1 /* $OpenBSD: ntpd.h,v 1.132 2016/09/14 13:20:16 rzalamena Exp $ */ 2 3 /* 4 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> 5 * Copyright (c) 2012 Mike Miller <mmiller@mgm51.com> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/types.h> 21 #include <sys/uio.h> 22 #include <sys/socket.h> 23 #include <sys/queue.h> 24 #include <sys/time.h> 25 #include <netinet/in.h> 26 #include <netinet/ip.h> 27 #include <arpa/inet.h> 28 #include <netdb.h> 29 #include <pwd.h> 30 #include <stdarg.h> 31 #include <poll.h> 32 #include <imsg.h> 33 34 #include "ntp.h" 35 36 #define MAXIMUM(a, b) ((a) > (b) ? (a) : (b)) 37 38 #define NTPD_USER "_ntp" 39 #define CONFFILE "/etc/ntpd.conf" 40 #define DRIFTFILE "/var/db/ntpd.drift" 41 #define CTLSOCKET "/var/run/ntpd.sock" 42 43 #define INTERVAL_QUERY_NORMAL 30 /* sync to peers every n secs */ 44 #define INTERVAL_QUERY_PATHETIC 60 45 #define INTERVAL_QUERY_AGGRESSIVE 5 46 47 #define TRUSTLEVEL_BADPEER 6 48 #define TRUSTLEVEL_PATHETIC 2 49 #define TRUSTLEVEL_AGGRESSIVE 8 50 #define TRUSTLEVEL_MAX 10 51 52 #define MAX_SERVERS_DNS 8 53 54 #define QSCALE_OFF_MIN 0.001 55 #define QSCALE_OFF_MAX 0.050 56 57 #define QUERYTIME_MAX 15 /* single query might take n secs max */ 58 #define OFFSET_ARRAY_SIZE 8 59 #define SENSOR_OFFSETS 6 60 #define SETTIME_TIMEOUT 15 /* max seconds to wait with -s */ 61 #define LOG_NEGLIGIBLE_ADJTIME 32 /* negligible drift to not log (ms) */ 62 #define LOG_NEGLIGIBLE_ADJFREQ 0.05 /* negligible rate to not log (ppm) */ 63 #define FREQUENCY_SAMPLES 8 /* samples for est. of permanent drift */ 64 #define MAX_FREQUENCY_ADJUST 128e-5 /* max correction per iteration */ 65 #define MAX_SEND_ERRORS 3 /* max send errors before reconnect */ 66 #define MAX_DISPLAY_WIDTH 80 /* max chars in ctl_show report line */ 67 68 #define FILTER_ADJFREQ 0x01 /* set after doing adjfreq */ 69 70 #define SENSOR_DATA_MAXAGE (15*60) 71 #define SENSOR_QUERY_INTERVAL 15 72 #define SENSOR_QUERY_INTERVAL_SETTIME (SETTIME_TIMEOUT/3) 73 #define SENSOR_SCAN_INTERVAL (1*60) 74 #define SENSOR_DEFAULT_REFID "HARD" 75 76 #define CONSTRAINT_ERROR_MARGIN (4) 77 #define CONSTRAINT_SCAN_INTERVAL (15*60) 78 #define CONSTRAINT_SCAN_TIMEOUT (10) 79 #define CONSTRAINT_MARGIN (2.0*60) 80 #define CONSTRAINT_PORT "443" /* HTTPS port */ 81 #define CONSTRAINT_MAXHEADERLENGTH 8192 82 #define CONSTRAINT_PASSFD (STDERR_FILENO + 1) 83 #define CONSTRAINT_CA "/etc/ssl/cert.pem" 84 85 #define PARENT_SOCK_FILENO 3 86 87 #define NTP_PROC_NAME "ntp_main" 88 #define NTPDNS_PROC_NAME "ntp_dns" 89 90 enum client_state { 91 STATE_NONE, 92 STATE_DNS_INPROGRESS, 93 STATE_DNS_TEMPFAIL, 94 STATE_DNS_DONE, 95 STATE_QUERY_SENT, 96 STATE_REPLY_RECEIVED, 97 STATE_TIMEOUT, 98 STATE_INVALID 99 }; 100 101 struct listen_addr { 102 TAILQ_ENTRY(listen_addr) entry; 103 struct sockaddr_storage sa; 104 int fd; 105 int rtable; 106 }; 107 108 struct ntp_addr { 109 struct ntp_addr *next; 110 struct sockaddr_storage ss; 111 }; 112 113 struct ntp_addr_wrap { 114 char *name; 115 char *path; 116 struct ntp_addr *a; 117 u_int8_t pool; 118 }; 119 120 struct ntp_addr_msg { 121 struct ntp_addr a; 122 size_t namelen; 123 size_t pathlen; 124 }; 125 126 struct ntp_status { 127 double rootdelay; 128 double rootdispersion; 129 double reftime; 130 u_int32_t refid; 131 u_int32_t send_refid; 132 u_int8_t synced; 133 u_int8_t leap; 134 int8_t precision; 135 u_int8_t poll; 136 u_int8_t stratum; 137 }; 138 139 struct ntp_offset { 140 struct ntp_status status; 141 double offset; 142 double delay; 143 double error; 144 time_t rcvd; 145 u_int8_t good; 146 }; 147 148 struct ntp_peer { 149 TAILQ_ENTRY(ntp_peer) entry; 150 struct ntp_addr_wrap addr_head; 151 struct ntp_addr *addr; 152 struct ntp_query *query; 153 struct ntp_offset reply[OFFSET_ARRAY_SIZE]; 154 struct ntp_offset update; 155 enum client_state state; 156 time_t next; 157 time_t deadline; 158 time_t poll; 159 u_int32_t id; 160 u_int8_t shift; 161 u_int8_t trustlevel; 162 u_int8_t weight; 163 int lasterror; 164 int senderrors; 165 }; 166 167 struct ntp_sensor { 168 TAILQ_ENTRY(ntp_sensor) entry; 169 struct ntp_offset offsets[SENSOR_OFFSETS]; 170 struct ntp_offset update; 171 time_t next; 172 time_t last; 173 char *device; 174 u_int32_t refid; 175 int sensordevid; 176 int correction; 177 u_int8_t stratum; 178 u_int8_t weight; 179 u_int8_t shift; 180 }; 181 182 struct constraint { 183 TAILQ_ENTRY(constraint) entry; 184 struct ntp_addr_wrap addr_head; 185 struct ntp_addr *addr; 186 int senderrors; 187 enum client_state state; 188 u_int32_t id; 189 int fd; 190 pid_t pid; 191 struct imsgbuf ibuf; 192 time_t last; 193 time_t constraint; 194 }; 195 196 struct ntp_conf_sensor { 197 TAILQ_ENTRY(ntp_conf_sensor) entry; 198 char *device; 199 char *refstr; 200 int correction; 201 u_int8_t stratum; 202 u_int8_t weight; 203 }; 204 205 struct ntp_freq { 206 double overall_offset; 207 double x, y; 208 double xx, xy; 209 int samples; 210 u_int num; 211 }; 212 213 struct ntpd_conf { 214 TAILQ_HEAD(listen_addrs, listen_addr) listen_addrs; 215 TAILQ_HEAD(ntp_peers, ntp_peer) ntp_peers; 216 TAILQ_HEAD(ntp_sensors, ntp_sensor) ntp_sensors; 217 TAILQ_HEAD(ntp_conf_sensors, ntp_conf_sensor) ntp_conf_sensors; 218 TAILQ_HEAD(constraints, constraint) constraints; 219 struct ntp_status status; 220 struct ntp_freq freq; 221 u_int32_t scale; 222 int debug; 223 int verbose; 224 u_int8_t listen_all; 225 u_int8_t settime; 226 u_int8_t noaction; 227 u_int8_t filters; 228 time_t constraint_last; 229 time_t constraint_median; 230 u_int constraint_errors; 231 u_int8_t *ca; 232 size_t ca_len; 233 }; 234 235 struct ctl_show_status { 236 u_int peercnt; 237 u_int sensorcnt; 238 u_int valid_peers; 239 u_int valid_sensors; 240 u_int8_t synced; 241 u_int8_t stratum; 242 double clock_offset; 243 time_t constraint_median; 244 time_t constraint_last; 245 u_int constraint_errors; 246 }; 247 248 struct ctl_show_peer { 249 char peer_desc[MAX_DISPLAY_WIDTH]; 250 u_int8_t syncedto; 251 u_int8_t weight; 252 u_int8_t trustlevel; 253 u_int8_t stratum; 254 time_t next; 255 time_t poll; 256 double offset; 257 double delay; 258 double jitter; 259 }; 260 261 struct ctl_show_sensor { 262 char sensor_desc[MAX_DISPLAY_WIDTH]; 263 u_int8_t syncedto; 264 u_int8_t weight; 265 u_int8_t good; 266 u_int8_t stratum; 267 time_t next; 268 time_t poll; 269 double offset; 270 double correction; 271 }; 272 273 struct ctl_conn { 274 TAILQ_ENTRY(ctl_conn) entry; 275 struct imsgbuf ibuf; 276 }; 277 278 TAILQ_HEAD(ctl_conns, ctl_conn) ; 279 280 enum imsg_type { 281 IMSG_NONE, 282 IMSG_ADJTIME, 283 IMSG_ADJFREQ, 284 IMSG_SETTIME, 285 IMSG_HOST_DNS, 286 IMSG_CONSTRAINT_DNS, 287 IMSG_CONSTRAINT_QUERY, 288 IMSG_CONSTRAINT_RESULT, 289 IMSG_CONSTRAINT_CLOSE, 290 IMSG_CONSTRAINT_KILL, 291 IMSG_CTL_SHOW_STATUS, 292 IMSG_CTL_SHOW_PEERS, 293 IMSG_CTL_SHOW_PEERS_END, 294 IMSG_CTL_SHOW_SENSORS, 295 IMSG_CTL_SHOW_SENSORS_END, 296 IMSG_CTL_SHOW_ALL, 297 IMSG_CTL_SHOW_ALL_END 298 }; 299 300 enum ctl_actions { 301 CTL_SHOW_STATUS, 302 CTL_SHOW_PEERS, 303 CTL_SHOW_SENSORS, 304 CTL_SHOW_ALL 305 }; 306 307 /* prototypes */ 308 309 /* ntp.c */ 310 void ntp_main(struct ntpd_conf *, struct passwd *, int, char **); 311 int priv_adjtime(void); 312 void priv_settime(double); 313 void priv_dns(int, char *, u_int32_t); 314 int offset_compare(const void *, const void *); 315 void update_scale(double); 316 time_t scale_interval(time_t); 317 time_t error_interval(void); 318 extern struct ntpd_conf *conf; 319 extern struct ctl_conns ctl_conns; 320 321 /* parse.y */ 322 int parse_config(const char *, struct ntpd_conf *); 323 324 /* config.c */ 325 void host(const char *, struct ntp_addr **); 326 int host_dns(const char *, struct ntp_addr **); 327 void host_dns_free(struct ntp_addr *); 328 struct ntp_peer *new_peer(void); 329 struct ntp_conf_sensor *new_sensor(char *); 330 struct constraint *new_constraint(void); 331 332 /* ntp_msg.c */ 333 int ntp_getmsg(struct sockaddr *, char *, ssize_t, struct ntp_msg *); 334 int ntp_sendmsg(int, struct sockaddr *, struct ntp_msg *); 335 336 /* server.c */ 337 int setup_listeners(struct servent *, struct ntpd_conf *, u_int *); 338 int ntp_reply(int, struct sockaddr *, struct ntp_msg *, int); 339 int server_dispatch(int, struct ntpd_conf *); 340 341 /* client.c */ 342 int client_peer_init(struct ntp_peer *); 343 int client_addr_init(struct ntp_peer *); 344 int client_nextaddr(struct ntp_peer *); 345 int client_query(struct ntp_peer *); 346 int client_dispatch(struct ntp_peer *, u_int8_t); 347 void client_log_error(struct ntp_peer *, const char *, int); 348 void set_next(struct ntp_peer *, time_t); 349 350 /* constraint.c */ 351 void constraint_add(struct constraint *); 352 void constraint_remove(struct constraint *); 353 void constraint_purge(void); 354 int constraint_init(struct constraint *); 355 int constraint_query(struct constraint *); 356 int constraint_check(double); 357 void constraint_msg_dns(u_int32_t, u_int8_t *, size_t); 358 void constraint_msg_result(u_int32_t, u_int8_t *, size_t); 359 void constraint_msg_close(u_int32_t, u_int8_t *, size_t); 360 void priv_constraint_msg(u_int32_t, u_int8_t *, size_t, 361 const char *, uid_t, gid_t); 362 void priv_constraint_kill(u_int32_t); 363 int priv_constraint_dispatch(struct pollfd *); 364 void priv_constraint_check_child(pid_t, int); 365 char *get_string(u_int8_t *, size_t); 366 367 /* util.c */ 368 double gettime_corrected(void); 369 double gettime_from_timeval(struct timeval *); 370 double getoffset(void); 371 double gettime(void); 372 time_t getmonotime(void); 373 void d_to_tv(double, struct timeval *); 374 double lfp_to_d(struct l_fixedpt); 375 struct l_fixedpt d_to_lfp(double); 376 double sfp_to_d(struct s_fixedpt); 377 struct s_fixedpt d_to_sfp(double); 378 char *print_rtable(int); 379 const char *log_sockaddr(struct sockaddr *); 380 pid_t start_child(char *, int, int, char **); 381 int sanitize_argv(int *, char ***); 382 383 /* sensors.c */ 384 void sensor_init(void); 385 int sensor_scan(void); 386 void sensor_query(struct ntp_sensor *); 387 388 /* ntp_dns.c */ 389 void ntp_dns(struct ntpd_conf *, struct passwd *); 390 391 /* control.c */ 392 int control_init(char *); 393 int control_listen(int); 394 void control_shutdown(int); 395 void control_cleanup(const char *); 396 int control_accept(int); 397 struct ctl_conn *control_connbyfd(int); 398 int control_close(int); 399 int control_dispatch_msg(struct pollfd *, u_int *); 400 void session_socket_nonblockmode(int); 401 void build_show_status(struct ctl_show_status *); 402 void build_show_peer(struct ctl_show_peer *, 403 struct ntp_peer *); 404 void build_show_sensor(struct ctl_show_sensor *, 405 struct ntp_sensor *); 406 407 /* log.c */ 408 void log_init(int, int); 409 void log_procinit(const char *); 410 void log_verbose(int); 411 void log_warn(const char *, ...) 412 __attribute__((__format__ (printf, 1, 2))); 413 void log_warnx(const char *, ...) 414 __attribute__((__format__ (printf, 1, 2))); 415 void log_info(const char *, ...) 416 __attribute__((__format__ (printf, 1, 2))); 417 void log_debug(const char *, ...) 418 __attribute__((__format__ (printf, 1, 2))); 419 void logit(int, const char *, ...) 420 __attribute__((__format__ (printf, 2, 3))); 421 void vlog(int, const char *, va_list) 422 __attribute__((__format__ (printf, 2, 0))); 423 __dead void fatal(const char *, ...) 424 __attribute__((__format__ (printf, 1, 2))); 425 __dead void fatalx(const char *, ...) 426 __attribute__((__format__ (printf, 1, 2))); 427