Add ntpq authinfo command, similar to ntpdc's authinfo.

bk: 4d167fa1agSd135LDFPgE2S2hUjsjw

diff --git a/ChangeLog b/ChangeLog
index 4a9633d753d5bf9a732f945719c77ed0f8f8d9db..6abbfac03a36742c250a07323e8934a2f1b9baae 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,4 @@
+* Add ntpq authinfo command, similar to ntpdc's authinfo.
 * Add ntpq sysinfo command, similar to ntpdc's sysinfo.
 (4.2.7p103) 2010/12/24 Released by Harlan Stenn <stenn@ntp.org>
 * Add ntpq pstats command similar to ntpdc's.

diff --git a/include/ntp_control.h b/include/ntp_control.h
index 818e4680de11388373e40f975bf07c3b4d73e910..cecfa5c65caf539a43e410a608a49f0e3ed5375c 100644 (file)
--- a/include/ntp_control.h
+++ b/include/ntp_control.h
@@ -196,7 +196,16 @@ struct ntp_control {
 #define        CS_PEERMODE             45
 #define        CS_BCASTDELAY           46
 #define        CS_AUTHDELAY            47
-#define        CS_MAX_NOAUTOKEY        CS_AUTHDELAY
+#define        CS_AUTHKEYS             48
+#define        CS_AUTHFREEK            49
+#define        CS_AUTHKLOOKUPS         50
+#define        CS_AUTHKNOTFOUND        51
+#define        CS_AUTHKUNCACHED        52
+#define        CS_AUTHKEXPIRED         53
+#define        CS_AUTHENCRYPTS         54
+#define        CS_AUTHDECRYPTS         55
+#define        CS_AUTHRESET            56
+#define        CS_MAX_NOAUTOKEY        CS_AUTHRESET
 #ifdef AUTOKEY
 #define        CS_FLAGS                (1 + CS_MAX_NOAUTOKEY)
 #define        CS_HOST                 (2 + CS_MAX_NOAUTOKEY)

diff --git a/include/ntpd.h b/include/ntpd.h
index 5d4c7a81b7ad4d0dff53d5fd7413ba0640333ff2..d58e591300a83becfda9dbb79ff7979c46d4e1fa 100644 (file)
--- a/include/ntpd.h
+++ b/include/ntpd.h
@@ -521,6 +521,7 @@ extern int  fdpps;                  /* pps file descriptor */
 
 /* ntp_request.c */
 extern keyid_t info_auth_keyid;        /* keyid used to authenticate requests */
+extern u_long  auth_timereset;
 
 /* ntp_restrict.c */
 extern restrict_u *    restrictlist4;  /* IPv4 restriction list */

diff --git a/ntpd/ntp_control.c b/ntpd/ntp_control.c
index 53b03adbb3c94b56801ac2c1124d0408bc585c4d..3f3997fb6b833944ac7ebe7d76b28e8faeae03f1 100644 (file)
--- a/ntpd/ntp_control.c
+++ b/ntpd/ntp_control.c
@@ -164,6 +164,15 @@ static struct ctl_var sys_var[] = {
        { CS_PEERMODE,          RO, "peermode" },       /* 45 */
        { CS_BCASTDELAY,        RO, "bcastdelay" },     /* 46 */
        { CS_AUTHDELAY,         RO, "authdelay" },      /* 47 */
+       { CS_AUTHKEYS,          RO, "authkeys" },       /* 48 */
+       { CS_AUTHFREEK,         RO, "authfreek" },      /* 49 */
+       { CS_AUTHKLOOKUPS,      RO, "authklookups" },   /* 50 */
+       { CS_AUTHKNOTFOUND,     RO, "authknotfound" },  /* 51 */
+       { CS_AUTHKUNCACHED,     RO, "authkuncached" },  /* 52 */
+       { CS_AUTHKEXPIRED,      RO, "authkexpired" },   /* 53 */
+       { CS_AUTHENCRYPTS,      RO, "authencrypts" },   /* 54 */
+       { CS_AUTHDECRYPTS,      RO, "authdecrypts" },   /* 55 */
+       { CS_AUTHRESET,         RO, "authreset" },      /* 56 */
 #ifdef AUTOKEY
        { CS_FLAGS,     RO, "flags" },          /* 1 + CS_MAX_NOAUTOKEY */
        { CS_HOST,      RO, "host" },           /* 2 + CS_MAX_NOAUTOKEY */
@@ -174,7 +183,7 @@ static struct ctl_var sys_var[] = {
        { CS_GROUP,     RO, "group" },          /* 7 + CS_MAX_NOAUTOKEY */
        { CS_DIGEST,    RO, "digest" },         /* 8 + CS_MAX_NOAUTOKEY */
 #endif /* AUTOKEY */
-       { 0,            EOV, "" }               /* 48/56 */
+       { 0,            EOV, "" }               /* 57/65 */
 };
 
 static struct ctl_var *ext_sys_var = NULL;
@@ -1715,6 +1724,43 @@ ctl_putsys(
                LFPTOD(&sys_authdelay, dtemp);
                ctl_putdbl(sys_var[varid].text, dtemp * 1e3);
                break;
+
+       case CS_AUTHKEYS:
+               ctl_putuint(sys_var[varid].text, authnumkeys);
+               break;
+
+       case CS_AUTHFREEK:
+               ctl_putuint(sys_var[varid].text, authnumfreekeys);
+               break;
+
+       case CS_AUTHKLOOKUPS:
+               ctl_putuint(sys_var[varid].text, authkeylookups);
+               break;
+
+       case CS_AUTHKNOTFOUND:
+               ctl_putuint(sys_var[varid].text, authkeynotfound);
+               break;
+
+       case CS_AUTHKUNCACHED:
+               ctl_putuint(sys_var[varid].text, authkeyuncached);
+               break;
+
+       case CS_AUTHKEXPIRED:
+               ctl_putuint(sys_var[varid].text, authkeyexpired);
+               break;
+
+       case CS_AUTHENCRYPTS:
+               ctl_putuint(sys_var[varid].text, authencryptions);
+               break;
+
+       case CS_AUTHDECRYPTS:
+               ctl_putuint(sys_var[varid].text, authdecryptions);
+               break;
+
+       case CS_AUTHRESET:
+               ctl_putuint(sys_var[varid].text, 
+                           current_time - auth_timereset);
+               break;
 #ifdef AUTOKEY
        case CS_FLAGS:
                if (crypto_flags)

diff --git a/ntpd/ntp_request.c b/ntpd/ntp_request.c
index 401a0b311a63c7f9c9690d3cf4ff05a650027596..05537e9db806d27ddadb96bd5e8578f9324324e9 100644 (file)
--- a/ntpd/ntp_request.c
+++ b/ntpd/ntp_request.c
@@ -204,7 +204,7 @@ u_long errorcounter[INFO_ERR_AUTH+1];       /* lazy way to count errors, indexed */
  * A hack.  To keep the authentication module clear of ntp-ism's, we
  * include a time reset variable for its stats here.
  */
-static u_long auth_timereset;
+u_long auth_timereset;
 
 /*
  * Response packet used by these routines.  Also some state information

diff --git a/ntpq/ntpq-subs.c b/ntpq/ntpq-subs.c
index 4c1f998b26aed201ad58943f78b846f3db9bf905..cb4a065cd758e0fd36926f0b1d0b240c5f628685 100644 (file)
--- a/ntpq/ntpq-subs.c
+++ b/ntpq/ntpq-subs.c
@@ -51,6 +51,7 @@ static        void    lpassociations  (struct parse *, FILE *);
 static void    radiostatus (struct parse *, FILE *);
 #endif /* UNUSED */
 
+static void    authinfo        (struct parse *, FILE *);
 static void    pstats          (struct parse *, FILE *);
 static long    when            (l_fp *, l_fp *, l_fp *);
 static char *  prettyinterval  (char *, size_t, long);
@@ -180,6 +181,9 @@ struct xcmd opcmds[] = {
        { "monstats", monstats, { NO, NO, NO, NO },
          { "", "", "", "" },
          "display monitor (mrulist) counters and limits" },
+       { "authinfo", authinfo, { NO, NO, NO, NO },
+         { "", "", "", "" },
+         "display symmetric authentication counters" },
        { 0,            0,              { NO, NO, NO, NO },
          { "-4|-6", "", "", "" }, "" }
 };
@@ -3413,7 +3417,7 @@ sysinfo(
        collect_display_vdc(0, sysinfo_vdc, TRUE, fp);
 }
 
-       
+
 /*
  * monstats - implements ntpq -c monstats
  */
@@ -3439,6 +3443,32 @@ monstats(
 }
 
 
+/*
+ * monstats - implements ntpq -c monstats
+ */
+static void
+authinfo(
+       struct parse *pcmd,
+       FILE *fp
+       )
+{
+    static vdc authinfo_vdc[] = {
+       { "authreset",          "time since reset:", NTP_STR },
+       { "authkeys",           "stored keys:     ", NTP_STR },
+       { "authfreek",          "free keys:       ", NTP_STR },
+       { "authklookups",       "key lookups:     ", NTP_STR },
+       { "authknotfound",      "keys not found:  ", NTP_STR },
+       { "authkuncached",      "uncached keys:   ", NTP_STR },
+       { "authkexpired",       "expired keys:    ", NTP_STR },
+       { "authencrypts",       "encryptions:     ", NTP_STR },
+       { "authdecrypts",       "decryptions:     ", NTP_STR },
+       { NULL,                 NULL,                0       }
+    };
+
+       collect_display_vdc(0, authinfo_vdc, FALSE, fp);
+}
+
+
 /*
  * pstats - show statistics for a peer
  */