+ * [Bug 1395] ease ntpdate elimination with ntpd -w/--wait-sync
+ * [Bug 1396] allow servers on ntpd command line like ntpdate
+(4.2.7p38) 2010/06/20 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1570] backported to 4.2.6p2-RC7.
+* [Bug 1575] from 4.2.6p2-RC7: use 'snprintf' with LIB_BUFLENGTH in
+ inttoa.c, tvtoa.c and utvtoa.c
+* [Bug 1576] backported to 4.2.6p2-RC7.
+* Typo fix in a comment in ntp_proto.c.
+(4.2.7p37) 2010/06/19 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1576] sys/sysctl.h depends on sys/param.h on OpenBSD.
+(4.2.7p36) 2010/06/15 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1560] Initial support for orphanwait, from Dave Mills.
+* clock_filter()/reachability fixes from Dave Mills.
+(4.2.7p35) 2010/06/12 Released by Harlan Stenn <stenn@ntp.org>
+* Rewrite of multiprecision macros in 'ntp_fp.h' from J. Perlinger
+ <perlinger@ntp.org>
+* [Bug 715] from 4.2.6p2-RC6: libisc Linux IPv6 interface iteration
+ drops multicast flags.
+(4.2.7p34) 2010/06/05 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1570] serial clock drivers get outdated input from kernel tty
+ line buffer after startup
+(4.2.7p33) 2010/06/04 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1561] from 4.2.6p2-RC5: ntpq, ntpdc "passwd" prompts for MD5
+ password w/SHA1.
+* [Bug 1565] from 4.2.6p2-RC5: sntp/crypto.c compile fails on MacOS over
+ vsnprintf().
+* from 4.2.6p2-RC5: Windows port: do not exit in
+ ntp_timestamp_from_counter() without first logging the reason.
+(4.2.7p32) 2010/05/19 Released by Harlan Stenn <stenn@ntp.org>
+* Copyright file cleanup from Dave Mills.
+* [Bug 1555] from 4.2.6p2-RC4: sntp illegal C (mixed code and
+ declarations).
+* [Bug 1558] pool prototype associations have 0.0.0.0 for remote addr.
+* configure.ac: add --disable-autokey, #define AUTOKEY to enable future
+ support for building without Autokey, but with OpenSSL for its digest
+ algorithms (hash functions). Code must be modified to use #ifdef
+ AUTOKEY instead of #ifdef OPENSSL where appropriate to complete this.
+* include/ntp_crypto.h: make assumption AUTOKEY implies OPENSSL explicit.
+(4.2.7p31) 2010/05/11 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1325] from 4.2.6p2-RC3: unreachable code sntp recv_bcst_data().
+* [Bug 1459] from 4.2.6p2-RC3: sntp MD5 authentication does not work
+ with ntpd.
+* [Bug 1552] from 4.2.6p2-RC3: update and complete broadcast and crypto
+ features in sntp.
+* [Bug 1553] from 4.2.6p2-RC3: sntp/configure.ac OpenSSL support.
+* from 4.2.6p2-RC3: Escape unprintable characters in a refid in ntpq -p
+ billboard.
+* from 4.2.6p2-RC3: Simplify hash client code by providing OpenSSL
+ EVP_*() API when built without OpenSSL. (already in 4.2.7)
+* from 4.2.6p2-RC3: Do not depend on ASCII in sntp.
+(4.2.7p30) 2010/05/06 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1526] ntpd DNS pipe read EINTR with no network at startup.
+* Update the ChangeLog entries when merging items from -stable.
+(4.2.7p29) 2010/05/04 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1542] ntpd mrulist response may have incorrect last.older.
+* [Bug 1543] ntpq mrulist must refresh nonce when retrying.
+* [Bug 1544] ntpq mrulist sscanf timestamp format mismatch on 64-bit.
+* Windows compiling hints/winnt.html update from G. Sunil Tej.
+(4.2.7p28) 2010/05/03 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1512] from 4.2.6p2-RC3: ntpsnmpd should connect to net-snmpd
+ via a unix-domain socket by default.
+ Provide a command-line 'socket name' option.
+* [Bug 1538] from 4.2.6p2-RC3: update refclock_nmea.c's call to
+ getprotobyname().
+* [Bug 1541] from 4.2.6p2-RC3: Fix wrong keyword for "maxclock".
+(4.2.7p27) 2010/04/27 Released by Harlan Stenn <stenn@ntp.org>
+(4.2.7p26) 2010/04/24 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1465] from 4.2.6p2-RC2: Make sure time from TS2100 is not
+ invalid (backport from -dev).
+* [Bug 1528] from 4.2.6p2-RC2: Fix EDITLINE_LIBS link order for ntpq
+ and ntpdc.
+* [Bug 1531] Require nonce with mrulist requests.
+* [Bug 1532] Remove ntpd support for ntpdc's monlist in favor of ntpq's
+ mrulist.
+* [Bug 1534] from 4.2.6p2-RC2: conflicts with VC++ 2010 errno.h.
+* [Bug 1535] from 4.2.6p2-RC2: "restrict -4 default" and "restrict
+ -6 default" ignored.
+(4.2.7p25) 2010/04/20 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1528] from 4.2.6p2-RC2: Remove --with-arlib from br-flock.
+* [Bug 1503] [Bug 1504] [Bug 1518] [Bug 1522] from 4.2.6p2-RC2:
+ all of which were fixed in 4.2.7 previously.
+(4.2.7p24) 2010/04/13 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1390] Control PPS on the Oncore M12.
+* [Bug 1518] Windows ntpd should lock to one processor more
+ conservatively.
+* [Bug 1520] '%u' formats for size_t gives warnings with 64-bit builds.
+* [Bug 1522] Enable range syntax "trustedkey (301 ... 399)".
+* Documentation updates for 4.2.7p22 changes and additions, updating
+ ntpdc.html, ntpq.html, accopt.html, confopt.html, manyopt.html,
+ miscopt.html, and miscopt.txt.
+* accopt.html: non-ntpport doc changes from Dave Mills.
+* Modify full MRU list preemption when full to match "discard monitor"
+ documentation, by removing exception for count == 1.
+(4.2.7p23) 2010/04/04 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1516] unpeer by IP address fails, DNS name works.
+* [Bug 1517] ntpq and ntpdc should verify reverse DNS before use.
+ ntpq and ntpdc now use the following format for showing purported
+ DNS names from IP address "reverse" DNS lookups when the DNS name
+ does not exist or does not include the original IP address among
+ the results: "192.168.1.2 (fake.dns.local)".
+(4.2.7p22) 2010/04/02 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1432] Don't set inheritable flag for linux capabilities.
+* [Bug 1465] Make sure time from TS2100 is not invalid.
+* [Bug 1483] AI_NUMERICSERV undefined in 4.2.7p20.
+* [Bug 1497] fudge is broken by getnetnum() change.
+* [Bug 1503] Auto-enabling of monitor for "restrict ... limited" wrong.
+* [Bug 1504] ntpdate tickles ntpd "discard minimum 1" rate limit if
+ "restrict ... limited" is used.
+* ntpdate: stop querying source after KoD packet response, log it.
+* ntpdate: rate limit each server to 2s between packets.
+* From J. N. Perlinger: avoid pointer wraparound warnings in dolfptoa(),
+ printf format mismatches with 64-bit size_t.
+* Broadcast client (ephemeral) associations should be demobilized only
+ if they are not heard from for 10 consecutive polls, regardless of
+ surviving the clock selection. Fix from David Mills.
+* Add "ntpq -c ifstats" similar to "ntpdc -c ifstats".
+* Add "ntpq -c sysstats" similar to "ntpdc -c sysstats".
+* Add "ntpq -c monstats" to show monlist knobs and stats.
+* Add "ntpq -c mrulist" similar to "ntpdc -c monlist" but not
+ limited to 600 rows, and with filtering and sorting options:
+ ntpq -c "mrulist mincount=2 laddr=192.168.1.2 sort=-avgint"
+ ntpq -c "mrulist sort=addr"
+ ntpq -c "mrulist mincount=2 sort=count"
+ ntpq -c "mrulist sort=-lstint"
+* Modify internal representation of MRU list to use l_fp fixed-point
+ NTP timestamps instead of seconds since startup. This increases the
+ resolution and substantially improves accuracy of sorts involving
+ timestamps, at the cost of flushing all MRU entries when the clock is
+ stepped, to ensure the timestamps can be compared with the current
+ get_systime() results.
+* Add ntp.conf "mru" directive to configure MRU parameters, such as
+ "mru mindepth 600 maxage 64 maxdepth 5000 maxmem 1024" or
+ "mru initalloc 0 initmem 16 incalloc 99 incmem 4". Several pairs are
+ equivalent with one in units of MRU entries and its twin in units of
+ kilobytes of memory, so the last one used in ntp.conf controls:
+ maxdepth/maxmem, initalloc/initmem, incalloc/incmem. With the above
+ values, ntpd will preallocate 16kB worth of MRU entries, allocating
+ 4kB worth each time more are needed, with a hard limit of 1MB of MRU
+ entries. Until there are more than 600 entries none would be reused.
+ Then only entries for addresses last seen 64 seconds or longer ago are
+ reused.
+* Limit "ntpdc -c monlist" response in ntpd to 600 entries, the previous
+ overall limit on the MRU list depth which was driven by the monlist
+ implementation limit of one request with a single multipacket
+ response.
+* New "pool" directive implementation modeled on manycastclient.
+* Do not abort on non-ASCII characters in ntp.conf, ignore them.
+* ntpq: increase response reassembly limit from 24 to 32 packets, add
+ discussion in comment regarding results with even larger MAXFRAGS.
+* ntpq: handle "passwd MYPASSWORD" (without prompting) as with ntpdc.
+* ntpdc: do not examine argument to "passwd" if not supplied.
+* configure: remove check for pointer type used with qsort(), we
+ require ANSI C which mandates void *.
+* Reset sys_kodsent to 0 in proto_clr_stats().
+* Add sptoa()/sockporttoa() similar to stoa()/socktoa() adding :port.
+* Use memcpy() instead of memmove() when buffers can not overlap.
+* Remove sockaddr_storage from our sockaddr_u union of sockaddr,
+ sockaddr_in, and sockaddr_in6, shaving about 100 bytes from its size
+ and substantially decreasing MRU entry memory consumption.
+* Extend ntpq readvar (alias rv) to allow fetching up to three named
+ variables in one operation: ntpq -c "rv 0 version offset frequency".
+* ntpq: use srchost variable to show .POOL. prototype associations'
+ hostname instead of address 0.0.0.0.
+* "restrict source ..." configures override restrictions for time
+ sources, allows tight default restrictions to be used with the pool
+ directive (where server addresses are not known in advance).
+* Ignore "preempt" modifier on manycastclient and pool prototype
+ associations. The resulting associations are preemptible, but the
+ prototype must not be.
+* Maintain and use linked list of associations (struct peer) in ntpd,
+ avoiding walking 128 hash table entries to iterate over peers.
+* Remove more workarounds unneeded since we require ISO C90 AKA ANSI C:
+ - remove fallback implementations for memmove(), memset, strstr().
+ - do not test for atexit() or memcpy().
+* Collapse a bunch of code duplication in ntpd/ntp_restrict.c added with
+ support for IPv6.
+* Correct some corner case failures in automatically enabling the MRU
+ list if any "restrict ... limited" is in effect, and in disabling MRU
+ maintenance. (ntp_monitor.c, ntp_restrict.c)
+* Reverse the internal sort order of the address restriction lists, but
+ preserve the same behavior. This allows removal of special-case code
+ related to the default restrictions and more straightforward lookups
+ of restrictions for a given address (now, stop on first match).
+* Move ntp_restrict.c MRU doubly-linked list maintenance code into
+ ntp_lists.h macros, allowing more duplicated source excision.
+* Repair ntpdate.c to no longer test HAVE_TIMER_SETTIME.
+* Do not reference peer_node/unpeer_node after freeing when built with
+ --disable-saveconfig and using DNS.
+(4.2.7p21) 2010/03/31 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1514] from 4.2.6p1-RC6: Typo in ntp_proto.c: fabs(foo < .4)
+ should be fabs(foo) < .4.
+* [Bug 1464] from 4.2.6p1-RC6: synchronization source wrong for
+ refclocks ARCRON_MSF (27) and SHM (28).
+* From 4.2.6p1-RC6: Correct Windows port's refclock_open() to
+ return 0 on failure not -1.
+* From 4.2.6p1-RC6: Correct CHU, dumbclock, and WWVB drivers to
+ check for 0 returned from refclock_open() on failure.
+* From 4.2.6p1-RC6: Correct "SIMUL=4 ./flock-build -1" to
+ prioritize -1/--one.
+* [Bug 1306] constant conditionals in audio_gain().
+(4.2.7p20) 2010/02/13 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1483] hostname in ntp.conf "restrict" parameter rejected.
+* Use all addresses for each restrict by hostname.
+* Use async DNS to resolve trap directive hostnames.
+(4.2.7p19) 2010/02/09 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1338] Update the association type codes in ntpq.html.
+* [Bug 1478] from 4.2.6p1-RC5: linking fails: EVP_MD_pkey_type.
+* [Bug 1479] from 4.2.6p1-RC5: not finding readline headers.
+* [Bug 1484] from 4.2.6p1-RC5: ushort is not defined in QNX6.
+(4.2.7p18) 2010/02/07 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1480] from 4.2.6p1-RC5: snprintf() cleanup caused
+ unterminated refclock IDs.
+* Stop using getaddrinfo() to convert numeric address strings to on-wire
+ addresses in favor of is_ip_address() alone.
+(4.2.7p17) 2010/02/05 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1477] from 4.2.6p1-RC5: First non-gmake make in clone
+ w/VPATH can't make COPYRIGHT.
+* Attempts to cure CID 108 CID 118 CID 119 TAINTED_SCALAR warnings.
+* Broaden ylwrap workaround VPATH_HACK to all non-GNU make.
+(4.2.7p16) 2010/02/04 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1474] from 4.2.6p1-RC4: ntp_keygen LCRYPTO after libntp.a.
+* Include 4.2.6p1-RC4: Remove arlib.
+(4.2.7p15) 2010/02/03 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1455] from 4.2.6p1: ntpd does not try /etc/ntp.audio.
+* Include 4.2.6p1: Convert many sprintf() calls to snprintf(), also
+ strcpy(), strcat().
+* Include 4.2.6p1: Fix widely cut-n-pasted bug in refclock shutdown
+ after failed start.
+* Include 4.2.6p1: Remove some dead code checking for emalloc()
+ returning NULL.
+(4.2.7p14) 2010/02/02 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1338] ntpq displays incorrect association type codes.
+* [Bug 1469] u_int32, int32 changes broke HP-UX 10.20 build.
+* [Bug 1470] from 4.2.6p1: "make distdir" compiles keyword-gen.
+* [Bug 1471] CID 120 CID 121 CID 122 is_ip_address() uninit family.
+* [Bug 1472] CID 116 CID 117 minor warnings in new DNS code.
+* [Bug 1473] from 4.2.6p1: "make distcheck" version.m4 error.
+(4.2.7p13) 2010/01/31 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1467] from 4.2.6p1: Fix bogus rebuild of sntp/sntp.html.
+(4.2.7p12) 2010/01/30 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1468] 'make install' broken for root on default NFS mount.
+(4.2.7p11) 2010/01/28 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 47] Debugging and logging do not work after a fork.
+* [Bug 1010] getaddrinfo() could block and thus should not be called by
+ the main thread/process.
+* New async DNS resolver in ntpd allows nonblocking queries anytime,
+ instead of only once at startup.
+(4.2.7p10) 2010/01/24 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1140] from 4.2.6p1-RC5: Clean up debug.html, decode.html,
+ and ntpq.html.
+* Include 4.2.6p1-RC3: Use TZ=UTC instead of TZ= when calling date in
+ scripts/mkver.in .
+* [Bug 1448] from 4.2.6p1-RC3: Some macros not correctly conditionally
+ or absolutely defined on Windows.
+* [Bug 1449] from 4.2.6p1-RC3: ntpsim.h in ntp_config.c should be used
+ conditionally.
+* [Bug 1450] from 4.2.6p1-RC3: Option to exclude warnings not
+ unconditionally defined on Windows.
+(4.2.7p9) 2010/01/13 Released by Harlan Stenn <stenn@ntp.org>
+(4.2.7p8) 2010/01/12 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 702] ntpd service logic should use libopts to examine cmdline.
+* [Bug 1451] from 4.2.6p1-RC3: sntp leaks KoD entry updating.
+* [Bug 1453] from 4.2.6p1-RC3: Use $CC in config.cache filename.
+(4.2.7p7) 2009/12/30 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 620] ntpdc getresponse() esize != *rsize s/b size != *rsize.
+* [Bug 1446] 4.2.7p6 requires autogen, missing ntpd.1, *.texi, *.menu.
+(4.2.7p6) 2009/12/28 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1443] Remove unnecessary dependencies on ntp_io.h
+* [Bug 1442] Move Windows functions into libntp files
+* [Bug 1127] from 4.2.6p1-RC3: Check the return of X590_verify().
+* [Bug 1439] from 4.2.6p1-RC3: .texi gen after binary is linked.
+* [Bug 1440] from 4.2.6p1-RC3: Update configure.ac to support kfreebsd.
+* [Bug 1445] from 4.2.6p1-RC3: IRIX does not have -lcap or support
+ linux capabilities.
+(4.2.7p5) 2009/12/25 Released by Harlan Stenn <stenn@ntp.org>
+* Include 4.2.6p1-RC2
+(4.2.7p4) 2009/12/24 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1429] ntpd -4 option does not reliably force IPv4 resolution.
+* [Bug 1431] System headers must come before ntp headers in ntp_intres.c .
+(4.2.7p3) 2009/12/22 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1426] scripts/VersionName needs . on the search path.
+* [Bug 1427] quote missing in ./build - shows up on NetBSD.
+* [Bug 1428] Use AC_HEADER_RESOLV to fix breaks from resolv.h
+(4.2.7p2) 2009/12/20 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1419] ntpdate, ntpdc, sntp, ntpd ignore configure --bindir.
+* [Bug 1421] add util/tg2, a clone of tg that works on Linux, NetBSD, and
+ FreeBSD
+(4.2.7p1) 2009/12/15 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1348] ntpd Windows port should wait for sendto() completion.
+* [Bug 1413] test OpenSSL headers regarding -Wno-strict-prototypes.
+* [Bug 1418] building ntpd/ntpdc/ntpq statically with ssl fails.
+(4.2.7p0) 2009/12/13 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1412] m4/os_cflags.m4 caches results that depend on $CC.
+* [Bug 1414] Enable "make distcheck" success with BSD make.
+(4.2.7) 2009/12/09 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1407] configure.ac: recent GNU Make -v does not include "version".
+---
+(4.2.6p2-RC7) 2010/06/19 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1570] serial clock drivers get outdated input from kernel tty
+ line buffer after startup
+* [Bug 1575] use 'snprintf' with LIB_BUFLENGTH in inttoa.c, tvtoa.c and
+ utvtoa.c
+* [Bug 1576] sys/sysctl.h depends on sys/param.h on OpenBSD.
+
+---
+(4.2.6p2-RC6) 2010/06/12 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 715] libisc Linux IPv6 interface iteration drops multicast flags.
+
+---
+(4.2.6p2-RC5) 2010/06/03 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1561] ntpq, ntpdc "passwd" prompts for MD5 password w/SHA1.
+* [Bug 1565] sntp/crypto.c compile fails on MacOS over vsnprintf().
+* Windows port: do not exit in ntp_timestamp_from_counter() without
+ first logging the reason.
+* Support "passwd blah" syntax in ntpq.
+
+---
+(4.2.6p2-RC4) 2010/05/19 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1555] 4.2.6p2-RC3 sntp illegal C (mixed code and declarations).
+
+---
+(4.2.6p2-RC3) 2010/05/11 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1325] unreachable code in sntp recv_bcst_data().
+* [Bug 1459] sntp MD5 authentication does not work with ntpd.
+* [Bug 1512] ntpsnmpd should connect to net-snmpd via a unix-domain
+ socket by default. Provide a command-line 'socket name' option.
+* [Bug 1538] update refclock_nmea.c's call to getprotobyname().
+* [Bug 1541] Fix wrong keyword for "maxclock".
+* [Bug 1552] update and complete broadcast and crypto features in sntp.
+* [Bug 1553] sntp/configure.ac OpenSSL support.
+* Escape unprintable characters in a refid in ntpq -p billboard.
+* Simplify hash client code by providing OpenSSL EVP_*() API when built
+ without OpenSSL. (from ntp-dev)
+* Do not depend on ASCII values for ('A' - '0'), ('a' - '0') in sntp.
+* Windows compiling hints/winnt.html update from G. Sunil Tej.
+
+---
+(4.2.6p2-RC2) 2010/04/27 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1465] Make sure time from TS2100 is not invalid (backport from
+ ntp-dev).
+* [Bug 1528] Fix EDITLINE_LIBS link order for ntpq and ntpdc.
+* [Bug 1534] win32/include/isc/net.h conflicts with VC++ 2010 errno.h.
+* [Bug 1535] "restrict -4 default" and "restrict -6 default" ignored.
+* Remove --with-arlib from br-flock.
+
+---
+(4.2.6p2-RC1) 2010/04/18 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1503] Auto-enabling of monitor for "restrict ... limited" wrong.
+* [Bug 1504] ntpdate tickles ntpd "discard minimum 1" rate limit if
+ "restrict ... limited" is used.
+* [Bug 1518] Windows ntpd should lock to one processor more
+ conservatively.
+* [Bug 1522] Enable range syntax "trustedkey (301 ... 399)".
+* Update html/authopt.html controlkey, requestkey, and trustedkey docs.
+
+---
+(4.2.6p1) 2010/04/09 Released by Harlan Stenn <stenn@ntp.org>
+(4.2.6p1-RC6) 2010/03/31 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1514] Typo in ntp_proto.c: fabs(foo < .4) should be fabs(foo) < .4.
+* [Bug 1464] synchronization source wrong for refclocks ARCRON_MSF (27)
+ and SHM (28).
+* Correct Windows port's refclock_open() to return 0 on failure not -1.
+* Correct CHU, dumbclock, and WWVB drivers to check for 0 returned from
+ refclock_open() on failure.
+* Correct "SIMUL=4 ./flock-build -1" to prioritize -1/--one.
+
+---
+(4.2.6p1-RC5) 2010/02/09 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1140] Clean up debug.html, decode.html, and ntpq.html.
+* [Bug 1438] Remove dead code from sntp/networking.c.
+* [Bug 1477] 1st non-gmake make in clone w/VPATH can't make COPYRIGHT.
+* [Bug 1478] linking fails with undefined reference EVP_MD_pkey_type.
+* [Bug 1479] Compilation fails because of not finding readline headers.
+* [Bug 1480] snprintf() cleanup caused unterminated refclock IDs.
+* [Bug 1484] ushort is not defined in QNX6.
+
+---
+(4.2.6p1-RC4) 2010/02/04 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1455] ntpd does not try /etc/ntp.audio as documented.
+* [Bug 1467] Fix bogus rebuild of sntp/sntp.html
+* [Bug 1470] "make distdir" in $srcdir builds keyword-gen, libntp.a.
+* [Bug 1473] "make distcheck" before build can't make sntp/version.m4.
+* [Bug 1474] ntp_keygen needs LCRYPTO after libntp.a.
+* Convert many sprintf() calls to snprintf(), also strcpy(), strcat().
+* Fix widely cut-n-pasted bug in refclock shutdown after failed start.
+* Remove some dead code checking for emalloc() returning NULL.
+* Remove arlib.
+
+---
+(4.2.6p1-RC3) 2010/01/24 Released by Harlan Stenn <stenn@ntp.org>
+
+* Use TZ=UTC instead of TZ= when calling date in scripts/mkver.in .
+* [Bug 1448] Some macros not correctly conditionally or absolutely defined
+ on Windows.
+* [Bug 1449] ntpsim.h in ntp_config.c should be used conditionally.
+* [Bug 1450] Option to exclude warnings not unconditionally defined on Windows.
+* [Bug 1127] Properly check the return of X590_verify() - missed one.
+* [Bug 1439] .texi generation must wait until after binary is linked.
+* [Bug 1440] Update configure.ac to support kfreebsd.
+* [Bug 1445] IRIX does not have -lcap or support linux capabilities.
+* [Bug 1451] CID 115: sntp leaks KoD entry when updating existing.
+* [Bug 1453] Use $CC in config.cache filename in ./build script.
+
+---
+(4.2.6p1-RC2) 2009/12/25 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1411] Fix status messages in refclock_oncore.c.
+* [Bug 1416] MAXDNAME undefined on Solaris 2.6.
+* [Bug 1419] ntpdate, ntpdc, sntp, ntpd ignore configure --bindir.
+* [Bug 1424] Fix check for rtattr (rtnetlink.h).
+* [Bug 1425] unpeer by association ID sets up for duplicate free().
+* [Bug 1426] scripts/VersionName needs . on the search path.
+* [Bug 1427] quote missing in ./build - shows up on NetBSD.
+* [Bug 1428] Use AC_HEADER_RESOLV to fix breaks from resolv.h
+* [Bug 1429] ntpd -4 option does not reliably force IPv4 resolution.
+* [Bug 1431] System headers must come before ntp headers in ntp_intres.c .
+* [Bug 1434] HP-UX 11 ip_mreq undeclared, _HPUX_SOURCE helps some.
+* [Bug 1435] sntp: Test for -lresolv using the same tests as in ntp.
+
+---
+(4.2.6p1-RC1) 2009/12/20 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Bug 1409] Put refclock_neoclock4x.c under the NTP COPYRIGHT notice.
+ This should allow debian and other distros to add this refclock driver
+ in further distro releases.
+ Detect R2 hardware releases.
+* [Bug 1412] m4/os_cflags.m4 caches results that depend on $CC.
+* [Bug 1413] test OpenSSL headers regarding -Wno-strict-prototypes.
+* [Bug 1414] Enable "make distcheck" success with BSD make.
+* [Bug 1415] Fix Mac OS X link problem.
+* [Bug 1418] building ntpd/ntpdc/ntpq statically with ssl fails.
+* Build infrastructure updates to enable beta releases of ntp-stable.
+
+---
+(4.2.6) 2009/12/09 Released by Harlan Stenn <stenn@ntp.org>
+* [Sec 1331] from4.2.4p8: DoS with mode 7 packets - CVE-2009-3563.
+* [Bug 508] Fixed leap second handling for Windows.
+(4.2.5p250-RC) 2009/11/30 Released by Harlan Stenn <stenn@ntp.org>
+* sntp documentation updates.
+* [Bug 761] internal resolver does not seem to honor -4/-6 qualifiers
+* [Bug 1386] Deferred DNS doesn't work on NetBSD
+* [Bug 1391] avoid invoking autogen twice for .c and .h files.
+* [Bug 1397] shmget() refclock_shm failing because of file mode.
+* Pass no_needed to ntp_intres as first part of fixing [Bug 975].
+* Add ./configure --enable-force-defer-DNS to help debugging.
+(4.2.5p249-RC) 2009/11/28 Released by Harlan Stenn <stenn@ntp.org>
+* [Bug 1400] An empty KOD DB file causes sntp to coredump.
+* sntp: documentation cleanup.
+* sntp: clean up some error messages.
+* sntp: Use the precision to control how many offset digits are shown.
+* sntp: Show root dispersion.
+* Cleanup from the automake/autoconf upgrades.
+(4.2.5p248-RC) 2009/11/26 Released by Harlan Stenn <stenn@ntp.org>
+* Prepare for the generation of sntp.html.
+* Documentation changes from Dave Mills.
* [Bug 1387] Storage leak in ntp_intres (minor).
* [Bug 1389] buffer overflow in refclock_oncore.c
* [Bug 1391] .texi usage text from installed, not built binaries.
}
}
-static void
-config_peers(
- struct config_tree *ptree
+
+/*
+ * peerflag_bits() get config_peers() peerflags value from a
+ * peer_node's queue of flag attr_val entries.
+ */
+static int
+peerflag_bits(
+ struct peer_node *pn
)
{
- struct addrinfo *res;
- struct addrinfo *one;
- sockaddr_u peeraddr;
- struct peer_node *curr_peer;
- struct attr_val *option;
- int hmode;
int peerflags;
- int rc;
- int no_needed;
- int i;
+ struct attr_val *option;
- /* add servers named on the command line with iburst implied */
- for (;
- cmdline_server_count > 0;
- cmdline_server_count--, cmdline_servers++) {
+ /* translate peerflags options to bits */
+ peerflags = 0;
+ option = queue_head(pn->peerflags);
+ for (; option != NULL; option = next_node(option))
+ switch (option->value.i) {
- ZERO_SOCK(&peeraddr);
- AF(&peeraddr) = default_ai_family;
- rc = get_multiple_netnums(*cmdline_servers, &peeraddr,
- &res, 0, t_UNK);
- if (1 != rc) {
- msyslog(LOG_INFO, "Deferring DNS for %s",
- *cmdline_servers);
- save_resolve(*cmdline_servers,
- MODE_CLIENT,
- NTP_VERSION,
- 0,
- 0,
- FLAG_IBURST,
- 0,
- 0,
- (u_char *)"*");
- continue;
- }
- for (one = res; one != NULL; one = one->ai_next) {
- ZERO_SOCK(&peeraddr);
- memcpy(&peeraddr, one->ai_addr,
- one->ai_addrlen);
- if ((ipv6_works || !IS_IPV6(&peeraddr)) &&
- !IS_MCAST(&peeraddr))
- peer_config(&peeraddr,
- NULL,
- MODE_CLIENT,
- NTP_VERSION,
- 0,
- 0,
- FLAG_IBURST,
- 0,
- 0,
- (u_char *)"*");
- }
- freeaddrinfo(res);
- }
+ default:
+ NTP_INSIST(0);
+ break;
- curr_peer = queue_head(ptree->peers);
- while (curr_peer != NULL) {
- /* Find the number of associations needed.
- * If a pool coomand is specified, then sys_maxclock needed
- * else, only one is needed
- */
- no_needed = (T_Pool == curr_peer->host_mode)
- ? sys_maxclock
- : 1;
+ case T_Autokey:
+ peerflags |= FLAG_SKEY;
+ break;
- /* Find the correct host-mode */
- hmode = get_correct_host_mode(curr_peer->host_mode);
- NTP_INSIST(hmode != -1);
+ case T_Burst:
+ peerflags |= FLAG_BURST;
+ break;
- /* translate peerflags options to bits */
- peerflags = 0;
- option = queue_head(curr_peer->peerflags);
- for (; option != NULL; option = next_node(option))
- switch (option->value.i) {
+ case T_Iburst:
+ peerflags |= FLAG_IBURST;
+ break;
- default:
- NTP_INSIST(0);
- break;
+ case T_Noselect:
+ peerflags |= FLAG_NOSELECT;
+ break;
- case T_Autokey:
- peerflags |= FLAG_SKEY;
- break;
+ case T_Preempt:
+ peerflags |= FLAG_PREEMPT;
+ break;
- case T_Burst:
- peerflags |= FLAG_BURST;
- break;
+ case T_Prefer:
+ peerflags |= FLAG_PREFER;
+ break;
- case T_Iburst:
- peerflags |= FLAG_IBURST;
- break;
+ case T_True:
+ peerflags |= FLAG_TRUE;
+ break;
- case T_Noselect:
- peerflags |= FLAG_NOSELECT;
- break;
+ case T_Xleave:
+ peerflags |= FLAG_XLEAVE;
+ break;
+ }
- case T_Preempt:
- peerflags |= FLAG_PREEMPT;
- break;
+ return peerflags;
+}
- case T_Prefer:
- peerflags |= FLAG_PREFER;
- break;
- case T_True:
- peerflags |= FLAG_TRUE;
- break;
+static void
+config_peers(
+ struct config_tree *ptree
+ )
+{
+ sockaddr_u peeraddr;
+ isc_netaddr_t i_netaddr;
+ struct addrinfo hints;
+ struct peer_node * curr_peer;
+ peer_resolved_ctx * ctx;
+ u_char hmode;
- case T_Xleave:
- peerflags |= FLAG_XLEAVE;
- break;
- }
++ /* add servers named on the command line with iburst implied */
++ for (;
++ cmdline_server_count > 0;
++ cmdline_server_count--, cmdline_servers++) {
+
- /* Attempt to resolve the address */
+ ZERO_SOCK(&peeraddr);
- AF(&peeraddr) = (u_short)curr_peer->addr->type;
-
- rc = get_multiple_netnums(curr_peer->addr->address,
- &peeraddr, &res, 0, t_UNK);
-
-#ifdef FORCE_DEFER_DNS /* Hack for debugging Deferred DNS */
- if (rc == 1) {
- /* Deferring everything breaks refclocks. */
- memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
- if (!ISREFCLOCKADR(&peeraddr)) {
- status = 0; /* force deferred DNS path */
- msyslog(LOG_INFO, "Forcing Deferred DNS for %s, %s",
- curr_peer->addr->address, stoa(&peeraddr));
- } else {
- msyslog(LOG_INFO, "NOT Deferred DNS for %s, %s",
- curr_peer->addr->address, stoa(&peeraddr));
- }
- }
-#endif
-
- /* I don't know why getnetnum would return -1.
- * The old code had this test, so I guess it must be
- * useful
- */
- if (rc == -1) {
- /* Do nothing, apparently we found an IPv6
- * address and can't do anything about it */
- }
- /* Check if name resolution failed. If yes, store the
- * peer information in a file for asynchronous
- * resolution later
++ /*
++ * If we have a numeric address, we can safely
++ * proceed in the mainline with it. Otherwise, hand
++ * the hostname off to the blocking child.
+ */
- else if (rc != 1) {
- msyslog(LOG_INFO, "Deferring DNS for %s", curr_peer->addr->address);
- save_resolve(curr_peer->addr->address,
- hmode,
- curr_peer->peerversion,
- curr_peer->minpoll,
- curr_peer->maxpoll,
- peerflags,
- curr_peer->ttl,
- curr_peer->peerkey,
- (u_char *)"*");
++ if (is_ip_address(*cmdline_servers, default_ai_family,
++ &i_netaddr)) {
++
++ AF(&peeraddr) = (u_short)i_netaddr.family;
++ SET_PORT(&peeraddr, NTP_PORT);
++ if (AF_INET6 == i_netaddr.family)
++ SET_ADDR6N(&peeraddr,
++ i_netaddr.type.in6);
++ else
++ SET_ADDR4N(&peeraddr,
++ i_netaddr.type.in.s_addr);
++
++ if (is_sane_resolved_address(&peeraddr,
++ T_Server))
++ peer_config(
++ &peeraddr,
++ NULL,
++ NULL,
++ MODE_CLIENT,
++ NTP_VERSION,
++ 0,
++ 0,
++ FLAG_IBURST,
++ 0,
++ 0,
++ (u_char *)"*");
++ } else {
++ /* we have a hostname to resolve */
++#ifdef WORKER
++ ctx = emalloc(sizeof(*ctx));
++ ctx->family = default_ai_family;
++ ctx->host_mode = T_Server;
++ ctx->hmode = MODE_CLIENT;
++ ctx->version = NTP_VERSION;
++ ctx->minpoll = 0;
++ ctx->maxpoll = 0;
++ ctx->flags = FLAG_IBURST;
++ ctx->ttl = 0;
++ ctx->keyid = 0;
++
++ memset(&hints, 0, sizeof(hints));
++ hints.ai_family = (u_short)ctx->family;
++ hints.ai_socktype = SOCK_DGRAM;
++ hints.ai_protocol = IPPROTO_UDP;
++
++ getaddrinfo_sometime(*cmdline_servers,
++ "ntp", &hints,
++ INITIAL_DNS_RETRY,
++ &peer_name_resolved,
++ (void *)ctx);
++#else /* !WORKER follows */
++ msyslog(LOG_ERR,
++ "hostname %s can not be used, please use IP address instead.\n",
++ curr_peer->addr->address);
++#endif
+ }
- /* Yippie!! Name resolution has succeeded!!!
- * Now we can proceed to some more sanity checks on
- * the resolved address before we start to configure
- * the peer
++ }
++
++ /* add associations from the configuration file */
+ for (curr_peer = queue_head(ptree->peers);
+ curr_peer != NULL;
+ curr_peer = next_node(curr_peer)) {
+
+ ZERO_SOCK(&peeraddr);
+ /* Find the correct host-mode */
+ hmode = get_correct_host_mode(curr_peer->host_mode);
+ NTP_INSIST(hmode != 0);
+
+ if (T_Pool == curr_peer->host_mode) {
+ AF(&peeraddr) = curr_peer->addr->type;
+ peer_config(
+ &peeraddr,
+ curr_peer->addr->address,
+ NULL,
+ hmode,
+ curr_peer->peerversion,
+ curr_peer->minpoll,
+ curr_peer->maxpoll,
+ peerflag_bits(curr_peer),
+ curr_peer->ttl,
+ curr_peer->peerkey,
+ (u_char *)"*");
+ /*
+ * If we have a numeric address, we can safely
+ * proceed in the mainline with it. Otherwise, hand
+ * the hostname off to the blocking child.
*/
- else {
- /*
- * Loop to configure the desired number of
- * associations
- */
- for (i = 0, one = res;
- i < no_needed && one != NULL;
- i++, one = one->ai_next) {
- memcpy(&peeraddr, one->ai_addr,
- one->ai_addrlen);
- if (is_sane_resolved_address(
+ } else if (is_ip_address(curr_peer->addr->address,
+ curr_peer->addr->type, &i_netaddr)) {
+
+ AF(&peeraddr) = (u_short)i_netaddr.family;
+ SET_PORT(&peeraddr, NTP_PORT);
+ if (AF_INET6 == i_netaddr.family)
+ SET_ADDR6N(&peeraddr,
+ i_netaddr.type.in6);
+ else
+ SET_ADDR4N(&peeraddr,
+ i_netaddr.type.in.s_addr);
+
+ if (is_sane_resolved_address(&peeraddr,
+ curr_peer->host_mode))
+ peer_config(
&peeraddr,
- curr_peer->host_mode))
-
- peer_config(&peeraddr,
- NULL,
- hmode,
- curr_peer->peerversion,
- curr_peer->minpoll,
- curr_peer->maxpoll,
- peerflags,
- curr_peer->ttl,
- curr_peer->peerkey,
- (u_char *)"*");
+ NULL,
+ NULL,
+ hmode,
+ curr_peer->peerversion,
+ curr_peer->minpoll,
+ curr_peer->maxpoll,
+ peerflag_bits(curr_peer),
+ curr_peer->ttl,
+ curr_peer->peerkey,
+ (u_char *)"*");
+ } else {
+ /* we have a hostname to resolve */
+#ifdef WORKER
+ ctx = emalloc(sizeof(*ctx));
+ ctx->family = curr_peer->addr->type;
+ ctx->host_mode = curr_peer->host_mode;
+ ctx->hmode = hmode;
+ ctx->version = curr_peer->peerversion;
+ ctx->minpoll = curr_peer->minpoll;
+ ctx->maxpoll = curr_peer->maxpoll;
+ ctx->flags = peerflag_bits(curr_peer);
+ ctx->ttl = curr_peer->ttl;
+ ctx->keyid = curr_peer->peerkey;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = (u_short)ctx->family;
+ hints.ai_socktype = SOCK_DGRAM;
+ hints.ai_protocol = IPPROTO_UDP;
+
+ getaddrinfo_sometime(curr_peer->addr->address,
+ "ntp", &hints,
+ INITIAL_DNS_RETRY,
+ &peer_name_resolved,
+ (void *)ctx);
+#else /* !WORKER follows */
+ msyslog(LOG_ERR,
+ "hostname %s can not be used, please use IP address instead.\n",
+ curr_peer->addr->address);
+#endif
+ }
+ }
+}
+
+
+/*
+ * peer_name_resolved()
+ *
+ * Callback invoked when config_peers()'s DNS lookup completes.
+ */
+#ifdef WORKER
+void
+peer_name_resolved(
+ int rescode,
+ int gai_errno,
+ void * context,
+ const char * name,
+ const char * service,
+ const struct addrinfo * hints,
+ const struct addrinfo * res
+ )
+{
+ sockaddr_u peeraddr;
+ peer_resolved_ctx * ctx;
+ int af;
+ const char * fam_spec;
+
+ ctx = context;
+
+ DPRINTF(1, ("peer_name_resolved(%s) rescode %d\n", name, rescode));
+
+ if (rescode) {
+#ifndef IGNORE_DNS_ERRORS
+ free(ctx);
+ msyslog(LOG_ERR,
+ "giving up resolving host %s: %s (%d)",
+ name, gai_strerror(rescode), rescode);
+#else /* IGNORE_DNS_ERRORS follows */
+ getaddrinfo_sometime(name, service, hints,
+ INITIAL_DNS_RETRY,
+ &peer_name_resolved, context);
+#endif
+ return;
+ }
+
+ /* Loop to configure a single association */
+ for (; res != NULL; res = res->ai_next) {
+ memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
+ if (is_sane_resolved_address(&peeraddr,
+ ctx->host_mode)) {
+ NLOG(NLOG_SYSINFO) {
+ af = ctx->family;
+ fam_spec = (AF_INET6 == af)
+ ? "(AAAA) "
+ : (AF_INET == af)
+ ? "(A) "
+ : "";
+ msyslog(LOG_INFO, "DNS %s %s-> %s",
+ name, fam_spec,
+ stoa(&peeraddr));
}
- freeaddrinfo(res);
+ peer_config(
+ &peeraddr,
+ NULL,
+ NULL,
+ ctx->hmode,
+ ctx->version,
+ ctx->minpoll,
+ ctx->maxpoll,
+ ctx->flags,
+ ctx->ttl,
+ ctx->keyid,
+ (u_char *)"*");
+ break;
}
- curr_peer = next_node(curr_peer);
}
+ free(ctx);
}
+#endif /* WORKER */
#ifdef FREE_CFG_T
#endif /* DECL_SYSCALL */
- #ifdef SIGDIE2
+ #if !defined(SIM) && defined(SIGDIE2)
static RETSIGTYPE finish (int);
- #endif /* SIGDIE2 */
+ #endif
- #ifdef DEBUG
- #ifndef SYS_WINNT
+ #if !defined(SIM) && defined(HAVE_WORKING_FORK)
+ static int wait_child_sync_if (int, long);
+ #endif
+
+ #if !defined(SIM) && !defined(SYS_WINNT)
+ # ifdef DEBUG
static RETSIGTYPE moredebug (int);
static RETSIGTYPE lessdebug (int);
- #endif
- #else /* not DEBUG */
+ # else /* !DEBUG follows */
static RETSIGTYPE no_debug (int);
- #endif /* not DEBUG */
+ # endif /* !DEBUG */
+ #endif /* !SIM && !SYS_WINNT */
+ #ifndef SIM
int ntpdmain (int, char **);
static void set_process_priority (void);
+ static void assertion_failed (const char *, int,
+ isc_assertiontype_t,
+ const char *);
+ static void library_fatal_error (const char *, int,
+ const char *, va_list)
+ ISC_FORMAT_PRINTF(3, 0);
+ static void library_unexpected_error(const char *, int,
+ const char *, va_list)
+ ISC_FORMAT_PRINTF(3, 0);
+ #endif /* !SIM */
void init_logging (char const *, int);
-void setup_logfile (void);
-static void process_commandline_opts(int *, char ***);
+void setup_logfile (int);
- static void assertion_failed (const char *file, int line,
- isc_assertiontype_t type, const char *cond);
- static void library_fatal_error (const char *file, int line,
- const char *format, va_list args) ISC_FORMAT_PRINTF(3, 0);
- static void library_unexpected_error(const char *file, int line,
- const char *format, va_list args) ISC_FORMAT_PRINTF(3, 0);
-
/*
- * init_logging - connect to syslog
- * (-l/--logfile and ntp.conf logfile are handled later)
+ * Initialize the logging
+ *
+ * Called once per process, including forked children.
*/
void
init_logging(
progname = argv[0];
initializing = 1; /* mark that we are initializing */
- process_commandline_opts(&argc, &argv);
+ parse_cmdline_opts(&argc, &argv);
init_logging(progname, 1); /* Open the log file */
- #ifdef HAVE_UMASK
- {
- mode_t uv;
-
- uv = umask(0);
- if(uv)
- (void) umask(uv);
- else
- (void) umask(022);
- }
- #endif
-
- #if defined(HAVE_GETUID) && !defined(MPE) /* MPE lacks the concept of root */
- {
- uid_t uid;
+ /*
+ * Install trap handlers to log errors and assertion failures.
+ * Default handlers print to stderr which doesn't work if detached.
+ */
+ isc_assertion_setcallback(assertion_failed);
+ isc_error_setfatal(library_fatal_error);
+ isc_error_setunexpected(library_unexpected_error);
+
+ # ifdef HAVE_UMASK
+ uv = umask(0);
+ if (uv)
+ umask(uv);
+ else
+ umask(022);
+ # endif
- uid = getuid();
- if (uid && !HAVE_OPT( SAVECONFIGQUIT )) {
- msyslog(LOG_ERR, "ntpd: must be run as root, not uid %ld", (long)uid);
- printf("must be run as root, not uid %ld\n", (long)uid);
- exit(1);
- }
+ /* MPE lacks the concept of root */
+ # if defined(HAVE_GETUID) && !defined(MPE)
+ uid = getuid();
+ if (uid && !HAVE_OPT( SAVECONFIGQUIT )) {
+ msyslog(LOG_ERR,
- "must be run as root, not uid %d", (int)uid);
- printf("%s must be run as root, not uid %d\n",
- progname, (int)uid);
++ "must be run as root, not uid %ld", (long)uid);
++ printf("%s must be run as root, not uid %ld\n",
++ progname, (long)uid);
+ exit(1);
}
- #endif
+ # endif
-# ifdef DEBUG
+#ifdef DEBUG
debug = DESC(DEBUG_LEVEL).optOccCt;
DPRINTF(1, ("%s\n", Version));
- #endif
+ # endif
/* honor -l/--logfile option to log to a file */
- setup_logfile();
+ setup_logfile(1);
/*
* Enable the Multi-Media Timer for Windows?
*/
if (!nofork) {
- # ifndef SYS_WINNT
- # ifdef HAVE_DAEMON
- daemon(0, 0);
- # else /* not HAVE_DAEMON */
- if (fork()) /* HMS: What about a -1? */
- exit(0);
- /*
- * Install trap handlers to log errors and assertion
- * failures. Default handlers print to stderr which
- * doesn't work if detached or running as a windows
- * service.
- */
- isc_assertion_setcallback(assertion_failed);
- isc_error_setfatal(library_fatal_error);
- isc_error_setunexpected(library_unexpected_error);
--
+ # ifdef HAVE_WORKING_FORK
+ rc = fork();
+ if (-1 == rc) {
+ exit_code = (errno) ? errno : -1;
+ msyslog(LOG_ERR, "fork: %m");
+ exit(exit_code);
+ }
+ if (rc > 0) {
+ /* parent */
+ exit_code = wait_child_sync_if(pipe_fds[0],
+ wait_sync);
+ exit(exit_code);
+ }
+
+ /*
+ * child/daemon
+ * close all open files excepting waitsync_fd_to_close.
+ */
if (syslog_file != NULL) {
fclose(syslog_file);
syslog_file = NULL;
+ syslogit = 1;
+ /* no msyslog() until after init_logging() */
}
- close_all_beyond(-1);
-# ifdef F_CLOSEM
- /*
- * From 'Writing Reliable AIX Daemons,' SG24-4946-00,
- * by Eric Agar (saves us from doing 32767 system
- * calls)
- */
- first_to_close = (-1 == waitsync_fd_to_close)
- ? 0
- : waitsync_fd_to_close + 1;
- rc = fcntl(first_to_close, F_CLOSEM, 0);
- f_closem_errno = (-1 == rc) ? errno : 0;
- if (first_to_close != 0)
- for (s = 0; s < waitsync_fd_to_close; s++)
- close(s);
-# else /* !F_CLOSEM follows */
-# if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX)
- max_fd = sysconf(_SC_OPEN_MAX);
-# else
- max_fd = getdtablesize();
-# endif
- for (s = 0; s < max_fd; s++)
- if (s != waitsync_fd_to_close)
- close(s);
-# endif /* !F_CLOSEM */
++ close_all_beyond(waitsync_fd_to_close);
open("/", 0);
dup2(0, 1);
dup2(0, 2);
init_logging(progname, 0);
/* we lost our logfile (if any) daemonizing */
- setup_logfile();
+ setup_logfile(0);
- #ifdef SYS_DOMAINOS
-# ifdef F_CLOSEM /* msyslog() once again possible */
- if (f_closem_errno != 0)
- msyslog(LOG_ERR,
- "ntpd: failed to close open files(): %s",
- strerror(f_closem_errno));
-# endif
+ # ifdef SYS_DOMAINOS
{
uid_$t puid;
status_$t st;
proc2_$who_am_i(&puid);
proc2_$make_server(&puid, &st);
}
- #endif /* SYS_DOMAINOS */
- #if defined(HAVE_SETPGID) || defined(HAVE_SETSID)
- # ifdef HAVE_SETSID
+ # endif /* SYS_DOMAINOS */
+ # ifdef HAVE_SETSID
if (setsid() == (pid_t)-1)
- msyslog(LOG_ERR, "ntpd: setsid(): %m");
- # else
+ msyslog(LOG_ERR, "setsid(): %m");
+ # elif defined(HAVE_SETPGID)
if (setpgid(0, 0) == -1)
- msyslog(LOG_ERR, "ntpd: setpgid(): %m");
- # endif
- #else /* HAVE_SETPGID || HAVE_SETSID */
- {
- # if defined(TIOCNOTTY)
- int fid;
-
- fid = open("/dev/tty", 2);
- if (fid >= 0) {
- ioctl(fid, (u_long) TIOCNOTTY, (char *) 0);
- close(fid);
- }
- # endif /* defined(TIOCNOTTY) */
- # ifdef HAVE_SETPGRP_0
- setpgrp();
- # else /* HAVE_SETPGRP_0 */
- setpgrp(0, getpid());
- # endif /* HAVE_SETPGRP_0 */
+ msyslog(LOG_ERR, "setpgid(): %m");
+ # else /* !HAVE_SETSID && !HAVE_SETPGID follows */
+ # ifdef TIOCNOTTY
+ fid = open("/dev/tty", 2);
+ if (fid >= 0) {
+ ioctl(fid, (u_long)TIOCNOTTY, NULL);
+ close(fid);
}
- #endif /* HAVE_SETPGID || HAVE_SETSID */
- #ifdef _AIX
+ # endif /* TIOCNOTTY */
+ ntp_setpgrp(0, getpid());
+ # endif /* !HAVE_SETSID && !HAVE_SETPGID */
-# ifdef _AIX /* HMS: ifdef SIGDANGER? */
++# ifdef _AIX
/* Don't get killed by low-on-memory signal. */
sa.sa_handler = catch_danger;
sigemptyset(&sa.sa_mask);
if (disable_dynamic_updates && interface_interval) {
interface_interval = 0;
- msyslog(LOG_INFO, "running in unprivileged mode disables dynamic interface tracking");
+ msyslog(LOG_INFO, "running as non-root disables dynamic interface tracking");
}
- #ifdef HAVE_LINUX_CAPABILITIES
+ # ifdef HAVE_LINUX_CAPABILITIES
- do {
+ {
/*
* We may be running under non-root uid now, but we still hold full root privileges!
* We drop all of them, except for the crucial one or two: cap_sys_time and
* cap_net_bind_service if doing dynamic interface tracking.
*/
cap_t caps;
- char *captext = (interface_interval)
- ? "cap_sys_time,cap_net_bind_service=ipe"
- : "cap_sys_time=ipe";
- if( ! ( caps = cap_from_text( captext ) ) ) {
- msyslog( LOG_ERR, "cap_from_text() failed: %m" );
+ char *captext;
+
+ captext = (interface_interval)
+ ? "cap_sys_time,cap_net_bind_service=pe"
+ : "cap_sys_time=pe";
+ caps = cap_from_text(captext);
+ if (!caps) {
+ msyslog(LOG_ERR,
+ "cap_from_text(%s) failed: %m",
+ captext);
exit(-1);
}
- if( cap_set_proc( caps ) == -1 ) {
- msyslog( LOG_ERR, "cap_set_proc() failed to drop root privileges: %m" );
+ if (-1 == cap_set_proc(caps)) {
+ msyslog(LOG_ERR,
+ "cap_set_proc() failed to drop root privs: %m");
exit(-1);
}
- cap_free( caps );
- } while(0);
+ cap_free(caps);
+ }
- #endif /* HAVE_LINUX_CAPABILITIES */
+ # endif /* HAVE_LINUX_CAPABILITIES */
-
+ root_dropped = 1;
+ fork_deferred_worker();
} /* if (droproot) */
- #endif /* HAVE_DROPROOT */
-# endif /* HAVE_DROPROOT */
++# endif /* HAVE_DROPROOT */
/*
* Use select() on all on all input fd's for unlimited
msyslog(LOG_ERR, "%s:%d: unexpected error:", file, line);
vsnprintf(errbuf, sizeof(errbuf), format, args);
- msyslog(LOG_ERR, errbuf);
+ msyslog(LOG_ERR, "%s", errbuf);
if (++unexpected_error_cnt == MAX_UNEXPECTED_ERRORS)
-- {
msyslog(LOG_ERR, "Too many errors. Shutting up.");
-- }
}
+ #endif /* !SIM */
+ #if !defined(SIM) && !defined(SYS_WINNT)
+ # ifdef DEBUG
- #ifdef DEBUG
- #ifndef SYS_WINNT
/*
* moredebug - increase debugging verbosity
*/
projects / thirdparty / ntp.git / commitdiff
