DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-04 08:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: DWS:1.27
Branches Tags
DWS:master DWS:3.5-stable DWS:2.4-stable DWS:1.31-security DWS:2.2-security DWS:1.29-security DWS:1.23-security
DWS:4.8 DWS:4.8-pre1 DWS:4.7 DWS:4.7-pre1 DWS:4.6.1 DWS:4.6 DWS:4.6-pre1 DWS:4.5 DWS:4.5-pre1 DWS:4.4 DWS:4.4-pre2 DWS:4.4-pre1 DWS:4.3 DWS:4.3-pre1 DWS:4.2 DWS:4.2-pre1 DWS:4.1 DWS:4.1-pre1 DWS:4.0 DWS:4.0-pre4 DWS:4.0-pre3 DWS:3.5.1 DWS:4.0-pre2 DWS:4.0-pre1 DWS:3.5 DWS:3.5-pre1 DWS:3.4 DWS:3.4-pre1 DWS:3.3 DWS:3.3-pre1 DWS:3.2 DWS:3.2-pre2 DWS:3.2-pre1 DWS:3.1 DWS:3.1-pre1 DWS:3.0 DWS:3.0-pre3 DWS:3.0-pre2 DWS:3.0-pre1 DWS:2.4.1 DWS:2.4 DWS:2.4-pre1 DWS:2.3 DWS:2.3-pre1 DWS:1.31.2 DWS:2.2.1 DWS:2.2 DWS:2.2-pre2 DWS:2.2-pre1 DWS:2.1.1 DWS:2.1 DWS:2.1-pre1 DWS:2.0 DWS:2.0-pre2 DWS:1.31.1 DWS:2.0-pre1 DWS:1.31 DWS:1.31-pre1 DWS:1.30 DWS:1.30-pre1 DWS:1.29.1 DWS:1.29 DWS:1.28 DWS:1.28-pre1 DWS:1.27 DWS:1.27-pre1 DWS:1.26 DWS:1.26-pre1 DWS:1.25 DWS:1.25-pre2 DWS:1.25-pre1 DWS:1.24 DWS:1.23.1 DWS:1.24-pre1 DWS:1.23 DWS:1.23-pre1 DWS:mandriva-1.22 DWS:1.21 DWS:1.20
..
compare: DWS:1.29.1
Branches Tags
DWS:master DWS:3.5-stable DWS:2.4-stable DWS:1.31-security DWS:2.2-security DWS:1.29-security DWS:1.23-security
DWS:4.8 DWS:4.8-pre1 DWS:4.7 DWS:4.7-pre1 DWS:4.6.1 DWS:4.6 DWS:4.6-pre1 DWS:4.5 DWS:4.5-pre1 DWS:4.4 DWS:4.4-pre2 DWS:4.4-pre1 DWS:4.3 DWS:4.3-pre1 DWS:4.2 DWS:4.2-pre1 DWS:4.1 DWS:4.1-pre1 DWS:4.0 DWS:4.0-pre4 DWS:4.0-pre3 DWS:3.5.1 DWS:4.0-pre2 DWS:4.0-pre1 DWS:3.5 DWS:3.5-pre1 DWS:3.4 DWS:3.4-pre1 DWS:3.3 DWS:3.3-pre1 DWS:3.2 DWS:3.2-pre2 DWS:3.2-pre1 DWS:3.1 DWS:3.1-pre1 DWS:3.0 DWS:3.0-pre3 DWS:3.0-pre2 DWS:3.0-pre1 DWS:2.4.1 DWS:2.4 DWS:2.4-pre1 DWS:2.3 DWS:2.3-pre1 DWS:1.31.2 DWS:2.2.1 DWS:2.2 DWS:2.2-pre2 DWS:2.2-pre1 DWS:2.1.1 DWS:2.1 DWS:2.1-pre1 DWS:2.0 DWS:2.0-pre2 DWS:1.31.1 DWS:2.0-pre1 DWS:1.31 DWS:1.31-pre1 DWS:1.30 DWS:1.30-pre1 DWS:1.29.1 DWS:1.29 DWS:1.28 DWS:1.28-pre1 DWS:1.27 DWS:1.27-pre1 DWS:1.26 DWS:1.26-pre1 DWS:1.25 DWS:1.25-pre2 DWS:1.25-pre1 DWS:1.24 DWS:1.23.1 DWS:1.24-pre1 DWS:1.23 DWS:1.23-pre1 DWS:mandriva-1.22 DWS:1.21 DWS:1.20

110 Commits
1.27 ... 1.29.1

Author SHA1 Message Date
Miroslav Lichvar
2afdd4544d Update NEWS 2014-01-31 13:12:59 +01:00
Miroslav Lichvar
c4e61835d3 Update faq.txt 2014-01-30 15:59:45 +01:00
Miroslav Lichvar
e15ce69d08 Send cmdmon error replies only to allowed hosts 
The status codes STT_BADPKTVERSION, STT_BADPKTLENGTH, STT_NOHOSTACCESS
were sent even to hosts that were not allowed by cmdallow. Deprecate
STT_NOHOSTACCESS and ignore packets from hosts not allowed by cmdallow
completely.
 2014-01-30 15:59:45 +01:00
Miroslav Lichvar
d537ed11fd Support previous protocol version in chronyc 
This adds compatibility with chronyd using the previous protocol version
(chrony versions 1.27, 1.28, 1.29).
 2014-01-30 15:59:45 +01:00
Miroslav Lichvar
dba458d50c Add padding to cmdmon requests to prevent amplification attack 
To prevent an attacker using chronyd in an amplification attack, change
the protocol to include padding in request packets so that the largest
possible reply is not larger than the request. Request packets that
don't include this padding are ignored as invalid.

This is an incompatible change in the protocol. Clients from chrony
1.27, 1.28 and 1.29 will receive NULL reply with STT_BADPKTVERSION and
print "Protocol version mismatch". Clients from 1.26 and older will not
receive a reply as it would be larger than the request if it was padded
to be compatible with their protocol.
 2014-01-30 15:59:45 +01:00
Miroslav Lichvar
3e23430926 Set maximum number of samples in manual list reply to 16 
In chronyd the maximum number of manual samples is 16, so there is no
need to keep room for 32 samples in the command reply. This limits the
maximum assumed size of the reply packet.
 2014-01-30 15:59:45 +01:00
Miroslav Lichvar
b5658f4d9c Update NEWS 2013-08-08 15:58:07 +02:00
Miroslav Lichvar
ad58baa13b Drop support for SUBNETS_ACCESSED and CLIENT_ACCESSES commands 
Support for the SUBNETS_ACCESSED and CLIENT_ACCESSES commands was
enabled in chronyd, but in chronyc it was always disabled and the
CLIENT_ACCESSES_BY_INDEX command was used instead. As there is no plan
to enable it in the future, remove the support completely.
 2013-08-07 14:47:56 +02:00
Miroslav Lichvar
c6fdeeb6bb Don't send uninitialized data in command replies 
The RPY_SUBNETS_ACCESSED and RPY_CLIENT_ACCESSES command replies can
contain uninitalized data from stack when the client logging is disabled
or a bad subnet is requested. These commands were never used by chronyc
and they require the client to be authenticated since version 1.25.
 2013-08-07 14:46:16 +02:00
Miroslav Lichvar
7712455d9a Fix buffer overflow when processing crafted command packets 
When the length of the REQ_SUBNETS_ACCESSED, REQ_CLIENT_ACCESSES
command requests and the RPY_SUBNETS_ACCESSED, RPY_CLIENT_ACCESSES,
RPY_CLIENT_ACCESSES_BY_INDEX, RPY_MANUAL_LIST command replies is
calculated, the number of items stored in the packet is not validated.

A crafted command request/reply can be used to crash the server/client.
Only clients allowed by cmdallow (by default only localhost) can crash
the server.

With chrony versions 1.25 and 1.26 this bug has a smaller security
impact as the server requires the clients to be authenticated in order
to process the subnet and client accesses commands. In 1.27 and 1.28,
however, the invalid calculated length is included also in the
authentication check which may cause another crash.
 2013-08-07 13:39:02 +02:00
Miroslav Lichvar
a9a5f98406 Update chrony.conf.example2 2013-08-02 15:43:44 +02:00
Miroslav Lichvar
9ac8f64d89 Don't mention pre 2.2 Linux kernels in documentation 2013-08-02 15:43:44 +02:00
Miroslav Lichvar
0da5cf9163 Update NEWS 2013-07-17 16:19:45 +02:00
Miroslav Lichvar
f6a39d75a7 Treat address bind errors as non-fatal 2013-07-17 13:45:36 +02:00
Miroslav Lichvar
25aa9f5b42 Update chrony.spec.sample 2013-07-01 19:00:06 +02:00
Miroslav Lichvar
829b3adac3 Update copyright in chronyc GPL string 2013-07-01 17:53:27 +02:00
Miroslav Lichvar
4847a3a259 Update NEWS 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
551541d9c8 Update example config files more 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
f996f4c9fb Document port directive set to 0 as random port 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
ac78ad60f3 Use texi2html only if it's available 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
42d7cf8922 Don't ship faqgen.pl 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
e811ba7b4c Fix possible leaks of temporary file names 2013-06-21 16:09:20 +02:00
Miroslav Lichvar
cb464cac4d Fix memset calls 2013-06-21 14:39:33 +02:00
Miroslav Lichvar
fa409ddc8f Update documentation 2013-06-20 18:00:32 +02:00
Miroslav Lichvar
821226e473 Update example config files 2013-06-20 17:23:32 +02:00
Miroslav Lichvar
0e298bedf6 Create /etc and /var/lib/chrony on installation 2013-06-20 14:47:06 +02:00
Miroslav Lichvar
aa76760268 Avoid sentences written in first person 2013-06-20 13:24:24 +02:00
Miroslav Lichvar
8bf87bbfde Update comparison with ntpd 2013-06-20 13:24:24 +02:00
Miroslav Lichvar
38e889c85c Remove fixed problems from FAQ 2013-06-19 14:40:20 +02:00
Miroslav Lichvar
d5b737cce8 Update copyright years 2013-06-19 12:50:26 +02:00
Miroslav Lichvar
6ba764b5be Don't call finalise functions on fatal error 
Also, return with non-zero exit code.
 2013-06-19 12:28:00 +02:00
Miroslav Lichvar
707b857b68 Combine source frequencies by skew 2013-06-19 12:11:27 +02:00
Miroslav Lichvar
f8d609fee5 Add minimum skew limit to sourcestats 2013-06-19 10:22:49 +02:00
Miroslav Lichvar
01f797ac05 Fix printing of outlier status 2013-06-18 16:13:17 +02:00
Miroslav Lichvar
6fa11a853a Add more entries to tracking log 
Add number of combined sources, remaining offset correction from
previous update and estimated stddev of the combined offset.
 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
9c78ad708b Fix maxchange offset check 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
57f8160d6c Call maybe_log_offset and update_leap_status after adjusting clock 2013-06-17 18:32:16 +02:00
Miroslav Lichvar
8d80ce444f Fix spelling 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
95c3acf67e Log manual entries with MANU refid in tracking log 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
561f7a66dd Fix log message to not include newline 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
0193688671 Fix printing of negative offset with settime command 2013-06-17 18:26:48 +02:00
Miroslav Lichvar
6d7605a3d0 Reuse REF_SetReference code with manual reference 2013-06-17 18:26:47 +02:00
Miroslav Lichvar
e0171f6e96 Write freq and skew to drift file with six decimal places 2013-06-14 19:24:03 +02:00
Miroslav Lichvar
4ef1c6f2c8 Use fscanf to read drift file 2013-06-14 19:24:03 +02:00
Miroslav Lichvar
f7e2d7c2ec Modify minimum skew checking 2013-06-14 16:27:15 +02:00
Miroslav Lichvar
3d1be1cd75 Replace bzero with memset 2013-06-14 13:48:16 +02:00
Miroslav Lichvar
2d509eb8bd Remove changelog from conf.c 2013-06-14 13:44:15 +02:00
Miroslav Lichvar
6ca73bf670 Cleanup including of system headers 2013-06-14 13:41:16 +02:00
Miroslav Lichvar
f7802f0111 Don't abort on EINTR select errors 2013-06-14 12:37:24 +02:00
Miroslav Lichvar
2f3ef235a1 Replace LOG_FATAL call with assert in SCH_MailLoop 2013-06-14 12:35:51 +02:00
Miroslav Lichvar
1ad22e9a02 Don't apply outlyer penalty at beginning 
Wait until the reach register is full to allow marking a source as
outlyer for 32 updates. This makes start nicer with iburst.
 2013-06-13 18:20:53 +02:00
Miroslav Lichvar
6d2fb9f782 Add minsamples and maxsamples directives 
Allow configuration of the maximum and minimum number of samples per
source.
 2013-06-13 16:23:32 +02:00
Miroslav Lichvar
22e5ed44c2 Modify SST_GetSelectionData to return only necessary data 2013-06-12 16:06:33 +02:00
Miroslav Lichvar
9666831818 Use UTI_DiffTimevalsToDouble to calculate theta 2013-06-12 15:30:28 +02:00
Miroslav Lichvar
ff8e04f9ba Fix fabs use on delay 2013-06-12 15:30:28 +02:00
Miroslav Lichvar
52272f4dc5 Limit sources included in combining 
Combine only sources whose distance is shorter than distance of the
selected source multiplied by the value of combinelimit and their
estimated frequencies are close to the frequency of the selected source.
Add outlyer status for sources which are selectable, but not included in
the combining. The status is displayed as '-' in the chronyc sources
output.
 2013-06-12 10:25:46 +02:00
Miroslav Lichvar
18a66a2ba8 Resurrect source combining 
This is based on the code that was removed in CVS revision 1.3 of
sources.c. The weighting is simplified and the code is moved to a new
function.
 2013-06-11 16:36:50 +02:00
Miroslav Lichvar
8aa9eb19c8 Remove unnecessary adjtimex calls 2013-06-06 19:38:36 +02:00
Miroslav Lichvar
62027f1b47 Fix rounding in UTI_AddDoubleToTimeval with negative increments 2013-06-06 16:30:37 +02:00
Miroslav Lichvar
41805d572f Adjust last_select_ts on slew 2013-06-06 16:29:50 +02:00
Miroslav Lichvar
58f768928a Rename SCH_GetFileReadyTime() and extend it to return raw time 2013-06-05 18:07:05 +02:00
Miroslav Lichvar
0074135097 Drop duplicated int64_to_timeval() 2013-06-05 13:11:53 +02:00
Miroslav Lichvar
8eb7ce8581 Fix UTI_DoubleToInt32 to check for overflow 2013-06-05 13:05:54 +02:00
Miroslav Lichvar
2ceb3c89ca Move NTP_int32 conversion functions to util.c 2013-06-05 12:49:47 +02:00
Miroslav Lichvar
d46e2a69a1 Add --enable-trace to configure 2013-06-05 12:22:07 +02:00
Miroslav Lichvar
20f9454be3 Fix configure help message 2013-06-05 11:58:13 +02:00
Miroslav Lichvar
8092366897 Abort on parse errors in refclock directive 2013-06-05 11:48:48 +02:00
Miroslav Lichvar
066254b6c8 Fix burst command with specified address 
This was broken in commit 0f8def4ca4.
 2013-06-05 10:39:58 +02:00
Miroslav Lichvar
79811bf3e2 Allow hostnames in offline, online and burst commands 2013-06-05 10:39:58 +02:00
Miroslav Lichvar
32bf32e7d5 Don't use uninitialized value in receive_packet() 2013-06-05 09:56:37 +02:00
Miroslav Lichvar
df968ca47c Fix stratum setting when source with non-minimum stratum is selected 2013-06-05 09:55:00 +02:00
Miroslav Lichvar
cce7a5f15e Improve peer polling in symmetric mode 
If the remote stratum is higher than ours, try to lock on the peer's
polling to minimize our response time by slightly extending our delay or
waiting for the peer to catch up with us as the random part in the
actual interval is reduced. If the remote stratum is equal to ours, try
to interleave evenly with the peer.
 2013-06-05 09:32:20 +02:00
Miroslav Lichvar
288043c13b Save remote poll only with valid packets 2013-06-04 15:43:59 +02:00
Miroslav Lichvar
78ae4ebfaa Fix peer polling with shorter remote poll 
If the remote peer uses a polling interval shorter than the local
minimum, the local peer will be unable to send any packets as the
timeout will be updated on every received valid packet and will never
expire.

Modify the delay calculation to aim at poll interval away since the last
transmit.

Also, share the delay calculation code with transmit_timeout().
 2013-06-04 12:52:49 +02:00
Miroslav Lichvar
cf700a0084 Requeue transmit timeout only with valid packets 2013-06-04 12:45:47 +02:00
Miroslav Lichvar
60a25f6e71 Ignore packets from offline sources 
Rework the logic in transmit_timeout() to change the online status on
the following timeout to allow ignoring packets from offline sources.
 2013-06-03 18:57:55 +02:00
Miroslav Lichvar
3eff836b2e Set stratum from last sample instead of best 2013-06-03 18:57:54 +02:00
Miroslav Lichvar
2b9fe764d5 Drop unused SST_GetReferenceData() 2013-06-03 16:03:07 +02:00
Miroslav Lichvar
030e3b2dab Make receive_packet() more readable 2013-06-03 16:03:07 +02:00
Miroslav Lichvar
5079f6bbff In burst count only accumulated samples as good 2013-06-03 16:03:07 +02:00
Miroslav Lichvar
afceb9d24e Slew only non-zero local timestamps in ntp core 2013-06-03 16:03:07 +02:00
Miroslav Lichvar
a2656a20bc Fix poll timeout with symmetric peer and poll 0 2013-06-03 16:03:05 +02:00
Miroslav Lichvar
359d444343 Remove unncessary return statements 2013-05-21 15:08:34 +02:00
Miroslav Lichvar
d510154ba2 Add recommendation on password security to keyfile description 2013-05-21 14:02:45 +02:00
Miroslav Lichvar
1c901b82dc Add option to generate command key on start 
With generatecommandkey directive, if no command key is found in the key
file on start, one will be generated automatically from /dev/urandom.
 2013-05-21 14:02:31 +02:00
Miroslav Lichvar
ea3672df4e Fix some error messages 2013-05-20 18:21:30 +02:00
Miroslav Lichvar
72d0b3c913 Create sockets only in selected family with -4 or -6 option 2013-05-20 15:37:25 +02:00
Miroslav Lichvar
51a2d8dfd8 Set paths in documentation by configure 2013-05-16 14:20:16 +02:00
Miroslav Lichvar
bc25380950 Document default value of commandkey 2013-05-16 14:19:03 +02:00
Miroslav Lichvar
ae1e3bf73c Add option to authenticate automatically on chronyc start 2013-05-16 14:18:57 +02:00
Miroslav Lichvar
9673a2726c Refactor key parsing 2013-05-16 14:18:33 +02:00
Miroslav Lichvar
02524397c1 Try linking readline without ncurses first 2013-05-15 11:50:58 +02:00
Joachim Wiedorn
5e5dde1a67 Various spelling fixes 
Reviewed-By: Rogério Theodoro de Brito <rbrito@ime.usp.br>
 2013-05-15 11:43:25 +02:00
Miroslav Lichvar
0f8def4ca4 Refactor command parsing 
- normalize command line before parsing
- compare whole words
- check for missing/extra arguments in config parsing
- use strdup for string allocation
- share code for reporting syntax errors
- avoid using function pointers
- cleanup the code a bit
 2013-05-15 11:27:38 +02:00
Miroslav Lichvar
182ec04e24 Abort on errors when parsing config 2013-05-15 11:14:27 +02:00
Miroslav Lichvar
ebae435398 Log online/offline status change for burst sources too. 2013-05-15 11:03:18 +02:00
Miroslav Lichvar
52657945d8 Don't send uninitialized fields in dump and local requests 2013-05-15 11:02:53 +02:00
Miroslav Lichvar
12166f8a47 Accept float value as initstepslew threshold 2013-05-14 17:16:41 +02:00
Miroslav Lichvar
c5f1dd8615 Update .gitignore 2013-05-14 17:16:41 +02:00
Miroslav Lichvar
10e67e3c1d Terminate batch processing in chronyc on quit command 2013-05-07 17:01:16 +02:00
Miroslav Lichvar
4e8ceaae86 Define DEFAULT_CONF_FILE in config.h 2013-05-07 16:35:40 +02:00
Miroslav Lichvar
73d4eaafbb Reply to NTPv1 and NTPv2 packets with same version 2013-05-02 11:10:48 +02:00
Miroslav Lichvar
cf00179964 Reply to NTPv1 packets 2013-05-02 11:10:25 +02:00
Miroslav Lichvar
edda0c60b3 Add user directive for dropping root privileges 
This is equivalent to the -u option.
 2013-04-26 17:38:40 +02:00
Miroslav Lichvar
f2eb6b165a Add option to ignore initstepslew and makestep directives 
When chronyd is started with -R, the initstepslew directive and the
makestep directive with a positive limit will be ignored. This is useful
when restarting chronyd to avoid unnecessary clock adjustments. It can
be used with -r.
 2013-04-26 17:38:37 +02:00
victor lum
4933c216b2 Fix crash with duplicated initstepslew address 
When there are duplicate ntp servers listed on the initstepslew line, 2
SourceRecords are created (sourceA and sourceB), and two timers are
created (timerA and timerB).  When ntp responses are received, only
sourceA is updated because of the way read_from_socket searches for a
matching record.  Eventually, the criteria for sourceA are met, causing
timerA to stop and n_completed_sources to increment.  timerB continues
to trigger, sending ntp poll messages to the ntp server.  Responses from
that server are assigned to sourceA, triggering the criteria for sourceA
and causing n_completed_sources to increment improperly.  Once this
happens enough times, n_complete_sources == number of servers and all
SourceRecords are deleted.  The next time timerB triggers, it attempts
to access sourceB, which was already been deleted, causing the core.
 2013-04-26 14:36:17 +02:00
Miroslav Lichvar
0655def57f Fix crash in config parsing with too many servers 2013-04-26 14:17:21 +02:00
Miroslav Lichvar
6eafff2450 Update URL of NTP server list in example config 2013-03-08 14:39:20 +01:00
Miroslav Lichvar
0bb772c575 Fix delta calculation with extreme frequency offsets 
This should prevent chronyd from getting stuck and refusing new samples
due to failing test4 when the current measured frequency offset is close
to 1.0. That can happen when the system clock is stepped forward behind
chronyd's back.
 2013-03-08 14:39:13 +01:00
Miroslav Lichvar
b261693095 Use texi2html to generate html 2013-02-01 18:40:50 +01:00
68 changed files with 2601 additions and 2372 deletions
Expand all files Collapse all files

14
.gitignore vendored
View File

@@ -1,7 +1,19 @@
.deps
*.swp
.vimrc
*.o
*.swp
RELEASES
Makefile
chrony.conf.5
chrony.info
chrony.html
chrony.texi
chrony.txt
chronyc
chronyc.1
chronyd
chronyd.8
config.h
config.log
tags
version.h

12
INSTALL
View File

@@ -81,12 +81,14 @@ Now that the software is successfully installed, the next step is to
set up a configuration file. The contents of this depend on the
network environment in which the computer operates. Typical scenarios
are described in the manual. The simplest case is for a computer with
a permanent Internet connection - suppose you want to use the NTP
server ntp1.foobar.com as your time reference. You would create an
/etc/chrony.conf file containing
a permanent Internet connection - suppose you want to use public NTP
servers from the pool.ntp.org project as your time reference. You would
create an /etc/chrony.conf file containing
server ntp1.foobar.com
driftfile /etc/chrony.drift
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
driftfile /var/lib/chrony/drift
and then run /usr/local/sbin/chronyd.

17
Makefile.in
View File

@@ -27,6 +27,8 @@ SBINDIR=@SBINDIR@
MANDIR=@MANDIR@
INFODIR=@INFODIR@
DOCDIR=@DOCDIR@
LOCALSTATEDIR=@LOCALSTATEDIR@
CHRONYVARDIR=@CHRONYVARDIR@
CC = @CC@
CFLAGS = @CFLAGS@
@@ -77,9 +79,10 @@ $(HASH_OBJ) : $(patsubst %.o,%.c,$(HASH_OBJ))
distclean : clean
-rm -f Makefile
-rm -f chrony.conf.5 chrony.texi chronyc.1 chronyd.8
clean :
-rm -f *.o *.s chronyc chronyd core *~
-rm -f *.o *.s chronyc chronyd core *~ chrony.info chrony.html chrony.txt
-rm -rf .deps
getdate.c : ;
@@ -90,6 +93,7 @@ getdate :
# seem to vary between systems.
install: chronyd chronyc
[ -d $(DESTDIR)$(SYSCONFDIR) ] || mkdir -p $(DESTDIR)$(SYSCONFDIR)
[ -d $(DESTDIR)$(SBINDIR) ] || mkdir -p $(DESTDIR)$(SBINDIR)
[ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR)
[ -d $(DESTDIR)$(DOCDIR) ] || mkdir -p $(DESTDIR)$(DOCDIR)
@@ -97,6 +101,7 @@ install: chronyd chronyc
[ -d $(DESTDIR)$(MANDIR)/man5 ] || mkdir -p $(DESTDIR)$(MANDIR)/man5
[ -d $(DESTDIR)$(MANDIR)/man8 ] || mkdir -p $(DESTDIR)$(MANDIR)/man8
[ -d $(DESTDIR)$(DOCDIR) ] || mkdir -p $(DESTDIR)$(DOCDIR)
[ -d $(DESTDIR)$(CHRONYVARDIR) ] || mkdir -p $(DESTDIR)$(CHRONYVARDIR)
if [ -f $(DESTDIR)$(SBINDIR)/chronyd ]; then rm -f $(DESTDIR)$(SBINDIR)/chronyd ; fi
if [ -f $(DESTDIR)$(BINDIR)/chronyc ]; then rm -f $(DESTDIR)$(BINDIR)/chronyc ; fi
cp chronyd $(DESTDIR)$(SBINDIR)/chronyd
@@ -124,9 +129,6 @@ install: chronyd chronyc
%.s : %.c
$(CC) $(CFLAGS) $(CPPFLAGS) -S $<
# makeinfo v4 required to generate plain text and html
MAKEINFO:=makeinfo
install-docs : docs
[ -d $(DESTDIR)$(DOCDIR) ] || mkdir -p $(DESTDIR)$(DOCDIR)
cp chrony.txt $(DESTDIR)$(DOCDIR)/chrony.txt
@@ -140,13 +142,14 @@ install-docs : docs
docs : chrony.txt chrony.html chrony.info
chrony.txt : chrony.texi
$(MAKEINFO) --no-headers --number-sections -o chrony.txt chrony.texi
makeinfo --no-headers --number-sections -o chrony.txt chrony.texi
chrony.html : chrony.texi
$(MAKEINFO) --no-split --html --number-sections -o chrony.html chrony.texi
command -v texi2html > /dev/null 2>&1 && texi2html chrony.texi || \
makeinfo --no-split --html --number-sections -o chrony.html chrony.texi
chrony.info : chrony.texi
$(MAKEINFO) chrony.texi
makeinfo chrony.texi
# This is only relevant if you're maintaining the website!
faq.php : faq.txt faqgen.pl

45
NEWS
View File

@@ -1,3 +1,48 @@
New in version 1.29.1
=====================
Security fixes
--------------
* Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021)
(incompatible with previous protocol version, chronyc supports both)
New in version 1.29
===================
Security fixes
--------------
* Fix crash when processing crafted commands (CVE-2012-4502)
(possible with IP addresses allowed by cmdallow and localhost)
* Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES
replies (CVE-2012-4503) (not used by chronyc)
Other changes
-------------
* Drop support for SUBNETS_ACCESSED and CLIENT_ACCESSES commands
New in version 1.28
===================
* Combine sources to improve accuracy
* Make config and command parser strict
* Add -a option to chronyc to authenticate automatically
* Add -R option to ignore initstepslew and makestep directives
* Add generatecommandkey, minsamples, maxsamples and user directives
* Improve compatibility with NTPv1 and NTPv2 clients
* Create sockets only in selected family with -4/-6 option
* Treat address bind errors as non-fatal
* Extend tracking log
* Accept float values as initstepslew threshold
* Allow hostnames in offline, online and burst commands
* Fix and improve peer polling
* Fix crash in config parsing with too many servers
* Fix crash with duplicated initstepslew address
* Fix delta calculation with extreme frequency offsets
* Set local stratum correctly
* Remove unnecessary adjtimex calls
* Set paths in documentation by configure
* Update chrony.spec
New in version 1.27
===================

21
README
View File

@@ -10,7 +10,7 @@ time. This does most of the work.
chronyc is a command-line interface program which can be used to
monitor chronyd's performance and to change various operating
parateters whilst it is running.
parameters whilst it is running.
chronyd's main function is to obtain measurements of the true (UTC)
time from one of several sources, and correct the system clock
@@ -21,12 +21,12 @@ between measurements from the reference.
The reference time can be derived from Network Time Protocol (NTP)
servers, reference clocks, or wristwatch-and-keyboard (via chronyc).
The main source of information about the Network Time Protocol is
http://www.eecis.udel.edu/~ntp.
http://www.ntp.org.
It is designed so that it can work on computers which only have
intermittent access to reference sources, for example computers which
use a dial-up account to access the Internet. Of course, it will work
on computers with permanent connections too.
use a dial-up account to access the Internet or laptops. Of course, it
will work well on computers with permanent connections too.
In addition, on Linux it can monitor the system's real time clock
performance, so the system can maintain accurate time even across
@@ -48,10 +48,7 @@ What will chrony run on?
Chrony can be successfully built and run on
1. Linux v1.2.13, v2.0.x, 2.1.x (partially), 2.2.x, 2.3.x, 2.4.x, 2.6.x.
Real time clock support is limited to 2.0.32 onwards and to 2.2, 2.3,
2.4 and 2.6 series only. i386, x86_64, PowerPC are known to be
supported.
1. Linux 2.2.x, 2.3.x, 2.4.x, 2.6.x, 3.x
2. Solaris 2.5/2.5.1/2.6/2.7/2.8 (various platforms)
@@ -88,12 +85,6 @@ through the URL
http://chrony.tuxfamily.org/
What can chrony not do?
=======================
Compared to the `reference' RFC1305 implementation xntpd, chronyd does
not support broadcast modes.
Where are new versions announced?
=================================
@@ -252,5 +243,3 @@ Doug Woodward <dougw@whistler.com>
Many other people have contributed bug reports and suggestions. I'm
sorry I can't identify all of you individually.
vim:tw=72

58
acquire.c
View File

@@ -94,7 +94,7 @@ static int n_sources;
static int n_started_sources;
static int n_completed_sources;
static int init_slew_threshold = -1;
static double init_slew_threshold;
union sockaddr_in46 {
struct sockaddr_in in4;
@@ -143,7 +143,6 @@ static SCH_TimeoutID source_start_timeout_id;
void
ACQ_Initialise(void)
{
return;
}
@@ -152,7 +151,6 @@ ACQ_Initialise(void)
void
ACQ_Finalise(void)
{
return;
}
/* ================================================== */
@@ -201,7 +199,7 @@ prepare_socket(int family)
}
if (bind(sock_fd, &my_addr.u, addrlen) < 0) {
LOG(LOGS_ERR, LOGF_Acquire, "Could not bind socket : %s\n", strerror(errno));
LOG(LOGS_ERR, LOGF_Acquire, "Could not bind socket : %s", strerror(errno));
/* but keep running */
}
}
@@ -240,8 +238,6 @@ finalise_io(void)
}
sock_fd6 = -1;
#endif
return;
}
/* ================================================== */
@@ -269,8 +265,8 @@ probe_source(SourceRecord *src)
pkt.stratum = 0;
pkt.poll = 4;
pkt.precision = -6; /* as ntpdate */
pkt.root_delay = double_to_int32(1.0); /* 1 second */
pkt.root_dispersion = double_to_int32(1.0); /* likewise */
pkt.root_delay = UTI_DoubleToInt32(1.0); /* 1 second */
pkt.root_dispersion = UTI_DoubleToInt32(1.0); /* likewise */
pkt.reference_id = 0;
pkt.reference_ts.hi = 0; /* Set to 0 */
pkt.reference_ts.lo = 0; /* Set to 0 */
@@ -322,8 +318,6 @@ probe_source(SourceRecord *src)
++(src->n_dead_probes);
src->timer_running = 1;
src->timeout_id = SCH_AddTimeoutByDelay(RETRANSMISSION_TIMEOUT, transmit_timeout, (void *) src);
return;
}
/* ================================================== */
@@ -399,8 +393,8 @@ process_receive(NTP_Packet *msg, SourceRecord *src, struct timeval *now)
return;
}
root_delay = int32_to_double(msg->root_delay);
root_dispersion = int32_to_double(msg->root_dispersion);
root_delay = UTI_Int32ToDouble(msg->root_delay);
root_dispersion = UTI_Int32ToDouble(msg->root_dispersion);
UTI_Int64ToTimeval(&src->last_tx, &local_orig);
UTI_Int64ToTimeval(&msg->receive_ts, &remote_rx);
@@ -455,7 +449,7 @@ read_from_socket(void *anything)
his_addr_len = sizeof(his_addr);
/* Get timestamp */
SCH_GetFileReadyTime(&now, NULL);
SCH_GetLastEventTime(&now, NULL, NULL);
sock_fd = (long)anything;
status = recvfrom (sock_fd, (char *)&msg, message_length, flags,
@@ -701,7 +695,7 @@ process_measurements(void)
the system clock is fast of the reference, i.e. it needs to be
stepped backwards. */
if (fabs(estimated_offset) > (double) init_slew_threshold) {
if (fabs(estimated_offset) > init_slew_threshold) {
LOG(LOGS_INFO, LOGF_Acquire, "System's initial offset : %.6f seconds %s of true (step)",
fabs(estimated_offset),
(estimated_offset >= 0) ? "fast" : "slow");
@@ -753,10 +747,11 @@ start_source_timeout_handler(void *not_used)
/* ================================================== */
void
ACQ_StartAcquisition(int n, IPAddr *ip_addrs, int threshold, void (*after_hook)(void *), void *anything)
ACQ_StartAcquisition(int n, IPAddr *ip_addrs, double threshold, void (*after_hook)(void *), void *anything)
{
int i, ip4, ip6;
int k, duplicate_ip;
saved_after_hook = after_hook;
saved_after_hook_anything = anything;
@@ -765,26 +760,37 @@ ACQ_StartAcquisition(int n, IPAddr *ip_addrs, int threshold, void (*after_hook)(
n_started_sources = 0;
n_completed_sources = 0;
n_sources = n;
n_sources = 0;
sources = MallocArray(SourceRecord, n);
for (i = ip4 = ip6 = 0; i < n; i++) {
sources[i].ip_addr = ip_addrs[i];
sources[i].n_samples = 0;
sources[i].n_total_samples = 0;
sources[i].n_dead_probes = 0;
if (ip_addrs[i].family == IPADDR_INET4)
ip4++;
else if (ip_addrs[i].family == IPADDR_INET6)
ip6++;
/* check for duplicate IP addresses and ignore them */
duplicate_ip = 0;
for (k = 0; k < i; k++) {
duplicate_ip |= UTI_CompareIPs(&(sources[k].ip_addr),
&ip_addrs[i],
NULL) == 0;
}
if (!duplicate_ip) {
sources[n_sources].ip_addr = ip_addrs[i];
sources[n_sources].n_samples = 0;
sources[n_sources].n_total_samples = 0;
sources[n_sources].n_dead_probes = 0;
if (ip_addrs[i].family == IPADDR_INET4)
ip4++;
else if (ip_addrs[i].family == IPADDR_INET6)
ip6++;
n_sources++;
} else {
LOG(LOGS_WARN, LOGF_Acquire, "Ignoring duplicate source: %s",
UTI_IPToString(&ip_addrs[i]));
}
}
initialise_io((ip4 && ip6) ? IPADDR_UNSPEC : (ip4 ? IPADDR_INET4 : IPADDR_INET6));
/* Start sampling first source */
start_next_source();
return;
}
/* ================================================== */

2
acquire.h
View File

@@ -35,7 +35,7 @@ extern void ACQ_Initialise(void);
extern void ACQ_Finalise(void);
extern void ACQ_StartAcquisition(int n, IPAddr *ip_addrs, int init_slew_threshold,
extern void ACQ_StartAcquisition(int n, IPAddr *ip_addrs, double init_slew_threshold,
void (*after_hook)(void *), void *anything);
extern void ACQ_AccumulateSample(ACQ_Source acq_source, double offset, double root_distance);

5
addrfilt.c
View File

@@ -116,8 +116,6 @@ close_node(TableNode *node)
Free(node->extended);
node->extended = NULL;
}
return;
}
@@ -141,7 +139,6 @@ open_node(TableNode *node)
child_node->extended = NULL;
}
}
return;
}
/* ================================================== */
@@ -408,7 +405,6 @@ static void print_node(TableNode *node, uint32_t *addr, int ip_len, int shift, i
print_node(sub_node, new_addr, ip_len, shift - 4, subnet_bits + 4);
}
}
return;
}
@@ -423,7 +419,6 @@ static void print_table(ADF_AuthTable table)
memset(addr, 0, sizeof (addr));
printf("IPv6 table:\n");
print_node(&table->base6, addr, 4, 124, 0);
return;
}
/* ================================================== */

6
broadcast.c
View File

@@ -49,7 +49,6 @@ static int max_destinations = 0;
void
BRD_Initialise(void)
{
return; /* Nothing to do */
}
/* ================================================== */
@@ -57,7 +56,6 @@ BRD_Initialise(void)
void
BRD_Finalise(void)
{
return; /* Nothing to do */
}
/* ================================================== */
@@ -101,8 +99,8 @@ timeout_handler(void *arbitrary)
/* If we're sending a client mode packet and we aren't synchronized yet,
we might have to set up artificial values for some of these parameters */
message.root_delay = double_to_int32(our_root_delay);
message.root_dispersion = double_to_int32(our_root_dispersion);
message.root_delay = UTI_DoubleToInt32(our_root_delay);
message.root_dispersion = UTI_DoubleToInt32(our_root_dispersion);
message.reference_id = htonl((NTP_int32) our_ref_id);

64
candm.h
View File

@@ -298,22 +298,10 @@ typedef struct {
uint32_t bits_specd;
} REQ_SubnetsAccessed_Subnet;
#define MAX_SUBNETS_ACCESSED 8
typedef struct {
uint32_t n_subnets;
REQ_SubnetsAccessed_Subnet subnets[MAX_SUBNETS_ACCESSED];
} REQ_SubnetsAccessed;
/* This is based on the response size rather than the
request size */
#define MAX_CLIENT_ACCESSES 8
typedef struct {
uint32_t n_clients;
IPAddr client_ips[MAX_CLIENT_ACCESSES];
} REQ_ClientAccesses;
typedef struct {
uint32_t first_index;
uint32_t n_indices;
@@ -370,14 +358,26 @@ typedef struct {
modify polltarget, modify maxdelaydevratio, reselect, reselectdistance
Version 5 : auth data moved to the end of the packet to allow hashes with
different sizes, extended sources, tracking and activity reports
different sizes, extended sources, tracking and activity reports, dropped
subnets accessed and client accesses
Version 6 : added padding to requests to prevent amplification attack,
changed maximum number of samples in manual list to 16
*/
#define PROTO_VERSION_NUMBER 5
#define PROTO_VERSION_NUMBER 6
/* The oldest protocol version that is compatible enough with
the current version to report a version mismatch */
#define PROTO_VERSION_MISMATCH_COMPAT 4
/* The oldest protocol versions that are compatible enough with the current
version to report a version mismatch for the server and the client */
#define PROTO_VERSION_MISMATCH_COMPAT_SERVER 5
#define PROTO_VERSION_MISMATCH_COMPAT_CLIENT 4
/* The first protocol version using padding in requests */
#define PROTO_VERSION_PADDING 6
/* The maximum length of padding in request packet, currently
defined by CLIENT_ACCESSES_BY_INDEX and MANUAL_LIST */
#define MAX_PADDING_LENGTH 396
/* ================================================== */
@@ -426,8 +426,6 @@ typedef struct {
REQ_RTCReport rtcreport;
REQ_TrimRTC trimrtc;
REQ_CycleLogs cyclelogs;
REQ_SubnetsAccessed subnets_accessed;
REQ_ClientAccesses client_accesses;
REQ_ClientAccessesByIndex client_accesses_by_index;
REQ_ManualList manual_list;
REQ_ManualDelete manual_delete;
@@ -437,8 +435,13 @@ typedef struct {
REQ_ReselectDistance reselect_distance;
} data; /* Command specific parameters */
/* authentication of the packet, there is no hole after the actual data
from the data union, this field only sets the maximum auth size */
/* The following fields only set the maximum size of the packet.
There are no holes between them and the actual data. */
/* Padding used to prevent traffic amplification */
uint8_t padding[MAX_PADDING_LENGTH];
/* Authentication data */
uint8_t auth[MAX_HASH_LENGTH];
} CMD_Request;
@@ -478,6 +481,7 @@ typedef struct {
#define STT_BADSUBNET 7
#define STT_ACCESSALLOWED 8
#define STT_ACCESSDENIED 9
/* Deprecated */
#define STT_NOHOSTACCESS 10
#define STT_SOURCEALREADYKNOWN 11
#define STT_TOOMANYSOURCES 12
@@ -507,7 +511,7 @@ typedef struct {
#define RPY_SD_ST_FALSETICKER 2
#define RPY_SD_ST_JITTERY 3
#define RPY_SD_ST_CANDIDATE 4
#define RPY_SD_ST_OUTLYER 5
#define RPY_SD_ST_OUTLIER 5
#define RPY_SD_FLAG_NOSELECT 0x1
#define RPY_SD_FLAG_PREFER 0x2
@@ -582,11 +586,6 @@ typedef struct {
uint32_t bitmap[8];
} RPY_SubnetsAccessed_Subnet;
typedef struct {
uint32_t n_subnets;
RPY_SubnetsAccessed_Subnet subnets[MAX_SUBNETS_ACCESSED];
} RPY_SubnetsAccessed;
typedef struct {
IPAddr ip;
uint32_t client_hits;
@@ -598,19 +597,15 @@ typedef struct {
uint32_t last_cmd_hit_ago;
} RPY_ClientAccesses_Client;
typedef struct {
uint32_t n_clients;
RPY_ClientAccesses_Client clients[MAX_CLIENT_ACCESSES];
} RPY_ClientAccesses;
typedef struct {
uint32_t n_indices; /* how many indices there are in the server's table */
uint32_t next_index; /* the index 1 beyond those processed on this call */
uint32_t n_clients; /* the number of valid entries in the following array */
RPY_ClientAccesses_Client clients[MAX_CLIENT_ACCESSES];
int32_t EOR;
} RPY_ClientAccessesByIndex;
#define MAX_MANUAL_LIST_SAMPLES 32
#define MAX_MANUAL_LIST_SAMPLES 16
typedef struct {
Timeval when;
@@ -622,6 +617,7 @@ typedef struct {
typedef struct {
uint32_t n_samples;
RPY_ManualListSample samples[MAX_MANUAL_LIST_SAMPLES];
int32_t EOR;
} RPY_ManualList;
typedef struct {
@@ -656,8 +652,6 @@ typedef struct {
RPY_Tracking tracking;
RPY_Sourcestats sourcestats;
RPY_Rtc rtc;
RPY_SubnetsAccessed subnets_accessed;
RPY_ClientAccesses client_accesses;
RPY_ClientAccessesByIndex client_accesses_by_index;
RPY_ManualList manual_list;
RPY_Activity activity;

14
chrony.1
View File

@@ -21,7 +21,7 @@ to the Internet, and it can also act as an RFC1305-compatible NTP server.
.SH USAGE
\fIchronyc\fR is a command-line interface program which can be used to
monitor \fIchronyd\fR's performance and to change various operating
parateters whilst it is running.
parameters whilst it is running.
\fIchronyd\fR's main function is to obtain measurements of the true (UTC)
time from one of several sources, and correct the system clock
@@ -32,16 +32,16 @@ between measurements from the reference.
The reference time can be derived from either Network Time Protocol
(NTP) servers, reference clocks, or wristwatch-and-keyboard (via \fIchronyc\fR).
The main source of information about the Network Time Protocol is
\fIhttp://www.eecis.udel.edu/~ntp\fR.
\fIhttp://www.ntp.org\fR.
It is designed so that it can work on computers which only have
intermittent access to reference sources, for example computers which
use a dial-up account to access the Internet. Of course, it will work
on computers with permanent connections too.
use a dial-up account to access the Internet or laptops. Of course, it
will work well on computers with permanent connections too.
In addition, for Linux 2.0.x (for x >= 32) or 2.2 onwards, chronyd can monitor
the system's real time clock performance, so the system can maintain accurate
time even across reboots.
In addition, on Linux it can monitor the system's real time clock
performance, so the system can maintain accurate time even across
reboots.
Typical accuracies available between 2 machines are

8
chrony.conf.5 → chrony.conf.5.in
View File

@@ -3,7 +3,7 @@
chrony.conf \- chronyd configuration file
.SH SYNOPSIS
.B /etc/chrony.conf
.B @SYSCONFDIR@/chrony.conf
.SH DESCRIPTION
\fIchrony\fR is a pair of programs for maintaining the accuracy of computer
@@ -12,7 +12,7 @@ boot time.
Assuming that you have found some servers, you need to set up a
configuration file to run \fIchrony\fR. The (compiled-in) default location
for this file is \fB/etc/chrony.conf\fR. Assuming that your ntp servers
for this file is \fB@SYSCONFDIR@/chrony.conf\fR. Assuming that your ntp servers
are called `a.b.c' and `d.e.f', your \fBchrony.conf\fR file could contain
as a minimum
@@ -29,9 +29,9 @@ useful configuration file would look something like
server a.b.c
server d.e.f
server g.h.i
keyfile /etc/chrony.keys
keyfile @SYSCONFDIR@/chrony.keys
commandkey 1
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
.SH "SEE ALSO"

49
chrony.spec.sample
View File

@@ -1,38 +1,43 @@
%global chrony_version @@VERSION@@
%if 0%(echo %{chrony_version} | grep -q pre && echo 1)
%global prerelease %(echo %{chrony_version} | sed 's/.*-//')
%endif
Summary: An NTP client/server
Name: chrony
Version: @@VERSION@@
Release: 1
Source: chrony-%{version}.tar.gz
Copyright: GPL
Version: %(echo %{chrony_version} | sed 's/-.*//')
Release: %{!?prerelease:1}%{?prerelease:0.1.%{prerelease}}
Source: chrony-%{version}%{?prerelease:-%{prerelease}}.tar.gz
License: GPLv2
Group: Applications/Utilities
Packager: Richard P. Curnow <rc@rc0.org.uk>
BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(id -u -n)
Requires: info
%description
A pair of programs for keeping computer clocks accurate. chronyd is a
background (daemon) program and chronyc is a command-line interface to it.
Time reference sources for chronyd can be RFC1305 NTP servers, human (via
keyboard and chronyc), and the computer's real-time clock at boot time (Linux
only). chronyd can determine the rate at which the computer gains or loses
time and compensate for it whilst no external reference is present. chronyd's
use of NTP servers can be switched on and off (through chronyc) to support
computers with dial-up/intermittent access to the Internet. chronyd can also
act as an RFC1305-compatible NTP server.
chrony is a client and server for the Network Time Protocol (NTP).
This program keeps your computer's clock accurate. It was specially
designed to support systems with intermittent Internet connections,
but it also works well in permanently connected environments. It can
also use hardware reference clocks, the system real-time clock, or
manual input as time references.
%prep
%setup
%setup -q -n %{name}-%{version}%{?prerelease:-%{prerelease}}
%build
./configure --prefix=%{_prefix} --mandir=%{_mandir}
make CC=gcc CFLAGS=-O2 prefix=%{_prefix}
make chrony.txt prefix=%{_prefix}
make chrony.info prefix=%{_prefix}
./configure \
--prefix=%{_prefix} \
--bindir=%{_bindir} \
--sbindir=%{_sbindir} \
--infodir=%{_infodir} \
--mandir=%{_mandir}
make
make chrony.txt
make chrony.info
%install
rm -rf $RPM_BUILD_ROOT
cd $RPM_BUILD_DIR/chrony-%{version}
make install DESTDIR=$RPM_BUILD_ROOT prefix=%{_prefix}
make install DESTDIR=$RPM_BUILD_ROOT
rm -rf $RPM_BUILD_ROOT%{_docdir}
mkdir -p $RPM_BUILD_ROOT%{_infodir}
cp chrony.info* $RPM_BUILD_ROOT%{_infodir}
@@ -47,6 +52,6 @@ cp chrony.info* $RPM_BUILD_ROOT%{_infodir}
%doc README
%doc chrony.txt
%doc COPYING
%doc examples/chrony.conf.example
%doc examples/chrony.conf.example*
%doc examples/chrony.keys.example

500
chrony.texi → chrony.texi.in
View File

@@ -93,10 +93,10 @@ Data Security, Inc. MD5 Message-Digest Algorithm} for authenticating
messages between different machines on the network.
In writing the @code{chronyd} program, extensive use has been made of
RFC1305, written by David Mills. I have occasionally referred to the
@code{xntp} suite's source code to check details of the protocol that
the RFC did not make absolutely clear. The core algorithms in
@code{chronyd} are all completely distinct from @code{xntp}, however.
RFC1305, written by David Mills. The @code{ntp} suite's source code has
been occasionally used to check details of the protocol that the RFC did
not make absolutely clear. The core algorithms in @code{chronyd} are
all completely distinct from @code{ntp}, however.
@c }}}
@c {{{ S:Availability
@node Availability
@@ -125,9 +125,7 @@ different quirks in its behaviour.
The software is known to work in the following environments:
@itemize @bullet
@item Linux on i386, x86_64 and PowerPC architectures. The software is known
to work on Linux 2.0.x and newer. Prior to 2.0.31, the real time clock can't
be used.
@item Linux 2.2 and newer
@item NetBSD
@item BSD/386
@@ -148,34 +146,50 @@ requires access to such systems to test out the driver.
@node Other time synchronisation packages
@section Relationship to other software packages
@menu
* Comparison with xntpd::
* Comparison with ntpd::
* Comparison with timed::
@end menu
@node Comparison with xntpd
@subsection xntpd
@node Comparison with ntpd
@subsection ntpd
The `reference' implementation of the Network Time Protocol is the
program @code{xntpd}, available via
@uref{http://www.eecis.udel.edu/~ntp, The NTP home page}.
program @code{ntpd}, available via
@uref{http://www.ntp.org/, The NTP home page}.
@code{xntpd} is designed to support all the operating modes defined by
RFC1305, and has driver support for a large number of reference clocks
(such as GPS receivers) that can be connected directly to a computer,
thereby providing a so-called 'stratum 1' server.
Things @code{chronyd} can do that @code{xntpd} can't:
One of the main differences between @code{ntpd} and @code{chronyd} is in
the algorithms used to control the computer's clock. Things
@code{chronyd} can do better than @code{ntpd}:
@itemize @bullet
@item
@code{chronyd} can perform usefully in an environment where access to
the time reference is intermittent. @code{chronyd} estimates
@emph{both} the current time offset @emph{and} the rate at which the
computer's clock gains or loses time, and can use that rate estimate to
trim the clock after the reference disappears. @code{xntpd} corrects
any time offset by speeding up and slowing down the computer clock, and
so could be left with a significant rate error if the reference
disappears whilst it is trying to correct a big offset.
the time reference is intermittent. @code{ntpd} needs regular polling
of the reference to work well.
@item
@code{chronyd} can usually synchronise the clock faster and with better
time accuracy.
@item
@code{chronyd} quickly adapts to sudden changes in the rate of the clock
(e.g. due to changes in the temperature of the crystal oscillator).
@code{ntpd} may need a long time to settle down again.
@item
@code{chronyd} can perform well even when the network is congested for
longer periods of time.
@item
@code{chronyd} in the default configuration never steps the time to not
upset other running programs. @code{ntpd} can be configured to never
step the time too, but it has to use a different means of adjusting the
clock, which has some
disadvantages.
@item
@code{chronyd} can adjust the rate of the clock on Linux in a larger
range, which allows it to operate even on machines with broken or
unstable clock (e.g. in some virtual machines).
@end itemize
Things @code{chronyd} can do that @code{ntpd} can't:
@itemize @bullet
@item
@code{chronyd} provides support for isolated networks whether the only
method of time correction is manual entry (e.g. by the administrator
@@ -189,33 +203,27 @@ subsequently.
`real-time clock', i.e. the clock that maintains the time when the
computer is turned off. It can use this data when the system boots to
set the system time from a corrected version of the real-time clock.
These real-time clock facilities are only available on certain releases
of Linux, so far.
@item
The @code{xntpd} program is supported by other programs to carry out
certain functions. @code{ntpdate} is used to provide an initial
correction to the system clock based on a `one-shot' sampling of other
NTP servers. @code{tickadj} is used to adjust certain operating system
parameters to make @code{xntpd} work better. All this functionality is
integrated into @code{chronyd}.
These real-time clock facilities are only available on Linux, so far.
@end itemize
Things @code{xntpd} can do that @code{chronyd} can't:
Things @code{ntpd} can do that @code{chronyd} can't:
@itemize @bullet
@item
@code{xntpd} supports effectively all of RFC1305, including broadcast /
multicast clients and extra encryption schemes for authenticating
data packets.
@code{ntpd} fully supports NTP version 4 (RFC5905), including broadcast,
multicast, manycast clients / servers and the orphan mode. It also
supports extra authentication schemes based on public-key cryptography
(RFC5906). @code{chronyd} uses NTP version 3 (RFC1305), which is
compatible with version 4.
@item
@code{xntpd} has been ported to more types of computer / operating
system (so far).
@code{ntpd} has been ported to more types of computer / operating
system.
@item
xntpd is designed to work solely with integer arithmetic (i.e. does not
require floating point support from its host).
@code{ntpd} includes drivers for many reference clocks. @code{chronyd}
relies on other programs (e.g. gpsd) to access the data from the
reference clocks.
@end itemize
@node Comparison with timed
@@ -303,9 +311,9 @@ different architectures (Alpha, Sparc, MIPS as well as x86 of course).
@item Porting to Windows NT
I did a small amount of work on this under Cygwin. Only the sorting out of the
include files has really been achieved so far. The two main areas still to
address are
A small amount of work on this was done under Cygwin. Only the sorting
out of the include files has really been achieved so far. The two main
areas still to address are
@enumerate
@item The system clock driver.
@@ -560,11 +568,14 @@ customers.
stratum 1 and stratum 2 servers. You should find one or more servers
that are near to you --- check that their access policy allows you to
use their facilities.
@item Use public servers from
@uref{http://www.pool.ntp.org/, the pool.ntp.org project}.
@end itemize
Assuming that you have found some servers, you need to set up a
configuration file to run chrony. The (compiled-in) default location
for this file is @file{/etc/chrony.conf}. Assuming that your ntp
for this file is @file{@SYSCONFDIR@/chrony.conf}. Assuming that your ntp
servers are called @code{a.b.c} and @code{d.e.f}, your
@file{chrony.conf} file could contain as a minimum
@@ -583,9 +594,9 @@ useful configuration file would look something like
server a.b.c
server d.e.f
server g.h.i
keyfile /etc/chrony.keys
keyfile @SYSCONFDIR@/chrony.keys
commandkey 1
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
@end example
@c }}}
@c {{{ S:Infrequent connection
@@ -595,7 +606,7 @@ In this section we discuss how to configure chrony for computers that
have occasional connections to the internet.
@menu
* Configuration for infrequent connections:: How to set up the @code{/etc/chrony} file
* Configuration for infrequent connections:: How to set up the @code{@SYSCONFDIR@/chrony.conf} file
* Advising chronyd of internet availability:: How to tell chronyd when the link is available
@end menu
@@ -619,49 +630,35 @@ server d.e.f
server g.h.i
@end example
However, the following issues need to be addressed:
@enumerate 1
@item
Your computer probably doesn't have DNS access whilst offline to turn
the machine names into IP addresses.
@item
Your computer will keep trying to contact the servers to obtain
However, your computer will keep trying to contact the servers to obtain
timestamps, even whilst offline. If you operate a dial-on-demand
system, things are even worse, because the link to the internet will
keep getting established.
@end enumerate
For this reason, it would be better to specify this part of your
configuration file in the following way:
@example
server 1.2.3.4 offline
server 5.6.7.8 offline
server 9.10.11.12 offline
server a.b.c offline
server d.e.f offline
server g.h.i offline
@end example
Because numeric IP addresses have been used, the first problem is
overcome. The @code{offline} keyword indicates that the servers start
The @code{offline} keyword indicates that the servers start
in an offline state, and that they should not be contacted until @code{chronyd}
receives notification that the link to the internet is present.
An alternative is to use the names of the NTP servers, and put entries for them
into your @file{/etc/hosts} file. This will be OK as long as @samp{files}
comes before @samp{dns} in the @samp{hosts} line of the
@file{/etc/nsswitch.conf} file.
In order to notify @code{chronyd} of the presence of the link, you will need to
be able to log in to it with the program chronyc. To do this, @code{chronyd}
needs to be configured with an administrator password. To set up an
administrator password, you can create a file @file{/etc/chrony.keys}
administrator password, you can create a file @file{@SYSCONFDIR@/chrony.keys}
containing a single line
@example
1 xyzzy
1 ALongAndRandomPassword
@end example
and add the following line to @file{/etc/chrony.conf} (the order of the
and add the following line to @file{@SYSCONFDIR@/chrony.conf} (the order of the
lines does not matter)
@example
@@ -671,12 +668,12 @@ commandkey 1
The smallest useful configuration file would look something like
@example
server 1.2.3.4 offline
server 5.6.7.8 offline
server 9.10.11.12 offline
keyfile /etc/chrony.keys
server a.b.c offline
server d.e.f offline
server g.h.i offline
keyfile @SYSCONFDIR@/chrony.keys
commandkey 1
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
@end example
The next section describes how to tell @code{chronyd} when the internet link
@@ -685,33 +682,27 @@ goes up and down.
@node Advising chronyd of internet availability
@subsection How to tell chronyd when the internet link is available.
To use this option, you will need to configure a command key in
@code{chronyd's} configuration file @file{/etc/chrony.conf}, as described in
@code{chronyd's} configuration file @file{@SYSCONFDIR@/chrony.conf}, as described in
the previous section.
To tell @code{chronyd} when to start and finish sampling the servers, the
@code{online} and @code{offline} commands of chronyc need to be used.
To give an example of their use, we assume that @code{pppd} is the
program being used to connect to the internet, and that chronyc has been
installed at its default location @file{/usr/local/bin/chronyc}. We
installed at its default location @file{@BINDIR@/chronyc}. We
also assume that the command key has been set up as described in the
previous section.
In the file @file{/etc/ppp/ip-up} we add the command sequence
@example
/usr/local/bin/chronyc <<EOF
password xyzzy
online
EOF
@BINDIR@/chronyc -a online
@end example
and in the file @file{/etc/ppp/ip-down} we add the sequence
@example
/usr/local/bin/chronyc <<EOF
password xyzzy
offline
EOF
@BINDIR@/chronyc -a offline
@end example
@code{chronyd's} polling of the servers will now only occur whilst the
@@ -746,9 +737,9 @@ be (assuming the clients are in the 192.168.165.x subnet and that the
master's address is 192.168.169.170)
@example
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
commandkey 25
keyfile /etc/chrony.keys
keyfile @SYSCONFDIR@/chrony.keys
initstepslew 10 client1 client3 client6
local stratum 8
manual
@@ -760,10 +751,10 @@ the configuration file might be
@example
server master
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
logdir /var/log/chrony
log measurements statistics tracking
keyfile /etc/chrony.keys
keyfile @SYSCONFDIR@/chrony.keys
commandkey 24
local stratum 10
initstepslew 20 master
@@ -833,18 +824,10 @@ compiled into the kernel). An estimate is made of the RTC error at a
particular RTC second, and the rate at which the RTC gains or loses time
relative to true time.
The RTC is fully supported in 2.2, 2.4 and 2.6 kernels.
On 2.6 kernels, if your motherboard has a HPET, you need to enable the
On 2.6 and later kernels, if your motherboard has a HPET, you need to enable the
@samp{HPET_EMULATE_RTC} option in your kernel configuration. Otherwise, chrony
will not be able to interact with the RTC device and will give up using it.
For kernels in the 2.0 series prior to 2.0.32, the kernel was set up to
trim the RTC every 11 minutes. This would be disasterous for
@code{chronyd} -- there is no reliable way of synchronising with this
trimming. For this reason, @code{chronyd} only supports the RTC in 2.0
kernels from v2.0.32 onwards.
When the computer is powered down, the measurement histories for all the
NTP servers are saved to files (if the @code{dumponexit} directive is
specified in the configuration file), and the RTC tracking information
@@ -895,102 +878,58 @@ option should not be used if you want your disc to spin down.
To illustrate how a dial-up home computer might be configured, example
configuration files are shown in this section.
For the @file{/etc/chrony.conf} file, the following can be used as an
example. @emph{NOTE : The @code{server} directives are only applicable
to customers of Demon Internet; users of other ISPs will need to use
their own ISP's NTP servers or public NTP servers.}
For the @file{@SYSCONFDIR@/chrony.conf} file, the following can be used as an
example.
@example
server 158.152.1.65 minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 158.152.1.76 minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 194.159.253.2 minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 0.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 1.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 2.pool.ntp.org minpoll 5 maxpoll 10 maxdelay 0.4 offline
logdir /var/log/chrony
log statistics measurements tracking
driftfile /etc/chrony.drift
keyfile /etc/chrony.keys
driftfile @CHRONYVARDIR@/drift
keyfile @SYSCONFDIR@/chrony.keys
commandkey 25
maxupdateskew 100.0
dumponexit
dumpdir /var/log/chrony
rtcfile /etc/chrony.rtc
dumpdir @CHRONYVARDIR@
rtcfile @CHRONYVARDIR@/rtc
@end example
With Freeserve as the ISP, I use the following server lines :
@example
server 194.152.64.68 minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 194.152.64.35 minpoll 5 maxpoll 10 maxdelay 0.4 offline
server 194.152.64.34 minpoll 5 maxpoll 10 maxdelay 0.4 offline
@end example
I use @code{pppd} for connecting to my ISP. This runs two scripts
@code{pppd} is used for connecting to the internet. This runs two scripts
@file{/etc/ppp/ip-up} and @file{/etc/ppp/ip-down} when the link goes
online and offline respectively.
The relevant part of the @file{/etc/ppp/ip-up} file is (with a dummy
password)
The relevant part of the @file{/etc/ppp/ip-up} file is
@example
/usr/local/bin/chronyc <<EOF
password xxxxxxxx
online
EOF
@BINDIR@/chronyc -a online
@end example
and the relevant part of the @file{/etc/ppp/ip-down} script is
@example
/usr/local/bin/chronyc <<EOF
password xxxxxxxx
offline
dump
writertc
EOF
@BINDIR@/chronyc -a -m offline dump writertc
@end example
(Because they have to contain the administrator password, it would be
desirable to make the files readable only by root on a multiuser
machine).
To start @code{chronyd} during the boot sequence, I have the following
in @file{/etc/rc.d/rc.local} (this is a Slackware system)
To start @code{chronyd} during the boot sequence, the following
is in @file{/etc/rc.d/rc.local} (this is a Slackware system)
@example
if [ -f /usr/local/sbin/chronyd -a -f /etc/chrony.conf ]; then
/usr/local/sbin/chronyd -r -s
if [ -f @SBINDIR@/chronyd -a -f @SYSCONFDIR@/chrony.conf ]; then
@SBINDIR@/chronyd -r -s
echo "Start chronyd"
fi
@end example
The placement of this command may be important on some systems. In
particular, @code{chronyd} may need to be started several seconds (about
10 as a minimum) before any software that depends on the system clock
not jumping or moving backwards, depending on the directives in
@code{chronyd's} configuration file.
particular, @code{chronyd} may need to be started before any software
that depends on the system clock not jumping or moving backwards,
depending on the directives in @code{chronyd's} configuration file.
For the system shutdown, @code{chronyd} should receive a SIGTERM several
seconds before the final SIGKILL; the SIGTERM causes the measurement
histories and RTC information to be saved out. There should be no need
to add anything to the shutdown sequence, unless (as my system had)
there is no pause between the SIGTERM and SIGKILL being delivered to the
remaining processes. So if you find something like
@example
killall5 -15
killall5 -9
@end example
in your @code{/etc/rc.d/rc.0} script, you will need to insert a sleep, e.g.
@example
killall5 -15
sleep 5
killall5 -9
@end example
Otherwise, @code{chronyd} will not always save information on shutdown,
which could be a problem if you don't use @code{dump} and
@code{writertc} when you go offline.
histories and RTC information to be saved out.
@c }}}
@c {{{ S:Other config options
@node Configuration options overview
@@ -1008,14 +947,14 @@ determination is taking place.
To avoid this problem, @code{chronyd} allows the gain or loss rate to be
stored in a file, which can be read back in when the program is
restarted. This file is called the drift file, and might typically be
stored in @file{/etc/chrony.drift}. By specifying an option like the
stored in @file{@CHRONYVARDIR@/drift}. By specifying an option like the
following
@example
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
@end example
in the configuration file (@file{/etc/chrony.conf}), the drift file
in the configuration file (@file{@SYSCONFDIR@/chrony.conf}), the drift file
facility will be activated.
@c }}}
@c }}}
@@ -1034,11 +973,11 @@ facility will be activated.
@node Starting chronyd
@section Starting chronyd
If @code{chronyd} has been installed to its default location
@file{/usr/local/sbin/chronyd}, starting it is simply a matter of
@file{@SBINDIR@/chronyd}, starting it is simply a matter of
entering the command
@example
/usr/local/sbin/chronyd
@SBINDIR@/chronyd
@end example
Information messages and warnings will be logged to syslog.
@@ -1055,7 +994,7 @@ terminal, and all messages will be sent to the terminal instead of to
syslog.
@item -f <conf-file>
This option can be used to specify an alternate location for the
configuration file (default @file{/etc/chrony.conf}).
configuration file (default @file{@SYSCONFDIR@/chrony.conf}).
@item -r
This option will reload sample histories for each of the servers being
used. These histories are created by using the @code{dump} command in
@@ -1067,6 +1006,12 @@ maintain clock compensation whilst not under @code{chronyd's} control.
The only version where this happens so far is Linux. On systems where
this is not the case, e.g. Solaris and SunOS the option should not be
used.
@item -R
When this option is used, the @code{initstepslew} directive and the
@code{makestep} directive used with a positive limit will be ignored.
This option is useful when restarting @code{chronyd} and can be used
in conjuction with the `-r' option.
@item -s
This option will set the system clock from the computer's real-time
clock. This is analogous to supplying the `-s' flag to the
@@ -1102,15 +1047,17 @@ supported only on Linux.
This option will lock chronyd into RAM so that it will never be paged
out. This mode is only supported on Linux.
@item -4
With this option hostnames will be resolved only to IPv4 addresses.
With this option hostnames will be resolved only to IPv4 addresses and only
IPv4 sockets will be created.
@item -6
With this option hostnames will be resolved only to IPv6 addresses.
With this option hostnames will be resolved only to IPv6 addresses and only
IPv6 sockets will be created.
@end table
On systems that support an @file{/etc/rc.local} file for starting
programs at boot time, @code{chronyd} can be started from there.
On systems with a System V style initialisation (e.g. Solaris), a
On systems with a System V style initialisation, a
suitable start/stop script might be as shown below. This might be
placed in the file @file{/etc/rc2.d/S83chrony}.
@@ -1130,7 +1077,7 @@ killproc() @{ # kill the named process(es)
case "$1" in
'start')
if [ -f /opt/free/sbin/chronyd -a -f /etc/chrony.conf ]; then
if [ -f /opt/free/sbin/chronyd -a -f @SYSCONFDIR@/chrony.conf ]; then
/opt/free/sbin/chronyd
fi
;;
@@ -1155,7 +1102,7 @@ service.)
@node Configuration file
@section The chronyd configuration file
@c {{{ section top
The configuration file is normally called @file{/etc/chrony.conf}; in
The configuration file is normally called @file{@SYSCONFDIR@/chrony.conf}; in
fact, this is the compiled-in default. However, other locations can be
specified with a command line option.
@@ -1172,6 +1119,7 @@ directives can occur in any order in the file.
* broadcast directive:: Make chronyd act as an NTP broadcast server
* cmdallow directive:: Give control access to chronyc on other computers
* cmddeny directive:: Deny control access to chronyc on other computers
* combinelimit directive:: Limit sources included in combining algorithm
* commandkey directive:: Set runtime command key
* corrtimeratio directive:: Set correction time ratio
* cmdport directive:: Set port to use for runtime commanding
@@ -1180,6 +1128,7 @@ directives can occur in any order in the file.
* dumpdir directive:: Specify directory for dumping measurements
* dumponexit directive:: Dump measurements when daemon exits
* fallbackdrift directive:: Specify fallback drift intervals
* generatecommandkey directive:: Generate command key automatically
* include directive:: Include a configuration file
* initstepslew directive:: Trim the system clock on boot-up.
* keyfile directive:: Specify location of file containing keys
@@ -1196,7 +1145,9 @@ directives can occur in any order in the file.
* maxchange directive:: Set maximum allowed offset
* manual directive:: Allow manual entry using chronyc's settime cmd.
* maxclockerror directive:: Set maximum frequency error of local clock
* maxsamples directive:: Set maximum number of samples per source
* maxupdateskew directive:: Stop bad estimates upsetting machine clock
* minsamples directive:: Set minimum number of samples per source
* noclientlog directive:: Prevent chronyd from gathering data about clients
* clientloglimit directive:: Set client log memory limit
* peer directive:: Specify an NTP peer
@@ -1213,6 +1164,7 @@ directives can occur in any order in the file.
* stratumweight directive:: Specify how important is stratum when selecting source
* lock_all directive:: Require that chronyd be locked into RAM.
* tempcomp directive:: Specify temperature sensor and compensation coefficients
* user directive:: Specify user for dropping root privileges
@end menu
@c }}}
@@ -1410,12 +1362,12 @@ chronyd is running.
You can have more than 1 @code{broadcast} directive if you have more than 1
network interface onto which you wish to send NTP broadcast packets.
Chronyd itself cannot currently act as a broadcast client; it must always be
@code{chronyd} itself cannot currently act as a broadcast client; it must always be
configured as a point-to-point client by defining specific NTP servers and
peers. This broadcast server feature is intended for providing a time source
to other NTP software (e.g. various MS Windows clients).
If xntpd is used as the broadcast client, it will try to use a point-to-point
If ntpd is used as the broadcast client, it will try to use a point-to-point
client/server NTP access to measure the round-trip delay. Thus, the broadcast
subnet should also be the subject of an @code{allow} directive (@pxref{allow
directive}).
@@ -1448,6 +1400,30 @@ The syntax is identical.
There is also a @code{cmddeny all} directive with similar behaviour to the
@code{cmdallow all} directive.
@c }}}
@c {{{ combinelimit
@node combinelimit directive
@subsection combinelimit
When @code{chronyd} has multiple sources available for synchronization, it has
to select one source as the synchronization source. The measured offsets and
frequencies of the system clock relative to the other sources, however, can be
combined with the selected source to improve the accuracy of the system clock.
The @code{combinelimit} directive limits which sources are included in the
combining algorithm. Their synchronization distance has to be shorter than the
distance of the selected source multiplied by the value of the limit. Also,
their measured frequencies have to be close to the frequency of the selected
source.
By default, the limit is 3. Setting the limit to 0 effectively disables the
source combining algorithm and only the selected source will be used to
control the system clock.
The syntax is
@example
combinelimit <limit>
@end example
@c }}}
@c {{{ commandkey
@node commandkey directive
@subsection commandkey
@@ -1462,11 +1438,13 @@ An example of the commandkey command is
commandkey 20
@end example
By default, the key number is 0.
In the key file (see the keyfile command) there should be a line of
the form
@example
20 foobar
20 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC
@end example
When running the chronyc program to perform run-time configuration,
@@ -1477,7 +1455,8 @@ password foobar
@end example
must be entered before any commands affecting the operation of the
daemon can be entered.
daemon can be entered, or chronyc must be started with the `-a' option to run
the password command automatically.
@c }}}
@c {{{ cmdport
@node cmdport directive
@@ -1569,7 +1548,7 @@ which the true rate actually lies.
An example of the driftfile command is
@example
driftfile /etc/chrony.drift
driftfile @CHRONYVARDIR@/drift
@end example
@c }}}
@c {{{ dumpdir
@@ -1595,12 +1574,12 @@ directory where the measurement histories are saved.
An example of the command is
@example
dumpdir /var/log/chrony
dumpdir @CHRONYVARDIR@
@end example
A source whose reference id (the IP address for IPv4 sources) is
1.2.3.4 would have its measurement history saved in the file
@file{/var/log/chrony/1.2.3.4.dat}.
@file{/var/lib/chrony/1.2.3.4.dat}.
@c }}}
@c {{{ dumponexit
@node dumponexit directive
@@ -1637,6 +1616,16 @@ By default (or if the specified maximum or minimum is 0), no fallbacks
will be used and the clock frequency will stay at the last value
calculated before synchronisation was lost.
@c }}}
@c {{{ generatecommandkey
@node generatecommandkey directive
@subsection generatecommandkey
With this directive, if the command key is not found on start in the file
specified by the @code{keyfile} directive, @code{chronyd} will generate a new
command key from the /dev/urandom file and write it to the key file.
The generated key will use SHA1 if @code{chronyd} is compiled with the support,
otherwise MD5 will be used.
@c }}}
@c {{{ include
@node include directive
@subsection include
@@ -1645,7 +1634,7 @@ This is useful when maintaining configuration on multiple hosts to
keep the differences in a separate file.
@example
include /etc/chrony/local.conf
include @SYSCONFDIR@/chrony/local.conf
@end example
@c }}}
@c {{{ initstepslew
@@ -1720,7 +1709,7 @@ ID/key pairs for the following 2 uses:
The format of the command is shown in the example below
@example
keyfile /etc/chrony.keys
keyfile @SYSCONFDIR@/chrony.keys
@end example
The argument is simply the name of the file containing the ID/key
@@ -1743,8 +1732,13 @@ password can be encoded as a string of characters not containing a space with
optional @code{ASCII:} prefix or as a hexadecimal number with @code{HEX:}
prefix.
The ID for the chronyc authentication key is specified with the
commandkey command (see earlier).
For maximum security, it's recommended to use SHA1 or stronger hash function.
The passwords should be random and they should be as long as the output size of
the configured hash function, e.g. 160 bits with SHA1.
The ID for the chronyc authentication key is specified with the commandkey
command (see earlier). The command key can be generated automatically on
start with the @code{generatecommandkey} directive.
@c }}}
@c {{{ leapsectz
@node leapsectz directive
@@ -2030,7 +2024,8 @@ An example line (which actually appears as a single line in the file)
from the tracking log file is shown below.
@example
2012-02-23 05:40:50 158.152.1.76 3 340.529 1.606 1.046e-03 N
2012-02-23 05:40:50 158.152.1.76 3 340.529 1.606 1.046e-03 N \
4 6.849e-03 -4.670e-04
@end example
The columns are as follows (the quantities in square brackets are the
@@ -2060,6 +2055,14 @@ system is fast of UTC). [1.046e-3]
Leap status (@code{N} means normal, @code{+} means that the last minute
of this month has 61 seconds, @code{-} means that the last minute of the month
has 59 seconds, @code{?} means the clock is not currently synchronised.) [N]
@item
The number of combined sources. [4]
@item
The estimated standard deviation of the combined offset (in seconds).
[6.849e-03]
@item
The remaining offset correction from the previous update (in seconds, positive
means the system clock is slow of UTC). [-4.670e-04]
@end enumerate
A banner is periodically written to the log file to indicate the
@@ -2332,6 +2335,19 @@ Typical values for <error-in-ppm> might be 10 for a low quality clock
to 0.1 for a high quality clock using a temperature compensated
crystal oscillator.
@c }}}
@c {{{ maxsamples
@node maxsamples directive
@subsection maxsamples
The @code{maxsamples} directive sets the maximum number of samples
@code{chronyd} should keep for each source. The default is 0, which
disables the configurable limit, and the useful range is 4 to 64.
The syntax is
@example
maxsamples <samples>
@end example
@c }}}
@c {{{ maxupdateskew
@node maxupdateskew directive
@subsection maxupdateskew
@@ -2366,6 +2382,19 @@ highly-reliable master estimate and a new estimate is generated which
has large error bounds, the existing master estimate will dominate in
the new master estimate.
@c }}}
@c {{{ minsamples
@node minsamples directive
@subsection minsamples
The @code{minsamples} directive sets the minimum number of samples
@code{chronyd} should try to keep for each source. The default is 0 and the
useful range is 4 to 64.
The syntax is
@example
minsamples <samples>
@end example
@c }}}
@c {{{ noclientlog
@node noclientlog directive
@subsection noclientlog
@@ -2413,7 +2442,8 @@ on your machine.
The compiled in default is udp/123, the standard NTP port. It is
unlikely that you would ever need to change this value. A possible
exception would be if you wanted to operate strictly in client-only
mode and never be available as a server to xntpd clients.
mode and never be available as a server to ntpd clients. If set to 0,
the kernel will assign a random port.
An example of the port command is
@@ -2581,7 +2611,7 @@ of the system's real-time clock (RTC).
The syntax is illustrated in the following example
@example
rtcfile /etc/chrony.rtc
rtcfile @CHRONYVARDIR@/rtc
@end example
@code{chronyd} saves information in this file when it exits and when the
@@ -2597,8 +2627,7 @@ conditions apply:
@enumerate 1
@item
You are running Linux version 2.2.x or 2.4.x (for any value of x), or v2.0.x
with x>=32.
You are running Linux version 2.2.x or later.
@item
You have compiled the kernel with extended real-time clock support
@@ -2652,12 +2681,12 @@ This mode is supported only on Linux.
This directive uses the Linux sched_setscheduler() system call to
instruct the kernel to use the SCHED_FIFO first-in, first-out
real-time scheduling policy for Chronyd with the specified priority.
This means that whenever Chronyd is ready to run it will run,
real-time scheduling policy for @code{chronyd} with the specified priority.
This means that whenever @code{chronyd} is ready to run it will run,
interrupting whatever else is running unless it is a higher priority
real-time process. This should not impact performance as Chronyd's
real-time process. This should not impact performance as @code{chronyd's}
resource requirements are modest, but it should result in lower and
more consistent latency since Chronyd will not need to wait for the
more consistent latency since @code{chronyd} will not need to wait for the
scheduler to get around to running it. You should not use this unless
you really need it. The sched_setscheduler man page has more details.
@c }}}
@@ -2687,10 +2716,10 @@ ignore stratum when selecting the source.
The @code{lock_all} directive will lock chronyd into RAM so that it
will never be paged out. This mode is only supported on Linux. This
directive uses the Linux mlockall() system call to prevent Chronyd
directive uses the Linux mlockall() system call to prevent @code{chronyd}
from ever being swapped out. This should result in lower and more
consistent latency. It should not have significant impact on
performance as Chronyd's memory usage is modest. The mlockall man
performance as @code{chronyd's} memory usage is modest. The mlockall man
page has more details.
@c }}}
@c {{{ server
@@ -2876,6 +2905,15 @@ every 30 seconds. When the temperature is 26 degress (26000), the system clock
frequency will not be adjusted. When it is 27 degrees (27000), the clock will
be set to run 0.183ppm faster than it would be without the compensation, etc.
@c }}}
@c {{{ user
@node user directive
@subsection user
The @code{user} directive sets the name of the user to which will
@code{chronyd} drop root privileges after the initialisation. So far, it works
only on Linux when compiled with capabilities support.
By default, root privileges are not dropped.
@c }}}
@c }}}
@c {{{ S:Running chronyc
@@ -2941,6 +2979,14 @@ With this option hostnames will be resolved only to IPv6 addresses.
@item -m
With this option multiple commands can be specified on the command line.
Each argument will be interpreted as a whole command.
@item -f <conf-file>
This option can be used to specify an alternate location of the @code{chronyd}
configuration file (default @file{@SYSCONFDIR@/chrony.conf}). The configuration file is
needed for the `-a' option.
@item -a
With this option @code{chronyc} will try to authenticate automatically on
start. It will read the configuration file, read the command key from the
keyfile and run the authhash and password commands.
@end table
@c }}}
@c {{{ SS:Security with chronyc
@@ -2951,7 +2997,7 @@ power to reconfigure the run-time behaviour of @code{chronyd}. Consequently,
@code{chronyc} is quite dangerous for the integrity of the target
system's clock performance. Having access to @code{chronyd} via chronyc is
more or less equivalent to being able to modify @code{chronyd's} configuration
file (typically @file{/etc/chrony.conf}) and to restart @code{chronyd}.
file (typically @file{@SYSCONFDIR@/chrony.conf}) and to restart @code{chronyd}.
Chronyc also provides a number of monitoring (as opposed to commanding)
commands, which will not affect the behaviour of @code{chronyd}. However, you
@@ -3172,6 +3218,9 @@ An example is
@example
authhash SHA1
@end example
The authhash command is run automatically on start if @code{chronyc} was
started with the `-a' option.
@c }}}
@c {{{ burst
@node burst command
@@ -3190,6 +3239,7 @@ The syntax of the burst command is as follows
@example
burst <n-good-measurements>/<max-measurements> [<mask>/<masked-address>]
burst <n-good-measurements>/<max-measurements> [<masked-address>/<masked-bits>]
burst <n-good-measurements>/<max-measurements> [<address>]
@end example
The mask and masked-address arguments are optional, in which case
@@ -3222,6 +3272,10 @@ then the burst command is applied to that source.
This can be used with @code{masked-address} for CIDR notation, which is a
shorter alternative to the form with mask.
@item address
This is an IP address or a hostname. The burst command is applied only to that
source.
@end table
If no mask or masked address arguments are provided, every source will
@@ -3248,6 +3302,12 @@ In the first case, the two out of ten sampling will only be applied to
sources whose IPv4 addresses are of the form @code{1.2.x.y}, where x and y
are arbitrary. In the second case, the sampling will be applied to sources
whose IPv6 addresses have first 48 bits equal to @code{2001:db8:789a}.
Example of the three-argument form of the command is
@example
burst 2/10 foo.bar.com
@end example
@c }}}
@c {{{ clients
@node clients command
@@ -3352,12 +3412,7 @@ periodically purged. An example of how to do this is shown below.
@example
% mv /var/log/chrony/measurements.log /var/log/chrony/measurements1.log
% chronyc
chronyc> password aardvark
200 OK
chronyc> cyclelogs
200 OK
chronyc> exit
% chronyc -a cyclelogs
% ls -l /var/log/chrony
-rw-r--r-- 1 root root 0 Jun 8 18:17 measurements.log
-rw-r--r-- 1 root root 12345 Jun 8 18:17 measurements1.log
@@ -3778,15 +3833,17 @@ the @code{offline} command being used, @code{chronyd} would assume that the
source had failed and would attempt to pick another synchronisation
source.
There are three forms of the @code{offline} command. The first form is a
wildcard, meaning all sources. The second form allows a IP address mask
There are four forms of the @code{offline} command. The first form is a
wildcard, meaning all sources. The second form allows an IP address mask
and a masked address to be specified. The third form uses the CIDR
notation. These forms are illustrated below.
notation. The fourth form uses an IP address or a hostname. These forms are
illustrated below.
@example
offline
offline 255.255.255.0/1.2.3.0
offline 2001:db8:789a::/48
offline foo.bar.com
@end example
The second form means that the @code{offline} command is to be applied
@@ -3794,7 +3851,8 @@ to any source whose IPv4 address is in the @code{1.2.3} subnet. (The host's
address is logically and-ed with the mask, and if the result matches the
masked-address the host is processed). The third form means that the
command is to be applied to all sources whose IPv6 addresses have first
48 bits equal to @code{2001:db8:789a}.
48 bits equal to @code{2001:db8:789a}. The fourth form means that the command
is to be applied only to that one source.
The wildcard form of the address is actually equivalent to
@@ -3842,6 +3900,9 @@ The password can be encoded as a string of characters not containing a space
with optional @code{ASCII:} prefix or as a hexadecimal number with @code{HEX:}
prefix. It has to match @code{chronyd's} currently defined command key
(@pxref{commandkey directive}).
The password command is run automatically on start if @code{chronyc} was
started with the `-a' option.
@c }}}
@c {{{ polltarget
@node polltarget command
@@ -3962,8 +4023,6 @@ chronyc (@pxref{manual command}).
It should be noted that the computer's sense of time will only be as
accurate as the reference you use for providing this input (e.g. your
watch), as well as how well you can time the press of the return key.
When inputting time to an isolated network, I have a battery operated
alarm clock that is synchronised to the Rugby MSF time signal in the UK.
Providing your computer's time zone is set up properly, you will be able
to enter a local time (rather than UTC).
@@ -4026,12 +4085,15 @@ reference clock.
@item S
This column indicates the state of the sources. @code{*} indicates the
source to which @code{chronyd} is current synchronised. @code{+} indicates
other acceptable sources. @code{?} indicates sources to which
connectivity has been lost. @code{x} indicates a clock which @code{chronyd}
source to which @code{chronyd} is currently synchronised. @code{+}
indicates acceptable sources which are combined with the selected
source. @code{-} indicates acceptable sources which are excluded by
the combining algorithm. @code{?} indicates sources to which
connectivity has been lost or whose packets don't pass all tests.
@code{x} indicates a clock which @code{chronyd}
thinks is is a falseticker (i.e. its time is inconsistent with a
majority of other sources). @code{~} indicates a source whose time
appears to have too much variability. The @code{~} condition is also
appears to have too much variability. The @code{?} condition is also
shown at start-up, until at least 3 samples have been gathered from it.
@item Name/IP address
@@ -4188,7 +4250,7 @@ the computer is currently synchronised. If this is @code{127.127.1.1}
it means the computer is not synchronised to any external source and
that you have the `local' mode operating (via the @code{local} command
in @code{chronyc} (@pxref{local command}), or the @code{local} directive
in the @file{/etc/chrony.conf} file (@pxref{local directive})).
in the @file{@SYSCONFDIR@/chrony.conf} file (@pxref{local directive})).
@item Stratum
The stratum indicates how many hops away from a computer with an
@@ -4233,10 +4295,8 @@ ppm (parts per million). For example, a value of 1ppm would mean that
when the system's clock thinks it has advanced 1 second, it has actually
advanced by 1.000001 seconds relative to true time.
As you can see in the example, the clock in the computer I developed
@code{chrony} on is not a very good one - it gains about 30 seconds per
day! This was the reason I started to write @code{chrony} in the first
place.
As you can see in the example, the clock in the computer is not a very
good one - it gains about 30 seconds per day!
@item Residual freq
This shows the `residual frequency' for the currently selected reference

12
chronyc.1 → chronyc.1.in
View File

@@ -12,7 +12,7 @@ clocks.
\fBchronyc\fR is a command-line interface program which can be used to
monitor \fIchronyd\fR's performance and to change various operating
parateters whilst it is running.
parameters whilst it is running.
.SH USAGE
A detailed description of all commands supported by \fBchronyc\fR is available
@@ -42,6 +42,16 @@ resolve hostnames only to IPv6 addresses
allow multiple commands to be specified on the command line. Each argument
will be interpreted as a whole command.
.TP
\fB\-f\fR \fIconf-file\fR
This option can be used to specify an alternate location for the
configuration file (default \fI@SYSCONFDIR@/chrony.conf\fR). The configuration file is
needed for the \fB-a\fR option.
.TP
\fB\-a\fR
With this option chronyc will try to authenticate automatically on
start. It will read the configuration file, read the command key from the
keyfile and run the authhash and password commands.
.TP
\fIcommand\fR
specify command. If no command is given, chronyc will read commands
interactively.

23
chronyd.8 → chronyd.8.in
View File

@@ -21,13 +21,13 @@ gains or loses time, and compensates for this.
.SH USAGE
\fBchronyd\fR is usually started at boot-time and requires superuser
priviliges.
privileges.
If \fBchronyd\fR has been installed to its default location
\fI/usr/local/sbin/chronyd\fR, starting it is simply a matter of entering the
\fI@SBINDIR@/chronyd\fR, starting it is simply a matter of entering the
command:
\fI/usr/local/sbin/chronyd\fR
\fI@SBINDIR@/chronyd\fR
Information messages and warnings will be logged to syslog.
@@ -56,7 +56,7 @@ to syslog.
.TP
\fB\-f\fR \fIconf-file\fR
This option can be used to specify an alternate location for the
configuration file (default \fI/etc/chrony.conf\fR).
configuration file (default \fI@SYSCONFDIR@/chrony.conf\fR).
.TP
.B \-r
This option will reload sample histories for each of the servers being used.
@@ -69,6 +69,12 @@ systems where the kernel can maintain clock compensation whilst not under
On systems where this is not the case, e.g. Solaris and SunOS the option
should not be used.
.TP
.B \-R
When this option is used, the \fIinitstepslew\fR directive and the
\fImakestep\fR directive used with a positive limit will be ignored. This
option is useful when restarting \fBchronyd\fR and can be used in conjuction
with the \fB-r\fR option.
.TP
.B \-s
This option will set the system clock from the computer's real-time
clock. This is analogous to supplying the \fI-s\fR flag to the
@@ -100,13 +106,13 @@ user. So far, it works only on Linux when compiled with capabilities support.
This option displays \fBchronyd\fR's version number to the terminal and exits
.TP
.B \-4
Resolve hostnames only to IPv4 addresses.
Resolve hostnames only to IPv4 addresses and create only IPv4 sockets.
.TP
.B \-6
Resolve hostnames only to IPv6 addresses.
Resolve hostnames only to IPv6 addresses and create only IPv6 sockets.
.SH FILES
\fI/etc/chrony.conf\fR
\fI@SYSCONFDIR@/chrony.conf\fR
.SH BUGS
To report bugs, please visit \fIhttp://chrony.tuxfamily.org/\fR
@@ -119,8 +125,7 @@ from \fIhttp://go.to/chrony\fR
.BR chrony(1),
.BR chronyc(1),
.BR chrony.conf(5),
.BR clock(8),
.BR xntpd(8),
.BR hwclock(8),
.BR ntpd(8)
.SH AUTHOR

709
client.c
View File

File diff suppressed because it is too large Load Diff

1
clientlog.c
View File

@@ -174,7 +174,6 @@ CLG_Initialise(void)
void
CLG_Finalise(void)
{
return;
}
/* ================================================== */

258
cmdmon.c
View File

@@ -34,7 +34,6 @@
#include "sched.h"
#include "util.h"
#include "logging.h"
#include "md5.h"
#include "keys.h"
#include "ntp_sources.h"
#include "ntp_core.h"
@@ -187,9 +186,6 @@ prepare_socket(int family)
int on_off = 1;
port_number = CNF_GetCommandPort();
if (port_number < 0) {
port_number = DEFAULT_CANDM_PORT;
}
sock_fd = socket(family, SOCK_DGRAM, 0);
if (sock_fd < 0) {
@@ -252,8 +248,10 @@ prepare_socket(int family)
}
if (bind(sock_fd, &my_addr.u, my_addr_len) < 0) {
LOG_FATAL(LOGF_CmdMon, "Could not bind %s command socket : %s",
LOG(LOGS_ERR, LOGF_CmdMon, "Could not bind %s command socket : %s",
family == AF_INET ? "IPv4" : "IPv6", strerror(errno));
close(sock_fd);
return -1;
}
/* Register handler for read events on the socket */
@@ -265,13 +263,27 @@ prepare_socket(int family)
/* ================================================== */
void
CAM_Initialise(void)
CAM_Initialise(int family)
{
int i;
assert(!initialised);
initialised = 1;
assert(sizeof (permissions) / sizeof (permissions[0]) == N_REQUEST_TYPES);
for (i = 0; i < N_REQUEST_TYPES; i++) {
CMD_Request r;
int command_length, padding_length;
r.version = PROTO_VERSION_NUMBER;
r.command = htons(i);
command_length = PKL_CommandLength(&r);
padding_length = PKL_CommandPaddingLength(&r);
assert(padding_length <= MAX_PADDING_LENGTH && padding_length <= command_length);
assert(command_length == 0 || command_length >= offsetof(CMD_Reply, data));
}
utoken = (unsigned long) time(NULL);
issued_tokens = returned_tokens = issue_pointer = 0;
@@ -281,9 +293,15 @@ CAM_Initialise(void)
free_replies = NULL;
kept_replies.next = NULL;
sock_fd4 = prepare_socket(AF_INET);
if (family == IPADDR_UNSPEC || family == IPADDR_INET4)
sock_fd4 = prepare_socket(AF_INET);
else
sock_fd4 = -1;
#ifdef HAVE_IPV6
sock_fd6 = prepare_socket(AF_INET6);
if (family == IPADDR_UNSPEC || family == IPADDR_INET6)
sock_fd6 = prepare_socket(AF_INET6);
else
sock_fd6 = -1;
#endif
if (sock_fd4 < 0
@@ -319,7 +337,6 @@ CAM_Finalise(void)
ADF_DestroyTable(access_auth_table);
initialised = 0;
return;
}
/* ================================================== */
@@ -740,8 +757,6 @@ transmit_reply(CMD_Reply *msg, union sockaddr_in46 *where_to, int auth_len)
LOG(LOGS_WARN, LOGF_CmdMon, "Could not send response to %s:%hu", UTI_IPToString(&ip), port);
}
return;
}
@@ -951,7 +966,7 @@ handle_settime(CMD_Request *rx_message, CMD_Reply *tx_message)
if (MNL_AcceptTimestamp(&ts, &offset_cs, &dfreq_ppm, &new_afreq_ppm)) {
tx_message->status = htons(STT_SUCCESS);
tx_message->reply = htons(RPY_MANUAL_TIMESTAMP);
tx_message->data.manual_timestamp.centiseconds = htonl(offset_cs);
tx_message->data.manual_timestamp.centiseconds = htonl((int32_t)offset_cs);
tx_message->data.manual_timestamp.dfreq_ppm = UTI_FloatHostToNetwork(dfreq_ppm);
tx_message->data.manual_timestamp.new_afreq_ppm = UTI_FloatHostToNetwork(new_afreq_ppm);
} else {
@@ -1050,6 +1065,9 @@ handle_source_data(CMD_Request *rx_message, CMD_Reply *tx_message)
case RPT_CANDIDATE:
tx_message->data.source_data.state = htons(RPY_SD_ST_CANDIDATE);
break;
case RPT_OUTLIER:
tx_message->data.source_data.state = htons(RPY_SD_ST_OUTLIER);
break;
}
switch (report.mode) {
case RPT_NTP_CLIENT:
@@ -1447,7 +1465,6 @@ handle_rtcreport(CMD_Request *rx_message, CMD_Reply *tx_message)
} else {
tx_message->status = htons(STT_NORTC);
}
return;
}
/* ================================================== */
@@ -1462,7 +1479,6 @@ handle_trimrtc(CMD_Request *rx_message, CMD_Reply *tx_message)
} else {
tx_message->status = htons(STT_NORTC);
}
return;
}
/* ================================================== */
@@ -1473,110 +1489,6 @@ handle_cyclelogs(CMD_Request *rx_message, CMD_Reply *tx_message)
LOG_CycleLogFiles();
tx_message->status = htons(STT_SUCCESS);
return;
}
/* ================================================== */
#define FLIPL(X) ((X) = htonl(X))
static void
handle_subnets_accessed(CMD_Request *rx_message, CMD_Reply *tx_message)
{
int i, j;
unsigned long ns, bits_specd;
IPAddr ip;
CLG_Status result;
ns = ntohl(rx_message->data.subnets_accessed.n_subnets);
tx_message->status = htons(STT_SUCCESS);
tx_message->reply = htons(RPY_SUBNETS_ACCESSED);
tx_message->data.subnets_accessed.n_subnets = htonl(ns);
for (i=0; i<ns; i++) {
UTI_IPNetworkToHost(&rx_message->data.subnets_accessed.subnets[i].ip, &ip);
bits_specd = ntohl(rx_message->data.subnets_accessed.subnets[i].bits_specd);
UTI_IPHostToNetwork(&ip, &tx_message->data.subnets_accessed.subnets[i].ip);
tx_message->data.subnets_accessed.subnets[i].bits_specd = htonl(bits_specd);
result = CLG_GetSubnetBitmap(&ip, bits_specd, tx_message->data.subnets_accessed.subnets[i].bitmap);
switch (result) {
case CLG_SUCCESS:
case CLG_EMPTYSUBNET:
/* Flip endianness of each 4 byte word. Don't care if subnet
is empty - just return an all-zero bitmap. */
for (j=0; j<8; j++) {
FLIPL(tx_message->data.subnets_accessed.subnets[i].bitmap[j]);
}
break;
case CLG_BADSUBNET:
tx_message->status = htons(STT_BADSUBNET);
return;
case CLG_INACTIVE:
tx_message->status = htons(STT_INACTIVE);
return;
default:
assert(0);
break;
}
}
return;
}
/* ================================================== */
static void
handle_client_accesses(CMD_Request *rx_message, CMD_Reply *tx_message)
{
CLG_Status result;
RPT_ClientAccess_Report report;
unsigned long nc;
IPAddr ip;
int i;
struct timeval now;
LCL_ReadCookedTime(&now, NULL);
nc = ntohl(rx_message->data.client_accesses.n_clients);
tx_message->status = htons(STT_SUCCESS);
tx_message->reply = htons(RPY_CLIENT_ACCESSES);
tx_message->data.client_accesses.n_clients = htonl(nc);
printf("%d %d\n", (int)sizeof(RPY_ClientAccesses_Client), (int)offsetof(CMD_Reply, data.client_accesses.clients));
for (i=0; i<nc; i++) {
UTI_IPNetworkToHost(&rx_message->data.client_accesses.client_ips[i], &ip);
UTI_IPHostToNetwork(&ip, &tx_message->data.client_accesses.clients[i].ip);
result = CLG_GetClientAccessReportByIP(&ip, &report, now.tv_sec);
switch (result) {
case CLG_SUCCESS:
tx_message->data.client_accesses.clients[i].client_hits = htonl(report.client_hits);
tx_message->data.client_accesses.clients[i].peer_hits = htonl(report.peer_hits);
tx_message->data.client_accesses.clients[i].cmd_hits_auth = htonl(report.cmd_hits_auth);
tx_message->data.client_accesses.clients[i].cmd_hits_normal = htonl(report.cmd_hits_normal);
tx_message->data.client_accesses.clients[i].cmd_hits_bad = htonl(report.cmd_hits_bad);
tx_message->data.client_accesses.clients[i].last_ntp_hit_ago = htonl(report.last_ntp_hit_ago);
tx_message->data.client_accesses.clients[i].last_cmd_hit_ago = htonl(report.last_cmd_hit_ago);
printf("%s %lu %lu %lu %lu %lu %lu %lu\n", UTI_IPToString(&ip), report.client_hits, report.peer_hits, report.cmd_hits_auth, report.cmd_hits_normal, report.cmd_hits_bad, report.last_ntp_hit_ago, report.last_cmd_hit_ago);
break;
case CLG_EMPTYSUBNET:
/* Signal back to the client that this single client address
was unknown */
ip.family = IPADDR_UNSPEC;
UTI_IPHostToNetwork(&ip, &tx_message->data.client_accesses.clients[i].ip);
break;
case CLG_INACTIVE:
tx_message->status = htons(STT_INACTIVE);
return;
default:
assert(0);
break;
}
}
}
/* ================================================== */
@@ -1681,7 +1593,6 @@ handle_make_step(CMD_Request *rx_message, CMD_Reply *tx_message)
{
LCL_MakeStep(0.0);
tx_message->status = htons(STT_SUCCESS);
return;
}
/* ================================================== */
@@ -1709,7 +1620,6 @@ handle_reselect_distance(CMD_Request *rx_message, CMD_Reply *tx_message)
dist = UTI_FloatNetworkToHost(rx_message->data.reselect_distance.distance);
SRC_SetReselectDistance(dist);
tx_message->status = htons(STT_SUCCESS);
return;
}
/* ================================================== */
@@ -1719,7 +1629,6 @@ handle_reselect(CMD_Request *rx_message, CMD_Reply *tx_message)
{
SRC_ReselectSource();
tx_message->status = htons(STT_SUCCESS);
return;
}
/* ================================================== */
@@ -1785,29 +1694,10 @@ read_from_cmd_socket(void *anything)
}
read_length = status;
expected_length = PKL_CommandLength(&rx_message);
rx_command = ntohs(rx_message.command);
LCL_ReadRawTime(&now);
LCL_CookTime(&now, &cooked_now, NULL);
tx_message.version = PROTO_VERSION_NUMBER;
tx_message.pkt_type = PKT_TYPE_CMD_REPLY;
tx_message.res1 = 0;
tx_message.res2 = 0;
tx_message.command = rx_message.command;
tx_message.sequence = rx_message.sequence;
tx_message.reply = htons(RPY_NULL);
tx_message.number = htons(1);
tx_message.total = htons(1);
tx_message.pad1 = 0;
tx_message.utoken = htonl(utoken);
/* Set this to a default (invalid) value. This protects against the
token field being set to an arbitrary value if we reject the
message, e.g. due to the host failing the access check. */
tx_message.token = htonl(0xffffffffUL);
memset(&tx_message.auth, 0, sizeof(tx_message.auth));
switch (where_from.u.sa_family) {
case AF_INET:
remote_ip.family = IPADDR_INET4;
@@ -1832,34 +1722,63 @@ read_from_cmd_socket(void *anything)
assert(0);
}
allowed = ADF_IsAllowed(access_auth_table, &remote_ip) || localhost;
if (!(localhost || ADF_IsAllowed(access_auth_table, &remote_ip))) {
/* The client is not allowed access, so don't waste any more time
on him. Note that localhost is always allowed access
regardless of the defined access rules - otherwise, we could
shut ourselves out completely! */
return;
}
if (read_length < offsetof(CMD_Request, data) ||
/* Message size sanity check */
if (read_length >= offsetof(CMD_Request, data)) {
expected_length = PKL_CommandLength(&rx_message);
} else {
expected_length = 0;
}
if (expected_length < offsetof(CMD_Request, data) ||
read_length < offsetof(CMD_Reply, data) ||
rx_message.pkt_type != PKT_TYPE_CMD_REQUEST ||
rx_message.res1 != 0 ||
rx_message.res2 != 0) {
/* We don't know how to process anything like this */
if (allowed)
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
return;
}
rx_command = ntohs(rx_message.command);
tx_message.version = PROTO_VERSION_NUMBER;
tx_message.pkt_type = PKT_TYPE_CMD_REPLY;
tx_message.res1 = 0;
tx_message.res2 = 0;
tx_message.command = rx_message.command;
tx_message.sequence = rx_message.sequence;
tx_message.reply = htons(RPY_NULL);
tx_message.number = htons(1);
tx_message.total = htons(1);
tx_message.pad1 = 0;
tx_message.utoken = htonl(utoken);
/* Set this to a default (invalid) value. This protects against the
token field being set to an arbitrary value if we reject the
message, e.g. due to the host failing the access check. */
tx_message.token = htonl(0xffffffffUL);
memset(&tx_message.auth, 0, sizeof(tx_message.auth));
if (rx_message.version != PROTO_VERSION_NUMBER) {
tx_message.status = htons(STT_NOHOSTACCESS);
if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Read command packet with protocol version %d (expected %d) from %s:%hu", rx_message.version, PROTO_VERSION_NUMBER, UTI_IPToString(&remote_ip), remote_port);
}
if (allowed)
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT) {
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT_SERVER) {
tx_message.status = htons(STT_BADPKTVERSION);
/* add empty MD5 auth so older clients will not drop
the reply due to bad length */
memset(((char *)&tx_message) + PKL_ReplyLength(&tx_message), 0, 16);
transmit_reply(&tx_message, &where_from, 16);
transmit_reply(&tx_message, &where_from, 0);
}
return;
}
@@ -1868,8 +1787,8 @@ read_from_cmd_socket(void *anything)
if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Read command packet with invalid command %d from %s:%hu", rx_command, UTI_IPToString(&remote_ip), remote_port);
}
if (allowed)
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
tx_message.status = htons(STT_INVALID);
transmit_reply(&tx_message, &where_from, 0);
@@ -1880,32 +1799,14 @@ read_from_cmd_socket(void *anything)
if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized command packet from %s:%hu", UTI_IPToString(&remote_ip), remote_port);
}
if (allowed)
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
CLG_LogCommandAccess(&remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
tx_message.status = htons(STT_BADPKTLENGTH);
transmit_reply(&tx_message, &where_from, 0);
return;
}
if (!allowed) {
/* The client is not allowed access, so don't waste any more time
on him. Note that localhost is always allowed access
regardless of the defined access rules - otherwise, we could
shut ourselves out completely! */
if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Command packet received from unauthorised host %s port %d",
UTI_IPToString(&remote_ip),
remote_port);
}
tx_message.status = htons(STT_NOHOSTACCESS);
transmit_reply(&tx_message, &where_from, 0);
return;
}
/* OK, we have a valid message. Now dispatch on message type and process it. */
/* Do authentication stuff and command tokens here. Well-behaved
@@ -2237,14 +2138,6 @@ read_from_cmd_socket(void *anything)
handle_cyclelogs(&rx_message, &tx_message);
break;
case REQ_SUBNETS_ACCESSED:
handle_subnets_accessed(&rx_message, &tx_message);
break;
case REQ_CLIENT_ACCESSES:
handle_client_accesses(&rx_message, &tx_message);
break;
case REQ_CLIENT_ACCESSES_BY_INDEX:
handle_client_accesses_by_index(&rx_message, &tx_message);
break;
@@ -2319,9 +2212,6 @@ read_from_cmd_socket(void *anything)
do_it = ((do_it + 1) % 3);
#endif
}
return;
}
/* ================================================== */

2
cmdmon.h
View File

@@ -29,7 +29,7 @@
#include "addressing.h"
extern void CAM_Initialise(void);
extern void CAM_Initialise(int family);
extern void CAM_Finalise(void);

149
cmdparse.c
View File

@@ -3,6 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -33,17 +34,15 @@
#include "cmdparse.h"
#include "memory.h"
#include "nameserv.h"
#define MAXLEN 2047
#define SMAXLEN "2047"
#include "util.h"
/* ================================================== */
CPS_Status
CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
{
char *hostname, *cmd;
int ok, n, done;
char cmd[MAXLEN+1], hostname[MAXLEN+1];
CPS_Status result;
src->port = SRC_DEFAULT_PORT;
@@ -63,26 +62,22 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
result = CPS_Success;
ok = 0;
if (sscanf(line, "%" SMAXLEN "s%n", hostname, &n) == 1) {
ok = 1;
}
hostname = line;
line = CPS_SplitWord(line);
if (!ok) {
if (!*hostname) {
result = CPS_BadHost;
ok = 0;
} else {
line += n;
/* Parse subfields */
ok = 1;
done = 0;
do {
if (sscanf(line, "%" SMAXLEN "s%n", cmd, &n) == 1) {
line += n;
if (!strncasecmp(cmd, "port", 4)) {
cmd = line;
line = CPS_SplitWord(line);
if (*cmd) {
if (!strcasecmp(cmd, "port")) {
if (sscanf(line, "%hu%n", &src->port, &n) != 1) {
result = CPS_BadPort;
ok = 0;
@@ -90,7 +85,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "minpoll", 7)) {
} else if (!strcasecmp(cmd, "minpoll")) {
if (sscanf(line, "%d%n", &src->params.minpoll, &n) != 1) {
result = CPS_BadMinpoll;
ok = 0;
@@ -98,7 +93,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "maxpoll", 7)) {
} else if (!strcasecmp(cmd, "maxpoll")) {
if (sscanf(line, "%d%n", &src->params.maxpoll, &n) != 1) {
result = CPS_BadMaxpoll;
ok = 0;
@@ -106,7 +101,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "presend", 7)) {
} else if (!strcasecmp(cmd, "presend")) {
if (sscanf(line, "%d%n", &src->params.presend_minpoll, &n) != 1) {
result = CPS_BadPresend;
ok = 0;
@@ -114,7 +109,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "maxdelaydevratio", 16)) {
} else if (!strcasecmp(cmd, "maxdelaydevratio")) {
if (sscanf(line, "%lf%n", &src->params.max_delay_dev_ratio, &n) != 1) {
result = CPS_BadMaxdelaydevratio;
ok = 0;
@@ -122,8 +117,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
/* This MUST come before the following one ! */
} else if (!strncasecmp(cmd, "maxdelayratio", 13)) {
} else if (!strcasecmp(cmd, "maxdelayratio")) {
if (sscanf(line, "%lf%n", &src->params.max_delay_ratio, &n) != 1) {
result = CPS_BadMaxdelayratio;
ok = 0;
@@ -131,7 +125,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "maxdelay", 8)) {
} else if (!strcasecmp(cmd, "maxdelay")) {
if (sscanf(line, "%lf%n", &src->params.max_delay, &n) != 1) {
result = CPS_BadMaxdelay;
ok = 0;
@@ -139,7 +133,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "key", 3)) {
} else if (!strcasecmp(cmd, "key")) {
if (sscanf(line, "%lu%n", &src->params.authkey, &n) != 1) {
result = CPS_BadKey;
ok = 0;
@@ -147,16 +141,16 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
} else {
line += n;
}
} else if (!strncasecmp(cmd, "offline", 7)) {
} else if (!strcasecmp(cmd, "offline")) {
src->params.online = 0;
} else if (!strncasecmp(cmd, "auto_offline", 12)) {
} else if (!strcasecmp(cmd, "auto_offline")) {
src->params.auto_offline = 1;
} else if (!strncasecmp(cmd, "iburst", 6)) {
} else if (!strcasecmp(cmd, "iburst")) {
src->params.iburst = 1;
} else if (!strncasecmp(cmd, "minstratum", 10)) {
} else if (!strcasecmp(cmd, "minstratum")) {
if (sscanf(line, "%d%n", &src->params.min_stratum, &n) != 1) {
result = CPS_BadMinstratum;
ok = 0;
@@ -165,7 +159,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
line += n;
}
} else if (!strncasecmp(cmd, "polltarget", 10)) {
} else if (!strcasecmp(cmd, "polltarget")) {
if (sscanf(line, "%d%n", &src->params.poll_target, &n) != 1) {
result = CPS_BadPolltarget;
ok = 0;
@@ -174,10 +168,10 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
line += n;
}
} else if (!strncasecmp(cmd, "noselect", 8)) {
} else if (!strcasecmp(cmd, "noselect")) {
src->params.sel_option = SRC_SelectNoselect;
} else if (!strncasecmp(cmd, "prefer", 6)) {
} else if (!strcasecmp(cmd, "prefer")) {
src->params.sel_option = SRC_SelectPrefer;
} else {
@@ -192,10 +186,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
}
if (ok) {
n = strlen(hostname);
src->name = MallocArray(char, n + 1);
strncpy(src->name, hostname, n);
src->name[n] = '\0';
src->name = strdup(hostname);
}
return result;
@@ -204,3 +195,87 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
/* ================================================== */
void
CPS_NormalizeLine(char *line)
{
char *p, *q;
int space = 1, first = 1;
/* Remove white-space at beginning and replace white-spaces with space char */
for (p = q = line; *p; p++) {
if (isspace(*p)) {
if (!space)
*q++ = ' ';
space = 1;
continue;
}
/* Discard comment lines */
if (first && strchr("!;#%", *p))
break;
*q++ = *p;
space = first = 0;
}
/* Strip trailing space */
if (q > line && q[-1] == ' ')
q--;
*q = '\0';
}
/* ================================================== */
char *
CPS_SplitWord(char *line)
{
char *p = line, *q = line;
/* Skip white-space before the word */
while (*q && isspace(*q))
q++;
/* Move the word to the beginning */
while (*q && !isspace(*q))
*p++ = *q++;
/* Find the next word */
while (*q && isspace(*q))
q++;
*p = '\0';
/* Return pointer to the next word or NUL */
return q;
}
/* ================================================== */
int
CPS_ParseKey(char *line, unsigned long *id, const char **hash, char **key)
{
char *s1, *s2, *s3, *s4;
s1 = line;
s2 = CPS_SplitWord(s1);
s3 = CPS_SplitWord(s2);
s4 = CPS_SplitWord(s3);
/* Require two or three words */
if (!*s2 || *s4)
return 0;
if (sscanf(s1, "%lu", id) != 1)
return 0;
if (*s3) {
*hash = s2;
*key = s3;
} else {
*hash = "MD5";
*key = s2;
}
return 1;
}

9
cmdparse.h
View File

@@ -53,8 +53,15 @@ typedef struct {
} CPS_NTP_Source;
/* Parse a command to add an NTP server or peer */
extern CPS_Status CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src);
extern CPS_Status CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src);
/* Remove extra white-space and comments */
extern void CPS_NormalizeLine(char *line);
/* Terminate first word and return pointer to the next word */
extern char *CPS_SplitWord(char *line);
/* Parse a key from keyfile */
extern int CPS_ParseKey(char *line, unsigned long *id, const char **hash, char **key);
#endif /* GOT_CMDPARSE_H */

1011
conf.c
View File

File diff suppressed because it is too large Load Diff

9
conf.h
View File

@@ -29,6 +29,8 @@
#include "addressing.h"
extern void CNF_SetRestarted(int);
extern char *CNF_GetRtcDevice(void);
extern void CNF_ReadFile(const char *filename);
@@ -54,6 +56,7 @@ extern int CNF_GetLogTempComp(void);
extern char *CNF_GetKeysFile(void);
extern char *CNF_GetRtcFile(void);
extern unsigned long CNF_GetCommandKey(void);
extern int CNF_GetGenerateCommandKey(void);
extern int CNF_GetDumpOnExit(void);
extern int CNF_GetManualEnabled(void);
extern int CNF_GetCommandPort(void);
@@ -80,6 +83,7 @@ extern double CNF_GetCorrectionTimeRatio(void);
extern double CNF_GetReselectDistance(void);
extern double CNF_GetStratumWeight(void);
extern double CNF_GetCombineLimit(void);
extern int CNF_AllowLocalReference(int *stratum);
@@ -90,4 +94,9 @@ extern int CNF_GetLockMemory(void);
extern void CNF_GetTempComp(char **file, double *interval, double *T0, double *k0, double *k1, double *k2);
extern char *CNF_GetUser(void);
extern int CNF_GetMaxSamples(void);
extern int CNF_GetMinSamples(void);
#endif /* GOT_CONF_H */

89
configure vendored
View File

@@ -77,7 +77,7 @@ test_code () {
#{{{ usage
usage () {
cat <<EOF
\`configure' configures tdl to adapt to many kinds of systems.
\`configure' configures this package to adapt to many kinds of systems.
Usage: ./configure [OPTION]...
@@ -113,6 +113,7 @@ For better control, use the options below.
--disable-linuxcaps Disable Linux capabilities support
--disable-forcednsretry Don't retry on permanent DNS error
--with-sendmail=PATH Path to sendmail binary [/usr/lib/sendmail]
--enable-trace Enable tracing
Fine tuning of the installation directories:
--sysconfdir=DIR chrony.conf location [/etc]
@@ -122,6 +123,8 @@ Fine tuning of the installation directories:
--infodir=DIR info documentation [DATAROOTDIR/info]
--mandir=DIR man documentation [DATAROOTDIR/man]
--docdir=DIR documentation root [DATAROOTDIR/doc/chrony]
--localstatedir=DIR modifiable single-machine data [/var]
--chronyvardir=DIR location for chrony data [LOCALSTATEDIR/lib/chrony]
Overriding system detection when cross-compiling:
--host-system=OS Specify system name (uname -s)
@@ -190,7 +193,7 @@ mail_program="/usr/lib/sendmail"
for option
do
case "$option" in
--trace )
--enable-trace )
add_def TRACEON
;;
--disable-readline )
@@ -238,6 +241,12 @@ do
--docdir=* )
SETDOCDIR=`echo $option | sed -e 's/^.*=//;'`
;;
--localstatedir=* )
SETLOCALSTATEDIR=`echo $option | sed -e 's/^.*=//;'`
;;
--chronyvardir=* )
SETCHRONYVARDIR=`echo $option | sed -e 's/^.*=//;'`
;;
--disable-rtc)
feat_rtc=0
;;
@@ -297,10 +306,6 @@ case $SYSTEM in
EXTRA_CLI_LIBS="-lsocket -lnsl"
add_def SOLARIS
echo "Configuring for Solaris (" $SYSTEM "SunOS version" $VERSION ")"
if [ $VERSION = "5.3" ]; then
add_def HAS_NO_BZERO
echo "Using memset() instead of bzero()"
fi
;;
esac
;;
@@ -482,6 +487,18 @@ if [ $feat_readline = "1" ]; then
if [ "x$READLINE_LINK" = "x" ] && [ $try_readline = "1" ]; then
if test_code readline 'stdio.h readline/readline.h readline/history.h' \
"$readline_inc" "$readline_lib $ncurses_lib -lreadline" \
'add_history(readline("prompt"));'
then
add_def FEAT_READLINE
READLINE_COMPILE="$readline_inc"
READLINE_LINK="$readline_lib $ncurses_lib -lreadline"
fi
fi
if [ "x$READLINE_LINK" = "x" ] && [ $try_readline = "1" ]; then
if test_code 'readline with -lncurses' \
'stdio.h readline/readline.h readline/history.h' \
"$readline_inc" "$readline_lib $ncurses_lib -lreadline -lncurses" \
'add_history(readline("prompt"));'
then
@@ -506,6 +523,7 @@ if [ $try_nss = "1" ]; then
HASH_OBJ="hash_nss.o"
HASH_COMPILE="$test_cflags"
HASH_LINK="$test_link"
add_def GENERATE_SHA1_KEY
fi
fi
@@ -516,6 +534,7 @@ if [ "x$HASH_LINK" = "x" ] && [ $try_tomcrypt = "1" ]; then
HASH_OBJ="hash_tomcrypt.o"
HASH_COMPILE="-I/usr/include/tomcrypt"
HASH_LINK="-ltomcrypt"
add_def GENERATE_SHA1_KEY
fi
fi
@@ -564,7 +583,17 @@ if [ "x$SETDOCDIR" != "x" ]; then
DOCDIR=$SETDOCDIR
fi
add_def DEFAULT_CONF_DIR "\"$SYSCONFDIR\""
LOCALSTATEDIR=/var
if [ "x$SETLOCALSTATEDIR" != "x" ]; then
LOCALSTATEDIR=$SETLOCALSTATEDIR
fi
CHRONYVARDIR=${LOCALSTATEDIR}/lib/chrony
if [ "x$SETCHRONYVARDIR" != "x" ]; then
CHRONYVARDIR=$SETCHRONYVARDIR
fi
add_def DEFAULT_CONF_FILE "\"$SYSCONFDIR/chrony.conf\""
add_def MAIL_PROGRAM "\"$mail_program\""
if [ -f version.txt ]; then
@@ -573,26 +602,32 @@ else
add_def CHRONY_VERSION "\"DEVELOPMENT\""
fi
sed -e "s%@EXTRA_OBJECTS@%${EXTRA_OBJECTS}%;\
s%@CC@%${MYCC}%;\
s%@CFLAGS@%${MYCFLAGS}%;\
s%@CPPFLAGS@%${CPPFLAGS}%;\
s%@LIBS@%${LIBS}%;\
s%@LDFLAGS@%${MYLDFLAGS}%;\
s%@EXTRA_LIBS@%${EXTRA_LIBS}%;\
s%@EXTRA_CLI_LIBS@%${EXTRA_CLI_LIBS}%;\
s%@READLINE_COMPILE@%${READLINE_COMPILE}%;\
s%@READLINE_LINK@%${READLINE_LINK}%;\
s%@HASH_OBJ@%${HASH_OBJ}%;\
s%@HASH_LINK@%${HASH_LINK}%;\
s%@HASH_COMPILE@%${HASH_COMPILE}%;\
s%@SYSCONFDIR@%${SYSCONFDIR}%;\
s%@BINDIR@%${BINDIR}%;\
s%@SBINDIR@%${SBINDIR}%;\
s%@DOCDIR@%${DOCDIR}%;\
s%@MANDIR@%${MANDIR}%;\
s%@INFODIR@%${INFODIR}%;"\
< Makefile.in > Makefile
for f in Makefile chrony.conf.5 chrony.texi chronyc.1 chronyd.8
do
echo Creating $f
sed -e "s%@EXTRA_OBJECTS@%${EXTRA_OBJECTS}%;\
s%@CC@%${MYCC}%;\
s%@CFLAGS@%${MYCFLAGS}%;\
s%@CPPFLAGS@%${CPPFLAGS}%;\
s%@LIBS@%${LIBS}%;\
s%@LDFLAGS@%${MYLDFLAGS}%;\
s%@EXTRA_LIBS@%${EXTRA_LIBS}%;\
s%@EXTRA_CLI_LIBS@%${EXTRA_CLI_LIBS}%;\
s%@READLINE_COMPILE@%${READLINE_COMPILE}%;\
s%@READLINE_LINK@%${READLINE_LINK}%;\
s%@HASH_OBJ@%${HASH_OBJ}%;\
s%@HASH_LINK@%${HASH_LINK}%;\
s%@HASH_COMPILE@%${HASH_COMPILE}%;\
s%@SYSCONFDIR@%${SYSCONFDIR}%;\
s%@BINDIR@%${BINDIR}%;\
s%@SBINDIR@%${SBINDIR}%;\
s%@DOCDIR@%${DOCDIR}%;\
s%@MANDIR@%${MANDIR}%;\
s%@INFODIR@%${INFODIR}%;\
s%@LOCALSTATEDIR@%${LOCALSTATEDIR}%;\
s%@CHRONYVARDIR@%${CHRONYVARDIR}%;"\
< ${f}.in > $f
done
# =======================================================================
# vim:et:sw=2:ht=2:sts=2:fdm=marker:cms=#%s

42
examples/chrony.conf.example
View File

@@ -40,21 +40,21 @@
# more 'NTP servers'. You will probably find that your Internet Service
# Provider or company have one or more NTP servers that you can specify.
# Failing that, there are a lot of public NTP servers. There is a list
# you can access at
# http://www.eecis.udel.edu/~mills/ntp/servers.htm.
# you can access at http://support.ntp.org/bin/view/Servers/WebHome or
# you can use servers from the pool.ntp.org project.
! server ntp0.your-isp.com
! server ntp1.your-isp.com
! server ntp.public-server.org
! server 0.pool.ntp.org iburst
! server 1.pool.ntp.org iburst
! server 2.pool.ntp.org iburst
# However, for dial-up use you probably want these instead. The word
# 'offline' means that the server is not visible at boot time. Use
# chronyc's 'online' command to tell chronyd that these servers have
# become visible after you go on-line.
! server ntp0.your-isp.com offline
! server ntp1.your-isp.com offline
! server ntp.public-server.org offline
! server 0.pool.ntp.org offline
! server 1.pool.ntp.org offline
! server 2.pool.ntp.org offline
# You may want to specify NTP 'peers' instead. If you run a network
# with a lot of computers and want several computers running chrony to
@@ -89,7 +89,7 @@
# immediately so that it doesn't gain or lose any more time. You
# generally want this, so it is uncommented.
driftfile /etc/chrony.drift
driftfile /var/lib/chrony/drift
# If you want to use the program called chronyc to configure aspects of
# chronyd's operation once it is running (e.g. tell it the Internet link
@@ -122,7 +122,7 @@ commandkey 1
# Enable these two options to use this.
! dumponexit
! dumpdir /var/log/chrony
! dumpdir /var/lib/chrony
# chronyd writes its process ID to a file. If you try to start a second
# copy of chronyd, it will detect that the process named in the file is
@@ -133,17 +133,16 @@ commandkey 1
#######################################################################
### INITIAL CLOCK CORRECTION
# This option is only useful if your NTP servers are visible at boot
# time. This probably means you are on a LAN. If so, the following
# option will choose the best-looking of the servers and correct the
# system time to that. The value '10' means that if the error is less
# This option is useful to quickly correct the clock on start if it's
# off by a large amount. The value '10' means that if the error is less
# than 10 seconds, it will be gradually removed by speeding up or
# slowing down your computer's clock until it is correct. If the error
# is above 10 seconds, an immediate time jump will be applied to correct
# it. Some software can get upset if the system clock jumps (especially
# backwards), so be careful!
# it. The value '1' means the step is allowed only on the first update
# of the clock. Some software can get upset if the system clock jumps
# (especially backwards), so be careful!
! initstepslew 10 ntp0.your-company.com ntp1.your-company.com ntp2.your-company.com
! makestep 10 1
#######################################################################
### LOGGING
@@ -255,13 +254,6 @@ commandkey 1
# put into chronyc to allow you to modify chronyd's parameters. By
# default all you can do is view information about chronyd's operation.
# Some people have reported that the need the following line to allow
# chronyc to work even on the same machine. This should not be
# necessary, and the problem is being investigated. You can leave this
# line enabled, as it's benign otherwise.
cmdallow 127.0.0.1
#######################################################################
### REAL TIME CLOCK
# chronyd can characterise the system's real-time clock. This is the
@@ -273,7 +265,7 @@ cmdallow 127.0.0.1
# You need to have 'enhanced RTC support' compiled into your Linux
# kernel. (Note, these options apply only to Linux.)
! rtcfile /etc/chrony.rtc
! rtcfile /var/lib/chrony/rtc
# Your RTC can be set to keep Universal Coordinated Time (UTC) or local
# time. (Local time means UTC +/- the effect of your timezone.) If you

13
examples/chrony.conf.example2
View File

@@ -15,12 +15,16 @@ driftfile /var/lib/chrony/drift
rtcsync
# In first three updates step the system clock instead of slew
# if the adjustment is larger than 100 seconds.
makestep 100 3
# if the adjustment is larger than 10 seconds.
makestep 10 3
# Allow client access from local network.
# Allow NTP client access from local network.
#allow 192.168/16
# Listen for commands only on localhost.
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
# Serve time even if not synchronized to any NTP server.
#local stratum 10
@@ -29,6 +33,9 @@ keyfile /etc/chrony.keys
# Specify the key used as password for chronyc.
commandkey 1
# Generate command key if missing.
generatecommandkey
# Disable logging of client accesses.
noclientlog

31
examples/chrony.keys.example
View File

@@ -1,26 +1,29 @@
#######################################################################
#
# This is an example chrony keys file. You should copy it to /etc/chrony.keys
# after editing it to set up the key(s) you want to use. In most situations,
# you will require a single key (the 'commandkey') so that you can supply a
# password to chronyc to enable you to modify chronyd's operation whilst it is
# running.
# after editing it to set up the key(s) you want to use. It should be readable
# only by root or the user chronyd drops the root privileges to. In most
# situations, you will require a single key (the 'commandkey') so that you can
# supply a password to chronyc to enable you to modify chronyd's operation
# whilst it is running.
#
# Copyright 2002 Richard P. Curnow
#
#######################################################################
# A valid key line looks like this
######################################################################
1 a_key
# Examples of valid keys:
# It must consist of an integer, followed by whitespace, followed by a block of
# text with no spaces in it. (You cannot put a space in a key). If you wanted
# to use the above line as your commandkey (i.e. chronyc password), you would
# put the following line into chrony.conf (remove the # from the start):
#1 ALongAndRandomPassword
#2 MD5 HEX:B028F91EA5C38D06C2E140B26C7F41EC
#3 SHA1 HEX:1DC764E0791B11FA67EFC7ECBC4B0D73F68A070C
# commandkey 1
# The keys should be random for maximum security. If you wanted to use a key
# with ID 1 as your commandkey (i.e. chronyc password) you would put
# "commandkey 1" into chrony.conf. If no commandkey is present in the keys
# file and the generatecommandkey directive is specified in chrony.conf,
# a random commandkey will be generated and added to the keys file
# automatically on chronyd start.
# You might want to define more keys if you use the MD5 authentication facility
# You might want to define more keys if you use the authentication facility
# in the network time protocol to authenticate request/response packets between
# trusted clients and servers.

88
faq.txt
View File

@@ -68,7 +68,7 @@ support hardware reference clocks to your computer, then xntpd will work fine.
Apart from not supporting hardware clocks, chrony will work fine too.
If your computer connects to the 'net for 5 minutes once a day (or something
like that), or you turn your (Linux v2.0) computer off when you're not using
like that), or you turn your Linux computer off when you're not using
it, or you want to use NTP on an isolated network with no hardware clocks in
sight, chrony will work much better for you.
@@ -96,56 +96,6 @@ at all, I found xntpd gave me no help with managing the local clock's
gain/loss rate on the NTP master node (which I set from my watch). I
added some automated support in chrony to deal with this.
S: Compilation issues
Q:How do I apply source patches?
Sometimes we release source patches rather than a full version when we need to
provide a fix for small problems. Supposing you have chrony-1.X.tar.gz and a
source patch chrony-1.X-1.X.1.gz. The steps required are:
tar xzvf ../chrony-1.X.tar.gz
cd chrony-1.X
gunzip < ../../chrony-1.X-1.X.1.gz | patch -p1
./configure
make
make install
Q:Can I compile chrony with an ANSI-C compiler that is not GCC v2.x?
I have had reports that chrony can be compiled with GCC v1.42, by using the
following trick when running make
make CC='gcc -D__FUNCTION__=\"function_not_available\"'
(this gets around the lack of a __FUNCTION__ macro in GCC v1.)
The same trick may be enough to allow other compilers to be used.
Q: I get errors like 'client.c:44: readline/readline.h: file not found'
Read the section about 'readline' in the INSTALL file or in chrony.txt. You
may need to disable readline support (e.g. if you haven't got readline
installed at all, or just don't want it), or specify the location of the
readline files (e.g. if you've installed them in a non-standard place).
Q: I have RedHat 7.3 and can't compile rtc_linux.c (error in spinlock.h)
The following solution has been found for this. Enter the following 3 commands
(as root):
cd /usr/include/
mv linux linux.rh
ln -s /usr/src/linux/include/linux ./linux
The problem seems to be that RedHat provide their own kernel header files in
/usr/include/linux. Besides differing from those used by your current kernel,
if you compiled it yourself, they also seem to have been changed in a way that
causes a problem compiling chrony. Chrony compiles fine with standard kernel
header files.
There have also been reports that just replacing the file
/usr/src/linux/spinlock.h by the equivalent file from a vanilla kernel source
tree is sufficient to fix the problem.
Note : from version 1.21 onwards, this problem no longer exists. The kernel
header files are no longer included.
S: Selection of NTP servers
Q: I have several computers on a LAN. Should I make one the master, or make them all clients of an external server?
I think the best configuration is to make one computer the master, with the
@@ -201,34 +151,12 @@ Do you have a 'local stratum X' directive in the chrony.conf file? If X is
lower than the stratum of the server you're trying to use, this situation will
arise. You should always make X quite high (e.g. 10) in this directive.
S: Issues with chronyd
Q: chronyd crashes after a syslog message "adjtimex failed for set frequency"
The usual cause is that the kernel is running with a different value of 'HZ'
(the timer interrupt rate) than the value that was found in the kernel header
files when chrony was compiled. The chrony.conf file can include options to
modify the HZ value (see the discussion of linux_hz and linux_freq_scale in the
documentation), however the problem is to find the value of HZ being used.
S: Issues with chronyc
Q: I keep getting the error '510 No command access from this host --- Reply not authenticated'.
Q: I keep getting the error '506 Cannot talk to daemon'.
Make sure that the chrony.conf file (on the computer where chronyd is running)
has a 'cmdallow' entry for the computer you are running chronyc on. This
shouldn't be necessary for localhost, but some people still seem to need an
entry like 'cmdallow 127.0.0.1'. (It would be good to understand why problem
only affects some people).
Q: I cannot log in from chronyc to carry out privileged tasks.
This is the second most common problem.
Perhaps your /etc/chrony.keys file is badly formatted. Make sure that the
final line has a line feed at the end, otherwise the key on that line will work
as though the last character is missing. (Note, this bug was fixed in version
1.16.)
Q: When I enter a command and hit &lt;Return&gt;, chronyc hangs
This probably means that chronyc cannot communicate with chronyd.
isn't necessary for localhost.
Perhaps chronyd is not running. Try using the ps command (e.g. on Linux, 'ps
-auxw') to see if it's running. Or try 'netstat -a' and see if the ports
@@ -268,14 +196,6 @@ For the real time clock support to work, you need the following three things:
* enhanced RTC support compiled into the kernel
* an 'rtcfile' directive in your chrony.conf file.
S: Problems with isolated networks.
Q: When I use the 'settime' command, chronyd crashes.
If you enter times that are too far away from the real time, chronyd will
think the system clock runs fast or slow by an excessive amount. The required
compensation factor will be outside the bounds for the adjtimex() system call.
chronyd will crash when it tries to apply such an excessive adjustment.
S: Microsoft Windows
Q: Does chrony support Windows?
@@ -338,7 +258,7 @@ The program needs to see the definitions of structures used to interact with
the real time clock (via /dev/rtc) and with the adjtimex() system call. Sadly
this has led to a number of compilation problems with newer kernels which have
been increasingly hard to fix in a way that makes the code compilable on all
Linux kernel versions (from 2.0 up anyway, I doubt 1.x still works.) Hopefully
Linux kernel versions. Hopefully
the situation will not deteriorate further with future kernel versions.
Q: I get "Could not open /dev/rtc, Device or resource busy" in my syslog file.

186
keys.c
View File

@@ -3,7 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2012
* Copyright (C) Miroslav Lichvar 2012-2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -28,11 +28,10 @@
#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "sysincl.h"
#include "keys.h"
#include "cmdparse.h"
#include "conf.h"
#include "memory.h"
#include "util.h"
@@ -61,6 +60,64 @@ static int cache_key_pos;
/* ================================================== */
static int
generate_key(unsigned long key_id)
{
#ifdef GENERATE_SHA1_KEY
unsigned char key[20];
const char *hashname = "SHA1";
#else
unsigned char key[16];
const char *hashname = "MD5";
#endif
const char *key_file, *rand_dev = "/dev/urandom";
FILE *f;
struct stat st;
int i;
key_file = CNF_GetKeysFile();
if (!key_file)
return 0;
f = fopen(rand_dev, "r");
if (!f || fread(key, sizeof (key), 1, f) != 1) {
if (f)
fclose(f);
LOG_FATAL(LOGF_Keys, "Could not read %s", rand_dev);
return 0;
}
fclose(f);
f = fopen(key_file, "a");
if (!f) {
LOG_FATAL(LOGF_Keys, "Could not open keyfile %s for writing", key_file);
return 0;
}
/* Make sure the keyfile is not world-readable */
if (stat(key_file, &st) || chmod(key_file, st.st_mode & 0770)) {
fclose(f);
LOG_FATAL(LOGF_Keys, "Could not change permissions of keyfile %s", key_file);
return 0;
}
fprintf(f, "\n%lu %s HEX:", key_id, hashname);
for (i = 0; i < sizeof (key); i++)
fprintf(f, "%02hhX", key[i]);
fprintf(f, "\n");
fclose(f);
/* Erase the key from stack */
memset(key, 0, sizeof (key));
LOG(LOGS_INFO, LOGF_Keys, "Generated key %lu", key_id);
return 1;
}
/* ================================================== */
void
KEY_Initialise(void)
{
@@ -68,7 +125,11 @@ KEY_Initialise(void)
command_key_valid = 0;
cache_valid = 0;
KEY_Reload();
return;
if (CNF_GetGenerateCommandKey() && !KEY_KeyKnown(KEY_GetCommandKey())) {
if (generate_key(KEY_GetCommandKey()))
KEY_Reload();
}
}
/* ================================================== */
@@ -76,8 +137,6 @@ KEY_Initialise(void)
void
KEY_Finalise(void)
{
/* Nothing to do */
return;
}
/* ================================================== */
@@ -104,7 +163,7 @@ determine_hash_delay(int key_id)
}
#if 0
LOG(LOGS_INFO, LOGF_Keys, "authentication delay for key %d: %d useconds", key_id, min_usecs);
LOG(LOGS_INFO, LOGF_Keys, "authentication delay for key %lu: %d useconds", key_id, min_usecs);
#endif
/* Add on a bit extra to allow for copying, conversions etc */
@@ -133,87 +192,84 @@ compare_keys_by_id(const void *a, const void *b)
/* ================================================== */
#define KEYLEN 2047
#define SKEYLEN "2047"
void
KEY_Reload(void)
{
int i, len1, fields;
char *key_file;
int i, line_number;
FILE *in;
unsigned long key_id;
char line[KEYLEN+1], buf1[KEYLEN+1], buf2[KEYLEN+1];
char *keyval, *hashname;
char line[2048], *keyval, *key_file;
const char *hashname;
for (i=0; i<n_keys; i++) {
Free(keys[i].val);
}
n_keys = 0;
command_key_valid = 0;
cache_valid = 0;
key_file = CNF_GetKeysFile();
line_number = 0;
if (key_file) {
in = fopen(key_file, "r");
if (in) {
while (fgets(line, sizeof(line), in)) {
len1 = strlen(line) - 1;
if (!key_file)
return;
/* Guard against removing last character of the line
* if the last line of the file is missing an end-of-line */
if (line[len1] == '\n') {
line[len1] = '\0';
}
fields = sscanf(line, "%lu%" SKEYLEN "s%" SKEYLEN "s", &key_id, buf1, buf2);
if (fields >= 2 && fields <= 3) {
if (fields == 3) {
hashname = buf1;
keyval = buf2;
} else {
hashname = "MD5";
keyval = buf1;
}
keys[n_keys].hash_id = HSH_GetHashId(hashname);
if (keys[n_keys].hash_id < 0) {
LOG(LOGS_WARN, LOGF_Keys, "Unknown hash function in key %d", key_id);
continue;
}
in = fopen(key_file, "r");
if (!in) {
LOG(LOGS_WARN, LOGF_Keys, "Could not open keyfile %s", key_file);
return;
}
keys[n_keys].len = UTI_DecodePasswordFromText(keyval);
if (!keys[n_keys].len) {
LOG(LOGS_WARN, LOGF_Keys, "Could not decode password in key %d", key_id);
continue;
}
while (fgets(line, sizeof (line), in)) {
line_number++;
keys[n_keys].id = key_id;
keys[n_keys].val = MallocArray(char, keys[n_keys].len);
memcpy(keys[n_keys].val, keyval, keys[n_keys].len);
n_keys++;
}
}
fclose(in);
/* Sort keys into order. Note, if there's a duplicate, it is
arbitrary which one we use later - the user should have been
more careful! */
qsort((void *) keys, n_keys, sizeof(Key), compare_keys_by_id);
CPS_NormalizeLine(line);
if (!*line)
continue;
/* Erase the passwords from stack */
memset(line, 0, sizeof (line));
memset(buf1, 0, sizeof (buf1));
memset(buf2, 0, sizeof (buf2));
if (!CPS_ParseKey(line, &key_id, &hashname, &keyval)) {
LOG(LOGS_WARN, LOGF_Keys, "Could not parse key at line %d in file %s", line_number, key_file);
continue;
}
keys[n_keys].hash_id = HSH_GetHashId(hashname);
if (keys[n_keys].hash_id < 0) {
LOG(LOGS_WARN, LOGF_Keys, "Unknown hash function in key %lu", key_id);
continue;
}
keys[n_keys].len = UTI_DecodePasswordFromText(keyval);
if (!keys[n_keys].len) {
LOG(LOGS_WARN, LOGF_Keys, "Could not decode password in key %lu", key_id);
continue;
}
keys[n_keys].id = key_id;
keys[n_keys].val = MallocArray(char, keys[n_keys].len);
memcpy(keys[n_keys].val, keyval, keys[n_keys].len);
n_keys++;
}
fclose(in);
/* Sort keys into order. Note, if there's a duplicate, it is
arbitrary which one we use later - the user should have been
more careful! */
qsort((void *) keys, n_keys, sizeof(Key), compare_keys_by_id);
/* Check for duplicates */
for (i = 1; i < n_keys; i++) {
if (keys[i - 1].id == keys[i].id) {
LOG(LOGS_WARN, LOGF_Keys, "Detected duplicate key %lu", key_id);
}
}
command_key_valid = 0;
cache_valid = 0;
/* Erase any passwords from stack */
memset(line, 0, sizeof (line));
for (i=0; i<n_keys; i++) {
keys[i].auth_delay = determine_hash_delay(keys[i].id);
}
return;
}
/* ================================================== */

19
local.c
View File

@@ -30,8 +30,7 @@
#include "config.h"
#include <assert.h>
#include <stddef.h>
#include "sysincl.h"
#include "conf.h"
#include "local.h"
@@ -132,8 +131,6 @@ calculate_sys_precision(void)
precision_log--;
best_dusec *= 2;
}
return;
}
/* ================================================== */
@@ -167,7 +164,6 @@ LCL_Initialise(void)
void
LCL_Finalise(void)
{
return;
}
/* ================================================== */
@@ -220,14 +216,11 @@ LCL_AddParameterChangeHandler(LCL_ParameterChangeHandler handler, void *anything
new_entry->prev = change_list.prev;
change_list.prev->next = new_entry;
change_list.prev = new_entry;
return;
}
/* ================================================== */
/* Remove a handler */
extern
void LCL_RemoveParameterChangeHandler(LCL_ParameterChangeHandler handler, void *anything)
{
@@ -251,8 +244,6 @@ void LCL_RemoveParameterChangeHandler(LCL_ParameterChangeHandler handler, void *
ptr->prev->next = ptr->next;
free(ptr);
return;
}
/* ================================================== */
@@ -279,8 +270,6 @@ LCL_AddDispersionNotifyHandler(LCL_DispersionNotifyHandler handler, void *anythi
new_entry->prev = dispersion_notify_list.prev;
dispersion_notify_list.prev->next = new_entry;
dispersion_notify_list.prev = new_entry;
return;
}
/* ================================================== */
@@ -310,8 +299,6 @@ void LCL_RemoveDispersionNotifyHandler(LCL_DispersionNotifyHandler handler, void
ptr->prev->next = ptr->next;
free(ptr);
return;
}
/* ================================================== */
@@ -577,8 +564,6 @@ lcl_RegisterSystemDrivers(lcl_ReadFrequencyDriver read_freq,
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_Local, "Local freq=%.3fppm", current_freq_ppm);
#endif
return;
}
/* ================================================== */
@@ -614,8 +599,6 @@ LCL_SetLeap(int leap)
if (drv_set_leap) {
(drv_set_leap)(leap);
}
return;
}
/* ================================================== */

10
logging.c
View File

@@ -29,7 +29,6 @@
#include "sysincl.h"
#include "main.h"
#include "conf.h"
#include "logging.h"
#include "mkdirpp.h"
@@ -74,8 +73,6 @@ LOG_Initialise(void)
#ifdef WINNT
logfile = fopen("./chronyd.err", "a");
#endif
return;
}
/* ================================================== */
@@ -97,7 +94,6 @@ LOG_Finalise(void)
LOG_CycleLogFiles();
initialised = 0;
return;
}
/* ================================================== */
@@ -132,7 +128,6 @@ LOG_Line_Function(LOG_Severity severity, LOG_Facility facility, const char *form
fprintf(stderr, "%s\n", buf);
}
#endif
return;
}
/* ================================================== */
@@ -162,9 +157,7 @@ LOG_Fatal_Function(LOG_Facility facility, const char *format, ...)
}
#endif
MAI_CleanupAndExit();
return;
exit(1);
}
/* ================================================== */
@@ -185,7 +178,6 @@ LOG_Position(const char *filename, int line_number, const char *function_name)
fprintf(stderr, "%s:%d:(%s)[%s] ", filename, line_number, function_name, buf);
}
#endif
return;
}
/* ================================================== */

26
main.c
View File

@@ -88,13 +88,13 @@ MAI_CleanupAndExit(void)
TMC_Finalise();
MNL_Finalise();
ACQ_Finalise();
KEY_Finalise();
CLG_Finalise();
NSR_Finalise();
NCR_Finalise();
BRD_Finalise();
SST_Finalise();
REF_Finalise();
KEY_Finalise();
RCL_Finalise();
SRC_Finalise();
RTC_Finalise();
@@ -284,10 +284,10 @@ go_daemon(void)
int main
(int argc, char **argv)
{
char *conf_file = NULL;
const char *conf_file = DEFAULT_CONF_FILE;
char *user = NULL;
int debug = 0, nofork = 0;
int do_init_rtc = 0;
int debug = 0, nofork = 0, address_family = IPADDR_UNSPEC;
int do_init_rtc = 0, restarted = 0;
int other_pid;
int lock_memory = 0, sched_priority = 0;
@@ -308,6 +308,8 @@ int main
lock_memory = 1;
} else if (!strcmp("-r", *argv)) {
reload = 1;
} else if (!strcmp("-R", *argv)) {
restarted = 1;
} else if (!strcmp("-u", *argv)) {
++argv, --argc;
if (argc == 0) {
@@ -327,9 +329,9 @@ int main
debug = 1;
nofork = 1;
} else if (!strcmp("-4", *argv)) {
DNS_SetAddressFamily(IPADDR_INET4);
address_family = IPADDR_INET4;
} else if (!strcmp("-6", *argv)) {
DNS_SetAddressFamily(IPADDR_INET6);
address_family = IPADDR_INET6;
} else {
LOG_FATAL(LOGF_Main, "Unrecognized command line option [%s]", *argv);
}
@@ -352,6 +354,9 @@ int main
LOG(LOGS_INFO, LOGF_Main, "chronyd version %s starting", CHRONY_VERSION);
DNS_SetAddressFamily(address_family);
CNF_SetRestarted(restarted);
CNF_ReadFile(conf_file);
/* Check whether another chronyd may already be running. Do this after
@@ -373,11 +378,12 @@ int main
LCL_Initialise();
SCH_Initialise();
SYS_Initialise();
NIO_Initialise();
CAM_Initialise();
NIO_Initialise(address_family);
CAM_Initialise(address_family);
RTC_Initialise();
SRC_Initialise();
RCL_Initialise();
KEY_Initialise();
/* Command-line switch must have priority */
if (!sched_priority) {
@@ -391,6 +397,9 @@ int main
SYS_LockMemory();
}
if (!user) {
user = CNF_GetUser();
}
if (user) {
SYS_DropRoot(user);
}
@@ -403,7 +412,6 @@ int main
NCR_Initialise();
NSR_Initialise();
CLG_Initialise();
KEY_Initialise();
ACQ_Initialise();
MNL_Initialise();
TMC_Initialise();

9
make_release
View File

@@ -34,15 +34,18 @@ echo $version > version.txt
sed -e "s%@@VERSION@@%${version}%" < chrony.spec.sample > chrony.spec
for m in chrony.1 chronyc.1 chrony.conf.5 chronyd.8; do
for m in chrony.1.in chronyc.1.in chrony.conf.5.in chronyd.8.in; do
sed -e "s%@VERSION@%${version}%;s%@MAN_DATE@%${mandate}%" \
< $m > ${m}_
mv -f ${m}_ $m
done
makeinfo --no-headers --number-sections -o chrony.txt chrony.texi
./configure && make chrony.txt || exit 1
mv chrony.txt chrony.txt_
make distclean
mv chrony.txt_ chrony.txt
rm -f make_release chrony.spec.sample .gitignore
rm -f faqgen.pl make_release chrony.spec.sample .gitignore
cd ..
tar cvf - $subdir | gzip -9 > ${subdir}.tar.gz

8
manual.c
View File

@@ -32,7 +32,7 @@
#include "config.h"
#include <stddef.h>
#include "sysincl.h"
#include "manual.h"
#include "logging.h"
@@ -93,8 +93,6 @@ MNL_Initialise(void)
error = ERROR_MARGIN;
LCL_AddParameterChangeHandler(slew_samples, NULL);
return;
}
/* ================================================== */
@@ -102,7 +100,6 @@ MNL_Initialise(void)
void
MNL_Finalise(void)
{
return;
}
/* ================================================== */
@@ -157,7 +154,7 @@ estimate_and_set_system(struct timeval *now, int offset_provided, double offset,
if (found_freq) {
LOG(LOGS_INFO, LOGF_Manual,
"Making a frequency change of %.3fppm and a slew of %.6f\n",
"Making a frequency change of %.3f ppm and a slew of %.6f",
1.0e6 * freq, slew_by);
REF_SetManualReference(now,
@@ -239,7 +236,6 @@ slew_samples(struct timeval *raw,
dfreq, doffset);
samples[i].offset += delta_time;
}
return;
}
/* ================================================== */

6
md5.h
View File

@@ -32,11 +32,7 @@
***********************************************************************
*/
#ifdef HAS_STDINT_H
#include <stdint.h>
#elif defined(HAS_INTTYPES_H)
#include <inttypes.h>
#endif
#include "sysincl.h"
/* typedef a 32-bit type */
typedef uint32_t UINT4;

2
memory.h
View File

@@ -27,8 +27,6 @@
#ifndef GOT_MEMORY_H
#define GOT_MEMORY_H
#include <stdlib.h>
#define Malloc(x) malloc(x)
#define MallocNew(T) ((T *) malloc(sizeof(T)))
#define MallocArray(T, n) ((T *) malloc((n) * sizeof(T)))

1
nameserv.c
View File

@@ -32,7 +32,6 @@
#include "nameserv.h"
#include "util.h"
#include <resolv.h>
/* ================================================== */

24
ntp.h
View File

@@ -27,11 +27,7 @@
#ifndef GOT_NTP_H
#define GOT_NTP_H
#ifdef HAS_STDINT_H
#include <stdint.h>
#elif defined(HAS_INTTYPES_H)
#include <inttypes.h>
#endif
#include "sysincl.h"
#include "hash.h"
@@ -93,22 +89,4 @@ typedef union {
#define NTP_NORMAL_PACKET_SIZE offsetof(NTP_Packet, auth_keyid)
/* ================================================== */
inline static double
int32_to_double(NTP_int32 x)
{
return (double) ntohl(x) / 65536.0;
}
/* ================================================== */
inline static NTP_int32
double_to_int32(double x)
{
return htonl((NTP_int32)(0.5 + 65536.0 * x));
}
/* ================================================== */
#endif /* GOT_NTP_H */

537
ntp_core.c
View File

@@ -3,7 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2009-2012
* Copyright (C) Miroslav Lichvar 2009-2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -84,6 +84,8 @@ struct NCR_Instance_Record {
int local_poll; /* Log2 of polling interval at our end */
int remote_poll; /* Log2 of server/peer's polling interval (recovered
from received packets) */
int remote_stratum; /* Stratum of the server/peer (recovered from
received packets) */
int presend_minpoll; /* If the current polling interval is
at least this, an echo datagram
@@ -178,6 +180,9 @@ struct NCR_Instance_Record {
/* Randomness added to spacing between samples for one server/peer */
#define SAMPLING_RANDOMNESS 0.02
/* Adjustment of the peer polling interval */
#define PEER_SAMPLING_ADJ 1.1
/* Spacing between samples in burst mode for one server/peer */
#define BURST_INTERVAL 2.0
@@ -193,7 +198,7 @@ struct NCR_Instance_Record {
/* Compatible NTP protocol versions */
#define NTP_MAX_COMPAT_VERSION 4
#define NTP_MIN_COMPAT_VERSION 2
#define NTP_MIN_COMPAT_VERSION 1
/* Maximum allowed dispersion - as defined in RFC1305 (16 seconds) */
#define NTP_MAX_DISPERSION 16.0
@@ -249,8 +254,21 @@ start_initial_timeout(NCR_Instance inst)
SCH_NtpSamplingClass,
transmit_timeout, (void *)inst);
inst->timer_running = 1;
}
return;
/* ================================================== */
static void
take_offline(NCR_Instance inst)
{
inst->opmode = MD_OFFLINE;
if (inst->timer_running) {
SCH_RemoveTimeout(inst->timeout_id);
inst->timer_running = 0;
}
/* Mark source unreachable */
SRC_ResetReachability(inst->source);
}
/* ================================================== */
@@ -317,6 +335,8 @@ NCR_GetInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourcePar
result->auto_offline = params->auto_offline;
result->local_poll = params->minpoll;
result->remote_poll = 0;
result->remote_stratum = 0;
/* Create a source instance for this NTP source */
result->source = SRC_CreateNewInstance(UTI_IPToRefid(&remote_addr->ip_addr), SRC_NTP, params->sel_option, &result->remote_addr.ip_addr);
@@ -351,7 +371,6 @@ NCR_DestroyInstance(NCR_Instance instance)
/* Free the data structure */
Free(instance);
return;
}
/* ================================================== */
@@ -392,9 +411,133 @@ adjust_poll(NCR_Instance inst, double adj)
/* ================================================== */
static double
get_poll_adj(NCR_Instance inst, double error_in_estimate, double peer_distance)
{
double poll_adj;
if (error_in_estimate > peer_distance) {
int shift = 0;
unsigned long temp = (int)(error_in_estimate / peer_distance);
do {
shift++;
temp>>=1;
} while (temp);
poll_adj = -shift - inst->poll_score + 0.5;
} else {
int samples = SRC_Samples(inst->source);
/* Adjust polling interval so that the number of sourcestats samples
remains close to the target value */
poll_adj = ((double)samples / inst->poll_target - 1.0) / inst->poll_target;
/* Make interval shortening quicker */
if (samples < inst->poll_target) {
poll_adj *= 2.0;
}
}
return poll_adj;
}
/* ================================================== */
static double
get_transmit_delay(NCR_Instance inst, int on_tx, double last_tx)
{
int poll_to_use, stratum_diff;
double delay_time;
/* If we're in burst mode, queue for immediate dispatch.
If we're operating in client/server mode, queue the timeout for
the poll interval hence. The fact that a timeout has been queued
in the transmit handler is immaterial - that is only done so that
we at least send something, if no reply is heard.
If we're in symmetric mode, we have to take account of the peer's
wishes, otherwise his sampling regime will fall to pieces. If
we're in client/server mode, we don't care what poll interval the
server responded with last time. */
switch (inst->opmode) {
case MD_OFFLINE:
assert(0);
break;
case MD_ONLINE:
/* Normal processing, depending on whether we're in
client/server or symmetric mode */
switch(inst->mode) {
case MODE_CLIENT:
/* Client/server association - aim at some randomised time
approx the poll interval away */
poll_to_use = inst->local_poll;
delay_time = (double) (1UL<<poll_to_use);
break;
case MODE_ACTIVE:
/* Symmetric active association - aim at some randomised time approx
the poll interval away since the last transmit */
/* Use shorter of the local and remote poll interval, but not shorter
than the allowed minimum */
poll_to_use = inst->local_poll;
if (poll_to_use > inst->remote_poll)
poll_to_use = inst->remote_poll;
if (poll_to_use < inst->minpoll)
poll_to_use = inst->minpoll;
delay_time = (double) (1UL<<poll_to_use);
/* If the remote stratum is higher than ours, try to lock on the
peer's polling to minimize our response time by slightly extending
our delay or waiting for the peer to catch up with us as the
random part in the actual interval is reduced. If the remote
stratum is equal to ours, try to interleave evenly with the peer. */
stratum_diff = inst->remote_stratum - REF_GetOurStratum();
if ((stratum_diff > 0 && last_tx * PEER_SAMPLING_ADJ < delay_time) ||
(!on_tx && !stratum_diff &&
last_tx / delay_time > PEER_SAMPLING_ADJ - 0.5))
delay_time *= PEER_SAMPLING_ADJ;
/* Substract the already spend time */
if (last_tx > 0.0)
delay_time -= last_tx;
if (delay_time < 0.0)
delay_time = 0.0;
break;
default:
assert(0);
break;
}
break;
case MD_BURST_WAS_ONLINE:
case MD_BURST_WAS_OFFLINE:
/* With burst, the timeout for new transmit after valid reply is shorter
than the timeout without reply */
delay_time = on_tx ? BURST_TIMEOUT : BURST_INTERVAL;
break;
default:
assert(0);
break;
}
return delay_time;
}
/* ================================================== */
static void
transmit_packet(NTP_Mode my_mode, /* The mode this machine wants to be */
int my_poll, /* The log2 of the local poll interval */
int version, /* The NTP version to be set in the packet */
int do_auth, /* Boolean indicating whether to authenticate the packet or not */
unsigned long key_id, /* The authentication key ID */
NTP_int64 *orig_ts, /* Originate timestamp (from received packet) */
@@ -412,7 +555,6 @@ transmit_packet(NTP_Mode my_mode, /* The mode this machine wants to be */
)
{
NTP_Packet message;
int version;
int leap;
struct timeval local_transmit;
@@ -423,9 +565,15 @@ transmit_packet(NTP_Mode my_mode, /* The mode this machine wants to be */
struct timeval our_ref_time;
double our_root_delay, our_root_dispersion;
version = NTP_VERSION;
/* Don't reply with version higher than ours */
if (version > NTP_VERSION) {
version = NTP_VERSION;
}
/* This is accurate enough and cheaper than calling LCL_ReadCookedTime.
A more accurate time stamp will be taken later in this function. */
SCH_GetLastEventTime(&local_transmit, NULL, NULL);
LCL_ReadCookedTime(&local_transmit, NULL);
REF_GetReferenceParams(&local_transmit,
&are_we_synchronised, &leap_status,
&our_stratum,
@@ -452,8 +600,8 @@ transmit_packet(NTP_Mode my_mode, /* The mode this machine wants to be */
/* If we're sending a client mode packet and we aren't synchronized yet,
we might have to set up artificial values for some of these parameters */
message.root_delay = double_to_int32(our_root_delay);
message.root_dispersion = double_to_int32(our_root_dispersion);
message.root_delay = UTI_DoubleToInt32(our_root_delay);
message.root_dispersion = UTI_DoubleToInt32(our_root_dispersion);
message.reference_id = htonl((NTP_int32) our_ref_id);
@@ -516,10 +664,28 @@ static void
transmit_timeout(void *arg)
{
NCR_Instance inst = (NCR_Instance) arg;
double timeout_delay=0.0;
int do_timer = 0;
double timeout_delay;
int do_auth;
inst->timer_running = 0;
switch (inst->opmode) {
case MD_BURST_WAS_ONLINE:
/* With online burst switch to online before last packet */
if (inst->burst_total_samples_to_go <= 1)
inst->opmode = MD_ONLINE;
case MD_BURST_WAS_OFFLINE:
if (inst->burst_total_samples_to_go <= 0)
take_offline(inst);
break;
default:
break;
}
if (inst->opmode == MD_OFFLINE) {
return;
}
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_NtpCore, "Transmit timeout for [%s:%d]",
UTI_IPToString(&inst->remote_addr.ip_addr), inst->remote_addr.port);
@@ -575,63 +741,29 @@ transmit_timeout(void *arg)
do_auth = 0;
}
if (inst->opmode != MD_OFFLINE) {
transmit_packet(inst->mode, inst->local_poll,
do_auth, inst->auth_key_id,
&inst->remote_orig,
&inst->local_rx, &inst->local_tx, &inst->local_ntp_tx,
&inst->remote_addr);
}
transmit_packet(inst->mode, inst->local_poll,
NTP_VERSION,
do_auth, inst->auth_key_id,
&inst->remote_orig,
&inst->local_rx, &inst->local_tx, &inst->local_ntp_tx,
&inst->remote_addr);
switch (inst->opmode) {
case MD_BURST_WAS_ONLINE:
case MD_BURST_WAS_OFFLINE:
--inst->burst_total_samples_to_go;
if (inst->burst_total_samples_to_go <= 0) {
inst->opmode = MD_OFFLINE;
}
break;
case MD_BURST_WAS_ONLINE:
--inst->burst_total_samples_to_go;
if (inst->burst_total_samples_to_go <= 0) {
inst->opmode = MD_ONLINE;
}
break;
default:
break;
}
/* Restart timer for this message */
switch (inst->opmode) {
case MD_ONLINE:
timeout_delay = (double)(1 << inst->local_poll);
do_timer = 1;
break;
case MD_OFFLINE:
do_timer = 0;
/* Mark source unreachable */
SRC_ResetReachability(inst->source);
break;
case MD_BURST_WAS_ONLINE:
case MD_BURST_WAS_OFFLINE:
timeout_delay = BURST_TIMEOUT;
do_timer = 1;
break;
}
if (do_timer) {
inst->timer_running = 1;
inst->timeout_id = SCH_AddTimeoutInClass(timeout_delay, SAMPLING_SEPARATION,
SAMPLING_RANDOMNESS,
SCH_NtpSamplingClass,
transmit_timeout, (void *)inst);
} else {
inst->timer_running = 0;
}
/* And we're done */
return;
timeout_delay = get_transmit_delay(inst, 1, 0.0);
inst->timer_running = 1;
inst->timeout_id = SCH_AddTimeoutInClass(timeout_delay, SAMPLING_SEPARATION,
SAMPLING_RANDOMNESS,
SCH_NtpSamplingClass,
transmit_timeout, (void *)inst);
}
@@ -715,10 +847,8 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
/* The absolute difference between the offset estimate and
measurement in seconds */
double error_in_estimate;
int poll_to_use;
double delay_time = 0;
int requeue_transmit = 0;
double poll_adj;
/* ==================== */
@@ -732,8 +862,8 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
source_is_synchronized = 1;
}
pkt_root_delay = int32_to_double(message->root_delay);
pkt_root_dispersion = int32_to_double(message->root_dispersion);
pkt_root_delay = UTI_Int32ToDouble(message->root_delay);
pkt_root_dispersion = UTI_Int32ToDouble(message->root_dispersion);
/* Perform packet validity tests */
@@ -757,13 +887,12 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
}
/* Regardless of any validity checks we apply, we are required to
save these two fields from the packet into the ntp source
save this field from the packet into the ntp source
instance record. See RFC1305 section 3.4.4, peer.org <- pkt.xmt
& peer.peerpoll <- pkt.poll. Note we can't do this assignment
before test1 has been carried out!! */
inst->remote_orig = message->transmit_ts;
inst->remote_poll = message->poll;
/* Test 3 requires that pkt.org != 0 and pkt.rec != 0. If
either of these are true it means the association is not properly
@@ -793,13 +922,12 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
assuming worst case frequency error between us and the other
source */
delta = local_interval - remote_interval / (1.0 - source_freq_lo);
delta = local_interval - remote_interval * (1.0 + source_freq_lo);
/* Calculate theta. Following the NTP definition, this is negative
if we are fast of the remote source. */
theta = (double) (remote_average.tv_sec - local_average.tv_sec) +
(double) (remote_average.tv_usec - local_average.tv_usec) * 1.0e-6;
UTI_DiffTimevalsToDouble(&theta, &remote_average, &local_average);
/* We treat the time of the sample as being midway through the local
measurement period. An analysis assuming constant relative
@@ -812,14 +940,14 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
skew = (source_freq_hi - source_freq_lo) / 2.0;
/* and then calculate peer dispersion */
epsilon = LCL_GetSysPrecisionAsQuantum() + now_err + skew * local_interval;
epsilon = LCL_GetSysPrecisionAsQuantum() + now_err + skew * fabs(local_interval);
} else {
/* If test3 failed, we probably can't calculate these quantities
properly (e.g. for the first sample received in a peering
connection). */
theta = delta = epsilon = 0.0;
sample_time = *now;
}
peer_distance = epsilon + 0.5 * fabs(delta);
@@ -859,8 +987,8 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
the standard deviation of the offsets in the register is less than an
administrator-defined value or the difference between measured offset
and predicted offset is larger than the increase in delay */
if (!SRC_IsGoodSample(inst->source, -theta, delta, inst->max_delay_dev_ratio,
LCL_GetMaxClockError(), &sample_time)) {
if (!SRC_IsGoodSample(inst->source, -theta, fabs(delta),
inst->max_delay_dev_ratio, LCL_GetMaxClockError(), &sample_time)) {
test4c = 0; /* Failed */
} else {
test4c = 1; /* Success */
@@ -929,7 +1057,7 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
/* Test 8 checks that the root delay and dispersion quoted in
the packet are appropriate */
if ((fabs(pkt_root_delay) >= NTP_MAX_DISPERSION) ||
if ((pkt_root_delay >= NTP_MAX_DISPERSION) ||
(pkt_root_dispersion >= NTP_MAX_DISPERSION)) {
test8 = 0; /* Failed */
} else {
@@ -937,7 +1065,7 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
}
/* Check for Kiss-of-Death */
if (message->stratum > NTP_MAX_STRATUM && !source_is_synchronized) {
if (!test7i && !source_is_synchronized) {
if (!memcmp(&message->reference_id, "RATE", 4))
kod_rate = 1;
}
@@ -949,7 +1077,7 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
valid_header = test5 && test6 && test7i && test8;
good_header = valid_header && test7ii;
root_delay = pkt_root_delay + delta;
root_delay = pkt_root_delay + fabs(delta);
root_dispersion = pkt_root_dispersion + epsilon;
#ifdef TRACEON
@@ -984,7 +1112,31 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
LOG(LOGS_INFO, LOGF_NtpCore, "kod_rate=%d valid_kod=%d", kod_rate, valid_kod);
#endif
/* Reduce polling rate if KoD RATE was received */
if (kod_rate && valid_kod) {
if (message->poll > inst->minpoll) {
inst->minpoll = message->poll;
if (inst->minpoll > inst->maxpoll)
inst->maxpoll = inst->minpoll;
if (inst->minpoll > inst->local_poll)
inst->local_poll = inst->minpoll;
LOG(LOGS_WARN, LOGF_NtpCore, "Received KoD RATE from %s, minpoll set to %d",
UTI_IPToString(&inst->remote_addr.ip_addr), inst->minpoll);
}
/* Stop ongoing burst */
if (inst->opmode == MD_BURST_WAS_OFFLINE || inst->opmode == MD_BURST_WAS_ONLINE) {
inst->burst_good_samples_to_go = 0;
LOG(LOGS_WARN, LOGF_NtpCore, "Received KoD RATE from %s, burst sampling stopped",
UTI_IPToString(&inst->remote_addr.ip_addr), inst->minpoll);
}
requeue_transmit = 1;
}
if (valid_header && valid_data) {
inst->remote_poll = message->poll;
inst->remote_stratum = message->stratum;
inst->tx_count = 0;
SRC_UpdateReachability(inst->source, 1);
@@ -998,184 +1150,61 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
} else {
SRC_UnsetSelectable(inst->source);
}
}
/* Do this before we accumulate a new sample into the stats registers, obviously */
estimated_offset = SRC_PredictOffset(inst->source, &sample_time);
if (good_data) {
/* Do this before we accumulate a new sample into the stats registers, obviously */
estimated_offset = SRC_PredictOffset(inst->source, &sample_time);
if (valid_header && good_data) {
SRC_AccumulateSample(inst->source,
&sample_time,
theta, delta, epsilon,
root_delay, root_dispersion,
message->stratum, (NTP_Leap) pkt_leap);
SRC_AccumulateSample(inst->source,
&sample_time,
theta, fabs(delta), epsilon,
root_delay, root_dispersion,
message->stratum, (NTP_Leap) pkt_leap);
/* Now examine the registers. First though, if the prediction is
not even within +/- the peer distance of the peer, we are clearly
not tracking the peer at all well, so we back off the sampling
rate depending on just how bad the situation is. */
error_in_estimate = fabs(-theta - estimated_offset);
/* Now update the polling interval */
/* Now examine the registers. First though, if the prediction is
not even within +/- the peer distance of the peer, we are clearly
not tracking the peer at all well, so we back off the sampling
rate depending on just how bad the situation is. */
error_in_estimate = fabs(-theta - estimated_offset);
if (error_in_estimate > peer_distance) {
int shift = 0;
unsigned long temp = (int)(error_in_estimate / peer_distance);
do {
shift++;
temp>>=1;
} while (temp);
poll_adj = -shift - inst->poll_score + 0.5;
} else {
int samples = SRC_Samples(inst->source);
/* Now update the polling interval */
adjust_poll(inst, get_poll_adj(inst, error_in_estimate, peer_distance));
/* Adjust polling interval so that the number of sourcestats samples
remains close to the target value */
poll_adj = ((double)samples / inst->poll_target - 1.0) / inst->poll_target;
/* Use higher gain when decreasing the interval */
if (samples < inst->poll_target) {
poll_adj *= 2.0;
}
}
adjust_poll(inst, poll_adj);
} else if (valid_header && valid_data) {
/* Slowly increase the polling interval if we can't get good_data */
adjust_poll(inst, 0.1);
}
/* Reduce polling rate if KoD RATE was received */
if (kod_rate && valid_kod) {
if (inst->remote_poll > inst->minpoll) {
inst->minpoll = inst->remote_poll;
if (inst->minpoll > inst->maxpoll)
inst->maxpoll = inst->minpoll;
if (inst->minpoll > inst->local_poll)
inst->local_poll = inst->minpoll;
LOG(LOGS_WARN, LOGF_NtpCore, "Received KoD RATE from %s, minpoll set to %d", UTI_IPToString(&inst->remote_addr.ip_addr), inst->minpoll);
}
/* Stop ongoing burst */
if (inst->opmode == MD_BURST_WAS_OFFLINE || inst->opmode == MD_BURST_WAS_ONLINE) {
inst->burst_good_samples_to_go = 0;
LOG(LOGS_WARN, LOGF_NtpCore, "Received KoD RATE from %s, burst sampling stopped", UTI_IPToString(&inst->remote_addr.ip_addr), inst->minpoll);
}
}
/* If we're in burst mode, check whether the burst is completed and
revert to the previous mode */
switch (inst->opmode) {
case MD_BURST_WAS_ONLINE:
if (valid_data) {
--inst->burst_good_samples_to_go;
}
if (inst->burst_good_samples_to_go <= 0) {
inst->opmode = MD_ONLINE;
}
break;
case MD_BURST_WAS_OFFLINE:
if (valid_data) {
--inst->burst_good_samples_to_go;
}
if (inst->burst_good_samples_to_go <= 0) {
inst->opmode = MD_OFFLINE;
if (inst->timer_running) {
SCH_RemoveTimeout(inst->timeout_id);
}
inst->timer_running = 0;
}
break;
default:
break;
}
/* And now, requeue the timer.
If we're in burst mode, queue for immediate dispatch.
If we're operating in client/server mode, queue the timeout for
the poll interval hence. The fact that a timeout has been queued
in the transmit handler is immaterial - that is only done so that
we at least send something, if no reply is heard.
If we're in symmetric mode, we have to take account of the peer's
wishes, otherwise his sampling regime will fall to pieces. If
we're in client/server mode, we don't care what poll interval the
server responded with last time. */
switch (inst->opmode) {
case MD_OFFLINE:
requeue_transmit = 0;
/* Mark source unreachable */
SRC_ResetReachability(inst->source);
break; /* Even if we've received something, we don't want to
transmit back. This might be a symmetric active peer
that is trying to talk to us. */
case MD_ONLINE:
/* Normal processing, depending on whether we're in
client/server or symmetric mode */
requeue_transmit = 1;
switch(inst->mode) {
case MODE_CLIENT:
/* Client/server association - aim at some randomised time
approx the poll interval away */
poll_to_use = inst->local_poll;
delay_time = (double) (1UL<<poll_to_use);
break;
case MODE_ACTIVE:
/* Symmetric active association - aim at some randomised time approx
half the poll interval away, to interleave 50-50 with the peer */
poll_to_use = (inst->local_poll < inst->remote_poll) ? inst->local_poll : inst->remote_poll;
/* Limit by min and max poll */
if (poll_to_use < inst->minpoll) poll_to_use = inst->minpoll;
if (poll_to_use > inst->maxpoll) poll_to_use = inst->maxpoll;
delay_time = (double) (1UL<<(poll_to_use - 1));
/* If we're in burst mode, check whether the burst is completed and
revert to the previous mode */
switch (inst->opmode) {
case MD_BURST_WAS_ONLINE:
case MD_BURST_WAS_OFFLINE:
--inst->burst_good_samples_to_go;
if (inst->burst_good_samples_to_go <= 0) {
if (inst->opmode == MD_BURST_WAS_ONLINE)
inst->opmode = MD_ONLINE;
else
take_offline(inst);
}
break;
default:
assert(0);
break;
}
break;
case MD_BURST_WAS_ONLINE:
case MD_BURST_WAS_OFFLINE:
requeue_transmit = 1;
delay_time = BURST_INTERVAL;
break;
default:
assert(0);
break;
} else {
/* Slowly increase the polling interval if we can't get good_data */
adjust_poll(inst, 0.1);
}
requeue_transmit = 1;
}
if (kod_rate && valid_kod) {
/* Back off for a while */
delay_time += (double) (4 * (1UL << inst->minpoll));
}
/* And now, requeue the timer. */
if (requeue_transmit && inst->opmode != MD_OFFLINE) {
delay_time = get_transmit_delay(inst, 0, local_interval);
if (kod_rate) {
/* Back off for a while */
delay_time += (double) (4 * (1UL << inst->minpoll));
}
if (requeue_transmit) {
/* Get rid of old timeout and start a new one */
assert(inst->timer_running);
SCH_RemoveTimeout(inst->timeout_id);
inst->timeout_id = SCH_AddTimeoutInClass(delay_time, SAMPLING_SEPARATION,
SAMPLING_RANDOMNESS,
@@ -1198,14 +1227,6 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
theta, delta, epsilon,
pkt_root_delay, pkt_root_dispersion);
}
/* At this point we will have to do something about trimming the
poll interval for the source and requeueing the polling timeout.
Left until the source statistics management has been written */
return;
}
/* ================================================== */
@@ -1248,6 +1269,11 @@ NCR_ProcessKnown
unsigned long auth_key_id;
unsigned long reply_auth_key_id;
/* Ignore packets from offline sources */
if (inst->opmode == MD_OFFLINE) {
return;
}
/* Check version */
version = (message->lvm >> 3) & 0x7;
if (version < NTP_MIN_COMPAT_VERSION || version > NTP_MAX_COMPAT_VERSION) {
@@ -1309,6 +1335,7 @@ NCR_ProcessKnown
}
transmit_packet(MODE_SERVER, inst->local_poll,
version,
authenticate_reply, reply_auth_key_id,
&message->transmit_ts,
now,
@@ -1492,6 +1519,7 @@ NCR_ProcessUnknown
my_poll = message->poll; /* What should this be set to? Does the client actually care? */
transmit_packet(my_mode, my_poll,
version,
do_auth, do_auth ? key_id : 0,
&message->transmit_ts, /* Originate (for us) is the transmit time for the client */
now, /* Time we received the packet */
@@ -1505,7 +1533,6 @@ NCR_ProcessUnknown
UTI_IPToString(&remote_addr->ip_addr),
remote_addr->port);
}
return;
}
/* ================================================== */
@@ -1516,13 +1543,15 @@ NCR_SlewTimes(NCR_Instance inst, struct timeval *when, double dfreq, double doff
struct timeval prev;
double delta;
prev = inst->local_rx;
UTI_AdjustTimeval(&inst->local_rx, when, &inst->local_rx, &delta, dfreq, doffset);
if (inst->local_rx.tv_sec || inst->local_rx.tv_usec)
UTI_AdjustTimeval(&inst->local_rx, when, &inst->local_rx, &delta, dfreq, doffset);
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_NtpCore, "rx prev=[%s] new=[%s]",
UTI_TimevalToString(&prev), UTI_TimevalToString(&inst->local_rx));
#endif
prev = inst->local_tx;
UTI_AdjustTimeval(&inst->local_tx, when, &inst->local_tx, &delta, dfreq, doffset);
if (inst->local_tx.tv_sec || inst->local_tx.tv_usec)
UTI_AdjustTimeval(&inst->local_tx, when, &inst->local_tx, &delta, dfreq, doffset);
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_NtpCore, "tx prev=[%s] new=[%s]",
UTI_TimevalToString(&prev), UTI_TimevalToString(&inst->local_tx));
@@ -1556,6 +1585,7 @@ NCR_TakeSourceOnline(NCR_Instance inst)
break;
case MD_BURST_WAS_OFFLINE:
inst->opmode = MD_BURST_WAS_ONLINE;
LOG(LOGS_INFO, LOGF_NtpCore, "Source %s online", UTI_IPToString(&inst->remote_addr.ip_addr));
break;
}
}
@@ -1569,17 +1599,14 @@ NCR_TakeSourceOffline(NCR_Instance inst)
case MD_ONLINE:
if (inst->timer_running) {
LOG(LOGS_INFO, LOGF_NtpCore, "Source %s offline", UTI_IPToString(&inst->remote_addr.ip_addr));
SCH_RemoveTimeout(inst->timeout_id);
inst->timer_running = 0;
inst->opmode = MD_OFFLINE;
/* Mark source unreachable */
SRC_ResetReachability(inst->source);
take_offline(inst);
}
break;
case MD_OFFLINE:
break;
case MD_BURST_WAS_ONLINE:
inst->opmode = MD_BURST_WAS_OFFLINE;
LOG(LOGS_INFO, LOGF_NtpCore, "Source %s offline", UTI_IPToString(&inst->remote_addr.ip_addr));
break;
case MD_BURST_WAS_OFFLINE:
break;
@@ -1717,8 +1744,6 @@ NCR_ReportSource(NCR_Instance inst, RPT_SourceReport *report, struct timeval *no
default:
assert(0);
}
return;
}
/* ================================================== */

35
ntp_io.c
View File

@@ -39,8 +39,6 @@
#include "conf.h"
#include "util.h"
#include <fcntl.h>
union sockaddr_in46 {
struct sockaddr_in in4;
#ifdef HAVE_IPV6
@@ -212,8 +210,10 @@ prepare_socket(int family)
#endif
if (bind(sock_fd, &my_addr.u, my_addr_len) < 0) {
LOG_FATAL(LOGF_NtpIO, "Could not bind %s NTP socket : %s",
LOG(LOGS_ERR, LOGF_NtpIO, "Could not bind %s NTP socket : %s",
family == AF_INET ? "IPv4" : "IPv6", strerror(errno));
close(sock_fd);
return -1;
}
/* Register handler for read events on the socket */
@@ -231,17 +231,25 @@ prepare_socket(int family)
return sock_fd;
}
/* ================================================== */
void
NIO_Initialise(void)
NIO_Initialise(int family)
{
assert(!initialised);
initialised = 1;
do_size_checks();
sock_fd4 = prepare_socket(AF_INET);
if (family == IPADDR_UNSPEC || family == IPADDR_INET4)
sock_fd4 = prepare_socket(AF_INET);
else
sock_fd4 = -1;
#ifdef HAVE_IPV6
sock_fd6 = prepare_socket(AF_INET6);
if (family == IPADDR_UNSPEC || family == IPADDR_INET6)
sock_fd6 = prepare_socket(AF_INET6);
else
sock_fd6 = -1;
#endif
if (sock_fd4 < 0
@@ -251,8 +259,6 @@ NIO_Initialise(void)
) {
LOG_FATAL(LOGF_NtpIO, "Could not open any NTP socket");
}
return;
}
/* ================================================== */
@@ -273,7 +279,6 @@ NIO_Finalise(void)
sock_fd6 = -1;
#endif
initialised = 0;
return;
}
/* ================================================== */
@@ -291,7 +296,7 @@ read_from_socket(void *anything)
ReceiveBuffer message;
union sockaddr_in46 where_from;
unsigned int flags = 0;
struct timeval now;
struct timeval now, now_raw;
double now_err;
NTP_Remote_Address remote_addr;
char cmsgbuf[256];
@@ -301,7 +306,7 @@ read_from_socket(void *anything)
assert(initialised);
SCH_GetFileReadyTime(&now, &now_err);
SCH_GetLastEventTime(&now, &now_err, &now_raw);
iov.iov_base = message.arbitrary;
iov.iov_len = sizeof(message);
@@ -371,7 +376,9 @@ read_from_socket(void *anything)
struct timeval tv;
memcpy(&tv, CMSG_DATA(cmsg), sizeof(tv));
LCL_CookTime(&tv, &now, &now_err);
/* This should be more accurate than LCL_CookTime(&now_raw,...) */
UTI_AddDiffToTimeval(&now, &now_raw, &tv, &now);
}
#endif
}
@@ -386,8 +393,6 @@ read_from_socket(void *anything)
}
}
return;
}
/* ================================================== */
@@ -502,8 +507,6 @@ send_packet(void *packet, int packetlen, NTP_Remote_Address *remote_addr)
LOG(LOGS_WARN, LOGF_NtpIO, "Could not send to %s:%d : %s",
UTI_IPToString(&remote_addr->ip_addr), remote_addr->port, strerror(errno));
}
return;
}
/* ================================================== */

2
ntp_io.h
View File

@@ -32,7 +32,7 @@
#include "addressing.h"
/* Function to initialise the module. */
extern void NIO_Initialise(void);
extern void NIO_Initialise(int family);
/* Function to finalise the module */
extern void NIO_Finalise(void);

7
ntp_sources.c
View File

@@ -103,8 +103,6 @@ NSR_Initialise(void)
initialised = 1;
LCL_AddParameterChangeHandler(slew_sources, NULL);
return;
}
/* ================================================== */
@@ -113,7 +111,6 @@ void
NSR_Finalise(void)
{
initialised = 0;
return; /* Nothing to do yet */
}
/* ================================================== */
@@ -179,8 +176,6 @@ find_slot(NTP_Remote_Address *remote_addr, int *slot, int *found)
*found = 0;
*slot = hash;
}
return;
}
/* ================================================== */
@@ -670,8 +665,6 @@ NSR_GetActivityReport(RPT_ActivityReport *report)
for (us = unresolved_sources; us; us = us->next) {
report->unresolved++;
}
return;
}

185
pktlength.c
View File

@@ -35,8 +35,8 @@
/* ================================================== */
int
PKL_CommandLength(CMD_Request *r)
static int
command_unpadded_length(CMD_Request *r)
{
int type;
type = ntohs(r->command);
@@ -124,19 +124,9 @@ PKL_CommandLength(CMD_Request *r)
case REQ_CYCLELOGS :
return offsetof(CMD_Request, data.cyclelogs.EOR);
case REQ_SUBNETS_ACCESSED :
{
unsigned long ns;
ns = ntohl(r->data.subnets_accessed.n_subnets);
return (offsetof(CMD_Request, data.subnets_accessed.subnets) +
ns * sizeof(REQ_SubnetsAccessed_Subnet));
}
case REQ_CLIENT_ACCESSES:
{
unsigned long nc;
nc = ntohl(r->data.client_accesses.n_clients);
return (offsetof(CMD_Request, data.client_accesses.client_ips) +
nc * sizeof(unsigned long));
}
/* No longer supported */
return 0;
case REQ_CLIENT_ACCESSES_BY_INDEX:
return offsetof(CMD_Request, data.client_accesses_by_index.EOR);
case REQ_MANUAL_LIST:
@@ -167,6 +157,149 @@ PKL_CommandLength(CMD_Request *r)
}
/* ================================================== */
int
PKL_CommandLength(CMD_Request *r)
{
int command_length;
command_length = command_unpadded_length(r);
if (!command_length)
return 0;
return command_length + PKL_CommandPaddingLength(r);
}
/* ================================================== */
#define PADDING_LENGTH_(request_length, reply_length) \
((request_length) < (reply_length) ? (reply_length) - (request_length) : 0)
#define PADDING_LENGTH(request_data, reply_data) \
PADDING_LENGTH_(offsetof(CMD_Request, request_data), offsetof(CMD_Reply, reply_data))
int
PKL_CommandPaddingLength(CMD_Request *r)
{
int type;
if (r->version < PROTO_VERSION_PADDING)
return 0;
type = ntohs(r->command);
if (type < 0 || type >= N_REQUEST_TYPES)
return 0;
switch (type) {
case REQ_NULL:
return PADDING_LENGTH(data, data.null.EOR);
case REQ_ONLINE:
return PADDING_LENGTH(data.online.EOR, data.null.EOR);
case REQ_OFFLINE:
return PADDING_LENGTH(data.offline.EOR, data.null.EOR);
case REQ_BURST:
return PADDING_LENGTH(data.burst.EOR, data.null.EOR);
case REQ_MODIFY_MINPOLL:
return PADDING_LENGTH(data.modify_minpoll.EOR, data.null.EOR);
case REQ_MODIFY_MAXPOLL:
return PADDING_LENGTH(data.modify_maxpoll.EOR, data.null.EOR);
case REQ_DUMP:
return PADDING_LENGTH(data.dump.EOR, data.null.EOR);
case REQ_MODIFY_MAXDELAY:
return PADDING_LENGTH(data.modify_maxdelay.EOR, data.null.EOR);
case REQ_MODIFY_MAXDELAYRATIO:
return PADDING_LENGTH(data.modify_maxdelayratio.EOR, data.null.EOR);
case REQ_MODIFY_MAXDELAYDEVRATIO:
return PADDING_LENGTH(data.modify_maxdelaydevratio.EOR, data.null.EOR);
case REQ_MODIFY_MAXUPDATESKEW:
return PADDING_LENGTH(data.modify_maxupdateskew.EOR, data.null.EOR);
case REQ_LOGON:
return PADDING_LENGTH(data.logon.EOR, data.null.EOR);
case REQ_SETTIME:
return PADDING_LENGTH(data.settime.EOR, data.manual_timestamp.EOR);
case REQ_LOCAL:
return PADDING_LENGTH(data.local.EOR, data.null.EOR);
case REQ_MANUAL:
return PADDING_LENGTH(data.manual.EOR, data.null.EOR);
case REQ_N_SOURCES:
return PADDING_LENGTH(data.n_sources.EOR, data.n_sources.EOR);
case REQ_SOURCE_DATA:
return PADDING_LENGTH(data.source_data.EOR, data.source_data.EOR);
case REQ_REKEY:
return PADDING_LENGTH(data.rekey.EOR, data.null.EOR);
case REQ_ALLOW:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_ALLOWALL:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_DENY:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_DENYALL:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_CMDALLOW:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_CMDALLOWALL:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_CMDDENY:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_CMDDENYALL:
return PADDING_LENGTH(data.allow_deny.EOR, data.null.EOR);
case REQ_ACCHECK:
return PADDING_LENGTH(data.ac_check.EOR, data.null.EOR);
case REQ_CMDACCHECK:
return PADDING_LENGTH(data.ac_check.EOR, data.null.EOR);
case REQ_ADD_SERVER:
return PADDING_LENGTH(data.ntp_source.EOR, data.null.EOR);
case REQ_ADD_PEER:
return PADDING_LENGTH(data.ntp_source.EOR, data.null.EOR);
case REQ_DEL_SOURCE:
return PADDING_LENGTH(data.del_source.EOR, data.null.EOR);
case REQ_WRITERTC:
return PADDING_LENGTH(data.writertc.EOR, data.null.EOR);
case REQ_DFREQ:
return PADDING_LENGTH(data.dfreq.EOR, data.null.EOR);
case REQ_DOFFSET:
return PADDING_LENGTH(data.doffset.EOR, data.null.EOR);
case REQ_TRACKING:
return PADDING_LENGTH(data.tracking.EOR, data.tracking.EOR);
case REQ_SOURCESTATS:
return PADDING_LENGTH(data.sourcestats.EOR, data.sourcestats.EOR);
case REQ_RTCREPORT:
return PADDING_LENGTH(data.rtcreport.EOR, data.rtc.EOR);
case REQ_TRIMRTC:
return PADDING_LENGTH(data.trimrtc.EOR, data.null.EOR);
case REQ_CYCLELOGS:
return PADDING_LENGTH(data.cyclelogs.EOR, data.null.EOR);
case REQ_SUBNETS_ACCESSED:
case REQ_CLIENT_ACCESSES:
/* No longer supported */
return 0;
case REQ_CLIENT_ACCESSES_BY_INDEX:
return PADDING_LENGTH(data.client_accesses_by_index.EOR, data.client_accesses_by_index.EOR);
case REQ_MANUAL_LIST:
return PADDING_LENGTH(data.manual_list.EOR, data.manual_list.EOR);
case REQ_MANUAL_DELETE:
return PADDING_LENGTH(data.manual_delete.EOR, data.null.EOR);
case REQ_MAKESTEP:
return PADDING_LENGTH(data.make_step.EOR, data.null.EOR);
case REQ_ACTIVITY:
return PADDING_LENGTH(data.activity.EOR, data.activity.EOR);
case REQ_RESELECT:
return PADDING_LENGTH(data.reselect.EOR, data.null.EOR);
case REQ_RESELECTDISTANCE:
return PADDING_LENGTH(data.reselect_distance.EOR, data.null.EOR);
case REQ_MODIFY_MINSTRATUM:
return PADDING_LENGTH(data.modify_minstratum.EOR, data.null.EOR);
case REQ_MODIFY_POLLTARGET:
return PADDING_LENGTH(data.modify_polltarget.EOR, data.null.EOR);
default:
/* If we fall through the switch, it most likely means we've forgotten to implement a new case */
assert(0);
return 0;
}
}
/* ================================================== */
int
@@ -194,29 +327,15 @@ PKL_ReplyLength(CMD_Reply *r)
case RPY_RTC:
return offsetof(CMD_Reply, data.rtc.EOR);
case RPY_SUBNETS_ACCESSED :
{
unsigned long ns = ntohl(r->data.subnets_accessed.n_subnets);
if (r->status == htons(STT_SUCCESS)) {
return (offsetof(CMD_Reply, data.subnets_accessed.subnets) +
ns * sizeof(RPY_SubnetsAccessed_Subnet));
} else {
return offsetof(CMD_Reply, data);
}
}
case RPY_CLIENT_ACCESSES:
{
unsigned long nc = ntohl(r->data.client_accesses.n_clients);
if (r->status == htons(STT_SUCCESS)) {
return (offsetof(CMD_Reply, data.client_accesses.clients) +
nc * sizeof(RPY_ClientAccesses_Client));
} else {
return offsetof(CMD_Reply, data);
}
}
/* No longer supported */
return 0;
case RPY_CLIENT_ACCESSES_BY_INDEX:
{
unsigned long nc = ntohl(r->data.client_accesses_by_index.n_clients);
if (r->status == htons(STT_SUCCESS)) {
if (nc > MAX_CLIENT_ACCESSES)
return 0;
return (offsetof(CMD_Reply, data.client_accesses_by_index.clients) +
nc * sizeof(RPY_ClientAccesses_Client));
} else {
@@ -226,6 +345,8 @@ PKL_ReplyLength(CMD_Reply *r)
case RPY_MANUAL_LIST:
{
unsigned long ns = ntohl(r->data.manual_list.n_samples);
if (ns > MAX_MANUAL_LIST_SAMPLES)
return 0;
if (r->status == htons(STT_SUCCESS)) {
return (offsetof(CMD_Reply, data.manual_list.samples) +
ns * sizeof(RPY_ManualListSample));

2
pktlength.h
View File

@@ -33,6 +33,8 @@
extern int PKL_CommandLength(CMD_Request *r);
extern int PKL_CommandPaddingLength(CMD_Request *r);
extern int PKL_ReplyLength(CMD_Reply *r);
#endif /* GOT_PKTLENGTH_H */

5
refclock_shm.c
View File

@@ -27,13 +27,12 @@
#include "config.h"
#include "sysincl.h"
#include "refclock.h"
#include "logging.h"
#include "util.h"
#include <sys/types.h>
#include <sys/shm.h>
#define SHMKEY 0x4e545030
struct shmTime {

7
refclock_sock.c
View File

@@ -27,16 +27,13 @@
#include "config.h"
#include "sysincl.h"
#include "refclock.h"
#include "logging.h"
#include "util.h"
#include "sched.h"
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>
#define SOCK_MAGIC 0x534f434b
struct sock_sample {

136
reference.c
View File

@@ -3,7 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2009-2012
* Copyright (C) Miroslav Lichvar 2009-2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -39,6 +39,9 @@
/* ================================================== */
/* The minimum allowed skew */
#define MIN_SKEW 1.0e-12
static int are_we_synchronised;
static int enable_local_stratum;
static int local_stratum;
@@ -149,7 +152,6 @@ void
REF_Initialise(void)
{
FILE *in;
char line[1024];
double file_freq_ppm, file_skew_ppm;
double our_frequency_ppm;
@@ -169,17 +171,15 @@ REF_Initialise(void)
if (drift_file) {
in = fopen(drift_file, "r");
if (in) {
if (fgets(line, sizeof(line), in)) {
if (sscanf(line, "%lf%lf", &file_freq_ppm, &file_skew_ppm) == 2) {
/* We have read valid data */
our_frequency_ppm = file_freq_ppm;
our_skew = 1.0e-6 * file_skew_ppm;
LOG(LOGS_INFO, LOGF_Reference, "Frequency %.3f +/- %.3f ppm read from %s", file_freq_ppm, file_skew_ppm, drift_file);
LCL_SetAbsoluteFrequency(our_frequency_ppm);
} else {
LOG(LOGS_WARN, LOGF_Reference, "Could not parse valid frequency and skew from driftfile %s",
drift_file);
}
if (fscanf(in, "%lf%lf", &file_freq_ppm, &file_skew_ppm) == 2) {
/* We have read valid data */
our_frequency_ppm = file_freq_ppm;
our_skew = 1.0e-6 * file_skew_ppm;
if (our_skew < MIN_SKEW)
our_skew = MIN_SKEW;
LOG(LOGS_INFO, LOGF_Reference, "Frequency %.3f +/- %.3f ppm read from %s",
file_freq_ppm, file_skew_ppm, drift_file);
LCL_SetAbsoluteFrequency(our_frequency_ppm);
} else {
LOG(LOGS_WARN, LOGF_Reference, "Could not read valid frequency and skew from driftfile %s",
drift_file);
@@ -196,7 +196,7 @@ REF_Initialise(void)
}
logfileid = CNF_GetLogTracking() ? LOG_FileOpen("tracking",
" Date (UTC) Time IP Address St Freq ppm Skew ppm Offset L")
" Date (UTC) Time IP Address St Freq ppm Skew ppm Offset L Co Offset sd Rem. corr.")
: -1;
max_update_skew = fabs(CNF_GetMaxUpdateSkew()) * 1.0e-6;
@@ -244,8 +244,6 @@ REF_Initialise(void)
/* Make first entry in tracking log */
REF_SetUnsynchronised();
return;
}
/* ================================================== */
@@ -264,7 +262,6 @@ REF_Finalise(void)
Free(fb_drifts);
initialised = 0;
return;
}
/* ================================================== */
@@ -314,8 +311,9 @@ update_drift_file(double freq_ppm, double skew)
}
/* Write the frequency and skew parameters in ppm */
if ((fprintf(out, "%20.4f %20.4f\n", freq_ppm, 1.0e6 * skew) < 0) |
if ((fprintf(out, "%20.6f %20.6f\n", freq_ppm, 1.0e6 * skew) < 0) |
fclose(out)) {
Free(temp_drift_file);
LOG(LOGS_WARN, LOGF_Reference, "Could not write to temporary driftfile %s.tmp",
drift_file);
return;
@@ -335,7 +333,7 @@ update_drift_file(double freq_ppm, double skew)
if (rename(temp_drift_file,drift_file)) {
unlink(temp_drift_file);
Free(temp_drift_file);
LOG(LOGS_WARN, LOGF_Reference, "Could not replace old driftfile %s with new one %s.tmp (%d)",
LOG(LOGS_WARN, LOGF_Reference, "Could not replace old driftfile %s with new one %s.tmp",
drift_file,drift_file);
return;
}
@@ -460,12 +458,11 @@ schedule_fb_drift(struct timeval *now)
#define S_MAX_USER_LEN "128"
static void
maybe_log_offset(double offset)
maybe_log_offset(double offset, time_t now)
{
double abs_offset;
FILE *p;
char buffer[BUFLEN], host[BUFLEN];
time_t now;
struct tm stm;
abs_offset = fabs(offset);
@@ -487,7 +484,6 @@ maybe_log_offset(double offset)
}
fprintf(p, "Subject: chronyd reports change to system clock on node [%s]\n", host);
fputs("\n", p);
now = time(NULL);
stm = *localtime(&now);
strftime(buffer, sizeof(buffer), "On %A, %d %B %Y\n with the system clock reading %H:%M:%S (%Z)", &stm);
fputs(buffer, p);
@@ -651,12 +647,16 @@ update_leap_status(NTP_Leap leap, time_t now)
/* ================================================== */
static void
write_log(struct timeval *ref_time, char *ref, int stratum, NTP_Leap leap, double freq, double skew, double offset)
write_log(struct timeval *ref_time, char *ref, int stratum, NTP_Leap leap,
double freq, double skew, double offset, int combined_sources,
double offset_sd, double uncorrected_offset)
{
const char leap_codes[4] = {'N', '+', '-', '?'};
if (logfileid != -1) {
LOG_FileWrite(logfileid, "%s %-15s %2d %10.3f %10.3f %10.3e %1c",
UTI_TimeToLogForm(ref_time->tv_sec), ref, stratum, freq, skew, offset, leap_codes[leap]);
LOG_FileWrite(logfileid, "%s %-15s %2d %10.3f %10.3f %10.3e %1c %2d %10.3e %10.3e",
UTI_TimeToLogForm(ref_time->tv_sec), ref, stratum, freq, skew,
offset, leap_codes[leap], combined_sources, offset_sd,
uncorrected_offset);
}
}
@@ -665,6 +665,7 @@ write_log(struct timeval *ref_time, char *ref, int stratum, NTP_Leap leap, doubl
void
REF_SetReference(int stratum,
NTP_Leap leap,
int combined_sources,
uint32_t ref_id,
IPAddr *ref_ip,
struct timeval *ref_time,
@@ -687,15 +688,14 @@ REF_SetReference(int stratum,
double update_interval;
double elapsed;
double correction_rate;
struct timeval now, raw_now;
double uncorrected_offset;
struct timeval now, raw_now, ev_now, ev_raw_now;
assert(initialised);
/* Avoid getting NaNs */
if (skew < 1e-12)
skew = 1e-12;
if (our_skew < 1e-12)
our_skew = 1e-12;
/* Guard against dividing by zero */
if (skew < MIN_SKEW)
skew = MIN_SKEW;
/* If we get a serious rounding error in the source stats regression
processing, there is a remote chance that the skew argument is a
@@ -716,15 +716,19 @@ REF_SetReference(int stratum,
}
LCL_ReadRawTime(&raw_now);
LCL_CookTime(&raw_now, &now, NULL);
/* This is cheaper than calling LCL_CookTime */
SCH_GetLastEventTime(&ev_now, NULL, &ev_raw_now);
UTI_DiffTimevalsToDouble(&uncorrected_offset, &ev_now, &ev_raw_now);
UTI_AddDoubleToTimeval(&raw_now, uncorrected_offset, &now);
UTI_DiffTimevalsToDouble(&elapsed, &now, ref_time);
our_offset = offset + elapsed * frequency;
if (!is_offset_ok(offset))
if (!is_offset_ok(our_offset))
return;
are_we_synchronised = 1;
are_we_synchronised = leap != LEAP_Unsynchronised ? 1 : 0;
our_stratum = stratum + 1;
our_ref_id = ref_id;
if (ref_ip)
@@ -735,8 +739,6 @@ REF_SetReference(int stratum,
our_root_delay = root_delay;
our_root_dispersion = root_dispersion;
update_leap_status(leap, raw_now.tv_sec);
if (last_ref_update.tv_sec) {
UTI_DiffTimevalsToDouble(&update_interval, &now, &last_ref_update);
if (update_interval < 0.0)
@@ -762,9 +764,9 @@ REF_SetReference(int stratum,
correction_rate = correction_time_ratio * 0.5 * offset_sd * update_interval;
/* Eliminate updates that are based on totally unreliable frequency
information */
information. Ignore this limit with manual reference. */
if (fabs(skew) < max_update_skew) {
if (fabs(skew) < max_update_skew || leap == LEAP_Unsynchronised) {
previous_skew = our_skew;
new_skew = skew;
@@ -776,9 +778,10 @@ REF_SetReference(int stratum,
the local module. */
new_freq = frequency;
/* Set new frequency based on weighted average of old and new skew. */
/* Set new frequency based on weighted average of old and new skew. With
manual reference the old frequency has no weight. */
old_weight = 1.0 / Sqr(previous_skew);
old_weight = leap != LEAP_Unsynchronised ? 1.0 / Sqr(previous_skew) : 0.0;
new_weight = 3.0 / Sqr(new_skew);
sum_weight = old_weight + new_weight;
@@ -794,7 +797,6 @@ REF_SetReference(int stratum,
our_residual_freq = new_freq - our_frequency;
maybe_log_offset(our_offset);
LCL_AccumulateFrequencyAndOffset(our_frequency, our_offset, correction_rate);
} else {
@@ -802,12 +804,13 @@ REF_SetReference(int stratum,
#if 0
LOG(LOGS_INFO, LOGF_Reference, "Skew %f too large to track, offset=%f", skew, our_offset);
#endif
maybe_log_offset(our_offset);
LCL_AccumulateOffset(our_offset, correction_rate);
our_residual_freq = frequency;
}
update_leap_status(leap, raw_now.tv_sec);
maybe_log_offset(our_offset, raw_now.tv_sec);
maybe_make_step();
abs_freq_ppm = LCL_ReadAbsoluteFrequency();
@@ -818,7 +821,10 @@ REF_SetReference(int stratum,
our_leap_status,
abs_freq_ppm,
1.0e6*our_skew,
our_offset);
our_offset,
combined_sources,
offset_sd,
uncorrected_offset);
if (drift_file) {
/* Update drift file at most once per hour */
@@ -845,12 +851,6 @@ REF_SetReference(int stratum,
avg2_moving = 1;
avg2_offset = our_offset * our_offset;
}
/* And now set the freq and offset to zero */
our_frequency = 0.0;
our_offset = 0.0;
return;
}
/* ================================================== */
@@ -864,33 +864,13 @@ REF_SetManualReference
double skew
)
{
double abs_freq_ppm;
uint32_t manual_refid = 0x4D414E55; /* MANU */
/* We are not synchronised to an external source, as such. This is
only supposed to be used with the local source option, really
... */
are_we_synchronised = 0;
our_skew = skew;
our_residual_freq = 0.0;
maybe_log_offset(offset);
LCL_AccumulateFrequencyAndOffset(frequency, offset, 0.0);
maybe_make_step();
abs_freq_ppm = LCL_ReadAbsoluteFrequency();
write_log(ref_time,
"127.127.1.1",
our_stratum,
our_leap_status,
abs_freq_ppm,
1.0e6*our_skew,
offset);
if (drift_file) {
update_drift_file(abs_freq_ppm, our_skew);
}
REF_SetReference(0, LEAP_Unsynchronised, 1, manual_refid, NULL,
ref_time, offset, 0.0, frequency, skew, 0.0, 0.0);
}
/* ================================================== */
@@ -899,11 +879,14 @@ void
REF_SetUnsynchronised(void)
{
/* Variables required for logging to statistics log */
struct timeval now;
struct timeval now, now_raw;
double uncorrected_offset;
assert(initialised);
LCL_ReadCookedTime(&now, NULL);
/* This is cheaper than calling LCL_CookTime */
SCH_GetLastEventTime(&now, NULL, &now_raw);
UTI_DiffTimevalsToDouble(&uncorrected_offset, &now, &now_raw);
if (fb_drifts) {
schedule_fb_drift(&now);
@@ -918,7 +901,10 @@ REF_SetUnsynchronised(void)
our_leap_status,
LCL_ReadAbsoluteFrequency(),
1.0e6*our_skew,
0.0);
0.0,
0,
0.0,
uncorrected_offset);
}
/* ================================================== */

1
reference.h
View File

@@ -105,6 +105,7 @@ extern void REF_SetReference
(
int stratum,
NTP_Leap leap,
int combined_sources,
uint32_t ref_id,
IPAddr *ref_ip,
struct timeval *ref_time,

17
regress.c
View File

@@ -28,11 +28,7 @@
#include "config.h"
#include <assert.h>
#include <math.h>
#include <stdio.h>
#include <string.h>
#include "sysincl.h"
#include "regress.h"
#include "logging.h"
@@ -103,8 +99,6 @@ RGR_WeightedRegression
*sb0 = sqrt(*s2 / W + aa * aa);
*s2 *= (n / W); /* Giving weighted average of variances */
return;
}
/* ================================================== */
@@ -228,6 +222,9 @@ RGR_FindBestRegression
int m, /* number of extra samples in x and y arrays
(negative index) which can be used to
extend runs test */
int min_samples, /* minimum number of samples to be kept after
changing the starting index to pass the runs
test */
/* And now the results */
@@ -299,7 +296,9 @@ RGR_FindBestRegression
/* Count number of runs */
nruns = n_runs_from_residuals(resid, n - resid_start);
if (nruns > critical_runs[n - resid_start] || n - start <= MIN_SAMPLES_FOR_REGRESS) {
if (nruns > critical_runs[n - resid_start] ||
n - start <= MIN_SAMPLES_FOR_REGRESS ||
n - start <= min_samples) {
if (start != resid_start) {
/* Ignore extra samples in returned nruns */
nruns = n_runs_from_residuals(resid - resid_start + start, n - start);
@@ -422,7 +421,7 @@ find_ordered_entry(double *x, int n, int index)
{
int flags[MAX_POINTS];
bzero(flags, n * sizeof(int));
memset(flags, 0, n * sizeof(int));
return find_ordered_entry_with_flags(x, n, index, flags);
}
#endif

3
regress.h
View File

@@ -80,6 +80,9 @@ RGR_FindBestRegression
int m, /* number of extra samples in x and y arrays
(negative index) which can be used to
extend runs test */
int min_samples, /* minimum number of samples to be kept after
changing the starting index to pass the runs
test */
/* And now the results */

2
reports.h
View File

@@ -37,7 +37,7 @@ typedef struct {
int stratum;
int poll;
enum {RPT_NTP_CLIENT, RPT_NTP_PEER, RPT_LOCAL_REFERENCE} mode;
enum {RPT_SYNC, RPT_UNREACH, RPT_FALSETICKER, RPT_JITTERY, RPT_CANDIDATE} state;
enum {RPT_SYNC, RPT_UNREACH, RPT_FALSETICKER, RPT_JITTERY, RPT_CANDIDATE, RPT_OUTLIER} state;
enum {RPT_NORMAL, RPT_PREFER, RPT_NOSELECT} sel_option;
int reachability;

3
rtc.c
View File

@@ -108,9 +108,6 @@ RTC_Initialise(void)
} else {
driver_initialised = 0;
}
return;
}
/* ================================================== */

31
rtc_linux.c
View File

@@ -29,25 +29,8 @@
#include "config.h"
#if defined LINUX
#include "sysincl.h"
#ifdef sparc
#define __KERNEL__
#endif
#include <stdio.h>
#include <stdlib.h>
#include <math.h>
#include <time.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
#include <assert.h>
#include <string.h>
#include <linux/rtc.h>
#include "logging.h"
@@ -189,7 +172,6 @@ discard_samples(int new_first)
memmove(system_times, system_times + new_first, n_to_save * sizeof(struct timeval));
n_samples = n_to_save;
return;
}
/* ================================================== */
@@ -217,8 +199,6 @@ accumulate_sample(time_t rtc, struct timeval *sys)
++n_samples_since_regression;
}
++n_samples;
return;
}
/* ================================================== */
@@ -473,6 +453,7 @@ write_coefs_to_file(int valid,time_t ref_time,double offset,double rate)
if ((fprintf(out, "%1d %ld %.6f %.3f\n",
valid,ref_time, offset, 1.0e6 * rate) < 0) |
fclose(out)) {
Free(temp_coefs_file_name);
LOG(LOGS_WARN, LOGF_RtcLinux, "Could not write to temporary RTC file %s.tmp",
coefs_file_name);
return RTC_ST_BADFILE;
@@ -678,8 +659,6 @@ handle_initial_trim(void)
(after_init_hook)(after_init_hook_arg);
operating_mode = OM_NORMAL;
return;
}
/* ================================================== */
@@ -794,7 +773,7 @@ read_from_device(void *any)
/* Read RTC time, sandwiched between two polls of the system clock
so we can bound any error. */
SCH_GetFileReadyTime(&sys_time, NULL);
SCH_GetLastEventTime(&sys_time, NULL, NULL);
status = ioctl(fd, RTC_RD_TIME, &rtc_raw);
if (status < 0) {
@@ -1072,7 +1051,3 @@ RTC_Linux_Trim(void)
return 1;
}
/* ================================================== */
#endif /* defined LINUX */

4
rtc_linux.h
View File

@@ -28,8 +28,6 @@
#include "reports.h"
#if defined LINUX
extern int RTC_Linux_Initialise(void);
extern void RTC_Linux_Finalise(void);
extern void RTC_Linux_TimePreInit(void);
@@ -44,6 +42,4 @@ extern int RTC_Linux_Trim(void);
extern void RTC_Linux_CycleLogFile(void);
#endif /* defined LINUX */
#endif /* _GOT_RTC_LINUX_H */

54
sched.c
View File

@@ -131,8 +131,6 @@ handle_slew(struct timeval *raw,
void
SCH_Initialise(void)
{
struct timeval tv;
FD_ZERO(&read_fds);
n_read_fds = 0;
@@ -146,12 +144,12 @@ SCH_Initialise(void)
LCL_AddParameterChangeHandler(handle_slew, NULL);
LCL_ReadRawTime(&tv);
srandom(tv.tv_sec << 16 ^ tv.tv_usec);
LCL_ReadRawTime(&last_select_ts_raw);
last_select_ts = last_select_ts_raw;
srandom(last_select_ts.tv_sec << 16 ^ last_select_ts.tv_usec);
initialised = 1;
return;
}
@@ -160,7 +158,6 @@ SCH_Initialise(void)
void
SCH_Finalise(void) {
initialised = 0;
return; /* Nothing to do for now */
}
/* ================================================== */
@@ -187,8 +184,6 @@ SCH_AddInputFileHandler
if ((fd + 1) > one_highest_fd) {
one_highest_fd = fd + 1;
}
return;
}
@@ -219,19 +214,20 @@ SCH_RemoveInputFileHandler(int fd)
}
one_highest_fd = fd_to_check;
return;
}
/* ================================================== */
void
SCH_GetFileReadyTime(struct timeval *tv, double *err)
SCH_GetLastEventTime(struct timeval *cooked, double *err, struct timeval *raw)
{
*tv = last_select_ts;
if (err)
*err = last_select_ts_err;
if (cooked) {
*cooked = last_select_ts;
if (err)
*err = last_select_ts_err;
}
if (raw)
*raw = last_select_ts_raw;
}
/* ================================================== */
@@ -265,7 +261,6 @@ release_tqe(TimerQueueEntry *node)
{
node->next = tqe_free_list;
tqe_free_list = node;
return;
}
/* ================================================== */
@@ -512,12 +507,11 @@ handle_slew(struct timeval *raw,
void *anything)
{
TimerQueueEntry *ptr;
double delta;
int i;
if (is_step_change) {
/* We're not interested in anything else - it won't affect the
functionality of timer event dispatching. If a step change
occurs, just shift all the timeouts by the offset */
/* If a step change occurs, just shift all raw time stamps by the offset */
for (ptr = timer_queue.next; ptr != &timer_queue; ptr = ptr->next) {
UTI_AddDoubleToTimeval(&ptr->tv, -doffset, &ptr->tv);
@@ -528,8 +522,9 @@ handle_slew(struct timeval *raw,
}
UTI_AddDoubleToTimeval(&last_select_ts_raw, -doffset, &last_select_ts_raw);
UTI_AddDoubleToTimeval(&last_select_ts, -doffset, &last_select_ts);
}
UTI_AdjustTimeval(&last_select_ts, cooked, &last_select_ts, &delta, dfreq, doffset);
}
/* ================================================== */
@@ -566,7 +561,7 @@ void
SCH_MainLoop(void)
{
fd_set rd;
int status;
int status, errsv;
struct timeval tv, *ptv;
struct timeval now, cooked;
double err;
@@ -594,12 +589,10 @@ SCH_MainLoop(void)
/* if there are no file descriptors being waited on and no
timeout set, this is clearly ridiculous, so stop the run */
if (!ptv && (n_read_fds == 0)) {
LOG_FATAL(LOGF_Scheduler, "No descriptors or timeout to wait for");
}
assert(ptv || n_read_fds);
status = select(one_highest_fd, &rd, NULL, NULL, ptv);
errsv = errno;
LCL_ReadRawTime(&now);
LCL_CookTime(&now, &cooked, &err);
@@ -614,15 +607,15 @@ SCH_MainLoop(void)
last_select_ts_err = err;
if (status < 0) {
assert(need_to_exit);
if (!need_to_exit && errsv != EINTR) {
LOG_FATAL(LOGF_Scheduler, "select() failed : %s", strerror(errsv));
}
} else if (status > 0) {
/* A file descriptor is ready to read */
dispatch_filehandlers(status, &rd);
} else {
assert(status == 0);
/* No descriptors readable, timeout must have elapsed.
Therefore, tv must be non-null */
assert(ptv);
@@ -633,9 +626,6 @@ SCH_MainLoop(void)
}
}
return;
}
/* ================================================== */

5
sched.h
View File

@@ -58,9 +58,8 @@ extern void SCH_AddInputFileHandler
);
extern void SCH_RemoveInputFileHandler(int fd);
/* Get the time (cooked) when file descriptor became ready, intended for use
in file handlers */
extern void SCH_GetFileReadyTime(struct timeval *tv, double *err);
/* Get the time stamp taken after a file descriptor became ready or a timeout expired */
extern void SCH_GetLastEventTime(struct timeval *cooked, double *err, struct timeval *raw);
/* This queues a timeout to elapse at a given (raw) local time */
extern SCH_TimeoutID SCH_AddTimeout(struct timeval *tv, SCH_TimeoutHandler, SCH_ArbitraryArgument);

142
sources.c
View File

@@ -3,7 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2011-2012
* Copyright (C) Miroslav Lichvar 2011-2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -44,6 +44,7 @@
#include "reports.h"
#include "nameserv.h"
#include "mkdirpp.h"
#include "sched.h"
/* ================================================== */
/* Flag indicating that we are initialised */
@@ -55,10 +56,7 @@ struct SelectInfo {
int stratum;
int select_ok;
double variance;
double root_delay;
double root_dispersion;
double root_distance;
double best_offset;
double lo_limit;
double hi_limit;
};
@@ -95,6 +93,12 @@ struct SRC_Instance_Record {
/* Reachability register */
int reachability;
/* Flag indicating that only few samples were accumulated so far */
int beginning;
/* Updates left before allowing combining */
int outlier;
/* Flag indicating the status of the source */
SRC_Status status;
@@ -137,8 +141,12 @@ static int selected_source_index; /* Which source index is currently
/* Score needed to replace the currently selected source */
#define SCORE_LIMIT 10.0
/* Number of updates needed to reset the outlier status */
#define OUTLIER_PENALTY 32
static double reselect_distance;
static double stratum_weight;
static double combine_limit;
/* ================================================== */
/* Forward prototype */
@@ -161,12 +169,11 @@ void SRC_Initialise(void) {
selected_source_index = INVALID_SOURCE;
reselect_distance = CNF_GetReselectDistance();
stratum_weight = CNF_GetStratumWeight();
combine_limit = CNF_GetCombineLimit();
initialised = 1;
LCL_AddParameterChangeHandler(slew_sources, NULL);
LCL_AddDispersionNotifyHandler(add_dispersion, NULL);
return;
}
/* ================================================== */
@@ -176,7 +183,6 @@ void SRC_Finalise(void)
LCL_RemoveParameterChangeHandler(slew_sources, NULL);
LCL_RemoveDispersionNotifyHandler(add_dispersion, NULL);
initialised = 0;
return;
}
/* ================================================== */
@@ -213,6 +219,8 @@ SRC_Instance SRC_CreateNewInstance(uint32_t ref_id, SRC_Type type, SRC_SelectOpt
result->ip_addr = addr;
result->selectable = 0;
result->reachability = 0;
result->beginning = 1;
result->outlier = 0;
result->status = SRC_BAD_STATS;
result->type = type;
result->sel_score = 1.0;
@@ -268,7 +276,6 @@ void SRC_GetFrequencyRange(SRC_Instance instance, double *lo, double *hi)
assert(initialised);
SST_GetFrequencyRange(instance->stats, lo, hi);
return;
}
/* ================================================== */
@@ -311,8 +318,6 @@ void SRC_AccumulateSample
SST_DoNewRegression(inst->stats);
/* And redo clock selection */
SRC_SelectSource(inst->ref_id);
return;
}
/* ================================================== */
@@ -359,6 +364,10 @@ SRC_UpdateReachability(SRC_Instance inst, int reachable)
inst->reachability |= !!reachable;
inst->reachability &= ~(-1 << REACH_BITS);
/* The beginning is over when the first sample is at the end of the register */
if (inst->reachability & (1 << (REACH_BITS - 1)))
inst->beginning = 0;
if (!reachable && inst->index == selected_source_index) {
/* Try to select a better source */
SRC_SelectSource(0);
@@ -415,6 +424,85 @@ source_to_string(SRC_Instance inst)
return NULL;
}
/* ================================================== */
static int
combine_sources(int n_sel_sources, struct timeval *ref_time, double *offset,
double *offset_sd, double *frequency, double *skew)
{
struct timeval src_ref_time;
double src_offset, src_offset_sd, src_frequency, src_skew;
double src_root_delay, src_root_dispersion, elapsed;
double offset_weight, sum_offset_weight, sum_offset, sum2_offset_sd;
double frequency_weight, sum_frequency_weight, sum_frequency, inv_sum2_skew;
int i, index, combined;
if (n_sel_sources == 1)
return 1;
sum_offset_weight = sum_offset = sum2_offset_sd = 0.0;
sum_frequency_weight = sum_frequency = inv_sum2_skew = 0.0;
for (i = combined = 0; i < n_sel_sources; i++) {
index = sel_sources[i];
SST_GetTrackingData(sources[index]->stats, &src_ref_time,
&src_offset, &src_offset_sd,
&src_frequency, &src_skew,
&src_root_delay, &src_root_dispersion);
/* Don't include this source if its distance is longer than the distance of
the selected source multiplied by the limit, their estimated frequencies
are not close, or it was recently marked as outlier */
if (index != selected_source_index &&
(sources[index]->sel_info.root_distance > combine_limit *
(reselect_distance + sources[selected_source_index]->sel_info.root_distance) ||
fabs(*frequency - src_frequency) >
combine_limit * (*skew + src_skew + LCL_GetMaxClockError()))) {
sources[index]->outlier = !sources[index]->beginning ? OUTLIER_PENALTY : 1;
} else if (sources[index]->outlier) {
sources[index]->outlier--;
}
if (sources[index]->outlier)
continue;
UTI_DiffTimevalsToDouble(&elapsed, ref_time, &src_ref_time);
src_offset += elapsed * src_frequency;
offset_weight = 1.0 / sources[index]->sel_info.root_distance;
frequency_weight = 1.0 / src_skew;
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_Sources, "combining index=%d oweight=%e offset=%e sd=%e fweight=%e freq=%e skew=%e",
index, offset_weight, src_offset, src_offset_sd, frequency_weight, src_frequency, src_skew);
#endif
sum_offset_weight += offset_weight;
sum_offset += offset_weight * src_offset;
sum2_offset_sd += offset_weight * (src_offset_sd * src_offset_sd +
(src_offset - *offset) * (src_offset - *offset));
sum_frequency_weight += frequency_weight;
sum_frequency += frequency_weight * src_frequency;
inv_sum2_skew += 1.0 / (src_skew * src_skew);
combined++;
}
assert(combined);
*offset = sum_offset / sum_offset_weight;
*offset_sd = sqrt(sum2_offset_sd / sum_offset_weight);
*frequency = sum_frequency / sum_frequency_weight;
*skew = 1.0 / sqrt(inv_sum2_skew);
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_Sources, "combined result offset=%e sd=%e freq=%e skew=%e",
*offset, *offset_sd, *frequency, *skew);
#endif
return combined;
}
/* ================================================== */
/* This function selects the current reference from amongst the pool
of sources we are holding.
@@ -432,7 +520,7 @@ SRC_SelectSource(uint32_t match_refid)
int n_endpoints, j1, j2;
double best_lo, best_hi;
int depth, best_depth;
int n_sel_sources;
int n_sel_sources, combined;
double distance, sel_src_distance;
int stratum, min_stratum;
struct SelectInfo *si;
@@ -454,7 +542,8 @@ SRC_SelectSource(uint32_t match_refid)
return;
}
LCL_ReadCookedTime(&now, NULL);
/* This is accurate enough and cheaper than calling LCL_ReadCookedTime */
SCH_GetLastEventTime(&now, NULL, NULL);
/* Step 1 - build intervals about each source */
n_endpoints = 0;
@@ -469,20 +558,16 @@ SRC_SelectSource(uint32_t match_refid)
si = &(sources[i]->sel_info);
SST_GetSelectionData(sources[i]->stats, &now,
&(si->stratum),
&(si->best_offset),
&(si->root_delay),
&(si->root_dispersion),
&(si->lo_limit),
&(si->hi_limit),
&(si->root_distance),
&(si->variance),
&(si->select_ok));
si->root_distance = si->root_dispersion + 0.5 * fabs(si->root_delay);
si->lo_limit = si->best_offset - si->root_distance;
si->hi_limit = si->best_offset + si->root_distance;
#if 0
LOG(LOGS_INFO, LOGF_Sources, "%s off=%f dist=%f lo=%f hi=%f",
LOG(LOGS_INFO, LOGF_Sources, "%s dist=%f lo=%f hi=%f",
source_to_string(sources[i]),
si->best_offset, si->root_distance,
si->root_distance,
si->lo_limit, si->hi_limit);
#endif
@@ -771,6 +856,7 @@ SRC_SelectSource(uint32_t match_refid)
/* Reset score for non-selectable sources */
if (sources[i]->status != SRC_SELECTABLE) {
sources[i]->sel_score = 1.0;
sources[i]->outlier = OUTLIER_PENALTY;
continue;
}
@@ -834,6 +920,7 @@ SRC_SelectSource(uint32_t match_refid)
/* New source has been selected, reset all scores */
for (i=0; i < n_sources; i++) {
sources[i]->sel_score = 1.0;
sources[i]->outlier = 0;
}
}
@@ -844,15 +931,20 @@ SRC_SelectSource(uint32_t match_refid)
if (selected_source_index != old_selected_index ||
match_refid == sources[selected_source_index]->ref_id) {
/* Now just use the statistics of the selected source for
trimming the local clock */
/* Now just use the statistics of the selected source combined with
the other selectable sources for trimming the local clock */
SST_GetTrackingData(sources[selected_source_index]->stats, &ref_time,
&src_offset, &src_offset_sd,
&src_frequency, &src_skew,
&src_root_delay, &src_root_dispersion);
REF_SetReference(min_stratum, leap_status,
combined = combine_sources(n_sel_sources, &ref_time, &src_offset,
&src_offset_sd, &src_frequency, &src_skew);
REF_SetReference(sources[selected_source_index]->sel_info.stratum,
leap_status,
combined,
sources[selected_source_index]->ref_id,
sources[selected_source_index]->ip_addr,
&ref_time,
@@ -1104,7 +1196,7 @@ SRC_ReportSource(int index, RPT_SourceReport *report, struct timeval *now)
report->state = RPT_FALSETICKER;
break;
case SRC_SELECTABLE:
report->state = RPT_CANDIDATE;
report->state = src->outlier ? RPT_OUTLIER : RPT_CANDIDATE;
break;
default:
assert(0);

101
sourcestats.c
View File

@@ -43,10 +43,17 @@
to store per source */
#define MAX_SAMPLES 64
/* User defined maximum and minimum number of samples */
int max_samples;
int min_samples;
/* This is the assumed worst case bound on an unknown frequency,
2000ppm, which would be pretty bad */
#define WORST_CASE_FREQ_BOUND (2000.0/1.0e6)
/* The minimum allowed skew */
#define MIN_SKEW 1.0e-12
/* ================================================== */
static LOG_FileID logfileid;
@@ -160,6 +167,8 @@ SST_Initialise(void)
logfileid = CNF_GetLogStatistics() ? LOG_FileOpen("statistics",
" Date (UTC) Time IP Address Std dev'n Est offset Offset sd Diff freq Est skew Stress Ns Bs Nr")
: -1;
max_samples = CNF_GetMaxSamples();
min_samples = CNF_GetMinSamples();
}
/* ================================================== */
@@ -204,7 +213,6 @@ void
SST_DeleteInstance(SST_Stats inst)
{
Free(inst);
return;
}
/* ================================================== */
@@ -240,7 +248,8 @@ SST_AccumulateSample(SST_Stats inst, struct timeval *sample_time,
int n, m;
/* Make room for the new sample */
if (inst->n_samples == MAX_SAMPLES) {
if (inst->n_samples > 0 &&
(inst->n_samples == MAX_SAMPLES || inst->n_samples == max_samples)) {
prune_register(inst, 1);
}
@@ -259,7 +268,7 @@ SST_AccumulateSample(SST_Stats inst, struct timeval *sample_time,
inst->sample_times[n] = *sample_time;
inst->offsets[n] = offset;
inst->orig_offsets[m] = offset;
inst->peer_delays[m] = fabs(peer_delay);
inst->peer_delays[m] = peer_delay;
inst->peer_dispersions[m] = peer_dispersion;
inst->root_delays[m] = root_delay;
inst->root_dispersions[m] = root_dispersion;
@@ -335,7 +344,7 @@ find_best_sample_index(SST_Stats inst, double *times_back)
elapsed = -times_back[i];
assert(elapsed >= 0.0);
root_distance = inst->root_dispersions[j] + elapsed * inst->skew + 0.5 * fabs(inst->root_delays[j]);
root_distance = inst->root_dispersions[j] + elapsed * inst->skew + 0.5 * inst->root_delays[j];
if (root_distance < best_root_distance) {
best_root_distance = root_distance;
best_index = i;
@@ -348,8 +357,6 @@ find_best_sample_index(SST_Stats inst, double *times_back)
#if 0
LOG(LOGS_INFO, LOGF_SourceStats, "n=%d best_index=%d", n, best_index);
#endif
return;
}
/* ================================================== */
@@ -431,6 +438,7 @@ SST_DoNewRegression(SST_Stats inst)
inst->regression_ok = RGR_FindBestRegression(times_back + inst->runs_samples,
offsets + inst->runs_samples, weights,
inst->n_samples, inst->runs_samples,
min_samples,
&est_intercept, &est_slope, &est_var,
&est_intercept_sd, &est_slope_sd,
&best_start, &nruns, &degrees_of_freedom);
@@ -448,6 +456,9 @@ SST_DoNewRegression(SST_Stats inst)
inst->variance = est_var;
inst->nruns = nruns;
if (inst->skew < MIN_SKEW)
inst->skew = MIN_SKEW;
stress = fabs(old_freq - inst->estimated_frequency) / old_skew;
if (best_start > 0) {
@@ -491,38 +502,6 @@ SST_DoNewRegression(SST_Stats inst)
}
/* ================================================== */
void
SST_GetReferenceData(SST_Stats inst, struct timeval *now,
int *stratum, double *offset,
double *root_delay, double *root_dispersion,
double *frequency, double *skew)
{
double elapsed;
int i, j;
*frequency = inst->estimated_frequency;
*skew = inst->skew;
i = get_runsbuf_index(inst, inst->best_single_sample);
j = get_buf_index(inst, inst->best_single_sample);
UTI_DiffTimevalsToDouble(&elapsed, now, &inst->sample_times[i]);
*root_delay = inst->root_delays[j];
*root_dispersion = inst->root_dispersions[j] + elapsed * inst->skew;
*offset = inst->offsets[i] + elapsed * inst->estimated_frequency;
*stratum = inst->strata[j];
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_SourceStats, "n=%d freq=%f skew=%f del=%f disp=%f ofs=%f str=%d",
inst->n_samples, *frequency, *skew, *root_delay, *root_dispersion, *offset, *stratum);
#endif
return;
}
/* ================================================== */
/* Return the assumed worst case range of values that this source's
frequency lies within. Frequency is defined as the amount of time
@@ -549,55 +528,51 @@ SST_GetFrequencyRange(SST_Stats inst,
/* ================================================== */
/* ================================================== */
void
SST_GetSelectionData(SST_Stats inst, struct timeval *now,
int *stratum,
double *best_offset, double *best_root_delay,
double *best_root_dispersion,
double *offset_lo_limit,
double *offset_hi_limit,
double *root_distance,
double *variance, int *select_ok)
{
double average_offset;
double sample_elapsed;
double elapsed;
double offset, sample_elapsed;
int i, j;
int average_ok;
double peer_distance;
i = get_runsbuf_index(inst, inst->best_single_sample);
j = get_buf_index(inst, inst->best_single_sample);
*stratum = inst->strata[j];
*stratum = inst->strata[get_buf_index(inst, inst->n_samples - 1)];
*variance = inst->variance;
peer_distance = inst->peer_dispersions[j] + 0.5 * inst->peer_delays[j];
UTI_DiffTimevalsToDouble(&elapsed, now, &(inst->offset_time));
UTI_DiffTimevalsToDouble(&sample_elapsed, now, &inst->sample_times[i]);
*best_offset = inst->offsets[i] + sample_elapsed * inst->estimated_frequency;
*best_root_delay = inst->root_delays[j];
*best_root_dispersion = inst->root_dispersions[j] + sample_elapsed * inst->skew;
offset = inst->offsets[i] + sample_elapsed * inst->estimated_frequency;
*root_distance = 0.5 * inst->root_delays[j] +
inst->root_dispersions[j] + sample_elapsed * inst->skew;
*offset_lo_limit = offset - *root_distance;
*offset_hi_limit = offset + *root_distance;
#if 0
double average_offset, elapsed;
int average_ok;
/* average_ok ignored for now */
UTI_DiffTimevalsToDouble(&elapsed, now, &(inst->offset_time));
average_offset = inst->estimated_offset + inst->estimated_frequency * elapsed;
if (fabs(average_offset - *best_offset) <= peer_distance) {
if (fabs(average_offset - offset) <=
inst->peer_dispersions[j] + 0.5 * inst->peer_delays[j]) {
average_ok = 1;
} else {
average_ok = 0;
}
#endif
*select_ok = inst->regression_ok;
#ifdef TRACEON
LOG(LOGS_INFO, LOGF_SourceStats, "n=%d off=%f del=%f dis=%f var=%f pdist=%f avoff=%f avok=%d selok=%d",
inst->n_samples, *best_offset, *best_root_delay, *best_root_dispersion, *variance,
peer_distance, average_offset, average_ok, *select_ok);
#else
(void)average_ok;
LOG(LOGS_INFO, LOGF_SourceStats, "n=%d off=%f dist=%f var=%f selok=%d",
inst->n_samples, offset, *root_distance, *variance, *select_ok);
#endif
return;
}
/* ================================================== */
@@ -677,8 +652,6 @@ SST_SlewSamples(SST_Stats inst, struct timeval *when, double dfreq, double doffs
#else
(void)prev; (void)prev_freq;
#endif
return;
}
/* ================================================== */

17
sourcestats.h
View File

@@ -82,10 +82,10 @@ extern void SST_GetFrequencyRange(SST_Stats inst, double *lo, double *hi);
extern void
SST_GetSelectionData(SST_Stats inst, struct timeval *now,
int *stratum,
double *best_offset, double *best_root_delay,
double *best_root_dispersion,
double *variance,
int *select_ok);
double *offset_lo_limit,
double *offset_hi_limit,
double *root_distance,
double *variance, int *select_ok);
/* Get data needed when setting up tracking on this source */
extern void
@@ -94,15 +94,6 @@ SST_GetTrackingData(SST_Stats inst, struct timeval *ref_time,
double *frequency, double *skew,
double *root_delay, double *root_dispersion);
/* Get parameters for using this source as the reference */
extern void
SST_GetReferenceData(SST_Stats inst, struct timeval *now,
int *stratum, double *offset,
double *root_delay, double *root_dispersion,
double *frequency, double *skew);
/* This routine is called when the local machine clock parameters are
changed. It adjusts all existing samples that we are holding for
each peer so that it looks like they were made under the new clock

8
sys.c
View File

@@ -91,8 +91,6 @@ SYS_Finalise(void)
#if defined(__NetBSD__)
SYS_NetBSD_Finalise();
#endif
return;
}
/* ================================================== */
@@ -104,8 +102,6 @@ void SYS_DropRoot(char *user)
#else
LOG_FATAL(LOGF_Sys, "dropping root privileges not supported");
#endif
return;
}
/* ================================================== */
@@ -117,8 +113,6 @@ void SYS_SetScheduler(int SchedPriority)
#else
LOG_FATAL(LOGF_Sys, "scheduler priority setting not supported");
#endif
return;
}
/* ================================================== */
@@ -130,8 +124,6 @@ void SYS_LockMemory(void)
#else
LOG_FATAL(LOGF_Sys, "memory locking not supported");
#endif
return;
}
/* ================================================== */

21
sys_linux.c
View File

@@ -29,14 +29,8 @@
#include "config.h"
#ifdef LINUX
#include "sysincl.h"
#include <sys/time.h>
#include <stdio.h>
#include <unistd.h>
#include <math.h>
#include <ctype.h>
#include <assert.h>
#include <sys/utsname.h>
#if defined(HAVE_SCHED_SETSCHEDULER)
@@ -598,8 +592,6 @@ initiate_slew(void)
offset_register = 0.0;
}
return;
}
/* ================================================== */
@@ -856,8 +848,6 @@ get_offset_correction(struct timeval *raw,
update_nano_slew_error(noffset, 0);
*err = get_slow_slew_error(raw) + get_fast_slew_error(raw) + get_nano_slew_error();;
}
return;
}
/* ================================================== */
@@ -871,8 +861,6 @@ set_leap(int leap)
LOG(LOGS_INFO, LOGF_SysLinux, "System clock status set to %s leap second",
leap ? (leap > 0 ? "insert" : "delete") : "not insert/delete");
return;
}
/* ================================================== */
@@ -910,7 +898,6 @@ guess_hz_and_shift_hz(int tick, int *hz, int *shift_hz)
/* oh dear. doomed. */
*hz = 0;
*shift_hz = 0;
return;
}
/* ================================================== */
@@ -1257,9 +1244,3 @@ void SYS_Linux_MemLockAll(int LockAll)
}
}
#endif /* HAVE_MLOCKALL */
#endif /* LINUX */
/* vim:ts=8
* */

10
sys_solaris.c
View File

@@ -110,8 +110,6 @@ clock_initialise(void)
if (adjtime(&newadj, &oldadj) < 0) {
LOG_FATAL(LOGF_SysSolaris, "adjtime() failed");
}
return;
}
/* ================================================== */
@@ -120,9 +118,6 @@ static void
clock_finalise(void)
{
/* Nothing to do yet */
return;
}
/* ================================================== */
@@ -217,7 +212,6 @@ accrue_offset(double offset, double corr_rate)
stop_adjust();
offset_register += offset;
start_adjust();
return;
}
/* ================================================== */
@@ -296,7 +290,6 @@ get_offset_correction(struct timeval *raw,
start_adjust();
if (err)
*err = 0.0;
return;
}
/* ================================================== */
@@ -304,7 +297,6 @@ get_offset_correction(struct timeval *raw,
static void
immediate_step(void)
{
return;
}
/* ================================================== */
@@ -468,8 +460,6 @@ SYS_Solaris_Finalise(void)
if (need_dosynctodr) {
set_dosynctodr(1);
}
return;
}
/* ================================================== */

10
sys_sunos.c
View File

@@ -101,8 +101,6 @@ clock_initialise(void)
if (adjtime(&newadj, &oldadj) < 0) {
LOG_FATAL(LOGF_SysSunOS, "adjtime() failed");
}
return;
}
/* ================================================== */
@@ -111,9 +109,6 @@ static void
clock_finalise(void)
{
/* Nothing to do yet */
return;
}
/* ================================================== */
@@ -221,7 +216,6 @@ accrue_offset(double offset, double corr_rate)
stop_adjust();
offset_register += offset;
start_adjust();
return;
}
/* ================================================== */
@@ -283,7 +277,6 @@ get_offset_correction(struct timeval *raw,
start_adjust();
if (err)
*err = 0.0;
return;
}
/* ================================================== */
@@ -291,7 +284,6 @@ get_offset_correction(struct timeval *raw,
static void
immediate_step(void)
{
return;
}
/* ================================================== */
@@ -420,8 +412,6 @@ SYS_SunOS_Finalise(void)
/* When exiting, we want to return the machine to its 'autonomous'
tracking mode */
setup_kernel(1);
return;
}
/* ================================================== */

7
sysincl.h
View File

@@ -45,6 +45,7 @@
#include <math.h>
#include <netdb.h>
#include <netinet/in.h>
#include <resolv.h>
#include <signal.h>
#include <stdarg.h>
#include <stddef.h>
@@ -56,6 +57,8 @@
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/un.h>
#include <sys/shm.h>
#include <syslog.h>
#include <time.h>
@@ -86,10 +89,6 @@
#include <nlist.h>
#endif
#if defined (HAS_NO_BZERO)
#define bzero(ptr,n) memset(ptr,0,n)
#endif /* HAS_NO_BZERO */
#if defined (WINNT)
/* Designed to work with the GCC from the GNAT-3.10 for Win32

56
util.c
View File

@@ -3,7 +3,7 @@
**********************************************************************
* Copyright (C) Richard P. Curnow 1997-2003
* Copyright (C) Miroslav Lichvar 2009, 2012
* Copyright (C) Miroslav Lichvar 2009, 2012-2013
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License as
@@ -107,8 +107,6 @@ UTI_DiffTimevals(struct timeval *result,
(0,1000000) */
UTI_NormaliseTimeval(result); /* JGH */
return;
}
/* ================================================== */
@@ -137,7 +135,8 @@ UTI_AddDoubleToTimeval(struct timeval *start,
is too marginal here. */
int_part = (long) increment;
frac_part = (long) (0.5 + 1.0e6 * (increment - (double)int_part));
increment = (increment - int_part) * 1.0e6;
frac_part = (long) (increment > 0.0 ? increment + 0.5 : increment - 0.5);
end->tv_sec = int_part + start->tv_sec;
end->tv_usec = frac_part + start->tv_usec;
@@ -189,6 +188,18 @@ UTI_AverageDiffTimevals (struct timeval *earlier,
/* ================================================== */
void
UTI_AddDiffToTimeval(struct timeval *a, struct timeval *b,
struct timeval *c, struct timeval *result)
{
double diff;
UTI_DiffTimevalsToDouble(&diff, a, b);
UTI_AddDoubleToTimeval(c, diff, result);
}
/* ================================================== */
#define POOL_ENTRIES 16
#define BUFFER_LENGTH 64
static char buffer_pool[POOL_ENTRIES][BUFFER_LENGTH];
@@ -212,19 +223,6 @@ UTI_TimevalToString(struct timeval *tv)
return result;
}
/* ================================================== */
#define JAN_1970 0x83aa7e80UL
inline static void
int64_to_timeval(NTP_int64 *src,
struct timeval *dest)
{
dest->tv_sec = ntohl(src->hi) - JAN_1970;
/* Until I invent a slick way to do this, just do it the obvious way */
dest->tv_usec = (int)(0.5 + (double)(ntohl(src->lo)) / 4294.967296);
}
/* ================================================== */
/* Convert an NTP timestamp into a temporary string, largely
for diagnostic display */
@@ -233,7 +231,7 @@ char *
UTI_TimestampToString(NTP_int64 *ts)
{
struct timeval tv;
int64_to_timeval(ts, &tv);
UTI_Int64ToTimeval(ts, &tv);
return UTI_TimevalToString(&tv);
}
@@ -473,6 +471,28 @@ UTI_GetNTPTsFuzz(int precision)
/* ================================================== */
double
UTI_Int32ToDouble(NTP_int32 x)
{
return (double) ntohl(x) / 65536.0;
}
/* ================================================== */
#define MAX_NTP_INT32 (4294967295.0 / 65536.0)
NTP_int32
UTI_DoubleToInt32(double x)
{
if (x > MAX_NTP_INT32)
x = MAX_NTP_INT32;
else if (x < 0)
x = 0.0;
return htonl((NTP_int32)(0.5 + 65536.0 * x));
}
/* ================================================== */
/* Seconds part of RFC1305 timestamp correponding to the origin of the
struct timeval format. */
#define JAN_1970 0x83aa7e80UL

6
util.h
View File

@@ -63,6 +63,9 @@ extern void UTI_AddDoubleToTimeval(struct timeval *start, double increment, stru
/* Calculate the average and difference (as a double) of two timevals */
extern void UTI_AverageDiffTimevals(struct timeval *earlier, struct timeval *later, struct timeval *average, double *diff);
/* Calculate result = a - b + c */
extern void UTI_AddDiffToTimeval(struct timeval *a, struct timeval *b, struct timeval *c, struct timeval *result);
/* Convert a timeval into a temporary string, largely for diagnostic
display */
extern char *UTI_TimevalToString(struct timeval *tv);
@@ -91,6 +94,9 @@ extern void UTI_AdjustTimeval(struct timeval *old_tv, struct timeval *when, stru
/* Get a random value to fuzz an NTP timestamp in the given precision */
extern uint32_t UTI_GetNTPTsFuzz(int precision);
extern double UTI_Int32ToDouble(NTP_int32 x);
extern NTP_int32 UTI_DoubleToInt32(double x);
extern void UTI_TimevalToInt64(struct timeval *src, NTP_int64 *dest, uint32_t fuzz);
extern void UTI_Int64ToTimeval(NTP_int64 *src, struct timeval *dest);

7
wrap_adjtimex.c
View File

@@ -31,10 +31,6 @@
#include "config.h"
#ifdef LINUX
#define _LOOSE_KERNEL_NAMES
#include "chrony_timex.h"
#include "wrap_adjtimex.h"
@@ -276,6 +272,3 @@ TMX_ApplyStepOffset(double offset)
return adjtimex(&txc);
}
#endif