@ -1,55 +0,0 @@ | |||||
From ec9ba68b495b4d866b3f8542ff054541aaae87fd Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Mon, 12 Jan 2015 21:16:54 -0600 | |||||
Subject: [PATCH 03/12] Use LOG_NTP syslog facility if it is available | |||||
FreeBSD PR: 114191 | |||||
Submitted by: Robert Archer <freebsd@deathbeforedecaf.net> | |||||
--- | |||||
src/usr.sbin/ntpd/log.c | 9 ++++++--- | |||||
1 file changed, 6 insertions(+), 3 deletions(-) | |||||
diff --git a/src/usr.sbin/ntpd/log.c b/src/usr.sbin/ntpd/log.c | |||||
index 1d8304b..5d34709 100644 | |||||
--- a/src/usr.sbin/ntpd/log.c | |||||
+++ b/src/usr.sbin/ntpd/log.c | |||||
@@ -17,7 +17,7 @@ | |||||
*/ | |||||
#include <sys/socket.h> | |||||
- | |||||
+#include <netinet/in.h> | |||||
#include <errno.h> | |||||
#include <netdb.h> | |||||
#include <pwd.h> | |||||
@@ -30,6 +30,10 @@ | |||||
#include "log.h" | |||||
+#ifndef LOG_NTP | |||||
+#define LOG_NTP LOG_DAEMON | |||||
+#endif | |||||
+ | |||||
#define TRACE_DEBUG 0x1 | |||||
static int foreground; | |||||
@@ -39,7 +43,6 @@ void vlog(int, const char *, va_list); | |||||
void logit(int, const char *, ...) | |||||
__attribute__((format (printf, 2, 3))); | |||||
- | |||||
void | |||||
log_init(int n_foreground) | |||||
{ | |||||
@@ -47,7 +50,7 @@ log_init(int n_foreground) | |||||
foreground = n_foreground; | |||||
if (! foreground) | |||||
- openlog(__progname, LOG_PID | LOG_NDELAY, LOG_DAEMON); | |||||
+ openlog(__progname, LOG_PID | LOG_NDELAY, LOG_NTP); | |||||
tzset(); | |||||
} | |||||
-- | |||||
2.6.3 | |||||
@ -1,53 +0,0 @@ | |||||
From c936d099934f3d85dae03e3ac54af2056788a96e Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Tue, 30 Dec 2014 09:02:50 -0600 | |||||
Subject: [PATCH 04/12] conditionally fill in sin_len/sin6_len if they exist | |||||
--- | |||||
src/usr.sbin/ntpd/config.c | 8 ++++++++ | |||||
1 file changed, 8 insertions(+) | |||||
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c | |||||
index c0a99b1..87de17a 100644 | |||||
--- a/src/usr.sbin/ntpd/config.c | |||||
+++ b/src/usr.sbin/ntpd/config.c | |||||
@@ -72,7 +72,9 @@ host_v4(const char *s) | |||||
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL) | |||||
fatal(NULL); | |||||
sa_in = (struct sockaddr_in *)&h->ss; | |||||
+#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN | |||||
sa_in->sin_len = sizeof(struct sockaddr_in); | |||||
+#endif | |||||
sa_in->sin_family = AF_INET; | |||||
sa_in->sin_addr.s_addr = ina.s_addr; | |||||
@@ -94,7 +96,9 @@ host_v6(const char *s) | |||||
if ((h = calloc(1, sizeof(struct ntp_addr))) == NULL) | |||||
fatal(NULL); | |||||
sa_in6 = (struct sockaddr_in6 *)&h->ss; | |||||
+#ifdef SIN6_LEN | |||||
sa_in6->sin6_len = sizeof(struct sockaddr_in6); | |||||
+#endif | |||||
sa_in6->sin6_family = AF_INET6; | |||||
memcpy(&sa_in6->sin6_addr, | |||||
&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr, | |||||
@@ -156,12 +160,16 @@ host_dns(const char *s, struct ntp_addr **hn) | |||||
h->ss.ss_family = res->ai_family; | |||||
if (res->ai_family == AF_INET) { | |||||
sa_in = (struct sockaddr_in *)&h->ss; | |||||
+#ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN | |||||
sa_in->sin_len = sizeof(struct sockaddr_in); | |||||
+#endif | |||||
sa_in->sin_addr.s_addr = ((struct sockaddr_in *) | |||||
res->ai_addr)->sin_addr.s_addr; | |||||
} else { | |||||
sa_in6 = (struct sockaddr_in6 *)&h->ss; | |||||
+#ifdef SIN6_LEN | |||||
sa_in6->sin6_len = sizeof(struct sockaddr_in6); | |||||
+#endif | |||||
memcpy(&sa_in6->sin6_addr, &((struct sockaddr_in6 *) | |||||
res->ai_addr)->sin6_addr, sizeof(struct in6_addr)); | |||||
} | |||||
-- | |||||
2.6.3 | |||||
@ -1,116 +0,0 @@ | |||||
From 9dcb2008acca9650e4cf05f10a051c1a94bde77e Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Tue, 30 Dec 2014 09:05:46 -0600 | |||||
Subject: [PATCH 05/12] check if rdomain support is available. | |||||
Handle FreeBSD's calling rdomain 'FIB'. | |||||
- from naddy@openbsd.org | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.h | 6 ++++++ | |||||
src/usr.sbin/ntpd/parse.y | 2 ++ | |||||
src/usr.sbin/ntpd/server.c | 15 ++++++++++++++- | |||||
3 files changed, 22 insertions(+), 1 deletion(-) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h | |||||
index f6507f2..fa2eb7a 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.h | |||||
+++ b/src/usr.sbin/ntpd/ntpd.h | |||||
@@ -41,6 +41,12 @@ | |||||
#define DRIFTFILE "/var/db/ntpd.drift" | |||||
#define CTLSOCKET "/var/run/ntpd.sock" | |||||
+#if defined(SO_SETFIB) | |||||
+#define SO_RTABLE SO_SETFIB | |||||
+#define SIOCGIFRDOMAIN SIOCGIFFIB | |||||
+#define ifr_rdomainid ifr_fib | |||||
+#endif | |||||
+ | |||||
#define INTERVAL_QUERY_NORMAL 30 /* sync to peers every n secs */ | |||||
#define INTERVAL_QUERY_PATHETIC 60 | |||||
#define INTERVAL_QUERY_AGGRESSIVE 5 | |||||
diff --git a/src/usr.sbin/ntpd/parse.y b/src/usr.sbin/ntpd/parse.y | |||||
index 6d50795..33fe13d 100644 | |||||
--- a/src/usr.sbin/ntpd/parse.y | |||||
+++ b/src/usr.sbin/ntpd/parse.y | |||||
@@ -404,11 +404,13 @@ weight : WEIGHT NUMBER { | |||||
opts.weight = $2; | |||||
} | |||||
rtable : RTABLE NUMBER { | |||||
+#ifdef RT_TABLEID_MAX | |||||
if ($2 < 0 || $2 > RT_TABLEID_MAX) { | |||||
yyerror("rtable must be between 1" | |||||
" and RT_TABLEID_MAX"); | |||||
YYERROR; | |||||
} | |||||
+#endif | |||||
opts.rtable = $2; | |||||
} | |||||
; | |||||
diff --git a/src/usr.sbin/ntpd/server.c b/src/usr.sbin/ntpd/server.c | |||||
index fb297d7..2e28b9b 100644 | |||||
--- a/src/usr.sbin/ntpd/server.c | |||||
+++ b/src/usr.sbin/ntpd/server.c | |||||
@@ -35,11 +35,16 @@ setup_listeners(struct servent *se, struct ntpd_conf *lconf, u_int *cnt) | |||||
struct listen_addr *la, *nla, *lap; | |||||
struct ifaddrs *ifa, *ifap; | |||||
struct sockaddr *sa; | |||||
+#ifdef SO_RTABLE | |||||
struct if_data *ifd; | |||||
+#endif | |||||
u_int8_t *a6; | |||||
size_t sa6len = sizeof(struct in6_addr); | |||||
u_int new_cnt = 0; | |||||
- int tos = IPTOS_LOWDELAY, rdomain = 0; | |||||
+ int tos = IPTOS_LOWDELAY; | |||||
+#ifdef SO_RTABLE | |||||
+ int rdomain = 0; | |||||
+#endif | |||||
TAILQ_FOREACH(lap, &lconf->listen_addrs, entry) { | |||||
switch (lap->sa.ss_family) { | |||||
@@ -51,15 +56,19 @@ setup_listeners(struct servent *se, struct ntpd_conf *lconf, u_int *cnt) | |||||
sa = ifap->ifa_addr; | |||||
if (sa == NULL || SA_LEN(sa) == 0) | |||||
continue; | |||||
+#ifdef SO_RTABLE | |||||
if (sa->sa_family == AF_LINK) { | |||||
ifd = ifap->ifa_data; | |||||
rdomain = ifd->ifi_rdomain; | |||||
} | |||||
+#endif | |||||
if (sa->sa_family != AF_INET && | |||||
sa->sa_family != AF_INET6) | |||||
continue; | |||||
+#ifdef SO_RTABLE | |||||
if (lap->rtable != -1 && rdomain != lap->rtable) | |||||
continue; | |||||
+#endif | |||||
if (sa->sa_family == AF_INET && | |||||
((struct sockaddr_in *)sa)->sin_addr.s_addr == | |||||
@@ -78,7 +87,9 @@ setup_listeners(struct servent *se, struct ntpd_conf *lconf, u_int *cnt) | |||||
fatal("setup_listeners calloc"); | |||||
memcpy(&la->sa, sa, SA_LEN(sa)); | |||||
+#ifdef SO_RTABLE | |||||
la->rtable = rdomain; | |||||
+#endif | |||||
TAILQ_INSERT_TAIL(&lconf->listen_addrs, la, entry); | |||||
} | |||||
@@ -123,10 +134,12 @@ setup_listeners(struct servent *se, struct ntpd_conf *lconf, u_int *cnt) | |||||
IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) == -1) | |||||
log_warn("setsockopt IPTOS_LOWDELAY"); | |||||
+#ifdef SO_RTABLE | |||||
if (la->rtable != -1 && | |||||
setsockopt(la->fd, SOL_SOCKET, SO_RTABLE, &la->rtable, | |||||
sizeof(la->rtable)) == -1) | |||||
fatal("setup_listeners setsockopt SO_RTABLE"); | |||||
+#endif | |||||
if (bind(la->fd, (struct sockaddr *)&la->sa, | |||||
SA_LEN((struct sockaddr *)&la->sa)) == -1) { | |||||
-- | |||||
2.6.3 | |||||
@ -1,53 +0,0 @@ | |||||
From 7ff884df5fdca1cf65650db6cc06235f5cc042ef Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Tue, 30 Dec 2014 09:20:03 -0600 | |||||
Subject: [PATCH 06/12] update ntpd.conf to indicate OS-dependent options | |||||
Also, clarify listening behavior based on a patch from | |||||
Dererk <dererk@debian.org> | |||||
Debian bug ID: 575705 | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.conf.5 | 11 ++++++++--- | |||||
1 file changed, 8 insertions(+), 3 deletions(-) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.conf.5 b/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
index af11a7e..87f94e8 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
+++ b/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
@@ -38,9 +38,14 @@ The basic configuration options are as follows: | |||||
.It Xo Ic listen on Ar address | |||||
.Op Ic rtable Ar table-id | |||||
.Xc | |||||
+.Xr ntpd 8 | |||||
+has the ability to sync the local clock to remote NTP servers and, if | |||||
+this directive is specified, can act as NTP server itself, redistributing the | |||||
+local clock. | |||||
+.Pp | |||||
Specify a local IP address or a hostname the | |||||
.Xr ntpd 8 | |||||
-daemon should listen on. | |||||
+daemon should listen on to enable remote clients synchronization. | |||||
If it appears multiple times, | |||||
.Xr ntpd 8 | |||||
will listen on each given address. | |||||
@@ -53,7 +58,7 @@ will listen on all local addresses using the specified routing table. | |||||
does not listen on any address by default. | |||||
The optional | |||||
.Ic rtable | |||||
-keyword will specify which routing table to listen on. | |||||
+keyword will specify which routing table to listen on, if the operating system supports rdomains. | |||||
By default | |||||
.Xr ntpd 8 | |||||
will listen using the current routing table. | |||||
@@ -76,7 +81,7 @@ listen on 127.0.0.1 rtable 4 | |||||
.Xc | |||||
Specify a timedelta sensor device | |||||
.Xr ntpd 8 | |||||
-should use. | |||||
+should use, if the operating system supports sensors. | |||||
The sensor can be specified multiple times: | |||||
.Xr ntpd 8 | |||||
will use each given sensor that actually exists. | |||||
-- | |||||
2.6.3 | |||||
@ -1,52 +0,0 @@ | |||||
From eb72af64c3304396f355b54cba266b4ed300b8c9 Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Thu, 1 Jan 2015 07:18:11 -0600 | |||||
Subject: [PATCH 07/12] allow overriding default user and file locations | |||||
Allow the build process to override the default ntpd file paths and | |||||
default user. | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.h | 18 +++++++++++++++--- | |||||
1 file changed, 15 insertions(+), 3 deletions(-) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h | |||||
index fa2eb7a..1383056 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.h | |||||
+++ b/src/usr.sbin/ntpd/ntpd.h | |||||
@@ -36,10 +36,20 @@ | |||||
#define MAXIMUM(a, b) ((a) > (b) ? (a) : (b)) | |||||
+#ifndef NTPD_USER | |||||
#define NTPD_USER "_ntp" | |||||
-#define CONFFILE "/etc/ntpd.conf" | |||||
-#define DRIFTFILE "/var/db/ntpd.drift" | |||||
-#define CTLSOCKET "/var/run/ntpd.sock" | |||||
+#endif | |||||
+ | |||||
+#ifndef SYSCONFDIR | |||||
+#define SYSCONFDIR "/etc" | |||||
+#endif | |||||
+#define CONFFILE SYSCONFDIR "/ntpd.conf" | |||||
+ | |||||
+#ifndef LOCALSTATEDIR | |||||
+#define LOCALSTATEDIR "/var" | |||||
+#endif | |||||
+#define DRIFTFILE LOCALSTATEDIR "/db/ntpd.drift" | |||||
+#define CTLSOCKET LOCALSTATEDIR "/run/ntpd.sock" | |||||
#if defined(SO_SETFIB) | |||||
#define SO_RTABLE SO_SETFIB | |||||
@@ -87,7 +97,9 @@ | |||||
#define CONSTRAINT_PORT "443" /* HTTPS port */ | |||||
#define CONSTRAINT_MAXHEADERLENGTH 8192 | |||||
#define CONSTRAINT_PASSFD (STDERR_FILENO + 1) | |||||
+#ifndef CONSTRAINT_CA | |||||
#define CONSTRAINT_CA "/etc/ssl/cert.pem" | |||||
+#endif | |||||
enum client_state { | |||||
STATE_NONE, | |||||
-- | |||||
2.6.3 | |||||
@ -1,150 +0,0 @@ | |||||
From 735b7714af879176149a9861d781b275e7079fb7 Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Wed, 31 Dec 2014 08:26:41 -0600 | |||||
Subject: [PATCH 08/12] add -p option to create a pid file | |||||
This is used in both the Gentoo and Debian ports. | |||||
Origin: https://bugs.gentoo.org/show_bug.cgi?id=493082 | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.8 | 4 ++++ | |||||
src/usr.sbin/ntpd/ntpd.c | 33 ++++++++++++++++++++++++++++----- | |||||
src/usr.sbin/ntpd/ntpd.h | 1 + | |||||
3 files changed, 33 insertions(+), 5 deletions(-) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.8 b/src/usr.sbin/ntpd/ntpd.8 | |||||
index dcfb6d2..1b885a1 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.8 | |||||
+++ b/src/usr.sbin/ntpd/ntpd.8 | |||||
@@ -25,6 +25,7 @@ | |||||
.Bk -words | |||||
.Op Fl dnSsv | |||||
.Op Fl f Ar file | |||||
+.Op Fl p Ar file | |||||
.Ek | |||||
.Sh DESCRIPTION | |||||
The | |||||
@@ -59,6 +60,9 @@ instead of the default | |||||
.It Fl n | |||||
Configtest mode. | |||||
Only check the configuration file for validity. | |||||
+.It Fl p Ar file | |||||
+Write pid to | |||||
+.Ar file | |||||
.It Fl S | |||||
Do not set the time immediately at startup. | |||||
This is the default. | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c | |||||
index 83b42ee..40570ee 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.c | |||||
+++ b/src/usr.sbin/ntpd/ntpd.c | |||||
@@ -86,6 +86,18 @@ sighdlr(int sig) | |||||
} | |||||
} | |||||
+void | |||||
+writepid(struct ntpd_conf *lconf) | |||||
+{ | |||||
+ if (lconf->pid_file != NULL) { | |||||
+ FILE *f = fopen(lconf->pid_file, "w"); | |||||
+ if (f == NULL) | |||||
+ fatal("couldn't open pid file"); | |||||
+ fprintf(f, "%ld\n", (long) getpid()); | |||||
+ fclose(f); | |||||
+ } | |||||
+} | |||||
+ | |||||
__dead void | |||||
usage(void) | |||||
{ | |||||
@@ -95,7 +107,7 @@ usage(void) | |||||
fprintf(stderr, | |||||
"usage: ntpctl -s all | peers | Sensors | status\n"); | |||||
else | |||||
- fprintf(stderr, "usage: %s [-dnSsv] [-f file]\n", | |||||
+ fprintf(stderr, "usage: %s [-dnSsv] [-f file] [-p file]\n", | |||||
__progname); | |||||
exit(1); | |||||
} | |||||
@@ -133,7 +145,7 @@ main(int argc, char *argv[]) | |||||
log_init(1); /* log to stderr until daemonized */ | |||||
- while ((ch = getopt(argc, argv, "df:nsSv")) != -1) { | |||||
+ while ((ch = getopt(argc, argv, "df:np:sSv")) != -1) { | |||||
switch (ch) { | |||||
case 'd': | |||||
lconf.debug = 1; | |||||
@@ -145,6 +157,9 @@ main(int argc, char *argv[]) | |||||
case 'n': | |||||
lconf.noaction = 1; | |||||
break; | |||||
+ case 'p': | |||||
+ lconf.pid_file = optarg; | |||||
+ break; | |||||
case 's': | |||||
lconf.settime = 1; | |||||
break; | |||||
@@ -189,9 +204,11 @@ main(int argc, char *argv[]) | |||||
reset_adjtime(); | |||||
if (!lconf.settime) { | |||||
log_init(lconf.debug); | |||||
- if (!lconf.debug) | |||||
+ if (!lconf.debug) { | |||||
if (daemon(1, 0)) | |||||
fatal("daemon"); | |||||
+ writepid(&lconf); | |||||
+ } | |||||
} else | |||||
timeout = SETTIME_TIMEOUT * 1000; | |||||
@@ -269,9 +286,11 @@ main(int argc, char *argv[]) | |||||
log_init(lconf.debug); | |||||
log_warnx("no reply received in time, skipping initial " | |||||
"time setting"); | |||||
- if (!lconf.debug) | |||||
+ if (!lconf.debug) { | |||||
if (daemon(1, 0)) | |||||
fatal("daemon"); | |||||
+ writepid(&lconf); | |||||
+ } | |||||
} | |||||
if (nfds > 0 && (pfd[PFD_PIPE].revents & POLLOUT)) | |||||
@@ -314,6 +333,8 @@ main(int argc, char *argv[]) | |||||
msgbuf_clear(&ibuf->w); | |||||
free(ibuf); | |||||
log_info("Terminating"); | |||||
+ if (lconf.pid_file != NULL) | |||||
+ unlink(lconf.pid_file); | |||||
return (0); | |||||
} | |||||
@@ -396,9 +417,11 @@ dispatch_imsg(struct ntpd_conf *lconf, const char *pw_dir, | |||||
memcpy(&d, imsg.data, sizeof(d)); | |||||
ntpd_settime(d); | |||||
/* daemonize now */ | |||||
- if (!lconf->debug) | |||||
+ if (!lconf->debug) { | |||||
if (daemon(1, 0)) | |||||
fatal("daemon"); | |||||
+ writepid(lconf); | |||||
+ } | |||||
lconf->settime = 0; | |||||
timeout = INFTIM; | |||||
break; | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.h b/src/usr.sbin/ntpd/ntpd.h | |||||
index 1383056..e542849 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.h | |||||
+++ b/src/usr.sbin/ntpd/ntpd.h | |||||
@@ -242,6 +242,7 @@ struct ntpd_conf { | |||||
u_int constraint_errors; | |||||
u_int8_t *ca; | |||||
size_t ca_len; | |||||
+ char *pid_file; | |||||
}; | |||||
struct ctl_show_status { | |||||
-- | |||||
2.6.3 | |||||
@ -1,60 +0,0 @@ | |||||
From 0c286469c195738efc45001b1fcd4f8b4044a141 Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Mon, 12 Jan 2015 06:18:31 -0600 | |||||
Subject: [PATCH 09/12] initialize setproctitle where needed | |||||
We need to save a copy of argv and __progname to avoid setproctitle | |||||
clobbering them. | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.c | 21 ++++++++++++++++++++- | |||||
1 file changed, 20 insertions(+), 1 deletion(-) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c | |||||
index 40570ee..3d0ceb2 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.c | |||||
+++ b/src/usr.sbin/ntpd/ntpd.c | |||||
@@ -116,6 +116,13 @@ usage(void) | |||||
#define PFD_PIPE 0 | |||||
#define PFD_MAX 1 | |||||
+/* Saves a copy of argv for setproctitle emulation */ | |||||
+#ifndef HAVE_SETPROCTITLE | |||||
+static char **saved_argv; | |||||
+#endif | |||||
+ | |||||
+char *get_progname(char *argv0); | |||||
+ | |||||
int | |||||
main(int argc, char *argv[]) | |||||
{ | |||||
@@ -145,6 +152,18 @@ main(int argc, char *argv[]) | |||||
log_init(1); /* log to stderr until daemonized */ | |||||
+ __progname = get_progname(argv[0]); | |||||
+ | |||||
+#ifndef HAVE_SETPROCTITLE | |||||
+ /* Prepare for later setproctitle emulation */ | |||||
+ saved_argv = calloc(argc + 1, sizeof(*saved_argv)); | |||||
+ for (i = 0; i < argc; i++) | |||||
+ saved_argv[i] = strdup(argv[i]); | |||||
+ saved_argv[i] = NULL; | |||||
+ compat_init_setproctitle(argc, argv); | |||||
+ argv = saved_argv; | |||||
+#endif | |||||
+ | |||||
while ((ch = getopt(argc, argv, "df:np:sSv")) != -1) { | |||||
switch (ch) { | |||||
case 'd': | |||||
@@ -549,7 +568,7 @@ readfreq(void) | |||||
freqfp = fopen(DRIFTFILE, "w"); | |||||
return; | |||||
} | |||||
- | |||||
+ | |||||
freqfp = fdopen(fd, "r+"); | |||||
/* if we're adjusting frequency already, don't override */ | |||||
-- | |||||
2.6.3 | |||||
@ -1,68 +0,0 @@ | |||||
From c685d444684c047721ce4c3789aa50eab7ed7a91 Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Fri, 27 Mar 2015 23:14:15 -0500 | |||||
Subject: [PATCH 10/12] Notify the user when constraint support is disabled. | |||||
Update the manpage and make a constraint line a fatal error if it is | |||||
configured but ntpd is built without libtls present. | |||||
From Paul B. Henson. | |||||
--- | |||||
src/usr.sbin/ntpd/config.c | 3 +++ | |||||
src/usr.sbin/ntpd/constraint.c | 2 ++ | |||||
src/usr.sbin/ntpd/ntpd.conf.5 | 7 +++++-- | |||||
3 files changed, 10 insertions(+), 2 deletions(-) | |||||
diff --git a/src/usr.sbin/ntpd/config.c b/src/usr.sbin/ntpd/config.c | |||||
index 87de17a..5a75030 100644 | |||||
--- a/src/usr.sbin/ntpd/config.c | |||||
+++ b/src/usr.sbin/ntpd/config.c | |||||
@@ -219,6 +219,9 @@ new_constraint(void) | |||||
p->id = ++constraint_maxid; | |||||
p->fd = -1; | |||||
+#ifndef HAVE_LIBTLS | |||||
+ fatal("constraint configured without libtls support"); | |||||
+#endif | |||||
return (p); | |||||
} | |||||
diff --git a/src/usr.sbin/ntpd/constraint.c b/src/usr.sbin/ntpd/constraint.c | |||||
index 3fc837f..72b3980 100644 | |||||
--- a/src/usr.sbin/ntpd/constraint.c | |||||
+++ b/src/usr.sbin/ntpd/constraint.c | |||||
@@ -288,12 +288,14 @@ priv_constraint_child(struct constraint *cstr, struct ntp_addr_msg *am, | |||||
if (setpriority(PRIO_PROCESS, 0, 0) == -1) | |||||
log_warn("could not set priority"); | |||||
+#ifdef HAVE_LIBTLS | |||||
/* Init TLS and load cert before chroot() */ | |||||
if (tls_init() == -1) | |||||
fatalx("tls_init"); | |||||
if ((conf->ca = tls_load_file(CONSTRAINT_CA, | |||||
&conf->ca_len, NULL)) == NULL) | |||||
log_warnx("constraint certificate verification turned off"); | |||||
+#endif | |||||
if (chroot(pw_dir) == -1) | |||||
fatal("chroot"); | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.conf.5 b/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
index 87f94e8..7f729d2 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
+++ b/src/usr.sbin/ntpd/ntpd.conf.5 | |||||
@@ -185,8 +185,11 @@ authenticated constraint, | |||||
thereby reducing the impact of unauthenticated NTP | |||||
man-in-the-middle attacks. | |||||
Received NTP packets with time information falling outside of a range | |||||
-near the constraint will be discarded and such NTP servers | |||||
-will be marked as invalid. | |||||
+near the constraint will be discarded and such NTP servers will be marked as | |||||
+invalid. Contraints are only available if | |||||
+.Xr ntpd 8 | |||||
+has been compiled with libtls support. Configuring a constraint without libtls | |||||
+support will result in a fatal error. | |||||
.Bl -tag -width Ds | |||||
.It Ic constraint from Ar url | |||||
Specify the URL, IP address or the hostname of an HTTPS server to | |||||
-- | |||||
2.6.3 | |||||
@ -1,33 +0,0 @@ | |||||
From 4a446e2cfe1792cd75af53b515fe0b71b6c97b0f Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <busterb@gmail.com> | |||||
Date: Mon, 4 May 2015 04:27:29 -0500 | |||||
Subject: [PATCH 11/12] add a method for updating the realtime clock on sync | |||||
from Christian Weisgerber | |||||
--- | |||||
src/usr.sbin/ntpd/ntpd.c | 2 ++ | |||||
1 file changed, 2 insertions(+) | |||||
diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c | |||||
index 3d0ceb2..eef7d2c 100644 | |||||
--- a/src/usr.sbin/ntpd/ntpd.c | |||||
+++ b/src/usr.sbin/ntpd/ntpd.c | |||||
@@ -54,6 +54,7 @@ const char *ctl_lookup_option(char *, const char **); | |||||
void show_status_msg(struct imsg *); | |||||
void show_peer_msg(struct imsg *, int); | |||||
void show_sensor_msg(struct imsg *, int); | |||||
+void update_time_sync_status(int); | |||||
volatile sig_atomic_t quit = 0; | |||||
volatile sig_atomic_t reconfig = 0; | |||||
@@ -486,6 +487,7 @@ ntpd_adjtime(double d) | |||||
else if (!firstadj && olddelta.tv_sec == 0 && olddelta.tv_usec == 0) | |||||
synced = 1; | |||||
firstadj = 0; | |||||
+ update_time_sync_status(synced); | |||||
return (synced); | |||||
} | |||||
-- | |||||
2.6.3 | |||||
@ -1,69 +0,0 @@ | |||||
From 585ee6ed92a06261aea08b05963789652f32a997 Mon Sep 17 00:00:00 2001 | |||||
From: Brent Cook <bcook@openbsd.org> | |||||
Date: Sun, 6 Dec 2015 22:35:38 -0600 | |||||
Subject: [PATCH 12/12] Deal with missing SO_TIMESTAMP | |||||
from Paul B. Henson" <henson@acm.org> | |||||
Fall back to the previous client.c implementation when it is not found. | |||||
--- | |||||
src/usr.sbin/ntpd/client.c | 10 +++++++++- | |||||
1 file changed, 9 insertions(+), 1 deletion(-) | |||||
diff --git a/src/usr.sbin/ntpd/client.c b/src/usr.sbin/ntpd/client.c | |||||
index 7ce3b38..edca87c 100644 | |||||
--- a/src/usr.sbin/ntpd/client.c | |||||
+++ b/src/usr.sbin/ntpd/client.c | |||||
@@ -163,10 +163,12 @@ client_query(struct ntp_peer *p) | |||||
if (p->addr->ss.ss_family == AF_INET && setsockopt(p->query->fd, | |||||
IPPROTO_IP, IP_TOS, &val, sizeof(val)) == -1) | |||||
log_warn("setsockopt IPTOS_LOWDELAY"); | |||||
+#ifdef SO_TIMESTAMP | |||||
val = 1; | |||||
if (setsockopt(p->query->fd, SOL_SOCKET, SO_TIMESTAMP, | |||||
&val, sizeof(val)) == -1) | |||||
fatal("setsockopt SO_TIMESTAMP"); | |||||
+#endif | |||||
} | |||||
/* | |||||
@@ -213,7 +215,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) | |||||
struct cmsghdr hdr; | |||||
char buf[CMSG_SPACE(sizeof(tv))]; | |||||
} cmsgbuf; | |||||
+#ifdef SO_TIMESTAMP | |||||
struct cmsghdr *cmsg; | |||||
+#endif | |||||
ssize_t size; | |||||
double T1, T2, T3, T4; | |||||
time_t interval; | |||||
@@ -226,7 +230,6 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) | |||||
somsg.msg_control = cmsgbuf.buf; | |||||
somsg.msg_controllen = sizeof(cmsgbuf.buf); | |||||
- T4 = getoffset(); | |||||
if ((size = recvmsg(p->query->fd, &somsg, 0)) == -1) { | |||||
if (errno == EHOSTUNREACH || errno == EHOSTDOWN || | |||||
errno == ENETUNREACH || errno == ENETDOWN || | |||||
@@ -251,6 +254,8 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) | |||||
return (0); | |||||
} | |||||
+#ifdef SO_TIMESTAMP | |||||
+ T4 = getoffset(); | |||||
for (cmsg = CMSG_FIRSTHDR(&somsg); cmsg != NULL; | |||||
cmsg = CMSG_NXTHDR(&somsg, cmsg)) { | |||||
if (cmsg->cmsg_level == SOL_SOCKET && | |||||
@@ -260,6 +265,9 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) | |||||
break; | |||||
} | |||||
} | |||||
+#else | |||||
+ T4 = gettime_corrected(); | |||||
+#endif | |||||
if (T4 < JAN_1970) { | |||||
client_log_error(p, "recvmsg control format", EBADF); | |||||
-- | |||||
2.6.3 | |||||