From: Harlan Stenn Date: Mon, 5 Nov 2007 08:12:05 +0000 (-0500) Subject: ntp_config.c: X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b40e03f44ee24a8d84b57e4269d5ffd04afde819;p=thirdparty%2Fntp.git ntp_config.c: reindent ntp-keygen.c: Coverity fixes [CID 33,47] ntp_util.c, ntp_crypto.c, ntp_timer.c: [Bug 861] Leap second cleanups from Dave Mills systime.c: Fuzz cleanup from Dave Mills. ntp.h: Volley cleanup from Dave Mills. ntp_io.c: Fuzz cleanup from Dave Mills ntp_proto.c: [Bug 861] Leap second cleanups from Dave Mills. Volley cleanup from Dave Mills. ntpd.h: Leap second file cleanups from Dave Mills bk: 472ed055NqLToT4N2jXBhIAv4vRnwA --- diff --git a/ChangeLog b/ChangeLog index c03d2551fd..a3c640a59c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +* ntp-keygen.c: Coverity fixes [CID 33,47]. +* Volley cleanup from Dave Mills. +* Fuzz cleanup from Dave Mills. +* [Bug 861] Leap second cleanups from Dave Mills. * ntpsim.c: add missing protypes and fix [CID 34], a nit. * Upgraded bison at UDel. * Update br-flock and flock-build machine lists. diff --git a/include/ntp.h b/include/ntp.h index 48070ef97b..56918068ea 100644 --- a/include/ntp.h +++ b/include/ntp.h @@ -795,7 +795,6 @@ struct pkt { /* * Default parameters. We use these in the absence of something better. */ -#define DEFBROADDELAY 4e-3 /* default broadcast offset */ #define INADDR_NTP 0xe0000101 /* NTP multicast address 224.0.1.1 */ /* diff --git a/include/ntpd.h b/include/ntpd.h index b8c1b2b681..9cd211b641 100644 --- a/include/ntpd.h +++ b/include/ntpd.h @@ -186,7 +186,6 @@ extern void process_packet (struct peer *, struct pkt *, u_int); extern void clock_select (void); extern void kod_proto (void); extern int leap_tai; -extern u_long leap_ins; extern u_long leap_expire; extern u_long leap_sec; diff --git a/libntp/systime.c b/libntp/systime.c index 9391e51395..56337ee809 100644 --- a/libntp/systime.c +++ b/libntp/systime.c @@ -67,8 +67,7 @@ get_systime( getclock(TIMEOFDAY, &ts); # endif now->l_i = ts.tv_sec + JAN_1970; - now->l_uf |= ntp_random() & 0x3; - dtemp = sys_residual + ts.tv_nsec / 1e9; + dtemp = sys_residual + (ts.tv_nsec + ntp_random() / 0.5e9) / 1e9; if (dtemp >= 1.) { dtemp -= 1.; now->l_i++; @@ -87,8 +86,7 @@ get_systime( */ GETTIMEOFDAY(&tv, NULL); now->l_i = tv.tv_sec + JAN_1970; - now->l_uf |= ntp_random() & 0xfff; - dtemp = sys_residual + tv.tv_usec / 1e6; + dtemp = sys_residual + (tv.tv_usec + ntp_random() / 0.5e6) / 1e6; if (dtemp >= 1.) { dtemp -= 1.; now->l_i++; diff --git a/ntpd/ntp_config.c b/ntpd/ntp_config.c index 892fb8458f..30fef5d312 100644 --- a/ntpd/ntp_config.c +++ b/ntpd/ntp_config.c @@ -2693,12 +2693,12 @@ do_resolve_internal(void) DWORD dwThreadId; fflush(stdout); ResolverThreadHandle = CreateThread( - NULL, /* no security attributes */ - 0, /* use default stack size */ - (LPTHREAD_START_ROUTINE) ntp_intres, /* thread function */ - NULL, /* argument to thread function */ - 0, /* use default creation flags */ - &dwThreadId); /* returns the thread identifier */ + NULL, /* no security attributes */ + 0, /* use default stack size */ + (LPTHREAD_START_ROUTINE) ntp_intres, /* thread function */ + NULL, /* argument to thread function */ + 0, /* use default creation flags */ + &dwThreadId); /* returns the thread identifier */ if (ResolverThreadHandle == NULL) { msyslog(LOG_ERR, "CreateThread() failed, can't start ntp_intres"); abort_resolve(); diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c index c67cfdb1fd..cb40073c51 100644 --- a/ntpd/ntp_crypto.c +++ b/ntpd/ntp_crypto.c @@ -1087,10 +1087,12 @@ crypto_recv( tai_leap.fstamp = ep->fstamp; tai_leap.vallen = ep->vallen; leap_tai = ntohl(ep->pkt[0]); - leap_ins = ntohl(ep->pkt[1]); + leap_sec = ntohl(ep->pkt[1]); leap_expire = ntohl(ep->pkt[2]); crypto_update(); - } + msyslog(LOG_NOTICE, + "crypto: next leap second %lu TAI offset %d expire %lu", + leap_sec, leap_tai, leap_expire); } peer->crypto |= CRYPTO_FLAG_LEAP; peer->flash &= ~TEST8; snprintf(statstr, NTP_MAXSTRLEN, @@ -1986,7 +1988,7 @@ crypto_update(void) tai_leap.vallen = htonl(len); ptr = (u_int32 *)tai_leap.ptr; ptr[0] = htonl(leap_tai); - ptr[1] = htonl(leap_ins); + ptr[1] = htonl(leap_sec); ptr[2] = htonl(leap_expire); if (tai_leap.sig == NULL) tai_leap.sig = emalloc(sign_siglen); @@ -1995,7 +1997,7 @@ crypto_update(void) EVP_SignUpdate(&ctx, tai_leap.ptr, len); if (EVP_SignFinal(&ctx, tai_leap.sig, &len, sign_pkey)) tai_leap.siglen = htonl(len); - if (leap_tai > 0) + if (leap_expire > 0) crypto_flags |= CRYPTO_FLAG_TAI; snprintf(statstr, NTP_MAXSTRLEN, "update at %lu ts %u", current_time, ntohl(hostval.tstamp)); @@ -3406,6 +3408,7 @@ cert_parse( if ((ret->pkey = X509_get_pubkey(cert)) == NULL) { msyslog(LOG_ERR, "cert_parse: %s", ERR_error_string(ERR_get_error(), NULL)); + cert_free(ret); X509_free(cert); return (NULL); } diff --git a/ntpd/ntp_io.c b/ntpd/ntp_io.c index b53f9c6517..4edd4c4287 100644 --- a/ntpd/ntp_io.c +++ b/ntpd/ntp_io.c @@ -3005,14 +3005,8 @@ static l_fp l_fp nts; DPRINTF(4, ("fetch_timestamp: system network time stamp: %ld.%06ld\n", tvp->tv_sec, tvp->tv_usec)); nts.l_i = tvp->tv_sec + JAN_1970; - dtemp = tvp->tv_usec / 1e6; - - /* fuzz lower bits not covered by precision */ - if (sys_precision != 0) - dtemp += (ntp_random() / FRAC - .5) / (1 << - -sys_precision); - - nts.l_uf = (u_int32)(dtemp*FRAC); + dtemp = (tvp->tv_usec + ntp_random() / 0.5e6) / 1e6; + nts.l_uf = (u_int32)(dtemp * FRAC); #ifdef DEBUG_TIMING { l_fp dts = ts; diff --git a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c index d26ffc3321..02ed7e1ebc 100644 --- a/ntpd/ntp_proto.c +++ b/ntpd/ntp_proto.c @@ -58,7 +58,6 @@ int sys_kod_rate = 2; /* max kod packets per second */ */ int sys_bclient; /* broadcast client enable */ double sys_bdelay; /* broadcast client default delay */ -int sys_calldelay; /* modem callup delay (s) */ int sys_authenticate; /* requre authentication for config */ l_fp sys_authdelay; /* authentication delay */ static double sys_offset; /* current local clock offset */ @@ -70,11 +69,9 @@ u_long sys_epoch; /* last clock update time */ static int sys_hopper; /* anticlockhop counter */ static int sys_maxhop = MAXHOP; /* anticlockhop counter threshold */ int leap_tai; /* TAI at next next leap */ -u_long leap_ins; /* seconds at next leap */ -u_long leap_expire; /* leapfile expiration time */ -u_long leap_sec; /* leap countdown */ +u_long leap_sec; /* next leap */ +u_long leap_expire; /* leapfile expiration */ static int leap_next; /* leap consensus */ -static int leap_sw; /* leap is from file */ keyid_t sys_private; /* private value for session seed */ int sys_manycastserver; /* respond to manycast client pkts */ int peer_ntpdate; /* active peers in ntpdate mode */ @@ -193,8 +190,6 @@ transmit( * desigmed to back off whenever possible to minimize network * traffic. */ - if (peer->speed > 0) - peer->speed--; if (peer->burst == 0) { u_char oreach; @@ -218,6 +213,9 @@ transmit( report_event(EVNT_UNREACH, peer); peer->timereachable = current_time; } + if (peer->flags & FLAG_IBURST && peer->speed == + 0) + peer->speed = NTP_BURST; } else { /* @@ -229,9 +227,9 @@ transmit( hpoll = sys_poll; if (!oreach) peer->unreach = 0; - if (peer->flags & FLAG_BURST && - !peer_unfit(peer)) - peer->burst = NTP_BURST; + if (peer->flags & FLAG_BURST && peer->speed == + 0 && !peer_unfit(peer)) + peer->speed = NTP_BURST; } /* @@ -291,6 +289,8 @@ transmit( } } } + if (peer->speed > 0) + peer->speed--; /* * Do not transmit if in broadcast client mode. @@ -795,21 +795,39 @@ receive( rbufp->dstadr->addr_refid == pkt->refid) return; /* no help */ - switch (sys_bclient) { - /* * If not enabled, just skedaddle. */ - case 0: + if (sys_bclient == 0) { sys_restricted++; return; /* not enabled */ + /* + * Do not execute the initial volley. + */ + } else if (sys_bdelay != 0 || sys_bclient > 1) { +#ifdef OPENSSL + /* + * If a two-way exchange is not possible, + * neither is Autokey. + */ + if (skeyid > NTP_MAXKEY) { + msyslog(LOG_INFO, + "receive: autokey requires two-way communication"); + return; /* no autokey */ + } +#endif /* OPENSSL */ + if ((peer = newpeer(&rbufp->recv_srcadr, + rbufp->dstadr, MODE_BCLIENT, hisversion, + pkt->ppoll, max(pkt->ppoll, allan_xpt - 5), + 0, MDF_BCLNT, 0, skeyid)) == NULL) + return; /* ignore duplicate */ + /* * Execute the initial volley in order to calibrate the - * propagation delay and run the Autokey protocol, if - * enabled. + * propagation delay and run the Autokey protocol. */ - case 1: + } else { if ((peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr, MODE_CLIENT, hisversion, pkt->ppoll, max(pkt->ppoll, allan_xpt - 5), @@ -829,28 +847,6 @@ receive( crypto_recv(peer, rbufp); #endif /* OPENSSL */ return; /* hooray */ - - - /* - * Do not execute the initial volley. - */ - case 2: -#ifdef OPENSSL - /* - * If a two-way exchange is not possible, - * neither is Autokey. - */ - if (skeyid > NTP_MAXKEY) { - msyslog(LOG_INFO, - "receive: autokey requires two-way communication"); - return; /* no autokey */ - } -#endif /* OPENSSL */ - if ((peer = newpeer(&rbufp->recv_srcadr, - rbufp->dstadr, MODE_BCLIENT, hisversion, - pkt->ppoll, max(pkt->ppoll, allan_xpt - 5), - 0, MDF_BCLNT, 0, skeyid)) == NULL) - return; /* ignore duplicate */ } break; @@ -1176,15 +1172,24 @@ process_packet( } /* - * If the peer was previously unreachable, raise a trap and - * initialize the volley counter. In any case, mark as - * reachable. + * If the peer was previously unreachable, raise a trap. If a + * burst mode is active, initialize the burst. The unreachable + * burst is always 8 packets; the reachable burst is tailored + * not to exceed the minimum average headway of 16 s. */ if (!peer->reach) { report_event(EVNT_REACH, peer); peer->timereachable = current_time; - if (peer->speed == 0 && peer->burst == 0) - peer->speed = NTP_BURST; + if (peer->speed > 0 && peer->burst == 0) { + peer->speed = 0; + peer->burst = NTP_BURST; + } + } else { + if (peer->speed > 0 && peer->burst == 0) { + peer->speed = 0; + peer->burst = min(1 << (peer->hpoll - + NTP_MINPOLL), NTP_BURST); + } } peer->reach |= 1; poll_update(peer, peer->hpoll); @@ -1419,9 +1424,9 @@ clock_update( case 1: /* - * If this is the first time the clock is set, - * reset the leap bits. If crypto, the timer will goose - * the setup process. + * If this is the first time the clock is set, reset the + * leap bits. If crypto, the timer will goose the setup + * process. */ if (sys_leap == LEAP_NOTINSYNC) { sys_leap = LEAP_NOWARNING; @@ -1435,63 +1440,21 @@ clock_update( * If a leapseconds file is not present and the number * of survivor leap bits is greater than half the number * of survivors, schedule a leap for the end of the - * current month, but only if less than 28 days remain - * until the leap.This avoids spurious indications on - * the day after a previous leap. + * current month. */ get_systime(&now); - if (leap_ins == 0) { + if (leap_expire == 0) { u_long leapsec; - if (leap_next > sys_survivors / 2 ) { - if (!leap_sw) { - leapsec = leap_month(now.l_ui); - if (leapsec < 28 * 86400) { - leap_sw++; - leap_sec = leapsec; - sys_leap = - LEAP_ADDSECOND; - msyslog(LOG_NOTICE, - "proto: leap second armed %lu s", - leap_sec); - } + leapsec = leap_month(now.l_ui); + if (leapsec < 28 * 86400) { + leap_sec = now.l_ui + leapsec; + msyslog(LOG_NOTICE, + "proto: next leap second %lu", leap_sec); } } else { - leap_sw = 0; leap_sec = 0; - sys_leap = LEAP_NOWARNING; } - - /* - * If a leapseconds file is present and a future leap is - * indicated, decrement the TAI offset. If less than 28 - * days remain to the leap, schedule a leap when the - * leapseconds counter expires. - */ - } else if (leap_sec == 0) { - if (leap_ins > now.l_ui) { - if (leap_ins - now.l_ui < 28 * 86400) { - leap_sec = leap_ins - now.l_ui; - sys_leap = LEAP_ADDSECOND; - msyslog(LOG_NOTICE, - "proto: leap second armed %lu s", - leap_sec); - } - sys_tai = leap_tai - 1; - } else { - sys_tai = leap_tai; - } - if (!leap_sw) { - leap_sw++; - msyslog(LOG_NOTICE, - "proto: TAI offset %d s at %u", - sys_tai, now.l_ui); -#ifdef KERNEL_PLL - if (pll_control && kern_enable) - loop_config(LOOP_LEAP, 0); -#endif /* KERNEL_PLL */ - } - } break; /* * Popcorn spike or step threshold exceeded. Pretend it never @@ -1528,7 +1491,8 @@ poll_update( * First, bracket the poll interval according to the type of * association and options. If a fixed interval is configured, * use minpoll. This primarily is for reference clocks, but - * works for any association. If in a volley, clamp at minpoll. + * works for any association. If a burst mode is active, clamp + * at minpoll. */ if (peer->flags & FLAG_FIXPOLL || peer->speed > 0) { hpoll = peer->minpoll; @@ -1580,21 +1544,9 @@ poll_update( else if (peer->flags & FLAG_REFCLOCK) peer->nextdate += RESP_DELAY; #endif /* REFCLOCK */ - else if (peer->flags & (FLAG_IBURST | FLAG_BURST) && - peer->burst == NTP_BURST) - peer->nextdate += sys_calldelay; else peer->nextdate += BURST_DELAY; - /* - * If this is the first in a volley and a burst is enabled, do - * and reset the volley counter. Delicously intricate. - */ - } else if (peer->speed > 0 && peer->flags & FLAG_IBURST) { - peer->speed = 0; - peer->burst = NTP_BURST; - peer->nextdate = peer->outdate + BURST_DELAY; - /* * The ordinary case; use the minimum of the host and peer * intervals, but not less than minpoll. In other words, @@ -2223,11 +2175,10 @@ clock_select(void) * operators will tinker a higher value and use at least that * number of synchronization sources. */ - if (nlist < sys_minsane) - return; - for (i = 0; i < nlist; i++) peer_list[i]->status = CTL_PST_SEL_SELCAND; + if (nlist < sys_minsane) + return; /* * Now, vote outlyers off the island by select jitter weighted @@ -3211,8 +3162,7 @@ init_proto(void) sys_survivors = 0; sys_manycastserver = 0; sys_bclient = 0; - sys_bdelay = DEFBROADDELAY; - sys_calldelay = BURST_DELAY; + sys_bdelay = 0; sys_authenticate = 1; L_CLR(&sys_authdelay); sys_authdly[0] = sys_authdly[1] = 0; @@ -3328,8 +3278,7 @@ proto_config( break; case PROTO_CALLDELAY: /* modem call delay (mdelay) */ - sys_calldelay = (int)dvalue; - break; + break; /* NOT USED */ case PROTO_MINCLOCK: /* minimum candidates (minclock) */ sys_minclock = (int)dvalue; diff --git a/ntpd/ntp_timer.c b/ntpd/ntp_timer.c index bf2b0083e0..89432bb555 100644 --- a/ntpd/ntp_timer.c +++ b/ntpd/ntp_timer.c @@ -319,21 +319,31 @@ timer(void) * here, cheerfully ignored. */ if (leap_sec > 0) { - leap_sec--; - if (leap_sec == 0) { + get_systime(&now); + if (now.l_ui > leap_sec) { sys_leap = LEAP_NOWARNING; - if (sys_tai > 0) - sys_tai++; + sys_tai = leap_tai; + } else if (now.l_ui - leap_sec < 28 * 86400) { + sys_leap = LEAP_ADDSECOND; + if (leap_tai > 0) + sys_tai = leap_tai - 1; + } +#ifdef KERNEL_PLL + if (now.l_ui - leap_sec == 600) { + if (pll_control && kern_enable) + loop_config(LOOP_LEAP, 0); + } +#endif /* KERNEL_PLL */ + if (leap_sec == 0) { #ifdef KERNEL_PLL if (!(pll_control && kern_enable)) step_systime(-1.0); #else /* KERNEL_PLL */ step_systime(-1.0); #endif /* KERNEL_PLL */ - get_systime(&now); msyslog(LOG_NOTICE, - "timer: leap second at %u TAI %d s", - now.l_ui, sys_tai); + "timer: leap second %lu TAI %d", + leap_sec, sys_tai); } } diff --git a/ntpd/ntp_util.c b/ntpd/ntp_util.c index cef02fb5c0..ff06c3142c 100644 --- a/ntpd/ntp_util.c +++ b/ntpd/ntp_util.c @@ -825,11 +825,11 @@ leap_file( } fclose(str); leap_tai = offset; - leap_ins = leapsec; + leap_sec = leapsec; leap_expire = expire; msyslog(LOG_INFO, - "leap_file: %s TAI offset %d s at %lu expire %lu", - cp, leap_tai, leap_ins, leap_expire); + "leap_file: %s next leap second %lu TAI offset %d s expire %lu s", + cp, leap_sec, leap_tai, leap_expire); } diff --git a/util/ntp-keygen.c b/util/ntp-keygen.c index b1989bf1a0..cf40e7d2a1 100644 --- a/util/ntp-keygen.c +++ b/util/ntp-keygen.c @@ -178,9 +178,9 @@ BOOL init_randfile(); * Don't try to follow symbolic links */ int -readlink(char *link, char *file, int len) { +readlink(char *link, char *file, int len) return (-1); -} + /* * Don't try to create a symbolic link for now. * Just move the file to the name you need. @@ -732,7 +732,6 @@ readkey( fprintf(stderr, "Corrupt file %s or wrong key %s\n%s\n", cp, passwd, ERR_error_string(ERR_get_error(), NULL)); - fclose(str); exit (-1); } *estamp = gstamp; @@ -1261,8 +1260,8 @@ gen_mv( dsa->p = BN_new(); dsa->q = BN_new(); dsa->g = BN_new(); - s = malloc((n + 1) * sizeof(BIGNUM)); - s1 = malloc((n + 1) * sizeof(BIGNUM)); + s = malloc((n + 1) * sizeof(BIGNUM *)); + s1 = malloc((n + 1) * sizeof(BIGNUM *)); for (j = 1; j <= n; j++) s1[j] = BN_new(); temp = 0; @@ -1362,7 +1361,7 @@ gen_mv( fprintf(stderr, "Generating polynomial coefficients for %d roots (%d bits)\n", n, BN_num_bits(dsa->q)); - x = malloc((n + 1) * sizeof(BIGNUM)); + x = malloc((n + 1) * sizeof(BIGNUM *)); for (j = 1; j <= n; j++) { x[j] = BN_new(); while (1) { @@ -1379,7 +1378,7 @@ gen_mv( * expansion of root products (x - x[j]) mod q for all j. The * method is a present from Charlie Boncelet. */ - a = malloc((n + 1) * sizeof(BIGNUM)); + a = malloc((n + 1) * sizeof(BIGNUM *)); for (i = 0; i <= n; i++) { a[i] = BN_new(); BN_one(a[i]); @@ -1400,7 +1399,7 @@ gen_mv( * Generate g[i] = g^a[i] mod p for all i and the generator g. */ fprintf(stderr, "Generating g[i] parameters\n"); - g = malloc((n + 1) * sizeof(BIGNUM)); + g = malloc((n + 1) * sizeof(BIGNUM *)); for (i = 0; i <= n; i++) { g[i] = BN_new(); BN_mod_exp(g[i], dsa->g, a[i], dsa->p, ctx); @@ -1467,8 +1466,8 @@ gen_mv( * or the product s = prod(s'[j]) mod q, which is the enabling * key. */ - xbar = malloc((n + 1) * sizeof(BIGNUM)); - xhat = malloc((n + 1) * sizeof(BIGNUM)); + xbar = malloc((n + 1) * sizeof(BIGNUM *)); + xhat = malloc((n + 1) * sizeof(BIGNUM *)); for (j = 1; j <= n; j++) { xbar[j] = BN_new(); xhat[j] = BN_new(); BN_zero(xbar[j]);