Fincer
/
openntpd-openbsd
mirror of https://github.com/Fincer/openntpd-openbsd
1
0
Fork 0
Code Issues 0 Projects 0 Releases 61 Wiki Activity
Source code pulled from OpenBSD for OpenNTPD. The place to contribute to this code is via the OpenBSD CVS tree.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3999 Commits
49 Branches
369 MiB
Tree: 270c434643
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '270c434643'
${ noResults }
openntpd-openbsd/src/usr.sbin/ntpd/client.c

312 lines
8.2 KiB
Raw Normal View History

Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
Be more careful setting next and deadline, they should not both be != 0 at the same time. ok henning@
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
do not try to getaddrinfo() in the unprivileged process, send an imsg asking the privileged one to do it. sends back an imsg with the resulting addresses in a bunch of struct sockaddr_storage in the data part. this should fix all remaining issues with dns (non-)availability at ntpd startup, be it due to named on localhost or something else. tested by marco@ and Chris Paul <chris.paul@sentinare.com>
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
do not try to getaddrinfo() in the unprivileged process, send an imsg asking the privileged one to do it. sends back an imsg with the resulting addresses in a bunch of struct sockaddr_storage in the data part. this should fix all remaining issues with dns (non-)availability at ntpd startup, be it due to named on localhost or something else. tested by marco@ and Chris Paul <chris.paul@sentinare.com>
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
Be more careful setting next and deadline, they should not both be != 0 at the same time. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
paranoia: reset query->fd to -1 after close, from canacar some time ago
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
when a dns lookup fails at parse time, do not abort but try again to resolve the hostname every 60 seconds fixes ntpd invocations before e. g. a dialup link is established and such. as we want ntpd to be a "fire and forget" background daemon it should cope with such situations. tested by many
20 years ago
ntp_adjtime() -> priv_adjtime() ntp_settime() -> priv_settime() ntp_host_dns() -> priv_host_dns()
20 years ago
do not try to getaddrinfo() in the unprivileged process, send an imsg asking the privileged one to do it. sends back an imsg with the resulting addresses in a bunch of struct sockaddr_storage in the data part. this should fix all remaining issues with dns (non-)availability at ntpd startup, be it due to named on localhost or something else. tested by marco@ and Chris Paul <chris.paul@sentinare.com>
20 years ago
when a dns lookup fails at parse time, do not abort but try again to resolve the hostname every 60 seconds fixes ntpd invocations before e. g. a dialup link is established and such. as we want ntpd to be a "fire and forget" background daemon it should cope with such situations. tested by many
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
wrap the heads for the linked list of addresses into a new ntp_addr_wrap which, besides the head pointer for the list of course, stores the original address as specified (i. e. as hostname instead of resolved IPs) and flags and such.
20 years ago
rework dns handling with all its cosequences... we know have both a "server" and "servers" keyword. they differ when the hostname resolves to more than one IP, server picks one and servers expands to all. that means no longer stuffing a sockaddr_storage into ntp_peer but a pointer to a linked list of ntp_addr structs. in the "servers" case the list of n addresses returned by host() is expanded into n ntp_peer structs and thus n individual peers. in the "server" case the whole list is attached to ntp_peer, and whenever we do not receive a reply in time we traverse the list one further, so that hosts with both AAAA and A records are first tried with the AAAA one but we gracefully fall back to the A one. semantics with theo; hacked up on the Montreal->Frankfurt flight. again Air Canada surprised me, that older 767 hat pretty decent seats.
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Have ntpd use IPTOS_LOWDELAY; ok henning@
20 years ago
when a dns lookup fails at parse time, do not abort but try again to resolve the hostname every 60 seconds fixes ntpd invocations before e. g. a dialup link is established and such. as we want ntpd to be a "fire and forget" background daemon it should cope with such situations. tested by many
20 years ago
Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
when a dns lookup fails at parse time, do not abort but try again to resolve the hostname every 60 seconds fixes ntpd invocations before e. g. a dialup link is established and such. as we want ntpd to be a "fire and forget" background daemon it should cope with such situations. tested by many
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
Use SA_LEN() instead of ss.ss_len. Evaluates to the same result but it's easier on portable. ok henning@
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
Use SA_LEN() instead of ss.ss_len. Evaluates to the same result but it's easier on portable. ok henning@
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
Only set IPTOS_LOWDELAY on IPv4 interfaces; pointed out by phessler, ok henning
20 years ago
Have ntpd use IPTOS_LOWDELAY; ok henning@
20 years ago
in client_addr_init() and client_nextaddr(), do not set up the socket and connect it, instead leave it at -1. in client_query, set up and connect the socket if it is -1. and, the real reason for this change: handle connect failures gracefully ok otto
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
uniquely name members of s_fixedpt and l_fixedpt; henning@ ok
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
connect() the client-side sockets. idea & test & ok camield@
20 years ago
Be more careful setting next and deadline, they should not both be != 0 at the same time. ok henning@
20 years ago
don't panic when sendto() fails; for the client part just re-schedule noticed & fix tested by fries@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Be more careful setting next and deadline, they should not both be != 0 at the same time. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
add a new -s option, that tells ntpd to set the time using settimeofday() once at startup. ntpd delays daemonizing until it has done the intial time setting (or ran into the timeout) in this mode to make sure stuff started later in rc is not subject to time jumps. this eleminates the need to run rdate -n beforehands. with some input from & ok ryan and bob, march music from mickey
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
connect() the client-side sockets. idea & test & ok camield@
20 years ago
there are a few recvfrom(2) errors we do not want to panic on
20 years ago
now that we connect() the client sockets we need to handle ECONNREFUSED as non-fatal too, from camield@
20 years ago
there are a few recvfrom(2) errors we do not want to panic on
20 years ago
connect() the client-side sockets. idea & test & ok camield@
20 years ago
Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
there are a few recvfrom(2) errors we do not want to panic on
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
uniquely name members of s_fixedpt and l_fixedpt; henning@ ok
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Discard replies with alarm flag set or invalid stratum; ok henning@
20 years ago
Poll unsynchronized servers at the maximum interval and log a message about them when in debug mode; ok henning@
20 years ago
Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
Poll unsynchronized servers at the maximum interval and log a message about them when in debug mode; ok henning@
20 years ago
Discard replies with alarm flag set or invalid stratum; ok henning@
20 years ago
Poll unsynchronized servers at the maximum interval and log a message about them when in debug mode; ok henning@
20 years ago
Discard replies with alarm flag set or invalid stratum; ok henning@
20 years ago
knf!
20 years ago
RFC 2030 is incorrect with regards to the computation of the delay value for NTP queries/replies. RFC 1305 and some of Mills' other papers have the correct formula. ok henning@
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
whitespace both in comment; from bernd
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
RFC 2030 is incorrect with regards to the computation of the delay value for NTP queries/replies. RFC 1305 and some of Mills' other papers have the correct formula. ok henning@
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Implement the clock filter as descirbed by David Mills: form the last 8 replied received from a peer, find the one with the lowest delay. Use that as the peer's update taken into account for calculating the local clock's offset. Invalidate that reply and all ones received earlier than it so that they do not get used again.
20 years ago
RFC 2030 is incorrect with regards to the computation of the delay value for NTP queries/replies. RFC 1305 and some of Mills' other papers have the correct formula. ok henning@
20 years ago
Implement the clock filter as descirbed by David Mills: form the last 8 replied received from a peer, find the one with the lowest delay. Use that as the peer's update taken into account for calculating the local clock's offset. Invalidate that reply and all ones received earlier than it so that they do not get used again.
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
Start collecting the remote server state along with the calculated offsets, in preparation for having correct server statistics in responses to client queries. ok henning@
20 years ago
in struct ntp_msg, rename "distance" to "rootdelay" to closer match RFCs and such
20 years ago
Start collecting the remote server state along with the calculated offsets, in preparation for having correct server statistics in responses to client queries. ok henning@
20 years ago
thinko, htonl() -> ntohl(). as we don't use the value in question effect zero
20 years ago
Start collecting the remote server state along with the calculated offsets, in preparation for having correct server statistics in responses to client queries. ok henning@
20 years ago
in server mode reply with stratum from the peer that we currently prefer plus one
20 years ago
Start collecting the remote server state along with the calculated offsets, in preparation for having correct server statistics in responses to client queries. ok henning@
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
Factor out interval scaling code; ok henning@
20 years ago
Scale query interval by the overall offset not per-peer offset, so we don't query outliers more often than any other server. ok henning@
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
Be more careful setting next and deadline, they should not both be != 0 at the same time. ok henning@
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
Compute the local clock offset from the server's response. ok henning@
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
define TRUSTLEVEL_MAX for the trustedlevel value of 10; henning@ ok
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
connect() the client-side sockets. idea & test & ok camield@
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
keep last 8 offset,delay pairs - we'll need them for the clock filters later. for now, average over those to adjust the local clock.
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
check wether we have enough data to form a peer update on receiption of each packet, not only after each 8th (where we have enough for sure)
20 years ago
add a new -s option, that tells ntpd to set the time using settimeofday() once at startup. ntpd delays daemonizing until it has done the intial time setting (or ran into the timeout) in this mode to make sure stuff started later in rc is not subject to time jumps. this eleminates the need to run rdate -n beforehands. with some input from & ok ryan and bob, march music from mickey
20 years ago
ntp_adjtime() -> priv_adjtime() ntp_settime() -> priv_settime() ntp_host_dns() -> priv_host_dns()
20 years ago
check wether we have enough data to form a peer update on receiption of each packet, not only after each 8th (where we have enough for sure)
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
connect() the client-side sockets. idea & test & ok camield@
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
lof replies with log_debug so one gets increased verbosity when in foreground/debug mode
20 years ago
check wether we have enough data to form a peer update on receiption of each packet, not only after each 8th (where we have enough for sure)
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
query interval scaling, episode II 1) base the interval calculation on the offset from the last reply, not from the last peer update. Allows us to send more queries again faster when the local clock diverges too much 2) every time we form a peer update (for which we need 8 replies) check wether we have a ready peer update for all peers that are currently trusted, and if so, calculate the total offset and call adjtime(). that means that adjtime is no longer called in fixed intervals but whenever we have enough data to reliably calculate the local clock offset. In practice, that means we call adjtime() less often, but with probably better data. 3) invalidate peer updates after beeing used. no point in re-using them - this resulted in calling adjtime() multiple times with the same offset, which doesn't make sense tested by many
20 years ago
missing {}
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
missing {}
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
check wether we have enough data to form a peer update on receiption of each packet, not only after each 8th (where we have enough for sure)
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
ntp_adjtime() -> priv_adjtime() ntp_settime() -> priv_settime() ntp_host_dns() -> priv_host_dns()
20 years ago
scale query interval based on local clock offset. tested by many not as efficient as I want it to be yet, but more is coming
20 years ago
keep a "trustlevel" per peer. loose credit for loosing a packet, loose a lot of credit for not having supplied us with enough data within an adjtime run interval, and get a little credit each time we get a good reply packet. if a peer is below 20%, only send a packet occasionally to see wether it is back. send out queries much more often between 20 and 80% to (re-)sync quickly, and above 80% usethe regular interval. do not use peers < 60% for calculating teh local clock offset. designed with theo at the pho, alexander ok
20 years ago
provide most of the client functionality. hook the descriptors into the main poll and such. we're not doing anything with the reply we recive yet, tho. mostly hacked on the Frankfurt->Montreal flight, as batteries and those horrible air canada seats permitted...
20 years ago
 
  1. /*	$OpenBSD: client.c,v 1.53 2005/01/27 14:44:00 dtucker Exp $ */
  2. 

  3. /*

  4.  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
  5.  * Copyright (c) 2004 Alexander Guy <alexander.guy@andern.org>
  6.  *
  7.  * Permission to use, copy, modify, and distribute this software for any
  8.  * purpose with or without fee is hereby granted, provided that the above
  9.  * copyright notice and this permission notice appear in all copies.
  10.  *
  11.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  12.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  13.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  14.  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  15.  * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
  16.  * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  17.  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  18.  */
  19. 

  20. #include <sys/param.h>

  21. #include <errno.h>

  22. #include <stdlib.h>

  23. #include <string.h>

  24. #include <time.h>

  25. #include <unistd.h>

  26. 

  27. #include "ntpd.h"

  28. 

  29. int	client_update(struct ntp_peer *);
  30. void	set_deadline(struct ntp_peer *, time_t);
  31. 

  32. void
  33. set_next(struct ntp_peer *p, time_t t)
  34. {
  35. 	p->next = time(NULL) + t;
  36. 	p->deadline = 0;
  37. }
  38. 

  39. void
  40. set_deadline(struct ntp_peer *p, time_t t)
  41. {
  42. 	p->deadline = time(NULL) + t;
  43. 	p->next = 0;
  44. }
  45. 

  46. int
  47. client_peer_init(struct ntp_peer *p)
  48. {
  49. 	if ((p->query = calloc(1, sizeof(struct ntp_query))) == NULL)
  50. 		fatal("client_query calloc");
  51. 	p->query->fd = -1;
  52. 	p->query->msg.status = MODE_CLIENT | (NTP_VERSION << 3);
  53. 	p->state = STATE_NONE;
  54. 	p->shift = 0;
  55. 	p->trustlevel = TRUSTLEVEL_PATHETIC;
  56. 

  57. 	return (client_addr_init(p));
  58. }
  59. 

  60. int
  61. client_addr_init(struct ntp_peer *p)
  62. {
  63. 	struct sockaddr_in	*sa_in;
  64. 	struct sockaddr_in6	*sa_in6;
  65. 	struct ntp_addr		*h;
  66. 

  67. 	for (h = p->addr; h != NULL; h = h->next) {
  68. 		switch (h->ss.ss_family) {
  69. 		case AF_INET:
  70. 			sa_in = (struct sockaddr_in *)&h->ss;
  71. 			if (ntohs(sa_in->sin_port) == 0)
  72. 				sa_in->sin_port = htons(123);
  73. 			break;
  74. 		case AF_INET6:
  75. 			sa_in6 = (struct sockaddr_in6 *)&h->ss;
  76. 			if (ntohs(sa_in6->sin6_port) == 0)
  77. 				sa_in6->sin6_port = htons(123);
  78. 			break;
  79. 		default:
  80. 			fatal("king bula sez: wrong AF in client_addr_init");
  81. 			/* not reached */
  82. 		}
  83. 	}
  84. 

  85. 	p->query->fd = -1;
  86. 	set_next(p, 0);
  87. 

  88. 	return (0);
  89. }
  90. 

  91. int
  92. client_nextaddr(struct ntp_peer *p)
  93. {
  94. 	close(p->query->fd);
  95. 	p->query->fd = -1;
  96. 

  97. 	if (p->addr_head.a == NULL) {
  98. 		priv_host_dns(p->addr_head.name, p->id);
  99. 		return (-1);
  100. 	}
  101. 

  102. 	if ((p->addr = p->addr->next) == NULL)
  103. 		p->addr = p->addr_head.a;
  104. 

  105. 	p->shift = 0;
  106. 	p->trustlevel = TRUSTLEVEL_PATHETIC;
  107. 

  108. 	return (0);
  109. }
  110. 

  111. int
  112. client_query(struct ntp_peer *p)
  113. {
  114. 	int	tos = IPTOS_LOWDELAY;
  115. 

  116. 	if (p->addr == NULL && client_nextaddr(p) == -1) {
  117. 		set_next(p, error_interval());
  118. 		return (-1);
  119. 	}
  120. 

  121. 	if (p->query->fd == -1) {
  122. 		struct sockaddr *sa = (struct sockaddr *)&p->addr->ss;
  123. 

  124. 		if ((p->query->fd = socket(p->addr->ss.ss_family, SOCK_DGRAM,
  125. 		    0)) == -1)
  126. 			fatal("client_query socket");
  127. 		if (connect(p->query->fd, sa, SA_LEN(sa)) == -1) {
  128. 			if (errno == ECONNREFUSED || errno == ENETUNREACH ||
  129. 			    errno == EHOSTUNREACH) {
  130. 				client_nextaddr(p);
  131. 				set_next(p, error_interval());
  132. 				return (-1);
  133. 			} else
  134. 				fatal("client_query connect");
  135. 		}
  136. 		if (p->addr->ss.ss_family == AF_INET && setsockopt(p->query->fd,
  137. 		    IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1)
  138. 			log_warn("setsockopt IPTOS_LOWDELAY");
  139. 	}
  140. 

  141. 	/*

  142. 	 * Send out a random 64-bit number as our transmit time.  The NTP
  143. 	 * server will copy said number into the originate field on the
  144. 	 * response that it sends us.  This is totally legal per the SNTP spec.
  145. 	 *
  146. 	 * The impact of this is two fold: we no longer send out the current
  147. 	 * system time for the world to see (which may aid an attacker), and
  148. 	 * it gives us a (not very secure) way of knowing that we're not
  149. 	 * getting spoofed by an attacker that can't capture our traffic
  150. 	 * but can spoof packets from the NTP server we're communicating with.
  151. 	 *
  152. 	 * Save the real transmit timestamp locally.
  153. 	 */
  154. 

  155. 	p->query->msg.xmttime.int_partl = arc4random();
  156. 	p->query->msg.xmttime.fractionl = arc4random();
  157. 	p->query->xmttime = gettime();
  158. 

  159. 	if (ntp_sendmsg(p->query->fd, NULL, &p->query->msg,
  160. 	    NTP_MSGSIZE_NOAUTH, 0) == -1) {
  161. 		set_next(p, INTERVAL_QUERY_PATHETIC);
  162. 		return (-1);
  163. 	}
  164. 

  165. 	p->state = STATE_QUERY_SENT;
  166. 	set_deadline(p, QUERYTIME_MAX);
  167. 

  168. 	return (0);
  169. }
  170. 

  171. int
  172. client_dispatch(struct ntp_peer *p, u_int8_t settime)
  173. {
  174. 	char			 buf[NTP_MSGSIZE];
  175. 	ssize_t			 size;
  176. 	struct ntp_msg		 msg;
  177. 	double			 T1, T2, T3, T4;
  178. 	time_t			 interval;
  179. 

  180. 	if ((size = recvfrom(p->query->fd, &buf, sizeof(buf), 0,
  181. 	    NULL, NULL)) == -1) {
  182. 		if (errno == EHOSTUNREACH || errno == EHOSTDOWN ||
  183. 		    errno == ENETDOWN || errno == ECONNREFUSED) {
  184. 			log_warn("recvfrom %s",
  185. 			    log_sockaddr((struct sockaddr *)&p->addr->ss));
  186. 			set_next(p, error_interval());
  187. 			return (0);
  188. 		} else
  189. 			fatal("recvfrom");
  190. 	}
  191. 

  192. 	T4 = gettime();
  193. 

  194. 	ntp_getmsg(buf, size, &msg);
  195. 

  196. 	if (msg.orgtime.int_partl != p->query->msg.xmttime.int_partl ||
  197. 	    msg.orgtime.fractionl != p->query->msg.xmttime.fractionl)
  198. 		return (0);
  199. 

  200. 	if ((msg.status & LI_ALARM) == LI_ALARM || msg.stratum == 0 ||
  201. 	    msg.stratum > NTP_MAXSTRATUM) {
  202. 		interval = error_interval();
  203. 		set_next(p, interval);
  204. 		log_info("reply from %s: not synced, next query %ds",
  205. 		    log_sockaddr((struct sockaddr *)&p->addr->ss), interval);
  206. 		return (0);
  207. 	}
  208. 

  209. 	/*

  210. 	 * From RFC 2030 (with a correction to the delay math):
  211. 	 *
  212. 	 *     Timestamp Name          ID   When Generated
  213. 	 *     ------------------------------------------------------------
  214. 	 *     Originate Timestamp     T1   time request sent by client
  215. 	 *     Receive Timestamp       T2   time request received by server
  216. 	 *     Transmit Timestamp      T3   time reply sent by server
  217. 	 *     Destination Timestamp   T4   time reply received by client
  218. 	 *
  219. 	 *  The roundtrip delay d and local clock offset t are defined as
  220. 	 *
  221. 	 *    d = (T4 - T1) - (T3 - T2)     t = ((T2 - T1) + (T3 - T4)) / 2.
  222. 	 */
  223. 

  224. 	T1 = p->query->xmttime;
  225. 	T2 = lfp_to_d(msg.rectime);
  226. 	T3 = lfp_to_d(msg.xmttime);
  227. 

  228. 	p->reply[p->shift].offset = ((T2 - T1) + (T3 - T4)) / 2;
  229. 	p->reply[p->shift].delay = (T4 - T1) - (T3 - T2);
  230. 	p->reply[p->shift].error = (T2 - T1) - (T3 - T4);
  231. 	p->reply[p->shift].rcvd = time(NULL);
  232. 	p->reply[p->shift].good = 1;
  233. 

  234. 	p->reply[p->shift].status.leap = (msg.status & LIMASK) >> 6;
  235. 	p->reply[p->shift].status.precision = msg.precision;
  236. 	p->reply[p->shift].status.rootdelay = sfp_to_d(msg.rootdelay);
  237. 	p->reply[p->shift].status.rootdispersion = sfp_to_d(msg.dispersion);
  238. 	p->reply[p->shift].status.refid = ntohl(msg.refid);
  239. 	p->reply[p->shift].status.reftime = lfp_to_d(msg.reftime);
  240. 	p->reply[p->shift].status.poll = msg.ppoll;
  241. 	p->reply[p->shift].status.stratum = msg.stratum;
  242. 

  243. 	if (p->trustlevel < TRUSTLEVEL_PATHETIC)
  244. 		interval = INTERVAL_QUERY_PATHETIC;
  245. 	else if (p->trustlevel < TRUSTLEVEL_AGRESSIVE)
  246. 		interval = INTERVAL_QUERY_AGRESSIVE;
  247. 	else
  248. 		interval = scale_interval(INTERVAL_QUERY_NORMAL);
  249. 

  250. 	set_next(p, interval);
  251. 	p->state = STATE_REPLY_RECEIVED;
  252. 

  253. 	/* every received reply which we do not discard increases trust */
  254. 	if (p->trustlevel < TRUSTLEVEL_MAX) {
  255. 		if (p->trustlevel < TRUSTLEVEL_BADPEER &&
  256. 		    p->trustlevel + 1 >= TRUSTLEVEL_BADPEER)
  257. 			log_info("peer %s now valid",
  258. 			    log_sockaddr((struct sockaddr *)&p->addr->ss));
  259. 		p->trustlevel++;
  260. 	}
  261. 

  262. 	client_update(p);
  263. 	if (settime)
  264. 		priv_settime(p->reply[p->shift].offset);
  265. 

  266. 	log_debug("reply from %s: offset %f delay %f, "
  267. 	    "next query %ds", log_sockaddr((struct sockaddr *)&p->addr->ss),
  268. 	    p->reply[p->shift].offset, p->reply[p->shift].delay, interval);
  269. 

  270. 	if (++p->shift >= OFFSET_ARRAY_SIZE)
  271. 		p->shift = 0;
  272. 

  273. 	return (0);
  274. }
  275. 

  276. int
  277. client_update(struct ntp_peer *p)
  278. {
  279. 	int	i, best = 0, good = 0;
  280. 

  281. 	/*

  282. 	 * clock filter
  283. 	 * find the offset which arrived with the lowest delay
  284. 	 * use that as the peer update
  285. 	 * invalidate it and all older ones
  286. 	 */
  287. 

  288. 	for (i = 0; good == 0 && i < OFFSET_ARRAY_SIZE; i++)
  289. 		if (p->reply[i].good) {
  290. 			good++;
  291. 			best = i;
  292. 		}
  293. 

  294. 	for (; i < OFFSET_ARRAY_SIZE; i++)
  295. 		if (p->reply[i].good) {
  296. 			good++;
  297. 			if (p->reply[i].delay < p->reply[best].delay)
  298. 				best = i;
  299. 		}
  300. 

  301. 	if (good < 8)
  302. 		return (-1);
  303. 

  304. 	memcpy(&p->update, &p->reply[best], sizeof(p->update));
  305. 	priv_adjtime();
  306. 

  307. 	for (i = 0; i < OFFSET_ARRAY_SIZE; i++)
  308. 		if (p->reply[i].rcvd <= p->reply[best].rcvd)
  309. 			p->reply[i].good = 0;
  310. 

  311. 	return (0);
  312. }