+2000-07-28 Harlan Stenn <stenn@whimsy.udel.edu>
+
+ * ntpd/ntp_proto.c (transmit): Add some parens.
+ (peer_xmit): Add ntohl when grabbing sndauto.seq for broadcast.
+ * ntpd/ntp_peer.c (findpeer): Cleanup
+ * ntpd/ntp_loopfilter.c (local_clock): Typo
+ From Dave Mills
+
+ * include/ntp_config.h: Created
+
+ * util/ntp-genkeys.c: Always build, but realize we may not have
+ RSAREF. Compile parts appropriately.
+
+ * util/Makefile.am (bin_PROGRAMS): Always make ntp-genkeys
+ (ntp-genkeys_LDADD): Use $LIBRSAREF instead of the "real path"
+ * configure.in: Lose MAKE_NTP_GENKEYS
+
+ * configure.in:
+ * util/ntp-genkeys.c:
+ * util/Makefile.am:
+ Renamed ntp_genkeys to ntp-genkeys.
+
2000-07-27 Harlan Stenn <stenn@whimsy.udel.edu>
* ntpdate/ntpdate.c (ntpdatemain): Cleanup error message.
ans=rsaref
LIBRSAREF=../librsaref/librsaref.a
MAKE_LIBRSAREF=librsaref.a
- MAKE_NTP_GENKEYS=ntp_genkeys
cat >>confdefs.h <<\EOF
#define DES 1
EOF
echo "$ac_t""$ans" 1>&6
echo $ac_n "checking if we want to compile with ElectricFence... $ac_c" 1>&6
-echo "configure:10145: checking if we want to compile with ElectricFence" 1>&5
+echo "configure:10144: checking if we want to compile with ElectricFence" 1>&5
# Check whether --with-electricfence or --without-electricfence was given.
if test "${with_electricfence+set}" = set; then
withval="$with_electricfence"
echo "$ac_t""$ans" 1>&6
echo $ac_n "checking if we can make dcf parse utilities... $ac_c" 1>&6
-echo "configure:10169: checking if we can make dcf parse utilities" 1>&5
+echo "configure:10168: checking if we can make dcf parse utilities" 1>&5
ans=no
if test "$ntp_parseutil" = "yes"; then
case "$target" in
echo "$ac_t""$ans" 1>&6
echo $ac_n "checking if we can build kernel streams modules for parse... $ac_c" 1>&6
-echo "configure:10183: checking if we can build kernel streams modules for parse" 1>&5
+echo "configure:10182: checking if we can build kernel streams modules for parse" 1>&5
ans=no
case "$ntp_parseutil$ac_cv_header_sys_stropts_h" in
yesyes)
echo "$ac_t""$ans" 1>&6
echo $ac_n "checking if we need basic refclock support... $ac_c" 1>&6
-echo "configure:10210: checking if we need basic refclock support" 1>&5
+echo "configure:10209: checking if we need basic refclock support" 1>&5
if test "$ntp_refclock" = "yes"; then
cat >>confdefs.h <<\EOF
#define REFCLOCK 1
echo $ac_n "checking if we want HP-UX adjtimed support... $ac_c" 1>&6
-echo "configure:10222: checking if we want HP-UX adjtimed support" 1>&5
+echo "configure:10221: checking if we want HP-UX adjtimed support" 1>&5
case "$target" in
*-*-hpux[56789]*)
ans=yes
echo "$ac_t""$ans" 1>&6
echo $ac_n "checking if we can read kmem... $ac_c" 1>&6
-echo "configure:10240: checking if we can read kmem" 1>&5
+echo "configure:10239: checking if we can read kmem" 1>&5
if test "${ac_cv_var_can_kmem+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if adjtime is accurate... $ac_c" 1>&6
-echo "configure:10292: checking if adjtime is accurate" 1>&5
+echo "configure:10291: checking if adjtime is accurate" 1>&5
if test "${ac_cv_var_adjtime_is_accurate+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking the name of 'tick' in the kernel... $ac_c" 1>&6
-echo "configure:10343: checking the name of 'tick' in the kernel" 1>&5
+echo "configure:10342: checking the name of 'tick' in the kernel" 1>&5
if test "${ac_cv_var_nlist_tick+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
#
echo $ac_n "checking for the units of 'tick'... $ac_c" 1>&6
-echo "configure:10386: checking for the units of 'tick'" 1>&5
+echo "configure:10385: checking for the units of 'tick'" 1>&5
if test "${ac_cv_var_tick_nano+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
#
echo $ac_n "checking the name of 'tickadj' in the kernel... $ac_c" 1>&6
-echo "configure:10409: checking the name of 'tickadj' in the kernel" 1>&5
+echo "configure:10408: checking the name of 'tickadj' in the kernel" 1>&5
if test "${ac_cv_var_nlist_tickadj+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
#
echo $ac_n "checking for the units of 'tickadj'... $ac_c" 1>&6
-echo "configure:10461: checking for the units of 'tickadj'" 1>&5
+echo "configure:10460: checking for the units of 'tickadj'" 1>&5
if test "${ac_cv_var_tickadj_nano+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
#
echo $ac_n "checking half-heartedly for 'dosynctodr' in the kernel... $ac_c" 1>&6
-echo "configure:10484: checking half-heartedly for 'dosynctodr' in the kernel" 1>&5
+echo "configure:10483: checking half-heartedly for 'dosynctodr' in the kernel" 1>&5
if test "${ac_cv_var_nlist_dosynctodr+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
#
echo $ac_n "checking half-heartedly for 'noprintf' in the kernel... $ac_c" 1>&6
-echo "configure:10536: checking half-heartedly for 'noprintf' in the kernel" 1>&5
+echo "configure:10535: checking half-heartedly for 'noprintf' in the kernel" 1>&5
if test "${ac_cv_var_nlist_noprintf+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking for a default value for 'tick'... $ac_c" 1>&6
-echo "configure:10582: checking for a default value for 'tick'" 1>&5
+echo "configure:10581: checking for a default value for 'tick'" 1>&5
if test "${ac_cv_var_tick+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking for a default value for 'tickadj'... $ac_c" 1>&6
-echo "configure:10625: checking for a default value for 'tickadj'" 1>&5
+echo "configure:10624: checking for a default value for 'tickadj'" 1>&5
if test "${ac_cv_var_tickadj+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we want and can make the tickadj utility... $ac_c" 1>&6
-echo "configure:10756: checking if we want and can make the tickadj utility" 1>&5
+echo "configure:10755: checking if we want and can make the tickadj utility" 1>&5
if test "${ac_cv_make_tickadj+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we want and can make the ntptime utility... $ac_c" 1>&6
-echo "configure:10770: checking if we want and can make the ntptime utility" 1>&5
+echo "configure:10769: checking if we want and can make the ntptime utility" 1>&5
if test "${ac_cv_make_ntptime+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we want UDP wildcard delivery... $ac_c" 1>&6
-echo "configure:10795: checking if we want UDP wildcard delivery" 1>&5
+echo "configure:10794: checking if we want UDP wildcard delivery" 1>&5
if test "${ac_cv_var_udp_wildcard_delivery+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we should always slew the time... $ac_c" 1>&6
-echo "configure:10873: checking if we should always slew the time" 1>&5
+echo "configure:10872: checking if we should always slew the time" 1>&5
if test "${ac_cv_var_slew_always+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we should step and slew the time... $ac_c" 1>&6
-echo "configure:10912: checking if we should step and slew the time" 1>&5
+echo "configure:10911: checking if we should step and slew the time" 1>&5
if test "${ac_cv_var_step_slew+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if ntpdate should step the time... $ac_c" 1>&6
-echo "configure:10954: checking if ntpdate should step the time" 1>&5
+echo "configure:10953: checking if ntpdate should step the time" 1>&5
if test "${ac_cv_var_ntpdate_step+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we should sync TODR clock every hour... $ac_c" 1>&6
-echo "configure:10984: checking if we should sync TODR clock every hour" 1>&5
+echo "configure:10983: checking if we should sync TODR clock every hour" 1>&5
if test "${ac_cv_var_sync_todr+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
esac
echo $ac_n "checking if we should avoid kernel FLL bug... $ac_c" 1>&6
-echo "configure:11016: checking if we should avoid kernel FLL bug" 1>&5
+echo "configure:11015: checking if we should avoid kernel FLL bug" 1>&5
if test "${ac_cv_var_kernel_fll_bug+set}" = set; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ans=rsaref
LIBRSAREF=../librsaref/librsaref.a
MAKE_LIBRSAREF=librsaref.a
- MAKE_NTP_GENKEYS=ntp_genkeys
AC_DEFINE(DES)
AC_DEFINE(PUBKEY, , [Public key?])
fi
--- /dev/null
+/*
+ * Configuration file name
+ */
+#ifndef CONFIG_FILE
+# ifndef SYS_WINNT
+# define CONFIG_FILE "/etc/ntp.conf"
+# else /* SYS_WINNT */
+# define CONFIG_FILE "%windir%\\system32\\drivers\\etc\\ntp.conf"
+# define ALT_CONFIG_FILE "%windir%\\ntp.conf"
+# endif /* SYS_WINNT */
+#endif /* not CONFIG_FILE */
#include "ntp_refclock.h"
#include "ntp_filegen.h"
#include "ntp_stdlib.h"
+#include "ntp_config.h"
#ifdef PUBKEY
#include "ntp_crypto.h"
* lines are ignored.
*/
-/*
- * Configuration file name
- */
-#ifndef CONFIG_FILE
-# ifndef SYS_WINNT
-# define CONFIG_FILE "/etc/ntp.conf"
-# else /* SYS_WINNT */
-# define CONFIG_FILE "%windir%\\system32\\drivers\\etc\\ntp.conf"
-# define ALT_CONFIG_FILE "%windir%\\ntp.conf"
-# endif /* SYS_WINNT */
-#endif /* not CONFIG_FILE */
-
/*
* We understand the following configuration entries and defaults.
*
* reset or shaken, but never stirred.
*/
default:
- if (allow_set_backward | correct_any) {
+ if (allow_set_backward || correct_any) {
step_systime(fp_offset);
NLOG(NLOG_SYNCEVENT|NLOG_SYSEVENT)
msyslog(LOG_NOTICE, "time reset %.6f s",
* Sigh! Check if BCLIENT peer in client
* server mode, else return error
*/
- if ((*action == AM_POSSBCL) &&
- !(peer->cast_flags & FLAG_MCAST1)) {
+ if ((*action == AM_POSSBCL) && !(peer->flags &
+ FLAG_MCAST1))
*action = AM_ERR;
- }
/* if an error was returned, exit back right here */
if (*action == AM_ERR)
* local clock driver and the driver is not the prefer peer.
*/
if (peer->hmode != MODE_BROADCAST) {
- if (peer->hmode != MODE_BCLIENT && !(peer->cast_flags &
- MDF_ACAST && sys_survivors >= NTP_MINCLOCK))
+ if (peer->hmode != MODE_BCLIENT && !((peer->cast_flags &
+ MDF_ACAST) && sys_survivors >= NTP_MINCLOCK))
peer_xmit(peer);
} else if (sys_peer != NULL && sys_leap != LEAP_NOTINSYNC) {
if (!(sys_peer->refclktype == REFCLK_LOCALCLOCK &&
* them at other times.
*/
case MODE_BROADCAST:
- if (peer->keynumber == peer->sndauto.seq)
+ if (peer->keynumber == ntohl(peer->sndauto.seq))
cmmd = CRYPTO_AUTO | CRYPTO_RESP;
else
cmmd = CRYPTO_ASSOC | CRYPTO_RESP;
#AUTOMAKE_OPTIONS = ../ansi2knr no-dependencies
AUTOMAKE_OPTIONS = ansi2knr
-bin_PROGRAMS = @MAKE_TICKADJ@ @MAKE_NTPTIME@ @MAKE_NTP_GENKEYS@
-EXTRA_PROGRAMS = byteorder hist jitter kern longsize ntp_genkeys ntptime \
+bin_PROGRAMS = @MAKE_TICKADJ@ @MAKE_NTPTIME@ ntp-genkeys
+EXTRA_PROGRAMS = byteorder hist jitter kern longsize ntptime \
precision sht testrs6000 tickadj timetrim
-ntp_genkeys_LDADD = ../librsaref/librsaref.a ../libntp/libntp.a
+ntp_genkeys_LDADD = $(LIBRSAREF) ../libntp/libntp.a
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/librsaref
# LDADD might need RESLIB and ADJLIB
CXXCPP = @CXXCPP@
DCFD = @DCFD@
DEPDIR = @DEPDIR@
+EF_LIBS = @EF_LIBS@
+EF_PROGS = @EF_PROGS@
LDFLAGS = @LDFLAGS@
LIBPARSE = @LIBPARSE@
LIBRSAREF = @LIBRSAREF@
AUTOMAKE_OPTIONS = ansi2knr
-bin_PROGRAMS = @MAKE_TICKADJ@ @MAKE_NTPTIME@ @MAKE_NTP_GENKEYS@
-EXTRA_PROGRAMS = byteorder hist jitter kern longsize ntp_genkeys ntptime \
+bin_PROGRAMS = @MAKE_TICKADJ@ @MAKE_NTPTIME@ ntp-genkeys
+EXTRA_PROGRAMS = byteorder hist jitter kern longsize ntptime \
precision sht testrs6000 tickadj timetrim
-ntp_genkeys_LDADD = ../librsaref/librsaref.a ../libntp/libntp.a
+ntp_genkeys_LDADD = $(LIBRSAREF) ../libntp/libntp.a
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/librsaref
# LDADD might need RESLIB and ADJLIB
longsize_LDADD = $(LDADD)
longsize_DEPENDENCIES = ../libntp/libntp.a
longsize_LDFLAGS =
-ntp_genkeys_SOURCES = ntp_genkeys.c
-ntp_genkeys_OBJECTS = ntp_genkeys$U.o
-ntp_genkeys_DEPENDENCIES = ../librsaref/librsaref.a ../libntp/libntp.a
+ntp_genkeys_SOURCES = ntp-genkeys.c
+ntp_genkeys_OBJECTS = ntp-genkeys$U.o
+ntp_genkeys_DEPENDENCIES = ../libntp/libntp.a
ntp_genkeys_LDFLAGS =
ntptime_SOURCES = ntptime.c
ntptime_OBJECTS = ntptime$U.o
CCLD = $(CC)
LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
DIST_SOURCES = byteorder.c hist.c jitter.c kern.c longsize.c \
-ntp_genkeys.c ntptime.c precision.c sht.c testrs6000.c tickadj.c \
+ntp-genkeys.c ntptime.c precision.c sht.c testrs6000.c tickadj.c \
timetrim.c
DIST_COMMON = README Makefile.am Makefile.in ansi2knr.1 ansi2knr.c
depcomp = $(SHELL) $(top_srcdir)/depcomp
DEP_FILES = @AMDEP@ $(DEPDIR)/byteorder$U.Po $(DEPDIR)/hist$U.Po \
$(DEPDIR)/jitter$U.Po $(DEPDIR)/kern$U.Po $(DEPDIR)/longsize$U.Po \
-$(DEPDIR)/ntp_genkeys$U.Po $(DEPDIR)/ntptime$U.Po \
+$(DEPDIR)/ntp-genkeys$U.Po $(DEPDIR)/ntptime$U.Po \
$(DEPDIR)/precision$U.Po $(DEPDIR)/sht$U.Po $(DEPDIR)/testrs6000$U.Po \
$(DEPDIR)/tickadj$U.Po $(DEPDIR)/timetrim$U.Po
-SOURCES = byteorder.c hist.c jitter.c kern.c longsize.c ntp_genkeys.c ntptime.c precision.c sht.c testrs6000.c tickadj.c timetrim.c
-OBJECTS = byteorder$U.o hist$U.o jitter$U.o kern$U.o longsize$U.o ntp_genkeys$U.o ntptime$U.o precision$U.o sht$U.o testrs6000$U.o tickadj$U.o timetrim$U.o
+SOURCES = byteorder.c hist.c jitter.c kern.c longsize.c ntp-genkeys.c ntptime.c precision.c sht.c testrs6000.c tickadj.c timetrim.c
+OBJECTS = byteorder$U.o hist$U.o jitter$U.o kern$U.o longsize$U.o ntp-genkeys$U.o ntptime$U.o precision$U.o sht$U.o testrs6000$U.o tickadj$U.o timetrim$U.o
all: all-redirect
.SUFFIXES:
@rm -f longsize
$(LINK) $(longsize_LDFLAGS) $(longsize_OBJECTS) $(longsize_LDADD) $(LIBS)
-ntp_genkeys: $(ntp_genkeys_OBJECTS) $(ntp_genkeys_DEPENDENCIES)
- @rm -f ntp_genkeys
+ntp-genkeys: $(ntp_genkeys_OBJECTS) $(ntp_genkeys_DEPENDENCIES)
+ @rm -f ntp-genkeys
$(LINK) $(ntp_genkeys_LDFLAGS) $(ntp_genkeys_OBJECTS) $(ntp_genkeys_LDADD) $(LIBS)
ntptime: $(ntptime_OBJECTS) $(ntptime_DEPENDENCIES)
$(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/kern.c; then echo $(srcdir)/kern.c; else echo kern.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > kern_.c
longsize_.c: longsize.c $(ANSI2KNR)
$(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/longsize.c; then echo $(srcdir)/longsize.c; else echo longsize.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > longsize_.c
-ntp_genkeys_.c: ntp_genkeys.c $(ANSI2KNR)
- $(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/ntp_genkeys.c; then echo $(srcdir)/ntp_genkeys.c; else echo ntp_genkeys.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > ntp_genkeys_.c
+ntp-genkeys_.c: ntp-genkeys.c $(ANSI2KNR)
+ $(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/ntp-genkeys.c; then echo $(srcdir)/ntp-genkeys.c; else echo ntp-genkeys.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > ntp-genkeys_.c
ntptime_.c: ntptime.c $(ANSI2KNR)
$(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/ntptime.c; then echo $(srcdir)/ntptime.c; else echo ntptime.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > ntptime_.c
precision_.c: precision.c $(ANSI2KNR)
$(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/tickadj.c; then echo $(srcdir)/tickadj.c; else echo tickadj.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > tickadj_.c
timetrim_.c: timetrim.c $(ANSI2KNR)
$(CPP) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) `if test -f $(srcdir)/timetrim.c; then echo $(srcdir)/timetrim.c; else echo timetrim.c; fi` | sed 's/^# \([0-9]\)/#line \1/' | $(ANSI2KNR) > timetrim_.c
-byteorder_.o hist_.o jitter_.o kern_.o longsize_.o ntp_genkeys_.o \
+byteorder_.o hist_.o jitter_.o kern_.o longsize_.o ntp-genkeys_.o \
ntptime_.o precision_.o sht_.o testrs6000_.o tickadj_.o timetrim_.o : \
$(ANSI2KNR)
@AMDEP@include $(DEPDIR)/jitter$U.Po
@AMDEP@include $(DEPDIR)/kern$U.Po
@AMDEP@include $(DEPDIR)/longsize$U.Po
-@AMDEP@include $(DEPDIR)/ntp_genkeys$U.Po
+@AMDEP@include $(DEPDIR)/ntp-genkeys$U.Po
@AMDEP@include $(DEPDIR)/ntptime$U.Po
@AMDEP@include $(DEPDIR)/precision$U.Po
@AMDEP@include $(DEPDIR)/sht$U.Po
#define PRIMELEN 512 /* length of D_H prime, generator */
/*
- * This program generates four files: ntp.keys containing the DES/MD5
- * private keys, ntpkey containing the RSA private key, ntpkey_host
- * containing the RSA public key, where host is the DNS name of the
- * generating machine, and ntpkey_dh containing the parameters for the
- * Diffie-Hellman key-agreement algorithm. The files contain
- * cryptographic values generated by the algorithms of the rsaref20
- * package and are in printable ASCII format. Since the algorythms are
- * seeded by the system clock, each run of this program will produce a
- * different outcome. There are no options or frills of any sort,
- * although a number of options would seem to be appropriate. Waving
- * this program in the breeze will no doubt bring a cast of thousands to
- * wiggle the options this way and that for various useful purposes.
+ * This program generates (up to) four files:
+ *
+ * ntp.keys containing the DES/MD5 private keys,
+ * ntpkey containing the RSA private key,
+ * ntpkey_HOST containing the RSA public key
+ * where HOST is the DNS name of the generating machine,
+ * ntpkey_dh containing the parameters for the Diffie-Hellman
+ * key-agreement algorithm.
+ *
+ * The files contain cryptographic values generated by the algorithms of
+ * the rsaref20 package and are in printable ASCII format. Since the
+ * algorythms are seeded by the system clock, each run of this program
+ * will produce a different outcome. There are no options or frills of
+ * any sort, although a number of options would seem to be appropriate.
+ * Waving this program in the breeze will no doubt bring a cast of
+ * thousands to wiggle the options this way and that for various useful
+ * purposes.
*
* The names of all files begin with "ntp" and end with an extension
* consisting of the seconds value of the current NTP timestamp, which
- * appears in the form ".*". This provides a way to distinguish between
+ * appears in the form ".*". This provides a way to distinguish between
* key generations, since the host name and timestamp can be fetched by
* a client during operation.
*
- * The ntp.keys.* file contains 16 MD5 keys. Each key consists of 16
+ * The ntp.keys.* file contains 16 MD5 keys. Each key consists of 16
* characters randomized over the ASCII 95-character printing subset.
* The file is read by the daemon at the location specified by the keys
- * configuration file command and made visible only to root. An
+ * configuration file command and made visible only to root. An
* additional key consisting of a easily remembered password should be
- * added by hand for use with the ntpdc program. The file must be
+ * added by hand for use with the ntpdc program. The file must be
* distributed by secure means to other servers and clients sharing the
* same security compartment.
*
* The key identifiers for MD5 and DES keys must be less than 65536,
- * although this program uses only the identifiers from 1 to 16. The key
+ * although this program uses only the identifiers from 1 to 16. The key
* identifier for each association is specified as the key argument in
* the server or peer configuration file command.
*
- * The ntpkey.* file contains the RSA private key. It is read by the
+ * The ntpkey.* file contains the RSA private key. It is read by the
* daemon at the location specified by the private argument of the
- * crypto configuration file command and made visible only to root. This
- * file is useful only to the machine that generated it and never shared
- * with any other daemon or application program.
+ * crypto configuration file command and made visible only to root.
+ * This file is useful only to the machine that generated it and never
+ * shared with any other daemon or application program.
*
* The ntpkey_host.* file contains the RSA public key, where host is the
- * DNS name of the host that generated it. The file is read by the
+ * DNS name of the host that generated it. The file is read by the
* daemon at the location specified by the public argument to the server
- * or peer configuration file command. This file can be widely
+ * or peer configuration file command. This file can be widely
* distributed and stored without using secure means, since the data are
* public values.
*
* The ntp_dh.* file contains two Diffie-Hellman parameters, the prime
- * modulus and the generator. The file is read by the daemon at the
+ * modulus and the generator. The file is read by the daemon at the
* location specified by the dhparams argument of the crypto
- * configuration file command. This file can be widely distributed and
+ * configuration file command. This file can be widely distributed and
* stored without using secure means, since the data are public values.
*
- * The file formats all begin with two lines. The first line contains
+ * The file formats all begin with two lines. The first line contains
* the file name and decimal timestamp, while the second contains the
- * readable datestamp. Lines beginning with # are considered comments
- * and ignored by the daemon. In the ntp.keys.* file, the next 16 lines
- * contain the MD5 keys in order. In the ntpkey.* and ntpkey_host.*
+ * readable datestamp. Lines beginning with # are considered comments
+ * and ignored by the daemon. In the ntp.keys.* file, the next 16 lines
+ * contain the MD5 keys in order. In the ntpkey.* and ntpkey_host.*
* files, the next line contains the modulus length in bits followed by
- * the key as a PEM encoded string. In the ntpkey_dh.* file, the next
+ * the key as a PEM encoded string. In the ntpkey_dh.* file, the next
* line contains the prime length in bytes followed by the prime as a
* PEM encoded string, and the next and final line contains the
* generator length in bytes followed by the generator as a PEM encoded
* string.
*
* Note: See the file ./source/rsaref.h in the rsaref20 package for
- * explanation of return values, if necessary.
+ * explanation of return values, if necessary.
*/
+
+/*
+ -c Location of ntp.conf file
+ (to get the expected locations of the keys)
+ If there is no ntp.conf file, we will make no keys.
+ -f force installation of generated keys.
+ Otherwise, only "missing" keys will be generated
+ -d Generate D-H parameter file
+ -m Generate MD5 key file (is there *any* reason to generate DES
+ keys?)
+ -r Generate RSA keys
+
+ -k key_file (see ntp_config.c)
+ -l Don't make the symlinks
+ -t Trash the (old) files at the end of symlink
+*/
+
int
main(
int argc,
char *argv[]
)
{
+#ifdef PUBKEY
R_RSA_PRIVATE_KEY rsaref_private; /* RSA private key */
R_RSA_PUBLIC_KEY rsaref_public; /* RSA public key */
R_RSA_PROTO_KEY protokey; /* RSA prototype key */
R_DH_PARAMS dh_params; /* Diffie-Hellman parameters */
R_RANDOM_STRUCT randomstr; /* random structure */
+ int rval; /* return value */
u_char encoded_key[MAXKEYLEN]; /* encoded PEM string buffer */
u_int modulus; /* modulus length */
+ u_int len;
+#endif /* PUBKEY */
struct timeval tv; /* initialization vector */
u_long ntptime; /* NTP timestamp */
u_char hostname[256]; /* DNS host name */
u_char filename[256]; /* public key file name */
u_char md5key[17]; /* generated MD5 key */
FILE *str; /* file handle */
- int rval; /* return value */
- u_int temp, len;
+ u_int temp;
int i, j;
+ mode_t std_mask; /* Standard mask */
+ mode_t sec_mask = 077; /* Secure mask */
+ char *config_file;
+ int make_dh = 0; /* Make D-H parameter file? */
+ int make_md5 = 0; /* Make MD5 keyfile? */
+ int make_rsa = 0; /* Make RSA pair? */
+ int force = 0; /* Force the installation? */
+ int nosymlinks = 0; /* Just create the (timestamped) files? */
+ int trash = 0; /* Trash old files? */
+
+ /* Initialize config_file */
+ /* What abuot netinfo? */
+
+ while ((i = ntp_getopt(argc, argv, "c:dflmrt")) != EOF)
+ switch (i) {
+ case 'c':
+ config_file = ntp_optarg;
+ break;
+ case 'd':
+ ++make_dh;
+ break;
+ case 'f':
+ ++force;
+ break;
+ case 'l':
+ ++nosymlinks;
+ break;
+ case 'm':
+ ++make_md5;
+ break;
+ case 'r':
+ ++make_rsa;
+ break;
+ case 't':
+ ++trash;
+ break;
+ case '?':
+ usage();
+ break;
+ }
+
+ /* If no type were specified, for for them all. */
+ if (!(make_dh | make_md5 | make_rsa)) {
+ ++make_dh;
+ ++make_md5;
+ ++make_rsa;
+ }
+
+ /* FindConfig() */
+ /* else NetInfo */
+
+ /*
+ -k key_file for md5 list?
+
+ Crack the config file, looking for:
+
+ "keys" The md5 key file name
+ "keysdir" directory to D-H and RSA keys
+ "publickey" The RSA public key
+ "privatekey" The RSA private key
+ "dhparms" The D-H parameter file
+
+ There's a chance we'll do this the same way ntpd_config does...
+
+ We need 2 variables per file:
+ - the specified location of the file
+ - the file it points to (if it's a symlink)
+ */
+
+ std_mask = umask(sec_mask); /* Get the standard mask */
/*
* Generate 16 random MD5 keys.
}
fclose(str);
+#ifdef PUBKEY
/*
* Roll the RSA public/private key pair.
*/
encoded_key[temp] = '\0';
fprintf(str, "%d %s\n", modulus, encoded_key);
fclose(str);
+#endif /* PUBKEY */
+#ifdef PUBKEY
/*
* Roll the prime and generator for the Diffie-Hellman key
* agreement algorithm.
encoded_key[temp] = '\0';
fprintf(str, "%d %s\n", dh_params.generatorLen, encoded_key);
fclose(str);
+#endif /* PUBKEY */
return (0);
}