static unsigned char zero_key[16];
#endif /* HAVE_NTP_SIGND */
+ /*
+ * Note that there are many places we do not call record_raw_stats().
+ *
+ * We only want to call it *after* we've sent a response, or perhaps
+ * when we've decided to drop a packet.
+ */
+
/*
* Monitor the packet and get restrictions. Note that the packet
* length for control and private mode packets must be checked
* an ordinary client, simply toss a server mode packet back
* over the fence. If a manycast client, we have to work a
* little harder.
+ *
+ * There are cases here where we do not call record_raw_stats().
*/
case AM_FXMIT:
* send a crypto-NAK.
*/
if (!(rbufp->dstadr->flags & INT_MCASTOPEN)) {
+ /* HMS: would be nice to log FAST_XMIT|BADAUTH|RESTRICTED */
+ record_raw_stats(&rbufp->recv_srcadr,
+ &rbufp->dstadr->sin,
+ &p_org, &p_rec, &p_xmt, &rbufp->recv_time,
+ PKT_LEAP(pkt->li_vn_mode),
+ PKT_VERSION(pkt->li_vn_mode),
+ PKT_MODE(pkt->li_vn_mode),
+ PKT_TO_STRATUM(pkt->stratum),
+ pkt->ppoll,
+ pkt->precision,
+ FPTOD(NTOHS_FP(pkt->rootdelay)),
+ FPTOD(NTOHS_FP(pkt->rootdisp)),
+ pkt->refid,
+ rbufp->recv_length - MIN_V4_PKT_LEN, (u_char *)&pkt->exten);
+
if (AUTH(restrict_mask & RES_DONTTRUST,
is_authentic)) {
fast_xmit(rbufp, MODE_SERVER, skeyid,
} else {
sys_restricted++;
}
+
return; /* hooray */
}
* Respond only if authentication succeeds. Don't do a
* crypto-NAK, as that would not be useful.
*/
- if (AUTH(restrict_mask & RES_DONTTRUST, is_authentic))
+ if (AUTH(restrict_mask & RES_DONTTRUST, is_authentic)) {
+ record_raw_stats(&rbufp->recv_srcadr,
+ &rbufp->dstadr->sin,
+ &p_org, &p_rec, &p_xmt, &rbufp->recv_time,
+ PKT_LEAP(pkt->li_vn_mode),
+ PKT_VERSION(pkt->li_vn_mode),
+ PKT_MODE(pkt->li_vn_mode),
+ PKT_TO_STRATUM(pkt->stratum),
+ pkt->ppoll,
+ pkt->precision,
+ FPTOD(NTOHS_FP(pkt->rootdelay)),
+ FPTOD(NTOHS_FP(pkt->rootdisp)),
+ pkt->refid,
+ rbufp->recv_length - MIN_V4_PKT_LEN, (u_char *)&pkt->exten);
+
fast_xmit(rbufp, MODE_SERVER, skeyid,
restrict_mask);
+ }
return; /* hooray */
/*
* There is an implosion hazard at the manycast client, since
* the manycast servers send the server packet immediately. If
* the guy is already here, don't fire up a duplicate.
+ *
+ * There are cases here where we do not call record_raw_stats().
*/
case AM_MANYCAST:
* the packet is authentic and we are enabled as broadcast
* client, mobilize a broadcast client association. We don't
* kiss any frogs here.
+ *
+ * There are cases here where we do not call record_raw_stats().
*/
case AM_NEWBCL:
* This is the first packet received from a symmetric active
* peer. If the packet is authentic and the first he sent,
* mobilize a passive association. If not, kiss the frog.
+ *
+ * There are cases here where we do not call record_raw_stats().
*/
case AM_NEWPASS:
/*
* Process regular packet. Nothing special.
+ *
+ * There are cases here where we do not call record_raw_stats().
*/
case AM_PROCPKT:
* should 'aorg' be all-zero because this really was the original
* transmit timestamp, we'll ignore this reply. There is a window
* of one nanosecond once every 136 years' time where this is
- * possible. We currently ignore this situation.
+ * possible. We currently ignore this situation, as a completely
+ * zero timestamp is (quietly?) disallowed.
*
* Otherwise, check for bogus packet in basic mode.
* If it is bogus, switch to interleaved mode and resynchronize,
/*
* Capture the header values in the client/peer association..
*/
- record_raw_stats(&peer->srcadr, peer->dstadr ?
- &peer->dstadr->sin : NULL,
+ record_raw_stats(&peer->srcadr,
+ peer->dstadr ? &peer->dstadr->sin : NULL,
&p_org, &p_rec, &p_xmt, &peer->dst,
pleap, pversion, pmode, pstratum, pkt->ppoll, pkt->precision,
p_del, p_disp, pkt->refid,
projects / thirdparty / ntp.git / commitdiff
