 +81,7 @@
lots of clients. perlinger@ntp.org
* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
- changed stacked/nested handling of CTRL-C. perlinger@ntp.org
- make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
* Unity cleanup for FreeBSD-6.4. Harlan Stenn.
* Unity test cleanup. Harlan Stenn.
* Libevent autoconf pthread fixes for FreeBSD-10. Harlan Stenn.
@ -55,9 +90,8 @@
* Quiet a warning from clang. Harlan Stenn.
* Update the NEWS file. Harlan Stenn.
* Update scripts/calc_tickadj/Makefile.am. Harlan Stenn.
---
(4.2.8p4) 2015/10/21 Released by Harlan Stenn <stenn@ntp.org>
(4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 2899] CVE-2014-9297 perlinger@ntp.org
* [Sec 2901] Drop invalid packet before checking KoD. Check for all KoD's.

1020
contrib/ntp/CommitLog
View File

File diff suppressed because it is too large Load Diff

253
contrib/ntp/NEWS
View File

@ -1,5 +1,258 @@
---
NTP 4.2.8p6
Focus: Security, Bug fixes, enhancements.
Severity: MEDIUM
In addition to bug fixes and enhancements, this release fixes the
following X low- and Y medium-severity vulnerabilities:
* Potential Infinite Loop in 'ntpq'
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2548 / CVE-2015-8158
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS2: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM
Summary: 'ntpq' processes incoming packets in a loop in 'getresponse()'.
The loop's only stopping conditions are receiving a complete and
correct response or hitting a small number of error conditions.
If the packet contains incorrect values that don't trigger one of
the error conditions, the loop continues to receive new packets.
Note well, this is an attack against an instance of 'ntpq', not
'ntpd', and this attack requires the attacker to do one of the
following:
* Own a malicious NTP server that the client trusts
* Prevent a legitimate NTP server from sending packets to
the 'ntpq' client
* MITM the 'ntpq' communications between the 'ntpq' client
and the NTP server
Mitigation:
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page
Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
* 0rigin: Zero Origin Timestamp Bypass
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2945 / CVE-2015-8138
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS2: (AV:N/AC:L/Au:N/C:N/I:P/A:N) Base Score: 5.0 - MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM
(3.7 - LOW if you score AC:L)
Summary: To distinguish legitimate peer responses from forgeries, a
client attempts to verify a response packet by ensuring that the
origin timestamp in the packet matches the origin timestamp it
transmitted in its last request. A logic error exists that
allows packets with an origin timestamp of zero to bypass this
check whenever there is not an outstanding request to the server.
Mitigation:
Configure 'ntpd' to get time from multiple sources.
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page.
Monitor your 'ntpd= instances.
Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
* Stack exhaustion in recursive traversal of restriction list
Date Resolved: Stable (4.2.8p6) 19 Jan 2016
References: Sec 2940 / CVE-2015-7978
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
Summary: An unauthenticated 'ntpdc reslist' command can cause a
segmentation fault in ntpd by exhausting the call stack.
Mitigation:
Implement BCP-38.
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page.
If you are unable to upgrade:
In ntp-4.2.8, mode 7 is disabled by default. Don't enable it.
If you must enable mode 7:
configure the use of a 'requestkey' to control who can
issue mode 7 requests.
configure 'restrict noquery' to further limit mode 7
requests to trusted sources.
Monitor your ntpd instances.
Credit: This weakness was discovered by Stephen Gray at Cisco ASIG.
* Off-path Denial of Service (!DoS) attack on authenticated broadcast mode
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2942 / CVE-2015-7979
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:N/AC:M/Au:N/C:N/I:P/A:P) Base Score: 5.8
Summary: An off-path attacker can send broadcast packets with bad
authentication (wrong key, mismatched key, incorrect MAC, etc)
to broadcast clients. It is observed that the broadcast client
tears down the association with the broadcast server upon
receiving just one bad packet.
Mitigation:
Implement BCP-38.
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page.
Monitor your 'ntpd' instances.
If this sort of attack is an active problem for you, you have
deeper problems to investigate. In this case also consider
having smaller NTP broadcast domains.
Credit: This weakness was discovered by Aanchal Malhotra of Boston
University.
* reslist NULL pointer dereference
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2939 / CVE-2015-7977
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
Summary: An unauthenticated 'ntpdc reslist' command can cause a
segmentation fault in ntpd by causing a NULL pointer dereference.
Mitigation:
Implement BCP-38.
Upgrade to 4.2.8p6, or later, from NTP Project Download Page or
the NTP Public Services Project Download Page.
If you are unable to upgrade:
mode 7 is disabled by default. Don't enable it.
If you must enable mode 7:
configure the use of a 'requestkey' to control who can
issue mode 7 requests.
configure 'restrict noquery' to further limit mode 7
requests to trusted sources.
Monitor your ntpd instances.
Credit: This weakness was discovered by Stephen Gray of Cisco ASIG.
* 'ntpq saveconfig' command allows dangerous characters in filenames.
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2938 / CVE-2015-7976
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:N/AC:L/Au:S/C:N/I:P/A:N) Base Score: 4.0 - MEDIUM
Summary: The ntpq saveconfig command does not do adequate filtering
of special characters from the supplied filename.
Note well: The ability to use the saveconfig command is controlled
by the 'restrict nomodify' directive, and the recommended default
configuration is to disable this capability. If the ability to
execute a 'saveconfig' is required, it can easily (and should) be
limited and restricted to a known small number of IP addresses.
Mitigation:
Implement BCP-38.
use 'restrict default nomodify' in your 'ntp.conf' file.
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page.
If you are unable to upgrade:
build NTP with 'configure --disable-saveconfig' if you will
never need this capability, or
use 'restrict default nomodify' in your 'ntp.conf' file. Be
careful about what IPs have the ability to send 'modify'
requests to 'ntpd'.
Monitor your ntpd instances.
'saveconfig' requests are logged to syslog - monitor your syslog files.
Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
* nextvar() missing length check in ntpq
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2937 / CVE-2015-7975
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:L/AC:H/Au:N/C:N/I:N/A:P) Base Score: 1.2 - LOW
If you score A:C, this becomes 4.0.
CVSSv3: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) Base Score 2.9, LOW
Summary: ntpq may call nextvar() which executes a memcpy() into the
name buffer without a proper length check against its maximum
length of 256 bytes. Note well that we're taking about ntpq here.
The usual worst-case effect of this vulnerability is that the
specific instance of ntpq will crash and the person or process
that did this will have stopped themselves.
Mitigation:
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page.
If you are unable to upgrade:
If you have scripts that feed input to ntpq make sure there are
some sanity checks on the input received from the "outside".
This is potentially more dangerous if ntpq is run as root.
Credit: This weakness was discovered by Jonathan Gardner at Cisco ASIG.
* Skeleton Key: Any trusted key system can serve time
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2936 / CVE-2015-7974
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:N/AC:H/Au:S/C:N/I:C/A:N) Base Score: 4.9
Summary: Symmetric key encryption uses a shared trusted key. The
reported title for this issue was "Missing key check allows
impersonation between authenticated peers" and the report claimed
"A key specified only for one server should only work to
authenticate that server, other trusted keys should be refused."
Except there has never been any correlation between this trusted
key and server v. clients machines and there has never been any
way to specify a key only for one server. We have treated this as
an enhancement request, and ntp-4.2.8p6 includes other checks and
tests to strengthen clients against attacks coming from broadcast
servers.
Mitigation:
Implement BCP-38.
If this scenario represents a real or a potential issue for you,
upgrade to 4.2.8p6, or later, from the NTP Project Download
Page or the NTP Public Services Project Download Page, and
use the new field in the ntp.keys file that specifies the list
of IPs that are allowed to serve time. Note that this alone
will not protect against time packets with forged source IP
addresses, however other changes in ntp-4.2.8p6 provide
significant mitigation against broadcast attacks. MITM attacks
are a different story.
If you are unable to upgrade:
Don't use broadcast mode if you cannot monitor your client
servers.
If you choose to use symmetric keys to authenticate time
packets in a hostile environment where ephemeral time
servers can be created, or if it is expected that malicious
time servers will participate in an NTP broadcast domain,
limit the number of participating systems that participate
in the shared-key group.
Monitor your ntpd instances.
Credit: This weakness was discovered by Matt Street of Cisco ASIG.
* Deja Vu: Replay attack on authenticated broadcast mode
Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
References: Sec 2935 / CVE-2015-7973
Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
4.3.0 up to, but not including 4.3.90
CVSS: (AV:A/AC:M/Au:N/C:N/I:P/A:P) Base Score: 4.3 - MEDIUM
Summary: If an NTP network is configured for broadcast operations then
either a man-in-the-middle attacker or a malicious participant
that has the same trusted keys as the victim can replay time packets.
Mitigation:
Implement BCP-38.
Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
or the NTP Public Services Project Download Page.
If you are unable to upgrade:
Don't use broadcast mode if you cannot monitor your client servers.
Monitor your ntpd instances.
Credit: This weakness was discovered by Aanchal Malhotra of Boston
University.
Other fixes:
* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org
* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
- applied patch by shenpeng11@huawei.com with minor adjustments
* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org
* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org
* [Bug 2892] Several test cases assume IPv6 capabilities even when
IPv6 is disabled in the build. perlinger@ntp.org
- Found this already fixed, but validation led to cleanup actions.
* [Bug 2905] DNS lookups broken. perlinger@ntp.org
- added limits to stack consumption, fixed some return code handling
* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
- changed stacked/nested handling of CTRL-C. perlinger@ntp.org
- make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
* [Bug 2980] reduce number of warnings. perlinger@ntp.org
- integrated several patches from Havard Eidnes (he@uninett.no)
* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org
- implement 'auth_log2()' using integer bithack instead of float calculation
* Make leapsec_query debug messages less verbose. Harlan Stenn.
---
NTP 4.2.8p5
Focus: Security, Bug fixes, enhancements.

20
contrib/ntp/configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for ntp 4.2.8p5.
# Generated by GNU Autoconf 2.69 for ntp 4.2.8p6.
#
# Report bugs to <http://bugs.ntp.org./>.
#
@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='ntp'
PACKAGE_TARNAME='ntp'
PACKAGE_VERSION='4.2.8p5'
PACKAGE_STRING='ntp 4.2.8p5'
PACKAGE_VERSION='4.2.8p6'
PACKAGE_STRING='ntp 4.2.8p6'
PACKAGE_BUGREPORT='http://bugs.ntp.org./'
PACKAGE_URL='http://www.ntp.org./'
@ -1616,7 +1616,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures ntp 4.2.8p5 to adapt to many kinds of systems.
\`configure' configures ntp 4.2.8p6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1686,7 +1686,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of ntp 4.2.8p5:";;
short | recursive ) echo "Configuration of ntp 4.2.8p6:";;
esac
cat <<\_ACEOF
@ -1919,7 +1919,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
ntp configure 4.2.8p5
ntp configure 4.2.8p6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -2749,7 +2749,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by ntp $as_me 4.2.8p5, which was
It was created by ntp $as_me 4.2.8p6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -3750,7 +3750,7 @@ fi
# Define the identity of the package.
PACKAGE='ntp'
VERSION='4.2.8p5'
VERSION='4.2.8p6'
cat >>confdefs.h <<_ACEOF
@ -37840,7 +37840,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by ntp $as_me 4.2.8p5, which was
This file was extended by ntp $as_me 4.2.8p6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -37907,7 +37907,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
ntp config.status 4.2.8p5
ntp config.status 4.2.8p6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

14
contrib/ntp/html/miscopt.html
View File

@ -11,7 +11,7 @@
<img src="pic/boom3.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/~mills/pictures.html">from <i>Pogo</i>, Walt Kelly</a>
<p>We have three, now looking for more.</p>
<p>Last update:
<!-- #BeginDate format:En2m -->17-Nov-2015 11:06<!-- #EndDate -->
<!-- #BeginDate format:En2m -->16-Jan-2016 13:08<!-- #EndDate -->
UTC</p>
<br clear="left">
<h4>Related Links</h4>
@ -29,8 +29,9 @@
<dd>The file format consists of a single line containing a single floating point number, which records the frequency offset measured in parts-per-million (PPM). The file is updated by first writing the current drift value into a temporary file and then renaming this file to replace the old version.</dd>
<dt id="dscp"><tt>dscp <i>dscp</i></tt></dt>
<dd>This command specifies the Differentiated Services Code Point (DSCP) value that is used in sent NTP packets. The default value is 46 for Expedited Forwarding (EF).</dd>
<dt id="enable"><tt>enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</tt><br>
<tt>disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</tt></dt>
<dt id="enable"><tt>enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</tt></dt>
<dt><tt>disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</tt></dt>
<dd>Provides a way to enable or disable various system options. Flags not mentioned are unaffected. Note that most of these flags can be modified remotely using <a href="ntpq.html"><tt>ntpq</tt></a> utility program's <tt>:config</tt> and <tt>config-from-file</tt> commands.
<dl>
<dt><tt>auth</tt></dt>
@ -50,6 +51,13 @@
<dd>Enables time and frequency discipline. In effect, this switch opens and closes the feedback loop, which is useful for testing. The default for this flag is enable.</dd>
<dt><tt>stats</tt></dt>
<dd>Enables the statistics facility. See the <a href="monopt.html">Monitoring Options</a> page for further information. The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
| unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early
<dt><tt>unpeer_crypto_early</tt></dt>
<dd>Enables the early resetting of an association in case of a crypto failure. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
<dt><tt>unpeer_crypto_nak_early</tt></dt>
<dd>Enables the early resetting of an association in case of a crypto_NAK message. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
<dt><tt>unpeer_digest_early</tt></dt>
<dd>Enables the early resetting of an association in case of an autokey digest failur. This is generally a feature, but it can be used in a DoS attack. If you are seeing these packets being used as a DoS attack against your server, you should disable this flag. The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
</dl>
</dd>
<dt id="includefile"><tt>includefile <i>includefile</i></tt></dt>

1
contrib/ntp/include/Makefile.am
View File

@ -36,6 +36,7 @@ noinst_HEADERS = \
ntp_if.h \
ntp_intres.h \
ntp_io.h \
ntp_keyacc.h \
ntp_libopts.h \
ntp_lineedit.h \
ntp_lists.h \

1
contrib/ntp/include/Makefile.in
View File

@ -521,6 +521,7 @@ noinst_HEADERS = \
ntp_if.h \
ntp_intres.h \
ntp_io.h \
ntp_keyacc.h \
ntp_libopts.h \
ntp_lineedit.h \
ntp_lists.h \

7
contrib/ntp/include/ntp.h
View File

@ -350,6 +350,7 @@ struct peer {
l_fp dst; /* destination timestamp */
l_fp aorg; /* origin timestamp */
l_fp borg; /* alternate origin timestamp */
l_fp bxmt; /* most recent broadcast transmit timestamp */
double offset; /* peer clock offset */
double delay; /* peer roundtrip delay */
double jitter; /* peer jitter (squares) */
@ -382,7 +383,8 @@ struct peer {
* Statistic counters
*/
u_long timereset; /* time stat counters were reset */
u_long timereceived; /* last packet received time */
u_long timelastrec; /* last packet received time */
u_long timereceived; /* last (clean) packet received time */
u_long timereachable; /* last reachable/unreachable time */
u_long sent; /* packets sent */
@ -708,6 +710,9 @@ struct pkt {
#define PROTO_ORPHAN 26
#define PROTO_ORPHWAIT 27
#define PROTO_MODE7 28
#define PROTO_UECRYPTO 29
#define PROTO_UECRYPTONAK 30
#define PROTO_UEDIGEST 31
/*
* Configuration items for the loop filter

3
contrib/ntp/include/ntp_io.h
View File

@ -40,6 +40,8 @@
#include "libntp.h" /* This needs Something above for GETDTABLESIZE */
#include "ntp_keyacc.h"
/*
* Define FNDELAY and FASYNC using O_NONBLOCK and O_ASYNC if we need
* to (and can). This is here initially for QNX, but may help for
@ -83,7 +85,6 @@ typedef enum {
extern int qos;
SOCKET move_fd(SOCKET fd);
isc_boolean_t get_broadcastclient_flag(void);
extern int is_ip_address(const char *, u_short, sockaddr_u *);
extern void sau_from_netaddr(sockaddr_u *, const isc_netaddr_t *);
extern void add_nic_rule(nic_rule_match match_type,
const char *if_name, int prefixlen,

13
contrib/ntp/include/ntp_keyacc.h Normal file
View File

@ -0,0 +1,13 @@
/*
* ntp_keyacc.h - key access stuff
*/
#ifndef NTP_KEYACC_H
#define NTP_KEYACC_H
typedef struct keyaccess KeyAccT;
struct keyaccess {
KeyAccT * next;
sockaddr_u addr;
};
#endif /* NTP_KEYACC_H */

5
contrib/ntp/include/ntp_stdlib.h
View File

@ -16,6 +16,7 @@
#include "ntp_malloc.h"
#include "ntp_string.h"
#include "ntp_syslog.h"
#include "ntp_keyacc.h"
#ifdef __GNUC__
#define NTP_PRINTF(fmt, args) __attribute__((__format__(__printf__, fmt, args)))
@ -69,6 +70,7 @@ extern int authdecrypt (keyid_t, u_int32 *, size_t, size_t);
extern size_t authencrypt (keyid_t, u_int32 *, size_t);
extern int authhavekey (keyid_t);
extern int authistrusted (keyid_t);
extern int authistrustedip (keyid_t, sockaddr_u *);
extern int authreadkeys (const char *);
extern void authtrust (keyid_t, u_long);
extern int authusekey (keyid_t, int, const u_char *);
@ -97,7 +99,7 @@ extern int ymd2yd (int, int, int);
/* a_md5encrypt.c */
extern int MD5authdecrypt (int, const u_char *, u_int32 *, size_t, size_t);
extern size_t MD5authencrypt (int, const u_char *, u_int32 *, size_t);
extern void MD5auth_setkey (keyid_t, int, const u_char *, size_t);
extern void MD5auth_setkey (keyid_t, int, const u_char *, size_t, KeyAccT *c);
extern u_int32 addr2refid (sockaddr_u *);
/* emalloc.c */
@ -141,6 +143,7 @@ extern int atouint (const char *, u_long *);
extern int hextoint (const char *, u_long *);
extern const char * humanlogtime (void);
extern const char * humantime (time_t);
extern int is_ip_address (const char *, u_short, sockaddr_u *);
extern char * mfptoa (u_int32, u_int32, short);
extern char * mfptoms (u_int32, u_int32, short);
extern const char * modetoa (size_t);

1
contrib/ntp/include/ntp_types.h
View File

@ -218,6 +218,7 @@ typedef uint16_t associd_t; /* association ID */
#define ASSOCID_MAX USHRT_MAX
typedef u_int32 keyid_t; /* cryptographic key ID */
#define KEYID_T_MAX (0xffffffff)
typedef u_int32 tstamp_t; /* NTP seconds timestamp */
/*

53
contrib/ntp/include/ntp_worker.h
View File

@ -60,33 +60,35 @@ typedef sema_type *sem_ref;
#if defined(WORK_FORK)
typedef struct blocking_child_tag {
int reusable;
int pid;
int req_write_pipe; /* parent */
int resp_read_pipe;
void * resp_read_ctx;
int req_read_pipe; /* child */
int resp_write_pipe;
int ispipe;
int reusable;
int pid;
int req_write_pipe; /* parent */
int resp_read_pipe;
void * resp_read_ctx;
int req_read_pipe; /* child */
int resp_write_pipe;
int ispipe;
volatile u_int resp_ready_seen; /* signal/scan */
volatile u_int resp_ready_done; /* consumer/mainloop */
} blocking_child;
#elif defined(WORK_THREAD)
typedef struct blocking_child_tag {
/*
* blocking workitems and blocking_responses are dynamically-sized
* one-dimensional arrays of pointers to blocking worker requests and
* responses.
*
* IMPORTANT: This structure is shared between threads, and all access
* that is not atomic (especially queue operations) must hold the
* 'accesslock' semaphore to avoid data races.
*
* The resource management (thread/semaphore creation/destruction)
* functions and functions just testing a handle are safe because these
* are only changed by the main thread when no worker is running on the
* same data structure.
*/
/*
* blocking workitems and blocking_responses are
* dynamically-sized one-dimensional arrays of pointers to
* blocking worker requests and responses.
*
* IMPORTANT: This structure is shared between threads, and all
* access that is not atomic (especially queue operations) must
* hold the 'accesslock' semaphore to avoid data races.
*
* The resource management (thread/semaphore
* creation/destruction) functions and functions just testing a
* handle are safe because these are only changed by the main
* thread when no worker is running on the same data structure.
*/
int reusable;
sem_ref accesslock; /* shared access lock */
thr_ref thread_ref; /* thread 'handle' */
@ -117,6 +119,8 @@ typedef struct blocking_child_tag {
int resp_write_pipe; /* child */
int ispipe;
void * resp_read_ctx; /* child */
volatile u_int resp_ready_seen; /* signal/scan */
volatile u_int resp_ready_done; /* consumer/mainloop */
#else
sem_ref responses_pending; /* signalling */
#endif
@ -126,6 +130,10 @@ typedef struct blocking_child_tag {
#endif /* WORK_THREAD */
/* we need some global tag to indicate any blocking child may be ready: */
extern volatile u_int blocking_child_ready_seen;/* signal/scan */
extern volatile u_int blocking_child_ready_done;/* consumer/mainloop */
extern blocking_child ** blocking_children;
extern size_t blocking_children_alloc;
extern int worker_per_query; /* boolean */
@ -139,6 +147,7 @@ extern int queue_blocking_response(blocking_child *,
blocking_pipe_header *, size_t,
const blocking_pipe_header *);
extern void process_blocking_resp(blocking_child *);
extern void harvest_blocking_responses(void);
extern int send_blocking_req_internal(blocking_child *,
blocking_pipe_header *,
void *);

6
contrib/ntp/include/parse.h
View File

@ -107,9 +107,9 @@ extern unsigned int splclock (void);
/*
* some constants useful for GPS time conversion
*/
#define GPSORIGIN 2524953600UL /* NTP origin - GPS origin in seconds */
#define GPSWRAP 990U /* assume week count less than this in the previous epoch */
#define GPSWEEKS 1024U /* number of weeks until the GPS epch rolls over */
#define GPSORIGIN 2524953600UL /* NTP origin - GPS origin in seconds */
#define GPSWRAP 990 /* assume week count less than this in the previous epoch */
#define GPSWEEKS 1024 /* number of weeks until the GPS epch rolls over */
/*
* state flags

1
contrib/ntp/libntp/Makefile.am
View File

@ -70,6 +70,7 @@ libntp_a_SRCS = \
humandate.c \
icom.c \
iosignal.c \
is_ip_address.c \
lib_strbuf.c \
machines.c \
mktime.c \

56
contrib/ntp/libntp/Makefile.in
View File

@ -150,12 +150,12 @@ am__libntp_a_SOURCES_DIST = systime.c a_md5encrypt.c adjtime.c \
calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \
netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \
ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \
ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \
refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \
socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
vint64ops.c work_fork.c work_thread.c ymd2yd.c \
$(srcdir)/../lib/isc/assertions.c \
@ -207,21 +207,21 @@ am__objects_4 = a_md5encrypt.$(OBJEXT) adjtime.$(OBJEXT) \
dolfptoa.$(OBJEXT) emalloc.$(OBJEXT) findconfig.$(OBJEXT) \
getopt.$(OBJEXT) hextoint.$(OBJEXT) hextolfp.$(OBJEXT) \
humandate.$(OBJEXT) icom.$(OBJEXT) iosignal.$(OBJEXT) \
lib_strbuf.$(OBJEXT) machines.$(OBJEXT) mktime.$(OBJEXT) \
modetoa.$(OBJEXT) mstolfp.$(OBJEXT) msyslog.$(OBJEXT) \
netof.$(OBJEXT) ntp_calendar.$(OBJEXT) \
ntp_crypto_rnd.$(OBJEXT) ntp_intres.$(OBJEXT) \
ntp_libopts.$(OBJEXT) ntp_lineedit.$(OBJEXT) \
ntp_random.$(OBJEXT) ntp_rfc2553.$(OBJEXT) \
ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) numtohost.$(OBJEXT) \
octtoint.$(OBJEXT) prettydate.$(OBJEXT) refidsmear.$(OBJEXT) \
recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) snprintf.$(OBJEXT) \
socket.$(OBJEXT) socktoa.$(OBJEXT) socktohost.$(OBJEXT) \
ssl_init.$(OBJEXT) statestr.$(OBJEXT) strdup.$(OBJEXT) \
strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) timetoa.$(OBJEXT) \
timevalops.$(OBJEXT) uglydate.$(OBJEXT) vint64ops.$(OBJEXT) \
work_fork.$(OBJEXT) work_thread.$(OBJEXT) ymd2yd.$(OBJEXT) \
$(am__objects_3) $(am__objects_1)
is_ip_address.$(OBJEXT) lib_strbuf.$(OBJEXT) \
machines.$(OBJEXT) mktime.$(OBJEXT) modetoa.$(OBJEXT) \
mstolfp.$(OBJEXT) msyslog.$(OBJEXT) netof.$(OBJEXT) \
ntp_calendar.$(OBJEXT) ntp_crypto_rnd.$(OBJEXT) \
ntp_intres.$(OBJEXT) ntp_libopts.$(OBJEXT) \
ntp_lineedit.$(OBJEXT) ntp_random.$(OBJEXT) \
ntp_rfc2553.$(OBJEXT) ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) \
numtohost.$(OBJEXT) octtoint.$(OBJEXT) prettydate.$(OBJEXT) \
refidsmear.$(OBJEXT) recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) \
snprintf.$(OBJEXT) socket.$(OBJEXT) socktoa.$(OBJEXT) \
socktohost.$(OBJEXT) ssl_init.$(OBJEXT) statestr.$(OBJEXT) \
strdup.$(OBJEXT) strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) \
timetoa.$(OBJEXT) timevalops.$(OBJEXT) uglydate.$(OBJEXT) \
vint64ops.$(OBJEXT) work_fork.$(OBJEXT) work_thread.$(OBJEXT) \
ymd2yd.$(OBJEXT) $(am__objects_3) $(am__objects_1)
am_libntp_a_OBJECTS = systime.$(OBJEXT) $(am__objects_4)
libntp_a_OBJECTS = $(am_libntp_a_OBJECTS)
libntpsim_a_AR = $(AR) $(ARFLAGS)
@ -232,12 +232,12 @@ am__libntpsim_a_SOURCES_DIST = systime_s.c a_md5encrypt.c adjtime.c \
calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \
netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \
ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \
ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \
refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \
socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
vint64ops.c work_fork.c work_thread.c ymd2yd.c \
$(srcdir)/../lib/isc/assertions.c \
@ -660,6 +660,7 @@ libntp_a_SRCS = \
humandate.c \
icom.c \
iosignal.c \
is_ip_address.c \
lib_strbuf.c \
machines.c \
mktime.c \
@ -806,6 +807,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/inet_pton.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/interfaceiter.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iosignal.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/is_ip_address.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib_strbuf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@

105
contrib/ntp/libntp/authkeys.c
View File

@ -15,6 +15,7 @@
#include "ntp_string.h"
#include "ntp_malloc.h"
#include "ntp_stdlib.h"
#include "ntp_keyacc.h"
/*
* Structure to store keys in in the hash table.
@ -25,6 +26,7 @@ struct savekey {
symkey * hlink; /* next in hash bucket */
DECL_DLIST_LINK(symkey, llink); /* for overall & free lists */
u_char * secret; /* shared secret */
KeyAccT * keyacclist; /* Private key access list */
u_long lifetime; /* remaining lifetime */
keyid_t keyid; /* key identifier */
u_short type; /* OpenSSL digest NID */
@ -48,13 +50,13 @@ struct symkey_alloc_tag {
symkey_alloc * authallocs;
#endif /* DEBUG */
static inline u_short auth_log2(double x);
static void auth_resize_hashtable(void);
static void allocsymkey(symkey **, keyid_t, u_short,
u_short, u_long, u_short, u_char *);
static void freesymkey(symkey *, symkey **);
static u_short auth_log2(size_t);
static void auth_resize_hashtable(void);
static void allocsymkey(symkey **, keyid_t, u_short, u_short,
u_long, u_short, u_char *, KeyAccT *);
static void freesymkey(symkey *, symkey **);
#ifdef DEBUG
static void free_auth_mem(void);
static void free_auth_mem(void);
#endif
symkey key_listhead; /* list of all in-use keys */;
@ -97,6 +99,7 @@ u_char *cache_secret; /* secret */
u_short cache_secretsize; /* secret length */
int cache_type; /* OpenSSL digest NID */
u_short cache_flags; /* flags that wave */
KeyAccT *cache_keyacclist; /* key access list */
/*
@ -142,6 +145,7 @@ free_auth_mem(void)
key_hash = NULL;
cache_keyid = 0;
cache_flags = 0;
cache_keyacclist = NULL;
for (alloc = authallocs; alloc != NULL; alloc = next_alloc) {
next_alloc = alloc->link;
free(alloc->mem);
@ -210,10 +214,33 @@ auth_prealloc_symkeys(
}
static inline u_short
auth_log2(double x)
static u_short
auth_log2(size_t x)
{
return (u_short)(log10(x) / log10(2));
/*
** bithack to calculate floor(log2(x))
**
** This assumes
** - (sizeof(size_t) is a power of two
** - CHAR_BITS is a power of two
** - returning zero for arguments <= 0 is OK.
**
** Does only shifts, masks and sums in integer arithmetic in
** log2(CHAR_BIT*sizeof(size_t)) steps. (that is, 5/6 steps for
** 32bit/64bit size_t)
*/
int s;
int r = 0;
size_t m = ~(size_t)0;
for (s = sizeof(size_t) / 2 * CHAR_BIT; s != 0; s >>= 1) {
m <<= s;
if (x & m)
r += s;
else
x <<= s;
}
return (u_short)r;
}
@ -234,7 +261,7 @@ auth_resize_hashtable(void)
symkey * sk;
totalkeys = authnumkeys + authnumfreekeys;
hashbits = auth_log2(totalkeys / 4.0) + 1;
hashbits = auth_log2(totalkeys / 4) + 1;
hashbits = max(4, hashbits);
hashbits = min(15, hashbits);
@ -267,7 +294,8 @@ allocsymkey(
u_short type,
u_long lifetime,
u_short secretsize,
u_char * secret
u_char * secret,
KeyAccT * ka
)
{
symkey * sk;
@ -281,6 +309,7 @@ allocsymkey(
sk->type = type;
sk->secretsize = secretsize;
sk->secret = secret;
sk->keyacclist = ka;
sk->lifetime = lifetime;
LINK_SLIST(*bucket, sk, hlink);
LINK_TAIL_DLIST(key_listhead, sk, llink);
@ -412,6 +441,7 @@ authhavekey(
cache_flags = sk->flags;
cache_secret = sk->secret;
cache_secretsize = sk->secretsize;
cache_keyacclist = sk->keyacclist;
return TRUE;
}
@ -451,6 +481,7 @@ authtrust(
if (cache_keyid == id) {
cache_flags = 0;
cache_keyid = 0;
cache_keyacclist = NULL;
}
/*
@ -480,7 +511,7 @@ authtrust(
} else {
lifetime = 0;
}
allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL);
allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL, NULL);
}
@ -511,6 +542,49 @@ authistrusted(
return TRUE;
}
/*
* authistrustedip - determine if the IP is OK for the keyid
*/
int
authistrustedip(
keyid_t keyno,
sockaddr_u * sau
)
{
symkey * sk;
symkey ** bucket;
KeyAccT * kal;
KeyAccT * k;
if (keyno == cache_keyid)
kal = cache_keyacclist;
else {
authkeyuncached++;
bucket = &key_hash[KEYHASH(keyno)];
for (sk = *bucket; sk != NULL; sk = sk->hlink) {
if (keyno == sk->keyid)
break;
}
if (NULL == sk || !(KEY_TRUSTED & sk->flags)) {
INSIST(!"authistrustedip: keyid not found/trusted!");
return FALSE;
}
kal = sk->keyacclist;
}
if (NULL == kal)
return TRUE;
for (k = kal; k; k = k->next) {
if (SOCK_EQ(&k->addr, sau))
return TRUE;
}
return FALSE;
}
/* Note: There are two locations below where 'strncpy()' is used. While
* this function is a hazard by itself, it's essential that it is used
* here. Bug 1243 involved that the secret was filled with NUL bytes
@ -527,7 +601,8 @@ MD5auth_setkey(
keyid_t keyno,
int keytype,
const u_char *key,
size_t len
size_t len,
KeyAccT *ka
)
{
symkey * sk;
@ -553,6 +628,7 @@ MD5auth_setkey(
sk->type = (u_short)keytype;
secretsize = len;
sk->secretsize = (u_short)secretsize;
sk->keyacclist = ka;
#ifndef DISABLE_BUG1243_FIX
memcpy(sk->secret, key, secretsize);
#else
@ -563,6 +639,7 @@ MD5auth_setkey(
if (cache_keyid == keyno) {
cache_flags = 0;
cache_keyid = 0;
cache_keyacclist = NULL;
}
return;
}
@ -580,7 +657,7 @@ MD5auth_setkey(
strncpy((char *)secret, (const char *)key, secretsize);
#endif
allocsymkey(bucket, keyno, 0, (u_short)keytype, 0,
(u_short)secretsize, secret);
(u_short)secretsize, secret, ka);
#ifdef DEBUG
if (debug >= 4) {
size_t j;

51
contrib/ntp/libntp/authreadkeys.c
View File

@ -5,10 +5,12 @@
#include <stdio.h>
#include <ctype.h>
#include "ntpd.h" /* Only for DPRINTF */
#include "ntp_fp.h"
#include "ntp.h"
#include "ntp_syslog.h"
#include "ntp_stdlib.h"
#include "ntp_keyacc.h"
#ifdef OPENSSL
#include "openssl/objects.h"
@ -85,6 +87,7 @@ static void log_maybe(u_int*, const char*, ...) NTP_PRINTF(2, 3);
typedef struct keydata KeyDataT;
struct keydata {
KeyDataT *next; /* queue/stack link */
KeyAccT *keyacclist; /* key access list */
keyid_t keyid; /* stored key ID */
u_short keytype; /* stored key type */
u_short seclen; /* length of secret */
@ -228,6 +231,7 @@ authreadkeys(
len = strlen(token);
if (len <= 20) { /* Bug 2537 */
next = emalloc(sizeof(KeyDataT) + len);
next->keyacclist = NULL;
next->keyid = keyno;
next->keytype = keytype;
next->seclen = len;
@ -257,11 +261,48 @@ authreadkeys(
}
len = jlim/2; /* hmmmm.... what about odd length?!? */
next = emalloc(sizeof(KeyDataT) + len);
next->keyacclist = NULL;
next->keyid = keyno;
next->keytype = keytype;
next->seclen = len;
memcpy(next->secbuf, keystr, len);
}
token = nexttok(&line);
DPRINTF(0, ("authreadkeys: full access list <%s>\n", (token) ? token : "NULL"));
if (token != NULL) { /* A comma-separated IP access list */
char *tp = token;
while (tp) {
char *i;
KeyAccT ka;
i = strchr(tp, (int)',');
if (i)
*i = '\0';
DPRINTF(0, ("authreadkeys: access list: <%s>\n", tp));
if (is_ip_address(tp, AF_UNSPEC, &ka.addr)) {
KeyAccT *kap;
kap = emalloc(sizeof(KeyAccT));
memcpy(kap, &ka, sizeof ka);
kap->next = next->keyacclist;
next->keyacclist = kap;
} else {
log_maybe(&nerr,
"authreadkeys: invalid IP address <%s> for key %d",
tp, keyno);
}
if (i) {
tp = i + 1;
} else {
tp = 0;
}
}
}
INSIST(NULL != next);
next->next = list;
list = next;
@ -286,7 +327,7 @@ authreadkeys(
while (NULL != (next = list)) {
list = next->next;
MD5auth_setkey(next->keyid, next->keytype,
next->secbuf, next->seclen);
next->secbuf, next->seclen, next->keyacclist);
/* purge secrets from memory before free()ing it */
memset(next, 0, sizeof(*next) + next->seclen);
free(next);
@ -297,6 +338,14 @@ authreadkeys(
/* Mop up temporary storage before bailing out. */
while (NULL != (next = list)) {
list = next->next;
while (next->keyacclist) {
KeyAccT *kap = next->keyacclist;
next->keyacclist = kap->next;
free(kap);
}
/* purge secrets from memory before free()ing it */
memset(next, 0, sizeof(*next) + next->seclen);
free(next);

2
contrib/ntp/libntp/authusekey.c
View File

@ -29,6 +29,6 @@ authusekey(
if (0 == len)
return 0;
MD5auth_setkey(keyno, keytype, str, len);
MD5auth_setkey(keyno, keytype, str, len, NULL);
return 1;
}

129
contrib/ntp/libntp/is_ip_address.c Normal file
View File

@ -0,0 +1,129 @@
/*
* is_ip_address
*
*/
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#if 0
#include <stdio.h>
#include <signal.h>
#ifdef HAVE_FNMATCH_H
# include <fnmatch.h>
# if !defined(FNM_CASEFOLD) && defined(FNM_IGNORECASE)
# define FNM_CASEFOLD FNM_IGNORECASE
# endif
#endif
#ifdef HAVE_SYS_PARAM_H
# include <sys/param.h>
#endif
#ifdef HAVE_SYS_IOCTL_H
# include <sys/ioctl.h>
#endif
#ifdef HAVE_SYS_SOCKIO_H /* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */
# include <sys/sockio.h>
#endif
#ifdef HAVE_SYS_UIO_H
# include <sys/uio.h>
#endif
#endif
#include "ntp_assert.h"
#include "ntp_stdlib.h"
#include "safecast.h"
#if 0
#include "ntp_machine.h"
#include "ntpd.h"
#include "ntp_io.h"
#include "iosignal.h"
#include "ntp_lists.h"
#include "ntp_refclock.h"
#include "ntp_worker.h"
#include "ntp_request.h"
#include "timevalops.h"
#include "timespecops.h"
#include "ntpd-opts.h"
#endif
/* Don't include ISC's version of IPv6 variables and structures */
#define ISC_IPV6_H 1
#include <isc/mem.h>
#include <isc/interfaceiter.h>
#include <isc/netaddr.h>
#include <isc/result.h>
#include <isc/sockaddr.h>
/*
* Code to tell if we have an IP address
* If we have then return the sockaddr structure
* and set the return value
* see the bind9/getaddresses.c for details
*/
int
is_ip_address(
const char * host,
u_short af,
sockaddr_u * addr
)
{
struct in_addr in4;
struct addrinfo hints;
struct addrinfo *result;
struct sockaddr_in6 *resaddr6;
char tmpbuf[128];
char *pch;
REQUIRE(host != NULL);
REQUIRE(addr != NULL);
ZERO_SOCK(addr);
/*
* Try IPv4, then IPv6. In order to handle the extended format
* for IPv6 scoped addresses (address%scope_ID), we'll use a local
* working buffer of 128 bytes. The length is an ad-hoc value, but
* should be enough for this purpose; the buffer can contain a string
* of at least 80 bytes for scope_ID in addition to any IPv6 numeric
* addresses (up to 46 bytes), the delimiter character and the
* terminating NULL character.
*/
if (AF_UNSPEC == af || AF_INET == af)
if (inet_pton(AF_INET, host, &in4) == 1) {
AF(addr) = AF_INET;
SET_ADDR4N(addr, in4.s_addr);
return TRUE;
}
if (AF_UNSPEC == af || AF_INET6 == af)
if (sizeof(tmpbuf) > strlen(host)) {
if ('[' == host[0]) {
strlcpy(tmpbuf, &host[1], sizeof(tmpbuf));
pch = strchr(tmpbuf, ']');
if (pch != NULL)
*pch = '\0';
} else {
strlcpy(tmpbuf, host, sizeof(tmpbuf));
}
ZERO(hints);
hints.ai_family = AF_INET6;
hints.ai_flags |= AI_NUMERICHOST;
if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) {
AF(addr) = AF_INET6;
resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr);
SET_ADDR6N(addr, resaddr6->sin6_addr);
SET_SCOPE(addr, resaddr6->sin6_scope_id);
freeaddrinfo(result);
return TRUE;
}
}
/*
* If we got here it was not an IP address
*/
return FALSE;
}

27
contrib/ntp/libntp/ntp_worker.c
View File

@ -27,6 +27,8 @@ blocking_child ** blocking_children;
size_t blocking_children_alloc;
int worker_per_query; /* boolean */
int intres_req_pending;
volatile u_int blocking_child_ready_seen;
volatile u_int blocking_child_ready_done;
#ifndef HAVE_IO_COMPLETION_PORT
@ -262,6 +264,31 @@ process_blocking_resp(
req_child_exit(c);
}
void
harvest_blocking_responses(void)
{
int idx;
blocking_child* cp;
u_int scseen, scdone;
scseen = blocking_child_ready_seen;
scdone = blocking_child_ready_done;
if (scdone != scseen) {
blocking_child_ready_done = scseen;
for (idx = 0; idx < blocking_children_alloc; idx++) {
cp = blocking_children[idx];
if (NULL == cp)
continue;
scseen = cp->resp_ready_seen;
scdone = cp->resp_ready_done;
if (scdone != scseen) {
cp->resp_ready_done = scseen;
process_blocking_resp(cp);
}
}
}
}
/*
* blocking_child_common runs as a forked child or a thread

15
contrib/ntp/libntp/systime.c
View File

@ -323,9 +323,18 @@ adj_systime(
else
quant = 1e-6;
ticks = (long)(dtemp / quant + .5);
adjtv.tv_usec = (long)(ticks * quant * 1e6);
dtemp -= adjtv.tv_usec / 1e6;
sys_residual = dtemp;
adjtv.tv_usec = (long)(ticks * quant * 1.e6 + .5);
/* The rounding in the conversions could us push over the
* limits: make sure the result is properly normalised!
* note: sign comes later, all numbers non-negative here.
*/
if (adjtv.tv_usec >= 1000000) {
adjtv.tv_sec += 1;
adjtv.tv_usec -= 1000000;
dtemp -= 1.;
}
/* set the new residual with leftover from correction */
sys_residual = dtemp - adjtv.tv_usec * 1.e-6;
/*
* Convert to signed seconds and microseconds for the Unix

74
contrib/ntp/libntp/work_thread.c
View File

@ -25,12 +25,37 @@
#define CHILD_EXIT_REQ ((blocking_pipe_header *)(intptr_t)-1)
#define CHILD_GONE_RESP CHILD_EXIT_REQ
/* Queue size increments:
* The request queue grows a bit faster than the response queue -- the
* deamon can push requests and pull results faster on avarage than the
* worker can process requests and push results... If this really pays
* off is debatable.
*/
#define WORKITEMS_ALLOC_INC 16
#define RESPONSES_ALLOC_INC 4
/* Fiddle with min/max stack sizes. 64kB minimum seems to work, so we
* set the maximum to 256kB. If the minimum goes below the
* system-defined minimum stack size, we have to adjust accordingly.
*/
#ifndef THREAD_MINSTACKSIZE
#define THREAD_MINSTACKSIZE (64U * 1024)
# define THREAD_MINSTACKSIZE (64U * 1024)
#endif
#ifndef __sun
#if defined(PTHREAD_STACK_MIN) && THREAD_MINSTACKSIZE < PTHREAD_STACK_MIN
# undef THREAD_MINSTACKSIZE
# define THREAD_MINSTACKSIZE PTHREAD_STACK_MIN
#endif
#endif
#ifndef THREAD_MAXSTACKSIZE
# define THREAD_MAXSTACKSIZE (256U * 1024)
#endif
#if THREAD_MAXSTACKSIZE < THREAD_MINSTACKSIZE
# undef THREAD_MAXSTACKSIZE
# define THREAD_MAXSTACKSIZE THREAD_MINSTACKSIZE
#endif
#ifdef SYS_WINNT
@ -148,15 +173,19 @@ ensure_workitems_empty_slot(
size_t new_alloc;
size_t slots_used;
size_t sidx;
slots_used = c->head_workitem - c->tail_workitem;
if (slots_used >= c->workitems_alloc) {
new_alloc = c->workitems_alloc + WORKITEMS_ALLOC_INC;
c->workitems = erealloc(c->workitems, new_alloc * each);
for (sidx = c->workitems_alloc; sidx < new_alloc; ++sidx)
c->workitems[sidx] = NULL;
c->tail_workitem = 0;
c->head_workitem = c->workitems_alloc;
c->workitems_alloc = new_alloc;
}
INSIST(NULL == c->workitems[c->head_workitem % c->workitems_alloc]);
return (0 == slots_used);
}
@ -180,15 +209,19 @@ ensure_workresp_empty_slot(
size_t new_alloc;
size_t slots_used;
size_t sidx;
slots_used = c->head_response - c->tail_response;
if (slots_used >= c->responses_alloc) {
new_alloc = c->responses_alloc + RESPONSES_ALLOC_INC;
c->responses = erealloc(c->responses, new_alloc * each);
for (sidx = c->responses_alloc; sidx < new_alloc; ++sidx)
c->responses[sidx] = NULL;
c->tail_response = 0;
c->head_response = c->responses_alloc;
c->responses_alloc = new_alloc;
}
INSIST(NULL == c->responses[c->head_response % c->responses_alloc]);
return (0 == slots_used);
}
@ -478,11 +511,11 @@ start_blocking_thread_internal(
# endif
pthread_attr_t thr_attr;
int rc;
int saved_errno;
int pipe_ends[2]; /* read then write */
int is_pipe;
int flags;
size_t stacksize;
size_t ostacksize;
size_t nstacksize;
sigset_t saved_sig_mask;
c->thread_ref = NULL;
@ -522,21 +555,29 @@ start_blocking_thread_internal(
pthread_attr_setdetachstate(&thr_attr, PTHREAD_CREATE_DETACHED);
#if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \
defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE)
rc = pthread_attr_getstacksize(&thr_attr, &stacksize);
if (-1 == rc) {
rc = pthread_attr_getstacksize(&thr_attr, &ostacksize);
if (0 != rc) {
msyslog(LOG_ERR,
"start_blocking_thread: pthread_attr_getstacksize %m");
} else if (stacksize < THREAD_MINSTACKSIZE) {
rc = pthread_attr_setstacksize(&thr_attr,
THREAD_MINSTACKSIZE);
if (-1 == rc)
"start_blocking_thread: pthread_attr_getstacksize() -> %s",
strerror(rc));
} else {
if (ostacksize < THREAD_MINSTACKSIZE)
nstacksize = THREAD_MINSTACKSIZE;
else if (ostacksize > THREAD_MAXSTACKSIZE)
nstacksize = THREAD_MAXSTACKSIZE;
else
nstacksize = ostacksize;
if (nstacksize != ostacksize)
rc = pthread_attr_setstacksize(&thr_attr, nstacksize);
if (0 != rc)
msyslog(LOG_ERR,
"start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) %m",
(u_long)stacksize,
(u_long)THREAD_MINSTACKSIZE);
"start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) -> %s",
(u_long)ostacksize, (u_long)nstacksize,
strerror(rc));
}
#else
UNUSED_ARG(stacksize);
UNUSED_ARG(nstacksize);
UNUSED_ARG(ostacksize);
#endif
#if defined(PTHREAD_SCOPE_SYSTEM) && defined(NEED_PTHREAD_SCOPE_SYSTEM)
pthread_attr_setscope(&thr_attr, PTHREAD_SCOPE_SYSTEM);
@ -545,12 +586,11 @@ start_blocking_thread_internal(
block_thread_signals(&saved_sig_mask);
rc = pthread_create(&c->thr_table[0], &thr_attr,
&blocking_thread, c);
saved_errno = errno;
pthread_sigmask(SIG_SETMASK, &saved_sig_mask, NULL);
pthread_attr_destroy(&thr_attr);
if (0 != rc) {
errno = saved_errno;
msyslog(LOG_ERR, "pthread_create() blocking child: %m");
msyslog(LOG_ERR, "start_blocking_thread: pthread_create() -> %s",
strerror(rc));
exit(1);
}
c->thread_ref = &c->thr_table[0];

67
contrib/ntp/ntpd/invoke-ntp.conf.texi
View File

@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntp.conf.texi)
#
# It has been AutoGen-ed January 7, 2016 at 11:30:49 PM by AutoGen 5.18.5
# It has been AutoGen-ed January 20, 2016 at 04:17:59 AM by AutoGen 5.18.5
# From the definitions ntp.conf.def
# and the template file agtexi-file.tpl
@end ignore
@ -2294,8 +2294,8 @@ otherwise, should be avoided.
@item @code{dscp} @kbd{value}
This option specifies the Differentiated Services Control Point (DSCP) value,
a 6-bit code. The default value is 46, signifying Expedited Forwarding.
@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]}
@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]}
@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]}
@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]}
Provides a way to enable or disable various server options.
Flags not mentioned are unaffected.
Note that all of these flags
@ -2367,6 +2367,67 @@ See the
section for further information.
The default for this flag is
@code{disable}.
@item @code{unpeer_crypto_early}
By default, if
@code{ntpd(1ntpdmdoc)}
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
@code{peerstats}
file for evidence of any of these attacks.
The
default for this flag is
@code{enable}.
@item @code{unpeer_crypto_nak_early}
By default, if
@code{ntpd(1ntpdmdoc)}
receives a crypto-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
@code{peerstats}
file for evidence of any of these attacks.
The
default for this flag is
@code{enable}.
@item @code{unpeer_digest_early}
By default, if
@code{ntpd(1ntpdmdoc)}
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
@code{peerstats}
file for evidence of any of these attacks.
The
default for this flag is
@code{enable}.
@end table
@item @code{includefile} @kbd{includefile}
This command allows additional configuration commands

14
contrib/ntp/ntpd/invoke-ntp.keys.texi
View File

@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntp.keys.texi)
#
# It has been AutoGen-ed January 7, 2016 at 11:30:52 PM by AutoGen 5.18.5
# It has been AutoGen-ed January 20, 2016 at 04:18:02 AM by AutoGen 5.18.5
# From the definitions ntp.keys.def
# and the template file agtexi-file.tpl
@end ignore
@ -37,7 +37,7 @@ as the configuration file.
Key entries use a fixed format of the form
@example
@kbd{keyno} @kbd{type} @kbd{key}
@kbd{keyno} @kbd{type} @kbd{key} @kbd{opt_IP_list}
@end example
where
@ -47,7 +47,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
@kbd{key}
is the key itself.
is the key itself, and
@kbd{opt_IP_list}
is an optional comma-separated list of IPs
that are allowed to serve time.
If
@kbd{opt_IP_list}
is empty,
any properly-authenticated server message will be
accepted.
The
@kbd{key}

4
contrib/ntp/ntpd/invoke-ntpd.texi
View File

@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntpd.texi)
#
# It has been AutoGen-ed January 7, 2016 at 11:30:54 PM by AutoGen 5.18.5
# It has been AutoGen-ed January 20, 2016 at 04:18:04 AM by AutoGen 5.18.5
# From the definitions ntpd-opts.def
# and the template file agtexi-cmd.tpl
@end ignore
@ -142,7 +142,7 @@ with a status code of 0.
@exampleindent 0
@example
ntpd - NTP daemon program - Ver. 4.2.8p5
ntpd - NTP daemon program - Ver. 4.2.8p6
Usage: ntpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... \
[ <server1> ... <serverN> ]
Flg Arg Option-Name Description

2
contrib/ntp/ntpd/keyword-gen-utd
View File

@ -1 +1 @@
* Generated 2015-06-25 03:57:00 UTC diff_ignore_line
* Generated 2016-01-16 08:33:03 UTC diff_ignore_line

3
contrib/ntp/ntpd/keyword-gen.c
View File

@ -202,6 +202,9 @@ struct key_tok ntp_keywords[] = {
{ "ntp", T_Ntp, FOLLBY_TOKEN },
{ "mode7", T_Mode7, FOLLBY_TOKEN },
{ "stats", T_Stats, FOLLBY_TOKEN },
{ "unpeer_crypto_early", T_UEcrypto, FOLLBY_TOKEN },
{ "unpeer_crypto_nak_early", T_UEcryptonak, FOLLBY_TOKEN },
{ "unpeer_digest_early", T_UEdigest, FOLLBY_TOKEN },
/* rlimit_option */
{ "memlock", T_Memlock, FOLLBY_TOKEN },
{ "stacksize", T_Stacksize, FOLLBY_TOKEN },

76
contrib/ntp/ntpd/ntp.conf.5man
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntp.conf 5man "07 Jan 2016" "4.2.8p5" "File Formats"
.TH ntp.conf 5man "20 Jan 2016" "4.2.8p6" "File Formats"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5
.\" From the definitions ntp.conf.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -2573,9 +2573,9 @@ otherwise, should be avoided.
This option specifies the Differentiated Services Control Point (DSCP) value,
a 6-bit code. The default value is 46, signifying Expedited Forwarding.
.TP 7
.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
.TP 7
.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
Provides a way to enable or disable various server options.
Flags not mentioned are unaffected.
Note that all of these flags
@ -2655,6 +2655,70 @@ See the
section for further information.
The default for this flag is
\f\*[B-Font]disable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_crypto_early\f[]
By default, if
\fCntpd\f[]\fR(1ntpdmdoc)\f[]
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[]
By default, if
\fCntpd\f[]\fR(1ntpdmdoc)\f[]
receives a crypto-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_digest_early\f[]
By default, if
\fCntpd\f[]\fR(1ntpdmdoc)\f[]
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.RE
.TP 7
.NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[]
@ -3027,7 +3091,7 @@ RFC5905
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The syntax checking is not picky; some combinations of

77
contrib/ntp/ntpd/ntp.conf.5mdoc
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTP_CONF 5mdoc File Formats
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:57 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5
.\" From the definitions ntp.conf.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -2393,16 +2393,18 @@ a 6\-bit code. The default value is 46, signifying Expedited Forwarding.
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
.It Xo Ic disable
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
Provides a way to enable or disable various server options.
@ -2476,6 +2478,67 @@ See the
section for further information.
The default for this flag is
.Ic disable .
.It Cm unpeer_crypto_early
By default, if
.Xr ntpd 1ntpdmdoc
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_crypto_nak_early
By default, if
.Xr ntpd 1ntpdmdoc
receives a crypto\-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto\-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_digest_early
By default, if
.Xr ntpd 1ntpdmdoc
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.El
.It Ic includefile Ar includefile
This command allows additional configuration commands
@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The syntax checking is not picky; some combinations of

71
contrib/ntp/ntpd/ntp.conf.def
View File

@ -2395,16 +2395,18 @@ a 6-bit code. The default value is 46, signifying Expedited Forwarding.
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
.It Xo Ic disable
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
Provides a way to enable or disable various server options.
@ -2478,6 +2480,67 @@ See the
section for further information.
The default for this flag is
.Ic disable .
.It Cm unpeer_crypto_early
By default, if
.Xr ntpd 1ntpdmdoc
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_crypto_nak_early
By default, if
.Xr ntpd 1ntpdmdoc
receives a crypto-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_digest_early
By default, if
.Xr ntpd 1ntpdmdoc
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.El
.It Ic includefile Ar includefile
This command allows additional configuration commands

62
contrib/ntp/ntpd/ntp.conf.html
View File

@ -33,7 +33,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
<p>This document describes the configuration file for the NTP Project's
<code>ntpd</code> program.
<p>This document applies to version 4.2.8p5 of <code>ntp.conf</code>.
<p>This document applies to version 4.2.8p6 of <code>ntp.conf</code>.
<div class="shortcontents">
<h2>Short Contents</h2>
@ -2288,7 +2288,7 @@ drift file is located in, and that file system links, symbolic or
otherwise, should be avoided.
<br><dt><code>dscp</code> <kbd>value</kbd><dd>This option specifies the Differentiated Services Control Point (DSCP) value,
a 6-bit code. The default value is 46, signifying Expedited Forwarding.
<br><dt><code>enable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><br><dt><code>disable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><dd>Provides a way to enable or disable various server options.
<br><dt><code>enable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</code><br><dt><code>disable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</code><dd>Provides a way to enable or disable various server options.
Flags not mentioned are unaffected.
Note that all of these flags
can be controlled remotely using the
@ -2351,6 +2351,64 @@ See the
section for further information.
The default for this flag is
<code>disable</code>.
<br><dt><code>unpeer_crypto_early</code><dd>By default, if
<code>ntpd(1ntpdmdoc)</code>
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
<code>peerstats</code>
file for evidence of any of these attacks.
The
default for this flag is
<code>enable</code>.
<br><dt><code>unpeer_crypto_nak_early</code><dd>By default, if
<code>ntpd(1ntpdmdoc)</code>
receives a crypto-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
<code>peerstats</code>
file for evidence of any of these attacks.
The
default for this flag is
<code>enable</code>.
<br><dt><code>unpeer_digest_early</code><dd>By default, if
<code>ntpd(1ntpdmdoc)</code>
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
<code>peerstats</code>
file for evidence of any of these attacks.
The
default for this flag is
<code>enable</code>.
</dl>
<br><dt><code>includefile</code> <kbd>includefile</kbd><dd>This command allows additional configuration commands
to be included from a separate file.

76
contrib/ntp/ntpd/ntp.conf.man.in
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntp.conf 5 "07 Jan 2016" "4.2.8p5" "File Formats"
.TH ntp.conf 5 "20 Jan 2016" "4.2.8p6" "File Formats"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5
.\" From the definitions ntp.conf.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -2573,9 +2573,9 @@ otherwise, should be avoided.
This option specifies the Differentiated Services Control Point (DSCP) value,
a 6-bit code. The default value is 46, signifying Expedited Forwarding.
.TP 7
.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
.TP 7
.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
Provides a way to enable or disable various server options.
Flags not mentioned are unaffected.
Note that all of these flags
@ -2655,6 +2655,70 @@ See the
section for further information.
The default for this flag is
\f\*[B-Font]disable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_crypto_early\f[]
By default, if
\fCntpd\f[]\fR(@NTPD_MS@)\f[]
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[]
By default, if
\fCntpd\f[]\fR(@NTPD_MS@)\f[]
receives a crypto-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.TP 7
.NOP \f\*[B-Font]unpeer_digest_early\f[]
By default, if
\fCntpd\f[]\fR(@NTPD_MS@)\f[]
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
\f\*[B-Font]peerstats\f[]
file for evidence of any of these attacks.
The
default for this flag is
\f\*[B-Font]enable\f[].
.RE
.TP 7
.NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[]
@ -3027,7 +3091,7 @@ RFC5905
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The syntax checking is not picky; some combinations of

77
contrib/ntp/ntpd/ntp.conf.mdoc.in
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTP_CONF 5 File Formats
.Os
.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:57 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5
.\" From the definitions ntp.conf.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -2393,16 +2393,18 @@ a 6\-bit code. The default value is 46, signifying Expedited Forwarding.
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
.It Xo Ic disable
.Oo
.Cm auth | Cm bclient |
.Cm calibrate | Cm kernel |
.Cm mode7 | monitor |
.Cm ntp | Cm stats
.Cm mode7 | Cm monitor |
.Cm ntp | Cm stats |
.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
.Oc
.Xc
Provides a way to enable or disable various server options.
@ -2476,6 +2478,67 @@ See the
section for further information.
The default for this flag is
.Ic disable .
.It Cm unpeer_crypto_early
By default, if
.Xr ntpd @NTPD_MS@
receives an autokey packet that fails TEST9,
a crypto failure,
the association is immediately cleared.
This is almost certainly a feature,
but if, in spite of the current recommendation of not using autokey,
you are
.B still
using autokey
.B and
you are seeing this sort of DoS attack
disabling this flag will delay
tearing down the association until the reachability counter
becomes zero.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_crypto_nak_early
By default, if
.Xr ntpd @NTPD_MS@
receives a crypto\-NAK packet that
passes the duplicate packet and origin timestamp checks
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery if a server key has changed,
a properly forged and appropriately delivered crypto\-NAK packet
can be used in a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.It Cm unpeer_digest_early
By default, if
.Xr ntpd @NTPD_MS@
receives what should be an authenticated packet
that passes other packet sanity checks but
contains an invalid digest
the association is immediately cleared.
While this is generally a feature
as it allows for quick recovery,
if this type of packet is carefully forged and sent
during an appropriate window it can be used for a DoS attack.
If you have active noticable problems with this type of DoS attack
then you should consider
disabling this option.
You can check your
.Cm peerstats
file for evidence of any of these attacks.
The
default for this flag is
.Ic enable .
.El
.It Ic includefile Ar includefile
This command allows additional configuration commands
@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The syntax checking is not picky; some combinations of

18
contrib/ntp/ntpd/ntp.keys.5man
View File

@ -1,8 +1,8 @@
.TH ntp.keys 5man "07 Jan 2016" "4.2.8p5" "File Formats"
.TH ntp.keys 5man "20 Jan 2016" "4.2.8p6" "File Formats"
.\"
.\" EDIT THIS FILE WITH CAUTION (ntp.man)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
.\" From the definitions ntp.keys.def
.\" and the template file agman-file.tpl
.Sh NAME
@ -66,7 +66,7 @@ Key entries use a fixed format of the form
.ne 2
.in +4
\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
.in -4
.sp \n(Ppu
.ne 2
@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
\f\*[I-Font]key\f[]
is the key itself.
is the key itself, and
\f\*[I-Font]opt_IP_list\f[]
is an optional comma-separated list of IPs
that are allowed to serve time.
If
\f\*[I-Font]opt_IP_list\f[]
is empty,
any properly-authenticated server message will be
accepted.
.sp \n(Ppu
.ne 2
@ -160,7 +168,7 @@ the default name of the configuration file
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

18
contrib/ntp/ntpd/ntp.keys.5mdoc
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTP_KEYS 5mdoc File Formats
.Os SunOS 5.10
.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:00 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5
.\" From the definitions ntp.keys.def
.\" and the template file agmdoc-file.tpl
.Sh NAME
@ -44,7 +44,7 @@ The key file uses the same comment conventions
as the configuration file.
Key entries use a fixed format of the form
.Pp
.D1 Ar keyno type key
.D1 Ar keyno type key opt_IP_list
.Pp
where
.Ar keyno
@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
.Ar key
is the key itself.
is the key itself, and
.Ar opt_IP_list
is an optional comma\-separated list of IPs
that are allowed to serve time.
If
.Ar opt_IP_list
is empty,
any properly\-authenticated server message will be
accepted.
.Pp
The
.Ar key
@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you.
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

12
contrib/ntp/ntpd/ntp.keys.def
View File

@ -43,7 +43,7 @@ The key file uses the same comment conventions
as the configuration file.
Key entries use a fixed format of the form
.Pp
.D1 Ar keyno type key
.D1 Ar keyno type key opt_IP_list
.Pp
where
.Ar keyno
@ -52,7 +52,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
.Ar key
is the key itself.
is the key itself, and
.Ar opt_IP_list
is an optional comma-separated list of IPs
that are allowed to serve time.
If
.Ar opt_IP_list
is empty,
any properly-authenticated server message will be
accepted.
.Pp
The
.Ar key

14
contrib/ntp/ntpd/ntp.keys.html
View File

@ -33,7 +33,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
<p>This document describes the symmetric key file for the NTP Project's
<code>ntpd</code> program.
<p>This document applies to version 4.2.8p5 of <code>ntp.keys</code>.
<p>This document applies to version 4.2.8p6 of <code>ntp.keys</code>.
<div class="shortcontents">
<h2>Short Contents</h2>
@ -93,7 +93,7 @@ may be arbitrarily set in the keys file.
as the configuration file.
Key entries use a fixed format of the form
<pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd>
<pre class="example"> <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd>
</pre>
<p>where
<kbd>keyno</kbd>
@ -102,7 +102,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
<kbd>key</kbd>
is the key itself.
is the key itself, and
<kbd>opt_IP_list</kbd>
is an optional comma-separated list of IPs
that are allowed to serve time.
If
<kbd>opt_IP_list</kbd>
is empty,
any properly-authenticated server message will be
accepted.
<p>The
<kbd>key</kbd>

18
contrib/ntp/ntpd/ntp.keys.man.in
View File

@ -1,8 +1,8 @@
.TH ntp.keys 5 "07 Jan 2016" "4.2.8p5" "File Formats"
.TH ntp.keys 5 "20 Jan 2016" "4.2.8p6" "File Formats"
.\"
.\" EDIT THIS FILE WITH CAUTION (ntp.man)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:41 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
.\" From the definitions ntp.keys.def
.\" and the template file agman-file.tpl
.Sh NAME
@ -66,7 +66,7 @@ Key entries use a fixed format of the form
.ne 2
.in +4
\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
.in -4
.sp \n(Ppu
.ne 2
@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
\f\*[I-Font]key\f[]
is the key itself.
is the key itself, and
\f\*[I-Font]opt_IP_list\f[]
is an optional comma-separated list of IPs
that are allowed to serve time.
If
\f\*[I-Font]opt_IP_list\f[]
is empty,
any properly-authenticated server message will be
accepted.
.sp \n(Ppu
.ne 2
@ -160,7 +168,7 @@ the default name of the configuration file
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

18
contrib/ntp/ntpd/ntp.keys.mdoc.in
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTP_KEYS 5 File Formats
.Os SunOS 5.10
.\" EDIT THIS FILE WITH CAUTION (ntp.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:00 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5
.\" From the definitions ntp.keys.def
.\" and the template file agmdoc-file.tpl
.Sh NAME
@ -44,7 +44,7 @@ The key file uses the same comment conventions
as the configuration file.
Key entries use a fixed format of the form
.Pp
.D1 Ar keyno type key
.D1 Ar keyno type key opt_IP_list
.Pp
where
.Ar keyno
@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534),
is the message digest algorithm,
and
.Ar key
is the key itself.
is the key itself, and
.Ar opt_IP_list
is an optional comma\-separated list of IPs
that are allowed to serve time.
If
.Ar opt_IP_list
is empty,
any properly\-authenticated server message will be
accepted.
.Pp
The
.Ar key
@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you.
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

14
contrib/ntp/ntpd/ntp_config.c
View File

@ -53,6 +53,8 @@
#include "ntp_parser.h"
#include "ntpd-opts.h"
extern int yyparse(void);
/* Bug 2817 */
#if defined(HAVE_SYS_MMAN_H)
# include <sys/mman.h>
@ -2981,6 +2983,18 @@ apply_enable_disable(
proto_config(PROTO_FILEGEN, enable, 0., NULL);
break;
case T_UEcrypto:
proto_config(PROTO_UECRYPTO, enable, 0., NULL);
break;
case T_UEcryptonak:
proto_config(PROTO_UECRYPTONAK, enable, 0., NULL);
break;
case T_UEdigest:
proto_config(PROTO_UEDIGEST, enable, 0., NULL);
break;
#ifdef BC_LIST_FRAMEWORK_NOT_YET_USED
case T_Bc_bugXXXX:
pentry = bc_list;

221
contrib/ntp/ntpd/ntp_control.c
View File

@ -75,6 +75,7 @@ static void ctl_putarray (const char *, double *, int);
static void ctl_putsys (int);
static void ctl_putpeer (int, struct peer *);
static void ctl_putfs (const char *, tstamp_t);
static void ctl_printf (const char *, ...) NTP_PRINTF(1, 2);
#ifdef REFCLOCK
static void ctl_putclock (int, struct refclockstat *, int);
#endif /* REFCLOCK */
@ -111,6 +112,8 @@ static void unset_trap (struct recvbuf *, int);
static struct ctl_trap *ctlfindtrap(sockaddr_u *,
struct interface *);
int/*BOOL*/ is_safe_filename(const char * name);
static const struct ctl_proc control_codes[] = {
{ CTL_OP_UNSPEC, NOAUTH, control_unspec },
{ CTL_OP_READSTAT, NOAUTH, read_status },
@ -873,10 +876,66 @@ ctl_error(
CTL_HEADER_LEN);
}
int/*BOOL*/
is_safe_filename(const char * name)
{
/* We need a strict validation of filenames we should write: The
* daemon might run with special permissions and is remote
* controllable, so we better take care what we allow as file
* name!
*
* The first character must be digit or a letter from the ASCII
* base plane or a '_' ([_A-Za-z0-9]), the following characters
* must be from [-._+A-Za-z0-9].
*
* We do not trust the character classification much here: Since
* the NTP protocol makes no provisions for UTF-8 or local code
* pages, we strictly require the 7bit ASCII code page.
*
* The following table is a packed bit field of 128 two-bit
* groups. The LSB in each group tells us if a character is
* acceptable at the first position, the MSB if the character is
* accepted at any other position.
*
* This does not ensure that the file name is syntactically
* correct (multiple dots will not work with VMS...) but it will
* exclude potential globbing bombs and directory traversal. It
* also rules out drive selection. (For systems that have this
* notion, like Windows or VMS.)
*/
static const uint32_t chclass[8] = {
0x00000000, 0x00000000,
0x28800000, 0x000FFFFF,
0xFFFFFFFC, 0xC03FFFFF,
0xFFFFFFFC, 0x003FFFFF
};
u_int widx, bidx, mask;
if (!*name)
return FALSE;
mask = 1u;
while (0 != (widx = (u_char)*name++)) {
bidx = (widx & 15) << 1;
widx = widx >> 4;
if (widx >= sizeof(chclass))
return FALSE;
if (0 == ((chclass[widx] >> bidx) & mask))
return FALSE;
mask |= 2u;
}
return TRUE;
}
/*
* save_config - Implements ntpq -c "saveconfig <filename>"
* Writes current configuration including any runtime
* changes by ntpq's :config or config-from-file
*
* Note: There should be no buffer overflow or truncation in the
* processing of file names -- both cause security problems. This is bit
* painful to code but essential here.
*/
void
save_config(
@ -904,24 +963,38 @@ save_config(
"\\/" /* separator and critical char for POSIX */
#endif
;
char reply[128];
#ifdef SAVECONFIG
static const char savedconfig_eq[] = "savedconfig=";
/* Build a safe open mode from the available mode flags. We want
* to create a new file and write it in text mode (when
* applicable -- only Windows does this...)
*/
static const int openmode = O_CREAT | O_TRUNC | O_WRONLY
# if defined(O_EXCL) /* posix, vms */
| O_EXCL
# elif defined(_O_EXCL) /* windows is alway very special... */
| _O_EXCL
# endif
# if defined(_O_TEXT) /* windows, again */
| _O_TEXT
#endif
;
char filespec[128];
char filename[128];
char fullpath[512];
const char savedconfig_eq[] = "savedconfig=";
char savedconfig[sizeof(savedconfig_eq) + sizeof(filename)];
time_t now;
int fd;
FILE *fptr;
int prc;
size_t reqlen;
#endif
if (RES_NOMODIFY & restrict_mask) {
snprintf(reply, sizeof(reply),
"saveconfig prohibited by restrict ... nomodify");
ctl_putdata(reply, strlen(reply), 0);
ctl_printf("%s", "saveconfig prohibited by restrict ... nomodify");
ctl_flushpkt(0);
NLOG(NLOG_SYSINFO)
msyslog(LOG_NOTICE,
@ -933,9 +1006,7 @@ save_config(
#ifdef SAVECONFIG
if (NULL == saveconfigdir) {
snprintf(reply, sizeof(reply),
"saveconfig prohibited, no saveconfigdir configured");
ctl_putdata(reply, strlen(reply), 0);
ctl_printf("%s", "saveconfig prohibited, no saveconfigdir configured");
ctl_flushpkt(0);
NLOG(NLOG_SYSINFO)
msyslog(LOG_NOTICE,
@ -944,21 +1015,79 @@ save_config(
return;
}
if (0 == reqend - reqpt)
/* The length checking stuff gets serious. Do not assume a NUL
* byte can be found, but if so, use it to calculate the needed
* buffer size. If the available buffer is too short, bail out;
* likewise if there is no file spec. (The latter will not
* happen when using NTPQ, but there are other ways to craft a
* network packet!)
*/
reqlen = (size_t)(reqend - reqpt);
if (0 != reqlen) {
char * nulpos = (char*)memchr(reqpt, 0, reqlen);
if (NULL != nulpos)
reqlen = (size_t)(nulpos - reqpt);
}
if (0 == reqlen)
return;
if (reqlen >= sizeof(filespec)) {
ctl_printf("saveconfig exceeded maximum raw name length (%u)",
(u_int)sizeof(filespec));
ctl_flushpkt(0);
msyslog(LOG_NOTICE,
"saveconfig exceeded maximum raw name length from %s",
stoa(&rbufp->recv_srcadr));
return;
}
strlcpy(filespec, reqpt, sizeof(filespec));
time(&now);
/* copy data directly as we exactly know the size */
memcpy(filespec, reqpt, reqlen);
filespec[reqlen] = '\0';
/*
* allow timestamping of the saved config filename with
* strftime() format such as:
* ntpq -c "saveconfig ntp-%Y%m%d-%H%M%S.conf"
* XXX: Nice feature, but not too safe.
* YYY: The check for permitted characters in file names should
* weed out the worst. Let's hope 'strftime()' does not
* develop pathological problems.
*/
time(&now);
if (0 == strftime(filename, sizeof(filename), filespec,
localtime(&now)))
localtime(&now)))
{
/*
* If we arrive here, 'strftime()' balked; most likely
* the buffer was too short. (Or it encounterd an empty
* format, or just a format that expands to an empty
* string.) We try to use the original name, though this
* is very likely to fail later if there are format
* specs in the string. Note that truncation cannot
* happen here as long as both buffers have the same
* size!
*/
strlcpy(filename, filespec, sizeof(filename));
}
/*
* Check the file name for sanity. This might/will rule out file
* names that would be legal but problematic, and it blocks
* directory traversal.
*/
if (!is_safe_filename(filename)) {
ctl_printf("saveconfig rejects unsafe file name '%s'",
filename);
ctl_flushpkt(0);
msyslog(LOG_NOTICE,
"saveconfig rejects unsafe file name from %s",
stoa(&rbufp->recv_srcadr));
return;
}
/*
* XXX: This next test may not be needed with is_safe_filename()
*/
/* block directory/drive traversal */
/* TALOS-CAN-0062: block directory traversal for VMS, too */
@ -968,38 +1097,49 @@ save_config(
ctl_putdata(reply, strlen(reply), 0);
ctl_flushpkt(0);
msyslog(LOG_NOTICE,
"saveconfig with path from %s rejected",
"saveconfig rejects unsafe file name from %s",
stoa(&rbufp->recv_srcadr));
return;
}
snprintf(fullpath, sizeof(fullpath), "%s%s",
saveconfigdir, filename);
/* concatenation of directory and path can cause another
* truncation...
*/
prc = snprintf(fullpath, sizeof(fullpath), "%s%s",
saveconfigdir, filename);
if (prc < 0 || prc >= sizeof(fullpath)) {
ctl_printf("saveconfig exceeded maximum path length (%u)",
(u_int)sizeof(fullpath));
ctl_flushpkt(0);
msyslog(LOG_NOTICE,
"saveconfig exceeded maximum path length from %s",
stoa(&rbufp->recv_srcadr));
return;
}
fd = open(fullpath, O_CREAT | O_TRUNC | O_WRONLY,
S_IRUSR | S_IWUSR);
fd = open(fullpath, openmode, S_IRUSR | S_IWUSR);
if (-1 == fd)
fptr = NULL;
else
fptr = fdopen(fd, "w");
if (NULL == fptr || -1 == dump_all_config_trees(fptr, 1)) {
snprintf(reply, sizeof(reply),
"Unable to save configuration to file %s",
filename);
ctl_printf("Unable to save configuration to file '%s': %m",
filename);
msyslog(LOG_ERR,
"saveconfig %s from %s failed", filename,
stoa(&rbufp->recv_srcadr));
} else {
snprintf(reply, sizeof(reply),
"Configuration saved to %s", filename);
ctl_printf("Configuration saved to '%s'", filename);
msyslog(LOG_NOTICE,
"Configuration saved to %s (requested by %s)",
"Configuration saved to '%s' (requested by %s)",
fullpath, stoa(&rbufp->recv_srcadr));
/*
* save the output filename in system variable
* savedconfig, retrieved with:
* ntpq -c "rv 0 savedconfig"
* Note: the way 'savedconfig' is defined makes overflow
* checks unnecessary here.
*/
snprintf(savedconfig, sizeof(savedconfig), "%s%s",
savedconfig_eq, filename);
@ -1009,11 +1149,9 @@ save_config(
if (NULL != fptr)
fclose(fptr);
#else /* !SAVECONFIG follows */
snprintf(reply, sizeof(reply),
"saveconfig unavailable, configured with --disable-saveconfig");
#endif
ctl_putdata(reply, strlen(reply), 0);
ctl_printf("%s",
"saveconfig unavailable, configured with --disable-saveconfig");
#endif
ctl_flushpkt(0);
}
@ -1757,6 +1895,29 @@ ctl_putarray(
ctl_putdata(buffer, (unsigned)(cp - buffer), 0);
}
/*
* ctl_printf - put a formatted string into the data buffer
*/
static void
ctl_printf(
const char * fmt,
...
)
{
static const char * ellipsis = "[...]";
va_list va;
char fmtbuf[128];
int rc;
va_start(va, fmt);
rc = vsnprintf(fmtbuf, sizeof(fmtbuf), fmt, va);
va_end(va);
if (rc < 0 || rc >= sizeof(fmtbuf))
strcpy(fmtbuf + sizeof(fmtbuf) - strlen(ellipsis) - 1,
ellipsis);
ctl_putdata(fmtbuf, strlen(fmtbuf), 0);
}
/*
* ctl_putsys - output a system variable

2
contrib/ntp/ntpd/ntp_crypto.c
View File

@ -269,7 +269,7 @@ session_key(
memcpy(&keyid, dgst, 4);
keyid = ntohl(keyid);
if (lifetime != 0) {
MD5auth_setkey(keyno, crypto_nid, dgst, len);
MD5auth_setkey(keyno, crypto_nid, dgst, len, NULL);
authtrust(keyno, lifetime);
}
DPRINTF(2, ("session_key: %s > %s %08x %08x hash %08x life %lu\n",

367
contrib/ntp/ntpd/ntp_io.c
View File

@ -62,6 +62,9 @@
# endif
#endif
#if defined(HAVE_SIGNALED_IO) && defined(DEBUG_TIMING)
# undef DEBUG_TIMING
#endif
/*
* setsockopt does not always have the same arg declaration
@ -280,9 +283,12 @@ static int addr_samesubnet (const sockaddr_u *, const sockaddr_u *,
const sockaddr_u *, const sockaddr_u *);
static int create_sockets (u_short);
static SOCKET open_socket (sockaddr_u *, int, int, endpt *);
static char * fdbits (int, fd_set *);
static void set_reuseaddr (int);
static isc_boolean_t socket_broadcast_enable (struct interface *, SOCKET, sockaddr_u *);
#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO)
static char * fdbits (int, const fd_set *);
#endif
#ifdef OS_MISSES_SPECIFIC_ROUTE_UPDATES
static isc_boolean_t socket_broadcast_disable (struct interface *, sockaddr_u *);
#endif
@ -337,12 +343,15 @@ static int cmp_addr_distance(const sockaddr_u *,
#if !defined(HAVE_IO_COMPLETION_PORT)
static inline int read_network_packet (SOCKET, struct interface *, l_fp);
static void ntpd_addremove_io_fd (int, int, int);
static input_handler_t input_handler;
static void input_handler_scan (const l_fp*, const fd_set*);
static int/*BOOL*/ sanitize_fdset (int errc);
#ifdef REFCLOCK
static inline int read_refclock_packet (SOCKET, struct refclockio *, l_fp);
#endif
#ifdef HAVE_SIGNALED_IO
static void input_handler (l_fp*);
#endif
#endif
#ifndef HAVE_IO_COMPLETION_PORT
@ -455,11 +464,9 @@ init_io(void)
addremove_io_fd = &ntpd_addremove_io_fd;
#endif
#ifdef SYS_WINNT
#if defined(SYS_WINNT)
init_io_completion_port();
#endif
#if defined(HAVE_SIGNALED_IO)
#elif defined(HAVE_SIGNALED_IO)
(void) set_signal(input_handler);
#endif
}
@ -475,7 +482,8 @@ ntpd_addremove_io_fd(
UNUSED_ARG(is_pipe);
#ifdef HAVE_SIGNALED_IO
init_socket_sig(fd);
if (!remove_it)
init_socket_sig(fd);
#endif /* not HAVE_SIGNALED_IO */
maintain_activefds(fd, remove_it);
@ -716,78 +724,6 @@ addr_samesubnet(
}
/*
* Code to tell if we have an IP address
* If we have then return the sockaddr structure
* and set the return value
* see the bind9/getaddresses.c for details
*/
int
is_ip_address(
const char * host,
u_short af,
sockaddr_u * addr
)
{
struct in_addr in4;
struct addrinfo hints;
struct addrinfo *result;
struct sockaddr_in6 *resaddr6;
char tmpbuf[128];
char *pch;
REQUIRE(host != NULL);
REQUIRE(addr != NULL);
ZERO_SOCK(addr);
/*
* Try IPv4, then IPv6. In order to handle the extended format
* for IPv6 scoped addresses (address%scope_ID), we'll use a local
* working buffer of 128 bytes. The length is an ad-hoc value, but
* should be enough for this purpose; the buffer can contain a string
* of at least 80 bytes for scope_ID in addition to any IPv6 numeric
* addresses (up to 46 bytes), the delimiter character and the
* terminating NULL character.
*/
if (AF_UNSPEC == af || AF_INET == af)
if (inet_pton(AF_INET, host, &in4) == 1) {
AF(addr) = AF_INET;
SET_ADDR4N(addr, in4.s_addr);
return TRUE;
}
if (AF_UNSPEC == af || AF_INET6 == af)
if (sizeof(tmpbuf) > strlen(host)) {
if ('[' == host[0]) {
strlcpy(tmpbuf, &host[1], sizeof(tmpbuf));
pch = strchr(tmpbuf, ']');
if (pch != NULL)
*pch = '\0';
} else {
strlcpy(tmpbuf, host, sizeof(tmpbuf));
}
ZERO(hints);
hints.ai_family = AF_INET6;
hints.ai_flags |= AI_NUMERICHOST;
if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) {
AF(addr) = AF_INET6;
resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr);
SET_ADDR6N(addr, resaddr6->sin6_addr);
SET_SCOPE(addr, resaddr6->sin6_scope_id);
freeaddrinfo(result);
return TRUE;
}
}
/*
* If we got here it was not an IP address
*/
return FALSE;
}
/*
* interface list enumerator - visitor pattern
*/
@ -2354,6 +2290,7 @@ get_broadcastclient_flag(void)
{
return (broadcast_client_enabled);
}
/*
* Check to see if the address is a multicast address
*/
@ -3204,15 +3141,15 @@ sendpkt(
}
#if !defined(HAVE_IO_COMPLETION_PORT)
#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO)
/*
* fdbits - generate ascii representation of fd_set (FAU debug support)
* HFDF format - highest fd first.
*/
static char *
fdbits(
int count,
fd_set *set
int count,
const fd_set* set
)
{
static char buffer[256];
@ -3228,7 +3165,7 @@ fdbits(
return buffer;
}
#endif
#ifdef REFCLOCK
/*
@ -3265,7 +3202,7 @@ read_refclock_packet(
/* TALOS-CAN-0064: avoid signed/unsigned clashes that can lead
* to buffer overrun and memory corruption
*/
if (rp->datalen <= 0 || rp->datalen > sizeof(rb->recv_space))
if (rp->datalen <= 0 || (size_t)rp->datalen > sizeof(rb->recv_space))
read_count = sizeof(rb->recv_space);
else
read_count = (u_int)rp->datalen;
@ -3582,6 +3519,7 @@ io_handler(void)
* and - lacking a hardware reference clock - I have
* yet to learn about anything else that is.
*/
++handler_calls;
rdfdes = activefds;
# if !defined(VMS) && !defined(SYS_VXWORKS)
nfound = select(maxactivefd + 1, &rdfdes, NULL,
@ -3590,20 +3528,29 @@ io_handler(void)
/* make select() wake up after one second */
{
struct timeval t1;
t1.tv_sec = 1;
t1.tv_sec = 1;
t1.tv_usec = 0;
nfound = select(maxactivefd + 1,
&rdfdes, NULL, NULL,
&t1);
}
# endif /* VMS, VxWorks */
if (nfound < 0 && sanitize_fdset(errno)) {
struct timeval t1;
t1.tv_sec = 0;
t1.tv_usec = 0;
rdfdes = activefds;
nfound = select(maxactivefd + 1,
&rdfdes, NULL, NULL,
&t1);
}
if (nfound > 0) {
l_fp ts;
get_systime(&ts);
input_handler(&ts);
input_handler_scan(&ts, &rdfdes);
} else if (nfound == -1 && errno != EINTR) {
msyslog(LOG_ERR, "select() error: %m");
}
@ -3619,27 +3566,110 @@ io_handler(void)
# endif /* HAVE_SIGNALED_IO */
}
#ifdef HAVE_SIGNALED_IO
/*
* input_handler - receive packets asynchronously
*
* ALWAYS IN SIGNAL HANDLER CONTEXT -- only async-safe functions allowed!
*/
static void
static RETSIGTYPE
input_handler(
l_fp * cts
)
{
int buflen;
int n;
struct timeval tvzero;
fd_set fds;
++handler_calls;
/*
* Do a poll to see who has data
*/
fds = activefds;
tvzero.tv_sec = tvzero.tv_usec = 0;
n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero);
if (n < 0 && sanitize_fdset(errno)) {
fds = activefds;
tvzero.tv_sec = tvzero.tv_usec = 0;
n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero);
}
if (n > 0)
input_handler_scan(cts, &fds);
}
#endif /* HAVE_SIGNALED_IO */
/*
* Try to sanitize the global FD set
*
* SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise
*/
static int/*BOOL*/
sanitize_fdset(
int errc
)
{
int j, b, maxscan;
# ifndef HAVE_SIGNALED_IO
/*
* extended FAU debugging output
*/
if (errc != EINTR) {
msyslog(LOG_ERR,
"select(%d, %s, 0L, 0L, &0.0) error: %m",
maxactivefd + 1,
fdbits(maxactivefd, &activefds));
}
# endif
if (errc != EBADF)
return FALSE;
/* if we have oviously bad FDs, try to sanitize the FD set. */
for (j = 0, maxscan = 0; j <= maxactivefd; j++) {
if (FD_ISSET(j, &activefds)) {
if (-1 != read(j, &b, 0)) {
maxscan = j;
continue;
}
# ifndef HAVE_SIGNALED_IO
msyslog(LOG_ERR,
"Removing bad file descriptor %d from select set",
j);
# endif
FD_CLR(j, &activefds);
}
}
if (maxactivefd != maxscan)
maxactivefd = maxscan;
return TRUE;
}
/*
* scan the known FDs (clocks, servers, ...) for presence in a 'fd_set'.
*
* SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise
*/
static void
input_handler_scan(
const l_fp * cts,
const fd_set * pfds
)
{
int buflen;
u_int idx;
int doing;
SOCKET fd;
blocking_child *c;
struct timeval tvzero;
l_fp ts; /* Timestamp at BOselect() gob */
#ifdef DEBUG_TIMING
#if defined(DEBUG_TIMING)
l_fp ts_e; /* Timestamp at EOselect() gob */
#endif
fd_set fds;
size_t select_count;
endpt * ep;
#ifdef REFCLOCK
struct refclockio *rp;
@ -3651,99 +3681,43 @@ input_handler(
struct asyncio_reader * next_asyncio_reader;
#endif
handler_calls++;
select_count = 0;
/*
* If we have something to do, freeze a timestamp.
* See below for the other cases (nothing left to do or error)
*/
ts = *cts;
/*
* Do a poll to see who has data
*/
fds = activefds;
tvzero.tv_sec = tvzero.tv_usec = 0;
n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero);
/*
* If there are no packets waiting just return
*/
if (n < 0) {
int err = errno;
int j, b, prior;
/*
* extended FAU debugging output
*/
if (err != EINTR)
msyslog(LOG_ERR,
"select(%d, %s, 0L, 0L, &0.0) error: %m",
maxactivefd + 1,
fdbits(maxactivefd, &activefds));
if (err != EBADF)
goto ih_return;
for (j = 0, prior = 0; j <= maxactivefd; j++) {
if (FD_ISSET(j, &activefds)) {
if (-1 != read(j, &b, 0)) {
prior = j;
continue;
}
msyslog(LOG_ERR,
"Removing bad file descriptor %d from select set",
j);
FD_CLR(j, &activefds);
if (j == maxactivefd)
maxactivefd = prior;
}
}
goto ih_return;
}
else if (n == 0)
goto ih_return;
++handler_pkts;
ts = *cts;
#ifdef REFCLOCK
/*
* Check out the reference clocks first, if any
*/
if (refio != NULL) {
for (rp = refio; rp != NULL; rp = rp->next) {
fd = rp->fd;
if (!FD_ISSET(fd, &fds))
continue;
++select_count;
buflen = read_refclock_packet(fd, rp, ts);
/*
* The first read must succeed after select()
* indicates readability, or we've reached
* a permanent EOF. http://bugs.ntp.org/1732
* reported ntpd munching CPU after a USB GPS
* was unplugged because select was indicating
* EOF but ntpd didn't remove the descriptor
* from the activefds set.
*/
if (buflen < 0 && EAGAIN != errno) {
saved_errno = errno;
clk = refnumtoa(&rp->srcclock->srcadr);
errno = saved_errno;
msyslog(LOG_ERR, "%s read: %m", clk);
maintain_activefds(fd, TRUE);
} else if (0 == buflen) {
clk = refnumtoa(&rp->srcclock->srcadr);
msyslog(LOG_ERR, "%s read EOF", clk);
maintain_activefds(fd, TRUE);
} else {
/* drain any remaining refclock input */
do {
buflen = read_refclock_packet(fd, rp, ts);
} while (buflen > 0);
}
for (rp = refio; rp != NULL; rp = rp->next) {
fd = rp->fd;
if (!FD_ISSET(fd, pfds))
continue;
buflen = read_refclock_packet(fd, rp, ts);
/*
* The first read must succeed after select() indicates
* readability, or we've reached a permanent EOF.
* http://bugs.ntp.org/1732 reported ntpd munching CPU
* after a USB GPS was unplugged because select was
* indicating EOF but ntpd didn't remove the descriptor
* from the activefds set.
*/
if (buflen < 0 && EAGAIN != errno) {
saved_errno = errno;
clk = refnumtoa(&rp->srcclock->srcadr);
errno = saved_errno;
msyslog(LOG_ERR, "%s read: %m", clk);
maintain_activefds(fd, TRUE);
} else if (0 == buflen) {
clk = refnumtoa(&rp->srcclock->srcadr);
msyslog(LOG_ERR, "%s read EOF", clk);
maintain_activefds(fd, TRUE);
} else {
/* drain any remaining refclock input */
do {
buflen = read_refclock_packet(fd, rp, ts);
} while (buflen > 0);
}
}
#endif /* REFCLOCK */
@ -3762,9 +3736,8 @@ input_handler(
}
if (fd < 0)
continue;
if (FD_ISSET(fd, &fds))
if (FD_ISSET(fd, pfds))
do {
++select_count;
buflen = read_network_packet(
fd, ep, ts);
} while (buflen > 0);
@ -3781,10 +3754,8 @@ input_handler(
while (asyncio_reader != NULL) {
/* callback may unlink and free asyncio_reader */
next_asyncio_reader = asyncio_reader->link;
if (FD_ISSET(asyncio_reader->fd, &fds)) {
++select_count;
if (FD_ISSET(asyncio_reader->fd, pfds))
(*asyncio_reader->receiver)(asyncio_reader);
}
asyncio_reader = next_asyncio_reader;
}
#endif /* HAS_ROUTING_SOCKET */
@ -3796,26 +3767,14 @@ input_handler(
c = blocking_children[idx];
if (NULL == c || -1 == c->resp_read_pipe)
continue;
if (FD_ISSET(c->resp_read_pipe, &fds)) {
select_count++;
process_blocking_resp(c);
if (FD_ISSET(c->resp_read_pipe, pfds)) {
++c->resp_ready_seen;
++blocking_child_ready_seen;
}
}
/*
* Done everything from that select.
* If nothing to do, just return.
* If an error occurred, complain and return.
*/
if (select_count == 0) { /* We really had nothing to do */
#ifdef DEBUG
if (debug)
msyslog(LOG_DEBUG, "input_handler: select() returned 0");
#endif /* DEBUG */
goto ih_return;
}
/* We've done our work */
#ifdef DEBUG_TIMING
#if defined(DEBUG_TIMING)
get_systime(&ts_e);
/*
* (ts_e - ts) is the amount of time we spent
@ -3829,11 +3788,7 @@ input_handler(
"input_handler: Processed a gob of fd's in %s msec",
lfptoms(&ts_e, 6));
#endif /* DEBUG_TIMING */
/* We're done... */
ih_return:
return;
}
#endif /* !HAVE_IO_COMPLETION_PORT */
/*

971
contrib/ntp/ntpd/ntp_keyword.h
View File

File diff suppressed because it is too large Load Diff

3241
contrib/ntp/ntpd/ntp_parser.c
View File

File diff suppressed because it is too large Load Diff

488
contrib/ntp/ntpd/ntp_parser.h
View File

@ -1,19 +1,19 @@
/* A Bison parser, made by GNU Bison 3.0.2. */
/* A Bison parser, made by GNU Bison 2.7.12-4996. */
/* Bison interface for Yacc-like parsers in C
Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
@ -26,13 +26,13 @@
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
This special exception was added by the Free Software Foundation in
version 2.2 of Bison. */
#ifndef YY_YY__NTPD_NTP_PARSER_H_INCLUDED
# define YY_YY__NTPD_NTP_PARSER_H_INCLUDED
/* Debug traces. */
#ifndef YY_YY_NTP_PARSER_H_INCLUDED
# define YY_YY_NTP_PARSER_H_INCLUDED
/* Enabling traces. */
#ifndef YYDEBUG
# define YYDEBUG 1
#endif
@ -40,203 +40,207 @@
extern int yydebug;
#endif
/* Token type. */
/* Tokens. */
#ifndef YYTOKENTYPE
# define YYTOKENTYPE
enum yytokentype
{
T_Abbrev = 258,
T_Age = 259,
T_All = 260,
T_Allan = 261,
T_Allpeers = 262,
T_Auth = 263,
T_Autokey = 264,
T_Automax = 265,
T_Average = 266,
T_Bclient = 267,
T_Beacon = 268,
T_Broadcast = 269,
T_Broadcastclient = 270,
T_Broadcastdelay = 271,
T_Burst = 272,
T_Calibrate = 273,
T_Ceiling = 274,
T_Clockstats = 275,
T_Cohort = 276,
T_ControlKey = 277,
T_Crypto = 278,
T_Cryptostats = 279,
T_Ctl = 280,
T_Day = 281,
T_Default = 282,
T_Digest = 283,
T_Disable = 284,
T_Discard = 285,
T_Dispersion = 286,
T_Double = 287,
T_Driftfile = 288,
T_Drop = 289,
T_Dscp = 290,
T_Ellipsis = 291,
T_Enable = 292,
T_End = 293,
T_False = 294,
T_File = 295,
T_Filegen = 296,
T_Filenum = 297,
T_Flag1 = 298,
T_Flag2 = 299,
T_Flag3 = 300,
T_Flag4 = 301,
T_Flake = 302,
T_Floor = 303,
T_Freq = 304,
T_Fudge = 305,
T_Host = 306,
T_Huffpuff = 307,
T_Iburst = 308,
T_Ident = 309,
T_Ignore = 310,
T_Incalloc = 311,
T_Incmem = 312,
T_Initalloc = 313,
T_Initmem = 314,
T_Includefile = 315,
T_Integer = 316,
T_Interface = 317,
T_Intrange = 318,
T_Io = 319,
T_Ipv4 = 320,
T_Ipv4_flag = 321,
T_Ipv6 = 322,
T_Ipv6_flag = 323,
T_Kernel = 324,
T_Key = 325,
T_Keys = 326,
T_Keysdir = 327,
T_Kod = 328,
T_Mssntp = 329,
T_Leapfile = 330,
T_Leapsmearinterval = 331,
T_Limited = 332,
T_Link = 333,
T_Listen = 334,
T_Logconfig = 335,
T_Logfile = 336,
T_Loopstats = 337,
T_Lowpriotrap = 338,
T_Manycastclient = 339,
T_Manycastserver = 340,
T_Mask = 341,
T_Maxage = 342,
T_Maxclock = 343,
T_Maxdepth = 344,
T_Maxdist = 345,
T_Maxmem = 346,
T_Maxpoll = 347,
T_Mdnstries = 348,
T_Mem = 349,
T_Memlock = 350,
T_Minclock = 351,
T_Mindepth = 352,
T_Mindist = 353,
T_Minimum = 354,
T_Minpoll = 355,
T_Minsane = 356,
T_Mode = 357,
T_Mode7 = 358,
T_Monitor = 359,
T_Month = 360,
T_Mru = 361,
T_Multicastclient = 362,
T_Nic = 363,
T_Nolink = 364,
T_Nomodify = 365,
T_Nomrulist = 366,
T_None = 367,
T_Nonvolatile = 368,
T_Nopeer = 369,
T_Noquery = 370,
T_Noselect = 371,
T_Noserve = 372,
T_Notrap = 373,
T_Notrust = 374,
T_Ntp = 375,
T_Ntpport = 376,
T_NtpSignDsocket = 377,
T_Orphan = 378,
T_Orphanwait = 379,
T_Panic = 380,
T_Peer = 381,
T_Peerstats = 382,
T_Phone = 383,
T_Pid = 384,
T_Pidfile = 385,
T_Pool = 386,
T_Port = 387,
T_Preempt = 388,
T_Prefer = 389,
T_Protostats = 390,
T_Pw = 391,
T_Randfile = 392,
T_Rawstats = 393,
T_Refid = 394,
T_Requestkey = 395,
T_Reset = 396,
T_Restrict = 397,
T_Revoke = 398,
T_Rlimit = 399,
T_Saveconfigdir = 400,
T_Server = 401,
T_Setvar = 402,
T_Source = 403,
T_Stacksize = 404,
T_Statistics = 405,
T_Stats = 406,
T_Statsdir = 407,
T_Step = 408,
T_Stepback = 409,
T_Stepfwd = 410,
T_Stepout = 411,
T_Stratum = 412,
T_String = 413,
T_Sys = 414,
T_Sysstats = 415,
T_Tick = 416,
T_Time1 = 417,
T_Time2 = 418,
T_Timer = 419,
T_Timingstats = 420,
T_Tinker = 421,
T_Tos = 422,
T_Trap = 423,
T_True = 424,
T_Trustedkey = 425,
T_Ttl = 426,
T_Type = 427,
T_U_int = 428,
T_Unconfig = 429,
T_Unpeer = 430,
T_Version = 431,
T_WanderThreshold = 432,
T_Week = 433,
T_Wildcard = 434,
T_Xleave = 435,
T_Year = 436,
T_Flag = 437,
T_EOC = 438,
T_Simulate = 439,
T_Beep_Delay = 440,
T_Sim_Duration = 441,
T_Server_Offset = 442,
T_Duration = 443,
T_Freq_Offset = 444,
T_Wander = 445,
T_Jitter = 446,
T_Prop_Delay = 447,
T_Proc_Delay = 448
};
/* Put the tokens into the symbol table, so that GDB and other debuggers
know about them. */
enum yytokentype {
T_Abbrev = 258,
T_Age = 259,
T_All = 260,
T_Allan = 261,
T_Allpeers = 262,
T_Auth = 263,
T_Autokey = 264,
T_Automax = 265,
T_Average = 266,
T_Bclient = 267,
T_Beacon = 268,
T_Broadcast = 269,
T_Broadcastclient = 270,
T_Broadcastdelay = 271,
T_Burst = 272,
T_Calibrate = 273,
T_Ceiling = 274,
T_Clockstats = 275,
T_Cohort = 276,
T_ControlKey = 277,
T_Crypto = 278,
T_Cryptostats = 279,
T_Ctl = 280,
T_Day = 281,
T_Default = 282,
T_Digest = 283,
T_Disable = 284,
T_Discard = 285,
T_Dispersion = 286,
T_Double = 287,
T_Driftfile = 288,
T_Drop = 289,
T_Dscp = 290,
T_Ellipsis = 291,
T_Enable = 292,
T_End = 293,
T_False = 294,
T_File = 295,
T_Filegen = 296,
T_Filenum = 297,
T_Flag1 = 298,
T_Flag2 = 299,
T_Flag3 = 300,
T_Flag4 = 301,
T_Flake = 302,
T_Floor = 303,
T_Freq = 304,
T_Fudge = 305,
T_Host = 306,
T_Huffpuff = 307,
T_Iburst = 308,
T_Ident = 309,
T_Ignore = 310,
T_Incalloc = 311,
T_Incmem = 312,
T_Initalloc = 313,
T_Initmem = 314,
T_Includefile = 315,
T_Integer = 316,
T_Interface = 317,
T_Intrange = 318,
T_Io = 319,
T_Ipv4 = 320,
T_Ipv4_flag = 321,
T_Ipv6 = 322,
T_Ipv6_flag = 323,
T_Kernel = 324,
T_Key = 325,
T_Keys = 326,
T_Keysdir = 327,
T_Kod = 328,
T_Mssntp = 329,
T_Leapfile = 330,
T_Leapsmearinterval = 331,
T_Limited = 332,
T_Link = 333,
T_Listen = 334,
T_Logconfig = 335,
T_Logfile = 336,
T_Loopstats = 337,
T_Lowpriotrap = 338,
T_Manycastclient = 339,
T_Manycastserver = 340,
T_Mask = 341,
T_Maxage = 342,
T_Maxclock = 343,
T_Maxdepth = 344,
T_Maxdist = 345,
T_Maxmem = 346,
T_Maxpoll = 347,
T_Mdnstries = 348,
T_Mem = 349,
T_Memlock = 350,
T_Minclock = 351,
T_Mindepth = 352,
T_Mindist = 353,
T_Minimum = 354,
T_Minpoll = 355,
T_Minsane = 356,
T_Mode = 357,
T_Mode7 = 358,
T_Monitor = 359,
T_Month = 360,
T_Mru = 361,
T_Multicastclient = 362,
T_Nic = 363,
T_Nolink = 364,
T_Nomodify = 365,
T_Nomrulist = 366,
T_None = 367,
T_Nonvolatile = 368,
T_Nopeer = 369,
T_Noquery = 370,
T_Noselect = 371,
T_Noserve = 372,
T_Notrap = 373,
T_Notrust = 374,
T_Ntp = 375,
T_Ntpport = 376,
T_NtpSignDsocket = 377,
T_Orphan = 378,
T_Orphanwait = 379,
T_Panic = 380,
T_Peer = 381,
T_Peerstats = 382,
T_Phone = 383,
T_Pid = 384,
T_Pidfile = 385,
T_Pool = 386,
T_Port = 387,
T_Preempt = 388,
T_Prefer = 389,
T_Protostats = 390,
T_Pw = 391,
T_Randfile = 392,
T_Rawstats = 393,
T_Refid = 394,
T_Requestkey = 395,
T_Reset = 396,
T_Restrict = 397,
T_Revoke = 398,
T_Rlimit = 399,
T_Saveconfigdir = 400,
T_Server = 401,
T_Setvar = 402,
T_Source = 403,
T_Stacksize = 404,
T_Statistics = 405,
T_Stats = 406,
T_Statsdir = 407,
T_Step = 408,
T_Stepback = 409,
T_Stepfwd = 410,
T_Stepout = 411,
T_Stratum = 412,
T_String = 413,
T_Sys = 414,
T_Sysstats = 415,
T_Tick = 416,
T_Time1 = 417,
T_Time2 = 418,
T_Timer = 419,
T_Timingstats = 420,
T_Tinker = 421,
T_Tos = 422,
T_Trap = 423,
T_True = 424,
T_Trustedkey = 425,
T_Ttl = 426,
T_Type = 427,
T_U_int = 428,
T_UEcrypto = 429,
T_UEcryptonak = 430,
T_UEdigest = 431,
T_Unconfig = 432,
T_Unpeer = 433,
T_Version = 434,
T_WanderThreshold = 435,
T_Week = 436,
T_Wildcard = 437,
T_Xleave = 438,
T_Year = 439,
T_Flag = 440,
T_EOC = 441,
T_Simulate = 442,
T_Beep_Delay = 443,
T_Sim_Duration = 444,
T_Server_Offset = 445,
T_Duration = 446,
T_Freq_Offset = 447,
T_Wander = 448,
T_Jitter = 449,
T_Prop_Delay = 450,
T_Proc_Delay = 451
};
#endif
/* Tokens. */
#define T_Abbrev 258
@ -410,33 +414,37 @@ extern int yydebug;
#define T_Ttl 426
#define T_Type 427
#define T_U_int 428
#define T_Unconfig 429
#define T_Unpeer 430
#define T_Version 431
#define T_WanderThreshold 432
#define T_Week 433
#define T_Wildcard 434
#define T_Xleave 435
#define T_Year 436
#define T_Flag 437
#define T_EOC 438
#define T_Simulate 439
#define T_Beep_Delay 440
#define T_Sim_Duration 441
#define T_Server_Offset 442
#define T_Duration 443
#define T_Freq_Offset 444
#define T_Wander 445
#define T_Jitter 446
#define T_Prop_Delay 447
#define T_Proc_Delay 448
#define T_UEcrypto 429
#define T_UEcryptonak 430
#define T_UEdigest 431
#define T_Unconfig 432
#define T_Unpeer 433
#define T_Version 434
#define T_WanderThreshold 435
#define T_Week 436
#define T_Wildcard 437
#define T_Xleave 438
#define T_Year 439
#define T_Flag 440
#define T_EOC 441
#define T_Simulate 442
#define T_Beep_Delay 443
#define T_Sim_Duration 444
#define T_Server_Offset 445
#define T_Duration 446
#define T_Freq_Offset 447
#define T_Wander 448
#define T_Jitter 449
#define T_Prop_Delay 450
#define T_Proc_Delay 451
/* Value type. */
#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
typedef union YYSTYPE YYSTYPE;
union YYSTYPE
typedef union YYSTYPE
{
#line 51 "../../ntpd/ntp_parser.y" /* yacc.c:1909 */
/* Line 2053 of yacc.c */
#line 51 "../../ntpd/ntp_parser.y"
char * String;
double Double;
@ -455,15 +463,29 @@ union YYSTYPE
script_info * Sim_script;
script_info_fifo * Sim_script_fifo;
#line 459 "../../ntpd/ntp_parser.h" /* yacc.c:1909 */
};
/* Line 2053 of yacc.c */
#line 469 "ntp_parser.h"
} YYSTYPE;
# define YYSTYPE_IS_TRIVIAL 1
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
#endif
extern YYSTYPE yylval;
#ifdef YYPARSE_PARAM
#if defined __STDC__ || defined __cplusplus
int yyparse (void *YYPARSE_PARAM);
#else
int yyparse ();
#endif
#else /* ! YYPARSE_PARAM */
#if defined __STDC__ || defined __cplusplus
int yyparse (void);
#else
int yyparse ();
#endif
#endif /* ! YYPARSE_PARAM */
#endif /* !YY_YY__NTPD_NTP_PARSER_H_INCLUDED */
#endif /* !YY_YY_NTP_PARSER_H_INCLUDED */

158
contrib/ntp/ntpd/ntp_proto.c
View File

@ -153,6 +153,19 @@ u_long sys_declined; /* declined */
u_long sys_limitrejected; /* rate exceeded */
u_long sys_kodsent; /* KoD sent */
/*
* Mechanism knobs: how soon do we unpeer()?
*
* The default way is "on-receipt". If this was a packet from a
* well-behaved source, on-receipt will offer the fastest recovery.
* If this was from a DoS attack, the default way makes it easier
* for a bad-guy to DoS us. So look and see what bites you harder
* and choose according to your environment.
*/
int unpeer_crypto_early = 1; /* bad crypto (TEST9) */
int unpeer_crypto_nak_early = 1; /* crypto_NAK (TEST5) */
int unpeer_digest_early = 1; /* bad digest (TEST5) */
static int kiss_code_check(u_char hisleap, u_char hisstratum, u_char hismode, u_int32 refid);
static double root_distance (struct peer *);
static void clock_combine (peer_select *, int, int);
@ -1157,6 +1170,7 @@ receive(
} else {
peer->delay = sys_bdelay;
peer->bxmt = p_xmt;
}
break;
}
@ -1177,6 +1191,7 @@ receive(
sys_restricted++;
return; /* ignore duplicate */
}
peer->bxmt = p_xmt;
#ifdef AUTOKEY
if (skeyid > NTP_MAXKEY)
crypto_recv(peer, rbufp);
@ -1286,6 +1301,73 @@ receive(
return;
}
#endif /* AUTOKEY */
if (MODE_BROADCAST == hismode) {
u_char poll;
int bail = 0;
l_fp tdiff;
DPRINTF(2, ("receive: PROCPKT/BROADCAST: prev pkt %ld seconds ago, ppoll: %d, %d secs\n",
(current_time - peer->timelastrec),
peer->ppoll, (1 << peer->ppoll)
));
/* Things we can check:
*
* Did the poll interval change?
* Is the poll interval in the packet in-range?
* Did this packet arrive too soon?
* Is the timestamp in this packet monotonic
* with respect to the previous packet?
*/
/* This is noteworthy, not error-worthy */
if (pkt->ppoll != peer->ppoll) {
msyslog(LOG_INFO, "receive: broadcast poll from %s changed from %ud to %ud",
stoa(&rbufp->recv_srcadr),
peer->ppoll, pkt->ppoll);
}
poll = min(peer->maxpoll,
max(peer->minpoll, pkt->ppoll));
/* This is error-worthy */
if (pkt->ppoll != poll) {
msyslog(LOG_INFO, "receive: broadcast poll of %ud from %s is out-of-range (%d to %d)!",
pkt->ppoll, stoa(&rbufp->recv_srcadr),
peer->minpoll, peer->maxpoll);
++bail;
}
if ( (current_time - peer->timelastrec)
< (1 << pkt->ppoll)) {
msyslog(LOG_INFO, "receive: broadcast packet from %s arrived after %ld, not %d seconds!",
stoa(&rbufp->recv_srcadr),
(current_time - peer->timelastrec),
(1 << pkt->ppoll)
);
++bail;
}
tdiff = p_xmt;
L_SUB(&tdiff, &peer->bxmt);
if (tdiff.l_i < 0) {
msyslog(LOG_INFO, "receive: broadcast packet from %s contains non-monotonic timestamp: %#010x.%08x -> %#010x.%08x",
stoa(&rbufp->recv_srcadr),
peer->bxmt.l_ui, peer->bxmt.l_uf,
p_xmt.l_ui, p_xmt.l_uf
);
++bail;
}
peer->bxmt = p_xmt;
if (bail) {
peer->timelastrec = current_time;
sys_declined++;
return;
}
}
break;
/*
@ -1362,7 +1444,12 @@ receive(
/*
* Basic mode checks:
*
* If there is no origin timestamp, it's an initial packet.
* If there is no origin timestamp, it's either an initial packet
* or we've already received a response to our query. Of course,
* should 'aorg' be all-zero because this really was the original
* transmit timestamp, we'll drop the reply. There is a window of
* one nanosecond once every 136 years' time where this is possible.
* We currently ignore this situation.
*
* Otherwise, check for bogus packet in basic mode.
* If it is bogus, switch to interleaved mode and resynchronize,
@ -1375,7 +1462,8 @@ receive(
} else if (peer->flip == 0) {
if (0 < hisstratum && L_ISZERO(&p_org)) {
L_CLR(&peer->aorg);
} else if (!L_ISEQU(&p_org, &peer->aorg)) {
} else if ( L_ISZERO(&peer->aorg)
|| !L_ISEQU(&p_org, &peer->aorg)) {
peer->bogusorg++;
peer->flash |= TEST2; /* bogus */
msyslog(LOG_INFO,
@ -1424,7 +1512,9 @@ receive(
peer->flash |= TEST5; /* bad auth */
peer->badauth++;
if (peer->flags & FLAG_PREEMPT) {
unpeer(peer);
if (unpeer_crypto_nak_early) {
unpeer(peer);
}
return;
}
#ifdef AUTOKEY
@ -1450,7 +1540,9 @@ receive(
&& (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE))
fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask);
if (peer->flags & FLAG_PREEMPT) {
unpeer(peer);
if (unpeer_digest_early) {
unpeer(peer);
}
return;
}
#ifdef AUTOKEY
@ -1505,12 +1597,47 @@ receive(
return; /* Drop any other kiss code packets */
}
/*
* If:
* - this is a *cast (uni-, broad-, or m-) server packet
* - and it's authenticated
* then see if the sender's IP is trusted for this keyid.
* If it is, great - nothing special to do here.
* Otherwise, we should report and bail.
*/
switch (hismode) {
case MODE_SERVER: /* server mode */
case MODE_BROADCAST: /* broadcast mode */
case MODE_ACTIVE: /* symmetric active mode */
if ( is_authentic == AUTH_OK
&& !authistrustedip(skeyid, &peer->srcadr)) {
report_event(PEVNT_AUTH, peer, "authIP");
peer->badauth++;
return;
}
break;
case MODE_UNSPEC: /* unspecified (old version) */
case MODE_PASSIVE: /* symmetric passive mode */
case MODE_CLIENT: /* client mode */
#if 0 /* At this point, MODE_CONTROL is overloaded by MODE_BCLIENT */
case MODE_CONTROL: /* control mode */
#endif
case MODE_PRIVATE: /* private mode */
case MODE_BCLIENT: /* broadcast client mode */
break;
default:
break;
}
/*
* That was hard and I am sweaty, but the packet is squeaky
* clean. Get on with real work.
*/
peer->timereceived = current_time;
peer->timelastrec = current_time;
if (is_authentic == AUTH_OK)
peer->flags |= FLAG_AUTHENTIC;
else
@ -1560,8 +1687,11 @@ receive(
"crypto error");
peer_clear(peer, "CRYP");
peer->flash |= TEST9; /* bad crypt */
if (peer->flags & FLAG_PREEMPT)
unpeer(peer);
if (peer->flags & FLAG_PREEMPT) {
if (unpeer_crypto_early) {
unpeer(peer);
}
}
}
return;
}
@ -4358,6 +4488,22 @@ proto_config(
io_multicast_del(svalue);
break;
/*
* Unpeer Early policy choices
*/
case PROTO_UECRYPTO: /* Crypto */
unpeer_crypto_early = value;
break;
case PROTO_UECRYPTONAK: /* Crypto_NAK */
unpeer_crypto_nak_early = value;
break;
case PROTO_UEDIGEST: /* Digest */
unpeer_digest_early = value;
break;
default:
msyslog(LOG_NOTICE,
"proto: unsupported option %d", item);

293
contrib/ntp/ntpd/ntp_request.c
View File

@ -81,8 +81,8 @@ static void do_unconf (sockaddr_u *, endpt *, struct req_pkt *);
static void set_sys_flag (sockaddr_u *, endpt *, struct req_pkt *);
static void clr_sys_flag (sockaddr_u *, endpt *, struct req_pkt *);
static void setclr_flags (sockaddr_u *, endpt *, struct req_pkt *, u_long);
static void list_restrict4 (restrict_u *, struct info_restrict **);
static void list_restrict6 (restrict_u *, struct info_restrict **);
static void list_restrict4 (const restrict_u *, struct info_restrict **);
static void list_restrict6 (const restrict_u *, struct info_restrict **);
static void list_restrict (sockaddr_u *, endpt *, struct req_pkt *);
static void do_resaddflags (sockaddr_u *, endpt *, struct req_pkt *);
static void do_ressubflags (sockaddr_u *, endpt *, struct req_pkt *);
@ -667,43 +667,35 @@ list_peers(
struct req_pkt *inpkt
)
{
struct info_peer_list *ip;
struct peer *pp;
int skip = 0;
struct info_peer_list * ip;
const struct peer * pp;
ip = (struct info_peer_list *)prepare_pkt(srcadr, inter, inpkt,
v6sizeof(struct info_peer_list));
for (pp = peer_list; pp != NULL && ip != NULL; pp = pp->p_link) {
if (IS_IPV6(&pp->srcadr)) {
if (client_v6_capable) {
ip->addr6 = SOCK_ADDR6(&pp->srcadr);
ip->v6_flag = 1;
skip = 0;
} else {
skip = 1;
break;
}
if (!client_v6_capable)
continue;
ip->addr6 = SOCK_ADDR6(&pp->srcadr);
ip->v6_flag = 1;
} else {
ip->addr = NSRCADR(&pp->srcadr);
if (client_v6_capable)
ip->v6_flag = 0;
skip = 0;
}
if (!skip) {
ip->port = NSRCPORT(&pp->srcadr);
ip->hmode = pp->hmode;
ip->flags = 0;
if (pp->flags & FLAG_CONFIG)
ip->flags |= INFO_FLAG_CONFIG;
if (pp == sys_peer)
ip->flags |= INFO_FLAG_SYSPEER;
if (pp->status == CTL_PST_SEL_SYNCCAND)
ip->flags |= INFO_FLAG_SEL_CANDIDATE;
if (pp->status >= CTL_PST_SEL_SYSPEER)
ip->flags |= INFO_FLAG_SHORTLIST;
ip = (struct info_peer_list *)more_pkt();
}
ip->port = NSRCPORT(&pp->srcadr);
ip->hmode = pp->hmode;
ip->flags = 0;
if (pp->flags & FLAG_CONFIG)
ip->flags |= INFO_FLAG_CONFIG;
if (pp == sys_peer)
ip->flags |= INFO_FLAG_SYSPEER;
if (pp->status == CTL_PST_SEL_SYNCCAND)
ip->flags |= INFO_FLAG_SEL_CANDIDATE;
if (pp->status >= CTL_PST_SEL_SYSPEER)
ip->flags |= INFO_FLAG_SHORTLIST;
ip = (struct info_peer_list *)more_pkt();
} /* for pp */
flush_pkt();
@ -720,10 +712,9 @@ list_peers_sum(
struct req_pkt *inpkt
)
{
register struct info_peer_summary *ips;
register struct peer *pp;
l_fp ltmp;
register int skip;
struct info_peer_summary * ips;
const struct peer * pp;
l_fp ltmp;
DPRINTF(3, ("wants peer list summary\n"));
@ -736,18 +727,14 @@ list_peers_sum(
* want only v4.
*/
if (IS_IPV6(&pp->srcadr)) {
if (client_v6_capable) {
ips->srcadr6 = SOCK_ADDR6(&pp->srcadr);
ips->v6_flag = 1;
if (pp->dstadr)
ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin);
else
ZERO(ips->dstadr6);
skip = 0;
} else {
skip = 1;
break;
}
if (!client_v6_capable)
continue;
ips->srcadr6 = SOCK_ADDR6(&pp->srcadr);
ips->v6_flag = 1;
if (pp->dstadr)
ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin);
else
ZERO(ips->dstadr6);
} else {
ips->srcadr = NSRCADR(&pp->srcadr);
if (client_v6_capable)
@ -765,39 +752,37 @@ list_peers_sum(
ips->dstadr = NSRCADR(&pp->dstadr->bcast);
}
}
} else
} else {
ips->dstadr = 0;
skip = 0;
}
}
if (!skip) {
ips->srcport = NSRCPORT(&pp->srcadr);
ips->stratum = pp->stratum;
ips->hpoll = pp->hpoll;
ips->ppoll = pp->ppoll;
ips->reach = pp->reach;
ips->flags = 0;
if (pp == sys_peer)
ips->flags |= INFO_FLAG_SYSPEER;
if (pp->flags & FLAG_CONFIG)
ips->flags |= INFO_FLAG_CONFIG;
if (pp->flags & FLAG_REFCLOCK)
ips->flags |= INFO_FLAG_REFCLOCK;
if (pp->flags & FLAG_PREFER)
ips->flags |= INFO_FLAG_PREFER;
if (pp->flags & FLAG_BURST)
ips->flags |= INFO_FLAG_BURST;
if (pp->status == CTL_PST_SEL_SYNCCAND)
ips->flags |= INFO_FLAG_SEL_CANDIDATE;
if (pp->status >= CTL_PST_SEL_SYSPEER)
ips->flags |= INFO_FLAG_SHORTLIST;
ips->hmode = pp->hmode;
ips->delay = HTONS_FP(DTOFP(pp->delay));
DTOLFP(pp->offset, &ltmp);
HTONL_FP(&ltmp, &ips->offset);
ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp)));
}
ips->srcport = NSRCPORT(&pp->srcadr);
ips->stratum = pp->stratum;
ips->hpoll = pp->hpoll;
ips->ppoll = pp->ppoll;
ips->reach = pp->reach;
ips->flags = 0;
if (pp == sys_peer)
ips->flags |= INFO_FLAG_SYSPEER;
if (pp->flags & FLAG_CONFIG)
ips->flags |= INFO_FLAG_CONFIG;
if (pp->flags & FLAG_REFCLOCK)
ips->flags |= INFO_FLAG_REFCLOCK;
if (pp->flags & FLAG_PREFER)
ips->flags |= INFO_FLAG_PREFER;
if (pp->flags & FLAG_BURST)
ips->flags |= INFO_FLAG_BURST;
if (pp->status == CTL_PST_SEL_SYNCCAND)
ips->flags |= INFO_FLAG_SEL_CANDIDATE;
if (pp->status >= CTL_PST_SEL_SYSPEER)
ips->flags |= INFO_FLAG_SHORTLIST;
ips->hmode = pp->hmode;
ips->delay = HTONS_FP(DTOFP(pp->delay));
DTOLFP(pp->offset, &ltmp);
HTONL_FP(&ltmp, &ips->offset);
ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp)));
ips = (struct info_peer_summary *)more_pkt();
} /* for pp */
@ -1197,7 +1182,7 @@ mem_stats(
ms->hashcount[i] = (u_char)
max((u_int)peer_hash_count[i], UCHAR_MAX);
more_pkt();
(void) more_pkt();
flush_pkt();
}
@ -1285,7 +1270,7 @@ loop_info(
li->compliance = htonl((u_int32)(tc_counter));
li->watchdog_timer = htonl((u_int32)(current_time - sys_epoch));
more_pkt();
(void) more_pkt();
flush_pkt();
}
@ -1571,56 +1556,143 @@ setclr_flags(
req_ack(srcadr, inter, inpkt, INFO_OKAY);
}
/* There have been some issues with the restrict list processing,
* ranging from problems with deep recursion (resulting in stack
* overflows) and overfull reply buffers.
*
* To avoid this trouble the list reversal is done iteratively using a
* scratch pad.
*/
typedef struct RestrictStack RestrictStackT;
struct RestrictStack {
RestrictStackT *link;
size_t fcnt;
const restrict_u *pres[63];
};
static size_t
getStackSheetSize(
RestrictStackT *sp
)
{
if (sp)
return sizeof(sp->pres)/sizeof(sp->pres[0]);
return 0u;
}
static int/*BOOL*/
pushRestriction(
RestrictStackT **spp,
const restrict_u *ptr
)
{
RestrictStackT *sp;
if (NULL == (sp = *spp) || 0 == sp->fcnt) {
/* need another sheet in the scratch pad */
sp = emalloc(sizeof(*sp));
sp->link = *spp;
sp->fcnt = getStackSheetSize(sp);
*spp = sp;
}
sp->pres[--sp->fcnt] = ptr;
return TRUE;
}
static int/*BOOL*/
popRestriction(
RestrictStackT **spp,
const restrict_u **opp
)
{
RestrictStackT *sp;
if (NULL == (sp = *spp) || sp->fcnt >= getStackSheetSize(sp))
return FALSE;
*opp = sp->pres[sp->fcnt++];
if (sp->fcnt >= getStackSheetSize(sp)) {
/* discard sheet from scratch pad */
*spp = sp->link;
free(sp);
}
return TRUE;
}
static void
flushRestrictionStack(
RestrictStackT **spp
)
{
RestrictStackT *sp;
while (NULL != (sp = *spp)) {
*spp = sp->link;
free(sp);
}
}
/*
* list_restrict4 - recursive helper for list_restrict dumps IPv4
* list_restrict4 - iterative helper for list_restrict dumps IPv4
* restriction list in reverse order.
*/
static void
list_restrict4(
restrict_u * res,
const restrict_u * res,
struct info_restrict ** ppir
)
{
RestrictStackT * rpad;
struct info_restrict * pir;
if (res->link != NULL)
list_restrict4(res->link, ppir);
pir = *ppir;
pir->addr = htonl(res->u.v4.addr);
if (client_v6_capable)
pir->v6_flag = 0;
pir->mask = htonl(res->u.v4.mask);
pir->count = htonl(res->count);
pir->flags = htons(res->flags);
pir->mflags = htons(res->mflags);
*ppir = (struct info_restrict *)more_pkt();
for (rpad = NULL; res; res = res->link)
if (!pushRestriction(&rpad, res))
break;
while (pir && popRestriction(&rpad, &res)) {
pir->addr = htonl(res->u.v4.addr);
if (client_v6_capable)
pir->v6_flag = 0;
pir->mask = htonl(res->u.v4.mask);
pir->count = htonl(res->count);
pir->flags = htons(res->flags);
pir->mflags = htons(res->mflags);
pir = (struct info_restrict *)more_pkt();
}
flushRestrictionStack(&rpad);
*ppir = pir;
}
/*
* list_restrict6 - recursive helper for list_restrict dumps IPv6
* list_restrict6 - iterative helper for list_restrict dumps IPv6
* restriction list in reverse order.
*/
static void
list_restrict6(
restrict_u * res,
const restrict_u * res,
struct info_restrict ** ppir
)
{
RestrictStackT * rpad;
struct info_restrict * pir;
if (res->link != NULL)
list_restrict6(res->link, ppir);
pir = *ppir;
pir->addr6 = res->u.v6.addr;
pir->mask6 = res->u.v6.mask;
pir->v6_flag = 1;
pir->count = htonl(res->count);
pir->flags = htons(res->flags);
pir->mflags = htons(res->mflags);
*ppir = (struct info_restrict *)more_pkt();
for (rpad = NULL; res; res = res->link)
if (!pushRestriction(&rpad, res))
break;
while (pir && popRestriction(&rpad, &res)) {
pir->addr6 = res->u.v6.addr;
pir->mask6 = res->u.v6.mask;
pir->v6_flag = 1;
pir->count = htonl(res->count);
pir->flags = htons(res->flags);
pir->mflags = htons(res->mflags);
pir = (struct info_restrict *)more_pkt();
}
flushRestrictionStack(&rpad);
*ppir = pir;
}
@ -1644,8 +1716,7 @@ list_restrict(
/*
* The restriction lists are kept sorted in the reverse order
* than they were originally. To preserve the output semantics,
* dump each list in reverse order. A recursive helper function
* achieves that.
* dump each list in reverse order. The workers take care of that.
*/
list_restrict4(restrictlist4, &ir);
if (client_v6_capable)
@ -2010,7 +2081,7 @@ do_trustkey(
register int items;
items = INFO_NITEMS(inpkt->err_nitems);
kp = (uint32_t*)&inpkt->u;
kp = (uint32_t *)&inpkt->u;
while (items-- > 0) {
authtrust(*kp, trust);
kp++;
@ -2089,7 +2160,7 @@ req_get_traps(
it = (struct info_trap *)prepare_pkt(srcadr, inter, inpkt,
v6sizeof(struct info_trap));
for (i = 0, tr = ctl_traps; i < COUNTOF(ctl_traps); i++, tr++) {
for (i = 0, tr = ctl_traps; it && i < COUNTOF(ctl_traps); i++, tr++) {
if (tr->tr_flags & TRAP_INUSE) {
if (IS_IPV4(&tr->tr_addr)) {
if (tr->tr_localaddr == any_interface)
@ -2405,7 +2476,7 @@ get_clock_info(
ic = (struct info_clock *)prepare_pkt(srcadr, inter, inpkt,
sizeof(struct info_clock));
while (items-- > 0) {
while (items-- > 0 && ic) {
NSRCADR(&addr) = *clkaddr++;
if (!ISREFCLOCKADR(&addr) || NULL ==
findexistingpeer(&addr, NULL, NULL, -1, 0)) {
@ -2544,7 +2615,7 @@ get_clkbug_info(
ic = (struct info_clkbug *)prepare_pkt(srcadr, inter, inpkt,
sizeof(struct info_clkbug));
while (items-- > 0) {
while (items-- > 0 && ic) {
NSRCADR(&addr) = *clkaddr++;
if (!ISREFCLOCKADR(&addr) || NULL ==
findexistingpeer(&addr, NULL, NULL, -1, 0)) {
@ -2592,13 +2663,15 @@ fill_info_if_stats(void *data, interface_info_t *interface_info)
struct info_if_stats **ifsp = (struct info_if_stats **)data;
struct info_if_stats *ifs = *ifsp;
endpt *ep = interface_info->ep;
if (NULL == ifs)
return;
ZERO(*ifs);
if (IS_IPV6(&ep->sin)) {
if (!client_v6_capable) {
if (!client_v6_capable)
return;
}
ifs->v6_flag = 1;
ifs->unaddr.addr6 = SOCK_ADDR6(&ep->sin);
ifs->unbcast.addr6 = SOCK_ADDR6(&ep->bcast);

2
contrib/ntp/ntpd/ntp_scanner.c
View File

@ -669,7 +669,7 @@ int
yylex(void)
{
static follby followedby = FOLLBY_TOKEN;
int i;
size_t i;
int instring;
int yylval_was_set;
int converted;

17
contrib/ntp/ntpd/ntp_timer.c
View File

@ -549,14 +549,16 @@ check_leapsec(
#ifdef LEAP_SMEAR
leap_smear.enabled = leap_smear_intv != 0;
#endif
if (reset) {
if (reset) {
lsprox = LSPROX_NOWARN;
leapsec_reset_frame();
memset(&lsdata, 0, sizeof(lsdata));
} else {
int fired = leapsec_query(&lsdata, now, tpiv);
int fired;
DPRINTF(1, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n",
fired = leapsec_query(&lsdata, now, tpiv);
DPRINTF(3, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n",
fired, now, now, lsdata.tai_diff, lsdata.ddist));
#ifdef LEAP_SMEAR
@ -572,8 +574,7 @@ check_leapsec(
DPRINTF(1, ("*** leapsec_query: setting leap_smear interval %li, begin %.0f, end %.0f\n",
leap_smear.interval, leap_smear.intv_start, leap_smear.intv_end));
}
}
else {
} else {
if (leap_smear.interval)
DPRINTF(1, ("*** leapsec_query: clearing leap_smear interval\n"));
leap_smear.interval = 0;
@ -655,10 +656,10 @@ check_leapsec(
sys_tai = lsdata.tai_offs;
} else {
#ifdef AUTOKEY
update_autokey = (sys_tai != lsdata.tai_offs);
update_autokey = (sys_tai != (u_int)lsdata.tai_offs);
#endif
lsprox = lsdata.proximity;
sys_tai = lsdata.tai_offs;
lsprox = lsdata.proximity;
sys_tai = lsdata.tai_offs;
}
}

20
contrib/ntp/ntpd/ntpd-opts.c
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpd-opts.c)
*
* It has been AutoGen-ed January 7, 2016 at 11:28:29 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:15:45 AM by AutoGen 5.18.5
* From the definitions ntpd-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpd program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -75,8 +75,8 @@ extern FILE * option_usage_fp;
* static const strings for ntpd options
*/
static char const ntpd_opt_strs[3129] =
/* 0 */ "ntpd 4.2.8p5\n"
"Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
/* 0 */ "ntpd 4.2.8p6\n"
"Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
"This is free software. It is licensed for use, modification and\n"
"redistribution under the terms of the NTP License, copies of which\n"
"can be seen at:\n"
@ -205,12 +205,12 @@ static char const ntpd_opt_strs[3129] =
/* 2900 */ "output version information and exit\0"
/* 2936 */ "version\0"
/* 2944 */ "NTPD\0"
/* 2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p5\n"
/* 2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p6\n"
"Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n"
"\t\t[ <server1> ... <serverN> ]\n\0"
/* 3080 */ "http://bugs.ntp.org, bugs@ntp.org\0"
/* 3114 */ "\n\0"
/* 3116 */ "ntpd 4.2.8p5";
/* 3116 */ "ntpd 4.2.8p6";
/**
* ipv4 option description with
@ -1529,8 +1529,8 @@ static void bogus_function(void) {
translate option names.
*/
/* referenced via ntpdOptions.pzCopyright */
puts(_("ntpd 4.2.8p5\n\
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
puts(_("ntpd 4.2.8p6\n\
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the NTP License, copies of which\n\
can be seen at:\n"));
@ -1670,7 +1670,7 @@ implied warranty.\n"));
puts(_("output version information and exit"));
/* referenced via ntpdOptions.pzUsageTitle */
puts(_("ntpd - NTP daemon program - Ver. 4.2.8p5\n\
puts(_("ntpd - NTP daemon program - Ver. 4.2.8p6\n\
Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
\t\t[ <server1> ... <serverN> ]\n"));
@ -1678,7 +1678,7 @@ Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
puts(_("\n"));
/* referenced via ntpdOptions.pzFullVersion */
puts(_("ntpd 4.2.8p5"));
puts(_("ntpd 4.2.8p6"));
/* referenced via ntpdOptions.pzFullUsage */
puts(_("<<<NOT-FOUND>>>"));

8
contrib/ntp/ntpd/ntpd-opts.h
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpd-opts.h)
*
* It has been AutoGen-ed January 7, 2016 at 11:28:28 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:15:43 AM by AutoGen 5.18.5
* From the definitions ntpd-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpd program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -106,9 +106,9 @@ typedef enum {
/** count of all options for ntpd */
#define OPTION_CT 38
/** ntpd version */
#define NTPD_VERSION "4.2.8p5"
#define NTPD_VERSION "4.2.8p6"
/** Full ntpd version text */
#define NTPD_FULL_VERSION "ntpd 4.2.8p5"
#define NTPD_FULL_VERSION "ntpd 4.2.8p6"
/**
* Interface defines for all options. Replace "n" with the UPPER_CASED

8
contrib/ntp/ntpd/ntpd.1ntpdman
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntpd 1ntpdman "07 Jan 2016" "4.2.8p5" "User Commands"
.TH ntpd 1ntpdman "20 Jan 2016" "4.2.8p6" "User Commands"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-KDaWJq/ag-WDaOIq)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9JaiRS/ag-jKaaQS)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:44 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:54 AM by AutoGen 5.18.5
.\" From the definitions ntpd-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -979,7 +979,7 @@ RFC5908
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The

6
contrib/ntp/ntpd/ntpd.1ntpdmdoc
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTPD 1ntpdmdoc User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntpd-opts.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:02 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5
.\" From the definitions ntpd-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The

58
contrib/ntp/ntpd/ntpd.c
View File

@ -209,6 +209,11 @@ extern int syscall (int, ...);
#if !defined(SIM) && defined(SIGDIE1)
static volatile int signalled = 0;
static volatile int signo = 0;
/* In an ideal world, 'finish_safe()' would declared as noreturn... */
static void finish_safe (int);
static RETSIGTYPE finish (int);
#endif
@ -298,11 +303,28 @@ my_pthread_warmup_worker(
static void
my_pthread_warmup(void)
{
pthread_t thread;
int rc;
pthread_t thread;
pthread_attr_t thr_attr;
int rc;
pthread_attr_init(&thr_attr);
#if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \
defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE) && \
defined(PTHREAD_STACK_MIN)
rc = pthread_attr_setstacksize(&thr_attr, PTHREAD_STACK_MIN);
if (0 != rc)
msyslog(LOG_ERR,
"my_pthread_warmup: pthread_attr_setstacksize() -> %s",
strerror(rc));
#endif
rc = pthread_create(
&thread, NULL, my_pthread_warmup_worker, NULL);
if (0 == rc) {
&thread, &thr_attr, my_pthread_warmup_worker, NULL);
pthread_attr_destroy(&thr_attr);
if (0 != rc) {
msyslog(LOG_ERR,
"my_pthread_warmup: pthread_create() -> %s",
strerror(rc));
} else {
pthread_cancel(thread);
pthread_join(thread, NULL);
}
@ -1204,6 +1226,10 @@ int scmp_sc[] = {
# ifdef HAVE_IO_COMPLETION_PORT
for (;;) {
#if !defined(SIM) && defined(SIGDIE1)
if (signalled)
finish_safe(signo);
#endif
GetReceivedBuffers();
# else /* normal I/O */
@ -1211,11 +1237,19 @@ int scmp_sc[] = {
was_alarmed = FALSE;
for (;;) {
#if !defined(SIM) && defined(SIGDIE1)
if (signalled)
finish_safe(signo);
#endif
if (alarm_flag) { /* alarmed? */
was_alarmed = TRUE;
alarm_flag = FALSE;
}
/* collect async name/addr results */
if (!was_alarmed)
harvest_blocking_responses();
if (!was_alarmed && !has_full_recv_buffer()) {
/*
* Nothing to do. Wait for something.
@ -1330,9 +1364,9 @@ int scmp_sc[] = {
/*
* finish - exit gracefully
*/
static RETSIGTYPE
finish(
int sig
static void
finish_safe(
int sig
)
{
const char *sig_desc;
@ -1353,6 +1387,16 @@ finish(
peer_cleanup();
exit(0);
}
static RETSIGTYPE
finish(
int sig
)
{
signalled = 1;
signo = sig;
}
#endif /* !SIM && SIGDIE1 */

4
contrib/ntp/ntpd/ntpd.html
View File

@ -39,7 +39,7 @@ The program can operate in any of several modes, including client/server,
symmetric and broadcast modes, and with both symmetric-key and public-key
cryptography.
<p>This document applies to version 4.2.8p5 of <code>ntpd</code>.
<p>This document applies to version 4.2.8p6 of <code>ntpd</code>.
<ul class="menu">
<li><a accesskey="1" href="#ntpd-Description">ntpd Description</a>: Description
@ -220,7 +220,7 @@ the usage text by passing it through a pager program.
used to select the program, defaulting to <span class="file">more</span>. Both will exit
with a status code of 0.
<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p4
<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p5
Usage: ntpd [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... \
[ &lt;server1&gt; ... &lt;serverN&gt; ]
Flg Arg Option-Name Description

8
contrib/ntp/ntpd/ntpd.man.in
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntpd @NTPD_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
.TH ntpd @NTPD_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-KDaWJq/ag-WDaOIq)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9JaiRS/ag-jKaaQS)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:30:44 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:17:54 AM by AutoGen 5.18.5
.\" From the definitions ntpd-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -979,7 +979,7 @@ RFC5908
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The

6
contrib/ntp/ntpd/ntpd.mdoc.in
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTPD @NTPD_MS@ User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntpd-opts.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:02 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5
.\" From the definitions ntpd-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
.Sh "AUTHORS"
The University of Delaware and Network Time Foundation
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The

2
contrib/ntp/ntpd/refclock_chu.c
View File

@ -1264,7 +1264,7 @@ chu_a(
offset = up->charstamp;
else if (k > 0)
i = 1;
for (; i < nchar && i < k + 10; i++) {
for (; i < nchar && (i - 10) < k; i++) {
up->tstamp[up->ntstamp] = up->cstamp[i];
L_SUB(&up->tstamp[up->ntstamp], &offset);
L_ADD(&offset, &up->charstamp);

28
contrib/ntp/ntpd/refclock_gpsdjson.c
View File

@ -377,17 +377,6 @@ static int16_t clamped_precision(int rawprec);
* local / static stuff
*/
/* The logon string is actually the ?WATCH command of GPSD, using JSON
* data and selecting the GPS device name we created from our unit
* number. We have an old a newer version that request PPS (and TOFF)
* transmission.
* Note: These are actually format strings!
*/
static const char * const s_req_watch[2] = {
"?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true};\r\n",
"?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true,\"pps\":true};\r\n"
};
static const char * const s_req_version =
"?VERSION;\r\n";
@ -1147,7 +1136,7 @@ json_token_skip(
const json_ctx * ctx,
tok_ref tid)
{
if (tid >= 0 && tid < ctx->ntok) {
if (tid >= 0 && (u_int)tid < ctx->ntok) {
int len = ctx->tok[tid].size;
/* For arrays and objects, the size is the number of
* ITEMS in the compound. Thats the number of objects in
@ -1172,7 +1161,10 @@ json_token_skip(
++tid;
break;
}
if (tid > ctx->ntok) /* Impossible? Paranoia rulez. */
/* The next condition should never be true, but paranoia
* prevails...
*/
if (tid < 0 || (u_int)tid > ctx->ntok)
tid = ctx->ntok;
}
return tid;
@ -1200,7 +1192,7 @@ json_object_lookup(
tid = json_token_skip(ctx, tid); /* skip val */
} else if (strcmp(key, ctx->buf + ctx->tok[tid].start)) {
tid = json_token_skip(ctx, tid+1); /* skip key+val */
} else if (what < 0 || what == ctx->tok[tid+1].type) {
} else if (what < 0 || (u_int)what == ctx->tok[tid+1].type) {
return tid + 1;
} else {
break;
@ -1513,8 +1505,14 @@ process_version(
if (up->fl_watch)
return;
/* The logon string is actually the ?WATCH command of GPSD,
* using JSON data and selecting the GPS device name we created
* from our unit number. We have an old a newer version that
* request PPS (and TOFF) transmission.
*/
snprintf(up->buffer, sizeof(up->buffer),
s_req_watch[up->pf_toff != 0], up->device);
"?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true%s};\r\n",
up->device, (up->pf_toff ? ",\"pps\":true" : ""));
buf = up->buffer;
len = strlen(buf);
log_data(peer, "send", buf, len);

87
contrib/ntp/ntpd/refclock_jjy.c
View File

@ -149,8 +149,8 @@
*/
struct jjyRawDataBreak {
char *pString ;
int iLength ;
const char * pString ;
int iLength ;
} ;
#define MAX_TIMESTAMP 6
@ -627,7 +627,7 @@ jjy_receive ( struct recvbuf *rbufp )
#ifdef DEBUG
printf( "\nrefclock_jjy.c : %s : Len=%d ", sFunctionName, pp->lencode ) ;
for ( i = 0 ; i < pp->lencode ; i ++ ) {
if ( iscntrl( pp->a_lastcode[i] & 0x7F ) ) {
if ( iscntrl( (u_char)(pp->a_lastcode[i] & 0x7F) ) ) {
printf( "<x%02X>", pp->a_lastcode[i] & 0xFF ) ;
} else {
printf( "%c", pp->a_lastcode[i] ) ;
@ -702,7 +702,7 @@ jjy_receive ( struct recvbuf *rbufp )
up->iLineBufLen ++ ;
/* Copy printable characters */
if ( ! iscntrl( up->sRawBuf[i] ) ) {
if ( ! iscntrl( (u_char)up->sRawBuf[i] ) ) {
up->sTextBuf[up->iTextBufLen] = up->sRawBuf[i] ;
up->iTextBufLen ++ ;
}
@ -1154,12 +1154,13 @@ jjy_receive_tristate_jjy01 ( struct recvbuf *rbufp )
struct refclockproc *pp ;
struct peer *peer;
char *pBuf, sLog [ 100 ] ;
int iLen ;
int rc ;
char * pBuf ;
char sLog [ 100 ] ;
int iLen ;
int rc ;
const char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
/* Initialize pointers */
@ -1359,8 +1360,8 @@ jjy_poll_tristate_jjy01 ( int unit, struct peer *peer )
struct refclockproc *pp ;
struct jjyunit *up ;
const char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
pp = peer->procptr;
up = pp->unitptr ;
@ -2010,12 +2011,13 @@ jjy_receive_tristate_gpsclock01 ( struct recvbuf *rbufp )
struct refclockproc *pp ;
struct peer *peer;
char *pBuf, sLog [ 100 ] ;
int iLen ;
int rc ;
char * pBuf ;
char sLog [ 100 ] ;
int iLen ;
int rc ;
const char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
/* Initialize pointers */
@ -2239,8 +2241,8 @@ jjy_poll_tristate_gpsclock01 ( int unit, struct peer *peer )
struct refclockproc *pp ;
struct jjyunit *up ;
const char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
pp = peer->procptr ;
up = pp->unitptr ;
@ -2576,7 +2578,7 @@ static int teljjy_bye_ignore ( struct peer *peer, struct refclockproc *, struct
static int teljjy_bye_disc ( struct peer *peer, struct refclockproc *, struct jjyunit * ) ;
static int teljjy_bye_modem ( struct peer *peer, struct refclockproc *, struct jjyunit * ) ;
static int ( *pTeljjyHandler [ ] [ 5 ] ) ( ) =
static int ( *pTeljjyHandler [ ] [ 5 ] ) ( struct peer *, struct refclockproc *, struct jjyunit *) =
{ /*STATE_IDLE STATE_DAILOUT STATE_LOGIN STATE_CONNECT STATE_BYE */
/* NULL */ { teljjy_idle_ignore , teljjy_dial_ignore, teljjy_login_ignore, teljjy_conn_ignore, teljjy_bye_ignore },
/* START */ { teljjy_idle_dialout, teljjy_dial_ignore, teljjy_login_ignore, teljjy_conn_ignore, teljjy_bye_ignore },
@ -2715,12 +2717,12 @@ jjy_start_telephone ( int unit, struct peer *peer, struct jjyunit *up )
iNumberOfDigitsOfPhoneNumber = iCommaCount = iCommaPosition = iFirstThreeDigitsCount = 0 ;
for ( i = 0 ; i < strlen( sys_phone[0] ) ; i ++ ) {
if ( isdigit( *(sys_phone[0]+i) ) ) {
if ( isdigit( (u_char)sys_phone[0][i] ) ) {
if ( iFirstThreeDigitsCount < sizeof(sFirstThreeDigits)-1 ) {
sFirstThreeDigits[iFirstThreeDigitsCount++] = *(sys_phone[0]+i) ;
sFirstThreeDigits[iFirstThreeDigitsCount++] = sys_phone[0][i] ;
}
iNumberOfDigitsOfPhoneNumber ++ ;
} else if ( *(sys_phone[0]+i) == ',' ) {
} else if ( sys_phone[0][i] == ',' ) {
iCommaCount ++ ;
if ( iCommaCount > 1 ) {
msyslog( LOG_ERR, "refclock_jjy.c : jjy_start_telephone : phone in the ntpd.conf should be zero or one comma." ) ;
@ -2729,7 +2731,7 @@ jjy_start_telephone ( int unit, struct peer *peer, struct jjyunit *up )
}
iFirstThreeDigitsCount = 0 ;
iCommaPosition = i ;
} else if ( *(sys_phone[0]+i) != '-' ) {
} else if ( sys_phone[0][i] != '-' ) {
msyslog( LOG_ERR, "refclock_jjy.c : jjy_start_telephone : phone in the ntpd.conf should be a number or a hyphen." ) ;
up->bInitError = TRUE ;
return 1 ;
@ -3213,8 +3215,8 @@ static int
teljjy_login_login ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
DEBUG_TELJJY_PRINTF( "teljjy_login_login" ) ;
@ -3290,8 +3292,8 @@ static int
teljjy_conn_send ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
const char *pCmd ;
int i, iLen, iNextClockState ;
const char * pCmd ;
int i, iLen, iNextClockState ;
DEBUG_TELJJY_PRINTF( "teljjy_conn_send" ) ;
@ -3527,7 +3529,7 @@ static int
teljjy_conn_silent ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
const char *pCmd ;
const char * pCmd ;
DEBUG_TELJJY_PRINTF( "teljjy_conn_silent" ) ;
@ -3665,7 +3667,7 @@ static int modem_esc_data ( struct peer *, struct refclockproc *, struct jjyu
static int modem_esc_silent ( struct peer *, struct refclockproc *, struct jjyunit * ) ;
static int modem_esc_disc ( struct peer *, struct refclockproc *, struct jjyunit * ) ;
static int ( *pModemHandler [ ] [ 5 ] ) ( ) =
static int ( *pModemHandler [ ] [ 5 ] ) ( struct peer *, struct refclockproc *, struct jjyunit * ) =
{ /*STATE_DISCONNECT STATE_INITIALIZE STATE_DAILING STATE_CONNECT STATE_ESCAPE */
/* NULL */ { modem_disc_ignore, modem_init_ignore, modem_dial_ignore , modem_conn_ignore, modem_esc_ignore },
/* INITIALIZE */ { modem_disc_init , modem_init_start , modem_dial_ignore , modem_conn_ignore, modem_esc_ignore },
@ -3993,10 +3995,11 @@ static int
modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
char *pCmd, cBuf [ 46 ] ;
int iCmdLen ;
int iErrorCorrection, iSpeakerSwitch, iSpeakerVolume ;
int iNextModemState = STAY_MODEM_STATE ;
const char * pCmd ;
char cBuf [ 46 ] ;
int iCmdLen ;
int iErrorCorrection, iSpeakerSwitch, iSpeakerVolume ;
int iNextModemState = STAY_MODEM_STATE ;
DEBUG_MODEM_PRINTF( "modem_init_resp00" ) ;
@ -4031,7 +4034,7 @@ modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *
}
pCmd = cBuf ;
snprintf( pCmd, sizeof(cBuf), "ATM%dL%d\r\n", iSpeakerSwitch, iSpeakerVolume ) ;
snprintf( cBuf, sizeof(cBuf), "ATM%dL%d\r\n", iSpeakerSwitch, iSpeakerVolume ) ;
break ;
case 3 :
@ -4060,7 +4063,7 @@ modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *
}
pCmd = cBuf ;
snprintf( pCmd, sizeof(cBuf), "AT\\N%d\r\n", iErrorCorrection ) ;
snprintf( cBuf, sizeof(cBuf), "AT\\N%d\r\n", iErrorCorrection ) ;
break ;
case 7 :
@ -4251,8 +4254,8 @@ static int
modem_esc_escape ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
DEBUG_MODEM_PRINTF( "modem_esc_escape" ) ;
@ -4317,8 +4320,8 @@ static int
modem_esc_disc ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
{
char *pCmd ;
int iCmdLen ;
const char * pCmd ;
int iCmdLen ;
DEBUG_MODEM_PRINTF( "modem_esc_disc" ) ;
@ -4349,9 +4352,9 @@ static void
jjy_write_clockstats ( struct peer *peer, int iMark, const char *pData )
{
char sLog [ 100 ] ;
char *pMark ;
int iMarkLen, iDataLen ;
char sLog [ 100 ] ;
const char * pMark ;
int iMarkLen, iDataLen ;
switch ( iMark ) {
case JJY_CLOCKSTATS_MARK_JJY :

2
contrib/ntp/ntpd/refclock_shm.c
View File

@ -600,7 +600,7 @@ shm_timer(
cd.year, cd.month, cd.monthday,
cd.hour, cd.minute, cd.second,
(long)shm_stat.tvt.tv_nsec);
pp->lencode = (c < sizeof(pp->a_lastcode)) ? c : 0;
pp->lencode = (c > 0 && (size_t)c < sizeof(pp->a_lastcode)) ? c : 0;
/* check 1: age control of local time stamp */
tt = shm_stat.tvc.tv_sec - shm_stat.tvr.tv_sec;

4
contrib/ntp/ntpdc/invoke-ntpdc.texi
View File

@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntpdc.texi)
#
# It has been AutoGen-ed January 7, 2016 at 11:31:26 PM by AutoGen 5.18.5
# It has been AutoGen-ed January 20, 2016 at 04:18:37 AM by AutoGen 5.18.5
# From the definitions ntpdc-opts.def
# and the template file agtexi-cmd.tpl
@end ignore
@ -76,7 +76,7 @@ with a status code of 0.
@exampleindent 0
@example
ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5
ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6
Usage: ntpdc [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
Flg Arg Option-Name Description
-4 no ipv4 Force IPv4 DNS name resolution

20
contrib/ntp/ntpdc/ntpdc-opts.c
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpdc-opts.c)
*
* It has been AutoGen-ed January 7, 2016 at 11:31:12 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:18:22 AM by AutoGen 5.18.5
* From the definitions ntpdc-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpdc program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -69,8 +69,8 @@ extern FILE * option_usage_fp;
* static const strings for ntpdc options
*/
static char const ntpdc_opt_strs[1911] =
/* 0 */ "ntpdc 4.2.8p5\n"
"Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
/* 0 */ "ntpdc 4.2.8p6\n"
"Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
"This is free software. It is licensed for use, modification and\n"
"redistribution under the terms of the NTP License, copies of which\n"
"can be seen at:\n"
@ -128,14 +128,14 @@ static char const ntpdc_opt_strs[1911] =
/* 1694 */ "no-load-opts\0"
/* 1707 */ "no\0"
/* 1710 */ "NTPDC\0"
/* 1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5\n"
/* 1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6\n"
"Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
/* 1846 */ "$HOME\0"
/* 1852 */ ".\0"
/* 1854 */ ".ntprc\0"
/* 1861 */ "http://bugs.ntp.org, bugs@ntp.org\0"
/* 1895 */ "\n\0"
/* 1897 */ "ntpdc 4.2.8p5";
/* 1897 */ "ntpdc 4.2.8p6";
/**
* ipv4 option description with
@ -796,8 +796,8 @@ static void bogus_function(void) {
translate option names.
*/
/* referenced via ntpdcOptions.pzCopyright */
puts(_("ntpdc 4.2.8p5\n\
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
puts(_("ntpdc 4.2.8p6\n\
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the NTP License, copies of which\n\
can be seen at:\n"));
@ -862,14 +862,14 @@ implied warranty.\n"));
puts(_("load options from a config file"));
/* referenced via ntpdcOptions.pzUsageTitle */
puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5\n\
puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6\n\
Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
/* referenced via ntpdcOptions.pzExplain */
puts(_("\n"));
/* referenced via ntpdcOptions.pzFullVersion */
puts(_("ntpdc 4.2.8p5"));
puts(_("ntpdc 4.2.8p6"));
/* referenced via ntpdcOptions.pzFullUsage */
puts(_("<<<NOT-FOUND>>>"));

8
contrib/ntp/ntpdc/ntpdc-opts.h
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpdc-opts.h)
*
* It has been AutoGen-ed January 7, 2016 at 11:31:11 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:18:21 AM by AutoGen 5.18.5
* From the definitions ntpdc-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpdc program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -83,9 +83,9 @@ typedef enum {
/** count of all options for ntpdc */
#define OPTION_CT 15
/** ntpdc version */
#define NTPDC_VERSION "4.2.8p5"
#define NTPDC_VERSION "4.2.8p6"
/** Full ntpdc version text */
#define NTPDC_FULL_VERSION "ntpdc 4.2.8p5"
#define NTPDC_FULL_VERSION "ntpdc 4.2.8p6"
/**
* Interface defines for all options. Replace "n" with the UPPER_CASED

8
contrib/ntp/ntpdc/ntpdc.1ntpdcman
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntpdc 1ntpdcman "07 Jan 2016" "4.2.8p5" "User Commands"
.TH ntpdc 1ntpdcman "20 Jan 2016" "4.2.8p6" "User Commands"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-EXaGzs/ag-QXayys)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-n4aaHU/ag-A4a4FU)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:22 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:33 AM by AutoGen 5.18.5
.\" From the definitions ntpdc-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -848,7 +848,7 @@ RFC1305
.SH AUTHORS
The formatting directives in this document came from FreeBSD.
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The

6
contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTPDC 1ntpdcmdoc User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntpdc-opts.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:29 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:39 AM by AutoGen 5.18.5
.\" From the definitions ntpdc-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -787,7 +787,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you.
.Sh AUTHORS
The formatting directives in this document came from FreeBSD.
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The

23
contrib/ntp/ntpdc/ntpdc.c
View File

@ -605,7 +605,11 @@ getresponse(
int seq;
fd_set fds;
ssize_t n;
size_t pad;
int pad;
/* absolute timeout checks. Not 'time_t' by intention! */
uint32_t tobase; /* base value for timeout */
uint32_t tospan; /* timeout span (max delay) */
uint32_t todiff; /* current delay */
/*
* This is pretty tricky. We may get between 1 and many packets
@ -622,12 +626,14 @@ getresponse(
lastseq = 999; /* too big to be a sequence number */
ZERO(haveseq);
FD_ZERO(&fds);
tobase = (uint32_t)time(NULL);
again:
if (firstpkt)
tvo = tvout;
else
tvo = tvsout;
tospan = (uint32_t)tvo.tv_sec + (tvo.tv_usec != 0);
FD_SET(sockfd, &fds);
n = select(sockfd+1, &fds, NULL, NULL, &tvo);
@ -635,6 +641,17 @@ getresponse(
warning("select fails");
return -1;
}
/*
* Check if this is already too late. Trash the data and fake a
* timeout if this is so.
*/
todiff = (((uint32_t)time(NULL)) - tobase) & 0x7FFFFFFFu;
if ((n > 0) && (todiff > tospan)) {
n = recv(sockfd, (char *)&rpkt, sizeof(rpkt), 0);
n = 0; /* faked timeout return from 'select()'*/
}
if (n == 0) {
/*
* Timed out. Return what we have
@ -780,8 +797,10 @@ getresponse(
}
/*
* So far, so good. Copy this data into the output array.
* So far, so good. Copy this data into the output array. Bump
* the timeout base, in case we expect more data.
*/
tobase = (uint32_t)time(NULL);
if ((datap + datasize + (pad * items)) > (pktdata + pktdatasize)) {
size_t offset = datap - pktdata;
growpktdata();

4
contrib/ntp/ntpdc/ntpdc.html
View File

@ -36,7 +36,7 @@ display the time offset of the system clock relative to the server
clock. Run as root, it can correct the system clock to this offset as
well. It can be run as an interactive command or from a cron job.
<p>This document applies to version 4.2.8p5 of <code>ntpdc</code>.
<p>This document applies to version 4.2.8p6 of <code>ntpdc</code>.
<p>The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
IETF specification.
@ -152,7 +152,7 @@ the usage text by passing it through a pager program.
used to select the program, defaulting to <span class="file">more</span>. Both will exit
with a status code of 0.
<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5
<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6
Usage: ntpdc [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [ host ...]
Flg Arg Option-Name Description
-4 no ipv4 Force IPv4 DNS name resolution

8
contrib/ntp/ntpdc/ntpdc.man.in
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntpdc @NTPDC_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
.TH ntpdc @NTPDC_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-EXaGzs/ag-QXayys)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-n4aaHU/ag-A4a4FU)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:22 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:33 AM by AutoGen 5.18.5
.\" From the definitions ntpdc-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -848,7 +848,7 @@ RFC1305
.SH AUTHORS
The formatting directives in this document came from FreeBSD.
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH BUGS
The

6
contrib/ntp/ntpdc/ntpdc.mdoc.in
View File

@ -1,9 +1,9 @@
.Dd January 7 2016
.Dd January 20 2016
.Dt NTPDC @NTPDC_MS@ User Commands
.Os
.\" EDIT THIS FILE WITH CAUTION (ntpdc-opts.mdoc)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:29 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:18:39 AM by AutoGen 5.18.5
.\" From the definitions ntpdc-opts.def
.\" and the template file agmdoc-cmd.tpl
.Sh NAME
@ -787,7 +787,7 @@ it to autogen\-users@lists.sourceforge.net. Thank you.
.Sh AUTHORS
The formatting directives in this document came from FreeBSD.
.Sh "COPYRIGHT"
Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.Sh BUGS
The

4
contrib/ntp/ntpq/invoke-ntpq.texi
View File

@ -6,7 +6,7 @@
#
# EDIT THIS FILE WITH CAUTION (invoke-ntpq.texi)
#
# It has been AutoGen-ed January 7, 2016 at 11:32:00 PM by AutoGen 5.18.5
# It has been AutoGen-ed January 20, 2016 at 04:19:10 AM by AutoGen 5.18.5
# From the definitions ntpq-opts.def
# and the template file agtexi-cmd.tpl
@end ignore
@ -847,7 +847,7 @@ with a status code of 0.
@exampleindent 0
@example
ntpq - standard NTP query program - Ver. 4.2.8p5
ntpq - standard NTP query program - Ver. 4.2.8p6
Usage: ntpq [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
Flg Arg Option-Name Description
-4 no ipv4 Force IPv4 DNS name resolution

20
contrib/ntp/ntpq/ntpq-opts.c
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpq-opts.c)
*
* It has been AutoGen-ed January 7, 2016 at 11:31:32 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:18:42 AM by AutoGen 5.18.5
* From the definitions ntpq-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpq program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -69,8 +69,8 @@ extern FILE * option_usage_fp;
* static const strings for ntpq options
*/
static char const ntpq_opt_strs[1925] =
/* 0 */ "ntpq 4.2.8p5\n"
"Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
/* 0 */ "ntpq 4.2.8p6\n"
"Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
"This is free software. It is licensed for use, modification and\n"
"redistribution under the terms of the NTP License, copies of which\n"
"can be seen at:\n"
@ -129,13 +129,13 @@ static char const ntpq_opt_strs[1925] =
/* 1723 */ "no-load-opts\0"
/* 1736 */ "no\0"
/* 1739 */ "NTPQ\0"
/* 1744 */ "ntpq - standard NTP query program - Ver. 4.2.8p5\n"
/* 1744 */ "ntpq - standard NTP query program - Ver. 4.2.8p6\n"
"Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
/* 1863 */ "$HOME\0"
/* 1869 */ ".\0"
/* 1871 */ ".ntprc\0"
/* 1878 */ "http://bugs.ntp.org, bugs@ntp.org\0"
/* 1912 */ "ntpq 4.2.8p5";
/* 1912 */ "ntpq 4.2.8p6";
/**
* ipv4 option description with
@ -786,8 +786,8 @@ static void bogus_function(void) {
translate option names.
*/
/* referenced via ntpqOptions.pzCopyright */
puts(_("ntpq 4.2.8p5\n\
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
puts(_("ntpq 4.2.8p6\n\
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
This is free software. It is licensed for use, modification and\n\
redistribution under the terms of the NTP License, copies of which\n\
can be seen at:\n"));
@ -852,11 +852,11 @@ implied warranty.\n"));
puts(_("load options from a config file"));
/* referenced via ntpqOptions.pzUsageTitle */
puts(_("ntpq - standard NTP query program - Ver. 4.2.8p5\n\
puts(_("ntpq - standard NTP query program - Ver. 4.2.8p6\n\
Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
/* referenced via ntpqOptions.pzFullVersion */
puts(_("ntpq 4.2.8p5"));
puts(_("ntpq 4.2.8p6"));
/* referenced via ntpqOptions.pzFullUsage */
puts(_("<<<NOT-FOUND>>>"));

8
contrib/ntp/ntpq/ntpq-opts.h
View File

@ -1,7 +1,7 @@
/*
* EDIT THIS FILE WITH CAUTION (ntpq-opts.h)
*
* It has been AutoGen-ed January 7, 2016 at 11:31:32 PM by AutoGen 5.18.5
* It has been AutoGen-ed January 20, 2016 at 04:18:42 AM by AutoGen 5.18.5
* From the definitions ntpq-opts.def
* and the template file options
*
@ -18,7 +18,7 @@
* The ntpq program is copyrighted and licensed
* under the following terms:
*
* Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
* Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
* This is free software. It is licensed for use, modification and
* redistribution under the terms of the NTP License, copies of which
* can be seen at:
@ -83,9 +83,9 @@ typedef enum {
/** count of all options for ntpq */
#define OPTION_CT 15
/** ntpq version */
#define NTPQ_VERSION "4.2.8p5"
#define NTPQ_VERSION "4.2.8p6"
/** Full ntpq version text */
#define NTPQ_FULL_VERSION "ntpq 4.2.8p5"
#define NTPQ_FULL_VERSION "ntpq 4.2.8p6"
/**
* Interface defines for all options. Replace "n" with the UPPER_CASED

8
contrib/ntp/ntpq/ntpq-subs.c
View File

@ -2861,7 +2861,7 @@ collect_mru_list(
ri, sptoa(&recent->addr), ri,
recent->last.l_ui, recent->last.l_uf);
chars = strlen(buf);
if (REQ_ROOM <= chars)
if ((size_t)REQ_ROOM <= chars)
break;
memcpy(req, buf, chars + 1);
req += chars;
@ -3173,6 +3173,7 @@ mrulist(
qsort(sorted, mru_count, sizeof(sorted[0]),
mru_qcmp_table[order]);
mrulist_interrupted = FALSE;
printf( "lstint avgint rstr r m v count rport remote address\n"
"==============================================================================\n");
/* '=' x 78 */
@ -3199,6 +3200,11 @@ mrulist(
nntohost(&recent->addr));
if (showhostnames)
fflush(fp);
if (mrulist_interrupted) {
fputs("\n --interrupted--\n", fp);
fflush(fp);
break;
}
}
fflush(fp);
if (debug) {

8
contrib/ntp/ntpq/ntpq.1ntpqman
View File

@ -10,11 +10,11 @@
.ds B-Font B
.ds I-Font I
.ds R-Font R
.TH ntpq 1ntpqman "07 Jan 2016" "4.2.8p5" "User Commands"
.TH ntpq 1ntpqman "20 Jan 2016" "4.2.8p6" "User Commands"
.\"
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-4VaaKt/ag-eWa4It)
.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Z7aWRV/ag-_7aOQV)
.\"
.\" It has been AutoGen-ed January 7, 2016 at 11:31:55 PM by AutoGen 5.18.5
.\" It has been AutoGen-ed January 20, 2016 at 04:19:06 AM by AutoGen 5.18.5
.\" From the definitions ntpq-opts.def
.\" and the template file agman-cmd.tpl
.SH NAME
@ -1412,7 +1412,7 @@ it to autogen-users@lists.sourceforge.net. Thank you.
.SH "AUTHORS"
The University of Delaware and Network Time Foundation
.SH "COPYRIGHT"
Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
This program is released under the terms of the NTP license, <http://ntp.org/license>.
.SH "BUGS"
Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org

Some files were not shown because too many files have changed in this diff Show More