Browse Source

Update patches: fix ntpctl segfault, re-hardcode MAX_DISPLAY_WIDTH, SENSOR_OFFSETS and OFFSET_ARRAY_SIZE

master
Pekka Helenius 4 years ago
parent
commit
c12c1e905d
8 changed files with 177 additions and 291 deletions
  1. +8
    -4
      patches/1-patch_better-logs.patch
  2. +3
    -3
      patches/2-patch_ntpctl-sensors-tolowercase.patch
  3. +1
    -1
      patches/3-patch_unhardcode-ports.patch
  4. +1
    -1
      patches/4-patch_peercount-init.patch
  5. +3
    -3
      patches/5-patch_debugmode-fix.patch
  6. +117
    -243
      patches/6-patch_unhardcode-conf.patch
  7. +41
    -24
      patches/7-patch_implement-openssl.patch
  8. +3
    -12
      patches/8-patch_update-conf.patch

+ 8
- 4
patches/1-patch_better-logs.patch View File

@ -1,5 +1,5 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:09 +0300
Subject: Provide human-readable error messages for easier process interpretation
@ -1193,7 +1193,7 @@ Subject: Provide human-readable error messages for easier process interpretation
&offset, sizeof(offset));
conf->settime = 0;
--- a/src/ntpd.c 2020-08-01 00:19:23.455725749 +0300
+++ b/src/ntpd.c 2020-08-01 13:33:10.798104786 +0300
+++ b/src/ntpd.c 2020-08-03 23:31:10.898621932 +0300
@@ -102,7 +102,7 @@ writepid(struct ntpd_conf *lconf)
if (lconf->pid_file != NULL) {
FILE *f = fopen(lconf->pid_file, "w");
@ -1545,7 +1545,7 @@ Subject: Provide human-readable error messages for easier process interpretation
usage();
}
break;
@@ -736,18 +735,18 @@ ctl_main(int argc, char *argv[])
@@ -736,21 +735,21 @@ ctl_main(int argc, char *argv[])
/* NOTREACHED */
if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1)
@ -1567,7 +1567,11 @@ Subject: Provide human-readable error messages for easier process interpretation
+ err(1, "ntpctl: can't restrict privileges");
if ((ibuf_ctl = malloc(sizeof(struct imsgbuf))) == NULL)
err(1, NULL);
- err(1, NULL);
+ err(1, "ntpctl: can't allocate memory for data buffer");
imsg_init(ibuf_ctl, fd);
switch (action) {
@@ -771,24 +770,24 @@ ctl_main(int argc, char *argv[])
0, 0, -1, NULL, 0);
break;


+ 3
- 3
patches/2-patch_ntpctl-sensors-tolowercase.patch View File

@ -1,10 +1,10 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:10 +0300
Subject: Set 'Sensors' to lowercase in ntpctl settings
--- a/src/ntpd.c 2020-08-01 13:33:10.798104786 +0300
+++ b/src/ntpd.c 2020-08-01 13:33:27.848104803 +0300
--- a/src/ntpd.c 2020-08-03 23:31:10.898621932 +0300
+++ b/src/ntpd.c 2020-08-03 23:30:51.351955245 +0300
@@ -76,7 +76,7 @@ extern u_int constraint_cnt;
const char *showopt;


+ 1
- 1
patches/3-patch_unhardcode-ports.patch View File

@ -1,5 +1,5 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:11 +0300
Subject: Unhardcode NTP server, client and constraint UDP & TCP port numbers


+ 1
- 1
patches/4-patch_peercount-init.patch View File

@ -1,5 +1,5 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:12 +0300
Subject: Fix C compiler warning about uninitialized variable peercount


+ 3
- 3
patches/5-patch_debugmode-fix.patch View File

@ -1,10 +1,10 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:13 +0300
Subject: Fix debug mode not showing output in command line
--- a/src/ntpd.c 2020-08-01 13:33:42.000000000 +0300
+++ b/src/ntpd.c 2020-08-01 16:07:32.660248971 +0300
--- a/src/ntpd.c 2020-08-03 23:30:09.431955200 +0300
+++ b/src/ntpd.c 2020-08-03 23:29:45.150837701 +0300
@@ -195,12 +195,14 @@ main(int argc, char *argv[])
switch (ch) {
case 'd':


+ 117
- 243
patches/6-patch_unhardcode-conf.patch View File

@ -1,10 +1,10 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:15 +0300
Subject: Unhardcode majority of configuration settings, update manual
--- a/src/sensors.c 2020-07-31 23:58:46.000000000 +0300
+++ b/src/sensors.c 2020-08-01 12:22:05.214766958 +0300
+++ b/src/sensors.c 2020-08-03 23:12:53.431633678 +0300
@@ -145,7 +145,7 @@ sensor_add(int sensordev, char *dxname)
s->sensordevid = sensordev;
@ -30,42 +30,21 @@ Subject: Unhardcode majority of configuration settings, update manual
s->update.good = 0;
if (!sensor_probe(s->sensordevid, dxname, &sensor)) {
@@ -234,7 +234,7 @@ sensor_query(struct ntp_sensor *s)
log_debug("sensor %s: offset %f", s->device,
s->offsets[s->shift].offset);
- if (++s->shift >= SENSOR_OFFSETS) {
+ if (++s->shift >= conf->sensor_offsets) {
s->shift = 0;
sensor_update(s);
}
@@ -247,19 +247,19 @@ sensor_update(struct ntp_sensor *s)
struct ntp_offset **offsets;
int i;
- if ((offsets = calloc(SENSOR_OFFSETS, sizeof(struct ntp_offset *))) ==
+ if ((offsets = calloc(conf->sensor_offsets, sizeof(struct ntp_offset *))) ==
NULL)
fatal("sensor %s: can't allocate memory for data update", s->device);
- for (i = 0; i < SENSOR_OFFSETS; i++)
+ for (i = 0; i < conf->sensor_offsets; i++)
offsets[i] = &s->offsets[i];
- qsort(offsets, SENSOR_OFFSETS, sizeof(struct ntp_offset *),
+ qsort(offsets, conf->sensor_offsets, sizeof(struct ntp_offset *),
offset_compare);
- i = SENSOR_OFFSETS / 2;
+ i = conf->sensor_offsets / 2;
memcpy(&s->update, offsets[i], sizeof(s->update));
- if (SENSOR_OFFSETS % 2 == 0) {
+ if (conf->sensor_offsets % 2 == 0) {
s->update.offset =
(offsets[i - 1]->offset + offsets[i]->offset) / 2;
}
--- a/src/ntpd.c 2020-08-01 16:07:32.660248971 +0300
+++ b/src/ntpd.c 2020-08-01 17:13:23.406919806 +0300
--- a/src/ntpd.c 2020-08-03 23:29:45.150837701 +0300
+++ b/src/ntpd.c 2020-08-03 23:48:03.062564686 +0300
@@ -58,10 +58,10 @@ void ntpd_adjfreq(double, int);
void ntpd_settime(double);
void readfreq(void);
int writefreq(double);
-void ctl_main(int, char*[]);
+void ctl_main(int, char*[], const struct ntpd_conf *);
const char *ctl_lookup_option(char *, const char **);
void show_status_msg(struct imsg *);
-void show_peer_msg(struct imsg *, int);
+void show_peer_msg(struct imsg *, int, const struct ntpd_conf *);
void show_sensor_msg(struct imsg *, int);
void update_time_sync_status(int);
@@ -135,7 +135,7 @@ auto_preconditions(const struct ntpd_con
#endif
constraints = !TAILQ_EMPTY(&cnf->constraints);
@ -75,24 +54,29 @@ Subject: Unhardcode majority of configuration settings, update manual
}
#define POLL_MAX 8
@@ -195,14 +195,14 @@ main(int argc, char *argv[])
switch (ch) {
case 'd':
lconf.debug = 1;
- lconf.verbose = 2;
+ lconf.verbose = 2;
break;
case 'f':
conffile = optarg;
break;
case 'n':
lconf.debug = 1;
- lconf.verbose = 2;
+ lconf.verbose = 2;
lconf.noaction = 1;
break;
case 'P':
@@ -253,8 +253,8 @@ main(int argc, char *argv[])
@@ -171,15 +171,16 @@ main(int argc, char *argv[])
__progname = get_progname(argv[0]);
- if (strcmp(__progname, "ntpctl") == 0) {
- ctl_main(argc, argv);
- /* NOTREACHED */
- }
-
conffile = CONFFILE;
memset(&lconf, 0, sizeof(lconf));
+ if (strcmp(__progname, "ntpctl") == 0) {
+ parse_config(conffile, &lconf);
+ ctl_main(argc, argv, &lconf);
+ /* NOTREACHED */
+ }
+
#ifndef HAVE_SETPROCTITLE
/* Prepare for later setproctitle emulation */
saved_argv = calloc(argc + 1, sizeof(*saved_argv));
@@ -253,8 +254,8 @@ main(int argc, char *argv[])
if (geteuid())
errx(1, "main process: need root privileges");
@ -103,7 +87,7 @@ Subject: Unhardcode majority of configuration settings, update manual
lconf.automatic = auto_preconditions(&lconf);
if (lconf.automatic)
@@ -277,7 +277,7 @@ main(int argc, char *argv[])
@@ -277,7 +278,7 @@ main(int argc, char *argv[])
fatalx("main process: process '%s' failed (%s)", pname, __func__);
} else {
@ -112,7 +96,7 @@ Subject: Unhardcode majority of configuration settings, update manual
fatalx("OpenNTPD is already running");
}
@@ -295,7 +295,7 @@ main(int argc, char *argv[])
@@ -295,7 +296,7 @@ main(int argc, char *argv[])
}
} else {
settime_deadline = getmonotime();
@ -121,7 +105,7 @@ Subject: Unhardcode majority of configuration settings, update manual
}
if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC,
@@ -311,6 +311,10 @@ main(int argc, char *argv[])
@@ -311,6 +312,10 @@ main(int argc, char *argv[])
start_child(NTP_PROC_NAME, pipe_chld[1], argc0, argv0);
log_procinit("[priv]");
@ -132,7 +116,7 @@ Subject: Unhardcode majority of configuration settings, update manual
readfreq();
signal(SIGTERM, sighdlr);
@@ -370,7 +374,7 @@ main(int argc, char *argv[])
@@ -370,7 +375,7 @@ main(int argc, char *argv[])
}
if (nfds == 0 && lconf.settime &&
@ -141,7 +125,7 @@ Subject: Unhardcode majority of configuration settings, update manual
lconf.settime = 0;
timeout = INFTIM;
log_init(logdest, lconf.verbose, LOG_DAEMON);
@@ -520,7 +524,7 @@ ntpd_adjtime(double d)
@@ -520,7 +525,7 @@ ntpd_adjtime(double d)
{
int synced = 0;
static int firstadj = 1;
@ -150,7 +134,7 @@ Subject: Unhardcode majority of configuration settings, update manual
d += getoffset();
if (d >= threshold || d <= -1 * threshold)
@@ -581,8 +585,8 @@ ntpd_adjfreq(double relfreq, int wrlog)
@@ -581,8 +586,8 @@ ntpd_adjfreq(double relfreq, int wrlog)
r = writefreq(curfreq / 1e9 / (1LL << 32));
ppmfreq = relfreq * 1e6;
if (wrlog) {
@ -161,7 +145,7 @@ Subject: Unhardcode majority of configuration settings, update manual
log_info("main process: adjusting clock frequency by %f to %f ppm%s",
ppmfreq, curfreq / 1e3 / (1LL << 32),
r ? "" : " (no drift file)");
@@ -634,13 +638,13 @@ readfreq(void)
@@ -634,13 +639,13 @@ readfreq(void)
int fd;
double d;
@ -178,7 +162,7 @@ Subject: Unhardcode majority of configuration settings, update manual
return;
}
@@ -654,7 +658,7 @@ readfreq(void)
@@ -654,7 +659,7 @@ readfreq(void)
d /= 1e6; /* scale from ppm */
ntpd_adjfreq(d, 0);
} else
@ -187,7 +171,7 @@ Subject: Unhardcode majority of configuration settings, update manual
}
}
@@ -671,7 +675,7 @@ writefreq(double d)
@@ -671,7 +676,7 @@ writefreq(double d)
r = fprintf(freqfp, "%.3f\n", d * 1e6); /* scale to ppm */
if (r < 0 || fflush(freqfp) != 0) {
if (warnonce) {
@ -196,7 +180,7 @@ Subject: Unhardcode majority of configuration settings, update manual
warnonce = 0;
}
clearerr(freqfp);
@@ -679,7 +683,7 @@ writefreq(double d)
@@ -679,13 +684,13 @@ writefreq(double d)
}
off = ftello(freqfp);
if (off == -1 || ftruncate(fileno(freqfp), off) == -1)
@ -205,44 +189,68 @@ Subject: Unhardcode majority of configuration settings, update manual
fsync(fileno(freqfp));
return 1;
}
@@ -693,7 +697,7 @@ ctl_main(int argc, char *argv[])
void
-ctl_main(int argc, char *argv[])
+ctl_main(int argc, char *argv[], const struct ntpd_conf *cconf)
{
struct sockaddr_un sa;
struct imsg imsg;
@@ -693,7 +698,7 @@ ctl_main(int argc, char *argv[])
int fd, n, done, ch, action;
char *sockname;
- sockname = CTLSOCKET;
+ sockname = conf->ctlsocket;
+ sockname = cconf->ctlsocket;
if (argc < 2) {
usage();
@@ -932,7 +936,7 @@ show_peer_msg(struct imsg *imsg, int cal
cpeer = (struct ctl_show_peer *)imsg->data;
@@ -741,6 +746,7 @@ ctl_main(int argc, char *argv[])
- if (strlen(cpeer->peer_desc) > MAX_DISPLAY_WIDTH - 1)
+ if (strlen(cpeer->peer_desc) > conf->max_display_width - 1)
fatalx("ntpctl: NTP peer description is too long");
memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX;
+
if (strlcpy(sa.sun_path, sockname, sizeof(sa.sun_path)) >=
sizeof(sa.sun_path))
errx(1, "ntpctl: control socket name is too long");
@@ -799,7 +805,7 @@ ctl_main(int argc, char *argv[])
done = 1;
break;
case CTL_SHOW_PEERS:
- show_peer_msg(&imsg, 0);
+ show_peer_msg(&imsg, 0, cconf);
if (imsg.hdr.type ==
IMSG_CTL_SHOW_PEERS_END)
done = 1;
@@ -816,7 +822,7 @@ ctl_main(int argc, char *argv[])
show_status_msg(&imsg);
break;
case IMSG_CTL_SHOW_PEERS:
- show_peer_msg(&imsg, 1);
+ show_peer_msg(&imsg, 1, cconf);
break;
case IMSG_CTL_SHOW_SENSORS:
show_sensor_msg(&imsg, 1);
@@ -911,7 +917,7 @@ show_status_msg(struct imsg *imsg)
}
if (firsttime) {
@@ -953,7 +957,7 @@ show_peer_msg(struct imsg *imsg, int cal
void
-show_peer_msg(struct imsg *imsg, int calledfromshowall)
+show_peer_msg(struct imsg *imsg, int calledfromshowall, const struct ntpd_conf *pconf)
{
struct ctl_show_peer *cpeer;
int cnt;
@@ -953,7 +959,7 @@ show_peer_msg(struct imsg *imsg, int cal
cpeer->weight, cpeer->trustlevel, stratum,
(long long)cpeer->next, (long long)cpeer->poll);
- if (cpeer->trustlevel >= TRUSTLEVEL_BADPEER)
+ if (cpeer->trustlevel >= conf->trustlevel_badpeer)
+ if (cpeer->trustlevel >= pconf->trustlevel_badpeer)
printf(" %12.3fms %9.3fms %8.3fms\n", cpeer->offset,
cpeer->delay, cpeer->jitter);
else
@@ -982,7 +986,7 @@ show_sensor_msg(struct imsg *imsg, int c
csensor = (struct ctl_show_sensor *)imsg->data;
- if (strlen(csensor->sensor_desc) > MAX_DISPLAY_WIDTH - 1)
+ if (strlen(csensor->sensor_desc) > conf->max_display_width - 1)
fatalx("ntpctl: sensor description is too long");
if (firsttime) {
--- a/src/ntp.c 2020-08-01 15:22:42.000000000 +0300
+++ b/src/ntp.c 2020-08-01 18:38:24.803591850 +0300
+++ b/src/ntp.c 2020-08-03 23:08:32.397143675 +0300
@@ -55,7 +55,7 @@ int ntp_dispatch_imsg_dns(void);
void peer_add(struct ntp_peer *);
void peer_remove(struct ntp_peer *);
@ -375,21 +383,6 @@ Subject: Unhardcode majority of configuration settings, update manual
continue;
for (j = 0; j < p->weight; j++)
offsets[i++] = &p->update;
@@ -784,12 +784,12 @@ priv_adjtime(void)
free(offsets);
TAILQ_FOREACH(p, &conf->ntp_peers, entry) {
- for (i = 0; i < OFFSET_ARRAY_SIZE; i++)
+ for (i = 0; i < conf->offset_array_size; i++)
p->reply[i].offset -= offset_median;
p->update.good = 0;
}
TAILQ_FOREACH(s, &conf->ntp_sensors, entry) {
- for (i = 0; i < SENSOR_OFFSETS; i++)
+ for (i = 0; i < conf->sensor_offsets; i++)
s->offsets[i].offset -= offset_median;
s->update.offset -= offset_median;
}
@@ -841,13 +841,13 @@ update_scale(double offset)
if (offset < 0)
offset = -offset;
@ -418,7 +411,7 @@ Subject: Unhardcode majority of configuration settings, update manual
return (interval + r);
}
--- a/src/control.c 2020-07-31 23:23:56.000000000 +0300
+++ b/src/control.c 2020-08-01 11:49:36.991431574 +0300
+++ b/src/control.c 2020-08-03 23:06:05.136249122 +0300
@@ -317,7 +317,7 @@ build_show_status(struct ctl_show_status
TAILQ_FOREACH(p, &conf->ntp_peers, entry) {
@ -428,34 +421,7 @@ Subject: Unhardcode majority of configuration settings, update manual
cs->valid_peers++;
}
TAILQ_FOREACH(s, &conf->ntp_sensors, entry) {
@@ -362,7 +362,7 @@ build_show_peer(struct ctl_show_peer *cp
validdelaycnt = best = 0;
cp->offset = cp->delay = 0.0;
- for (shift = 0; shift < OFFSET_ARRAY_SIZE; shift++) {
+ for (shift = 0; shift < conf->offset_array_size; shift++) {
if (p->reply[shift].delay > 0.0) {
cp->offset += p->reply[shift].offset;
cp->delay += p->reply[shift].delay;
@@ -381,7 +381,7 @@ build_show_peer(struct ctl_show_peer *cp
jittercnt = 0;
cp->jitter = 0.0;
- for (shift = 0; shift < OFFSET_ARRAY_SIZE; shift++) {
+ for (shift = 0; shift < conf->offset_array_size; shift++) {
if (p->reply[shift].delay > 0.0 && shift != best) {
cp->jitter += square(p->reply[shift].delay -
p->reply[best].delay);
@@ -393,7 +393,7 @@ build_show_peer(struct ctl_show_peer *cp
cp->jitter = sqrt(cp->jitter);
if (p->shift == 0)
- shift = OFFSET_ARRAY_SIZE - 1;
+ shift = conf->offset_array_size - 1;
else
shift = p->shift - 1;
@@ -424,14 +424,14 @@ build_show_sensor(struct ctl_show_sensor
@@ -424,7 +424,7 @@ build_show_sensor(struct ctl_show_sensor
now = getmonotime();
@ -464,14 +430,6 @@ Subject: Unhardcode majority of configuration settings, update manual
refid = refid == s->refid ? 0 : s->refid;
snprintf(cs->sensor_desc, sizeof(cs->sensor_desc),
"%s %.4s", s->device, (char *)&refid);
if (s->shift == 0)
- shift = SENSOR_OFFSETS - 1;
+ shift = conf->sensor_offsets - 1;
else
shift = s->shift - 1;
@@ -445,7 +445,7 @@ build_show_sensor(struct ctl_show_sensor
cs->good = s->update.good;
cs->stratum = s->offsets[shift].status.stratum;
@ -554,7 +512,7 @@ Subject: Unhardcode majority of configuration settings, update manual
res->ai_family != AF_INET6)
continue;
--- a/src/client.c 2020-08-02 02:04:55.666953258 +0300
+++ b/src/client.c 2020-08-02 02:05:18.690286616 +0300
+++ b/src/client.c 2020-08-03 23:12:14.368300303 +0300
@@ -57,7 +57,7 @@ client_peer_init(struct ntp_peer *p)
p->query->msg.status = MODE_CLIENT | (NTP_VERSION << 3);
p->state = STATE_NONE;
@ -684,42 +642,8 @@ Subject: Unhardcode majority of configuration settings, update manual
log_info("NTP client: NTP peer %s is valid now",
log_sockaddr((struct sockaddr *)&p->addr->ss));
p->trustlevel++;
@@ -486,7 +486,7 @@ client_dispatch(struct ntp_peer *p, u_in
priv_settime(p->reply[p->shift].offset, "");
}
- if (++p->shift >= OFFSET_ARRAY_SIZE)
+ if (++p->shift >= conf->offset_array_size)
p->shift = 0;
return (0);
@@ -504,13 +504,13 @@ client_update(struct ntp_peer *p)
* invalidate it and all older ones
*/
- for (i = 0; good == 0 && i < OFFSET_ARRAY_SIZE; i++)
+ for (i = 0; good == 0 && i < conf->offset_array_size; i++)
if (p->reply[i].good) {
good++;
best = i;
}
- for (; i < OFFSET_ARRAY_SIZE; i++)
+ for (; i < conf->offset_array_size; i++)
if (p->reply[i].good) {
good++;
if (p->reply[i].delay < p->reply[best].delay)
@@ -522,7 +522,7 @@ client_update(struct ntp_peer *p)
memcpy(&p->update, &p->reply[best], sizeof(p->update));
if (priv_adjtime() == 0) {
- for (i = 0; i < OFFSET_ARRAY_SIZE; i++)
+ for (i = 0; i < conf->offset_array_size; i++)
if (p->reply[i].rcvd <= p->reply[best].rcvd)
p->reply[i].good = 0;
}
--- a/src/ntpd.h 2020-08-01 01:27:06.000000000 +0300
+++ b/src/ntpd.h 2020-08-01 17:13:17.616919800 +0300
+++ b/src/ntpd.h 2020-08-03 23:10:00.839597442 +0300
@@ -56,6 +56,8 @@
#define INTERVAL_QUERY_AGGRESSIVE 5
#define INTERVAL_QUERY_ULTRA_VIOLENCE 1 /* used at startup for auto */
@ -747,7 +671,7 @@ Subject: Unhardcode majority of configuration settings, update manual
#define TRIES_AUTO_DNSFAIL 4 /* DNS tmpfail quick retries */
@@ -268,6 +270,63 @@ struct ntpd_conf {
@@ -268,6 +270,59 @@ struct ntpd_conf {
size_t ca_len;
int tmpfail;
char *pid_file;
@ -774,8 +698,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ double qscale_off_max;
+
+ int querytime_max;
+ int offset_array_size;
+ int sensor_offsets;
+ int settime_timeout;
+
+ int log_negligible_adjtime;
@ -786,8 +708,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+
+ int max_send_errors;
+
+ int max_display_width;
+
+ u_int8_t filter_adjfreq;
+
+ int auto_replies;
@ -811,7 +731,7 @@ Subject: Unhardcode majority of configuration settings, update manual
};
struct ctl_show_status {
@@ -363,6 +422,7 @@ extern struct ctl_conns ctl_conns;
@@ -363,6 +418,7 @@ extern struct ctl_conns ctl_conns;
/* parse.y */
int parse_config(const char *, struct ntpd_conf *);
@ -820,7 +740,7 @@ Subject: Unhardcode majority of configuration settings, update manual
/* config.c */
void host(const char *, struct ntp_addr **);
--- a/src/parse.y 2020-08-01 01:51:28.000000000 +0300
+++ b/src/parse.y 2020-08-01 21:17:48.293601924 +0300
+++ b/src/parse.y 2020-08-03 23:11:12.796264187 +0300
@@ -52,7 +52,6 @@ int yyerror(const char *, ...)
__attribute__((__format__ (printf, 1, 2)))
__attribute__((__nonnull__ (1)));
@ -845,7 +765,7 @@ Subject: Unhardcode majority of configuration settings, update manual
char *string;
struct ntp_addr_wrap *addr;
struct opts opts;
@@ -89,8 +91,68 @@ typedef struct {
@@ -89,8 +91,64 @@ typedef struct {
%token SERVER SERVERS SENSOR CORRECTION RTABLE REFID STRATUM WEIGHT
%token ERROR
%token PORT
@ -872,8 +792,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+%token _QSCALE_OFF_MAX
+
+%token _QUERYTIME_MAX
+%token _OFFSET_ARRAY_SIZE
+%token _SENSOR_OFFSETS
+%token _SETTIME_TIMEOUT
+
+%token _LOG_NEGLIGIBLE_ADJTIME
@ -884,8 +802,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+
+%token _MAX_SEND_ERRORS
+
+%token _MAX_DISPLAY_WIDTH
+
+%token _FILTER_ADJFREQ
+
+%token _AUTO_REPLIES
@ -914,7 +830,7 @@ Subject: Unhardcode majority of configuration settings, update manual
%type <v.addr> address url urllist
%type <v.opts> listen_opts listen_opts_l listen_opt
%type <v.opts> server_opts server_opts_l server_opt
@@ -103,6 +165,9 @@ typedef struct {
@@ -103,6 +161,9 @@ typedef struct {
%type <v.opts> weight
%type <v.opts> trusted
%type <v.opts> port
@ -924,7 +840,7 @@ Subject: Unhardcode majority of configuration settings, update manual
%%
grammar : /* empty */
@@ -385,6 +450,171 @@ main : LISTEN ON address listen_opts {
@@ -385,6 +446,161 @@ main : LISTEN ON address listen_opts {
free($2);
TAILQ_INSERT_TAIL(&conf->ntp_conf_sensors, s, entry);
}
@ -983,12 +899,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ | _QUERYTIME_MAX pos_num {
+ conf->querytime_max = $2.pos_num;
+ }
+ | _OFFSET_ARRAY_SIZE pos_num {
+ conf->offset_array_size = $2.pos_num;
+ }
+ | _SENSOR_OFFSETS pos_num {
+ conf->sensor_offsets = $2.pos_num;
+ }
+ | _SETTIME_TIMEOUT pos_num {
+ conf->settime_timeout = $2.pos_num;
+ }
@ -1011,10 +921,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ conf->max_send_errors = $2.pos_num;
+ }
+
+ | _MAX_DISPLAY_WIDTH pos_num {
+ conf->max_display_width = $2.pos_num;
+ }
+
+ | _AUTO_REPLIES pos_num {
+ conf->auto_replies = $2.pos_num;
+ }
@ -1096,7 +1002,7 @@ Subject: Unhardcode majority of configuration settings, update manual
;
address : STRING {
@@ -587,8 +817,12 @@ opts_default(void)
@@ -587,8 +803,12 @@ opts_default(void)
struct keywords {
const char *k_name;
int k_val;
@ -1109,7 +1015,7 @@ Subject: Unhardcode majority of configuration settings, update manual
int
yyerror(const char *fmt, ...)
{
@@ -611,37 +845,82 @@ kw_cmp(const void *k, const void *e)
@@ -611,37 +831,80 @@ kw_cmp(const void *k, const void *e)
return (strcmp(k, ((const struct keywords *)e)->k_name));
}
@ -1165,7 +1071,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ { "listen", LISTEN, "multiple" },
+ { "log_negligible_adjfreq", _LOG_NEGLIGIBLE_ADJFREQ, "single" },
+ { "log_negligible_adjtime", _LOG_NEGLIGIBLE_ADJTIME, "single" },
+ { "max_display_width", _MAX_DISPLAY_WIDTH, "single" },
+ { "max_frequency_adjust", _MAX_FREQUENCY_ADJUST, "single" },
+ { "max_send_errors", _MAX_SEND_ERRORS, "single" },
+ { "max_servers_dns", _MAX_SERVERS_DNS, "single" },
@ -1181,7 +1086,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ { "sensor", SENSOR, "multiple" },
+ { "sensor_data_maxage", _SENSOR_DATA_MAXAGE, "single" },
+ { "sensor_default_refid", _SENSOR_DEFAULT_REFID, "single" },
+ { "sensor_offsets", _SENSOR_OFFSETS, "single" },
+ { "sensor_query_interval", _SENSOR_QUERY_INTERVAL, "single" },
+ { "sensor_scan_interval", _SENSOR_SCAN_INTERVAL, "single" },
+ { "server", SERVER, "multiple" },
@ -1216,7 +1120,7 @@ Subject: Unhardcode majority of configuration settings, update manual
}
#define MAXPUSHBACK 128
@@ -743,8 +1022,9 @@ yylex(void)
@@ -743,8 +1006,9 @@ yylex(void)
{
u_char buf[8096];
u_char *p;
@ -1227,7 +1131,7 @@ Subject: Unhardcode majority of configuration settings, update manual
p = buf;
while ((c = lgetc(0)) == ' ' || c == '\t')
@@ -805,7 +1085,7 @@ yylex(void)
@@ -805,7 +1069,7 @@ yylex(void)
yyerror("string is too long");
return (findeol());
}
@ -1236,7 +1140,7 @@ Subject: Unhardcode majority of configuration settings, update manual
lungetc(c);
if (p == buf + 1 && buf[0] == '-')
goto nodigits;
@@ -816,10 +1096,23 @@ yylex(void)
@@ -816,10 +1080,23 @@ yylex(void)
yylval.v.number = strtonum(buf, LLONG_MIN,
LLONG_MAX, &errstr);
if (errstr) {
@ -1260,7 +1164,7 @@ Subject: Unhardcode majority of configuration settings, update manual
return (NUMBER);
} else {
nodigits:
@@ -847,11 +1140,47 @@ nodigits:
@@ -847,11 +1124,47 @@ nodigits:
} while ((c = lgetc(0)) != EOF && (allowed_in_string(c)));
lungetc(c);
*p = '\0';
@ -1312,7 +1216,7 @@ Subject: Unhardcode majority of configuration settings, update manual
if (c == '\n') {
yylval.lineno = file->lineno;
file->lineno++;
@@ -902,12 +1231,205 @@ popfile(void)
@@ -902,12 +1215,193 @@ popfile(void)
return (file ? 0 : EOF);
}
@ -1352,10 +1256,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+
+ /* single query might take n secs max */
+ conf->querytime_max = QUERYTIME_MAX; // 15;
+ /*Maximum number of allowed sensor offsets*/
+ conf->offset_array_size = OFFSET_ARRAY_SIZE; // 8;
+ /*Number of sensor offset values allowed for median offset value calculation*/
+ conf->sensor_offsets = SENSOR_OFFSETS; // 6;
+ /* max seconds to wait with -s */
+ conf->settime_timeout = SETTIME_TIMEOUT; // 100;
+
@ -1374,9 +1274,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ /* max send errors before reconnect */
+ conf->max_send_errors = MAX_SEND_ERRORS; // 3;
+
+ /* max chars in ctl_show report line */
+ conf->max_display_width = MAX_DISPLAY_WIDTH; // 80;
+
+ /* set after doing adjfreq */
+ conf->filter_adjfreq = FILTER_ADJFREQ; // 0x01;
+
@ -1433,9 +1330,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ fprintf(stdout, "Trust level (aggressive): %d\n", conf->trustlevel_aggressive);
+ fprintf(stdout, "Trust level (maximum): %d\n", conf->trustlevel_max);
+ fprintf(stdout, "\n");
+ fprintf(stdout, "Maximum number of allowed sensor offsets: %d\n", conf->offset_array_size);
+ fprintf(stdout, "Number of sensor offset values considered for median offset value calculation: %d\n", conf->sensor_offsets);
+ fprintf(stdout, "\n");
+ fprintf(stdout, "Query time (maximum): %d seconds\n", conf->querytime_max);
+ fprintf(stdout, "Start up timeout in auto mode: %d seconds\n", conf->settime_timeout);
+ fprintf(stdout, "\n");
@ -1452,8 +1346,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+ fprintf(stdout, "\n");
+ fprintf(stdout, "Maximum send errors before reconnection: %d\n", conf->max_send_errors);
+ fprintf(stdout, "\n");
+ fprintf(stdout, "Maximum number of characters per output line: %d\n", conf->max_display_width);
+ fprintf(stdout, "\n");
+
+ if ((conf->filter_adjfreq) == 0x01)
+ *boolean = "true";
@ -1518,7 +1410,7 @@ Subject: Unhardcode majority of configuration settings, update manual
TAILQ_INIT(&conf->listen_addrs);
TAILQ_INIT(&conf->ntp_peers);
TAILQ_INIT(&conf->ntp_conf_sensors);
@@ -922,5 +1444,18 @@ parse_config(const char *filename, struc
@@ -922,5 +1416,18 @@ parse_config(const char *filename, struc
errors = file->errors;
popfile();
@ -1538,7 +1430,7 @@ Subject: Unhardcode majority of configuration settings, update manual
return (errors ? -1 : 0);
}
--- a/src/ntpd.conf.5 2020-08-01 01:22:25.000000000 +0300
+++ b/src/ntpd.conf.5 2020-08-02 02:31:01.526954911 +0300
+++ b/src/ntpd.conf.5 2020-08-03 23:07:12.770476926 +0300
@@ -14,7 +14,7 @@
.\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
.\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
@ -1561,7 +1453,7 @@ Subject: Unhardcode majority of configuration settings, update manual
The basic configuration options are as follows:
.Bl -tag -width Ds
.It Xo Ic listen on Ar address
@@ -282,12 +284,523 @@ constraints from "https://www.google.com
@@ -282,12 +284,505 @@ constraints from "https://www.google.com
constraints from "https://duckduckgo.com/" port 443
.Ed
.El
@ -1925,16 +1817,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+32
+.El
+.Ed
+.It Ic max_display_width Ar number
+Maximum number of characters in a
+.Xr ntpctl 8
+report line (peers, status, sensors and all).
+.Bd -literal -offset indent
+.Bl -tag -width "Default:" -compact
+.It Default:
+80
+.El
+.Ed
+.It Ic max_frequency_adjust Ar decimal
+Maximum allowed frequency correction per iteration.
+.Bd -literal -offset indent
@ -2039,14 +1921,6 @@ Subject: Unhardcode majority of configuration settings, update manual
+"HARD"
+.El
+.Ed
+.It Ic sensor_offsets Ar seconds
+Maximum allowed sensor time offset in seconds.
+.Bd -literal -offset indent
+.Bl -tag -width "Default:" -compact
+.It Default:
+6
+.El
+.Ed
+.It Ic sensor_query_interval Ar seconds
+Sensor query interval in seconds.
+.Bd -literal -offset indent
@ -2085,8 +1959,8 @@ Subject: Unhardcode majority of configuration settings, update manual
.It Pa /etc/examples/ntpd.conf
Example configuration file.
.El
--- a/src/client.c 2020-08-02 02:05:18.690286616 +0300
+++ b/src/client.c 2020-08-02 02:05:30.260286629 +0300
--- a/src/client.c 2020-08-03 23:12:14.368300303 +0300
+++ b/src/client.c 2020-08-03 23:09:41.036264088 +0300
@@ -279,7 +279,7 @@ handle_auto(uint8_t trusted, double offs
}
/* collect some more */


+ 41
- 24
patches/7-patch_implement-openssl.patch View File

@ -1,5 +1,5 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:16 +0300
Subject: Implement OpenSSL support, update manual, update ChangeLog
@ -655,7 +655,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
get_string(u_int8_t *ptr, size_t len)
{
--- /dev/null 2020-07-26 15:23:52.401078754 +0300
+++ b/src/constraint-openssl.c 2020-08-01 19:56:30.010263450 +0300
+++ b/src/constraint-openssl.c 2020-08-03 19:23:54.377109002 +0300
@@ -0,0 +1,329 @@
+/*
+ * Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@ -877,7 +877,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
+ * or ANSI C's asctime() - the latter doesn't include
+ * the timezone which is required here.
+ */
+ if (strptime(p, "%a, %d %h %Y %T GMT",
+ if (strptime(p, IMF_FIXDATE,
+ &httpsdate->tls_tm) == NULL) {
+ log_warnx("constraint %s: unsupported date format",
+ ia_str
@ -1297,8 +1297,8 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
return (p);
}
--- a/src/ntpd.h 2020-08-01 17:13:17.616919800 +0300
+++ b/src/ntpd.h 2020-08-01 20:10:59.523597700 +0300
--- a/src/ntpd.h 2020-08-03 23:10:00.839597442 +0300
+++ b/src/ntpd.h 2020-08-03 23:25:02.978705101 +0300
@@ -31,6 +31,8 @@
#include <poll.h>
#include <imsg.h>
@ -1308,7 +1308,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
#include "ntp.h"
#include "log.h"
@@ -98,9 +100,20 @@
@@ -98,15 +100,29 @@
#define CONSTRAINT_SCAN_TIMEOUT (10)
#define CONSTRAINT_MARGIN (2.0*60)
@ -1330,7 +1330,16 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
#define PARENT_SOCK_FILENO CONSTRAINT_PASSFD
#define NTP_PROC_NAME "ntp_main"
@@ -268,6 +281,7 @@ struct ntpd_conf {
#define NTPDNS_PROC_NAME "ntp_dns"
#define CONSTRAINT_PROC_NAME "constraint"
+#define IMF_FIXDATE "%a, %d %h %Y %T GMT"
+#define X509_DATE "%Y-%m-%d %T UTC"
+
enum client_state {
STATE_NONE,
STATE_DNS_INPROGRESS,
@@ -268,6 +284,7 @@ struct ntpd_conf {
u_int constraint_errors;
u_int8_t *ca;
size_t ca_len;
@ -1338,7 +1347,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
int tmpfail;
char *pid_file;
@@ -326,7 +340,10 @@ struct ntpd_conf {
@@ -322,7 +339,10 @@ struct ntpd_conf {
int constraint_scan_timeout;
double constraint_margin;
@ -1350,7 +1359,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
};
struct ctl_show_status {
@@ -470,6 +487,55 @@ void priv_constraint_check_child(pid_t,
@@ -466,6 +486,55 @@ void priv_constraint_check_child(pid_t,
char *get_string(u_int8_t *, size_t);
int intlen(int);
@ -1406,9 +1415,9 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
/* util.c */
double gettime_corrected(void);
double gettime_from_timeval(struct timeval *);
--- a/src/ntpd.c 2020-08-01 17:13:23.406919806 +0300
+++ b/src/ntpd.c 2020-08-02 01:53:17.636952520 +0300
@@ -260,6 +260,20 @@ main(int argc, char *argv[])
--- a/src/ntpd.c 2020-08-03 23:48:03.062564686 +0300
+++ b/src/ntpd.c 2020-08-03 23:48:23.609231373 +0300
@@ -261,6 +261,20 @@ main(int argc, char *argv[])
if (lconf.automatic)
lconf.settime = 1;
@ -1429,7 +1438,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
if (pname != NULL) {
/* Remove our proc arguments, so child doesn't need to. */
if (sanitize_argv(&argc0, &argv0) == -1)
@@ -333,8 +347,10 @@ main(int argc, char *argv[])
@@ -334,8 +348,10 @@ main(int argc, char *argv[])
* Constraint processes are forked with certificates in memory,
* then privdrop into chroot before speaking to the outside world.
*/
@ -1442,8 +1451,16 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
if (unveil("/usr/sbin/ntpd", "x") == -1)
err(1, "main process: can't unveil ntpd executable for execute operations");
if (pledge("stdio rpath inet settime proc exec id", NULL) == -1)
--- a/src/ntp.c 2020-08-01 18:38:24.803591850 +0300
+++ b/src/ntp.c 2020-08-01 19:38:58.810262343 +0300
@@ -746,7 +762,6 @@ ctl_main(int argc, char *argv[], const s
memset(&sa, 0, sizeof(sa));
sa.sun_family = AF_UNIX;
-
if (strlcpy(sa.sun_path, sockname, sizeof(sa.sun_path)) >=
sizeof(sa.sun_path))
errx(1, "ntpctl: control socket name is too long");
--- a/src/ntp.c 2020-08-03 23:08:32.397143675 +0300
+++ b/src/ntp.c 2020-08-03 23:23:48.364816044 +0300
@@ -166,8 +166,22 @@ ntp_main(struct ntpd_conf *nconf, struct
constraint_cnt = 0;
conf->constraint_median = 0;
@ -1469,9 +1486,9 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
TAILQ_FOREACH(p, &conf->ntp_peers, entry)
client_peer_init(p);
--- a/src/parse.y 2020-08-01 21:17:48.293601924 +0300
+++ b/src/parse.y 2020-08-01 21:22:32.776935560 +0300
@@ -148,7 +148,10 @@ typedef struct {
--- a/src/parse.y 2020-08-03 23:11:12.796264187 +0300
+++ b/src/parse.y 2020-08-03 23:22:43.401482642 +0300
@@ -144,7 +144,10 @@ typedef struct {
%token _CONSTRAINT_SCAN_TIMEOUT
%token _CONSTRAINT_MARGIN
@ -1483,7 +1500,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
%token <v.string> STRING
%token <v.number> NUMBER
@@ -594,8 +597,35 @@ main : LISTEN ON address listen_opts {
@@ -580,8 +583,35 @@ main : LISTEN ON address listen_opts {
| _CONSTRAINT_MARGIN pos_num {
conf->constraint_margin = (double)$2.pos_num;
}
@ -1521,7 +1538,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
}
;
@@ -856,9 +886,12 @@ lookup(char *s)
@@ -842,9 +872,12 @@ lookup(char *s)
{ "auto_replies", _AUTO_REPLIES, "single" },
{ "auto_threshold", _AUTO_THRESHOLD, "single" },
{ "constraint", CONSTRAINT, "multiple" },
@ -1535,7 +1552,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
{ "constraint_retry_interval", _CONSTRAINT_RETRY_INTERVAL, "single" },
{ "constraint_scan_interval", _CONSTRAINT_SCAN_INTERVAL, "single" },
{ "constraint_scan_timeout", _CONSTRAINT_SCAN_TIMEOUT, "single" },
@@ -1319,7 +1352,10 @@ init_conf(struct ntpd_conf *conf)
@@ -1296,7 +1329,10 @@ init_conf(struct ntpd_conf *conf)
conf->constraint_scan_timeout = CONSTRAINT_SCAN_TIMEOUT; // 10;
conf->constraint_margin = CONSTRAINT_MARGIN; // 2.0*60;
@ -1547,7 +1564,7 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
}
void
@@ -1394,7 +1430,16 @@ print_conf(struct ntpd_conf *lconf)
@@ -1366,7 +1402,16 @@ print_conf(struct ntpd_conf *lconf)
fprintf(stdout, "Constraint retry interval: %d seconds\n", conf->constraint_retry_interval);
fprintf(stdout, "Constraint scan interval: %d seconds\n", conf->constraint_scan_interval);
fprintf(stdout, "Constraint scan timeout: %d seconds\n", conf->constraint_scan_timeout);
@ -1565,8 +1582,8 @@ Subject: Implement OpenSSL support, update manual, update ChangeLog
fprintf(stdout, "\n");
TAILQ_FOREACH(sens, &conf->ntp_conf_sensors, entry) {
--- a/src/ntpd.conf.5 2020-08-02 02:31:01.526954911 +0300
+++ b/src/ntpd.conf.5 2020-08-02 02:26:08.596954600 +0300
--- a/src/ntpd.conf.5 2020-08-03 23:07:12.770476926 +0300
+++ b/src/ntpd.conf.5 2020-08-03 23:21:11.124672226 +0300
@@ -14,7 +14,7 @@
.\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
.\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.


+ 3
- 12
patches/8-patch_update-conf.patch View File

@ -1,11 +1,11 @@
From: Pekka Helenius <fincer89@hotmail.com>
Date: Sun, 02 Aug 2020 20:55:36 +0300
Date: Tue, 04 Aug 2020 01:52:17 +0300
Subject: Update default configuration file
--- a/ntpd.conf 2020-07-31 23:00:50.000000000 +0300
+++ b/ntpd.conf 2020-08-02 02:30:41.706954890 +0300
@@ -1,11 +1,330 @@
+++ b/ntpd.conf 2020-08-03 23:19:18.951338773 +0300
@@ -1,11 +1,321 @@
-# $OpenBSD: ntpd.conf,v 1.16 2019/11/06 19:04:12 deraadt Exp $
-#
# See ntpd.conf(5) and /etc/examples/ntpd.conf
@ -260,11 +260,6 @@ Subject: Update default configuration file
+#
+# log_negligible_adjtime 32
+
+# Maximum number of characters in a ntpctl(8)
+# report line (peers, status, sensors and all).
+#
+# max_display_width 80
+
+# Maximum allowed frequency correction per iteration.
+#
+# max_frequency_adjust 0.0128
@ -326,10 +321,6 @@ Subject: Update default configuration file
+#
+# sensor_default_refid "HARD"
+
+# Maximum allowed sensor time offset in seconds.
+#
+# sensor_offsets 6
+
+# Sensor query interval in seconds.
+#
+# sensor_query_interval 15


Loading…
Cancel
Save