otto
4b4dd01e9a
If all addresses are numeric no use for dns probe; ok florian@ sthen@
4 years ago
otto
956b4239d9
Zap double definition of conf and make ibuf_dns static to avoid double
definition; from Michael Forney
4 years ago
otto
c47029baaf
Allow logging to both stderr and syslog; don't reset the log level if
the log destination changes. ok claudio@ benno@
5 years ago
otto
6f5c796c99
Do a quick DNS probe to decide to stay in the forground and attempt
an (auto) settime or give up. 15s timeout is still in effect. ok florian@
5 years ago
otto
46a918abc5
Fix init of syslog for childs and teach dns process about synced state.
ok benno@
5 years ago
otto
89bf75c4ef
A step in solving the bootstrap problem in a dnssec environement.
If the time is wrong, we cannot validate dnssec, leading to failed
DNS lookups, so we cannot adjust or set the time. Work around this
by repeating a failed DNS lookup with a lookup with the DC (check
disabled) bit set. ok florian@
5 years ago
otto
9b92ee0342
don't manipulate hdr.len, it's used internally by libutil now; ok florian@
7 years ago
rzalamena
4e462f2ebb
Teach ntpd(8) how to use socket status to shutdown the daemon. While at
it, remove some verbose shutdown messages that we had before with pipe
close.
ok reyk@
7 years ago
rzalamena
1305c0d5de
Teach ntpd(8) how to fork+exec.
ok reyk@, bcook@
7 years ago
reyk
08ed721594
Remove the oh so funny "LOSS OF MIND" from the diclaimer that was not
part of the original ISC license that we use in OpenBSD. Done for
files were Henning is the original author.
OK henning@ deraadt@
7 years ago
reyk
97252e04ad
Switch and sync to the log.c variant from httpd/relayd/iked/snmpd/vmd.
OK bcook@ jung@
8 years ago
claudio
d6e39ab1f4
EAGAIN handling for imsg_read. OK henning@ benno@
8 years ago
deraadt
0115cb35e8
the DNS process was not discarding & redirecting stdin/out/err to
/dev/null. copy the code from the ntp engine.
8 years ago
deraadt
a131c912b6
pledge "dns rw" is not a reliable pattern. This means malloc() and other
types of functions (perhaps required by 'stdio' or 'libevent' will not
become available unless DNS suceeds. Replace it with "stdio dns".
8 years ago
deraadt
1ca43f2c14
Change all tame callers to namechange to pledge(2).
8 years ago
deraadt
5138effbbd
the ntp dns process only needs tame "dns rw" to operate. at least,
that's the case after kernel code got fixed to handle inet6 for dns...
8 years ago
henning
8abd0e066f
instead of routing SIGHUP thru sighdlr_dns() which then ignores it,
ignore it directly. no functional change. Rafael Neves rafaelneves at gmail
9 years ago
reyk
2c0d96f390
Use ntpd's deferred DNS resolving for constraints as well. This
allows to get constraint addresses even if network/DNS is not
available at startup (or system boot).
thumbs up & OK henning@
9 years ago
bcook
dbf887d834
Fix deferred host DNS lookups.
If the network is unreachable when ntpd starts and host_dns fails, be sure
that we still close the HOST_DNS imsg.
Thanks to Paul de Weerd <weerd at weirdnet dot nl> for reporting this.
ok beck@
9 years ago
bcook
70297880a3
fix some memory leaks in dns handling.
- Nothing seems to free the result of host_dns(), so add host_dns_free() and
call after each query.
- If imsg_add() fails, it frees buf. Avoid subsequently dereferencing the
freed buf in imsg_close().
ok millert@ deraadt@
9 years ago
deraadt
eb02123984
remove excessive/wrong use of sys/param.h
peanuts -- but all work has to start somewhere.
9 years ago
dtucker
c438f027ad
Run the serving and privileged ntpd processes at high priority and the
dns process at normal priority. Should improve latency on loaded machines.
ok henning@
10 years ago
benno
b7644de136
from sthen: handle msgbuf_write() returning EAGAIN
ok krw
10 years ago
nicm
62564ff79f
Rename some imsg bits to make namespace collisions less likely buf to
ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE.
ok henning gilles claudio jacekm deraadt
14 years ago
stevesk
7599b90b0a
endservent() not needed here; ok henning@
15 years ago
henning
9bf99d851b
move dns lookups to its own (privilege revoking, not chrooting) process.
reason: the parent process must never ever block, but the dns routines can.
last not least this fixes ntpd -s 'hanging' for a long time.
tested by a couple of people
15 years ago