From: Dave Hart Date: Sat, 25 Dec 2010 23:34:57 +0000 (+0000) Subject: Add ntpq authinfo command, similar to ntpdc's authinfo. X-Git-Tag: NTP_4_2_7P104~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=86cf8eaef1e6cb78b4e615bffd267727775f9e61;p=thirdparty%2Fntp.git Add ntpq authinfo command, similar to ntpdc's authinfo. bk: 4d167fa1agSd135LDFPgE2S2hUjsjw --- diff --git a/ChangeLog b/ChangeLog index 4a9633d75..6abbfac03 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ +* Add ntpq authinfo command, similar to ntpdc's authinfo. * Add ntpq sysinfo command, similar to ntpdc's sysinfo. (4.2.7p103) 2010/12/24 Released by Harlan Stenn * Add ntpq pstats command similar to ntpdc's. diff --git a/include/ntp_control.h b/include/ntp_control.h index 818e4680d..cecfa5c65 100644 --- a/include/ntp_control.h +++ b/include/ntp_control.h @@ -196,7 +196,16 @@ struct ntp_control { #define CS_PEERMODE 45 #define CS_BCASTDELAY 46 #define CS_AUTHDELAY 47 -#define CS_MAX_NOAUTOKEY CS_AUTHDELAY +#define CS_AUTHKEYS 48 +#define CS_AUTHFREEK 49 +#define CS_AUTHKLOOKUPS 50 +#define CS_AUTHKNOTFOUND 51 +#define CS_AUTHKUNCACHED 52 +#define CS_AUTHKEXPIRED 53 +#define CS_AUTHENCRYPTS 54 +#define CS_AUTHDECRYPTS 55 +#define CS_AUTHRESET 56 +#define CS_MAX_NOAUTOKEY CS_AUTHRESET #ifdef AUTOKEY #define CS_FLAGS (1 + CS_MAX_NOAUTOKEY) #define CS_HOST (2 + CS_MAX_NOAUTOKEY) diff --git a/include/ntpd.h b/include/ntpd.h index 5d4c7a81b..d58e59130 100644 --- a/include/ntpd.h +++ b/include/ntpd.h @@ -521,6 +521,7 @@ extern int fdpps; /* pps file descriptor */ /* ntp_request.c */ extern keyid_t info_auth_keyid; /* keyid used to authenticate requests */ +extern u_long auth_timereset; /* ntp_restrict.c */ extern restrict_u * restrictlist4; /* IPv4 restriction list */ diff --git a/ntpd/ntp_control.c b/ntpd/ntp_control.c index 53b03adbb..3f3997fb6 100644 --- a/ntpd/ntp_control.c +++ b/ntpd/ntp_control.c @@ -164,6 +164,15 @@ static struct ctl_var sys_var[] = { { CS_PEERMODE, RO, "peermode" }, /* 45 */ { CS_BCASTDELAY, RO, "bcastdelay" }, /* 46 */ { CS_AUTHDELAY, RO, "authdelay" }, /* 47 */ + { CS_AUTHKEYS, RO, "authkeys" }, /* 48 */ + { CS_AUTHFREEK, RO, "authfreek" }, /* 49 */ + { CS_AUTHKLOOKUPS, RO, "authklookups" }, /* 50 */ + { CS_AUTHKNOTFOUND, RO, "authknotfound" }, /* 51 */ + { CS_AUTHKUNCACHED, RO, "authkuncached" }, /* 52 */ + { CS_AUTHKEXPIRED, RO, "authkexpired" }, /* 53 */ + { CS_AUTHENCRYPTS, RO, "authencrypts" }, /* 54 */ + { CS_AUTHDECRYPTS, RO, "authdecrypts" }, /* 55 */ + { CS_AUTHRESET, RO, "authreset" }, /* 56 */ #ifdef AUTOKEY { CS_FLAGS, RO, "flags" }, /* 1 + CS_MAX_NOAUTOKEY */ { CS_HOST, RO, "host" }, /* 2 + CS_MAX_NOAUTOKEY */ @@ -174,7 +183,7 @@ static struct ctl_var sys_var[] = { { CS_GROUP, RO, "group" }, /* 7 + CS_MAX_NOAUTOKEY */ { CS_DIGEST, RO, "digest" }, /* 8 + CS_MAX_NOAUTOKEY */ #endif /* AUTOKEY */ - { 0, EOV, "" } /* 48/56 */ + { 0, EOV, "" } /* 57/65 */ }; static struct ctl_var *ext_sys_var = NULL; @@ -1715,6 +1724,43 @@ ctl_putsys( LFPTOD(&sys_authdelay, dtemp); ctl_putdbl(sys_var[varid].text, dtemp * 1e3); break; + + case CS_AUTHKEYS: + ctl_putuint(sys_var[varid].text, authnumkeys); + break; + + case CS_AUTHFREEK: + ctl_putuint(sys_var[varid].text, authnumfreekeys); + break; + + case CS_AUTHKLOOKUPS: + ctl_putuint(sys_var[varid].text, authkeylookups); + break; + + case CS_AUTHKNOTFOUND: + ctl_putuint(sys_var[varid].text, authkeynotfound); + break; + + case CS_AUTHKUNCACHED: + ctl_putuint(sys_var[varid].text, authkeyuncached); + break; + + case CS_AUTHKEXPIRED: + ctl_putuint(sys_var[varid].text, authkeyexpired); + break; + + case CS_AUTHENCRYPTS: + ctl_putuint(sys_var[varid].text, authencryptions); + break; + + case CS_AUTHDECRYPTS: + ctl_putuint(sys_var[varid].text, authdecryptions); + break; + + case CS_AUTHRESET: + ctl_putuint(sys_var[varid].text, + current_time - auth_timereset); + break; #ifdef AUTOKEY case CS_FLAGS: if (crypto_flags) diff --git a/ntpd/ntp_request.c b/ntpd/ntp_request.c index 401a0b311..05537e9db 100644 --- a/ntpd/ntp_request.c +++ b/ntpd/ntp_request.c @@ -204,7 +204,7 @@ u_long errorcounter[INFO_ERR_AUTH+1]; /* lazy way to count errors, indexed */ * A hack. To keep the authentication module clear of ntp-ism's, we * include a time reset variable for its stats here. */ -static u_long auth_timereset; +u_long auth_timereset; /* * Response packet used by these routines. Also some state information diff --git a/ntpq/ntpq-subs.c b/ntpq/ntpq-subs.c index 4c1f998b2..cb4a065cd 100644 --- a/ntpq/ntpq-subs.c +++ b/ntpq/ntpq-subs.c @@ -51,6 +51,7 @@ static void lpassociations (struct parse *, FILE *); static void radiostatus (struct parse *, FILE *); #endif /* UNUSED */ +static void authinfo (struct parse *, FILE *); static void pstats (struct parse *, FILE *); static long when (l_fp *, l_fp *, l_fp *); static char * prettyinterval (char *, size_t, long); @@ -180,6 +181,9 @@ struct xcmd opcmds[] = { { "monstats", monstats, { NO, NO, NO, NO }, { "", "", "", "" }, "display monitor (mrulist) counters and limits" }, + { "authinfo", authinfo, { NO, NO, NO, NO }, + { "", "", "", "" }, + "display symmetric authentication counters" }, { 0, 0, { NO, NO, NO, NO }, { "-4|-6", "", "", "" }, "" } }; @@ -3413,7 +3417,7 @@ sysinfo( collect_display_vdc(0, sysinfo_vdc, TRUE, fp); } - + /* * monstats - implements ntpq -c monstats */ @@ -3439,6 +3443,32 @@ monstats( } +/* + * monstats - implements ntpq -c monstats + */ +static void +authinfo( + struct parse *pcmd, + FILE *fp + ) +{ + static vdc authinfo_vdc[] = { + { "authreset", "time since reset:", NTP_STR }, + { "authkeys", "stored keys: ", NTP_STR }, + { "authfreek", "free keys: ", NTP_STR }, + { "authklookups", "key lookups: ", NTP_STR }, + { "authknotfound", "keys not found: ", NTP_STR }, + { "authkuncached", "uncached keys: ", NTP_STR }, + { "authkexpired", "expired keys: ", NTP_STR }, + { "authencrypts", "encryptions: ", NTP_STR }, + { "authdecrypts", "decryptions: ", NTP_STR }, + { NULL, NULL, 0 } + }; + + collect_display_vdc(0, authinfo_vdc, FALSE, fp); +} + + /* * pstats - show statistics for a peer */