doc: update NEWS

Earlier versions of macOS do not provide clock_gettime(). This patch
checks for clock_gettime() at run-time and falls back to gettimeofday()
if the symbol is not present.

.gitignore

@@ -1,9 +1,12 @@
 .deps
 .vimrc
+*.gcda
+*.gcno
 *.o
 *.swp
 *.dSYM
 *.DS_Store
+core.*
 tags
 /RELEASES
 /Makefile

Makefile.in

@@ -21,44 +21,42 @@
 #
 # Makefile template
 
-SYSCONFDIR=@SYSCONFDIR@
-BINDIR=@BINDIR@
-SBINDIR=@SBINDIR@
-LOCALSTATEDIR=@LOCALSTATEDIR@
-CHRONYVARDIR=@CHRONYVARDIR@
+SYSCONFDIR = @SYSCONFDIR@
+BINDIR = @BINDIR@
+SBINDIR = @SBINDIR@
+LOCALSTATEDIR = @LOCALSTATEDIR@
+CHRONYVARDIR = @CHRONYVARDIR@
+DESTDIR =
 
 CC = @CC@
 CFLAGS = @CFLAGS@
 CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
 
-DESTDIR=
-
-HASH_OBJ = @HASH_OBJ@
+EXTRA_OBJS = @EXTRA_OBJS@
 
 OBJS = array.o cmdparse.o conf.o local.o logging.o main.o memory.o \
-       reference.o regress.o rtc.o sched.o sources.o sourcestats.o stubs.o \
-       smooth.o sys.o sys_null.o tempcomp.o util.o $(HASH_OBJ)
+       reference.o regress.o rtc.o samplefilt.o sched.o socket.o sources.o sourcestats.o \
+       stubs.o smooth.o sys.o sys_null.o tempcomp.o util.o $(EXTRA_OBJS)
 
-EXTRA_OBJS=@EXTRA_OBJECTS@
+EXTRA_CLI_OBJS = @EXTRA_CLI_OBJS@
 
 CLI_OBJS = array.o client.o cmdparse.o getdate.o memory.o nameserv.o \
-           pktlength.o util.o $(HASH_OBJ)
+           pktlength.o socket.o util.o $(EXTRA_CLI_OBJS)
 
-ALL_OBJS = $(OBJS) $(EXTRA_OBJS) $(CLI_OBJS)
+ALL_OBJS = $(OBJS) $(CLI_OBJS)
 
-LDFLAGS = @LDFLAGS@
 LIBS = @LIBS@
-
-EXTRA_LIBS=@EXTRA_LIBS@
-EXTRA_CLI_LIBS=@EXTRA_CLI_LIBS@
+EXTRA_LIBS = @EXTRA_LIBS@
+EXTRA_CLI_LIBS = @EXTRA_CLI_LIBS@
 
 # Until we have a main procedure we can link, just build object files
 # to test compilation
 
 all : chronyd chronyc
 
-chronyd : $(OBJS) $(EXTRA_OBJS)
-	$(CC) $(CFLAGS) -o chronyd $(OBJS) $(EXTRA_OBJS) $(LDFLAGS) $(LIBS) $(EXTRA_LIBS)
+chronyd : $(OBJS)
+	$(CC) $(CFLAGS) -o chronyd $(OBJS) $(LDFLAGS) $(LIBS) $(EXTRA_LIBS)
 
 chronyc : $(CLI_OBJS)
 	$(CC) $(CFLAGS) -o chronyc $(CLI_OBJS) $(LDFLAGS) $(LIBS) $(EXTRA_CLI_LIBS)
@@ -70,7 +68,9 @@ distclean : clean
 	-rm -f Makefile config.h config.log
 
 clean :
-	-rm -f *.o *.s chronyc chronyd core *~
+	$(MAKE) -C test/unit clean
+	-rm -f *.o *.s chronyc chronyd core.* *~
+	-rm -f *.gcda *.gcno
 	-rm -rf .deps
 	-rm -rf *.dSYM
 
@@ -112,10 +112,15 @@ install-docs :
 quickcheck : chronyd chronyc
 	$(MAKE) -C test/unit check
 	cd test/simulation && ./run
+	cd test/system && ./run
 
 check : chronyd chronyc
 	$(MAKE) -C test/unit check
 	cd test/simulation && ./run -i 20 -m 2
+	cd test/system && ./run
+
+print-chronyd-objects :
+	@echo $(OBJS)
 
 Makefile : Makefile.in configure
 	@echo

NEWS

@@ -1,3 +1,99 @@
+New in version 4.0
+==================
+
+Enhancements
+------------
+* Add support for Network Time Security (NTS) authentication
+* Add support for AES-CMAC keys (AES128, AES256) with Nettle
+* Add support for maxsamples of 1 for faster update with -q/-Q option
+* Add -L option to limit log messages by severity
+* Avoid replacing NTP sources with unreachable addresses
+* Improve NTP loop test to prevent synchronisation to itself
+* Update clock synchronisation status and leap status more frequently
+* Update seccomp filter
+* Add "add pool" command
+* Add -N option and sourcename command to print original names of sources
+* Add -a option to source/sourcestats command to print unresolved sources
+* Add reset command to drop all measurements
+
+Bug fixes
+---------
+* Handle RTCs that don't support interrupts
+* Respond to command requests with correct address on multihomed hosts
+
+Removed features
+----------------
+* Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320)
+
+New in version 3.5
+==================
+
+Enhancements
+------------
+* Add support for more accurate reading of PHC on Linux 5.0
+* Add support for hardware timestamping on interfaces with read-only
+  timestamping configuration
+* Add support for memory locking and real-time priority on FreeBSD,
+  NetBSD, Solaris
+* Update seccomp filter to work on more architectures
+* Validate refclock driver options
+
+Bug fixes
+---------
+* Fix bindaddress directive on FreeBSD
+* Fix transposition of hardware RX timestamp on Linux 4.13 and later
+* Fix building on non-glibc systems
+
+New in version 3.4
+==================
+
+Enhancements
+------------
+* Add filter option to server/pool/peer directive
+* Add minsamples and maxsamples options to hwtimestamp directive
+* Add support for faster frequency adjustments in Linux 4.19
+* Change default pidfile to /var/run/chrony/chronyd.pid to allow
+  chronyd without root privileges to remove it on exit
+* Disable sub-second polling intervals for distant NTP sources
+* Extend range of supported sub-second polling intervals
+* Get/set IPv4 destination/source address of NTP packets on FreeBSD
+* Make burst options and command useful with short polling intervals
+* Modify auto_offline option to activate when sending request failed
+* Respond from interface that received NTP request if possible
+* Add onoffline command to switch between online and offline state
+  according to current system network configuration
+* Improve example NetworkManager dispatcher script
+
+Bug fixes
+---------
+* Avoid waiting in Linux getrandom system call
+* Fix PPS support on FreeBSD and NetBSD
+
+New in version 3.3
+==================
+
+Enhancements
+------------
+* Add burst option to server/pool directive
+* Add stratum and tai options to refclock directive
+* Add support for Nettle crypto library
+* Add workaround for missing kernel receive timestamps on Linux
+* Wait for late hardware transmit timestamps
+* Improve source selection with unreachable sources
+* Improve protection against replay attacks on symmetric mode
+* Allow PHC refclock to use socket in /var/run/chrony
+* Add shutdown command to stop chronyd
+* Simplify format of response to manual list command
+* Improve handling of unknown responses in chronyc
+
+Bug fixes
+---------
+* Respond to NTPv1 client requests with zero mode
+* Fix -x option to not require CAP_SYS_TIME under non-root user
+* Fix acquisitionport directive to work with privilege separation
+* Fix handling of socket errors on Linux to avoid high CPU usage
+* Fix chronyc to not get stuck in infinite loop after clock step
+
 New in version 3.2
 ==================
 

README

@@ -37,20 +37,16 @@ How do I set it up?
 ===================
 
 The file INSTALL gives instructions.  On supported systems the
-compilation process should be automatic.
-
-You will need an ANSI C compiler -- gcc is recommended.
-
-The manual (in texinfo and text formats) describes how to set the
-software up for the less straightforward cases.
+compilation process should be automatic.  You will need a C compiler,
+e.g. gcc or clang.
 
 What documentation is there?
 ============================
 
-A manual is supplied in Texinfo format (chrony.texi) and
-ready-formatted plain text (chrony.txt) in the distribution.
+The distribution includes manual pages and a document containing
+Frequently Asked Questions (FAQ).
 
-There is also information available on the chrony web pages, accessible
+The documentation is also available on the chrony web pages, accessible
 through the URL 
 
     https://chrony.tuxfamily.org/
@@ -112,127 +108,57 @@ The following people have provided patches and other major contributions
 to the program :
 
 Lonnie Abelbeck <lonnie@abelbeck.com>
-    Patch to add tab-completion to chronyc
-
 Benny Lyne Amorsen <benny@amorsen.dk>
-    Patch to add minstratum option
-
 Andrew Bishop <amb@gedanken.demon.co.uk>
-    Fixes for bugs in logging when in daemon mode
-    Fixes for compiler warnings
-    Robustness improvements for drift file
-    Improve installation (directory checking etc)
-    Entries in contrib directory
-    Improvements to 'sources' and 'sourcestats' output from chronyc
-    Improvements to documentation
-    Investigation of required dosynctodr behaviour for various Solaris
-      versions.
-
+Vincent Blut <vincent.debian@free.fr>
 Stephan I. Boettcher <stephan@nevis1.columbia.edu>
-    Entries in contrib directory
-
+Goswin Brederlow <brederlo@informatik.uni-tuebingen.de>
+Leigh Brown <leigh@solinno.co.uk>
 Erik Bryer <ebryer@spots.ab.ca>
-    Entries in contrib directory
-
+Jonathan Cameron <jic23@cam.ac.uk>
 Bryan Christianson <bryan@whatroute.net>
-    Support for macOS
-    Support for privilege separation
-    Entries in contrib directory
-
 Juliusz Chroboczek <jch@pps.jussieu.fr>
-    Fix install rule in Makefile if chronyd file is in use.
-
+Christian Ehrhardt <christian.ehrhardt@canonical.com>
 Paul Elliott <pelliott@io.com>
-    DNSchrony (in contrib directory), a tool for handling NTP servers
-    with variable IP addresses.
-
+Stefan R. Filipek <srfilipek@gmail.com>
 Mike Fleetwood <mike@rockover.demon.co.uk>
-    Fixes for compiler warnings
-
 Alexander Gretencord <arutha@gmx.de>
-    Changes to installation directory system to make it easier for
-    package builders.
-
 Andrew Griffiths <agriffit@redhat.com>
-    Patch to add support for seccomp filter
-
 Walter Haidinger <walter.haidinger@gmx.at>
-    Providing me with login access to a Linux installation where v1.12
-    wouldn't compile, so I could develop the fixes for v1.13.  Also, for
-    providing the disc space so I can keep an independent backup of the
-    sources.
-
 Juergen Hannken-Illjes <hannken@eis.cs.tu-bs.de>
-    Port to NetBSD
-
 John Hasler <john@dhh.gt.org>
-    Project and website at tuxfamily.org
-    Changes to support 64 bit machines (i.e. those where
-      sizeof(unsigned long) > 4)
-    Bug fix to initstepslew directive
-    Fix to remove potential buffer overrun errors.
-    Memory locking and real-time scheduler support
-    Fix fault where chronyd enters an endless loop
-
 Tjalling Hattink <t.hattink@fugro.nl>
-    Fix scheduler to allow stepping clock from timeout handler
-    Patch to take leap second in PPS refclock from locked source
-    Patch to make reading of RTC for initial trim more reliable
-
 Liam Hatton <me@liamhatton.com>
-    Advice on configuring for Linux on PPC
-
 Jachym Holecek <jakym@volny.cz>
-    Patch to make Linux real time clock work with devfs
-
 Håkan Johansson <f96hajo@chalmers.se>
-    Patch to avoid large values in sources and sourcestats output
-
 Jim Knoble <jmknoble@pobox.com>
-    Fixes for compiler warnings
-
 Antti Jrvinen <costello@iki.fi>
-    Advice on configuring for BSD/386
-
+Eric Lammerts <eric@lammerts.org>
+Stefan Lucke <stefan@lucke.in-berlin.de>
+Victor Lum <viclum@vanu.com>
+Kevin Lyda <kevin@ie.suberic.net>
+Paul Menzel <paulepanter@users.sourceforge.net>
+Vladimir Michl <vladimir.michl@seznam.cz>
 Victor Moroz <vim@prv.adlum.ru>
-    Patch to support Linux with HZ!=100
-
 Kalle Olavi Niemitalo  <tosi@stekt.oulu.fi>
-    acquisitionport support
-
 Frank Otto <sandwichmacher@web.de>
-    Handling arbitrary HZ values
-
 Denny Page <dennypage@me.com>
-    Advice on support for hardware timestamping
-
+Chris Perl <cperl@janestreet.com>
 Gautier PHILIPPON <gautier.philippon@ensimag.grenoble-inp.fr>
-    Patch to add refresh command to chronyc
-
 Andreas Piesk <apiesk@virbus.de>
-    Patch to make chronyc use the readline library if available
-
+Andreas Steinmetz <ast@domdv.de>
+NAKAMURA Takumi <takumi@ps.sakura.ne.jp>
 Timo Teras <timo.teras@iki.fi>
-    Patch to reply correctly on multihomed hosts
-
 Bill Unruh <unruh@physics.ubc.ca>
-    Advice on statistics
-
 Stephen Wadeley <swadeley@redhat.com>
-    Improvements to man pages
-
+Bernhard Weiss <lisnablagh@web.de>
 Wolfgang Weisselberg <weissel@netcologne.de>
-    Entries in contrib directory
-
+Bernhard M. Wiedemann <bwiedemann@suse.de>
+Joachim Wiedorn <ad_debian@joonet.de>
 Ralf Wildenhues <Ralf.Wildenhues@gmx.de>
-    Many robustness and security improvements
-    
-Ulrich Windl <ulrich.windl@rz.uni-regensburg.de> for the
-    Providing me with information about the Linux 2.2 kernel
-    functionality compared to 2.0.
-
+Ulrich Windl <ulrich.windl@rz.uni-regensburg.de>
 Doug Woodward <dougw@whistler.com>
-    Advice on configuring for Solaris 2.8 on x86
+Thomas Zajic <zlatko@zlatko.fdns.net>
 
 Many other people have contributed bug reports and suggestions.  We are sorry
 we cannot identify all of you individually.

addressing.h

@@ -30,16 +30,19 @@
 #include "sysincl.h"
 
 /* This type is used to represent an IPv4 address or IPv6 address.
+   Addresses which are not resolved yet can be represented with an ID.
    All parts are in HOST order, NOT network order. */
 
 #define IPADDR_UNSPEC 0
 #define IPADDR_INET4 1
 #define IPADDR_INET6 2
+#define IPADDR_ID 3
 
 typedef struct {
   union { 
     uint32_t in4;
     uint8_t in6[16];
+    uint32_t id;
   } addr;
   uint16_t family;
   uint16_t _pad;
@@ -47,8 +50,10 @@ typedef struct {
 
 typedef struct {
   IPAddr ip_addr;
-  unsigned short port;
-} NTP_Remote_Address;
+  uint16_t port;
+} IPSockAddr;
+
+typedef IPSockAddr NTP_Remote_Address;
 
 #define INVALID_IF_INDEX -1
 

addrfilt.c

@@ -247,6 +247,8 @@ set_subnet_(ADF_AuthTable table,
           set_subnet(&table->base6, ip6, 4, 0, new_state, delete_children) == ADF_SUCCESS)
         return ADF_SUCCESS;
       break;
+    default:
+      break;
   }
 
   return ADF_BADSUBNET;
@@ -359,9 +361,9 @@ ADF_IsAllowed(ADF_AuthTable table,
     case IPADDR_INET6:
       split_ip6(ip_addr, ip6);
       return check_ip_in_node(&table->base6, ip6);
+    default:
+      return 0;
   }
-
-  return 0;
 }
 
 /* ================================================== */

candm.h

@@ -99,7 +99,12 @@
 #define REQ_ADD_PEER2 59
 #define REQ_ADD_SERVER3 60
 #define REQ_ADD_PEER3 61
-#define N_REQUEST_TYPES 62
+#define REQ_SHUTDOWN 62
+#define REQ_ONOFFLINE 63
+#define REQ_ADD_SOURCE 64
+#define REQ_NTP_SOURCE_NAME 65
+#define REQ_RESET 66
+#define N_REQUEST_TYPES 67
 
 /* Structure used to exchange timespecs independent of time_t size */
 typedef struct {
@@ -243,6 +248,11 @@ typedef struct {
   int32_t EOR;
 } REQ_Ac_Check;
 
+/* Source types in NTP source requests */
+#define REQ_ADDSRC_SERVER 1
+#define REQ_ADDSRC_PEER 2
+#define REQ_ADDSRC_POOL 3
+
 /* Flags used in NTP source requests */
 #define REQ_ADDSRC_ONLINE 0x1
 #define REQ_ADDSRC_AUTOOFFLINE 0x2
@@ -252,9 +262,12 @@ typedef struct {
 #define REQ_ADDSRC_TRUST 0x20
 #define REQ_ADDSRC_REQUIRE 0x40
 #define REQ_ADDSRC_INTERLEAVED 0x80
+#define REQ_ADDSRC_BURST 0x100
+#define REQ_ADDSRC_NTS 0x200
 
 typedef struct {
-  IPAddr ip_addr;
+  uint32_t type;
+  int8_t name[256];
   uint32_t port;
   int32_t minpoll;
   int32_t maxpoll;
@@ -266,6 +279,7 @@ typedef struct {
   int32_t min_samples;
   int32_t max_samples;
   uint32_t authkey;
+  uint32_t nts_port;
   Float max_delay;
   Float max_delay_ratio;
   Float max_delay_dev_ratio;
@@ -273,7 +287,8 @@ typedef struct {
   Float asymmetry;
   Float offset;
   uint32_t flags;
-  uint32_t reserved[4];
+  int32_t filter_length;
+  uint32_t reserved[3];
   int32_t EOR;
 } REQ_NTP_Source;
 
@@ -331,6 +346,11 @@ typedef struct {
   int32_t EOR;
 } REQ_NTPData;
 
+typedef struct {
+  IPAddr ip_addr;
+  int32_t EOR;
+} REQ_NTPSourceName;
+
 /* ================================================== */
 
 #define PKT_TYPE_CMD_REQUEST 1
@@ -367,9 +387,9 @@ typedef struct {
    domain socket.
 
    Version 6 (no authentication) : changed format of client accesses by index
-   (using new request/reply types) and manual timestamp, new fields and flags
-   in NTP source request and report, new commands: ntpdata, refresh,
-   serverstats
+   (using new request/reply types) and manual timestamp, added new fields and
+   flags to NTP source request and report, made length of manual list constant,
+   added new commands: ntpdata, refresh, serverstats, shutdown
  */
 
 #define PROTO_VERSION_NUMBER 6
@@ -433,6 +453,7 @@ typedef struct {
     REQ_ReselectDistance reselect_distance;
     REQ_SmoothTime smoothtime;
     REQ_NTPData ntp_data;
+    REQ_NTPData ntp_source_name;
   } data; /* Command specific parameters */
 
   /* Padding used to prevent traffic amplification.  It only defines the
@@ -468,7 +489,9 @@ typedef struct {
 #define RPY_CLIENT_ACCESSES_BY_INDEX2 15
 #define RPY_NTP_DATA 16
 #define RPY_MANUAL_TIMESTAMP2 17
-#define N_REPLY_TYPES 18
+#define RPY_MANUAL_LIST2 18
+#define RPY_NTP_SOURCE_NAME 19
+#define N_REPLY_TYPES 20
 
 /* Status codes */
 #define STT_SUCCESS 0
@@ -492,6 +515,7 @@ typedef struct {
 #define STT_INVALIDAF 17
 #define STT_BADPKTVERSION 18
 #define STT_BADPKTLENGTH 19
+#define STT_INVALIDNAME 21
 
 typedef struct {
   int32_t EOR;
@@ -683,6 +707,11 @@ typedef struct {
   int32_t EOR;
 } RPY_NTPData;
 
+typedef struct {
+  int8_t name[256];
+  int32_t EOR;
+} RPY_NTPSourceName;
+
 typedef struct {
   uint8_t version;
   uint8_t pkt_type;
@@ -712,6 +741,7 @@ typedef struct {
     RPY_Activity activity;
     RPY_Smoothing smoothing;
     RPY_NTPData ntp_data;
+    RPY_NTPSourceName ntp_source_name;
   } data; /* Reply specific parameters */
 
 } CMD_Reply;

cmac.h

@@ -0,0 +1,41 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for CMAC.
+
+  */
+
+#ifndef GOT_CMAC_H
+#define GOT_CMAC_H
+
+typedef struct CMC_Instance_Record *CMC_Instance;
+
+extern unsigned int CMC_GetKeyLength(const char *cipher);
+extern CMC_Instance CMC_CreateInstance(const char *cipher, const unsigned char *key,
+                                       unsigned int length);
+extern unsigned int CMC_Hash(CMC_Instance inst, const unsigned char *in, unsigned int in_len,
+                             unsigned char *out, unsigned int out_len);
+extern void CMC_DestroyInstance(CMC_Instance inst);
+
+#endif
+

cmac_nettle.c

@@ -0,0 +1,115 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Support for AES128 and AES256 CMAC in Nettle.
+
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include <nettle/cmac.h>
+
+#include "cmac.h"
+#include "memory.h"
+
+struct CMC_Instance_Record {
+  int key_length;
+  union {
+    struct cmac_aes128_ctx aes128;
+    struct cmac_aes256_ctx aes256;
+  } context;
+};
+
+/* ================================================== */
+
+unsigned int
+CMC_GetKeyLength(const char *cipher)
+{
+  if (strcmp(cipher, "AES128") == 0)
+    return AES128_KEY_SIZE;
+  else if (strcmp(cipher, "AES256") == 0)
+    return AES256_KEY_SIZE;
+  return 0;
+}
+
+/* ================================================== */
+
+CMC_Instance
+CMC_CreateInstance(const char *cipher, const unsigned char *key, unsigned int length)
+{
+  CMC_Instance inst;
+
+  if (length == 0 || length != CMC_GetKeyLength(cipher))
+    return NULL;
+
+  inst = MallocNew(struct CMC_Instance_Record);
+  inst->key_length = length;
+
+  switch (length) {
+    case AES128_KEY_SIZE:
+      cmac_aes128_set_key(&inst->context.aes128, key);
+      break;
+    case AES256_KEY_SIZE:
+      cmac_aes256_set_key(&inst->context.aes256, key);
+      break;
+    default:
+      assert(0);
+  }
+
+  return inst;
+}
+
+/* ================================================== */
+
+unsigned int
+CMC_Hash(CMC_Instance inst, const unsigned char *in, unsigned int in_len,
+         unsigned char *out, unsigned int out_len)
+{
+  if (out_len > CMAC128_DIGEST_SIZE)
+    out_len = CMAC128_DIGEST_SIZE;
+
+  switch (inst->key_length) {
+    case AES128_KEY_SIZE:
+      cmac_aes128_update(&inst->context.aes128, in_len, in);
+      cmac_aes128_digest(&inst->context.aes128, out_len, out);
+      break;
+    case AES256_KEY_SIZE:
+      cmac_aes256_update(&inst->context.aes256, in_len, in);
+      cmac_aes256_digest(&inst->context.aes256, out_len, out);
+      break;
+    default:
+      assert(0);
+  }
+
+  return out_len;
+}
+
+/* ================================================== */
+
+void
+CMC_DestroyInstance(CMC_Instance inst)
+{
+  Free(inst);
+}

cmdmon.c

@@ -3,7 +3,7 @@
 
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
- * Copyright (C) Miroslav Lichvar  2009-2016
+ * Copyright (C) Miroslav Lichvar  2009-2016, 2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -38,6 +38,7 @@
 #include "ntp_sources.h"
 #include "ntp_core.h"
 #include "smooth.h"
+#include "socket.h"
 #include "sources.h"
 #include "sourcestats.h"
 #include "reference.h"
@@ -53,21 +54,12 @@
 
 /* ================================================== */
 
-union sockaddr_all {
-  struct sockaddr_in in4;
-#ifdef FEAT_IPV6
-  struct sockaddr_in6 in6;
-#endif
-  struct sockaddr_un un;
-  struct sockaddr sa;
-};
+#define INVALID_SOCK_FD (-5)
 
 /* File descriptors for command and monitoring sockets */
 static int sock_fdu;
 static int sock_fd4;
-#ifdef FEAT_IPV6
 static int sock_fd6;
-#endif
 
 /* Flag indicating whether this module has been initialised or not */
 static int initialised = 0;
@@ -138,6 +130,11 @@ static const char permissions[] = {
   PERMIT_AUTH, /* ADD_PEER2 */
   PERMIT_AUTH, /* ADD_SERVER3 */
   PERMIT_AUTH, /* ADD_PEER3 */
+  PERMIT_AUTH, /* SHUTDOWN */
+  PERMIT_AUTH, /* ONOFFLINE */
+  PERMIT_AUTH, /* ADD_SOURCE */
+  PERMIT_OPEN, /* NTP_SOURCE_NAME */
+  PERMIT_AUTH, /* RESET */
 };
 
 /* ================================================== */
@@ -153,99 +150,46 @@ static void read_from_cmd_socket(int sock_fd, int event, void *anything);
 /* ================================================== */
 
 static int
-prepare_socket(int family, int port_number)
+open_socket(int family)
 {
-  int sock_fd;
-  socklen_t my_addr_len;
-  union sockaddr_all my_addr;
-  IPAddr bind_address;
-  int on_off = 1;
-
-  sock_fd = socket(family, SOCK_DGRAM, 0);
-  if (sock_fd < 0) {
-    LOG(LOGS_ERR, "Could not open %s command socket : %s",
-        UTI_SockaddrFamilyToString(family), strerror(errno));
-    return -1;
-  }
-
-  /* Close on exec */
-  UTI_FdSetCloexec(sock_fd);
-
-  if (family != AF_UNIX) {
-    /* Allow reuse of port number */
-    if (setsockopt(sock_fd, SOL_SOCKET, SO_REUSEADDR, (char *) &on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set reuseaddr socket options");
-      /* Don't quit - we might survive anyway */
-    }
-
-#ifdef IP_FREEBIND
-    /* Allow binding to address that doesn't exist yet */
-    if (setsockopt(sock_fd, IPPROTO_IP, IP_FREEBIND, (char *)&on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set free bind socket option");
-    }
-#endif
-
-#ifdef FEAT_IPV6
-    if (family == AF_INET6) {
-#ifdef IPV6_V6ONLY
-      /* Receive IPv6 packets only */
-      if (setsockopt(sock_fd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&on_off, sizeof(on_off)) < 0) {
-        LOG(LOGS_ERR, "Could not request IPV6_V6ONLY socket option");
-      }
-#endif
-    }
-#endif
-  }
-
-  memset(&my_addr, 0, sizeof (my_addr));
+  IPSockAddr local_addr;
+  const char *local_path;
+  int sock_fd, port;
 
   switch (family) {
-    case AF_INET:
-      my_addr_len = sizeof (my_addr.in4);
-      my_addr.in4.sin_family = family;
-      my_addr.in4.sin_port = htons((unsigned short)port_number);
+    case IPADDR_INET4:
+    case IPADDR_INET6:
+      port = CNF_GetCommandPort();
+      if (port == 0 || !SCK_IsFamilySupported(family))
+        return INVALID_SOCK_FD;
 
-      CNF_GetBindCommandAddress(IPADDR_INET4, &bind_address);
+      CNF_GetBindCommandAddress(family, &local_addr.ip_addr);
+      if (local_addr.ip_addr.family != family)
+        SCK_GetLoopbackIPAddress(family, &local_addr.ip_addr);
+      local_addr.port = port;
+
+      sock_fd = SCK_OpenUdpSocket(NULL, &local_addr, SCK_FLAG_RX_DEST_ADDR);
+      if (sock_fd < 0) {
+        LOG(LOGS_ERR, "Could not open command socket on %s",
+            UTI_IPSockAddrToString(&local_addr));
+        return INVALID_SOCK_FD;
+      }
 
-      if (bind_address.family == IPADDR_INET4)
-        my_addr.in4.sin_addr.s_addr = htonl(bind_address.addr.in4);
-      else
-        my_addr.in4.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
       break;
-#ifdef FEAT_IPV6
-    case AF_INET6:
-      my_addr_len = sizeof (my_addr.in6);
-      my_addr.in6.sin6_family = family;
-      my_addr.in6.sin6_port = htons((unsigned short)port_number);
+    case IPADDR_UNSPEC:
+      local_path = CNF_GetBindCommandPath();
 
-      CNF_GetBindCommandAddress(IPADDR_INET6, &bind_address);
+      sock_fd = SCK_OpenUnixDatagramSocket(NULL, local_path, 0);
+      if (sock_fd < 0) {
+        LOG(LOGS_ERR, "Could not open command socket on %s", local_path);
+        return INVALID_SOCK_FD;
+      }
 
-      if (bind_address.family == IPADDR_INET6)
-        memcpy(my_addr.in6.sin6_addr.s6_addr, bind_address.addr.in6,
-            sizeof (my_addr.in6.sin6_addr.s6_addr));
-      else
-        my_addr.in6.sin6_addr = in6addr_loopback;
-      break;
-#endif
-    case AF_UNIX:
-      my_addr_len = sizeof (my_addr.un);
-      my_addr.un.sun_family = family;
-      if (snprintf(my_addr.un.sun_path, sizeof (my_addr.un.sun_path), "%s",
-                   CNF_GetBindCommandPath()) >= sizeof (my_addr.un.sun_path))
-        LOG_FATAL("Unix socket path too long");
-      unlink(my_addr.un.sun_path);
       break;
     default:
       assert(0);
   }
 
-  if (bind(sock_fd, &my_addr.sa, my_addr_len) < 0) {
-    LOG(LOGS_ERR, "Could not bind %s command socket : %s",
-        UTI_SockaddrFamilyToString(family), strerror(errno));
-    close(sock_fd);
-    return -1;
-  }
-
   /* Register handler for read events on the socket */
   SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, read_from_cmd_socket, NULL);
 
@@ -278,7 +222,6 @@ do_size_checks(void)
   for (i = 1; i < N_REPLY_TYPES; i++) {
     reply.reply = htons(i);
     reply.status = STT_SUCCESS;
-    reply.data.manual_list.n_samples = htonl(MAX_MANUAL_LIST_SAMPLES);
     reply_length = PKL_ReplyLength(&reply);
     if ((reply_length && reply_length < offsetof(CMD_Reply, data)) ||
         reply_length > sizeof (CMD_Reply))
@@ -291,37 +234,22 @@ do_size_checks(void)
 void
 CAM_Initialise(int family)
 {
-  int port_number;
-
   assert(!initialised);
   assert(sizeof (permissions) / sizeof (permissions[0]) == N_REQUEST_TYPES);
   do_size_checks();
 
   initialised = 1;
-  sock_fdu = -1;
-  port_number = CNF_GetCommandPort();
+  sock_fdu = INVALID_SOCK_FD;
+  sock_fd4 = INVALID_SOCK_FD;
+  sock_fd6 = INVALID_SOCK_FD;
 
-  if (port_number && (family == IPADDR_UNSPEC || family == IPADDR_INET4))
-    sock_fd4 = prepare_socket(AF_INET, port_number);
-  else
-    sock_fd4 = -1;
-#ifdef FEAT_IPV6
-  if (port_number && (family == IPADDR_UNSPEC || family == IPADDR_INET6))
-    sock_fd6 = prepare_socket(AF_INET6, port_number);
-  else
-    sock_fd6 = -1;
-#endif
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET4)
+    sock_fd4 = open_socket(IPADDR_INET4);
 
-  if (port_number && sock_fd4 < 0
-#ifdef FEAT_IPV6
-      && sock_fd6 < 0
-#endif
-      ) {
-    LOG_FATAL("Could not open any command socket");
-  }
+  if (family == IPADDR_UNSPEC || family == IPADDR_INET6)
+    sock_fd6 = open_socket(IPADDR_INET6);
 
   access_auth_table = ADF_CreateTable();
-
 }
 
 /* ================================================== */
@@ -329,24 +257,24 @@ CAM_Initialise(int family)
 void
 CAM_Finalise(void)
 {
-  if (sock_fdu >= 0) {
+  if (sock_fdu != INVALID_SOCK_FD) {
     SCH_RemoveFileHandler(sock_fdu);
-    close(sock_fdu);
-    unlink(CNF_GetBindCommandPath());
+    SCK_RemoveSocket(sock_fdu);
+    SCK_CloseSocket(sock_fdu);
+    sock_fdu = INVALID_SOCK_FD;
   }
-  sock_fdu = -1;
-  if (sock_fd4 >= 0) {
+
+  if (sock_fd4 != INVALID_SOCK_FD) {
     SCH_RemoveFileHandler(sock_fd4);
-    close(sock_fd4);
+    SCK_CloseSocket(sock_fd4);
+    sock_fd4 = INVALID_SOCK_FD;
   }
-  sock_fd4 = -1;
-#ifdef FEAT_IPV6
-  if (sock_fd6 >= 0) {
+
+  if (sock_fd6 != INVALID_SOCK_FD) {
     SCH_RemoveFileHandler(sock_fd6);
-    close(sock_fd6);
+    SCK_CloseSocket(sock_fd6);
+    sock_fd6 = INVALID_SOCK_FD;
   }
-  sock_fd6 = -1;
-#endif
 
   ADF_DestroyTable(access_auth_table);
 
@@ -361,50 +289,18 @@ CAM_OpenUnixSocket(void)
   /* This is separated from CAM_Initialise() as it needs to be called when
      the process has already dropped the root privileges */
   if (CNF_GetBindCommandPath()[0])
-    sock_fdu = prepare_socket(AF_UNIX, 0);
+    sock_fdu = open_socket(IPADDR_UNSPEC);
 }
 
 /* ================================================== */
 
 static void
-transmit_reply(CMD_Reply *msg, union sockaddr_all *where_to)
+transmit_reply(int sock_fd, SCK_Message *message)
 {
-  int status;
-  int tx_message_length;
-  int sock_fd;
-  socklen_t addrlen;
+  message->length = PKL_ReplyLength((CMD_Reply *)message->data);
 
-  switch (where_to->sa.sa_family) {
-    case AF_INET:
-      sock_fd = sock_fd4;
-      addrlen = sizeof (where_to->in4);
-      break;
-#ifdef FEAT_IPV6
-    case AF_INET6:
-      sock_fd = sock_fd6;
-      addrlen = sizeof (where_to->in6);
-      break;
-#endif
-    case AF_UNIX:
-      sock_fd = sock_fdu;
-      addrlen = sizeof (where_to->un);
-      break;
-    default:
-      assert(0);
-  }
-
-  tx_message_length = PKL_ReplyLength(msg);
-  status = sendto(sock_fd, (void *) msg, tx_message_length, 0,
-                  &where_to->sa, addrlen);
-
-  if (status < 0) {
-    DEBUG_LOG("Could not send to %s fd %d : %s",
-              UTI_SockaddrToString(&where_to->sa), sock_fd, strerror(errno));
+  if (!SCK_SendMessage(sock_fd, message, 0))
     return;
-  }
-
-  DEBUG_LOG("Sent %d bytes to %s fd %d", status,
-            UTI_SockaddrToString(&where_to->sa), sock_fd);
 }
   
 /* ================================================== */
@@ -424,7 +320,7 @@ handle_online(CMD_Request *rx_message, CMD_Reply *tx_message)
 
   UTI_IPNetworkToHost(&rx_message->data.online.mask, &mask);
   UTI_IPNetworkToHost(&rx_message->data.online.address, &address);
-  if (!NSR_TakeSourcesOnline(&mask, &address))
+  if (!NSR_SetConnectivity(&mask, &address, SRC_ONLINE))
     tx_message->status = htons(STT_NOSUCHSOURCE);
 }
 
@@ -437,12 +333,24 @@ handle_offline(CMD_Request *rx_message, CMD_Reply *tx_message)
 
   UTI_IPNetworkToHost(&rx_message->data.offline.mask, &mask);
   UTI_IPNetworkToHost(&rx_message->data.offline.address, &address);
-  if (!NSR_TakeSourcesOffline(&mask, &address))
+  if (!NSR_SetConnectivity(&mask, &address, SRC_OFFLINE))
     tx_message->status = htons(STT_NOSUCHSOURCE);
 }
 
 /* ================================================== */
 
+static void
+handle_onoffline(CMD_Request *rx_message, CMD_Reply *tx_message)
+{
+  IPAddr address, mask;
+
+  address.family = mask.family = IPADDR_UNSPEC;
+  if (!NSR_SetConnectivity(&mask, &address, SRC_MAYBE_ONLINE))
+    ;
+}
+
+/* ================================================== */
+
 static void
 handle_burst(CMD_Request *rx_message, CMD_Reply *tx_message)
 {
@@ -770,14 +678,41 @@ handle_cmdaccheck(CMD_Request *rx_message, CMD_Reply *tx_message)
 /* ================================================== */
 
 static void
-handle_add_source(NTP_Source_Type type, CMD_Request *rx_message, CMD_Reply *tx_message)
+handle_add_source(CMD_Request *rx_message, CMD_Reply *tx_message)
 {
-  NTP_Remote_Address rem_addr;
+  NTP_Source_Type type;
   SourceParameters params;
   NSR_Status status;
+  char *name;
+  int pool, port;
   
-  UTI_IPNetworkToHost(&rx_message->data.ntp_source.ip_addr, &rem_addr.ip_addr);
-  rem_addr.port = (unsigned short)(ntohl(rx_message->data.ntp_source.port));
+  switch (ntohl(rx_message->data.ntp_source.type)) {
+    case REQ_ADDSRC_SERVER:
+      type = NTP_SERVER;
+      pool = 0;
+      break;
+    case REQ_ADDSRC_PEER:
+      type = NTP_PEER;
+      pool = 0;
+      break;
+    case REQ_ADDSRC_POOL:
+      type = NTP_SERVER;
+      pool = 1;
+      break;
+    default:
+      tx_message->status = htons(STT_INVALID);
+      return;
+  }
+
+  name = (char *)rx_message->data.ntp_source.name;
+
+  /* Make sure the name is terminated */
+  if (name[sizeof (rx_message->data.ntp_source.name) - 1] != '\0') {
+      tx_message->status = htons(STT_INVALIDNAME);
+      return;
+  }
+
+  port = (unsigned short)(ntohl(rx_message->data.ntp_source.port));
   params.minpoll = ntohl(rx_message->data.ntp_source.minpoll);
   params.maxpoll = ntohl(rx_message->data.ntp_source.maxpoll);
   params.presend_minpoll = ntohl(rx_message->data.ntp_source.presend_minpoll);
@@ -787,7 +722,9 @@ handle_add_source(NTP_Source_Type type, CMD_Request *rx_message, CMD_Reply *tx_m
   params.max_sources = ntohl(rx_message->data.ntp_source.max_sources);
   params.min_samples = ntohl(rx_message->data.ntp_source.min_samples);
   params.max_samples = ntohl(rx_message->data.ntp_source.max_samples);
+  params.filter_length = ntohl(rx_message->data.ntp_source.filter_length);
   params.authkey = ntohl(rx_message->data.ntp_source.authkey);
+  params.nts_port = ntohl(rx_message->data.ntp_source.nts_port);
   params.max_delay = UTI_FloatNetworkToHost(rx_message->data.ntp_source.max_delay);
   params.max_delay_ratio =
     UTI_FloatNetworkToHost(rx_message->data.ntp_source.max_delay_ratio);
@@ -797,29 +734,37 @@ handle_add_source(NTP_Source_Type type, CMD_Request *rx_message, CMD_Reply *tx_m
   params.asymmetry = UTI_FloatNetworkToHost(rx_message->data.ntp_source.asymmetry);
   params.offset = UTI_FloatNetworkToHost(rx_message->data.ntp_source.offset);
 
-  params.online  = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_ONLINE ? 1 : 0;
+  params.connectivity = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_ONLINE ?
+                        SRC_ONLINE : SRC_OFFLINE;
   params.auto_offline = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_AUTOOFFLINE ? 1 : 0;
   params.iburst = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_IBURST ? 1 : 0;
   params.interleaved = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_INTERLEAVED ? 1 : 0;
+  params.burst = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_BURST ? 1 : 0;
+  params.nts = ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_NTS ? 1 : 0;
   params.sel_options =
     (ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_PREFER ? SRC_SELECT_PREFER : 0) |
     (ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_NOSELECT ? SRC_SELECT_NOSELECT : 0) |
     (ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_TRUST ? SRC_SELECT_TRUST : 0) |
     (ntohl(rx_message->data.ntp_source.flags) & REQ_ADDSRC_REQUIRE ? SRC_SELECT_REQUIRE : 0);
 
-  status = NSR_AddSource(&rem_addr, type, &params);
+  status = NSR_AddSourceByName(name, port, pool, type, &params);
   switch (status) {
     case NSR_Success:
       break;
+    case NSR_UnresolvedName:
+      /* Try to resolve the name now */
+      NSR_ResolveSources();
+      break;
     case NSR_AlreadyInUse:
       tx_message->status = htons(STT_SOURCEALREADYKNOWN);
       break;
     case NSR_TooManySources:
       tx_message->status = htons(STT_TOOMANYSOURCES);
       break;
-    case NSR_InvalidAF:
-      tx_message->status = htons(STT_INVALIDAF);
+    case NSR_InvalidName:
+      tx_message->status = htons(STT_INVALIDNAME);
       break;
+    case NSR_InvalidAF:
     case NSR_NoSuchSource:
       assert(0);
       break;
@@ -847,6 +792,8 @@ handle_del_source(CMD_Request *rx_message, CMD_Reply *tx_message)
     case NSR_TooManySources:
     case NSR_AlreadyInUse:
     case NSR_InvalidAF:
+    case NSR_InvalidName:
+    case NSR_UnresolvedName:
       assert(0);
       break;
   }
@@ -1068,9 +1015,6 @@ handle_client_accesses_by_index(CMD_Request *rx_message, CMD_Reply *tx_message)
   tx_message->reply = htons(RPY_CLIENT_ACCESSES_BY_INDEX2);
   tx_message->data.client_accesses_by_index.n_indices = htonl(n_indices);
 
-  memset(tx_message->data.client_accesses_by_index.clients, 0,
-         sizeof (tx_message->data.client_accesses_by_index.clients));
-
   for (i = req_first_index, j = 0; i < (uint32_t)n_indices && j < req_n_clients; i++) {
     if (!CLG_GetClientAccessReportByIndex(i, &report, &now))
       continue;
@@ -1103,10 +1047,11 @@ handle_manual_list(CMD_Request *rx_message, CMD_Reply *tx_message)
   RPY_ManualListSample *sample;
   RPT_ManualSamplesReport report[MAX_MANUAL_LIST_SAMPLES];
 
-  tx_message->reply = htons(RPY_MANUAL_LIST);
+  tx_message->reply = htons(RPY_MANUAL_LIST2);
   
   MNL_ReportSamples(report, MAX_MANUAL_LIST_SAMPLES, &n_samples);
   tx_message->data.manual_list.n_samples = htonl(n_samples);
+
   for (i=0; i<n_samples; i++) {
     sample = &tx_message->data.manual_list.samples[i];
     UTI_TimespecHostToNetwork(&report[i].when, &sample->when);
@@ -1238,142 +1183,123 @@ handle_ntp_data(CMD_Request *rx_message, CMD_Reply *tx_message)
   memset(tx_message->data.ntp_data.reserved, 0xff, sizeof (tx_message->data.ntp_data.reserved));
 }
 
+/* ================================================== */
+
+static void
+handle_shutdown(CMD_Request *rx_message, CMD_Reply *tx_message)
+{
+  LOG(LOGS_INFO, "Received shutdown command");
+  SCH_QuitProgram();
+}
+
+/* ================================================== */
+
+static void
+handle_ntp_source_name(CMD_Request *rx_message, CMD_Reply *tx_message)
+{
+  IPAddr addr;
+  char *name;
+
+  UTI_IPNetworkToHost(&rx_message->data.ntp_data.ip_addr, &addr);
+  name = NSR_GetName(&addr);
+
+  if (!name) {
+    tx_message->status = htons(STT_NOSUCHSOURCE);
+    return;
+  }
+
+  tx_message->reply = htons(RPY_NTP_SOURCE_NAME);
+
+  /* Avoid compiler warning */
+  if (strlen(name) >= sizeof (tx_message->data.ntp_source_name.name))
+    memcpy(tx_message->data.ntp_source_name.name, name,
+           sizeof (tx_message->data.ntp_source_name.name));
+  else
+    strncpy((char *)tx_message->data.ntp_source_name.name, name,
+            sizeof (tx_message->data.ntp_source_name.name));
+}
+
+/* ================================================== */
+
+static void
+handle_reset(CMD_Request *rx_message, CMD_Reply *tx_message)
+{
+  struct timespec cooked_now, now;
+
+  SRC_ResetSources();
+  SCH_GetLastEventTime(&cooked_now, NULL, &now);
+  LCL_NotifyExternalTimeStep(&now, &cooked_now, 0.0, 0.0);
+}
+
 /* ================================================== */
 /* Read a packet and process it */
 
 static void
 read_from_cmd_socket(int sock_fd, int event, void *anything)
 {
+  SCK_Message sck_message;
   CMD_Request rx_message;
   CMD_Reply tx_message;
-  int status, read_length, expected_length, rx_message_length;
+  IPAddr loopback_addr, remote_ip;
+  int read_length, expected_length;
   int localhost, allowed, log_index;
-  union sockaddr_all where_from;
-  socklen_t from_length;
-  IPAddr remote_ip;
-  unsigned short remote_port, rx_command;
+  unsigned short rx_command;
   struct timespec now, cooked_now;
 
-  rx_message_length = sizeof(rx_message);
-  from_length = sizeof(where_from);
-
-  status = recvfrom(sock_fd, (char *)&rx_message, rx_message_length, 0,
-                    &where_from.sa, &from_length);
-
-  if (status < 0) {
-    LOG(LOGS_WARN, "Error [%s] reading from control socket %d",
-        strerror(errno), sock_fd);
+  if (!SCK_ReceiveMessage(sock_fd, &sck_message, 0))
     return;
-  }
 
-  if (from_length > sizeof (where_from) ||
-      from_length <= sizeof (where_from.sa.sa_family)) {
-    DEBUG_LOG("Read command packet without source address");
-    return;
-  }
-
-  read_length = status;
+  read_length = sck_message.length;
 
   /* Get current time cheaply */
   SCH_GetLastEventTime(&cooked_now, NULL, &now);
 
-  UTI_SockaddrToIPAndPort(&where_from.sa, &remote_ip, &remote_port);
+  /* Check if it's from localhost (127.0.0.1, ::1, or Unix domain),
+     or an authorised address */
+  switch (sck_message.addr_type) {
+    case SCK_ADDR_IP:
+      assert(sock_fd == sock_fd4 || sock_fd == sock_fd6);
+      remote_ip = sck_message.remote_addr.ip.ip_addr;
+      SCK_GetLoopbackIPAddress(remote_ip.family, &loopback_addr);
+      localhost = UTI_CompareIPs(&remote_ip, &loopback_addr, NULL) == 0;
 
-  /* Check if it's from localhost (127.0.0.1, ::1, or Unix domain) */
-  switch (remote_ip.family) {
-    case IPADDR_INET4:
-      assert(sock_fd == sock_fd4);
-      localhost = remote_ip.addr.in4 == INADDR_LOOPBACK;
-      break;
-#ifdef FEAT_IPV6
-    case IPADDR_INET6:
-      assert(sock_fd == sock_fd6);
-      localhost = !memcmp(remote_ip.addr.in6, &in6addr_loopback,
-                          sizeof (in6addr_loopback));
-      break;
-#endif
-    case IPADDR_UNSPEC:
-      /* This should be the Unix domain socket */
-      if (where_from.sa.sa_family != AF_UNIX)
+      if (!localhost && !ADF_IsAllowed(access_auth_table, &remote_ip)) {
+        DEBUG_LOG("Unauthorised host %s",
+                  UTI_IPSockAddrToString(&sck_message.remote_addr.ip));
         return;
+      }
+
+      assert(remote_ip.family != IPADDR_UNSPEC);
+
+      break;
+    case SCK_ADDR_UNIX:
       assert(sock_fd == sock_fdu);
+      remote_ip.family = IPADDR_UNSPEC;
       localhost = 1;
       break;
     default:
-      assert(0);
-  }
-
-  DEBUG_LOG("Received %d bytes from %s fd %d",
-            status, UTI_SockaddrToString(&where_from.sa), sock_fd);
-
-  if (!(localhost || ADF_IsAllowed(access_auth_table, &remote_ip))) {
-    /* The client is not allowed access, so don't waste any more time
-       on him.  Note that localhost is always allowed access
-       regardless of the defined access rules - otherwise, we could
-       shut ourselves out completely! */
-    return;
+      DEBUG_LOG("Unexpected address type");
+      return;
   }
 
   if (read_length < offsetof(CMD_Request, data) ||
       read_length < offsetof(CMD_Reply, data) ||
-      rx_message.pkt_type != PKT_TYPE_CMD_REQUEST ||
-      rx_message.res1 != 0 ||
-      rx_message.res2 != 0) {
-
+      read_length > sizeof (CMD_Request)) {
     /* We don't know how to process anything like this or an error reply
        would be larger than the request */
+    DEBUG_LOG("Unexpected length");
+    return;
+  }
+
+  memcpy(&rx_message, sck_message.data, read_length);
+
+  if (rx_message.pkt_type != PKT_TYPE_CMD_REQUEST ||
+      rx_message.res1 != 0 ||
+      rx_message.res2 != 0) {
     DEBUG_LOG("Command packet dropped");
     return;
   }
 
-  expected_length = PKL_CommandLength(&rx_message);
-  rx_command = ntohs(rx_message.command);
-
-  tx_message.version = PROTO_VERSION_NUMBER;
-  tx_message.pkt_type = PKT_TYPE_CMD_REPLY;
-  tx_message.res1 = 0;
-  tx_message.res2 = 0;
-  tx_message.command = rx_message.command;
-  tx_message.reply = htons(RPY_NULL);
-  tx_message.status = htons(STT_SUCCESS);
-  tx_message.pad1 = 0;
-  tx_message.pad2 = 0;
-  tx_message.pad3 = 0;
-  tx_message.sequence = rx_message.sequence;
-  tx_message.pad4 = 0;
-  tx_message.pad5 = 0;
-
-  if (rx_message.version != PROTO_VERSION_NUMBER) {
-    DEBUG_LOG("Command packet has invalid version (%d != %d)",
-              rx_message.version, PROTO_VERSION_NUMBER);
-
-    if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT_SERVER) {
-      tx_message.status = htons(STT_BADPKTVERSION);
-      transmit_reply(&tx_message, &where_from);
-    }
-    return;
-  }
-
-  if (rx_command >= N_REQUEST_TYPES ||
-      expected_length < (int)offsetof(CMD_Request, data)) {
-    DEBUG_LOG("Command packet has invalid command %d", rx_command);
-
-    tx_message.status = htons(STT_INVALID);
-    transmit_reply(&tx_message, &where_from);
-    return;
-  }
-
-  if (read_length < expected_length) {
-    DEBUG_LOG("Command packet is too short (%d < %d)", read_length,
-              expected_length);
-
-    tx_message.status = htons(STT_BADPKTLENGTH);
-    transmit_reply(&tx_message, &where_from);
-    return;
-  }
-
-  /* OK, we have a valid message.  Now dispatch on message type and process it. */
-
   log_index = CLG_LogCommandAccess(&remote_ip, &cooked_now);
 
   /* Don't reply to all requests from hosts other than localhost if the rate
@@ -1383,6 +1309,51 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
       return;
   }
 
+  expected_length = PKL_CommandLength(&rx_message);
+  rx_command = ntohs(rx_message.command);
+
+  memset(&tx_message, 0, sizeof (tx_message));
+  sck_message.data = &tx_message;
+  sck_message.length = 0;
+
+  tx_message.version = PROTO_VERSION_NUMBER;
+  tx_message.pkt_type = PKT_TYPE_CMD_REPLY;
+  tx_message.command = rx_message.command;
+  tx_message.reply = htons(RPY_NULL);
+  tx_message.status = htons(STT_SUCCESS);
+  tx_message.sequence = rx_message.sequence;
+
+  if (rx_message.version != PROTO_VERSION_NUMBER) {
+    DEBUG_LOG("Command packet has invalid version (%d != %d)",
+              rx_message.version, PROTO_VERSION_NUMBER);
+
+    if (rx_message.version >= PROTO_VERSION_MISMATCH_COMPAT_SERVER) {
+      tx_message.status = htons(STT_BADPKTVERSION);
+      transmit_reply(sock_fd, &sck_message);
+    }
+    return;
+  }
+
+  if (rx_command >= N_REQUEST_TYPES ||
+      expected_length < (int)offsetof(CMD_Request, data)) {
+    DEBUG_LOG("Command packet has invalid command %d", rx_command);
+
+    tx_message.status = htons(STT_INVALID);
+    transmit_reply(sock_fd, &sck_message);
+    return;
+  }
+
+  if (read_length < expected_length) {
+    DEBUG_LOG("Command packet is too short (%d < %d)", read_length,
+              expected_length);
+
+    tx_message.status = htons(STT_BADPKTLENGTH);
+    transmit_reply(sock_fd, &sck_message);
+    return;
+  }
+
+  /* OK, we have a valid message.  Now dispatch on message type and process it. */
+
   if (rx_command >= N_REQUEST_TYPES) {
     /* This should be already handled */
     assert(0);
@@ -1390,7 +1361,7 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
     /* Check level of authority required to issue the command.  All commands
        from the Unix domain socket (which is accessible only by the root and
        chrony user/group) are allowed. */
-    if (where_from.sa.sa_family == AF_UNIX) {
+    if (remote_ip.family == IPADDR_UNSPEC) {
       assert(sock_fd == sock_fdu);
       allowed = 1;
     } else {
@@ -1529,12 +1500,8 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
           handle_cmdaccheck(&rx_message, &tx_message);
           break;
 
-        case REQ_ADD_SERVER3:
-          handle_add_source(NTP_SERVER, &rx_message, &tx_message);
-          break;
-
-        case REQ_ADD_PEER3:
-          handle_add_source(NTP_PEER, &rx_message, &tx_message);
+        case REQ_ADD_SOURCE:
+          handle_add_source(&rx_message, &tx_message);
           break;
 
         case REQ_DEL_SOURCE:
@@ -1629,6 +1596,22 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
           handle_ntp_data(&rx_message, &tx_message);
           break;
 
+        case REQ_SHUTDOWN:
+          handle_shutdown(&rx_message, &tx_message);
+          break;
+
+        case REQ_ONOFFLINE:
+          handle_onoffline(&rx_message, &tx_message);
+          break;
+
+        case REQ_NTP_SOURCE_NAME:
+          handle_ntp_source_name(&rx_message, &tx_message);
+          break;
+
+        case REQ_RESET:
+          handle_reset(&rx_message, &tx_message);
+          break;
+
         default:
           DEBUG_LOG("Unhandled command %d", rx_command);
           tx_message.status = htons(STT_FAILED);
@@ -1646,7 +1629,7 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
     static int do_it=1;
 
     if (do_it) {
-      transmit_reply(&tx_message, &where_from);
+      transmit_reply(sock_fd, &sck_message);
     }
 
 #if 0

cmdparse.c

@@ -48,9 +48,10 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
   src->port = SRC_DEFAULT_PORT;
   src->params.minpoll = SRC_DEFAULT_MINPOLL;
   src->params.maxpoll = SRC_DEFAULT_MAXPOLL;
-  src->params.online = 1;
+  src->params.connectivity = SRC_ONLINE;
   src->params.auto_offline = 0;
   src->params.presend_minpoll = SRC_DEFAULT_PRESEND_MINPOLL;
+  src->params.burst = 0;
   src->params.iburst = 0;
   src->params.min_stratum = SRC_DEFAULT_MINSTRATUM;
   src->params.poll_target = SRC_DEFAULT_POLLTARGET;
@@ -58,8 +59,11 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
   src->params.max_sources = SRC_DEFAULT_MAXSOURCES;
   src->params.min_samples = SRC_DEFAULT_MINSAMPLES;
   src->params.max_samples = SRC_DEFAULT_MAXSAMPLES;
+  src->params.filter_length = 0;
   src->params.interleaved = 0;
   src->params.sel_options = 0;
+  src->params.nts = 0;
+  src->params.nts_port = SRC_DEFAULT_NTSPORT;
   src->params.authkey = INACTIVE_AUTHKEY;
   src->params.max_delay = SRC_DEFAULT_MAXDELAY;
   src->params.max_delay_ratio = SRC_DEFAULT_MAXDELAYRATIO;
@@ -84,10 +88,12 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
 
     if (!strcasecmp(cmd, "auto_offline")) {
       src->params.auto_offline = 1;
+    } else if (!strcasecmp(cmd, "burst")) {
+      src->params.burst = 1;
     } else if (!strcasecmp(cmd, "iburst")) {
       src->params.iburst = 1;
     } else if (!strcasecmp(cmd, "offline")) {
-      src->params.online = 0;
+      src->params.connectivity = SRC_OFFLINE;
     } else if (!strcasecmp(cmd, "noselect")) {
       src->params.sel_options |= SRC_SELECT_NOSELECT;
     } else if (!strcasecmp(cmd, "prefer")) {
@@ -103,6 +109,9 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
     } else if (!strcasecmp(cmd, "asymmetry")) {
       if (sscanf(line, "%lf%n", &src->params.asymmetry, &n) != 1)
         return 0;
+    } else if (!strcasecmp(cmd, "filter")) {
+      if (sscanf(line, "%d%n", &src->params.filter_length, &n) != 1)
+        return 0;
     } else if (!strcasecmp(cmd, "maxdelay")) {
       if (sscanf(line, "%lf%n", &src->params.max_delay, &n) != 1)
         return 0;
@@ -133,6 +142,11 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src)
     } else if (!strcasecmp(cmd, "minstratum")) {
       if (sscanf(line, "%d%n", &src->params.min_stratum, &n) != 1)
         return 0;
+    } else if (!strcasecmp(cmd, "nts")) {
+      src->params.nts = 1;
+    } else if (!strcasecmp(cmd, "ntsport")) {
+      if (sscanf(line, "%d%n", &src->params.nts_port, &n) != 1)
+        return 0;
     } else if (!strcasecmp(cmd, "offset")) {
       if (sscanf(line, "%lf%n", &src->params.offset, &n) != 1)
         return 0;
@@ -254,7 +268,7 @@ CPS_SplitWord(char *line)
 /* ================================================== */
 
 int
-CPS_ParseKey(char *line, uint32_t *id, const char **hash, char **key)
+CPS_ParseKey(char *line, uint32_t *id, const char **type, char **key)
 {
   char *s1, *s2, *s3, *s4;
 
@@ -271,10 +285,10 @@ CPS_ParseKey(char *line, uint32_t *id, const char **hash, char **key)
     return 0;
 
   if (*s3) {
-    *hash = s2;
+    *type = s2;
     *key = s3;
   } else {
-    *hash = "MD5";
+    *type = "MD5";
     *key = s2;
   }
 

cmdparse.h

@@ -49,6 +49,6 @@ extern void CPS_NormalizeLine(char *line);
 extern char *CPS_SplitWord(char *line);
 
 /* Parse a key from keyfile */
-extern int CPS_ParseKey(char *line, uint32_t *id, const char **hash, char **key);
+extern int CPS_ParseKey(char *line, uint32_t *id, const char **type, char **key);
 
 #endif /* GOT_CMDPARSE_H */

conf.c

@@ -223,6 +223,20 @@ static char *leapsec_tz = NULL;
 /* Name of the user to which will be dropped root privileges. */
 static char *user;
 
+/* NTS cache dir, certificates, private key, and port */
+static char *nts_cachedir = NULL;
+static char *nts_server_cert_file = NULL;
+static char *nts_server_key_file = NULL;
+static int nts_server_port = 11443;
+static int nts_server_processes = 1;
+static int nts_server_connections = 100;
+static int nts_refresh = 2419200; /* 4 weeks */
+static int nts_rotate = 604800; /* 1 week */
+static char *nts_trusted_cert_file = NULL;
+
+/* Flag disabling use of system trusted certificates */
+static int no_system_cert = 0;
+
 /* Array of CNF_HwTsInterface */
 static ARR_Instance hwts_interfaces;
 
@@ -390,6 +404,10 @@ CNF_Finalise(void)
   Free(mail_user_on_change);
   Free(tempcomp_sensor_file);
   Free(tempcomp_point_file);
+  Free(nts_cachedir);
+  Free(nts_server_cert_file);
+  Free(nts_server_key_file);
+  Free(nts_trusted_cert_file);
 }
 
 /* ================================================== */
@@ -402,14 +420,7 @@ CNF_ReadFile(const char *filename)
   char line[2048];
   int i;
 
-  in = fopen(filename, "r");
-  if (!in) {
-    LOG_FATAL("Could not open configuration file %s : %s",
-              filename, strerror(errno));
-    return;
-  }
-
-  DEBUG_LOG("Reading %s", filename);
+  in = UTI_OpenFile(NULL, filename, NULL, 'R', 0);
 
   for (i = 1; fgets(line, sizeof(line), in); i++) {
     CNF_ParseLine(filename, i, line);
@@ -520,6 +531,8 @@ CNF_ParseLine(const char *filename, int number, char *line)
     parse_double(p, &max_drift);
   } else if (!strcasecmp(command, "maxjitter")) {
     parse_double(p, &max_jitter);
+  } else if (!strcasecmp(command, "maxntsconnections")) {
+    parse_int(p, &nts_server_connections);
   } else if (!strcasecmp(command, "maxsamples")) {
     parse_int(p, &max_samples);
   } else if (!strcasecmp(command, "maxslewrate")) {
@@ -532,8 +545,26 @@ CNF_ParseLine(const char *filename, int number, char *line)
     parse_int(p, &min_sources);
   } else if (!strcasecmp(command, "noclientlog")) {
     no_client_log = parse_null(p);
+  } else if (!strcasecmp(command, "nosystemcert")) {
+    no_system_cert = parse_null(p);
   } else if (!strcasecmp(command, "ntpsigndsocket")) {
     parse_string(p, &ntp_signd_socket);
+  } else if (!strcasecmp(command, "ntstrustedcerts")) {
+    parse_string(p, &nts_trusted_cert_file);
+  } else if (!strcasecmp(command, "ntscachedir")) {
+    parse_string(p, &nts_cachedir);
+  } else if (!strcasecmp(command, "ntsport")) {
+    parse_int(p, &nts_server_port);
+  } else if (!strcasecmp(command, "ntsprocesses")) {
+    parse_int(p, &nts_server_processes);
+  } else if (!strcasecmp(command, "ntsrefresh")) {
+    parse_int(p, &nts_refresh);
+  } else if (!strcasecmp(command, "ntsrotate")) {
+    parse_int(p, &nts_rotate);
+  } else if (!strcasecmp(command, "ntsservercert")) {
+    parse_string(p, &nts_server_cert_file);
+  } else if (!strcasecmp(command, "ntsserverkey")) {
+    parse_string(p, &nts_server_key_file);
   } else if (!strcasecmp(command, "peer")) {
     parse_source(p, NTP_PEER, 0);
   } else if (!strcasecmp(command, "pidfile")) {
@@ -681,7 +712,7 @@ static void
 parse_refclock(char *line)
 {
   int n, poll, dpoll, filter_length, pps_rate, min_samples, max_samples, sel_options;
-  int max_lock_age, pps_forced;
+  int max_lock_age, pps_forced, stratum, tai;
   uint32_t ref_id, lock_ref_id;
   double offset, delay, precision, max_dispersion, pulse_width;
   char *p, *cmd, *name, *param;
@@ -704,6 +735,8 @@ parse_refclock(char *line)
   ref_id = 0;
   max_lock_age = 2;
   lock_ref_id = 0;
+  stratum = 0;
+  tai = 0;
 
   if (!*line) {
     command_parse_error();
@@ -774,6 +807,13 @@ parse_refclock(char *line)
     } else if (!strcasecmp(cmd, "maxdispersion")) {
       if (sscanf(line, "%lf%n", &max_dispersion, &n) != 1)
         break;
+    } else if (!strcasecmp(cmd, "stratum")) {
+      if (sscanf(line, "%d%n", &stratum, &n) != 1 ||
+          stratum >= NTP_MAX_STRATUM || stratum < 0)
+        break;
+    } else if (!strcasecmp(cmd, "tai")) {
+      n = 0;
+      tai = 1;
     } else if (!strcasecmp(cmd, "width")) {
       if (sscanf(line, "%lf%n", &pulse_width, &n) != 1)
         break;
@@ -811,6 +851,8 @@ parse_refclock(char *line)
   refclock->min_samples = min_samples;
   refclock->max_samples = max_samples;
   refclock->sel_options = sel_options;
+  refclock->stratum = stratum;
+  refclock->tai = tai;
   refclock->offset = offset;
   refclock->delay = delay;
   refclock->precision = precision;
@@ -1280,6 +1322,8 @@ parse_hwtimestamp(char *line)
   iface = ARR_GetNewElement(hwts_interfaces);
   iface->name = Strdup(p);
   iface->minpoll = 0;
+  iface->min_samples = 2;
+  iface->max_samples = 16;
   iface->nocrossts = 0;
   iface->rxfilter = CNF_HWTS_RXFILTER_ANY;
   iface->precision = 100.0e-9;
@@ -1289,9 +1333,15 @@ parse_hwtimestamp(char *line)
   for (p = line; *p; line += n, p = line) {
     line = CPS_SplitWord(line);
 
-    if (!strcasecmp(p, "minpoll")) {
+    if (!strcasecmp(p, "maxsamples")) {
+      if (sscanf(line, "%d%n", &iface->max_samples, &n) != 1)
+        break;
+    } else if (!strcasecmp(p, "minpoll")) {
       if (sscanf(line, "%d%n", &iface->minpoll, &n) != 1)
         break;
+    } else if (!strcasecmp(p, "minsamples")) {
+      if (sscanf(line, "%d%n", &iface->min_samples, &n) != 1)
+        break;
     } else if (!strcasecmp(p, "precision")) {
       if (sscanf(line, "%lf%n", &iface->precision, &n) != 1)
         break;
@@ -1400,7 +1450,7 @@ CNF_AddInitSources(void)
     ntp_addr.ip_addr = *(IPAddr *)ARR_GetElement(init_sources, i);
     ntp_addr.port = cps_source.port;
     cps_source.params.iburst = 1;
-    cps_source.params.online = 0;
+    cps_source.params.connectivity = SRC_OFFLINE;
 
     NSR_AddSource(&ntp_addr, NTP_SERVER, &cps_source.params);
   }
@@ -2015,3 +2065,83 @@ CNF_GetHwTsInterface(unsigned int index, CNF_HwTsInterface **iface)
   *iface = (CNF_HwTsInterface *)ARR_GetElement(hwts_interfaces, index);
   return 1;
 }
+
+/* ================================================== */
+
+char *
+CNF_GetNtsCacheDir(void)
+{
+  return nts_cachedir;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtsServerCertFile(void)
+{
+  return nts_server_cert_file;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtsServerKeyFile(void)
+{
+  return nts_server_key_file;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerPort(void)
+{
+  return nts_server_port;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerProcesses(void)
+{
+  return nts_server_processes;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerConnections(void)
+{
+  return nts_server_connections;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsRefresh(void)
+{
+  return nts_refresh;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsRotate(void)
+{
+  return nts_rotate;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtsTrustedCertFile(void)
+{
+  return nts_trusted_cert_file;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNoSystemCert(void)
+{
+  return no_system_cert;
+}

conf.h

@@ -128,6 +128,8 @@ typedef enum {
 typedef struct {
   char *name;
   int minpoll;
+  int min_samples;
+  int max_samples;
   int nocrossts;
   CNF_HwTs_RxFilter rxfilter;
   double precision;
@@ -137,4 +139,15 @@ typedef struct {
 
 extern int CNF_GetHwTsInterface(unsigned int index, CNF_HwTsInterface **iface);
 
+extern char *CNF_GetNtsCacheDir(void);
+extern char *CNF_GetNtsServerCertFile(void);
+extern char *CNF_GetNtsServerKeyFile(void);
+extern int CNF_GetNtsServerPort(void);
+extern int CNF_GetNtsServerProcesses(void);
+extern int CNF_GetNtsServerConnections(void);
+extern int CNF_GetNtsRefresh(void);
+extern int CNF_GetNtsRotate(void);
+extern char *CNF_GetNtsTrustedCertFile(void);
+extern int CNF_GetNoSystemCert(void);
+
 #endif /* GOT_CONF_H */

configure

@@ -5,7 +5,8 @@
 #
 # Copyright (C) Richard P. Curnow  1997-2003
 # Copyright (C) Bryan Christianson  2016
-# Copyright (C) Miroslav Lichvar  2009, 2012-2016
+# Copyright (C) Miroslav Lichvar  2009, 2012-2018
+# Copyright (C) Stefan R. Filipek  2019
 #
 # =======================================================================
 
@@ -54,6 +55,34 @@ test_code () {
   return $result
 }
 #}}}
+#{{{ test_executable
+test_executable () {
+  name=$1
+  executable=$2
+  options=$3
+
+  printf "%s" "Checking for $name : "
+
+  echo $executable $options >> config.log
+  $executable $options >> config.log 2>&1
+
+  if [ $? -eq 0 ]
+  then
+    echo "Yes"
+    result=0
+  else
+    echo "No"
+    result=1
+  fi
+  echo >> config.log
+  return $result
+}
+#}}}
+#{{{ pkg_config
+pkg_config () {
+  $PKG_CONFIG "$@" 2>> config.log
+}
+#}}}
 #{{{ usage
 usage () {
   cat <<EOF
@@ -85,8 +114,11 @@ For better control, use the options below.
   --with-readline-library=DIR Specify where readline lib directory is
   --with-ncurses-library=DIR Specify where ncurses lib directory is
   --disable-sechash      Disable support for hashes other than MD5
+  --without-nettle       Don't use nettle even if it is available
   --without-nss          Don't use NSS even if it is available
   --without-tomcrypt     Don't use libtomcrypt even if it is available
+  --disable-nts          Disable NTS support
+  --without-gnutls       Don't use gnutls even if it is available
   --disable-cmdmon       Disable command and monitoring support
   --disable-ntp          Disable NTP support
   --disable-refclock     Disable reference clock support
@@ -107,7 +139,7 @@ For better control, use the options below.
                          since 1970-01-01 [50*365 days ago]
   --with-user=USER       Specify default chronyd user [root]
   --with-hwclockfile=PATH Specify default path to hwclock(8) adjtime file
-  --with-pidfile=PATH    Specify default pidfile [/var/run/chronyd.pid]
+  --with-pidfile=PATH    Specify default pidfile [/var/run/chrony/chronyd.pid]
   --with-rtcdevice=PATH  Specify default path to RTC device [/dev/rtc]
   --with-sendmail=PATH   Path to sendmail binary [/usr/lib/sendmail]
   --enable-debug         Enable debugging support
@@ -135,6 +167,11 @@ Some influential environment variables:
               headers in a nonstandard directory <include dir>
   LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
               nonstandard directory <lib dir>
+  PKG_CONFIG  path to pkg-config utility
+  PKG_CONFIG_PATH
+              directories to add to pkg-config's search path
+  PKG_CONFIG_LIBDIR
+              path overriding pkg-config's built-in search path
 
 Use these variables to override the choices made by \`configure' or to help
 it to find libraries and programs with nonstandard names/locations.
@@ -152,13 +189,6 @@ add_def () {
   fi
 }
 #}}}
-#{{{ pkg_config
-pkg_config () {
-  type pkg-config > /dev/null 2> /dev/null || return 1
-
-  pkg-config $@ 2> /dev/null
-}
-#}}}
 #{{{ get_features
 get_features () {
   ff=1
@@ -184,11 +214,11 @@ OPERATINGSYSTEM=`uname -s`
 VERSION=`uname -r`
 MACHINE=`uname -m`
 
+LIBS=""
 EXTRA_LIBS=""
 EXTRA_CLI_LIBS=""
 EXTRA_OBJECTS=""
-EXTRA_DEFS=""
-SYSDEFS=""
+EXTRA_CLI_OBJECTS=""
 
 feat_debug=0
 feat_cmdmon=1
@@ -198,8 +228,11 @@ feat_readline=1
 try_readline=1
 try_editline=1
 feat_sechash=1
+try_nettle=1
 try_nss=1
 try_tomcrypt=1
+feat_nts=1
+try_gnutls=1
 feat_rtc=1
 try_rtc=0
 feat_droproot=1
@@ -225,9 +258,10 @@ feat_timestamping=1
 try_timestamping=0
 feat_ntp_signd=0
 ntp_era_split=""
+use_pthread=0
 default_user="root"
 default_hwclockfile=""
-default_pidfile="/var/run/chronyd.pid"
+default_pidfile="/var/run/chrony/chronyd.pid"
 default_rtcdevice="/dev/rtc"
 mail_program="/usr/lib/sendmail"
 
@@ -360,12 +394,21 @@ do
     --disable-sechash )
       feat_sechash=0
     ;;
+    --without-nettle )
+      try_nettle=0
+    ;;
     --without-nss )
       try_nss=0
     ;;
     --without-tomcrypt )
       try_tomcrypt=0
     ;;
+    --disable-nts )
+      feat_nts=0
+    ;;
+    --without-gnutls )
+      try_gnutls=0
+    ;;
     --host-system=* )
       OPERATINGSYSTEM=`echo $option | sed -e 's/^.*=//;'`
     ;;
@@ -390,7 +433,7 @@ SYSTEM=${OPERATINGSYSTEM}-${MACHINE}
 
 case $OPERATINGSYSTEM in
     Linux)
-        EXTRA_OBJECTS="sys_generic.o sys_linux.o sys_timex.o"
+        EXTRA_OBJECTS="sys_generic.o sys_linux.o sys_timex.o sys_posix.o"
         [ $try_libcap != "0" ] && try_libcap=1
         try_rtc=1
         [ $try_seccomp != "0" ] && try_seccomp=1
@@ -405,7 +448,9 @@ case $OPERATINGSYSTEM in
         # recvmmsg() seems to be broken on FreeBSD 11.0 and it's just
         # a wrapper around recvmsg()
         try_recvmmsg=0
-        EXTRA_OBJECTS="sys_generic.o sys_netbsd.o sys_timex.o"
+        EXTRA_OBJECTS="sys_generic.o sys_netbsd.o sys_timex.o sys_posix.o"
+        try_setsched=1
+        try_lockmem=1
         add_def FREEBSD
         if [ $feat_droproot = "1" ]; then
           add_def FEAT_PRIVDROP
@@ -414,15 +459,16 @@ case $OPERATINGSYSTEM in
         echo "Configuring for $SYSTEM"
     ;;
     NetBSD)
-        EXTRA_OBJECTS="sys_generic.o sys_netbsd.o sys_timex.o"
+        EXTRA_OBJECTS="sys_generic.o sys_netbsd.o sys_timex.o sys_posix.o"
         try_clockctl=1
+        try_setsched=1
+        try_lockmem=1
         add_def NETBSD
         echo "Configuring for $SYSTEM"
     ;;
     Darwin)
         EXTRA_OBJECTS="sys_macosx.o"
-        EXTRA_LIBS="-lresolv"
-        EXTRA_CLI_LIBS="-lresolv"
+        LIBS="$LIBS -lresolv"
         add_def MACOSX
         if [ $feat_droproot = "1" ]; then
           add_def FEAT_PRIVDROP
@@ -440,9 +486,10 @@ case $OPERATINGSYSTEM in
         echo "Configuring for macOS (" $SYSTEM "macOS version" $VERSION ")"
     ;;
     SunOS)
-        EXTRA_OBJECTS="sys_generic.o sys_solaris.o sys_timex.o"
-        EXTRA_LIBS="-lsocket -lnsl -lresolv"
-        EXTRA_CLI_LIBS="-lsocket -lnsl -lresolv"
+        EXTRA_OBJECTS="sys_generic.o sys_solaris.o sys_timex.o sys_posix.o"
+        LIBS="$LIBS -lsocket -lnsl -lresolv"
+        try_setsched=1
+        try_lockmem=1
         add_def SOLARIS
         # These are needed to have msg_control in struct msghdr
         add_def __EXTENSIONS__
@@ -472,7 +519,7 @@ fi
 
 if [ $feat_ntp = "1" ]; then
   add_def FEAT_NTP
-  EXTRA_OBJECTS="$EXTRA_OBJECTS ntp_core.o ntp_io.o ntp_sources.o"
+  EXTRA_OBJECTS="$EXTRA_OBJECTS ntp_auth.o ntp_core.o ntp_ext.o ntp_io.o ntp_sources.o"
   if [ $feat_ntp_signd = "1" ]; then
     add_def FEAT_SIGND
     EXTRA_OBJECTS="$EXTRA_OBJECTS ntp_signd.o"
@@ -540,6 +587,16 @@ if [ "x$MYCC" = "xgcc" ] || [ "x$MYCC" = "xclang" ]; then
   MYCFLAGS="$MYCFLAGS -Wmissing-prototypes -Wall"
 fi
 
+if [ "x$PKG_CONFIG" = "x" ]; then
+  PKG_CONFIG=pkg-config
+fi
+
+if ! test_executable "pkg-config" $PKG_CONFIG --version; then
+  try_nettle=0
+  try_nss=0
+  try_gnutls=0
+fi
+
 if test_code '64-bit time_t' 'time.h' '' '' '
   char x[sizeof(time_t) > 4 ? 1 : -1] = {0};
   return x[0];'
@@ -550,7 +607,11 @@ then
     split_seconds=$ntp_era_split
     split_days=0
   else
-    split_seconds=`date '+%s'`
+    if [ "x$SOURCE_DATE_EPOCH" != "x" ]; then
+      split_seconds=$SOURCE_DATE_EPOCH
+    else
+      split_seconds=`date '+%s'`
+    fi
     if [ "x$split_seconds" = "x" ]; then
       echo "error: could not get current time, --with-ntp-era option is needed"
       exit 1
@@ -575,25 +636,15 @@ then
 fi
 
 MATHCODE='return (int) pow(2.0, log(sqrt((double)argc)));'
-if test_code 'math' 'math.h' '' '' "$MATHCODE"; then
-  LIBS=""
-else
+if ! test_code 'math' 'math.h' '' '' "$MATHCODE"; then
   if test_code 'math in -lm' 'math.h' '' '-lm' "$MATHCODE"; then
-    LIBS="-lm"
+    LIBS="$LIBS -lm"
   else
     echo "error: could not compile/link a program which uses sqrt(), log(), pow()"
     exit 1
   fi
 fi
   
-if test_code '<stdint.h>' 'stdint.h' '' '' ''; then
-  add_def HAVE_STDINT_H
-fi
-
-if test_code '<inttypes.h>' 'inttypes.h' '' '' ''; then
-  add_def HAVE_INTTYPES_H
-fi
-
 if test_code 'struct in_pktinfo' 'sys/socket.h netinet/in.h' '' '' '
   struct in_pktinfo ipi;
   return sizeof (ipi.ipi_spec_dst.s_addr) + IP_PKTINFO;'
@@ -602,7 +653,7 @@ then
 fi
 
 if [ $feat_ipv6 = "1" ] && \
-  test_code 'IPv6 support' 'arpa/inet.h sys/socket.h netinet/in.h' '' "$EXTRA_LIBS" '
+  test_code 'IPv6 support' 'arpa/inet.h sys/socket.h netinet/in.h' '' "$LIBS" '
     struct sockaddr_in6 n;
     char p[100];
     n.sin6_addr = in6addr_any;
@@ -638,20 +689,21 @@ if [ $try_clock_gettime = "1" ]; then
   fi
 fi
 
-if test_code 'getaddrinfo()' 'sys/types.h sys/socket.h netdb.h' '' "$EXTRA_LIBS" \
+if test_code 'getaddrinfo()' 'sys/types.h sys/socket.h netdb.h' '' "$LIBS" \
   'return getaddrinfo(0, 0, 0, 0);'
 then
   add_def HAVE_GETADDRINFO
 fi
 
 if [ $feat_asyncdns = "1" ] && \
-  test_code 'pthread' 'pthread.h' '-pthread' '' \
-    'return pthread_create((void *)1, NULL, (void *)1, NULL);'
+  test_code 'pthread' 'pthread.h' '-pthread' '' '
+    pthread_t thread;
+    return (int)pthread_create(&thread, NULL, (void *)1, NULL);'
 then
   add_def FEAT_ASYNCDNS
   add_def USE_PTHREAD_ASYNCDNS
   EXTRA_OBJECTS="$EXTRA_OBJECTS nameserv_async.o"
-  MYCFLAGS="$MYCFLAGS -pthread"
+  use_pthread=1
 fi
 
 if test_code 'arc4random_buf()' 'stdlib.h' '' '' 'arc4random_buf(NULL, 0);'; then
@@ -667,11 +719,11 @@ RECVMMSG_CODE='
   struct mmsghdr hdr;
   return !recvmmsg(0, &hdr, 1, MSG_DONTWAIT, 0);'
 if [ $try_recvmmsg = "1" ]; then
-  if test_code 'recvmmsg()' 'sys/socket.h' '' "$EXTRA_LIBS" "$RECVMMSG_CODE"; then
+  if test_code 'recvmmsg()' 'sys/socket.h' '' "$LIBS" "$RECVMMSG_CODE"; then
     add_def HAVE_RECVMMSG
   else
     if test_code 'recvmmsg() with _GNU_SOURCE' 'sys/socket.h' '-D_GNU_SOURCE' \
-      "$EXTRA_LIBS" "$RECVMMSG_CODE"
+      "$LIBS" "$RECVMMSG_CODE"
     then
       add_def _GNU_SOURCE
       add_def HAVE_RECVMMSG
@@ -696,6 +748,7 @@ then
     struct scm_ts_pktinfo pktinfo;
     pktinfo.if_index = pktinfo.pkt_length = 0;
     return pktinfo.if_index + pktinfo.pkt_length + HWTSTAMP_FILTER_NTP_ALL +
+           SCM_TIMESTAMPING_PKTINFO +
            SOF_TIMESTAMPING_OPT_PKTINFO + SOF_TIMESTAMPING_OPT_TX_SWHW;'; then
     add_def HAVE_LINUX_TIMESTAMPING_RXFILTER_NTP 1
     add_def HAVE_LINUX_TIMESTAMPING_OPT_PKTINFO 1
@@ -705,11 +758,11 @@ fi
 
 timepps_h=""
 if [ $feat_refclock = "1" ] && [ $feat_pps = "1" ]; then
-  if test_code '<sys/timepps.h>' 'sys/timepps.h' '' '' ''; then
+  if test_code '<sys/timepps.h>' 'inttypes.h time.h sys/timepps.h' '' '' ''; then
     timepps_h="sys/timepps.h"
     add_def HAVE_SYS_TIMEPPS_H
   else
-    if test_code '<timepps.h>' 'timepps.h' '' '' ''; then
+    if test_code '<timepps.h>' 'inttypes.h time.h timepps.h' '' '' ''; then
       timepps_h="timepps.h"
       add_def HAVE_TIMEPPS_H
     fi
@@ -717,10 +770,11 @@ if [ $feat_refclock = "1" ] && [ $feat_pps = "1" ]; then
 fi
 
 if [ "x$timepps_h" != "x" ] && \
-  test_code 'PPSAPI' "string.h $timepps_h" '' '' '
+  test_code 'PPSAPI' "inttypes.h string.h time.h $timepps_h" '' '' '
     pps_handle_t h = 0;
     pps_info_t i;
     struct timespec ts;
+    ts.tv_sec = ts.tv_nsec = 0;
     return time_pps_fetch(h, PPS_TSFMT_TSPEC, &i, &ts);'
 then
   add_def FEAT_PPS
@@ -784,25 +838,34 @@ fi
 
 if [ $try_setsched = "1" ] && \
   test_code \
-    'sched_setscheduler()' \
-    'sched.h' '' '' '
+    'pthread_setschedparam()' \
+    'pthread.h sched.h' '-pthread' '' '
      struct sched_param sched;
      sched_get_priority_max(SCHED_FIFO);
-     sched_setscheduler(0, SCHED_FIFO, &sched);'
+     pthread_setschedparam(pthread_self(), SCHED_FIFO, &sched);'
 then
-  add_def HAVE_SCHED_SETSCHEDULER
+  add_def HAVE_PTHREAD_SETSCHEDPARAM
+  use_pthread=1
 fi
 
 if [ $try_lockmem = "1" ] && \
   test_code \
     'mlockall()' \
-    'sys/mman.h sys/resource.h' '' '' '
-     struct rlimit rlim;
-     setrlimit(RLIMIT_MEMLOCK, &rlim);
+    'sys/mman.h' '' '' '
      mlockall(MCL_CURRENT|MCL_FUTURE);'
 then
   add_def HAVE_MLOCKALL
 fi
+if [ $try_lockmem = "1" ] && \
+  test_code \
+    'setrlimit(RLIMIT_MEMLOCK, ...)' \
+    'sys/resource.h' '' '' '
+     struct rlimit rlim;
+     rlim.rlim_max = rlim.rlim_cur = RLIM_INFINITY;
+     setrlimit(RLIMIT_MEMLOCK, &rlim);'
+then
+  add_def HAVE_SETRLIMIT_MEMLOCK
+fi
 
 if [ $feat_forcednsretry = "1" ]
 then
@@ -852,7 +915,29 @@ fi
 HASH_OBJ="hash_intmd5.o"
 HASH_LINK=""
 
-if [ $feat_sechash = "1" ] && [ $try_nss = "1" ]; then
+if [ $feat_sechash = "1" ] && [ "x$HASH_LINK" = "x" ]  && [ $try_nettle = "1" ]; then
+  test_cflags="`pkg_config --cflags nettle`"
+  test_link="`pkg_config --libs nettle`"
+  if test_code 'nettle' 'nettle/nettle-meta.h nettle/sha2.h' \
+    "$test_cflags" "$test_link" \
+    'return nettle_hashes[0]->context_size;'
+  then
+    HASH_OBJ="hash_nettle.o"
+    HASH_LINK="$test_link"
+    MYCPPFLAGS="$MYCPPFLAGS $test_cflags"
+    add_def FEAT_SECHASH
+
+    if test_code 'CMAC in nettle' 'nettle/cmac.h' "$test_cflags" "$test_link" \
+      'cmac128_update(NULL, NULL, NULL, 0, NULL);'
+    then
+      add_def HAVE_CMAC
+      EXTRA_OBJECTS="$EXTRA_OBJECTS cmac_nettle.o"
+      EXTRA_CLI_OBJECTS="$EXTRA_CLI_OBJECTS cmac_nettle.o"
+    fi
+  fi
+fi
+
+if [ $feat_sechash = "1" ] && [ "x$HASH_LINK" = "x" ]  && [ $try_nss = "1" ]; then
   test_cflags="`pkg_config --cflags nss`"
   test_link="`pkg_config --libs-only-L nss` -lfreebl3"
   if test_code 'NSS' 'nss.h hasht.h nsslowhash.h' \
@@ -861,7 +946,6 @@ if [ $feat_sechash = "1" ] && [ $try_nss = "1" ]; then
   then
     HASH_OBJ="hash_nss.o"
     HASH_LINK="$test_link"
-    LIBS="$LIBS $HASH_LINK"
     MYCPPFLAGS="$MYCPPFLAGS $test_cflags"
     add_def FEAT_SECHASH
   fi
@@ -873,12 +957,48 @@ if [ $feat_sechash = "1" ] && [ "x$HASH_LINK" = "x" ] && [ $try_tomcrypt = "1" ]
   then
     HASH_OBJ="hash_tomcrypt.o"
     HASH_LINK="-ltomcrypt"
-    LIBS="$LIBS $HASH_LINK"
     MYCPPFLAGS="$MYCPPFLAGS -I/usr/include/tomcrypt"
     add_def FEAT_SECHASH
   fi
 fi
 
+EXTRA_OBJECTS="$EXTRA_OBJECTS $HASH_OBJ"
+EXTRA_CLI_OBJECTS="$EXTRA_CLI_OBJECTS $HASH_OBJ"
+LIBS="$LIBS $HASH_LINK"
+
+if [ $feat_ntp = "1" ] && [ $feat_nts = "1" ] && [ $try_gnutls = "1" ] && \
+    echo "$HASH_LINK" | grep 'nettle' > /dev/null; then
+  test_cflags="`pkg_config --cflags gnutls`"
+  test_link="`pkg_config --libs gnutls`"
+  if test_code 'gnutls' 'gnutls/gnutls.h' \
+    "$test_cflags" "$test_link" '
+      return gnutls_init(NULL, 0) +
+        gnutls_priority_init2(NULL, "", NULL, GNUTLS_PRIORITY_INIT_DEF_APPEND) +
+        gnutls_prf_rfc5705(NULL, 0, "", 0, "", 16, NULL);' &&
+    test_code 'AES128 in nettle' 'nettle/aes.h' '' "$LIBS" \
+      'aes128_set_encrypt_key(NULL, NULL);'
+  then
+    EXTRA_OBJECTS="$EXTRA_OBJECTS nts_ke_client.o nts_ke_server.o nts_ke_session.o"
+    EXTRA_OBJECTS="$EXTRA_OBJECTS nts_ntp_auth.o nts_ntp_client.o nts_ntp_server.o"
+    EXTRA_OBJECTS="$EXTRA_OBJECTS siv_nettle.o"
+    LIBS="$LIBS $test_link"
+    MYCPPFLAGS="$MYCPPFLAGS $test_cflags"
+    add_def FEAT_NTS
+
+    add_def HAVE_SIV
+    if test_code 'SIV in nettle' \
+      'nettle/siv-cmac.h' "" "$LIBS" \
+      'siv_cmac_aes128_set_key(NULL, NULL);'
+    then
+      add_def HAVE_NETTLE_SIV_CMAC
+    fi
+  fi
+fi
+
+if [ $use_pthread = "1" ]; then
+  MYCFLAGS="$MYCFLAGS -pthread"
+fi
+
 SYSCONFDIR=/etc
 if [ "x$SETSYSCONFDIR" != "x" ]; then
   SYSCONFDIR=$SETSYSCONFDIR
@@ -942,9 +1062,9 @@ add_def DEFAULT_USER "\"$default_user\""
 add_def DEFAULT_COMMAND_SOCKET "\"$CHRONYRUNDIR/chronyd.sock\""
 add_def MAIL_PROGRAM "\"$mail_program\""
 
-common_features="`get_features IPV6 DEBUG`"
+common_features="`get_features SECHASH IPV6 DEBUG`"
 chronyc_features="`get_features READLINE`"
-chronyd_features="`get_features CMDMON NTP REFCLOCK RTC PRIVDROP SCFILTER SECHASH SIGND ASYNCDNS`"
+chronyd_features="`get_features CMDMON NTP REFCLOCK RTC PRIVDROP SCFILTER SIGND ASYNCDNS NTS`"
 add_def CHRONYC_FEATURES "\"$chronyc_features $common_features\""
 add_def CHRONYD_FEATURES "\"$chronyd_features $common_features\""
 echo "Features : $chronyd_features $chronyc_features $common_features"
@@ -960,15 +1080,15 @@ add_def CHRONY_VERSION "\"${CHRONY_VERSION}\""
 for f in Makefile doc/Makefile test/unit/Makefile
 do
   echo Creating $f
-  sed -e "s%@EXTRA_OBJECTS@%${EXTRA_OBJECTS}%;\
+  sed -e "s%@EXTRA_OBJS@%${EXTRA_OBJECTS}%;\
+          s%@EXTRA_CLI_OBJS@%${EXTRA_CLI_OBJECTS}%;\
           s%@CC@%${MYCC}%;\
           s%@CFLAGS@%${MYCFLAGS}%;\
           s%@CPPFLAGS@%${MYCPPFLAGS}%;\
-          s%@LIBS@%${LIBS}%;\
           s%@LDFLAGS@%${MYLDFLAGS}%;\
+          s%@LIBS@%${LIBS}%;\
           s%@EXTRA_LIBS@%${EXTRA_LIBS}%;\
           s%@EXTRA_CLI_LIBS@%${EXTRA_CLI_LIBS}%;\
-          s%@HASH_OBJ@%${HASH_OBJ}%;\
           s%@SYSCONFDIR@%${SYSCONFDIR}%;\
           s%@BINDIR@%${BINDIR}%;\
           s%@SBINDIR@%${SBINDIR}%;\

doc/chrony.conf.adoc

@@ -66,34 +66,53 @@ server, or its IP address. The *server* directive supports the following
 options:
 +
 *minpoll* _poll_:::
-Although *chronyd* will trim the rate at which it samples the server during
-normal operation, the user might want to constrain the minimum polling interval.
-This is always defined as a power of 2, so *minpoll 5* would mean that the
-polling interval cannot drop below 32 seconds. The default is 6 (64 seconds),
-the minimum is -4 (1/16th of a second), and the maximum is 24 (6 months). Note
-that intervals shorter than 6 (64 seconds) should generally not be used with
-public servers on the Internet, because it might be considered abuse.
+This option specifies the minimum interval between requests sent to the server
+as a power of 2 in seconds. For example, *minpoll 5* would mean that the
+polling interval should not drop below 32 seconds. The default is 6 (64
+seconds), the minimum is -6 (1/64th of a second), and the maximum is 24 (6
+months). Note that intervals shorter than 6 (64 seconds) should generally not
+be used with public servers on the Internet, because it might be considered
+abuse. A sub-second interval will be enabled only when the server is reachable
+and the round-trip delay is shorter than 10 milliseconds, i.e. the server
+should be in a local network.
 *maxpoll* _poll_:::
-In a similar way, the user might want to constrain the maximum polling interval.
-Again this is specified as a power of 2, *maxpoll 9* indicates that the polling
-interval must stay at or below 512 seconds. The default is 10 (1024 seconds),
-the minimum is 0 (1 second), and the maximum is 24 (6 months).
+This option specifies the maximum interval between requests sent to the server
+as a power of 2 in seconds. For example, *maxpoll 9* indicates that the polling
+interval should stay at or below 9 (512 seconds). The default is 10 (1024
+seconds), the minimum is -6 (1/64th of a second), and the maximum is 24 (6
+months).
 *iburst*:::
-If this option is set, the interval between the first four polls will be 2
-seconds instead of _minpoll_. This is useful to quickly get the first update of
-the clock after *chronyd* is started.
-*key* _id_:::
-The NTP protocol supports the inclusion of checksums in the packets, to prevent
+With this option, the interval between the first four requests sent to the
+server will be 2 seconds or less instead of the interval specified by the
+*minpoll* option, which allows *chronyd* to make the first update of the clock
+shortly after start.
+*burst*:::
+With this option, *chronyd* will shorten the interval between up to four
+requests to 2 seconds or less when it cannot get a good measurement from the
+server. The number of requests in the burst is limited by the current polling
+interval to keep the average interval at or above the minimum interval, i.e.
+the current interval needs to be at least two times longer than the minimum
+interval in order to allow a burst with two requests.
+*key* _ID_:::
+The NTP protocol supports a message authentication code (MAC) to prevent
 computers having their system time upset by rogue packets being sent to them.
-The checksums are generated as a function of a password, using the
-cryptographic hash function set in the key file, which is specified by the
-<<keyfile,*keyfile*>> directive.
+The MAC is generated as a function of a key specified in the key file,
+which is specified by the <<keyfile,*keyfile*>> directive.
 +
-If the key option is present, *chronyd* will attempt to use authenticated
-packets when communicating with this server. The key number used will be the
-single argument to the key option (an unsigned integer in the range 1 through
-2^32-1). The server must have the same password for this key number configured,
+The *key* option specifies which key (with an ID in the range 1 through 2^32-1)
+should *chronyd* use to authenticate requests sent to the server and verify its
+responses. The server must have the same key for this number configured,
 otherwise no relationship between the computers will be possible.
++
+If the server is running *ntpd* and the output size of the hash function used
+by the key is longer than 160 bits (e.g. SHA256), the *version* option needs to
+be set to 4 for compatibility.
+*nts*:::
+This option enables authentication using the Network Time Security (NTS)
+mechanism. Unlike with the *key* option, the server and client do not need to
+share a key in a key file. NTS has a Key Establishment (NTS-KE) protocol using
+the Transport Layer Security (TLS) protocol to get the keys and cookies
+required by NTS for authentication of NTP packets.
 *maxdelay* _delay_:::
 *chronyd* uses the network round-trip delay to the server to determine how
 accurate a particular measurement is likely to be. Long round-trip delays
@@ -113,7 +132,7 @@ option. For example, *maxdelay 0.3* would indicate that measurements with a
 round-trip delay of 0.3 seconds or more should be ignored. The default value is
 3 seconds and the maximum value is 1000 seconds.
 *maxdelayratio* _ratio_:::
-This option is similar to the maxdelay option above. *chronyd* keeps a record
+This option is similar to the *maxdelay* option above. *chronyd* keeps a record
 of the minimum round-trip delay amongst the previous measurements that it has
 buffered. If a measurement has a round trip delay that is greater than the
 maxdelayratio times the minimum delay, it will be rejected.
@@ -123,14 +142,14 @@ minimum delay amongst the previous measurements to the standard deviation of
 the previous measurements that is greater than the specified ratio, it will be
 rejected. The default is 10.0.
 *mindelay* _delay_:::
-This options specifies a fixed minimum round-trip delay to be used instead of
+This option specifies a fixed minimum round-trip delay to be used instead of
 the minimum amongst the previous measurements. This can be useful in networks
 with static configuration to improve the stability of corrections for
 asymmetric jitter, weighting of the measurements, and the *maxdelayratio* and
 *maxdelaydevratio* tests. The value should be set accurately in order to have a
 positive effect on the synchronisation.
 *asymmetry* _ratio_:::
-This options specifies the asymmetry of the network jitter on the path to the
+This option specifies the asymmetry of the network jitter on the path to the
 source, which is used to correct the measured offset according to the delay.
 The asymmetry can be between -0.5 and +0.5. A negative value means the delay of
 packets sent to the source is more variable than the delay of packets sent from
@@ -148,20 +167,25 @@ Set the minimum number of samples kept for this source. This overrides the
 *maxsamples* _samples_:::
 Set the maximum number of samples kept for this source. This overrides the
 <<maxsamples,*maxsamples*>> directive.
+*filter* _samples_:::
+This option enables a median filter to reduce noise in NTP measurements. The
+filter will reduce the specified number of samples to a single sample. It is
+intended to be used with very short polling intervals in local networks where
+it is acceptable to generate a lot of NTP traffic.
 *offline*:::
 If the server will not be reachable when *chronyd* is started, the *offline*
 option can be specified. *chronyd* will not try to poll the server until it is
 enabled to do so (by using the <<chronyc.adoc#online,*online*>> command in
 *chronyc*).
 *auto_offline*:::
-If this option is set, the server will be assumed to have gone offline when 2
-requests have been sent to it without receiving a response. This option avoids
+With this option, the server will be assumed to have gone offline when sending
+a request fails, e.g. due to a missing route to the network. This option avoids
 the need to run the <<chronyc.adoc#offline,*offline*>> command from *chronyc*
 when disconnecting the network link. (It will still be necessary to use the
 <<chronyc.adoc#online,*online*>> command when the link has been established, to
 enable measurements to start.)
 *prefer*:::
-Prefer this source over sources without prefer option.
+Prefer this source over sources without the *prefer* option.
 *noselect*:::
 Never select this source. This is particularly useful for monitoring.
 *trust*:::
@@ -176,14 +200,13 @@ authenticated source to be safely combined with unauthenticated sources in
 order to improve the accuracy of the clock. They can be selected and used for
 synchronisation only if they agree with the trusted and required source.
 *xleave*:::
-This option enables an interleaved mode which allows the server or the peer to
+This option enables an interleaved mode which enables the server to
 send transmit timestamps captured after the actual transmission (e.g. when the
-server or the peer is running *chronyd* with software (kernel) or hardware
+server is running *chronyd* with software (kernel) or hardware
 timestamping). This can significantly improve the accuracy of the measurements.
 +
 The interleaved mode is compatible with servers that support only the basic
-mode, but peers must both support and have enabled the interleaved mode,
-otherwise the synchronisation will work only in one direction. Note that even
+mode. Note that even
 servers that support the interleaved mode might respond in the basic mode as
 the interleaved mode requires the servers to keep some state for each client
 and the state might be dropped when there are too many clients (e.g.
@@ -203,6 +226,9 @@ intervals. The default is 8 and a useful range is from 6 to 60.
 This option allows the UDP port on which the server understands NTP requests to
 be specified. For normal servers this option should not be required (the
 default is 123, the standard NTP port).
+*ntsport* _port_:::
+This option specifies the TCP port on which the server is listening for NTS-KE
+connections when the *nts* option is enabled. The default is 11443.
 *presend* _poll_:::
 If the timing measurements being made by *chronyd* are the only network data
 passing between two computers, you might find that some measurements are badly
@@ -225,8 +251,8 @@ when the polling interval is 512 seconds or more, an extra NTP client packet
 will be sent to the server a short time (2 seconds) before making the actual
 measurement.
 +
-The *presend* option cannot be used in the *peer* directive. If it is used
-with the *xleave* option, *chronyd* will send two extra packets instead of one.
+If the *presend* option is used together with the *xleave* option, *chronyd*
+will send two extra packets instead of one.
 *minstratum* _stratum_:::
 When the synchronisation source is selected from available sources, sources
 with lower stratum are normally slightly preferred. This option can be used to
@@ -251,16 +277,18 @@ which might change over time.
 +
 All options valid in the <<server,*server*>> directive can be used in this
 directive too. There is one option specific to the *pool* directive:
-*maxsources* sets the maximum number of sources that can be used from the pool,
-the default value is 4.
 +
-On start, when the pool name is resolved, *chronyd* will add up to 16 sources,
-one for each resolved address. When the number of sources from which at least
-one valid reply was received reaches the number specified by the *maxsources*
-option, the other sources will be removed. When a pool source is unreachable,
+*maxsources* _sources_:::
+This option sets the desired number of sources to be used from the pool.
+*chronyd* will repeatedly try to resolve the name until it gets this number of
+sources responding to requests. The default value is 4 and the maximum value is
+16.
++
+::
+When an NTP source is unreachable,
 marked as a falseticker, or has a distance larger than the limit set by the
 <<maxdistance,*maxdistance*>> directive, *chronyd* will try to replace the
-source with a newly resolved address from the pool.
+source with a newly resolved address of the name.
 +
 An example of the *pool* directive is
 +
@@ -277,6 +305,12 @@ is mainly useful when the NTP implementation of the peer (e.g. *ntpd*) supports
 ephemeral symmetric associations and does not need to be configured with an
 address of this host. *chronyd* does not support ephemeral associations.
 +
+The following options of the *server* directive do not work in the *peer*
+directive: *iburst*, *burst*, *nts*, *presend*.
++
+When using the *xleave* option, both peers must support and have enabled the
+interleaved mode, otherwise the synchronisation will work in one direction
+only.
 When a key is specified by the *key* option to enable authentication, both
 peers must use the same key and the same key number.
 +
@@ -356,12 +390,12 @@ for *initstepslew* to finish before exiting. This is useful to prevent programs
 started in the boot sequence after *chronyd* from reading the clock before it
 has been stepped.
 
-[[refclock]]*refclock* _driver_ _parameter_[:__option__,...] [_option_]...::
+[[refclock]]*refclock* _driver_ _parameter_[:__option__]... [_option_]...::
 The *refclock* directive specifies a hardware reference clock to be used as a
 time source. It has two mandatory parameters, a driver name and a
 driver-specific parameter. The two parameters are followed by zero or more
 refclock options. Some drivers have special options, which can be appended to
-the driver-specific parameter (separated by the *:* and *,* characters).
+the driver-specific parameter using the *:* character.
 +
 There are four drivers included in *chronyd*:
 +
@@ -458,7 +492,7 @@ Examples:
 ----
 refclock PHC /dev/ptp0 poll 0 dpoll -2 offset -37
 refclock PHC /dev/ptp1:nocrossts poll 3 pps
-refclock PHC /dev/ptp2:extpps,pin=1 width 0.2 poll 2
+refclock PHC /dev/ptp2:extpps:pin=1 width 0.2 poll 2
 ----
 +
 ::
@@ -516,6 +550,9 @@ is included in the maximum assumed error which is used in the source selection
 algorithm. Increasing the delay is useful to avoid having no majority in the
 source selection or to make it prefer other sources. The default is 1e-9 (1
 nanosecond).
+*stratum* _stratum_:::
+This option sets the NTP stratum of the refclock. This can be useful when the
+refclock provides time with a stratum other than 0. The default is 0.
 *precision* _precision_:::
 This option sets the precision of the reference clock (in seconds). The default
 value is the estimated precision of the system clock.
@@ -546,6 +583,12 @@ but not very precise, reference clock to be safely combined with
 unauthenticated NTP sources in order to improve the accuracy of the clock. They
 can be selected and used for synchronisation only if they agree with the
 trusted and required source.
+*tai*:::
+This option indicates that the reference clock keeps time in TAI instead of UTC
+and that *chronyd* should correct its offset by the current TAI-UTC offset. The
+<<leapsectz,*leapsectz*>> directive must be used with this option and the
+database must be kept up to date in order for this correction to work as
+expected. This option does not make sense with PPS refclocks.
 *minsamples* _samples_:::
 Set the minimum number of samples kept for this source. This overrides the
 <<minsamples,*minsamples*>> directive.
@@ -628,12 +671,37 @@ The *maxsamples* directive sets the default maximum number of samples that
 individual sources in the <<server,*server*>> and <<refclock,*refclock*>>
 directives. The default value is 0, which disables the configurable limit. The
 useful range is 4 to 64.
++
+As a special case, setting *maxsamples* to 1 disables frequency tracking in
+order to make the sources immediately selectable with only one sample. This can
+be useful when *chronyd* is started with the *-q* or *-Q* option.
 
 [[minsamples]]*minsamples* _samples_::
 The *minsamples* directive sets the default minimum number of samples that
 *chronyd* should keep for each source. This setting can be overridden for
 individual sources in the <<server,*server*>> and <<refclock,*refclock*>>
 directives. The default value is 6. The useful range is 4 to 64.
++
+Forcing *chronyd* to keep more samples than it would normally keep reduces
+noise in the estimated frequency and offset, but slows down the response to
+changes in the frequency and offset of the clock. The offsets in the
+<<chronyc.adoc#tracking,*tracking*>> and
+<<chronyc.adoc#sourcestats,*sourcestats*>> reports (and the _tracking.log_ and
+_statistics.log_ files) may be smaller than the actual offsets.
+
+[[ntsrefresh]]*ntsrefresh* _interval_::
+This directive specifies the maximum interval between NTS-KE handshakes (in
+seconds) in order to refresh the keys authenticating NTP packets. The default
+value is 2419200 (4 weeks).
+
+[[ntstrustedcerts]]*ntstrustedcerts* _file_::
+This directive specifies a file containing certificates (in the PEM format) of
+trusted certificate authorities (CA) that should be used to verify certificates
+of NTS servers in addition to the system's default trusted CAs (if the
+*nosystemcert* directive is not present).
+
+[[nosystemcert]]*nosystemcert*::
+This directive disables the system's default trusted CAs.
 
 === Source selection
 
@@ -647,6 +715,8 @@ The *combinelimit* directive limits which sources are included in the combining
 algorithm. Their synchronisation distance has to be shorter than the distance
 of the selected source multiplied by the value of the limit. Also, their
 measured frequencies have to be close to the frequency of the selected source.
+If the selected source was specified with the *prefer* option, it can be
+combined only with other sources specified with this option.
 +
 By default, the limit is 3. Setting the limit to 0 effectively disables the
 source combining algorithm and only the selected source will be used to control
@@ -751,9 +821,10 @@ driftfile @CHRONYVARDIR@/drift
 
 [[fallbackdrift]]*fallbackdrift* _min-interval_ _max-interval_::
 Fallback drifts are long-term averages of the system clock drift calculated
-over exponentially increasing intervals. They are used when the clock is no
-longer synchronised to avoid quickly drifting away from true time if there was
-a short-term deviation in the drift before the synchronisation was lost.
+over exponentially increasing intervals. They are used to avoid quickly
+drifting away from true time when the clock was not updated for a longer period
+of time and there was a short-term deviation in the drift before the updates
+stopped.
 +
 The directive specifies the minimum and maximum interval since the last clock
 update to switch between fallback drifts. They are defined as a power of 2 (in
@@ -765,8 +836,10 @@ fallbackdrift 16 19
 +
 In this example, the minimum interval is 16 (18 hours) and the maximum interval is
 19 (6 days). The system clock frequency will be set to the first fallback 18
-hours after last clock update, to the second after 36 hours, etc. This might be
-a good setting to cover daily and weekly temperature fluctuations.
+hours after last clock update, to the second after 36 hours, and so on. This
+might be a good setting to cover frequency changes due to daily and weekly
+temperature fluctuations. When the frequency is set to a fallback, the state of
+the clock will change to '`Not synchronised`'.
 +
 By default (or if the specified maximum or minimum is 0), no fallbacks are used
 and the clock frequency changes only with new measurements from NTP sources,
@@ -862,6 +935,11 @@ It is also useful when the system clock is required to have correct TAI-UTC
 offset. Note that the offset is set only when leap seconds are handled by the
 kernel, i.e. <<leapsecmode,*leapsecmode*>> is set to *system*.
 +
+The specified timezone is not used as an exclusive source of information about
+leap seconds. If a majority of time sources announce on the last day of June or
+December that a leap second should be inserted or deleted, it will be accepted
+even if it is not included in the timezone.
++
 An example of the directive is:
 +
 ----
@@ -1286,6 +1364,43 @@ An example of the directive is:
 ntpsigndsocket /var/lib/samba/ntp_signd
 ----
 
+[[ntsport]]*ntsport* _port_::
+This directive specifies the TCP port on which *chronyd* will provide the NTS
+Key Establishment (NTS-KE) service. The default port is 11443.
++
+The port will be open only when a certificate and key is specified by the
+*ntsservercert* and *ntsserverkey* directives.
+
+[[ntsservercert]]*ntsservercert* _file_::
+This directive specifies a file containing a certificate in the PEM format
+for *chronyd* to operate as an NTS server.
+
+[[ntsserverkey]]*ntsserverkey* _file_::
+This directive specifies a file containing a private key in the PEM format
+for *chronyd* to operate as an NTS server.
+
+[[ntsprocesses]]*ntsprocesses* _processes_::
+This directive specifies how many helper processes will *chronyd* operating
+as an NTS server start for handling client NTS-KE requests in order to improve
+performance with multi-core CPUs and multithreading. If set to 0, no helper
+process will be started and all NTS-KE requests will be handled by the main
+*chronyd* process. The default value is 1.
+
+[[maxntsconnections]]*maxntsconnections* _connections_::
+This directive specifies the maximum number of concurrent NTS-KE connections
+per process that the NTS server will accept. The default value is 100.
+
+[[ntscachedir]]*ntscachedir* _directory_::
+This directive specifies a directory to save the keys which the NTS server uses
+to encrypt NTS cookies in order to prevent a storm of NTS-KE handshakes when
+the server is restarted. By default, the server does not save the keys.
+
+[[ntsrotate]]*ntsrotate* _interval_::
+This directive specifies the rotation interval (in seconds) of the server key
+which encrypts cookies. The server keeps up to 3 previous keys to give the
+clients enough time to get cookies encrypted by the latest key. The default
+interval is 604800 (1 week).
+
 [[port]]*port* _port_::
 This option allows you to configure the port on which *chronyd* will listen for
 NTP requests. The port will be open only when an address is allowed by the
@@ -1559,8 +1674,8 @@ If the *rtconutc* directive appears, it means the RTC is required to keep UTC.
 The directive takes no arguments. It is equivalent to specifying the *-u*
 switch to the Linux *hwclock* program.
 +
-Note that this setting is overridden when the <<hwclockfile,*hwclockfile*>>
-directive is specified.
+Note that this setting is overridden by the <<hwclockfile,*hwclockfile*>> file
+and is not relevant for the <<rtcsync,*rtcsync*>> directive.
 
 [[rtcsync]]*rtcsync*::
 The *rtcsync* directive enables a mode where the system time is periodically
@@ -1910,6 +2025,12 @@ It's defined as a power of two. It should correspond to the minimum polling
 interval of all NTP sources and the minimum expected polling interval of NTP
 clients. The default value is 0 (1 second) and the minimum value is -6 (1/64th
 of a second).
+*minsamples* _samples_:::
+This option specifies the minimum number of readings kept for tracking of the
+NIC clock. The default value is 2.
+*maxsamples* _samples_:::
+This option specifies the maximum number of readings kept for tracking of the
+NIC clock. The default value is 16.
 *precision* _precision_:::
 This option specifies the assumed precision of reading of the NIC clock. The
 default value is 100e-9 (100 nanoseconds).
@@ -1963,8 +2084,10 @@ include @SYSCONFDIR@/chrony.d/*.conf
 ----
 
 [[keyfile]]*keyfile* _file_::
-This directive is used to specify the location of the file containing ID-key
-pairs for authentication of NTP packets.
+This directive is used to specify the location of the file containing symmetric
+keys which are shared between NTP servers and clients, or peers, in order to
+authenticate NTP packets with a message authentication code (MAC) using a
+cryptographic hash function or cipher.
 +
 The format of the directive is shown in the example below:
 +
@@ -1979,69 +2102,90 @@ format of the file is shown below:
 10 tulip
 11 hyacinth
 20 MD5 ASCII:crocus
-25 SHA1 HEX:1dc764e0791b11fa67efc7ecbc4b0d73f68a070c
+25 SHA1 HEX:933F62BE1D604E68A81B557F18CFA200483F5B70
+30 AES128 HEX:7EA62AE64D190114D46D5A082F948EC1
+31 AES256 HEX:37DDCBC67BB902BCB8E995977FAB4D2B5642F5B32EBCEEE421921D97E5CBFE39
  ...
 ----
 +
-Each line consists of an ID, name of an authentication hash function (optional),
-and a password. The ID can be any unsigned integer in the range 1 through
-2^32-1. The default hash function is *MD5*. Depending on how *chronyd*
-was compiled, other supported functions might be *SHA1*, *SHA256*, *SHA384*,
-*SHA512*, *RMD128*, *RMD160*, *RMD256*, *RMD320*, *TIGER*, and *WHIRLPOOL*. The
-password can be specified as a string of characters not containing white space
-with an optional *ASCII:* prefix, or as a hexadecimal number with the *HEX:*
-prefix. The maximum length of the line is 2047 characters.
+Each line consists of an ID, optional type, and key.
 +
-The password is used with the hash function to generate and verify a message
-authentication code (MAC) in NTP packets. It is recommended to use SHA1, or
-stronger, hash function with random passwords specified in the hexadecimal
-format that have at least 128 bits. *chronyd* will log a warning to
-syslog on start if a source is specified in the configuration file with a key
-that has password shorter than 80 bits.
+The ID can be any positive integer in the range 1 through 2^32-1.
++
+The type is a name of a cryptographic hash function or cipher which is used to
+generate and verify the MAC. The default type is *MD5*, which is always
+supported.
+If *chronyd* was built with enabled support for hashing using a crypto library
+(nettle, nss, or libtomcrypt), the following functions are available: *MD5*,
+*SHA1*, *SHA256*, *SHA384*, *SHA512*. Depending on which library and version is
+*chronyd* using, some of the following hash functions and ciphers may
+also be available:
+*SHA3-224*, *SHA3-256*, *SHA3-384*, *SHA3-512*, *TIGER*, *WHIRLPOOL*, *AES128*,
+*AES256*.
++
+The key can be specified as a string of ASCII characters not containing white
+space with an optional *ASCII:* prefix, or as a hexadecimal number with the
+*HEX:* prefix. The maximum length of the line is 2047 characters.
+If the type is a cipher, the length of the key must match the cipher (i.e. 128
+bits for AES128 and 256 bits for AES256).
++
+It is recommended to use randomly generated keys, specified in the hexadecimal
+format, which are at least 128 bits long (i.e. they have at least 32 characters
+after the *HEX:* prefix). *chronyd* will log a warning to syslog on start if a
+source is specified in the configuration file with a key shorter than 80 bits.
++
+The recommended key types are AES ciphers and SHA3 hash functions. MD5 should
+be avoided unless no other type is supported on the server and client, or
+peers.
 +
 The <<chronyc.adoc#keygen,*keygen*>> command of *chronyc* can be used to
 generate random keys for the key file. By default, it generates 160-bit MD5 or
 SHA1 keys.
++
+For security reasons, the file should be readable only by root and the user
+under which *chronyd* is normally running (to allow *chronyd* to re-read the
+file when the <<chronyc.adoc#rekey,*rekey*>> command is issued by *chronyc*).
 
 [[lock_all]]*lock_all*::
 The *lock_all* directive will lock chronyd into RAM so that it will never be
-paged out. This mode is only supported on Linux. This directive uses the Linux
-*mlockall()* system call to prevent *chronyd* from ever being swapped out. This
-should result in lower and more consistent latency. It should not have
-significant impact on performance as *chronyd's* memory usage is modest. The
-*mlockall(2)* man page has more details.
+paged out. This mode is supported on Linux, FreeBSD, NetBSD, and Solaris.  This
+directive uses the POSIX *mlockall()* system call to prevent *chronyd* from
+ever being swapped out. This should result in lower and more consistent
+latency. It should not have significant impact on performance as *chronyd's*
+memory usage is modest. The *mlockall(2)* man page has more details.
 
 [[pidfile]]*pidfile* _file_::
-*chronyd* always writes its process ID (PID) to a file, and checks this file on
-startup to see if another *chronyd* might already be running on the system. By
-default, the file used is _@DEFAULT_PID_FILE@_. The *pidfile* directive
-allows the name to be changed, e.g.:
+Unless *chronyd* is started with the *-Q* option, it writes its process ID
+(PID) to a file, and checks this file on startup to see if another *chronyd*
+might already be running on the system. By default, the file used is
+_@DEFAULT_PID_FILE@_. The *pidfile* directive allows the name to be changed,
+e.g.:
 +
 ----
 pidfile /run/chronyd.pid
 ----
 
 [[sched_priority]]*sched_priority* _priority_::
-On Linux, the *sched_priority* directive will select the SCHED_FIFO real-time
-scheduler at the specified priority (which must be between 0 and 100). On
-macOS, this option must have either a value of 0 (the default) to disable the
-thread time constraint policy or 1 for the policy to be enabled. Other systems
-do not support this option.
+On Linux, FreeBSD, NetBSD, and Solaris, the *sched_priority* directive will
+select the SCHED_FIFO real-time scheduler at the specified priority (which must
+be between 0 and 100). On macOS, this option must have either a value of 0 (the
+default) to disable the thread time constraint policy or 1 for the policy to be
+enabled.
 +
-On Linux, this directive uses the *sched_setscheduler()* system call to
-instruct the kernel to use the SCHED_FIFO first-in, first-out real-time
-scheduling policy for *chronyd* with the specified priority. This means that
-whenever *chronyd* is ready to run it will run, interrupting whatever else is
-running unless it is a higher priority real-time process. This should not
-impact performance as *chronyd* resource requirements are modest, but it should
-result in lower and more consistent latency since *chronyd* will not need to
-wait for the scheduler to get around to running it. You should not use this
-unless you really need it. The *sched_setscheduler(2)* man page has more
-details.
+On systems other than macOS, this directive uses the *pthread_setschedparam()*
+system call to instruct the kernel to use the SCHED_FIFO first-in, first-out
+real-time scheduling policy for *chronyd* with the specified priority. This
+means that whenever *chronyd* is ready to run it will run, interrupting
+whatever else is running unless it is a higher priority real-time process. This
+should not impact performance as *chronyd* resource requirements are modest,
+but it should result in lower and more consistent latency since *chronyd* will
+not need to wait for the scheduler to get around to running it. You should not
+use this unless you really need it. The *pthread_setschedparam(3)* man page has
+more details.
 +
 On macOS, this directive uses the *thread_policy_set()* kernel call to
-specify real-time scheduling. As noted for Linux, you should not use this
-directive unless you really need it.
+specify real-time scheduling. As noted above, you should not use this directive
+unless you really need it.
 
 [[user]]*user* _user_::
 The *user* directive sets the name of the system user to which *chronyd* will
@@ -2161,7 +2305,7 @@ actually connected to the Internet.
 === Isolated networks
 
 This section shows how to configure *chronyd* for computers that never have
-network conectivity to any computer which ultimately derives its time from a
+network connectivity to any computer which ultimately derives its time from a
 reference clock.
 
 In this situation, one computer is selected to be the master timeserver. The

doc/chronyc.adoc

@@ -78,11 +78,18 @@ With this option hostnames will be resolved only to IPv6 addresses.
 This option disables resolving of IP addresses to hostnames, e.g. to avoid slow
 DNS lookups. Long addresses will not be truncated to fit into the column.
 
+*-N*::
+This option enables printing of the original names of NTP sources that were
+specified in the configuration file, or *chronyc* commands, and are internally
+used by *chronyd*. Without the *-n* and *-N* option, the names of NTP sources
+are obtained from reverse DNS lookups and can be different from the original
+names.
+
 *-c*::
 This option enables printing of reports in a comma-separated values (CSV)
-format. IP addresses will not be resolved to hostnames, time will be printed as
-number of seconds since the epoch and values in seconds will not be converted
-to other units.
+format. Reverse DNS lookups will be disabled, time will be printed as number of
+seconds since the epoch, and values in seconds will not be converted to other
+units.
 
 *-d*::
 This option enables printing of debugging messages if *chronyc* was compiled
@@ -284,15 +291,18 @@ milliseconds.
 
 === Time sources
 
-[[sources]]*sources* [*-v*]::
+[[sources]]*sources* [*-a*] [*-v*]::
 This command displays information about the current time sources that *chronyd*
 is accessing.
 +
-The optional argument *-v* can be specified, meaning _verbose_. In this case,
+If the *-a* option is specified, all sources are displayed, including those that
+do not have a known address yet. Such sources have an identifier in the format
+_ID#XXXXXXXXXX_, which can be used in other commands expecting a source address.
++
+The *-v* option enables a verbose output. In this case,
 extra caption lines are shown as a reminder of the meanings of the columns.
 +
 ----
-210 Number of sources = 3
 MS Name/IP address         Stratum Poll Reach LastRx Last sample
 ===============================================================================
 #* GPS0                          0   4   377    11   -479ns[ -621ns] +/-  134ns
@@ -338,8 +348,9 @@ register has 8 bits and is updated on every received or missed packet from
 the source. A value of 377 indicates that a valid reply was received for all
 from the last eight transmissions.
 *LastRx*:::
-This column shows how long ago the last sample was received from the source.
-This is normally in seconds. The letters _m_, _h_, _d_ or _y_ indicate
+This column shows how long ago the last good sample (which is shown in the next
+column) was received from the source. Measurements that failed some tests are
+ignored. This is normally in seconds. The letters _m_, _h_, _d_ or _y_ indicate
 minutes, hours, days, or years.
 *Last sample*:::
 This column shows the offset between the local clock and the source at the
@@ -352,18 +363,21 @@ since. The number following the _+/-_ indicator shows the margin of error in
 the measurement. Positive offsets indicate that the local clock is ahead of
 the source.
 
-[[sourcestats]]*sourcestats* [*-v*]::
+[[sourcestats]]*sourcestats* [*-a*] [*-v*]::
 The *sourcestats* command displays information about the drift rate and offset
 estimation process for each of the sources currently being examined by
 *chronyd*.
 +
-The optional argument *-v* can be specified, meaning _verbose_. In this case,
+If the *-a* option is specified, all sources are displayed, including those that
+do not have a known address yet. Such sources have an identifier in the format
+_ID#XXXXXXXXXX_, which can be used in other commands expecting a source address.
++
+The *-v* option enables a verbose output. In this case,
 extra caption lines are shown as a reminder of the meanings of the columns.
 +
 An example report is:
 +
 ----
-210 Number of sources = 1
 Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
 ===============================================================================
 foo.example.net            11   5   46m     -0.001      0.045      1us    25us
@@ -441,8 +455,9 @@ not visible in the *sources* and *sourcestats* reports.
 
 [[ntpdata]]*ntpdata* [_address_]::
 The *ntpdata* command displays the last valid measurement and other
-NTP-specific information about the specified NTP source, or all NTP sources if
-no address was specified. An example of the output is shown below.
+NTP-specific information about the specified NTP source, or all NTP sources
+(with a known address) if no address was specified. An example of the output is
+shown below.
 +
 ----
 Remote address  : 203.0.113.15 (CB00710F)
@@ -525,15 +540,13 @@ The number of all packets received from the source.
 *Total valid RX*:::
 The number of valid packets received from the source.
 
-[[add_peer]]*add peer* _address_ [_option_]...::
+[[add_peer]]*add peer* _name_ [_option_]...::
 The *add peer* command allows a new NTP peer to be added whilst
 *chronyd* is running.
 +
 Following the words *add peer*, the syntax of the following
-parameters and options is similar to that for the
+parameters and options is identical to that for the
 <<chrony.conf.adoc#peer,*peer*>> directive in the configuration file.
-The following peer options can be set in the command: *port*, *minpoll*,
-*maxpoll*, *presend*, *maxdelayratio*, *maxdelay*, *key*.
 +
 An example of using this command is shown below.
 +
@@ -541,15 +554,27 @@ An example of using this command is shown below.
 add peer foo.example.net minpoll 6 maxpoll 10 key 25
 ----
 
-[[add_server]]*add server* _address_ [_option_]...::
+[[add_pool]]*add pool* _name_ [_option_]...::
+The *add pool* command allows a pool of NTP servers to be added whilst
+*chronyd* is running.
++
+Following the words *add pool*, the syntax of the following parameters and
+options is identical to that for the <<chrony.conf.adoc#pool,*pool*>>
+directive in the configuration file.
++
+An example of using this command is shown below:
++
+----
+add pool foo.example.net maxsources 3 iburst
+----
+
+[[add_server]]*add server* _name_ [_option_]...::
 The *add server* command allows a new NTP server to be added whilst
 *chronyd* is running.
 +
 Following the words *add server*, the syntax of the following parameters and
-options is similar to that for the <<chrony.conf.adoc#server,*server*>>
+options is identical to that for the <<chrony.conf.adoc#server,*server*>>
 directive in the configuration file.
-The following server options can be set in the command: *port*, *minpoll*,
-*maxpoll*, *presend*, *maxdelayratio*, *maxdelay*, *key*.
 +
 An example of using this command is shown below:
 +
@@ -687,7 +712,8 @@ the loaded periods. The *offline* and *online* commands can be used to achieve
 this.
 +
 There are four forms of the *offline* command. The first form is a wildcard,
-meaning all sources. The second form allows an IP address mask and a masked
+meaning all sources (including sources that do not have a known address yet).
+The second form allows an IP address mask and a masked
 address to be specified. The third form uses CIDR notation. The fourth form
 uses an IP address or a hostname. These forms are illustrated below.
 +
@@ -722,6 +748,14 @@ particular source or sources has been restored.
 +
 The syntax is identical to that of the <<offline,*offline*>> command.
 
+[[onoffline]]
+*onoffline*::
+The *onoffline* command tells *chronyd* to switch all sources that have a known
+address to the online or
+offline status according to the current network configuration. A source is
+considered online if it is possible to send requests to it, i.e. a network
+route to the source is present.
+
 [[polltarget]]*polltarget* _address_ _polltarget_::
 The *polltarget* command is used to modify the poll target for one of the
 current set of sources. It is equivalent to the *polltarget* option in the
@@ -736,6 +770,15 @@ Sources that stop responding will be replaced with newly resolved addresses
 automatically after 8 polling intervals, but this command can still be useful
 to replace them immediately and not wait until they are marked as unreachable.
 
+[[sourcename]]*sourcename* _address_::
+The *sourcename* command prints the original hostname or address that was
+specified for an NTP source in the configuration file, or the *add* command.
+This command is an alternative to the *-N* option, which can be useful in
+scripts.
++
+Note that different NTP sources can share the same name, e.g. servers from a
+pool.
+
 === Manual time input
 
 [[manual]]
@@ -1128,6 +1171,17 @@ running.
 The *rekey* command causes *chronyd* to re-read the key file specified in the
 configuration file by the <<chrony.conf.adoc#keyfile,*keyfile*>> directive.
 
+[[reset]]*reset*::
+The *reset* command causes *chronyd* to drop all measurements and switch to the
+unsynchronised state. This command can help *chronyd* with recovery when the
+measurements are known to be no longer valid or accurate, e.g. due to moving
+the computer to a different network, or resuming the computer from a low-power
+state (which resets the system clock).
+
+[[shutdown]]*shutdown*::
+The *shutdown* command causes *chronyd* to exit. This is equivalent to sending
+the process the SIGTERM signal.
+
 === Client commands
 
 [[dns]]*dns* _option_::
@@ -1176,10 +1230,10 @@ generated from the _/dev/urandom_ device and it is printed to standard output.
 +
 The command has three optional arguments. The first argument is the key number
 (by default 1), which will be specified with the *key* option of the *server*
-or *peer* directives in the configuration file. The second argument is the hash
-function (by default SHA1 or MD5 if SHA1 is not available) and the third
-argument is the number of bits the key should have, between 80 and 4096 bits
-(by default 160 bits).
+or *peer* directives in the configuration file. The second argument is the name
+of the hash function or cipher (by default SHA1, or MD5 if SHA1 is not
+available). The third argument is the length of the key in bits if a hash
+function was selected, between 80 and 4096 bits (by default 160 bits).
 +
 An example is:
 +

doc/chronyd.adoc

@@ -41,7 +41,7 @@ If no configuration directives are specified on the command line, *chronyd*
 will read them from a configuration file. The compiled-in default location of
 the file is _@SYSCONFDIR@/chrony.conf_.
 
-Information messages and warnings will be logged to syslog.
+Informational messages, warnings, and errors will be logged to syslog.
 
 == OPTIONS
 
@@ -55,20 +55,26 @@ IPv6 sockets will be created.
 
 *-f* _file_::
 This option can be used to specify an alternate location for the configuration
-file (default _@SYSCONFDIR@/chrony.conf_).
+file. The default value is _@SYSCONFDIR@/chrony.conf_.
 
 *-n*::
 When run in this mode, the program will not detach itself from the terminal.
 
 *-d*::
 When run in this mode, the program will not detach itself from the terminal,
-and all messages will be written to the terminal instead of syslog. When
-*chronyd* was compiled with debugging support, this option can be used twice to
-print also debugging messages.
+and all messages will be written to the terminal instead of syslog. If
+*chronyd* was compiled with enabled support for debugging, this option can be
+used twice to enable debug messages.
 
 *-l* _file_::
-This option specifies a file which should be used for logging instead of syslog
-or terminal.
+This option enables writing of log messages to a file instead of syslog or the
+terminal.
+
+*-L* _level_::
+This option specifies the minimum severity level of messages to be written to
+the log file, syslog, or terminal. The following levels can be specified:
+0 (informational), 1 (warning), 2 (non-fatal error), and 3 (fatal error). The
+default value is 0.
 
 *-q*::
 When run in this mode, *chronyd* will set the system clock once and exit. It
@@ -81,9 +87,9 @@ started without root privileges.
 
 *-r*::
 This option will try to reload and then delete files containing sample
-histories for each of the servers and reference clocks being used. These
-histories are created by using the <<chronyc.adoc#dump,*dump*>> command in
-*chronyc*, or by setting the <<chrony.conf.adoc#dumponexit,*dumponexit*>>
+histories for each of the servers and reference clocks being used. The
+files are expected to be in the directory specified by the
+<<chrony.conf.adoc#dumpdir,*dumpdir*>>
 directive in the configuration file. This option is useful if you want to stop
 and restart *chronyd* briefly for any reason, e.g. to install a new version.
 However, it should be used only on systems where the kernel can maintain clock
@@ -125,7 +131,8 @@ running, but still allow it to adjust the frequency of the system clock.
 *-u* _user_::
 This option sets the name of the system user to which *chronyd* will switch
 after start in order to drop root privileges. It overrides the
-<<chrony.conf.adoc#user,*user*>> directive (default _@DEFAULT_USER@_).
+<<chrony.conf.adoc#user,*user*>> directive. The default value is
+_@DEFAULT_USER@_.
 +
 On Linux, *chronyd* needs to be compiled with support for the *libcap* library.
 On macOS, FreeBSD, NetBSD and Solaris *chronyd* forks into two processes.
@@ -135,8 +142,9 @@ range of privileged system calls on behalf of the parent.
 *-F* _level_::
 This option configures a system call filter when *chronyd* is compiled with
 support for the Linux secure computing (seccomp) facility. In level 1 the
-process is killed when a forbidden system call is made, in level -1 the SYSSIG
-signal is thrown instead and in level 0 the filter is disabled (default 0).
+process is killed when a forbidden system call is made, in level -1 the SIGSYS
+signal is thrown instead and in level 0 the filter is disabled. The default
+value is 0.
 +
 It's recommended to enable the filter only when it's known to work on the
 version of the system where *chrony* is installed as the filter needs to allow
@@ -148,20 +156,22 @@ killed even in normal operation.
 *-P* _priority_::
 On Linux, this option will select the SCHED_FIFO real-time scheduler at the
 specified priority (which must be between 0 and 100). On macOS, this option
-must have either a value of 0 (the default) to disable the thread time
+must have either a value of 0 to disable the thread time
 constraint policy or 1 for the policy to be enabled. Other systems do not
-support this option.
+support this option. The default value is 0.
 
 *-m*::
 This option will lock *chronyd* into RAM so that it will never be paged out.
 This mode is only supported on Linux.
 
 *-x*::
-This option disables the control of the system clock. *chronyd* will not make
-any adjustments of the clock, but it will still track its offset and frequency
-relative to the estimated true time, and be able to operate as an NTP server.
-This allows *chronyd* to run without the capability to adjust or set the system
-clock (e.g. in some containers).
+This option disables the control of the system clock. *chronyd* will not try to
+make any adjustments of the clock. It will assume the clock is free running and
+still track its offset and frequency relative to the estimated true time. This
+option allows *chronyd* to run without the capability to adjust or set the
+system clock (e.g. in some containers) in order to operate as an NTP server. It
+is not recommended to run *chronyd* (with or without *-x*) when another process
+is controlling the system clock.
 
 *-v*::
 With this option *chronyd* will print version number to the terminal and exit.

doc/faq.adoc

@@ -171,6 +171,11 @@ network latency and stability of the system clock (which mainly depends on the
 temperature sensitivity of the crystal oscillator and the maximum rate of the
 temperature change).
 
+Generally, if the `sourcestats` command usually reports a small number of
+samples retained for a source (e.g. fewer than 16), a shorter polling interval
+should be considered. If the number of samples is usually at the maximum of 64,
+a longer polling interval may work better.
+
 An example of the directive for an NTP server on the Internet that you are
 allowed to poll frequently could be
 
@@ -178,15 +183,15 @@ allowed to poll frequently could be
 server foo.example.net minpoll 4 maxpoll 6 polltarget 16
 ----
 
-An example using very short polling intervals for a server located in the same
+An example using shorter polling intervals with a server located in the same
 LAN could be
 
 ----
 server ntp.local minpoll 2 maxpoll 4 polltarget 30
 ----
 
-The maxdelay options are useful to ignore measurements with larger delay (e.g.
-due to congestion in the network) and improve the stability of the
+The maxdelay options are useful to ignore measurements with an unusally large
+delay (e.g. due to congestion in the network) and improve the stability of the
 synchronisation. The `maxdelaydevratio` option could be added to the example
 with local NTP server
 
@@ -194,17 +199,40 @@ with local NTP server
 server ntp.local minpoll 2 maxpoll 4 polltarget 30 maxdelaydevratio 2
 ----
 
-If your server supports the interleaved mode, the `xleave` option should be
-added to the `server` directive in order to allow the server to send the
-client more accurate hardware or kernel transmit timestamps. When combined with
-local hardware timestamping, sub-microsecond accuracy may be possible. An
-example could be
+If your server supports the interleaved mode (e.g. it is running `chronyd`),
+the `xleave` option should be added to the `server` directive in order to allow
+the server to send the client more accurate transmit timestamps (kernel or
+preferably hardware). For example:
 
 ----
-server ntp.local minpoll 2 maxpoll 2 xleave
+server ntp.local minpoll 2 maxpoll 4 xleave
+----
+
+When combined with local hardware timestamping, good network switches, and even
+shorter polling intervals, a sub-microsecond accuracy and stability of a few
+tens of nanoseconds may be possible. For example:
+
+----
+server ntp.local minpoll 0 maxpoll 0 xleave
 hwtimestamp eth0
 ----
 
+For best stability, the CPU should be running at a constant frequency (i.e.
+disabled power saving and performance boosting). Energy-Efficient Ethernet
+(EEE) should be disabled in the network. The switches should be configured to
+prioritize NTP packets, especially if the network is expected to be heavily
+loaded.
+
+If it is acceptable for NTP clients in the network to send requests at an
+excessive rate, a sub-second polling interval may be specified. A median filter
+can be enabled in order to update the clock at a reduced rate with more stable
+measurements. For example:
+
+----
+server ntp.local minpoll -6 maxpoll -6 filter 15 xleave
+hwtimestamp eth0 minpoll -6
+----
+
 === Does `chronyd` have an ntpdate mode?
 
 Yes. With the `-q` option `chronyd` will set the system clock once and exit.
@@ -216,6 +244,45 @@ specified on the command line. For example:
 # chronyd -q 'pool pool.ntp.org iburst'
 ----
 
+The command above would normally take about 5 seconds if the servers were
+well synchronised and responding to all requests. If not synchronised or
+responding, it would take about 10 seconds for `chronyd` to give up and exit
+with a non-zero status. A faster configuration is possible. A single server can
+be used instead of four servers, the number of measurements can be reduced with
+the `maxsamples` option, and a timeout can be specified with the `-t` option.
+The following command would take only up to about 1 second.
+
+----
+# chronyd -q -t 1 'server pool.ntp.org iburst maxsamples 1'
+----
+
+=== Can `chronyd` be configured to control the clock like `ntpd`?
+
+It is not possible to perfectly emulate `ntpd`, but there are some options that
+can configure `chronyd` to behave more like `ntpd`.
+
+In the following example the `minsamples` directive slows down the response to
+changes in the frequency and offset of the clock. The `maxslewrate` and
+`corrtimeratio` directives reduce the maximum frequency error due to an offset
+correction and the `maxdrift` directive reduces the maximum assumed frequency
+error of the clock. The `makestep` directive enables a step threshold and the
+`maxchange` directive enables a panic threshold. The `maxclockerror` directive
+increases the minimum dispersion rate.
+
+----
+minsamples 32
+maxslewrate 500
+corrtimeratio 100
+maxdrift 500
+makestep 0.128 -1
+maxchange 1000 1 1
+maxclockerror 15
+----
+
+Note that increasing `minsamples` may cause the offsets in the `tracking` and
+`sourcestats` reports/logs to be significantly smaller than the actual offsets
+and be unsuitable for monitoring.
+
 === What happened to the `commandkey` and `generatecommandkey` directives?
 
 They were removed in version 2.2. Authentication is no longer supported in the
@@ -292,6 +359,49 @@ to
 makestep 1 -1
 ----
 
+=== Using a Windows NTP server?
+
+A common issue with Windows NTP servers is that they report a very large root
+dispersion (e.g. three seconds or more), which causes `chronyd` to ignore the
+server for being too inaccurate. The `sources` command may show a valid
+measurement, but the server is not selected for synchronisation. You can check
+the root dispersion of the server with the ``chronyc``'s `ntpdata` command.
+
+The `maxdistance` value needs to be increased in _chrony.conf_ to enable
+synchronisation to such a server. For example:
+
+----
+maxdistance 16.0
+----
+
+=== Using a PPS reference clock?
+
+A pulse-per-second (PPS) reference clock requires a non-PPS time source to
+determine which second of UTC corresponds to each pulse. If it is another
+reference clock specified with the `lock` option in the `refclock` directive,
+the offset between the two reference clocks must be smaller than 0.2 seconds in
+order for the PPS reference clock to work. With NMEA reference clocks it is
+common to have a larger offset. It needs to be corrected with the `offset`
+option.
+
+One approach to find out a good value of the `offset` option is to configure
+the reference clocks with the `noselect` option and compare them to an NTP
+server. For example, if the `sourcestats` command showed
+
+----
+Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
+==============================================================================
+PPS0                        0   0     0     +0.000   2000.000     +0ns  4000ms
+NMEA                       58  30   231    -96.494     38.406   +504ms  6080us
+foo.example.net             7   3   200     -2.991     16.141   -107us   492us
+----
+
+the offset of the NMEA source would need to be increased by about 0.504
+seconds. It does not have to be very accurate. As long as the offset of the
+NMEA reference clock stays below 0.2 seconds, the PPS reference clock should be
+able to determine the seconds corresponding to the pulses and allow the samples
+to be used for synchronisation.
+
 == Issues with `chronyc`
 
 === I keep getting the error `506 Cannot talk to daemon`
@@ -393,16 +503,31 @@ things
 
 Some other program running on the system may be using the device.
 
+=== What if my computer does not have an RTC or backup battery?
+
+In this case you can still use the `-s` option to set the system clock to the
+last modification time of the drift file, which should correspond to the system
+time when `chronyd` was previously stopped. The initial system time will be
+increasing across reboots and applications started after `chronyd` will not
+observe backward steps.
+
 == NTP-specific issues
 
-=== Can `chronyd` be driven from broadcast NTP servers?
+=== Can `chronyd` be driven from broadcast/multicast NTP servers?
 
-No, the broadcast client mode is not supported and there is currently no plan
-to implement it. The broadcast and multicast modes are inherently less
-accurate and less secure (even with authentication) than the ordinary
-server/client mode and they are not as useful as they used to be. Even with
-very modest hardware a single NTP server can serve time to hundreds of
-thousands of clients using the ordinary mode.
+No, the broadcast/multicast client mode is not supported and there is currently
+no plan to implement it. While the mode may be useful to simplify configuration
+of clients in large networks, it is inherently less accurate and less secure
+(even with authentication) than the ordinary client/server mode.
+
+When configuring a large number of clients in a network, it is recommended to
+use the `pool` directive with a DNS name which resolves to addresses of
+multiple NTP servers. The clients will automatically replace the servers when
+they become unreachable, or otherwise unsuitable for synchronisation, with new
+servers from the pool.
+
+Even with very modest hardware, an NTP server can serve time to hundreds of
+thousands of clients using the ordinary client/server mode.
 
 === Can `chronyd` transmit broadcast NTP packets?
 

doc/installation.adoc

@@ -22,6 +22,26 @@ The software is distributed as source code which has to be compiled. The source
 code is supplied in the form of a gzipped tar file, which unpacks to a
 subdirectory identifying the name and version of the program.
 
+A C compiler (e.g. `gcc` or `clang`) and GNU Make are needed to build `chrony`.
+The following libraries with their development files, and programs, are needed
+to enable optional features:
+
+* pkg-config: detection of development libraries
+* Nettle, NSS, or LibTomCrypt: secure hash functions (`SECHASH`)
+* libcap: dropping root privileges on Linux (`DROPROOT`)
+* libseccomp: system call filter on Linux (`SCFILTER`)
+* GnuTLS and Nettle: Network Time Security (`NTS`)
+* Editline: line editing in `chronyc` (`READLINE`)
+* timepps.h header: PPS reference clock
+* Asciidoctor: documentation in HTML format
+* Bash: test suite
+
+The following programs are needed when building `chrony` from the git
+repository instead of a released tar file:
+
+* Asciidoctor: manual pages
+* Bison: parser for chronyc settime command
+
 After unpacking the source code, change directory into it, and type
 
 ----
@@ -29,8 +49,8 @@ After unpacking the source code, change directory into it, and type
 ----
 
 This is a shell script that automatically determines the system type. There is
-a single optional parameter, `--prefix` which indicates the directory tree
-where the software should be installed. For example,
+an optional parameter `--prefix`, which indicates the directory tree where the
+software should be installed. For example,
 
 ----
 ./configure --prefix=/opt/free
@@ -40,11 +60,11 @@ will install the `chronyd` daemon into `/opt/free/sbin` and the `chronyc`
 control program into `/opt/free/bin`. The default value for the prefix is
 `/usr/local`.
 
-The configure script assumes you want to use gcc as your compiler. If you want
-to use a different compiler, you can configure this way:
+The `configure` script assumes you want to use `gcc` as your compiler. If you
+want to use a different compiler, you can configure this way:
 
 ----
-CC=cc CFLAGS=-O ./configure --prefix=/opt/free
+CC=cc ./configure --prefix=/opt/free
 ----
 
 for Bourne-family shells, or
@@ -63,11 +83,26 @@ shown. Otherwise, `Makefile` will be generated.
 On Linux, if development files for the libcap library are available, `chronyd`
 will be built with support for dropping root privileges. On other systems no
 extra library is needed. The default user which `chronyd` should run as can be
-specified with the `--with-user` option of the configure script.
+specified with the `--with-user` option of the `configure` script.
+
+If development files for the POSIX threads library are available, `chronyd`
+will be built with support for asynchronous resolving of hostnames specified in
+the `server`, `peer`, and `pool` directives. This allows `chronyd` operating as
+a server to respond to client requests when resolving a hostname. If you don't
+want to enable the support, specify the `--disable-asyncdns` flag to
+`configure`.
+
+If development files for the https://www.lysator.liu.se/~nisse/nettle/[Nettle],
+https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS[NSS], or
+http://www.libtom.net/LibTomCrypt/[libtomcrypt] library are available,
+`chronyd` will be built with support for other cryptographic hash functions
+than MD5, which can be used for NTP authentication with a symmetric key. If you
+don't want to enable the support, specify the `--disable-sechash` flag to
+`configure`.
 
 If development files for the editline or readline library are available,
 `chronyc` will be built with line editing support. If you don't want this,
-specify the `--disable-readline` flag to configure.
+specify the `--disable-readline` flag to `configure`.
 
 If a `timepps.h` header is available (e.g. from the
 http://linuxpps.org[LinuxPPS project]), `chronyd` will be built with PPS API
@@ -75,6 +110,9 @@ reference clock driver. If the header is installed in a location that isn't
 normally searched by the compiler, you can add it to the searched locations by
 setting the `CPPFLAGS` variable to `-I/path/to/timepps`.
 
+The `--help` option can be specified to `configure` to print all options
+supported by the script.
+
 Now type
 
 ----
@@ -122,6 +160,16 @@ unprivileged user for `chronyd` and specify it with the `-u` command-line
 option or the `user` directive in the configuration file, or set the default
 user with the `--with-user` configure option before building.
 
+== Support for system call filtering
+
+`chronyd` can be built with support for the Linux secure computing (seccomp)
+facility. This requires development files for the
+https://github.com/seccomp/libseccomp[libseccomp] library and the
+`--enable-scfilter` option specified to `configure`. The `-F` option of
+`chronyd` will enable a system call filter, which should significantly reduce
+the kernel attack surface and possibly prevent kernel exploits from `chronyd`
+if it is compromised.
+
 == Support for line editing libraries
 
 `chronyc` can be built with support for line editing, this allows you to use
@@ -132,12 +180,12 @@ Please note that readline since version 6.0 is licensed under GPLv3+ which is
 incompatible with chrony's license GPLv2. You should use editline instead if
 you don't want to use older readline versions.
 
-The configure script will automatically enable the line editing support if one
-of the supported libraries is available. If they are both available, the
+The `configure` script will automatically enable the line editing support if
+one of the supported libraries is available. If they are both available, the
 editline library will be used.
 
-If you don't want to use it (in which case chronyc will use a minimal command
-line interface), invoke configure like this:
+If you don't want to use it (in which case `chronyc` will use a minimal command
+line interface), invoke `configure` like this:
 
 ----
 ./configure --disable-readline other-options...
@@ -161,12 +209,12 @@ normally searched by the compiler and linker, you need to use extra options:
 
 == Extra options for package builders
 
-The configure and make procedures have some extra options that may be useful if
-you are building a distribution package for chrony.
+The `configure` and `make` procedures have some extra options that may be
+useful if you are building a distribution package for `chrony`.
 
-The `--mandir=DIR` option to configure specifies an install directory for the
-man pages. This overrides the `man` subdirectory of the argument to the
---prefix option.
+The `--mandir=DIR` option to `configure` specifies an installation directory
+for the man pages. This overrides the `man` subdirectory of the argument to the
+`--prefix` option.
 
 ----
 ./configure --prefix=/usr --mandir=/usr/share/man
@@ -174,8 +222,8 @@ man pages. This overrides the `man` subdirectory of the argument to the
 
 to set both options together.
 
-The final option is the `DESTDIR` option to the make command. For example, you
-could use the commands
+The final option is the `DESTDIR` option to the `make` command. For example,
+you could use the commands
 
 ----
 ./configure --prefix=/usr --mandir=/usr/share/man

examples/chrony.conf.example3

@@ -95,7 +95,7 @@ driftfile /var/lib/chrony/drift
 # still running and bail out.  If you want to change the path to the PID
 # file, uncomment this line and edit it.  The default path is shown.
 
-! pidfile /var/run/chronyd.pid
+! pidfile /var/run/chrony/chronyd.pid
 
 # If the system timezone database is kept up to date and includes the
 # right/UTC timezone, chronyd can use it to determine the current

examples/chrony.keys.example

@@ -1,6 +1,7 @@
-# This is an example chrony keys file.  It is used for NTP authentication with
-# symmetric keys.  It should be readable only by root or the user to which
-# chronyd is configured to switch to after start.
+# This is an example chrony keys file.  It enables authentication of NTP
+# packets with symmetric keys when its location is specified by the keyfile
+# directive in chrony.conf(5).  It should be readable only by root and the
+# user under which chronyd is running.
 #
 # Don't use the example keys!  It's recommended to generate random keys using
 # the chronyc keygen command.

examples/chrony.nm-dispatcher

@@ -1,35 +1,15 @@
 #!/bin/sh
-# This is a NetworkManager dispatcher script for chronyd to set its NTP sources
-# online or offline when a network interface is configured or removed
+# This is a NetworkManager dispatcher / networkd-dispatcher script for
+# chronyd to set its NTP sources online or offline when a network interface
+# is configured or removed
 
 export LC_ALL=C
 
-# Check if there is a default route
+# For NetworkManager consider only up/down events
+[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0
 
-if /sbin/ip route list 2> /dev/null | grep -q '^default'; then
-  chronyc online > /dev/null 2>&1
-  exit 0
-fi
+# Note: for networkd-dispatcher routable.d ~= on and off.d ~= off
 
-sources=$(chronyc -c -n sources 2> /dev/null)
-
-[ $? -ne 0 ] && exit 0
-
-# Check each configured source if it has a route
-
-echo "$sources" | while IFS=, read mode state address rest; do
-  [ "$mode" != '^' ] && [ "$mode" != '=' ] && continue
-
-  /sbin/ip route get "$address" > /dev/null 2>&1 && command="online" || command="offline"
-
-  # Set priority of sources so that the selected source is set as
-  # last if offline to avoid unnecessary reselection
-  [ "$state" != '*' ] && priority=1 || priority=2
-
-  echo "$priority $command $address"
-
-done | sort | while read priority command address; do
-  echo "$command $address"
-done | chronyc > /dev/null 2>&1
+chronyc onoffline > /dev/null 2>&1
 
 exit 0

examples/chrony.spec

@@ -1,46 +0,0 @@
-%global chrony_version @@VERSION@@
-%if 0%(echo %{chrony_version} | grep -q pre && echo 1)
-%global prerelease %(echo %{chrony_version} | sed 's/.*-//')
-%endif
-Summary: An NTP client/server
-Name: chrony
-Version: %(echo %{chrony_version} | sed 's/-.*//')
-Release: %{!?prerelease:1}%{?prerelease:0.1.%{prerelease}}
-Source: chrony-%{version}%{?prerelease:-%{prerelease}}.tar.gz
-License: GPLv2
-Group: Applications/Utilities
-BuildRoot: %{_tmppath}/%{name}-%{version}-root-%(id -u -n)
-
-%description
-chrony is a client and server for the Network Time Protocol (NTP).
-This program keeps your computer's clock accurate. It was specially
-designed to support systems with intermittent Internet connections,
-but it also works well in permanently connected environments. It can
-also use hardware reference clocks, the system real-time clock, or
-manual input as time references.
-
-%prep
-%setup -q -n %{name}-%{version}%{?prerelease:-%{prerelease}}
-
-%build
-./configure \
-	--prefix=%{_prefix} \
-	--bindir=%{_bindir} \
-	--sbindir=%{_sbindir} \
-	--mandir=%{_mandir}
-make
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT
-
-%files
-%{_sbindir}/chronyd
-%{_bindir}/chronyc
-%{_mandir}/man1/chronyc.1.gz
-%{_mandir}/man5/chrony.conf.5.gz
-%{_mandir}/man8/chronyd.8.gz
-%doc README FAQ NEWS COPYING
-%doc examples/chrony.conf.example*
-%doc examples/chrony.keys.example
-

examples/chronyd.service

@@ -7,7 +7,7 @@ ConditionCapability=CAP_SYS_TIME
 
 [Service]
 Type=forking
-PIDFile=/var/run/chronyd.pid
+PIDFile=/run/chrony/chronyd.pid
 EnvironmentFile=-/etc/sysconfig/chronyd
 ExecStart=/usr/sbin/chronyd $OPTIONS
 PrivateTmp=yes

hash_intmd5.c

@@ -29,6 +29,7 @@
 #include "sysincl.h"
 #include "hash.h"
 #include "memory.h"
+#include "util.h"
 
 #include "md5.c"
 
@@ -49,18 +50,17 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len,
     const unsigned char *in2, unsigned int in2_len,
     unsigned char *out, unsigned int out_len)
 {
-  if (out_len < 16)
-    return 0;
-
   MD5Init(&ctx);
   MD5Update(&ctx, in1, in1_len);
   if (in2)
     MD5Update(&ctx, in2, in2_len);
   MD5Final(&ctx);
 
-  memcpy(out, ctx.digest, 16);
+  out_len = MIN(out_len, 16);
 
-  return 16;
+  memcpy(out, ctx.digest, out_len);
+
+  return out_len;
 }
 
 void

hash_nettle.c

@@ -0,0 +1,119 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2018
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Routines implementing crypto hashing using the nettle library.
+
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include <nettle/nettle-meta.h>
+
+#include "hash.h"
+#include "memory.h"
+
+struct hash {
+  const char *name;
+  const char *int_name;
+  const struct nettle_hash *nettle_hash;
+  void *context;
+};
+
+static struct hash hashes[] = {
+  { "MD5", "md5", NULL, NULL },
+  { "SHA1", "sha1", NULL, NULL },
+  { "SHA256", "sha256", NULL, NULL },
+  { "SHA384", "sha384", NULL, NULL },
+  { "SHA512", "sha512", NULL, NULL },
+  { "SHA3-224", "sha3_224", NULL, NULL },
+  { "SHA3-256", "sha3_256", NULL, NULL },
+  { "SHA3-384", "sha3_384", NULL, NULL },
+  { "SHA3-512", "sha3_512", NULL, NULL },
+  { NULL, NULL, NULL, NULL }
+};
+
+int
+HSH_GetHashId(const char *name)
+{
+  int id, nid;
+
+  for (id = 0; hashes[id].name; id++) {
+    if (!strcmp(name, hashes[id].name))
+      break;
+  }
+
+  if (!hashes[id].name)
+    return -1;
+
+  if (hashes[id].context)
+    return id;
+
+  for (nid = 0; nettle_hashes[nid]; nid++) {
+    if (!strcmp(hashes[id].int_name, nettle_hashes[nid]->name))
+      break;
+  }
+
+  if (!nettle_hashes[nid] || !nettle_hashes[nid]->context_size || !nettle_hashes[nid]->init)
+    return -1;
+
+  hashes[id].nettle_hash = nettle_hashes[nid];
+  hashes[id].context = Malloc(hashes[id].nettle_hash->context_size);
+
+  return id;
+}
+
+unsigned int
+HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len,
+         const unsigned char *in2, unsigned int in2_len,
+         unsigned char *out, unsigned int out_len)
+{
+  const struct nettle_hash *hash;
+  void *context;
+
+  hash = hashes[id].nettle_hash;
+  context = hashes[id].context;
+
+  if (out_len > hash->digest_size)
+    out_len = hash->digest_size;
+
+  hash->init(context);
+  hash->update(context, in1_len, in1);
+  if (in2)
+    hash->update(context, in2_len, in2);
+  hash->digest(context, out_len, out);
+
+  return out_len;
+}
+
+void
+HSH_Finalise(void)
+{
+  int i;
+
+  for (i = 0; hashes[i].name; i++) {
+    if (hashes[i].context)
+      Free(hashes[i].context);
+  }
+}

hash_nss.c

@@ -32,6 +32,7 @@
 #include <nsslowhash.h>
 
 #include "hash.h"
+#include "util.h"
 
 static NSSLOWInitContext *ictx;
 
@@ -78,13 +79,17 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len,
     const unsigned char *in2, unsigned int in2_len,
     unsigned char *out, unsigned int out_len)
 {
-  unsigned int ret;
+  unsigned char buf[MAX_HASH_LENGTH];
+  unsigned int ret = 0;
 
   NSSLOWHASH_Begin(hashes[id].context);
   NSSLOWHASH_Update(hashes[id].context, in1, in1_len);
   if (in2)
     NSSLOWHASH_Update(hashes[id].context, in2, in2_len);
-  NSSLOWHASH_End(hashes[id].context, out, &ret, out_len);
+  NSSLOWHASH_End(hashes[id].context, buf, &ret, sizeof (buf));
+
+  ret = MIN(ret, out_len);
+  memcpy(out, buf, ret);
 
   return ret;
 }

hash_tomcrypt.c

@@ -2,7 +2,7 @@
   chronyd/chronyc - Programs for keeping computer clocks accurate.
 
  **********************************************************************
- * Copyright (C) Miroslav Lichvar  2012
+ * Copyright (C) Miroslav Lichvar  2012, 2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -29,6 +29,7 @@
 
 #include "config.h"
 #include "hash.h"
+#include "util.h"
 
 struct hash {
   const char *name;
@@ -38,18 +39,6 @@ struct hash {
 
 static const struct hash hashes[] = {
   { "MD5", "md5", &md5_desc },
-#ifdef LTC_RIPEMD128
-  { "RMD128", "rmd128", &rmd128_desc },
-#endif
-#ifdef LTC_RIPEMD160
-  { "RMD160", "rmd160", &rmd160_desc },
-#endif
-#ifdef LTC_RIPEMD256
-  { "RMD256", "rmd256", &rmd256_desc },
-#endif
-#ifdef LTC_RIPEMD320
-  { "RMD320", "rmd320", &rmd320_desc },
-#endif
 #ifdef LTC_SHA1
   { "SHA1", "sha1", &sha1_desc },
 #endif
@@ -62,6 +51,12 @@ static const struct hash hashes[] = {
 #ifdef LTC_SHA512
   { "SHA512", "sha512", &sha512_desc },
 #endif
+#ifdef LTC_SHA3
+  { "SHA3-224", "sha3-224", &sha3_224_desc },
+  { "SHA3-256", "sha3-256", &sha3_256_desc },
+  { "SHA3-384", "sha3-384", &sha3_384_desc },
+  { "SHA3-512", "sha3-512", &sha3_512_desc },
+#endif
 #ifdef LTC_TIGER
   { "TIGER", "tiger", &tiger_desc },
 #endif
@@ -99,19 +94,24 @@ HSH_Hash(int id, const unsigned char *in1, unsigned int in1_len,
     const unsigned char *in2, unsigned int in2_len,
     unsigned char *out, unsigned int out_len)
 {
+  unsigned char buf[MAX_HASH_LENGTH];
   unsigned long len;
   int r;
 
-  len = out_len;
+  len = sizeof (buf);
   if (in2)
-    r = hash_memory_multi(id, out, &len,
-        in1, (unsigned long)in1_len, in2, (unsigned long)in2_len, NULL, 0);
+    r = hash_memory_multi(id, buf, &len,
+                          in1, (unsigned long)in1_len,
+                          in2, (unsigned long)in2_len, NULL, 0);
   else
-    r = hash_memory(id, in1, in1_len, out, &len);
+    r = hash_memory(id, in1, in1_len, buf, &len);
 
   if (r != CRYPT_OK)
     return 0;
 
+  len = MIN(len, out_len);
+  memcpy(out, buf, len);
+
   return len;
 }
 

hwclock.c

@@ -2,7 +2,7 @@
   chronyd/chronyc - Programs for keeping computer clocks accurate.
 
  **********************************************************************
- * Copyright (C) Miroslav Lichvar  2016-2017
+ * Copyright (C) Miroslav Lichvar  2016-2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -36,8 +36,9 @@
 #include "regress.h"
 #include "util.h"
 
-/* Maximum number of samples per clock */
-#define MAX_SAMPLES 16
+/* Minimum and maximum number of samples per clock */
+#define MIN_SAMPLES 2
+#define MAX_SAMPLES 64
 
 /* Maximum acceptable frequency offset of the clock */
 #define MAX_FREQ_OFFSET (2.0 / 3.0)
@@ -49,10 +50,12 @@ struct HCL_Instance_Record {
 
   /* Samples stored as intervals (uncorrected for frequency error)
      relative to local_ref and hw_ref */
-  double x_data[MAX_SAMPLES];
-  double y_data[MAX_SAMPLES];
+  double *x_data;
+  double *y_data;
 
-  /* Number of samples */
+  /* Minimum, maximum and current number of samples */
+  int min_samples;
+  int max_samples;
   int n_samples;
 
   /* Maximum error of the last sample */
@@ -89,13 +92,21 @@ handle_slew(struct timespec *raw, struct timespec *cooked, double dfreq,
 /* ================================================== */
 
 HCL_Instance
-HCL_CreateInstance(double min_separation)
+HCL_CreateInstance(int min_samples, int max_samples, double min_separation)
 {
   HCL_Instance clock;
 
+  min_samples = CLAMP(MIN_SAMPLES, min_samples, MAX_SAMPLES);
+  max_samples = CLAMP(MIN_SAMPLES, max_samples, MAX_SAMPLES);
+  max_samples = MAX(min_samples, max_samples);
+
   clock = MallocNew(struct HCL_Instance_Record);
-  clock->x_data[MAX_SAMPLES - 1] = 0.0;
-  clock->y_data[MAX_SAMPLES - 1] = 0.0;
+  clock->x_data = MallocArray(double, max_samples);
+  clock->y_data = MallocArray(double, max_samples);
+  clock->x_data[max_samples - 1] = 0.0;
+  clock->y_data[max_samples - 1] = 0.0;
+  clock->min_samples = min_samples;
+  clock->max_samples = max_samples;
   clock->n_samples = 0;
   clock->valid_coefs = 0;
   clock->min_separation = min_separation;
@@ -110,6 +121,8 @@ HCL_CreateInstance(double min_separation)
 void HCL_DestroyInstance(HCL_Instance clock)
 {
   LCL_RemoveParameterChangeHandler(handle_slew, clock);
+  Free(clock->y_data);
+  Free(clock->x_data);
   Free(clock);
 }
 
@@ -138,7 +151,7 @@ HCL_AccumulateSample(HCL_Instance clock, struct timespec *hw_ts,
 
   /* Shift old samples */
   if (clock->n_samples) {
-    if (clock->n_samples >= MAX_SAMPLES)
+    if (clock->n_samples >= clock->max_samples)
       clock->n_samples--;
 
     hw_delta = UTI_DiffTimespecsToDouble(hw_ts, &clock->hw_ref);
@@ -149,7 +162,7 @@ HCL_AccumulateSample(HCL_Instance clock, struct timespec *hw_ts,
       DEBUG_LOG("HW clock reset interval=%f", local_delta);
     }
 
-    for (i = MAX_SAMPLES - clock->n_samples; i < MAX_SAMPLES; i++) {
+    for (i = clock->max_samples - clock->n_samples; i < clock->max_samples; i++) {
       clock->y_data[i - 1] = clock->y_data[i] - hw_delta;
       clock->x_data[i - 1] = clock->x_data[i] - local_delta;
     }
@@ -162,8 +175,8 @@ HCL_AccumulateSample(HCL_Instance clock, struct timespec *hw_ts,
 
   /* Get new coefficients */
   clock->valid_coefs =
-    RGR_FindBestRobustRegression(clock->x_data + MAX_SAMPLES - clock->n_samples,
-                                 clock->y_data + MAX_SAMPLES - clock->n_samples,
+    RGR_FindBestRobustRegression(clock->x_data + clock->max_samples - clock->n_samples,
+                                 clock->y_data + clock->max_samples - clock->n_samples,
                                  clock->n_samples, 1.0e-10, &clock->offset, &raw_freq,
                                  &n_runs, &best_start);
 
@@ -175,7 +188,8 @@ HCL_AccumulateSample(HCL_Instance clock, struct timespec *hw_ts,
   clock->frequency = raw_freq / local_freq;
 
   /* Drop unneeded samples */
-  clock->n_samples -= best_start;
+  if (clock->n_samples > clock->min_samples)
+    clock->n_samples -= MIN(best_start, clock->n_samples - clock->min_samples);
 
   /* If the fit doesn't cross the error interval of the last sample,
      or the frequency is not sane, drop all samples and start again */

hwclock.h

@@ -29,7 +29,8 @@
 typedef struct HCL_Instance_Record *HCL_Instance;
 
 /* Create a new HW clock instance */
-extern HCL_Instance HCL_CreateInstance(double min_separation);
+extern HCL_Instance HCL_CreateInstance(int min_samples, int max_samples,
+                                       double min_separation);
 
 /* Destroy a HW clock instance */
 extern void HCL_DestroyInstance(HCL_Instance clock);

keys.c

@@ -32,6 +32,7 @@
 
 #include "array.h"
 #include "keys.h"
+#include "cmac.h"
 #include "cmdparse.h"
 #include "conf.h"
 #include "memory.h"
@@ -42,11 +43,22 @@
 /* Consider 80 bits as the absolute minimum for a secure key */
 #define MIN_SECURE_KEY_LENGTH 10
 
+typedef enum {
+  NTP_MAC,
+  CMAC,
+} KeyClass;
+
 typedef struct {
   uint32_t id;
-  char *val;
-  int len;
-  int hash_id;
+  KeyClass class;
+  union {
+    struct {
+      unsigned char *value;
+      int length;
+      int hash_id;
+    } ntp_mac;
+    CMC_Instance cmac;
+  } data;
   int auth_delay;
 } Key;
 
@@ -62,9 +74,21 @@ static void
 free_keys(void)
 {
   unsigned int i;
+  Key *key;
 
-  for (i = 0; i < ARR_GetSize(keys); i++)
-    Free(((Key *)ARR_GetElement(keys, i))->val);
+  for (i = 0; i < ARR_GetSize(keys); i++) {
+    key = ARR_GetElement(keys, i);
+    switch (key->class) {
+      case NTP_MAC:
+        Free(key->data.ntp_mac.value);
+        break;
+      case CMAC:
+        CMC_DestroyInstance(key->data.cmac);
+        break;
+      default:
+        assert(0);
+    }
+  }
 
   ARR_SetSize(keys, 0);
   cache_valid = 0;
@@ -107,10 +131,13 @@ determine_hash_delay(uint32_t key_id)
   double diff, min_diff;
   int i, nsecs;
 
+  memset(&pkt, 0, sizeof (pkt));
+
   for (i = 0; i < 10; i++) {
     LCL_ReadRawTime(&before);
-    KEY_GenerateAuth(key_id, (unsigned char *)&pkt, NTP_NORMAL_PACKET_LENGTH,
-        (unsigned char *)&pkt.auth_data, sizeof (pkt.auth_data));
+    KEY_GenerateAuth(key_id, (unsigned char *)&pkt, NTP_HEADER_LENGTH,
+                     (unsigned char *)&pkt + NTP_HEADER_LENGTH,
+                     sizeof (pkt) - NTP_HEADER_LENGTH);
     LCL_ReadRawTime(&after);
 
     diff = UTI_DiffTimespecsToDouble(&after, &before);
@@ -119,8 +146,7 @@ determine_hash_delay(uint32_t key_id)
       min_diff = diff;
   }
 
-  /* Add on a bit extra to allow for copying, conversions etc */
-  nsecs = 1.0625e9 * min_diff;
+  nsecs = 1.0e9 * min_diff;
 
   DEBUG_LOG("authentication delay for key %"PRIu32": %d nsecs", key_id, nsecs);
 
@@ -128,30 +154,18 @@ determine_hash_delay(uint32_t key_id)
 }
 
 /* ================================================== */
-/* Decode password encoded in ASCII or HEX */
+/* Decode key encoded in ASCII or HEX */
 
 static int
-decode_password(char *key)
+decode_key(char *key)
 {
-  int i, j, len = strlen(key);
-  char buf[3], *p;
+  int len = strlen(key);
 
   if (!strncmp(key, "ASCII:", 6)) {
     memmove(key, key + 6, len - 6);
     return len - 6;
   } else if (!strncmp(key, "HEX:", 4)) {
-    if ((len - 4) % 2)
-      return 0;
-
-    for (i = 0, j = 4; j + 1 < len; i++, j += 2) {
-      buf[0] = key[j], buf[1] = key[j + 1], buf[2] = '\0';
-      key[i] = strtol(buf, &p, 16);
-
-      if (p != buf + 2)
-        return 0;
-    }
-
-    return i;
+    return UTI_HexToBytes(key + 4, key, len);
   } else {
     /* assume ASCII */
     return len;
@@ -183,11 +197,11 @@ compare_keys_by_id(const void *a, const void *b)
 void
 KEY_Reload(void)
 {
-  unsigned int i, line_number;
+  unsigned int i, line_number, key_length, cmac_key_length;
   FILE *in;
-  uint32_t key_id;
-  char line[2048], *keyval, *key_file;
-  const char *hashname;
+  char line[2048], *key_file, *key_value;
+  const char *key_type;
+  int hash_id;
   Key key;
 
   free_keys();
@@ -198,7 +212,7 @@ KEY_Reload(void)
   if (!key_file)
     return;
 
-  in = fopen(key_file, "r");
+  in = UTI_OpenFile(NULL, key_file, NULL, 'r', 0);
   if (!in) {
     LOG(LOGS_WARN, "Could not open keyfile %s", key_file);
     return;
@@ -211,26 +225,43 @@ KEY_Reload(void)
     if (!*line)
       continue;
 
-    if (!CPS_ParseKey(line, &key_id, &hashname, &keyval)) {
-      LOG(LOGS_WARN, "Could not parse key at line %d in file %s", line_number, key_file);
+    memset(&key, 0, sizeof (key));
+
+    if (!CPS_ParseKey(line, &key.id, &key_type, &key_value)) {
+      LOG(LOGS_WARN, "Could not parse key at line %u in file %s", line_number, key_file);
       continue;
     }
 
-    key.hash_id = HSH_GetHashId(hashname);
-    if (key.hash_id < 0) {
-      LOG(LOGS_WARN, "Unknown hash function in key %"PRIu32, key_id);
+    key_length = decode_key(key_value);
+    if (key_length == 0) {
+      LOG(LOGS_WARN, "Could not decode key %"PRIu32, key.id);
       continue;
     }
 
-    key.len = decode_password(keyval);
-    if (!key.len) {
-      LOG(LOGS_WARN, "Could not decode password in key %"PRIu32, key_id);
+    hash_id = HSH_GetHashId(key_type);
+    cmac_key_length = CMC_GetKeyLength(key_type);
+
+    if (hash_id >= 0) {
+      key.class = NTP_MAC;
+      key.data.ntp_mac.value = MallocArray(unsigned char, key_length);
+      memcpy(key.data.ntp_mac.value, key_value, key_length);
+      key.data.ntp_mac.length = key_length;
+      key.data.ntp_mac.hash_id = hash_id;
+    } else if (cmac_key_length > 0) {
+      if (cmac_key_length != key_length) {
+        LOG(LOGS_WARN, "Invalid length of %s key %"PRIu32" (expected %u bits)",
+            key_type, key.id, 8 * cmac_key_length);
+        continue;
+      }
+
+      key.class = CMAC;
+      key.data.cmac = CMC_CreateInstance(key_type, (unsigned char *)key_value, key_length);
+      assert(key.data.cmac);
+    } else {
+      LOG(LOGS_WARN, "Unknown hash function or cipher in key %"PRIu32, key.id);
       continue;
     }
 
-    key.id = key_id;
-    key.val = MallocArray(char, key.len);
-    memcpy(key.val, keyval, key.len);
     ARR_AppendElement(keys, &key);
   }
 
@@ -333,7 +364,15 @@ KEY_GetAuthLength(uint32_t key_id)
   if (!key)
     return 0;
 
-  return HSH_Hash(key->hash_id, buf, 0, buf, 0, buf, sizeof (buf));
+  switch (key->class) {
+    case NTP_MAC:
+      return HSH_Hash(key->data.ntp_mac.hash_id, buf, 0, buf, 0, buf, sizeof (buf));
+    case CMAC:
+      return CMC_Hash(key->data.cmac, buf, 0, buf, sizeof (buf));
+    default:
+      assert(0);
+      return 0;
+  }
 }
 
 /* ================================================== */
@@ -348,30 +387,41 @@ KEY_CheckKeyLength(uint32_t key_id)
   if (!key)
     return 0;
 
-  return key->len >= MIN_SECURE_KEY_LENGTH;
+  switch (key->class) {
+    case NTP_MAC:
+      return key->data.ntp_mac.length >= MIN_SECURE_KEY_LENGTH;
+    default:
+      return 1;
+  }
 }
 
 /* ================================================== */
 
 static int
-generate_ntp_auth(int hash_id, const unsigned char *key, int key_len,
-                  const unsigned char *data, int data_len,
-                  unsigned char *auth, int auth_len)
+generate_auth(Key *key, const unsigned char *data, int data_len,
+              unsigned char *auth, int auth_len)
 {
-  return HSH_Hash(hash_id, key, key_len, data, data_len, auth, auth_len);
+  switch (key->class) {
+    case NTP_MAC:
+      return HSH_Hash(key->data.ntp_mac.hash_id, key->data.ntp_mac.value,
+                      key->data.ntp_mac.length, data, data_len, auth, auth_len);
+    case CMAC:
+      return CMC_Hash(key->data.cmac, data, data_len, auth, auth_len);
+    default:
+      return 0;
+  }
 }
 
 /* ================================================== */
 
 static int
-check_ntp_auth(int hash_id, const unsigned char *key, int key_len,
-               const unsigned char *data, int data_len,
-               const unsigned char *auth, int auth_len, int trunc_len)
+check_auth(Key *key, const unsigned char *data, int data_len,
+           const unsigned char *auth, int auth_len, int trunc_len)
 {
   unsigned char buf[MAX_HASH_LENGTH];
   int hash_len;
 
-  hash_len = generate_ntp_auth(hash_id, key, key_len, data, data_len, buf, sizeof (buf));
+  hash_len = generate_auth(key, data, data_len, buf, sizeof (buf));
 
   return MIN(hash_len, trunc_len) == auth_len && !memcmp(buf, auth, auth_len);
 }
@@ -380,7 +430,7 @@ check_ntp_auth(int hash_id, const unsigned char *key, int key_len,
 
 int
 KEY_GenerateAuth(uint32_t key_id, const unsigned char *data, int data_len,
-    unsigned char *auth, int auth_len)
+                 unsigned char *auth, int auth_len)
 {
   Key *key;
 
@@ -389,8 +439,7 @@ KEY_GenerateAuth(uint32_t key_id, const unsigned char *data, int data_len,
   if (!key)
     return 0;
 
-  return generate_ntp_auth(key->hash_id, (unsigned char *)key->val, key->len,
-                           data, data_len, auth, auth_len);
+  return generate_auth(key, data, data_len, auth, auth_len);
 }
 
 /* ================================================== */
@@ -406,6 +455,5 @@ KEY_CheckAuth(uint32_t key_id, const unsigned char *data, int data_len,
   if (!key)
     return 0;
 
-  return check_ntp_auth(key->hash_id, (unsigned char *)key->val, key->len,
-                        data, data_len, auth, auth_len, trunc_len);
+  return check_auth(key, data, data_len, auth, auth_len, trunc_len);
 }

logging.c

@@ -3,7 +3,7 @@
 
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
- * Copyright (C) Miroslav Lichvar  2011-2014
+ * Copyright (C) Miroslav Lichvar  2011-2014, 2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -29,26 +29,24 @@
 
 #include "sysincl.h"
 
+#include <syslog.h>
+
 #include "conf.h"
 #include "logging.h"
 #include "util.h"
 
 /* This is used by DEBUG_LOG macro */
-int log_debug_enabled = 0;
+LOG_Severity log_min_severity = LOGS_INFO;
 
 /* ================================================== */
 /* Flag indicating we have initialised */
 static int initialised = 0;
 
-static FILE *file_log;
+static FILE *file_log = NULL;
 static int system_log = 0;
 
 static int parent_fd = 0;
 
-#define DEBUG_LEVEL_PRINT_FUNCTION 2
-#define DEBUG_LEVEL_PRINT_DEBUG 2
-static int debug_level = 0;
-
 struct LogFile {
   const char *name;
   const char *banner;
@@ -70,7 +68,7 @@ void
 LOG_Initialise(void)
 {
   initialised = 1;
-  file_log = stderr;
+  LOG_OpenFileLog(NULL);
 }
 
 /* ================================================== */
@@ -79,11 +77,11 @@ LOG_Initialise(void)
 void
 LOG_Finalise(void)
 {
-  if (system_log) {
+  if (system_log)
     closelog();
-  } else {
+
+  if (file_log)
     fclose(file_log);
-  }
 
   LOG_CycleLogFiles();
 
@@ -116,7 +114,7 @@ static void log_message(int fatal, LOG_Severity severity, const char *message)
         assert(0);
     }
     syslog(priority, fatal ? "Fatal error : %s" : "%s", message);
-  } else {
+  } else if (file_log) {
     fprintf(file_log, fatal ? "Fatal error : %s\n" : "%s\n", message);
   }
 }
@@ -132,16 +130,18 @@ void LOG_Message(LOG_Severity severity,
   char buf[2048];
   va_list other_args;
   time_t t;
-  struct tm stm;
+  struct tm *tm;
 
-  if (!system_log) {
+  if (!system_log && file_log && severity >= log_min_severity) {
     /* Don't clutter up syslog with timestamps and internal debugging info */
     time(&t);
-    stm = *gmtime(&t);
-    strftime(buf, sizeof(buf), "%Y-%m-%dT%H:%M:%SZ", &stm);
-    fprintf(file_log, "%s ", buf);
+    tm = gmtime(&t);
+    if (tm) {
+      strftime(buf, sizeof (buf), "%Y-%m-%dT%H:%M:%SZ", tm);
+      fprintf(file_log, "%s ", buf);
+    }
 #if DEBUG > 0
-    if (debug_level >= DEBUG_LEVEL_PRINT_FUNCTION)
+    if (log_min_severity <= LOGS_DEBUG)
       fprintf(file_log, "%s:%d:(%s) ", filename, line_number, function_name);
 #endif
   }
@@ -155,22 +155,23 @@ void LOG_Message(LOG_Severity severity,
     case LOGS_INFO:
     case LOGS_WARN:
     case LOGS_ERR:
-      log_message(0, severity, buf);
+      if (severity >= log_min_severity)
+        log_message(0, severity, buf);
       break;
     case LOGS_FATAL:
-      log_message(1, severity, buf);
+      if (severity >= log_min_severity)
+        log_message(1, severity, buf);
 
-      /* With syslog, send the message also to the grandparent
-         process or write it to stderr if not detached */
-      if (system_log) {
-        if (parent_fd > 0) {
-          if (write(parent_fd, buf, strlen(buf) + 1) < 0)
-            ; /* Not much we can do here */
-        } else if (parent_fd == 0) {
-          system_log = 0;
-          log_message(1, severity, buf);
-        }
+      /* Send the message also to the foreground process if it is
+         still running, or stderr if it is still open */
+      if (parent_fd > 0) {
+        if (write(parent_fd, buf, strlen(buf) + 1) < 0)
+          ; /* Not much we can do here */
+      } else if (system_log && parent_fd == 0) {
+        system_log = 0;
+        log_message(1, severity, buf);
       }
+      exit(1);
       break;
     default:
       assert(0);
@@ -184,13 +185,18 @@ LOG_OpenFileLog(const char *log_file)
 {
   FILE *f;
 
-  f = fopen(log_file, "a");
-  if (!f)
-    LOG_FATAL("Could not open log file %s", log_file);
+  if (log_file) {
+    f = UTI_OpenFile(NULL, log_file, NULL, 'A', 0640);
+  } else {
+    f = stderr;
+  }
 
   /* Enable line buffering */
   setvbuf(f, NULL, _IOLBF, BUFSIZ);
 
+  if (file_log && file_log != stderr)
+    fclose(file_log);
+
   file_log = f;
 }
 
@@ -206,12 +212,10 @@ LOG_OpenSystemLog(void)
 
 /* ================================================== */
 
-void LOG_SetDebugLevel(int level)
+void LOG_SetMinSeverity(LOG_Severity severity)
 {
-  debug_level = level;
-  if (level >= DEBUG_LEVEL_PRINT_DEBUG) {
-    log_debug_enabled = 1;
-  }
+  /* Don't print any debug messages in a non-debug build */
+  log_min_severity = CLAMP(DEBUG > 0 ? LOGS_DEBUG : LOGS_INFO, severity, LOGS_FATAL);
 }
 
 /* ================================================== */
@@ -220,6 +224,8 @@ void
 LOG_SetParentFd(int fd)
 {
   parent_fd = fd;
+  if (file_log == stderr)
+    file_log = NULL;
 }
 
 /* ================================================== */
@@ -259,7 +265,7 @@ LOG_FileWrite(LOG_FileID id, const char *format, ...)
     return;
 
   if (!logfiles[id].file) {
-    char filename[512], *logdir = CNF_GetLogDir();
+    char *logdir = CNF_GetLogDir();
 
     if (logdir[0] == '\0') {
       LOG(LOGS_WARN, "logdir not specified");
@@ -267,16 +273,12 @@ LOG_FileWrite(LOG_FileID id, const char *format, ...)
       return;
     }
 
-    if (snprintf(filename, sizeof(filename), "%s/%s.log",
-                 logdir, logfiles[id].name) >= sizeof (filename) ||
-        !(logfiles[id].file = fopen(filename, "a"))) {
-      LOG(LOGS_WARN, "Could not open log file %s", filename);
+    logfiles[id].file = UTI_OpenFile(logdir, logfiles[id].name, ".log", 'a', 0644);
+    if (!logfiles[id].file) {
+      /* Disable the log */
       logfiles[id].name = NULL;
       return;
     }
-
-    /* Close on exec */
-    UTI_FdSetCloexec(fileno(logfiles[id].file));
   }
 
   banner = CNF_GetLogBanner();
@@ -284,7 +286,7 @@ LOG_FileWrite(LOG_FileID id, const char *format, ...)
     char bannerline[256];
     int i, bannerlen;
 
-    bannerlen = strlen(logfiles[id].banner);
+    bannerlen = MIN(strlen(logfiles[id].banner), sizeof (bannerline) - 1);
 
     for (i = 0; i < bannerlen; i++)
       bannerline[i] = '=';

logging.h

@@ -31,9 +31,6 @@
 
 #include "sysincl.h"
 
-/* Flag indicating whether debug messages are logged */
-extern int log_debug_enabled;
-
 /* Line logging macros.  If the compiler is GNU C, we take advantage of
    being able to get the function name also. */
 
@@ -55,7 +52,7 @@ extern int log_debug_enabled;
 
 #define DEBUG_LOG(...) \
   do { \
-    if (DEBUG && log_debug_enabled) \
+    if (DEBUG && log_min_severity == LOGS_DEBUG) \
       LOG_MESSAGE(LOGS_DEBUG, __VA_ARGS__); \
   } while (0)
 
@@ -69,13 +66,16 @@ extern int log_debug_enabled;
 
 /* Definition of severity */
 typedef enum {
-  LOGS_INFO,
+  LOGS_DEBUG = -1,
+  LOGS_INFO = 0,
   LOGS_WARN,
   LOGS_ERR,
   LOGS_FATAL,
-  LOGS_DEBUG
 } LOG_Severity;
 
+/* Minimum severity of messages to be logged */
+extern LOG_Severity log_min_severity;
+
 /* Init function */
 extern void LOG_Initialise(void);
 
@@ -92,20 +92,18 @@ FORMAT_ATTRIBUTE_PRINTF(2, 3)
 extern void LOG_Message(LOG_Severity severity, const char *format, ...);
 #endif
 
-/* Set debug level:
-   0, 1 - only non-debug messages are logged
-   2    - debug messages are logged too, all messages are prefixed with
-          filename, line, and function name
-   */
-extern void LOG_SetDebugLevel(int level);
+/* Set the minimum severity of a message to be logged or printed to terminal.
+   If the severity is LOGS_DEBUG and DEBUG is enabled, all messages will be
+   prefixed with the filename, line number, and function name. */
+extern void LOG_SetMinSeverity(LOG_Severity severity);
 
-/* Log messages to a file instead of stderr */
+/* Log messages to a file instead of stderr, or stderr again if NULL */
 extern void LOG_OpenFileLog(const char *log_file);
 
 /* Log messages to syslog instead of stderr */
 extern void LOG_OpenSystemLog(void);
 
-/* Send fatal message also to the foreground process */
+/* Stop using stderr and send fatal message to the foreground process */
 extern void LOG_SetParentFd(int fd);
 
 /* Close the pipe to the foreground process so it can exit */

main.c

@@ -4,7 +4,7 @@
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
  * Copyright (C) John G. Hasler  2009
- * Copyright (C) Miroslav Lichvar  2012-2017
+ * Copyright (C) Miroslav Lichvar  2012-2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -38,6 +38,10 @@
 #include "ntp_signd.h"
 #include "ntp_sources.h"
 #include "ntp_core.h"
+#include "nts_ke_client.h"
+#include "nts_ke_server.h"
+#include "nts_ntp_server.h"
+#include "socket.h"
 #include "sources.h"
 #include "sourcestats.h"
 #include "reference.h"
@@ -90,8 +94,8 @@ delete_pidfile(void)
   if (!pidfile[0])
     return;
 
-  /* Don't care if this fails, there's not a lot we can do */
-  unlink(pidfile);
+  if (!UTI_RemoveFile(NULL, pidfile, NULL))
+    ;
 }
 
 /* ================================================== */
@@ -112,12 +116,16 @@ MAI_CleanupAndExit(void)
   TMC_Finalise();
   MNL_Finalise();
   CLG_Finalise();
+  NKC_Finalise();
+  NKS_Finalise();
+  NNS_Finalise();
   NSD_Finalise();
   NSR_Finalise();
   SST_Finalise();
   NCR_Finalise();
   NIO_Finalise();
   CAM_Finalise();
+  SCK_Finalise();
   KEY_Finalise();
   RCL_Finalise();
   SRC_Finalise();
@@ -253,7 +261,10 @@ check_pidfile(void)
   FILE *in;
   int pid, count;
   
-  in = fopen(pidfile, "r");
+  if (!pidfile[0])
+    return;
+
+  in = UTI_OpenFile(NULL, pidfile, NULL, 'r', 0);
   if (!in)
     return;
 
@@ -281,17 +292,15 @@ write_pidfile(void)
   if (!pidfile[0])
     return;
 
-  out = fopen(pidfile, "w");
-  if (!out) {
-    LOG_FATAL("Could not open %s : %s", pidfile, strerror(errno));
-  } else {
-    fprintf(out, "%d\n", (int)getpid());
-    fclose(out);
-  }
+  out = UTI_OpenFile(NULL, pidfile, NULL, 'W', 0644);
+  fprintf(out, "%d\n", (int)getpid());
+  fclose(out);
 }
 
 /* ================================================== */
 
+#define DEV_NULL "/dev/null"
+
 static void
 go_daemon(void)
 {
@@ -352,6 +361,13 @@ go_daemon(void)
       }
 
       LOG_SetParentFd(pipefd[1]);
+
+      /* Open /dev/null as new stdin/out/err */
+      errno = 0;
+      if (open(DEV_NULL, O_RDONLY) != STDIN_FILENO ||
+          open(DEV_NULL, O_WRONLY) != STDOUT_FILENO ||
+          open(DEV_NULL, O_RDWR) != STDERR_FILENO)
+        LOG_FATAL("Could not open %s : %s", DEV_NULL, strerror(errno));
     }
   }
 }
@@ -395,9 +411,9 @@ int main
   char *user = NULL, *log_file = NULL;
   struct passwd *pw;
   int opt, debug = 0, nofork = 0, address_family = IPADDR_UNSPEC;
-  int do_init_rtc = 0, restarted = 0, client_only = 0, timeout = 0;
+  int do_init_rtc = 0, restarted = 0, client_only = 0, timeout = -1;
   int scfilter_level = 0, lock_memory = 0, sched_priority = 0;
-  int clock_control = 1, system_log = 1;
+  int clock_control = 1, system_log = 1, log_severity = LOGS_INFO;
   int config_args = 0;
 
   do_platform_checks();
@@ -418,7 +434,7 @@ int main
   optind = 1;
 
   /* Parse short command-line options */
-  while ((opt = getopt(argc, argv, "46df:F:hl:mnP:qQrRst:u:vx")) != -1) {
+  while ((opt = getopt(argc, argv, "46df:F:hl:L:mnP:qQrRst:u:vx")) != -1) {
     switch (opt) {
       case '4':
       case '6':
@@ -438,6 +454,9 @@ int main
       case 'l':
         log_file = optarg;
         break;
+      case 'L':
+        log_severity = parse_int_arg(optarg);
+        break;
       case 'm':
         lock_memory = 1;
         break;
@@ -501,7 +520,7 @@ int main
     LOG_OpenSystemLog();
   }
   
-  LOG_SetDebugLevel(debug);
+  LOG_SetMinSeverity(debug >= 2 ? LOGS_DEBUG : log_severity);
   
   LOG(LOGS_INFO, "chronyd version %s starting (%s)", CHRONY_VERSION, CHRONYD_FEATURES);
 
@@ -521,7 +540,17 @@ int main
   /* Check whether another chronyd may already be running */
   check_pidfile();
 
-  /* Write our pidfile to prevent other chronyds running */
+  if (!user)
+    user = CNF_GetUser();
+
+  pw = getpwnam(user);
+  if (!pw)
+    LOG_FATAL("Could not get user/group ID of %s", user);
+
+  /* Create directories for sockets, log files, and dump files */
+  CNF_CreateDirs(pw->pw_uid, pw->pw_gid);
+
+  /* Write our pidfile to prevent other instances from running */
   write_pidfile();
 
   PRV_Initialise();
@@ -532,6 +561,7 @@ int main
   SRC_Initialise();
   RCL_Initialise();
   KEY_Initialise();
+  SCK_Initialise();
 
   /* Open privileged ports before dropping root */
   CAM_Initialise(address_family);
@@ -551,16 +581,6 @@ int main
     SYS_LockMemory();
   }
 
-  if (!user) {
-    user = CNF_GetUser();
-  }
-
-  if ((pw = getpwnam(user)) == NULL)
-    LOG_FATAL("Could not get %s uid/gid", user);
-
-  /* Create all directories before dropping root */
-  CNF_CreateDirs(pw->pw_uid, pw->pw_gid);
-
   /* Drop root privileges if the specified user has a non-zero UID */
   if (!geteuid() && (pw->pw_uid || pw->pw_gid))
     SYS_DropRoot(pw->pw_uid, pw->pw_gid);
@@ -569,6 +589,9 @@ int main
   SST_Initialise();
   NSR_Initialise();
   NSD_Initialise();
+  NNS_Initialise();
+  NKS_Initialise(scfilter_level);
+  NKC_Initialise();
   CLG_Initialise();
   MNL_Initialise();
   TMC_Initialise();
@@ -577,12 +600,12 @@ int main
   /* From now on, it is safe to do finalisation on exit */
   initialised = 1;
 
-  UTI_SetQuitSignalsHandler(signal_cleanup);
+  UTI_SetQuitSignalsHandler(signal_cleanup, 1);
 
   CAM_OpenUnixSocket();
 
   if (scfilter_level)
-    SYS_EnableSystemCallFilter(scfilter_level);
+    SYS_EnableSystemCallFilter(scfilter_level, SYS_MAIN_PROCESS);
 
   if (ref_mode == REF_ModeNormal && CNF_GetInitSources() > 0) {
     ref_mode = REF_ModeInitStepSlew;
@@ -591,7 +614,7 @@ int main
   REF_SetModeEndHandler(reference_mode_end);
   REF_SetMode(ref_mode);
 
-  if (timeout > 0)
+  if (timeout >= 0)
     SCH_AddTimeoutByDelay(timeout, quit_timeout, NULL);
 
   if (do_init_rtc) {

make_release

@@ -36,8 +36,6 @@ cd RELEASES/$subdir || exit 1
 
 echo $version > version.txt
 
-sed -i -e "s%@@VERSION@@%${version}%" examples/chrony.spec
-
 ./configure && make -C doc man txt || exit 1
 
 iconv -f utf-8 -t ascii//TRANSLIT < doc/installation.txt > INSTALL

memory.h

@@ -27,6 +27,8 @@
 #ifndef GOT_MEMORY_H
 #define GOT_MEMORY_H
 
+#include "sysincl.h"
+
 /* Wrappers checking for errors */
 extern void *Malloc(size_t size);
 extern void *Realloc(void *ptr, size_t size);

nameserv.c

@@ -30,7 +30,11 @@
 
 #include "sysincl.h"
 
+#include <netdb.h>
+#include <resolv.h>
+
 #include "nameserv.h"
+#include "socket.h"
 #include "util.h"
 
 /* ================================================== */
@@ -53,8 +57,20 @@ DNS_Name2IPAddress(const char *name, IPAddr *ip_addrs, int max_addrs)
   max_addrs = MIN(max_addrs, DNS_MAX_ADDRESSES);
 
   memset(&hints, 0, sizeof (hints));
-  hints.ai_family = AF_UNSPEC;
-  hints.ai_socktype = SOCK_STREAM;
+
+  switch (address_family) {
+    case IPADDR_INET4:
+      hints.ai_family = AF_INET;
+      break;
+#ifdef FEAT_IPV6
+    case IPADDR_INET6:
+      hints.ai_family = AF_INET6;
+      break;
+#endif
+    default:
+      hints.ai_family = AF_UNSPEC;
+  }
+  hints.ai_socktype = SOCK_DGRAM;
 
   result = getaddrinfo(name, NULL, &hints, &res);
 
@@ -141,10 +157,14 @@ DNS_IPAddress2Name(IPAddr *ip_addr, char *name, int len)
 
 #ifdef FEAT_IPV6
   struct sockaddr_in6 in6;
+  IPSockAddr ip_saddr;
   socklen_t slen;
   char hbuf[NI_MAXHOST];
 
-  slen = UTI_IPAndPortToSockaddr(ip_addr, 0, (struct sockaddr *)&in6);
+  ip_saddr.ip_addr = *ip_addr;
+  ip_saddr.port = 0;
+
+  slen = SCK_IPSockAddrToSockaddr(&ip_saddr, (struct sockaddr *)&in6, sizeof (in6));
   if (!getnameinfo((struct sockaddr *)&in6, slen, hbuf, sizeof (hbuf), NULL, 0, 0))
     result = hbuf;
 #else

nameserv_async.c

@@ -51,7 +51,7 @@ struct DNS_Async_Instance {
   int pipe[2];
 };
 
-static int resolving_threads = 0;
+static pthread_mutex_t privops_lock = PTHREAD_MUTEX_INITIALIZER;
 
 /* ================================================== */
 
@@ -60,7 +60,9 @@ start_resolving(void *anything)
 {
   struct DNS_Async_Instance *inst = (struct DNS_Async_Instance *)anything;
 
+  pthread_mutex_lock(&privops_lock);
   inst->status = PRV_Name2IPAddress(inst->name, inst->addresses, DNS_MAX_ADDRESSES);
+  pthread_mutex_unlock(&privops_lock);
 
   /* Notify the main thread that the result is ready */
   if (write(inst->pipe[1], "", 1) < 0)
@@ -81,8 +83,6 @@ end_resolving(int fd, int event, void *anything)
     LOG_FATAL("pthread_join() failed");
   }
 
-  resolving_threads--;
-
   SCH_RemoveFileHandler(inst->pipe[0]);
   close(inst->pipe[0]);
   close(inst->pipe[1]);
@@ -116,9 +116,6 @@ DNS_Name2IPAddressAsync(const char *name, DNS_NameResolveHandler handler, void *
   UTI_FdSetCloexec(inst->pipe[0]);
   UTI_FdSetCloexec(inst->pipe[1]);
 
-  resolving_threads++;
-  assert(resolving_threads <= 1);
-
   if (pthread_create(&inst->thread, NULL, start_resolving, inst)) {
     LOG_FATAL("pthread_create() failed");
   }

ntp.h

@@ -47,18 +47,21 @@ typedef uint32_t NTP_int32;
 /* Maximum stratum number (infinity) */
 #define NTP_MAX_STRATUM 16
 
-/* The minimum valid length of an extension field */
-#define NTP_MIN_EXTENSION_LENGTH 16
-
-/* The maximum assumed length of all extension fields in received
-   packets (RFC 5905 doesn't specify a limit on length or number of
-   extension fields in one packet) */
-#define NTP_MAX_EXTENSIONS_LENGTH 1024
+/* Invalid stratum number */
+#define NTP_INVALID_STRATUM 0
 
 /* The minimum and maximum supported length of MAC */
 #define NTP_MIN_MAC_LENGTH (4 + 16)
 #define NTP_MAX_MAC_LENGTH (4 + MAX_HASH_LENGTH)
 
+/* The minimum valid length of an extension field */
+#define NTP_MIN_EF_LENGTH 16
+
+/* The maximum assumed length of all extension fields in an NTP packet,
+   including a MAC (RFC 5905 doesn't specify a limit on length or number of
+   extension fields in one packet) */
+#define NTP_MAX_EXTENSIONS_LENGTH (1024 + NTP_MAX_MAC_LENGTH)
+
 /* The maximum length of MAC in NTPv4 packets which allows deterministic
    parsing of extension fields (RFC 7822) */
 #define NTP_MAX_V4_MAC_LENGTH (4 + 20)
@@ -93,21 +96,10 @@ typedef struct {
   NTP_int64 receive_ts;
   NTP_int64 transmit_ts;
 
-  /* Optional extension fields, we don't send packets with them yet */
-  /* uint8_t extensions[] */
-
-  /* Optional message authentication code (MAC) */
-  NTP_int32 auth_keyid;
-  uint8_t auth_data[NTP_MAX_MAC_LENGTH - 4];
+  uint8_t extensions[NTP_MAX_EXTENSIONS_LENGTH];
 } NTP_Packet;
 
-#define NTP_NORMAL_PACKET_LENGTH (int)offsetof(NTP_Packet, auth_keyid)
-
-/* The buffer used to hold a datagram read from the network */
-typedef struct {
-  NTP_Packet ntp_pkt;
-  uint8_t extensions[NTP_MAX_EXTENSIONS_LENGTH];
-} NTP_Receive_Buffer;
+#define NTP_HEADER_LENGTH (int)offsetof(NTP_Packet, extensions)
 
 /* Macros to work with the lvm field */
 #define NTP_LVM_TO_LEAP(lvm) (((lvm) >> 6) & 0x3)
@@ -121,4 +113,45 @@ typedef struct {
 #define NTP_REFID_LOCAL 0x7F7F0101UL /* 127.127.1.1 */
 #define NTP_REFID_SMOOTH 0x7F7F01FFUL /* 127.127.1.255 */
 
+/* Enumeration for authentication modes of NTP packets */
+typedef enum {
+  NTP_AUTH_NONE = 0,            /* No authentication */
+  NTP_AUTH_SYMMETRIC,           /* MAC using symmetric key (RFC 1305, RFC 5905) */
+  NTP_AUTH_MSSNTP,              /* MS-SNTP authenticator field */
+  NTP_AUTH_MSSNTP_EXT,          /* MS-SNTP extended authenticator field */
+  NTP_AUTH_NTS,                 /* Network Time Security (RFC ????) */
+} NTP_AuthMode;
+
+/* Structure describing an NTP packet */
+typedef struct {
+  int length;
+  int version;
+  NTP_Mode mode;
+
+  int ext_fields;
+
+  struct {
+    NTP_AuthMode mode;
+    struct {
+      int start;
+      int length;
+      uint32_t key_id;
+    } mac;
+  } auth;
+} NTP_PacketInfo;
+
+/* Structure used to save NTP measurements.  time is the local time at which
+   the sample is to be considered to have been made and offset is the offset at
+   the time (positive indicates that the local clock is slow relative to the
+   source).  root_delay/root_dispersion include peer_delay/peer_dispersion. */
+typedef struct {
+  struct timespec time;
+  double offset;
+  double peer_delay;
+  double peer_dispersion;
+  double root_delay;
+  double root_dispersion;
+  int stratum;
+} NTP_Sample;
+
 #endif /* GOT_NTP_H */

ntp_auth.c

@@ -0,0 +1,486 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  NTP authentication
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "keys.h"
+#include "logging.h"
+#include "memory.h"
+#include "ntp_auth.h"
+#include "ntp_ext.h"
+#include "ntp_signd.h"
+#include "nts_ntp.h"
+#include "nts_ntp_client.h"
+#include "nts_ntp_server.h"
+#include "srcparams.h"
+#include "util.h"
+
+/* Structure to hold authentication configuration and state */
+
+struct NAU_Instance_Record {
+  NTP_AuthMode mode;            /* Authentication mode of NTP packets */
+  uint32_t key_id;              /* Identifier of a symmetric key */
+  NNC_Instance nts;             /* Client NTS state */
+};
+
+/* ================================================== */
+
+static int
+generate_symmetric_auth(uint32_t key_id, NTP_Packet *packet, NTP_PacketInfo *info)
+{
+  int auth_len, max_auth_len;
+
+  /* Truncate long MACs in NTPv4 packets to allow deterministic parsing
+     of extension fields (RFC 7822) */
+  max_auth_len = (info->version == 4 ? NTP_MAX_V4_MAC_LENGTH : NTP_MAX_MAC_LENGTH) - 4;
+  max_auth_len = MIN(max_auth_len, sizeof (NTP_Packet) - info->length - 4);
+
+  auth_len = KEY_GenerateAuth(key_id, (unsigned char *)packet, info->length,
+                              (unsigned char *)packet + info->length + 4, max_auth_len);
+  if (!auth_len) {
+    DEBUG_LOG("Could not generate auth data with key %"PRIu32, key_id);
+    return 0;
+  }
+
+  *(uint32_t *)((unsigned char *)packet + info->length) = htonl(key_id);
+  info->length += 4 + auth_len;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+check_symmetric_auth(NTP_Packet *packet, NTP_PacketInfo *info)
+{
+  int trunc_len;
+
+  if (info->auth.mac.length < NTP_MIN_MAC_LENGTH)
+    return 0;
+
+  trunc_len = info->version == 4 && info->auth.mac.length <= NTP_MAX_V4_MAC_LENGTH ?
+              NTP_MAX_V4_MAC_LENGTH : NTP_MAX_MAC_LENGTH;
+
+  if (!KEY_CheckAuth(info->auth.mac.key_id, (void *)packet, info->auth.mac.start,
+                     (unsigned char *)packet + info->auth.mac.start + 4,
+                     info->auth.mac.length - 4, trunc_len - 4))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static void
+adjust_timestamp(NTP_AuthMode mode, uint32_t key_id, struct timespec *ts)
+{
+  switch (mode) {
+    case NTP_AUTH_SYMMETRIC:
+      ts->tv_nsec += KEY_GetAuthDelay(key_id);
+      UTI_NormaliseTimespec(ts);
+      break;
+    case NTP_AUTH_MSSNTP:
+      ts->tv_nsec += NSD_GetAuthDelay(key_id);
+      UTI_NormaliseTimespec(ts);
+    default:
+      break;
+  }
+}
+
+/* ================================================== */
+
+static int
+is_zero_data(unsigned char *data, int length)
+{
+  int i;
+
+  for (i = 0; i < length; i++)
+    if (data[i])
+      return 0;
+  return 1;
+}
+
+/* ================================================== */
+
+static NAU_Instance
+create_instance(NTP_AuthMode mode)
+{
+  NAU_Instance instance;
+
+  instance = MallocNew(struct NAU_Instance_Record);
+  instance->mode = mode;
+  instance->key_id = INACTIVE_AUTHKEY;
+  instance->nts = NULL;
+
+  assert(sizeof (instance->key_id) == 4);
+
+  return instance;
+}
+
+/* ================================================== */
+
+NAU_Instance
+NAU_CreateNoneInstance(void)
+{
+  return create_instance(NTP_AUTH_NONE);
+}
+
+/* ================================================== */
+
+NAU_Instance
+NAU_CreateSymmetricInstance(uint32_t key_id)
+{
+  NAU_Instance instance = create_instance(NTP_AUTH_SYMMETRIC);
+
+  instance->key_id = key_id;
+
+  if (!KEY_KeyKnown(key_id))
+    LOG(LOGS_WARN, "Key %"PRIu32" is %s", key_id, "missing");
+  else if (!KEY_CheckKeyLength(key_id))
+    LOG(LOGS_WARN, "Key %"PRIu32" is %s", key_id, "too short");
+
+  return instance;
+}
+
+/* ================================================== */
+
+NAU_Instance
+NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+{
+  NAU_Instance instance = create_instance(NTP_AUTH_NTS);
+
+  instance->nts = NNC_CreateInstance(nts_address, name, ntp_address);
+
+  return instance;
+}
+
+/* ================================================== */
+
+void
+NAU_DestroyInstance(NAU_Instance instance)
+{
+  if (instance->nts)
+    NNC_DestroyInstance(instance->nts);
+  Free(instance);
+}
+
+/* ================================================== */
+
+int
+NAU_IsAuthEnabled(NAU_Instance instance)
+{
+  return instance->mode != NTP_AUTH_NONE;
+}
+
+/* ================================================== */
+
+int
+NAU_GetSuggestedNtpVersion(NAU_Instance instance)
+{
+  /* If the MAC in NTPv4 packets would be truncated, prefer NTPv3 for
+     compatibility with older chronyd servers */
+  if (instance->mode == NTP_AUTH_SYMMETRIC &&
+      KEY_GetAuthLength(instance->key_id) + sizeof (instance->key_id) > NTP_MAX_V4_MAC_LENGTH)
+    return 3;
+
+  return NTP_VERSION;
+}
+
+/* ================================================== */
+
+int
+NAU_PrepareRequestAuth(NAU_Instance instance)
+{
+  switch (instance->mode) {
+    case NTP_AUTH_NTS:
+      if (!NNC_PrepareForAuth(instance->nts))
+        return 0;
+      break;
+    default:
+      break;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NAU_AdjustRequestTimestamp(NAU_Instance instance, struct timespec *ts)
+{
+  adjust_timestamp(instance->mode, instance->key_id, ts);
+}
+
+/* ================================================== */
+
+int
+NAU_GenerateRequestAuth(NAU_Instance instance, NTP_Packet *request, NTP_PacketInfo *info)
+{
+  switch (instance->mode) {
+    case NTP_AUTH_NONE:
+      break;
+    case NTP_AUTH_SYMMETRIC:
+      if (!generate_symmetric_auth(instance->key_id, request, info))
+        return 0;
+      break;
+    case NTP_AUTH_NTS:
+      if (!NNC_GenerateRequestAuth(instance->nts, request, info))
+        return 0;
+      break;
+    default:
+      assert(0);
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NAU_ParsePacket(NTP_Packet *packet, NTP_PacketInfo *info)
+{
+  int parsed, remainder, ef_length, ef_type;
+  unsigned char *data;
+
+  data = (void *)packet;
+  parsed = NTP_HEADER_LENGTH;
+  remainder = info->length - parsed;
+
+  info->ext_fields = 0;
+
+  /* Check if this is a plain NTP packet with no extension fields or MAC */
+  if (remainder <= 0)
+    return 1;
+
+  /* In NTPv3 and older packets don't have extension fields.  Anything after
+     the header is assumed to be a MAC. */
+  if (info->version <= 3) {
+    info->auth.mode = NTP_AUTH_SYMMETRIC;
+    info->auth.mac.start = parsed;
+    info->auth.mac.length = remainder;
+    info->auth.mac.key_id = ntohl(*(uint32_t *)(data + parsed));
+
+    /* Check if it is an MS-SNTP authenticator field or extended authenticator
+       field with zeroes as digest */
+    if (info->version == 3 && info->auth.mac.key_id) {
+      if (remainder == 20 && is_zero_data(data + parsed + 4, remainder - 4))
+        info->auth.mode = NTP_AUTH_MSSNTP;
+      else if (remainder == 72 && is_zero_data(data + parsed + 8, remainder - 8))
+        info->auth.mode = NTP_AUTH_MSSNTP_EXT;
+    }
+
+    return 1;
+  }
+
+  /* Check for a crypto NAK */
+  if (remainder == 4 && ntohl(*(uint32_t *)(data + parsed)) == 0) {
+    info->auth.mode = NTP_AUTH_SYMMETRIC;
+    info->auth.mac.start = parsed;
+    info->auth.mac.length = remainder;
+    info->auth.mac.key_id = 0;
+    return 1;
+  }
+
+  /* Parse the rest of the NTPv4 packet */
+
+  while (remainder > 0) {
+    /* Check if the remaining data is a MAC */
+    if (remainder >= NTP_MIN_MAC_LENGTH && remainder <= NTP_MAX_V4_MAC_LENGTH)
+      break;
+
+    /* The NTPv4-specific limit for MAC length enables deterministic parsing of
+       packets with extension fields (RFC 7822), but we support longer MACs in
+       packets with no extension fields for compatibility with older chrony
+       clients.  Check if the longer MAC would authenticate the packet before
+       trying to parse the data as an extension field. */
+    if (parsed == NTP_HEADER_LENGTH &&
+        remainder > NTP_MAX_V4_MAC_LENGTH && remainder <= NTP_MAX_MAC_LENGTH &&
+        KEY_CheckAuth(ntohl(*(uint32_t *)(data + parsed)), data, parsed,
+                      (void *)(data + parsed + 4), remainder - 4, NTP_MAX_MAC_LENGTH - 4))
+      break;
+
+    /* Check if this is a valid NTPv4 extension field and skip it */
+    if (!NEF_ParseField(packet, info->length, parsed, &ef_length, &ef_type, NULL, NULL)) {
+      /* Invalid MAC or format error */
+      DEBUG_LOG("Invalid format or MAC");
+      return 0;
+    }
+
+    assert(ef_length > 0);
+
+    switch (ef_type) {
+      case NTP_EF_NTS_UNIQUE_IDENTIFIER:
+      case NTP_EF_NTS_COOKIE:
+      case NTP_EF_NTS_COOKIE_PLACEHOLDER:
+      case NTP_EF_NTS_AUTH_AND_EEF:
+        info->auth.mode = NTP_AUTH_NTS;
+        break;
+      default:
+        DEBUG_LOG("Unknown extension field type=%x", (unsigned int)ef_type);
+    }
+
+    info->ext_fields++;
+    parsed += ef_length;
+    remainder = info->length - parsed;
+  }
+
+  if (remainder == 0) {
+    /* No MAC */
+    return 1;
+  } else if (remainder >= NTP_MIN_MAC_LENGTH) {
+    /* This is not 100% reliable as a MAC could fail to authenticate and could
+       pass as an extension field, leaving reminder smaller than the minimum MAC
+       length */
+    info->auth.mode = NTP_AUTH_SYMMETRIC;
+    info->auth.mac.start = parsed;
+    info->auth.mac.length = remainder;
+    info->auth.mac.key_id = ntohl(*(uint32_t *)(data + parsed));
+    return 1;
+  }
+
+  DEBUG_LOG("Invalid format");
+  return 0;
+}
+
+/* ================================================== */
+
+int
+NAU_CheckRequestAuth(NTP_Packet *request, NTP_PacketInfo *info, uint32_t *kod)
+{
+  *kod = 0;
+
+  switch (info->auth.mode) {
+    case NTP_AUTH_NONE:
+      break;
+    case NTP_AUTH_SYMMETRIC:
+      if (!check_symmetric_auth(request, info))
+        return 0;
+      break;
+    case NTP_AUTH_MSSNTP:
+      /* MS-SNTP requests are not authenticated */
+      break;
+    case NTP_AUTH_NTS:
+      if (!NNS_CheckRequestAuth(request, info, kod))
+        return 0;
+      break;
+    default:
+      return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NAU_AdjustResponseTimestamp(NTP_Packet *request, NTP_PacketInfo *info, struct timespec *ts)
+{
+  adjust_timestamp(info->auth.mode, info->auth.mac.key_id, ts);
+}
+
+/* ================================================== */
+
+int
+NAU_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *request_info,
+                         NTP_Packet *response, NTP_PacketInfo *response_info,
+                         NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr,
+                         uint32_t kod)
+{
+  switch (request_info->auth.mode) {
+    case NTP_AUTH_NONE:
+      break;
+    case NTP_AUTH_SYMMETRIC:
+      if (!generate_symmetric_auth(request_info->auth.mac.key_id, response, response_info))
+        return 0;
+      break;
+    case NTP_AUTH_MSSNTP:
+      /* Sign the packet asynchronously by ntp_signd */
+      if (!NSD_SignAndSendPacket(request_info->auth.mac.key_id, response, response_info,
+                                 remote_addr, local_addr))
+        return 0;
+      /* Don't send the original packet */
+      return 0;
+    case NTP_AUTH_NTS:
+      if (!NNS_GenerateResponseAuth(request, request_info, response, response_info, kod))
+        return 0;
+      break;
+    default:
+      DEBUG_LOG("Could not authenticate response auth_mode=%d", (int)request_info->auth.mode);
+      return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NAU_CheckResponseAuth(NAU_Instance instance, NTP_Packet *response, NTP_PacketInfo *info)
+{
+  /* The authentication must match the expected mode */
+  if (info->auth.mode != instance->mode)
+    return 0;
+
+  switch (info->auth.mode) {
+    case NTP_AUTH_NONE:
+      break;
+    case NTP_AUTH_SYMMETRIC:
+      /* Check if it is authenticated with the specified key */
+      if (info->auth.mac.key_id != instance->key_id)
+        return 0;
+      /* and that the MAC is valid */
+      if (!check_symmetric_auth(response, info))
+        return 0;
+      break;
+    case NTP_AUTH_NTS:
+      if (!NNC_CheckResponseAuth(instance->nts, response, info))
+        return 0;
+      break;
+    default:
+      return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NAU_ChangeAddress(NAU_Instance instance, IPAddr *address)
+{
+  switch (instance->mode) {
+    case NTP_AUTH_NONE:
+    case NTP_AUTH_SYMMETRIC:
+      break;
+    case NTP_AUTH_NTS:
+      NNC_ChangeAddress(instance->nts, address);
+      break;
+    default:
+      assert(0);
+  }
+}

ntp_auth.h

@@ -0,0 +1,89 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for NTP authentication
+  */
+
+#ifndef GOT_NTP_AUTH_H
+#define GOT_NTP_AUTH_H
+
+#include "addressing.h"
+#include "ntp.h"
+
+typedef struct NAU_Instance_Record *NAU_Instance;
+
+/* Create an authenticator instance in a specific mode */
+extern NAU_Instance NAU_CreateNoneInstance(void);
+extern NAU_Instance NAU_CreateSymmetricInstance(uint32_t key_id);
+extern NAU_Instance NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name,
+                                          const IPSockAddr *ntp_address);
+
+/* Destroy an instance */
+extern void NAU_DestroyInstance(NAU_Instance instance);
+
+/* Check if an instance is not in the None mode */
+extern int NAU_IsAuthEnabled(NAU_Instance instance);
+
+/* Get NTP version recommended for better compatibility */
+extern int NAU_GetSuggestedNtpVersion(NAU_Instance instance);
+
+/* Perform operations necessary for NAU_GenerateRequestAuth() */
+extern int NAU_PrepareRequestAuth(NAU_Instance instance);
+
+/* Adjust a transmit timestamp for an estimated minimum time it takes to call
+   NAU_GenerateRequestAuth() */
+extern void NAU_AdjustRequestTimestamp(NAU_Instance instance, struct timespec *ts);
+
+/* Extend a request with data required by the authentication mode */
+extern int NAU_GenerateRequestAuth(NAU_Instance instance, NTP_Packet *request,
+                                   NTP_PacketInfo *info);
+
+/* Parse a request or response to detect the authentication mode */
+extern int NAU_ParsePacket(NTP_Packet *packet, NTP_PacketInfo *info);
+
+/* Verify that a request is authentic.  If it is not authentic and a non-zero
+   kod code is returned, a KoD response should be sent back. */
+extern int NAU_CheckRequestAuth(NTP_Packet *request, NTP_PacketInfo *info, uint32_t *kod);
+
+/* Adjust a transmit timestamp for an estimated minimum time it takes to call
+   NAU_GenerateResponseAuth() */
+extern void NAU_AdjustResponseTimestamp(NTP_Packet *request, NTP_PacketInfo *info,
+                                        struct timespec *ts);
+
+/* Extend a response with data required by the authentication mode.  This
+   function can be called only if the previous call of NAU_CheckRequestAuth()
+   was on the same request. */
+extern int NAU_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *request_info,
+                                    NTP_Packet *response, NTP_PacketInfo *response_info,
+                                    NTP_Remote_Address *remote_addr,
+                                    NTP_Local_Address *local_addr,
+                                    uint32_t kod);
+
+/* Verify that a response is authentic */
+extern int NAU_CheckResponseAuth(NAU_Instance instance, NTP_Packet *response,
+                                 NTP_PacketInfo *info);
+
+/* Change an authentication-specific address (e.g. after replacing a source) */
+extern void NAU_ChangeAddress(NAU_Instance instance, IPAddr *address);
+
+#endif

ntp_core.h

@@ -59,7 +59,8 @@ extern void NCR_Initialise(void);
 extern void NCR_Finalise(void);
 
 /* Get a new instance for a server or peer */
-extern NCR_Instance NCR_GetInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourceParameters *params);
+extern NCR_Instance NCR_CreateInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type,
+                                       SourceParameters *params, const char *name);
 
 /* Destroy an instance */
 extern void NCR_DestroyInstance(NCR_Instance instance);
@@ -74,7 +75,8 @@ extern void NCR_ResetInstance(NCR_Instance inst);
 extern void NCR_ResetPoll(NCR_Instance instance);
 
 /* Change the remote address of an instance */
-extern void NCR_ChangeRemoteAddress(NCR_Instance inst, NTP_Remote_Address *remote_addr);
+extern void NCR_ChangeRemoteAddress(NCR_Instance inst, NTP_Remote_Address *remote_addr,
+                                    int ntp_only);
 
 /* This routine is called when a new packet arrives off the network,
    and it relates to a source we have an ongoing protocol exchange with */
@@ -99,12 +101,9 @@ extern void NCR_ProcessTxUnknown(NTP_Remote_Address *remote_addr, NTP_Local_Addr
 /* Slew receive and transmit times in instance records */
 extern void NCR_SlewTimes(NCR_Instance inst, struct timespec *when, double dfreq, double doffset);
 
-/* Take a particular source online (i.e. start sampling it) */
-extern void NCR_TakeSourceOnline(NCR_Instance inst);
-
-/* Take a particular source offline (i.e. stop sampling it, without
-   marking it unreachable in the source selection stuff) */
-extern void NCR_TakeSourceOffline(NCR_Instance inst);
+/* Take a particular source online (i.e. start sampling it) or offline
+   (i.e. stop sampling it) */
+extern void NCR_SetConnectivity(NCR_Instance inst, SRC_Connectivity connectivity);
 
 extern void NCR_ModifyMinpoll(NCR_Instance inst, int new_minpoll);
 

ntp_ext.c

@@ -0,0 +1,192 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Functions for adding and parsing NTPv4 extension fields
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "ntp_ext.h"
+
+struct ExtFieldHeader {
+  uint16_t type;
+  uint16_t length;
+};
+
+/* ================================================== */
+
+static int
+format_field(unsigned char *buffer, int buffer_length, int start,
+             int type, int body_length, int *length, void **body)
+{
+  struct ExtFieldHeader *header;
+
+  if (buffer_length < 0 || start < 0 || buffer_length <= start ||
+      buffer_length - start < sizeof (*header) || start % 4 != 0)
+    return 0;
+
+  header = (struct ExtFieldHeader *)(buffer + start);
+
+  if (body_length < 0 || sizeof (*header) + body_length > 0xffff ||
+      start + sizeof (*header) + body_length > buffer_length || body_length % 4 != 0)
+    return 0;
+
+  header->type = htons(type);
+  header->length = htons(sizeof (*header) + body_length);
+  *length = sizeof (*header) + body_length;
+  *body = header + 1;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NEF_SetField(unsigned char *buffer, int buffer_length, int start,
+             int type, void *body, int body_length, int *length)
+{
+  void *ef_body;
+
+  if (!format_field(buffer, buffer_length, start, type, body_length, length, &ef_body))
+    return 0;
+
+  memcpy(ef_body, body, body_length);
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NEF_AddBlankField(NTP_Packet *packet, NTP_PacketInfo *info, int type, int body_length, void **body)
+{
+  int ef_length, length = info->length;
+
+  if (length < NTP_HEADER_LENGTH || length >= sizeof (*packet) || length % 4 != 0)
+    return 0;
+
+  /* Only NTPv4 packets can have extension fields */
+  if (info->version != 4)
+    return 0;
+
+  if (!format_field((unsigned char *)packet, sizeof (*packet), length,
+                    type, body_length, &ef_length, body))
+    return 0;
+
+  if (ef_length < NTP_MIN_EF_LENGTH)
+    return 0;
+
+  info->length += ef_length;
+  info->ext_fields++;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NEF_AddField(NTP_Packet *packet, NTP_PacketInfo *info,
+             int type, void *body, int body_length)
+{
+  void *ef_body;
+
+  if (!NEF_AddBlankField(packet, info, type, body_length, &ef_body))
+    return 0;
+
+  memcpy(ef_body, body, body_length);
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NEF_ParseSingleField(unsigned char *buffer, int buffer_length, int start,
+                     int *length, int *type, void **body, int *body_length)
+{
+  struct ExtFieldHeader *header;
+  int ef_length;
+
+  if (buffer_length < 0 || start < 0 || buffer_length <= start ||
+      buffer_length - start < sizeof (*header))
+    return 0;
+
+  header = (struct ExtFieldHeader *)(buffer + start);
+
+  assert(sizeof (*header) == 4);
+
+  ef_length = ntohs(header->length);
+
+  if (ef_length < (int)(sizeof (*header)) || start + ef_length > buffer_length ||
+      ef_length % 4 != 0)
+    return 0;
+
+  if (length)
+    *length = ef_length;
+  if (type)
+    *type = ntohs(header->type);
+  if (body)
+    *body = header + 1;
+  if (body_length)
+    *body_length = ef_length - sizeof (*header);
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NEF_ParseField(NTP_Packet *packet, int packet_length, int start,
+               int *length, int *type, void **body, int *body_length)
+{
+  int ef_length;
+
+  if (packet_length <= NTP_HEADER_LENGTH || packet_length > sizeof (*packet) ||
+      packet_length <= start || packet_length % 4 != 0 ||
+      start < NTP_HEADER_LENGTH || start % 4 != 0)
+    return 0;
+
+  /* Only NTPv4 packets have extension fields */
+  if (NTP_LVM_TO_VERSION(packet->lvm) != 4)
+    return 0;
+
+  /* Check if the remaining data is a MAC.  RFC 7822 specifies the maximum
+     length of a MAC in NTPv4 packets in order to enable deterministic
+     parsing. */
+  if (packet_length - start <= NTP_MAX_V4_MAC_LENGTH)
+    return 0;
+
+  if (!NEF_ParseSingleField((unsigned char *)packet, packet_length, start,
+                            &ef_length, type, body, body_length))
+    return 0;
+
+  if (ef_length < NTP_MIN_EF_LENGTH)
+    return 0;
+
+  if (length)
+    *length = ef_length;
+
+  return 1;
+}

ntp_ext.h

@@ -0,0 +1,43 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for NTP extension fields
+  */
+
+#ifndef GOT_NTP_EXT_H
+#define GOT_NTP_EXT_H
+
+#include "ntp.h"
+
+extern int NEF_SetField(unsigned char *buffer, int buffer_length, int start,
+                        int type, void *body, int body_length, int *length);
+extern int NEF_AddBlankField(NTP_Packet *packet, NTP_PacketInfo *info, int type,
+                             int body_length, void **body);
+extern int NEF_AddField(NTP_Packet *packet, NTP_PacketInfo *info,
+                        int type, void *body, int body_length);
+extern int NEF_ParseSingleField(unsigned char *buffer, int buffer_length, int start,
+                                int *length, int *type, void **body, int *body_length);
+extern int NEF_ParseField(NTP_Packet *packet, int packet_length, int start,
+                          int *length, int *type, void **body, int *body_length);
+
+#endif

ntp_io.c

@@ -4,7 +4,7 @@
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
  * Copyright (C) Timo Teras  2009
- * Copyright (C) Miroslav Lichvar  2009, 2013-2016
+ * Copyright (C) Miroslav Lichvar  2009, 2013-2016, 2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -30,11 +30,11 @@
 
 #include "sysincl.h"
 
-#include "array.h"
 #include "ntp_io.h"
 #include "ntp_core.h"
 #include "ntp_sources.h"
 #include "sched.h"
+#include "socket.h"
 #include "local.h"
 #include "logging.h"
 #include "conf.h"
@@ -46,54 +46,16 @@
 #endif
 
 #define INVALID_SOCK_FD -1
-#define CMSGBUF_SIZE 256
-
-union sockaddr_in46 {
-  struct sockaddr_in in4;
-#ifdef FEAT_IPV6
-  struct sockaddr_in6 in6;
-#endif
-  struct sockaddr u;
-};
-
-struct Message {
-  union sockaddr_in46 name;
-  struct iovec iov;
-  NTP_Receive_Buffer buf;
-  /* Aligned buffer for control messages */
-  struct cmsghdr cmsgbuf[CMSGBUF_SIZE / sizeof (struct cmsghdr)];
-};
-
-#ifdef HAVE_RECVMMSG
-#define MAX_RECV_MESSAGES 4
-#define MessageHeader mmsghdr
-#else
-/* Compatible with mmsghdr */
-struct MessageHeader {
-  struct msghdr msg_hdr;
-  unsigned int msg_len;
-};
-
-#define MAX_RECV_MESSAGES 1
-#endif
-
-/* Arrays of Message and MessageHeader */
-static ARR_Instance recv_messages;
-static ARR_Instance recv_headers;
 
 /* The server/peer and client sockets for IPv4 and IPv6 */
 static int server_sock_fd4;
-static int client_sock_fd4;
-#ifdef FEAT_IPV6
 static int server_sock_fd6;
+static int client_sock_fd4;
 static int client_sock_fd6;
-#endif
 
 /* Reference counters for server sockets to keep them open only when needed */
 static int server_sock_ref4;
-#ifdef FEAT_IPV6
 static int server_sock_ref6;
-#endif
 
 /* Flag indicating we create a new connected client socket for each
    server instead of sharing client_sock_fd4 and client_sock_fd6 */
@@ -105,6 +67,9 @@ static int separate_client_sockets;
    disabled */
 static int permanent_server_sockets;
 
+/* Flag indicating the server IPv4 socket is bound to an address */
+static int bound_server_sock_fd4;
+
 /* Flag indicating that we have been initialised */
 static int initialised=0;
 
@@ -116,155 +81,45 @@ static void read_from_socket(int sock_fd, int event, void *anything);
 /* ================================================== */
 
 static int
-prepare_socket(int family, int port_number, int client_only)
+open_socket(int family, int local_port, int client_only, IPSockAddr *remote_addr)
 {
-  union sockaddr_in46 my_addr;
-  socklen_t my_addr_len;
-  int sock_fd;
-  IPAddr bind_address;
-  int events = SCH_FILE_INPUT, on_off = 1;
+  int sock_fd, sock_flags, events = SCH_FILE_INPUT;
+  IPSockAddr local_addr;
 
-  /* Open Internet domain UDP socket for NTP message transmissions */
+  if (!SCK_IsFamilySupported(family))
+    return INVALID_SOCK_FD;
 
-  sock_fd = socket(family, SOCK_DGRAM, 0);
+  if (!client_only)
+    CNF_GetBindAddress(family, &local_addr.ip_addr);
+  else
+    CNF_GetBindAcquisitionAddress(family, &local_addr.ip_addr);
 
+  if (local_addr.ip_addr.family != family)
+    SCK_GetAnyLocalIPAddress(family, &local_addr.ip_addr);
+
+  local_addr.port = local_port;
+
+  sock_flags = SCK_FLAG_RX_DEST_ADDR | SCK_FLAG_PRIV_BIND;
+  if (!client_only)
+    sock_flags |= SCK_FLAG_BROADCAST;
+
+  sock_fd = SCK_OpenUdpSocket(remote_addr, &local_addr, sock_flags);
   if (sock_fd < 0) {
-    if (!client_only) {
-      LOG(LOGS_ERR, "Could not open %s NTP socket : %s",
-          UTI_SockaddrFamilyToString(family), strerror(errno));
-    } else {
-      DEBUG_LOG("Could not open %s NTP socket : %s",
-                UTI_SockaddrFamilyToString(family), strerror(errno));
-    }
+    if (!client_only)
+      LOG(LOGS_ERR, "Could not open NTP socket on %s", UTI_IPSockAddrToString(&local_addr));
     return INVALID_SOCK_FD;
   }
 
-  /* Close on exec */
-  UTI_FdSetCloexec(sock_fd);
-
-  /* Prepare local address */
-  memset(&my_addr, 0, sizeof (my_addr));
-  my_addr_len = 0;
-
-  switch (family) {
-    case AF_INET:
-      if (!client_only)
-        CNF_GetBindAddress(IPADDR_INET4, &bind_address);
-      else
-        CNF_GetBindAcquisitionAddress(IPADDR_INET4, &bind_address);
-
-      if (bind_address.family == IPADDR_INET4)
-        my_addr.in4.sin_addr.s_addr = htonl(bind_address.addr.in4);
-      else if (port_number)
-        my_addr.in4.sin_addr.s_addr = htonl(INADDR_ANY);
-      else
-        break;
-
-      my_addr.in4.sin_family = family;
-      my_addr.in4.sin_port = htons(port_number);
-      my_addr_len = sizeof (my_addr.in4);
-
-      break;
-#ifdef FEAT_IPV6
-    case AF_INET6:
-      if (!client_only)
-        CNF_GetBindAddress(IPADDR_INET6, &bind_address);
-      else
-        CNF_GetBindAcquisitionAddress(IPADDR_INET6, &bind_address);
-
-      if (bind_address.family == IPADDR_INET6)
-        memcpy(my_addr.in6.sin6_addr.s6_addr, bind_address.addr.in6,
-            sizeof (my_addr.in6.sin6_addr.s6_addr));
-      else if (port_number)
-        my_addr.in6.sin6_addr = in6addr_any;
-      else
-        break;
-
-      my_addr.in6.sin6_family = family;
-      my_addr.in6.sin6_port = htons(port_number);
-      my_addr_len = sizeof (my_addr.in6);
-
-      break;
-#endif
-    default:
-      assert(0);
-  }
-
-  /* Make the socket capable of re-using an old address if binding to a specific port */
-  if (port_number &&
-      setsockopt(sock_fd, SOL_SOCKET, SO_REUSEADDR, (char *)&on_off, sizeof(on_off)) < 0) {
-    LOG(LOGS_ERR, "Could not set %s socket option", "SO_REUSEADDR");
-    /* Don't quit - we might survive anyway */
-  }
-  
-  /* Make the socket capable of sending broadcast pkts - needed for NTP broadcast mode */
-  if (!client_only &&
-      setsockopt(sock_fd, SOL_SOCKET, SO_BROADCAST, (char *)&on_off, sizeof(on_off)) < 0) {
-    LOG(LOGS_ERR, "Could not set %s socket option", "SO_BROADCAST");
-    /* Don't quit - we might survive anyway */
-  }
+  if (!client_only && family == IPADDR_INET4 && local_addr.port > 0)
+    bound_server_sock_fd4 = local_addr.ip_addr.addr.in4 != INADDR_ANY;
 
   /* Enable kernel/HW timestamping of packets */
 #ifdef HAVE_LINUX_TIMESTAMPING
   if (!NIO_Linux_SetTimestampSocketOptions(sock_fd, client_only, &events))
 #endif
-#ifdef SO_TIMESTAMPNS
-    if (setsockopt(sock_fd, SOL_SOCKET, SO_TIMESTAMPNS, (char *)&on_off, sizeof(on_off)) < 0)
-#endif
-#ifdef SO_TIMESTAMP
-      if (setsockopt(sock_fd, SOL_SOCKET, SO_TIMESTAMP, (char *)&on_off, sizeof(on_off)) < 0)
-        LOG(LOGS_ERR, "Could not set %s socket option", "SO_TIMESTAMP");
-#endif
+    if (!SCK_EnableKernelRxTimestamping(sock_fd))
       ;
 
-#ifdef IP_FREEBIND
-  /* Allow binding to address that doesn't exist yet */
-  if (my_addr_len > 0 &&
-      setsockopt(sock_fd, IPPROTO_IP, IP_FREEBIND, (char *)&on_off, sizeof(on_off)) < 0) {
-    LOG(LOGS_ERR, "Could not set %s socket option", "IP_FREEBIND");
-  }
-#endif
-
-  if (family == AF_INET) {
-#ifdef HAVE_IN_PKTINFO
-    /* We want the local IP info on server sockets */
-    if (setsockopt(sock_fd, IPPROTO_IP, IP_PKTINFO, (char *)&on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set %s socket option", "IP_PKTINFO");
-      /* Don't quit - we might survive anyway */
-    }
-#endif
-  }
-#ifdef FEAT_IPV6
-  else if (family == AF_INET6) {
-#ifdef IPV6_V6ONLY
-    /* Receive IPv6 packets only */
-    if (setsockopt(sock_fd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set %s socket option", "IPV6_V6ONLY");
-    }
-#endif
-
-#ifdef HAVE_IN6_PKTINFO
-#ifdef IPV6_RECVPKTINFO
-    if (setsockopt(sock_fd, IPPROTO_IPV6, IPV6_RECVPKTINFO, (char *)&on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set %s socket option", "IPV6_RECVPKTINFO");
-    }
-#else
-    if (setsockopt(sock_fd, IPPROTO_IPV6, IPV6_PKTINFO, (char *)&on_off, sizeof(on_off)) < 0) {
-      LOG(LOGS_ERR, "Could not set %s socket option", "IPV6_PKTINFO");
-    }
-#endif
-#endif
-  }
-#endif
-
-  /* Bind the socket if a port or address was specified */
-  if (my_addr_len > 0 && PRV_BindSocket(sock_fd, &my_addr.u, my_addr_len) < 0) {
-    LOG(LOGS_ERR, "Could not bind %s NTP socket : %s",
-        UTI_SockaddrFamilyToString(family), strerror(errno));
-    close(sock_fd);
-    return INVALID_SOCK_FD;
-  }
-
   /* Register handler for read and possibly exception events on the socket */
   SCH_AddFileHandler(sock_fd, events, read_from_socket, NULL);
 
@@ -274,40 +129,9 @@ prepare_socket(int family, int port_number, int client_only)
 /* ================================================== */
 
 static int
-prepare_separate_client_socket(int family)
+open_separate_client_socket(IPSockAddr *remote_addr)
 {
-  switch (family) {
-    case IPADDR_INET4:
-      return prepare_socket(AF_INET, 0, 1);
-#ifdef FEAT_IPV6
-    case IPADDR_INET6:
-      return prepare_socket(AF_INET6, 0, 1);
-#endif
-    default:
-      return INVALID_SOCK_FD;
-  }
-}
-
-/* ================================================== */
-
-static int
-connect_socket(int sock_fd, NTP_Remote_Address *remote_addr)
-{
-  union sockaddr_in46 addr;
-  socklen_t addr_len;
-
-  addr_len = UTI_IPAndPortToSockaddr(&remote_addr->ip_addr, remote_addr->port, &addr.u);
-
-  assert(addr_len);
-
-  if (connect(sock_fd, &addr.u, addr_len) < 0) {
-    DEBUG_LOG("Could not connect NTP socket to %s:%d : %s",
-        UTI_IPToString(&remote_addr->ip_addr), remote_addr->port,
-        strerror(errno));
-    return 0;
-  }
-
-  return 1;
+  return open_socket(remote_addr->ip_addr.family, 0, 1, remote_addr);
 }
 
 /* ================================================== */
@@ -318,34 +142,11 @@ close_socket(int sock_fd)
   if (sock_fd == INVALID_SOCK_FD)
     return;
 
+#ifdef HAVE_LINUX_TIMESTAMPING
+  NIO_Linux_NotifySocketClosing(sock_fd);
+#endif
   SCH_RemoveFileHandler(sock_fd);
-  close(sock_fd);
-}
-
-/* ================================================== */
-
-static void
-prepare_buffers(unsigned int n)
-{
-  struct MessageHeader *hdr;
-  struct Message *msg;
-  unsigned int i;
-
-  for (i = 0; i < n; i++) {
-    msg = ARR_GetElement(recv_messages, i);
-    hdr = ARR_GetElement(recv_headers, i);
-
-    msg->iov.iov_base = &msg->buf;
-    msg->iov.iov_len = sizeof (msg->buf);
-    hdr->msg_hdr.msg_name = &msg->name;
-    hdr->msg_hdr.msg_namelen = sizeof (msg->name);
-    hdr->msg_hdr.msg_iov = &msg->iov;
-    hdr->msg_hdr.msg_iovlen = 1;
-    hdr->msg_hdr.msg_control = &msg->cmsgbuf;
-    hdr->msg_hdr.msg_controllen = sizeof (msg->cmsgbuf);
-    hdr->msg_hdr.msg_flags = 0;
-    hdr->msg_len = 0;
-  }
+  SCK_CloseSocket(sock_fd);
 }
 
 /* ================================================== */
@@ -358,6 +159,10 @@ NIO_Initialise(int family)
   assert(!initialised);
   initialised = 1;
 
+#ifdef PRIVOPS_BINDSOCKET
+  SCK_SetPrivBind(PRV_BindSocket);
+#endif
+
 #ifdef HAVE_LINUX_TIMESTAMPING
   NIO_Linux_Initialise();
 #else
@@ -368,12 +173,6 @@ NIO_Initialise(int family)
   }
 #endif
 
-  recv_messages = ARR_CreateInstance(sizeof (struct Message));
-  ARR_SetSize(recv_messages, MAX_RECV_MESSAGES);
-  recv_headers = ARR_CreateInstance(sizeof (struct MessageHeader));
-  ARR_SetSize(recv_headers, MAX_RECV_MESSAGES);
-  prepare_buffers(MAX_RECV_MESSAGES);
-
   server_port = CNF_GetNTPPort();
   client_port = CNF_GetAcquisitionPort();
 
@@ -386,47 +185,38 @@ NIO_Initialise(int family)
                                               client_port == server_port);
 
   server_sock_fd4 = INVALID_SOCK_FD;
-  client_sock_fd4 = INVALID_SOCK_FD;
-  server_sock_ref4 = 0;
-#ifdef FEAT_IPV6
   server_sock_fd6 = INVALID_SOCK_FD;
+  client_sock_fd4 = INVALID_SOCK_FD;
   client_sock_fd6 = INVALID_SOCK_FD;
+  server_sock_ref4 = 0;
   server_sock_ref6 = 0;
-#endif
 
   if (family == IPADDR_UNSPEC || family == IPADDR_INET4) {
     if (permanent_server_sockets && server_port)
-      server_sock_fd4 = prepare_socket(AF_INET, server_port, 0);
+      server_sock_fd4 = open_socket(IPADDR_INET4, server_port, 0, NULL);
     if (!separate_client_sockets) {
       if (client_port != server_port || !server_port)
-        client_sock_fd4 = prepare_socket(AF_INET, client_port, 1);
+        client_sock_fd4 = open_socket(IPADDR_INET4, client_port, 1, NULL);
       else
         client_sock_fd4 = server_sock_fd4;
     }
   }
-#ifdef FEAT_IPV6
+
   if (family == IPADDR_UNSPEC || family == IPADDR_INET6) {
     if (permanent_server_sockets && server_port)
-      server_sock_fd6 = prepare_socket(AF_INET6, server_port, 0);
+      server_sock_fd6 = open_socket(IPADDR_INET6, server_port, 0, NULL);
     if (!separate_client_sockets) {
       if (client_port != server_port || !server_port)
-        client_sock_fd6 = prepare_socket(AF_INET6, client_port, 1);
+        client_sock_fd6 = open_socket(IPADDR_INET6, client_port, 1, NULL);
       else
         client_sock_fd6 = server_sock_fd6;
     }
   }
-#endif
 
-  if ((server_port && server_sock_fd4 == INVALID_SOCK_FD &&
-       permanent_server_sockets 
-#ifdef FEAT_IPV6
-       && server_sock_fd6 == INVALID_SOCK_FD
-#endif
-      ) || (!separate_client_sockets && client_sock_fd4 == INVALID_SOCK_FD
-#ifdef FEAT_IPV6
-       && client_sock_fd6 == INVALID_SOCK_FD
-#endif
-      )) {
+  if ((server_port && permanent_server_sockets &&
+       server_sock_fd4 == INVALID_SOCK_FD && server_sock_fd6 == INVALID_SOCK_FD) ||
+      (!separate_client_sockets &&
+       client_sock_fd4 == INVALID_SOCK_FD && client_sock_fd6 == INVALID_SOCK_FD)) {
     LOG_FATAL("Could not open NTP sockets");
   }
 }
@@ -440,14 +230,11 @@ NIO_Finalise(void)
     close_socket(client_sock_fd4);
   close_socket(server_sock_fd4);
   server_sock_fd4 = client_sock_fd4 = INVALID_SOCK_FD;
-#ifdef FEAT_IPV6
+
   if (server_sock_fd6 != client_sock_fd6)
     close_socket(client_sock_fd6);
   close_socket(server_sock_fd6);
   server_sock_fd6 = client_sock_fd6 = INVALID_SOCK_FD;
-#endif
-  ARR_DestroyInstance(recv_headers);
-  ARR_DestroyInstance(recv_messages);
 
 #ifdef HAVE_LINUX_TIMESTAMPING
   NIO_Linux_Finalise();
@@ -462,25 +249,13 @@ int
 NIO_OpenClientSocket(NTP_Remote_Address *remote_addr)
 {
   if (separate_client_sockets) {
-    int sock_fd = prepare_separate_client_socket(remote_addr->ip_addr.family);
-
-    if (sock_fd == INVALID_SOCK_FD)
-      return INVALID_SOCK_FD;
-
-    if (!connect_socket(sock_fd, remote_addr)) {
-      close_socket(sock_fd);
-      return INVALID_SOCK_FD;
-    }
-
-    return sock_fd;
+    return open_separate_client_socket(remote_addr);
   } else {
     switch (remote_addr->ip_addr.family) {
       case IPADDR_INET4:
         return client_sock_fd4;
-#ifdef FEAT_IPV6
       case IPADDR_INET6:
         return client_sock_fd6;
-#endif
       default:
         return INVALID_SOCK_FD;
     }
@@ -497,20 +272,18 @@ NIO_OpenServerSocket(NTP_Remote_Address *remote_addr)
       if (permanent_server_sockets)
         return server_sock_fd4;
       if (server_sock_fd4 == INVALID_SOCK_FD)
-        server_sock_fd4 = prepare_socket(AF_INET, CNF_GetNTPPort(), 0);
+        server_sock_fd4 = open_socket(IPADDR_INET4, CNF_GetNTPPort(), 0, NULL);
       if (server_sock_fd4 != INVALID_SOCK_FD)
         server_sock_ref4++;
       return server_sock_fd4;
-#ifdef FEAT_IPV6
     case IPADDR_INET6:
       if (permanent_server_sockets)
         return server_sock_fd6;
       if (server_sock_fd6 == INVALID_SOCK_FD)
-        server_sock_fd6 = prepare_socket(AF_INET6, CNF_GetNTPPort(), 0);
+        server_sock_fd6 = open_socket(IPADDR_INET6, CNF_GetNTPPort(), 0, NULL);
       if (server_sock_fd6 != INVALID_SOCK_FD)
         server_sock_ref6++;
       return server_sock_fd6;
-#endif
     default:
       return INVALID_SOCK_FD;
   }
@@ -538,16 +311,12 @@ NIO_CloseServerSocket(int sock_fd)
       close_socket(server_sock_fd4);
       server_sock_fd4 = INVALID_SOCK_FD;
     }
-  }
-#ifdef FEAT_IPV6
-  else if (sock_fd == server_sock_fd6) {
+  } else if (sock_fd == server_sock_fd6) {
     if (--server_sock_ref6 <= 0) {
       close_socket(server_sock_fd6);
       server_sock_fd6 = INVALID_SOCK_FD;
     }
-  }
-#endif
-  else {
+  } else {
     assert(0);
   }
 }
@@ -558,119 +327,76 @@ int
 NIO_IsServerSocket(int sock_fd)
 {
   return sock_fd != INVALID_SOCK_FD &&
-    (sock_fd == server_sock_fd4
-#ifdef FEAT_IPV6
-     || sock_fd == server_sock_fd6
-#endif
-    );
+    (sock_fd == server_sock_fd4 || sock_fd == server_sock_fd6);
+}
+
+/* ================================================== */
+
+int
+NIO_IsServerSocketOpen(void)
+{
+  return server_sock_fd4 != INVALID_SOCK_FD || server_sock_fd6 != INVALID_SOCK_FD;
+}
+
+/* ================================================== */
+
+int
+NIO_IsServerConnectable(NTP_Remote_Address *remote_addr)
+{
+  int sock_fd;
+
+  sock_fd = open_separate_client_socket(remote_addr);
+  if (sock_fd == INVALID_SOCK_FD)
+    return 0;
+
+  close_socket(sock_fd);
+
+  return 1;
 }
 
 /* ================================================== */
 
 static void
-process_message(struct msghdr *hdr, int length, int sock_fd)
+process_message(SCK_Message *message, int sock_fd, int event)
 {
-  NTP_Remote_Address remote_addr;
   NTP_Local_Address local_addr;
   NTP_Local_Timestamp local_ts;
   struct timespec sched_ts;
-  struct cmsghdr *cmsg;
 
   SCH_GetLastEventTime(&local_ts.ts, &local_ts.err, NULL);
   local_ts.source = NTP_TS_DAEMON;
   sched_ts = local_ts.ts;
 
-  if (hdr->msg_namelen > sizeof (union sockaddr_in46)) {
-    DEBUG_LOG("Truncated source address");
+  if (message->addr_type != SCK_ADDR_IP) {
+    DEBUG_LOG("Unexpected address type");
     return;
   }
 
-  if (hdr->msg_namelen >= sizeof (((struct sockaddr *)hdr->msg_name)->sa_family)) {
-    UTI_SockaddrToIPAndPort((struct sockaddr *)hdr->msg_name,
-                            &remote_addr.ip_addr, &remote_addr.port);
-  } else {
-    remote_addr.ip_addr.family = IPADDR_UNSPEC;
-    remote_addr.port = 0;
-  }
-
-  local_addr.ip_addr.family = IPADDR_UNSPEC;
-  local_addr.if_index = INVALID_IF_INDEX;
+  local_addr.ip_addr = message->local_addr.ip;
+  local_addr.if_index = message->if_index;;
   local_addr.sock_fd = sock_fd;
 
-  if (hdr->msg_flags & MSG_TRUNC) {
-    DEBUG_LOG("Received truncated message from %s:%d",
-              UTI_IPToString(&remote_addr.ip_addr), remote_addr.port);
-    return;
-  }
-
-  if (hdr->msg_flags & MSG_CTRUNC) {
-    DEBUG_LOG("Truncated control message");
-    /* Continue */
-  }
-
-  for (cmsg = CMSG_FIRSTHDR(hdr); cmsg; cmsg = CMSG_NXTHDR(hdr, cmsg)) {
-#ifdef HAVE_IN_PKTINFO
-    if (cmsg->cmsg_level == IPPROTO_IP && cmsg->cmsg_type == IP_PKTINFO) {
-      struct in_pktinfo ipi;
-
-      memcpy(&ipi, CMSG_DATA(cmsg), sizeof(ipi));
-      local_addr.ip_addr.addr.in4 = ntohl(ipi.ipi_addr.s_addr);
-      local_addr.ip_addr.family = IPADDR_INET4;
-      local_addr.if_index = ipi.ipi_ifindex;
-    }
-#endif
-
-#ifdef HAVE_IN6_PKTINFO
-    if (cmsg->cmsg_level == IPPROTO_IPV6 && cmsg->cmsg_type == IPV6_PKTINFO) {
-      struct in6_pktinfo ipi;
-
-      memcpy(&ipi, CMSG_DATA(cmsg), sizeof(ipi));
-      memcpy(&local_addr.ip_addr.addr.in6, &ipi.ipi6_addr.s6_addr,
-             sizeof (local_addr.ip_addr.addr.in6));
-      local_addr.ip_addr.family = IPADDR_INET6;
-      local_addr.if_index = ipi.ipi6_ifindex;
-    }
-#endif
-
-#ifdef SCM_TIMESTAMP
-    if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMP) {
-      struct timeval tv;
-      struct timespec ts;
-
-      memcpy(&tv, CMSG_DATA(cmsg), sizeof(tv));
-      UTI_TimevalToTimespec(&tv, &ts);
-      LCL_CookTime(&ts, &local_ts.ts, &local_ts.err);
-      local_ts.source = NTP_TS_KERNEL;
-    }
-#endif
-
-#ifdef SCM_TIMESTAMPNS
-    if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMPNS) {
-      struct timespec ts;
-
-      memcpy(&ts, CMSG_DATA(cmsg), sizeof (ts));
-      LCL_CookTime(&ts, &local_ts.ts, &local_ts.err);
-      local_ts.source = NTP_TS_KERNEL;
-    }
-#endif
-  }
-
 #ifdef HAVE_LINUX_TIMESTAMPING
-  if (NIO_Linux_ProcessMessage(&remote_addr, &local_addr, &local_ts, hdr, length))
+  if (NIO_Linux_ProcessMessage(message, &local_addr, &local_ts, event))
     return;
+#else
+  if (!UTI_IsZeroTimespec(&message->timestamp.kernel)) {
+    LCL_CookTime(&message->timestamp.kernel, &local_ts.ts, &local_ts.err);
+    local_ts.source = NTP_TS_KERNEL;
+  }
 #endif
 
-  DEBUG_LOG("Received %d bytes from %s:%d to %s fd=%d if=%d tss=%d delay=%.9f",
-            length, UTI_IPToString(&remote_addr.ip_addr), remote_addr.port,
-            UTI_IPToString(&local_addr.ip_addr), local_addr.sock_fd, local_addr.if_index,
-            local_ts.source, UTI_DiffTimespecsToDouble(&sched_ts, &local_ts.ts));
+  if (local_ts.source != NTP_TS_DAEMON)
+    DEBUG_LOG("Updated RX timestamp delay=%.9f tss=%u",
+              UTI_DiffTimespecsToDouble(&sched_ts, &local_ts.ts), local_ts.source);
 
   /* Just ignore the packet if it's not of a recognized length */
-  if (length < NTP_NORMAL_PACKET_LENGTH || length > sizeof (NTP_Receive_Buffer))
+  if (message->length < NTP_HEADER_LENGTH || message->length > sizeof (NTP_Packet)) {
+    DEBUG_LOG("Unexpected length");
     return;
+  }
 
-  NSR_ProcessRx(&remote_addr, &local_addr, &local_ts,
-                (NTP_Packet *)hdr->msg_iov[0].iov_base, length);
+  NSR_ProcessRx(&message->remote_addr.ip, &local_addr, &local_ts, message->data, message->length);
 }
 
 /* ================================================== */
@@ -681,46 +407,28 @@ read_from_socket(int sock_fd, int event, void *anything)
   /* This should only be called when there is something
      to read, otherwise it may block */
 
-  struct MessageHeader *hdr;
-  unsigned int i, n;
-  int status, flags = 0;
+  SCK_Message messages[SCK_MAX_RECV_MESSAGES];
+  int i, received, flags = 0;
 
-  hdr = ARR_GetElements(recv_headers);
-  n = ARR_GetSize(recv_headers);
-  assert(n >= 1);
+#ifdef HAVE_LINUX_TIMESTAMPING
+  if (NIO_Linux_ProcessEvent(sock_fd, event))
+    return;
+#endif
 
   if (event == SCH_FILE_EXCEPTION) {
 #ifdef HAVE_LINUX_TIMESTAMPING
-    flags |= MSG_ERRQUEUE;
+    flags |= SCK_FLAG_MSG_ERRQUEUE;
 #else
     assert(0);
 #endif
   }
 
-#ifdef HAVE_RECVMMSG
-  status = recvmmsg(sock_fd, hdr, n, flags | MSG_DONTWAIT, NULL);
-  if (status >= 0)
-    n = status;
-#else
-  n = 1;
-  status = recvmsg(sock_fd, &hdr[0].msg_hdr, flags);
-  if (status >= 0)
-    hdr[0].msg_len = status;
-#endif
-
-  if (status < 0) {
-    DEBUG_LOG("Could not receive from fd %d : %s", sock_fd,
-              strerror(errno));
+  received = SCK_ReceiveMessages(sock_fd, messages, SCK_MAX_RECV_MESSAGES, flags);
+  if (received <= 0)
     return;
-  }
 
-  for (i = 0; i < n; i++) {
-    hdr = ARR_GetElement(recv_headers, i);
-    process_message(&hdr->msg_hdr, hdr->msg_len, sock_fd);
-  }
-
-  /* Restore the buffers to their original state */
-  prepare_buffers(n);
+  for (i = 0; i < received; i++)
+    process_message(&messages[i], sock_fd, event);
 }
 
 /* ================================================== */
@@ -730,102 +438,43 @@ int
 NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr,
                NTP_Local_Address *local_addr, int length, int process_tx)
 {
-  union sockaddr_in46 remote;
-  struct msghdr msg;
-  struct iovec iov;
-  struct cmsghdr *cmsg, cmsgbuf[CMSGBUF_SIZE / sizeof (struct cmsghdr)];
-  int cmsglen;
-  socklen_t addrlen = 0;
+  SCK_Message message;
 
   assert(initialised);
 
   if (local_addr->sock_fd == INVALID_SOCK_FD) {
-    DEBUG_LOG("No socket to send to %s:%d",
-              UTI_IPToString(&remote_addr->ip_addr), remote_addr->port);
+    DEBUG_LOG("No socket to send to %s", UTI_IPSockAddrToString(remote_addr));
     return 0;
   }
 
-  /* Don't set address with connected socket */
+  SCK_InitMessage(&message, SCK_ADDR_IP);
+
+  message.data = packet;
+  message.length = length;
+
+  /* Specify remote address if the socket is not connected */
   if (NIO_IsServerSocket(local_addr->sock_fd) || !separate_client_sockets) {
-    addrlen = UTI_IPAndPortToSockaddr(&remote_addr->ip_addr, remote_addr->port,
-                                      &remote.u);
-    if (!addrlen)
-      return 0;
+    message.remote_addr.ip.ip_addr = remote_addr->ip_addr;
+    message.remote_addr.ip.port = remote_addr->port;
   }
 
-  if (addrlen) {
-    msg.msg_name = &remote.u;
-    msg.msg_namelen = addrlen;
-  } else {
-    msg.msg_name = NULL;
-    msg.msg_namelen = 0;
-  }
+  message.if_index = local_addr->if_index;
+  message.local_addr.ip = local_addr->ip_addr;
 
-  iov.iov_base = packet;
-  iov.iov_len = length;
-  msg.msg_iov = &iov;
-  msg.msg_iovlen = 1;
-  msg.msg_control = cmsgbuf;
-  msg.msg_controllen = sizeof(cmsgbuf);
-  msg.msg_flags = 0;
-  cmsglen = 0;
-
-#ifdef HAVE_IN_PKTINFO
-  if (local_addr->ip_addr.family == IPADDR_INET4) {
-    struct in_pktinfo *ipi;
-
-    cmsg = CMSG_FIRSTHDR(&msg);
-    memset(cmsg, 0, CMSG_SPACE(sizeof(struct in_pktinfo)));
-    cmsglen += CMSG_SPACE(sizeof(struct in_pktinfo));
-
-    cmsg->cmsg_level = IPPROTO_IP;
-    cmsg->cmsg_type = IP_PKTINFO;
-    cmsg->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
-
-    ipi = (struct in_pktinfo *) CMSG_DATA(cmsg);
-    ipi->ipi_spec_dst.s_addr = htonl(local_addr->ip_addr.addr.in4);
-  }
-#endif
-
-#ifdef HAVE_IN6_PKTINFO
-  if (local_addr->ip_addr.family == IPADDR_INET6) {
-    struct in6_pktinfo *ipi;
-
-    cmsg = CMSG_FIRSTHDR(&msg);
-    memset(cmsg, 0, CMSG_SPACE(sizeof(struct in6_pktinfo)));
-    cmsglen += CMSG_SPACE(sizeof(struct in6_pktinfo));
-
-    cmsg->cmsg_level = IPPROTO_IPV6;
-    cmsg->cmsg_type = IPV6_PKTINFO;
-    cmsg->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
-
-    ipi = (struct in6_pktinfo *) CMSG_DATA(cmsg);
-    memcpy(&ipi->ipi6_addr.s6_addr, &local_addr->ip_addr.addr.in6,
-        sizeof(ipi->ipi6_addr.s6_addr));
-  }
+#if !defined(HAVE_IN_PKTINFO) && defined(IP_SENDSRCADDR)
+  /* On FreeBSD a local IPv4 address cannot be specified on bound socket */
+  if (message.local_addr.ip.family == IPADDR_INET4 &&
+      (local_addr->sock_fd != server_sock_fd4 || bound_server_sock_fd4))
+    message.local_addr.ip.family = IPADDR_UNSPEC;
 #endif
 
 #ifdef HAVE_LINUX_TIMESTAMPING
   if (process_tx)
-   cmsglen = NIO_Linux_RequestTxTimestamp(&msg, cmsglen, local_addr->sock_fd);
+    NIO_Linux_RequestTxTimestamp(&message, local_addr->sock_fd);
 #endif
 
-  msg.msg_controllen = cmsglen;
-  /* This is apparently required on some systems */
-  if (!cmsglen)
-    msg.msg_control = NULL;
-
-  if (sendmsg(local_addr->sock_fd, &msg, 0) < 0) {
-    DEBUG_LOG("Could not send to %s:%d from %s fd %d : %s",
-        UTI_IPToString(&remote_addr->ip_addr), remote_addr->port,
-        UTI_IPToString(&local_addr->ip_addr), local_addr->sock_fd,
-        strerror(errno));
+  if (!SCK_SendMessage(local_addr->sock_fd, &message, 0))
     return 0;
-  }
-
-  DEBUG_LOG("Sent %d bytes to %s:%d from %s fd %d", length,
-      UTI_IPToString(&remote_addr->ip_addr), remote_addr->port,
-      UTI_IPToString(&local_addr->ip_addr), local_addr->sock_fd);
 
   return 1;
 }

ntp_io.h

@@ -53,6 +53,12 @@ extern void NIO_CloseServerSocket(int sock_fd);
 /* Function to check if socket is a server socket */
 extern int NIO_IsServerSocket(int sock_fd);
 
+/* Function to check if a server socket is currently open */
+extern int NIO_IsServerSocketOpen(void);
+
+/* Function to check if client packets can be sent to a server */
+extern int NIO_IsServerConnectable(NTP_Remote_Address *remote_addr);
+
 /* Function to transmit a packet */
 extern int NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr,
                           NTP_Local_Address *local_addr, int length, int process_tx);

ntp_io_linux.c

@@ -2,7 +2,7 @@
   chronyd/chronyc - Programs for keeping computer clocks accurate.
 
  **********************************************************************
- * Copyright (C) Miroslav Lichvar  2016-2017
+ * Copyright (C) Miroslav Lichvar  2016-2019
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -29,7 +29,6 @@
 #include "sysincl.h"
 
 #include <ifaddrs.h>
-#include <linux/errqueue.h>
 #include <linux/ethtool.h>
 #include <linux/net_tstamp.h>
 #include <linux/sockios.h>
@@ -45,17 +44,10 @@
 #include "ntp_io_linux.h"
 #include "ntp_sources.h"
 #include "sched.h"
+#include "socket.h"
 #include "sys_linux.h"
 #include "util.h"
 
-union sockaddr_in46 {
-  struct sockaddr_in in4;
-#ifdef FEAT_IPV6
-  struct sockaddr_in6 in6;
-#endif
-  struct sockaddr u;
-};
-
 struct Interface {
   char name[IF_NAMESIZE];
   int if_index;
@@ -94,6 +86,27 @@ static int ts_tx_flags;
 /* Flag indicating the socket options can't be changed in control messages */
 static int permanent_ts_options;
 
+/* When sending client requests to a close and fast server, it is possible that
+   a response will be received before the HW transmit timestamp of the request
+   itself.  To avoid processing of the response without the HW timestamp, we
+   monitor events returned by select() and suspend reading of packets from the
+   receive queue for up to 200 microseconds.  As the requests are normally
+   separated by at least 200 milliseconds, it is sufficient to monitor and
+   suspend one socket at a time. */
+static int monitored_socket;
+static int suspended_socket;
+static SCH_TimeoutID resume_timeout_id;
+
+#define RESUME_TIMEOUT 200.0e-6
+
+/* Unbound socket keeping the kernel RX timestamping permanently enabled
+   in order to avoid a race condition between receiving a server response
+   and the kernel actually starting to timestamp received packets after
+   enabling the timestamping and sending a request */
+static int dummy_rxts_socket;
+
+#define INVALID_SOCK_FD -3
+
 /* ================================================== */
 
 static int
@@ -102,7 +115,7 @@ add_interface(CNF_HwTsInterface *conf_iface)
   struct ethtool_ts_info ts_info;
   struct hwtstamp_config ts_config;
   struct ifreq req;
-  int sock_fd, if_index, phc_fd, req_hwts_flags;
+  int sock_fd, if_index, phc_fd, req_hwts_flags, rx_filter;
   unsigned int i;
   struct Interface *iface;
 
@@ -112,7 +125,7 @@ add_interface(CNF_HwTsInterface *conf_iface)
       return 1;
   }
 
-  sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+  sock_fd = SCK_OpenUdpSocket(NULL, NULL, 0);
   if (sock_fd < 0)
     return 0;
 
@@ -121,13 +134,13 @@ add_interface(CNF_HwTsInterface *conf_iface)
 
   if (snprintf(req.ifr_name, sizeof (req.ifr_name), "%s", conf_iface->name) >=
       sizeof (req.ifr_name)) {
-    close(sock_fd);
+    SCK_CloseSocket(sock_fd);
     return 0;
   }
 
   if (ioctl(sock_fd, SIOCGIFINDEX, &req)) {
     DEBUG_LOG("ioctl(%s) failed : %s", "SIOCGIFINDEX", strerror(errno));
-    close(sock_fd);
+    SCK_CloseSocket(sock_fd);
     return 0;
   }
 
@@ -138,7 +151,7 @@ add_interface(CNF_HwTsInterface *conf_iface)
 
   if (ioctl(sock_fd, SIOCETHTOOL, &req)) {
     DEBUG_LOG("ioctl(%s) failed : %s", "SIOCETHTOOL", strerror(errno));
-    close(sock_fd);
+    SCK_CloseSocket(sock_fd);
     return 0;
   }
 
@@ -146,47 +159,64 @@ add_interface(CNF_HwTsInterface *conf_iface)
                    SOF_TIMESTAMPING_RAW_HARDWARE;
   if ((ts_info.so_timestamping & req_hwts_flags) != req_hwts_flags) {
     DEBUG_LOG("HW timestamping not supported on %s", req.ifr_name);
-    close(sock_fd);
+    SCK_CloseSocket(sock_fd);
     return 0;
   }
 
-  ts_config.flags = 0;
-  ts_config.tx_type = HWTSTAMP_TX_ON;
+  if (ts_info.phc_index < 0) {
+    DEBUG_LOG("PHC missing on %s", req.ifr_name);
+    SCK_CloseSocket(sock_fd);
+    return 0;
+  }
 
   switch (conf_iface->rxfilter) {
     case CNF_HWTS_RXFILTER_ANY:
 #ifdef HAVE_LINUX_TIMESTAMPING_RXFILTER_NTP
       if (ts_info.rx_filters & (1 << HWTSTAMP_FILTER_NTP_ALL))
-        ts_config.rx_filter = HWTSTAMP_FILTER_NTP_ALL;
+        rx_filter = HWTSTAMP_FILTER_NTP_ALL;
       else
 #endif
       if (ts_info.rx_filters & (1 << HWTSTAMP_FILTER_ALL))
-        ts_config.rx_filter = HWTSTAMP_FILTER_ALL;
+        rx_filter = HWTSTAMP_FILTER_ALL;
       else
-        ts_config.rx_filter = HWTSTAMP_FILTER_NONE;
+        rx_filter = HWTSTAMP_FILTER_NONE;
       break;
     case CNF_HWTS_RXFILTER_NONE:
-      ts_config.rx_filter = HWTSTAMP_FILTER_NONE;
+      rx_filter = HWTSTAMP_FILTER_NONE;
       break;
 #ifdef HAVE_LINUX_TIMESTAMPING_RXFILTER_NTP
     case CNF_HWTS_RXFILTER_NTP:
-      ts_config.rx_filter = HWTSTAMP_FILTER_NTP_ALL;
+      rx_filter = HWTSTAMP_FILTER_NTP_ALL;
       break;
 #endif
     default:
-      ts_config.rx_filter = HWTSTAMP_FILTER_ALL;
+      rx_filter = HWTSTAMP_FILTER_ALL;
       break;
   }
 
+  ts_config.flags = 0;
+  ts_config.tx_type = HWTSTAMP_TX_ON;
+  ts_config.rx_filter = rx_filter;
   req.ifr_data = (char *)&ts_config;
 
   if (ioctl(sock_fd, SIOCSHWTSTAMP, &req)) {
     DEBUG_LOG("ioctl(%s) failed : %s", "SIOCSHWTSTAMP", strerror(errno));
-    close(sock_fd);
-    return 0;
+
+    /* Check the current timestamping configuration in case this interface
+       allows only reading of the configuration and it was already configured
+       as requested */
+    req.ifr_data = (char *)&ts_config;
+#ifdef SIOCGHWTSTAMP
+    if (ioctl(sock_fd, SIOCGHWTSTAMP, &req) ||
+        ts_config.tx_type != HWTSTAMP_TX_ON || ts_config.rx_filter != rx_filter)
+#endif
+    {
+      SCK_CloseSocket(sock_fd);
+      return 0;
+    }
   }
 
-  close(sock_fd);
+  SCK_CloseSocket(sock_fd);
 
   phc_fd = SYS_Linux_OpenPHC(NULL, ts_info.phc_index);
   if (phc_fd < 0)
@@ -209,7 +239,8 @@ add_interface(CNF_HwTsInterface *conf_iface)
   iface->tx_comp = conf_iface->tx_comp;
   iface->rx_comp = conf_iface->rx_comp;
 
-  iface->clock = HCL_CreateInstance(UTI_Log2ToDouble(MAX(conf_iface->minpoll, MIN_PHC_POLL)));
+  iface->clock = HCL_CreateInstance(conf_iface->min_samples, conf_iface->max_samples,
+                                    UTI_Log2ToDouble(MAX(conf_iface->minpoll, MIN_PHC_POLL)));
 
   LOG(LOGS_INFO, "Enabled HW timestamping %son %s",
       ts_config.rx_filter == HWTSTAMP_FILTER_NONE ? "(TX only) " : "", iface->name);
@@ -252,9 +283,9 @@ update_interface_speed(struct Interface *iface)
 {
   struct ethtool_cmd cmd;
   struct ifreq req;
-  int sock_fd;
+  int sock_fd, link_speed;
 
-  sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+  sock_fd = SCK_OpenUdpSocket(NULL, NULL, 0);
   if (sock_fd < 0)
     return;
 
@@ -267,13 +298,18 @@ update_interface_speed(struct Interface *iface)
 
   if (ioctl(sock_fd, SIOCETHTOOL, &req)) {
     DEBUG_LOG("ioctl(%s) failed : %s", "SIOCETHTOOL", strerror(errno));
-    close(sock_fd);
+    SCK_CloseSocket(sock_fd);
     return;
   }
 
-  close(sock_fd);
+  SCK_CloseSocket(sock_fd);
 
-  iface->link_speed = ethtool_cmd_speed(&cmd);
+  link_speed = ethtool_cmd_speed(&cmd);
+
+  if (iface->link_speed != link_speed) {
+    iface->link_speed = link_speed;
+    DEBUG_LOG("Updated speed of %s to %d Mb/s", iface->name, link_speed);
+  }
 }
 
 /* ================================================== */
@@ -284,23 +320,41 @@ check_timestamping_option(int option)
 {
   int sock_fd;
 
-  sock_fd = socket(AF_INET, SOCK_DGRAM, 0);
+  sock_fd = SCK_OpenUdpSocket(NULL, NULL, 0);
   if (sock_fd < 0)
     return 0;
 
-  if (setsockopt(sock_fd, SOL_SOCKET, SO_TIMESTAMPING, &option, sizeof (option)) < 0) {
-    DEBUG_LOG("Could not enable timestamping option %x", option);
-    close(sock_fd);
+  if (!SCK_SetIntOption(sock_fd, SOL_SOCKET, SO_TIMESTAMPING, option)) {
+    SCK_CloseSocket(sock_fd);
     return 0;
   }
 
-  close(sock_fd);
+  SCK_CloseSocket(sock_fd);
   return 1;
 }
 #endif
 
 /* ================================================== */
 
+static int
+open_dummy_socket(void)
+{
+  int sock_fd, events = 0;
+
+  sock_fd = SCK_OpenUdpSocket(NULL, NULL, 0);
+  if (sock_fd < 0)
+    return INVALID_SOCK_FD;
+
+  if (!NIO_Linux_SetTimestampSocketOptions(sock_fd, 1, &events)) {
+    SCK_CloseSocket(sock_fd);
+    return INVALID_SOCK_FD;
+  }
+
+  return sock_fd;
+}
+
+/* ================================================== */
+
 void
 NIO_Linux_Initialise(void)
 {
@@ -350,6 +404,10 @@ NIO_Linux_Initialise(void)
 
   /* Kernels before 4.7 ignore timestamping flags set in control messages */
   permanent_ts_options = !SYS_Linux_CheckKernelVersion(4, 7);
+
+  monitored_socket = INVALID_SOCK_FD;
+  suspended_socket = INVALID_SOCK_FD;
+  dummy_rxts_socket = INVALID_SOCK_FD;
 }
 
 /* ================================================== */
@@ -360,6 +418,9 @@ NIO_Linux_Finalise(void)
   struct Interface *iface;
   unsigned int i;
 
+  if (dummy_rxts_socket != INVALID_SOCK_FD)
+    SCK_CloseSocket(dummy_rxts_socket);
+
   for (i = 0; i < ARR_GetSize(interfaces); i++) {
     iface = ARR_GetElement(interfaces, i);
     HCL_DestroyInstance(iface->clock);
@@ -388,14 +449,12 @@ NIO_Linux_SetTimestampSocketOptions(int sock_fd, int client_only, int *events)
   if (client_only || permanent_ts_options)
     flags |= ts_tx_flags;
 
-  if (setsockopt(sock_fd, SOL_SOCKET, SO_SELECT_ERR_QUEUE, &val, sizeof (val)) < 0) {
-    LOG(LOGS_ERR, "Could not set %s socket option", "SO_SELECT_ERR_QUEUE");
+  if (!SCK_SetIntOption(sock_fd, SOL_SOCKET, SO_SELECT_ERR_QUEUE, val)) {
     ts_flags = 0;
     return 0;
   }
 
-  if (setsockopt(sock_fd, SOL_SOCKET, SO_TIMESTAMPING, &flags, sizeof (flags)) < 0) {
-    LOG(LOGS_ERR, "Could not set %s socket option", "SO_TIMESTAMPING");
+  if (!SCK_SetIntOption(sock_fd, SOL_SOCKET, SO_TIMESTAMPING, flags)) {
     ts_flags = 0;
     return 0;
   }
@@ -406,6 +465,73 @@ NIO_Linux_SetTimestampSocketOptions(int sock_fd, int client_only, int *events)
 
 /* ================================================== */
 
+static void
+resume_socket(int sock_fd)
+{
+  if (monitored_socket == sock_fd)
+    monitored_socket = INVALID_SOCK_FD;
+
+  if (sock_fd == INVALID_SOCK_FD || sock_fd != suspended_socket)
+    return;
+
+  suspended_socket = INVALID_SOCK_FD;
+
+  SCH_SetFileHandlerEvent(sock_fd, SCH_FILE_INPUT, 1);
+
+  DEBUG_LOG("Resumed RX processing %s timeout fd=%d",
+            resume_timeout_id ? "before" : "on", sock_fd);
+
+  if (resume_timeout_id) {
+    SCH_RemoveTimeout(resume_timeout_id);
+    resume_timeout_id = 0;
+  }
+}
+
+/* ================================================== */
+
+static void
+resume_timeout(void *arg)
+{
+  resume_timeout_id = 0;
+  resume_socket(suspended_socket);
+}
+
+/* ================================================== */
+
+static void
+suspend_socket(int sock_fd)
+{
+  resume_socket(suspended_socket);
+
+  suspended_socket = sock_fd;
+
+  SCH_SetFileHandlerEvent(suspended_socket, SCH_FILE_INPUT, 0);
+  resume_timeout_id = SCH_AddTimeoutByDelay(RESUME_TIMEOUT, resume_timeout, NULL);
+
+  DEBUG_LOG("Suspended RX processing fd=%d", sock_fd);
+}
+
+/* ================================================== */
+
+int
+NIO_Linux_ProcessEvent(int sock_fd, int event)
+{
+  if (sock_fd != monitored_socket)
+    return 0;
+
+  if (event == SCH_FILE_INPUT) {
+    suspend_socket(monitored_socket);
+    monitored_socket = INVALID_SOCK_FD;
+
+    /* Don't process the message yet */
+    return 1;
+  }
+
+  return 0;
+}
+
+/* ================================================== */
+
 static struct Interface *
 get_interface(int if_index)
 {
@@ -454,7 +580,11 @@ process_hw_timestamp(struct Interface *iface, struct timespec *hw_ts,
   if (rx_ntp_length && iface->link_speed) {
     if (!l2_length)
       l2_length = (family == IPADDR_INET4 ? iface->l2_udp4_ntp_start :
-                   iface->l2_udp6_ntp_start) + rx_ntp_length + 4;
+                   iface->l2_udp6_ntp_start) + rx_ntp_length;
+
+    /* Include the frame check sequence (FCS) */
+    l2_length += 4;
+
     rx_correction = l2_length / (1.0e6 / 8 * iface->link_speed);
 
     UTI_AddDoubleToTimespec(hw_ts, rx_correction, hw_ts);
@@ -488,7 +618,6 @@ static int
 extract_udp_data(unsigned char *msg, NTP_Remote_Address *remote_addr, int len)
 {
   unsigned char *msg_start = msg;
-  union sockaddr_in46 addr;
 
   remote_addr->ip_addr.family = IPADDR_UNSPEC;
   remote_addr->port = 0;
@@ -511,19 +640,21 @@ extract_udp_data(unsigned char *msg, NTP_Remote_Address *remote_addr, int len)
   /* Parse destination address and port from IPv4/IPv6 and UDP headers */
   if (len >= 20 && msg[0] >> 4 == 4) {
     int ihl = (msg[0] & 0xf) * 4;
+    uint32_t addr;
 
     if (len < ihl + 8 || msg[9] != 17)
       return 0;
 
-    memcpy(&addr.in4.sin_addr.s_addr, msg + 16, sizeof (uint32_t));
-    addr.in4.sin_port = *(uint16_t *)(msg + ihl + 2);
-    addr.in4.sin_family = AF_INET;
+    memcpy(&addr, msg + 16, sizeof (addr));
+    remote_addr->ip_addr.addr.in4 = ntohl(addr);
+    remote_addr->port = ntohs(*(uint16_t *)(msg + ihl + 2));
+    remote_addr->ip_addr.family = IPADDR_INET4;
     len -= ihl + 8, msg += ihl + 8;
 #ifdef FEAT_IPV6
   } else if (len >= 48 && msg[0] >> 4 == 6) {
     int eh_len, next_header = msg[6];
 
-    memcpy(&addr.in6.sin6_addr.s6_addr, msg + 24, 16);
+    memcpy(&remote_addr->ip_addr.addr.in6, msg + 24, sizeof (remote_addr->ip_addr.addr.in6));
     len -= 40, msg += 40;
 
     /* Skip IPv6 extension headers if present */
@@ -555,16 +686,14 @@ extract_udp_data(unsigned char *msg, NTP_Remote_Address *remote_addr, int len)
       len -= eh_len, msg += eh_len;
     }
 
-    addr.in6.sin6_port = *(uint16_t *)(msg + 2);
-    addr.in6.sin6_family = AF_INET6;
+    remote_addr->port = ntohs(*(uint16_t *)(msg + 2));
+    remote_addr->ip_addr.family = IPADDR_INET6;
     len -= 8, msg += 8;
 #endif
   } else {
     return 0;
   }
 
-  UTI_SockaddrToIPAndPort(&addr.u, &remote_addr->ip_addr, &remote_addr->port);
-
   /* Move the message to fix alignment of its fields */
   if (len > 0)
     memmove(msg_start, msg, len);
@@ -575,67 +704,47 @@ extract_udp_data(unsigned char *msg, NTP_Remote_Address *remote_addr, int len)
 /* ================================================== */
 
 int
-NIO_Linux_ProcessMessage(NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr,
-                         NTP_Local_Timestamp *local_ts, struct msghdr *hdr, int length)
+NIO_Linux_ProcessMessage(SCK_Message *message, NTP_Local_Address *local_addr,
+                         NTP_Local_Timestamp *local_ts, int event)
 {
   struct Interface *iface;
-  struct cmsghdr *cmsg;
   int is_tx, ts_if_index, l2_length;
 
-  is_tx = hdr->msg_flags & MSG_ERRQUEUE;
+  is_tx = event == SCH_FILE_EXCEPTION;
   iface = NULL;
-  ts_if_index = local_addr->if_index;
-  l2_length = 0;
 
-  for (cmsg = CMSG_FIRSTHDR(hdr); cmsg; cmsg = CMSG_NXTHDR(hdr, cmsg)) {
-#ifdef HAVE_LINUX_TIMESTAMPING_OPT_PKTINFO
-    if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMPING_PKTINFO) {
-      struct scm_ts_pktinfo ts_pktinfo;
+  ts_if_index = message->timestamp.if_index;
+  if (ts_if_index == INVALID_IF_INDEX)
+    ts_if_index = message->if_index;
+  l2_length = message->timestamp.l2_length;
 
-      memcpy(&ts_pktinfo, CMSG_DATA(cmsg), sizeof (ts_pktinfo));
-
-      ts_if_index = ts_pktinfo.if_index;
-      l2_length = ts_pktinfo.pkt_length;
-
-      DEBUG_LOG("Received HW timestamp info if=%d length=%d", ts_if_index, l2_length);
-    }
-#endif
-
-    if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMPING) {
-      struct scm_timestamping ts3;
-
-      memcpy(&ts3, CMSG_DATA(cmsg), sizeof (ts3));
-
-      if (!UTI_IsZeroTimespec(&ts3.ts[2])) {
-        iface = get_interface(ts_if_index);
-        if (iface) {
-          process_hw_timestamp(iface, &ts3.ts[2], local_ts, !is_tx ? length : 0,
-                               remote_addr->ip_addr.family, l2_length);
-        } else {
-          DEBUG_LOG("HW clock not found for interface %d", ts_if_index);
-        }
-      }
-
-      if (local_ts->source == NTP_TS_DAEMON && !UTI_IsZeroTimespec(&ts3.ts[0]) &&
-          (!is_tx || UTI_IsZeroTimespec(&ts3.ts[2]))) {
-        LCL_CookTime(&ts3.ts[0], &local_ts->ts, &local_ts->err);
-        local_ts->source = NTP_TS_KERNEL;
-      }
+  if (!UTI_IsZeroTimespec(&message->timestamp.hw)) {
+    iface = get_interface(ts_if_index);
+    if (iface) {
+      process_hw_timestamp(iface, &message->timestamp.hw, local_ts, !is_tx ? message->length : 0,
+                           message->remote_addr.ip.ip_addr.family, l2_length);
+    } else {
+      DEBUG_LOG("HW clock not found for interface %d", ts_if_index);
     }
 
-    if ((cmsg->cmsg_level == SOL_IP && cmsg->cmsg_type == IP_RECVERR) ||
-        (cmsg->cmsg_level == SOL_IPV6 && cmsg->cmsg_type == IPV6_RECVERR)) {
-      struct sock_extended_err err;
+    /* If a HW transmit timestamp was received, resume processing
+       of non-error messages on this socket */
+    if (is_tx)
+      resume_socket(local_addr->sock_fd);
+  }
 
-      memcpy(&err, CMSG_DATA(cmsg), sizeof (err));
+  if (local_ts->source == NTP_TS_DAEMON && !UTI_IsZeroTimespec(&message->timestamp.kernel) &&
+      (!is_tx || UTI_IsZeroTimespec(&message->timestamp.hw))) {
+    LCL_CookTime(&message->timestamp.kernel, &local_ts->ts, &local_ts->err);
+    local_ts->source = NTP_TS_KERNEL;
+  }
 
-      if (err.ee_errno != ENOMSG || err.ee_info != SCM_TSTAMP_SND ||
-          err.ee_origin != SO_EE_ORIGIN_TIMESTAMPING) {
-        DEBUG_LOG("Unknown extended error");
-        /* Drop the message */
-        return 1;
-      }
-    }
+  /* If the kernel is slow with enabling RX timestamping, open a dummy
+     socket to keep the kernel RX timestamping permanently enabled */
+  if (!is_tx && local_ts->source == NTP_TS_DAEMON && ts_flags) {
+    DEBUG_LOG("Missing kernel RX timestamp");
+    if (dummy_rxts_socket == INVALID_SOCK_FD)
+      dummy_rxts_socket = open_dummy_socket();
   }
 
   /* Return the message if it's not received from the error queue */
@@ -645,19 +754,19 @@ NIO_Linux_ProcessMessage(NTP_Remote_Address *remote_addr, NTP_Local_Address *loc
   /* The data from the error queue includes all layers up to UDP.  We have to
      extract the UDP data and also the destination address with port as there
      currently doesn't seem to be a better way to get them both. */
-  l2_length = length;
-  length = extract_udp_data(hdr->msg_iov[0].iov_base, remote_addr, length);
+  l2_length = message->length;
+  message->length = extract_udp_data(message->data, &message->remote_addr.ip, message->length);
 
-  DEBUG_LOG("Received %d (%d) bytes from error queue for %s:%d fd=%d if=%d tss=%d",
-            l2_length, length, UTI_IPToString(&remote_addr->ip_addr), remote_addr->port,
-            local_addr->sock_fd, local_addr->if_index, local_ts->source);
+  DEBUG_LOG("Extracted message for %s fd=%d len=%u",
+            UTI_IPSockAddrToString(&message->remote_addr.ip),
+            local_addr->sock_fd, message->length);
 
   /* Update assumed position of UDP data at layer 2 for next received packet */
-  if (iface && length) {
-    if (remote_addr->ip_addr.family == IPADDR_INET4)
-      iface->l2_udp4_ntp_start = l2_length - length;
-    else if (remote_addr->ip_addr.family == IPADDR_INET6)
-      iface->l2_udp6_ntp_start = l2_length - length;
+  if (iface && message->length) {
+    if (message->remote_addr.ip.ip_addr.family == IPADDR_INET4)
+      iface->l2_udp4_ntp_start = l2_length - message->length;
+    else if (message->remote_addr.ip.ip_addr.family == IPADDR_INET6)
+      iface->l2_udp6_ntp_start = l2_length - message->length;
   }
 
   /* Drop the message if it has no timestamp or its processing failed */
@@ -666,38 +775,39 @@ NIO_Linux_ProcessMessage(NTP_Remote_Address *remote_addr, NTP_Local_Address *loc
     return 1;
   }
 
-  if (length < NTP_NORMAL_PACKET_LENGTH)
+  if (message->length < NTP_HEADER_LENGTH)
     return 1;
 
-  NSR_ProcessTx(remote_addr, local_addr, local_ts,
-                (NTP_Packet *)hdr->msg_iov[0].iov_base, length);
+  NSR_ProcessTx(&message->remote_addr.ip, local_addr, local_ts, message->data, message->length);
 
   return 1;
 }
 
 /* ================================================== */
 
-int
-NIO_Linux_RequestTxTimestamp(struct msghdr *msg, int cmsglen, int sock_fd)
+void
+NIO_Linux_RequestTxTimestamp(SCK_Message *message, int sock_fd)
 {
-  struct cmsghdr *cmsg;
+  if (!ts_flags)
+    return;
+
+  /* If a HW transmit timestamp is requested on a client socket, monitor
+     events on the socket in order to avoid processing of a fast response
+     without the HW timestamp of the request */
+  if (ts_tx_flags & SOF_TIMESTAMPING_TX_HARDWARE && !NIO_IsServerSocket(sock_fd))
+    monitored_socket = sock_fd;
 
   /* Check if TX timestamping is disabled on this socket */
   if (permanent_ts_options || !NIO_IsServerSocket(sock_fd))
-    return cmsglen;
+    return;
 
-  /* Add control message that will enable TX timestamping for this message.
-     Don't use CMSG_NXTHDR as the one in glibc is buggy for creating new
-     control messages. */
-  cmsg = (struct cmsghdr *)((char *)CMSG_FIRSTHDR(msg) + cmsglen);
-  memset(cmsg, 0, CMSG_SPACE(sizeof (ts_tx_flags)));
-  cmsglen += CMSG_SPACE(sizeof (ts_tx_flags));
-
-  cmsg->cmsg_level = SOL_SOCKET;
-  cmsg->cmsg_type = SO_TIMESTAMPING;
-  cmsg->cmsg_len = CMSG_LEN(sizeof (ts_tx_flags));
-
-  memcpy(CMSG_DATA(cmsg), &ts_tx_flags, sizeof (ts_tx_flags));
-
-  return cmsglen;
+  message->timestamp.tx_flags = ts_tx_flags;
+}
+
+/* ================================================== */
+
+void
+NIO_Linux_NotifySocketClosing(int sock_fd)
+{
+  resume_socket(sock_fd);
 }

ntp_io_linux.h

@@ -24,13 +24,24 @@
   This is the header file for the Linux-specific NTP socket I/O bits.
   */
 
+#ifndef GOT_NTP_IO_LINUX_H
+#define GOT_NTP_IO_LINUX_H
+
+#include "socket.h"
+
 extern void NIO_Linux_Initialise(void);
 
 extern void NIO_Linux_Finalise(void);
 
 extern int NIO_Linux_SetTimestampSocketOptions(int sock_fd, int client_only, int *events);
 
-extern int NIO_Linux_ProcessMessage(NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr,
-                                    NTP_Local_Timestamp *local_ts, struct msghdr *hdr, int length);
+extern int NIO_Linux_ProcessEvent(int sock_fd, int event);
 
-extern int NIO_Linux_RequestTxTimestamp(struct msghdr *msg, int cmsglen, int sock_fd);
+extern int NIO_Linux_ProcessMessage(SCK_Message *message, NTP_Local_Address *local_addr,
+                                    NTP_Local_Timestamp *local_ts, int event);
+
+extern void NIO_Linux_RequestTxTimestamp(SCK_Message *message, int sock_fd);
+
+extern void NIO_Linux_NotifySocketClosing(int sock_fd);
+
+#endif

ntp_signd.c

@@ -34,6 +34,7 @@
 #include "ntp_io.h"
 #include "ntp_signd.h"
 #include "sched.h"
+#include "socket.h"
 #include "util.h"
 
 /* Declarations per samba/source4/librpc/idl/ntp_signd.idl */
@@ -90,7 +91,7 @@ static ARR_Instance queue;
 static unsigned int queue_head;
 static unsigned int queue_tail;
 
-#define INVALID_SOCK_FD -1
+#define INVALID_SOCK_FD (-6)
 
 /* Unix domain socket connected to ntp_signd */
 static int sock_fd;
@@ -116,7 +117,7 @@ static void
 close_socket(void)
 {
   SCH_RemoveFileHandler(sock_fd);
-  close(sock_fd);
+  SCK_CloseSocket(sock_fd);
   sock_fd = INVALID_SOCK_FD;
 
   /* Empty the queue */
@@ -128,35 +129,23 @@ close_socket(void)
 static int
 open_socket(void)
 {
-  struct sockaddr_un s;
+  char path[PATH_MAX];
 
-  if (sock_fd >= 0)
+  if (sock_fd != INVALID_SOCK_FD)
     return 1;
 
-  sock_fd = socket(AF_UNIX, SOCK_STREAM, 0);
-  if (sock_fd < 0) {
-    DEBUG_LOG("Could not open signd socket : %s", strerror(errno));
-    return 0;
-  }
-
-  UTI_FdSetCloexec(sock_fd);
-  SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, read_write_socket, NULL);
-
-  s.sun_family = AF_UNIX;
-  if (snprintf(s.sun_path, sizeof (s.sun_path), "%s/socket",
-               CNF_GetNtpSigndSocket()) >= sizeof (s.sun_path)) {
+  if (snprintf(path, sizeof (path), "%s/socket", CNF_GetNtpSigndSocket()) >= sizeof (path)) {
     DEBUG_LOG("signd socket path too long");
-    close_socket();
     return 0;
   }
 
-  if (connect(sock_fd, (struct sockaddr *)&s, sizeof (s)) < 0) {
-    DEBUG_LOG("Could not connect to signd : %s", strerror(errno));
-    close_socket();
+  sock_fd = SCK_OpenUnixStreamSocket(path, NULL, 0);
+  if (sock_fd < 0) {
+    sock_fd = INVALID_SOCK_FD;
     return 0;
   }
 
-  DEBUG_LOG("Connected to signd");
+  SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, read_write_socket, NULL);
 
   return 1;
 }
@@ -218,16 +207,14 @@ read_write_socket(int sock_fd, int event, void *anything)
     if (!inst->sent)
       SCH_GetLastEventTime(NULL, NULL, &inst->request_ts);
 
-    s = send(sock_fd, (char *)&inst->request + inst->sent,
-             inst->request_length - inst->sent, 0);
+    s = SCK_Send(sock_fd, (char *)&inst->request + inst->sent,
+                 inst->request_length - inst->sent, 0);
 
     if (s < 0) {
-      DEBUG_LOG("signd socket error: %s", strerror(errno));
       close_socket();
       return;
     }
 
-    DEBUG_LOG("Sent %d bytes to signd", s);
     inst->sent += s;
 
     /* Try again later if the request is not complete yet */
@@ -235,7 +222,7 @@ read_write_socket(int sock_fd, int event, void *anything)
       return;
 
     /* Disable output and wait for a response */
-    SCH_SetFileHandlerEvents(sock_fd, SCH_FILE_INPUT);
+    SCH_SetFileHandlerEvent(sock_fd, SCH_FILE_OUTPUT, 0);
   }
 
   if (event == SCH_FILE_INPUT) {
@@ -246,20 +233,14 @@ read_write_socket(int sock_fd, int event, void *anything)
     }
 
     assert(inst->received < sizeof (inst->response));
-    s = recv(sock_fd, (char *)&inst->response + inst->received,
-             sizeof (inst->response) - inst->received, 0);
+    s = SCK_Receive(sock_fd, (char *)&inst->response + inst->received,
+                    sizeof (inst->response) - inst->received, 0);
 
     if (s <= 0) {
-      if (s < 0)
-        DEBUG_LOG("signd socket error: %s", strerror(errno));
-      else
-        DEBUG_LOG("signd socket closed");
-
       close_socket();
       return;
     }
 
-    DEBUG_LOG("Received %d bytes from signd", s);
     inst->received += s;
 
     if (inst->received < sizeof (inst->response.length))
@@ -283,7 +264,7 @@ read_write_socket(int sock_fd, int event, void *anything)
     /* Move the head and enable output for the next packet */
     queue_head = NEXT_QUEUE_INDEX(queue_head);
     if (!IS_QUEUE_EMPTY())
-      SCH_SetFileHandlerEvents(sock_fd, SCH_FILE_INPUT | SCH_FILE_OUTPUT);
+      SCH_SetFileHandlerEvent(sock_fd, SCH_FILE_OUTPUT, 1);
   }
 }
 
@@ -328,7 +309,8 @@ extern int NSD_GetAuthDelay(uint32_t key_id)
 /* ================================================== */
 
 int
-NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr, int length)
+NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_PacketInfo *info,
+                      NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr)
 {
   SignInstance *inst;
 
@@ -342,7 +324,7 @@ NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *r
     return 0;
   }
 
-  if (length != NTP_NORMAL_PACKET_LENGTH) {
+  if (info->length != NTP_HEADER_LENGTH) {
     DEBUG_LOG("Invalid packet length");
     return 0;
   }
@@ -355,7 +337,7 @@ NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *r
   inst->local_addr = *local_addr;
   inst->sent = 0;
   inst->received = 0;
-  inst->request_length = offsetof(SigndRequest, packet_to_sign) + length;
+  inst->request_length = offsetof(SigndRequest, packet_to_sign) + info->length;
 
   /* The length field doesn't include itself */
   inst->request.length = htonl(inst->request_length - sizeof (inst->request.length));
@@ -365,11 +347,11 @@ NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *r
   inst->request._pad = 0;
   inst->request.key_id = htonl(key_id);
 
-  memcpy(&inst->request.packet_to_sign, packet, length);
+  memcpy(&inst->request.packet_to_sign, packet, info->length);
 
   /* Enable output if there was no pending request */
   if (IS_QUEUE_EMPTY())
-    SCH_SetFileHandlerEvents(sock_fd, SCH_FILE_INPUT | SCH_FILE_OUTPUT);
+    SCH_SetFileHandlerEvent(sock_fd, SCH_FILE_OUTPUT, 1);
 
   queue_tail = NEXT_QUEUE_INDEX(queue_tail);
 

ntp_signd.h

@@ -39,6 +39,7 @@ extern void NSD_Finalise(void);
 extern int NSD_GetAuthDelay(uint32_t key_id);
 
 /* Function to sign an NTP packet and send it */
-extern int NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr, int length);
+extern int NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_PacketInfo *info,
+                                 NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr);
 
 #endif

ntp_sources.c

@@ -34,6 +34,7 @@
 #include "array.h"
 #include "ntp_sources.h"
 #include "ntp_core.h"
+#include "ntp_io.h"
 #include "util.h"
 #include "logging.h"
 #include "local.h"
@@ -48,7 +49,9 @@
    particular sources */
 typedef struct {
   NTP_Remote_Address *remote_addr; /* The address of this source, non-NULL
-                                      means this slot in table is in use */
+                                      means this slot in table is in use
+                                      (an IPADDR_ID address means the address
+                                      is not resolved yet) */
   NCR_Instance data;            /* Data for the protocol engine for this source */
   char *name;                   /* Name of the source, may be NULL */
   int pool;                     /* Number of the pool from which was this source
@@ -67,21 +70,21 @@ static int n_sources;
 /* Flag indicating new sources will be started automatically when added */
 static int auto_start_sources = 0;
 
-/* Source with unknown address (which may be resolved later) */
+/* Last assigned address ID */
+static uint32_t last_address_id = 0;
+
+/* Source scheduled for name resolving (first resolving or replacement) */
 struct UnresolvedSource {
+  /* Current address of the source (IDADDR_ID is used for a single source
+     with unknown address and IPADDR_UNSPEC for a pool of sources */
+  NTP_Remote_Address address;
+  /* ID of the pool if not a single source */
+  int pool;
+  /* Name to be resolved */
   char *name;
-  int port;
+  /* Flag indicating addresses should be used in a random order */
   int random_order;
-  int replacement;
-  union {
-    struct {
-      NTP_Source_Type type;
-      SourceParameters params;
-      int pool;
-      int max_new_sources;
-    } new_source;
-    NTP_Remote_Address replace_source;
-  };
+  /* Next unresolved source in the list */
   struct UnresolvedSource *next;
 };
 
@@ -101,9 +104,13 @@ static NSR_SourceResolvingEndHandler resolving_end_handler = NULL;
 
 /* Pool of sources with the same name */
 struct SourcePool {
-  /* Number of sources added from this pool (ignoring tentative sources) */
+  /* Number of all sources from the pool */
   int sources;
-  /* Maximum number of sources */
+  /* Number of sources with unresolved address */
+  int unresolved_sources;
+  /* Number of non-tentative sources */
+  int confirmed_sources;
+  /* Maximum number of confirmed sources */
   int max_sources;
 };
 
@@ -113,9 +120,11 @@ static ARR_Instance pools;
 /* ================================================== */
 /* Forward prototypes */
 
-static void resolve_sources(void *arg);
+static void resolve_sources(void);
 static void rehash_records(void);
 static void clean_source_record(SourceRecord *record);
+static void remove_pool_sources(int pool, int tentative, int unresolved);
+static void remove_unresolved_source(struct UnresolvedSource *us);
 
 static void
 slew_sources(struct timespec *raw,
@@ -140,6 +149,14 @@ get_record(unsigned index)
 
 /* ================================================== */
 
+static struct SourcePool *
+get_pool(unsigned index)
+{
+  return (struct SourcePool *)ARR_GetElement(pools, index);
+}
+
+/* ================================================== */
+
 void
 NSR_Initialise(void)
 {
@@ -160,11 +177,8 @@ void
 NSR_Finalise(void)
 {
   SourceRecord *record;
-  struct UnresolvedSource *us;
   unsigned int i;
 
-  ARR_DestroyInstance(pools);
-
   for (i = 0; i < ARR_GetSize(records); i++) {
     record = get_record(i);
     if (record->remote_addr)
@@ -172,13 +186,10 @@ NSR_Finalise(void)
   }
 
   ARR_DestroyInstance(records);
+  ARR_DestroyInstance(pools);
 
-  while (unresolved_sources) {
-    us = unresolved_sources;
-    unresolved_sources = us->next;
-    Free(us->name);
-    Free(us);
-  }
+  while (unresolved_sources)
+    remove_unresolved_source(unresolved_sources);
 
   initialised = 0;
 }
@@ -206,12 +217,14 @@ find_slot(NTP_Remote_Address *remote_addr, int *slot, int *found)
   unsigned short port;
 
   size = ARR_GetSize(records);
+
+  *slot = 0;
+  *found = 0;
   
   if (remote_addr->ip_addr.family != IPADDR_INET4 &&
-      remote_addr->ip_addr.family != IPADDR_INET6) {
-    *found = *slot = 0;
+      remote_addr->ip_addr.family != IPADDR_INET6 &&
+      remote_addr->ip_addr.family != IPADDR_ID)
     return;
-  }
 
   hash = UTI_IPToHash(&remote_addr->ip_addr);
   port = remote_addr->port;
@@ -230,8 +243,6 @@ find_slot(NTP_Remote_Address *remote_addr, int *slot, int *found)
       return;
     }
   }
-
-  *found = 0;
 }
 
 /* ================================================== */
@@ -296,7 +307,8 @@ add_source(NTP_Remote_Address *remote_addr, char *name, NTP_Source_Type type, So
     return NSR_AlreadyInUse;
   } else {
     if (remote_addr->ip_addr.family != IPADDR_INET4 &&
-               remote_addr->ip_addr.family != IPADDR_INET6) {
+        remote_addr->ip_addr.family != IPADDR_INET6 &&
+        remote_addr->ip_addr.family != IPADDR_ID) {
       return NSR_InvalidAF;
     } else {
       n_sources++;
@@ -308,13 +320,19 @@ add_source(NTP_Remote_Address *remote_addr, char *name, NTP_Source_Type type, So
 
       assert(!found);
       record = get_record(slot);
-      record->data = NCR_GetInstance(remote_addr, type, params);
+      record->data = NCR_CreateInstance(remote_addr, type, params, name);
       record->remote_addr = NCR_GetRemoteAddress(record->data);
       record->name = name ? Strdup(name) : NULL;
       record->pool = pool;
       record->tentative = 1;
 
-      if (auto_start_sources)
+      if (record->pool != INVALID_POOL) {
+        get_pool(record->pool)->sources++;
+        if (!UTI_IsIPReal(&remote_addr->ip_addr))
+          get_pool(record->pool)->unresolved_sources++;
+      }
+
+      if (auto_start_sources && UTI_IsIPReal(&remote_addr->ip_addr))
         NCR_StartInstance(record->data);
 
       return NSR_Success;
@@ -325,70 +343,109 @@ add_source(NTP_Remote_Address *remote_addr, char *name, NTP_Source_Type type, So
 /* ================================================== */
 
 static NSR_Status
-replace_source(NTP_Remote_Address *old_addr, NTP_Remote_Address *new_addr)
+change_source_address(NTP_Remote_Address *old_addr, NTP_Remote_Address *new_addr,
+                      int replacement)
 {
   int slot1, slot2, found;
   SourceRecord *record;
-  struct SourcePool *pool;
+  LOG_Severity severity;
+  char *name;
 
   find_slot(old_addr, &slot1, &found);
   if (!found)
     return NSR_NoSuchSource;
 
+  /* Make sure there is no other source using the new address (with the same
+     or different port), but allow a source to have its port changed */
   find_slot(new_addr, &slot2, &found);
-  if (found)
+  if (found == 2 || (found != 0 && slot1 != slot2))
     return NSR_AlreadyInUse;
 
   record = get_record(slot1);
-  NCR_ChangeRemoteAddress(record->data, new_addr);
+  NCR_ChangeRemoteAddress(record->data, new_addr, !replacement);
   record->remote_addr = NCR_GetRemoteAddress(record->data);
+  if (!UTI_IsIPReal(&old_addr->ip_addr) && UTI_IsIPReal(&new_addr->ip_addr)) {
+    if (auto_start_sources)
+      NCR_StartInstance(record->data);
+    if (record->pool != INVALID_POOL)
+      get_pool(record->pool)->unresolved_sources--;
+  }
 
   if (!record->tentative) {
     record->tentative = 1;
 
-    if (record->pool != INVALID_POOL) {
-      pool = ARR_GetElement(pools, record->pool);
-      pool->sources--;
-    }
+    if (record->pool != INVALID_POOL)
+      get_pool(record->pool)->confirmed_sources--;
   }
 
-  /* The hash table must be rebuilt for the new address */
-  rehash_records();
+  name = record->name;
+  severity = UTI_IsIPReal(&old_addr->ip_addr) ? LOGS_INFO : LOGS_DEBUG;
 
-  LOG(LOGS_INFO, "Source %s replaced with %s",
-      UTI_IPToString(&old_addr->ip_addr),
-      UTI_IPToString(&new_addr->ip_addr));
+  if (slot1 != slot2) {
+    /* The hash table must be rebuilt for the changed address */
+    rehash_records();
+
+    LOG(severity, "Source %s %s %s (%s)", UTI_IPToString(&old_addr->ip_addr),
+        replacement ? "replaced with" : "changed to",
+        UTI_IPToString(&new_addr->ip_addr), name ? name : "");
+  } else {
+    LOG(severity, "Source %s (%s) changed port to %d",
+        UTI_IPToString(&new_addr->ip_addr), name ? name : "", new_addr->port);
+  }
 
   return NSR_Success;
 }
 
 /* ================================================== */
 
+static int
+replace_source_connectable(NTP_Remote_Address *old_addr, NTP_Remote_Address *new_addr)
+{
+  if (!NIO_IsServerConnectable(new_addr)) {
+    DEBUG_LOG("%s not connectable", UTI_IPToString(&new_addr->ip_addr));
+    return 0;
+  }
+
+  if (change_source_address(old_addr, new_addr, 1) == NSR_AlreadyInUse)
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
 static void
 process_resolved_name(struct UnresolvedSource *us, IPAddr *ip_addrs, int n_addrs)
 {
-  NTP_Remote_Address address;
-  int i, added;
+  NTP_Remote_Address old_addr, new_addr;
+  SourceRecord *record;
   unsigned short first = 0;
+  int i, j;
 
   if (us->random_order)
     UTI_GetRandomBytes(&first, sizeof (first));
 
-  for (i = added = 0; i < n_addrs; i++) {
-    address.ip_addr = ip_addrs[((unsigned int)i + first) % n_addrs];
-    address.port = us->port;
+  for (i = 0; i < n_addrs; i++) {
+    new_addr.ip_addr = ip_addrs[((unsigned int)i + first) % n_addrs];
 
-    DEBUG_LOG("(%d) %s", i + 1, UTI_IPToString(&address.ip_addr));
+    DEBUG_LOG("(%d) %s", i + 1, UTI_IPToString(&new_addr.ip_addr));
 
-    if (us->replacement) {
-      if (replace_source(&us->replace_source, &address) != NSR_AlreadyInUse)
-        break;
+    if (us->pool != INVALID_POOL) {
+      /* In the pool resolving mode, try to replace all sources from
+         the pool which don't have a real address yet */
+      for (j = 0; j < ARR_GetSize(records); j++) {
+        record = get_record(j);
+        if (!record->remote_addr || record->pool != us->pool ||
+            UTI_IsIPReal(&record->remote_addr->ip_addr))
+          continue;
+        old_addr = *record->remote_addr;
+        new_addr.port = old_addr.port;
+        if (replace_source_connectable(&old_addr, &new_addr))
+          break;
+      }
     } else {
-      if (add_source(&address, us->name, us->new_source.type, &us->new_source.params,
-                     us->new_source.pool) == NSR_Success)
-        added++;
-
-      if (added >= us->new_source.max_new_sources)
+      new_addr.port = us->address.port;
+      if (replace_source_connectable(&us->address, &new_addr))
         break;
     }
   }
@@ -396,14 +453,41 @@ process_resolved_name(struct UnresolvedSource *us, IPAddr *ip_addrs, int n_addrs
 
 /* ================================================== */
 
+static int
+is_resolved(struct UnresolvedSource *us)
+{
+  int slot, found;
+
+  if (us->pool != INVALID_POOL) {
+    return get_pool(us->pool)->unresolved_sources <= 0;
+  } else {
+    /* If the address is no longer present, it was removed or replaced
+       (i.e. resolved) */
+    find_slot(&us->address, &slot, &found);
+    return !found;
+  }
+}
+
+/* ================================================== */
+
+static void
+resolve_sources_timeout(void *arg)
+{
+  resolving_id = 0;
+  resolve_sources();
+}
+
+/* ================================================== */
+
 static void
 name_resolve_handler(DNS_Status status, int n_addrs, IPAddr *ip_addrs, void *anything)
 {
-  struct UnresolvedSource *us, **i, *next;
+  struct UnresolvedSource *us, *next;
 
   us = (struct UnresolvedSource *)anything;
 
   assert(us == resolving_source);
+  assert(resolving_id == 0);
 
   DEBUG_LOG("%s resolved to %d addrs", us->name, n_addrs);
 
@@ -422,18 +506,10 @@ name_resolve_handler(DNS_Status status, int n_addrs, IPAddr *ip_addrs, void *any
 
   next = us->next;
 
-  /* Remove the source from the list on success or failure, replacements
-     are removed on any status */
-  if (us->replacement || status != DNS_TryAgain) {
-    for (i = &unresolved_sources; *i; i = &(*i)->next) {
-      if (*i == us) {
-        *i = us->next;
-        Free(us->name);
-        Free(us);
-        break;
-      }
-    }
-  }
+  /* Don't repeat the resolving if it (permanently) failed, it was a
+     replacement of a real address, or all addresses are already resolved */
+  if (status == DNS_Failure || UTI_IsIPReal(&us->address.ip_addr) || is_resolved(us))
+    remove_unresolved_source(us);
 
   resolving_source = next;
 
@@ -445,12 +521,10 @@ name_resolve_handler(DNS_Status status, int n_addrs, IPAddr *ip_addrs, void *any
     /* This was the last source in the list. If some sources couldn't
        be resolved, try again in exponentially increasing interval. */
     if (unresolved_sources) {
-      if (resolving_interval < MIN_RESOLVE_INTERVAL)
-        resolving_interval = MIN_RESOLVE_INTERVAL;
-      else if (resolving_interval < MAX_RESOLVE_INTERVAL)
-        resolving_interval++;
-      resolving_id = SCH_AddTimeoutByDelay(RESOLVE_INTERVAL_UNIT *
-          (1 << resolving_interval), resolve_sources, NULL);
+      resolving_interval = CLAMP(MIN_RESOLVE_INTERVAL, resolving_interval + 1,
+                                 MAX_RESOLVE_INTERVAL);
+      resolving_id = SCH_AddTimeoutByDelay(RESOLVE_INTERVAL_UNIT * (1 << resolving_interval),
+                                           resolve_sources_timeout, NULL);
     } else {
       resolving_interval = 0;
     }
@@ -464,12 +538,22 @@ name_resolve_handler(DNS_Status status, int n_addrs, IPAddr *ip_addrs, void *any
 /* ================================================== */
 
 static void
-resolve_sources(void *arg)
+resolve_sources(void)
 {
-  struct UnresolvedSource *us;
+  struct UnresolvedSource *us, *next, *i;
 
   assert(!resolving_source);
 
+  /* Remove sources that don't need to be resolved anymore */
+  for (i = unresolved_sources; i; i = next) {
+    next = i->next;
+    if (is_resolved(i))
+      remove_unresolved_source(i);
+  }
+
+  if (!unresolved_sources)
+    return;
+
   PRV_ReloadDNS();
 
   /* Start with the first source in the list, name_resolve_handler
@@ -496,6 +580,23 @@ append_unresolved_source(struct UnresolvedSource *us)
 
 /* ================================================== */
 
+static void
+remove_unresolved_source(struct UnresolvedSource *us)
+{
+  struct UnresolvedSource **i;
+
+  for (i = &unresolved_sources; *i; i = &(*i)->next) {
+    if (*i == us) {
+      *i = us->next;
+      Free(us->name);
+      Free(us);
+      break;
+    }
+  }
+}
+
+/* ================================================== */
+
 NSR_Status
 NSR_AddSource(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourceParameters *params)
 {
@@ -504,41 +605,60 @@ NSR_AddSource(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourceParam
 
 /* ================================================== */
 
-void
+NSR_Status
 NSR_AddSourceByName(char *name, int port, int pool, NTP_Source_Type type, SourceParameters *params)
 {
   struct UnresolvedSource *us;
   struct SourcePool *sp;
   NTP_Remote_Address remote_addr;
+  int i, new_sources;
 
   /* If the name is an IP address, don't bother with full resolving now
      or later when trying to replace the source */
   if (UTI_StringToIP(name, &remote_addr.ip_addr)) {
     remote_addr.port = port;
-    NSR_AddSource(&remote_addr, type, params);
-    return;
+    return NSR_AddSource(&remote_addr, type, params);
+  }
+
+  /* Make sure the name is at least printable and has no spaces */
+  for (i = 0; name[i] != '\0'; i++) {
+    if (!isgraph(name[i]))
+      return NSR_InvalidName;
   }
 
   us = MallocNew(struct UnresolvedSource);
   us->name = Strdup(name);
-  us->port = port;
   us->random_order = 0;
-  us->replacement = 0;
-  us->new_source.type = type;
-  us->new_source.params = *params;
+
+  remote_addr.ip_addr.family = IPADDR_ID;
+  remote_addr.ip_addr.addr.id = ++last_address_id;
+  remote_addr.port = port;
 
   if (!pool) {
-    us->new_source.pool = INVALID_POOL;
-    us->new_source.max_new_sources = 1;
+    us->pool = INVALID_POOL;
+    us->address = remote_addr;
+    new_sources = 1;
   } else {
     sp = (struct SourcePool *)ARR_GetNewElement(pools);
     sp->sources = 0;
-    sp->max_sources = params->max_sources;
-    us->new_source.pool = ARR_GetSize(pools) - 1;
-    us->new_source.max_new_sources = MAX_POOL_SOURCES;
+    sp->unresolved_sources = 0;
+    sp->confirmed_sources = 0;
+    sp->max_sources = CLAMP(1, params->max_sources, MAX_POOL_SOURCES);
+    us->pool = ARR_GetSize(pools) - 1;
+    us->address.ip_addr.family = IPADDR_UNSPEC;
+    new_sources = MIN(2 * sp->max_sources, MAX_POOL_SOURCES);
   }
 
   append_unresolved_source(us);
+
+  for (i = 0; i < new_sources; i++) {
+    if (i > 0)
+      remote_addr.ip_addr.addr.id = ++last_address_id;
+    if (add_source(&remote_addr, name, type, params, us->pool) != NSR_Success)
+      return NSR_TooManySources;
+  }
+
+  return NSR_UnresolvedName;
 }
 
 /* ================================================== */
@@ -558,11 +678,12 @@ NSR_ResolveSources(void)
   if (unresolved_sources) {
     /* Make sure no resolving is currently running */
     if (!resolving_source) {
-      if (resolving_interval) {
+      if (resolving_id != 0) {
         SCH_RemoveTimeout(resolving_id);
+        resolving_id = 0;
         resolving_interval--;
       }
-      resolve_sources(NULL);
+      resolve_sources();
     }
   } else {
     /* No unresolved sources, we are done */
@@ -575,10 +696,12 @@ NSR_ResolveSources(void)
 
 void NSR_StartSources(void)
 {
+  NTP_Remote_Address *addr;
   unsigned int i;
 
   for (i = 0; i < ARR_GetSize(records); i++) {
-    if (!get_record(i)->remote_addr)
+    addr = get_record(i)->remote_addr;
+    if (!addr || !UTI_IsIPReal(&addr->ip_addr))
       continue;
     NCR_StartInstance(get_record(i)->data);
   }
@@ -597,6 +720,19 @@ static void
 clean_source_record(SourceRecord *record)
 {
   assert(record->remote_addr);
+
+  if (record->pool != INVALID_POOL) {
+    struct SourcePool *pool = get_pool(record->pool);
+
+    pool->sources--;
+    if (!UTI_IsIPReal(&record->remote_addr->ip_addr))
+      pool->unresolved_sources--;
+    if (!record->tentative)
+      pool->confirmed_sources--;
+    if (pool->max_sources > pool->sources)
+      pool->max_sources = pool->sources;
+  }
+
   record->remote_addr = NULL;
   NCR_DestroyInstance(record->data);
   if (record->name)
@@ -662,14 +798,13 @@ resolve_source_replacement(SourceRecord *record)
 
   us = MallocNew(struct UnresolvedSource);
   us->name = Strdup(record->name);
-  us->port = record->remote_addr->port;
   /* If there never was a valid reply from this source (e.g. it was a bad
      replacement), ignore the order of addresses from the resolver to not get
      stuck to a pair of addresses if the order doesn't change, or a group of
      IPv4/IPv6 addresses if the resolver prefers inaccessible IP family */
   us->random_order = record->tentative;
-  us->replacement = 1;
-  us->replace_source = *record->remote_addr;
+  us->pool = INVALID_POOL;
+  us->address = *record->remote_addr;
 
   append_unresolved_source(us);
   NSR_ResolveSources();
@@ -731,7 +866,18 @@ NSR_RefreshAddresses(void)
 
 /* ================================================== */
 
-static void remove_tentative_pool_sources(int pool)
+NSR_Status
+NSR_UpdateSourceNtpAddress(NTP_Remote_Address *old_addr, NTP_Remote_Address *new_addr)
+{
+  if (new_addr->ip_addr.family == IPADDR_UNSPEC)
+    return NSR_InvalidAF;
+
+  return change_source_address(old_addr, new_addr, 0);
+}
+
+/* ================================================== */
+
+static void remove_pool_sources(int pool, int tentative, int unresolved)
 {
   SourceRecord *record;
   unsigned int i, removed;
@@ -739,10 +885,14 @@ static void remove_tentative_pool_sources(int pool)
   for (i = removed = 0; i < ARR_GetSize(records); i++) {
     record = get_record(i);
 
-    if (!record->remote_addr || record->pool != pool || !record->tentative)
+    if (!record->remote_addr || record->pool != pool)
       continue;
 
-    DEBUG_LOG("removing tentative source %s",
+    if ((tentative && !record->tentative) ||
+        (unresolved && UTI_IsIPReal(&record->remote_addr->ip_addr)))
+      continue;
+
+    DEBUG_LOG("removing %ssource %s", tentative ? "tentative " : "",
               UTI_IPToString(&record->remote_addr->ip_addr));
 
     clean_source_record(record);
@@ -773,6 +923,29 @@ NSR_GetLocalRefid(IPAddr *address)
 
 /* ================================================== */
 
+char *
+NSR_GetName(IPAddr *address)
+{
+  NTP_Remote_Address remote_addr;
+  int slot, found;
+  SourceRecord *record;
+
+  remote_addr.ip_addr = *address;
+  remote_addr.port = 0;
+
+  find_slot(&remote_addr, &slot, &found);
+  if (!found)
+    return NULL;
+
+  record = get_record(slot);
+  if (record->name)
+    return record->name;
+
+  return UTI_IPToString(&record->remote_addr->ip_addr); 
+}
+
+/* ================================================== */
+
 /* This routine is called by ntp_io when a new packet arrives off the network,
    possibly with an authentication tail */
 void
@@ -797,15 +970,15 @@ NSR_ProcessRx(NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr,
       record->tentative = 0;
 
       if (record->pool != INVALID_POOL) {
-        pool = ARR_GetElement(pools, record->pool);
-        pool->sources++;
+        pool = get_pool(record->pool);
+        pool->confirmed_sources++;
 
-        DEBUG_LOG("pool %s has %d confirmed sources", record->name, pool->sources);
+        DEBUG_LOG("pool %s has %d confirmed sources", record->name, pool->confirmed_sources);
 
         /* If the number of sources from the pool reached the configured
            maximum, remove the remaining tentative sources */
-        if (pool->sources >= pool->max_sources)
-          remove_tentative_pool_sources(record->pool);
+        if (pool->confirmed_sources >= pool->max_sources)
+          remove_pool_sources(record->pool, 1, 0);
       }
     }
   } else {
@@ -861,80 +1034,37 @@ slew_sources(struct timespec *raw,
 /* ================================================== */
 
 int
-NSR_TakeSourcesOnline(IPAddr *mask, IPAddr *address)
-{
-  SourceRecord *record;
-  unsigned int i;
-  int any;
-
-  NSR_ResolveSources();
-
-  any = 0;
-  for (i = 0; i < ARR_GetSize(records); i++) {
-    record = get_record(i);
-    if (record->remote_addr) {
-      if (address->family == IPADDR_UNSPEC ||
-          !UTI_CompareIPs(&record->remote_addr->ip_addr, address, mask)) {
-        any = 1;
-        NCR_TakeSourceOnline(record->data);
-      }
-    }
-  }
-
-  if (address->family == IPADDR_UNSPEC) {
-    struct UnresolvedSource *us;
-
-    for (us = unresolved_sources; us; us = us->next) {
-      if (us->replacement)
-        continue;
-      any = 1;
-      us->new_source.params.online = 1;
-    }
-  }
-
-  return any;
-}
-
-/* ================================================== */
-
-int
-NSR_TakeSourcesOffline(IPAddr *mask, IPAddr *address)
+NSR_SetConnectivity(IPAddr *mask, IPAddr *address, SRC_Connectivity connectivity)
 {
   SourceRecord *record, *syncpeer;
   unsigned int i, any;
 
+  if (connectivity != SRC_OFFLINE)
+    NSR_ResolveSources();
+
   any = 0;
   syncpeer = NULL;
   for (i = 0; i < ARR_GetSize(records); i++) {
     record = get_record(i);
     if (record->remote_addr) {
-      if (address->family == IPADDR_UNSPEC ||
+      /* Ignore SRC_MAYBE_ONLINE connectivity change for unspecified unresolved
+         sources as they would always end up in the offline state */
+      if ((address->family == IPADDR_UNSPEC &&
+           (connectivity != SRC_MAYBE_ONLINE || UTI_IsIPReal(&record->remote_addr->ip_addr))) ||
           !UTI_CompareIPs(&record->remote_addr->ip_addr, address, mask)) {
         any = 1;
         if (NCR_IsSyncPeer(record->data)) {
           syncpeer = record;
           continue;
         }
-        NCR_TakeSourceOffline(record->data);
+        NCR_SetConnectivity(record->data, connectivity);
       }
     }
   }
 
-  /* Take sync peer offline as last to avoid reference switching */
-  if (syncpeer) {
-    NCR_TakeSourceOffline(syncpeer->data);
-  }
-
-  if (address->family == IPADDR_UNSPEC) {
-    struct UnresolvedSource *us;
-
-    for (us = unresolved_sources; us; us = us->next) {
-      if (us->replacement)
-        continue;
-      any = 1;
-      us->new_source.params.online = 0;
-    }
-  }
+  /* Set the sync peer last to avoid unnecessary reference switching */
+  if (syncpeer)
+    NCR_SetConnectivity(syncpeer->data, connectivity);
 
   return any;
 }
@@ -1146,26 +1276,25 @@ NSR_GetActivityReport(RPT_ActivityReport *report)
 {
   SourceRecord *record;
   unsigned int i;
-  struct UnresolvedSource *us;
 
   report->online = 0;
   report->offline = 0;
   report->burst_online = 0;
   report->burst_offline = 0;
+  report->unresolved = 0;
 
   for (i = 0; i < ARR_GetSize(records); i++) {
     record = get_record(i);
-    if (record->remote_addr) {
+    if (!record->remote_addr)
+      continue;
+
+    if (!UTI_IsIPReal(&record->remote_addr->ip_addr)) {
+      report->unresolved++;
+    } else {
       NCR_IncrementActivityCounters(record->data, &report->online, &report->offline,
                                     &report->burst_online, &report->burst_offline);
     }
   }
-
-  report->unresolved = 0;
-
-  for (us = unresolved_sources; us; us = us->next) {
-    report->unresolved++;
-  }
 }
 
 

ntp_sources.h

@@ -44,7 +44,9 @@ typedef enum {
   NSR_NoSuchSource, /* Remove - attempt to remove a source that is not known */
   NSR_AlreadyInUse, /* AddSource - attempt to add a source that is already known */ 
   NSR_TooManySources, /* AddSource - too many sources already present */
-  NSR_InvalidAF /* AddSource - attempt to add a source with invalid address family */
+  NSR_InvalidAF, /* AddSource - attempt to add a source with invalid address family */
+  NSR_InvalidName, /* AddSourceByName - attempt to add a source with invalid name */
+  NSR_UnresolvedName, /* AddSourceByName - name will be resolved later */
 } NSR_Status;
 
 /* Procedure to add a new server or peer source. */
@@ -52,8 +54,10 @@ extern NSR_Status NSR_AddSource(NTP_Remote_Address *remote_addr, NTP_Source_Type
 
 /* Procedure to add a new server, peer source, or pool of servers specified by
    name instead of address.  The name is resolved in exponentially increasing
-   intervals until it succeeds or fails with a non-temporary error. */
-extern void NSR_AddSourceByName(char *name, int port, int pool, NTP_Source_Type type, SourceParameters *params);
+   intervals until it succeeds or fails with a non-temporary error.  If the
+   name is an address, it is equivalent to NSR_AddSource(). */
+extern NSR_Status NSR_AddSourceByName(char *name, int port, int pool, NTP_Source_Type type,
+                                      SourceParameters *params);
 
 /* Function type for handlers to be called back when an attempt
  * (possibly unsuccessful) to resolve unresolved sources ends */
@@ -83,9 +87,17 @@ extern void NSR_HandleBadSource(IPAddr *address);
 /* Procedure to resolve all names again */
 extern void NSR_RefreshAddresses(void);
 
+/* Procedure to update the address of a source */
+extern NSR_Status NSR_UpdateSourceNtpAddress(NTP_Remote_Address *old_addr,
+                                             NTP_Remote_Address *new_addr);
+
 /* Procedure to get local reference ID corresponding to a source */
 extern uint32_t NSR_GetLocalRefid(IPAddr *address);
 
+/* Procedure to get the name of a source.  If the source doesn't have a name,
+   it returns a temporary string containing formatted address. */
+extern char *NSR_GetName(IPAddr *address);
+
 /* This routine is called by ntp_io when a new packet arrives off the network */
 extern void NSR_ProcessRx(NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr,
                           NTP_Local_Timestamp *rx_ts, NTP_Packet *message, int length);
@@ -102,14 +114,9 @@ extern void NSR_Initialise(void);
 extern void NSR_Finalise(void);
 
 /* This routine is used to indicate that sources whose IP addresses
-   match a particular subnet should be set online again.  Returns a
-   flag indicating whether any hosts matched the address */
-extern int NSR_TakeSourcesOnline(IPAddr *mask, IPAddr *address);
-
-/* This routine is used to indicate that sources whose IP addresses
-   match a particular subnet should be set offline.  Returns a flag
-   indicating whether any hosts matched the address */
-extern int NSR_TakeSourcesOffline(IPAddr *mask, IPAddr *address);
+   match a particular subnet should be set online or offline.  It returns
+   a flag indicating whether any hosts matched the address. */
+extern int NSR_SetConnectivity(IPAddr *mask, IPAddr *address, SRC_Connectivity connectivity);
 
 extern int NSR_ModifyMinpoll(IPAddr *address, int new_minpoll);
 

nts_ke.h

@@ -0,0 +1,69 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for the NTS Key Establishment protocol
+  */
+
+#ifndef GOT_NTS_KE_H
+#define GOT_NTS_KE_H
+
+#include "siv.h"
+
+#define NKE_RECORD_CRITICAL_BIT         (1U << 15)
+#define NKE_RECORD_END_OF_MESSAGE       0
+#define NKE_RECORD_NEXT_PROTOCOL        1
+#define NKE_RECORD_ERROR                2
+#define NKE_RECORD_WARNING              3
+#define NKE_RECORD_AEAD_ALGORITHM       4
+#define NKE_RECORD_COOKIE               5
+#define NKE_RECORD_NTPV4_SERVER_NEGOTIATION 6
+#define NKE_RECORD_NTPV4_PORT_NEGOTIATION 7
+
+#define NKE_NEXT_PROTOCOL_NTPV4         0
+
+#define NKE_ERROR_UNRECOGNIZED_CRITICAL_RECORD 0
+#define NKE_ERROR_BAD_REQUEST           1
+#define NKE_ERROR_INTERNAL_SERVER_ERROR 2
+
+#define NKE_ALPN_NAME                   "ntske/1"
+#define NKE_EXPORTER_LABEL              "EXPORTER-network-time-security/1"
+#define NKE_EXPORTER_CONTEXT_C2S        "\x0\x0\x0\xf\x0"
+#define NKE_EXPORTER_CONTEXT_S2C        "\x0\x0\x0\xf\x1"
+
+#define NKE_MAX_MESSAGE_LENGTH          16384
+#define NKE_MAX_RECORD_BODY_LENGTH      256
+#define NKE_MAX_COOKIE_LENGTH           256
+#define NKE_MAX_COOKIES                 8
+#define NKE_MAX_KEY_LENGTH SIV_MAX_KEY_LENGTH
+
+typedef struct {
+  int length;
+  unsigned char key[NKE_MAX_KEY_LENGTH];
+} NKE_Key;
+
+typedef struct {
+  int length;
+  unsigned char cookie[NKE_MAX_COOKIE_LENGTH];
+} NKE_Cookie;
+
+#endif

nts_ke_client.c

@@ -0,0 +1,389 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  NTS-KE client
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ke_client.h"
+
+#include "conf.h"
+#include "logging.h"
+#include "memory.h"
+#include "nameserv_async.h"
+#include "nts_ke_session.h"
+#include "siv.h"
+#include "socket.h"
+#include "util.h"
+
+#define CLIENT_TIMEOUT 16.0
+
+struct NKC_Instance_Record {
+  char *name;
+  IPSockAddr address;
+  NKSN_Instance session;
+  int destroying;
+  int got_response;
+  int resolving_name;
+
+  SIV_Algorithm siv_algorithm;
+  NKE_Key c2s, s2c;
+  NKE_Cookie cookies[NKE_MAX_COOKIES];
+  int num_cookies;
+  char server_name[NKE_MAX_RECORD_BODY_LENGTH + 1];
+  IPSockAddr ntp_address;
+};
+
+/* ================================================== */
+
+static void *client_credentials;
+
+/* ================================================== */
+
+static void
+name_resolve_handler(DNS_Status status, int n_addrs, IPAddr *ip_addrs, void *arg)
+{
+  NKC_Instance inst = arg;
+  int i;
+
+  inst->resolving_name = 0;
+
+  if (inst->destroying) {
+    NKC_DestroyInstance(inst);
+    return;
+  }
+
+  if (status != DNS_Success || n_addrs < 1) {
+    LOG(LOGS_ERR, "Could not resolve NTP server %s from %s", inst->server_name, inst->name);
+    /* Force restart */
+    inst->got_response = 0;
+    return;
+  }
+
+  inst->ntp_address.ip_addr = ip_addrs[0];
+
+  /* Prefer an address of the same family as NTS-KE */
+  for (i = 0; i < n_addrs; i++) {
+    DEBUG_LOG("%s resolved to %s", inst->server_name, UTI_IPToString(&ip_addrs[i]));
+    if (ip_addrs[i].family == inst->address.ip_addr.family) {
+      inst->ntp_address.ip_addr = ip_addrs[i];
+      break;
+    }
+  }
+}
+
+/* ================================================== */
+
+static int
+prepare_request(NKC_Instance inst)
+{
+  NKSN_Instance session = inst->session;
+  uint16_t datum;
+
+  NKSN_BeginMessage(session);
+
+  datum = htons(NKE_NEXT_PROTOCOL_NTPV4);
+  if (!NKSN_AddRecord(session, 1, NKE_RECORD_NEXT_PROTOCOL, &datum, sizeof (datum)))
+    return 0;
+
+  datum = htons(AEAD_AES_SIV_CMAC_256);
+  if (!NKSN_AddRecord(session, 1, NKE_RECORD_AEAD_ALGORITHM, &datum, sizeof (datum)))
+    return 0;
+
+  if (!NKSN_EndMessage(session))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+process_response(NKC_Instance inst)
+{
+  int next_protocol = -1, aead_algorithm = -1, error = 0;
+  int i, critical, type, length;
+  uint16_t data[NKE_MAX_COOKIE_LENGTH / sizeof (uint16_t)];
+
+  assert(NKE_MAX_COOKIE_LENGTH % sizeof (uint16_t) == 0);
+  assert(sizeof (uint16_t) == 2);
+
+  inst->num_cookies = 0;
+  inst->ntp_address.ip_addr.family = IPADDR_UNSPEC;
+  inst->ntp_address.port = 0;
+  inst->server_name[0] = '\0';
+
+  while (!error) {
+    if (!NKSN_GetRecord(inst->session, &critical, &type, &length, &data, sizeof (data)))
+      break;
+
+    switch (type) {
+      case NKE_RECORD_NEXT_PROTOCOL:
+        if (!critical || length != 2 || ntohs(data[0]) != NKE_NEXT_PROTOCOL_NTPV4) {
+          DEBUG_LOG("Unexpected NTS-KE next protocol");
+          error = 1;
+          break;
+        }
+        next_protocol = NKE_NEXT_PROTOCOL_NTPV4;
+        break;
+      case NKE_RECORD_AEAD_ALGORITHM:
+        if (length != 2 || ntohs(data[0]) != AEAD_AES_SIV_CMAC_256) {
+          DEBUG_LOG("Unexpected NTS-KE AEAD algorithm");
+          error = 1;
+          break;
+        }
+        aead_algorithm = AEAD_AES_SIV_CMAC_256;
+        inst->siv_algorithm = aead_algorithm;
+        break;
+      case NKE_RECORD_ERROR:
+        if (length == 2)
+          DEBUG_LOG("NTS-KE error %d", ntohs(data[0]));
+        error = 1;
+        break;
+      case NKE_RECORD_WARNING:
+        if (length == 2)
+          DEBUG_LOG("NTS-KE warning %d", ntohs(data[0]));
+        error = 1;
+        break;
+      case NKE_RECORD_COOKIE:
+        DEBUG_LOG("Got cookie #%d length=%d", inst->num_cookies + 1, length);
+        assert(NKE_MAX_COOKIE_LENGTH == sizeof (inst->cookies[inst->num_cookies].cookie));
+        if (length <= NKE_MAX_COOKIE_LENGTH && inst->num_cookies < NKE_MAX_COOKIES) {
+          inst->cookies[inst->num_cookies].length = length;
+          memcpy(inst->cookies[inst->num_cookies].cookie, data, length);
+          inst->num_cookies++;
+        }
+        break;
+      case NKE_RECORD_NTPV4_SERVER_NEGOTIATION:
+        if (length < 1 || length >= sizeof (inst->server_name)) {
+          DEBUG_LOG("Invalid server name");
+          error = 1;
+          break;
+        }
+
+        memcpy(inst->server_name, data, length);
+        inst->server_name[length] = '\0';
+
+        /* Make sure the name is printable and has no spaces */
+        for (i = 0; i < length && isgraph(inst->server_name[i]); i++)
+          ;
+        if (i != length) {
+          DEBUG_LOG("Invalid server name");
+          error = 1;
+          break;
+        }
+
+        DEBUG_LOG("Negotiated server %s", inst->server_name);
+        break;
+      case NKE_RECORD_NTPV4_PORT_NEGOTIATION:
+        if (length != 2) {
+          DEBUG_LOG("Invalid port");
+          error = 1;
+          break;
+        }
+        inst->ntp_address.port = ntohs(data[0]);
+        DEBUG_LOG("Negotiated port %d", inst->ntp_address.port);
+        break;
+      default:
+        DEBUG_LOG("Unknown record type=%d length=%d critical=%d", type, length, critical);
+        if (critical)
+          error = 1;
+    }
+  }
+
+  DEBUG_LOG("NTS-KE response: error=%d next=%d aead=%d",
+            error, next_protocol, aead_algorithm);
+
+  if (error || inst->num_cookies == 0 ||
+      next_protocol != NKE_NEXT_PROTOCOL_NTPV4 ||
+      aead_algorithm != AEAD_AES_SIV_CMAC_256)
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+handle_message(void *arg)
+{
+  NKC_Instance inst = arg;
+
+  if (!process_response(inst)) {
+    LOG(LOGS_ERR, "Received invalid NTS-KE response from %s", inst->name);
+    return 0;
+  }
+
+  if (!NKSN_GetKeys(inst->session, inst->siv_algorithm, &inst->c2s, &inst->s2c))
+    return 0;
+
+  if (inst->server_name[0] != '\0') {
+    if (inst->resolving_name)
+      return 0;
+    if (!UTI_StringToIP(inst->server_name, &inst->ntp_address.ip_addr)) {
+      DNS_Name2IPAddressAsync(inst->server_name, name_resolve_handler, inst);
+      inst->resolving_name = 1;
+    }
+  }
+
+  inst->got_response = 1;
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NKC_Initialise(void)
+{
+  client_credentials = NULL;
+}
+
+/* ================================================== */
+
+void
+NKC_Finalise(void)
+{
+  if (client_credentials)
+    NKSN_DestroyCertCredentials(client_credentials);
+}
+
+/* ================================================== */
+
+NKC_Instance
+NKC_CreateInstance(IPSockAddr *address, const char *name)
+{
+  NKC_Instance inst;
+
+  inst = MallocNew(struct NKC_Instance_Record);
+
+  inst->address = *address;
+  inst->name = Strdup(name);
+  inst->session = NKSN_CreateInstance(0, inst->name, handle_message, inst);
+  inst->resolving_name = 0;
+  inst->destroying = 0;
+  inst->got_response = 0;
+
+  /* Create the credentials with the first client instance and share them
+     with other instances */
+  if (!client_credentials)
+    client_credentials = NKSN_CreateCertCredentials(NULL, NULL, CNF_GetNtsTrustedCertFile());
+
+  return inst;
+}
+
+/* ================================================== */
+
+void
+NKC_DestroyInstance(NKC_Instance inst)
+{
+  /* If the resolver is running, destroy the instance later when finished */
+  if (inst->resolving_name) {
+    inst->destroying = 1;
+    return;
+  }
+
+  NKSN_DestroyInstance(inst->session);
+
+  Free(inst->name);
+  Free(inst);
+}
+
+/* ================================================== */
+
+int
+NKC_Start(NKC_Instance inst)
+{
+  IPSockAddr local_addr;
+  int sock_fd;
+
+  assert(!NKC_IsActive(inst));
+
+  if (!client_credentials) {
+    DEBUG_LOG("Missing client credentials");
+    return 0;
+  }
+
+  /* Follow the bindacqaddress setting */
+  CNF_GetBindAcquisitionAddress(inst->address.ip_addr.family, &local_addr.ip_addr);
+  if (local_addr.ip_addr.family != inst->address.ip_addr.family)
+    SCK_GetAnyLocalIPAddress(inst->address.ip_addr.family, &local_addr.ip_addr);
+
+  local_addr.port = 0;
+
+  sock_fd = SCK_OpenTcpSocket(&inst->address, &local_addr, 0);
+  if (sock_fd < 0)
+    return 0;
+
+  /* Start a NTS-KE session */
+  if (!NKSN_StartSession(inst->session, sock_fd, client_credentials, CLIENT_TIMEOUT)) {
+    SCK_CloseSocket(sock_fd);
+    return 0;
+  }
+
+  /* Send a request */
+  if (!prepare_request(inst)) {
+    DEBUG_LOG("Could not prepare NTS-KE request");
+    NKSN_StopSession(inst->session);
+    return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NKC_IsActive(NKC_Instance inst)
+{
+  return !NKSN_IsStopped(inst->session) || inst->resolving_name;
+}
+
+/* ================================================== */
+
+int
+NKC_GetNtsData(NKC_Instance inst,
+               SIV_Algorithm *siv_algorithm, NKE_Key *c2s, NKE_Key *s2c,
+               NKE_Cookie *cookies, int *num_cookies, int max_cookies,
+               IPSockAddr *ntp_address)
+{
+  int i;
+
+  if (!inst->got_response || inst->resolving_name)
+    return 0;
+
+  *siv_algorithm = inst->siv_algorithm;
+  *c2s = inst->c2s;
+  *s2c = inst->s2c;
+
+  for (i = 0; i < inst->num_cookies && i < max_cookies; i++)
+    cookies[i] = inst->cookies[i];
+  *num_cookies = i;
+
+  *ntp_address = inst->ntp_address;
+
+  return i;
+}

nts_ke_client.h

@@ -0,0 +1,58 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for the NTS-KE client
+  */
+
+#ifndef GOT_NTS_KE_CLIENT_H
+#define GOT_NTS_KE_CLIENT_H
+
+#include "addressing.h"
+#include "nts_ke.h"
+
+typedef struct NKC_Instance_Record *NKC_Instance;
+
+/* Init and fini functions */
+extern void NKC_Initialise(void);
+extern void NKC_Finalise(void);
+
+/* Create a client NTS-KE instance */
+extern NKC_Instance NKC_CreateInstance(IPSockAddr *address, const char *name);
+
+/* Destroy an instance */
+extern void NKC_DestroyInstance(NKC_Instance inst);
+
+/* Connect to the server, start an NTS-KE session, send an NTS-KE request, and
+   process the response (asynchronously) */
+extern int NKC_Start(NKC_Instance inst);
+
+/* Check if the client is still running */
+extern int NKC_IsActive(NKC_Instance inst);
+
+/* Get the NTS data if the session was successful */
+extern int NKC_GetNtsData(NKC_Instance inst,
+                          SIV_Algorithm *siv_algorithm, NKE_Key *c2s, NKE_Key *s2c,
+                          NKE_Cookie *cookies, int *num_cookies, int max_cookies,
+                          IPSockAddr *ntp_address);
+
+#endif

nts_ke_server.c

@@ -0,0 +1,785 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  NTS-KE server
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ke_server.h"
+
+#include "array.h"
+#include "conf.h"
+#include "clientlog.h"
+#include "logging.h"
+#include "memory.h"
+#include "ntp_core.h"
+#include "nts_ke_session.h"
+#include "siv.h"
+#include "socket.h"
+#include "sched.h"
+#include "sys.h"
+#include "util.h"
+
+#define SERVER_TIMEOUT 2.0
+
+#define SERVER_COOKIE_SIV AEAD_AES_SIV_CMAC_256
+#define SERVER_COOKIE_NONCE_LENGTH 16
+
+#define KEY_ID_INDEX_BITS 2
+#define MAX_SERVER_KEYS (1U << KEY_ID_INDEX_BITS)
+
+#define MIN_KEY_ROTATE_INTERVAL 1.0
+
+#define INVALID_SOCK_FD (-7)
+
+typedef struct {
+  uint32_t key_id;
+  uint8_t nonce[SERVER_COOKIE_NONCE_LENGTH];
+} ServerCookieHeader;
+
+typedef struct {
+  uint32_t id;
+  unsigned char key[SIV_MAX_KEY_LENGTH];
+  SIV_Instance siv;
+} ServerKey;
+
+typedef struct {
+  uint32_t key_id;
+  unsigned char key[SIV_MAX_KEY_LENGTH];
+  IPAddr client_addr;
+  uint16_t client_port;
+  uint16_t _pad;
+} HelperRequest;
+
+/* ================================================== */
+
+static ServerKey server_keys[MAX_SERVER_KEYS];
+static int current_server_key;
+
+static int server_sock_fd4;
+static int server_sock_fd6;
+
+static int helper_sock_fd;
+
+static int initialised = 0;
+
+/* Array of NKSN instances */
+static ARR_Instance sessions;
+static void *server_credentials;
+
+/* ================================================== */
+
+static int handle_message(void *arg);
+
+/* ================================================== */
+
+static int
+handle_client(int sock_fd, IPSockAddr *addr)
+{
+  NKSN_Instance inst, *instp;
+  int i;
+
+  if (sock_fd > FD_SETSIZE / 2) {
+    DEBUG_LOG("Rejected connection from %s (%s)",
+              UTI_IPSockAddrToString(addr), "too many descriptors");
+    return 0;
+  }
+
+  /* Find a slot which is free or has a stopped session */
+  for (i = 0, inst = NULL; i < ARR_GetSize(sessions); i++) {
+    instp = ARR_GetElement(sessions, i);
+    if (!*instp) {
+      /* NULL handler arg will be replaced with the session instance */
+      inst = NKSN_CreateInstance(1, UTI_IPSockAddrToString(addr), handle_message, NULL);
+      *instp = inst;
+      break;
+    } else if (NKSN_IsStopped(*instp)) {
+      inst = *instp;
+      break;
+    }
+  }
+
+  if (!inst) {
+    DEBUG_LOG("Rejected connection from %s (%s)",
+              UTI_IPSockAddrToString(addr), "too many connections");
+    return 0;
+  }
+
+  if (!NKSN_StartSession(inst, sock_fd, server_credentials, SERVER_TIMEOUT))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static void
+handle_helper_request(int fd, int event, void *arg)
+{
+  SCK_Message message;
+  HelperRequest *req;
+  IPSockAddr client_addr;
+  int sock_fd;
+
+  if (!SCK_ReceiveMessage(fd, &message, SCK_FLAG_MSG_DESCRIPTOR))
+    return;
+
+  sock_fd = message.descriptor;
+  if (sock_fd < 0) {
+    /* Message with no descriptor is a shutdown command */
+    SCH_QuitProgram();
+    return;
+  }
+
+  if (message.length != sizeof (HelperRequest)) {
+    DEBUG_LOG("Unexpected message length");
+    SCK_CloseSocket(sock_fd);
+    return;
+  }
+
+  req = message.data;
+
+  /* Extract the server key and client address from the request */
+  server_keys[current_server_key].id = ntohl(req->key_id);
+  memcpy(server_keys[current_server_key].key, req->key,
+         sizeof (server_keys[current_server_key].key));
+  UTI_IPNetworkToHost(&req->client_addr, &client_addr.ip_addr);
+  client_addr.port = ntohs(req->client_port);
+
+  if (!SIV_SetKey(server_keys[current_server_key].siv, server_keys[current_server_key].key,
+                  SIV_GetKeyLength(SERVER_COOKIE_SIV)))
+    assert(0);
+
+  if (!handle_client(sock_fd, &client_addr)) {
+    SCK_CloseSocket(sock_fd);
+    return;
+  }
+
+  DEBUG_LOG("Accepted helper request fd=%d", sock_fd);
+}
+
+/* ================================================== */
+
+static void
+accept_connection(int server_fd, int event, void *arg)
+{
+  SCK_Message message;
+  IPSockAddr addr;
+  int log_index, sock_fd;
+  struct timespec now;
+
+  sock_fd = SCK_AcceptConnection(server_fd, &addr);
+  if (sock_fd < 0)
+    return;
+
+  if (!NCR_CheckAccessRestriction(&addr.ip_addr)) {
+    DEBUG_LOG("Rejected connection from %s (%s)",
+              UTI_IPSockAddrToString(&addr), "access denied");
+    SCK_CloseSocket(sock_fd);
+    return;
+  }
+
+  SCH_GetLastEventTime(&now, NULL, NULL);
+  log_index = CLG_LogNTPAccess(&addr.ip_addr, &now);
+  if (log_index >= 0 && CLG_LimitNTPResponseRate(log_index)) {
+    DEBUG_LOG("Rejected connection from %s (%s)",
+              UTI_IPSockAddrToString(&addr), "rate limit");
+    SCK_CloseSocket(sock_fd);
+    return;
+  }
+
+  /* Pass the socket to a helper process if enabled.  Otherwise, handle the
+     client in the main process. */
+  if (helper_sock_fd != INVALID_SOCK_FD) {
+    HelperRequest req;
+
+    /* Include the current server key and client address in the request */
+    memset(&req, 0, sizeof (req));
+    req.key_id = htonl(server_keys[current_server_key].id);
+    memcpy(req.key, server_keys[current_server_key].key, sizeof (req.key));
+    UTI_IPHostToNetwork(&addr.ip_addr, &req.client_addr);
+    req.client_port = htons(addr.port);
+
+    SCK_InitMessage(&message, SCK_ADDR_UNSPEC);
+    message.data = &req;
+    message.length = sizeof (req);
+    message.descriptor = sock_fd;
+
+    if (!SCK_SendMessage(helper_sock_fd, &message, SCK_FLAG_MSG_DESCRIPTOR)) {
+      SCK_CloseSocket(sock_fd);
+      return;
+    }
+
+    SCK_CloseSocket(sock_fd);
+  } else {
+    if (!handle_client(sock_fd, &addr)) {
+      SCK_CloseSocket(sock_fd);
+      return;
+    }
+  }
+
+  DEBUG_LOG("Accepted connection from %s fd=%d", UTI_IPSockAddrToString(&addr), sock_fd);
+}
+
+/* ================================================== */
+
+static int
+open_socket(int family, int port)
+{
+  IPSockAddr local_addr;
+  int sock_fd;
+
+  if (!SCK_IsFamilySupported(family))
+    return INVALID_SOCK_FD;
+
+  CNF_GetBindAddress(family, &local_addr.ip_addr);
+
+  if (local_addr.ip_addr.family != family)
+    SCK_GetAnyLocalIPAddress(family, &local_addr.ip_addr);
+
+  local_addr.port = port;
+
+  sock_fd = SCK_OpenTcpSocket(NULL, &local_addr, 0);
+  if (sock_fd < 0) {
+    LOG(LOGS_ERR, "Could not open NTS-KE socket on %s", UTI_IPSockAddrToString(&local_addr));
+    return INVALID_SOCK_FD;
+  }
+
+  if (!SCK_ListenOnSocket(sock_fd, CNF_GetNtsServerConnections())) {
+    SCK_CloseSocket(sock_fd);
+    return INVALID_SOCK_FD;
+  }
+
+  SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, accept_connection, NULL);
+
+  return sock_fd;
+}
+
+/* ================================================== */
+
+static void
+helper_signal(int x)
+{
+  SCH_QuitProgram();
+}
+
+/* ================================================== */
+
+static int
+prepare_response(NKSN_Instance session, int error, int next_protocol, int aead_algorithm)
+{
+  NKE_Cookie cookie;
+  NKE_Key c2s, s2c;
+  uint16_t datum;
+  int i;
+
+  DEBUG_LOG("NTS KE response: error=%d next=%d aead=%d", error, next_protocol, aead_algorithm);
+
+  NKSN_BeginMessage(session);
+
+  if (error >= 0) {
+    datum = htons(error);
+    if (!NKSN_AddRecord(session, 1, NKE_RECORD_ERROR, &datum, sizeof (datum)))
+      return 0;
+  } else {
+    datum = htons(next_protocol);
+    if (!NKSN_AddRecord(session, 1, NKE_RECORD_NEXT_PROTOCOL, &datum, sizeof (datum)))
+      return 0;
+
+    datum = htons(aead_algorithm);
+    if (!NKSN_AddRecord(session, 1, NKE_RECORD_AEAD_ALGORITHM, &datum, sizeof (datum)))
+      return 0;
+
+    if (CNF_GetNTPPort() != NTP_PORT) {
+      datum = htons(CNF_GetNTPPort());
+      if (!NKSN_AddRecord(session, 1, NKE_RECORD_NTPV4_PORT_NEGOTIATION, &datum, sizeof (datum)))
+        return 0;
+    }
+
+    /* This should be configurable */
+    if (0) {
+      const char server[] = "::1";
+      if (!NKSN_AddRecord(session, 1, NKE_RECORD_NTPV4_SERVER_NEGOTIATION, server,
+                          sizeof (server) - 1))
+        return 0;
+    }
+
+    if (!NKSN_GetKeys(session, aead_algorithm, &c2s, &s2c))
+      return 0;
+
+    for (i = 0; i < NKE_MAX_COOKIES; i++) {
+      if (!NKS_GenerateCookie(&c2s, &s2c, &cookie))
+        return 0;
+      if (!NKSN_AddRecord(session, 0, NKE_RECORD_COOKIE, cookie.cookie, cookie.length))
+        return 0;
+    }
+  }
+
+  if (!NKSN_EndMessage(session))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+process_request(NKSN_Instance session)
+{
+  int next_protocol = -1, aead_algorithm = -1, error = -1;
+  int i, critical, type, length;
+  uint16_t data[NKE_MAX_RECORD_BODY_LENGTH / sizeof (uint16_t)];
+
+  assert(NKE_MAX_RECORD_BODY_LENGTH % sizeof (uint16_t) == 0);
+  assert(sizeof (uint16_t) == 2);
+
+  while (error == -1) {
+    if (!NKSN_GetRecord(session, &critical, &type, &length, &data, sizeof (data)))
+      break;
+
+    switch (type) {
+      case NKE_RECORD_NEXT_PROTOCOL:
+        if (!critical || length < 2 || length % 2 != 0) {
+          error = NKE_ERROR_BAD_REQUEST;
+          break;
+        }
+        for (i = 0; i < MIN(length, sizeof (data)) / 2; i++) {
+          if (ntohs(data[i]) == NKE_NEXT_PROTOCOL_NTPV4)
+            next_protocol = NKE_NEXT_PROTOCOL_NTPV4;
+        }
+        break;
+      case NKE_RECORD_AEAD_ALGORITHM:
+        if (length < 2 || length % 2 != 0) {
+          error = NKE_ERROR_BAD_REQUEST;
+          break;
+        }
+        for (i = 0; i < MIN(length, sizeof (data)) / 2; i++) {
+          if (ntohs(data[i]) == AEAD_AES_SIV_CMAC_256)
+            aead_algorithm = AEAD_AES_SIV_CMAC_256;
+        }
+        break;
+      case NKE_RECORD_ERROR:
+      case NKE_RECORD_WARNING:
+      case NKE_RECORD_COOKIE:
+        error = NKE_ERROR_BAD_REQUEST;
+        break;
+      default:
+        if (critical)
+          error = NKE_ERROR_UNRECOGNIZED_CRITICAL_RECORD;
+    }
+  }
+
+  if (aead_algorithm < 0 || next_protocol < 0)
+    error = NKE_ERROR_BAD_REQUEST;
+
+  if (!prepare_response(session, error, next_protocol, aead_algorithm))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+handle_message(void *arg)
+{
+  NKSN_Instance session = arg;
+
+  return process_request(session);
+}
+
+/* ================================================== */
+
+static void
+generate_key(int index)
+{
+  int key_length;
+
+  assert(index < MAX_SERVER_KEYS);
+
+  key_length = SIV_GetKeyLength(SERVER_COOKIE_SIV);
+  if (key_length > sizeof (server_keys[index].key))
+    assert(0);
+
+  UTI_GetRandomBytesUrandom(server_keys[index].key, key_length);
+  if (!SIV_SetKey(server_keys[index].siv, server_keys[index].key, key_length))
+    assert(0);
+
+  UTI_GetRandomBytes(&server_keys[index].id, sizeof (server_keys[index].id));
+
+  server_keys[index].id &= -1U << KEY_ID_INDEX_BITS;
+  server_keys[index].id |= index;
+
+  DEBUG_LOG("Generated server key %"PRIX32, server_keys[index].id);
+}
+
+/* ================================================== */
+
+static void
+save_keys(void)
+{
+  char hex_key[SIV_MAX_KEY_LENGTH * 2 + 1];
+  int i, index, key_length;
+  char *cachedir;
+  FILE *f;
+
+  cachedir = CNF_GetNtsCacheDir();
+  if (!cachedir)
+    return;
+
+  f = UTI_OpenFile(cachedir, "ntskeys", ".tmp", 'w', 0600);
+  if (!f)
+    return;
+
+  key_length = SIV_GetKeyLength(SERVER_COOKIE_SIV);
+
+  for (i = 0; i < MAX_SERVER_KEYS; i++) {
+    index = (current_server_key + i + 1) % MAX_SERVER_KEYS;
+
+    if (key_length > sizeof (server_keys[index].key) ||
+        !UTI_BytesToHex(server_keys[index].key, key_length, hex_key, sizeof (hex_key))) {
+      assert(0);
+      break;
+    }
+
+    fprintf(f, "%08"PRIX32" %s\n", server_keys[index].id, hex_key);
+  }
+
+  fclose(f);
+
+  if (!UTI_RenameTempFile(cachedir, "ntskeys", ".tmp", NULL))
+    ;
+}
+
+/* ================================================== */
+
+static void
+load_keys(void)
+{
+  int i, index, line_length, key_length, n;
+  char *cachedir, line[1024];
+  FILE *f;
+  uint32_t id;
+
+  cachedir = CNF_GetNtsCacheDir();
+  if (!cachedir)
+    return;
+
+  f = UTI_OpenFile(cachedir, "ntskeys", NULL, 'r', 0);
+  if (!f)
+    return;
+
+  key_length = SIV_GetKeyLength(SERVER_COOKIE_SIV);
+
+  for (i = 0; i < MAX_SERVER_KEYS; i++) {
+    if (!fgets(line, sizeof (line), f))
+      break;
+
+    line_length = strlen(line);
+    if (line_length < 10)
+      break;
+    /* Drop '\n' */
+    line[line_length - 1] = '\0';
+
+    if (sscanf(line, "%"PRIX32"%n", &id, &n) != 1 || line[n] != ' ')
+      break;
+
+    index = id % MAX_SERVER_KEYS;
+
+    if (UTI_HexToBytes(line + n + 1, server_keys[index].key,
+                       sizeof (server_keys[index].key)) != key_length)
+      break;
+
+    server_keys[index].id = id;
+    if (!SIV_SetKey(server_keys[index].siv, server_keys[index].key, key_length))
+      assert(0);
+
+    DEBUG_LOG("Loaded key %"PRIX32, id);
+
+    current_server_key = index;
+  }
+
+  fclose(f);
+}
+
+/* ================================================== */
+
+static void
+key_timeout(void *arg)
+{
+  current_server_key = (current_server_key + 1) % MAX_SERVER_KEYS;
+  generate_key(current_server_key);
+  save_keys();
+
+  SCH_AddTimeoutByDelay(MAX(CNF_GetNtsRotate(), MIN_KEY_ROTATE_INTERVAL),
+                        key_timeout, NULL);
+}
+
+/* ================================================== */
+
+static void
+start_helper(int id, int scfilter_level, int main_fd, int helper_fd)
+{
+  pid_t pid;
+
+  pid = fork();
+
+  if (pid < 0)
+    LOG_FATAL("fork() failed : %s", strerror(errno));
+
+  if (pid > 0)
+    return;
+
+  SCK_CloseSocket(main_fd);
+
+  LOG_CloseParentFd();
+  SCH_Reset();
+  SCH_AddFileHandler(helper_fd, SCH_FILE_INPUT, handle_helper_request, NULL);
+  UTI_SetQuitSignalsHandler(helper_signal, 1);
+  if (scfilter_level != 0)
+    SYS_EnableSystemCallFilter(scfilter_level, SYS_NTSKE_HELPER);
+
+  initialised = 1;
+
+  DEBUG_LOG("NTS-KE helper #%d started", id);
+
+  SCH_MainLoop();
+
+  NKS_Finalise();
+
+  DEBUG_LOG("NTS-KE helper #%d exiting", id);
+
+  exit(0);
+}
+
+/* ================================================== */
+
+void
+NKS_Initialise(int scfilter_level)
+{
+  char *cert, *key;
+  int i, processes;
+
+  server_sock_fd4 = INVALID_SOCK_FD;
+  server_sock_fd6 = INVALID_SOCK_FD;
+  helper_sock_fd = INVALID_SOCK_FD;
+
+  cert = CNF_GetNtsServerCertFile();
+  key = CNF_GetNtsServerKeyFile();
+
+  if (!cert || !key)
+    return;
+
+  server_credentials = NKSN_CreateCertCredentials(cert, key, NULL);
+  if (!server_credentials)
+    return;
+
+  sessions = ARR_CreateInstance(sizeof (NKSN_Instance));
+  for (i = 0; i < CNF_GetNtsServerConnections(); i++)
+    *(NKSN_Instance *)ARR_GetNewElement(sessions) = NULL;
+  for (i = 0; i < MAX_SERVER_KEYS; i++)
+    server_keys[i].siv = NULL;
+
+  server_sock_fd4 = open_socket(IPADDR_INET4, CNF_GetNtsServerPort());
+  server_sock_fd6 = open_socket(IPADDR_INET6, CNF_GetNtsServerPort());
+
+  for (i = 0; i < MAX_SERVER_KEYS; i++) {
+    server_keys[i].siv = SIV_CreateInstance(SERVER_COOKIE_SIV);
+    generate_key(i);
+  }
+
+  current_server_key = MAX_SERVER_KEYS - 1;
+
+  load_keys();
+
+  key_timeout(NULL);
+
+  processes = CNF_GetNtsServerProcesses();
+
+  if (processes > 0) {
+    int sock_fd1, sock_fd2;
+
+    sock_fd1 = SCK_OpenUnixSocketPair(0, &sock_fd2);
+
+    for (i = 0; i < processes; i++)
+      start_helper(i + 1, scfilter_level, sock_fd1, sock_fd2);
+
+    SCK_CloseSocket(sock_fd2);
+    helper_sock_fd = sock_fd1;
+  }
+
+  initialised = 1;
+}
+
+/* ================================================== */
+
+void
+NKS_Finalise(void)
+{
+  int i;
+
+  if (!initialised)
+    return;
+
+  if (helper_sock_fd != INVALID_SOCK_FD) {
+    for (i = 0; i < CNF_GetNtsServerProcesses(); i++) {
+      if (!SCK_Send(helper_sock_fd, "", 1, 0))
+        ;
+    }
+    SCK_CloseSocket(helper_sock_fd);
+  }
+  if (server_sock_fd4 != INVALID_SOCK_FD)
+    SCK_CloseSocket(server_sock_fd4);
+  if (server_sock_fd6 != INVALID_SOCK_FD)
+    SCK_CloseSocket(server_sock_fd6);
+
+  save_keys();
+  for (i = 0; i < MAX_SERVER_KEYS; i++) {
+    if (server_keys[i].siv != NULL)
+      SIV_DestroyInstance(server_keys[i].siv);
+  }
+
+  for (i = 0; i < ARR_GetSize(sessions); i++) {
+    NKSN_Instance session = *(NKSN_Instance *)ARR_GetElement(sessions, i);
+    if (session)
+      NKSN_DestroyInstance(session);
+  }
+  ARR_DestroyInstance(sessions);
+
+  NKSN_DestroyCertCredentials(server_credentials);
+}
+
+/* ================================================== */
+
+/* A server cookie consists of key ID, nonce, and encrypted C2S+S2C keys */
+
+int
+NKS_GenerateCookie(NKE_Key *c2s, NKE_Key *s2c, NKE_Cookie *cookie)
+{
+  unsigned char plaintext[2 * NKE_MAX_KEY_LENGTH], *ciphertext;
+  int plaintext_length, tag_length;
+  ServerCookieHeader *header;
+  ServerKey *key;
+
+  if (!initialised) {
+    DEBUG_LOG("NTS server disabled");
+    return 0;
+  }
+
+  if (c2s->length < 0 || c2s->length > NKE_MAX_KEY_LENGTH ||
+      s2c->length < 0 || s2c->length > NKE_MAX_KEY_LENGTH) {
+    DEBUG_LOG("Invalid key length");
+    return 0;
+  }
+
+  key = &server_keys[current_server_key];
+
+  header = (ServerCookieHeader *)cookie->cookie;
+
+  /* Keep the fields in the host byte order */
+  header->key_id = key->id;
+  UTI_GetRandomBytes(header->nonce, sizeof (header->nonce));
+
+  plaintext_length = c2s->length + s2c->length;
+  assert(plaintext_length <= sizeof (plaintext));
+  memcpy(plaintext, c2s->key, c2s->length);
+  memcpy(plaintext + c2s->length, s2c->key, s2c->length);
+
+  tag_length = SIV_GetTagLength(key->siv);
+  cookie->length = sizeof (*header) + plaintext_length + tag_length;
+  assert(cookie->length <= sizeof (cookie->cookie));
+  ciphertext = cookie->cookie + sizeof (*header);
+
+  if (!SIV_Encrypt(key->siv, header->nonce, sizeof (header->nonce),
+                   "", 0,
+                   plaintext, plaintext_length,
+                   ciphertext, plaintext_length + tag_length)) {
+    DEBUG_LOG("Could not encrypt cookie");
+    return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Key *c2s, NKE_Key *s2c)
+{
+  unsigned char plaintext[2 * NKE_MAX_KEY_LENGTH], *ciphertext;
+  int ciphertext_length, plaintext_length, tag_length;
+  ServerCookieHeader *header;
+  ServerKey *key;
+
+  if (!initialised) {
+    DEBUG_LOG("NTS server disabled");
+    return 0;
+  }
+
+  if (cookie->length <= sizeof (*header)) {
+    DEBUG_LOG("Invalid cookie length");
+    return 0;
+  }
+
+  header = (ServerCookieHeader *)cookie->cookie;
+  ciphertext = cookie->cookie + sizeof (*header);
+  ciphertext_length = cookie->length - sizeof (*header);
+
+  key = &server_keys[header->key_id % MAX_SERVER_KEYS];
+  if (header->key_id != key->id) {
+    DEBUG_LOG("Unknown key %"PRIX32, header->key_id);
+    return 0;
+  }
+
+  tag_length = SIV_GetTagLength(key->siv);
+  if (tag_length >= ciphertext_length) {
+    DEBUG_LOG("Invalid cookie length");
+    return 0;
+  }
+
+  plaintext_length = ciphertext_length - tag_length;
+  if (plaintext_length > sizeof (plaintext) || plaintext_length % 2 != 0) {
+    DEBUG_LOG("Invalid cookie length");
+    return 0;
+  }
+
+  if (!SIV_Decrypt(key->siv, header->nonce, sizeof (header->nonce),
+                   "", 0,
+                   ciphertext, ciphertext_length,
+                   plaintext, plaintext_length)) {
+    DEBUG_LOG("Could not decrypt cookie");
+    return 0;
+  }
+
+  c2s->length = plaintext_length / 2;
+  s2c->length = plaintext_length / 2;
+  assert(c2s->length <= sizeof (c2s->key));
+
+  memcpy(c2s->key, plaintext, c2s->length);
+  memcpy(s2c->key, plaintext + c2s->length, s2c->length);
+
+  return 1;
+}

nts_ke_server.h

@@ -0,0 +1,42 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for the NTS-KE server
+  */
+
+#ifndef GOT_NTS_KE_SERVER_H
+#define GOT_NTS_KE_SERVER_H
+
+#include "nts_ke.h"
+
+/* Init and fini functions */
+extern void NKS_Initialise(int scfilter_level);
+extern void NKS_Finalise(void);
+
+/* Generate a new NTS cookie containing the C2S and S2C keys */
+extern int NKS_GenerateCookie(NKE_Key *c2s, NKE_Key *s2c, NKE_Cookie *cookie);
+
+/* Validate a cookie and extract the C2S and S2C keys */
+extern int NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Key *c2s, NKE_Key *s2c);
+
+#endif

nts_ke_session.c

@@ -0,0 +1,779 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  NTS-KE session used by server and client
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ke_session.h"
+
+#include "conf.h"
+#include "logging.h"
+#include "memory.h"
+#include "siv.h"
+#include "socket.h"
+#include "sched.h"
+#include "util.h"
+
+#include <gnutls/gnutls.h>
+
+#define INVALID_SOCK_FD (-8)
+
+struct RecordHeader {
+  uint16_t type;
+  uint16_t body_length;
+};
+
+struct Message {
+  int length;
+  int sent;
+  int parsed;
+  int complete;
+  unsigned char data[NKE_MAX_MESSAGE_LENGTH];
+};
+
+typedef enum {
+  KE_WAIT_CONNECT,
+  KE_HANDSHAKE,
+  KE_SEND,
+  KE_RECEIVE,
+  KE_SHUTDOWN,
+  KE_STOPPED,
+} KeState;
+
+struct NKSN_Instance_Record {
+  int server;
+  char *name;
+  NKSN_MessageHandler handler;
+  void *handler_arg;
+
+  KeState state;
+  int sock_fd;
+  gnutls_session_t tls_session;
+  SCH_TimeoutID timeout_id;
+
+  struct Message message;
+  int new_message;
+  int ended_message;
+};
+
+/* ================================================== */
+
+static gnutls_priority_t priority_cache;
+
+static int credentials_counter = 0;
+
+/* ================================================== */
+
+static void
+reset_message(struct Message *message)
+{
+  message->length = 0;
+  message->sent = 0;
+  message->parsed = 0;
+  message->complete = 0;
+}
+
+/* ================================================== */
+
+static int
+add_record(struct Message *message, int critical, int type, const void *body, int body_length)
+{
+  struct RecordHeader header;
+
+  if (body_length < 0 || body_length > 0xffff || type < 0 || type > 0x7fff ||
+      message->length + sizeof (header) + body_length > sizeof (message->data))
+    return 0;
+
+  header.type = htons(!!critical * NKE_RECORD_CRITICAL_BIT | type);
+  header.body_length = htons(body_length);
+
+  memcpy(&message->data[message->length], &header, sizeof (header));
+  message->length += sizeof (header);
+
+  if (body_length > 0) {
+    memcpy(&message->data[message->length], body, body_length);
+    message->length += body_length;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+static void
+reset_message_parsing(struct Message *message)
+{
+  message->parsed = 0;
+}
+
+/* ================================================== */
+
+static int
+get_record(struct Message *message, int *critical, int *type, int *body_length,
+           void *body, int buffer_length)
+{
+  struct RecordHeader header;
+  int blen, rlen;
+
+  if (message->length < message->parsed + sizeof (header) ||
+      buffer_length < 0)
+    return 0;
+
+  memcpy(&header, &message->data[message->parsed], sizeof (header));
+
+  blen = ntohs(header.body_length);
+  rlen = sizeof (header) + blen;
+
+  if (message->length < message->parsed + rlen)
+    return 0;
+
+  if (critical)
+    *critical = !!(ntohs(header.type) & NKE_RECORD_CRITICAL_BIT);
+  if (type)
+    *type = ntohs(header.type) & ~NKE_RECORD_CRITICAL_BIT;
+  if (body)
+    memcpy(body, &message->data[message->parsed + sizeof (header)], MIN(buffer_length, blen));
+  if (body_length)
+    *body_length = blen;
+
+  message->parsed += rlen;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+check_message_format(struct Message *message, int eof)
+{
+  int critical = 0, type = -1, length = -1, ends = 0;
+
+  reset_message_parsing(message);
+  message->complete = 0;
+
+  while (get_record(message, &critical, &type, &length, NULL, 0)) {
+    if (type == NKE_RECORD_END_OF_MESSAGE) {
+      if (!critical || length != 0 || ends > 0)
+        return 0;
+      ends++;
+    }
+  }
+
+  /* If the message cannot be fully parsed, but more data may be coming,
+     consider the format to be ok */
+  if (message->length == 0 || message->parsed < message->length)
+    return !eof;
+
+  if (type != NKE_RECORD_END_OF_MESSAGE)
+    return !eof;
+
+  message->complete = 1;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static gnutls_session_t
+create_tls_session(int server_mode, int sock_fd, const char *server_name,
+                   gnutls_certificate_credentials_t credentials,
+                   gnutls_priority_t priority)
+{
+  unsigned char alpn_name[sizeof (NKE_ALPN_NAME)];
+  gnutls_session_t session;
+  gnutls_datum_t alpn;
+  int r;
+
+  r = gnutls_init(&session, GNUTLS_NONBLOCK | (server_mode ? GNUTLS_SERVER : GNUTLS_CLIENT));
+  if (r < 0) {
+    LOG(LOGS_ERR, "Could not %s TLS session : %s", "create", gnutls_strerror(r));
+    return NULL;
+  }
+
+  if (!server_mode) {
+    r = gnutls_server_name_set(session, GNUTLS_NAME_DNS, server_name, strlen(server_name));
+    if (r < 0)
+      goto error;
+    gnutls_session_set_verify_cert(session, server_name, 0);
+  }
+
+  r = gnutls_priority_set(session, priority);
+  if (r < 0)
+    goto error;
+
+  r = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, credentials);
+  if (r < 0)
+    goto error;
+
+  memcpy(alpn_name, NKE_ALPN_NAME, sizeof (alpn_name));
+  alpn.data = alpn_name;
+  alpn.size = sizeof (alpn_name) - 1;
+
+  r = gnutls_alpn_set_protocols(session, &alpn, 1, 0);
+  if (r < 0)
+    goto error;
+
+  gnutls_transport_set_int(session, sock_fd);
+
+  return session;
+
+error:
+  LOG(LOGS_ERR, "Could not %s TLS session : %s", "set", gnutls_strerror(r));
+  gnutls_deinit(session);
+  return NULL;
+}
+
+/* ================================================== */
+
+static void
+stop_session(NKSN_Instance inst)
+{
+  if (inst->state == KE_STOPPED)
+    return;
+
+  inst->state = KE_STOPPED;
+
+  SCH_RemoveFileHandler(inst->sock_fd);
+  SCK_CloseSocket(inst->sock_fd);
+  inst->sock_fd = INVALID_SOCK_FD;
+
+  gnutls_deinit(inst->tls_session);
+  inst->tls_session = NULL;
+
+  SCH_RemoveTimeout(inst->timeout_id);
+  inst->timeout_id = 0;
+}
+
+/* ================================================== */
+
+static void
+session_timeout(void *arg)
+{
+  NKSN_Instance inst = arg;
+
+  LOG(inst->server ? LOGS_DEBUG : LOGS_ERR, "NTS-KE session with %s timed out", inst->name);
+
+  inst->timeout_id = 0;
+  stop_session(inst);
+}
+
+/* ================================================== */
+
+static int
+get_socket_error(int sock_fd)
+{
+  int optval;
+  socklen_t optlen = sizeof (optval);
+
+  if (getsockopt(sock_fd, SOL_SOCKET, SO_ERROR, &optval, &optlen) < 0) {
+    DEBUG_LOG("getsockopt() failed : %s", strerror(errno));
+    return EINVAL;
+  }
+
+  return optval;
+}
+
+/* ================================================== */
+
+static int
+check_alpn(NKSN_Instance inst)
+{
+  gnutls_datum_t alpn;
+  int r;
+
+  r = gnutls_alpn_get_selected_protocol(inst->tls_session, &alpn);
+  if (r < 0 || alpn.size != sizeof (NKE_ALPN_NAME) - 1 ||
+      strncmp((const char *)alpn.data, NKE_ALPN_NAME, sizeof (NKE_ALPN_NAME) - 1))
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static void
+change_state(NKSN_Instance inst, KeState state)
+{
+  int output;
+
+  switch (state) {
+    case KE_HANDSHAKE:
+      output = !inst->server;
+      break;
+    case KE_WAIT_CONNECT:
+    case KE_SEND:
+    case KE_SHUTDOWN:
+      output = 1;
+      break;
+    case KE_RECEIVE:
+      output = 0;
+      break;
+    default:
+      assert(0);
+  }
+
+  SCH_SetFileHandlerEvent(inst->sock_fd, SCH_FILE_OUTPUT, output);
+
+  inst->state = state;
+}
+
+/* ================================================== */
+
+static int
+handle_event(NKSN_Instance inst, int event)
+{
+  struct Message *message = &inst->message;
+  int r;
+
+  DEBUG_LOG("Session event %d fd=%d state=%d", event, inst->sock_fd, (int)inst->state);
+
+  switch (inst->state) {
+    case KE_WAIT_CONNECT:
+      /* Check if connect() succeeded */
+      if (event != SCH_FILE_OUTPUT)
+        return 0;
+
+      r = get_socket_error(inst->sock_fd);
+
+      if (r) {
+        LOG(LOGS_ERR, "Could not connect to %s : %s", inst->name, strerror(r));
+        stop_session(inst);
+        return 0;
+      }
+
+      DEBUG_LOG("Connected to %s", inst->name);
+
+      change_state(inst, KE_HANDSHAKE);
+      return 0;
+
+    case KE_HANDSHAKE:
+      r = gnutls_handshake(inst->tls_session);
+
+      if (r < 0) {
+        if (gnutls_error_is_fatal(r)) {
+          LOG(inst->server ? LOGS_DEBUG : LOGS_ERR,
+              "TLS handshake with %s failed : %s", inst->name, gnutls_strerror(r));
+          stop_session(inst);
+          return 0;
+        }
+
+        /* Disable output when the handshake is trying to receive data */
+        SCH_SetFileHandlerEvent(inst->sock_fd, SCH_FILE_OUTPUT,
+                                gnutls_record_get_direction(inst->tls_session));
+        return 0;
+      }
+
+      if (DEBUG) {
+        char *description = gnutls_session_get_desc(inst->tls_session);
+        DEBUG_LOG("Handshake with %s completed %s",
+                  inst->name, description ? description : "");
+        gnutls_free(description);
+      }
+
+      if (!check_alpn(inst)) {
+        LOG(inst->server ? LOGS_DEBUG : LOGS_ERR, "NTS-KE not supported by %s", inst->name);
+        stop_session(inst);
+        return 0;
+      }
+
+      /* Client will send a request to the server */
+      change_state(inst, inst->server ? KE_RECEIVE : KE_SEND);
+      return 0;
+
+    case KE_SEND:
+      assert(inst->new_message && message->complete);
+
+      r = gnutls_record_send(inst->tls_session, &message->data[message->sent],
+                             message->length - message->sent);
+
+      if (r < 0) {
+        if (gnutls_error_is_fatal(r)) {
+          LOG(inst->server ? LOGS_DEBUG : LOGS_ERR,
+              "Could not send NTS-KE message to %s : %s", inst->name, gnutls_strerror(r));
+          stop_session(inst);
+        }
+        return 0;
+      }
+
+      DEBUG_LOG("Sent %d bytes to %s", r, inst->name);
+
+      message->sent += r;
+      if (message->sent < message->length)
+        return 0;
+
+      /* Client will receive a response */
+      change_state(inst, inst->server ? KE_SHUTDOWN : KE_RECEIVE);
+      reset_message(&inst->message);
+      inst->new_message = 0;
+      return 0;
+
+    case KE_RECEIVE:
+      do {
+        if (message->length >= sizeof (message->data)) {
+          DEBUG_LOG("Message is too long");
+          stop_session(inst);
+          return 0;
+        }
+
+        r = gnutls_record_recv(inst->tls_session, &message->data[message->length],
+                               sizeof (message->data) - message->length);
+
+        if (r < 0) {
+          /* Handle a renegotiation request on both client and server as
+             a protocol error */
+          if (gnutls_error_is_fatal(r) || r == GNUTLS_E_REHANDSHAKE) {
+            LOG(inst->server ? LOGS_DEBUG : LOGS_ERR,
+                "Could not receive NTS-KE message from %s : %s",
+                inst->name, gnutls_strerror(r));
+            stop_session(inst);
+          }
+          return 0;
+        }
+
+        DEBUG_LOG("Received %d bytes from %s", r, inst->name);
+
+        message->length += r;
+
+      } while (gnutls_record_check_pending(inst->tls_session) > 0);
+
+      if (!check_message_format(message, r == 0)) {
+        LOG(inst->server ? LOGS_DEBUG : LOGS_ERR,
+            "Received invalid NTS-KE message from %s", inst->name);
+        stop_session(inst);
+        return 0;
+      }
+
+      /* Wait for more data if the message is not complete yet */
+      if (!message->complete)
+        return 0;
+
+      /* Server will send a response to the client */
+      change_state(inst, inst->server ? KE_SEND : KE_SHUTDOWN);
+      break;
+
+    case KE_SHUTDOWN:
+      r = gnutls_bye(inst->tls_session, GNUTLS_SHUT_RDWR);
+
+      if (r < 0) {
+        if (gnutls_error_is_fatal(r)) {
+          DEBUG_LOG("Shutdown with %s failed : %s", inst->name, gnutls_strerror(r));
+          stop_session(inst);
+          return 0;
+        }
+
+        /* Disable output when the TLS shutdown is trying to receive data */
+        SCH_SetFileHandlerEvent(inst->sock_fd, SCH_FILE_OUTPUT,
+                                gnutls_record_get_direction(inst->tls_session));
+        return 0;
+      }
+
+      SCK_ShutdownConnection(inst->sock_fd);
+      stop_session(inst);
+
+      DEBUG_LOG("Shutdown completed");
+      return 0;
+
+    default:
+      assert(0);
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+static void
+read_write_socket(int fd, int event, void *arg)
+{
+  NKSN_Instance inst = arg;
+
+  if (!handle_event(inst, event))
+    return;
+
+  reset_message_parsing(&inst->message);
+
+  if (!(inst->handler)(inst->handler_arg)) {
+    stop_session(inst);
+    return;
+  }
+}
+
+/* ================================================== */
+
+static int gnutls_initialised = 0;
+
+static void
+init_gnutls(void)
+{
+  int r;
+
+  if (gnutls_initialised)
+    return;
+
+  r = gnutls_global_init();
+  if (r < 0)
+    LOG_FATAL("Could not initialise %s : %s", "gnutls", gnutls_strerror(r));
+
+  /* NTS specification requires TLS1.2 or later */
+  r = gnutls_priority_init2(&priority_cache, "-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1",
+                            NULL, GNUTLS_PRIORITY_INIT_DEF_APPEND);
+  if (r < 0)
+    LOG_FATAL("Could not initialise %s : %s", "priority cache", gnutls_strerror(r));
+
+  gnutls_initialised = 1;
+}
+
+/* ================================================== */
+
+static void
+deinit_gnutls(void)
+{
+  assert(gnutls_initialised);
+
+  gnutls_priority_deinit(priority_cache);
+  gnutls_global_deinit();
+  gnutls_initialised = 0;
+}
+
+/* ================================================== */
+
+void *
+NKSN_CreateCertCredentials(char *cert, char *key, char *trusted_certs)
+{
+  gnutls_certificate_credentials_t credentials = NULL;
+  int r;
+
+  init_gnutls();
+
+  r = gnutls_certificate_allocate_credentials(&credentials);
+  if (r < 0)
+    goto error;
+
+  if (cert && key) {
+    r = gnutls_certificate_set_x509_key_file(credentials, cert, key,
+                                             GNUTLS_X509_FMT_PEM);
+    if (r < 0)
+      goto error;
+  } else {
+    if (!CNF_GetNoSystemCert()) {
+      r = gnutls_certificate_set_x509_system_trust(credentials);
+      if (r < 0)
+        goto error;
+    }
+
+    if (trusted_certs) {
+      r = gnutls_certificate_set_x509_trust_file(credentials, trusted_certs,
+                                                 GNUTLS_X509_FMT_PEM);
+      if (r < 0)
+        goto error;
+    }
+  }
+
+  credentials_counter++;
+
+  return credentials;
+
+error:
+  LOG(LOGS_ERR, "Could not set credentials : %s", gnutls_strerror(r));
+  if (credentials)
+    gnutls_certificate_free_credentials(credentials);
+  return NULL;
+}
+
+/* ================================================== */
+
+void
+NKSN_DestroyCertCredentials(void *credentials)
+{
+  gnutls_certificate_free_credentials(credentials);
+  credentials_counter--;
+  if (credentials_counter != 0)
+    return;
+
+  deinit_gnutls();
+}
+
+/* ================================================== */
+
+NKSN_Instance
+NKSN_CreateInstance(int server_mode, const char *name,
+                    NKSN_MessageHandler handler, void *handler_arg)
+{
+  NKSN_Instance inst;
+
+  inst = MallocNew(struct NKSN_Instance_Record);
+
+  inst->server = server_mode;
+  inst->name = Strdup(name);
+  inst->handler = handler;
+  inst->handler_arg = handler_arg;
+  /* Replace NULL arg with the session itself */
+  if (!inst->handler_arg)
+    inst->handler_arg = inst;
+
+  inst->state = KE_STOPPED;
+  inst->sock_fd = INVALID_SOCK_FD;
+  inst->tls_session = NULL;
+  inst->timeout_id = 0;
+
+  return inst;
+}
+
+/* ================================================== */
+
+void
+NKSN_DestroyInstance(NKSN_Instance inst)
+{
+  stop_session(inst);
+
+  Free(inst->name);
+  Free(inst);
+}
+
+/* ================================================== */
+
+int
+NKSN_StartSession(NKSN_Instance inst, int sock_fd, void *credentials, double timeout)
+{
+  assert(inst->state == KE_STOPPED);
+
+  inst->tls_session = create_tls_session(inst->server, sock_fd,
+                                         inst->server ? NULL : inst->name,
+                                         credentials, priority_cache);
+  if (!inst->tls_session)
+    return 0;
+
+  inst->sock_fd = sock_fd;
+  SCH_AddFileHandler(sock_fd, SCH_FILE_INPUT, read_write_socket, inst);
+
+  inst->timeout_id = SCH_AddTimeoutByDelay(timeout, session_timeout, inst);
+
+  reset_message(&inst->message);
+  inst->new_message = 0;
+  inst->ended_message = 0;
+
+  change_state(inst, inst->server ? KE_HANDSHAKE : KE_WAIT_CONNECT);
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NKSN_BeginMessage(NKSN_Instance inst)
+{
+  reset_message(&inst->message);
+  inst->new_message = 1;
+}
+
+/* ================================================== */
+
+int
+NKSN_AddRecord(NKSN_Instance inst, int critical, int type, const void *body, int body_length)
+{
+  assert(inst->new_message && !inst->message.complete);
+  assert(type != NKE_RECORD_END_OF_MESSAGE);
+
+  return add_record(&inst->message, critical, type, body, body_length);
+}
+
+/* ================================================== */
+
+int
+NKSN_EndMessage(NKSN_Instance inst)
+{
+  assert(!inst->message.complete);
+
+  if (!add_record(&inst->message, 1, NKE_RECORD_END_OF_MESSAGE, NULL, 0))
+    return 0;
+
+  inst->message.complete = 1;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NKSN_GetRecord(NKSN_Instance inst, int *critical, int *type, int *body_length,
+               void *body, int buffer_length)
+{
+  int type2;
+
+  assert(inst->message.complete);
+
+  if (!get_record(&inst->message, critical, &type2, body_length, body, buffer_length))
+    return 0;
+
+  if (type2 == NKE_RECORD_END_OF_MESSAGE)
+    return 0;
+
+  if (type)
+    *type = type2;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NKSN_GetKeys(NKSN_Instance inst, SIV_Algorithm siv, NKE_Key *c2s, NKE_Key *s2c)
+{
+  c2s->length = SIV_GetKeyLength(siv);
+  s2c->length = SIV_GetKeyLength(siv);
+  assert(c2s->length <= sizeof (c2s->key));
+  assert(s2c->length <= sizeof (s2c->key));
+
+  if (gnutls_prf_rfc5705(inst->tls_session,
+                         sizeof (NKE_EXPORTER_LABEL) - 1, NKE_EXPORTER_LABEL,
+                         sizeof (NKE_EXPORTER_CONTEXT_C2S) - 1, NKE_EXPORTER_CONTEXT_C2S,
+                         c2s->length, (char *)c2s->key) < 0)
+    return 0;
+  if (gnutls_prf_rfc5705(inst->tls_session,
+                         sizeof (NKE_EXPORTER_LABEL) - 1, NKE_EXPORTER_LABEL,
+                         sizeof (NKE_EXPORTER_CONTEXT_S2C) - 1, NKE_EXPORTER_CONTEXT_S2C,
+                         s2c->length, (char *)s2c->key) < 0)
+    return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NKSN_IsStopped(NKSN_Instance inst)
+{
+  return inst->state == KE_STOPPED;
+}
+
+/* ================================================== */
+
+void
+NKSN_StopSession(NKSN_Instance inst)
+{
+  stop_session(inst);
+}

nts_ke_session.h

@@ -0,0 +1,83 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for the NTS-KE session
+  */
+
+#ifndef GOT_NTS_KE_SESSION_H
+#define GOT_NTS_KE_SESSION_H
+
+#include "nts_ke.h"
+#include "siv.h"
+
+typedef struct NKSN_Instance_Record *NKSN_Instance;
+
+/* Handler for received NTS-KE messages.  A non-zero return code stops
+   the session. */
+typedef int (*NKSN_MessageHandler)(void *arg);
+
+/* Get client or server credentials using certificates of trusted CAs,
+   or a server certificate and key.  The credentials may be shared between
+   different clients or servers. */
+extern void *NKSN_CreateCertCredentials(char *cert, char *key, char *trusted_certs);
+
+/* Destroy the credentials */
+extern void NKSN_DestroyCertCredentials(void *credentials);
+
+/* Create an instance */
+extern NKSN_Instance NKSN_CreateInstance(int server_mode, const char *name,
+                                         NKSN_MessageHandler handler, void *handler_arg);
+
+/* Destroy an instance */
+extern void NKSN_DestroyInstance(NKSN_Instance inst);
+
+/* Start a new NTS-KE session */
+extern int NKSN_StartSession(NKSN_Instance inst, int sock_fd, void *credentials,
+                             double timeout);
+
+/* Begin an NTS-KE message.  A request should be made right after starting
+   the session and response should be made in the message handler. */
+extern void NKSN_BeginMessage(NKSN_Instance inst);
+
+/* Add a record to the message */
+extern int NKSN_AddRecord(NKSN_Instance inst, int critical, int type,
+                          const void *body, int body_length);
+
+/* Terminate the message */
+extern int NKSN_EndMessage(NKSN_Instance inst);
+
+/* Get the next record from the received message.  This function should be
+   called from the message handler. */
+extern int NKSN_GetRecord(NKSN_Instance inst, int *critical, int *type, int *body_length,
+                          void *body, int buffer_length);
+
+/* Export NTS keys for a specified algorithm */
+extern int NKSN_GetKeys(NKSN_Instance inst, SIV_Algorithm siv, NKE_Key *c2s, NKE_Key *s2c);
+
+/* Check if the session has stopped */
+extern int NKSN_IsStopped(NKSN_Instance inst);
+
+/* Stop the session */
+extern void NKSN_StopSession(NKSN_Instance inst);
+
+#endif

nts_ntp.h

@@ -0,0 +1,41 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for the NTS-NTP protocol
+  */
+
+#ifndef GOT_NTS_NTP_H
+#define GOT_NTS_NTP_H
+
+#define NTP_EF_NTS_UNIQUE_IDENTIFIER    0x0104
+#define NTP_EF_NTS_COOKIE               0x0204
+#define NTP_EF_NTS_COOKIE_PLACEHOLDER   0x0304
+#define NTP_EF_NTS_AUTH_AND_EEF         0x0404
+
+#define NTP_KOD_NTS_NAK                 0x4e54534e
+
+#define NTS_MIN_UNIQ_ID_LENGTH          32
+#define NTS_MIN_UNPADDED_NONCE_LENGTH   16
+#define NTS_MAX_COOKIES                 8
+
+#endif

nts_ntp_auth.c

@@ -0,0 +1,174 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  NTS Authenticator and Encrypted Extension Fields extension field
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ntp_auth.h"
+
+#include "logging.h"
+#include "ntp_ext.h"
+#include "nts_ntp.h"
+#include "siv.h"
+#include "util.h"
+
+struct AuthHeader {
+  uint16_t nonce_length;
+  uint16_t ciphertext_length;
+};
+
+/* ================================================== */
+
+static int
+get_padding_length(int length)
+{
+  return length % 4U ? 4 - length % 4U : 0;
+}
+
+/* ================================================== */
+
+static int
+get_padded_length(int length)
+{
+  return length + get_padding_length(length);
+}
+
+/* ================================================== */
+
+int
+NNA_GenerateAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv,
+                   const unsigned char *nonce, int nonce_length,
+                   const unsigned char *plaintext, int plaintext_length,
+                   int min_ef_length)
+{
+  int auth_length, ciphertext_length, assoc_length;
+  int nonce_padding, ciphertext_padding, additional_padding;
+  unsigned char *ciphertext, *body;
+  struct AuthHeader *header;
+
+  assert(sizeof (*header) == 4);
+
+  if (nonce_length <= 0 || plaintext_length < 0) {
+    DEBUG_LOG("Invalid nonce/plaintext length");
+    return 0;
+  }
+
+  assoc_length = info->length;
+  ciphertext_length = SIV_GetTagLength(siv) + plaintext_length;
+  nonce_padding = get_padding_length(nonce_length);
+  ciphertext_padding = get_padding_length(ciphertext_length);
+  min_ef_length = get_padded_length(min_ef_length);
+
+  auth_length = sizeof (*header) + nonce_length + nonce_padding +
+                ciphertext_length + ciphertext_padding;
+  additional_padding = MAX(min_ef_length - auth_length - 4, 0);
+  additional_padding = MAX(NTS_MIN_UNPADDED_NONCE_LENGTH - nonce_length - nonce_padding,
+                           additional_padding);
+  auth_length += additional_padding;
+
+  if (!NEF_AddBlankField(packet, info, NTP_EF_NTS_AUTH_AND_EEF, auth_length,
+                         (void **)&header)) {
+    DEBUG_LOG("Could not add EF");
+    return 0;
+  }
+
+  header->nonce_length = htons(nonce_length);
+  header->ciphertext_length = htons(ciphertext_length);
+
+  body = (unsigned char *)(header + 1);
+  ciphertext = body + nonce_length + nonce_padding;
+
+  memcpy(body, nonce, nonce_length);
+  memset(body + nonce_length, 0, nonce_padding);
+
+  if (!SIV_Encrypt(siv, nonce, nonce_length, packet, assoc_length,
+                   plaintext, plaintext_length, ciphertext, ciphertext_length)) {
+    DEBUG_LOG("SIV encrypt failed");
+    return 0;
+  }
+
+  memset(ciphertext + ciphertext_length, 0, ciphertext_padding + additional_padding);
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv, int ef_start,
+                  unsigned char *plaintext, int buffer_length, int *plaintext_length)
+{
+  unsigned int siv_tag_length, nonce_length, ciphertext_length;
+  unsigned char *nonce, *ciphertext;
+  int ef_type, ef_body_length;
+  void *ef_body;
+  struct AuthHeader *header;
+
+  if (!NEF_ParseField(packet, info->length, ef_start,
+                      NULL, &ef_type, &ef_body, &ef_body_length))
+    return 0;
+
+  if (ef_type != NTP_EF_NTS_AUTH_AND_EEF)
+    return 0;
+
+  header = ef_body;
+
+  nonce_length = ntohs(header->nonce_length);
+  ciphertext_length = ntohs(header->ciphertext_length);
+
+  if (get_padded_length(nonce_length) +
+      get_padded_length(ciphertext_length) > ef_body_length)
+    return 0;
+
+  nonce = (unsigned char *)(header + 1);
+  ciphertext = (unsigned char *)(header + 1) + get_padded_length(nonce_length);
+
+  siv_tag_length = SIV_GetTagLength(siv);
+
+  if (nonce_length < 1 ||
+      ciphertext_length < siv_tag_length ||
+      ciphertext_length - siv_tag_length > buffer_length) {
+    DEBUG_LOG("Unexpected nonce/ciphertext length");
+    return 0;
+  }
+
+  if (ef_body_length < sizeof (*header) +
+        NTS_MIN_UNPADDED_NONCE_LENGTH + get_padded_length(ciphertext_length)) {
+    DEBUG_LOG("Missing padding");
+    return 0;
+  }
+
+  *plaintext_length = ciphertext_length - siv_tag_length;
+
+  if (!SIV_Decrypt(siv, nonce, nonce_length, packet, info->length - ef_body_length - 4,
+                   ciphertext, ciphertext_length, plaintext, *plaintext_length)) {
+    DEBUG_LOG("SIV decrypt failed");
+    return 0;
+  }
+
+  return 1;
+}

nts_ntp_auth.h

@@ -0,0 +1,43 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header for NTS Authenticator and Encrypted Extension Fields
+  extension field
+  */
+
+#ifndef GOT_NTS_NTP_AUTH_H
+#define GOT_NTS_NTP_AUTH_H
+
+#include "ntp.h"
+#include "siv.h"
+
+extern int NNA_GenerateAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv,
+                              const unsigned char *nonce, int nonce_length,
+                              const unsigned char *plaintext, int plaintext_length,
+                              int min_ef_length);
+
+extern int NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv,
+                             int ef_start, unsigned char *plaintext, int buffer_length,
+                             int *plaintext_length);
+
+#endif

nts_ntp_client.c

@@ -0,0 +1,441 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Client NTS-NTP authentication
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ntp_client.h"
+
+#include "conf.h"
+#include "logging.h"
+#include "memory.h"
+#include "ntp.h"
+#include "ntp_ext.h"
+#include "ntp_sources.h"
+#include "nts_ke_client.h"
+#include "nts_ntp.h"
+#include "nts_ntp_auth.h"
+#include "sched.h"
+#include "siv.h"
+#include "util.h"
+
+#define MAX_TOTAL_COOKIE_LENGTH (8 * 108)
+#define MIN_NKE_RETRY_INTERVAL 1000
+
+struct NNC_Instance_Record {
+  const IPSockAddr *ntp_address;
+  IPSockAddr nts_address;
+  char *name;
+  SIV_Instance siv_c2s;
+  SIV_Instance siv_s2c;
+  NKC_Instance nke;
+
+  double last_nke_attempt;
+  double last_nke_success;
+  NKE_Cookie cookies[NTS_MAX_COOKIES];
+  int num_cookies;
+  int cookie_index;
+  int nak_response;
+  int ok_response;
+  unsigned char nonce[NTS_MIN_UNPADDED_NONCE_LENGTH];
+  unsigned char uniq_id[NTS_MIN_UNIQ_ID_LENGTH];
+};
+
+/* ================================================== */
+
+static void
+reset_instance(NNC_Instance inst)
+{
+  inst->last_nke_attempt = -MIN_NKE_RETRY_INTERVAL;
+  inst->last_nke_success = 0.0;
+  inst->num_cookies = 0;
+  inst->cookie_index = 0;
+  inst->nak_response = 0;
+  inst->ok_response = 1;
+  memset(inst->nonce, 0, sizeof (inst->nonce));
+  memset(inst->uniq_id, 0, sizeof (inst->uniq_id));
+}
+
+/* ================================================== */
+
+NNC_Instance
+NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+{
+  NNC_Instance inst;
+
+  inst = MallocNew(struct NNC_Instance_Record);
+
+  inst->ntp_address = ntp_address;
+  inst->nts_address = *nts_address;
+  inst->name = name ? Strdup(name) : NULL;
+  inst->siv_c2s = NULL;
+  inst->siv_s2c = NULL;
+  inst->nke = NULL;
+
+  reset_instance(inst);
+
+  return inst;
+}
+
+/* ================================================== */
+
+void
+NNC_DestroyInstance(NNC_Instance inst)
+{
+  if (inst->nke)
+    NKC_DestroyInstance(inst->nke);
+  if (inst->siv_c2s)
+    SIV_DestroyInstance(inst->siv_c2s);
+  if (inst->siv_s2c)
+    SIV_DestroyInstance(inst->siv_s2c);
+
+  Free(inst->name);
+  Free(inst);
+}
+
+/* ================================================== */
+
+static int
+is_nke_needed(NNC_Instance inst)
+{
+  /* Force NKE if a NAK was received since last valid auth */
+  if (inst->nak_response && !inst->ok_response && inst->num_cookies > 0) {
+    inst->num_cookies = 0;
+    DEBUG_LOG("Dropped cookies");
+  }
+
+  /* Force NKE if the keys encrypting the cookies are too old */
+  if (inst->num_cookies > 0 &&
+      SCH_GetLastEventMonoTime() - inst->last_nke_success > CNF_GetNtsRefresh())
+    inst->num_cookies = 0;
+
+  return inst->num_cookies == 0;
+}
+
+/* ================================================== */
+
+static int
+set_ntp_address(NNC_Instance inst, NTP_Remote_Address *negotiated_address)
+{
+  NTP_Remote_Address old_address, new_address;
+
+  old_address = *inst->ntp_address;
+  new_address = *negotiated_address;
+
+  if (new_address.ip_addr.family == IPADDR_UNSPEC)
+    new_address.ip_addr = old_address.ip_addr;
+  if (new_address.port == 0)
+    new_address.port = old_address.port;
+
+  if (UTI_CompareIPs(&old_address.ip_addr, &new_address.ip_addr, NULL) == 0 &&
+      old_address.port == new_address.port)
+    /* Nothing to do */
+    return 1;
+
+  if (NSR_UpdateSourceNtpAddress(&old_address, &new_address) != NSR_Success) {
+    LOG(LOGS_ERR, "Could not change %s to negotiated address %s",
+        UTI_IPToString(&old_address.ip_addr), UTI_IPToString(&new_address.ip_addr));
+    return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+get_nke_data(NNC_Instance inst)
+{
+  NTP_Remote_Address ntp_address;
+  SIV_Algorithm siv;
+  NKE_Key c2s, s2c;
+  double now;
+  int got_data;
+
+  assert(is_nke_needed(inst));
+
+  now = SCH_GetLastEventMonoTime();
+
+  if (!inst->nke) {
+    if (now - inst->last_nke_attempt < MIN_NKE_RETRY_INTERVAL) {
+      DEBUG_LOG("Limiting NTS-KE request rate");
+      return 0;
+    }
+
+    if (!inst->name) {
+      LOG(LOGS_ERR, "Missing name of %s for NTS-KE",
+          UTI_IPToString(&inst->nts_address.ip_addr));
+      return 0;
+    }
+
+    inst->nke = NKC_CreateInstance(&inst->nts_address, inst->name);
+
+    if (!NKC_Start(inst->nke))
+      return 0;
+
+    inst->last_nke_attempt = now;
+  }
+
+  if (NKC_IsActive(inst->nke))
+    return 0;
+
+  got_data = NKC_GetNtsData(inst->nke, &siv, &c2s, &s2c,
+                            inst->cookies, &inst->num_cookies, NTS_MAX_COOKIES,
+                            &ntp_address);
+
+  NKC_DestroyInstance(inst->nke);
+  inst->nke = NULL;
+  
+  if (!got_data)
+    return 0;
+
+  if (!set_ntp_address(inst, &ntp_address)) {
+    inst->num_cookies = 0;
+    return 0;
+  }
+
+  inst->cookie_index = 0;
+
+  if (inst->siv_c2s)
+    SIV_DestroyInstance(inst->siv_c2s);
+  if (inst->siv_s2c)
+    SIV_DestroyInstance(inst->siv_s2c);
+
+  inst->siv_c2s = SIV_CreateInstance(siv);
+  inst->siv_s2c = SIV_CreateInstance(siv);
+
+  if (!inst->siv_c2s || !inst->siv_s2c ||
+      !SIV_SetKey(inst->siv_c2s, c2s.key, c2s.length) ||
+      !SIV_SetKey(inst->siv_s2c, s2c.key, s2c.length)) {
+    DEBUG_LOG("Could not initialise SIV");
+    inst->num_cookies = 0;
+    return 0;
+  }
+
+  inst->nak_response = 0;
+
+  inst->last_nke_success = now;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NNC_PrepareForAuth(NNC_Instance inst)
+{
+  if (is_nke_needed(inst)) {
+    if (!get_nke_data(inst))
+      return 0;
+  }
+
+  UTI_GetRandomBytes(&inst->uniq_id, sizeof (inst->uniq_id));
+  UTI_GetRandomBytes(&inst->nonce, sizeof (inst->nonce));
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NNC_GenerateRequestAuth(NNC_Instance inst, NTP_Packet *packet,
+                        NTP_PacketInfo *info)
+{
+  NKE_Cookie *cookie;
+  int i, req_cookies;
+
+  if (inst->num_cookies == 0 || !inst->siv_c2s)
+    return 0;
+
+  if (info->mode != MODE_CLIENT)
+    return 0;
+
+  cookie = &inst->cookies[inst->cookie_index];
+  req_cookies = MIN(NTS_MAX_COOKIES - inst->num_cookies + 1,
+                    MAX_TOTAL_COOKIE_LENGTH / (cookie->length + 4));
+
+  if (!NEF_AddField(packet, info, NTP_EF_NTS_UNIQUE_IDENTIFIER,
+                    &inst->uniq_id, sizeof (inst->uniq_id)))
+    return 0;
+
+  if (!NEF_AddField(packet, info, NTP_EF_NTS_COOKIE,
+                    cookie->cookie, cookie->length))
+    return 0;
+
+  for (i = 0; i < req_cookies - 1; i++) {
+    if (!NEF_AddField(packet, info, NTP_EF_NTS_COOKIE_PLACEHOLDER,
+                      cookie->cookie, cookie->length))
+      return 0;
+  }
+
+  if (!NNA_GenerateAuthEF(packet, info, inst->siv_c2s, inst->nonce, sizeof (inst->nonce),
+                          (const unsigned char *)"", 0, NTP_MAX_V4_MAC_LENGTH + 4))
+    return 0;
+
+  inst->num_cookies--;
+  inst->cookie_index = (inst->cookie_index + 1) % NTS_MAX_COOKIES;
+  inst->ok_response = 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+static int
+extract_cookies(NNC_Instance inst, unsigned char *plaintext, int length)
+{
+  int ef_type, ef_body_length, ef_length, parsed, index, acceptable, saved;
+  void *ef_body;
+
+  acceptable = saved = 0;
+
+  for (parsed = 0; parsed < length; parsed += ef_length) {
+    if (!NEF_ParseSingleField(plaintext, length, parsed,
+                              &ef_length, &ef_type, &ef_body, &ef_body_length))
+      break;
+
+    if (ef_type != NTP_EF_NTS_COOKIE)
+      continue;
+
+    if (ef_length < NTP_MIN_EF_LENGTH || ef_body_length > sizeof (inst->cookies[0].cookie)) {
+      DEBUG_LOG("Unexpected cookie length %d", ef_body_length);
+      continue;
+    }
+
+    acceptable++;
+
+    if (inst->num_cookies >= NTS_MAX_COOKIES)
+      continue;
+
+    index = (inst->cookie_index + inst->num_cookies) % NTS_MAX_COOKIES;
+    memcpy(inst->cookies[index].cookie, ef_body, ef_body_length);
+    inst->cookies[index].length = ef_body_length;
+    inst->num_cookies++;
+
+    saved++;
+  }
+
+  DEBUG_LOG("Extracted %d cookies (saved %d)", acceptable, saved);
+
+  return acceptable > 0;
+}
+
+/* ================================================== */
+
+int
+NNC_CheckResponseAuth(NNC_Instance inst, NTP_Packet *packet,
+                      NTP_PacketInfo *info)
+{
+  int ef_type, ef_body_length, ef_length, parsed, plaintext_length;
+  int has_valid_uniq_id = 0, has_valid_auth = 0;
+  unsigned char plaintext[NTP_MAX_EXTENSIONS_LENGTH];
+  void *ef_body;
+
+  if (info->ext_fields == 0 || info->mode != MODE_SERVER)
+    return 0;
+
+  /* Accept only one response per request */
+  if (inst->ok_response)
+    return 0;
+
+  if (!inst->siv_s2c)
+    return 0;
+
+  for (parsed = NTP_HEADER_LENGTH; parsed < info->length; parsed += ef_length) {
+    if (!NEF_ParseField(packet, info->length, parsed,
+                        &ef_length, &ef_type, &ef_body, &ef_body_length))
+      break;
+
+    switch (ef_type) {
+      case NTP_EF_NTS_UNIQUE_IDENTIFIER:
+        if (ef_body_length != sizeof (inst->uniq_id) ||
+            memcmp(ef_body, inst->uniq_id, sizeof (inst->uniq_id)) != 0) {
+          DEBUG_LOG("Invalid uniq id");
+          return 0;
+        }
+        has_valid_uniq_id = 1;
+        break;
+      case NTP_EF_NTS_COOKIE:
+        DEBUG_LOG("Unencrypted cookie");
+        break;
+      case NTP_EF_NTS_AUTH_AND_EEF:
+        if (parsed + ef_length != info->length) {
+          DEBUG_LOG("Auth not last EF");
+          return 0;
+        }
+
+        if (!NNA_DecryptAuthEF(packet, info, inst->siv_s2c, parsed,
+                               plaintext, sizeof (plaintext), &plaintext_length))
+          return 0;
+
+        has_valid_auth = 1;
+        break;
+      default:
+        break;
+    }
+  }
+
+  if (!has_valid_uniq_id || !has_valid_auth) {
+    if (has_valid_uniq_id && packet->stratum == NTP_INVALID_STRATUM &&
+        ntohl(packet->reference_id) == NTP_KOD_NTS_NAK) {
+      DEBUG_LOG("NTS NAK");
+      inst->nak_response = 1;
+      return 0;
+    }
+
+    DEBUG_LOG("Missing NTS EF");
+    return 0;
+  }
+
+  if (!extract_cookies(inst, plaintext, plaintext_length))
+    return 0;
+
+  inst->ok_response = 1;
+
+  /* At this point we know the client interoperates with the server.  Allow a
+     new NTS-KE session to be started as soon as the cookies run out. */
+  inst->last_nke_attempt = -MIN_NKE_RETRY_INTERVAL;
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+NNC_ChangeAddress(NNC_Instance inst, IPAddr *address)
+{
+  if (inst->nke)
+    NKC_DestroyInstance(inst->nke);
+
+  inst->nke = NULL;
+  inst->num_cookies = 0;
+  inst->nts_address.ip_addr = *address;
+
+  reset_instance(inst);
+
+  DEBUG_LOG("NTS reset");
+}

nts_ntp_client.h

@@ -0,0 +1,46 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for client NTS-NTP authentication
+  */
+
+#ifndef GOT_NTS_NTP_CLIENT_H
+#define GOT_NTS_NTP_CLIENT_H
+
+#include "addressing.h"
+#include "ntp.h"
+
+typedef struct NNC_Instance_Record *NNC_Instance;
+
+extern NNC_Instance NNC_CreateInstance(IPSockAddr *nts_address, const char *name,
+                                                   const IPSockAddr *ntp_address);
+extern void NNC_DestroyInstance(NNC_Instance inst);
+extern int NNC_PrepareForAuth(NNC_Instance inst);
+extern int NNC_GenerateRequestAuth(NNC_Instance inst, NTP_Packet *packet,
+                                   NTP_PacketInfo *info);
+extern int NNC_CheckResponseAuth(NNC_Instance inst, NTP_Packet *packet,
+                                 NTP_PacketInfo *info);
+
+extern void NNC_ChangeAddress(NNC_Instance inst, IPAddr *address);
+
+#endif

nts_ntp_server.c

@@ -0,0 +1,253 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Server NTS-NTP authentication
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "nts_ntp_server.h"
+
+#include "conf.h"
+#include "logging.h"
+#include "memory.h"
+#include "ntp.h"
+#include "ntp_ext.h"
+#include "nts_ke_server.h"
+#include "nts_ntp.h"
+#include "nts_ntp_auth.h"
+#include "siv.h"
+#include "util.h"
+
+struct NtsServer {
+  SIV_Instance siv;
+  unsigned char nonce[NTS_MIN_UNPADDED_NONCE_LENGTH];
+  NKE_Cookie cookies[NTS_MAX_COOKIES];
+  int num_cookies;
+  NTP_int64 req_tx;
+};
+
+/* The server instance handling all requests */
+struct NtsServer *server;
+
+/* ================================================== */
+
+void
+NNS_Initialise(void)
+{
+  /* Create an NTS-NTP server instance only if NTS-KE server is enabled */
+  if (!CNF_GetNtsServerCertFile() || !CNF_GetNtsServerKeyFile()) {
+    server = NULL;
+    return;
+  }
+
+  server = Malloc(sizeof (struct NtsServer));
+  server->siv = SIV_CreateInstance(AEAD_AES_SIV_CMAC_256);
+}
+
+/* ================================================== */
+
+void
+NNS_Finalise(void)
+{
+  if (!server)
+    return;
+
+  SIV_DestroyInstance(server->siv);
+  Free(server);
+  server = NULL;
+}
+
+/* ================================================== */
+
+int
+NNS_CheckRequestAuth(NTP_Packet *packet, NTP_PacketInfo *info, uint32_t *kod)
+{
+  int ef_type, ef_body_length, ef_length, has_uniq_id = 0, has_auth = 0, has_cookie = 0;
+  int i, plaintext_length, parsed, requested_cookies, cookie_length = -1, auth_start = 0;
+  unsigned char plaintext[NTP_MAX_EXTENSIONS_LENGTH];
+  NKE_Cookie cookie;
+  NKE_Key c2s, s2c;
+  void *ef_body;
+
+  if (!server)
+    return 0;
+
+  *kod = 0;
+
+  server->num_cookies = 0;
+  server->req_tx = packet->transmit_ts;
+
+  if (info->ext_fields == 0 || info->mode != MODE_CLIENT)
+    return 0;
+
+  requested_cookies = 0;
+
+  for (parsed = NTP_HEADER_LENGTH; parsed < info->length; parsed += ef_length) {
+    if (!NEF_ParseField(packet, info->length, parsed,
+                        &ef_length, &ef_type, &ef_body, &ef_body_length))
+      break;
+
+    switch (ef_type) {
+      case NTP_EF_NTS_UNIQUE_IDENTIFIER:
+        has_uniq_id = 1;
+        break;
+      case NTP_EF_NTS_COOKIE:
+        if (has_cookie || ef_body_length > sizeof (cookie.cookie))
+          return 0;
+        cookie.length = ef_body_length;
+        memcpy(cookie.cookie, ef_body, ef_body_length);
+        has_cookie = 1;
+        /* Fall through */
+      case NTP_EF_NTS_COOKIE_PLACEHOLDER:
+        requested_cookies++;
+
+        if (cookie_length >= 0 && cookie_length != ef_body_length) {
+          DEBUG_LOG("Invalid cookie/placeholder length");
+          return 0;
+        }
+        cookie_length = ef_body_length;
+        break;
+      case NTP_EF_NTS_AUTH_AND_EEF:
+        auth_start = parsed;
+        has_auth = 1;
+        break;
+      default:
+        break;
+    }
+  }
+
+  if (!has_uniq_id || !has_cookie || !has_auth) {
+    DEBUG_LOG("Missing an NTS EF");
+    return 0;
+  }
+
+  if (!NKS_DecodeCookie(&cookie, &c2s, &s2c)) {
+    *kod = NTP_KOD_NTS_NAK;
+    return 0;
+  }
+
+  if (!SIV_SetKey(server->siv, c2s.key, c2s.length)) {
+    DEBUG_LOG("Could not set C2S key");
+    return 0;
+  }
+
+  if (!NNA_DecryptAuthEF(packet, info, server->siv, auth_start,
+                         plaintext, sizeof (plaintext), &plaintext_length)) {
+    *kod = NTP_KOD_NTS_NAK;
+    return 0;
+  }
+
+  for (parsed = 0; parsed < plaintext_length; parsed += ef_length) {
+    if (!NEF_ParseSingleField(plaintext, plaintext_length, parsed,
+                              &ef_length, &ef_type, &ef_body, &ef_body_length))
+      break;
+
+    switch (ef_type) {
+      case NTP_EF_NTS_COOKIE_PLACEHOLDER:
+        if (cookie_length != ef_body_length) {
+          DEBUG_LOG("Invalid cookie/placeholder length");
+          return 0;
+        }
+        requested_cookies++;
+        break;
+      default:
+        break;
+    }
+  }
+
+  if (!SIV_SetKey(server->siv, s2c.key, s2c.length)) {
+    DEBUG_LOG("Could not set S2C key");
+    return 0;
+  }
+
+  UTI_GetRandomBytes(server->nonce, sizeof (server->nonce));
+
+  server->num_cookies = MIN(NTS_MAX_COOKIES, requested_cookies);
+  for (i = 0; i < server->num_cookies; i++)
+    if (!NKS_GenerateCookie(&c2s, &s2c, &server->cookies[i]))
+      return 0;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+NNS_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *req_info,
+                         NTP_Packet *response, NTP_PacketInfo *res_info,
+                         uint32_t kod)
+{
+  int i, ef_type, ef_body_length, ef_length, parsed;
+  void *ef_body;
+  unsigned char plaintext[NTP_MAX_EXTENSIONS_LENGTH];
+  int plaintext_length;
+
+  if (!server || req_info->mode != MODE_CLIENT || res_info->mode != MODE_SERVER)
+    return 0;
+
+  /* Make sure this is a response to the expected request */
+  if (UTI_CompareNtp64(&server->req_tx, &request->transmit_ts) != 0)
+    assert(0);
+
+  for (parsed = NTP_HEADER_LENGTH; parsed < req_info->length; parsed += ef_length) {
+    if (!NEF_ParseField(request, req_info->length, parsed,
+                        &ef_length, &ef_type, &ef_body, &ef_body_length))
+      break;
+
+    switch (ef_type) {
+      case NTP_EF_NTS_UNIQUE_IDENTIFIER:
+        /* Copy the ID from the request */
+        if (!NEF_AddField(response, res_info, ef_type, ef_body, ef_body_length))
+          return 0;
+      default:
+        break;
+    }
+  }
+
+  /* NTS NAK response does not have any other fields */
+  if (kod)
+    return 1;
+
+  for (i = 0, plaintext_length = 0; i < server->num_cookies; i++) {
+    if (!NEF_SetField(plaintext, sizeof (plaintext), plaintext_length,
+                      NTP_EF_NTS_COOKIE, &server->cookies[i].cookie,
+                      server->cookies[i].length, &ef_length))
+      return 0;
+
+    plaintext_length += ef_length;
+    assert(plaintext_length <= sizeof (plaintext));
+  }
+
+  server->num_cookies = 0;
+
+  if (!NNA_GenerateAuthEF(response, res_info, server->siv,
+                          server->nonce, sizeof (server->nonce),
+                          plaintext, plaintext_length,
+                          req_info->length - res_info->length))
+    return 0;
+
+  return 1;
+}

nts_ntp_server.h

@@ -0,0 +1,40 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2020
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for server NTS-NTP authentication
+  */
+
+#ifndef GOT_NTS_NTP_SERVER_H
+#define GOT_NTS_NTP_SERVER_H
+
+#include "ntp.h"
+
+extern void NNS_Initialise(void);
+extern void NNS_Finalise(void);
+
+extern int NNS_CheckRequestAuth(NTP_Packet *packet, NTP_PacketInfo *info, uint32_t *kod);
+extern int NNS_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *req_info,
+                                    NTP_Packet *response, NTP_PacketInfo *res_info,
+                                    uint32_t kod);
+
+#endif

pktlength.c

@@ -116,8 +116,14 @@ static const struct request_length request_lengths[] = {
   REQ_LENGTH_ENTRY(ntp_data, ntp_data),         /* NTP_DATA */
   { 0, 0 },                                     /* ADD_SERVER2 */
   { 0, 0 },                                     /* ADD_PEER2 */
-  REQ_LENGTH_ENTRY(ntp_source, null),           /* ADD_SERVER3 */
-  REQ_LENGTH_ENTRY(ntp_source, null),           /* ADD_PEER3 */
+  { 0, 0 },                                     /* ADD_SERVER3 */
+  { 0, 0 },                                     /* ADD_PEER3 */
+  REQ_LENGTH_ENTRY(null, null),                 /* SHUTDOWN */
+  REQ_LENGTH_ENTRY(null, null),                 /* ONOFFLINE */
+  REQ_LENGTH_ENTRY(ntp_source, null),           /* ADD_SOURCE */
+  REQ_LENGTH_ENTRY(ntp_source_name,
+                   ntp_source_name),            /* NTP_SOURCE_NAME */
+  REQ_LENGTH_ENTRY(null, null),                 /* RESET */
 };
 
 static const uint16_t reply_lengths[] = {
@@ -132,13 +138,15 @@ static const uint16_t reply_lengths[] = {
   0,                                            /* SUBNETS_ACCESSED - not supported */
   0,                                            /* CLIENT_ACCESSES - not supported */
   0,                                            /* CLIENT_ACCESSES_BY_INDEX - not supported */
-  0,                                            /* MANUAL_LIST - variable length */
+  0,                                            /* MANUAL_LIST - not supported */
   RPY_LENGTH_ENTRY(activity),                   /* ACTIVITY */
   RPY_LENGTH_ENTRY(smoothing),                  /* SMOOTHING */
   RPY_LENGTH_ENTRY(server_stats),               /* SERVER_STATS */
   RPY_LENGTH_ENTRY(client_accesses_by_index),   /* CLIENT_ACCESSES_BY_INDEX2 */
   RPY_LENGTH_ENTRY(ntp_data),                   /* NTP_DATA */
   RPY_LENGTH_ENTRY(manual_timestamp),           /* MANUAL_TIMESTAMP2 */
+  RPY_LENGTH_ENTRY(manual_list),                /* MANUAL_LIST2 */
+  RPY_LENGTH_ENTRY(ntp_source_name),            /* NTP_SOURCE_NAME */
 };
 
 /* ================================================== */
@@ -195,21 +203,6 @@ PKL_ReplyLength(CMD_Reply *r)
   if (type < 1 || type >= N_REPLY_TYPES)
     return 0;
 
-  /* Length of MANUAL_LIST depends on number of samples stored in it */
-  if (type == RPY_MANUAL_LIST) {
-    uint32_t ns;
-
-    if (r->status != htons(STT_SUCCESS))
-      return offsetof(CMD_Reply, data);
-
-    ns = ntohl(r->data.manual_list.n_samples);
-    if (ns > MAX_MANUAL_LIST_SAMPLES)
-      return 0;
-
-    return offsetof(CMD_Reply, data.manual_list.samples) +
-           ns * sizeof (RPY_ManualListSample);
-  }
-
   return reply_lengths[type];
 }
 

privops.c

@@ -33,6 +33,7 @@
 #include "nameserv.h"
 #include "logging.h"
 #include "privops.h"
+#include "socket.h"
 #include "util.h"
 
 #define OP_ADJUSTTIME     1024
@@ -158,7 +159,7 @@ res_fatal(PrvResponse *res, const char *fmt, ...)
 static int
 send_response(int fd, const PrvResponse *res)
 {
-  if (send(fd, res, sizeof (*res), 0) != sizeof (*res))
+  if (SCK_Send(fd, res, sizeof (*res), 0) != sizeof (*res))
     return 0;
 
   return 1;
@@ -170,37 +171,23 @@ send_response(int fd, const PrvResponse *res)
 static int
 receive_from_daemon(int fd, PrvRequest *req)
 {
-  struct msghdr msg;
-  struct cmsghdr *cmsg;
-  struct iovec iov;
-  char cmsgbuf[256];
+  SCK_Message message;
 
-  iov.iov_base = req;
-  iov.iov_len = sizeof (*req);
-
-  msg.msg_name = NULL;
-  msg.msg_namelen = 0;
-  msg.msg_iov = &iov;
-  msg.msg_iovlen = 1;
-  msg.msg_control = (void *)cmsgbuf;
-  msg.msg_controllen = sizeof (cmsgbuf);
-  msg.msg_flags = MSG_WAITALL;
-
-  /* read the data */
-  if (recvmsg(fd, &msg, 0) != sizeof (*req))
+  if (!SCK_ReceiveMessage(fd, &message, SCK_FLAG_MSG_DESCRIPTOR) ||
+      message.length != sizeof (*req))
     return 0;
 
+  memcpy(req, message.data, sizeof (*req));
+
   if (req->op == OP_BINDSOCKET) {
-    /* extract transferred descriptor */
-    req->data.bind_socket.sock = -1;
-    for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
-      if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
-        memcpy(&req->data.bind_socket.sock, CMSG_DATA(cmsg), sizeof (int));
-    }
+    req->data.bind_socket.sock = message.descriptor;
 
     /* return error if valid descriptor not found */
     if (req->data.bind_socket.sock < 0)
       return 0;
+  } else if (message.descriptor >= 0) {
+    SCK_CloseSocket(message.descriptor);
+    return 0;
   }
 
   return 1;
@@ -257,8 +244,7 @@ do_set_time(const ReqSetTime *req, PrvResponse *res)
 static void
 do_bind_socket(ReqBindSocket *req, PrvResponse *res)
 {
-  unsigned short port;
-  IPAddr ip;
+  IPSockAddr ip_saddr;
   int sock_fd;
   struct sockaddr *sa;
   socklen_t sa_len;
@@ -267,10 +253,11 @@ do_bind_socket(ReqBindSocket *req, PrvResponse *res)
   sa_len = req->sa_len;
   sock_fd = req->sock;
 
-  UTI_SockaddrToIPAndPort(sa, &ip, &port);
-  if (port && port != CNF_GetNTPPort()) {
-    close(sock_fd);
-    res_fatal(res, "Invalid port %d", port);
+  SCK_SockaddrToIPSockAddr(sa, sa_len, &ip_saddr);
+  if (ip_saddr.port != 0 && ip_saddr.port != CNF_GetNTPPort() &&
+      ip_saddr.port != CNF_GetAcquisitionPort()) {
+    SCK_CloseSocket(sock_fd);
+    res_fatal(res, "Invalid port %d", ip_saddr.port);
     return;
   }
 
@@ -279,7 +266,7 @@ do_bind_socket(ReqBindSocket *req, PrvResponse *res)
     res->res_errno = errno;
 
   /* sock is still open on daemon side, but we're done with it in the helper */
-  close(sock_fd);
+  SCK_CloseSocket(sock_fd);
 }
 #endif
 
@@ -373,7 +360,7 @@ helper_main(int fd)
     send_response(fd, &res);
   }
 
-  close(fd);
+  SCK_CloseSocket(fd);
   exit(0);
 }
 
@@ -386,7 +373,7 @@ receive_response(PrvResponse *res)
 {
   int resp_len;
 
-  resp_len = recv(helper_fd, res, sizeof (*res), 0);
+  resp_len = SCK_Receive(helper_fd, res, sizeof (*res), 0);
   if (resp_len < 0)
     LOG_FATAL("Could not read from helper : %s", strerror(errno));
   if (resp_len != sizeof (*res))
@@ -409,41 +396,22 @@ receive_response(PrvResponse *res)
 static void
 send_request(PrvRequest *req)
 {
-  struct msghdr msg;
-  struct iovec iov;
-  char cmsgbuf[256];
+  SCK_Message message;
+  int flags;
 
-  iov.iov_base = req;
-  iov.iov_len = sizeof (*req);
+  SCK_InitMessage(&message, SCK_ADDR_UNSPEC);
 
-  msg.msg_name = NULL;
-  msg.msg_namelen = 0;
-  msg.msg_iov = &iov;
-  msg.msg_iovlen = 1;
-  msg.msg_control = NULL;
-  msg.msg_controllen = 0;
-  msg.msg_flags = 0;
+  message.data = req;
+  message.length = sizeof (*req);
+  flags = 0;
 
   if (req->op == OP_BINDSOCKET) {
     /* send file descriptor as a control message */
-    struct cmsghdr *cmsg;
-    int *ptr_send_fd;
-
-    msg.msg_control = cmsgbuf;
-    msg.msg_controllen = CMSG_SPACE(sizeof (int));
-
-    cmsg = CMSG_FIRSTHDR(&msg);
-    memset(cmsg, 0, CMSG_SPACE(sizeof (int)));
-
-    cmsg->cmsg_level = SOL_SOCKET;
-    cmsg->cmsg_type = SCM_RIGHTS;
-    cmsg->cmsg_len = CMSG_LEN(sizeof (int));
-
-    ptr_send_fd = (int *)CMSG_DATA(cmsg);
-    *ptr_send_fd = req->data.bind_socket.sock;
+    message.descriptor = req->data.bind_socket.sock;
+    flags |= SCK_FLAG_MSG_DESCRIPTOR;
   }
 
-  if (sendmsg(helper_fd, &msg, 0) < 0) {
+  if (!SCK_SendMessage(helper_fd, &message, flags)) {
     /* don't try to send another request from exit() */
     helper_fd = -1;
     LOG_FATAL("Could not send to helper : %s", strerror(errno));
@@ -573,13 +541,14 @@ PRV_SetTime(const struct timeval *tp, const struct timezone *tzp)
 int
 PRV_BindSocket(int sock, struct sockaddr *address, socklen_t address_len)
 {
+  IPSockAddr ip_saddr;
   PrvRequest req;
   PrvResponse res;
-  IPAddr ip;
-  unsigned short port;
 
-  UTI_SockaddrToIPAndPort(address, &ip, &port);
-  assert(!port || port == CNF_GetNTPPort());
+  SCK_SockaddrToIPSockAddr(address, address_len, &ip_saddr);
+  if (ip_saddr.port != 0 && ip_saddr.port != CNF_GetNTPPort() &&
+      ip_saddr.port != CNF_GetAcquisitionPort())
+    assert(0);
 
   if (!have_helper())
     return bind(sock, address, address_len);
@@ -588,6 +557,7 @@ PRV_BindSocket(int sock, struct sockaddr *address, socklen_t address_len)
   req.op = OP_BINDSOCKET;
   req.data.bind_socket.sock = sock;
   req.data.bind_socket.sa_len = address_len;
+  assert(address_len <= sizeof (req.data.bind_socket.sa));
   memcpy(&req.data.bind_socket.sa.u, address, address_len);
 
   submit_request(&req, &res);
@@ -615,7 +585,6 @@ PRV_Name2IPAddress(const char *name, IPAddr *ip_addrs, int max_addrs)
   req.op = OP_NAME2IPADDRESS;
   if (snprintf(req.data.name_to_ipaddress.name, sizeof (req.data.name_to_ipaddress.name),
                "%s", name) >= sizeof (req.data.name_to_ipaddress.name)) {
-    DEBUG_LOG("Name too long");
     return DNS_Failure;
   }
 
@@ -669,20 +638,12 @@ void
 PRV_StartHelper(void)
 {
   pid_t pid;
-  int fd, sock_pair[2];
+  int fd, sock_fd1, sock_fd2;
 
   if (have_helper())
     LOG_FATAL("Helper already running");
 
-  if (
-#ifdef SOCK_SEQPACKET
-      socketpair(AF_UNIX, SOCK_SEQPACKET, 0, sock_pair) &&
-#endif
-      socketpair(AF_UNIX, SOCK_DGRAM, 0, sock_pair))
-    LOG_FATAL("socketpair() failed : %s", strerror(errno));
-
-  UTI_FdSetCloexec(sock_pair[0]);
-  UTI_FdSetCloexec(sock_pair[1]);
+  sock_fd1 = SCK_OpenUnixSocketPair(SCK_FLAG_BLOCK, &sock_fd2);
 
   pid = fork();
   if (pid < 0)
@@ -690,23 +651,24 @@ PRV_StartHelper(void)
 
   if (pid == 0) {
     /* child process */
-    close(sock_pair[0]);
+    SCK_CloseSocket(sock_fd1);
 
-    /* close other descriptors inherited from the parent process */
-    for (fd = 0; fd < 1024; fd++) {
-      if (fd != sock_pair[1])
+    /* close other descriptors inherited from the parent process, except
+       stdin, stdout, and stderr */
+    for (fd = STDERR_FILENO + 1; fd < 1024; fd++) {
+      if (fd != sock_fd2)
         close(fd);
     }
 
     /* ignore signals, the process will exit on OP_QUIT request */
-    UTI_SetQuitSignalsHandler(SIG_IGN);
+    UTI_SetQuitSignalsHandler(SIG_IGN, 1);
 
-    helper_main(sock_pair[1]);
+    helper_main(sock_fd2);
 
   } else {
     /* parent process */
-    close(sock_pair[1]);
-    helper_fd = sock_pair[0];
+    SCK_CloseSocket(sock_fd2);
+    helper_fd = sock_fd1;
     helper_pid = pid;
 
     /* stop the helper even when not exiting cleanly from the main function */

refclock.c

@@ -2,7 +2,7 @@
   chronyd/chronyc - Programs for keeping computer clocks accurate.
 
  **********************************************************************
- * Copyright (C) Miroslav Lichvar  2009-2011, 2013-2014, 2016-2017
+ * Copyright (C) Miroslav Lichvar  2009-2011, 2013-2014, 2016-2019
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -37,6 +37,7 @@
 #include "sources.h"
 #include "logging.h"
 #include "regress.h"
+#include "samplefilt.h"
 #include "sched.h"
 
 /* list of refclock drivers */
@@ -79,13 +80,15 @@ struct RCL_Instance_Record {
   int pps_rate;
   int pps_active;
   int max_lock_age;
-  struct MedianFilter filter;
+  int stratum;
+  int tai;
   uint32_t ref_id;
   uint32_t lock_ref;
   double offset;
   double delay;
   double precision;
   double pulse_width;
+  SPF_Instance filter;
   SCH_TimeoutID timeout_id;
   SRC_Instance source;
 };
@@ -103,18 +106,6 @@ static void slew_samples(struct timespec *raw, struct timespec *cooked, double d
 static void add_dispersion(double dispersion, void *anything);
 static void log_sample(RCL_Instance instance, struct timespec *sample_time, int filtered, int pulse, double raw_offset, double cooked_offset, double dispersion);
 
-static void filter_init(struct MedianFilter *filter, int length, double max_dispersion);
-static void filter_fini(struct MedianFilter *filter);
-static void filter_reset(struct MedianFilter *filter);
-static double filter_get_avg_sample_dispersion(struct MedianFilter *filter);
-static void filter_add_sample(struct MedianFilter *filter, struct timespec *sample_time, double offset, double dispersion);
-static int filter_get_last_sample(struct MedianFilter *filter, struct timespec *sample_time, double *offset, double *dispersion);
-static int filter_get_samples(struct MedianFilter *filter);
-static int filter_select_samples(struct MedianFilter *filter);
-static int filter_get_sample(struct MedianFilter *filter, struct timespec *sample_time, double *offset, double *dispersion);
-static void filter_slew_samples(struct MedianFilter *filter, struct timespec *when, double dfreq, double doffset);
-static void filter_add_dispersion(struct MedianFilter *filter, double dispersion);
-
 static RCL_Instance
 get_refclock(unsigned int index)
 {
@@ -149,7 +140,7 @@ RCL_Finalise(void)
     if (inst->driver->fini)
       inst->driver->fini(inst);
 
-    filter_fini(&inst->filter);
+    SPF_DestroyInstance(inst->filter);
     Free(inst->driver_parameter);
     SRC_DestroyInstance(inst->source);
     Free(inst);
@@ -181,13 +172,13 @@ RCL_AddRefclock(RefclockParameters *params)
     inst->driver = &RCL_PHC_driver;
   } else {
     LOG_FATAL("unknown refclock driver %s", params->driver_name);
-    return 0;
   }
 
-  if (!inst->driver->init && !inst->driver->poll) {
+  if (!inst->driver->init && !inst->driver->poll)
     LOG_FATAL("refclock driver %s is not compiled in", params->driver_name);
-    return 0;
-  }
+
+  if (params->tai && !CNF_GetLeapSecTimezone())
+    LOG_FATAL("refclock tai option requires leapsectz");
 
   inst->data = NULL;
   inst->driver_parameter = params->driver_parameter;
@@ -200,6 +191,8 @@ RCL_AddRefclock(RefclockParameters *params)
   inst->pps_rate = params->pps_rate;
   inst->pps_active = 0;
   inst->max_lock_age = params->max_lock_age;
+  inst->stratum = params->stratum;
+  inst->tai = params->tai;
   inst->lock_ref = params->lock_ref_id;
   inst->offset = params->offset;
   inst->delay = params->delay;
@@ -251,13 +244,14 @@ RCL_AddRefclock(RefclockParameters *params)
     }
   }
 
-  if (inst->driver->init)
-    if (!inst->driver->init(inst)) {
-      LOG_FATAL("refclock %s initialisation failed", params->driver_name);
-      return 0;
-    }
+  if (inst->driver->init && !inst->driver->init(inst))
+    LOG_FATAL("refclock %s initialisation failed", params->driver_name);
 
-  filter_init(&inst->filter, params->filter_length, params->max_dispersion);
+  /* Require the filter to have at least 4 samples to produce a filtered
+     sample, or be full for shorter lengths, and combine 60% of samples
+     closest to the median */
+  inst->filter = SPF_CreateInstance(MIN(params->filter_length, 4), params->filter_length,
+                                    params->max_dispersion, 0.6);
 
   inst->source = SRC_CreateNewInstance(inst->ref_id, SRC_REFCLOCK, params->sel_options, NULL,
                                        params->min_samples, params->max_samples, 0.0, 0.0);
@@ -331,31 +325,106 @@ RCL_GetDriverParameter(RCL_Instance instance)
   return instance->driver_parameter;
 }
 
+static char *
+get_next_driver_option(RCL_Instance instance, char *option)
+{
+  if (option == NULL)
+    option = instance->driver_parameter;
+
+  option += strlen(option) + 1;
+
+  if (option >= instance->driver_parameter + instance->driver_parameter_length)
+    return NULL;
+
+  return option;
+}
+
+void
+RCL_CheckDriverOptions(RCL_Instance instance, const char **options)
+{
+  char *option;
+  int i, len;
+
+  for (option = get_next_driver_option(instance, NULL);
+       option;
+       option = get_next_driver_option(instance, option)) {
+    for (i = 0; options && options[i]; i++) {
+      len = strlen(options[i]);
+      if (!strncmp(options[i], option, len) &&
+          (option[len] == '=' || option[len] == '\0'))
+        break;
+    }
+
+    if (!options || !options[i])
+      LOG_FATAL("Invalid refclock driver option %s", option);
+  }
+}
+
 char *
 RCL_GetDriverOption(RCL_Instance instance, char *name)
 {
-  char *s, *e;
-  int n;
+  char *option;
+  int len;
 
-  s = instance->driver_parameter;
-  e = s + instance->driver_parameter_length;
-  n = strlen(name);
+  len = strlen(name);
 
-  while (1) {
-    s += strlen(s) + 1;
-    if (s >= e)
-      break;
-    if (!strncmp(name, s, n)) {
-      if (s[n] == '=')
-        return s + n + 1;
-      if (s[n] == '\0')
-        return s + n;
+  for (option = get_next_driver_option(instance, NULL);
+       option;
+       option = get_next_driver_option(instance, option)) {
+    if (!strncmp(name, option, len)) {
+      if (option[len] == '=')
+        return option + len + 1;
+      if (option[len] == '\0')
+        return option + len;
     }
   }
 
   return NULL;
 }
 
+static int
+convert_tai_offset(struct timespec *sample_time, double *offset)
+{
+  struct timespec tai_ts, utc_ts;
+  int tai_offset;
+
+  /* Get approximate TAI-UTC offset for the reference time in TAI */
+  UTI_AddDoubleToTimespec(sample_time, *offset, &tai_ts);
+  tai_offset = REF_GetTaiOffset(&tai_ts);
+
+  /* Get TAI-UTC offset for the reference time in UTC +/- 1 second */
+  UTI_AddDoubleToTimespec(&tai_ts, -tai_offset, &utc_ts);
+  tai_offset = REF_GetTaiOffset(&utc_ts);
+
+  if (!tai_offset)
+    return 0;
+
+  *offset -= tai_offset;
+
+  return 1;
+}
+
+static int
+accumulate_sample(RCL_Instance instance, struct timespec *sample_time, double offset, double dispersion)
+{
+  NTP_Sample sample;
+
+  sample.time = *sample_time;
+  sample.offset = offset;
+  sample.peer_delay = instance->delay;
+  sample.root_delay = instance->delay;
+  sample.peer_dispersion = dispersion;
+  sample.root_dispersion = dispersion;
+
+  /* Handle special case when PPS is used with the local reference */
+  if (instance->pps_active && instance->lock_ref == -1)
+    sample.stratum = pps_stratum(instance, &sample.time);
+  else
+    sample.stratum = instance->stratum;
+
+  return SPF_AccumulateSample(instance->filter, &sample);
+}
+
 int
 RCL_AddSample(RCL_Instance instance, struct timespec *sample_time, double offset, int leap)
 {
@@ -385,7 +454,15 @@ RCL_AddSample(RCL_Instance instance, struct timespec *sample_time, double offset
       return 0;
   }
 
-  filter_add_sample(&instance->filter, &cooked_time, offset - correction + instance->offset, dispersion);
+  if (instance->tai && !convert_tai_offset(sample_time, &offset)) {
+    DEBUG_LOG("refclock sample ignored unknown TAI offset");
+    return 0;
+  }
+
+  if (!accumulate_sample(instance, &cooked_time,
+                         offset - correction + instance->offset, dispersion))
+    return 0;
+
   instance->pps_active = 0;
 
   log_sample(instance, &cooked_time, 0, 0, offset, offset - correction + instance->offset, dispersion);
@@ -461,20 +538,19 @@ RCL_AddCookedPulse(RCL_Instance instance, struct timespec *cooked_time,
 
   if (instance->lock_ref != -1) {
     RCL_Instance lock_refclock;
-    struct timespec ref_sample_time;
-    double sample_diff, ref_offset, ref_dispersion, shift;
+    NTP_Sample ref_sample;
+    double sample_diff, shift;
 
     lock_refclock = get_refclock(instance->lock_ref);
 
-    if (!filter_get_last_sample(&lock_refclock->filter,
-          &ref_sample_time, &ref_offset, &ref_dispersion)) {
+    if (!SPF_GetLastSample(lock_refclock->filter, &ref_sample)) {
       DEBUG_LOG("refclock pulse ignored no ref sample");
       return 0;
     }
 
-    ref_dispersion += filter_get_avg_sample_dispersion(&lock_refclock->filter);
+    ref_sample.root_dispersion += SPF_GetAvgSampleDispersion(lock_refclock->filter);
 
-    sample_diff = UTI_DiffTimespecsToDouble(cooked_time, &ref_sample_time);
+    sample_diff = UTI_DiffTimespecsToDouble(cooked_time, &ref_sample.time);
     if (fabs(sample_diff) >= (double)instance->max_lock_age / rate) {
       DEBUG_LOG("refclock pulse ignored samplediff=%.9f",
           sample_diff);
@@ -482,26 +558,27 @@ RCL_AddCookedPulse(RCL_Instance instance, struct timespec *cooked_time,
     }
 
     /* Align the offset to the reference sample */
-    if ((ref_offset - offset) >= 0.0)
-      shift = (long)((ref_offset - offset) * rate + 0.5) / (double)rate;
+    if ((ref_sample.offset - offset) >= 0.0)
+      shift = (long)((ref_sample.offset - offset) * rate + 0.5) / (double)rate;
     else
-      shift = (long)((ref_offset - offset) * rate - 0.5) / (double)rate;
+      shift = (long)((ref_sample.offset - offset) * rate - 0.5) / (double)rate;
 
     offset += shift;
 
-    if (fabs(ref_offset - offset) + ref_dispersion + dispersion >= 0.2 / rate) {
+    if (fabs(ref_sample.offset - offset) +
+        ref_sample.root_dispersion + dispersion >= 0.2 / rate) {
       DEBUG_LOG("refclock pulse ignored offdiff=%.9f refdisp=%.9f disp=%.9f",
-          ref_offset - offset, ref_dispersion, dispersion);
+                ref_sample.offset - offset, ref_sample.root_dispersion, dispersion);
       return 0;
     }
 
-    if (!check_pulse_edge(instance, ref_offset - offset, 0.0))
+    if (!check_pulse_edge(instance, ref_sample.offset - offset, 0.0))
       return 0;
 
     leap = lock_refclock->leap_status;
 
     DEBUG_LOG("refclock pulse offset=%.9f offdiff=%.9f samplediff=%.9f",
-              offset, ref_offset - offset, sample_diff);
+              offset, ref_sample.offset - offset, sample_diff);
   } else {
     struct timespec ref_time;
     int is_synchronised, stratum;
@@ -519,7 +596,7 @@ RCL_AddCookedPulse(RCL_Instance instance, struct timespec *cooked_time,
       DEBUG_LOG("refclock pulse ignored offset=%.9f sync=%d dist=%.9f",
                 offset, leap != LEAP_Unsynchronised, distance);
       /* Drop also all stored samples */
-      filter_reset(&instance->filter);
+      SPF_DropSamples(instance->filter);
       return 0;
     }
 
@@ -527,7 +604,9 @@ RCL_AddCookedPulse(RCL_Instance instance, struct timespec *cooked_time,
       return 0;
   }
 
-  filter_add_sample(&instance->filter, cooked_time, offset, dispersion);
+  if (!accumulate_sample(instance, cooked_time, offset, dispersion))
+    return 0;
+
   instance->leap_status = leap;
   instance->pps_active = 1;
 
@@ -556,17 +635,13 @@ RCL_GetDriverPoll(RCL_Instance instance)
 static int
 valid_sample_time(RCL_Instance instance, struct timespec *sample_time)
 {
-  struct timespec now, last_sample_time;
-  double diff, last_offset, last_dispersion;
+  struct timespec now;
+  double diff;
 
   LCL_ReadCookedTime(&now, NULL);
   diff = UTI_DiffTimespecsToDouble(&now, sample_time);
 
-  if (diff < 0.0 || diff > UTI_Log2ToDouble(instance->poll + 1) ||
-      (filter_get_samples(&instance->filter) > 0 &&
-       filter_get_last_sample(&instance->filter, &last_sample_time,
-                              &last_offset, &last_dispersion) &&
-       UTI_CompareTimespecs(&last_sample_time, sample_time) >= 0)) {
+  if (diff < 0.0 || diff > UTI_Log2ToDouble(instance->poll + 1)) {
     DEBUG_LOG("%s refclock sample time %s not valid age=%.6f",
               UTI_RefidToString(instance->ref_id),
               UTI_TimespecToString(sample_time), diff);
@@ -610,6 +685,7 @@ pps_stratum(RCL_Instance instance, struct timespec *ts)
 static void
 poll_timeout(void *arg)
 {
+  NTP_Sample sample;
   int poll;
 
   RCL_Instance inst = (RCL_Instance)arg;
@@ -623,26 +699,15 @@ poll_timeout(void *arg)
   }
   
   if (!(inst->driver->poll && inst->driver_polled < (1 << (inst->poll - inst->driver_poll)))) {
-    double offset, dispersion;
-    struct timespec sample_time;
-    int sample_ok, stratum;
-
-    sample_ok = filter_get_sample(&inst->filter, &sample_time, &offset, &dispersion);
     inst->driver_polled = 0;
 
-    if (sample_ok) {
-      if (inst->pps_active && inst->lock_ref == -1)
-        /* Handle special case when PPS is used with local stratum */
-        stratum = pps_stratum(inst, &sample_time);
-      else
-        stratum = 0;
-
+    if (SPF_GetFilteredSample(inst->filter, &sample)) {
       SRC_UpdateReachability(inst->source, 1);
-      SRC_AccumulateSample(inst->source, &sample_time, offset,
-          inst->delay, dispersion, inst->delay, dispersion, stratum, inst->leap_status);
+      SRC_SetLeapStatus(inst->source, inst->leap_status);
+      SRC_AccumulateSample(inst->source, &sample);
       SRC_SelectSource(inst->source);
 
-      log_sample(inst, &sample_time, 1, 0, 0.0, offset, dispersion);
+      log_sample(inst, &sample.time, 1, 0, 0.0, sample.offset, sample.peer_dispersion);
     } else {
       SRC_UpdateReachability(inst->source, 0);
     }
@@ -659,9 +724,9 @@ slew_samples(struct timespec *raw, struct timespec *cooked, double dfreq,
 
   for (i = 0; i < ARR_GetSize(refclocks); i++) {
     if (change_type == LCL_ChangeUnknownStep)
-      filter_reset(&get_refclock(i)->filter);
+      SPF_DropSamples(get_refclock(i)->filter);
     else
-      filter_slew_samples(&get_refclock(i)->filter, cooked, dfreq, doffset);
+      SPF_SlewSamples(get_refclock(i)->filter, cooked, dfreq, doffset);
   }
 }
 
@@ -671,7 +736,7 @@ add_dispersion(double dispersion, void *anything)
   unsigned int i;
 
   for (i = 0; i < ARR_GetSize(refclocks); i++)
-    filter_add_dispersion(&get_refclock(i)->filter, dispersion);
+    SPF_AddDispersion(get_refclock(i)->filter, dispersion);
 }
 
 static void
@@ -703,320 +768,3 @@ log_sample(RCL_Instance instance, struct timespec *sample_time, int filtered, in
       dispersion);
   }
 }
-
-static void
-filter_init(struct MedianFilter *filter, int length, double max_dispersion)
-{
-  if (length < 1)
-    length = 1;
-
-  filter->length = length;
-  filter->index = -1;
-  filter->used = 0;
-  filter->last = -1;
-  /* set first estimate to system precision */
-  filter->avg_var_n = 0;
-  filter->avg_var = LCL_GetSysPrecisionAsQuantum() * LCL_GetSysPrecisionAsQuantum();
-  filter->max_var = max_dispersion * max_dispersion;
-  filter->samples = MallocArray(struct FilterSample, filter->length);
-  filter->selected = MallocArray(int, filter->length);
-  filter->x_data = MallocArray(double, filter->length);
-  filter->y_data = MallocArray(double, filter->length);
-  filter->w_data = MallocArray(double, filter->length);
-}
-
-static void
-filter_fini(struct MedianFilter *filter)
-{
-  Free(filter->samples);
-  Free(filter->selected);
-  Free(filter->x_data);
-  Free(filter->y_data);
-  Free(filter->w_data);
-}
-
-static void
-filter_reset(struct MedianFilter *filter)
-{
-  filter->index = -1;
-  filter->used = 0;
-}
-
-static double
-filter_get_avg_sample_dispersion(struct MedianFilter *filter)
-{
-  return sqrt(filter->avg_var);
-}
-
-static void
-filter_add_sample(struct MedianFilter *filter, struct timespec *sample_time, double offset, double dispersion)
-{
-  filter->index++;
-  filter->index %= filter->length;
-  filter->last = filter->index;
-  if (filter->used < filter->length)
-    filter->used++;
-
-  filter->samples[filter->index].sample_time = *sample_time;
-  filter->samples[filter->index].offset = offset;
-  filter->samples[filter->index].dispersion = dispersion;
-
-  DEBUG_LOG("filter sample %d t=%s offset=%.9f dispersion=%.9f",
-      filter->index, UTI_TimespecToString(sample_time), offset, dispersion);
-}
-
-static int
-filter_get_last_sample(struct MedianFilter *filter, struct timespec *sample_time, double *offset, double *dispersion)
-{
-  if (filter->last < 0)
-    return 0;
-
-  *sample_time = filter->samples[filter->last].sample_time;
-  *offset = filter->samples[filter->last].offset;
-  *dispersion = filter->samples[filter->last].dispersion;
-  return 1;
-}
-
-static int
-filter_get_samples(struct MedianFilter *filter)
-{
-  return filter->used;
-}
-
-static const struct FilterSample *tmp_sorted_array;
-
-static int
-sample_compare(const void *a, const void *b)
-{
-  const struct FilterSample *s1, *s2;
-
-  s1 = &tmp_sorted_array[*(int *)a];
-  s2 = &tmp_sorted_array[*(int *)b];
-
-  if (s1->offset < s2->offset)
-    return -1;
-  else if (s1->offset > s2->offset)
-    return 1;
-  return 0;
-}
-
-int
-filter_select_samples(struct MedianFilter *filter)
-{
-  int i, j, k, o, from, to, *selected;
-  double min_dispersion;
-
-  if (filter->used < 1)
-    return 0;
-
-  /* for lengths below 4 require full filter,
-     for 4 and above require at least 4 samples */
-  if ((filter->length < 4 && filter->used != filter->length) ||
-      (filter->length >= 4 && filter->used < 4))
-    return 0;
-
-  selected = filter->selected;
-
-  if (filter->used > 4) {
-    /* select samples with dispersion better than 1.5 * minimum */
-
-    for (i = 1, min_dispersion = filter->samples[0].dispersion; i < filter->used; i++) {
-      if (min_dispersion > filter->samples[i].dispersion)
-        min_dispersion = filter->samples[i].dispersion;
-    }
-
-    for (i = j = 0; i < filter->used; i++) {
-      if (filter->samples[i].dispersion <= 1.5 * min_dispersion)
-        selected[j++] = i;
-    }
-  } else {
-    j = 0;
-  }
-
-  if (j < 4) {
-    /* select all samples */
-
-    for (j = 0; j < filter->used; j++)
-      selected[j] = j;
-  }
-
-  /* and sort their indices by offset */
-  tmp_sorted_array = filter->samples;
-  qsort(selected, j, sizeof (int), sample_compare);
-
-  /* select 60 percent of the samples closest to the median */ 
-  if (j > 2) {
-    from = j / 5;
-    if (from < 1)
-      from = 1;
-    to = j - from;
-  } else {
-    from = 0;
-    to = j;
-  }
-
-  /* mark unused samples and sort the rest from oldest to newest */
-
-  o = filter->used - filter->index - 1;
-
-  for (i = 0; i < from; i++)
-    selected[i] = -1;
-  for (; i < to; i++)
-    selected[i] = (selected[i] + o) % filter->used;
-  for (; i < filter->used; i++)
-    selected[i] = -1;
-
-  for (i = from; i < to; i++) {
-    j = selected[i];
-    selected[i] = -1;
-    while (j != -1 && selected[j] != j) {
-      k = selected[j];
-      selected[j] = j;
-      j = k;
-    }
-  }
-
-  for (i = j = 0, k = -1; i < filter->used; i++) {
-    if (selected[i] != -1)
-      selected[j++] = (selected[i] + filter->used - o) % filter->used;
-  }
-
-  return j;
-}
-
-static int
-filter_get_sample(struct MedianFilter *filter, struct timespec *sample_time, double *offset, double *dispersion)
-{
-  struct FilterSample *s, *ls;
-  int i, n, dof;
-  double x, y, d, e, var, prev_avg_var;
-
-  n = filter_select_samples(filter);
-
-  if (n < 1)
-    return 0;
-
-  ls = &filter->samples[filter->selected[n - 1]];
-
-  /* prepare data */
-  for (i = 0; i < n; i++) {
-    s = &filter->samples[filter->selected[i]];
-
-    filter->x_data[i] = UTI_DiffTimespecsToDouble(&s->sample_time, &ls->sample_time);
-    filter->y_data[i] = s->offset;
-    filter->w_data[i] = s->dispersion;
-  }
-
-  /* mean offset, sample time and sample dispersion */ 
-  for (i = 0, x = y = e = 0.0; i < n; i++) {
-    x += filter->x_data[i];
-    y += filter->y_data[i];
-    e += filter->w_data[i];
-  }
-  x /= n;
-  y /= n;
-  e /= n;
-
-  if (n >= 4) {
-    double b0, b1, s2, sb0, sb1;
-
-    /* set y axis to the mean sample time */
-    for (i = 0; i < n; i++)
-      filter->x_data[i] -= x;
-
-    /* make a linear fit and use the estimated standard deviation of intercept
-       as dispersion */
-    RGR_WeightedRegression(filter->x_data, filter->y_data, filter->w_data, n,
-        &b0, &b1, &s2, &sb0, &sb1);
-    var = s2;
-    d = sb0;
-    dof = n - 2;
-  } else if (n >= 2) {
-    for (i = 0, d = 0.0; i < n; i++)
-      d += (filter->y_data[i] - y) * (filter->y_data[i] - y);
-    var = d / (n - 1);
-    d = sqrt(var);
-    dof = n - 1;
-  } else {
-    var = filter->avg_var;
-    d = sqrt(var);
-    dof = 1;
-  }
-
-  /* avoid having zero dispersion */
-  if (var < 1e-20) {
-    var = 1e-20;
-    d = sqrt(var);
-  }
-
-  /* drop the sample if variance is larger than allowed maximum */
-  if (filter->max_var > 0.0 && var > filter->max_var) {
-    DEBUG_LOG("filter dispersion too large disp=%.9f max=%.9f",
-        sqrt(var), sqrt(filter->max_var));
-    return 0;
-  }
-
-  prev_avg_var = filter->avg_var;
-
-  /* update exponential moving average of the variance */
-  if (filter->avg_var_n > 50) {
-    filter->avg_var += dof / (dof + 50.0) * (var - filter->avg_var);
-  } else {
-    filter->avg_var = (filter->avg_var * filter->avg_var_n + var * dof) /
-      (dof + filter->avg_var_n);
-    if (filter->avg_var_n == 0)
-      prev_avg_var = filter->avg_var;
-    filter->avg_var_n += dof;
-  }
-
-  /* reduce noise in sourcestats weights by using the long-term average
-     instead of the estimated variance if it's not significantly lower */
-  if (var * dof / RGR_GetChi2Coef(dof) < prev_avg_var)
-    d = sqrt(filter->avg_var) * d / sqrt(var);
-
-  if (d < e)
-    d = e;
-
-  UTI_AddDoubleToTimespec(&ls->sample_time, x, sample_time);
-  *offset = y;
-  *dispersion = d;
-
-  filter_reset(filter);
-
-  return 1;
-}
-
-static void
-filter_slew_samples(struct MedianFilter *filter, struct timespec *when, double dfreq, double doffset)
-{
-  int i, first, last;
-  double delta_time;
-  struct timespec *sample;
-
-  if (filter->last < 0)
-    return;
-
-  /* always slew the last sample as it may be needed by PPS refclocks */
-  if (filter->used > 0) {
-    first = 0;
-    last = filter->used - 1;
-  } else {
-    first = last = filter->last;
-  }
-
-  for (i = first; i <= last; i++) {
-    sample = &filter->samples[i].sample_time;
-    UTI_AdjustTimespec(sample, when, sample, &delta_time, dfreq, doffset);
-    filter->samples[i].offset -= delta_time;
-  }
-}
-
-static void
-filter_add_dispersion(struct MedianFilter *filter, double dispersion)
-{
-  int i;
-
-  for (i = 0; i < filter->used; i++) {
-    filter->samples[i].dispersion += dispersion;
-  }
-}

refclock.h

@@ -43,6 +43,8 @@ typedef struct {
   int max_samples;
   int sel_options;
   int max_lock_age;
+  int stratum;
+  int tai;
   uint32_t ref_id;
   uint32_t lock_ref_id;
   double offset;
@@ -70,6 +72,7 @@ extern void RCL_ReportSource(RPT_SourceReport *report, struct timespec *now);
 extern void RCL_SetDriverData(RCL_Instance instance, void *data);
 extern void *RCL_GetDriverData(RCL_Instance instance);
 extern char *RCL_GetDriverParameter(RCL_Instance instance);
+extern void RCL_CheckDriverOptions(RCL_Instance instance, const char **options);
 extern char *RCL_GetDriverOption(RCL_Instance instance, char *name);
 extern int RCL_AddSample(RCL_Instance instance, struct timespec *sample_time, double offset, int leap);
 extern int RCL_AddPulse(RCL_Instance instance, struct timespec *pulse_time, double second);

refclock_phc.c

@@ -56,10 +56,13 @@ static void read_ext_pulse(int sockfd, int event, void *anything);
 
 static int phc_initialise(RCL_Instance instance)
 {
+  const char *options[] = {"nocrossts", "extpps", "pin", "channel", "clear", NULL};
   struct phc_instance *phc;
   int phc_fd, rising_edge;
   char *path, *s;
 
+  RCL_CheckDriverOptions(instance, options);
+
   path = RCL_GetDriverParameter(instance);
  
   phc_fd = SYS_Linux_OpenPHC(path, 0);
@@ -80,7 +83,7 @@ static int phc_initialise(RCL_Instance instance)
     s = RCL_GetDriverOption(instance, "channel");
     phc->channel = s ? atoi(s) : 0;
     rising_edge = RCL_GetDriverOption(instance, "clear") ? 0 : 1;
-    phc->clock = HCL_CreateInstance(UTI_Log2ToDouble(RCL_GetDriverPoll(instance)));
+    phc->clock = HCL_CreateInstance(0, 16, UTI_Log2ToDouble(RCL_GetDriverPoll(instance)));
 
     if (!SYS_Linux_SetPHCExtTimestamping(phc->fd, phc->pin, phc->channel,
                                          rising_edge, !rising_edge, 1))

refclock_pps.c

@@ -48,35 +48,38 @@ struct pps_instance {
 };
 
 static int pps_initialise(RCL_Instance instance) {
+  const char *options[] = {"clear", NULL};
   pps_handle_t handle;
   pps_params_t params;
   struct pps_instance *pps;
   int fd, edge_clear, mode;
   char *path;
 
+  RCL_CheckDriverOptions(instance, options);
+
   path = RCL_GetDriverParameter(instance);
   edge_clear = RCL_GetDriverOption(instance, "clear") ? 1 : 0;
 
   fd = open(path, O_RDWR);
   if (fd < 0) {
-    LOG_FATAL("open() failed on %s", path);
+    LOG_FATAL("Could not open %s : %s", path, strerror(errno));
     return 0;
   }
 
   UTI_FdSetCloexec(fd);
 
   if (time_pps_create(fd, &handle) < 0) {
-    LOG_FATAL("time_pps_create() failed on %s", path);
+    LOG_FATAL("time_pps_create() failed on %s : %s", path, strerror(errno));
     return 0;
   }
 
   if (time_pps_getcap(handle, &mode) < 0) {
-    LOG_FATAL("time_pps_getcap() failed on %s", path);
+    LOG_FATAL("time_pps_getcap() failed on %s : %s", path, strerror(errno));
     return 0;
   }
 
   if (time_pps_getparams(handle, &params) < 0) {
-    LOG_FATAL("time_pps_getparams() failed on %s", path);
+    LOG_FATAL("time_pps_getparams() failed on %s : %s", path, strerror(errno));
     return 0;
   }
 
@@ -97,7 +100,7 @@ static int pps_initialise(RCL_Instance instance) {
   }
 
   if (time_pps_setparams(handle, &params) < 0) {
-    LOG_FATAL("time_pps_setparams() failed on %s", path);
+    LOG_FATAL("time_pps_setparams() failed on %s : %s", path, strerror(errno));
     return 0;
   }
 
@@ -147,7 +150,7 @@ static int pps_poll(RCL_Instance instance)
 
   if (seq == pps->last_seq || UTI_IsZeroTimespec(&ts)) {
     DEBUG_LOG("PPS sample ignored seq=%lu ts=%s",
-              seq, UTI_TimespecToString(&ts));
+              (unsigned long)seq, UTI_TimespecToString(&ts));
     return 0;
   }
 

refclock_shm.c

@@ -59,23 +59,26 @@ struct shmTime {
 };
 
 static int shm_initialise(RCL_Instance instance) {
+  const char *options[] = {"perm", NULL};
   int id, param, perm;
   char *s;
   struct shmTime *shm;
 
+  RCL_CheckDriverOptions(instance, options);
+
   param = atoi(RCL_GetDriverParameter(instance));
   s = RCL_GetDriverOption(instance, "perm");
   perm = s ? strtol(s, NULL, 8) & 0777 : 0600;
 
   id = shmget(SHMKEY + param, sizeof (struct shmTime), IPC_CREAT | perm);
   if (id == -1) {
-    LOG_FATAL("shmget() failed");
+    LOG_FATAL("shmget() failed : %s", strerror(errno));
     return 0;
   }
    
   shm = (struct shmTime *)shmat(id, 0, 0);
   if ((long)shm == -1) {
-    LOG_FATAL("shmat() failed");
+    LOG_FATAL("shmat() failed : %s", strerror(errno));
     return 0;
   }
 

refclock_sock.c

@@ -33,6 +33,7 @@
 #include "logging.h"
 #include "util.h"
 #include "sched.h"
+#include "socket.h"
 
 #define SOCK_MAGIC 0x534f434b
 
@@ -69,20 +70,19 @@ static void read_sample(int sockfd, int event, void *anything)
   s = recv(sockfd, &sample, sizeof (sample), 0);
 
   if (s < 0) {
-    LOG(LOGS_ERR, "Could not read SOCK sample : %s",
-        strerror(errno));
+    DEBUG_LOG("Could not read SOCK sample : %s", strerror(errno));
     return;
   }
 
   if (s != sizeof (sample)) {
-    LOG(LOGS_WARN, "Unexpected length of SOCK sample : %d != %ld",
-        s, (long)sizeof (sample));
+    DEBUG_LOG("Unexpected length of SOCK sample : %d != %ld",
+              s, (long)sizeof (sample));
     return;
   }
 
   if (sample.magic != SOCK_MAGIC) {
-    LOG(LOGS_WARN, "Unexpected magic number in SOCK sample : %x != %x",
-        sample.magic, SOCK_MAGIC);
+    DEBUG_LOG("Unexpected magic number in SOCK sample : %x != %x",
+              (unsigned int)sample.magic, (unsigned int)SOCK_MAGIC);
     return;
   }
 
@@ -98,31 +98,16 @@ static void read_sample(int sockfd, int event, void *anything)
 
 static int sock_initialise(RCL_Instance instance)
 {
-  struct sockaddr_un s;
   int sockfd;
   char *path;
 
+  RCL_CheckDriverOptions(instance, NULL);
+
   path = RCL_GetDriverParameter(instance);
  
-  s.sun_family = AF_UNIX;
-  if (snprintf(s.sun_path, sizeof (s.sun_path), "%s", path) >= sizeof (s.sun_path)) {
-    LOG_FATAL("path %s is too long", path);
-    return 0;
-  }
-
-  sockfd = socket(AF_UNIX, SOCK_DGRAM, 0);
-  if (sockfd < 0) {
-    LOG_FATAL("socket() failed");
-    return 0;
-  }
-
-  UTI_FdSetCloexec(sockfd);
-
-  unlink(path);
-  if (bind(sockfd, (struct sockaddr *)&s, sizeof (s)) < 0) {
-    LOG_FATAL("bind() failed");
-    return 0;
-  }
+  sockfd = SCK_OpenUnixDatagramSocket(NULL, path, 0);
+  if (sockfd < 0)
+    LOG_FATAL("Could not open socket %s", path);
 
   RCL_SetDriverData(instance, (void *)(long)sockfd);
   SCH_AddFileHandler(sockfd, SCH_FILE_INPUT, read_sample, instance);
@@ -135,7 +120,8 @@ static void sock_finalise(RCL_Instance instance)
 
   sockfd = (long)RCL_GetDriverData(instance);
   SCH_RemoveFileHandler(sockfd);
-  close(sockfd);
+  SCK_RemoveSocket(sockfd);
+  SCK_CloseSocket(sockfd);
 }
 
 RefclockDriver RCL_SOCK_driver = {

reference.c

@@ -3,7 +3,7 @@
 
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
- * Copyright (C) Miroslav Lichvar  2009-2017
+ * Copyright (C) Miroslav Lichvar  2009-2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -42,11 +42,18 @@
 /* The minimum allowed skew */
 #define MIN_SKEW 1.0e-12
 
+/* The update interval of the reference in the local reference mode */
+#define LOCAL_REF_UPDATE_INTERVAL 64.0
+
+/* Interval between updates of the drift file */
+#define MAX_DRIFTFILE_AGE 3600.0
+
 static int are_we_synchronised;
 static int enable_local_stratum;
 static int local_stratum;
 static int local_orphan;
 static double local_distance;
+static struct timespec local_ref_time;
 static NTP_Leap our_leap_status;
 static int our_leap_sec;
 static int our_tai_offset;
@@ -58,6 +65,8 @@ static double our_skew;
 static double our_residual_freq;
 static double our_root_delay;
 static double our_root_dispersion;
+static double our_offset_sd;
+static double our_frequency_sd;
 
 static double max_update_skew;
 
@@ -134,8 +143,8 @@ static struct fb_drift *fb_drifts = NULL;
 static int next_fb_drift;
 static SCH_TimeoutID fb_drift_timeout_id;
 
-/* Timestamp of last reference update */
-static struct timespec last_ref_update;
+/* Monotonic timestamp of the last reference update */
+static double last_ref_update;
 static double last_ref_update_interval;
 
 /* ================================================== */
@@ -160,9 +169,8 @@ handle_slew(struct timespec *raw,
     UTI_AdjustTimespec(&our_ref_time, cooked, &our_ref_time, &delta, dfreq, doffset);
 
   if (change_type == LCL_ChangeUnknownStep) {
-    UTI_ZeroTimespec(&last_ref_update);
-  } else if (last_ref_update.tv_sec) {
-    UTI_AdjustTimespec(&last_ref_update, cooked, &last_ref_update, &delta, dfreq, doffset);
+    last_ref_update = 0.0;
+    REF_SetUnsynchronised();
   }
 
   /* When the clock was stepped, check if that doesn't change our leap status
@@ -194,12 +202,14 @@ REF_Initialise(void)
   our_frequency_ppm = 0.0;
   our_skew = 1.0; /* i.e. rather bad */
   our_residual_freq = 0.0;
+  our_frequency_sd = 0.0;
+  our_offset_sd = 0.0;
   drift_file_age = 0.0;
 
   /* Now see if we can get the drift file opened */
   drift_file = CNF_GetDriftFile();
   if (drift_file) {
-    in = fopen(drift_file, "r");
+    in = UTI_OpenFile(NULL, drift_file, NULL, 'r', 0);
     if (in) {
       if (fscanf(in, "%lf%lf", &file_freq_ppm, &file_skew_ppm) == 2) {
         /* We have read valid data */
@@ -234,6 +244,7 @@ REF_Initialise(void)
   correction_time_ratio = CNF_GetCorrectionTimeRatio();
 
   enable_local_stratum = CNF_AllowLocalReference(&local_stratum, &local_orphan, &local_distance);
+  UTI_ZeroTimespec(&local_ref_time);
 
   leap_timeout_id = 0;
   leap_in_progress = 0;
@@ -269,7 +280,7 @@ REF_Initialise(void)
   }
 
   UTI_ZeroTimespec(&our_ref_time);
-  UTI_ZeroTimespec(&last_ref_update);
+  last_ref_update = 0.0;
   last_ref_update_interval = 0.0;
 
   LCL_AddParameterChangeHandler(handle_slew, NULL);
@@ -325,84 +336,26 @@ REF_GetLeapMode(void)
   return leap_mode;
 }
 
-/* ================================================== */
-
-static double
-Sqr(double x)
-{
-  return x*x;
-}
-
-/* ================================================== */
-#if 0
-static double
-Cube(double x)
-{
-  return x*x*x;
-}
-#endif
-
 /* ================================================== */
 /* Update the drift coefficients to the file. */
 
 static void
 update_drift_file(double freq_ppm, double skew)
 {
-  struct stat buf;
-  char *temp_drift_file;
   FILE *out;
-  int r1, r2;
 
   /* Create a temporary file with a '.tmp' extension. */
-
-  temp_drift_file = (char*) Malloc(strlen(drift_file)+8);
-
-  if(!temp_drift_file) {
+  out = UTI_OpenFile(NULL, drift_file, ".tmp", 'w', 0644);
+  if (!out)
     return;
-  }
-
-  strcpy(temp_drift_file,drift_file);
-  strcat(temp_drift_file,".tmp");
-
-  out = fopen(temp_drift_file, "w");
-  if (!out) {
-    Free(temp_drift_file);
-    LOG(LOGS_WARN, "Could not open temporary driftfile %s.tmp for writing",
-        drift_file);
-    return;
-  }
 
   /* Write the frequency and skew parameters in ppm */
-  r1 = fprintf(out, "%20.6f %20.6f\n", freq_ppm, 1.0e6 * skew);
-  r2 = fclose(out);
-  if (r1 < 0 || r2) {
-    Free(temp_drift_file);
-    LOG(LOGS_WARN, "Could not write to temporary driftfile %s.tmp",
-        drift_file);
-    return;
-  }
+  fprintf(out, "%20.6f %20.6f\n", freq_ppm, 1.0e6 * skew);
+  fclose(out);
 
-  /* Clone the file attributes from the existing file if there is one. */
-
-  if (!stat(drift_file,&buf)) {
-    if (chown(temp_drift_file,buf.st_uid,buf.st_gid) ||
-        chmod(temp_drift_file,buf.st_mode & 0777)) {
-      LOG(LOGS_WARN, "Could not change ownership or permissions of temporary driftfile %s.tmp",
-          drift_file);
-    }
-  }
-
-  /* Rename the temporary file to the correct location (see rename(2) for details). */
-
-  if (rename(temp_drift_file,drift_file)) {
-    unlink(temp_drift_file);
-    Free(temp_drift_file);
-    LOG(LOGS_WARN, "Could not replace old driftfile %s with new one %s.tmp",
-        drift_file,drift_file);
-    return;
-  }
-
-  Free(temp_drift_file);
+  /* Rename the temporary file to the correct location */
+  if (!UTI_RenameTempFile(NULL, drift_file, ".tmp", NULL))
+    ;
 }
 
 /* ================================================== */
@@ -468,16 +421,16 @@ fb_drift_timeout(void *arg)
 /* ================================================== */
 
 static void
-schedule_fb_drift(struct timespec *now)
+schedule_fb_drift(void)
 {
   int i, c, secs;
-  double unsynchronised;
-  struct timespec when;
+  double unsynchronised, now;
 
   if (fb_drift_timeout_id)
     return; /* already scheduled */
 
-  unsynchronised = UTI_DiffTimespecsToDouble(now, &last_ref_update);
+  now = SCH_GetLastEventMonoTime();
+  unsynchronised = now - last_ref_update;
 
   for (c = secs = 0, i = fb_drift_min; i <= fb_drift_max; i++) {
     secs = 1 << i;
@@ -499,8 +452,7 @@ schedule_fb_drift(struct timespec *now)
 
   if (i <= fb_drift_max) {
     next_fb_drift = i;
-    UTI_AddDoubleToTimespec(now, secs - unsynchronised, &when);
-    fb_drift_timeout_id = SCH_AddTimeout(&when, fb_drift_timeout, NULL);
+    fb_drift_timeout_id = SCH_AddTimeoutByDelay(secs - unsynchronised, fb_drift_timeout, NULL);
     DEBUG_LOG("Fallback drift %d scheduled", i);
   }
 }
@@ -528,7 +480,7 @@ maybe_log_offset(double offset, time_t now)
   double abs_offset;
   FILE *p;
   char buffer[BUFLEN], host[BUFLEN];
-  struct tm stm;
+  struct tm *tm;
 
   abs_offset = fabs(offset);
 
@@ -539,17 +491,25 @@ maybe_log_offset(double offset, time_t now)
 
   if (do_mail_change &&
       (abs_offset > mail_change_threshold)) {
-    snprintf(buffer, sizeof(buffer), "%s %." S_MAX_USER_LEN "s", MAIL_PROGRAM, mail_change_user);
+    snprintf(buffer, sizeof (buffer), "%s -t", MAIL_PROGRAM);
     p = popen(buffer, "w");
     if (p) {
       if (gethostname(host, sizeof(host)) < 0) {
         strcpy(host, "<UNKNOWN>");
       }
+      host[sizeof (host) - 1] = '\0';
+
+      fprintf(p, "To: %s\n", mail_change_user);
       fprintf(p, "Subject: chronyd reports change to system clock on node [%s]\n", host);
       fputs("\n", p);
-      stm = *localtime(&now);
-      strftime(buffer, sizeof(buffer), "On %A, %d %B %Y\n  with the system clock reading %H:%M:%S (%Z)", &stm);
-      fputs(buffer, p);
+
+      tm = localtime(&now);
+      if (tm) {
+        strftime(buffer, sizeof (buffer),
+                 "On %A, %d %B %Y\n  with the system clock reading %H:%M:%S (%Z)", tm);
+        fputs(buffer, p);
+      }
+
       /* If offset < 0 the local clock is slow, so we are applying a
          positive change to it to bring it into line, hence the
          negation of 'offset' in the next statement (and earlier) */
@@ -846,6 +806,20 @@ get_root_dispersion(struct timespec *ts)
 
 /* ================================================== */
 
+static void
+update_sync_status(struct timespec *now)
+{
+  double elapsed;
+
+  elapsed = fabs(UTI_DiffTimespecsToDouble(now, &our_ref_time));
+
+  LCL_SetSyncStatus(are_we_synchronised,
+                    our_offset_sd + elapsed * our_frequency_sd,
+                    our_root_delay / 2.0 + get_root_dispersion(now));
+}
+
+/* ================================================== */
+
 static void
 write_log(struct timespec *now, int combined_sources, double freq,
           double offset, double offset_sd, double uncorrected_offset,
@@ -929,34 +903,69 @@ special_mode_sync(int valid, double offset)
 
 /* ================================================== */
 
-void
-REF_SetReference(int stratum,
-                 NTP_Leap leap,
-                 int combined_sources,
-                 uint32_t ref_id,
-                 IPAddr *ref_ip,
-                 struct timespec *ref_time,
-                 double offset,
-                 double offset_sd,
-                 double frequency,
-                 double skew,
-                 double root_delay,
-                 double root_dispersion
-                 )
+static void
+get_clock_estimates(int manual,
+                    double measured_freq, double measured_skew,
+                    double *estimated_freq, double *estimated_skew,
+                    double *residual_freq)
+{
+  double gain, expected_freq, expected_skew, extra_skew;
+
+  /* We assume that the local clock is running according to our previously
+     determined value */
+  expected_freq = 0.0;
+  expected_skew = our_skew;
+
+  /* Set new frequency based on weighted average of the expected and measured
+     skew.  Disable updates that are based on totally unreliable frequency
+     information unless it is a manual reference. */
+  if (manual) {
+    gain = 1.0;
+  } else if (fabs(measured_skew) > max_update_skew) {
+    DEBUG_LOG("Skew %f too large to track", measured_skew);
+    gain = 0.0;
+  } else {
+    gain = 3.0 * SQUARE(expected_skew) /
+           (3.0 * SQUARE(expected_skew) + SQUARE(measured_skew));
+  }
+
+  gain = CLAMP(0.0, gain, 1.0);
+
+  *estimated_freq = expected_freq + gain * (measured_freq - expected_freq);
+  *residual_freq = measured_freq - *estimated_freq;
+
+  extra_skew = sqrt(SQUARE(expected_freq - *estimated_freq) * (1.0 - gain) +
+                    SQUARE(measured_freq - *estimated_freq) * gain);
+
+  *estimated_skew = expected_skew + gain * (measured_skew - expected_skew) + extra_skew;
+}
+
+/* ================================================== */
+
+static void
+fuzz_ref_time(struct timespec *ts)
+{
+  uint32_t rnd;
+
+  /* Add a random value from interval [-1.0, 0.0] */
+  UTI_GetRandomBytes(&rnd, sizeof (rnd));
+  UTI_AddDoubleToTimespec(ts, -(double)rnd / (uint32_t)-1, ts);
+}
+
+/* ================================================== */
+
+void
+REF_SetReference(int stratum, NTP_Leap leap, int combined_sources,
+                 uint32_t ref_id, IPAddr *ref_ip, struct timespec *ref_time,
+                 double offset, double offset_sd,
+                 double frequency, double frequency_sd, double skew,
+                 double root_delay, double root_dispersion)
 {
-  double previous_skew, new_skew;
-  double previous_freq, new_freq;
-  double old_weight, new_weight, sum_weight;
-  double delta_freq1, delta_freq2;
-  double skew1, skew2;
-  double our_offset;
-  double our_frequency;
-  double abs_freq_ppm;
-  double update_interval;
-  double elapsed, correction_rate, orig_root_distance;
   double uncorrected_offset, accumulate_offset, step_offset;
+  double residual_frequency, local_abs_frequency;
+  double elapsed, mono_now, update_interval, correction_rate, orig_root_distance;
   struct timespec now, raw_now;
-  NTP_int64 ref_fuzz;
+  int manual;
 
   assert(initialised);
 
@@ -966,23 +975,32 @@ REF_SetReference(int stratum,
     return;
   }
 
-  /* Guard against dividing by zero and NaN */
-  if (!(skew > MIN_SKEW))
-    skew = MIN_SKEW;
+  manual = leap == LEAP_Unsynchronised;
 
+  mono_now = SCH_GetLastEventMonoTime();
   LCL_ReadRawTime(&raw_now);
   LCL_GetOffsetCorrection(&raw_now, &uncorrected_offset, NULL);
   UTI_AddDoubleToTimespec(&raw_now, uncorrected_offset, &now);
 
   elapsed = UTI_DiffTimespecsToDouble(&now, ref_time);
-  our_offset = offset + elapsed * frequency;
+  offset += elapsed * frequency;
 
-  if (!is_offset_ok(our_offset))
+  if (last_ref_update != 0.0) {
+    update_interval = mono_now - last_ref_update;
+  } else {
+    update_interval = 0.0;
+  }
+
+  /* Get new estimates of the frequency and skew including the new data */
+  get_clock_estimates(manual, frequency, skew,
+                      &frequency, &skew, &residual_frequency);
+
+  if (!is_offset_ok(offset))
     return;
 
   orig_root_distance = our_root_delay / 2.0 + get_root_dispersion(&now);
 
-  are_we_synchronised = leap != LEAP_Unsynchronised ? 1 : 0;
+  are_we_synchronised = leap != LEAP_Unsynchronised;
   our_stratum = stratum + 1;
   our_ref_id = ref_id;
   if (ref_ip)
@@ -990,17 +1008,15 @@ REF_SetReference(int stratum,
   else
     our_ref_ip.family = IPADDR_UNSPEC;
   our_ref_time = *ref_time;
+  our_skew = skew;
+  our_residual_freq = residual_frequency;
   our_root_delay = root_delay;
   our_root_dispersion = root_dispersion;
-
-  if (last_ref_update.tv_sec) {
-    update_interval = UTI_DiffTimespecsToDouble(&now, &last_ref_update);
-    if (update_interval < 0.0)
-      update_interval = 0.0;
-  } else {
-    update_interval = 0.0;
-  }
-  last_ref_update = now;
+  our_frequency_sd = offset_sd;
+  our_offset_sd = offset_sd;
+  last_ref_update = mono_now;
+  last_ref_update_interval = update_interval;
+  last_offset = offset;
 
   /* We want to correct the offset quickly, but we also want to keep the
      frequency error caused by the correction itself low.
@@ -1018,108 +1034,60 @@ REF_SetReference(int stratum,
   correction_rate = correction_time_ratio * 0.5 * offset_sd * update_interval;
 
   /* Check if the clock should be stepped */
-  if (is_step_limit_reached(our_offset, uncorrected_offset)) {
+  if (is_step_limit_reached(offset, uncorrected_offset)) {
     /* Cancel the uncorrected offset and correct the total offset by step */
     accumulate_offset = uncorrected_offset;
-    step_offset = our_offset - uncorrected_offset;
+    step_offset = offset - uncorrected_offset;
   } else {
-    accumulate_offset = our_offset;
+    accumulate_offset = offset;
     step_offset = 0.0;
   }
 
-  /* Eliminate updates that are based on totally unreliable frequency
-     information. Ignore this limit with manual reference. */
-
-  if (fabs(skew) < max_update_skew || leap == LEAP_Unsynchronised) {
-
-    previous_skew = our_skew;
-    new_skew = skew;
-
-    previous_freq = 0.0; /* We assume that the local clock is running
-                          according to our previously determined
-                          value; note that this is a delta frequency
-                          --- absolute frequencies are only known in
-                          the local module. */
-    new_freq = frequency;
-
-    /* Set new frequency based on weighted average of old and new skew. With
-       manual reference the old frequency has no weight. */
-
-    old_weight = leap != LEAP_Unsynchronised ? 1.0 / Sqr(previous_skew) : 0.0;
-    new_weight = 3.0 / Sqr(new_skew);
-
-    sum_weight = old_weight + new_weight;
-
-    our_frequency = (previous_freq * old_weight + new_freq * new_weight) / sum_weight;
-
-    delta_freq1 = previous_freq - our_frequency;
-    delta_freq2 = new_freq - our_frequency;
-
-    skew1 = sqrt((Sqr(delta_freq1) * old_weight + Sqr(delta_freq2) * new_weight) / sum_weight);
-    skew2 = (previous_skew * old_weight + new_skew * new_weight) / sum_weight;
-    our_skew = skew1 + skew2;
-
-    our_residual_freq = new_freq - our_frequency;
-
-    LCL_AccumulateFrequencyAndOffset(our_frequency, accumulate_offset, correction_rate);
+  /* Adjust the clock */
+  LCL_AccumulateFrequencyAndOffset(frequency, accumulate_offset, correction_rate);
     
-  } else {
-    DEBUG_LOG("Skew %f too large to track, offset=%f", skew, accumulate_offset);
-
-    LCL_AccumulateOffset(accumulate_offset, correction_rate);
-
-    our_residual_freq = frequency;
-  }
-
-  update_leap_status(leap, raw_now.tv_sec, 0);
-  maybe_log_offset(our_offset, raw_now.tv_sec);
+  maybe_log_offset(offset, raw_now.tv_sec);
 
   if (step_offset != 0.0) {
     if (LCL_ApplyStepOffset(step_offset))
       LOG(LOGS_WARN, "System clock was stepped by %.6f seconds", -step_offset);
   }
 
-  LCL_SetSyncStatus(are_we_synchronised, offset_sd, offset_sd + root_delay / 2.0 + root_dispersion);
+  update_leap_status(leap, raw_now.tv_sec, 0);
+  update_sync_status(&now);
 
   /* Add a random error of up to one second to the reference time to make it
      less useful when disclosed to NTP and cmdmon clients for estimating
      receive timestamps in the interleaved symmetric NTP mode */
-  UTI_GetNtp64Fuzz(&ref_fuzz, 0);
-  UTI_TimespecToNtp64(&our_ref_time, &ref_fuzz, &ref_fuzz);
-  UTI_Ntp64ToTimespec(&ref_fuzz, &our_ref_time);
-  if (UTI_CompareTimespecs(&our_ref_time, ref_time) >= 0)
-    our_ref_time.tv_sec--;
+  fuzz_ref_time(&our_ref_time);
 
-  abs_freq_ppm = LCL_ReadAbsoluteFrequency();
+  local_abs_frequency = LCL_ReadAbsoluteFrequency();
 
-  write_log(&now, combined_sources, abs_freq_ppm, our_offset, offset_sd,
-            uncorrected_offset, orig_root_distance);
+  write_log(&now, combined_sources, local_abs_frequency,
+            offset, offset_sd, uncorrected_offset, orig_root_distance);
 
   if (drift_file) {
     /* Update drift file at most once per hour */
     drift_file_age += update_interval;
-    if (drift_file_age < 0.0 || drift_file_age > 3600.0) {
-      update_drift_file(abs_freq_ppm, our_skew);
+    if (drift_file_age >= MAX_DRIFTFILE_AGE) {
+      update_drift_file(local_abs_frequency, our_skew);
       drift_file_age = 0.0;
     }
   }
 
   /* Update fallback drifts */
   if (fb_drifts && are_we_synchronised) {
-    update_fb_drifts(abs_freq_ppm, update_interval);
-    schedule_fb_drift(&now);
+    update_fb_drifts(local_abs_frequency, update_interval);
+    schedule_fb_drift();
   }
 
-  last_ref_update_interval = update_interval;
-  last_offset = our_offset;
-
   /* Update the moving average of squares of offset, quickly on start */
   if (avg2_moving) {
-    avg2_offset += 0.1 * (our_offset * our_offset - avg2_offset);
+    avg2_offset += 0.1 * (SQUARE(offset) - avg2_offset);
   } else {
-    if (avg2_offset > 0.0 && avg2_offset < our_offset * our_offset)
+    if (avg2_offset > 0.0 && avg2_offset < SQUARE(offset))
       avg2_moving = 1;
-    avg2_offset = our_offset * our_offset;
+    avg2_offset = SQUARE(offset);
   }
 }
 
@@ -1138,7 +1106,7 @@ REF_SetManualReference
      only supposed to be used with the local source option, really.
      Log as MANU in the tracking log, packets will have NTP_REFID_LOCAL. */
   REF_SetReference(0, LEAP_Unsynchronised, 1, 0x4D414E55UL, NULL,
-                   ref_time, offset, 0.0, frequency, skew, 0.0, 0.0);
+                   ref_time, offset, 0.0, frequency, skew, skew, 0.0, 0.0);
 }
 
 /* ================================================== */
@@ -1163,7 +1131,7 @@ REF_SetUnsynchronised(void)
   UTI_AddDoubleToTimespec(&now_raw, uncorrected_offset, &now);
 
   if (fb_drifts) {
-    schedule_fb_drift(&now);
+    schedule_fb_drift();
   }
 
   update_leap_status(LEAP_Unsynchronised, 0, 0);
@@ -1180,6 +1148,25 @@ REF_SetUnsynchronised(void)
 
 /* ================================================== */
 
+void
+REF_UpdateLeapStatus(NTP_Leap leap)
+{
+  struct timespec raw_now, now;
+
+  /* Wait for a full reference update if not already synchronised */
+  if (!are_we_synchronised)
+    return;
+
+  SCH_GetLastEventTime(&now, NULL, &raw_now);
+
+  update_leap_status(leap, raw_now.tv_sec, 0);
+
+  /* Update also the synchronisation status */
+  update_sync_status(&now);
+}
+
+/* ================================================== */
+
 void
 REF_GetReferenceParams
 (
@@ -1193,7 +1180,7 @@ REF_GetReferenceParams
  double *root_dispersion
 )
 {
-  double dispersion;
+  double dispersion, delta;
 
   assert(initialised);
 
@@ -1225,13 +1212,17 @@ REF_GetReferenceParams
 
     *stratum = local_stratum;
     *ref_id = NTP_REFID_LOCAL;
-    /* Make the reference time be now less a second - this will
-       scarcely affect the client, but will ensure that the transmit
-       timestamp cannot come before this (which would cause test 7 to
-       fail in the client's read routine) if the local system clock's
-       read routine is broken in any way. */
-    *ref_time = *local_time;
-    --ref_time->tv_sec;
+
+    /* Keep the reference timestamp up to date.  Adjust the timestamp to make
+       sure that the transmit timestamp cannot come before this (which might
+       fail a test of an NTP client). */
+    delta = UTI_DiffTimespecsToDouble(local_time, &local_ref_time);
+    if (delta > LOCAL_REF_UPDATE_INTERVAL || delta < 1.0) {
+      UTI_AddDoubleToTimespec(local_time, -1.0, &local_ref_time);
+      fuzz_ref_time(&local_ref_time);
+    }
+
+    *ref_time = local_ref_time;
 
     /* Not much else we can do for leap second bits - maybe need to
        have a way for the administrator to feed leap bits in */
@@ -1356,6 +1347,18 @@ int REF_IsLeapSecondClose(void)
 
 /* ================================================== */
 
+int
+REF_GetTaiOffset(struct timespec *ts)
+{
+  int tai_offset;
+
+  get_tz_leap(ts->tv_sec, &tai_offset);
+
+  return tai_offset;
+}
+
+/* ================================================== */
+
 void
 REF_GetTrackingReport(RPT_TrackingReport *rep)
 {

reference.h

@@ -144,6 +144,7 @@ extern void REF_SetReference
  double offset,
  double offset_sd,
  double frequency,
+ double frequency_sd,
  double skew,
  double root_delay,
  double root_dispersion
@@ -161,6 +162,9 @@ extern void REF_SetManualReference
 extern void
 REF_SetUnsynchronised(void);
 
+/* Announce a leap second before the full reference update */
+extern void REF_UpdateLeapStatus(NTP_Leap leap);
+
 /* Return the current stratum of this host or 16 if the host is not
    synchronised */
 extern int REF_GetOurStratum(void);
@@ -184,6 +188,9 @@ extern void REF_DisableLocal(void);
    and is better to discard any measurements */
 extern int REF_IsLeapSecondClose(void);
 
+/* Return TAI-UTC offset corresponding to a time in UTC if available */
+extern int REF_GetTaiOffset(struct timespec *ts);
+
 extern void REF_GetTrackingReport(RPT_TrackingReport *rep);
 
 #endif /* GOT_REFERENCE_H */

rtc.c

@@ -160,7 +160,7 @@ RTC_Initialise(int initial_set)
 void
 RTC_Finalise(void)
 {
-  if (driver.fini) {
+  if (driver_initialised) {
     (driver.fini)();
   }
 }

rtc_linux.c

@@ -352,7 +352,7 @@ rtc_from_t(const time_t *t)
 
 static time_t
 t_from_rtc(struct tm *stm) {
-  struct tm temp1, temp2;
+  struct tm temp1, temp2, *tm;
   long diff;
   time_t t1, t2;
 
@@ -360,12 +360,14 @@ t_from_rtc(struct tm *stm) {
   temp1.tm_isdst = 0;
   
   t1 = mktime(&temp1);
-  if (rtc_on_utc) {
-    temp2 = *gmtime(&t1);
-  } else {
-    temp2 = *localtime(&t1);
+
+  tm = rtc_on_utc ? gmtime(&t1) : localtime(&t1);
+  if (!tm) {
+    DEBUG_LOG("gmtime()/localtime() failed");
+    return -1;
   }
-  
+
+  temp2 = *tm;
   temp2.tm_isdst = 0;
   t2 = mktime(&temp2);
   diff = t2 - t1;
@@ -388,12 +390,9 @@ read_hwclock_file(const char *hwclock_file)
   if (!hwclock_file || !hwclock_file[0])
     return;
 
-  in = fopen(hwclock_file, "r");
-  if (!in) {
-    LOG(LOGS_WARN, "Could not open %s : %s",
-        hwclock_file, strerror(errno));
+  in = UTI_OpenFile(NULL, hwclock_file, NULL, 'r', 0);
+  if (!in)
     return;
-  }
 
   /* Read third line from the file. */
   for (i = 0; i < 3; i++) {
@@ -443,7 +442,8 @@ read_coefs_from_file(void)
 
     tried_to_load_coefs = 1;
 
-    if (coefs_file_name && (in = fopen(coefs_file_name, "r"))) {
+    if (coefs_file_name &&
+        (in = UTI_OpenFile(NULL, coefs_file_name, NULL, 'r', 0))) {
       if (fscanf(in, "%d%ld%lf%lf",
                  &valid_coefs_from_file,
                  &file_ref_time,
@@ -464,67 +464,40 @@ read_coefs_from_file(void)
 static int
 write_coefs_to_file(int valid,time_t ref_time,double offset,double rate)
 {
-  struct stat buf;
-  char *temp_coefs_file_name;
   FILE *out;
-  int r1, r2;
 
   /* Create a temporary file with a '.tmp' extension. */
-
-  temp_coefs_file_name = (char*) Malloc(strlen(coefs_file_name)+8);
-
-  if(!temp_coefs_file_name) {
+  out = UTI_OpenFile(NULL, coefs_file_name, ".tmp", 'w', 0644);
+  if (!out)
     return RTC_ST_BADFILE;
-  }
-
-  strcpy(temp_coefs_file_name,coefs_file_name);
-  strcat(temp_coefs_file_name,".tmp");
-
-  out = fopen(temp_coefs_file_name, "w");
-  if (!out) {
-    Free(temp_coefs_file_name);
-    LOG(LOGS_WARN, "Could not open temporary RTC file %s.tmp for writing",
-        coefs_file_name);
-    return RTC_ST_BADFILE;
-  }
 
   /* Gain rate is written out in ppm */
-  r1 = fprintf(out, "%1d %ld %.6f %.3f\n",
-               valid, ref_time, offset, 1.0e6 * rate);
-  r2 = fclose(out);
-  if (r1 < 0 || r2) {
-    Free(temp_coefs_file_name);
-    LOG(LOGS_WARN, "Could not write to temporary RTC file %s.tmp",
-        coefs_file_name);
+  fprintf(out, "%1d %ld %.6f %.3f\n", valid, ref_time, offset, 1.0e6 * rate);
+  fclose(out);
+
+  /* Rename the temporary file to the correct location */
+  if (!UTI_RenameTempFile(NULL, coefs_file_name, ".tmp", NULL))
     return RTC_ST_BADFILE;
-  }
-
-  /* Clone the file attributes from the existing file if there is one. */
-
-  if (!stat(coefs_file_name,&buf)) {
-    if (chown(temp_coefs_file_name,buf.st_uid,buf.st_gid) ||
-        chmod(temp_coefs_file_name,buf.st_mode & 0777)) {
-      LOG(LOGS_WARN,
-          "Could not change ownership or permissions of temporary RTC file %s.tmp",
-          coefs_file_name);
-    }
-  }
-
-  /* Rename the temporary file to the correct location (see rename(2) for details). */
-
-  if (rename(temp_coefs_file_name,coefs_file_name)) {
-    unlink(temp_coefs_file_name);
-    Free(temp_coefs_file_name);
-    LOG(LOGS_WARN, "Could not replace old RTC file %s.tmp with new one %s",
-        coefs_file_name, coefs_file_name);
-    return RTC_ST_BADFILE;
-  }
-
-  Free(temp_coefs_file_name);
 
   return RTC_ST_OK;
 }
 
+/* ================================================== */
+
+static int
+switch_interrupts(int on_off)
+{
+  if (ioctl(fd, on_off ? RTC_UIE_ON : RTC_UIE_OFF, 0) < 0) {
+    LOG(LOGS_ERR, "Could not %s RTC interrupt : %s",
+        on_off ? "enable" : "disable", strerror(errno));
+    return 0;
+  }
+
+  if (on_off)
+    skip_interrupts = 1;
+
+  return 1;
+}
 
 /* ================================================== */
 /* file_name is the name of the file where we save the RTC params
@@ -534,6 +507,23 @@ write_coefs_to_file(int valid,time_t ref_time,double offset,double rate)
 int
 RTC_Linux_Initialise(void)
 {
+  /* Try to open the device */
+  fd = open(CNF_GetRtcDevice(), O_RDWR);
+  if (fd < 0) {
+    LOG(LOGS_ERR, "Could not open RTC device %s : %s",
+        CNF_GetRtcDevice(), strerror(errno));
+    return 0;
+  }
+
+  /* Make sure the RTC supports interrupts */
+  if (!switch_interrupts(1) || !switch_interrupts(0)) {
+    close(fd);
+    return 0;
+  }
+
+  /* Close on exec */
+  UTI_FdSetCloexec(fd);
+
   rtc_sec = MallocArray(time_t, MAX_SAMPLES);
   rtc_trim = MallocArray(double, MAX_SAMPLES);
   system_times = MallocArray(struct timespec, MAX_SAMPLES);
@@ -544,18 +534,6 @@ RTC_Linux_Initialise(void)
   /* In case it didn't get done by pre-init */
   coefs_file_name = CNF_GetRtcFile();
 
-  /* Try to open device */
-
-  fd = open (CNF_GetRtcDevice(), O_RDWR);
-  if (fd < 0) {
-    LOG(LOGS_ERR, "Could not open RTC device %s : %s",
-        CNF_GetRtcDevice(), strerror(errno));
-    return 0;
-  }
-
-  /* Close on exec */
-  UTI_FdSetCloexec(fd);
-
   n_samples = 0;
   n_samples_since_regression = 0;
   n_runs = 0;
@@ -588,6 +566,7 @@ RTC_Linux_Finalise(void)
   /* Remove input file handler */
   if (fd >= 0) {
     SCH_RemoveFileHandler(fd);
+    switch_interrupts(0);
     close(fd);
 
     /* Save the RTC data */
@@ -601,29 +580,6 @@ RTC_Linux_Finalise(void)
 
 /* ================================================== */
 
-static void
-switch_interrupts(int onoff)
-{
-  int status;
-
-  if (onoff) {
-    status = ioctl(fd, RTC_UIE_ON, 0);
-    if (status < 0) {
-      LOG(LOGS_ERR, "Could not %s RTC interrupt : %s", "enable", strerror(errno));
-      return;
-    }
-    skip_interrupts = 1;
-  } else {
-    status = ioctl(fd, RTC_UIE_OFF, 0);
-    if (status < 0) {
-      LOG(LOGS_ERR, "Could not %s RTC interrupt : %s", "disable", strerror(errno));
-      return;
-    }
-  }
-}    
-
-/* ================================================== */
-
 static void
 measurement_timeout(void *any)
 {

samplefilt.c

@@ -0,0 +1,452 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2009-2011, 2014, 2016, 2018
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Routines implementing a median sample filter.
+
+  */
+
+#include "config.h"
+
+#include "local.h"
+#include "logging.h"
+#include "memory.h"
+#include "regress.h"
+#include "samplefilt.h"
+#include "util.h"
+
+#define MIN_SAMPLES 1
+#define MAX_SAMPLES 256
+
+struct SPF_Instance_Record {
+  int min_samples;
+  int max_samples;
+  int index;
+  int used;
+  int last;
+  int avg_var_n;
+  double avg_var;
+  double max_var;
+  double combine_ratio;
+  NTP_Sample *samples;
+  int *selected;
+  double *x_data;
+  double *y_data;
+  double *w_data;
+};
+
+/* ================================================== */
+
+SPF_Instance
+SPF_CreateInstance(int min_samples, int max_samples, double max_dispersion, double combine_ratio)
+{
+  SPF_Instance filter;
+
+  filter = MallocNew(struct SPF_Instance_Record);
+
+  min_samples = CLAMP(MIN_SAMPLES, min_samples, MAX_SAMPLES);
+  max_samples = CLAMP(MIN_SAMPLES, max_samples, MAX_SAMPLES);
+  max_samples = MAX(min_samples, max_samples);
+  combine_ratio = CLAMP(0.0, combine_ratio, 1.0);
+
+  filter->min_samples = min_samples;
+  filter->max_samples = max_samples;
+  filter->index = -1;
+  filter->used = 0;
+  filter->last = -1;
+  /* Set the first estimate to the system precision */
+  filter->avg_var_n = 0;
+  filter->avg_var = SQUARE(LCL_GetSysPrecisionAsQuantum());
+  filter->max_var = SQUARE(max_dispersion);
+  filter->combine_ratio = combine_ratio;
+  filter->samples = MallocArray(NTP_Sample, filter->max_samples);
+  filter->selected = MallocArray(int, filter->max_samples);
+  filter->x_data = MallocArray(double, filter->max_samples);
+  filter->y_data = MallocArray(double, filter->max_samples);
+  filter->w_data = MallocArray(double, filter->max_samples);
+
+  return filter;
+}
+
+/* ================================================== */
+
+void
+SPF_DestroyInstance(SPF_Instance filter)
+{
+  Free(filter->samples);
+  Free(filter->selected);
+  Free(filter->x_data);
+  Free(filter->y_data);
+  Free(filter->w_data);
+  Free(filter);
+}
+
+/* ================================================== */
+
+/* Check that samples times are strictly increasing */
+
+static int
+check_sample(SPF_Instance filter, NTP_Sample *sample)
+{
+  if (filter->used <= 0)
+    return 1;
+
+  if (UTI_CompareTimespecs(&filter->samples[filter->last].time, &sample->time) >= 0) {
+    DEBUG_LOG("filter non-increasing sample time %s", UTI_TimespecToString(&sample->time));
+    return 0;
+  }
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SPF_AccumulateSample(SPF_Instance filter, NTP_Sample *sample)
+{
+  if (!check_sample(filter, sample))
+      return 0;
+
+  filter->index++;
+  filter->index %= filter->max_samples;
+  filter->last = filter->index;
+  if (filter->used < filter->max_samples)
+    filter->used++;
+
+  filter->samples[filter->index] = *sample;
+
+  DEBUG_LOG("filter sample %d t=%s offset=%.9f peer_disp=%.9f",
+            filter->index, UTI_TimespecToString(&sample->time),
+            sample->offset, sample->peer_dispersion);
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SPF_GetLastSample(SPF_Instance filter, NTP_Sample *sample)
+{
+  if (filter->last < 0)
+    return 0;
+
+  *sample = filter->samples[filter->last];
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SPF_GetNumberOfSamples(SPF_Instance filter)
+{
+  return filter->used;
+}
+
+/* ================================================== */
+
+double
+SPF_GetAvgSampleDispersion(SPF_Instance filter)
+{
+  return sqrt(filter->avg_var);
+}
+
+/* ================================================== */
+
+void
+SPF_DropSamples(SPF_Instance filter)
+{
+  filter->index = -1;
+  filter->used = 0;
+}
+
+/* ================================================== */
+
+static const NTP_Sample *tmp_sort_samples;
+
+static int
+compare_samples(const void *a, const void *b)
+{
+  const NTP_Sample *s1, *s2;
+
+  s1 = &tmp_sort_samples[*(int *)a];
+  s2 = &tmp_sort_samples[*(int *)b];
+
+  if (s1->offset < s2->offset)
+    return -1;
+  else if (s1->offset > s2->offset)
+    return 1;
+  return 0;
+}
+
+/* ================================================== */
+
+static int
+select_samples(SPF_Instance filter)
+{
+  int i, j, k, o, from, to, *selected;
+  double min_dispersion;
+
+  if (filter->used < filter->min_samples)
+    return 0;
+
+  selected = filter->selected;
+
+  /* With 4 or more samples, select those that have peer dispersion smaller
+     than 1.5x of the minimum dispersion */
+  if (filter->used > 4) {
+    for (i = 1, min_dispersion = filter->samples[0].peer_dispersion; i < filter->used; i++) {
+      if (min_dispersion > filter->samples[i].peer_dispersion)
+        min_dispersion = filter->samples[i].peer_dispersion;
+    }
+
+    for (i = j = 0; i < filter->used; i++) {
+      if (filter->samples[i].peer_dispersion <= 1.5 * min_dispersion)
+        selected[j++] = i;
+    }
+  } else {
+    j = 0;
+  }
+
+  if (j < 4) {
+    /* Select all samples */
+
+    for (j = 0; j < filter->used; j++)
+      selected[j] = j;
+  }
+
+  /* And sort their indices by offset */
+  tmp_sort_samples = filter->samples;
+  qsort(selected, j, sizeof (int), compare_samples);
+
+  /* Select samples closest to the median */
+  if (j > 2) {
+    from = j * (1.0 - filter->combine_ratio) / 2.0;
+    from = CLAMP(1, from, (j - 1) / 2);
+  } else {
+    from = 0;
+  }
+
+  to = j - from;
+
+  /* Mark unused samples and sort the rest by their time */
+
+  o = filter->used - filter->index - 1;
+
+  for (i = 0; i < from; i++)
+    selected[i] = -1;
+  for (; i < to; i++)
+    selected[i] = (selected[i] + o) % filter->used;
+  for (; i < filter->used; i++)
+    selected[i] = -1;
+
+  for (i = from; i < to; i++) {
+    j = selected[i];
+    selected[i] = -1;
+    while (j != -1 && selected[j] != j) {
+      k = selected[j];
+      selected[j] = j;
+      j = k;
+    }
+  }
+
+  for (i = j = 0, k = -1; i < filter->used; i++) {
+    if (selected[i] != -1)
+      selected[j++] = (selected[i] + filter->used - o) % filter->used;
+  }
+
+  assert(j > 0 && j <= filter->max_samples);
+
+  return j;
+}
+
+/* ================================================== */
+
+static int
+combine_selected_samples(SPF_Instance filter, int n, NTP_Sample *result)
+{
+  double mean_peer_dispersion, mean_root_dispersion, mean_peer_delay, mean_root_delay;
+  double mean_x, mean_y, disp, var, prev_avg_var;
+  NTP_Sample *sample, *last_sample;
+  int i, dof;
+
+  last_sample = &filter->samples[filter->selected[n - 1]];
+
+  /* Prepare data */
+  for (i = 0; i < n; i++) {
+    sample = &filter->samples[filter->selected[i]];
+
+    filter->x_data[i] = UTI_DiffTimespecsToDouble(&sample->time, &last_sample->time);
+    filter->y_data[i] = sample->offset;
+    filter->w_data[i] = sample->peer_dispersion;
+  }
+
+  /* Calculate mean offset and interval since the last sample */
+  for (i = 0, mean_x = mean_y = 0.0; i < n; i++) {
+    mean_x += filter->x_data[i];
+    mean_y += filter->y_data[i];
+  }
+  mean_x /= n;
+  mean_y /= n;
+
+  if (n >= 4) {
+    double b0, b1, s2, sb0, sb1;
+
+    /* Set y axis to the mean sample time */
+    for (i = 0; i < n; i++)
+      filter->x_data[i] -= mean_x;
+
+    /* Make a linear fit and use the estimated standard deviation of the
+       intercept as dispersion */
+    RGR_WeightedRegression(filter->x_data, filter->y_data, filter->w_data, n,
+                           &b0, &b1, &s2, &sb0, &sb1);
+    var = s2;
+    disp = sb0;
+    dof = n - 2;
+  } else if (n >= 2) {
+    for (i = 0, disp = 0.0; i < n; i++)
+      disp += (filter->y_data[i] - mean_y) * (filter->y_data[i] - mean_y);
+    var = disp / (n - 1);
+    disp = sqrt(var);
+    dof = n - 1;
+  } else {
+    var = filter->avg_var;
+    disp = sqrt(var);
+    dof = 1;
+  }
+
+  /* Avoid working with zero dispersion */
+  if (var < 1e-20) {
+    var = 1e-20;
+    disp = sqrt(var);
+  }
+
+  /* Drop the sample if the variance is larger than the maximum */
+  if (filter->max_var > 0.0 && var > filter->max_var) {
+    DEBUG_LOG("filter dispersion too large disp=%.9f max=%.9f",
+              sqrt(var), sqrt(filter->max_var));
+    return 0;
+  }
+
+  prev_avg_var = filter->avg_var;
+
+  /* Update the exponential moving average of the variance */
+  if (filter->avg_var_n > 50) {
+    filter->avg_var += dof / (dof + 50.0) * (var - filter->avg_var);
+  } else {
+    filter->avg_var = (filter->avg_var * filter->avg_var_n + var * dof) /
+      (dof + filter->avg_var_n);
+    if (filter->avg_var_n == 0)
+      prev_avg_var = filter->avg_var;
+    filter->avg_var_n += dof;
+  }
+
+  /* Use the long-term average of variance instead of the estimated value
+     unless it is significantly smaller in order to reduce the noise in
+     sourcestats weights */
+  if (var * dof / RGR_GetChi2Coef(dof) < prev_avg_var)
+    disp = sqrt(filter->avg_var) * disp / sqrt(var);
+
+  mean_peer_dispersion = mean_root_dispersion = mean_peer_delay = mean_root_delay = 0.0;
+
+  for (i = 0; i < n; i++) {
+    sample = &filter->samples[filter->selected[i]];
+
+    mean_peer_dispersion += sample->peer_dispersion;
+    mean_root_dispersion += sample->root_dispersion;
+    mean_peer_delay += sample->peer_delay;
+    mean_root_delay += sample->root_delay;
+  }
+
+  mean_peer_dispersion /= n;
+  mean_root_dispersion /= n;
+  mean_peer_delay /= n;
+  mean_root_delay /= n;
+
+  UTI_AddDoubleToTimespec(&last_sample->time, mean_x, &result->time);
+  result->offset = mean_y;
+  result->peer_dispersion = MAX(disp, mean_peer_dispersion);
+  result->root_dispersion = MAX(disp, mean_root_dispersion);
+  result->peer_delay = mean_peer_delay;
+  result->root_delay = mean_root_delay;
+  result->stratum = last_sample->stratum;
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SPF_GetFilteredSample(SPF_Instance filter, NTP_Sample *sample)
+{
+  int n;
+
+  n = select_samples(filter);
+
+  if (n < 1)
+    return 0;
+
+  if (!combine_selected_samples(filter, n, sample))
+    return 0;
+
+  SPF_DropSamples(filter);
+
+  return 1;
+}
+
+/* ================================================== */
+
+void
+SPF_SlewSamples(SPF_Instance filter, struct timespec *when, double dfreq, double doffset)
+{
+  int i, first, last;
+  double delta_time;
+
+  if (filter->last < 0)
+    return;
+
+  /* Always slew the last sample as it may be returned even if no new
+     samples were accumulated */
+  if (filter->used > 0) {
+    first = 0;
+    last = filter->used - 1;
+  } else {
+    first = last = filter->last;
+  }
+
+  for (i = first; i <= last; i++) {
+    UTI_AdjustTimespec(&filter->samples[i].time, when, &filter->samples[i].time,
+                       &delta_time, dfreq, doffset);
+    filter->samples[i].offset -= delta_time;
+  }
+}
+
+/* ================================================== */
+
+void
+SPF_AddDispersion(SPF_Instance filter, double dispersion)
+{
+  int i;
+
+  for (i = 0; i < filter->used; i++) {
+    filter->samples[i].peer_dispersion += dispersion;
+    filter->samples[i].root_dispersion += dispersion;
+  }
+}

samplefilt.h

@@ -0,0 +1,49 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2018
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for sample filter.
+
+  */
+
+#ifndef GOT_SAMPLEFILT_H
+#define GOT_SAMPLEFILT_H
+
+#include "ntp.h"
+
+typedef struct SPF_Instance_Record *SPF_Instance;
+
+extern SPF_Instance SPF_CreateInstance(int min_samples, int max_samples,
+                                       double max_dispersion, double combine_ratio);
+extern void SPF_DestroyInstance(SPF_Instance filter);
+
+extern int SPF_AccumulateSample(SPF_Instance filter, NTP_Sample *sample);
+extern int SPF_GetLastSample(SPF_Instance filter, NTP_Sample *sample);
+extern int SPF_GetNumberOfSamples(SPF_Instance filter);
+extern double SPF_GetAvgSampleDispersion(SPF_Instance filter);
+extern void SPF_DropSamples(SPF_Instance filter);
+extern int SPF_GetFilteredSample(SPF_Instance filter, NTP_Sample *sample);
+extern void SPF_SlewSamples(SPF_Instance filter, struct timespec *when,
+                            double dfreq, double doffset);
+extern void SPF_AddDispersion(SPF_Instance filter, double dispersion);
+
+#endif

sched.c

@@ -65,6 +65,12 @@ static ARR_Instance file_handlers;
 static struct timespec last_select_ts, last_select_ts_raw;
 static double last_select_ts_err;
 
+#define TS_MONO_PRECISION_NS 10000000U
+
+/* Monotonic low-precision timestamp measuring interval since the start */
+static double last_select_ts_mono;
+static uint32_t last_select_ts_mono_ns;
+
 /* ================================================== */
 
 /* Variables to handler the timer queue */
@@ -136,6 +142,8 @@ SCH_Initialise(void)
 
   LCL_ReadRawTime(&last_select_ts_raw);
   last_select_ts = last_select_ts_raw;
+  last_select_ts_mono = 0.0;
+  last_select_ts_mono_ns = 0;
 
   initialised = 1;
 }
@@ -147,6 +155,8 @@ void
 SCH_Finalise(void) {
   ARR_DestroyInstance(file_handlers);
 
+  LCL_RemoveParameterChangeHandler(handle_slew, NULL);
+
   initialised = 0;
 }
 
@@ -219,13 +229,16 @@ SCH_RemoveFileHandler(int fd)
 /* ================================================== */
 
 void
-SCH_SetFileHandlerEvents(int fd, int events)
+SCH_SetFileHandlerEvent(int fd, int event, int enable)
 {
   FileHandlerEntry *ptr;
 
-  assert(events);
   ptr = ARR_GetElement(file_handlers, fd);
-  ptr->events = events;
+
+  if (enable)
+    ptr->events |= event;
+  else
+    ptr->events &= ~event;
 }
 
 /* ================================================== */
@@ -244,6 +257,14 @@ SCH_GetLastEventTime(struct timespec *cooked, double *err, struct timespec *raw)
 
 /* ================================================== */
 
+double
+SCH_GetLastEventMonoTime(void)
+{
+  return last_select_ts_mono;
+}
+
+/* ================================================== */
+
 #define TQE_ALLOC_QUANTUM 32
 
 static TimerQueueEntry *
@@ -469,6 +490,20 @@ SCH_RemoveTimeout(SCH_TimeoutID id)
   assert(0);
 }
 
+/* ================================================== */
+
+void
+SCH_Reset(void)
+{
+  while (n_timer_queue_entries > 0)
+    SCH_RemoveTimeout(timer_queue.next->id);
+
+  while (one_highest_fd > 0) {
+    close(one_highest_fd - 1);
+    SCH_RemoveFileHandler(one_highest_fd - 1);
+  }
+}
+
 /* ================================================== */
 /* Try to dispatch any timeouts that have already gone by, and
    keep going until all are done.  (The earlier ones may take so
@@ -531,7 +566,8 @@ dispatch_filehandlers(int nfd, fd_set *read_fds, fd_set *write_fds, fd_set *exce
     if (except_fds && FD_ISSET(fd, except_fds)) {
       /* This descriptor has an exception, dispatch its handler */
       ptr = (FileHandlerEntry *)ARR_GetElement(file_handlers, fd);
-      (ptr->handler)(fd, SCH_FILE_EXCEPTION, ptr->arg);
+      if (ptr->handler)
+        (ptr->handler)(fd, SCH_FILE_EXCEPTION, ptr->arg);
       nfd--;
 
       /* Don't try to read from it now */
@@ -544,14 +580,16 @@ dispatch_filehandlers(int nfd, fd_set *read_fds, fd_set *write_fds, fd_set *exce
     if (read_fds && FD_ISSET(fd, read_fds)) {
       /* This descriptor can be read from, dispatch its handler */
       ptr = (FileHandlerEntry *)ARR_GetElement(file_handlers, fd);
-      (ptr->handler)(fd, SCH_FILE_INPUT, ptr->arg);
+      if (ptr->handler)
+        (ptr->handler)(fd, SCH_FILE_INPUT, ptr->arg);
       nfd--;
     }
 
     if (write_fds && FD_ISSET(fd, write_fds)) {
       /* This descriptor can be written to, dispatch its handler */
       ptr = (FileHandlerEntry *)ARR_GetElement(file_handlers, fd);
-      (ptr->handler)(fd, SCH_FILE_OUTPUT, ptr->arg);
+      if (ptr->handler)
+        (ptr->handler)(fd, SCH_FILE_OUTPUT, ptr->arg);
       nfd--;
     }
   }
@@ -700,6 +738,31 @@ check_current_time(struct timespec *prev_raw, struct timespec *raw, int timeout,
 
 /* ================================================== */
 
+static void
+update_monotonic_time(struct timespec *now, struct timespec *before)
+{
+  struct timespec diff;
+
+  /* Avoid frequent floating-point operations and handle small
+     increments to a large value */
+
+  UTI_DiffTimespecs(&diff, now, before);
+  if (diff.tv_sec == 0) {
+    last_select_ts_mono_ns += diff.tv_nsec;
+  } else {
+    last_select_ts_mono += fabs(UTI_TimespecToDouble(&diff) +
+                                last_select_ts_mono_ns / 1.0e9);
+    last_select_ts_mono_ns = 0;
+  }
+
+  if (last_select_ts_mono_ns > TS_MONO_PRECISION_NS) {
+    last_select_ts_mono += last_select_ts_mono_ns / 1.0e9;
+    last_select_ts_mono_ns = 0;
+  }
+}
+
+/* ================================================== */
+
 void
 SCH_MainLoop(void)
 {
@@ -756,6 +819,8 @@ SCH_MainLoop(void)
       LCL_CookTime(&now, &cooked, &err);
     }
 
+    update_monotonic_time(&cooked, &last_select_ts);
+
     last_select_ts_raw = now;
     last_select_ts = cooked;
     last_select_ts_err = err;

sched.h

@@ -60,11 +60,14 @@ extern void SCH_Finalise(void);
 /* Register a handler for when select goes true on a file descriptor */
 extern void SCH_AddFileHandler(int fd, int events, SCH_FileHandler handler, SCH_ArbitraryArgument arg);
 extern void SCH_RemoveFileHandler(int fd);
-extern void SCH_SetFileHandlerEvents(int fd, int events);
+extern void SCH_SetFileHandlerEvent(int fd, int event, int enable);
 
 /* Get the time stamp taken after a file descriptor became ready or a timeout expired */
 extern void SCH_GetLastEventTime(struct timespec *cooked, double *err, struct timespec *raw);
 
+/* Get a low-precision monotonic timestamp (starting at 0.0) */
+extern double SCH_GetLastEventMonoTime(void);
+
 /* This queues a timeout to elapse at a given (raw) local time */
 extern SCH_TimeoutID SCH_AddTimeout(struct timespec *ts, SCH_TimeoutHandler handler, SCH_ArbitraryArgument arg);
 
@@ -82,6 +85,9 @@ extern SCH_TimeoutID SCH_AddTimeoutInClass(double min_delay, double separation,
 /* The next one probably ought to return a status code */
 extern void SCH_RemoveTimeout(SCH_TimeoutID);
 
+/* Remove all timeouts and close all file descriptors */
+extern void SCH_Reset(void);
+
 extern void SCH_MainLoop(void);
 
 extern void SCH_QuitProgram(void);

siv.h

@@ -0,0 +1,70 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Header file for Synthetic Initialization Vector (SIV) ciphers.
+
+  */
+
+#ifndef GOT_SIV_H
+#define GOT_SIV_H
+
+/* Maximum key length of all supported SIVs */
+#define SIV_MAX_KEY_LENGTH 32
+
+/* Maximum difference between lengths of ciphertext and plaintext */
+#define SIV_MAX_TAG_LENGTH 16
+
+/* Identifiers of SIV algorithms following the IANA AEAD registry */
+typedef enum {
+  AEAD_AES_SIV_CMAC_256 = 15,
+  AEAD_AES_SIV_CMAC_384 = 16,
+  AEAD_AES_SIV_CMAC_512 = 17,
+  AEAD_AES_128_GCM_SIV = 30,
+  AEAD_AES_256_GCM_SIV = 31,
+} SIV_Algorithm;
+
+typedef struct SIV_Instance_Record *SIV_Instance;
+
+extern SIV_Instance SIV_CreateInstance(SIV_Algorithm algorithm);
+
+extern void SIV_DestroyInstance(SIV_Instance instance);
+
+extern int SIV_GetKeyLength(SIV_Algorithm algorithm);
+
+extern int SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length);
+
+extern int SIV_GetTagLength(SIV_Instance instance);
+
+extern int SIV_Encrypt(SIV_Instance instance,
+                       const unsigned char *nonce, int nonce_length,
+                       const void *assoc, int assoc_length,
+                       const void *plaintext, int plaintext_length,
+                       unsigned char *ciphertext, int ciphertext_length);
+
+extern int SIV_Decrypt(SIV_Instance instance,
+                       const unsigned char *nonce, int nonce_length,
+                       const void *assoc, int assoc_length,
+                       const unsigned char *ciphertext, int ciphertext_length,
+                       void *plaintext, int plaintext_length);
+
+#endif

siv_nettle.c

@@ -0,0 +1,142 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  SIV ciphers using the Nettle library
+  */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#ifdef HAVE_NETTLE_SIV_CMAC
+#include <nettle/siv-cmac.h>
+#else
+#include "siv_nettle_int.c"
+#endif
+
+#include "memory.h"
+#include "siv.h"
+
+struct SIV_Instance_Record {
+  struct siv_cmac_aes128_ctx siv;
+};
+
+/* ================================================== */
+
+SIV_Instance
+SIV_CreateInstance(SIV_Algorithm algorithm)
+{
+  SIV_Instance instance;
+
+  if (algorithm != AEAD_AES_SIV_CMAC_256)
+    return NULL;
+
+  instance = MallocNew(struct SIV_Instance_Record);
+
+  return instance;
+}
+
+/* ================================================== */
+
+void
+SIV_DestroyInstance(SIV_Instance instance)
+{
+  Free(instance);
+}
+
+/* ================================================== */
+
+int
+SIV_GetKeyLength(SIV_Algorithm algorithm)
+{
+  if (algorithm == AEAD_AES_SIV_CMAC_256)
+    return 32;
+  return 0;
+}
+
+/* ================================================== */
+
+int
+SIV_SetKey(SIV_Instance instance, const unsigned char *key, int length)
+{
+  if (length != 32)
+    return 0;
+
+  siv_cmac_aes128_set_key(&instance->siv, key);
+
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SIV_GetTagLength(SIV_Instance instance)
+{
+  return SIV_DIGEST_SIZE;
+}
+
+/* ================================================== */
+
+int
+SIV_Encrypt(SIV_Instance instance,
+            const unsigned char *nonce, int nonce_length,
+            const void *assoc, int assoc_length,
+            const void *plaintext, int plaintext_length,
+            unsigned char *ciphertext, int ciphertext_length)
+{
+  if (nonce_length < SIV_MIN_NONCE_SIZE || assoc_length < 0 ||
+      plaintext_length < 0 || plaintext_length > ciphertext_length ||
+      plaintext_length + SIV_DIGEST_SIZE != ciphertext_length)
+    return 0;
+
+  assert(assoc && plaintext);
+
+  siv_cmac_aes128_encrypt_message(&instance->siv, nonce_length, nonce,
+                                  assoc_length, assoc,
+                                  ciphertext_length, ciphertext, plaintext);
+  return 1;
+}
+
+/* ================================================== */
+
+int
+SIV_Decrypt(SIV_Instance instance,
+            const unsigned char *nonce, int nonce_length,
+            const void *assoc, int assoc_length,
+            const unsigned char *ciphertext, int ciphertext_length,
+            void *plaintext, int plaintext_length)
+{
+  if (nonce_length < SIV_MIN_NONCE_SIZE || assoc_length < 0 ||
+      plaintext_length < 0 || plaintext_length > ciphertext_length ||
+      plaintext_length + SIV_DIGEST_SIZE != ciphertext_length)
+    return 0;
+
+  assert(assoc && plaintext);
+
+  if (!siv_cmac_aes128_decrypt_message(&instance->siv, nonce_length, nonce,
+                                       assoc_length, assoc,
+                                       plaintext_length, plaintext, ciphertext))
+    return 0;
+
+  return 1;
+}

siv_nettle_int.c

@@ -0,0 +1,452 @@
+/* This is a single-file implementation of AES-SIV-CMAC-256 based on
+   a patch for GNU Nettle by Nikos Mavrogiannopoulos */
+
+/*
+   AES-CMAC-128 (rfc 4493)
+   Copyright (C) Stefan Metzmacher 2012
+   Copyright (C) Jeremy Allison 2012
+   Copyright (C) Michael Adam 2012
+   Copyright (C) 2017, Red Hat Inc.
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+/* siv-aes128.c, siv-cmac.c, siv.h
+
+   AES-SIV, RFC5297
+   SIV-CMAC, RFC5297
+
+   Copyright (C) 2017 Nikos Mavrogiannopoulos
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+/* cmac.h, siv-cmac.h, cmac-aes128.c
+
+   CMAC mode, as specified in RFC4493
+   SIV-CMAC mode, as specified in RFC5297
+   CMAC using AES128 as the underlying cipher.
+
+   Copyright (C) 2017 Red Hat, Inc.
+
+   Contributed by Nikos Mavrogiannopoulos
+
+   This file is part of GNU Nettle.
+
+   GNU Nettle is free software: you can redistribute it and/or
+   modify it under the terms of either:
+
+     * the GNU Lesser General Public License as published by the Free
+       Software Foundation; either version 3 of the License, or (at your
+       option) any later version.
+
+   or
+
+     * the GNU General Public License as published by the Free
+       Software Foundation; either version 2 of the License, or (at your
+       option) any later version.
+
+   or both in parallel, as here.
+
+   GNU Nettle is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received copies of the GNU General Public License and
+   the GNU Lesser General Public License along with this program.  If
+   not, see http://www.gnu.org/licenses/.
+*/
+
+# include "config.h"
+
+#include <assert.h>
+#include <string.h>
+
+#include "nettle/aes.h"
+#include "nettle/ctr.h"
+#include "nettle/macros.h"
+#include "nettle/memxor.h"
+#include "nettle/memops.h"
+
+#include "nettle/nettle-types.h"
+
+/* For SIV, the block size of the block cipher shall be 128 bits. */
+#define SIV_BLOCK_SIZE  16
+#define SIV_DIGEST_SIZE 16
+#define SIV_MIN_NONCE_SIZE 1
+
+/*
+ * SIV mode requires the aad and plaintext when building the IV, which
+ * prevents streaming processing and it incompatible with the AEAD API.
+ */
+
+/* AES_SIV_CMAC_256 */
+struct siv_cmac_aes128_ctx {
+    struct aes128_ctx         cipher;
+    uint8_t s2vk[AES128_KEY_SIZE];
+};
+
+struct cmac128_ctx
+{
+  /* Key */
+  union nettle_block16 K1;
+  union nettle_block16 K2;
+
+  /* MAC state */
+  union nettle_block16 X;
+
+  /* Block buffer */
+  union nettle_block16 block;
+  size_t index;
+};
+
+/* shift one and XOR with 0x87. */
+static void
+_cmac128_block_mulx(union nettle_block16 *dst,
+	   const union nettle_block16 *src)
+{
+  uint64_t b1 = READ_UINT64(src->b);
+  uint64_t b2 = READ_UINT64(src->b+8);
+
+  b1 = (b1 << 1) | (b2 >> 63);
+  b2 <<= 1;
+
+  if (src->b[0] & 0x80)
+    b2 ^= 0x87;
+
+  WRITE_UINT64(dst->b, b1);
+  WRITE_UINT64(dst->b+8, b2);
+}
+
+static void
+cmac128_set_key(struct cmac128_ctx *ctx, const void *cipher,
+		nettle_cipher_func *encrypt)
+{
+  static const uint8_t const_zero[] = {
+    0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00
+  };
+  union nettle_block16 *L = &ctx->block;
+  memset(ctx, 0, sizeof(*ctx));
+
+  /* step 1 - generate subkeys k1 and k2 */
+  encrypt(cipher, 16, L->b, const_zero);
+
+  _cmac128_block_mulx(&ctx->K1, L);
+  _cmac128_block_mulx(&ctx->K2, &ctx->K1);
+}
+
+#define MIN(x,y) ((x)<(y)?(x):(y))
+
+static void
+cmac128_update(struct cmac128_ctx *ctx, const void *cipher,
+	       nettle_cipher_func *encrypt,
+	       size_t msg_len, const uint8_t *msg)
+{
+  union nettle_block16 Y;
+  /*
+   * check if we expand the block
+   */
+  if (ctx->index < 16)
+    {
+      size_t len = MIN(16 - ctx->index, msg_len);
+      memcpy(&ctx->block.b[ctx->index], msg, len);
+      msg += len;
+      msg_len -= len;
+      ctx->index += len;
+    }
+
+  if (msg_len == 0) {
+    /* if it is still the last block, we are done */
+    return;
+  }
+
+  /*
+   * now checksum everything but the last block
+   */
+  memxor3(Y.b, ctx->X.b, ctx->block.b, 16);
+  encrypt(cipher, 16, ctx->X.b, Y.b);
+
+  while (msg_len > 16)
+    {
+      memxor3(Y.b, ctx->X.b, msg, 16);
+      encrypt(cipher, 16, ctx->X.b, Y.b);
+      msg += 16;
+      msg_len -= 16;
+    }
+
+  /*
+   * copy the last block, it will be processed in
+   * cmac128_digest().
+   */
+  memcpy(ctx->block.b, msg, msg_len);
+  ctx->index = msg_len;
+}
+
+static void
+cmac128_digest(struct cmac128_ctx *ctx, const void *cipher,
+	       nettle_cipher_func *encrypt,
+	       unsigned length,
+	       uint8_t *dst)
+{
+  union nettle_block16 Y;
+
+  memset(ctx->block.b+ctx->index, 0, sizeof(ctx->block.b)-ctx->index);
+
+  /* re-use ctx->block for memxor output */
+  if (ctx->index < 16)
+    {
+      ctx->block.b[ctx->index] = 0x80;
+      memxor(ctx->block.b, ctx->K2.b, 16);
+    }
+  else
+    {
+      memxor(ctx->block.b, ctx->K1.b, 16);
+    }
+
+  memxor3(Y.b, ctx->block.b, ctx->X.b, 16);
+
+  assert(length <= 16);
+  if (length == 16)
+    {
+      encrypt(cipher, 16, dst, Y.b);
+    }
+  else
+    {
+      encrypt(cipher, 16, ctx->block.b, Y.b);
+      memcpy(dst, ctx->block.b, length);
+    }
+
+  /* reset state for re-use */
+  memset(&ctx->X, 0, sizeof(ctx->X));
+  ctx->index = 0;
+}
+
+
+#define CMAC128_CTX(type) \
+  { struct cmac128_ctx ctx; type cipher; }
+
+/* NOTE: Avoid using NULL, as we don't include anything defining it. */
+#define CMAC128_SET_KEY(self, set_key, encrypt, cmac_key)	\
+  do {								\
+    (set_key)(&(self)->cipher, (cmac_key));			\
+    if (0) (encrypt)(&(self)->cipher, ~(size_t) 0,		\
+		     (uint8_t *) 0, (const uint8_t *) 0);	\
+    cmac128_set_key(&(self)->ctx, &(self)->cipher,		\
+		(nettle_cipher_func *) (encrypt));		\
+  } while (0)
+
+#define CMAC128_UPDATE(self, encrypt, length, src)		\
+  cmac128_update(&(self)->ctx, &(self)->cipher,			\
+	      (nettle_cipher_func *)encrypt, (length), (src))
+
+#define CMAC128_DIGEST(self, encrypt, length, digest)		\
+  (0 ? (encrypt)(&(self)->cipher, ~(size_t) 0,			\
+		 (uint8_t *) 0, (const uint8_t *) 0)		\
+     : cmac128_digest(&(self)->ctx, &(self)->cipher,		\
+		  (nettle_cipher_func *) (encrypt),		\
+		  (length), (digest)))
+
+struct cmac_aes128_ctx CMAC128_CTX(struct aes128_ctx);
+
+static void
+cmac_aes128_set_key(struct cmac_aes128_ctx *ctx, const uint8_t *key)
+{
+  CMAC128_SET_KEY(ctx, aes128_set_encrypt_key, aes128_encrypt, key);
+}
+
+static void
+cmac_aes128_update (struct cmac_aes128_ctx *ctx,
+		   size_t length, const uint8_t *data)
+{
+  CMAC128_UPDATE (ctx, aes128_encrypt, length, data);
+}
+
+static void
+cmac_aes128_digest(struct cmac_aes128_ctx *ctx,
+		  size_t length, uint8_t *digest)
+{
+  CMAC128_DIGEST(ctx, aes128_encrypt, length, digest);
+}
+
+static const uint8_t const_one[] = {
+	0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x01
+};
+
+static const uint8_t const_zero[] = {
+	0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00,
+	0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00
+};
+
+static
+void _siv_s2v(nettle_set_key_func *cmac_set_key,
+	      nettle_hash_update_func *cmac_update,
+	      nettle_hash_digest_func *cmac_digest,
+	      size_t cmac_ctx_size,
+	      const uint8_t *s2vk, size_t alength, const uint8_t *adata,
+              size_t nlength, const uint8_t *nonce,
+              size_t plength, const uint8_t *pdata,
+              uint8_t *v)
+{
+  uint8_t ctx[sizeof(struct cmac128_ctx)+sizeof(struct aes_ctx)];
+  union nettle_block16 D, S, T;
+
+  assert(cmac_ctx_size <= sizeof (ctx));
+
+  cmac_set_key(ctx, s2vk);
+
+  if (nlength == 0 && alength == 0) {
+    cmac_update(ctx, 16, const_one);
+    cmac_digest(ctx, 16, v);
+    return;
+  }
+
+  cmac_update(ctx, 16, const_zero);
+  cmac_digest(ctx, 16, D.b);
+
+  if (1) {
+    _cmac128_block_mulx(&D, &D);
+    cmac_update(ctx, alength, adata);
+    cmac_digest(ctx, 16, S.b);
+
+    memxor(D.b, S.b, 16);
+  }
+
+  if (nlength > 0) {
+    _cmac128_block_mulx(&D, &D);
+    cmac_update(ctx, nlength, nonce);
+    cmac_digest(ctx, 16, S.b);
+
+    memxor(D.b, S.b, 16);
+  }
+
+  /* Sn */
+  if (plength >= 16) {
+    cmac_update(ctx, plength-16, pdata);
+
+    pdata += plength-16;
+
+    memxor3(T.b, pdata, D.b, 16);
+  } else {
+    union nettle_block16 pad;
+
+    _cmac128_block_mulx(&T, &D);
+    memcpy(pad.b, pdata, plength);
+    pad.b[plength] = 0x80;
+    if (plength+1 < 16)
+      memset(&pad.b[plength+1], 0, 16-plength-1);
+
+    memxor(T.b, pad.b, 16);
+  }
+
+  cmac_update(ctx, 16, T.b);
+  cmac_digest(ctx, 16, v);
+}
+
+static void
+siv_cmac_aes128_set_key(struct siv_cmac_aes128_ctx *ctx, const uint8_t *key)
+{
+  memcpy(ctx->s2vk, key, 16);
+  aes128_set_encrypt_key(&ctx->cipher, key+16);
+}
+
+static void
+siv_cmac_aes128_encrypt_message(struct siv_cmac_aes128_ctx *ctx,
+				size_t nlength, const uint8_t *nonce,
+				size_t alength, const uint8_t *adata,
+				size_t clength, uint8_t *dst, const uint8_t *src)
+{
+  union nettle_block16 siv;
+  size_t slength;
+
+  assert (clength >= SIV_DIGEST_SIZE);
+  slength = clength - SIV_DIGEST_SIZE;
+
+  /* create CTR nonce */
+  _siv_s2v((nettle_set_key_func*)cmac_aes128_set_key,
+	   (nettle_hash_update_func*)cmac_aes128_update,
+	   (nettle_hash_digest_func*)cmac_aes128_digest,
+	   sizeof(struct cmac_aes128_ctx), ctx->s2vk, alength, adata,
+	   nlength, nonce, slength, src, siv.b);
+  memcpy(dst, siv.b, SIV_DIGEST_SIZE);
+  siv.b[8] &= ~0x80;
+  siv.b[12] &= ~0x80;
+
+  ctr_crypt(&ctx->cipher, (nettle_cipher_func *)aes128_encrypt, AES_BLOCK_SIZE,
+            siv.b, slength, dst+SIV_DIGEST_SIZE, src);
+}
+
+static int
+siv_cmac_aes128_decrypt_message(struct siv_cmac_aes128_ctx *ctx,
+				size_t nlength, const uint8_t *nonce,
+				size_t alength, const uint8_t *adata,
+				size_t mlength, uint8_t *dst, const uint8_t *src)
+{
+  union nettle_block16 siv;
+  union nettle_block16 ctr;
+
+  memcpy(ctr.b, src, SIV_DIGEST_SIZE);
+  ctr.b[8] &= ~0x80;
+  ctr.b[12] &= ~0x80;
+
+  ctr_crypt(&ctx->cipher, (nettle_cipher_func *)aes128_encrypt, AES_BLOCK_SIZE,
+            ctr.b, mlength, dst, src+SIV_DIGEST_SIZE);
+
+  /* create CTR nonce */
+  _siv_s2v((nettle_set_key_func*)cmac_aes128_set_key,
+	   (nettle_hash_update_func*)cmac_aes128_update,
+	   (nettle_hash_digest_func*)cmac_aes128_digest,
+	   sizeof(struct cmac_aes128_ctx), ctx->s2vk, alength, adata,
+	   nlength, nonce, mlength, dst, siv.b);
+
+  return memeql_sec(siv.b, src, SIV_DIGEST_SIZE);
+}
+

smooth.c

@@ -144,7 +144,7 @@ update_stages(void)
      is equal to the offset that should be smoothed out */
 
   s1 = smooth_offset / max_wander;
-  s2 = smooth_freq * smooth_freq / (2.0 * max_wander * max_wander);
+  s2 = SQUARE(smooth_freq) / (2.0 * SQUARE(max_wander));
   
   /* Calculate the lengths of the 1st and 3rd stage assuming there is no
      frequency limit.  The direction of the 1st stage is selected so that

socket.h

@@ -0,0 +1,145 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Miroslav Lichvar  2019
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  This is the header file for socket operations.
+
+  */
+
+#ifndef GOT_SOCKET_H
+#define GOT_SOCKET_H
+
+#include "addressing.h"
+
+/* Flags for opening sockets */
+#define SCK_FLAG_BLOCK 1
+#define SCK_FLAG_BROADCAST 2
+#define SCK_FLAG_RX_DEST_ADDR 4
+#define SCK_FLAG_ALL_PERMISSIONS 8
+#define SCK_FLAG_PRIV_BIND 16
+
+/* Flags for receiving and sending messages */
+#define SCK_FLAG_MSG_ERRQUEUE 1
+#define SCK_FLAG_MSG_DESCRIPTOR 2
+
+/* Maximum number of received messages */
+#define SCK_MAX_RECV_MESSAGES 4
+
+typedef enum {
+  SCK_ADDR_UNSPEC = 0,
+  SCK_ADDR_IP,
+  SCK_ADDR_UNIX
+} SCK_AddressType;
+
+typedef struct {
+  void *data;
+  unsigned int length;
+  SCK_AddressType addr_type;
+  int if_index;
+
+  union {
+    IPSockAddr ip;
+    const char *path;
+  } remote_addr;
+
+  union {
+    IPAddr ip;
+  } local_addr;
+
+  struct {
+    struct timespec kernel;
+    struct timespec hw;
+    int if_index;
+    int l2_length;
+    int tx_flags;
+  } timestamp;
+
+  int descriptor;
+} SCK_Message;
+
+/* Initialisation function */
+extern void SCK_Initialise(void);
+
+/* Finalisation function */
+extern void SCK_Finalise(void);
+
+/* Check if support for the IP family was enabled in the build */
+extern int SCK_IsFamilySupported(int family);
+
+/* Get the 0.0.0.0/::0 or 127.0.0.1/::1 address */
+extern void SCK_GetAnyLocalIPAddress(int family, IPAddr *local_addr);
+extern void SCK_GetLoopbackIPAddress(int family, IPAddr *local_addr);
+
+/* Specify a bind()-like function for binding sockets to privileged ports when
+   running in a restricted process (e.g. after dropping root privileges) */
+extern void SCK_SetPrivBind(int (*function)(int sock_fd, struct sockaddr *address,
+                                            socklen_t address_len));
+
+/* Open socket */
+extern int SCK_OpenUdpSocket(IPSockAddr *remote_addr, IPSockAddr *local_addr, int flags);
+extern int SCK_OpenTcpSocket(IPSockAddr *remote_addr, IPSockAddr *local_addr, int flags);
+extern int SCK_OpenUnixDatagramSocket(const char *remote_addr, const char *local_addr,
+                                      int flags);
+extern int SCK_OpenUnixStreamSocket(const char *remote_addr, const char *local_addr,
+                                    int flags);
+extern int SCK_OpenUnixSocketPair(int flags, int *other_fd);
+
+/* Set and get a socket option of int size */
+extern int SCK_SetIntOption(int sock_fd, int level, int name, int value);
+extern int SCK_GetIntOption(int sock_fd, int level, int name, int *value);
+
+/* Enable RX timestamping socket option */
+extern int SCK_EnableKernelRxTimestamping(int sock_fd);
+
+/* Operate on a stream socket - listen()/accept()/shutdown() wrappers */
+extern int SCK_ListenOnSocket(int sock_fd, int backlog);
+extern int SCK_AcceptConnection(int sock_fd, IPSockAddr *remote_addr);
+extern int SCK_ShutdownConnection(int sock_fd);
+
+/* Receive and send data on connected sockets - recv()/send() wrappers */
+extern int SCK_Receive(int sock_fd, void *buffer, unsigned int length, int flags);
+extern int SCK_Send(int sock_fd, const void *buffer, unsigned int length, int flags);
+
+/* Receive a single message or multiple messages.  The functions return the
+   number of received messages, or 0 on error.  The returned data point to
+   static buffers, which are valid until another call of these functions.  */
+extern int SCK_ReceiveMessage(int sock_fd, SCK_Message *message, int flags);
+extern int SCK_ReceiveMessages(int sock_fd, SCK_Message *messages, int max_messages,
+                               int flags);
+
+/* Initialise a new message (e.g. before sending) */
+extern void SCK_InitMessage(SCK_Message *message, SCK_AddressType addr_type);
+
+/* Send a message */
+extern int SCK_SendMessage(int sock_fd, SCK_Message *message, int flags);
+
+/* Remove bound Unix socket */
+extern int SCK_RemoveSocket(int sock_fd);
+
+/* Close the socket */
+extern void SCK_CloseSocket(int sock_fd);
+
+/* Convert between IPSockAddr and sockaddr_in/in6 */
+extern void SCK_SockaddrToIPSockAddr(struct sockaddr *sa, int sa_length, IPSockAddr *ip_sa);
+extern int SCK_IPSockAddrToSockaddr(IPSockAddr *ip_sa, struct sockaddr *sa, int sa_length);
+
+#endif

sources.c

@@ -3,7 +3,7 @@
 
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
- * Copyright (C) Miroslav Lichvar  2011-2016
+ * Copyright (C) Miroslav Lichvar  2011-2016, 2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -91,7 +91,6 @@ typedef enum {
    source */
 struct SRC_Instance_Record {
   SST_Stats stats;
-  NTP_Leap leap_status;         /* Leap status */
   int index;                    /* Index back into the array of source */
   uint32_t ref_id;              /* The reference ID of this source
                                    (i.e. from its IP address, NOT the
@@ -126,6 +125,12 @@ struct SRC_Instance_Record {
   double sel_score;
 
   struct SelectInfo sel_info;
+
+  /* Latest leap status */
+  NTP_Leap leap;
+
+  /* Flag indicating the source has a leap second vote */
+  int leap_vote;
 };
 
 /* ================================================== */
@@ -249,6 +254,7 @@ SRC_Instance SRC_CreateNewInstance(uint32_t ref_id, SRC_Type type, int sel_optio
   result->index = n_sources;
   result->type = type;
   result->sel_options = sel_options;
+  result->active = 0;
 
   SRC_SetRefid(result, ref_id, addr);
   SRC_ResetInstance(result);
@@ -291,14 +297,14 @@ void SRC_DestroyInstance(SRC_Instance instance)
 void
 SRC_ResetInstance(SRC_Instance instance)
 {
-  instance->leap_status = LEAP_Normal;
-  instance->active = 0;
   instance->updates = 0;
   instance->reachability = 0;
   instance->reachability_size = 0;
   instance->distant = 0;
   instance->status = SRC_BAD_STATS;
   instance->sel_score = 1.0;
+  instance->leap = LEAP_Unsynchronised;
+  instance->leap_vote = 0;
 
   SST_ResetInstance(instance->stats);
 }
@@ -324,45 +330,72 @@ SRC_GetSourcestats(SRC_Instance instance)
 
 /* ================================================== */
 
+static NTP_Leap
+get_leap_status(void)
+{
+  int i, leap_votes, leap_ins, leap_del;
+
+  /* Accept a leap second if more than half of the sources with a vote agree */
+
+  for (i = leap_ins = leap_del = leap_votes = 0; i < n_sources; i++) {
+    if (!sources[i]->leap_vote)
+      continue;
+
+    leap_votes++;
+    if (sources[i]->leap == LEAP_InsertSecond)
+      leap_ins++;
+    else if (sources[i]->leap == LEAP_DeleteSecond)
+      leap_del++;
+  }
+
+  if (leap_ins > leap_votes / 2)
+    return LEAP_InsertSecond;
+  else if (leap_del > leap_votes / 2)
+    return LEAP_DeleteSecond;
+  else
+    return LEAP_Normal;
+}
+
+/* ================================================== */
+
+void
+SRC_SetLeapStatus(SRC_Instance inst, NTP_Leap leap)
+{
+  if (REF_IsLeapSecondClose())
+    return;
+
+  inst->leap = leap;
+
+  if (inst->leap_vote)
+    REF_UpdateLeapStatus(get_leap_status());
+}
+
+/* ================================================== */
+
 /* This function is called by one of the source drivers when it has
    a new sample that is to be accumulated.
 
    This function causes the frequency estimation to be re-run for the
    designated source, and the clock selection procedure to be re-run
    afterwards.
-
-   Parameters are described in sources.h
-
    */
 
-void SRC_AccumulateSample
-(SRC_Instance inst, 
- struct timespec *sample_time,
- double offset, 
- double peer_delay,
- double peer_dispersion,
- double root_delay, 
- double root_dispersion, 
- int stratum,
- NTP_Leap leap_status)
+void
+SRC_AccumulateSample(SRC_Instance inst, NTP_Sample *sample)
 {
 
   assert(initialised);
 
-  inst->leap_status = leap_status;
-
   DEBUG_LOG("ip=[%s] t=%s ofs=%f del=%f disp=%f str=%d",
-            source_to_string(inst), UTI_TimespecToString(sample_time), -offset,
-            root_delay, root_dispersion, stratum);
+            source_to_string(inst), UTI_TimespecToString(&sample->time), -sample->offset,
+            sample->root_delay, sample->root_dispersion, sample->stratum);
 
   if (REF_IsLeapSecondClose()) {
     LOG(LOGS_INFO, "Dropping sample around leap second");
     return;
   }
 
-  /* WE HAVE TO NEGATE OFFSET IN THIS CALL, IT IS HERE THAT THE SENSE OF OFFSET
-     IS FLIPPED */
-  SST_AccumulateSample(inst->stats, sample_time, -offset, peer_delay, peer_dispersion, root_delay, root_dispersion, stratum);
+  SST_AccumulateSample(inst->stats, sample);
   SST_DoNewRegression(inst->stats);
 }
 
@@ -512,20 +545,21 @@ mark_ok_sources(SRC_Status status)
 
 static int
 combine_sources(int n_sel_sources, struct timespec *ref_time, double *offset,
-                double *offset_sd, double *frequency, double *skew)
+                double *offset_sd, double *frequency, double *frequency_sd, double *skew)
 {
   struct timespec src_ref_time;
-  double src_offset, src_offset_sd, src_frequency, src_skew;
+  double src_offset, src_offset_sd, src_frequency, src_frequency_sd, src_skew;
   double src_root_delay, src_root_dispersion, sel_src_distance, elapsed;
   double offset_weight, sum_offset_weight, sum_offset, sum2_offset_sd;
-  double frequency_weight, sum_frequency_weight, sum_frequency, inv_sum2_skew;
+  double frequency_weight, sum_frequency_weight, sum_frequency;
+  double inv_sum2_frequency_sd, inv_sum2_skew;
   int i, index, combined;
 
   if (n_sel_sources == 1)
     return 1;
 
   sum_offset_weight = sum_offset = sum2_offset_sd = 0.0;
-  sum_frequency_weight = sum_frequency = inv_sum2_skew = 0.0;
+  sum_frequency_weight = sum_frequency = inv_sum2_frequency_sd = inv_sum2_skew = 0.0;
 
   sel_src_distance = sources[selected_source_index]->sel_info.root_distance;
   if (sources[selected_source_index]->type == SRC_NTP)
@@ -535,7 +569,7 @@ combine_sources(int n_sel_sources, struct timespec *ref_time, double *offset,
     index = sel_sources[i];
     SST_GetTrackingData(sources[index]->stats, &src_ref_time,
                         &src_offset, &src_offset_sd,
-                        &src_frequency, &src_skew,
+                        &src_frequency, &src_frequency_sd, &src_skew,
                         &src_root_delay, &src_root_dispersion);
 
     /* Don't include this source if its distance is longer than the distance of
@@ -563,20 +597,23 @@ combine_sources(int n_sel_sources, struct timespec *ref_time, double *offset,
 
     elapsed = UTI_DiffTimespecsToDouble(ref_time, &src_ref_time);
     src_offset += elapsed * src_frequency;
+    src_offset_sd += elapsed * src_frequency_sd;
     offset_weight = 1.0 / sources[index]->sel_info.root_distance;
-    frequency_weight = 1.0 / src_skew;
+    frequency_weight = 1.0 / SQUARE(src_frequency_sd);
 
-    DEBUG_LOG("combining index=%d oweight=%e offset=%e sd=%e fweight=%e freq=%e skew=%e",
-        index, offset_weight, src_offset, src_offset_sd, frequency_weight, src_frequency, src_skew);
+    DEBUG_LOG("combining index=%d oweight=%e offset=%e osd=%e fweight=%e freq=%e fsd=%e skew=%e",
+              index, offset_weight, src_offset, src_offset_sd,
+              frequency_weight, src_frequency, src_frequency_sd, src_skew);
 
     sum_offset_weight += offset_weight;
     sum_offset += offset_weight * src_offset;
-    sum2_offset_sd += offset_weight * (src_offset_sd * src_offset_sd +
-        (src_offset - *offset) * (src_offset - *offset));
+    sum2_offset_sd += offset_weight * (SQUARE(src_offset_sd) +
+                                       SQUARE(src_offset - *offset));
 
     sum_frequency_weight += frequency_weight;
     sum_frequency += frequency_weight * src_frequency;
-    inv_sum2_skew += 1.0 / (src_skew * src_skew);
+    inv_sum2_frequency_sd += 1.0 / SQUARE(src_frequency_sd);
+    inv_sum2_skew += 1.0 / SQUARE(src_skew);
 
     combined++;
   }
@@ -585,10 +622,11 @@ combine_sources(int n_sel_sources, struct timespec *ref_time, double *offset,
   *offset = sum_offset / sum_offset_weight;
   *offset_sd = sqrt(sum2_offset_sd / sum_offset_weight);
   *frequency = sum_frequency / sum_frequency_weight;
+  *frequency_sd = 1.0 / sqrt(inv_sum2_frequency_sd);
   *skew = 1.0 / sqrt(inv_sum2_skew);
 
-  DEBUG_LOG("combined result offset=%e sd=%e freq=%e skew=%e",
-      *offset, *offset_sd, *frequency, *skew);
+  DEBUG_LOG("combined result offset=%e osd=%e freq=%e fsd=%e skew=%e",
+            *offset, *offset_sd, *frequency, *frequency_sd, *skew);
 
   return combined;
 }
@@ -602,12 +640,12 @@ SRC_SelectSource(SRC_Instance updated_inst)
 {
   struct SelectInfo *si;
   struct timespec now, ref_time;
-  int i, j, j1, j2, index, sel_prefer, n_endpoints, n_sel_sources;
-  int n_badstats_sources, max_sel_reach, max_badstat_reach, sel_req_source;
+  int i, j, j1, j2, index, sel_prefer, n_endpoints, n_sel_sources, sel_req_source;
+  int n_badstats_sources, max_sel_reach, max_sel_reach_size, max_badstat_reach;
   int depth, best_depth, trust_depth, best_trust_depth;
   int combined, stratum, min_stratum, max_score_index;
-  int orphan_stratum, orphan_source, leap_votes, leap_ins, leap_del;
-  double src_offset, src_offset_sd, src_frequency, src_skew;
+  int orphan_stratum, orphan_source;
+  double src_offset, src_offset_sd, src_frequency, src_frequency_sd, src_skew;
   double src_root_delay, src_root_dispersion;
   double best_lo, best_hi, distance, sel_src_distance, max_score;
   double first_sample_ago, max_reach_sample_ago;
@@ -635,6 +673,7 @@ SRC_SelectSource(SRC_Instance updated_inst)
   n_badstats_sources = 0;
   sel_req_source = 0;
   max_sel_reach = max_badstat_reach = 0;
+  max_sel_reach_size = 0;
   max_reach_sample_ago = 0.0;
 
   for (i = 0; i < n_sources; i++) {
@@ -665,6 +704,16 @@ SRC_SelectSource(SRC_Instance updated_inst)
       continue;
     }
 
+    /* Include extra dispersion in the root distance of sources that don't
+       have new samples (the last sample is older than span of all samples) */
+    if (first_sample_ago < 2.0 * si->last_sample_ago) {
+      double extra_disp = LCL_GetMaxClockError() *
+                          (2.0 * si->last_sample_ago - first_sample_ago);
+      si->root_distance += extra_disp;
+      si->lo_limit -= extra_disp;
+      si->hi_limit += extra_disp;
+    }
+
     /* Require the root distance to be below the allowed maximum */
     if (si->root_distance > max_distance) {
       sources[i]->status = SRC_BAD_DISTANCE;
@@ -678,12 +727,16 @@ SRC_SelectSource(SRC_Instance updated_inst)
     }
 
     sources[i]->status = SRC_OK; /* For now */
+    sources[i]->leap_vote = 0;
 
     if (sources[i]->reachability && max_reach_sample_ago < first_sample_ago)
       max_reach_sample_ago = first_sample_ago;
 
     if (max_sel_reach < sources[i]->reachability)
       max_sel_reach = sources[i]->reachability;
+
+    if (max_sel_reach_size < sources[i]->reachability_size)
+      max_sel_reach_size = sources[i]->reachability_size;
   }
 
   orphan_stratum = REF_GetOrphanStratum();
@@ -767,18 +820,17 @@ SRC_SelectSource(SRC_Instance updated_inst)
     n_endpoints += 2;
   }
 
-  DEBUG_LOG("badstat=%d sel=%d badstat_reach=%x sel_reach=%x max_reach_ago=%f",
-            n_badstats_sources, n_sel_sources, max_badstat_reach,
-            max_sel_reach, max_reach_sample_ago);
+  DEBUG_LOG("badstat=%d sel=%d badstat_reach=%x sel_reach=%x size=%d max_reach_ago=%f",
+            n_badstats_sources, n_sel_sources, (unsigned int)max_badstat_reach,
+            (unsigned int)max_sel_reach, max_sel_reach_size, max_reach_sample_ago);
 
   /* Wait for the next call if we have no source selected and there is
      a source with bad stats (has less than 3 samples) with reachability
      equal to shifted maximum reachability of sources with valid stats.
      This delays selecting source on start with servers using the same
      polling interval until they all have valid stats. */
-  if (n_badstats_sources && n_sel_sources &&
-      selected_source_index == INVALID_SOURCE &&
-      max_sel_reach >> 1 == max_badstat_reach) {
+  if (n_badstats_sources && n_sel_sources && selected_source_index == INVALID_SOURCE &&
+      max_sel_reach_size < SOURCE_REACH_BITS && max_sel_reach >> 1 == max_badstat_reach) {
     mark_ok_sources(SRC_WAITS_STATS);
     return;
   }
@@ -912,26 +964,15 @@ SRC_SelectSource(SRC_Instance updated_inst)
     return;
   }
 
-  /* Accept leap second status if more than half of selectable (and trusted
-     if there are any) sources agree */
-  for (i = leap_ins = leap_del = leap_votes = 0; i < n_sel_sources; i++) {
+  /* Enable the selectable sources (and trusted if there are any) to
+     vote on leap seconds */
+  for (i = 0; i < n_sel_sources; i++) {
     index = sel_sources[i];
     if (best_trust_depth && !(sources[index]->sel_options & SRC_SELECT_TRUST))
       continue;
-    leap_votes++;
-    if (sources[index]->leap_status == LEAP_InsertSecond)
-      leap_ins++;
-    else if (sources[index]->leap_status == LEAP_DeleteSecond)
-      leap_del++;
+    sources[index]->leap_vote = 1;
   }
 
-  if (leap_ins > leap_votes / 2)
-    leap_status = LEAP_InsertSecond;
-  else if (leap_del > leap_votes / 2)
-    leap_status = LEAP_DeleteSecond;
-  else
-    leap_status = LEAP_Normal;
-
   /* If there are any sources with prefer option, reduce the list again
      only to the preferred sources */
   for (i = 0; i < n_sel_sources; i++) {
@@ -1005,7 +1046,7 @@ SRC_SelectSource(SRC_Instance updated_inst)
       sources[i]->sel_score = 1.0 / distance;
     }
 
-    DEBUG_LOG("select score=%f refid=%"PRIx32" match_refid=%"PRIx32" status=%d dist=%f",
+    DEBUG_LOG("select score=%f refid=%"PRIx32" match_refid=%"PRIx32" status=%u dist=%f",
               sources[i]->sel_score, sources[i]->ref_id,
               updated_inst ? updated_inst->ref_id : 0,
               sources[i]->status, distance);
@@ -1063,23 +1104,25 @@ SRC_SelectSource(SRC_Instance updated_inst)
   for (i = 0; i < n_sources; i++)
     sources[i]->updates = 0;
 
+  leap_status = get_leap_status();
+
   /* Now just use the statistics of the selected source combined with
      the other selectable sources for trimming the local clock */
 
   SST_GetTrackingData(sources[selected_source_index]->stats, &ref_time,
                       &src_offset, &src_offset_sd,
-                      &src_frequency, &src_skew,
+                      &src_frequency, &src_frequency_sd, &src_skew,
                       &src_root_delay, &src_root_dispersion);
 
-  combined = combine_sources(n_sel_sources, &ref_time, &src_offset,
-                             &src_offset_sd, &src_frequency, &src_skew);
+  combined = combine_sources(n_sel_sources, &ref_time, &src_offset, &src_offset_sd,
+                             &src_frequency, &src_frequency_sd, &src_skew);
 
   REF_SetReference(sources[selected_source_index]->sel_info.stratum,
                    leap_status, combined,
                    sources[selected_source_index]->ref_id,
                    sources[selected_source_index]->ip_addr,
                    &ref_time, src_offset, src_offset_sd,
-                   src_frequency, src_skew,
+                   src_frequency, src_frequency_sd, src_skew,
                    src_root_delay, src_root_dispersion);
 }
 
@@ -1126,7 +1169,7 @@ slew_sources(struct timespec *raw, struct timespec *cooked, double dfreq,
   }
 
   if (change_type == LCL_ChangeUnknownStep) {
-    /* After resetting no source is selectable, set reference unsynchronised */
+    /* Update selection status */
     SRC_SelectSource(NULL);
   }
 }
@@ -1148,10 +1191,9 @@ add_dispersion(double dispersion, void *anything)
 /* ================================================== */
 
 static
-FILE *open_dumpfile(SRC_Instance inst, const char *mode)
+FILE *open_dumpfile(SRC_Instance inst, char mode)
 {
-  FILE *f;
-  char filename[1024], *dumpdir;
+  char filename[64], *dumpdir;
 
   dumpdir = CNF_GetDumpDir();
   if (dumpdir[0] == '\0') {
@@ -1160,22 +1202,14 @@ FILE *open_dumpfile(SRC_Instance inst, const char *mode)
   }
 
   /* Include IP address in the name for NTP sources, or reference ID in hex */
-  if ((inst->type == SRC_NTP &&
-       snprintf(filename, sizeof (filename), "%s/%s.dat", dumpdir,
-                source_to_string(inst)) >= sizeof (filename)) ||
-      (inst->type != SRC_NTP &&
-       snprintf(filename, sizeof (filename), "%s/refid:%08"PRIx32".dat",
-                dumpdir, inst->ref_id) >= sizeof (filename))) {
-    LOG(LOGS_WARN, "dumpdir too long");
+  if (inst->type == SRC_NTP && UTI_IsIPReal(inst->ip_addr))
+    snprintf(filename, sizeof (filename), "%s", source_to_string(inst));
+  else if (inst->type == SRC_REFCLOCK)
+    snprintf(filename, sizeof (filename), "refid:%08"PRIx32, inst->ref_id);
+  else
     return NULL;
-  }
 
-  f = fopen(filename, mode);
-  if (!f && mode[0] != 'r')
-    LOG(LOGS_WARN, "Could not open dump file for %s",
-        source_to_string(inst));
-
-  return f;
+  return UTI_OpenFile(dumpdir, filename, ".dat", mode, 0644);
 }
 
 /* ================================================== */
@@ -1188,7 +1222,7 @@ SRC_DumpSources(void)
   int i;
 
   for (i = 0; i < n_sources; i++) {
-    out = open_dumpfile(sources[i], "w");
+    out = open_dumpfile(sources[i], 'w');
     if (!out)
       continue;
     SST_SaveToFile(sources[i]->stats, out);
@@ -1205,7 +1239,7 @@ SRC_ReloadSources(void)
   int i;
 
   for (i = 0; i < n_sources; i++) {
-    in = open_dumpfile(sources[i], "r");
+    in = open_dumpfile(sources[i], 'r');
     if (!in)
       continue;
     if (!SST_LoadFromFile(sources[i]->stats, in))
@@ -1223,7 +1257,7 @@ SRC_ReloadSources(void)
 void
 SRC_RemoveDumpFiles(void)
 {
-  char pattern[1024], name[64], *dumpdir, *s;
+  char pattern[PATH_MAX], name[64], *dumpdir, *s;
   IPAddr ip_addr;
   glob_t gl;
   size_t i;
@@ -1250,8 +1284,8 @@ SRC_RemoveDumpFiles(void)
     if (strncmp(name, "refid:", 6) && !UTI_StringToIP(name, &ip_addr))
       continue;
 
-    DEBUG_LOG("Removing %s", gl.gl_pathv[i]);
-    unlink(gl.gl_pathv[i]);
+    if (!UTI_RemoveFile(NULL, gl.gl_pathv[i], NULL))
+      ;
   }
 
   globfree(&gl);
@@ -1259,6 +1293,17 @@ SRC_RemoveDumpFiles(void)
 
 /* ================================================== */
 
+void
+SRC_ResetSources(void)
+{
+  int i;
+
+  for (i = 0; i < n_sources; i++)
+    SRC_ResetInstance(sources[i]);
+}
+
+/* ================================================== */
+
 int
 SRC_IsSyncPeer(SRC_Instance inst)
 {

sources.h

@@ -79,35 +79,11 @@ extern void SRC_SetRefid(SRC_Instance instance, uint32_t ref_id, IPAddr *addr);
 /* Function to get access to the sourcestats instance */
 extern SST_Stats SRC_GetSourcestats(SRC_Instance instance);
 
-/* This function is called by one of the source drivers when it has
-   a new sample that is to be accumulated.
+/* Function to set the current leap status according to the source */
+extern void SRC_SetLeapStatus(SRC_Instance instance, NTP_Leap leap);
 
-   This function causes the frequency estimation to be re-run for the
-   designated source, and the clock selection procedure to be re-run
-   afterwards.
-
-   sample_time is the local time at which the sample is to be
-   considered to have been made, in terms of doing a regression fit of
-   offset against local time.
-
-   offset is the offset at the time, in seconds.  Positive indicates
-   that the local clock is SLOW relative to the source, negative
-   indicates that the local clock is FAST relative to it.
-
-   root_delay and root_dispersion are in seconds, and are as per
-   RFC 5905.  root_dispersion only includes the peer's root dispersion
-   + local sampling precision + skew dispersion accrued during the
-   measurement.  It is the job of the source statistics algorithms +
-   track.c to add on the extra dispersion due to the residual standard
-   deviation of the offsets from this source after regression, to form
-   the root_dispersion field in the packets transmitted to clients or
-   peers.
-
-   stratum is the stratum of the source that supplied the sample.
-
-   */
-
-extern void SRC_AccumulateSample(SRC_Instance instance, struct timespec *sample_time, double offset, double peer_delay, double peer_dispersion, double root_delay, double root_dispersion, int stratum, NTP_Leap leap_status);
+/* Function to accumulate a new sample from the source */
+extern void SRC_AccumulateSample(SRC_Instance instance, NTP_Sample *sample);
 
 /* This routine sets the source as receiving reachability updates */
 extern void SRC_SetActive(SRC_Instance inst);
@@ -140,6 +116,8 @@ extern void SRC_DumpSources(void);
 extern void SRC_ReloadSources(void);
 extern void SRC_RemoveDumpFiles(void);
 
+extern void SRC_ResetSources(void);
+
 extern int SRC_IsSyncPeer(SRC_Instance inst);
 extern int SRC_IsReachable(SRC_Instance inst);
 extern int SRC_ReadNumberOfSources(void);

sourcestats.c

@@ -3,7 +3,7 @@
 
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
- * Copyright (C) Miroslav Lichvar  2011-2014, 2016-2017
+ * Copyright (C) Miroslav Lichvar  2011-2014, 2016-2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -51,6 +51,12 @@
 #define MIN_SKEW 1.0e-12
 #define MAX_SKEW 1.0e+02
 
+/* The minimum standard deviation */
+#define MIN_STDDEV 1.0e-9
+
+/* The worst case bound on an unknown standard deviation of the offset */
+#define WORST_CASE_STDDEV_BOUND 4.0
+
 /* The asymmetry of network jitter when all jitter is in one direction */
 #define MAX_ASYMMETRY 0.5
 
@@ -129,6 +135,7 @@ struct SST_Stats_Record {
      source per unit local time.  (Positive => local clock fast,
      negative => local clock slow) */
   double estimated_frequency;
+  double estimated_frequency_sd;
 
   /* This is the assumed worst case bounds on the estimated frequency.
      We assume that the true frequency lies within +/- half this much
@@ -171,10 +178,8 @@ struct SST_Stats_Record {
      time of the measurements */
   double root_dispersions[MAX_SAMPLES];
 
-  /* This array contains the strata that were associated with the sources
-     at the times the samples were generated */
-  int strata[MAX_SAMPLES];
-
+  /* The stratum from the last accumulated sample */
+  int stratum;
 };
 
 /* ================================================== */
@@ -241,11 +246,12 @@ SST_ResetInstance(SST_Stats inst)
   inst->best_single_sample = 0;
   inst->min_delay_sample = 0;
   inst->estimated_frequency = 0;
-  inst->skew = 2000.0e-6;
+  inst->estimated_frequency_sd = WORST_CASE_FREQ_BOUND;
+  inst->skew = WORST_CASE_FREQ_BOUND;
   inst->estimated_offset = 0.0;
-  inst->estimated_offset_sd = 86400.0; /* Assume it's at least within a day! */
+  inst->estimated_offset_sd = WORST_CASE_STDDEV_BOUND;
   UTI_ZeroTimespec(&inst->offset_time);
-  inst->std_dev = 4.0;
+  inst->std_dev = WORST_CASE_STDDEV_BOUND;
   inst->nruns = 0;
   inst->asymmetry_run = 0;
   inst->asymmetry = 0.0;
@@ -284,11 +290,7 @@ prune_register(SST_Stats inst, int new_oldest)
 /* ================================================== */
 
 void
-SST_AccumulateSample(SST_Stats inst, struct timespec *sample_time,
-                     double offset,
-                     double peer_delay, double peer_dispersion,
-                     double root_delay, double root_dispersion,
-                     int stratum)
+SST_AccumulateSample(SST_Stats inst, NTP_Sample *sample)
 {
   int n, m;
 
@@ -300,7 +302,7 @@ SST_AccumulateSample(SST_Stats inst, struct timespec *sample_time,
 
   /* Make sure it's newer than the last sample */
   if (inst->n_samples &&
-      UTI_CompareTimespecs(&inst->sample_times[inst->last_sample], sample_time) >= 0) {
+      UTI_CompareTimespecs(&inst->sample_times[inst->last_sample], &sample->time) >= 0) {
     LOG(LOGS_WARN, "Out of order sample detected, discarding history for %s",
         inst->ip_addr ? UTI_IPToString(inst->ip_addr) : UTI_RefidToString(inst->refid));
     SST_ResetInstance(inst);
@@ -310,14 +312,16 @@ SST_AccumulateSample(SST_Stats inst, struct timespec *sample_time,
     (MAX_SAMPLES * REGRESS_RUNS_RATIO);
   m = n % MAX_SAMPLES;
 
-  inst->sample_times[n] = *sample_time;
-  inst->offsets[n] = offset;
-  inst->orig_offsets[m] = offset;
-  inst->peer_delays[n] = peer_delay;
-  inst->peer_dispersions[m] = peer_dispersion;
-  inst->root_delays[m] = root_delay;
-  inst->root_dispersions[m] = root_dispersion;
-  inst->strata[m] = stratum;
+  /* WE HAVE TO NEGATE OFFSET IN THIS CALL, IT IS HERE THAT THE SENSE OF OFFSET
+     IS FLIPPED */
+  inst->sample_times[n] = sample->time;
+  inst->offsets[n] = -sample->offset;
+  inst->orig_offsets[m] = -sample->offset;
+  inst->peer_delays[n] = sample->peer_delay;
+  inst->peer_dispersions[m] = sample->peer_dispersion;
+  inst->root_delays[m] = sample->root_delay;
+  inst->root_dispersions[m] = sample->root_dispersion;
+  inst->stratum = sample->stratum;
  
   if (inst->peer_delays[n] < inst->fixed_min_delay)
     inst->peer_delays[n] = 2.0 * inst->fixed_min_delay - inst->peer_delays[n];
@@ -547,7 +551,7 @@ SST_DoNewRegression(SST_Stats inst)
       sd_weight = 1.0;
       if (peer_distances[i] > min_distance)
         sd_weight += (peer_distances[i] - min_distance) / sd;
-      weights[i] = sd_weight * sd_weight;
+      weights[i] = SQUARE(sd_weight);
     }
   }
 
@@ -567,11 +571,12 @@ SST_DoNewRegression(SST_Stats inst)
     old_freq = inst->estimated_frequency;
   
     inst->estimated_frequency = est_slope;
+    inst->estimated_frequency_sd = CLAMP(MIN_SKEW, est_slope_sd, MAX_SKEW);
     inst->skew = est_slope_sd * RGR_GetTCoef(degrees_of_freedom);
     inst->estimated_offset = est_intercept;
     inst->offset_time = inst->sample_times[inst->last_sample];
     inst->estimated_offset_sd = est_intercept_sd;
-    inst->std_dev = sqrt(est_var);
+    inst->std_dev = MAX(MIN_STDDEV, sqrt(est_var));
     inst->nruns = nruns;
 
     inst->skew = CLAMP(MIN_SKEW, inst->skew, MAX_SKEW);
@@ -596,8 +601,20 @@ SST_DoNewRegression(SST_Stats inst)
     times_back_start = inst->runs_samples + best_start;
     prune_register(inst, best_start);
   } else {
-    inst->estimated_frequency = 0.0;
+    inst->estimated_frequency_sd = WORST_CASE_FREQ_BOUND;
     inst->skew = WORST_CASE_FREQ_BOUND;
+    inst->estimated_offset_sd = WORST_CASE_STDDEV_BOUND;
+    inst->std_dev = WORST_CASE_STDDEV_BOUND;
+    inst->nruns = 0;
+
+    if (inst->n_samples > 0) {
+      inst->estimated_offset = inst->offsets[inst->last_sample];
+      inst->offset_time = inst->sample_times[inst->last_sample];
+    } else {
+      inst->estimated_offset = 0.0;
+      UTI_ZeroTimespec(&inst->offset_time);
+    }
+
     times_back_start = 0;
   }
 
@@ -653,7 +670,7 @@ SST_GetSelectionData(SST_Stats inst, struct timespec *now,
   i = get_runsbuf_index(inst, inst->best_single_sample);
   j = get_buf_index(inst, inst->best_single_sample);
 
-  *stratum = inst->strata[get_buf_index(inst, inst->n_samples - 1)];
+  *stratum = inst->stratum;
   *std_dev = inst->std_dev;
 
   sample_elapsed = fabs(UTI_DiffTimespecsToDouble(now, &inst->sample_times[i]));
@@ -685,6 +702,13 @@ SST_GetSelectionData(SST_Stats inst, struct timespec *now,
 
   *select_ok = inst->regression_ok;
 
+  /* If maxsamples is too small to have a successful regression, enable the
+     selection as a special case for a fast update/print-once reference mode */
+  if (!*select_ok && inst->n_samples < 3 && inst->n_samples == inst->max_samples) {
+    *std_dev = CNF_GetMaxJitter();
+    *select_ok = 1;
+  }
+
   DEBUG_LOG("n=%d off=%f dist=%f sd=%f first_ago=%f last_ago=%f selok=%d",
             inst->n_samples, offset, *root_distance, *std_dev,
             *first_sample_ago, *last_sample_ago, *select_ok);
@@ -695,7 +719,7 @@ SST_GetSelectionData(SST_Stats inst, struct timespec *now,
 void
 SST_GetTrackingData(SST_Stats inst, struct timespec *ref_time,
                     double *average_offset, double *offset_sd,
-                    double *frequency, double *skew,
+                    double *frequency, double *frequency_sd, double *skew,
                     double *root_delay, double *root_dispersion)
 {
   int i, j;
@@ -710,16 +734,16 @@ SST_GetTrackingData(SST_Stats inst, struct timespec *ref_time,
   *average_offset = inst->estimated_offset;
   *offset_sd = inst->estimated_offset_sd;
   *frequency = inst->estimated_frequency;
+  *frequency_sd = inst->estimated_frequency_sd;
   *skew = inst->skew;
   *root_delay = inst->root_delays[j];
 
   elapsed_sample = UTI_DiffTimespecsToDouble(&inst->offset_time, &inst->sample_times[i]);
-  *root_dispersion = inst->root_dispersions[j] + inst->skew * elapsed_sample;
-
-  DEBUG_LOG("n=%d freq=%f (%.3fppm) skew=%f (%.3fppm) avoff=%f offsd=%f disp=%f",
-            inst->n_samples, *frequency, 1.0e6* *frequency, *skew, 1.0e6* *skew,
-            *average_offset, *offset_sd, *root_dispersion);
+  *root_dispersion = inst->root_dispersions[j] + inst->skew * elapsed_sample + *offset_sd;
 
+  DEBUG_LOG("n=%d off=%f offsd=%f freq=%e freqsd=%e skew=%e delay=%f disp=%f",
+            inst->n_samples, *average_offset, *offset_sd,
+            *frequency, *frequency_sd, *skew, *root_delay, *root_dispersion);
 }
 
 /* ================================================== */
@@ -861,7 +885,7 @@ SST_SaveToFile(SST_Stats inst, FILE *out)
             inst->root_delays[j],
             inst->root_dispersions[j],
             1.0, /* used to be inst->weights[i] */
-            inst->strata[j]);
+            inst->stratum /* used to be an array */);
 
   }
 
@@ -884,7 +908,7 @@ SST_LoadFromFile(SST_Stats inst, FILE *in)
   char line[1024];
   double weight;
 
-  assert(!inst->n_samples);
+  SST_ResetInstance(inst);
 
   if (fgets(line, sizeof(line), in) &&
       sscanf(line, "%d", &inst->n_samples) == 1 &&
@@ -906,7 +930,7 @@ SST_LoadFromFile(SST_Stats inst, FILE *in)
                   &(inst->root_delays[i]),
                   &(inst->root_dispersions[i]),
                   &weight, /* not used anymore */
-                  &(inst->strata[i])) != 10)) {
+                  &inst->stratum) != 10)) {
 
         /* This is the branch taken if the read FAILED */
 
@@ -933,7 +957,6 @@ SST_LoadFromFile(SST_Stats inst, FILE *in)
     return 1;
 
   inst->last_sample = inst->n_samples - 1;
-  inst->runs_samples = 0;
 
   find_min_delay_sample(inst);
   SST_DoNewRegression(inst);
@@ -955,7 +978,7 @@ SST_DoSourceReport(SST_Stats inst, RPT_SourceReport *report, struct timespec *no
     report->orig_latest_meas = inst->orig_offsets[j];
     report->latest_meas = inst->offsets[i];
     report->latest_meas_err = 0.5*inst->root_delays[j] + inst->root_dispersions[j];
-    report->stratum = inst->strata[j];
+    report->stratum = inst->stratum;
 
     /* Align the sample time to reduce the leak of the receive timestamp */
     last_sample_time = inst->sample_times[i];
@@ -985,31 +1008,24 @@ SST_DoSourcestatsReport(SST_Stats inst, RPT_SourcestatsReport *report, struct ti
 {
   double dspan;
   double elapsed, sample_elapsed;
-  int li, lj, bi, bj;
+  int bi, bj;
 
   report->n_samples = inst->n_samples;
   report->n_runs = inst->nruns;
 
-  if (inst->n_samples > 1) {
-    li = get_runsbuf_index(inst, inst->n_samples - 1);
-    lj = get_buf_index(inst, inst->n_samples - 1);
-    dspan = UTI_DiffTimespecsToDouble(&inst->sample_times[li],
-        &inst->sample_times[get_runsbuf_index(inst, 0)]);
-    report->span_seconds = (unsigned long) (dspan + 0.5);
+  if (inst->n_samples > 0) {
+    bi = get_runsbuf_index(inst, inst->best_single_sample);
+    bj = get_buf_index(inst, inst->best_single_sample);
 
-    if (inst->n_samples > 3) {
-      elapsed = UTI_DiffTimespecsToDouble(now, &inst->offset_time);
-      bi = get_runsbuf_index(inst, inst->best_single_sample);
-      bj = get_buf_index(inst, inst->best_single_sample);
-      sample_elapsed = UTI_DiffTimespecsToDouble(now, &inst->sample_times[bi]);
-      report->est_offset = inst->estimated_offset + elapsed * inst->estimated_frequency;
-      report->est_offset_err = (inst->estimated_offset_sd +
-                 sample_elapsed * inst->skew +
-                 (0.5*inst->root_delays[bj] + inst->root_dispersions[bj]));
-    } else {
-      report->est_offset = inst->offsets[li];
-      report->est_offset_err = 0.5*inst->root_delays[lj] + inst->root_dispersions[lj];
-    }
+    dspan = UTI_DiffTimespecsToDouble(&inst->sample_times[inst->last_sample],
+                                      &inst->sample_times[get_runsbuf_index(inst, 0)]);
+    elapsed = UTI_DiffTimespecsToDouble(now, &inst->offset_time);
+    sample_elapsed = UTI_DiffTimespecsToDouble(now, &inst->sample_times[bi]);
+
+    report->span_seconds = round(dspan);
+    report->est_offset = inst->estimated_offset + elapsed * inst->estimated_frequency;
+    report->est_offset_err = inst->estimated_offset_sd + sample_elapsed * inst->skew +
+                             (0.5 * inst->root_delays[bj] + inst->root_dispersions[bj]);
   } else {
     report->span_seconds = 0;
     report->est_offset = 0;

sourcestats.h

@@ -51,19 +51,8 @@ extern void SST_ResetInstance(SST_Stats inst);
 /* This function changes the reference ID and IP address */
 extern void SST_SetRefid(SST_Stats inst, uint32_t refid, IPAddr *addr);
 
-/* This function accumulates a single sample into the statistics handler
-
-   sample_time is the epoch at which the sample is to be considered to
-   have been made.
-
-   offset is the offset of the local clock relative to the source in
-   seconds.  Positive indicates that the local clock if FAST (contrary
-   to the NTP parts of the software)
-
-   stratum is the stratum of the source from which the sample came.
-  */
-
-extern void SST_AccumulateSample(SST_Stats inst, struct timespec *sample_time, double offset, double peer_delay, double peer_dispersion, double root_delay, double root_dispersion, int stratum);
+/* This function accumulates a single sample into the statistics handler */
+extern void SST_AccumulateSample(SST_Stats inst, NTP_Sample *sample);
 
 /* This function runs the linear regression operation on the data.  It
    finds the set of most recent samples that give the tightest
@@ -93,7 +82,7 @@ SST_GetSelectionData(SST_Stats inst, struct timespec *now,
 extern void
 SST_GetTrackingData(SST_Stats inst, struct timespec *ref_time,
                     double *average_offset, double *offset_sd,
-                    double *frequency, double *skew,
+                    double *frequency, double *frequency_sd, double *skew,
                     double *root_delay, double *root_dispersion);
 
 /* This routine is called when the local machine clock parameters are

srcparams.h

@@ -29,12 +29,19 @@
 
 #include "sources.h"
 
+typedef enum {
+  SRC_OFFLINE,
+  SRC_ONLINE,
+  SRC_MAYBE_ONLINE,
+} SRC_Connectivity;
+
 typedef struct {
   int minpoll;
   int maxpoll;
-  int online;
+  SRC_Connectivity connectivity;
   int auto_offline;
   int presend_minpoll;
+  int burst;
   int iburst;
   int min_stratum;
   int poll_target;
@@ -42,8 +49,11 @@ typedef struct {
   int max_sources;
   int min_samples;
   int max_samples;
+  int filter_length;
   int interleaved;
   int sel_options;
+  int nts;
+  int nts_port;
   uint32_t authkey;
   double max_delay;
   double max_delay_ratio;
@@ -66,6 +76,7 @@ typedef struct {
 #define SRC_DEFAULT_MINSAMPLES (-1)
 #define SRC_DEFAULT_MAXSAMPLES (-1)
 #define SRC_DEFAULT_ASYMMETRY 1.0
+#define SRC_DEFAULT_NTSPORT 11443
 #define INACTIVE_AUTHKEY 0
 
 /* Flags for source selection */

stubs.c

@@ -28,6 +28,7 @@
 #include "config.h"
 
 #include "clientlog.h"
+#include "cmac.h"
 #include "cmdmon.h"
 #include "keys.h"
 #include "logging.h"
@@ -39,6 +40,10 @@
 #include "ntp_io.h"
 #include "ntp_sources.h"
 #include "ntp_signd.h"
+#include "nts_ke_client.h"
+#include "nts_ke_server.h"
+#include "nts_ntp_client.h"
+#include "nts_ntp_server.h"
 #include "privops.h"
 #include "refclock.h"
 #include "sched.h"
@@ -194,9 +199,10 @@ NSR_AddSource(NTP_Remote_Address *remote_addr, NTP_Source_Type type, SourceParam
   return NSR_TooManySources;
 }
 
-void
+NSR_Status
 NSR_AddSourceByName(char *name, int port, int pool, NTP_Source_Type type, SourceParameters *params)
 {
+  return NSR_TooManySources;
 }
 
 NSR_Status
@@ -220,6 +226,12 @@ NSR_RefreshAddresses(void)
 {
 }
 
+char *
+NSR_GetName(IPAddr *address)
+{
+  return NULL;
+}
+
 void
 NSR_SetSourceResolvingEndHandler(NSR_SourceResolvingEndHandler handler)
 {
@@ -254,13 +266,7 @@ NSR_GetLocalRefid(IPAddr *address)
 }
 
 int
-NSR_TakeSourcesOnline(IPAddr *mask, IPAddr *address)
-{
-  return 0;
-}
-
-int
-NSR_TakeSourcesOffline(IPAddr *mask, IPAddr *address)
+NSR_SetConnectivity(IPAddr *mask, IPAddr *address, SRC_Connectivity connectivity)
 {
   return 0;
 }
@@ -410,9 +416,123 @@ NSD_GetAuthDelay(uint32_t key_id)
 }
 
 int
-NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr, int length)
+NSD_SignAndSendPacket(uint32_t key_id, NTP_Packet *packet, NTP_PacketInfo *info,
+                      NTP_Remote_Address *remote_addr, NTP_Local_Address *local_addr)
 {
   return 0;
 }
 
 #endif /* !FEAT_SIGND */
+
+#ifndef HAVE_CMAC
+
+unsigned int
+CMC_GetKeyLength(const char *cipher)
+{
+  return 0;
+}
+
+CMC_Instance
+CMC_CreateInstance(const char *cipher, const unsigned char *key, unsigned int length)
+{
+  return NULL;
+}
+
+unsigned int
+CMC_Hash(CMC_Instance inst, const unsigned char *in, unsigned int in_len,
+         unsigned char *out, unsigned int out_len)
+{
+  return 0;
+}
+
+void
+CMC_DestroyInstance(CMC_Instance inst)
+{
+}
+
+#endif /* !HAVE_CMAC */
+
+#ifndef FEAT_NTS
+
+void
+NNS_Initialise(void)
+{
+}
+
+void
+NNS_Finalise(void)
+{
+}
+
+int
+NNS_CheckRequestAuth(NTP_Packet *packet, NTP_PacketInfo *info, uint32_t *kod)
+{
+  *kod = 0;
+  return 0;
+}
+
+int
+NNS_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *req_info,
+                         NTP_Packet *response, NTP_PacketInfo *res_info,
+                         uint32_t kod)
+{
+  return 0;
+}
+
+NNC_Instance
+NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+{
+  return NULL;
+}
+
+void
+NNC_DestroyInstance(NNC_Instance inst)
+{
+}
+
+int
+NNC_PrepareForAuth(NNC_Instance inst)
+{
+  return 1;
+}
+
+int
+NNC_GenerateRequestAuth(NNC_Instance inst, NTP_Packet *packet, NTP_PacketInfo *info)
+{
+  DEBUG_LOG("NTS support disabled");
+  return 0;
+}
+
+int
+NNC_CheckResponseAuth(NNC_Instance inst, NTP_Packet *packet, NTP_PacketInfo *info)
+{
+  DEBUG_LOG("NTS support disabled");
+  return 0;
+}
+
+void
+NNC_ChangeAddress(NNC_Instance inst, IPAddr *address)
+{
+}
+
+void
+NKC_Initialise(void)
+{
+}
+
+void
+NKC_Finalise(void)
+{
+}
+
+void
+NKS_Initialise(int scfilter_level)
+{
+}
+
+void
+NKS_Finalise(void)
+{
+}
+
+#endif /* !FEAT_NTS */

sys.c

@@ -35,10 +35,13 @@
 
 #if defined(LINUX)
 #include "sys_linux.h"
+#include "sys_posix.h"
 #elif defined(SOLARIS)
 #include "sys_solaris.h"
+#include "sys_posix.h"
 #elif defined(NETBSD) || defined(FREEBSD)
 #include "sys_netbsd.h"
+#include "sys_posix.h"
 #elif defined(MACOSX)
 #include "sys_macosx.h"
 #endif
@@ -97,7 +100,7 @@ SYS_Finalise(void)
 void SYS_DropRoot(uid_t uid, gid_t gid)
 {
 #if defined(LINUX) && defined (FEAT_PRIVDROP)
-  SYS_Linux_DropRoot(uid, gid);
+  SYS_Linux_DropRoot(uid, gid, !null_driver);
 #elif defined(SOLARIS) && defined(FEAT_PRIVDROP)
   SYS_Solaris_DropRoot(uid, gid);
 #elif (defined(NETBSD) || defined(FREEBSD)) && defined(FEAT_PRIVDROP)
@@ -111,10 +114,10 @@ void SYS_DropRoot(uid_t uid, gid_t gid)
 
 /* ================================================== */
 
-void SYS_EnableSystemCallFilter(int level)
+void SYS_EnableSystemCallFilter(int level, SYS_SystemCallContext context)
 {
 #if defined(LINUX) && defined(FEAT_SCFILTER)
-  SYS_Linux_EnableSystemCallFilter(level);
+  SYS_Linux_EnableSystemCallFilter(level, context);
 #else
   LOG_FATAL("system call filter not supported");
 #endif
@@ -124,10 +127,10 @@ void SYS_EnableSystemCallFilter(int level)
 
 void SYS_SetScheduler(int SchedPriority)
 {
-#if defined(LINUX) && defined(HAVE_SCHED_SETSCHEDULER)
-  SYS_Linux_SetScheduler(SchedPriority);
-#elif defined(MACOSX)
+#if defined(MACOSX)
   SYS_MacOSX_SetScheduler(SchedPriority);
+#elif defined(HAVE_PTHREAD_SETSCHEDPARAM)
+  SYS_Posix_SetScheduler(SchedPriority);
 #else
   LOG_FATAL("scheduler priority setting not supported");
 #endif
@@ -137,8 +140,8 @@ void SYS_SetScheduler(int SchedPriority)
 
 void SYS_LockMemory(void)
 {
-#if defined(LINUX) && defined(HAVE_MLOCKALL)
-  SYS_Linux_MemLockAll(1);
+#if defined(HAVE_MLOCKALL)
+  SYS_Posix_MemLockAll();
 #else
   LOG_FATAL("memory locking not supported");
 #endif

sys.h

@@ -38,9 +38,14 @@ extern void SYS_Finalise(void);
 /* Drop root privileges to the specified user and group */
 extern void SYS_DropRoot(uid_t uid, gid_t gid);
 
+typedef enum {
+  SYS_MAIN_PROCESS,
+  SYS_NTSKE_HELPER,
+} SYS_SystemCallContext;
+
 /* Enable a system call filter to allow only system calls
    which chronyd normally needs after initialization */
-extern void SYS_EnableSystemCallFilter(int level);
+extern void SYS_EnableSystemCallFilter(int level, SYS_SystemCallContext context);
 
 extern void SYS_SetScheduler(int SchedPriority);
 extern void SYS_LockMemory(void);

sys_linux.c

@@ -4,7 +4,7 @@
  **********************************************************************
  * Copyright (C) Richard P. Curnow  1997-2003
  * Copyright (C) John G. Hasler  2009
- * Copyright (C) Miroslav Lichvar  2009-2012, 2014-2017
+ * Copyright (C) Miroslav Lichvar  2009-2012, 2014-2018
  * 
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
@@ -33,20 +33,6 @@
 
 #include <sys/utsname.h>
 
-#if defined(HAVE_SCHED_SETSCHEDULER)
-#  include <sched.h>
-#endif
-
-#if defined(HAVE_MLOCKALL)
-#  include <sys/mman.h>
-#include <sys/resource.h>
-#endif
-
-#ifdef FEAT_PRIVDROP
-#include <sys/prctl.h>
-#include <sys/capability.h>
-#endif
-
 #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING)
 #include <linux/ptp_clock.h>
 #endif
@@ -66,6 +52,11 @@
 #endif
 #endif
 
+#ifdef FEAT_PRIVDROP
+#include <sys/prctl.h>
+#include <sys/capability.h>
+#endif
+
 #include "sys_linux.h"
 #include "sys_timex.h"
 #include "conf.h"
@@ -309,9 +300,9 @@ get_version_specific_details(void)
   nominal_tick = (1000000L + (hz/2))/hz; /* Mirror declaration in kernel */
   max_tick_bias = nominal_tick / 10;
 
-  /* We can't reliably detect the internal kernel HZ, it may not even be fixed
-     (CONFIG_NO_HZ aka tickless), assume the lowest commonly used fixed rate */
-  tick_update_hz = 100;
+  /* In modern kernels the frequency of the clock is updated immediately in the
+     adjtimex() system call.  Assume a maximum delay of 10 microseconds. */
+  tick_update_hz = 100000;
 
   get_kernel_version(&major, &minor, &patch);
   DEBUG_LOG("Linux kernel major=%d minor=%d patch=%d", major, minor, patch);
@@ -322,9 +313,15 @@ get_version_specific_details(void)
 
   if (kernelvercmp(major, minor, patch, 2, 6, 27) >= 0 &&
       kernelvercmp(major, minor, patch, 2, 6, 33) < 0) {
-    /* Tickless kernels before 2.6.33 accumulated ticks only in
-       half-second intervals */
+    /* In tickless kernels before 2.6.33 the frequency is updated in
+       a half-second interval */
     tick_update_hz = 2;
+  } else if (kernelvercmp(major, minor, patch, 4, 19, 0) < 0) {
+    /* In kernels before 4.19 the frequency is updated only on internal ticks
+       (CONFIG_HZ).  As their rate cannot be reliably detected from the user
+       space, and it may not even be constant (CONFIG_NO_HZ - aka tickless),
+       assume the lowest commonly used constant rate */
+    tick_update_hz = 100;
   }
 
   /* ADJ_SETOFFSET support */
@@ -334,8 +331,8 @@ get_version_specific_details(void)
     have_setoffset = 1;
   }
 
-  DEBUG_LOG("hz=%d nominal_tick=%d max_tick_bias=%d",
-      hz, nominal_tick, max_tick_bias);
+  DEBUG_LOG("hz=%d nominal_tick=%d max_tick_bias=%d tick_update_hz=%d",
+            hz, nominal_tick, max_tick_bias, tick_update_hz);
 }
 
 /* ================================================== */
@@ -380,6 +377,18 @@ test_step_offset(void)
   return 1;
 }
 
+/* ================================================== */
+
+static void
+report_time_adjust_blockers(void)
+{
+#if defined(FEAT_PRIVDROP) && defined(CAP_IS_SUPPORTED)
+  if (CAP_IS_SUPPORTED(CAP_SYS_TIME) && cap_get_bound(CAP_SYS_TIME))
+    return;
+  LOG(LOGS_WARN, "CAP_SYS_TIME not present");
+#endif
+}
+
 /* ================================================== */
 /* Initialisation code for this module */
 
@@ -388,6 +397,8 @@ SYS_Linux_Initialise(void)
 {
   get_version_specific_details();
 
+  report_time_adjust_blockers();
+
   reset_adjtime_offset();
 
   if (have_setoffset && !test_step_offset()) {
@@ -415,9 +426,9 @@ SYS_Linux_Finalise(void)
 
 #ifdef FEAT_PRIVDROP
 void
-SYS_Linux_DropRoot(uid_t uid, gid_t gid)
+SYS_Linux_DropRoot(uid_t uid, gid_t gid, int clock_control)
 {
-  const char *cap_text;
+  char cap_text[256];
   cap_t cap;
 
   if (prctl(PR_SET_KEEPCAPS, 1)) {
@@ -426,9 +437,12 @@ SYS_Linux_DropRoot(uid_t uid, gid_t gid)
   
   UTI_DropRoot(uid, gid);
 
-  /* Keep CAP_NET_BIND_SERVICE only if NTP port can be opened */
-  cap_text = CNF_GetNTPPort() ?
-             "cap_net_bind_service,cap_sys_time=ep" : "cap_sys_time=ep";
+  /* Keep CAP_NET_BIND_SERVICE only if a server NTP port can be opened
+     and keep CAP_SYS_TIME only if the clock control is enabled */
+  if (snprintf(cap_text, sizeof (cap_text), "%s %s",
+               CNF_GetNTPPort() ? "cap_net_bind_service=ep" : "",
+               clock_control ? "cap_sys_time=ep" : "") >= sizeof (cap_text))
+    assert(0);
 
   if ((cap = cap_from_text(cap_text)) == NULL) {
     LOG_FATAL("cap_from_text() failed");
@@ -460,35 +474,38 @@ void check_seccomp_applicability(void)
 /* ================================================== */
 
 void
-SYS_Linux_EnableSystemCallFilter(int level)
+SYS_Linux_EnableSystemCallFilter(int level, SYS_SystemCallContext context)
 {
   const int syscalls[] = {
     /* Clock */
-    SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday),
-    SCMP_SYS(settimeofday), SCMP_SYS(time),
+    SCMP_SYS(adjtimex), SCMP_SYS(clock_adjtime), SCMP_SYS(clock_gettime),
+    SCMP_SYS(gettimeofday), SCMP_SYS(settimeofday), SCMP_SYS(time),
     /* Process */
     SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid),
-    SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
+    SCMP_SYS(getrlimit), SCMP_SYS(getuid), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
     SCMP_SYS(rt_sigprocmask), SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn),
-    SCMP_SYS(wait4),
+    SCMP_SYS(wait4), SCMP_SYS(waitpid),
     /* Memory */
     SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2),
     SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt),
     /* Filesystem */
-    SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), SCMP_SYS(chown32),
+    SCMP_SYS(_llseek), SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown),
+    SCMP_SYS(chown32), SCMP_SYS(faccessat), SCMP_SYS(fchmodat), SCMP_SYS(fchownat),
     SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), SCMP_SYS(getdents64),
-    SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat), SCMP_SYS(stat64),
-    SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink),
+    SCMP_SYS(lseek), SCMP_SYS(newfstatat), SCMP_SYS(rename), SCMP_SYS(renameat),
+    SCMP_SYS(renameat2), SCMP_SYS(stat), SCMP_SYS(stat64), SCMP_SYS(statfs),
+    SCMP_SYS(statfs64), SCMP_SYS(unlink), SCMP_SYS(unlinkat),
     /* Socket */
-    SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname),
-    SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg),
-    SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto),
+    SCMP_SYS(accept), SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname),
+    SCMP_SYS(getsockopt), SCMP_SYS(recv), SCMP_SYS(recvfrom),
+    SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), SCMP_SYS(send), SCMP_SYS(sendmmsg),
+    SCMP_SYS(sendmsg), SCMP_SYS(sendto), SCMP_SYS(shutdown),
     /* TODO: check socketcall arguments */
     SCMP_SYS(socketcall),
     /* General I/O */
     SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe),
-    SCMP_SYS(poll), SCMP_SYS(read), SCMP_SYS(futex), SCMP_SYS(select),
-    SCMP_SYS(set_robust_list), SCMP_SYS(write),
+    SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read),
+    SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write),
     /* Miscellaneous */
     SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname),
   };
@@ -512,7 +529,7 @@ SYS_Linux_EnableSystemCallFilter(int level)
 #endif
   };
 
-  const static int fcntls[] = { F_GETFD, F_SETFD };
+  const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL };
 
   const static unsigned long ioctls[] = {
     FIONREAD, TCGETS,
@@ -521,6 +538,9 @@ SYS_Linux_EnableSystemCallFilter(int level)
 #ifdef PTP_PIN_SETFUNC
     PTP_PIN_SETFUNC,
 #endif
+#ifdef PTP_SYS_OFFSET_EXTENDED
+    PTP_SYS_OFFSET_EXTENDED,
+#endif
 #ifdef PTP_SYS_OFFSET_PRECISE
     PTP_SYS_OFFSET_PRECISE,
 #endif
@@ -539,14 +559,16 @@ SYS_Linux_EnableSystemCallFilter(int level)
   scmp_filter_ctx *ctx;
   int i;
 
-  /* Check if the chronyd configuration is supported */
-  check_seccomp_applicability();
+  if (context == SYS_MAIN_PROCESS) {
+    /* Check if the chronyd configuration is supported */
+    check_seccomp_applicability();
 
-  /* Start the helper process, which will run without any seccomp filter.  It
-     will be used for getaddrinfo(), for which it's difficult to maintain a
-     list of required system calls (with glibc it depends on what NSS modules
-     are installed and enabled on the system). */
-  PRV_StartHelper();
+    /* Start the helper process, which will run without any seccomp filter.  It
+       will be used for getaddrinfo(), for which it's difficult to maintain a
+       list of required system calls (with glibc it depends on what NSS modules
+       are installed and enabled on the system). */
+    PRV_StartHelper();
+  }
 
   ctx = seccomp_init(level > 0 ? SCMP_ACT_KILL : SCMP_ACT_TRAP);
   if (ctx == NULL)
@@ -558,42 +580,44 @@ SYS_Linux_EnableSystemCallFilter(int level)
       goto add_failed;
   }
 
-  /* Allow sockets to be created only in selected domains */
-  for (i = 0; i < sizeof (socket_domains) / sizeof (*socket_domains); i++) {
-    if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 1,
-                         SCMP_A0(SCMP_CMP_EQ, socket_domains[i])) < 0)
-      goto add_failed;
-  }
+  if (context == SYS_MAIN_PROCESS) {
+    /* Allow opening sockets in selected domains */
+    for (i = 0; i < sizeof (socket_domains) / sizeof (*socket_domains); i++) {
+      if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 1,
+                           SCMP_A0(SCMP_CMP_EQ, socket_domains[i])) < 0)
+        goto add_failed;
+    }
 
-  /* Allow setting only selected sockets options */
-  for (i = 0; i < sizeof (socket_options) / sizeof (*socket_options); i++) {
-    if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 3,
-                         SCMP_A1(SCMP_CMP_EQ, socket_options[i][0]),
-                         SCMP_A2(SCMP_CMP_EQ, socket_options[i][1]),
-                         SCMP_A4(SCMP_CMP_LE, sizeof (int))) < 0)
-      goto add_failed;
-  }
+    /* Allow selected socket options */
+    for (i = 0; i < sizeof (socket_options) / sizeof (*socket_options); i++) {
+      if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 3,
+                           SCMP_A1(SCMP_CMP_EQ, socket_options[i][0]),
+                           SCMP_A2(SCMP_CMP_EQ, socket_options[i][1]),
+                           SCMP_A4(SCMP_CMP_LE, sizeof (int))) < 0)
+        goto add_failed;
+    }
 
-  /* Allow only selected fcntl calls */
-  for (i = 0; i < sizeof (fcntls) / sizeof (*fcntls); i++) {
-    if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl), 1,
-                         SCMP_A1(SCMP_CMP_EQ, fcntls[i])) < 0 ||
-        seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 1,
-                         SCMP_A1(SCMP_CMP_EQ, fcntls[i])) < 0)
-      goto add_failed;
-  }
+    /* Allow selected fcntl calls */
+    for (i = 0; i < sizeof (fcntls) / sizeof (*fcntls); i++) {
+      if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl), 1,
+                           SCMP_A1(SCMP_CMP_EQ, fcntls[i])) < 0 ||
+          seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 1,
+                           SCMP_A1(SCMP_CMP_EQ, fcntls[i])) < 0)
+        goto add_failed;
+    }
 
-  /* Allow only selected ioctls */
-  for (i = 0; i < sizeof (ioctls) / sizeof (*ioctls); i++) {
-    if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(ioctl), 1,
-                         SCMP_A1(SCMP_CMP_EQ, ioctls[i])) < 0)
-      goto add_failed;
+    /* Allow selected ioctls */
+    for (i = 0; i < sizeof (ioctls) / sizeof (*ioctls); i++) {
+      if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(ioctl), 1,
+                           SCMP_A1(SCMP_CMP_EQ, ioctls[i])) < 0)
+        goto add_failed;
+    }
   }
 
   if (seccomp_load(ctx) < 0)
     LOG_FATAL("Failed to load seccomp rules");
 
-  LOG(LOGS_INFO, "Loaded seccomp filter");
+  LOG(context == SYS_MAIN_PROCESS ? LOGS_INFO : LOGS_DEBUG, "Loaded seccomp filter");
   seccomp_release(ctx);
   return;
 
@@ -604,63 +628,6 @@ add_failed:
 
 /* ================================================== */
 
-#if defined(HAVE_SCHED_SETSCHEDULER)
-  /* Install SCHED_FIFO real-time scheduler with specified priority */
-void SYS_Linux_SetScheduler(int SchedPriority)
-{
-  int pmax, pmin;
-  struct sched_param sched;
-
-  if (SchedPriority < 1 || SchedPriority > 99) {
-    LOG_FATAL("Bad scheduler priority: %d", SchedPriority);
-  } else {
-    sched.sched_priority = SchedPriority;
-    pmax = sched_get_priority_max(SCHED_FIFO);
-    pmin = sched_get_priority_min(SCHED_FIFO);
-    if ( SchedPriority > pmax ) {
-      sched.sched_priority = pmax;
-    }
-    else if ( SchedPriority < pmin ) {
-      sched.sched_priority = pmin;
-    }
-    if ( sched_setscheduler(0, SCHED_FIFO, &sched) == -1 ) {
-      LOG(LOGS_ERR, "sched_setscheduler() failed");
-    }
-    else {
-      DEBUG_LOG("Enabled SCHED_FIFO with priority %d",
-          sched.sched_priority);
-    }
-  }
-}
-#endif /* HAVE_SCHED_SETSCHEDULER */
-
-#if defined(HAVE_MLOCKALL)
-/* Lock the process into RAM so that it will never be swapped out */ 
-void SYS_Linux_MemLockAll(int LockAll)
-{
-  struct rlimit rlim;
-  if (LockAll == 1 ) {
-    /* Make sure that we will be able to lock all the memory we need */
-    /* even after dropping privileges.  This does not actually reaerve any memory */
-    rlim.rlim_max = RLIM_INFINITY;
-    rlim.rlim_cur = RLIM_INFINITY;
-    if (setrlimit(RLIMIT_MEMLOCK, &rlim) < 0) {
-      LOG(LOGS_ERR, "setrlimit() failed: not locking into RAM");
-    }
-    else {
-      if (mlockall(MCL_CURRENT|MCL_FUTURE) < 0) {
-	LOG(LOGS_ERR, "mlockall() failed");
-      }
-      else {
-	DEBUG_LOG("Successfully locked into RAM");
-      }
-    }
-  }
-}
-#endif /* HAVE_MLOCKALL */
-
-/* ================================================== */
-
 int
 SYS_Linux_CheckKernelVersion(int req_major, int req_minor)
 {
@@ -678,35 +645,17 @@ SYS_Linux_CheckKernelVersion(int req_major, int req_minor)
 #define PHC_READINGS 10
 
 static int
-get_phc_sample(int phc_fd, double precision, struct timespec *phc_ts,
-               struct timespec *sys_ts, double *err)
+process_phc_readings(struct timespec ts[][3], int n, double precision,
+                     struct timespec *phc_ts, struct timespec *sys_ts, double *err)
 {
-  struct ptp_sys_offset sys_off;
-  struct timespec ts1, ts2, ts3, phc_tss[PHC_READINGS], sys_tss[PHC_READINGS];
-  double min_delay = 0.0, delays[PHC_READINGS], phc_sum, sys_sum, sys_prec;
-  int i, n;
+  double min_delay = 0.0, delays[PTP_MAX_SAMPLES], phc_sum, sys_sum, sys_prec;
+  int i, combined;
 
-  /* Silence valgrind */
-  memset(&sys_off, 0, sizeof (sys_off));
-
-  sys_off.n_samples = PHC_READINGS;
-
-  if (ioctl(phc_fd, PTP_SYS_OFFSET, &sys_off)) {
-    DEBUG_LOG("ioctl(%s) failed : %s", "PTP_SYS_OFFSET", strerror(errno));
+  if (n > PTP_MAX_SAMPLES)
     return 0;
-  }
 
-  for (i = 0; i < PHC_READINGS; i++) {
-    ts1.tv_sec = sys_off.ts[i * 2].sec;
-    ts1.tv_nsec = sys_off.ts[i * 2].nsec;
-    ts2.tv_sec = sys_off.ts[i * 2 + 1].sec;
-    ts2.tv_nsec = sys_off.ts[i * 2 + 1].nsec;
-    ts3.tv_sec = sys_off.ts[i * 2 + 2].sec;
-    ts3.tv_nsec = sys_off.ts[i * 2 + 2].nsec;
-
-    sys_tss[i] = ts1;
-    phc_tss[i] = ts2;
-    delays[i] = UTI_DiffTimespecsToDouble(&ts3, &ts1);
+  for (i = 0; i < n; i++) {
+    delays[i] = UTI_DiffTimespecsToDouble(&ts[i][2], &ts[i][0]);
 
     if (delays[i] < 0.0) {
       /* Step in the middle of a PHC reading? */
@@ -721,23 +670,92 @@ get_phc_sample(int phc_fd, double precision, struct timespec *phc_ts,
   sys_prec = LCL_GetSysPrecisionAsQuantum();
 
   /* Combine best readings */
-  for (i = n = 0, phc_sum = sys_sum = 0.0; i < PHC_READINGS; i++) {
+  for (i = combined = 0, phc_sum = sys_sum = 0.0; i < n; i++) {
     if (delays[i] > min_delay + MAX(sys_prec, precision))
       continue;
 
-    phc_sum += UTI_DiffTimespecsToDouble(&phc_tss[i], &phc_tss[0]);
-    sys_sum += UTI_DiffTimespecsToDouble(&sys_tss[i], &sys_tss[0]) + delays[i] / 2.0;
-    n++;
+    phc_sum += UTI_DiffTimespecsToDouble(&ts[i][1], &ts[0][1]);
+    sys_sum += UTI_DiffTimespecsToDouble(&ts[i][0], &ts[0][0]) + delays[i] / 2.0;
+    combined++;
   }
 
-  assert(n);
+  assert(combined);
 
-  UTI_AddDoubleToTimespec(&phc_tss[0], phc_sum / n, phc_ts);
-  UTI_AddDoubleToTimespec(&sys_tss[0], sys_sum / n, sys_ts);
+  UTI_AddDoubleToTimespec(&ts[0][1], phc_sum / combined, phc_ts);
+  UTI_AddDoubleToTimespec(&ts[0][0], sys_sum / combined, sys_ts);
   *err = MAX(min_delay / 2.0, precision);
 
   return 1;
 }
+
+/* ================================================== */
+
+static int
+get_phc_sample(int phc_fd, double precision, struct timespec *phc_ts,
+               struct timespec *sys_ts, double *err)
+{
+  struct timespec ts[PHC_READINGS][3];
+  struct ptp_sys_offset sys_off;
+  int i;
+
+  /* Silence valgrind */
+  memset(&sys_off, 0, sizeof (sys_off));
+
+  sys_off.n_samples = PHC_READINGS;
+
+  if (ioctl(phc_fd, PTP_SYS_OFFSET, &sys_off)) {
+    DEBUG_LOG("ioctl(%s) failed : %s", "PTP_SYS_OFFSET", strerror(errno));
+    return 0;
+  }
+
+  for (i = 0; i < PHC_READINGS; i++) {
+    ts[i][0].tv_sec = sys_off.ts[i * 2].sec;
+    ts[i][0].tv_nsec = sys_off.ts[i * 2].nsec;
+    ts[i][1].tv_sec = sys_off.ts[i * 2 + 1].sec;
+    ts[i][1].tv_nsec = sys_off.ts[i * 2 + 1].nsec;
+    ts[i][2].tv_sec = sys_off.ts[i * 2 + 2].sec;
+    ts[i][2].tv_nsec = sys_off.ts[i * 2 + 2].nsec;
+  }
+
+  return process_phc_readings(ts, PHC_READINGS, precision, phc_ts, sys_ts, err);
+}
+
+/* ================================================== */
+
+static int
+get_extended_phc_sample(int phc_fd, double precision, struct timespec *phc_ts,
+                        struct timespec *sys_ts, double *err)
+{
+#ifdef PTP_SYS_OFFSET_EXTENDED
+  struct timespec ts[PHC_READINGS][3];
+  struct ptp_sys_offset_extended sys_off;
+  int i;
+
+  /* Silence valgrind */
+  memset(&sys_off, 0, sizeof (sys_off));
+
+  sys_off.n_samples = PHC_READINGS;
+
+  if (ioctl(phc_fd, PTP_SYS_OFFSET_EXTENDED, &sys_off)) {
+    DEBUG_LOG("ioctl(%s) failed : %s", "PTP_SYS_OFFSET_EXTENDED", strerror(errno));
+    return 0;
+  }
+
+  for (i = 0; i < PHC_READINGS; i++) {
+    ts[i][0].tv_sec = sys_off.ts[i][0].sec;
+    ts[i][0].tv_nsec = sys_off.ts[i][0].nsec;
+    ts[i][1].tv_sec = sys_off.ts[i][1].sec;
+    ts[i][1].tv_nsec = sys_off.ts[i][1].nsec;
+    ts[i][2].tv_sec = sys_off.ts[i][2].sec;
+    ts[i][2].tv_nsec = sys_off.ts[i][2].nsec;
+  }
+
+  return process_phc_readings(ts, PHC_READINGS, precision, phc_ts, sys_ts, err);
+#else
+  return 0;
+#endif
+}
+
 /* ================================================== */
 
 static int
@@ -811,6 +829,10 @@ SYS_Linux_GetPHCSample(int fd, int nocrossts, double precision, int *reading_mod
       get_precise_phc_sample(fd, precision, phc_ts, sys_ts, err)) {
     *reading_mode = 2;
     return 1;
+  } else if ((*reading_mode == 3 || !*reading_mode) &&
+      get_extended_phc_sample(fd, precision, phc_ts, sys_ts, err)) {
+    *reading_mode = 3;
+    return 1;
   } else if ((*reading_mode == 1 || !*reading_mode) &&
       get_phc_sample(fd, precision, phc_ts, sys_ts, err)) {
     *reading_mode = 1;