+2001-02-19 Harlan Stenn <stenn@whimsy.udel.edu>
+
+ * ntpd/ntp_proto.c (transmit): Don't peer_clear() and reset
+ minpoll unconditionally; make sure the peer is configured.
+ (poll_update): When updating peer->ppoll, check on BCAST and
+ MCAST, not ACAST
+ (peer_clear): PUBKEY cleanup. Zero out the peer structure
+ earlier. Initialization cleanup/fixes.
+ (peer_xmit): CRYPTO_FLAG_AUTO is in peer->flags now.
+ (key_expire): Debug output.
+ * ntpd/ntp_peer.c (unpeer): PUBKEY cleanup.
+ (newpeer): peer variable setup cleanup.
+ * ntpd/ntp_crypto.c (make_keylist): Keep CRYPTO_FLAG_AUTO in
+ peer->flags, not crypto_flags.
+ (crypto_xmit): Ditto.
+ (crypto_recv): Fix up RV_TSP logic (several places).
+ * include/ntp.h (clear_to_zero): Moved...
+ From: Dave Mills.
+
2001-02-14 Harlan Stenn <stenn@whimsy.udel.edu>
* ntpd/ntp_proto.c (peer_xmit): Crypto-related fixes
/*
* Variables used by authenticated client
*/
+#define clear_to_zero pkeyid
#ifdef AUTOKEY
associd_t assoc; /* peer association ID */
u_int32 crypto; /* peer status word */
#endif /* AUTOKEY */
keyid_t keyid; /* current key ID */
keyid_t pkeyid; /* previous key ID */
-#define clear_to_zero pkeyid
#ifdef AUTOKEY
keyid_t hcookie; /* host cookie */
struct cookie pcookie; /* peer cookie */
rval);
else
ap->siglen = htonl(len);
- crypto_flags |= CRYPTO_FLAG_AUTO;
+ peer->flags |= CRYPTO_FLAG_AUTO;
#endif /* PUBKEY */
}
#ifdef PUBKEY
temp = ntohl(ap->siglen);
kp = (R_RSA_PUBLIC_KEY *)peer->pubkey.ptr;
- if (tstamp < peer->recauto.tstamp || (tstamp ==
+ if (tstamp == 0 || tstamp <
+ peer->recauto.tstamp || (tstamp ==
peer->recauto.tstamp && (peer->flags &
FLAG_AUTOKEY))) {
rval = RV_TSP;
#ifdef PUBKEY
temp = ntohl(cp->siglen);
kp = (R_RSA_PUBLIC_KEY *)peer->pubkey.ptr;
- if (tstamp < peer->pcookie.tstamp || (tstamp ==
+ if (tstamp == 0 || tstamp <
+ peer->pcookie.tstamp || (tstamp ==
peer->pcookie.tstamp && (peer->flags &
FLAG_AUTOKEY))) {
rval = RV_TSP;
rval = RV_PUB;
} else if (ntohl(pkt[j]) != kp->bits / 8) {
rval = RV_SIG;
+ } else if (tstamp == 0) {
+ rval = RV_TSP;
} else if (tstamp < ntohl(dhparam.fstamp) ||
fstamp < ntohl(dhparam.fstamp)) {
rval = RV_FSP;
rval = RV_PUB;
} else if (ntohl(pkt[j]) != kp->bits / 8) {
rval = RV_SIG;
- } else if (tstamp < peer->pcookie.tstamp ||
- (tstamp == peer->pcookie.tstamp &&
- (peer->flags & FLAG_AUTOKEY))) {
+ } else if (tstamp == 0 || tstamp <
+ peer->pcookie.tstamp || (tstamp ==
+ peer->pcookie.tstamp && (peer->flags &
+ FLAG_AUTOKEY))) {
rval = RV_TSP;
} else {
R_VerifyInit(&ctx, DA_MD5);
rval = RV_KEY;
} else if (ntohl(pkt[j]) != bits / 8) {
rval = RV_SIG;
- } else if (tstamp < peer->pubkey.tstamp ||
- (tstamp == peer->pubkey.tstamp &&
- (peer->flags & FLAG_AUTOKEY))) {
+ } else if (tstamp == 0 || tstamp <
+ peer->pubkey.tstamp || (tstamp ==
+ peer->pubkey.tstamp && (peer->flags &
+ FLAG_AUTOKEY))) {
rval = RV_TSP;
} else if (tstamp < peer->pubkey.fstamp ||
fstamp < peer->pubkey.fstamp) {
} else {
j = i + 5 + rsalen / 4;
peer->pubkey.ptr = (u_char *)kp;
- temp = 1+ strlen((char *)&pkt[j]);
- peer->keystr = emalloc(temp);
+ temp = strlen((char *)&pkt[j]);
+ peer->keystr = emalloc(temp +
+ 1);
strcpy(peer->keystr,
(char *)&pkt[j]);
peer->pubkey.tstamp = tstamp;
rval = RV_PUB;
} else if (ntohl(pkt[j]) != kp->bits / 8) {
rval = RV_SIG;
+ } else if (tstamp == 0) {
+ rval = RV_TSP;
} else if (tstamp < ntohl(tai_leap.fstamp) ||
fstamp < ntohl(tai_leap.fstamp)) {
rval = RV_FSP;
* perp has replayed an old message.
*/
case CRYPTO_AUTO | CRYPTO_RESP:
- crypto_flags &= ~CRYPTO_FLAG_AUTO;
peer = findpeerbyassoc(associd);
if (peer == NULL) {
opcode |= CRYPTO_ERROR;
break;
}
+ peer->flags &= ~CRYPTO_FLAG_AUTO;
ap = (struct autokey *)&xpkt[i + 2];
ap->tstamp = peer->sndauto.tstamp;
ap->seq = peer->sndauto.seq;
peer_associations);
#endif
peer_clear(peer_to_remove);
-#ifdef PUBKEY
- if (peer_to_remove->keystr != NULL)
- free(peer_to_remove->keystr);
- if (peer_to_remove->pubkey.ptr != NULL)
- free(peer_to_remove->pubkey.ptr);
-#endif /* PUBKEY */
hash = HASH_ADDR(&peer_to_remove->srcadr);
peer_hash_count[hash]--;
peer_demobilizations++;
else
peer->dstadr = findinterface(srcadr);
peer->srcadr = *srcadr;
- peer->cast_flags = cast_flags;
peer->hmode = (u_char)hmode;
- peer->keyid = key;
peer->version = (u_char)version;
peer->minpoll = (u_char)minpoll;
peer->maxpoll = (u_char)maxpoll;
peer->flags = flags | (key > NTP_MAXKEY ? FLAG_SKEY : 0);
- peer->hpoll = peer->minpoll;
- peer->ppoll = peer->minpoll;
+ peer->cast_flags = cast_flags;
peer->ttlmax = ttl;
- peer->leap = LEAP_NOTINSYNC;
+ peer->keyid = key;
peer->precision = sys_precision;
- peer->jitter = MAXDISPERSE;
- peer->epoch = current_time;
- peer->stratum = STRATUM_UNSPEC;
peer_clear(peer);
- peer->update = peer->outdate = current_time;
- peer->nextdate = peer->outdate + (RANDOM & ((1 << NTP_MINPOLL) -
- 1));
/*
* Assign an association ID and increment the system variable.
if (oreach != 0) {
report_event(EVNT_UNREACH, peer);
peer->timereachable = current_time;
- peer_clear(peer);
if (!(peer->flags & FLAG_CONFIG)) {
unpeer(peer);
clock_select();
return;
-
+ } else {
+ peer_clear(peer);
+ hpoll = peer->minpoll;
}
- hpoll = peer->minpoll;
}
if (peer->flags & FLAG_IBURST)
peer->burst = NTP_SHIFT;
peer->hpoll = peer->maxpoll;
else if (peer->hpoll < peer->minpoll)
peer->hpoll = peer->minpoll;
- if (peer->cast_flags & (MDF_BCAST | MDF_MCAST | MDF_ACAST))
+ if (peer->cast_flags & (MDF_BCAST | MDF_MCAST))
peer->ppoll = peer->hpoll;
/*
#endif
#ifdef AUTOKEY
key_expire(peer);
+#ifdef PUBKEY
+ if (peer->keystr != NULL)
+ free(peer->keystr);
+ if (peer->pubkey.ptr != NULL)
+ free(peer->pubkey.ptr);
+#endif /* PUBKEY */
#endif /* AUTOKEY */
+ memset(CLEAR_TO_ZERO(peer), 0, LEN_CLEAR_TO_ZERO);
/*
* If he dies as a broadcast client, he comes back to life as
peer->flags |= FLAG_MCAST;
peer->hmode = MODE_CLIENT;
}
- memset(CLEAR_TO_ZERO(peer), 0, LEN_CLEAR_TO_ZERO);
peer->estbdelay = sys_bdelay;
- peer->hpoll = peer->minpoll;
+ peer->hpoll = peer->ppoll = peer->kpoll = peer->minpoll;
peer->pollsw = FALSE;
peer->jitter = MAXDISPERSE;
+ peer->leap = LEAP_NOTINSYNC;
+ peer->stratum = STRATUM_UNSPEC;
peer->epoch = current_time;
for (i = 0; i < NTP_SHIFT; i++) {
peer->filter_order[i] = i;
peer->filter_disp[i] = MAXDISPERSE;
peer->filter_epoch[i] = current_time;
}
- poll_update(peer, peer->minpoll);
+ peer->update = peer->outdate = current_time;
+ peer->nextdate = peer->outdate + (RANDOM & ((1 << NTP_MINPOLL) -
+ 1));
}
* them at other times.
*/
case MODE_BROADCAST:
- if (crypto_flags & CRYPTO_FLAG_AUTO)
+ if (peer->flags & CRYPTO_FLAG_AUTO)
cmmd = CRYPTO_AUTO | CRYPTO_RESP;
else
cmmd = CRYPTO_ASSOC | CRYPTO_RESP;
sendlen += crypto_xmit((u_int32 *)&xpkt,
sendlen, CRYPTO_AUTO, peer->hcookie,
peer->assoc);
- else if ((crypto_flags & CRYPTO_FLAG_AUTO) &&
+ else if ((peer->flags & CRYPTO_FLAG_AUTO) &&
(peer->cmmd >> 16) != CRYPTO_AUTO)
sendlen += crypto_xmit((u_int32 *)&xpkt,
sendlen, CRYPTO_AUTO | CRYPTO_RESP,
peer->keylist = NULL;
}
peer->keynumber = peer->sndauto.seq = 0;
+#ifdef DEBUG
+ if (debug)
+ printf("key_expire: at %lu\n", current_time);
+#endif
}
#endif /* AUTOKEY */