Skip to content
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
include/ntp.h
View file @ b0661b79
......@@ -615,11 +615,11 @@ struct pkt {
*/
#define PROTO_BROADCLIENT 1 /* (not used) */
#define PROTO_PRECISION 2 /* (not used) */
#define PROTO_AUTHENTICATE 3
#define PROTO_AUTHENTICATE 3 /* (not used) */
#define PROTO_BROADDELAY 4 /* (not used) */
#define PROTO_AUTHDELAY 5
#define PROTO_MULTICAST_ADD 6
#define PROTO_MULTICAST_DEL 7
#define PROTO_MULTICAST_ADD 6 /* (not used) */
#define PROTO_MULTICAST_DEL 7 /* (not used) */
#define PROTO_NTP 8
#define PROTO_KERNEL 9
#define PROTO_MONITOR 10
......@@ -672,6 +672,7 @@ struct pkt {
/*
* Default parameters. We use these in the absence of something better.
* (Historical relic - muliticast mode has been removed for security reasons.)
*/
#define INADDR_NTP 0xe0000101 /* NTP multicast address 224.0.1.1 */
......@@ -695,28 +696,25 @@ struct mon_data {
/*
* Values for cast_flags in mon_entry and struct peer. mon_entry uses
* only the first three, MDF_UCAST, MDF_MCAST, and MDF_BCAST.
* only MDF_UCAST and MDF_BCAST.
*/
#define MDF_UCAST 0x01 /* unicast client */
#define MDF_MCAST 0x02 /* multicast server */
#define MDF_MCAST 0x02 /* multicast server (not used) */
#define MDF_BCAST 0x04 /* broadcast server */
#define MDF_POOL 0x08 /* pool client solicitor */
#define MDF_ACAST 0x10 /* manycast client solicitor */
#define MDF_ACAST 0x10 /* manycast client solicitor (not used) */
#define MDF_BCLNT 0x20 /* eph. broadcast/multicast client (not used) */
#define MDF_UCLNT 0x40 /* preemptible manycast or pool client */
/*
* In the context of struct peer in ntpd, three of the cast_flags bits
* In the context of struct peer in ntpd, one cast_flags bit
* represent configured associations which never receive packets, and
* whose reach is always 0: MDF_BCAST, MDF_MCAST, and MDF_ACAST. The
* last can be argued as responses are received, but those responses do
* not affect the MDF_ACAST association's reach register, rather they
* (may) result in mobilizing ephemeral MDF_ACLNT associations.
* whose reach is always 0: MDF_BCAST
*/
#define MDF_TXONLY_MASK (MDF_BCAST | MDF_MCAST | MDF_ACAST | MDF_POOL)
#define MDF_TXONLY_MASK (MDF_BCAST | MDF_POOL)
/*
* manycastclient-like solicitor association cast_flags bits
*/
#define MDF_SOLICIT_MASK (MDF_ACAST | MDF_POOL)
#define MDF_SOLICIT_MASK MDF_POOL
/*
* Values used with mon_enabled to indicate reason for enabling monitoring
*/
......
include/ntpd.h
View file @ b0661b79
......@@ -186,7 +186,6 @@ extern void init_proto (const bool);
extern void set_sys_tick_precision(double);
extern void proto_config (int, u_long, double);
extern void proto_clr_stats (void);
extern void proto_dump(FILE *);
/* ntp_refclock.c */
#ifdef REFCLOCK
......@@ -398,7 +397,6 @@ extern int sys_minclock; /* minimum candidates */
/*
* Nonspecified system state variables.
*/
extern bool sys_authenticate; /* requre authentication for config */
extern l_fp sys_authdelay; /* authentication delay */
extern u_long sys_epoch; /* last clock update time */
extern keyid_t sys_private; /* private value for session seed */
......
ntpd/ntp_config.c
View file @ b0661b79
......@@ -225,13 +225,6 @@ static void free_config_ttl(config_tree *);
static void free_config_unpeers(config_tree *);
static void free_config_vars(config_tree *);
static void destroy_address_fifo(address_fifo *);
#define FREE_ADDRESS_FIFO(pf) \
do { \
destroy_address_fifo(pf); \
(pf) = NULL; \
} while (0)
void free_all_config_trees(void); /* atexit() */
static void free_config_tree(config_tree *ptree);
static void destroy_restrict_node(restrict_node *my_node);
......@@ -1137,25 +1130,6 @@ create_addr_opts_node(
* ------------------------------------------
*/
static void
destroy_address_fifo(
address_fifo * pfifo
)
{
address_node * addr_node;
if (pfifo != NULL) {
for (;;) {
UNLINK_FIFO(addr_node, *pfifo, link);
if (addr_node == NULL)
break;
destroy_address_node(addr_node);
}
free(pfifo);
}
}
static void
config_auth(
config_tree *ptree
......@@ -2690,18 +2664,12 @@ peer_config(
*/
switch (hmode) {
case MODE_BROADCAST:
if (IS_MCAST(srcadr))
cast_flags = MDF_MCAST;
else
cast_flags = MDF_BCAST;
cast_flags = MDF_BCAST;
break;
case MODE_CLIENT:
if (hostname != NULL && SOCK_UNSPEC(srcadr))
cast_flags = MDF_POOL;
else if (IS_MCAST(srcadr))
cast_flags = MDF_ACAST;
else
cast_flags = MDF_UCAST;
break;
......@@ -2720,7 +2688,7 @@ peer_config(
ctl->flags |= FLAG_CONFIG;
if (mode_ntpdate)
ctl->flags |= FLAG_IBURST;
if ((MDF_ACAST | MDF_POOL) & cast_flags)
if (MDF_POOL & cast_flags)
ctl->flags &= ~FLAG_PREEMPT;
return newpeer(srcadr, hostname, dstadr, hmode, ctl->version,
ctl->minpoll, ctl->maxpoll, ctl->flags,
......
ntpd/ntp_control.c
View file @ b0661b79
......@@ -697,7 +697,7 @@ ctl_error(
/*
* send packet and bump counters
*/
if (res_authenticate && sys_authenticate) {
if (res_authenticate) {
maclen = authencrypt(res_keyid, (uint32_t *)&rpkt,
CTL_HEADER_LEN);
sendpkt(rmt_addr, lcl_inter, -2, &rpkt, CTL_HEADER_LEN + maclen);
......@@ -803,8 +803,7 @@ process_control(
properlen = (properlen + 7) & ~7;
maclen = rbufp->recv_length - properlen;
if ((rbufp->recv_length & 3) == 0 &&
maclen >= MIN_MAC_LEN && maclen <= MAX_MAC_LEN &&
sys_authenticate) {
maclen >= MIN_MAC_LEN && maclen <= MAX_MAC_LEN) {
res_authenticate = true;
pkid = (void *)((char *)pkt + properlen);
res_keyid = ntohl(*pkid);
......@@ -970,7 +969,7 @@ ctl_flushpkt(
(res_opcode & CTL_OP_MASK);
rpkt.count = htons((u_short)dlen);
rpkt.offset = htons((u_short)res_offset);
if (res_authenticate && sys_authenticate) {
if (res_authenticate) {
totlen = sendlen;
/*
* If we are going to authenticate, then there
......
ntpd/ntp_io.c
View file @ b0661b79
......@@ -2422,9 +2422,7 @@ read_network_packet(
* put it on the full list and do bookkeeping.
*/
rb->dstadr = itf;
rb->cast_flags = (uint8_t)(((rb->dstadr->flags &
INT_MCASTOPEN) && rb->fd == rb->dstadr->fd) ? MDF_MCAST
: rb->fd == rb->dstadr->bfd ? MDF_BCAST : MDF_UCAST);
rb->cast_flags = (uint8_t)(rb->fd == rb->dstadr->bfd ? MDF_BCAST : MDF_UCAST);
rb->fd = fd;
#ifdef USE_PACKET_TIMESTAMP
/* pick up a network time stamp if possible */
......@@ -2685,8 +2683,7 @@ select_peerinterface(
*/
if (IS_PEER_REFCLOCK(peer)) {
ep = loopback_interface;
} else if (peer->cast_flags &
(MDF_BCLNT | MDF_ACAST | MDF_MCAST | MDF_BCAST)) {
} else if (peer->cast_flags & MDF_BCAST) {
ep = findbcastinter(srcadr);
if (ep != NULL)
DPRINTF(4, ("Found *-cast interface %s for address %s\n",
......
ntpd/ntp_parser.y
View file @ b0661b79
......@@ -1082,8 +1082,7 @@ system_option
;
system_option_flag_keyword
: T_Auth
| T_Calibrate
: T_Calibrate
| T_Kernel
| T_Monitor
| T_Ntp
......
ntpd/ntp_peer.c
View file @ b0661b79
......@@ -216,12 +216,8 @@ findexistingpeer_addr(
/*
* start_peer is included so we can locate instances of the
* same peer through different interfaces in the hash table.
* Without MDF_BCLNT, a match requires the same mode and remote
* address. MDF_BCLNT associations start out as MODE_CLIENT
* if broadcastdelay is not specified, and switch to
* MODE_BCLIENT after estimating the one-way delay. Duplicate
* associations are expanded in definition to match any other
* MDF_BCLNT with the same srcadr (remote, unicast address).
* A match requires the same mode and remote
* address.
*/
if (NULL == start_peer)
peer = peer_hash[NTP_HASH_ADDR(addr)];
......@@ -232,9 +228,7 @@ findexistingpeer_addr(
DPRINTF(3, ("%s %s %d %d 0x%x 0x%x ", sockporttoa(addr),
sockporttoa(&peer->srcadr), mode, peer->hmode,
(u_int)cast_flags, (u_int)peer->cast_flags));
if ((-1 == mode || peer->hmode == mode ||
((MDF_BCLNT & peer->cast_flags) &&
(MDF_BCLNT & cast_flags))) &&
if ((-1 == mode || peer->hmode == mode) &&
ADDR_PORT_EQ(addr, &peer->srcadr)) {
DPRINTF(3, ("found.\n"));
break;
......@@ -571,7 +565,6 @@ peer_refresh_interface(
)
{
endpt * niface;
endpt * piface;
niface = select_peerinterface(p, &p->srcadr, NULL);
......@@ -595,16 +588,7 @@ peer_refresh_interface(
DPRINTF(4, ("<NONE>\n"));
}
piface = p->dstadr;
set_peerdstadr(p, niface);
if (p->dstadr != NULL) {
/*
* clear crypto if we change the local address
*/
if (p->dstadr != piface && !(MDF_ACAST & p->cast_flags)
&& MODE_BROADCAST != p->pmode)
peer_clear(p, "XFAC", false);
}
}
......@@ -761,9 +745,7 @@ newpeer(
peer->keyid = key;
peer->precision = sys_precision;
peer->hpoll = peer->minpoll;
if (cast_flags & MDF_ACAST)
peer_clear(peer, "ACST", initializing);
else if (cast_flags & MDF_POOL)
if (cast_flags & MDF_POOL)
peer_clear(peer, "POOL", initializing);
else if (cast_flags & MDF_BCAST)
peer_clear(peer, "BCST", initializing);
......
ntpd/ntp_proto.c
View file @ b0661b79
......@@ -74,7 +74,6 @@ bool leap_sec_in_progress;
/*
* Nonspecified system state variables
*/
bool sys_authenticate; /* require authentication for config */
l_fp sys_authdelay; /* authentication delay */
double sys_offset; /* current local clock offset */
double sys_mindisp = MINDISPERSE; /* minimum distance (s) */
......@@ -403,8 +402,7 @@ i_require_authentication(
bool peer_has_key = peer != NULL && peer->keyid != 0;
bool wants_association =
PKT_MODE(pkt->li_vn_mode) == MODE_BROADCAST ||
(peer == NULL && PKT_MODE(pkt->li_vn_mode == MODE_ACTIVE)) ||
(peer != NULL && peer->cast_flags & MDF_ACAST);
(peer == NULL && PKT_MODE(pkt->li_vn_mode == MODE_ACTIVE));
bool restrict_nopeer =
(restrict_mask & RES_NOPEER) &&
wants_association;
......@@ -803,7 +801,7 @@ receive(
handle_manycast(rbufp, restrict_mask, pkt, peer, authenticated);
break;
default:
/* Everything else is for broadcast or multicast modes,
/* Everything else is for broadcast modes,
which are a security nightmare. So they go to the
bit bucket until this improves.
*/
......@@ -837,7 +835,7 @@ transmit(
* In broadcast mode the poll interval is never changed from
* minpoll.
*/
if (peer->cast_flags & (MDF_BCAST | MDF_MCAST)) {
if (peer->cast_flags & MDF_BCAST) {
peer->outdate = current_time;
if (sys_leap != LEAP_NOTINSYNC)
peer_xmit(peer);
......@@ -845,36 +843,6 @@ transmit(
return;
}
/*
* In manycast mode we start with unity ttl. The ttl is
* increased by one for each poll until either sys_maxclock
* servers have been found or the maximum ttl is reached. When
* sys_maxclock servers are found we stop polling until one or
* more servers have timed out or until less than sys_minclock
* associations turn up. In this case additional better servers
* are dragged in and preempt the existing ones. Once every
* sys_beacon seconds we are to transmit unconditionally, but
* this code is not quite right -- peer->unreach counts polls
* and is being compared with sys_beacon, so the beacons happen
* every sys_beacon polls.
*/
if (peer->cast_flags & MDF_ACAST) {
peer->outdate = current_time;
if (peer->unreach > sys_beacon) {
peer->unreach = 0;
peer->ttl = 0;
peer_xmit(peer);
} else if (sys_survivors < sys_minclock ||
peer_associations < sys_maxclock) {
if (peer->ttl < (uint32_t)sys_ttlmax)
peer->ttl++;
peer_xmit(peer);
}
peer->unreach++;
poll_update(peer, hpoll);
return;
}
/*
* Pool associations transmit unicast solicitations when there
* are less than a hard limit of 2 * sys_maxclock associations,
......@@ -2795,7 +2763,6 @@ init_proto(const bool verbose)
get_systime(&dummy);
sys_survivors = 0;
sys_manycastserver = 0;
sys_authenticate = true;
sys_stattime = current_time;
orphwait = current_time + sys_orphwait;
proto_clr_stats();
......@@ -2830,10 +2797,6 @@ proto_config(
/*
* enable and disable commands - arguments are Boolean.
*/
case PROTO_AUTHENTICATE: /* authentication (auth) */
sys_authenticate = (bool)value;
break;
#ifdef REFCLOCK
case PROTO_CAL: /* refclock calibrate (calibrate) */
cal_enable = value;
......@@ -2949,8 +2912,3 @@ proto_clr_stats(void)
sys_kodsent = 0;
}
void proto_dump(FILE *fp)
{
/* must cover at least anything that can be set on the command line */
fprintf(fp, "%sable auth;\n", sys_authenticate ? "en" : "dis");
}
ntpd/ntpd.c
View file @ b0661b79
......@@ -792,7 +792,6 @@ ntpdmain(
/* use this to test if option setting gives expected results */
if (dumpopts) {
proto_dump(stdout);
if (explicit_config)
fprintf(stdout, "conffile \"%s\";\n", explicit_config);
fprintf(stdout, "#debug = %d\n", debug);
......