From 349011c612c5f2ea2fb59970f5cef4e291057a84 Mon Sep 17 00:00:00 2001 From: otto <> Date: Wed, 29 May 2019 18:48:33 +0000 Subject: [PATCH] If a DBS resolve was done with the Checking Disabled flag, re-resolve with once the clock is synced. ok deraadt@ florian@ --- src/usr.sbin/ntpd/client.c | 8 +++++++- src/usr.sbin/ntpd/ntp.c | 32 ++++++++++++++++++++++++++++++-- src/usr.sbin/ntpd/ntpd.h | 3 ++- 3 files changed, 39 insertions(+), 4 deletions(-) diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c index 3de52685..476a804f 100644 --- a/src/usr.sbin/ntpd/client.c +++ b/src/usr.sbin/ntpd/client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: client.c,v 1.105 2017/05/30 23:30:48 benno Exp $ */ +/* $OpenBSD: client.c,v 1.106 2019/05/29 18:48:33 otto Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -132,6 +132,12 @@ client_query(struct ntp_peer *p) return (0); } + if (conf->status.synced && p->addr->notauth) { + peer_addr_head_clear(p); + client_nextaddr(p); + return (0); + } + if (p->state < STATE_DNS_DONE || p->addr == NULL) return (-1); diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c index 37522f62..7f7a42b7 100644 --- a/src/usr.sbin/ntpd/ntp.c +++ b/src/usr.sbin/ntpd/ntp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntp.c,v 1.150 2019/05/28 06:49:46 otto Exp $ */ +/* $OpenBSD: ntp.c,v 1.151 2019/05/29 18:48:33 otto Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -474,7 +474,7 @@ int ntp_dispatch_imsg_dns(void) { struct imsg imsg; - struct ntp_peer *peer, *npeer; + struct ntp_peer *peer, *npeer, *tmp; u_int16_t dlen; u_char *p; struct ntp_addr *h; @@ -504,6 +504,21 @@ ntp_dispatch_imsg_dns(void) break; } + /* + * For the redo dns case we want to have only one clone + * of the pool peer, since it wil be cloned again + */ + if (peer->addr_head.pool) { + TAILQ_FOREACH_SAFE(npeer, &conf->ntp_peers, + entry, tmp) { + if (npeer->id == peer->id) + continue; + if (strcmp(npeer->addr_head.name, + peer->addr_head.name) == 0) + peer_remove(npeer); + } + } + dlen = imsg.hdr.len - IMSG_HEADER_SIZE; if (dlen == 0) { /* no data -> temp error */ log_warnx("DNS lookup tempfail"); @@ -578,6 +593,19 @@ peer_remove(struct ntp_peer *p) peer_cnt--; } +void +peer_addr_head_clear(struct ntp_peer *p) +{ + struct ntp_addr *a = p->addr_head.a; + while (a) { + struct ntp_addr *next = a->next; + free(a); + a = next; + } + p->addr_head.a = NULL; + p->addr = NULL; +} + static void priv_adjfreq(double offset) { diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h index 80071734..031a647c 100644 --- a/src/usr.sbin/ntpd/ntpd.h +++ b/src/usr.sbin/ntpd/ntpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.h,v 1.139 2019/05/28 06:49:46 otto Exp $ */ +/* $OpenBSD: ntpd.h,v 1.140 2019/05/29 18:48:33 otto Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -313,6 +313,7 @@ enum ctl_actions { /* ntp.c */ void ntp_main(struct ntpd_conf *, struct passwd *, int, char **); +void peer_addr_head_clear(struct ntp_peer *); int priv_adjtime(void); void priv_settime(double); void priv_dns(int, char *, u_int32_t);