Fincer
/
openntpd-openbsd
mirror of https://github.com/Fincer/openntpd-openbsd
1
0
Fork 0
Code Issues 0 Projects 0 Releases 61 Wiki Activity
Browse Source

Allow the singular constraint clause to list multiple addresses; 

ok deraadt@
OPENBSD_6_7
otto 4 years ago
parent
d7926a2681
commit
df4870ab11
2 changed files with 41 additions and 6 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +8
    -3
      src/usr.sbin/ntpd/ntpd.conf.5
  2. +33
    -3
      src/usr.sbin/ntpd/parse.y

+ 8
- 3
src/usr.sbin/ntpd/ntpd.conf.5 View File

@ -1,4 +1,4 @@
.\" $OpenBSD: ntpd.conf.5,v 1.37 2017/08/10 22:59:42 job Exp $
.\" $OpenBSD: ntpd.conf.5,v 1.38 2019/11/06 13:35:25 otto Exp $
.\"
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
.\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: August 10 2017 $
.Dd $Mdocdate: November 6 2019 $
.Dt NTPD.CONF 5
.Os
.Sh NAME
@ -193,9 +193,13 @@ Received NTP packets with time information falling outside of a range
near the constraint will be discarded and such NTP servers
will be marked as invalid.
.Bl -tag -width Ds
.It Ic constraint from Ar url
.It Ic constraint from Ar url [ip...]
Specify the URL, IP address or the hostname of an HTTPS server to
provide a constraint.
If the url is followed by one or more addresses the url and addresses will be
tried until a working one is found.
The url path and expected certificate name is always taken from the
url specified.
If
.Ic constraint from
is used more than once,
@ -204,6 +208,7 @@ will calculate a median constraint from all the servers specified.
.Bd -literal -offset indent
server ntp.example.org
constraint from www.example.com
constraint from "https://9.9.9.9" "2620:fe::9"
.Ed
.It Ic constraints from Ar url
As with


+ 33
- 3
src/usr.sbin/ntpd/parse.y View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.73 2019/07/16 14:15:40 otto Exp $ */
/* $OpenBSD: parse.y,v 1.74 2019/11/06 13:35:25 otto Exp $ */
/*
* Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -88,7 +88,7 @@ typedef struct {
%token ERROR
%token <v.string> STRING
%token <v.number> NUMBER
%type <v.addr> address url
%type <v.addr> address url urllist
%type <v.opts> listen_opts listen_opts_l listen_opt
%type <v.opts> server_opts server_opts_l server_opt
%type <v.opts> sensor_opts sensor_opts_l sensor_opt
@ -272,7 +272,7 @@ main : LISTEN ON address listen_opts {
free($3->name);
free($3);
}
| CONSTRAINT FROM url {
| CONSTRAINT FROM urllist {
struct constraint *p;
struct ntp_addr *h, *next;
@ -329,6 +329,36 @@ address : STRING {
}
;
urllist : urllist address {
struct ntp_addr *p, *q = NULL;
struct in_addr ina;
struct in6_addr in6a;
if (inet_pton(AF_INET, $2->name, &ina) != 1 &&
inet_pton(AF_INET6, $2->name, &in6a) != 1) {
yyerror("url can only be followed by IP "
"addresses");
free($2->name);
free($2);
YYERROR;
}
p = $2->a;
while (p != NULL) {
q = p;
p = p->next;
}
if (q != NULL) {
q->next = $1->a;
$1->a = $2->a;
free($2);
}
$$ = $1;
}
| url {
$$ = $1;
}
;
url : STRING {
char *hname, *path;


Write Preview
Loading…
Cancel
Save