]> git.ipfire.org Git - thirdparty/ntp.git/commitdiff
Many files:
authorHarlan Stenn <stenn@ntp.org>
Sat, 31 Mar 2001 22:19:57 +0000 (22:19 -0000)
committerHarlan Stenn <stenn@ntp.org>
Sat, 31 Mar 2001 22:19:57 +0000 (22:19 -0000)
  * ntpd/ntp_proto.c (transmit): Check peer->unreach.
  (peer_clear): peer->outdate is a f(BURST_INTERVAL1), not
  NTP_MINPOLL.
  * ntpd/ntp_loopfilter.c (local_clock): mode_ntpdate stuff.
  * ntpd/ntp_crypto.c: OpenSSL/RSAREF support.
  * ntpd/cmd_args.c: Use -q, not -z, for mode_ntpdate.
  (getstartup): nofork on mode_ntpdate. Usage update.
  * include/ntp_crypto.h: OpenSSL/RSAREF support.
  From: Dave Mills.

bk: 3ac6580dw0ef8PDWRs-YAcByM4PTbg

ChangeLog
include/ntp_crypto.h
ntpd/cmd_args.c
ntpd/ntp_crypto.c
ntpd/ntp_loopfilter.c
ntpd/ntp_proto.c

index 7b7123d86877abeefda060d6c1bcafd6692086fb..15d5ceb89b7a4ec2fb01db3251586c95d3ad6416 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,15 @@
 2001-03-31  Harlan Stenn  <stenn@whimsy.udel.edu>
 
+       * ntpd/ntp_proto.c (transmit): Check peer->unreach.
+       (peer_clear): peer->outdate is a f(BURST_INTERVAL1), not
+       NTP_MINPOLL.
+       * ntpd/ntp_loopfilter.c (local_clock): mode_ntpdate stuff.
+       * ntpd/ntp_crypto.c: OpenSSL/RSAREF support.
+       * ntpd/cmd_args.c: Use -q, not -z, for mode_ntpdate.
+       (getstartup): nofork on mode_ntpdate. Usage update.
+       * include/ntp_crypto.h: OpenSSL/RSAREF support.
+       From: Dave Mills.
+
        * configure.in (rsaref): Buglet.
 
 2001-03-30  Harlan Stenn  <stenn@whimsy.udel.edu>
index 557d40568c3da0e78649e3e792beedd633e23f8a..a4e6d70d657756c464c432aec4b52867432e4258 100644 (file)
@@ -7,6 +7,14 @@
 #ifdef RSAREF
 #include "rsaref.h"
 #include "rsa.h"
+
+#define EVP_SignInit(a, b)     R_SignInit(a, b)
+#define EVP_SignUpdate(a, b, c)        R_SignUpdate(a, b, c);
+#define EVP_SignFinal(a, b, c, d) R_SignFinal(a, b, c, d);
+#define EVP_VerifyInit(a, b)   R_VerifyInit(a, b)
+#define EVP_VerifyUpdate(a, b, c) R_VerifyUpdate(a, b, c);
+#define EVP_VerifyFinal(a, b, c, d) R_VerifyFinal(a, b, c, d);
+
 #endif /* RSAREF */
 
 /*
index 47b75c1a1ccd0b70a9eb86e319bfabd4d98194e0..55d9cef6da480800eb2994bac8e46d84c522ad6c 100644 (file)
@@ -15,7 +15,7 @@
 extern char const *progname;
 int    listen_to_virtual_ips = 0;
 
-static const char *ntp_options = "aAbc:dD:f:gk:l:LmnN:p:P:r:s:t:v:V:x:z";
+static const char *ntp_options = "aAbc:dD:f:gk:l:LmnN:p:P:qr:s:t:v:V:x";
 
 
 /*
@@ -98,13 +98,14 @@ getstartup(
                        break;
 
                case 'n':
+               case 'q':
                    ++nofork;
                    break;
 
                case 'N':
                    priority_done = strcmp(ntp_optarg, "high");
                    break;
-
+                       
                case '?':
                    ++errflg;
                    break;
@@ -114,7 +115,7 @@ getstartup(
                }
 
        if (errflg || ntp_optind != argc) {
-               (void) fprintf(stderr, "usage: %s [ -abdgmnx ] [ -c config_file ] [ -e e_delay ]\n", progname);
+               (void) fprintf(stderr, "usage: %s [ -abdgmnqx ] [ -c config_file ] [ -e e_delay ]\n", progname);
                (void) fprintf(stderr, "\t\t[ -f freq_file ] [ -k key_file ] [ -l log_file ]\n");
                (void) fprintf(stderr, "\t\t[ -p pid_file ] [ -r broad_delay ] [ -s statdir ]\n");
                (void) fprintf(stderr, "\t\t[ -t trust_key ] [ -v sys_var ] [ -V default_sysvar ]\n");
@@ -241,6 +242,10 @@ getCmdOpts(
 #endif
                        break;
 
+                   case 'q':
+                       mode_ntpdate = TRUE;
+                       break;
+
                    case 'r':
                        do {
                                double tmp;
@@ -284,10 +289,6 @@ getCmdOpts(
                        allow_step = FALSE;
                        break;
 
-                   case 'z':
-                       mode_ntpdate = TRUE;
-                       break;
-
                    default:
                        errflg++;
                        break;
index d29ed47adc9d20f3e9ffed117c55b292055afc59..6ed8db55ee02ef42636a0f27a9185d0a3db05c00 100644 (file)
@@ -282,9 +282,9 @@ make_keylist(
                return;
        if (ap->sig == NULL)
                ap->sig = emalloc(private_key.bits / 8);
-       R_SignInit(&ctx, DA_MD5);
-       R_SignUpdate(&ctx, (u_char *)ap, 12);
-       rval = R_SignFinal(&ctx, ap->sig, &len, &private_key);
+       EVP_SignInit(&ctx, DA_MD5);
+       EVP_SignUpdate(&ctx, (u_char *)ap, 12);
+       rval = EVP_SignFinal(&ctx, ap->sig, &len, &private_key);
        if (rval != RV_OK)
                msyslog(LOG_ERR, "crypto: keylist signature fails %x",
                    rval);
@@ -426,9 +426,10 @@ crypto_recv(
                        } else if (temp != kp->bits / 8) {
                                rval = RV_SIG;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)ap, 12);
-                               rval = R_VerifyFinal(&ctx,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)ap,
+                                   12);
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)ap->pkt, temp, kp);
                        }
 #else /* PUBKEY */
@@ -493,9 +494,9 @@ crypto_recv(
                        } else if (temp != kp->bits / 8) {
                                rval = RV_SIG;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)cp, 8);
-                               rval = R_VerifyFinal(&ctx,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)cp, 8);
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)cp->pkt, temp, kp);
                        }
 #else /* PUBKEY */
@@ -582,14 +583,14 @@ crypto_recv(
                            (peer->flags & FLAG_AUTOKEY)) {
                                rval = RV_FSP;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)vp,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)vp,
                                    temp + 12);
                                kp = emalloc(sizeof(R_RSA_PUBLIC_KEY));
                                kp->bits = bits;
                                memcpy(kp->modulus, &pkt[i + 6],
                                    rsalen - 4);
-                               rval = R_VerifyFinal(&ctx,
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)&pkt[j + 1],
                                    ntohl(pkt[j]), kp);
                                if (rval != 0) {
@@ -658,10 +659,10 @@ crypto_recv(
                                peer->crypto &= ~CRYPTO_FLAG_CERT;
                                rval = RV_FSP;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)vp,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)vp,
                                    temp + 12);
-                               rval = R_VerifyFinal(&ctx,
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)&pkt[j + 1],
                                    ntohl(pkt[j]), kp);
                        }
@@ -731,10 +732,10 @@ crypto_recv(
                                peer->crypto &= ~CRYPTO_FLAG_DH;
                                rval = RV_FSP;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)vp,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)vp,
                                    temp + 12);
-                               rval = R_VerifyFinal(&ctx,
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)&pkt[j + 1],
                                    ntohl(pkt[j]), kp);
                        }
@@ -835,10 +836,10 @@ crypto_recv(
                            FLAG_AUTOKEY))) {
                                rval = RV_TSP;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)vp,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)vp,
                                    temp + 12);
-                               rval = R_VerifyFinal(&ctx,
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)&pkt[j + 1],
                                    ntohl(pkt[j]), kp);
                        }
@@ -915,10 +916,10 @@ crypto_recv(
                                peer->crypto &= ~CRYPTO_FLAG_TAI;
                                rval = RV_FSP;
                        } else {
-                               R_VerifyInit(&ctx, DA_MD5);
-                               R_VerifyUpdate(&ctx, (u_char *)vp,
+                               EVP_VerifyInit(&ctx, DA_MD5);
+                               EVP_VerifyUpdate(&ctx, (u_char *)vp,
                                    temp + 12);
-                               rval = R_VerifyFinal(&ctx,
+                               rval = EVP_VerifyFinal(&ctx,
                                    (u_char *)&pkt[j + 1],
                                    ntohl(pkt[j]), kp);
                        }
@@ -1090,9 +1091,9 @@ crypto_xmit(
                cp->tstamp = host.tstamp;
                if (!crypto_flags)
                        break;
-               R_SignInit(&ctx, DA_MD5);
-               R_SignUpdate(&ctx, (u_char *)cp, 8);
-               rval = R_SignFinal(&ctx, (u_char *)cp->pkt, &temp,
+               EVP_SignInit(&ctx, DA_MD5);
+               EVP_SignUpdate(&ctx, (u_char *)cp, 8);
+               rval = EVP_SignFinal(&ctx, (u_char *)cp->pkt, &temp,
                    &private_key);
                if (rval != RV_OK) {
                        msyslog(LOG_ERR,
@@ -1403,10 +1404,10 @@ crypto_agree(void)
        host.tstamp = htonl(tstamp);
        if (!crypto_flags)
                return;
-       R_SignInit(&ctx, DA_MD5);
-       R_SignUpdate(&ctx, (u_char *)&host, 12);
-       R_SignUpdate(&ctx, host.ptr, ntohl(host.vallen));
-       rval = R_SignFinal(&ctx, host.sig, &len, &private_key);
+       EVP_SignInit(&ctx, DA_MD5);
+       EVP_SignUpdate(&ctx, (u_char *)&host, 12);
+       EVP_SignUpdate(&ctx, host.ptr, ntohl(host.vallen));
+       rval = EVP_SignFinal(&ctx, host.sig, &len, &private_key);
        if (rval != RV_OK || len != private_key.bits / 8) {
                msyslog(LOG_ERR, "crypto: host signature fails %x",
                    rval);
@@ -1419,11 +1420,11 @@ crypto_agree(void)
         */
        if (certif.vallen != 0) {
                certif.tstamp = htonl(tstamp);
-               R_SignInit(&ctx, DA_MD5);
-               R_SignUpdate(&ctx, (u_char *)&certif, 12);
-               R_SignUpdate(&ctx, certif.ptr,
+               EVP_SignInit(&ctx, DA_MD5);
+               EVP_SignUpdate(&ctx, (u_char *)&certif, 12);
+               EVP_SignUpdate(&ctx, certif.ptr,
                    ntohl(certif.vallen));
-               rval = R_SignFinal(&ctx, certif.sig, &len,
+               rval = EVP_SignFinal(&ctx, certif.sig, &len,
                    &private_key);
                if (rval != RV_OK || len != private_key.bits / 8) {
                        msyslog(LOG_ERR,
@@ -1439,10 +1440,11 @@ crypto_agree(void)
         */
        if (dhparam.vallen != 0) {
                dhparam.tstamp = htonl(tstamp);
-               R_SignInit(&ctx, DA_MD5);
-               R_SignUpdate(&ctx, (u_char *)&dhparam, 12);
-               R_SignUpdate(&ctx, dhparam.ptr, ntohl(dhparam.vallen));
-               rval = R_SignFinal(&ctx, dhparam.sig, &len,
+               EVP_SignInit(&ctx, DA_MD5);
+               EVP_SignUpdate(&ctx, (u_char *)&dhparam, 12);
+               EVP_SignUpdate(&ctx, dhparam.ptr,
+                   ntohl(dhparam.vallen));
+               rval = EVP_SignFinal(&ctx, dhparam.sig, &len,
                    &private_key);
                if (rval != RV_OK || len != private_key.bits / 8) {
                        msyslog(LOG_ERR,
@@ -1473,10 +1475,10 @@ crypto_agree(void)
                 * Sign public value and timestamps.
                 */
                dhpub.tstamp = htonl(tstamp);
-               R_SignInit(&ctx, DA_MD5);
-               R_SignUpdate(&ctx, (u_char *)&dhpub, 12);
-               R_SignUpdate(&ctx, dhpub.ptr, ntohl(dhpub.vallen));
-               rval = R_SignFinal(&ctx, dhpub.sig, &len,
+               EVP_SignInit(&ctx, DA_MD5);
+               EVP_SignUpdate(&ctx, (u_char *)&dhpub, 12);
+               EVP_SignUpdate(&ctx, dhpub.ptr, ntohl(dhpub.vallen));
+               rval = EVP_SignFinal(&ctx, dhpub.sig, &len,
                    &private_key);
                if (rval != RV_OK || len != private_key.bits / 8) {
                        msyslog(LOG_ERR,
@@ -1492,11 +1494,11 @@ crypto_agree(void)
         */
        if (tai_leap.vallen != 0) {
                tai_leap.tstamp = htonl(tstamp);
-               R_SignInit(&ctx, DA_MD5);
-               R_SignUpdate(&ctx, (u_char *)&tai_leap, 12);
-               R_SignUpdate(&ctx, tai_leap.ptr,
+               EVP_SignInit(&ctx, DA_MD5);
+               EVP_SignUpdate(&ctx, (u_char *)&tai_leap, 12);
+               EVP_SignUpdate(&ctx, tai_leap.ptr,
                    ntohl(tai_leap.vallen));
-               rval = R_SignFinal(&ctx, tai_leap.sig, &len,
+               rval = EVP_SignFinal(&ctx, tai_leap.sig, &len,
                    &private_key);
                if (rval != RV_OK || len != private_key.bits / 8) {
                        msyslog(LOG_ERR,
index 5ff5c21b56573da67403ec665b91dd52e9d903aa..a3e0b9d88469f6928d6dde7ef3b4f11174e102bc 100644 (file)
@@ -201,6 +201,27 @@ local_clock(
                return (-1);
        }
 
+       /*
+        * If simulating ntpdate, set the clock according to the rules.
+        */
+       if (mode_ntpdate) {
+               if (allow_step && fabs(fp_offset) > clock_max) {
+                       step_systime(fp_offset);
+                       NLOG(NLOG_SYNCEVENT|NLOG_SYSEVENT)
+                           msyslog(LOG_NOTICE, "time reset %.6f s",
+                           fp_offset);
+                       printf("ntpd: time reset %.6f s\n", fp_offset);
+               } else {
+                       adj_systime(fp_offset);
+                       NLOG(NLOG_SYNCEVENT|NLOG_SYSEVENT)
+                           msyslog(LOG_NOTICE, "time slew %.6f s",
+                           fp_offset);
+                       printf("ntpd: time slew %.6f s\n", fp_offset);
+               }
+               record_loop_stats();
+               exit(0);
+       }
+
        /*
         * If the clock has never been set, set it and initialize the
         * discipline parameters. We then switch to frequency mode to
@@ -355,7 +376,6 @@ local_clock(
                                sys_poll = peer->maxpoll;
                        else if (sys_poll < peer->minpoll)
                                sys_poll = peer->minpoll;
-
                        allow_panic = TRUE;
                        if (fabs(fp_offset - last_offset) >
                            CLOCK_SGATE * oerror && mu <
@@ -398,6 +418,7 @@ local_clock(
                        break;
                }
        }
+
 #if defined(KERNEL_PLL)
        /*
         * This code segment works when clock adjustments are made using
@@ -594,8 +615,6 @@ local_clock(
                    sys_jitter, drift_comp * 1e6, clock_stability * 1e6,
                    sys_poll, tc_counter);
 #endif /* DEBUG */
-       if (mode_ntpdate)
-               retval = 2;
        return (retval);
 }
 
index d75ed523d58b2da9641efb2ad41a75f689d39cb6..14a9cf7c77bbdc74810e155cef79ab7389028457 100644 (file)
@@ -198,11 +198,12 @@ transmit(
                                clock_filter(peer, 0., 0., MAXDISPERSE);
                                clock_select();
                        }
-                       if ((peer->stratum > 1 && peer->refid ==
+                       if (peer->unreach == NTP_UNREACH &&
+                           ((peer->stratum > 1 && peer->refid ==
                            peer->dstadr->sin.sin_addr.s_addr) ||
                            peer->stratum >= STRATUM_UNSPEC ||
                            (root_distance(peer) >= MAXDISTANCE + 2 *
-                           clock_phi * ULOGTOD(sys_poll)))
+                           clock_phi * ULOGTOD(sys_poll))))
                                hpoll++;
                        if (peer->flags & FLAG_BURST)
                                peer->burst = NTP_SHIFT;
@@ -225,6 +226,14 @@ transmit(
                        }
                        poll_update(peer, hpoll);
                        clock_select();
+                       if (mode_ntpdate) {
+                               NLOG(NLOG_SYNCEVENT|NLOG_SYSEVENT)
+                                   msyslog(LOG_NOTICE,
+                                   "no reply; clock not set");
+                               printf(
+                                   "ntpd: no reply; clock not set\n");
+                               exit(0);
+                       }
                        return;
 
                }
@@ -1145,7 +1154,7 @@ poll_update(
         * axtually the manycast beacon interval, eight times the system
         * poll interval. Normally when the host poll interval settles
         * up to 17.1 s, the beacon interval settles up to 2.3 hours.
-        */ 
+        */
        if (peer->burst > 0) {
                if (peer->nextdate != current_time)
                        return;
@@ -1251,8 +1260,8 @@ peer_clear(
                peer->filter_epoch[i] = current_time;
        }
        peer->update = peer->outdate = current_time;
-       peer->nextdate = peer->outdate + (RANDOM & ((1 << NTP_MINPOLL) -
-           1));
+       peer->nextdate = peer->outdate + (RANDOM & (1 <<
+           BURST_INTERVAL1));
 }