/*
* Capture the header values.
*/
- record_raw_stats(&peer->srcadr, &peer->dstadr->sin, &p_org,
+ record_raw_stats(&peer->srcadr, peer->dstadr ? &peer->dstadr->sin : NULL, &p_org,
&p_rec, &p_xmt, &peer->rec);
peer->leap = pleap;
- peer->stratum = pstratum;
+ peer->stratum = min(pstratum, STRATUM_UNSPEC);
peer->pmode = pmode;
peer->ppoll = pkt->ppoll;
peer->precision = pkt->precision;
*/
peer->nextdate = peer->update = peer->outdate = current_time;
if (initializing)
- peer->nextdate = current_time + peer_associations;
+ peer->nextdate += peer_associations;
+ else if (peer->hmode == MODE_PASSIVE)
+ peer->nextdate += RESP_DELAY;
else
- peer->nextdate = current_time + (ntp_random() & ((1 <<
- NTP_MINPOLL) - 1));
+ peer->nextdate += (ntp_random() & ((1 << NTP_MINDPOLL) -
+ 1));
-#ifdef DEBUG
- if (debug)
- printf("peer_clear: at %ld next %ld assoc ID %d refid %s\n",
- current_time, peer->nextdate, peer->associd, ident);
-#endif
+
+ DPRINTF(1, ("peer_clear: at %ld next %ld assoc ID %d refid %s\n",
+ current_time, peer->nextdate, peer->associd, ident));
}
* If the crypto is broken, don't make it worse. Otherwise,
* initialize the header fields.
*/
- if (peer->flash & TEST9)
- return;
-
+ if (!peer->dstadr) /* don't bother with peers without interface */
+ return;
+
xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, peer->version,
- peer->hmode);
+ peer->hmode);
xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
xpkt.ppoll = peer->hpoll;
xpkt.precision = sys_precision;
case MODE_BROADCAST:
if (peer->flags & FLAG_ASSOC)
exten = crypto_args(peer, CRYPTO_AUTO |
- CRYPTO_RESP, NULL);
+ CRYPTO_RESP, NULL);
else
exten = crypto_args(peer, CRYPTO_ASSOC |
- CRYPTO_RESP, NULL);
+ CRYPTO_RESP, NULL);
break;
- /*
- * In symmetric modes the digest, certificate, agreement
- * parameters, cookie and autokey values are required.
- * The leapsecond table is optional. But, a passive peer
- * will not believe the active peer until the latter has
- * synchronized, so the agreement must be postponed
- * until then. In any case, if a new keylist is
- * generated, the autokey values are pushed.
- */
+ /*
+ * In symmetric modes the digest, certificate, agreement
+ * parameters, cookie and autokey values are required.
+ * The leapsecond table is optional. But, a passive peer
+ * will not believe the active peer until the latter has
+ * synchronized, so the agreement must be postponed
+ * until then. In any case, if a new keylist is
+ * generated, the autokey values are pushed.
+ *
+ * If the crypto bit is set, don't send requests.
+ */
case MODE_ACTIVE:
case MODE_PASSIVE:
+ if (peer->flash & TEST9)
+ break;
+ /*
+ * Parameter and certificate.
+ */
if (!peer->crypto)
exten = crypto_args(peer, CRYPTO_ASSOC,
- sys_hostname);
+ sys_hostname);
else if (!(peer->crypto & CRYPTO_FLAG_VALID))
exten = crypto_args(peer, CRYPTO_CERT,
- peer->issuer);
+ peer->issuer);
/*
* Identity. Note we have to sign the
* server and client are synchronized.
*/
else if (sys_leap != LEAP_NOTINSYNC &&
- peer->leap != LEAP_NOTINSYNC &&
- peer->crypto & CRYPTO_FLAG_TAI &&
- !(peer->crypto & CRYPTO_FLAG_LEAP))
+ peer->leap != LEAP_NOTINSYNC &&
+ peer->crypto & CRYPTO_FLAG_TAI &&
+ !(peer->crypto & CRYPTO_FLAG_LEAP))
exten = crypto_args(peer, CRYPTO_TAI,
- NULL);
+ NULL);
break;
+ /*
+ * In client mode the digest, certificate, agreement
+ * parameters and cookie are required. The leapsecond
+ * table is optional. If broadcast client mode, the
+ * autokey values are required as well. In broadcast
+ * client mode, these values must be acquired during the
+ * client/server exchange to avoid having to wait until
+ * the next key list regeneration. Otherwise, the poor
+ * dude may die a lingering death until becoming
+ * unreachable and attempting rebirth.
+ *
+ * If neither the server or client have the agreement
+ * parameters, the protocol transmits the cookie in the
+ * clear. If the server has the parameters, the client
+ * requests them and the protocol blinds it using the
+ * agreed key. It is a protocol error if the client has
+ * the parameters but the server does not.
+ *
+ * If the crypto bit is lit, don't send requests.
+ */
+ case MODE_CLIENT:
+ if (peer->flash & TEST9)
+ break;
/*
- * In client mode the digest, certificate, agreement
- * parameters and cookie are required. The leapsecond
- * table is optional. If broadcast client mode, the
- * autokey values are required as well. In broadcast
- * client mode, these values must be acquired during the
- * client/server exchange to avoid having to wait until
- * the next key list regeneration. Otherwise, the poor
- * dude may die a lingering death until becoming
- * unreachable and attempting rebirth.
- *
- * If neither the server or client have the agreement
- * parameters, the protocol transmits the cookie in the
- * clear. If the server has the parameters, the client
- * requests them and the protocol blinds it using the
- * agreed key. It is a protocol error if the client has
- * the parameters but the server does not.
+ * Parameter and certificate.
*/
- case MODE_CLIENT:
if (!peer->crypto)
exten = crypto_args(peer, CRYPTO_ASSOC,
- sys_hostname);
+ sys_hostname);
else if (!(peer->crypto & CRYPTO_FLAG_VALID))
exten = crypto_args(peer, CRYPTO_CERT,
- peer->issuer);
+ peer->issuer);
/*
* Identity
peer->cmmd = NULL;
}
if (exten != NULL) {
- if (exten->opcode != 0) {
+ if (exten->opcode != 0)
sendlen += crypto_xmit(&xpkt,
- &peer->srcadr, sendlen, exten, 0);
+ &peer->srcadr, sendlen, exten, 0);
- free(exten);
- } else {
- peer_clear(peer, "CRYP");
+ if (ntohl(exten->opcode) & CRYPTO_ERROR) {
peer->flash |= TEST9; /* crypto error */
- msyslog(LOG_INFO,
- "transmit: crypto error for %s",
- stoa(&peer->srcadr));
free(exten);
return;
}
projects / thirdparty / ntp.git / commitdiff
