1 /* $NetBSD: ntp_proto.c,v 1.5 2013/12/28 03:20:14 christos Exp $ */ 2 3 /* 4 * ntp_proto.c - NTP version 4 protocol machinery 5 * 6 * ATTENTION: Get approval from Dave Mills on all changes to this file! 7 * 8 */ 9 #ifdef HAVE_CONFIG_H 10 #include <config.h> 11 #endif 12 13 #include "ntpd.h" 14 #include "ntp_stdlib.h" 15 #include "ntp_unixtime.h" 16 #include "ntp_control.h" 17 #include "ntp_string.h" 18 #include "ntp_leapsec.h" 19 20 #include <stdio.h> 21 #ifdef HAVE_LIBSCF_H 22 #include <libscf.h> 23 #endif 24 #ifdef HAVE_UNISTD_H 25 #include <unistd.h> 26 #endif 27 28 /* 29 * This macro defines the authentication state. If x is 1 authentication 30 * is required; othewise it is optional. 31 */ 32 #define AUTH(x, y) ((x) ? (y) == AUTH_OK : (y) == AUTH_OK || \ 33 (y) == AUTH_NONE) 34 35 #define AUTH_NONE 0 /* authentication not required */ 36 #define AUTH_OK 1 /* authentication OK */ 37 #define AUTH_ERROR 2 /* authentication error */ 38 #define AUTH_CRYPTO 3 /* crypto_NAK */ 39 40 /* 41 * traffic shaping parameters 42 */ 43 #define NTP_IBURST 6 /* packets in iburst */ 44 #define RESP_DELAY 1 /* refclock burst delay (s) */ 45 46 /* 47 * pool soliciting restriction duration (s) 48 */ 49 #define POOL_SOLICIT_WINDOW 8 50 51 /* 52 * peer_select groups statistics for a peer used by clock_select() and 53 * clock_cluster(). 54 */ 55 typedef struct peer_select_tag { 56 struct peer * peer; 57 double synch; /* sync distance */ 58 double error; /* jitter */ 59 double seljit; /* selection jitter */ 60 } peer_select; 61 62 /* 63 * System variables are declared here. Unless specified otherwise, all 64 * times are in seconds. 65 */ 66 u_char sys_leap; /* system leap indicator */ 67 u_char sys_stratum; /* system stratum */ 68 s_char sys_precision; /* local clock precision (log2 s) */ 69 double sys_rootdelay; /* roundtrip delay to primary source */ 70 double sys_rootdisp; /* dispersion to primary source */ 71 u_int32 sys_refid; /* reference id (network byte order) */ 72 l_fp sys_reftime; /* last update time */ 73 struct peer *sys_peer; /* current peer */ 74 75 /* 76 * Rate controls. Leaky buckets are used to throttle the packet 77 * transmission rates in order to protect busy servers such as at NIST 78 * and USNO. There is a counter for each association and another for KoD 79 * packets. The association counter decrements each second, but not 80 * below zero. Each time a packet is sent the counter is incremented by 81 * a configurable value representing the average interval between 82 * packets. A packet is delayed as long as the counter is greater than 83 * zero. Note this does not affect the time value computations. 84 */ 85 /* 86 * Nonspecified system state variables 87 */ 88 int sys_bclient; /* broadcast client enable */ 89 double sys_bdelay; /* broadcast client default delay */ 90 int sys_authenticate; /* requre authentication for config */ 91 l_fp sys_authdelay; /* authentication delay */ 92 double sys_offset; /* current local clock offset */ 93 double sys_mindisp = MINDISPERSE; /* minimum distance (s) */ 94 double sys_maxdist = MAXDISTANCE; /* selection threshold */ 95 double sys_jitter; /* system jitter */ 96 u_long sys_epoch; /* last clock update time */ 97 static double sys_clockhop; /* clockhop threshold */ 98 static int leap_vote_ins; /* leap consensus for insert */ 99 static int leap_vote_del; /* leap consensus for delete */ 100 keyid_t sys_private; /* private value for session seed */ 101 int sys_manycastserver; /* respond to manycast client pkts */ 102 int ntp_mode7; /* respond to ntpdc (mode7) */ 103 int peer_ntpdate; /* active peers in ntpdate mode */ 104 int sys_survivors; /* truest of the truechimers */ 105 char *sys_ident = NULL; /* identity scheme */ 106 107 /* 108 * TOS and multicast mapping stuff 109 */ 110 int sys_floor = 0; /* cluster stratum floor */ 111 int sys_ceiling = STRATUM_UNSPEC - 1; /* cluster stratum ceiling */ 112 int sys_minsane = 1; /* minimum candidates */ 113 int sys_minclock = NTP_MINCLOCK; /* minimum candidates */ 114 int sys_maxclock = NTP_MAXCLOCK; /* maximum candidates */ 115 int sys_cohort = 0; /* cohort switch */ 116 int sys_orphan = STRATUM_UNSPEC + 1; /* orphan stratum */ 117 int sys_orphwait = NTP_ORPHWAIT; /* orphan wait */ 118 int sys_beacon = BEACON; /* manycast beacon interval */ 119 int sys_ttlmax; /* max ttl mapping vector index */ 120 u_char sys_ttl[MAX_TTL]; /* ttl mapping vector */ 121 122 /* 123 * Statistics counters - first the good, then the bad 124 */ 125 u_long sys_stattime; /* elapsed time */ 126 u_long sys_received; /* packets received */ 127 u_long sys_processed; /* packets for this host */ 128 u_long sys_newversion; /* current version */ 129 u_long sys_oldversion; /* old version */ 130 u_long sys_restricted; /* access denied */ 131 u_long sys_badlength; /* bad length or format */ 132 u_long sys_badauth; /* bad authentication */ 133 u_long sys_declined; /* declined */ 134 u_long sys_limitrejected; /* rate exceeded */ 135 u_long sys_kodsent; /* KoD sent */ 136 137 static double root_distance (struct peer *); 138 static void clock_combine (peer_select *, int, int); 139 static void peer_xmit (struct peer *); 140 static void fast_xmit (struct recvbuf *, int, keyid_t, int); 141 static void pool_xmit (struct peer *); 142 static void clock_update (struct peer *); 143 static void measure_precision(void); 144 static double measure_tick_fuzz(void); 145 static int local_refid (struct peer *); 146 static int peer_unfit (struct peer *); 147 #ifdef AUTOKEY 148 static int group_test (char *, char *); 149 #endif /* AUTOKEY */ 150 #ifdef WORKER 151 void pool_name_resolved (int, int, void *, const char *, 152 const char *, const struct addrinfo *, 153 const struct addrinfo *); 154 #endif /* WORKER */ 155 156 157 /* 158 * transmit - transmit procedure called by poll timeout 159 */ 160 void 161 transmit( 162 struct peer *peer /* peer structure pointer */ 163 ) 164 { 165 u_char hpoll; 166 167 /* 168 * The polling state machine. There are two kinds of machines, 169 * those that never expect a reply (broadcast and manycast 170 * server modes) and those that do (all other modes). The dance 171 * is intricate... 172 */ 173 hpoll = peer->hpoll; 174 175 /* 176 * In broadcast mode the poll interval is never changed from 177 * minpoll. 178 */ 179 if (peer->cast_flags & (MDF_BCAST | MDF_MCAST)) { 180 peer->outdate = current_time; 181 if (sys_leap != LEAP_NOTINSYNC) 182 peer_xmit(peer); 183 poll_update(peer, hpoll); 184 return; 185 } 186 187 /* 188 * In manycast mode we start with unity ttl. The ttl is 189 * increased by one for each poll until either sys_maxclock 190 * servers have been found or the maximum ttl is reached. When 191 * sys_maxclock servers are found we stop polling until one or 192 * more servers have timed out or until less than sys_minclock 193 * associations turn up. In this case additional better servers 194 * are dragged in and preempt the existing ones. Once every 195 * sys_beacon seconds we are to transmit unconditionally, but 196 * this code is not quite right -- peer->unreach counts polls 197 * and is being compared with sys_beacon, so the beacons happen 198 * every sys_beacon polls. 199 */ 200 if (peer->cast_flags & MDF_ACAST) { 201 peer->outdate = current_time; 202 if (peer->unreach > sys_beacon) { 203 peer->unreach = 0; 204 peer->ttl = 0; 205 peer_xmit(peer); 206 } else if (sys_survivors < sys_minclock || 207 peer_associations < sys_maxclock) { 208 if (peer->ttl < (u_int32)sys_ttlmax) 209 peer->ttl++; 210 peer_xmit(peer); 211 } 212 peer->unreach++; 213 poll_update(peer, hpoll); 214 return; 215 } 216 217 /* 218 * Pool associations transmit unicast solicitations when there 219 * are less than a hard limit of 2 * sys_maxclock associations, 220 * and either less than sys_minclock survivors or less than 221 * sys_maxclock associations. The hard limit prevents unbounded 222 * growth in associations if the system clock or network quality 223 * result in survivor count dipping below sys_minclock often. 224 * This was observed testing with pool, where sys_maxclock == 12 225 * resulted in 60 associations without the hard limit. A 226 * similar hard limit on manycastclient ephemeral associations 227 * may be appropriate. 228 */ 229 if (peer->cast_flags & MDF_POOL) { 230 peer->outdate = current_time; 231 if ((peer_associations <= 2 * sys_maxclock) && 232 (peer_associations < sys_maxclock || 233 sys_survivors < sys_minclock)) 234 pool_xmit(peer); 235 poll_update(peer, hpoll); 236 return; 237 } 238 239 /* 240 * In unicast modes the dance is much more intricate. It is 241 * designed to back off whenever possible to minimize network 242 * traffic. 243 */ 244 if (peer->burst == 0) { 245 u_char oreach; 246 247 /* 248 * Update the reachability status. If not heard for 249 * three consecutive polls, stuff infinity in the clock 250 * filter. 251 */ 252 oreach = peer->reach; 253 peer->outdate = current_time; 254 peer->unreach++; 255 peer->reach <<= 1; 256 if (!peer->reach) { 257 258 /* 259 * Here the peer is unreachable. If it was 260 * previously reachable raise a trap. Send a 261 * burst if enabled. 262 */ 263 clock_filter(peer, 0., 0., MAXDISPERSE); 264 if (oreach) { 265 peer_unfit(peer); 266 report_event(PEVNT_UNREACH, peer, NULL); 267 } 268 if ((peer->flags & FLAG_IBURST) && 269 peer->retry == 0) 270 peer->retry = NTP_RETRY; 271 } else { 272 273 /* 274 * Here the peer is reachable. Send a burst if 275 * enabled and the peer is fit. Reset unreach 276 * for persistent and ephemeral associations. 277 * Unreach is also reset for survivors in 278 * clock_select(). 279 */ 280 hpoll = sys_poll; 281 if (!(peer->flags & FLAG_PREEMPT)) 282 peer->unreach = 0; 283 if ((peer->flags & FLAG_BURST) && peer->retry == 284 0 && !peer_unfit(peer)) 285 peer->retry = NTP_RETRY; 286 } 287 288 /* 289 * Watch for timeout. If ephemeral, toss the rascal; 290 * otherwise, bump the poll interval. Note the 291 * poll_update() routine will clamp it to maxpoll. 292 * If preemptible and we have more peers than maxclock, 293 * and this peer has the minimum score of preemptibles, 294 * demobilize. 295 */ 296 if (peer->unreach >= NTP_UNREACH) { 297 hpoll++; 298 /* ephemeral: no FLAG_CONFIG nor FLAG_PREEMPT */ 299 if (!(peer->flags & (FLAG_CONFIG | FLAG_PREEMPT))) { 300 report_event(PEVNT_RESTART, peer, "timeout"); 301 peer_clear(peer, "TIME"); 302 unpeer(peer); 303 return; 304 } 305 if ((peer->flags & FLAG_PREEMPT) && 306 (peer_associations > sys_maxclock) && 307 score_all(peer)) { 308 report_event(PEVNT_RESTART, peer, "timeout"); 309 peer_clear(peer, "TIME"); 310 unpeer(peer); 311 return; 312 } 313 } 314 } else { 315 peer->burst--; 316 if (peer->burst == 0) { 317 318 /* 319 * If ntpdate mode and the clock has not been 320 * set and all peers have completed the burst, 321 * we declare a successful failure. 322 */ 323 if (mode_ntpdate) { 324 peer_ntpdate--; 325 if (peer_ntpdate == 0) { 326 msyslog(LOG_NOTICE, 327 "ntpd: no servers found"); 328 if (!msyslog_term) 329 printf( 330 "ntpd: no servers found\n"); 331 exit (0); 332 } 333 } 334 } 335 } 336 if (peer->retry > 0) 337 peer->retry--; 338 339 /* 340 * Do not transmit if in broadcast client mode. 341 */ 342 if (peer->hmode != MODE_BCLIENT) 343 peer_xmit(peer); 344 poll_update(peer, hpoll); 345 } 346 347 348 /* 349 * receive - receive procedure called for each packet received 350 */ 351 void 352 receive( 353 struct recvbuf *rbufp 354 ) 355 { 356 register struct peer *peer; /* peer structure pointer */ 357 register struct pkt *pkt; /* receive packet pointer */ 358 u_char hisversion; /* packet version */ 359 u_char hisleap; /* packet leap indicator */ 360 u_char hismode; /* packet mode */ 361 u_char hisstratum; /* packet stratum */ 362 u_short restrict_mask; /* restrict bits */ 363 int has_mac; /* length of MAC field */ 364 int authlen; /* offset of MAC field */ 365 int is_authentic = 0; /* cryptosum ok */ 366 int retcode = AM_NOMATCH; /* match code */ 367 keyid_t skeyid = 0; /* key IDs */ 368 u_int32 opcode = 0; /* extension field opcode */ 369 sockaddr_u *dstadr_sin; /* active runway */ 370 struct peer *peer2; /* aux peer structure pointer */ 371 endpt * match_ep; /* newpeer() local address */ 372 l_fp p_org; /* origin timestamp */ 373 l_fp p_rec; /* receive timestamp */ 374 l_fp p_xmt; /* transmit timestamp */ 375 #ifdef AUTOKEY 376 char hostname[NTP_MAXSTRLEN + 1]; 377 char *groupname = NULL; 378 struct autokey *ap; /* autokey structure pointer */ 379 int rval; /* cookie snatcher */ 380 keyid_t pkeyid = 0, tkeyid = 0; /* key IDs */ 381 #endif /* AUTOKEY */ 382 #ifdef HAVE_NTP_SIGND 383 static unsigned char zero_key[16]; 384 #endif /* HAVE_NTP_SIGND */ 385 386 /* 387 * Monitor the packet and get restrictions. Note that the packet 388 * length for control and private mode packets must be checked 389 * by the service routines. Some restrictions have to be handled 390 * later in order to generate a kiss-o'-death packet. 391 */ 392 /* 393 * Bogus port check is before anything, since it probably 394 * reveals a clogging attack. 395 */ 396 sys_received++; 397 if (0 == SRCPORT(&rbufp->recv_srcadr)) { 398 sys_badlength++; 399 return; /* bogus port */ 400 } 401 restrict_mask = restrictions(&rbufp->recv_srcadr); 402 DPRINTF(2, ("receive: at %ld %s<-%s flags %x restrict %03x\n", 403 current_time, stoa(&rbufp->dstadr->sin), 404 stoa(&rbufp->recv_srcadr), 405 rbufp->dstadr->flags, restrict_mask)); 406 pkt = &rbufp->recv_pkt; 407 hisversion = PKT_VERSION(pkt->li_vn_mode); 408 hisleap = PKT_LEAP(pkt->li_vn_mode); 409 hismode = (int)PKT_MODE(pkt->li_vn_mode); 410 hisstratum = PKT_TO_STRATUM(pkt->stratum); 411 if (restrict_mask & RES_IGNORE) { 412 sys_restricted++; 413 return; /* ignore everything */ 414 } 415 if (hismode == MODE_PRIVATE) { 416 if (!ntp_mode7 || (restrict_mask & RES_NOQUERY)) { 417 sys_restricted++; 418 return; /* no query private */ 419 } 420 process_private(rbufp, ((restrict_mask & 421 RES_NOMODIFY) == 0)); 422 return; 423 } 424 if (hismode == MODE_CONTROL) { 425 if (restrict_mask & RES_NOQUERY) { 426 sys_restricted++; 427 return; /* no query control */ 428 } 429 process_control(rbufp, restrict_mask); 430 return; 431 } 432 if (restrict_mask & RES_DONTSERVE) { 433 sys_restricted++; 434 return; /* no time serve */ 435 } 436 437 /* 438 * This is for testing. If restricted drop ten percent of 439 * surviving packets. 440 */ 441 if (restrict_mask & RES_FLAKE) { 442 if ((double)ntp_random() / 0x7fffffff < .1) { 443 sys_restricted++; 444 return; /* no flakeway */ 445 } 446 } 447 448 /* 449 * Version check must be after the query packets, since they 450 * intentionally use an early version. 451 */ 452 if (hisversion == NTP_VERSION) { 453 sys_newversion++; /* new version */ 454 } else if (!(restrict_mask & RES_VERSION) && hisversion >= 455 NTP_OLDVERSION) { 456 sys_oldversion++; /* previous version */ 457 } else { 458 sys_badlength++; 459 return; /* old version */ 460 } 461 462 /* 463 * Figure out his mode and validate the packet. This has some 464 * legacy raunch that probably should be removed. In very early 465 * NTP versions mode 0 was equivalent to what later versions 466 * would interpret as client mode. 467 */ 468 if (hismode == MODE_UNSPEC) { 469 if (hisversion == NTP_OLDVERSION) { 470 hismode = MODE_CLIENT; 471 } else { 472 sys_badlength++; 473 return; /* invalid mode */ 474 } 475 } 476 477 /* 478 * Parse the extension field if present. We figure out whether 479 * an extension field is present by measuring the MAC size. If 480 * the number of words following the packet header is 0, no MAC 481 * is present and the packet is not authenticated. If 1, the 482 * packet is a crypto-NAK; if 3, the packet is authenticated 483 * with DES; if 5, the packet is authenticated with MD5; if 6, 484 * the packet is authenticated with SHA. If 2 or * 4, the packet 485 * is a runt and discarded forthwith. If greater than 6, an 486 * extension field is present, so we subtract the length of the 487 * field and go around again. 488 */ 489 authlen = LEN_PKT_NOMAC; 490 has_mac = rbufp->recv_length - authlen; 491 while (has_mac != 0) { 492 u_int32 len; 493 #ifdef AUTOKEY 494 u_int32 hostlen; 495 struct exten *ep; 496 #endif /*AUTOKEY */ 497 498 if (has_mac % 4 != 0 || has_mac < (int)MIN_MAC_LEN) { 499 sys_badlength++; 500 return; /* bad length */ 501 } 502 if (has_mac <= (int)MAX_MAC_LEN) { 503 skeyid = ntohl(((u_int32 *)pkt)[authlen / 4]); 504 break; 505 506 } else { 507 opcode = ntohl(((u_int32 *)pkt)[authlen / 4]); 508 len = opcode & 0xffff; 509 if (len % 4 != 0 || len < 4 || (int)len + 510 authlen > rbufp->recv_length) { 511 sys_badlength++; 512 return; /* bad length */ 513 } 514 #ifdef AUTOKEY 515 /* 516 * Extract calling group name for later. If 517 * sys_groupname is non-NULL, there must be 518 * a group name provided to elicit a response. 519 */ 520 if ((opcode & 0x3fff0000) == CRYPTO_ASSOC && 521 sys_groupname != NULL) { 522 ep = (struct exten *)&((u_int32 *)pkt)[authlen / 4]; 523 hostlen = ntohl(ep->vallen); 524 if (hostlen >= sizeof(hostname) || 525 hostlen > len - 526 offsetof(struct exten, pkt)) { 527 sys_badlength++; 528 return; /* bad length */ 529 } 530 memcpy(hostname, &ep->pkt, hostlen); 531 hostname[hostlen] = '\0'; 532 groupname = strchr(hostname, '@'); 533 if (groupname == NULL) { 534 sys_declined++; 535 return; 536 } 537 groupname++; 538 } 539 #endif /* AUTOKEY */ 540 authlen += len; 541 has_mac -= len; 542 } 543 } 544 545 /* 546 * If authentication required, a MAC must be present. 547 */ 548 if (restrict_mask & RES_DONTTRUST && has_mac == 0) { 549 sys_restricted++; 550 return; /* access denied */ 551 } 552 553 /* 554 * Update the MRU list and finger the cloggers. It can be a 555 * little expensive, so turn it off for production use. 556 * RES_LIMITED and RES_KOD will be cleared in the returned 557 * restrict_mask unless one or both actions are warranted. 558 */ 559 restrict_mask = ntp_monitor(rbufp, restrict_mask); 560 if (restrict_mask & RES_LIMITED) { 561 sys_limitrejected++; 562 if (!(restrict_mask & RES_KOD) || MODE_BROADCAST == 563 hismode || MODE_SERVER == hismode) { 564 if (MODE_SERVER == hismode) 565 DPRINTF(1, ("Possibly self-induced rate limiting of MODE_SERVER from %s\n", 566 stoa(&rbufp->recv_srcadr))); 567 return; /* rate exceeded */ 568 } 569 if (hismode == MODE_CLIENT) 570 fast_xmit(rbufp, MODE_SERVER, skeyid, 571 restrict_mask); 572 else 573 fast_xmit(rbufp, MODE_ACTIVE, skeyid, 574 restrict_mask); 575 return; /* rate exceeded */ 576 } 577 restrict_mask &= ~RES_KOD; 578 579 /* 580 * We have tossed out as many buggy packets as possible early in 581 * the game to reduce the exposure to a clogging attack. Now we 582 * have to burn some cycles to find the association and 583 * authenticate the packet if required. Note that we burn only 584 * digest cycles, again to reduce exposure. There may be no 585 * matching association and that's okay. 586 * 587 * More on the autokey mambo. Normally the local interface is 588 * found when the association was mobilized with respect to a 589 * designated remote address. We assume packets arriving from 590 * the remote address arrive via this interface and the local 591 * address used to construct the autokey is the unicast address 592 * of the interface. However, if the sender is a broadcaster, 593 * the interface broadcast address is used instead. 594 * Notwithstanding this technobabble, if the sender is a 595 * multicaster, the broadcast address is null, so we use the 596 * unicast address anyway. Don't ask. 597 */ 598 peer = findpeer(rbufp, hismode, &retcode); 599 dstadr_sin = &rbufp->dstadr->sin; 600 NTOHL_FP(&pkt->org, &p_org); 601 NTOHL_FP(&pkt->rec, &p_rec); 602 NTOHL_FP(&pkt->xmt, &p_xmt); 603 604 /* 605 * Authentication is conditioned by three switches: 606 * 607 * NOPEER (RES_NOPEER) do not mobilize an association unless 608 * authenticated 609 * NOTRUST (RES_DONTTRUST) do not allow access unless 610 * authenticated (implies NOPEER) 611 * enable (sys_authenticate) master NOPEER switch, by default 612 * on 613 * 614 * The NOPEER and NOTRUST can be specified on a per-client basis 615 * using the restrict command. The enable switch if on implies 616 * NOPEER for all clients. There are four outcomes: 617 * 618 * NONE The packet has no MAC. 619 * OK the packet has a MAC and authentication succeeds 620 * ERROR the packet has a MAC and authentication fails 621 * CRYPTO crypto-NAK. The MAC has four octets only. 622 * 623 * Note: The AUTH(x, y) macro is used to filter outcomes. If x 624 * is zero, acceptable outcomes of y are NONE and OK. If x is 625 * one, the only acceptable outcome of y is OK. 626 */ 627 628 if (has_mac == 0) { 629 restrict_mask &= ~RES_MSSNTP; 630 is_authentic = AUTH_NONE; /* not required */ 631 #ifdef DEBUG 632 if (debug) 633 printf( 634 "receive: at %ld %s<-%s mode %d len %d\n", 635 current_time, stoa(dstadr_sin), 636 stoa(&rbufp->recv_srcadr), hismode, 637 authlen); 638 #endif 639 } else if (has_mac == 4) { 640 restrict_mask &= ~RES_MSSNTP; 641 is_authentic = AUTH_CRYPTO; /* crypto-NAK */ 642 #ifdef DEBUG 643 if (debug) 644 printf( 645 "receive: at %ld %s<-%s mode %d keyid %08x len %d auth %d\n", 646 current_time, stoa(dstadr_sin), 647 stoa(&rbufp->recv_srcadr), hismode, skeyid, 648 authlen + has_mac, is_authentic); 649 #endif 650 651 #ifdef HAVE_NTP_SIGND 652 /* 653 * If the signature is 20 bytes long, the last 16 of 654 * which are zero, then this is a Microsoft client 655 * wanting AD-style authentication of the server's 656 * reply. 657 * 658 * This is described in Microsoft's WSPP docs, in MS-SNTP: 659 * http://msdn.microsoft.com/en-us/library/cc212930.aspx 660 */ 661 } else if (has_mac == MAX_MD5_LEN && (restrict_mask & RES_MSSNTP) && 662 (retcode == AM_FXMIT || retcode == AM_NEWPASS) && 663 (memcmp(zero_key, (char *)pkt + authlen + 4, MAX_MD5_LEN - 4) == 664 0)) { 665 is_authentic = AUTH_NONE; 666 #endif /* HAVE_NTP_SIGND */ 667 668 } else { 669 restrict_mask &= ~RES_MSSNTP; 670 #ifdef AUTOKEY 671 /* 672 * For autokey modes, generate the session key 673 * and install in the key cache. Use the socket 674 * broadcast or unicast address as appropriate. 675 */ 676 if (crypto_flags && skeyid > NTP_MAXKEY) { 677 678 /* 679 * More on the autokey dance (AKD). A cookie is 680 * constructed from public and private values. 681 * For broadcast packets, the cookie is public 682 * (zero). For packets that match no 683 * association, the cookie is hashed from the 684 * addresses and private value. For server 685 * packets, the cookie was previously obtained 686 * from the server. For symmetric modes, the 687 * cookie was previously constructed using an 688 * agreement protocol; however, should PKI be 689 * unavailable, we construct a fake agreement as 690 * the EXOR of the peer and host cookies. 691 * 692 * hismode ephemeral persistent 693 * ======================================= 694 * active 0 cookie# 695 * passive 0% cookie# 696 * client sys cookie 0% 697 * server 0% sys cookie 698 * broadcast 0 0 699 * 700 * # if unsync, 0 701 * % can't happen 702 */ 703 if (has_mac < (int)MAX_MD5_LEN) { 704 sys_badauth++; 705 return; 706 } 707 if (hismode == MODE_BROADCAST) { 708 709 /* 710 * For broadcaster, use the interface 711 * broadcast address when available; 712 * otherwise, use the unicast address 713 * found when the association was 714 * mobilized. However, if this is from 715 * the wildcard interface, game over. 716 */ 717 if (crypto_flags && rbufp->dstadr == 718 ANY_INTERFACE_CHOOSE(&rbufp->recv_srcadr)) { 719 sys_restricted++; 720 return; /* no wildcard */ 721 } 722 pkeyid = 0; 723 if (!SOCK_UNSPEC(&rbufp->dstadr->bcast)) 724 dstadr_sin = 725 &rbufp->dstadr->bcast; 726 } else if (peer == NULL) { 727 pkeyid = session_key( 728 &rbufp->recv_srcadr, dstadr_sin, 0, 729 sys_private, 0); 730 } else { 731 pkeyid = peer->pcookie; 732 } 733 734 /* 735 * The session key includes both the public 736 * values and cookie. In case of an extension 737 * field, the cookie used for authentication 738 * purposes is zero. Note the hash is saved for 739 * use later in the autokey mambo. 740 */ 741 if (authlen > (int)LEN_PKT_NOMAC && pkeyid != 0) { 742 session_key(&rbufp->recv_srcadr, 743 dstadr_sin, skeyid, 0, 2); 744 tkeyid = session_key( 745 &rbufp->recv_srcadr, dstadr_sin, 746 skeyid, pkeyid, 0); 747 } else { 748 tkeyid = session_key( 749 &rbufp->recv_srcadr, dstadr_sin, 750 skeyid, pkeyid, 2); 751 } 752 753 } 754 #endif /* AUTOKEY */ 755 756 /* 757 * Compute the cryptosum. Note a clogging attack may 758 * succeed in bloating the key cache. If an autokey, 759 * purge it immediately, since we won't be needing it 760 * again. If the packet is authentic, it can mobilize an 761 * association. Note that there is no key zero. 762 */ 763 if (!authdecrypt(skeyid, (u_int32 *)pkt, authlen, 764 has_mac)) 765 is_authentic = AUTH_ERROR; 766 else 767 is_authentic = AUTH_OK; 768 #ifdef AUTOKEY 769 if (crypto_flags && skeyid > NTP_MAXKEY) 770 authtrust(skeyid, 0); 771 #endif /* AUTOKEY */ 772 #ifdef DEBUG 773 if (debug) 774 printf( 775 "receive: at %ld %s<-%s mode %d keyid %08x len %d auth %d\n", 776 current_time, stoa(dstadr_sin), 777 stoa(&rbufp->recv_srcadr), hismode, skeyid, 778 authlen + has_mac, is_authentic); 779 #endif 780 } 781 782 /* 783 * The association matching rules are implemented by a set of 784 * routines and an association table. A packet matching an 785 * association is processed by the peer process for that 786 * association. If there are no errors, an ephemeral association 787 * is mobilized: a broadcast packet mobilizes a broadcast client 788 * aassociation; a manycast server packet mobilizes a manycast 789 * client association; a symmetric active packet mobilizes a 790 * symmetric passive association. 791 */ 792 switch (retcode) { 793 794 /* 795 * This is a client mode packet not matching any association. If 796 * an ordinary client, simply toss a server mode packet back 797 * over the fence. If a manycast client, we have to work a 798 * little harder. 799 */ 800 case AM_FXMIT: 801 802 /* 803 * If authentication OK, send a server reply; otherwise, 804 * send a crypto-NAK. 805 */ 806 if (!(rbufp->dstadr->flags & INT_MCASTOPEN)) { 807 if (AUTH(restrict_mask & RES_DONTTRUST, 808 is_authentic)) { 809 fast_xmit(rbufp, MODE_SERVER, skeyid, 810 restrict_mask); 811 } else if (is_authentic == AUTH_ERROR) { 812 fast_xmit(rbufp, MODE_SERVER, 0, 813 restrict_mask); 814 sys_badauth++; 815 } else { 816 sys_restricted++; 817 } 818 return; /* hooray */ 819 } 820 821 /* 822 * This must be manycast. Do not respond if not 823 * configured as a manycast server. 824 */ 825 if (!sys_manycastserver) { 826 sys_restricted++; 827 return; /* not enabled */ 828 } 829 830 #ifdef AUTOKEY 831 /* 832 * Do not respond if not the same group. 833 */ 834 if (group_test(groupname, NULL)) { 835 sys_declined++; 836 return; 837 } 838 #endif /* AUTOKEY */ 839 840 /* 841 * Do not respond if we are not synchronized or our 842 * stratum is greater than the manycaster or the 843 * manycaster has already synchronized to us. 844 */ 845 if (sys_leap == LEAP_NOTINSYNC || sys_stratum >= 846 hisstratum || (!sys_cohort && sys_stratum == 847 hisstratum + 1) || rbufp->dstadr->addr_refid == 848 pkt->refid) { 849 sys_declined++; 850 return; /* no help */ 851 } 852 853 /* 854 * Respond only if authentication succeeds. Don't do a 855 * crypto-NAK, as that would not be useful. 856 */ 857 if (AUTH(restrict_mask & RES_DONTTRUST, is_authentic)) 858 fast_xmit(rbufp, MODE_SERVER, skeyid, 859 restrict_mask); 860 return; /* hooray */ 861 862 /* 863 * This is a server mode packet returned in response to a client 864 * mode packet sent to a multicast group address (for 865 * manycastclient) or to a unicast address (for pool). The 866 * origin timestamp is a good nonce to reliably associate the 867 * reply with what was sent. If there is no match, that's 868 * curious and could be an intruder attempting to clog, so we 869 * just ignore it. 870 * 871 * If the packet is authentic and the manycastclient or pool 872 * association is found, we mobilize a client association and 873 * copy pertinent variables from the manycastclient or pool 874 * association to the new client association. If not, just 875 * ignore the packet. 876 * 877 * There is an implosion hazard at the manycast client, since 878 * the manycast servers send the server packet immediately. If 879 * the guy is already here, don't fire up a duplicate. 880 */ 881 case AM_MANYCAST: 882 883 #ifdef AUTOKEY 884 /* 885 * Do not respond if not the same group. 886 */ 887 if (group_test(groupname, NULL)) { 888 sys_declined++; 889 return; 890 } 891 #endif /* AUTOKEY */ 892 if ((peer2 = findmanycastpeer(rbufp)) == NULL) { 893 sys_restricted++; 894 return; /* not enabled */ 895 } 896 if (!AUTH((!(peer2->cast_flags & MDF_POOL) && 897 sys_authenticate) | (restrict_mask & (RES_NOPEER | 898 RES_DONTTRUST)), is_authentic)) { 899 sys_restricted++; 900 return; /* access denied */ 901 } 902 903 /* 904 * Do not respond if unsynchronized or stratum is below 905 * the floor or at or above the ceiling. 906 */ 907 if (hisleap == LEAP_NOTINSYNC || hisstratum < 908 sys_floor || hisstratum >= sys_ceiling) { 909 sys_declined++; 910 return; /* no help */ 911 } 912 peer = newpeer(&rbufp->recv_srcadr, NULL, rbufp->dstadr, 913 MODE_CLIENT, hisversion, peer2->minpoll, 914 peer2->maxpoll, FLAG_PREEMPT | 915 (FLAG_IBURST & peer2->flags), MDF_UCAST | 916 MDF_UCLNT, 0, skeyid, sys_ident); 917 if (NULL == peer) { 918 sys_declined++; 919 return; /* ignore duplicate */ 920 } 921 922 /* 923 * After each ephemeral pool association is spun, 924 * accelerate the next poll for the pool solicitor so 925 * the pool will fill promptly. 926 */ 927 if (peer2->cast_flags & MDF_POOL) 928 peer2->nextdate = current_time + 1; 929 930 /* 931 * Further processing of the solicitation response would 932 * simply detect its origin timestamp as bogus for the 933 * brand-new association (it matches the prototype 934 * association) and tinker with peer->nextdate delaying 935 * first sync. 936 */ 937 return; /* solicitation response handled */ 938 939 /* 940 * This is the first packet received from a broadcast server. If 941 * the packet is authentic and we are enabled as broadcast 942 * client, mobilize a broadcast client association. We don't 943 * kiss any frogs here. 944 */ 945 case AM_NEWBCL: 946 947 #ifdef AUTOKEY 948 /* 949 * Do not respond if not the same group. 950 */ 951 if (group_test(groupname, sys_ident)) { 952 sys_declined++; 953 return; 954 } 955 #endif /* AUTOKEY */ 956 if (sys_bclient == 0) { 957 sys_restricted++; 958 return; /* not enabled */ 959 } 960 if (!AUTH(sys_authenticate | (restrict_mask & 961 (RES_NOPEER | RES_DONTTRUST)), is_authentic)) { 962 sys_restricted++; 963 return; /* access denied */ 964 } 965 966 /* 967 * Do not respond if unsynchronized or stratum is below 968 * the floor or at or above the ceiling. 969 */ 970 if (hisleap == LEAP_NOTINSYNC || hisstratum < 971 sys_floor || hisstratum >= sys_ceiling) { 972 sys_declined++; 973 return; /* no help */ 974 } 975 976 #ifdef AUTOKEY 977 /* 978 * Do not respond if Autokey and the opcode is not a 979 * CRYPTO_ASSOC response with association ID. 980 */ 981 if (crypto_flags && skeyid > NTP_MAXKEY && (opcode & 982 0xffff0000) != (CRYPTO_ASSOC | CRYPTO_RESP)) { 983 sys_declined++; 984 return; /* protocol error */ 985 } 986 #endif /* AUTOKEY */ 987 988 /* 989 * Broadcasts received via a multicast address may 990 * arrive after a unicast volley has begun 991 * with the same remote address. newpeer() will not 992 * find duplicate associations on other local endpoints 993 * if a non-NULL endpoint is supplied. multicastclient 994 * ephemeral associations are unique across all local 995 * endpoints. 996 */ 997 if (!(INT_MCASTOPEN & rbufp->dstadr->flags)) 998 match_ep = rbufp->dstadr; 999 else 1000 match_ep = NULL; 1001 1002 /* 1003 * Determine whether to execute the initial volley. 1004 */ 1005 if (sys_bdelay != 0) { 1006 #ifdef AUTOKEY 1007 /* 1008 * If a two-way exchange is not possible, 1009 * neither is Autokey. 1010 */ 1011 if (crypto_flags && skeyid > NTP_MAXKEY) { 1012 sys_restricted++; 1013 return; /* no autokey */ 1014 } 1015 #endif /* AUTOKEY */ 1016 1017 /* 1018 * Do not execute the volley. Start out in 1019 * broadcast client mode. 1020 */ 1021 peer = newpeer(&rbufp->recv_srcadr, NULL, 1022 match_ep, MODE_BCLIENT, hisversion, 1023 pkt->ppoll, pkt->ppoll, FLAG_PREEMPT, 1024 MDF_BCLNT, 0, skeyid, sys_ident); 1025 if (NULL == peer) { 1026 sys_restricted++; 1027 return; /* ignore duplicate */ 1028 1029 } else { 1030 peer->delay = sys_bdelay; 1031 } 1032 break; 1033 } 1034 1035 /* 1036 * Execute the initial volley in order to calibrate the 1037 * propagation delay and run the Autokey protocol. 1038 * 1039 * Note that the minpoll is taken from the broadcast 1040 * packet, normally 6 (64 s) and that the poll interval 1041 * is fixed at this value. 1042 */ 1043 peer = newpeer(&rbufp->recv_srcadr, NULL, match_ep, 1044 MODE_CLIENT, hisversion, pkt->ppoll, pkt->ppoll, 1045 FLAG_BC_VOL | FLAG_IBURST | FLAG_PREEMPT, MDF_BCLNT, 1046 0, skeyid, sys_ident); 1047 if (NULL == peer) { 1048 sys_restricted++; 1049 return; /* ignore duplicate */ 1050 } 1051 #ifdef AUTOKEY 1052 if (skeyid > NTP_MAXKEY) 1053 crypto_recv(peer, rbufp); 1054 #endif /* AUTOKEY */ 1055 1056 return; /* hooray */ 1057 1058 /* 1059 * This is the first packet received from a symmetric active 1060 * peer. If the packet is authentic and the first he sent, 1061 * mobilize a passive association. If not, kiss the frog. 1062 */ 1063 case AM_NEWPASS: 1064 1065 #ifdef AUTOKEY 1066 /* 1067 * Do not respond if not the same group. 1068 */ 1069 if (group_test(groupname, sys_ident)) { 1070 sys_declined++; 1071 return; 1072 } 1073 #endif /* AUTOKEY */ 1074 if (!AUTH(sys_authenticate | (restrict_mask & 1075 (RES_NOPEER | RES_DONTTRUST)), is_authentic)) { 1076 1077 /* 1078 * If authenticated but cannot mobilize an 1079 * association, send a symmetric passive 1080 * response without mobilizing an association. 1081 * This is for drat broken Windows clients. See 1082 * Microsoft KB 875424 for preferred workaround. 1083 */ 1084 if (AUTH(restrict_mask & RES_DONTTRUST, 1085 is_authentic)) { 1086 fast_xmit(rbufp, MODE_PASSIVE, skeyid, 1087 restrict_mask); 1088 return; /* hooray */ 1089 } 1090 if (is_authentic == AUTH_ERROR) { 1091 fast_xmit(rbufp, MODE_ACTIVE, 0, 1092 restrict_mask); 1093 sys_restricted++; 1094 } 1095 } 1096 1097 /* 1098 * Do not respond if synchronized and if stratum is 1099 * below the floor or at or above the ceiling. Note, 1100 * this allows an unsynchronized peer to synchronize to 1101 * us. It would be very strange if he did and then was 1102 * nipped, but that could only happen if we were 1103 * operating at the top end of the range. It also means 1104 * we will spin an ephemeral association in response to 1105 * MODE_ACTIVE KoDs, which will time out eventually. 1106 */ 1107 if (hisleap != LEAP_NOTINSYNC && (hisstratum < 1108 sys_floor || hisstratum >= sys_ceiling)) { 1109 sys_declined++; 1110 return; /* no help */ 1111 } 1112 1113 /* 1114 * The message is correctly authenticated and allowed. 1115 * Mobilize a symmetric passive association. 1116 */ 1117 if ((peer = newpeer(&rbufp->recv_srcadr, NULL, 1118 rbufp->dstadr, MODE_PASSIVE, hisversion, pkt->ppoll, 1119 NTP_MAXDPOLL, 0, MDF_UCAST, 0, skeyid, 1120 sys_ident)) == NULL) { 1121 sys_declined++; 1122 return; /* ignore duplicate */ 1123 } 1124 break; 1125 1126 1127 /* 1128 * Process regular packet. Nothing special. 1129 */ 1130 case AM_PROCPKT: 1131 1132 #ifdef AUTOKEY 1133 /* 1134 * Do not respond if not the same group. 1135 */ 1136 if (group_test(groupname, peer->ident)) { 1137 sys_declined++; 1138 return; 1139 } 1140 #endif /* AUTOKEY */ 1141 break; 1142 1143 /* 1144 * A passive packet matches a passive association. This is 1145 * usually the result of reconfiguring a client on the fly. As 1146 * this association might be legitimate and this packet an 1147 * attempt to deny service, just ignore it. 1148 */ 1149 case AM_ERR: 1150 sys_declined++; 1151 return; 1152 1153 /* 1154 * For everything else there is the bit bucket. 1155 */ 1156 default: 1157 sys_declined++; 1158 return; 1159 } 1160 1161 #ifdef AUTOKEY 1162 /* 1163 * If the association is configured for Autokey, the packet must 1164 * have a public key ID; if not, the packet must have a 1165 * symmetric key ID. 1166 */ 1167 if (is_authentic != AUTH_CRYPTO && (((peer->flags & 1168 FLAG_SKEY) && skeyid <= NTP_MAXKEY) || (!(peer->flags & 1169 FLAG_SKEY) && skeyid > NTP_MAXKEY))) { 1170 sys_badauth++; 1171 return; 1172 } 1173 #endif /* AUTOKEY */ 1174 peer->received++; 1175 peer->flash &= ~PKT_TEST_MASK; 1176 if (peer->flags & FLAG_XBOGUS) { 1177 peer->flags &= ~FLAG_XBOGUS; 1178 peer->flash |= TEST3; 1179 } 1180 1181 /* 1182 * Next comes a rigorous schedule of timestamp checking. If the 1183 * transmit timestamp is zero, the server has not initialized in 1184 * interleaved modes or is horribly broken. 1185 */ 1186 if (L_ISZERO(&p_xmt)) { 1187 peer->flash |= TEST3; /* unsynch */ 1188 1189 /* 1190 * If the transmit timestamp duplicates a previous one, the 1191 * packet is a replay. This prevents the bad guys from replaying 1192 * the most recent packet, authenticated or not. 1193 */ 1194 } else if (L_ISEQU(&peer->xmt, &p_xmt)) { 1195 peer->flash |= TEST1; /* duplicate */ 1196 peer->oldpkt++; 1197 return; 1198 1199 /* 1200 * If this is a broadcast mode packet, skip further checking. If 1201 * an initial volley, bail out now and let the client do its 1202 * stuff. If the origin timestamp is nonzero, this is an 1203 * interleaved broadcast. so restart the protocol. 1204 */ 1205 } else if (hismode == MODE_BROADCAST) { 1206 if (!L_ISZERO(&p_org) && !(peer->flags & FLAG_XB)) { 1207 peer->flags |= FLAG_XB; 1208 peer->aorg = p_xmt; 1209 peer->borg = rbufp->recv_time; 1210 report_event(PEVNT_XLEAVE, peer, NULL); 1211 return; 1212 } 1213 1214 /* 1215 * Check for bogus packet in basic mode. If found, switch to 1216 * interleaved mode and resynchronize, but only after confirming 1217 * the packet is not bogus in symmetric interleaved mode. 1218 */ 1219 } else if (peer->flip == 0) { 1220 if (!L_ISEQU(&p_org, &peer->aorg)) { 1221 peer->bogusorg++; 1222 peer->flash |= TEST2; /* bogus */ 1223 if (!L_ISZERO(&peer->dst) && L_ISEQU(&p_org, 1224 &peer->dst)) { 1225 peer->flip = 1; 1226 report_event(PEVNT_XLEAVE, peer, NULL); 1227 } 1228 } else { 1229 L_CLR(&peer->aorg); 1230 } 1231 1232 /* 1233 * Check for valid nonzero timestamp fields. 1234 */ 1235 } else if (L_ISZERO(&p_org) || L_ISZERO(&p_rec) || 1236 L_ISZERO(&peer->dst)) { 1237 peer->flash |= TEST3; /* unsynch */ 1238 1239 /* 1240 * Check for bogus packet in interleaved symmetric mode. This 1241 * can happen if a packet is lost, duplicated or crossed. If 1242 * found, flip and resynchronize. 1243 */ 1244 } else if (!L_ISZERO(&peer->dst) && !L_ISEQU(&p_org, 1245 &peer->dst)) { 1246 peer->bogusorg++; 1247 peer->flags |= FLAG_XBOGUS; 1248 peer->flash |= TEST2; /* bogus */ 1249 } 1250 1251 /* 1252 * Update the state variables. 1253 */ 1254 if (peer->flip == 0) { 1255 if (hismode != MODE_BROADCAST) 1256 peer->rec = p_xmt; 1257 peer->dst = rbufp->recv_time; 1258 } 1259 peer->xmt = p_xmt; 1260 1261 /* 1262 * If this is a crypto_NAK, the server cannot authenticate a 1263 * client packet. The server might have just changed keys. Clear 1264 * the association and restart the protocol. 1265 */ 1266 if (is_authentic == AUTH_CRYPTO) { 1267 report_event(PEVNT_AUTH, peer, "crypto_NAK"); 1268 peer->flash |= TEST5; /* bad auth */ 1269 peer->badauth++; 1270 if (peer->flags & FLAG_PREEMPT) { 1271 unpeer(peer); 1272 return; 1273 } 1274 #ifdef AUTOKEY 1275 if (peer->crypto) 1276 peer_clear(peer, "AUTH"); 1277 #endif /* AUTOKEY */ 1278 return; 1279 1280 /* 1281 * If the digest fails, the client cannot authenticate a server 1282 * reply to a client packet previously sent. The loopback check 1283 * is designed to avoid a bait-and-switch attack, which was 1284 * possible in past versions. If symmetric modes, return a 1285 * crypto-NAK. The peer should restart the protocol. 1286 */ 1287 } else if (!AUTH(has_mac || (restrict_mask & RES_DONTTRUST), 1288 is_authentic)) { 1289 report_event(PEVNT_AUTH, peer, "digest"); 1290 peer->flash |= TEST5; /* bad auth */ 1291 peer->badauth++; 1292 if (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE) 1293 fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask); 1294 if (peer->flags & FLAG_PREEMPT) { 1295 unpeer(peer); 1296 return; 1297 } 1298 #ifdef AUTOKEY 1299 if (peer->crypto) 1300 peer_clear(peer, "AUTH"); 1301 #endif /* AUTOKEY */ 1302 return; 1303 } 1304 1305 /* 1306 * Set the peer ppoll to the maximum of the packet ppoll and the 1307 * peer minpoll. If a kiss-o'-death, set the peer minpoll to 1308 * this maximum and advance the headway to give the sender some 1309 * headroom. Very intricate. 1310 */ 1311 peer->ppoll = max(peer->minpoll, pkt->ppoll); 1312 if (hismode == MODE_SERVER && hisleap == LEAP_NOTINSYNC && 1313 hisstratum == STRATUM_UNSPEC && memcmp(&pkt->refid, 1314 "RATE", 4) == 0) { 1315 peer->selbroken++; 1316 report_event(PEVNT_RATE, peer, NULL); 1317 if (pkt->ppoll > peer->minpoll) 1318 peer->minpoll = peer->ppoll; 1319 peer->burst = peer->retry = 0; 1320 peer->throttle = (NTP_SHIFT + 1) * (1 << peer->minpoll); 1321 poll_update(peer, pkt->ppoll); 1322 return; /* kiss-o'-death */ 1323 } 1324 1325 /* 1326 * That was hard and I am sweaty, but the packet is squeaky 1327 * clean. Get on with real work. 1328 */ 1329 peer->timereceived = current_time; 1330 if (is_authentic == AUTH_OK) 1331 peer->flags |= FLAG_AUTHENTIC; 1332 else 1333 peer->flags &= ~FLAG_AUTHENTIC; 1334 1335 #ifdef AUTOKEY 1336 /* 1337 * More autokey dance. The rules of the cha-cha are as follows: 1338 * 1339 * 1. If there is no key or the key is not auto, do nothing. 1340 * 1341 * 2. If this packet is in response to the one just previously 1342 * sent or from a broadcast server, do the extension fields. 1343 * Otherwise, assume bogosity and bail out. 1344 * 1345 * 3. If an extension field contains a verified signature, it is 1346 * self-authenticated and we sit the dance. 1347 * 1348 * 4. If this is a server reply, check only to see that the 1349 * transmitted key ID matches the received key ID. 1350 * 1351 * 5. Check to see that one or more hashes of the current key ID 1352 * matches the previous key ID or ultimate original key ID 1353 * obtained from the broadcaster or symmetric peer. If no 1354 * match, sit the dance and call for new autokey values. 1355 * 1356 * In case of crypto error, fire the orchestra, stop dancing and 1357 * restart the protocol. 1358 */ 1359 if (peer->flags & FLAG_SKEY) { 1360 /* 1361 * Decrement remaining autokey hashes. This isn't 1362 * perfect if a packet is lost, but results in no harm. 1363 */ 1364 ap = (struct autokey *)peer->recval.ptr; 1365 if (ap != NULL) { 1366 if (ap->seq > 0) 1367 ap->seq--; 1368 } 1369 peer->flash |= TEST8; 1370 rval = crypto_recv(peer, rbufp); 1371 if (rval == XEVNT_OK) { 1372 peer->unreach = 0; 1373 } else { 1374 if (rval == XEVNT_ERR) { 1375 report_event(PEVNT_RESTART, peer, 1376 "crypto error"); 1377 peer_clear(peer, "CRYP"); 1378 peer->flash |= TEST9; /* bad crypt */ 1379 if (peer->flags & FLAG_PREEMPT) 1380 unpeer(peer); 1381 } 1382 return; 1383 } 1384 1385 /* 1386 * If server mode, verify the receive key ID matches 1387 * the transmit key ID. 1388 */ 1389 if (hismode == MODE_SERVER) { 1390 if (skeyid == peer->keyid) 1391 peer->flash &= ~TEST8; 1392 1393 /* 1394 * If an extension field is present, verify only that it 1395 * has been correctly signed. We don't need a sequence 1396 * check here, but the sequence continues. 1397 */ 1398 } else if (!(peer->flash & TEST8)) { 1399 peer->pkeyid = skeyid; 1400 1401 /* 1402 * Now the fun part. Here, skeyid is the current ID in 1403 * the packet, pkeyid is the ID in the last packet and 1404 * tkeyid is the hash of skeyid. If the autokey values 1405 * have not been received, this is an automatic error. 1406 * If so, check that the tkeyid matches pkeyid. If not, 1407 * hash tkeyid and try again. If the number of hashes 1408 * exceeds the number remaining in the sequence, declare 1409 * a successful failure and refresh the autokey values. 1410 */ 1411 } else if (ap != NULL) { 1412 int i; 1413 1414 for (i = 0; ; i++) { 1415 if (tkeyid == peer->pkeyid || 1416 tkeyid == ap->key) { 1417 peer->flash &= ~TEST8; 1418 peer->pkeyid = skeyid; 1419 ap->seq -= i; 1420 break; 1421 } 1422 if (i > ap->seq) { 1423 peer->crypto &= 1424 ~CRYPTO_FLAG_AUTO; 1425 break; 1426 } 1427 tkeyid = session_key( 1428 &rbufp->recv_srcadr, dstadr_sin, 1429 tkeyid, pkeyid, 0); 1430 } 1431 if (peer->flash & TEST8) 1432 report_event(PEVNT_AUTH, peer, "keylist"); 1433 } 1434 if (!(peer->crypto & CRYPTO_FLAG_PROV)) /* test 9 */ 1435 peer->flash |= TEST8; /* bad autokey */ 1436 1437 /* 1438 * The maximum lifetime of the protocol is about one 1439 * week before restarting the Autokey protocol to 1440 * refresh certificates and leapseconds values. 1441 */ 1442 if (current_time > peer->refresh) { 1443 report_event(PEVNT_RESTART, peer, 1444 "crypto refresh"); 1445 peer_clear(peer, "TIME"); 1446 return; 1447 } 1448 } 1449 #endif /* AUTOKEY */ 1450 1451 /* 1452 * The dance is complete and the flash bits have been lit. Toss 1453 * the packet over the fence for processing, which may light up 1454 * more flashers. 1455 */ 1456 process_packet(peer, pkt, rbufp->recv_length); 1457 1458 /* 1459 * In interleaved mode update the state variables. Also adjust the 1460 * transmit phase to avoid crossover. 1461 */ 1462 if (peer->flip != 0) { 1463 peer->rec = p_rec; 1464 peer->dst = rbufp->recv_time; 1465 if (peer->nextdate - current_time < (1U << min(peer->ppoll, 1466 peer->hpoll)) / 2) 1467 peer->nextdate++; 1468 else 1469 peer->nextdate--; 1470 } 1471 } 1472 1473 1474 /* 1475 * process_packet - Packet Procedure, a la Section 3.4.4 of the 1476 * specification. Or almost, at least. If we're in here we have a 1477 * reasonable expectation that we will be having a long term 1478 * relationship with this host. 1479 */ 1480 void 1481 process_packet( 1482 register struct peer *peer, 1483 register struct pkt *pkt, 1484 u_int len 1485 ) 1486 { 1487 double t34, t21; 1488 double p_offset, p_del, p_disp; 1489 l_fp p_rec, p_xmt, p_org, p_reftime, ci; 1490 u_char pmode, pleap, pversion, pstratum; 1491 char statstr[NTP_MAXSTRLEN]; 1492 #ifdef ASSYM 1493 int itemp; 1494 double etemp, ftemp, td; 1495 #endif /* ASSYM */ 1496 1497 sys_processed++; 1498 peer->processed++; 1499 p_del = FPTOD(NTOHS_FP(pkt->rootdelay)); 1500 p_offset = 0; 1501 p_disp = FPTOD(NTOHS_FP(pkt->rootdisp)); 1502 NTOHL_FP(&pkt->reftime, &p_reftime); 1503 NTOHL_FP(&pkt->org, &p_org); 1504 NTOHL_FP(&pkt->rec, &p_rec); 1505 NTOHL_FP(&pkt->xmt, &p_xmt); 1506 pmode = PKT_MODE(pkt->li_vn_mode); 1507 pleap = PKT_LEAP(pkt->li_vn_mode); 1508 pversion = PKT_VERSION(pkt->li_vn_mode); 1509 pstratum = PKT_TO_STRATUM(pkt->stratum); 1510 1511 /* 1512 * Capture the header values in the client/peer association.. 1513 */ 1514 record_raw_stats(&peer->srcadr, peer->dstadr ? 1515 &peer->dstadr->sin : NULL, 1516 &p_org, &p_rec, &p_xmt, &peer->dst, 1517 pleap, pversion, pmode, pstratum, pkt->ppoll, pkt->precision, 1518 p_del, p_disp, pkt->refid); 1519 peer->leap = pleap; 1520 peer->stratum = min(pstratum, STRATUM_UNSPEC); 1521 peer->pmode = pmode; 1522 peer->precision = pkt->precision; 1523 peer->rootdelay = p_del; 1524 peer->rootdisp = p_disp; 1525 peer->refid = pkt->refid; /* network byte order */ 1526 peer->reftime = p_reftime; 1527 1528 /* 1529 * First, if either burst mode is armed, enable the burst. 1530 * Compute the headway for the next packet and delay if 1531 * necessary to avoid exceeding the threshold. 1532 */ 1533 if (peer->retry > 0) { 1534 peer->retry = 0; 1535 if (peer->reach) 1536 peer->burst = min(1 << (peer->hpoll - 1537 peer->minpoll), NTP_SHIFT) - 1; 1538 else 1539 peer->burst = NTP_IBURST - 1; 1540 if (peer->burst > 0) 1541 peer->nextdate = current_time; 1542 } 1543 poll_update(peer, peer->hpoll); 1544 1545 /* 1546 * Verify the server is synchronized; that is, the leap bits, 1547 * stratum and root distance are valid. 1548 */ 1549 if (pleap == LEAP_NOTINSYNC || /* test 6 */ 1550 pstratum < sys_floor || pstratum >= sys_ceiling) 1551 peer->flash |= TEST6; /* bad synch or strat */ 1552 if (p_del / 2 + p_disp >= MAXDISPERSE) /* test 7 */ 1553 peer->flash |= TEST7; /* bad header */ 1554 1555 /* 1556 * If any tests fail at this point, the packet is discarded. 1557 * Note that some flashers may have already been set in the 1558 * receive() routine. 1559 */ 1560 if (peer->flash & PKT_TEST_MASK) { 1561 peer->seldisptoolarge++; 1562 #ifdef DEBUG 1563 if (debug) 1564 printf("packet: flash header %04x\n", 1565 peer->flash); 1566 #endif 1567 return; 1568 } 1569 1570 /* 1571 * If the peer was previously unreachable, raise a trap. In any 1572 * case, mark it reachable. 1573 */ 1574 if (!peer->reach) { 1575 report_event(PEVNT_REACH, peer, NULL); 1576 peer->timereachable = current_time; 1577 } 1578 peer->reach |= 1; 1579 1580 /* 1581 * For a client/server association, calculate the clock offset, 1582 * roundtrip delay and dispersion. The equations are reordered 1583 * from the spec for more efficient use of temporaries. For a 1584 * broadcast association, offset the last measurement by the 1585 * computed delay during the client/server volley. Note the 1586 * computation of dispersion includes the system precision plus 1587 * that due to the frequency error since the origin time. 1588 * 1589 * It is very important to respect the hazards of overflow. The 1590 * only permitted operation on raw timestamps is subtraction, 1591 * where the result is a signed quantity spanning from 68 years 1592 * in the past to 68 years in the future. To avoid loss of 1593 * precision, these calculations are done using 64-bit integer 1594 * arithmetic. However, the offset and delay calculations are 1595 * sums and differences of these first-order differences, which 1596 * if done using 64-bit integer arithmetic, would be valid over 1597 * only half that span. Since the typical first-order 1598 * differences are usually very small, they are converted to 64- 1599 * bit doubles and all remaining calculations done in floating- 1600 * double arithmetic. This preserves the accuracy while 1601 * retaining the 68-year span. 1602 * 1603 * There are three interleaving schemes, basic, interleaved 1604 * symmetric and interleaved broadcast. The timestamps are 1605 * idioscyncratically different. See the onwire briefing/white 1606 * paper at www.eecis.udel.edu/~mills for details. 1607 * 1608 * Interleaved symmetric mode 1609 * t1 = peer->aorg/borg, t2 = peer->rec, t3 = p_xmt, 1610 * t4 = peer->dst 1611 */ 1612 if (peer->flip != 0) { 1613 ci = p_xmt; /* t3 - t4 */ 1614 L_SUB(&ci, &peer->dst); 1615 LFPTOD(&ci, t34); 1616 ci = p_rec; /* t2 - t1 */ 1617 if (peer->flip > 0) 1618 L_SUB(&ci, &peer->borg); 1619 else 1620 L_SUB(&ci, &peer->aorg); 1621 LFPTOD(&ci, t21); 1622 p_del = t21 - t34; 1623 p_offset = (t21 + t34) / 2.; 1624 if (p_del < 0 || p_del > 1.) { 1625 snprintf(statstr, sizeof(statstr), 1626 "t21 %.6f t34 %.6f", t21, t34); 1627 report_event(PEVNT_XERR, peer, statstr); 1628 return; 1629 } 1630 1631 /* 1632 * Broadcast modes 1633 */ 1634 } else if (peer->pmode == MODE_BROADCAST) { 1635 1636 /* 1637 * Interleaved broadcast mode. Use interleaved timestamps. 1638 * t1 = peer->borg, t2 = p_org, t3 = p_org, t4 = aorg 1639 */ 1640 if (peer->flags & FLAG_XB) { 1641 ci = p_org; /* delay */ 1642 L_SUB(&ci, &peer->aorg); 1643 LFPTOD(&ci, t34); 1644 ci = p_org; /* t2 - t1 */ 1645 L_SUB(&ci, &peer->borg); 1646 LFPTOD(&ci, t21); 1647 peer->aorg = p_xmt; 1648 peer->borg = peer->dst; 1649 if (t34 < 0 || t34 > 1.) { 1650 snprintf(statstr, sizeof(statstr), 1651 "offset %.6f delay %.6f", t21, t34); 1652 report_event(PEVNT_XERR, peer, statstr); 1653 return; 1654 } 1655 p_offset = t21; 1656 peer->xleave = t34; 1657 1658 /* 1659 * Basic broadcast - use direct timestamps. 1660 * t3 = p_xmt, t4 = peer->dst 1661 */ 1662 } else { 1663 ci = p_xmt; /* t3 - t4 */ 1664 L_SUB(&ci, &peer->dst); 1665 LFPTOD(&ci, t34); 1666 p_offset = t34; 1667 } 1668 1669 /* 1670 * When calibration is complete and the clock is 1671 * synchronized, the bias is calculated as the difference 1672 * between the unicast timestamp and the broadcast 1673 * timestamp. This works for both basic and interleaved 1674 * modes. 1675 */ 1676 if (FLAG_BC_VOL & peer->flags) { 1677 peer->flags &= ~FLAG_BC_VOL; 1678 peer->delay = fabs(peer->offset - p_offset) * 2; 1679 } 1680 p_del = peer->delay; 1681 p_offset += p_del / 2; 1682 1683 1684 /* 1685 * Basic mode, otherwise known as the old fashioned way. 1686 * 1687 * t1 = p_org, t2 = p_rec, t3 = p_xmt, t4 = peer->dst 1688 */ 1689 } else { 1690 ci = p_xmt; /* t3 - t4 */ 1691 L_SUB(&ci, &peer->dst); 1692 LFPTOD(&ci, t34); 1693 ci = p_rec; /* t2 - t1 */ 1694 L_SUB(&ci, &p_org); 1695 LFPTOD(&ci, t21); 1696 p_del = fabs(t21 - t34); 1697 p_offset = (t21 + t34) / 2.; 1698 } 1699 p_del = max(p_del, LOGTOD(sys_precision)); 1700 p_disp = LOGTOD(sys_precision) + LOGTOD(peer->precision) + 1701 clock_phi * p_del; 1702 1703 #if ASSYM 1704 /* 1705 * This code calculates the outbound and inbound data rates by 1706 * measuring the differences between timestamps at different 1707 * packet lengths. This is helpful in cases of large asymmetric 1708 * delays commonly experienced on deep space communication 1709 * links. 1710 */ 1711 if (peer->t21_last > 0 && peer->t34_bytes > 0) { 1712 itemp = peer->t21_bytes - peer->t21_last; 1713 if (itemp > 25) { 1714 etemp = t21 - peer->t21; 1715 if (fabs(etemp) > 1e-6) { 1716 ftemp = itemp / etemp; 1717 if (ftemp > 1000.) 1718 peer->r21 = ftemp; 1719 } 1720 } 1721 itemp = len - peer->t34_bytes; 1722 if (itemp > 25) { 1723 etemp = -t34 - peer->t34; 1724 if (fabs(etemp) > 1e-6) { 1725 ftemp = itemp / etemp; 1726 if (ftemp > 1000.) 1727 peer->r34 = ftemp; 1728 } 1729 } 1730 } 1731 1732 /* 1733 * The following section compensates for different data rates on 1734 * the outbound (d21) and inbound (t34) directions. To do this, 1735 * it finds t such that r21 * t - r34 * (d - t) = 0, where d is 1736 * the roundtrip delay. Then it calculates the correction as a 1737 * fraction of d. 1738 */ 1739 peer->t21 = t21; 1740 peer->t21_last = peer->t21_bytes; 1741 peer->t34 = -t34; 1742 peer->t34_bytes = len; 1743 #ifdef DEBUG 1744 if (debug > 1) 1745 printf("packet: t21 %.9lf %d t34 %.9lf %d\n", peer->t21, 1746 peer->t21_bytes, peer->t34, peer->t34_bytes); 1747 #endif 1748 if (peer->r21 > 0 && peer->r34 > 0 && p_del > 0) { 1749 if (peer->pmode != MODE_BROADCAST) 1750 td = (peer->r34 / (peer->r21 + peer->r34) - 1751 .5) * p_del; 1752 else 1753 td = 0; 1754 1755 /* 1756 * Unfortunately, in many cases the errors are 1757 * unacceptable, so for the present the rates are not 1758 * used. In future, we might find conditions where the 1759 * calculations are useful, so this should be considered 1760 * a work in progress. 1761 */ 1762 t21 -= td; 1763 t34 -= td; 1764 #ifdef DEBUG 1765 if (debug > 1) 1766 printf("packet: del %.6lf r21 %.1lf r34 %.1lf %.6lf\n", 1767 p_del, peer->r21 / 1e3, peer->r34 / 1e3, 1768 td); 1769 #endif 1770 } 1771 #endif /* ASSYM */ 1772 1773 /* 1774 * That was awesome. Now hand off to the clock filter. 1775 */ 1776 clock_filter(peer, p_offset + peer->bias, p_del, p_disp); 1777 1778 /* 1779 * If we are in broadcast calibrate mode, return to broadcast 1780 * client mode when the client is fit and the autokey dance is 1781 * complete. 1782 */ 1783 if ((FLAG_BC_VOL & peer->flags) && MODE_CLIENT == peer->hmode && 1784 !(TEST11 & peer_unfit(peer))) { /* distance exceeded */ 1785 #ifdef AUTOKEY 1786 if (peer->flags & FLAG_SKEY) { 1787 if (!(~peer->crypto & CRYPTO_FLAG_ALL)) 1788 peer->hmode = MODE_BCLIENT; 1789 } else { 1790 peer->hmode = MODE_BCLIENT; 1791 } 1792 #else /* !AUTOKEY follows */ 1793 peer->hmode = MODE_BCLIENT; 1794 #endif /* !AUTOKEY */ 1795 } 1796 } 1797 1798 1799 /* 1800 * clock_update - Called at system process update intervals. 1801 */ 1802 static void 1803 clock_update( 1804 struct peer *peer /* peer structure pointer */ 1805 ) 1806 { 1807 double dtemp; 1808 l_fp now; 1809 #ifdef HAVE_LIBSCF_H 1810 char *fmri; 1811 #endif /* HAVE_LIBSCF_H */ 1812 1813 /* 1814 * Update the system state variables. We do this very carefully, 1815 * as the poll interval might need to be clamped differently. 1816 */ 1817 sys_peer = peer; 1818 sys_epoch = peer->epoch; 1819 if (sys_poll < peer->minpoll) 1820 sys_poll = peer->minpoll; 1821 if (sys_poll > peer->maxpoll) 1822 sys_poll = peer->maxpoll; 1823 poll_update(peer, sys_poll); 1824 sys_stratum = min(peer->stratum + 1, STRATUM_UNSPEC); 1825 if (peer->stratum == STRATUM_REFCLOCK || 1826 peer->stratum == STRATUM_UNSPEC) 1827 sys_refid = peer->refid; 1828 else 1829 sys_refid = addr2refid(&peer->srcadr); 1830 /* 1831 * Root Dispersion (E) is defined (in RFC 5905) as: 1832 * 1833 * E = p.epsilon_r + p.epsilon + p.psi + PHI*(s.t - p.t) + |THETA| 1834 * 1835 * where: 1836 * p.epsilon_r is the PollProc's root dispersion 1837 * p.epsilon is the PollProc's dispersion 1838 * p.psi is the PollProc's jitter 1839 * THETA is the combined offset 1840 * 1841 * NB: Think Hard about where these numbers come from and 1842 * what they mean. When did peer->update happen? Has anything 1843 * interesting happened since then? What values are the most 1844 * defensible? Why? 1845 * 1846 * DLM thinks this equation is probably the best of all worse choices. 1847 */ 1848 dtemp = peer->rootdisp 1849 + peer->disp 1850 + sys_jitter 1851 + clock_phi * (current_time - peer->update) 1852 + fabs(sys_offset); 1853 1854 if (dtemp > sys_mindisp) 1855 sys_rootdisp = dtemp; 1856 else 1857 sys_rootdisp = sys_mindisp; 1858 sys_rootdelay = peer->delay + peer->rootdelay; 1859 sys_reftime = peer->dst; 1860 1861 #ifdef DEBUG 1862 if (debug) 1863 printf( 1864 "clock_update: at %lu sample %lu associd %d\n", 1865 current_time, peer->epoch, peer->associd); 1866 #endif 1867 1868 /* 1869 * Comes now the moment of truth. Crank the clock discipline and 1870 * see what comes out. 1871 */ 1872 switch (local_clock(peer, sys_offset)) { 1873 1874 /* 1875 * Clock exceeds panic threshold. Life as we know it ends. 1876 */ 1877 case -1: 1878 #ifdef HAVE_LIBSCF_H 1879 /* 1880 * For Solaris enter the maintenance mode. 1881 */ 1882 if ((fmri = getenv("SMF_FMRI")) != NULL) { 1883 if (smf_maintain_instance(fmri, 0) < 0) { 1884 printf("smf_maintain_instance: %s\n", 1885 scf_strerror(scf_error())); 1886 exit(1); 1887 } 1888 /* 1889 * Sleep until SMF kills us. 1890 */ 1891 for (;;) 1892 pause(); 1893 } 1894 #endif /* HAVE_LIBSCF_H */ 1895 exit (-1); 1896 /* not reached */ 1897 1898 /* 1899 * Clock was stepped. Flush all time values of all peers. 1900 */ 1901 case 2: 1902 clear_all(); 1903 sys_leap = LEAP_NOTINSYNC; 1904 sys_stratum = STRATUM_UNSPEC; 1905 memcpy(&sys_refid, "STEP", 4); 1906 sys_rootdelay = 0; 1907 sys_rootdisp = 0; 1908 L_CLR(&sys_reftime); 1909 sys_jitter = LOGTOD(sys_precision); 1910 leapsec_reset_frame(); 1911 break; 1912 1913 /* 1914 * Clock was slewed. Handle the leapsecond stuff. 1915 */ 1916 case 1: 1917 1918 /* 1919 * If this is the first time the clock is set, reset the 1920 * leap bits. If crypto, the timer will goose the setup 1921 * process. 1922 */ 1923 if (sys_leap == LEAP_NOTINSYNC) { 1924 sys_leap = LEAP_NOWARNING; 1925 #ifdef AUTOKEY 1926 if (crypto_flags) 1927 crypto_update(); 1928 #endif /* AUTOKEY */ 1929 /* 1930 * If our parent process is waiting for the 1931 * first clock sync, send them home satisfied. 1932 */ 1933 #ifdef HAVE_WORKING_FORK 1934 if (waitsync_fd_to_close != -1) { 1935 close(waitsync_fd_to_close); 1936 waitsync_fd_to_close = -1; 1937 DPRINTF(1, ("notified parent --wait-sync is done\n")); 1938 } 1939 #endif /* HAVE_WORKING_FORK */ 1940 1941 } 1942 1943 /* 1944 * If there is no leap second pending and the number of 1945 * survivor leap bits is greater than half the number of 1946 * survivors, try to schedule a leap for the end of the 1947 * current month. (This only works if no leap second for 1948 * that range is in the table, so doing this more than 1949 * once is mostly harmless.) 1950 */ 1951 if (leapsec == LSPROX_NOWARN) { 1952 if (leap_vote_ins > leap_vote_del 1953 && leap_vote_ins > sys_survivors / 2) { 1954 get_systime(&now); 1955 leapsec_add_dyn(TRUE, now.l_ui, NULL); 1956 } 1957 if (leap_vote_del > leap_vote_ins 1958 && leap_vote_del > sys_survivors / 2) { 1959 get_systime(&now); 1960 leapsec_add_dyn(FALSE, now.l_ui, NULL); 1961 } 1962 } 1963 break; 1964 1965 /* 1966 * Popcorn spike or step threshold exceeded. Pretend it never 1967 * happened. 1968 */ 1969 default: 1970 break; 1971 } 1972 } 1973 1974 1975 /* 1976 * poll_update - update peer poll interval 1977 */ 1978 void 1979 poll_update( 1980 struct peer *peer, /* peer structure pointer */ 1981 u_char mpoll 1982 ) 1983 { 1984 u_long next, utemp; 1985 u_char hpoll; 1986 1987 /* 1988 * This routine figures out when the next poll should be sent. 1989 * That turns out to be wickedly complicated. One problem is 1990 * that sometimes the time for the next poll is in the past when 1991 * the poll interval is reduced. We watch out for races here 1992 * between the receive process and the poll process. 1993 * 1994 * Clamp the poll interval between minpoll and maxpoll. 1995 */ 1996 hpoll = max(min(peer->maxpoll, mpoll), peer->minpoll); 1997 1998 #ifdef AUTOKEY 1999 /* 2000 * If during the crypto protocol the poll interval has changed, 2001 * the lifetimes in the key list are probably bogus. Purge the 2002 * the key list and regenerate it later. 2003 */ 2004 if ((peer->flags & FLAG_SKEY) && hpoll != peer->hpoll) 2005 key_expire(peer); 2006 #endif /* AUTOKEY */ 2007 peer->hpoll = hpoll; 2008 2009 /* 2010 * There are three variables important for poll scheduling, the 2011 * current time (current_time), next scheduled time (nextdate) 2012 * and the earliest time (utemp). The earliest time is 2 s 2013 * seconds, but could be more due to rate management. When 2014 * sending in a burst, use the earliest time. When not in a 2015 * burst but with a reply pending, send at the earliest time 2016 * unless the next scheduled time has not advanced. This can 2017 * only happen if multiple replies are pending in the same 2018 * response interval. Otherwise, send at the later of the next 2019 * scheduled time and the earliest time. 2020 * 2021 * Now we figure out if there is an override. If a burst is in 2022 * progress and we get called from the receive process, just 2023 * slink away. If called from the poll process, delay 1 s for a 2024 * reference clock, otherwise 2 s. 2025 */ 2026 utemp = current_time + max(peer->throttle - (NTP_SHIFT - 1) * 2027 (1 << peer->minpoll), ntp_minpkt); 2028 if (peer->burst > 0) { 2029 if (peer->nextdate > current_time) 2030 return; 2031 #ifdef REFCLOCK 2032 else if (peer->flags & FLAG_REFCLOCK) 2033 peer->nextdate = current_time + RESP_DELAY; 2034 #endif /* REFCLOCK */ 2035 else 2036 peer->nextdate = utemp; 2037 2038 #ifdef AUTOKEY 2039 /* 2040 * If a burst is not in progress and a crypto response message 2041 * is pending, delay 2 s, but only if this is a new interval. 2042 */ 2043 } else if (peer->cmmd != NULL) { 2044 if (peer->nextdate > current_time) { 2045 if (peer->nextdate + ntp_minpkt != utemp) 2046 peer->nextdate = utemp; 2047 } else { 2048 peer->nextdate = utemp; 2049 } 2050 #endif /* AUTOKEY */ 2051 2052 /* 2053 * The ordinary case. If a retry, use minpoll; if unreachable, 2054 * use host poll; otherwise, use the minimum of host and peer 2055 * polls; In other words, oversampling is okay but 2056 * understampling is evil. Use the maximum of this value and the 2057 * headway. If the average headway is greater than the headway 2058 * threshold, increase the headway by the minimum interval. 2059 */ 2060 } else { 2061 if (peer->retry > 0) 2062 hpoll = peer->minpoll; 2063 else if (!(peer->reach)) 2064 hpoll = peer->hpoll; 2065 else 2066 hpoll = min(peer->ppoll, peer->hpoll); 2067 #ifdef REFCLOCK 2068 if (peer->flags & FLAG_REFCLOCK) 2069 next = 1 << hpoll; 2070 else 2071 #endif /* REFCLOCK */ 2072 next = ((0x1000UL | (ntp_random() & 0x0ff)) << 2073 hpoll) >> 12; 2074 next += peer->outdate; 2075 if (next > utemp) 2076 peer->nextdate = next; 2077 else 2078 peer->nextdate = utemp; 2079 if (peer->throttle > (1 << peer->minpoll)) 2080 peer->nextdate += ntp_minpkt; 2081 } 2082 DPRINTF(2, ("poll_update: at %lu %s poll %d burst %d retry %d head %d early %lu next %lu\n", 2083 current_time, ntoa(&peer->srcadr), peer->hpoll, 2084 peer->burst, peer->retry, peer->throttle, 2085 utemp - current_time, peer->nextdate - 2086 current_time)); 2087 } 2088 2089 2090 /* 2091 * peer_clear - clear peer filter registers. See Section 3.4.8 of the 2092 * spec. 2093 */ 2094 void 2095 peer_clear( 2096 struct peer *peer, /* peer structure */ 2097 const char *ident /* tally lights */ 2098 ) 2099 { 2100 u_char u; 2101 2102 #ifdef AUTOKEY 2103 /* 2104 * If cryptographic credentials have been acquired, toss them to 2105 * Valhalla. Note that autokeys are ephemeral, in that they are 2106 * tossed immediately upon use. Therefore, the keylist can be 2107 * purged anytime without needing to preserve random keys. Note 2108 * that, if the peer is purged, the cryptographic variables are 2109 * purged, too. This makes it much harder to sneak in some 2110 * unauthenticated data in the clock filter. 2111 */ 2112 key_expire(peer); 2113 if (peer->iffval != NULL) 2114 BN_free(peer->iffval); 2115 value_free(&peer->cookval); 2116 value_free(&peer->recval); 2117 value_free(&peer->encrypt); 2118 value_free(&peer->sndval); 2119 if (peer->cmmd != NULL) 2120 free(peer->cmmd); 2121 if (peer->subject != NULL) 2122 free(peer->subject); 2123 if (peer->issuer != NULL) 2124 free(peer->issuer); 2125 #endif /* AUTOKEY */ 2126 2127 /* 2128 * Clear all values, including the optional crypto values above. 2129 */ 2130 memset(CLEAR_TO_ZERO(peer), 0, LEN_CLEAR_TO_ZERO); 2131 peer->ppoll = peer->maxpoll; 2132 peer->hpoll = peer->minpoll; 2133 peer->disp = MAXDISPERSE; 2134 peer->flash = peer_unfit(peer); 2135 peer->jitter = LOGTOD(sys_precision); 2136 2137 /* 2138 * If interleave mode, initialize the alternate origin switch. 2139 */ 2140 if (peer->flags & FLAG_XLEAVE) 2141 peer->flip = 1; 2142 for (u = 0; u < NTP_SHIFT; u++) { 2143 peer->filter_order[u] = u; 2144 peer->filter_disp[u] = MAXDISPERSE; 2145 } 2146 #ifdef REFCLOCK 2147 if (!(peer->flags & FLAG_REFCLOCK)) { 2148 #endif 2149 peer->leap = LEAP_NOTINSYNC; 2150 peer->stratum = STRATUM_UNSPEC; 2151 memcpy(&peer->refid, ident, 4); 2152 #ifdef REFCLOCK 2153 } 2154 #endif 2155 2156 /* 2157 * During initialization use the association count to spread out 2158 * the polls at one-second intervals. Passive associations' 2159 * first poll is delayed by the "discard minimum" to avoid rate 2160 * limiting. Other post-startup new or cleared associations 2161 * randomize the first poll over the minimum poll interval to 2162 * avoid implosion. 2163 */ 2164 peer->nextdate = peer->update = peer->outdate = current_time; 2165 if (initializing) { 2166 peer->nextdate += peer_associations; 2167 } else if (MODE_PASSIVE == peer->hmode) { 2168 peer->nextdate += ntp_minpkt; 2169 } else { 2170 peer->nextdate += ntp_random() % peer->minpoll; 2171 } 2172 #ifdef AUTOKEY 2173 peer->refresh = current_time + (1 << NTP_REFRESH); 2174 #endif /* AUTOKEY */ 2175 #ifdef DEBUG 2176 if (debug) 2177 printf( 2178 "peer_clear: at %ld next %ld associd %d refid %s\n", 2179 current_time, peer->nextdate, peer->associd, 2180 ident); 2181 #endif 2182 } 2183 2184 2185 /* 2186 * clock_filter - add incoming clock sample to filter register and run 2187 * the filter procedure to find the best sample. 2188 */ 2189 void 2190 clock_filter( 2191 struct peer *peer, /* peer structure pointer */ 2192 double sample_offset, /* clock offset */ 2193 double sample_delay, /* roundtrip delay */ 2194 double sample_disp /* dispersion */ 2195 ) 2196 { 2197 double dst[NTP_SHIFT]; /* distance vector */ 2198 int ord[NTP_SHIFT]; /* index vector */ 2199 int i, j, k, m; 2200 double dtemp, etemp; 2201 char tbuf[80]; 2202 2203 /* 2204 * A sample consists of the offset, delay, dispersion and epoch 2205 * of arrival. The offset and delay are determined by the on- 2206 * wire protocol. The dispersion grows from the last outbound 2207 * packet to the arrival of this one increased by the sum of the 2208 * peer precision and the system precision as required by the 2209 * error budget. First, shift the new arrival into the shift 2210 * register discarding the oldest one. 2211 */ 2212 j = peer->filter_nextpt; 2213 peer->filter_offset[j] = sample_offset; 2214 peer->filter_delay[j] = sample_delay; 2215 peer->filter_disp[j] = sample_disp; 2216 peer->filter_epoch[j] = current_time; 2217 j = (j + 1) % NTP_SHIFT; 2218 peer->filter_nextpt = j; 2219 2220 /* 2221 * Update dispersions since the last update and at the same 2222 * time initialize the distance and index lists. Since samples 2223 * become increasingly uncorrelated beyond the Allan intercept, 2224 * only under exceptional cases will an older sample be used. 2225 * Therefore, the distance list uses a compound metric. If the 2226 * dispersion is greater than the maximum dispersion, clamp the 2227 * distance at that value. If the time since the last update is 2228 * less than the Allan intercept use the delay; otherwise, use 2229 * the sum of the delay and dispersion. 2230 */ 2231 dtemp = clock_phi * (current_time - peer->update); 2232 peer->update = current_time; 2233 for (i = NTP_SHIFT - 1; i >= 0; i--) { 2234 if (i != 0) 2235 peer->filter_disp[j] += dtemp; 2236 if (peer->filter_disp[j] >= MAXDISPERSE) { 2237 peer->filter_disp[j] = MAXDISPERSE; 2238 dst[i] = MAXDISPERSE; 2239 } else if (peer->update - peer->filter_epoch[j] > 2240 (u_long)ULOGTOD(allan_xpt)) { 2241 dst[i] = peer->filter_delay[j] + 2242 peer->filter_disp[j]; 2243 } else { 2244 dst[i] = peer->filter_delay[j]; 2245 } 2246 ord[i] = j; 2247 j = (j + 1) % NTP_SHIFT; 2248 } 2249 2250 /* 2251 * If the clock has stabilized, sort the samples by distance. 2252 */ 2253 if (freq_cnt == 0) { 2254 for (i = 1; i < NTP_SHIFT; i++) { 2255 for (j = 0; j < i; j++) { 2256 if (dst[j] > dst[i]) { 2257 k = ord[j]; 2258 ord[j] = ord[i]; 2259 ord[i] = k; 2260 etemp = dst[j]; 2261 dst[j] = dst[i]; 2262 dst[i] = etemp; 2263 } 2264 } 2265 } 2266 } 2267 2268 /* 2269 * Copy the index list to the association structure so ntpq 2270 * can see it later. Prune the distance list to leave only 2271 * samples less than the maximum dispersion, which disfavors 2272 * uncorrelated samples older than the Allan intercept. To 2273 * further improve the jitter estimate, of the remainder leave 2274 * only samples less than the maximum distance, but keep at 2275 * least two samples for jitter calculation. 2276 */ 2277 m = 0; 2278 for (i = 0; i < NTP_SHIFT; i++) { 2279 peer->filter_order[i] = (u_char) ord[i]; 2280 if (dst[i] >= MAXDISPERSE || (m >= 2 && dst[i] >= 2281 sys_maxdist)) 2282 continue; 2283 m++; 2284 } 2285 2286 /* 2287 * Compute the dispersion and jitter. The dispersion is weighted 2288 * exponentially by NTP_FWEIGHT (0.5) so it is normalized close 2289 * to 1.0. The jitter is the RMS differences relative to the 2290 * lowest delay sample. 2291 */ 2292 peer->disp = peer->jitter = 0; 2293 k = ord[0]; 2294 for (i = NTP_SHIFT - 1; i >= 0; i--) { 2295 j = ord[i]; 2296 peer->disp = NTP_FWEIGHT * (peer->disp + 2297 peer->filter_disp[j]); 2298 if (i < m) 2299 peer->jitter += DIFF(peer->filter_offset[j], 2300 peer->filter_offset[k]); 2301 } 2302 2303 /* 2304 * If no acceptable samples remain in the shift register, 2305 * quietly tiptoe home leaving only the dispersion. Otherwise, 2306 * save the offset, delay and jitter. Note the jitter must not 2307 * be less than the precision. 2308 */ 2309 if (m == 0) { 2310 clock_select(); 2311 return; 2312 } 2313 etemp = fabs(peer->offset - peer->filter_offset[k]); 2314 peer->offset = peer->filter_offset[k]; 2315 peer->delay = peer->filter_delay[k]; 2316 if (m > 1) 2317 peer->jitter /= m - 1; 2318 peer->jitter = max(SQRT(peer->jitter), LOGTOD(sys_precision)); 2319 2320 /* 2321 * If the the new sample and the current sample are both valid 2322 * and the difference between their offsets exceeds CLOCK_SGATE 2323 * (3) times the jitter and the interval between them is less 2324 * than twice the host poll interval, consider the new sample 2325 * a popcorn spike and ignore it. 2326 */ 2327 if (peer->disp < sys_maxdist && peer->filter_disp[k] < 2328 sys_maxdist && etemp > CLOCK_SGATE * peer->jitter && 2329 peer->filter_epoch[k] - peer->epoch < 2. * 2330 ULOGTOD(peer->hpoll)) { 2331 snprintf(tbuf, sizeof(tbuf), "%.6f s", etemp); 2332 report_event(PEVNT_POPCORN, peer, tbuf); 2333 return; 2334 } 2335 2336 /* 2337 * A new minimum sample is useful only if it is later than the 2338 * last one used. In this design the maximum lifetime of any 2339 * sample is not greater than eight times the poll interval, so 2340 * the maximum interval between minimum samples is eight 2341 * packets. 2342 */ 2343 if (peer->filter_epoch[k] <= peer->epoch) { 2344 #if DEBUG 2345 if (debug > 1) 2346 printf("clock_filter: old sample %lu\n", current_time - 2347 peer->filter_epoch[k]); 2348 #endif 2349 return; 2350 } 2351 peer->epoch = peer->filter_epoch[k]; 2352 2353 /* 2354 * The mitigated sample statistics are saved for later 2355 * processing. If not synchronized or not in a burst, tickle the 2356 * clock select algorithm. 2357 */ 2358 record_peer_stats(&peer->srcadr, ctlpeerstatus(peer), 2359 peer->offset, peer->delay, peer->disp, peer->jitter); 2360 #ifdef DEBUG 2361 if (debug) 2362 printf( 2363 "clock_filter: n %d off %.6f del %.6f dsp %.6f jit %.6f\n", 2364 m, peer->offset, peer->delay, peer->disp, 2365 peer->jitter); 2366 #endif 2367 if (peer->burst == 0 || sys_leap == LEAP_NOTINSYNC) 2368 clock_select(); 2369 } 2370 2371 2372 /* 2373 * clock_select - find the pick-of-the-litter clock 2374 * 2375 * LOCKCLOCK: (1) If the local clock is the prefer peer, it will always 2376 * be enabled, even if declared falseticker, (2) only the prefer peer 2377 * can be selected as the system peer, (3) if the external source is 2378 * down, the system leap bits are set to 11 and the stratum set to 2379 * infinity. 2380 */ 2381 void 2382 clock_select(void) 2383 { 2384 struct peer *peer; 2385 int i, j, k, n; 2386 int nlist, nl2; 2387 int allow; 2388 int speer; 2389 double d, e, f, g; 2390 double high, low; 2391 double speermet; 2392 double orphmet = 2.0 * U_INT32_MAX; /* 2x is greater than */ 2393 struct endpoint endp; 2394 struct peer *osys_peer; 2395 struct peer *sys_prefer = NULL; /* prefer peer */ 2396 struct peer *typesystem = NULL; 2397 struct peer *typeorphan = NULL; 2398 #ifdef REFCLOCK 2399 struct peer *typeacts = NULL; 2400 struct peer *typelocal = NULL; 2401 struct peer *typepps = NULL; 2402 #endif /* REFCLOCK */ 2403 static struct endpoint *endpoint = NULL; 2404 static int *indx = NULL; 2405 static peer_select *peers = NULL; 2406 static u_int endpoint_size = 0; 2407 static u_int peers_size = 0; 2408 static u_int indx_size = 0; 2409 size_t octets; 2410 2411 /* 2412 * Initialize and create endpoint, index and peer lists big 2413 * enough to handle all associations. 2414 */ 2415 osys_peer = sys_peer; 2416 sys_survivors = 0; 2417 #ifdef LOCKCLOCK 2418 sys_leap = LEAP_NOTINSYNC; 2419 sys_stratum = STRATUM_UNSPEC; 2420 memcpy(&sys_refid, "DOWN", 4); 2421 #endif /* LOCKCLOCK */ 2422 2423 /* 2424 * Allocate dynamic space depending on the number of 2425 * associations. 2426 */ 2427 nlist = 1; 2428 for (peer = peer_list; peer != NULL; peer = peer->p_link) 2429 nlist++; 2430 endpoint_size = ALIGNED_SIZE(nlist * 2 * sizeof(*endpoint)); 2431 peers_size = ALIGNED_SIZE(nlist * sizeof(*peers)); 2432 indx_size = ALIGNED_SIZE(nlist * 2 * sizeof(*indx)); 2433 octets = endpoint_size + peers_size + indx_size; 2434 endpoint = erealloc(endpoint, octets); 2435 peers = INC_ALIGNED_PTR(endpoint, endpoint_size); 2436 indx = INC_ALIGNED_PTR(peers, peers_size); 2437 2438 /* 2439 * Initially, we populate the island with all the rifraff peers 2440 * that happen to be lying around. Those with seriously 2441 * defective clocks are immediately booted off the island. Then, 2442 * the falsetickers are culled and put to sea. The truechimers 2443 * remaining are subject to repeated rounds where the most 2444 * unpopular at each round is kicked off. When the population 2445 * has dwindled to sys_minclock, the survivors split a million 2446 * bucks and collectively crank the chimes. 2447 */ 2448 nlist = nl2 = 0; /* none yet */ 2449 for (peer = peer_list; peer != NULL; peer = peer->p_link) { 2450 peer->new_status = CTL_PST_SEL_REJECT; 2451 2452 /* 2453 * Leave the island immediately if the peer is 2454 * unfit to synchronize. 2455 */ 2456 if (peer_unfit(peer)) 2457 continue; 2458 2459 /* 2460 * If this peer is an orphan parent, elect the 2461 * one with the lowest metric defined as the 2462 * IPv4 address or the first 64 bits of the 2463 * hashed IPv6 address. To ensure convergence 2464 * on the same selected orphan, consider as 2465 * well that this system may have the lowest 2466 * metric and be the orphan parent. If this 2467 * system wins, sys_peer will be NULL to trigger 2468 * orphan mode in timer(). 2469 */ 2470 if (peer->stratum == sys_orphan) { 2471 u_int32 localmet; 2472 u_int32 peermet; 2473 2474 if (peer->dstadr != NULL) 2475 localmet = ntohl(peer->dstadr->addr_refid); 2476 else 2477 localmet = U_INT32_MAX; 2478 peermet = ntohl(addr2refid(&peer->srcadr)); 2479 if (peermet < localmet && peermet < orphmet) { 2480 typeorphan = peer; 2481 orphmet = peermet; 2482 } 2483 continue; 2484 } 2485 2486 /* 2487 * If this peer could have the orphan parent 2488 * as a synchronization ancestor, exclude it 2489 * from selection to avoid forming a 2490 * synchronization loop within the orphan mesh, 2491 * triggering stratum climb to infinity 2492 * instability. Peers at stratum higher than 2493 * the orphan stratum could have the orphan 2494 * parent in ancestry so are excluded. 2495 * See http://bugs.ntp.org/2050 2496 */ 2497 if (peer->stratum > sys_orphan) 2498 continue; 2499 #ifdef REFCLOCK 2500 /* 2501 * The following are special cases. We deal 2502 * with them later. 2503 */ 2504 if (!(peer->flags & FLAG_PREFER)) { 2505 switch (peer->refclktype) { 2506 case REFCLK_LOCALCLOCK: 2507 if (current_time > orphwait && 2508 typelocal == NULL) 2509 typelocal = peer; 2510 continue; 2511 2512 case REFCLK_ACTS: 2513 if (current_time > orphwait && 2514 typeacts == NULL) 2515 typeacts = peer; 2516 continue; 2517 } 2518 } 2519 #endif /* REFCLOCK */ 2520 2521 /* 2522 * If we get this far, the peer can stay on the 2523 * island, but does not yet have the immunity 2524 * idol. 2525 */ 2526 peer->new_status = CTL_PST_SEL_SANE; 2527 f = root_distance(peer); 2528 peers[nlist].peer = peer; 2529 peers[nlist].error = peer->jitter; 2530 peers[nlist].synch = f; 2531 nlist++; 2532 2533 /* 2534 * Insert each interval endpoint on the unsorted 2535 * endpoint[] list. 2536 */ 2537 e = peer->offset; 2538 endpoint[nl2].type = -1; /* lower end */ 2539 endpoint[nl2].val = e - f; 2540 nl2++; 2541 endpoint[nl2].type = 1; /* upper end */ 2542 endpoint[nl2].val = e + f; 2543 nl2++; 2544 } 2545 /* 2546 * Construct sorted indx[] of endpoint[] indexes ordered by 2547 * offset. 2548 */ 2549 for (i = 0; i < nl2; i++) 2550 indx[i] = i; 2551 for (i = 0; i < nl2; i++) { 2552 endp = endpoint[indx[i]]; 2553 e = endp.val; 2554 k = i; 2555 for (j = i + 1; j < nl2; j++) { 2556 endp = endpoint[indx[j]]; 2557 if (endp.val < e) { 2558 e = endp.val; 2559 k = j; 2560 } 2561 } 2562 if (k != i) { 2563 j = indx[k]; 2564 indx[k] = indx[i]; 2565 indx[i] = j; 2566 } 2567 } 2568 for (i = 0; i < nl2; i++) 2569 DPRINTF(3, ("select: endpoint %2d %.6f\n", 2570 endpoint[indx[i]].type, endpoint[indx[i]].val)); 2571 2572 /* 2573 * This is the actual algorithm that cleaves the truechimers 2574 * from the falsetickers. The original algorithm was described 2575 * in Keith Marzullo's dissertation, but has been modified for 2576 * better accuracy. 2577 * 2578 * Briefly put, we first assume there are no falsetickers, then 2579 * scan the candidate list first from the low end upwards and 2580 * then from the high end downwards. The scans stop when the 2581 * number of intersections equals the number of candidates less 2582 * the number of falsetickers. If this doesn't happen for a 2583 * given number of falsetickers, we bump the number of 2584 * falsetickers and try again. If the number of falsetickers 2585 * becomes equal to or greater than half the number of 2586 * candidates, the Albanians have won the Byzantine wars and 2587 * correct synchronization is not possible. 2588 * 2589 * Here, nlist is the number of candidates and allow is the 2590 * number of falsetickers. Upon exit, the truechimers are the 2591 * survivors with offsets not less than low and not greater than 2592 * high. There may be none of them. 2593 */ 2594 low = 1e9; 2595 high = -1e9; 2596 for (allow = 0; 2 * allow < nlist; allow++) { 2597 2598 /* 2599 * Bound the interval (low, high) as the smallest 2600 * interval containing points from the most sources. 2601 */ 2602 n = 0; 2603 for (i = 0; i < nl2; i++) { 2604 low = endpoint[indx[i]].val; 2605 n -= endpoint[indx[i]].type; 2606 if (n >= nlist - allow) 2607 break; 2608 } 2609 n = 0; 2610 for (j = nl2 - 1; j >= 0; j--) { 2611 high = endpoint[indx[j]].val; 2612 n += endpoint[indx[j]].type; 2613 if (n >= nlist - allow) 2614 break; 2615 } 2616 2617 /* 2618 * If an interval containing truechimers is found, stop. 2619 * If not, increase the number of falsetickers and go 2620 * around again. 2621 */ 2622 if (high > low) 2623 break; 2624 } 2625 2626 /* 2627 * Clustering algorithm. Whittle candidate list of falsetickers, 2628 * who leave the island immediately. The TRUE peer is always a 2629 * truechimer. We must leave at least one peer to collect the 2630 * million bucks. 2631 * 2632 * We assert the correct time is contained in the interval, but 2633 * the best offset estimate for the interval might not be 2634 * contained in the interval. For this purpose, a truechimer is 2635 * defined as the midpoint of an interval that overlaps the 2636 * intersection interval. 2637 */ 2638 j = 0; 2639 for (i = 0; i < nlist; i++) { 2640 double h; 2641 2642 peer = peers[i].peer; 2643 h = peers[i].synch; 2644 if ((high <= low || peer->offset + h < low || 2645 peer->offset - h > high) && !(peer->flags & FLAG_TRUE)) 2646 continue; 2647 2648 #ifdef REFCLOCK 2649 /* 2650 * Eligible PPS peers must survive the intersection 2651 * algorithm. Use the first one found, but don't 2652 * include any of them in the cluster population. 2653 */ 2654 if (peer->flags & FLAG_PPS) { 2655 if (typepps == NULL) 2656 typepps = peer; 2657 continue; 2658 } 2659 #endif /* REFCLOCK */ 2660 2661 if (j != i) 2662 peers[j] = peers[i]; 2663 j++; 2664 } 2665 nlist = j; 2666 2667 /* 2668 * If no survivors remain at this point, check if the modem 2669 * driver, local driver or orphan parent in that order. If so, 2670 * nominate the first one found as the only survivor. 2671 * Otherwise, give up and leave the island to the rats. 2672 */ 2673 if (nlist == 0) { 2674 peers[0].error = 0; 2675 peers[0].synch = sys_mindisp; 2676 #ifdef REFCLOCK 2677 if (typeacts != NULL) { 2678 peers[0].peer = typeacts; 2679 nlist = 1; 2680 } else if (typelocal != NULL) { 2681 peers[0].peer = typelocal; 2682 nlist = 1; 2683 } else 2684 #endif /* REFCLOCK */ 2685 if (typeorphan != NULL) { 2686 peers[0].peer = typeorphan; 2687 nlist = 1; 2688 } 2689 } 2690 2691 /* 2692 * Mark the candidates at this point as truechimers. 2693 */ 2694 for (i = 0; i < nlist; i++) { 2695 peers[i].peer->new_status = CTL_PST_SEL_SELCAND; 2696 DPRINTF(2, ("select: survivor %s %f\n", 2697 stoa(&peers[i].peer->srcadr), peers[i].synch)); 2698 } 2699 2700 /* 2701 * Now, vote outlyers off the island by select jitter weighted 2702 * by root distance. Continue voting as long as there are more 2703 * than sys_minclock survivors and the select jitter of the peer 2704 * with the worst metric is greater than the minimum peer 2705 * jitter. Stop if we are about to discard a TRUE or PREFER 2706 * peer, who of course have the immunity idol. 2707 */ 2708 while (1) { 2709 d = 1e9; 2710 e = -1e9; 2711 g = 0; 2712 k = 0; 2713 for (i = 0; i < nlist; i++) { 2714 if (peers[i].error < d) 2715 d = peers[i].error; 2716 peers[i].seljit = 0; 2717 if (nlist > 1) { 2718 f = 0; 2719 for (j = 0; j < nlist; j++) 2720 f += DIFF(peers[j].peer->offset, 2721 peers[i].peer->offset); 2722 peers[i].seljit = SQRT(f / (nlist - 1)); 2723 } 2724 if (peers[i].seljit * peers[i].synch > e) { 2725 g = peers[i].seljit; 2726 e = peers[i].seljit * peers[i].synch; 2727 k = i; 2728 } 2729 } 2730 g = max(g, LOGTOD(sys_precision)); 2731 if (nlist <= max(1, sys_minclock) || g <= d || 2732 ((FLAG_TRUE | FLAG_PREFER) & peers[k].peer->flags)) 2733 break; 2734 2735 DPRINTF(3, ("select: drop %s seljit %.6f jit %.6f\n", 2736 ntoa(&peers[k].peer->srcadr), g, d)); 2737 if (nlist > sys_maxclock) 2738 peers[k].peer->new_status = CTL_PST_SEL_EXCESS; 2739 for (j = k + 1; j < nlist; j++) 2740 peers[j - 1] = peers[j]; 2741 nlist--; 2742 } 2743 2744 /* 2745 * What remains is a list usually not greater than sys_minclock 2746 * peers. Note that unsynchronized peers cannot survive this 2747 * far. Count and mark these survivors. 2748 * 2749 * While at it, count the number of leap warning bits found. 2750 * This will be used later to vote the system leap warning bit. 2751 * If a leap warning bit is found on a reference clock, the vote 2752 * is always won. 2753 * 2754 * Choose the system peer using a hybrid metric composed of the 2755 * selection jitter scaled by the root distance augmented by 2756 * stratum scaled by sys_mindisp (.001 by default). The goal of 2757 * the small stratum factor is to avoid clockhop between a 2758 * reference clock and a network peer which has a refclock and 2759 * is using an older ntpd, which does not floor sys_rootdisp at 2760 * sys_mindisp. 2761 * 2762 * In contrast, ntpd 4.2.6 and earlier used stratum primarily 2763 * in selecting the system peer, using a weight of 1 second of 2764 * additional root distance per stratum. This heavy bias is no 2765 * longer appropriate, as the scaled root distance provides a 2766 * more rational metric carrying the cumulative error budget. 2767 */ 2768 e = 1e9; 2769 speer = 0; 2770 leap_vote_ins = 0; 2771 leap_vote_del = 0; 2772 for (i = 0; i < nlist; i++) { 2773 peer = peers[i].peer; 2774 peer->unreach = 0; 2775 peer->new_status = CTL_PST_SEL_SYNCCAND; 2776 sys_survivors++; 2777 if (peer->leap == LEAP_ADDSECOND) { 2778 if (peer->flags & FLAG_REFCLOCK) 2779 leap_vote_ins = nlist; 2780 else if (leap_vote_ins < nlist) 2781 leap_vote_ins++; 2782 } 2783 if (peer->leap == LEAP_DELSECOND) { 2784 if (peer->flags & FLAG_REFCLOCK) 2785 leap_vote_del = nlist; 2786 else if (leap_vote_del < nlist) 2787 leap_vote_del++; 2788 } 2789 if (peer->flags & FLAG_PREFER) 2790 sys_prefer = peer; 2791 speermet = peers[i].seljit * peers[i].synch + 2792 peer->stratum * sys_mindisp; 2793 if (speermet < e) { 2794 e = speermet; 2795 speer = i; 2796 } 2797 } 2798 2799 /* 2800 * Unless there are at least sys_misane survivors, leave the 2801 * building dark. Otherwise, do a clockhop dance. Ordinarily, 2802 * use the selected survivor speer. However, if the current 2803 * system peer is not speer, stay with the current system peer 2804 * as long as it doesn't get too old or too ugly. 2805 */ 2806 if (nlist > 0 && nlist >= sys_minsane) { 2807 double x; 2808 2809 typesystem = peers[speer].peer; 2810 if (osys_peer == NULL || osys_peer == typesystem) { 2811 sys_clockhop = 0; 2812 } else if ((x = fabs(typesystem->offset - 2813 osys_peer->offset)) < sys_mindisp) { 2814 if (sys_clockhop == 0) 2815 sys_clockhop = sys_mindisp; 2816 else 2817 sys_clockhop *= .5; 2818 DPRINTF(1, ("select: clockhop %d %.6f %.6f\n", 2819 j, x, sys_clockhop)); 2820 if (fabs(x) < sys_clockhop) 2821 typesystem = osys_peer; 2822 else 2823 sys_clockhop = 0; 2824 } else { 2825 sys_clockhop = 0; 2826 } 2827 } 2828 2829 /* 2830 * Mitigation rules of the game. We have the pick of the 2831 * litter in typesystem if any survivors are left. If 2832 * there is a prefer peer, use its offset and jitter. 2833 * Otherwise, use the combined offset and jitter of all kitters. 2834 */ 2835 if (typesystem != NULL) { 2836 if (sys_prefer == NULL) { 2837 typesystem->new_status = CTL_PST_SEL_SYSPEER; 2838 clock_combine(peers, sys_survivors, speer); 2839 } else { 2840 typesystem = sys_prefer; 2841 sys_clockhop = 0; 2842 typesystem->new_status = CTL_PST_SEL_SYSPEER; 2843 sys_offset = typesystem->offset; 2844 sys_jitter = typesystem->jitter; 2845 } 2846 DPRINTF(1, ("select: combine offset %.9f jitter %.9f\n", 2847 sys_offset, sys_jitter)); 2848 } 2849 #ifdef REFCLOCK 2850 /* 2851 * If a PPS driver is lit and the combined offset is less than 2852 * 0.4 s, select the driver as the PPS peer and use its offset 2853 * and jitter. However, if this is the atom driver, use it only 2854 * if there is a prefer peer or there are no survivors and none 2855 * are required. 2856 */ 2857 if (typepps != NULL && fabs(sys_offset) < 0.4 && 2858 (typepps->refclktype != REFCLK_ATOM_PPS || 2859 (typepps->refclktype == REFCLK_ATOM_PPS && (sys_prefer != 2860 NULL || (typesystem == NULL && sys_minsane == 0))))) { 2861 typesystem = typepps; 2862 sys_clockhop = 0; 2863 typesystem->new_status = CTL_PST_SEL_PPS; 2864 sys_offset = typesystem->offset; 2865 sys_jitter = typesystem->jitter; 2866 DPRINTF(1, ("select: pps offset %.9f jitter %.9f\n", 2867 sys_offset, sys_jitter)); 2868 } 2869 #endif /* REFCLOCK */ 2870 2871 /* 2872 * If there are no survivors at this point, there is no 2873 * system peer. If so and this is an old update, keep the 2874 * current statistics, but do not update the clock. 2875 */ 2876 if (typesystem == NULL) { 2877 if (osys_peer != NULL) { 2878 if (sys_orphwait > 0) 2879 orphwait = current_time + sys_orphwait; 2880 report_event(EVNT_NOPEER, NULL, NULL); 2881 } 2882 sys_peer = NULL; 2883 for (peer = peer_list; peer != NULL; peer = peer->p_link) 2884 peer->status = peer->new_status; 2885 return; 2886 } 2887 2888 /* 2889 * Do not use old data, as this may mess up the clock discipline 2890 * stability. 2891 */ 2892 if (typesystem->epoch <= sys_epoch) 2893 return; 2894 2895 /* 2896 * We have found the alpha male. Wind the clock. 2897 */ 2898 if (osys_peer != typesystem) 2899 report_event(PEVNT_NEWPEER, typesystem, NULL); 2900 for (peer = peer_list; peer != NULL; peer = peer->p_link) 2901 peer->status = peer->new_status; 2902 clock_update(typesystem); 2903 } 2904 2905 2906 static void 2907 clock_combine( 2908 peer_select * peers, /* survivor list */ 2909 int npeers, /* number of survivors */ 2910 int syspeer /* index of sys.peer */ 2911 ) 2912 { 2913 int i; 2914 double x, y, z, w; 2915 2916 y = z = w = 0; 2917 for (i = 0; i < npeers; i++) { 2918 x = 1. / peers[i].synch; 2919 y += x; 2920 z += x * peers[i].peer->offset; 2921 w += x * DIFF(peers[i].peer->offset, 2922 peers[syspeer].peer->offset); 2923 } 2924 sys_offset = z / y; 2925 sys_jitter = SQRT(w / y + SQUARE(peers[syspeer].seljit)); 2926 } 2927 2928 2929 /* 2930 * root_distance - compute synchronization distance from peer to root 2931 */ 2932 static double 2933 root_distance( 2934 struct peer *peer /* peer structure pointer */ 2935 ) 2936 { 2937 double dtemp; 2938 2939 /* 2940 * Root Distance (LAMBDA) is defined as: 2941 * (delta + DELTA)/2 + epsilon + EPSILON + phi 2942 * 2943 * where: 2944 * delta is the round-trip delay 2945 * DELTA is the root delay 2946 * epsilon is the remote server precision + local precision 2947 * + (15 usec each second) 2948 * EPSILON is the root dispersion 2949 * phi is the peer jitter statistic 2950 * 2951 * NB: Think hard about why we are using these values, and what 2952 * the alternatives are, and the various pros/cons. 2953 * 2954 * DLM thinks these are probably the best choices from any of the 2955 * other worse choices. 2956 */ 2957 dtemp = (peer->delay + peer->rootdelay) / 2 2958 + LOGTOD(peer->precision) 2959 + LOGTOD(sys_precision) 2960 + clock_phi * (current_time - peer->update) 2961 + peer->rootdisp 2962 + peer->jitter; 2963 /* 2964 * Careful squeak here. The value returned must be greater than 2965 * the minimum root dispersion in order to avoid clockhop with 2966 * highly precise reference clocks. Note that the root distance 2967 * cannot exceed the sys_maxdist, as this is the cutoff by the 2968 * selection algorithm. 2969 */ 2970 if (dtemp < sys_mindisp) 2971 dtemp = sys_mindisp; 2972 return (dtemp); 2973 } 2974 2975 2976 /* 2977 * peer_xmit - send packet for persistent association. 2978 */ 2979 static void 2980 peer_xmit( 2981 struct peer *peer /* peer structure pointer */ 2982 ) 2983 { 2984 struct pkt xpkt; /* transmit packet */ 2985 size_t sendlen, authlen; 2986 keyid_t xkeyid = 0; /* transmit key ID */ 2987 l_fp xmt_tx, xmt_ty; 2988 2989 if (!peer->dstadr) /* drop peers without interface */ 2990 return; 2991 2992 xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, peer->version, 2993 peer->hmode); 2994 xpkt.stratum = STRATUM_TO_PKT(sys_stratum); 2995 xpkt.ppoll = peer->hpoll; 2996 xpkt.precision = sys_precision; 2997 xpkt.refid = sys_refid; 2998 xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay)); 2999 xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp)); 3000 HTONL_FP(&sys_reftime, &xpkt.reftime); 3001 HTONL_FP(&peer->rec, &xpkt.org); 3002 HTONL_FP(&peer->dst, &xpkt.rec); 3003 3004 /* 3005 * If the received packet contains a MAC, the transmitted packet 3006 * is authenticated and contains a MAC. If not, the transmitted 3007 * packet is not authenticated. 3008 * 3009 * It is most important when autokey is in use that the local 3010 * interface IP address be known before the first packet is 3011 * sent. Otherwise, it is not possible to compute a correct MAC 3012 * the recipient will accept. Thus, the I/O semantics have to do 3013 * a little more work. In particular, the wildcard interface 3014 * might not be usable. 3015 */ 3016 sendlen = LEN_PKT_NOMAC; 3017 #ifdef AUTOKEY 3018 if (!(peer->flags & FLAG_SKEY) && peer->keyid == 0) { 3019 #else /* !AUTOKEY follows */ 3020 if (peer->keyid == 0) { 3021 #endif /* !AUTOKEY */ 3022 3023 /* 3024 * Transmit a-priori timestamps 3025 */ 3026 get_systime(&xmt_tx); 3027 if (peer->flip == 0) { /* basic mode */ 3028 peer->aorg = xmt_tx; 3029 HTONL_FP(&xmt_tx, &xpkt.xmt); 3030 } else { /* interleaved modes */ 3031 if (peer->hmode == MODE_BROADCAST) { /* bcst */ 3032 HTONL_FP(&xmt_tx, &xpkt.xmt); 3033 if (peer->flip > 0) 3034 HTONL_FP(&peer->borg, 3035 &xpkt.org); 3036 else 3037 HTONL_FP(&peer->aorg, 3038 &xpkt.org); 3039 } else { /* symmetric */ 3040 if (peer->flip > 0) 3041 HTONL_FP(&peer->borg, 3042 &xpkt.xmt); 3043 else 3044 HTONL_FP(&peer->aorg, 3045 &xpkt.xmt); 3046 } 3047 } 3048 peer->t21_bytes = sendlen; 3049 sendpkt(&peer->srcadr, peer->dstadr, sys_ttl[peer->ttl], 3050 &xpkt, sendlen); 3051 peer->sent++; 3052 peer->throttle += (1 << peer->minpoll) - 2; 3053 3054 /* 3055 * Capture a-posteriori timestamps 3056 */ 3057 get_systime(&xmt_ty); 3058 if (peer->flip != 0) { /* interleaved modes */ 3059 if (peer->flip > 0) 3060 peer->aorg = xmt_ty; 3061 else 3062 peer->borg = xmt_ty; 3063 peer->flip = -peer->flip; 3064 } 3065 L_SUB(&xmt_ty, &xmt_tx); 3066 LFPTOD(&xmt_ty, peer->xleave); 3067 #ifdef DEBUG 3068 if (debug) 3069 printf("transmit: at %ld %s->%s mode %d len %zu\n", 3070 current_time, peer->dstadr ? 3071 stoa(&peer->dstadr->sin) : "-", 3072 stoa(&peer->srcadr), peer->hmode, sendlen); 3073 #endif 3074 return; 3075 } 3076 3077 /* 3078 * Authentication is enabled, so the transmitted packet must be 3079 * authenticated. If autokey is enabled, fuss with the various 3080 * modes; otherwise, symmetric key cryptography is used. 3081 */ 3082 #ifdef AUTOKEY 3083 if (peer->flags & FLAG_SKEY) { 3084 struct exten *exten; /* extension field */ 3085 3086 /* 3087 * The Public Key Dance (PKD): Cryptographic credentials 3088 * are contained in extension fields, each including a 3089 * 4-octet length/code word followed by a 4-octet 3090 * association ID and optional additional data. Optional 3091 * data includes a 4-octet data length field followed by 3092 * the data itself. Request messages are sent from a 3093 * configured association; response messages can be sent 3094 * from a configured association or can take the fast 3095 * path without ever matching an association. Response 3096 * messages have the same code as the request, but have 3097 * a response bit and possibly an error bit set. In this 3098 * implementation, a message may contain no more than 3099 * one command and one or more responses. 3100 * 3101 * Cryptographic session keys include both a public and 3102 * a private componet. Request and response messages 3103 * using extension fields are always sent with the 3104 * private component set to zero. Packets without 3105 * extension fields indlude the private component when 3106 * the session key is generated. 3107 */ 3108 while (1) { 3109 3110 /* 3111 * Allocate and initialize a keylist if not 3112 * already done. Then, use the list in inverse 3113 * order, discarding keys once used. Keep the 3114 * latest key around until the next one, so 3115 * clients can use client/server packets to 3116 * compute propagation delay. 3117 * 3118 * Note that once a key is used from the list, 3119 * it is retained in the key cache until the 3120 * next key is used. This is to allow a client 3121 * to retrieve the encrypted session key 3122 * identifier to verify authenticity. 3123 * 3124 * If for some reason a key is no longer in the 3125 * key cache, a birthday has happened or the key 3126 * has expired, so the pseudo-random sequence is 3127 * broken. In that case, purge the keylist and 3128 * regenerate it. 3129 */ 3130 if (peer->keynumber == 0) 3131 make_keylist(peer, peer->dstadr); 3132 else 3133 peer->keynumber--; 3134 xkeyid = peer->keylist[peer->keynumber]; 3135 if (authistrusted(xkeyid)) 3136 break; 3137 else 3138 key_expire(peer); 3139 } 3140 peer->keyid = xkeyid; 3141 exten = NULL; 3142 switch (peer->hmode) { 3143 3144 /* 3145 * In broadcast server mode the autokey values are 3146 * required by the broadcast clients. Push them when a 3147 * new keylist is generated; otherwise, push the 3148 * association message so the client can request them at 3149 * other times. 3150 */ 3151 case MODE_BROADCAST: 3152 if (peer->flags & FLAG_ASSOC) 3153 exten = crypto_args(peer, CRYPTO_AUTO | 3154 CRYPTO_RESP, peer->associd, NULL); 3155 else 3156 exten = crypto_args(peer, CRYPTO_ASSOC | 3157 CRYPTO_RESP, peer->associd, NULL); 3158 break; 3159 3160 /* 3161 * In symmetric modes the parameter, certificate, 3162 * identity, cookie and autokey exchanges are 3163 * required. The leapsecond exchange is optional. But, a 3164 * peer will not believe the other peer until the other 3165 * peer has synchronized, so the certificate exchange 3166 * might loop until then. If a peer finds a broken 3167 * autokey sequence, it uses the autokey exchange to 3168 * retrieve the autokey values. In any case, if a new 3169 * keylist is generated, the autokey values are pushed. 3170 */ 3171 case MODE_ACTIVE: 3172 case MODE_PASSIVE: 3173 3174 /* 3175 * Parameter, certificate and identity. 3176 */ 3177 if (!peer->crypto) 3178 exten = crypto_args(peer, CRYPTO_ASSOC, 3179 peer->associd, hostval.ptr); 3180 else if (!(peer->crypto & CRYPTO_FLAG_CERT)) 3181 exten = crypto_args(peer, CRYPTO_CERT, 3182 peer->associd, peer->issuer); 3183 else if (!(peer->crypto & CRYPTO_FLAG_VRFY)) 3184 exten = crypto_args(peer, 3185 crypto_ident(peer), peer->associd, 3186 NULL); 3187 3188 /* 3189 * Cookie and autokey. We request the cookie 3190 * only when the this peer and the other peer 3191 * are synchronized. But, this peer needs the 3192 * autokey values when the cookie is zero. Any 3193 * time we regenerate the key list, we offer the 3194 * autokey values without being asked. If for 3195 * some reason either peer finds a broken 3196 * autokey sequence, the autokey exchange is 3197 * used to retrieve the autokey values. 3198 */ 3199 else if (sys_leap != LEAP_NOTINSYNC && 3200 peer->leap != LEAP_NOTINSYNC && 3201 !(peer->crypto & CRYPTO_FLAG_COOK)) 3202 exten = crypto_args(peer, CRYPTO_COOK, 3203 peer->associd, NULL); 3204 else if (!(peer->crypto & CRYPTO_FLAG_AUTO)) 3205 exten = crypto_args(peer, CRYPTO_AUTO, 3206 peer->associd, NULL); 3207 else if (peer->flags & FLAG_ASSOC && 3208 peer->crypto & CRYPTO_FLAG_SIGN) 3209 exten = crypto_args(peer, CRYPTO_AUTO | 3210 CRYPTO_RESP, peer->assoc, NULL); 3211 3212 /* 3213 * Wait for clock sync, then sign the 3214 * certificate and retrieve the leapsecond 3215 * values. 3216 */ 3217 else if (sys_leap == LEAP_NOTINSYNC) 3218 break; 3219 3220 else if (!(peer->crypto & CRYPTO_FLAG_SIGN)) 3221 exten = crypto_args(peer, CRYPTO_SIGN, 3222 peer->associd, hostval.ptr); 3223 else if (!(peer->crypto & CRYPTO_FLAG_LEAP)) 3224 exten = crypto_args(peer, CRYPTO_LEAP, 3225 peer->associd, NULL); 3226 break; 3227 3228 /* 3229 * In client mode the parameter, certificate, identity, 3230 * cookie and sign exchanges are required. The 3231 * leapsecond exchange is optional. If broadcast client 3232 * mode the same exchanges are required, except that the 3233 * autokey exchange is substitutes for the cookie 3234 * exchange, since the cookie is always zero. If the 3235 * broadcast client finds a broken autokey sequence, it 3236 * uses the autokey exchange to retrieve the autokey 3237 * values. 3238 */ 3239 case MODE_CLIENT: 3240 3241 /* 3242 * Parameter, certificate and identity. 3243 */ 3244 if (!peer->crypto) 3245 exten = crypto_args(peer, CRYPTO_ASSOC, 3246 peer->associd, hostval.ptr); 3247 else if (!(peer->crypto & CRYPTO_FLAG_CERT)) 3248 exten = crypto_args(peer, CRYPTO_CERT, 3249 peer->associd, peer->issuer); 3250 else if (!(peer->crypto & CRYPTO_FLAG_VRFY)) 3251 exten = crypto_args(peer, 3252 crypto_ident(peer), peer->associd, 3253 NULL); 3254 3255 /* 3256 * Cookie and autokey. These are requests, but 3257 * we use the peer association ID with autokey 3258 * rather than our own. 3259 */ 3260 else if (!(peer->crypto & CRYPTO_FLAG_COOK)) 3261 exten = crypto_args(peer, CRYPTO_COOK, 3262 peer->associd, NULL); 3263 else if (!(peer->crypto & CRYPTO_FLAG_AUTO)) 3264 exten = crypto_args(peer, CRYPTO_AUTO, 3265 peer->assoc, NULL); 3266 3267 /* 3268 * Wait for clock sync, then sign the 3269 * certificate and retrieve the leapsecond 3270 * values. 3271 */ 3272 else if (sys_leap == LEAP_NOTINSYNC) 3273 break; 3274 3275 else if (!(peer->crypto & CRYPTO_FLAG_SIGN)) 3276 exten = crypto_args(peer, CRYPTO_SIGN, 3277 peer->associd, hostval.ptr); 3278 else if (!(peer->crypto & CRYPTO_FLAG_LEAP)) 3279 exten = crypto_args(peer, CRYPTO_LEAP, 3280 peer->associd, NULL); 3281 break; 3282 } 3283 3284 /* 3285 * Add a queued extension field if present. This is 3286 * always a request message, so the reply ID is already 3287 * in the message. If an error occurs, the error bit is 3288 * lit in the response. 3289 */ 3290 if (peer->cmmd != NULL) { 3291 u_int32 temp32; 3292 3293 temp32 = CRYPTO_RESP; 3294 peer->cmmd->opcode |= htonl(temp32); 3295 sendlen += crypto_xmit(peer, &xpkt, NULL, 3296 sendlen, peer->cmmd, 0); 3297 free(peer->cmmd); 3298 peer->cmmd = NULL; 3299 } 3300 3301 /* 3302 * Add an extension field created above. All but the 3303 * autokey response message are request messages. 3304 */ 3305 if (exten != NULL) { 3306 if (exten->opcode != 0) 3307 sendlen += crypto_xmit(peer, &xpkt, 3308 NULL, sendlen, exten, 0); 3309 free(exten); 3310 } 3311 3312 /* 3313 * Calculate the next session key. Since extension 3314 * fields are present, the cookie value is zero. 3315 */ 3316 if (sendlen > (int)LEN_PKT_NOMAC) { 3317 session_key(&peer->dstadr->sin, &peer->srcadr, 3318 xkeyid, 0, 2); 3319 } 3320 } 3321 #endif /* AUTOKEY */ 3322 3323 /* 3324 * Transmit a-priori timestamps 3325 */ 3326 get_systime(&xmt_tx); 3327 if (peer->flip == 0) { /* basic mode */ 3328 peer->aorg = xmt_tx; 3329 HTONL_FP(&xmt_tx, &xpkt.xmt); 3330 } else { /* interleaved modes */ 3331 if (peer->hmode == MODE_BROADCAST) { /* bcst */ 3332 HTONL_FP(&xmt_tx, &xpkt.xmt); 3333 if (peer->flip > 0) 3334 HTONL_FP(&peer->borg, &xpkt.org); 3335 else 3336 HTONL_FP(&peer->aorg, &xpkt.org); 3337 } else { /* symmetric */ 3338 if (peer->flip > 0) 3339 HTONL_FP(&peer->borg, &xpkt.xmt); 3340 else 3341 HTONL_FP(&peer->aorg, &xpkt.xmt); 3342 } 3343 } 3344 xkeyid = peer->keyid; 3345 authlen = authencrypt(xkeyid, (u_int32 *)&xpkt, sendlen); 3346 if (authlen == 0) { 3347 report_event(PEVNT_AUTH, peer, "no key"); 3348 peer->flash |= TEST5; /* auth error */ 3349 peer->badauth++; 3350 return; 3351 } 3352 sendlen += authlen; 3353 #ifdef AUTOKEY 3354 if (xkeyid > NTP_MAXKEY) 3355 authtrust(xkeyid, 0); 3356 #endif /* AUTOKEY */ 3357 if (sendlen > sizeof(xpkt)) { 3358 msyslog(LOG_ERR, "proto: buffer overflow %zu", sendlen); 3359 exit (-1); 3360 } 3361 peer->t21_bytes = sendlen; 3362 sendpkt(&peer->srcadr, peer->dstadr, sys_ttl[peer->ttl], &xpkt, 3363 sendlen); 3364 peer->sent++; 3365 peer->throttle += (1 << peer->minpoll) - 2; 3366 3367 /* 3368 * Capture a-posteriori timestamps 3369 */ 3370 get_systime(&xmt_ty); 3371 if (peer->flip != 0) { /* interleaved modes */ 3372 if (peer->flip > 0) 3373 peer->aorg = xmt_ty; 3374 else 3375 peer->borg = xmt_ty; 3376 peer->flip = -peer->flip; 3377 } 3378 L_SUB(&xmt_ty, &xmt_tx); 3379 LFPTOD(&xmt_ty, peer->xleave); 3380 #ifdef AUTOKEY 3381 #ifdef DEBUG 3382 if (debug) 3383 printf("transmit: at %ld %s->%s mode %d keyid %08x len %zu index %d\n", 3384 current_time, latoa(peer->dstadr), 3385 ntoa(&peer->srcadr), peer->hmode, xkeyid, sendlen, 3386 peer->keynumber); 3387 #endif 3388 #else /* !AUTOKEY follows */ 3389 #ifdef DEBUG 3390 if (debug) 3391 printf("transmit: at %ld %s->%s mode %d keyid %08x len %d\n", 3392 current_time, peer->dstadr ? 3393 ntoa(&peer->dstadr->sin) : "-", 3394 ntoa(&peer->srcadr), peer->hmode, xkeyid, sendlen); 3395 #endif 3396 #endif /* !AUTOKEY */ 3397 } 3398 3399 3400 /* 3401 * fast_xmit - Send packet for nonpersistent association. Note that 3402 * neither the source or destination can be a broadcast address. 3403 */ 3404 static void 3405 fast_xmit( 3406 struct recvbuf *rbufp, /* receive packet pointer */ 3407 int xmode, /* receive mode */ 3408 keyid_t xkeyid, /* transmit key ID */ 3409 int flags /* restrict mask */ 3410 ) 3411 { 3412 struct pkt xpkt; /* transmit packet structure */ 3413 struct pkt *rpkt; /* receive packet structure */ 3414 l_fp xmt_tx, xmt_ty; 3415 int sendlen; 3416 #ifdef AUTOKEY 3417 u_int32 temp32; 3418 #endif 3419 3420 /* 3421 * Initialize transmit packet header fields from the receive 3422 * buffer provided. We leave the fields intact as received, but 3423 * set the peer poll at the maximum of the receive peer poll and 3424 * the system minimum poll (ntp_minpoll). This is for KoD rate 3425 * control and not strictly specification compliant, but doesn't 3426 * break anything. 3427 * 3428 * If the gazinta was from a multicast address, the gazoutta 3429 * must go out another way. 3430 */ 3431 rpkt = &rbufp->recv_pkt; 3432 if (rbufp->dstadr->flags & INT_MCASTOPEN) 3433 rbufp->dstadr = findinterface(&rbufp->recv_srcadr); 3434 3435 /* 3436 * If this is a kiss-o'-death (KoD) packet, show leap 3437 * unsynchronized, stratum zero, reference ID the four-character 3438 * kiss code and system root delay. Note we don't reveal the 3439 * local time, so these packets can't be used for 3440 * synchronization. 3441 */ 3442 if (flags & RES_KOD) { 3443 sys_kodsent++; 3444 xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC, 3445 PKT_VERSION(rpkt->li_vn_mode), xmode); 3446 xpkt.stratum = STRATUM_PKT_UNSPEC; 3447 xpkt.ppoll = max(rpkt->ppoll, ntp_minpoll); 3448 xpkt.precision = rpkt->precision; 3449 memcpy(&xpkt.refid, "RATE", 4); 3450 xpkt.rootdelay = rpkt->rootdelay; 3451 xpkt.rootdisp = rpkt->rootdisp; 3452 xpkt.reftime = rpkt->reftime; 3453 xpkt.org = rpkt->xmt; 3454 xpkt.rec = rpkt->xmt; 3455 xpkt.xmt = rpkt->xmt; 3456 3457 /* 3458 * This is a normal packet. Use the system variables. 3459 */ 3460 } else { 3461 xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, 3462 PKT_VERSION(rpkt->li_vn_mode), xmode); 3463 xpkt.stratum = STRATUM_TO_PKT(sys_stratum); 3464 xpkt.ppoll = max(rpkt->ppoll, ntp_minpoll); 3465 xpkt.precision = sys_precision; 3466 xpkt.refid = sys_refid; 3467 xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay)); 3468 xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp)); 3469 HTONL_FP(&sys_reftime, &xpkt.reftime); 3470 xpkt.org = rpkt->xmt; 3471 HTONL_FP(&rbufp->recv_time, &xpkt.rec); 3472 get_systime(&xmt_tx); 3473 HTONL_FP(&xmt_tx, &xpkt.xmt); 3474 } 3475 3476 #ifdef HAVE_NTP_SIGND 3477 if (flags & RES_MSSNTP) { 3478 send_via_ntp_signd(rbufp, xmode, xkeyid, flags, &xpkt); 3479 return; 3480 } 3481 #endif /* HAVE_NTP_SIGND */ 3482 3483 /* 3484 * If the received packet contains a MAC, the transmitted packet 3485 * is authenticated and contains a MAC. If not, the transmitted 3486 * packet is not authenticated. 3487 */ 3488 sendlen = LEN_PKT_NOMAC; 3489 if (rbufp->recv_length == sendlen) { 3490 sendpkt(&rbufp->recv_srcadr, rbufp->dstadr, 0, &xpkt, 3491 sendlen); 3492 #ifdef DEBUG 3493 if (debug) 3494 printf( 3495 "transmit: at %ld %s->%s mode %d len %d\n", 3496 current_time, stoa(&rbufp->dstadr->sin), 3497 stoa(&rbufp->recv_srcadr), xmode, sendlen); 3498 #endif 3499 return; 3500 } 3501 3502 /* 3503 * The received packet contains a MAC, so the transmitted packet 3504 * must be authenticated. For symmetric key cryptography, use 3505 * the predefined and trusted symmetric keys to generate the 3506 * cryptosum. For autokey cryptography, use the server private 3507 * value to generate the cookie, which is unique for every 3508 * source-destination-key ID combination. 3509 */ 3510 #ifdef AUTOKEY 3511 if (xkeyid > NTP_MAXKEY) { 3512 keyid_t cookie; 3513 3514 /* 3515 * The only way to get here is a reply to a legitimate 3516 * client request message, so the mode must be 3517 * MODE_SERVER. If an extension field is present, there 3518 * can be only one and that must be a command. Do what 3519 * needs, but with private value of zero so the poor 3520 * jerk can decode it. If no extension field is present, 3521 * use the cookie to generate the session key. 3522 */ 3523 cookie = session_key(&rbufp->recv_srcadr, 3524 &rbufp->dstadr->sin, 0, sys_private, 0); 3525 if (rbufp->recv_length > sendlen + (int)MAX_MAC_LEN) { 3526 session_key(&rbufp->dstadr->sin, 3527 &rbufp->recv_srcadr, xkeyid, 0, 2); 3528 temp32 = CRYPTO_RESP; 3529 rpkt->exten[0] |= htonl(temp32); 3530 sendlen += crypto_xmit(NULL, &xpkt, rbufp, 3531 sendlen, (struct exten *)rpkt->exten, 3532 cookie); 3533 } else { 3534 session_key(&rbufp->dstadr->sin, 3535 &rbufp->recv_srcadr, xkeyid, cookie, 2); 3536 } 3537 } 3538 #endif /* AUTOKEY */ 3539 get_systime(&xmt_tx); 3540 sendlen += authencrypt(xkeyid, (u_int32 *)&xpkt, sendlen); 3541 #ifdef AUTOKEY 3542 if (xkeyid > NTP_MAXKEY) 3543 authtrust(xkeyid, 0); 3544 #endif /* AUTOKEY */ 3545 sendpkt(&rbufp->recv_srcadr, rbufp->dstadr, 0, &xpkt, sendlen); 3546 get_systime(&xmt_ty); 3547 L_SUB(&xmt_ty, &xmt_tx); 3548 sys_authdelay = xmt_ty; 3549 #ifdef DEBUG 3550 if (debug) 3551 printf( 3552 "transmit: at %ld %s->%s mode %d keyid %08x len %d\n", 3553 current_time, ntoa(&rbufp->dstadr->sin), 3554 ntoa(&rbufp->recv_srcadr), xmode, xkeyid, sendlen); 3555 #endif 3556 } 3557 3558 3559 /* 3560 * pool_xmit - resolve hostname or send unicast solicitation for pool. 3561 */ 3562 static void 3563 pool_xmit( 3564 struct peer *pool /* pool solicitor association */ 3565 ) 3566 { 3567 #ifdef WORKER 3568 struct pkt xpkt; /* transmit packet structure */ 3569 struct addrinfo hints; 3570 int rc; 3571 struct interface * lcladr; 3572 sockaddr_u * rmtadr; 3573 int restrict_mask; 3574 struct peer * p; 3575 l_fp xmt_tx; 3576 3577 if (NULL == pool->ai) { 3578 if (pool->addrs != NULL) { 3579 /* free() is used with copy_addrinfo_list() */ 3580 free(pool->addrs); 3581 pool->addrs = NULL; 3582 } 3583 ZERO(hints); 3584 hints.ai_family = AF(&pool->srcadr); 3585 hints.ai_socktype = SOCK_DGRAM; 3586 hints.ai_protocol = IPPROTO_UDP; 3587 /* ignore getaddrinfo_sometime() errors, we will retry */ 3588 rc = getaddrinfo_sometime( 3589 pool->hostname, 3590 "ntp", 3591 &hints, 3592 0, /* no retry */ 3593 &pool_name_resolved, 3594 (void *)(intptr_t)pool->associd); 3595 if (!rc) 3596 DPRINTF(1, ("pool DNS lookup %s started\n", 3597 pool->hostname)); 3598 else 3599 msyslog(LOG_ERR, 3600 "unable to start pool DNS %s %m", 3601 pool->hostname); 3602 return; 3603 } 3604 3605 do { 3606 /* copy_addrinfo_list ai_addr points to a sockaddr_u */ 3607 rmtadr = (sockaddr_u *)(void *)pool->ai->ai_addr; 3608 pool->ai = pool->ai->ai_next; 3609 p = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT, 0); 3610 } while (p != NULL && pool->ai != NULL); 3611 if (p != NULL) 3612 return; /* out of addresses, re-query DNS next poll */ 3613 restrict_mask = restrictions(rmtadr); 3614 if (RES_FLAGS & restrict_mask) 3615 restrict_source(rmtadr, 0, 3616 current_time + POOL_SOLICIT_WINDOW + 1); 3617 lcladr = findinterface(rmtadr); 3618 memset(&xpkt, 0, sizeof(xpkt)); 3619 xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, pool->version, 3620 MODE_CLIENT); 3621 xpkt.stratum = STRATUM_TO_PKT(sys_stratum); 3622 xpkt.ppoll = pool->hpoll; 3623 xpkt.precision = sys_precision; 3624 xpkt.refid = sys_refid; 3625 xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay)); 3626 xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp)); 3627 HTONL_FP(&sys_reftime, &xpkt.reftime); 3628 get_systime(&xmt_tx); 3629 pool->aorg = xmt_tx; 3630 HTONL_FP(&xmt_tx, &xpkt.xmt); 3631 sendpkt(rmtadr, lcladr, sys_ttl[pool->ttl], &xpkt, 3632 LEN_PKT_NOMAC); 3633 pool->sent++; 3634 pool->throttle += (1 << pool->minpoll) - 2; 3635 #ifdef DEBUG 3636 if (debug) 3637 printf("transmit: at %ld %s->%s pool\n", 3638 current_time, latoa(lcladr), stoa(rmtadr)); 3639 #endif 3640 msyslog(LOG_INFO, "Soliciting pool server %s", stoa(rmtadr)); 3641 #endif /* WORKER */ 3642 } 3643 3644 3645 #ifdef AUTOKEY 3646 /* 3647 * group_test - test if this is the same group 3648 * 3649 * host assoc return action 3650 * none none 0 mobilize * 3651 * none group 0 mobilize * 3652 * group none 0 mobilize * 3653 * group group 1 mobilize 3654 * group different 1 ignore 3655 * * ignore if notrust 3656 */ 3657 int group_test( 3658 char *grp, 3659 char *ident 3660 ) 3661 { 3662 if (grp == NULL) 3663 return (0); 3664 3665 if (strcmp(grp, sys_groupname) == 0) 3666 return (0); 3667 3668 if (ident == NULL) 3669 return (1); 3670 3671 if (strcmp(grp, ident) == 0) 3672 return (0); 3673 3674 return (1); 3675 } 3676 #endif /* AUTOKEY */ 3677 3678 #ifdef WORKER 3679 void 3680 pool_name_resolved( 3681 int rescode, 3682 int gai_errno, 3683 void * context, 3684 const char * name, 3685 const char * service, 3686 const struct addrinfo * hints, 3687 const struct addrinfo * res 3688 ) 3689 { 3690 struct peer * pool; /* pool solicitor association */ 3691 associd_t assoc; 3692 3693 if (rescode) { 3694 msyslog(LOG_ERR, 3695 "error resolving pool %s: %s (%d)", 3696 name, gai_strerror(rescode), rescode); 3697 return; 3698 } 3699 3700 assoc = (associd_t)(intptr_t)context; 3701 pool = findpeerbyassoc(assoc); 3702 if (NULL == pool) { 3703 msyslog(LOG_ERR, 3704 "Could not find assoc %u for pool DNS %s", 3705 assoc, name); 3706 return; 3707 } 3708 DPRINTF(1, ("pool DNS %s completed\n", name)); 3709 pool->addrs = copy_addrinfo_list(res); 3710 pool->ai = pool->addrs; 3711 pool_xmit(pool); 3712 3713 } 3714 #endif /* WORKER */ 3715 3716 3717 #ifdef AUTOKEY 3718 /* 3719 * key_expire - purge the key list 3720 */ 3721 void 3722 key_expire( 3723 struct peer *peer /* peer structure pointer */ 3724 ) 3725 { 3726 int i; 3727 3728 if (peer->keylist != NULL) { 3729 for (i = 0; i <= peer->keynumber; i++) 3730 authtrust(peer->keylist[i], 0); 3731 free(peer->keylist); 3732 peer->keylist = NULL; 3733 } 3734 value_free(&peer->sndval); 3735 peer->keynumber = 0; 3736 peer->flags &= ~FLAG_ASSOC; 3737 #ifdef DEBUG 3738 if (debug) 3739 printf("key_expire: at %lu associd %d\n", current_time, 3740 peer->associd); 3741 #endif 3742 } 3743 #endif /* AUTOKEY */ 3744 3745 3746 /* 3747 * local_refid(peer) - check peer refid to avoid selecting peers 3748 * currently synced to this ntpd. 3749 */ 3750 static int 3751 local_refid( 3752 struct peer * p 3753 ) 3754 { 3755 endpt * unicast_ep; 3756 3757 if (p->dstadr != NULL && !(INT_MCASTIF & p->dstadr->flags)) 3758 unicast_ep = p->dstadr; 3759 else 3760 unicast_ep = findinterface(&p->srcadr); 3761 3762 if (unicast_ep != NULL && p->refid == unicast_ep->addr_refid) 3763 return TRUE; 3764 else 3765 return FALSE; 3766 } 3767 3768 3769 /* 3770 * Determine if the peer is unfit for synchronization 3771 * 3772 * A peer is unfit for synchronization if 3773 * > TEST10 bad leap or stratum below floor or at or above ceiling 3774 * > TEST11 root distance exceeded for remote peer 3775 * > TEST12 a direct or indirect synchronization loop would form 3776 * > TEST13 unreachable or noselect 3777 */ 3778 int /* FALSE if fit, TRUE if unfit */ 3779 peer_unfit( 3780 struct peer *peer /* peer structure pointer */ 3781 ) 3782 { 3783 int rval = 0; 3784 3785 /* 3786 * A stratum error occurs if (1) the server has never been 3787 * synchronized, (2) the server stratum is below the floor or 3788 * greater than or equal to the ceiling. 3789 */ 3790 if (peer->leap == LEAP_NOTINSYNC || peer->stratum < sys_floor || 3791 peer->stratum >= sys_ceiling) 3792 rval |= TEST10; /* bad synch or stratum */ 3793 3794 /* 3795 * A distance error for a remote peer occurs if the root 3796 * distance is greater than or equal to the distance threshold 3797 * plus the increment due to one host poll interval. 3798 */ 3799 if (!(peer->flags & FLAG_REFCLOCK) && root_distance(peer) >= 3800 sys_maxdist + clock_phi * ULOGTOD(peer->hpoll)) 3801 rval |= TEST11; /* distance exceeded */ 3802 3803 /* 3804 * A loop error occurs if the remote peer is synchronized to the 3805 * local peer or if the remote peer is synchronized to the same 3806 * server as the local peer but only if the remote peer is 3807 * neither a reference clock nor an orphan. 3808 */ 3809 if (peer->stratum > 1 && local_refid(peer)) 3810 rval |= TEST12; /* synchronization loop */ 3811 3812 /* 3813 * An unreachable error occurs if the server is unreachable or 3814 * the noselect bit is set. 3815 */ 3816 if (!peer->reach || (peer->flags & FLAG_NOSELECT)) 3817 rval |= TEST13; /* unreachable */ 3818 3819 peer->flash &= ~PEER_TEST_MASK; 3820 peer->flash |= rval; 3821 return (rval); 3822 } 3823 3824 3825 /* 3826 * Find the precision of this particular machine 3827 */ 3828 #define MINSTEP 20e-9 /* minimum clock increment (s) */ 3829 #define MAXSTEP 1 /* maximum clock increment (s) */ 3830 #define MINCHANGES 12 /* minimum number of step samples */ 3831 #define MAXLOOPS ((int)(1. / MINSTEP)) /* avoid infinite loop */ 3832 3833 /* 3834 * This routine measures the system precision defined as the minimum of 3835 * a sequence of differences between successive readings of the system 3836 * clock. However, if a difference is less than MINSTEP, the clock has 3837 * been read more than once during a clock tick and the difference is 3838 * ignored. We set MINSTEP greater than zero in case something happens 3839 * like a cache miss, and to tolerate underlying system clocks which 3840 * ensure each reading is strictly greater than prior readings while 3841 * using an underlying stepping (not interpolated) clock. 3842 * 3843 * sys_tick and sys_precision represent the time to read the clock for 3844 * systems with high-precision clocks, and the tick interval or step 3845 * size for lower-precision stepping clocks. 3846 * 3847 * This routine also measures the time to read the clock on stepping 3848 * system clocks by counting the number of readings between changes of 3849 * the underlying clock. With either type of clock, the minimum time 3850 * to read the clock is saved as sys_fuzz, and used to ensure the 3851 * get_systime() readings always increase and are fuzzed below sys_fuzz. 3852 */ 3853 void 3854 measure_precision(void) 3855 { 3856 /* 3857 * With sys_fuzz set to zero, get_systime() fuzzing of low bits 3858 * is effectively disabled. trunc_os_clock is FALSE to disable 3859 * get_ostime() simulation of a low-precision system clock. 3860 */ 3861 set_sys_fuzz(0.); 3862 trunc_os_clock = FALSE; 3863 measured_tick = measure_tick_fuzz(); 3864 set_sys_tick_precision(measured_tick); 3865 msyslog(LOG_INFO, "proto: precision = %.3f usec (%d)", 3866 sys_tick * 1e6, sys_precision); 3867 if (sys_fuzz < sys_tick) { 3868 msyslog(LOG_NOTICE, "proto: fuzz beneath %.3f usec", 3869 sys_fuzz * 1e6); 3870 } 3871 } 3872 3873 3874 /* 3875 * measure_tick_fuzz() 3876 * 3877 * measures the minimum time to read the clock (stored in sys_fuzz) 3878 * and returns the tick, the larger of the minimum increment observed 3879 * between successive clock readings and the time to read the clock. 3880 */ 3881 double 3882 measure_tick_fuzz(void) 3883 { 3884 l_fp minstep; /* MINSTEP as l_fp */ 3885 l_fp val; /* current seconds fraction */ 3886 l_fp last; /* last seconds fraction */ 3887 l_fp ldiff; /* val - last */ 3888 double tick; /* computed tick value */ 3889 double diff; 3890 long repeats; 3891 long max_repeats; 3892 int changes; 3893 int i; /* log2 precision */ 3894 3895 tick = MAXSTEP; 3896 max_repeats = 0; 3897 repeats = 0; 3898 changes = 0; 3899 DTOLFP(MINSTEP, &minstep); 3900 get_systime(&last); 3901 for (i = 0; i < MAXLOOPS && changes < MINCHANGES; i++) { 3902 get_systime(&val); 3903 ldiff = val; 3904 L_SUB(&ldiff, &last); 3905 last = val; 3906 if (L_ISGT(&ldiff, &minstep)) { 3907 max_repeats = max(repeats, max_repeats); 3908 repeats = 0; 3909 changes++; 3910 LFPTOD(&ldiff, diff); 3911 tick = min(diff, tick); 3912 } else { 3913 repeats++; 3914 } 3915 } 3916 if (changes < MINCHANGES) { 3917 msyslog(LOG_ERR, "Fatal error: precision could not be measured (MINSTEP too large?)"); 3918 exit(1); 3919 } 3920 3921 if (0 == max_repeats) { 3922 set_sys_fuzz(tick); 3923 } else { 3924 set_sys_fuzz(tick / max_repeats); 3925 } 3926 3927 return tick; 3928 } 3929 3930 3931 void 3932 set_sys_tick_precision( 3933 double tick 3934 ) 3935 { 3936 int i; 3937 3938 if (tick > 1.) { 3939 msyslog(LOG_ERR, 3940 "unsupported tick %.3f > 1s ignored", tick); 3941 return; 3942 } 3943 if (tick < measured_tick) { 3944 msyslog(LOG_ERR, 3945 "proto: tick %.3f less than measured tick %.3f, ignored", 3946 tick, measured_tick); 3947 return; 3948 } else if (tick > measured_tick) { 3949 trunc_os_clock = TRUE; 3950 msyslog(LOG_NOTICE, 3951 "proto: truncating system clock to multiples of %.9f", 3952 tick); 3953 } 3954 sys_tick = tick; 3955 3956 /* 3957 * Find the nearest power of two. 3958 */ 3959 for (i = 0; tick <= 1; i--) 3960 tick *= 2; 3961 if (tick - 1 > 1 - tick / 2) 3962 i++; 3963 3964 sys_precision = (s_char)i; 3965 } 3966 3967 3968 /* 3969 * init_proto - initialize the protocol module's data 3970 */ 3971 void 3972 init_proto(void) 3973 { 3974 l_fp dummy; 3975 int i; 3976 3977 /* 3978 * Fill in the sys_* stuff. Default is don't listen to 3979 * broadcasting, require authentication. 3980 */ 3981 sys_leap = LEAP_NOTINSYNC; 3982 sys_stratum = STRATUM_UNSPEC; 3983 memcpy(&sys_refid, "INIT", 4); 3984 sys_peer = NULL; 3985 sys_rootdelay = 0; 3986 sys_rootdisp = 0; 3987 L_CLR(&sys_reftime); 3988 sys_jitter = 0; 3989 measure_precision(); 3990 get_systime(&dummy); 3991 sys_survivors = 0; 3992 sys_manycastserver = 0; 3993 sys_bclient = 0; 3994 sys_bdelay = 0; 3995 sys_authenticate = 1; 3996 sys_stattime = current_time; 3997 orphwait = current_time + sys_orphwait; 3998 proto_clr_stats(); 3999 for (i = 0; i < MAX_TTL; i++) { 4000 sys_ttl[i] = (u_char)((i * 256) / MAX_TTL); 4001 sys_ttlmax = i; 4002 } 4003 pps_enable = 0; 4004 stats_control = 1; 4005 } 4006 4007 4008 /* 4009 * proto_config - configure the protocol module 4010 */ 4011 void 4012 proto_config( 4013 int item, 4014 u_long value, 4015 double dvalue, 4016 sockaddr_u *svalue 4017 ) 4018 { 4019 /* 4020 * Figure out what he wants to change, then do it 4021 */ 4022 DPRINTF(2, ("proto_config: code %d value %lu dvalue %lf\n", 4023 item, value, dvalue)); 4024 4025 switch (item) { 4026 4027 /* 4028 * enable and disable commands - arguments are Boolean. 4029 */ 4030 case PROTO_AUTHENTICATE: /* authentication (auth) */ 4031 sys_authenticate = value; 4032 break; 4033 4034 case PROTO_BROADCLIENT: /* broadcast client (bclient) */ 4035 sys_bclient = (int)value; 4036 if (sys_bclient == 0) 4037 io_unsetbclient(); 4038 else 4039 io_setbclient(); 4040 break; 4041 4042 #ifdef REFCLOCK 4043 case PROTO_CAL: /* refclock calibrate (calibrate) */ 4044 cal_enable = value; 4045 break; 4046 #endif /* REFCLOCK */ 4047 4048 case PROTO_KERNEL: /* kernel discipline (kernel) */ 4049 select_loop(value); 4050 break; 4051 4052 case PROTO_MONITOR: /* monitoring (monitor) */ 4053 if (value) 4054 mon_start(MON_ON); 4055 else 4056 mon_stop(MON_ON); 4057 break; 4058 4059 case PROTO_NTP: /* NTP discipline (ntp) */ 4060 ntp_enable = value; 4061 break; 4062 4063 case PROTO_MODE7: /* mode7 management (ntpdc) */ 4064 ntp_mode7 = value; 4065 break; 4066 4067 case PROTO_PPS: /* PPS discipline (pps) */ 4068 pps_enable = value; 4069 break; 4070 4071 case PROTO_FILEGEN: /* statistics (stats) */ 4072 stats_control = value; 4073 break; 4074 4075 /* 4076 * tos command - arguments are double, sometimes cast to int 4077 */ 4078 case PROTO_BEACON: /* manycast beacon (beacon) */ 4079 sys_beacon = (int)dvalue; 4080 break; 4081 4082 case PROTO_BROADDELAY: /* default broadcast delay (bdelay) */ 4083 sys_bdelay = dvalue; 4084 break; 4085 4086 case PROTO_CEILING: /* stratum ceiling (ceiling) */ 4087 sys_ceiling = (int)dvalue; 4088 break; 4089 4090 case PROTO_COHORT: /* cohort switch (cohort) */ 4091 sys_cohort = (int)dvalue; 4092 break; 4093 4094 case PROTO_FLOOR: /* stratum floor (floor) */ 4095 sys_floor = (int)dvalue; 4096 break; 4097 4098 case PROTO_MAXCLOCK: /* maximum candidates (maxclock) */ 4099 sys_maxclock = (int)dvalue; 4100 break; 4101 4102 case PROTO_MAXDIST: /* select threshold (maxdist) */ 4103 sys_maxdist = dvalue; 4104 break; 4105 4106 case PROTO_CALLDELAY: /* modem call delay (mdelay) */ 4107 break; /* NOT USED */ 4108 4109 case PROTO_MINCLOCK: /* minimum candidates (minclock) */ 4110 sys_minclock = (int)dvalue; 4111 break; 4112 4113 case PROTO_MINDISP: /* minimum distance (mindist) */ 4114 sys_mindisp = dvalue; 4115 break; 4116 4117 case PROTO_MINSANE: /* minimum survivors (minsane) */ 4118 sys_minsane = (int)dvalue; 4119 break; 4120 4121 case PROTO_ORPHAN: /* orphan stratum (orphan) */ 4122 sys_orphan = (int)dvalue; 4123 break; 4124 4125 case PROTO_ORPHWAIT: /* orphan wait (orphwait) */ 4126 orphwait -= sys_orphwait; 4127 sys_orphwait = (int)dvalue; 4128 orphwait += sys_orphwait; 4129 break; 4130 4131 /* 4132 * Miscellaneous commands 4133 */ 4134 case PROTO_MULTICAST_ADD: /* add group address */ 4135 if (svalue != NULL) 4136 io_multicast_add(svalue); 4137 sys_bclient = 1; 4138 break; 4139 4140 case PROTO_MULTICAST_DEL: /* delete group address */ 4141 if (svalue != NULL) 4142 io_multicast_del(svalue); 4143 break; 4144 4145 default: 4146 msyslog(LOG_NOTICE, 4147 "proto: unsupported option %d", item); 4148 } 4149 } 4150 4151 4152 /* 4153 * proto_clr_stats - clear protocol stat counters 4154 */ 4155 void 4156 proto_clr_stats(void) 4157 { 4158 sys_stattime = current_time; 4159 sys_received = 0; 4160 sys_processed = 0; 4161 sys_newversion = 0; 4162 sys_oldversion = 0; 4163 sys_declined = 0; 4164 sys_restricted = 0; 4165 sys_badlength = 0; 4166 sys_badauth = 0; 4167 sys_limitrejected = 0; 4168 sys_kodsent = 0; 4169 } 4170