freebsd-nq/contrib/ntp/include/ntp_config.h
Cy Schubert 767173cec2 MFV r362565:
Update 4.2.8p14 --> 4.2.8p15

Summary: Systems that use a CMAC algorithm in ntp.keys will not release
a bit of memory on each packet that uses a CMAC keyid, eventually causing
ntpd to run out of memory and fail. The CMAC cleanup from
https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby
the CMAC data structure was no longer completely removed.

MFC after:	3 days
Security:	NTP Bug 3661
2020-06-24 01:51:05 +00:00

350 lines
8.3 KiB
C

#ifndef NTP_CONFIG_H
#define NTP_CONFIG_H
#ifdef HAVE_SYS_RESOURCE_H
# include <sys/resource.h>
#endif /* HAVE_SYS_RESOURCE_H */
#include "ntp_machine.h"
#include "ntp_psl.h"
#include "ntpsim.h"
/*
* Configuration file name
*/
#ifndef CONFIG_FILE
# ifndef SYS_WINNT
# define CONFIG_FILE "/etc/ntp.conf"
# else /* SYS_WINNT */
# define CONFIG_FILE "%windir%\\system32\\drivers\\etc\\ntp.conf"
# define ALT_CONFIG_FILE "%windir%\\ntp.conf"
# define NTP_KEYSDIR "%windir%\\system32\\drivers\\etc"
# endif /* SYS_WINNT */
#endif /* not CONFIG_FILE */
/*
* We keep config trees around for possible saveconfig use. When
* built with configure --disable-saveconfig, and when built with
* debugging enabled, include the free_config_*() routines. In the
* DEBUG case, they are used in an atexit() cleanup routine to make
* postmortem leak check reports more interesting.
*/
#if !defined(FREE_CFG_T) && (!defined(SAVECONFIG) || defined(DEBUG))
#define FREE_CFG_T
#endif
/* Limits */
#define MAXLINE 1024
/* Configuration sources */
#define CONF_SOURCE_FILE 0
#define CONF_SOURCE_NTPQ 1
/* list of servers from command line for config_peers() */
extern int cmdline_server_count;
extern char ** cmdline_servers;
/* set to zero if we're not locking memory */
extern int cur_memlock;
typedef struct int_range_tag {
int first;
int last;
} int_range;
/* generic list node */
typedef struct any_node_tag any_node;
struct any_node_tag {
any_node * link;
};
typedef DECL_FIFO_ANCHOR(any_node) any_node_fifo;
/* Structure for storing an attribute-value pair */
typedef struct attr_val_tag attr_val;
struct attr_val_tag {
attr_val * link;
int attr;
int type; /* T_String, T_Integer, ... */
int flag; /* auxiliary flags */
union val {
double d; /* T_Double */
int i; /* T_Integer */
int_range r; /* T_Intrange */
char * s; /* T_String */
u_int u; /* T_U_int */
} value;
};
typedef DECL_FIFO_ANCHOR(attr_val) attr_val_fifo;
/* Structure for nodes on the syntax tree */
typedef struct address_node_tag address_node;
struct address_node_tag {
address_node * link;
char * address;
u_short type; /* family, AF_UNSPEC (0), AF_INET[6] */
};
typedef DECL_FIFO_ANCHOR(address_node) address_fifo;
typedef struct int_node_tag int_node;
struct int_node_tag {
int_node * link;
int i;
};
typedef DECL_FIFO_ANCHOR(int_node) int_fifo;
typedef struct string_node_tag string_node;
struct string_node_tag {
string_node * link;
char * s;
};
typedef DECL_FIFO_ANCHOR(string_node) string_fifo;
typedef struct restrict_node_tag restrict_node;
struct restrict_node_tag {
restrict_node * link;
address_node * addr;
address_node * mask;
attr_val_fifo * flag_tok_fifo;
int line_no;
short ippeerlimit;
short srvfuzrft;
};
typedef DECL_FIFO_ANCHOR(restrict_node) restrict_fifo;
typedef struct peer_node_tag peer_node;
struct peer_node_tag {
peer_node * link;
int host_mode;
address_node * addr;
attr_val_fifo * peerflags;
u_char minpoll;
u_char maxpoll;
u_int32 ttl;
u_char peerversion;
keyid_t peerkey;
char * group;
};
typedef DECL_FIFO_ANCHOR(peer_node) peer_fifo;
typedef struct unpeer_node_tag unpeer_node;
struct unpeer_node_tag {
unpeer_node * link;
associd_t assocID;
address_node * addr;
};
typedef DECL_FIFO_ANCHOR(unpeer_node) unpeer_fifo;
typedef struct auth_node_tag auth_node;
struct auth_node_tag {
int control_key;
int cryptosw;
attr_val_fifo * crypto_cmd_list;
char * keys;
char * keysdir;
int request_key;
int revoke;
attr_val_fifo * trusted_key_list;
char * ntp_signd_socket;
};
typedef struct filegen_node_tag filegen_node;
struct filegen_node_tag {
filegen_node * link;
int filegen_token;
attr_val_fifo * options;
};
typedef DECL_FIFO_ANCHOR(filegen_node) filegen_fifo;
typedef struct setvar_node_tag setvar_node;
struct setvar_node_tag {
setvar_node * link;
char * var;
char * val;
int isdefault;
};
typedef DECL_FIFO_ANCHOR(setvar_node) setvar_fifo;
typedef struct nic_rule_node_tag nic_rule_node;
struct nic_rule_node_tag {
nic_rule_node * link;
int match_class;
char * if_name; /* or numeric address */
int action;
};
typedef DECL_FIFO_ANCHOR(nic_rule_node) nic_rule_fifo;
typedef struct addr_opts_node_tag addr_opts_node;
struct addr_opts_node_tag {
addr_opts_node *link;
address_node * addr;
attr_val_fifo * options;
};
typedef DECL_FIFO_ANCHOR(addr_opts_node) addr_opts_fifo;
typedef struct sim_node_tag sim_node;
struct sim_node_tag {
sim_node * link;
attr_val_fifo * init_opts;
server_info_fifo * servers;
};
typedef DECL_FIFO_ANCHOR(sim_node) sim_fifo;
/* The syntax tree */
typedef struct config_tree_tag config_tree;
struct config_tree_tag {
config_tree * link;
attr_val source;
time_t timestamp;
peer_fifo * peers;
unpeer_fifo * unpeers;
/* Other Modes */
int broadcastclient;
address_fifo * manycastserver;
address_fifo * multicastclient;
attr_val_fifo * orphan_cmds; /* s/b renamed tos_options */
/* Monitoring Configuration */
int_fifo * stats_list;
char * stats_dir;
filegen_fifo * filegen_opts;
/* Access Control Configuration */
attr_val_fifo * discard_opts;
attr_val_fifo * mru_opts;
restrict_fifo * restrict_opts;
addr_opts_fifo *fudge;
attr_val_fifo * rlimit;
attr_val_fifo * tinker;
attr_val_fifo * enable_opts;
attr_val_fifo * disable_opts;
auth_node auth;
attr_val_fifo * logconfig;
string_fifo * phone;
setvar_fifo * setvar;
int_fifo * ttl;
addr_opts_fifo *trap;
attr_val_fifo * vars;
nic_rule_fifo * nic_rules;
int_fifo * reset_counters;
attr_val_fifo * pollskewlist;
sim_fifo * sim_details;
int mdnstries;
};
/* Structure for holding a remote configuration command */
struct REMOTE_CONFIG_INFO {
char buffer[MAXLINE];
char err_msg[MAXLINE];
int pos;
int err_pos;
int no_errors;
};
/*
* context for trap_name_resolved() to call ctlsettrap() once the
* name->address resolution completes.
*/
typedef struct settrap_parms_tag {
sockaddr_u ifaddr;
int ifaddr_nonnull;
} settrap_parms;
/*
** Data Minimization Items
*/
/* Serverresponse fuzz reftime: stored in 'restrict' fifos */
/* get text from T_ tokens */
const char * token_name(int token);
/* generic fifo routines for structs linked by 1st member */
typedef void (*fifo_deleter)(void*);
void * destroy_gen_fifo(void *fifo, fifo_deleter func);
void * append_gen_fifo(void *fifo, void *entry);
void * concat_gen_fifos(void *first, void *second);
#define DESTROY_G_FIFO(pf, func) \
((pf) = destroy_gen_fifo((pf), (fifo_deleter)(func)))
#define APPEND_G_FIFO(pf, pe) \
((pf) = append_gen_fifo((pf), (pe)))
#define CONCAT_G_FIFOS(first, second) \
((first) = concat_gen_fifos((first), (second)))
#define HEAD_PFIFO(pf) \
(((pf) != NULL) \
? HEAD_FIFO(*(pf)) \
: NULL)
peer_node *create_peer_node(int hmode, address_node *addr,
attr_val_fifo *options);
unpeer_node *create_unpeer_node(address_node *addr);
address_node *create_address_node(char *addr, int type);
void destroy_address_node(address_node *my_node);
attr_val *create_attr_dval(int attr, double value);
attr_val *create_attr_ival(int attr, int value);
attr_val *create_attr_rval(int attr, int first, int last);
attr_val *create_attr_sval(int attr, const char *s);
attr_val *create_attr_uval(int attr, u_int value);
void destroy_attr_val(attr_val *node);
filegen_node *create_filegen_node(int filegen_token,
attr_val_fifo *options);
string_node *create_string_node(char *str);
restrict_node *create_restrict_node(address_node *addr,
address_node *mask,
short ippeerlimit,
attr_val_fifo *flags, int line_no);
int_node *create_int_node(int val);
addr_opts_node *create_addr_opts_node(address_node *addr,
attr_val_fifo *options);
sim_node *create_sim_node(attr_val_fifo *init_opts,
server_info_fifo *servers);
setvar_node *create_setvar_node(char *var, char *val, int isdefault);
nic_rule_node *create_nic_rule_node(int match_class, char *if_name,
int action);
script_info *create_sim_script_info(double duration,
attr_val_fifo *script_queue);
server_info *create_sim_server(address_node *addr, double server_offset,
script_info_fifo *script);
extern struct REMOTE_CONFIG_INFO remote_config;
void config_remotely(sockaddr_u *);
#ifdef SAVECONFIG
int dump_config_tree(config_tree *ptree, FILE *df, int comment);
int dump_all_config_trees(FILE *df, int comment);
#endif
#if defined(HAVE_SETRLIMIT)
void ntp_rlimit(int, rlim_t, int, const char *);
#endif
#endif /* !defined(NTP_CONFIG_H) */