* ntpdc/ntpdc_ops.c (printpeer): No more "valid".
* ntpd/ntp_request.c (peer_info): No more "valid".
* ntpd/ntp_refclock.c (refclock_transmit): valid/hpoll cleanup.
* ntpd/ntp_proto.c (transmit): valid/hpoll and peer->ttl cleanup.
peer->valid/oreach cleanup.
(receive): Call newpeer() with the pkt->ppoll, not
NTP_MINDPOLL (in several places).
In AM_NEWPASS, if we have a NULL peer, return.
(poll_update): Added xpoll definition, fixed oldpoll definition.
Algorithmic improvements.
* ntpd/ntp_peer.c (newpeer): Better minpoll/maxpoll
initialization.
(resetmanycast): That's a poll_update() on an MDF_ACAST, not a
poll_clear().
* ntpd/ntp_crypto.c: include <fcntl.h>.
(crypto_recv): Leave the crypto_flags alone when wiggling the
peer-> stuff.
(crypto_cert): Make room for daddy. Do a real open() on the cert
file. Read the cert. Initial hack and slash. Better debug info.
* ntpd/ntp_control.c: CP_VALID now does "unreach".
(ctl_putpeer): Ditto.
* include/ntp_request.h: info_peer gets a placeholder for "valid".
* include/ntp_crypto.h (CRYPTO_FLAG_CERT): Comment update.
* include/ntp.h: Lose "valid" from struct peer.
From: Dave Mills.
bk: 3aaefcb4Kjy7KGgRaAV7dWsYMLoUFA
+2001-03-14 Harlan Stenn <stenn@whimsy.udel.edu>
+
+ * ntpdc/ntpdc_ops.c (printpeer): No more "valid".
+ * ntpd/ntp_request.c (peer_info): No more "valid".
+ * ntpd/ntp_refclock.c (refclock_transmit): valid/hpoll cleanup.
+ * ntpd/ntp_proto.c (transmit): valid/hpoll and peer->ttl cleanup.
+ peer->valid/oreach cleanup.
+ (receive): Call newpeer() with the pkt->ppoll, not
+ NTP_MINDPOLL (in several places).
+ In AM_NEWPASS, if we have a NULL peer, return.
+ (poll_update): Added xpoll definition, fixed oldpoll definition.
+ Algorithmic improvements.
+ * ntpd/ntp_peer.c (newpeer): Better minpoll/maxpoll
+ initialization.
+ (resetmanycast): That's a poll_update() on an MDF_ACAST, not a
+ poll_clear().
+ * ntpd/ntp_crypto.c: include <fcntl.h>.
+ (crypto_recv): Leave the crypto_flags alone when wiggling the
+ peer-> stuff.
+ (crypto_cert): Make room for daddy. Do a real open() on the cert
+ file. Read the cert. Initial hack and slash. Better debug info.
+ * ntpd/ntp_control.c: CP_VALID now does "unreach".
+ (ctl_putpeer): Ditto.
+ * include/ntp_request.h: info_peer gets a placeholder for "valid".
+ * include/ntp_crypto.h (CRYPTO_FLAG_CERT): Comment update.
+ * include/ntp.h: Lose "valid" from struct peer.
+ From: Dave Mills.
+
2001-03-05 Harlan Stenn <stenn@whimsy.udel.edu>
* ntpd/ntp_proto.c (transmit): hpoll calc logic cleanup.
/*
* Ephemeral state variables
*/
- u_int valid; /* valid update counter */
u_char status; /* peer status */
u_char pollsw; /* what it says */
u_char ttl; /* ttl for manycast mode */
*/
#define CRYPTO_FLAG_ENAB 0x01 /* crypto enable */
#define CRYPTO_FLAG_RSA 0x02 /* public/private keys */
-#define CRYPTO_FLAG_CERT 0x04 /* PKI certificate */
+#define CRYPTO_FLAG_CERT 0x04 /* certificate */
#define CRYPTO_FLAG_DH 0x08 /* agreement parameters */
#define CRYPTO_FLAG_TAI 0x10 /* leapseconds table */
u_char hpoll; /* peer.hpoll */
s_char precision; /* peer.precision */
u_char version; /* peer.version */
- u_char valid; /* peer.valid */
+ u_char unused8;
u_char reach; /* peer.reach */
u_char unreach; /* peer.unreach */
u_char flash; /* old peer.flash */
{ CP_REC, RO, "rec" }, /* 19 */
{ CP_XMT, RO, "xmt" }, /* 20 */
{ CP_REACH, RO, "reach" }, /* 21 */
- { CP_VALID, RO, "valid" }, /* 22 */
+ { CP_VALID, RO, "unreach" }, /* 22 */
{ CP_TIMER, RO, "timer" }, /* 23 */
{ CP_DELAY, RO, "delay" }, /* 24 */
{ CP_OFFSET, RO, "offset" }, /* 25 */
break;
case CP_VALID:
- ctl_putuint(peer_var[CP_VALID].text, peer->valid);
+ ctl_putuint(peer_var[CP_VALID].text, peer->unreach);
break;
case CP_TIMER:
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
+#include <fcntl.h>
#include "ntpd.h"
#include "ntp_stdlib.h"
}
peer->flash &= ~TEST10;
peer->flags |= FLAG_PROVEN;
- crypto_flags |= CRYPTO_FLAG_CERT;
peer->crypto &= ~CRYPTO_FLAG_CERT;
/*
char *cp /* file name */
)
{
- FILE *str; /* file handle */
- u_char buf[MAX_LINLEN]; /* file line buffer */
- u_int certbuf[MAX_KEYLEN]; /* certificate */
+ u_char buf[5000]; /* file line buffer */
char filename[MAXFILENAME]; /* name of certificate file */
char linkname[MAXFILENAME]; /* file link (for filestamp) */
u_int fstamp; /* filestamp */
u_int32 *pp;
u_int len;
char *rptr;
- int rval, i;
+ int rval, fd;
/*
* Open the file and discard comment lines. If the first
strcpy(filename, cp);
else
snprintf(filename, MAXFILENAME, "%s/%s", keysdir, cp);
- str = fopen(filename, "r");
- if (str == NULL) {
+ fd = open(filename, O_RDONLY, 0777);
+ if (fd <= 0) {
msyslog(LOG_INFO,
"crypto: certificate file %s not found",
filename);
/*
* We are rather paranoid here, since an intruder might cause a
- * coredump by infiltrating naughty values. Empty lines and
- * comments are ignored. Other lines must begin with two
- * integers followed by junk or comments. The first integer is
- * the NTP seconds of leap insertion, the second is the offset
- * of TAI relative to UTC after that insertion. The second word
- * must equal the initial insertion of ten seconds on 1 January
- * 1972 plus one second for each succeeding insertion.
+ * coredump by infiltrating naughty values.
*/
- i = 0;
rval = RV_OK;
- while (i < MAX_LEAP) {
- rptr = fgets(buf, MAX_LINLEN - 1, str);
- if (rptr == NULL)
- break;
- if (strlen(buf) < 1)
- continue;
- if (*buf == '#')
- continue;
- i++;
- }
- fclose(str);
- if (rval != RV_OK || i == 0) {
+ len = read(fd, buf, 5000);
+ close(fd);
+ if (rval != RV_OK) {
msyslog(LOG_ERR,
"crypto: certificate file %s error %d", cp,
rval);
/*
* The extension field entry consists of the raw certificate.
*/
- len = i * 4;
- certif.vallen = htonl(len);
+ certif.vallen = htonl(200); /* xxxxxxxxxxxxxxxxxx */
pp = emalloc(len);
certif.ptr = (u_char *)pp;
- for (; i >= 0; i--) {
- *pp++ = htonl(certbuf[i]);
- }
+ memcpy(pp, buf, len);
certif.sig = emalloc(private_key.bits / 8);
crypto_flags |= CRYPTO_FLAG_CERT;
#ifdef DEBUG
if (debug)
printf(
- "crypto_cert: certif file %s link %d fs %u\n",
- cp, rval, fstamp);
+ "crypto_cert: certif file %s link %d fs %u len %d\n",
+ cp, rval, fstamp, len);
#endif
}
peer->srcadr = *srcadr;
peer->hmode = (u_char)hmode;
peer->version = (u_char)version;
- peer->minpoll = (u_char)minpoll;
- peer->maxpoll = (u_char)maxpoll;
+ peer->minpoll = (u_char)max(NTP_MINPOLL, minpoll);
+ peer->maxpoll = (u_char)min(NTP_MAXPOLL, maxpoll);
peer->flags = flags | (key > NTP_MAXKEY ? FLAG_SKEY : 0);
peer->cast_flags = cast_flags;
peer->ttlmax = ttl;
peer->next) {
if (peer->cast_flags & MDF_ACAST) {
peer->ttl = 0;
- peer_clear(peer);
+ poll_update(peer, peer->hpoll);
}
}
}
* ttl to the lowest practical value and avoid
* knocking on spurious doors.
*/
- if (sys_survivors < NTP_MINCLOCK) {
- if (peer->ttl < peer->ttlmax)
- peer->ttl++;
- else
- hpoll++;
- } else {
- hpoll = sys_poll;
- }
+ if (sys_survivors < NTP_MINCLOCK && peer->ttl <
+ peer->ttlmax)
+ peer->ttl++;
+ hpoll = sys_poll;
#endif /* AUTOKEY */
} else {
}
}
oreach = peer->reach;
- if (oreach & 0x01)
- peer->valid++;
- if (oreach & 0x80)
- peer->valid--;
peer->reach <<= 1;
if (peer->reach == 0) {
* minimum. This is to quickly recover the time
* variables when a noisy peer shows life.
*/
- if ((peer->reach & 0x03) == 0) {
+ if (!(peer->reach & 0x03)) {
clock_filter(peer, 0., 0., MAXDISPERSE);
clock_select();
}
peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
MODE_CLIENT, PKT_VERSION(pkt->li_vn_mode),
- NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_IBURST |
+ pkt->ppoll, NTP_MAXDPOLL, FLAG_IBURST |
(peer2->flags & (FLAG_AUTHENABLE | FLAG_SKEY)),
MDF_UCAST, 0, skeyid);
if (peer == NULL)
}
peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
MODE_PASSIVE, PKT_VERSION(pkt->li_vn_mode),
- NTP_MINDPOLL, NTP_MAXDPOLL, sys_authenticate ?
+ pkt->ppoll, NTP_MAXDPOLL, sys_authenticate ?
FLAG_AUTHENABLE : 0, MDF_UCAST, 0, skeyid);
+ if (peer == NULL)
+ return;
break;
case AM_NEWBCL:
peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
MODE_CLIENT, PKT_VERSION(pkt->li_vn_mode),
- NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_MCAST |
+ pkt->ppoll, NTP_MAXDPOLL, FLAG_MCAST |
FLAG_IBURST | (sys_authenticate ?
FLAG_AUTHENABLE : 0), MDF_BCLNT, 0, skeyid);
if (peer == NULL)
return;
-
break;
case AM_POSSBCL:
*/
if (!(peer->flags & FLAG_PROVEN))
peer->flash |= TEST11;
- if (peer->flash && peer->reach != 0) {
+ if (peer->flash && peer->reach) {
#ifdef DEBUG
if (debug)
printf("packet: bad autokey %03x\n",
peer->rootdispersion = p_disp;
peer->refid = pkt->refid;
peer->reftime = p_reftime;
- if (peer->reach == 0) {
+ if (!(peer->reach)) {
report_event(EVNT_REACH, peer);
peer->timereachable = current_time;
}
int hpoll
)
{
+ int xpoll;
#ifdef AUTOKEY
- long oldpoll;
+ int oldpoll;
#endif /* AUTOKEY */
#ifdef AUTOKEY
/*
* A little foxtrot to determine what controls the poll
- * interval. If the peer is reachable, but less than half the
- * polls have been answered, use the minimum. If reachable and
- * declared truechimer, use the system poll interval. In other
- * cases use the argument set by the transmit routine. This
- * allows each association to ramp up the poll interval for
- * useless sources.
+ * interval. If the peer is reachable, but but the last four
+ * polls have not been answered, use the minimum. If declared
+ * truechimer, use the system poll interval. This allows each
+ * association to ramp up the poll interval for useless sources
+ * and to clamp it to the minimum when first starting up.
*/
- if (peer->valid > 0) {
- if (peer->valid <= NTP_SHIFT / 2)
- hpoll = peer->minpoll;
+ xpoll = hpoll;
+ if (peer->reach) {
+ if (!(peer->reach & 0x0f))
+ xpoll = peer->minpoll;
else if (peer->flags & FLAG_SYSPEER)
- peer->hpoll = sys_poll;
- } else {
- peer->hpoll = hpoll;
+ xpoll = sys_poll;
+#ifdef PUBKEY
+ } else if (peer->crypto && !(peer->flags & FLAG_AUTOKEY)) {
+ xpoll = peer->minpoll;
+#endif /* PUBKEY */
}
- if (peer->hpoll > peer->maxpoll)
- peer->hpoll = peer->maxpoll;
- else if (peer->hpoll < peer->minpoll)
- peer->hpoll = peer->minpoll;
+ if (xpoll > peer->maxpoll)
+ xpoll = peer->maxpoll;
+ else if (xpoll < peer->minpoll)
+ xpoll = peer->minpoll;
+ peer->hpoll = xpoll;
/*
* Bit of adventure here. If during a burst and not timeout,
else
peer->nextdate += RANDPOLL(BURST_INTERVAL1);
} else if (peer->cast_flags & MDF_ACAST) {
- peer->kpoll = peer->hpoll + 3;
+ if (sys_survivors < NTP_MINCLOCK)
+ peer->kpoll = peer->hpoll;
+ else
+ peer->kpoll = peer->hpoll + 3;
peer->nextdate = peer->outdate + RANDPOLL(peer->kpoll);
} else {
peer->kpoll = max(min(peer->ppoll, peer->hpoll),
* root distance, since the poll interval can
* increase to a day and a half.
*/
- if (peer->reach == 0 || (peer->stratum > 1 &&
+ if (!peer->reach || (peer->stratum > 1 &&
peer->refid ==
peer->dstadr->sin.sin_addr.s_addr) ||
peer->stratum >= STRATUM_UNSPEC ||
* network code.
*/
oreach = peer->reach;
- if (oreach & 0x01)
- peer->valid++;
- if (oreach & 0x80)
- peer->valid--;
- peer->reach <<= 1;
- if (peer->reach == 0) {
- if (oreach != 0) {
+ peer->reach <<= 1;
+ if (!peer->reach) {
+ if (oreach) {
report_event(EVNT_UNREACH, peer);
peer->timereachable = current_time;
peer_clear(peer);
}
} else {
- if ((oreach & 0x03) == 0) {
+ if (!(oreach & 0x03)) {
clock_filter(peer, 0., 0., MAXDISPERSE);
clock_select();
}
- if (peer->valid <= 2) {
+ if (!(oreach & 0x0f)) {
hpoll--;
- } else if (peer->valid > NTP_SHIFT - 2)
+ } else if ((oreach & 0x0f) == 0x0f)
hpoll++;
if (peer->flags & FLAG_BURST)
peer->burst = NSTAGE;
refclock_report(peer, CEVNT_FAULT);
return;
}
- if (peer->reach == 0)
+ if (!peer->reach)
report_event(EVNT_REACH, peer);
peer->reach |= 1;
peer->reftime = peer->org = pp->lastrec;
ip->hpoll = pp->hpoll;
ip->precision = pp->precision;
ip->version = pp->version;
- ip->valid = pp->valid;
ip->reach = pp->reach;
ip->unreach = pp->unreach;
ip->flash = (u_char)pp->flash;
pp->ppoll, pp->hpoll, (u_long)pp->keyid, pp->version, ntohs(pp->associd));
(void) fprintf(fp,
- "valid %d, reach %03o, unreach %d, flash 0x%04x, ",
- pp->valid, pp->reach, pp->unreach, pp->flash2);
+ "reach %03o, unreach %d, flash 0x%04x, ",
+ pp->reach, pp->unreach, pp->flash2);
(void) fprintf(fp, "boffset %s, ttl/mode %d\n",
fptoa(NTOHS_FP(pp->estbdelay), 5), pp->ttl);