+* ntp-keygen -M is intended to ignore all other defaults and
+ options, so do not attempt to open existing Autokey host certificate
+ before generating symmetric keys and terminating.
+* Restore IFF, MV, and GQ identity parameter filename convention to
+ ntpkey_<scheme>par_<group/host> in ntpd, matching ntp-keygen.
+* Change some error logging to syslog to ignore logconfig mask, such
+ as reporting PPSAPI failure in NMEA and WWVB refclocks.
+* Conditionalize NMEA serial open message under clockevent.
+* Send all peer variables to trappers in report_event().
(4.2.7p217) 2011/09/29 Released by Harlan Stenn <stenn@ntp.org>
* [Bug 2020] ntp-keygen -s no longer sets host in cert file name.
* [Backward Incompatible] ntp-keygen -i option long name changed from
#define NLOG_SYNCSTATIST 0x00008000 /* sync statistics output */
extern u_int32 ntp_syslogmask;
-#define NLOG(_X_) if (ntp_syslogmask & (_X_))
+
+#define NLOG(bits) if (ntp_syslogmask & (bits))
+
+#define LOGIF(nlog_suffix, msl_args) \
+do { \
+ NLOG(NLOG_##nlog_suffix) /* like "if (...) */ \
+ msyslog msl_args; \
+} while (FALSE)
#endif /* NTP_SYSLOG_H */
" %s", str);
}
NLOG(NLOG_SYSEVENT)
- msyslog(LOG_INFO, "%s", statstr);
+ msyslog(LOG_INFO, "%s", statstr);
} else {
/*
" %s", str);
}
NLOG(NLOG_PEEREVENT)
- msyslog(LOG_INFO, "%s", statstr);
+ msyslog(LOG_INFO, "%s", statstr);
}
record_proto_stats(statstr);
#if DEBUG
rpkt.associd = 0;
rpkt.status = htons(ctlsysstatus());
- /*
- * For now, put everything we know about system
- * variables. Don't send crypto strings.
- */
- for (i = 1; i <= CS_MAXCODE; i++) {
-#ifdef AUTOKEY
- if (i > CS_VARLIST)
- continue;
-#endif /* AUTOKEY */
+ /* Include the core system variables and the list. */
+ for (i = 1; i <= CS_VARLIST; i++)
ctl_putsys(i);
- }
} else {
NTP_INSIST(peer != NULL);
rpkt.associd = htons(peer->associd);
rpkt.status = htons(ctlpeerstatus(peer));
- /*
- * Dump it all. Later, maybe less.
- */
- for (i = 1; i <= CP_MAXCODE; i++) {
-#ifdef AUTOKEY
- if (i > CP_VARLIST)
- continue;
-#endif /* AUTOKEY */
+ /* Dump it all. Later, maybe less. */
+ for (i = 1; i <= CP_MAX_NOAUTOKEY; i++)
ctl_putpeer(i, peer);
- }
#ifdef REFCLOCK
/*
* for clock exception events: add clock variables to
struct peer *peer /* peer structure pointer */
)
{
-
- /*
- * We come here after the trusted host has been found. The name
- * of the parameters file is in peer->ident and must be present.
- * Search the key cache for all keys matching this name. Use the
- * first one available. The identity scheme is supplied by the
- * server.
- */
- peer->ident_pkey = crypto_key(peer->ident, NULL, &peer->srcadr);
- if (peer->ident_pkey == NULL) {
- report_event(XEVNT_ID, peer, NULL);
- return (CRYPTO_NULL);
- }
- if (peer->crypto & CRYPTO_FLAG_IFF)
- return (CRYPTO_IFF);
-
- else if (peer->crypto & CRYPTO_FLAG_GQ)
- return (CRYPTO_GQ);
-
- else if (peer->crypto & CRYPTO_FLAG_MV)
- return (CRYPTO_MV);
-
- report_event(XEVNT_ID, peer, NULL);
- return (CRYPTO_NULL);
+ char filename[MAXFILENAME];
+ const char * scheme_name;
+ u_int scheme_id;
+
+ /*
+ * We come here after the group trusted host has been found; its
+ * name defines the group name. Search the key cache for all
+ * keys matching the same group name in order IFF, GQ and MV.
+ * Use the first one available.
+ */
+ scheme_name = NULL;
+ if (peer->crypto & CRYPTO_FLAG_IFF) {
+ scheme_name = "iff";
+ scheme_id = CRYPTO_IFF;
+ } else if (peer->crypto & CRYPTO_FLAG_GQ) {
+ scheme_name = "gq";
+ scheme_id = CRYPTO_GQ;
+ } else if (peer->crypto & CRYPTO_FLAG_MV) {
+ scheme_name = "mv";
+ scheme_id = CRYPTO_MV;
+ }
+
+ if (scheme_name != NULL) {
+ snprintf(filename, sizeof(filename), "ntpkey_%spar_%s",
+ scheme_name, peer->ident);
+ peer->ident_pkey = crypto_key(filename, NULL,
+ &peer->srcadr);
+ if (peer->ident_pkey != NULL)
+ return scheme_id;
+ }
+
+ msyslog(LOG_NOTICE,
+ "crypto_ident: no identity parameters found for group %s",
+ peer->ident);
+
+ return CRYPTO_NULL;
}
len = sizeof(struct exten);
if (str != NULL)
len += strlen(str);
- ep = emalloc(len);
- memset(ep, 0, len);
+ ep = emalloc_zero(len);
if (opcode == 0)
return (ep);
/*
* Extract version, subject name and public key.
*/
- ret = emalloc(sizeof(*ret));
- memset(ret, 0, sizeof(*ret));
+ ret = emalloc_zero(sizeof(*ret));
if ((ret->pkey = X509_get_pubkey(cert)) == NULL) {
msyslog(LOG_ERR, "cert_parse: %s",
ERR_error_string(ERR_get_error(), NULL));
/*
* This section simulates ntpdate. If the offset exceeds the
* step threshold (128 ms), step the clock to that time and
- * exit. Othewise, slew the clock to that time and exit. Note
+ * exit. Otherwise, slew the clock to that time and exit. Note
* that the slew will persist and eventually complete beyond the
* life of this program. Note that while ntpdate is active, the
* terminal does not detach, so the termination message prints
# include "refclock_atom.h"
#endif /* HAVE_PPSAPI */
-#define MSYSLOG(args) do { NLOG(NLOG_CLOCKINFO) msyslog args; } while (0)
-
/*
* This driver supports NMEA-compatible GPS receivers
*/
static int
nmea_start(
- int unit,
- struct peer * peer
+ int unit,
+ struct peer * peer
)
{
- struct refclockproc * const pp = peer->procptr;
- nmea_unit * const up = emalloc_zero(sizeof(*up));
+ struct refclockproc * const pp = peer->procptr;
+ nmea_unit * const up = emalloc_zero(sizeof(*up));
+ char device[20];
+ size_t devlen;
+ u_int32 rate;
+ int baudrate;
+ char * baudtext;
- char device[20];
- size_t devlen;
- int baudrate;
- char * baudtext;
+ /* Get baudrate choice from mode byte bits 4/5/6 */
+ rate = (peer->ttl & NMEA_BAUDRATE_MASK) >> NMEA_BAUDRATE_SHIFT;
- /* Get baudrate value and text from mode byte bit 4/5/6 */
- switch ((peer->ttl & NMEA_BAUDRATE_MASK) >> NMEA_BAUDRATE_SHIFT) {
+ switch (rate) {
case 0:
baudrate = SPEED232;
baudtext = "4800";
pp->clockdesc = DESCRIPTION;
memcpy(&pp->refid, REFID, 4);
- /* Open serial port. Use CLK line discipline, if available. Use
- * baudrate based on the value of bit 4/5/6
- */
+ /* Open serial port. Use CLK line discipline, if available. */
devlen = snprintf(device, sizeof(device), DEVICE, unit);
if (devlen >= sizeof(device)) {
- MSYSLOG((LOG_ERR, "%s clock device name too long",
- refnumtoa(&peer->srcadr)));
+ msyslog(LOG_ERR, "%s clock device name too long",
+ refnumtoa(&peer->srcadr));
return FALSE; /* buffer overflow */
}
pp->io.fd = refclock_open(device, baudrate, LDISC_CLK);
if (-1 == pp->io.fd)
return FALSE;
}
- msyslog(LOG_NOTICE, "%s serial %s open at %s bps",
- refnumtoa(&peer->srcadr), device, baudtext);
+ LOGIF(CLOCKINFO, (LOG_NOTICE, "%s serial %s open at %s bps",
+ refnumtoa(&peer->srcadr), device, baudtext));
/* succeed if this clock can be added */
return io_addclock(&pp->io) != 0;
S_IRUSR | S_IWUSR);
} else {
up->ppsapi_fd = -1;
- MSYSLOG((LOG_ERR, "%s PPS device name too long",
- refnumtoa(&peer->srcadr)));
+ msyslog(LOG_ERR, "%s PPS device name too long",
+ refnumtoa(&peer->srcadr));
}
if (-1 == up->ppsapi_fd)
up->ppsapi_fd = pp->io.fd;
/* use the PPS API for our own purposes now. */
refclock_params(pp->sloppyclockflag, &up->atom);
} else {
- MSYSLOG((LOG_WARNING,
- "%s flag1 1 but PPSAPI fails",
- refnumtoa(&peer->srcadr)));
+ msyslog(LOG_WARNING,
+ "%s flag1 1 but PPSAPI fails",
+ refnumtoa(&peer->srcadr));
}
}
struct calendar date; /* to keep & convert the time stamp */
struct timespec tofs; /* offset to full-second reftime */
gps_weektm gpsw; /* week time storage */
-
/* results of sentence/date/time parsing */
- u_char sentence; /* sentence tag */
- int checkres;
- char * cp;
- u_char rc_date;
- u_char rc_time;
+ u_char sentence; /* sentence tag */
+ int checkres;
+ char * cp;
+ int rc_date;
+ int rc_time;
/* make sure data has defined pristine state */
ZERO(tofs);
/* Check if we must enter GPS time mode; log so if we do */
if (!up->gps_time && (sentence == NMEA_GPZDG)) {
- MSYSLOG((LOG_INFO, "%s using GPS time scale",
- refnumtoa(&peer->srcadr)));
+ msyslog(LOG_INFO, "%s using GPS time as if it were UTC",
+ refnumtoa(&peer->srcadr));
up->gps_time = 1;
}
ntpcal_ntp_to_date(&rec, rec_ui, NULL);
baseyear = (rec.year > 2000) ? (rec.year - 20) : 1980;
- jd->year = ntpcal_periodic_extend(baseyear, jd->year, 100);
+ jd->year = (u_short)ntpcal_periodic_extend(baseyear, jd->year,
+ 100);
- return (baseyear <= jd->year) && (baseyear + 100 > jd->year);
+ return ((baseyear <= jd->year) && (baseyear + 100 > jd->year));
}
/*
struct peer *peer
)
{
- register struct wwvbunit *up;
- struct refclockproc *pp;
+ struct refclockproc * pp;
+ struct wwvbunit * up;
pp = peer->procptr;
up = pp->unitptr;
*/
switch (qualchar) {
- case ' ':
+ case ' ':
pp->disp = .001;
pp->lastref = pp->lastrec;
break;
- case 'A':
+ case 'A':
pp->disp = .01;
break;
- case 'B':
+ case 'B':
pp->disp = .1;
break;
- case 'C':
+ case 'C':
pp->disp = .5;
break;
- case 'D':
+ case 'D':
pp->disp = MAXDISPERSE;
break;
- default:
+ default:
pp->disp = MAXDISPERSE;
refclock_report(peer, CEVNT_BADREPLY);
break;
return;
}
- NLOG(NLOG_CLOCKINFO)
- msyslog(LOG_WARNING, "%s flag1 1 but PPSAPI fails",
- refnumtoa(&peer->srcadr));
+ msyslog(LOG_WARNING, "%s flag1 1 but PPSAPI fails",
+ refnumtoa(&peer->srcadr));
}
#endif /* HAVE_PPSAPI */
"Random seed file %s %u bytes\n", pathbuf, temp);
RAND_add(&epoch, sizeof(epoch), 4.0);
}
+#endif /* AUTOKEY */
+ /*
+ * Create new unencrypted MD5 keys file if requested. If this
+ * option is selected, ignore all other options.
+ */
+ if (md5key) {
+ gen_md5("md5");
+ exit (0);
+ }
+
+#ifdef AUTOKEY
/*
* Load previous certificate if available.
*/
scheme = "RSA-MD5";
fprintf(stderr, "Using host %s group %s\n", hostname,
groupname);
-#endif /* AUTOKEY */
- /*
- * Create new unencrypted MD5 keys file if requested. If this
- * option is selected, ignore all other options.
- */
- if (md5key) {
- gen_md5("md5");
- exit (0);
- }
-
-#ifdef AUTOKEY
/*
* Create a new encrypted RSA host key file if requested;
* otherwise, look for an existing host key file. If not found,
projects / thirdparty / ntp.git / commitdiff
