jsg
8e7b53106c
fix a memory leak if tls_read() fails. ok henning@
9 years ago
bcook
d72cee2563
Avoid overflow on 32-bit time_t systems converting timeval to NTP time.
Original fix from Romuald Delavergne. ok henning@
9 years ago
jmc
62357f829c
do not encourage random uppercasing;
9 years ago
henning
8abd0e066f
instead of routing SIGHUP thru sighdlr_dns() which then ignores it,
ignore it directly. no functional change. Rafael Neves rafaelneves at gmail
9 years ago
bcook
89c0900631
remove unused 'cause' string when checking child status
ok deraadt@
9 years ago
deraadt
a70498de55
mention TLS HTTPS here also; ok bcook
9 years ago
jmc
c58d66510a
-s is not optional, sadly;
while here i've reformatted the page to stop kidding that -s is 4 options;
original issue kind of spotted by adam thompson, though note i am not fixing the
issue he complained about (i'll address that mail in a minute);
9 years ago
bcook
8448b71210
remove unused variable
ok reyk@
9 years ago
jsing
33ac287472
Rename tls_config_insecure_noverifyhost() to
tls_config_insecure_noverifyname(), so that it is more accurate and keeps
inline with the distinction between DNS hostname and server name.
Requested by tedu@ during s2k15.
9 years ago
jsing
a2efc33261
Set the TLS ciphers to "compat" mode, restoring the previous behaviour.
9 years ago
miod
ac5112d544
Fix library ordering on the link line for the sake of static arches. It's, in
that order, tls, crypto, ssl.
10 years ago
jmc
5a29dde418
some fixes from max fillinger, tweaked a little by myself;
ok reyk
10 years ago
reyk
19285c609b
Fix example, syntax is "constraint from www.example.com" (with "from").
Reported by Stefan Wollny.
10 years ago
reyk
57c6dae142
Allow constraints URL without leading path (eg. " https://www.openbsd.org ").
Fixes segfault on configuration load time, as reported by Donovan Watteau.
10 years ago
reyk
2c0d96f390
Use ntpd's deferred DNS resolving for constraints as well. This
allows to get constraint addresses even if network/DNS is not
available at startup (or system boot).
thumbs up & OK henning@
10 years ago
reyk
609076da6a
Remove dead code (IMSG_HOST_DNS has been moved from the parent to
ntp_dns some years ago).
OK henning@
10 years ago
reyk
f80fe4f691
Be less chatty on constraint errors.
OK deraadt@
10 years ago
jmc
4ea8526f95
tweak previous;
10 years ago
reyk
2a9806d4a4
spacing
10 years ago
reyk
61d9dff620
After successfully getting a constraint from an HTTPS server, there is
no need to request it ever again. The only exception is the
escalation of failed constraint checks that might lead into
re-requesting the constraint time from all servers. Adjust the states
accordingly.
OK henning@
10 years ago
reyk
65816fa1ac
Don't show the subseconds when displaying the constraint offset.
OK henning@ deraadt@
10 years ago
reyk
5f9d0ecf71
Move the constraints in a new section and add a preamble to explain
the functionality.
Requested by henning@
OK beck@ deraadt@
10 years ago
reyk
7433fa0bce
Add support for "constraints": when configured, ntpd(8) will query the
time from HTTPS servers, by parsing the Date: header, and use the
median constraint time as a boundary to verify NTP responses. This
adds some level of authentication and protection against MITM attacks
while preserving the accuracy of the NTP protocol; without relying on
authentication options for NTP that are basically unavailable at
present. This is an initial implementation and the semantics will be
improved once it is in the tree.
Discussed with deraadt@ and henning@
OK henning@
10 years ago
bcook
3885488dfe
be more verbose when logging privsep errors.
ok phessler@ deraadt@
10 years ago
bcook
948680b913
use correct formatters for s/size_t data types.
ok deraadt@
10 years ago
reyk
a32a1a544c
Add a comment that ntpd MUST NOT use AI_ADDRCONFIG in host_dns()
OK henning@
10 years ago
bcook
dbf887d834
Fix deferred host DNS lookups.
If the network is unreachable when ntpd starts and host_dns fails, be sure
that we still close the HOST_DNS imsg.
Thanks to Paul de Weerd <weerd at weirdnet dot nl> for reporting this.
ok beck@
10 years ago
bcook
709567d845
Use initial assignment of action to check for errors.
This simplifies things and make action = -1 no longer a dead store.
Also, spell FALLTHROUGH consistently.
reported by fritjof@alokat.org
10 years ago
bcook
860eac54c2
remove a couple of unused headers.
reported by Jonas 'Sortie' Termansen
10 years ago
naddy
281ec163e9
Switch drift file format to ppm for compatibility with the ntp.org
daemon.
Old drift files will be interpreted as a minuscule adjustment and
ntpd will proceed to rediscover the drift, like starting from zero
on a newly installed machine.
ok deraadt@
10 years ago
bcook
3f937ba631
bump failure to set the initial time from debug to warning
from Paul B. Henson, ok phessler@
10 years ago
bcook
70297880a3
fix some memory leaks in dns handling.
- Nothing seems to free the result of host_dns(), so add host_dns_free() and
call after each query.
- If imsg_add() fails, it frees buf. Avoid subsequently dereferencing the
freed buf in imsg_close().
ok millert@ deraadt@
10 years ago
bcook
53a61ebe90
prefer sizeof(thing) to sizeof(type)
ok tedu@ deraadt@
10 years ago
tedu
ff1d6653e1
don't check for a return value that host() doesn't return, so future
generations don't try to change any of the values and break the code.
ok deraadt
10 years ago
bcook
d66f723105
revert host() back to correct behavior.
unbreak config file address parsing
10 years ago
bcook
e32816bab7
return -1 on host() address parsing failure, not 1.
Match what parse.y expects it to return.
ok millert@
10 years ago
deraadt
eb02123984
remove excessive/wrong use of sys/param.h
peanuts -- but all work has to start somewhere.
10 years ago
bcook
2c934bd111
log as LOG_DAEMON in log_init again.
I mirrored from smtpd a little too literally.
10 years ago
bcook
e69bd15d31
sync log.c from smtpd.
Reduces the number of log.c snowflakes by a little, and gives ntpd a
variadic fatal() function to be used later.
ok deraadt@
10 years ago
bcook
950986b2ca
use the correct format string for refid
ok deraadt@
10 years ago
bcook
f04311c2a3
use MAXIMUM as the canonical local MAX macro.
suggested by deraadt@ re: more general MIN/MAX cleanups
10 years ago
bcook
2b0bc47767
rename sockaddr_un variables from 'sun' to the more common 'sa'.
This avoids a namespace conflict with Solaris build environments.
discussed with deraadt@ and kettenis@
10 years ago
bcook
63d93971e4
don't rely on sys/param.h having a MAX macro.
Switch to local definitions where MAX is needed.
discussed with deraadt@
10 years ago
bcook
1f5712d8d6
Remove the unused dns_pid variable.
Nothing is done with the return value from ntp_dns, and it already calls
fatal() on failure.
ok deraadt@
10 years ago
bcook
d25ace0611
removed unused libevent header and structures in ntpd.h
ok deraadt@ phessler@
10 years ago
bcook
d33f0cc042
Add a missing include for time.h to get the definitions of clock_gettime and strftime.
ok jsing@ phessler@ naddy@
10 years ago
jsg
7f4721fbaf
Don't allow embedded nul characters in strings.
Fixes a pfctl crash with an anchor name containing
an embedded nul found with the afl fuzzer.
pfctl parse.y patch from and ok deraadt@
10 years ago
doug
146b86bde3
Add gcc printf format attributes to yyerror() in parse.y files.
No yyerror() calls needed to be changed.
ok bluhm@
10 years ago
bluhm
0f1121e6f9
Convert the logic in yyerror(). Instead of creating a temporary
format string, create a temporary message.
OK claudio@
10 years ago
lteo
b8d6959e84
Remove unnecessary netinet/in_systm.h include.
ok millert@
10 years ago