3 * This file contains the ntpd configuration code.
5 * Written By: Sachin Kamboj
6 * University of Delaware
8 * Some parts borrowed from the older ntp_config.c
17 # include <netinfo/ni.h>
22 #ifdef HAVE_SYS_PARAM_H
23 # include <sys/param.h>
27 # define SIGCHLD SIGCLD
29 #ifdef HAVE_SYS_WAIT_H
30 # include <sys/wait.h>
35 #include <isc/result.h>
40 #include "ntp_unixtime.h"
41 #include "ntp_refclock.h"
42 #include "ntp_filegen.h"
43 #include "ntp_stdlib.h"
44 #include "lib_strbuf.h"
45 #include "ntp_assert.h"
46 #include "ntp_random.h"
48 * [Bug 467]: Some linux headers collide with CONFIG_PHONE and CONFIG_KEYS
49 * so #include these later.
51 #include "ntp_config.h"
52 #include "ntp_cmdargs.h"
53 #include "ntp_scanner.h"
54 #include "ntp_parser.h"
55 #include "ntpd-opts.h"
57 #ifndef IGNORE_DNS_ERRORS
60 # define DNSFLAGS GAIR_F_IGNDNSERR
63 extern int yyparse(void);
66 #if defined(HAVE_SYS_MMAN_H)
67 # include <sys/mman.h>
70 /* list of servers from command line for config_peers() */
71 int cmdline_server_count;
72 char ** cmdline_servers;
74 /* Current state of memory locking:
76 * 0: memory locking disabled
77 * 1: Memory locking enabled
82 * "logconfig" building blocks
85 const char * const name;
89 static struct masks logcfg_class[] = {
90 { "clock", NLOG_OCLOCK },
91 { "peer", NLOG_OPEER },
92 { "sync", NLOG_OSYNC },
97 /* logcfg_noclass_items[] masks are complete and must not be shifted */
98 static struct masks logcfg_noclass_items[] = {
99 { "allall", NLOG_SYSMASK | NLOG_PEERMASK | NLOG_CLOCKMASK | NLOG_SYNCMASK },
100 { "allinfo", NLOG_SYSINFO | NLOG_PEERINFO | NLOG_CLOCKINFO | NLOG_SYNCINFO },
101 { "allevents", NLOG_SYSEVENT | NLOG_PEEREVENT | NLOG_CLOCKEVENT | NLOG_SYNCEVENT },
102 { "allstatus", NLOG_SYSSTATUS | NLOG_PEERSTATUS | NLOG_CLOCKSTATUS | NLOG_SYNCSTATUS },
103 { "allstatistics", NLOG_SYSSTATIST | NLOG_PEERSTATIST | NLOG_CLOCKSTATIST | NLOG_SYNCSTATIST },
104 /* the remainder are misspellings of clockall, peerall, sysall, and syncall. */
105 { "allclock", (NLOG_INFO | NLOG_STATIST | NLOG_EVENT | NLOG_STATUS) << NLOG_OCLOCK },
106 { "allpeer", (NLOG_INFO | NLOG_STATIST | NLOG_EVENT | NLOG_STATUS) << NLOG_OPEER },
107 { "allsys", (NLOG_INFO | NLOG_STATIST | NLOG_EVENT | NLOG_STATUS) << NLOG_OSYS },
108 { "allsync", (NLOG_INFO | NLOG_STATIST | NLOG_EVENT | NLOG_STATUS) << NLOG_OSYNC },
112 /* logcfg_class_items[] masks are shiftable by NLOG_O* counts */
113 static struct masks logcfg_class_items[] = {
114 { "all", NLOG_INFO | NLOG_EVENT | NLOG_STATUS | NLOG_STATIST },
115 { "info", NLOG_INFO },
116 { "events", NLOG_EVENT },
117 { "status", NLOG_STATUS },
118 { "statistics", NLOG_STATIST },
122 typedef struct peer_resolved_ctx_tag {
124 int host_mode; /* T_* token identifier */
127 u_char hmode; /* MODE_* */
136 #define MAXPHONE 10 /* maximum number of phone strings */
137 #define MAXPPS 20 /* maximum length of PPS device string */
143 static psl_item psl[17-3+1]; /* values for polls 3-17 */
144 /* To simplify the runtime code we */
145 /* don't want to have to special-case */
146 /* dealing with a default */
150 * Miscellaneous macros
152 #define ISEOL(c) ((c) == '#' || (c) == '\n' || (c) == '\0')
153 #define ISSPACE(c) ((c) == ' ' || (c) == '\t')
155 #define _UC(str) ((char *)(intptr_t)(str))
158 * Definitions of things either imported from or exported to outside
160 extern int yydebug; /* ntp_parser.c (.y) */
161 config_tree cfgt; /* Parser output stored here */
162 config_tree *cfg_tree_history; /* History of configs */
163 char * sys_phone[MAXPHONE] = {NULL}; /* ACTS phone numbers */
164 char default_keysdir[] = NTP_KEYSDIR;
165 char * keysdir = default_keysdir; /* crypto keys directory */
166 char * saveconfigdir;
167 #if defined(HAVE_SCHED_SETSCHEDULER)
168 int config_priority_override = 0;
172 const char *config_file;
173 static char default_ntp_signd_socket[] =
174 #ifdef NTP_SIGND_PATH
179 char *ntp_signd_socket = default_ntp_signd_socket;
181 struct netinfo_config_state *config_netinfo = NULL;
182 int check_netinfo = 1;
183 #endif /* HAVE_NETINFO */
185 char *alt_config_file;
187 char config_file_storage[MAX_PATH];
188 char alt_config_file_storage[MAX_PATH];
189 #endif /* SYS_WINNT */
193 * NetInfo configuration state
195 struct netinfo_config_state {
196 void *domain; /* domain with config */
197 ni_id config_dir; /* ID config dir */
198 int prop_index; /* current property */
199 int val_index; /* current value */
200 char **val_list; /* value list */
204 struct REMOTE_CONFIG_INFO remote_config; /* Remote configuration buffer and
206 int old_config_style = 1; /* A boolean flag, which when set,
207 * indicates that the old configuration
208 * format with a newline at the end of
209 * every command is being used
211 int cryptosw; /* crypto command called */
213 extern char *stats_drift_file; /* name of the driftfile */
215 #ifdef BC_LIST_FRAMEWORK_NOT_YET_USED
217 * backwards compatibility flags
219 bc_entry bc_list[] = {
220 { T_Bc_bugXXXX, 1 } /* default enabled */
224 * declare an int pointer for each flag for quick testing without
225 * walking bc_list. If the pointer is consumed by libntp rather
226 * than ntpd, declare it in a libntp source file pointing to storage
227 * initialized with the appropriate value for other libntp clients, and
228 * redirect it to point into bc_list during ntpd startup.
230 int *p_bcXXXX_enabled = &bc_list[0].enabled;
233 /* FUNCTION PROTOTYPES */
235 static void init_syntax_tree(config_tree *);
236 static void apply_enable_disable(attr_val_fifo *q, int enable);
239 static void free_auth_node(config_tree *);
240 static void free_all_config_trees(void);
242 static void free_config_access(config_tree *);
243 static void free_config_auth(config_tree *);
244 static void free_config_fudge(config_tree *);
245 static void free_config_logconfig(config_tree *);
246 static void free_config_monitor(config_tree *);
247 static void free_config_nic_rules(config_tree *);
248 static void free_config_other_modes(config_tree *);
249 static void free_config_peers(config_tree *);
250 static void free_config_phone(config_tree *);
251 static void free_config_reset_counters(config_tree *);
252 static void free_config_rlimit(config_tree *);
253 static void free_config_setvar(config_tree *);
254 static void free_config_system_opts(config_tree *);
255 static void free_config_tinker(config_tree *);
256 static void free_config_tos(config_tree *);
257 static void free_config_trap(config_tree *);
258 static void free_config_ttl(config_tree *);
259 static void free_config_unpeers(config_tree *);
260 static void free_config_vars(config_tree *);
263 static void free_config_sim(config_tree *);
265 static void destroy_address_fifo(address_fifo *);
266 #define FREE_ADDRESS_FIFO(pf) \
268 destroy_address_fifo(pf); \
271 void free_all_config_trees(void); /* atexit() */
272 static void free_config_tree(config_tree *ptree);
273 #endif /* FREE_CFG_T */
275 static void destroy_restrict_node(restrict_node *my_node);
276 static int is_sane_resolved_address(sockaddr_u *peeraddr, int hmode);
277 static void save_and_apply_config_tree(int/*BOOL*/ from_file);
278 static void destroy_int_fifo(int_fifo *);
279 #define FREE_INT_FIFO(pf) \
281 destroy_int_fifo(pf); \
284 static void destroy_string_fifo(string_fifo *);
285 #define FREE_STRING_FIFO(pf) \
287 destroy_string_fifo(pf); \
290 static void destroy_attr_val_fifo(attr_val_fifo *);
291 #define FREE_ATTR_VAL_FIFO(pf) \
293 destroy_attr_val_fifo(pf); \
296 static void destroy_filegen_fifo(filegen_fifo *);
297 #define FREE_FILEGEN_FIFO(pf) \
299 destroy_filegen_fifo(pf); \
302 static void destroy_restrict_fifo(restrict_fifo *);
303 #define FREE_RESTRICT_FIFO(pf) \
305 destroy_restrict_fifo(pf); \
308 static void destroy_setvar_fifo(setvar_fifo *);
309 #define FREE_SETVAR_FIFO(pf) \
311 destroy_setvar_fifo(pf); \
314 static void destroy_addr_opts_fifo(addr_opts_fifo *);
315 #define FREE_ADDR_OPTS_FIFO(pf) \
317 destroy_addr_opts_fifo(pf); \
321 static void config_logconfig(config_tree *);
322 static void config_monitor(config_tree *);
323 static void config_rlimit(config_tree *);
324 static void config_system_opts(config_tree *);
325 static void config_tinker(config_tree *);
326 static int config_tos_clock(config_tree *);
327 static void config_tos(config_tree *);
328 static void config_vars(config_tree *);
331 static sockaddr_u *get_next_address(address_node *addr);
332 static void config_sim(config_tree *);
333 static void config_ntpdsim(config_tree *);
334 #else /* !SIM follows */
335 static void config_ntpd(config_tree *, int/*BOOL*/ input_from_file);
336 static void config_other_modes(config_tree *);
337 static void config_auth(config_tree *);
338 static void attrtopsl(int poll, attr_val *avp);
339 static void config_access(config_tree *);
340 static void config_mdnstries(config_tree *);
341 static void config_phone(config_tree *);
342 static void config_setvar(config_tree *);
343 static void config_ttl(config_tree *);
344 static void config_trap(config_tree *);
345 static void config_fudge(config_tree *);
346 static void config_peers(config_tree *);
347 static void config_unpeers(config_tree *);
348 static void config_nic_rules(config_tree *, int/*BOOL*/ input_from_file);
349 static void config_reset_counters(config_tree *);
350 static u_char get_correct_host_mode(int token);
351 static int peerflag_bits(peer_node *);
355 static void peer_name_resolved(int, int, void *, const char *, const char *,
356 const struct addrinfo *,
357 const struct addrinfo *);
358 static void unpeer_name_resolved(int, int, void *, const char *, const char *,
359 const struct addrinfo *,
360 const struct addrinfo *);
361 static void trap_name_resolved(int, int, void *, const char *, const char *,
362 const struct addrinfo *,
363 const struct addrinfo *);
368 t_REF, /* Refclock */
369 t_MSK /* Network Mask */
372 static void ntpd_set_tod_using(const char *);
373 static char * normal_dtoa(double);
374 static u_int32 get_pfxmatch(const char **, struct masks *);
375 static u_int32 get_match(const char *, struct masks *);
376 static u_int32 get_logmask(const char *);
377 static int/*BOOL*/ is_refclk_addr(const address_node * addr);
379 static void appendstr(char *, size_t, const char *);
383 static int getnetnum(const char *num, sockaddr_u *addr, int complain,
384 enum gnn_type a_type);
388 #if defined(__GNUC__) /* this covers CLANG, too */
389 static void __attribute__((noreturn,format(printf,1,2))) fatal_error(const char *fmt, ...)
390 #elif defined(_MSC_VER)
391 static void __declspec(noreturn) fatal_error(const char *fmt, ...)
393 static void fatal_error(const char *fmt, ...)
399 mvsyslog(LOG_EMERG, fmt, va);
405 /* FUNCTIONS FOR INITIALIZATION
406 * ----------------------------
415 if (ptree->auth.keys) {
416 free(ptree->auth.keys);
417 ptree->auth.keys = NULL;
420 if (ptree->auth.keysdir) {
421 free(ptree->auth.keysdir);
422 ptree->auth.keysdir = NULL;
425 if (ptree->auth.ntp_signd_socket) {
426 free(ptree->auth.ntp_signd_socket);
427 ptree->auth.ntp_signd_socket = NULL;
439 ptree->mdnstries = 5;
445 free_all_config_trees(void)
450 ptree = cfg_tree_history;
452 while (ptree != NULL) {
454 free_config_tree(ptree);
465 #if defined(_MSC_VER) && defined (_DEBUG)
469 if (ptree->source.value.s != NULL)
470 free(ptree->source.value.s);
472 free_config_other_modes(ptree);
473 free_config_auth(ptree);
474 free_config_tos(ptree);
475 free_config_monitor(ptree);
476 free_config_access(ptree);
477 free_config_tinker(ptree);
478 free_config_rlimit(ptree);
479 free_config_system_opts(ptree);
480 free_config_logconfig(ptree);
481 free_config_phone(ptree);
482 free_config_setvar(ptree);
483 free_config_ttl(ptree);
484 free_config_trap(ptree);
485 free_config_fudge(ptree);
486 free_config_vars(ptree);
487 free_config_peers(ptree);
488 free_config_unpeers(ptree);
489 free_config_nic_rules(ptree);
490 free_config_reset_counters(ptree);
492 free_config_sim(ptree);
494 free_auth_node(ptree);
498 #if defined(_MSC_VER) && defined (_DEBUG)
502 #endif /* FREE_CFG_T */
508 dump_all_config_trees(
513 config_tree * cfg_ptr;
515 time_t now = time(NULL);
516 struct tm tm = *localtime(&now);
518 fprintf(df, "#NTF:D %04d%02d%02d@%02d:%02d:%02d\n",
519 tm.tm_year+1900, tm.tm_mon+1, tm.tm_mday,
520 tm.tm_hour, tm.tm_min, tm.tm_sec);
521 fprintf(df, "#NTF:V %s\n", Version);
524 for (cfg_ptr = cfg_tree_history;
526 cfg_ptr = cfg_ptr->link)
527 return_value |= dump_config_tree(cfg_ptr, df, comment);
533 /* The config dumper */
542 unpeer_node *unpeern;
545 address_node *peer_addr;
546 address_node *fudge_addr;
547 filegen_node *fgen_node;
548 restrict_node *rest_node;
549 addr_opts_node *addr_opts;
550 setvar_node *setv_node;
551 nic_rule_node *rule_node;
553 int_node *counter_set;
554 string_node *str_node;
556 const char *s = NULL;
562 DPRINTF(1, ("dump_config_tree(%p)\n", ptree));
565 if (!strftime(timestamp, sizeof(timestamp),
567 localtime(&ptree->timestamp)))
570 fprintf(df, "# %s %s %s\n",
572 (CONF_SOURCE_NTPQ == ptree->source.attr)
573 ? "ntpq remote config from"
574 : "startup configuration file",
575 ptree->source.value.s);
579 * For options without documentation we just output the name
582 atrv = HEAD_PFIFO(ptree->vars);
583 for ( ; atrv != NULL; atrv = atrv->link) {
584 switch (atrv->type) {
587 fprintf(df, "\n# dump error:\n"
588 "# unknown vars type %d (%s) for %s\n",
589 atrv->type, token_name(atrv->type),
590 token_name(atrv->attr));
594 fprintf(df, "%s %s\n", keyword(atrv->attr),
595 normal_dtoa(atrv->value.d));
599 fprintf(df, "%s %d\n", keyword(atrv->attr),
604 fprintf(df, "%s \"%s\"", keyword(atrv->attr),
606 if (T_Driftfile == atrv->attr &&
607 atrv->link != NULL &&
608 T_WanderThreshold == atrv->link->attr) {
611 normal_dtoa(atrv->value.d));
612 } else if (T_Leapfile == atrv->attr) {
624 atrv = HEAD_PFIFO(ptree->logconfig);
626 fprintf(df, "logconfig");
627 for ( ; atrv != NULL; atrv = atrv->link)
628 fprintf(df, " %c%s", atrv->attr, atrv->value.s);
632 if (ptree->stats_dir)
633 fprintf(df, "statsdir \"%s\"\n", ptree->stats_dir);
635 i_n = HEAD_PFIFO(ptree->stats_list);
637 fprintf(df, "statistics");
638 for ( ; i_n != NULL; i_n = i_n->link)
639 fprintf(df, " %s", keyword(i_n->i));
643 fgen_node = HEAD_PFIFO(ptree->filegen_opts);
644 for ( ; fgen_node != NULL; fgen_node = fgen_node->link) {
645 atrv = HEAD_PFIFO(fgen_node->options);
647 fprintf(df, "filegen %s",
648 keyword(fgen_node->filegen_token));
649 for ( ; atrv != NULL; atrv = atrv->link) {
650 switch (atrv->attr) {
653 fprintf(df, "\n# dump error:\n"
654 "# unknown filegen option token %s\n"
656 token_name(atrv->attr),
657 keyword(fgen_node->filegen_token));
661 fprintf(df, " file %s",
666 fprintf(df, " type %s",
667 keyword(atrv->value.i));
672 keyword(atrv->value.i));
680 atrv = HEAD_PFIFO(ptree->auth.crypto_cmd_list);
682 fprintf(df, "crypto");
683 for ( ; atrv != NULL; atrv = atrv->link) {
684 fprintf(df, " %s %s", keyword(atrv->attr),
690 if (ptree->auth.revoke != 0)
691 fprintf(df, "revoke %d\n", ptree->auth.revoke);
693 if (ptree->auth.keysdir != NULL)
694 fprintf(df, "keysdir \"%s\"\n", ptree->auth.keysdir);
696 if (ptree->auth.keys != NULL)
697 fprintf(df, "keys \"%s\"\n", ptree->auth.keys);
699 atrv = HEAD_PFIFO(ptree->auth.trusted_key_list);
701 fprintf(df, "trustedkey");
702 for ( ; atrv != NULL; atrv = atrv->link) {
703 if (T_Integer == atrv->type)
704 fprintf(df, " %d", atrv->value.i);
705 else if (T_Intrange == atrv->type)
706 fprintf(df, " (%d ... %d)",
711 fprintf(df, "\n# dump error:\n"
712 "# unknown trustedkey attr type %d\n"
713 "trustedkey", atrv->type);
719 if (ptree->auth.control_key)
720 fprintf(df, "controlkey %d\n", ptree->auth.control_key);
722 if (ptree->auth.request_key)
723 fprintf(df, "requestkey %d\n", ptree->auth.request_key);
725 /* dump enable list, then disable list */
726 for (enable = 1; enable >= 0; enable--) {
728 ? HEAD_PFIFO(ptree->enable_opts)
729 : HEAD_PFIFO(ptree->disable_opts);
731 fprintf(df, "%s", (enable)
734 for ( ; atrv != NULL; atrv = atrv->link)
736 keyword(atrv->value.i));
741 atrv = HEAD_PFIFO(ptree->orphan_cmds);
744 for ( ; atrv != NULL; atrv = atrv->link) {
745 switch (atrv->type) {
748 fprintf(df, "\n# dump error:\n"
749 "# unknown tos attr type %d %s\n"
751 token_name(atrv->type));
755 if (atrv->attr == T_Basedate) {
757 ntpcal_rd_to_date(&jd, atrv->value.i + DAY_NTP_STARTS);
758 fprintf(df, " %s \"%04hu-%02hu-%02hu\"",
759 keyword(atrv->attr), jd.year,
761 (u_short)jd.monthday);
763 fprintf(df, " %s %d",
770 fprintf(df, " %s %s",
772 normal_dtoa(atrv->value.d));
779 atrv = HEAD_PFIFO(ptree->rlimit);
781 fprintf(df, "rlimit");
782 for ( ; atrv != NULL; atrv = atrv->link) {
783 INSIST(T_Integer == atrv->type);
784 fprintf(df, " %s %d", keyword(atrv->attr),
790 atrv = HEAD_PFIFO(ptree->tinker);
792 fprintf(df, "tinker");
793 for ( ; atrv != NULL; atrv = atrv->link) {
794 INSIST(T_Double == atrv->type);
795 fprintf(df, " %s %s", keyword(atrv->attr),
796 normal_dtoa(atrv->value.d));
801 if (ptree->broadcastclient)
802 fprintf(df, "broadcastclient\n");
804 peern = HEAD_PFIFO(ptree->peers);
805 for ( ; peern != NULL; peern = peern->link) {
807 fprintf(df, "%s", keyword(peern->host_mode));
808 switch (addr->type) {
811 fprintf(df, "# dump error:\n"
812 "# unknown peer family %d for:\n"
814 keyword(peern->host_mode));
828 fprintf(df, " %s", addr->address);
830 if (peern->minpoll != 0)
831 fprintf(df, " minpoll %u", peern->minpoll);
833 if (peern->maxpoll != 0)
834 fprintf(df, " maxpoll %u", peern->maxpoll);
836 if (peern->ttl != 0) {
837 if (strlen(addr->address) > 8
838 && !memcmp(addr->address, "127.127.", 8))
839 fprintf(df, " mode %u", peern->ttl);
841 fprintf(df, " ttl %u", peern->ttl);
844 if (peern->peerversion != NTP_VERSION)
845 fprintf(df, " version %u", peern->peerversion);
847 if (peern->peerkey != 0)
848 fprintf(df, " key %u", peern->peerkey);
850 if (peern->group != NULL)
851 fprintf(df, " ident \"%s\"", peern->group);
853 atrv = HEAD_PFIFO(peern->peerflags);
854 for ( ; atrv != NULL; atrv = atrv->link) {
855 INSIST(T_Flag == atrv->attr);
856 INSIST(T_Integer == atrv->type);
857 fprintf(df, " %s", keyword(atrv->value.i));
862 addr_opts = HEAD_PFIFO(ptree->fudge);
863 for ( ; addr_opts != NULL; addr_opts = addr_opts->link) {
864 peer_addr = peern->addr;
865 fudge_addr = addr_opts->addr;
867 s1 = peer_addr->address;
868 s2 = fudge_addr->address;
873 fprintf(df, "fudge %s", s1);
875 for (atrv = HEAD_PFIFO(addr_opts->options);
879 switch (atrv->type) {
882 fprintf(df, "\n# dump error:\n"
883 "# unknown fudge atrv->type %d\n"
884 "fudge %s", atrv->type,
889 fprintf(df, " %s %s",
891 normal_dtoa(atrv->value.d));
895 fprintf(df, " %s %d",
901 fprintf(df, " %s %s",
911 addr = HEAD_PFIFO(ptree->manycastserver);
913 fprintf(df, "manycastserver");
914 for ( ; addr != NULL; addr = addr->link)
915 fprintf(df, " %s", addr->address);
919 addr = HEAD_PFIFO(ptree->multicastclient);
921 fprintf(df, "multicastclient");
922 for ( ; addr != NULL; addr = addr->link)
923 fprintf(df, " %s", addr->address);
928 for (unpeern = HEAD_PFIFO(ptree->unpeers);
930 unpeern = unpeern->link)
931 fprintf(df, "unpeer %s\n", unpeern->addr->address);
933 atrv = HEAD_PFIFO(ptree->mru_opts);
936 for ( ; atrv != NULL; atrv = atrv->link)
937 fprintf(df, " %s %d", keyword(atrv->attr),
942 atrv = HEAD_PFIFO(ptree->discard_opts);
944 fprintf(df, "discard");
945 for ( ; atrv != NULL; atrv = atrv->link)
946 fprintf(df, " %s %d", keyword(atrv->attr),
951 atrv = HEAD_PFIFO(ptree->pollskewlist);
953 fprintf(df, "pollskewlist");
954 for ( ; atrv != NULL; atrv = atrv->link) {
955 if (-1 == atrv->attr) {
956 fprintf(df, " default");
958 fprintf(df, " %d", atrv->attr);
960 fprintf(df, " %d|%d",
961 atrv->value.r.first, atrv->value.r.last);
966 for (rest_node = HEAD_PFIFO(ptree->restrict_opts);
968 rest_node = rest_node->link) {
971 if (NULL == rest_node->addr) {
973 /* Don't need to set is_default=1 here */
974 atrv = HEAD_PFIFO(rest_node->flag_tok_fifo);
975 for ( ; atrv != NULL; atrv = atrv->link) {
976 if ( T_Integer == atrv->type
977 && T_Source == atrv->attr) {
983 const char *ap = rest_node->addr->address;
987 mp = rest_node->mask->address;
989 if ( rest_node->addr->type == AF_INET
990 && !strcmp(ap, "0.0.0.0")
991 && !strcmp(mp, "0.0.0.0")) {
994 } else if ( rest_node->mask
995 && rest_node->mask->type == AF_INET6
997 && !strcmp(mp, "::")) {
1004 fprintf(df, "restrict %s", s);
1005 if (rest_node->mask != NULL && !is_default)
1006 fprintf(df, " mask %s",
1007 rest_node->mask->address);
1008 fprintf(df, " ippeerlimit %d", rest_node->ippeerlimit);
1009 atrv = HEAD_PFIFO(rest_node->flag_tok_fifo);
1010 for ( ; atrv != NULL; atrv = atrv->link) {
1011 if ( T_Integer == atrv->type
1012 && T_Source != atrv->attr) {
1013 fprintf(df, " %s", keyword(atrv->attr));
1019 msyslog(LOG_INFO, "Dumping flag_tok_fifo:");
1020 atrv = HEAD_PFIFO(rest_node->flag_tok_fifo);
1021 for ( ; atrv != NULL; atrv = atrv->link) {
1022 msyslog(LOG_INFO, "- flag_tok_fifo: flags: %08x", atrv->flag);
1023 switch(atrv->type) {
1025 msyslog(LOG_INFO, "- T_Integer: attr <%s>/%d, value %d",
1026 keyword(atrv->attr), atrv->attr, atrv->value.i);
1029 msyslog(LOG_INFO, "- Other: attr <%s>/%d, value ???",
1030 keyword(atrv->attr), atrv->attr);
1039 rule_node = HEAD_PFIFO(ptree->nic_rules);
1040 for ( ; rule_node != NULL; rule_node = rule_node->link) {
1041 fprintf(df, "interface %s %s\n",
1042 keyword(rule_node->action),
1043 (rule_node->match_class)
1044 ? keyword(rule_node->match_class)
1045 : rule_node->if_name);
1048 str_node = HEAD_PFIFO(ptree->phone);
1049 if (str_node != NULL) {
1050 fprintf(df, "phone");
1051 for ( ; str_node != NULL; str_node = str_node->link)
1052 fprintf(df, " \"%s\"", str_node->s);
1056 setv_node = HEAD_PFIFO(ptree->setvar);
1057 for ( ; setv_node != NULL; setv_node = setv_node->link) {
1058 s1 = quote_if_needed(setv_node->var);
1059 s2 = quote_if_needed(setv_node->val);
1060 fprintf(df, "setvar %s = %s", s1, s2);
1063 if (setv_node->isdefault)
1064 fprintf(df, " default");
1068 i_n = HEAD_PFIFO(ptree->ttl);
1071 for( ; i_n != NULL; i_n = i_n->link)
1072 fprintf(df, " %d", i_n->i);
1076 addr_opts = HEAD_PFIFO(ptree->trap);
1077 for ( ; addr_opts != NULL; addr_opts = addr_opts->link) {
1078 addr = addr_opts->addr;
1079 fprintf(df, "trap %s", addr->address);
1080 atrv = HEAD_PFIFO(addr_opts->options);
1081 for ( ; atrv != NULL; atrv = atrv->link) {
1082 switch (atrv->attr) {
1085 fprintf(df, "\n# dump error:\n"
1086 "# unknown trap token %d\n"
1087 "trap %s", atrv->attr,
1092 fprintf(df, " port %d", atrv->value.i);
1096 fprintf(df, " interface %s",
1104 counter_set = HEAD_PFIFO(ptree->reset_counters);
1105 if (counter_set != NULL) {
1106 fprintf(df, "reset");
1107 for ( ; counter_set != NULL;
1108 counter_set = counter_set->link)
1109 fprintf(df, " %s", keyword(counter_set->i));
1115 #endif /* SAVECONFIG */
1118 /* generic fifo routines for structs linked by 1st member */
1131 pf = emalloc_zero(sizeof(*pf));
1133 CHECK_FIFO_CONSISTENCY(*pf);
1135 LINK_FIFO(*pf, pe, link);
1136 CHECK_FIFO_CONSISTENCY(*pf);
1158 CONCAT_FIFO(*pf1, *pf2, link);
1170 any_node * np = NULL;
1171 any_node_fifo * pf1 = fifo;
1177 UNLINK_FIFO(np, *pf1, link);
1187 /* FUNCTIONS FOR CREATING NODES ON THE SYNTAX TREE
1188 * -----------------------------------------------
1197 if (T_String == av->type)
1211 my_val = emalloc_zero(sizeof(*my_val));
1212 my_val->attr = attr;
1213 my_val->value.d = value;
1214 my_val->type = T_Double;
1228 my_val = emalloc_zero(sizeof(*my_val));
1229 my_val->attr = attr;
1230 my_val->value.i = value;
1231 my_val->type = T_Integer;
1245 my_val = emalloc_zero(sizeof(*my_val));
1246 my_val->attr = attr;
1247 my_val->value.u = value;
1248 my_val->type = T_U_int;
1263 my_val = emalloc_zero(sizeof(*my_val));
1264 my_val->attr = attr;
1265 my_val->value.r.first = first;
1266 my_val->value.r.last = last;
1267 my_val->type = T_Intrange;
1281 my_val = emalloc_zero(sizeof(*my_val));
1282 my_val->attr = attr;
1283 if (NULL == s) /* free() hates NULL */
1285 my_val->value.s = _UC(s);
1286 my_val->type = T_String;
1299 i_n = emalloc_zero(sizeof(*i_n));
1313 sn = emalloc_zero(sizeof(*sn));
1321 create_address_node(
1326 address_node *my_node;
1328 REQUIRE(NULL != addr);
1329 REQUIRE(AF_INET == type || AF_INET6 == type || AF_UNSPEC == type);
1330 my_node = emalloc_zero(sizeof(*my_node));
1331 my_node->address = addr;
1332 my_node->type = (u_short)type;
1339 destroy_address_node(
1340 address_node *my_node
1343 if (NULL == my_node)
1345 REQUIRE(NULL != my_node->address);
1347 free(my_node->address);
1355 address_node * addr,
1356 attr_val_fifo * options
1364 my_node = emalloc_zero(sizeof(*my_node));
1366 /* Initialize node values to default */
1367 my_node->peerversion = NTP_VERSION;
1369 /* Now set the node to the read values */
1370 my_node->host_mode = hmode;
1371 my_node->addr = addr;
1374 * the options FIFO mixes items that will be saved in the
1375 * peer_node as explicit members, such as minpoll, and
1376 * those that are moved intact to the peer_node's peerflags
1377 * FIFO. The options FIFO is consumed and reclaimed here.
1380 if (options != NULL)
1381 CHECK_FIFO_CONSISTENCY(*options);
1382 while (options != NULL) {
1383 UNLINK_FIFO(option, *options, link);
1384 if (NULL == option) {
1390 /* Check the kind of option being set */
1391 switch (option->attr) {
1394 APPEND_G_FIFO(my_node->peerflags, option);
1399 if (option->value.i < NTP_MINPOLL ||
1400 option->value.i > UCHAR_MAX) {
1402 "minpoll: provided value (%d) is out of range [%d-%d])",
1403 option->value.i, NTP_MINPOLL,
1405 my_node->minpoll = NTP_MINPOLL;
1408 (u_char)option->value.u;
1413 if (option->value.i < 0 ||
1414 option->value.i > NTP_MAXPOLL) {
1416 "maxpoll: provided value (%d) is out of range [0-%d])",
1417 option->value.i, NTP_MAXPOLL);
1418 my_node->maxpoll = NTP_MAXPOLL;
1421 (u_char)option->value.u;
1426 if (is_refclk_addr(addr)) {
1427 msyslog(LOG_ERR, "'ttl' does not apply for refclocks");
1429 } else if (option->value.u >= MAX_TTL) {
1430 msyslog(LOG_ERR, "ttl: invalid argument");
1433 my_node->ttl = (u_char)option->value.u;
1438 if (is_refclk_addr(addr)) {
1439 my_node->ttl = option->value.u;
1441 msyslog(LOG_ERR, "'mode' does not apply for network peers");
1447 if (option->value.u >= KEYID_T_MAX) {
1448 msyslog(LOG_ERR, "key: invalid argument");
1452 (keyid_t)option->value.u;
1457 if (option->value.u >= UCHAR_MAX) {
1458 msyslog(LOG_ERR, "version: invalid argument");
1461 my_node->peerversion =
1462 (u_char)option->value.u;
1467 my_node->group = option->value.s;
1472 "Unknown peer/server option token %s",
1473 token_name(option->attr));
1480 /* Check if errors were reported. If yes, ignore the node */
1495 unpeer_node * my_node;
1499 my_node = emalloc_zero(sizeof(*my_node));
1502 * From the parser's perspective an association ID fits into
1503 * its generic T_String definition of a name/address "address".
1504 * We treat all valid 16-bit numbers as association IDs.
1506 for (u = 0, pch = (u_char*)addr->address; isdigit(*pch); ++pch) {
1507 /* accumulate with overflow retention */
1508 u = (10 * u + *pch - '0') | (u & 0xFF000000u);
1511 if (!*pch && u <= ASSOCID_MAX) {
1512 my_node->assocID = (associd_t)u;
1513 my_node->addr = NULL;
1514 destroy_address_node(addr);
1516 my_node->assocID = 0;
1517 my_node->addr = addr;
1524 create_filegen_node(
1526 attr_val_fifo * options
1529 filegen_node *my_node;
1531 my_node = emalloc_zero(sizeof(*my_node));
1532 my_node->filegen_token = filegen_token;
1533 my_node->options = options;
1540 create_restrict_node(
1541 address_node * addr,
1542 address_node * mask,
1544 attr_val_fifo * flag_tok_fifo,
1548 restrict_node *my_node;
1550 my_node = emalloc_zero(sizeof(*my_node));
1551 my_node->addr = addr;
1552 my_node->mask = mask;
1553 my_node->ippeerlimit = ippeerlimit;
1554 my_node->flag_tok_fifo = flag_tok_fifo;
1555 my_node->line_no = nline;
1562 destroy_restrict_node(
1563 restrict_node *my_node
1566 /* With great care, free all the memory occupied by
1569 destroy_address_node(my_node->addr);
1570 destroy_address_node(my_node->mask);
1571 destroy_attr_val_fifo(my_node->flag_tok_fifo);
1585 UNLINK_FIFO(i_n, *fifo, link);
1596 destroy_string_fifo(
1604 UNLINK_FIFO(sn, *fifo, link);
1616 destroy_attr_val_fifo(
1617 attr_val_fifo * av_fifo
1622 if (av_fifo != NULL) {
1624 UNLINK_FIFO(av, *av_fifo, link);
1627 destroy_attr_val(av);
1635 destroy_filegen_fifo(
1643 UNLINK_FIFO(fg, *fifo, link);
1646 destroy_attr_val_fifo(fg->options);
1655 destroy_restrict_fifo(
1656 restrict_fifo * fifo
1663 UNLINK_FIFO(rn, *fifo, link);
1666 destroy_restrict_node(rn);
1674 destroy_setvar_fifo(
1682 UNLINK_FIFO(sv, *fifo, link);
1695 destroy_addr_opts_fifo(
1696 addr_opts_fifo * fifo
1699 addr_opts_node * aon;
1703 UNLINK_FIFO(aon, *fifo, link);
1706 destroy_address_node(aon->addr);
1707 destroy_attr_val_fifo(aon->options);
1722 setvar_node * my_node;
1725 /* do not allow = in the variable name */
1726 pch = strchr(var, '=');
1730 /* Now store the string into a setvar_node */
1731 my_node = emalloc_zero(sizeof(*my_node));
1734 my_node->isdefault = isdefault;
1741 create_nic_rule_node(
1743 char *if_name, /* interface name or numeric address */
1747 nic_rule_node *my_node;
1749 REQUIRE(match_class != 0 || if_name != NULL);
1751 my_node = emalloc_zero(sizeof(*my_node));
1752 my_node->match_class = match_class;
1753 my_node->if_name = if_name;
1754 my_node->action = action;
1761 create_addr_opts_node(
1762 address_node * addr,
1763 attr_val_fifo * options
1766 addr_opts_node *my_node;
1768 my_node = emalloc_zero(sizeof(*my_node));
1769 my_node->addr = addr;
1770 my_node->options = options;
1778 create_sim_script_info(
1780 attr_val_fifo * script_queue
1783 script_info *my_info;
1784 attr_val *my_attr_val;
1786 my_info = emalloc_zero(sizeof(*my_info));
1788 /* Initialize Script Info with default values*/
1789 my_info->duration = duration;
1790 my_info->prop_delay = NET_DLY;
1791 my_info->proc_delay = PROC_DLY;
1793 /* Traverse the script_queue and fill out non-default values */
1795 for (my_attr_val = HEAD_PFIFO(script_queue);
1796 my_attr_val != NULL;
1797 my_attr_val = my_attr_val->link) {
1799 /* Set the desired value */
1800 switch (my_attr_val->attr) {
1803 my_info->freq_offset = my_attr_val->value.d;
1807 my_info->wander = my_attr_val->value.d;
1811 my_info->jitter = my_attr_val->value.d;
1815 my_info->prop_delay = my_attr_val->value.d;
1819 my_info->proc_delay = my_attr_val->value.d;
1823 msyslog(LOG_ERR, "Unknown script token %d",
1839 const char addr_prefix[] = "192.168.0.";
1840 static int curr_addr_num = 1;
1841 #define ADDR_LENGTH 16 + 1 /* room for 192.168.1.255 */
1842 char addr_string[ADDR_LENGTH];
1843 sockaddr_u *final_addr;
1844 struct addrinfo *ptr;
1847 final_addr = emalloc(sizeof(*final_addr));
1849 if (addr->type == T_String) {
1850 snprintf(addr_string, sizeof(addr_string), "%s%d",
1851 addr_prefix, curr_addr_num++);
1852 printf("Selecting ip address %s for hostname %s\n",
1853 addr_string, addr->address);
1854 gai_err = getaddrinfo(addr_string, "ntp", NULL, &ptr);
1856 gai_err = getaddrinfo(addr->address, "ntp", NULL, &ptr);
1860 fprintf(stderr, "ERROR!! Could not get a new address\n");
1863 memcpy(final_addr, ptr->ai_addr, ptr->ai_addrlen);
1864 fprintf(stderr, "Successful in setting ip address of simulated server to: %s\n",
1876 address_node * addr,
1877 double server_offset,
1878 script_info_fifo * script
1881 server_info *my_info;
1883 my_info = emalloc_zero(sizeof(*my_info));
1884 my_info->server_time = server_offset;
1885 my_info->addr = get_next_address(addr);
1886 my_info->script = script;
1887 UNLINK_FIFO(my_info->curr_script, *my_info->script, link);
1895 attr_val_fifo * init_opts,
1896 server_info_fifo * servers
1901 my_node = emalloc(sizeof(*my_node));
1902 my_node->init_opts = init_opts;
1903 my_node->servers = servers;
1911 /* FUNCTIONS FOR PERFORMING THE CONFIGURATION
1912 * ------------------------------------------
1921 sockaddr_u addr_sock;
1922 address_node * addr_node;
1924 if (ptree->broadcastclient)
1925 proto_config(PROTO_BROADCLIENT, ptree->broadcastclient,
1928 addr_node = HEAD_PFIFO(ptree->manycastserver);
1929 while (addr_node != NULL) {
1930 ZERO_SOCK(&addr_sock);
1931 AF(&addr_sock) = addr_node->type;
1932 if (1 == getnetnum(addr_node->address, &addr_sock, 1,
1934 proto_config(PROTO_MULTICAST_ADD,
1936 sys_manycastserver = 1;
1938 addr_node = addr_node->link;
1941 /* Configure the multicast clients */
1942 addr_node = HEAD_PFIFO(ptree->multicastclient);
1943 if (addr_node != NULL) {
1945 ZERO_SOCK(&addr_sock);
1946 AF(&addr_sock) = addr_node->type;
1947 if (1 == getnetnum(addr_node->address,
1948 &addr_sock, 1, t_UNK)) {
1949 proto_config(PROTO_MULTICAST_ADD, 0, 0.,
1952 addr_node = addr_node->link;
1953 } while (addr_node != NULL);
1954 proto_config(PROTO_MULTICAST_ADD, 1, 0., NULL);
1962 destroy_address_fifo(
1963 address_fifo * pfifo
1966 address_node * addr_node;
1968 if (pfifo != NULL) {
1970 UNLINK_FIFO(addr_node, *pfifo, link);
1971 if (addr_node == NULL)
1973 destroy_address_node(addr_node);
1981 free_config_other_modes(
1985 FREE_ADDRESS_FIFO(ptree->manycastserver);
1986 FREE_ADDRESS_FIFO(ptree->multicastclient);
1988 #endif /* FREE_CFG_T */
2006 /* Crypto Command */
2008 my_val = HEAD_PFIFO(ptree->auth.crypto_cmd_list);
2009 for (; my_val != NULL; my_val = my_val->link) {
2010 switch (my_val->attr) {
2013 fatal_error("config_auth: attr-token=%d", my_val->attr);
2016 item = CRYPTO_CONF_PRIV;
2020 item = CRYPTO_CONF_IDENT;
2024 item = CRYPTO_CONF_PW;
2028 item = CRYPTO_CONF_RAND;
2032 item = CRYPTO_CONF_NID;
2035 crypto_config(item, my_val->value.s);
2037 #endif /* AUTOKEY */
2039 /* Keysdir Command */
2040 if (ptree->auth.keysdir) {
2041 if (keysdir != default_keysdir)
2043 keysdir = estrdup(ptree->auth.keysdir);
2047 /* ntp_signd_socket Command */
2048 if (ptree->auth.ntp_signd_socket) {
2049 if (ntp_signd_socket != default_ntp_signd_socket)
2050 free(ntp_signd_socket);
2051 ntp_signd_socket = estrdup(ptree->auth.ntp_signd_socket);
2055 if (ptree->auth.cryptosw && !cryptosw) {
2059 #endif /* AUTOKEY */
2062 * Count the number of trusted keys to preallocate storage and
2063 * size the hash table.
2066 my_val = HEAD_PFIFO(ptree->auth.trusted_key_list);
2067 for (; my_val != NULL; my_val = my_val->link) {
2068 if (T_Integer == my_val->type) {
2069 first = my_val->value.i;
2070 if (first > 1 && first <= NTP_MAXKEY)
2073 REQUIRE(T_Intrange == my_val->type);
2074 first = my_val->value.r.first;
2075 last = my_val->value.r.last;
2076 if (!(first > last || first < 1 ||
2077 last > NTP_MAXKEY)) {
2078 count += 1 + last - first;
2082 auth_prealloc_symkeys(count);
2085 if (ptree->auth.keys)
2086 getauthkeys(ptree->auth.keys);
2088 /* Control Key Command */
2089 if (ptree->auth.control_key)
2090 ctl_auth_keyid = (keyid_t)ptree->auth.control_key;
2092 /* Requested Key Command */
2093 if (ptree->auth.request_key) {
2094 DPRINTF(4, ("set info_auth_keyid to %08lx\n",
2095 (u_long) ptree->auth.request_key));
2096 info_auth_keyid = (keyid_t)ptree->auth.request_key;
2099 /* Trusted Key Command */
2100 my_val = HEAD_PFIFO(ptree->auth.trusted_key_list);
2101 for (; my_val != NULL; my_val = my_val->link) {
2102 if (T_Integer == my_val->type) {
2103 first = my_val->value.i;
2104 if (first >= 1 && first <= NTP_MAXKEY) {
2105 authtrust(first, TRUE);
2108 "Ignoring invalid trustedkey %d, min 1 max %d.",
2112 first = my_val->value.r.first;
2113 last = my_val->value.r.last;
2114 if (first > last || first < 1 ||
2115 last > NTP_MAXKEY) {
2117 "Ignoring invalid trustedkey range %d ... %d, min 1 max %d.",
2118 first, last, NTP_MAXKEY);
2120 for (i = first; i <= last; i++) {
2128 /* crypto revoke command */
2129 if (ptree->auth.revoke > 2 && ptree->auth.revoke < 32)
2130 sys_revoke = (u_char)ptree->auth.revoke;
2131 else if (ptree->auth.revoke)
2133 "'revoke' value %d ignored",
2134 ptree->auth.revoke);
2135 #endif /* AUTOKEY */
2146 destroy_attr_val_fifo(ptree->auth.crypto_cmd_list);
2147 ptree->auth.crypto_cmd_list = NULL;
2148 destroy_attr_val_fifo(ptree->auth.trusted_key_list);
2149 ptree->auth.trusted_key_list = NULL;
2151 #endif /* FREE_CFG_T */
2154 /* Configure low-level clock-related parameters. Return TRUE if the
2155 * clock might need adjustment like era-checking after the call, FALSE
2167 tos = HEAD_PFIFO(ptree->orphan_cmds);
2168 for (; tos != NULL; tos = tos->link) {
2175 basedate_set_day(tos->value.i);
2181 if (basedate_get_day() <= NTP_TO_UNIX_DAYS)
2182 basedate_set_day(basedate_eval_buildstamp() - 11);
2196 /* [Bug 2896] For the daemon to work properly it is essential
2197 * that minsane < minclock <= maxclock.
2199 * If either constraint is violated, the daemon will be or might
2200 * become dysfunctional. Fixing the values is too fragile here,
2201 * since three variables with interdependecies are involved. We
2202 * just log an error but do not stop: This might be caused by
2203 * remote config, and it might be fixed by remote config, too.
2205 int l_maxclock = sys_maxclock;
2206 int l_minclock = sys_minclock;
2207 int l_minsane = sys_minsane;
2209 /* -*- phase one: inspect / sanitize the values */
2210 tos = HEAD_PFIFO(ptree->orphan_cmds);
2211 for (; tos != NULL; tos = tos->link) {
2212 /* not all attributes are doubles (any more), so loading
2213 * 'val' in all cases is not a good idea: It should be
2214 * done as needed in every case processed here.
2223 msyslog(LOG_WARNING,
2224 "Using maximum bcpollbstep ceiling %d, %d requested",
2227 } else if (val < 0) {
2228 msyslog(LOG_WARNING,
2229 "Using minimum bcpollbstep floor %d, %d requested",
2237 if (val > STRATUM_UNSPEC - 1) {
2238 msyslog(LOG_WARNING,
2239 "Using maximum tos ceiling %d, %d requested",
2240 STRATUM_UNSPEC - 1, (int)val);
2241 tos->value.d = STRATUM_UNSPEC - 1;
2242 } else if (val < 1) {
2243 msyslog(LOG_WARNING,
2244 "Using minimum tos floor %d, %d requested",
2252 if ((int)tos->value.d < 1)
2254 l_minclock = (int)tos->value.d;
2259 if ((int)tos->value.d < 1)
2261 l_maxclock = (int)tos->value.d;
2266 if ((int)tos->value.d < 0)
2268 l_minsane = (int)tos->value.d;
2273 if ( ! (l_minsane < l_minclock && l_minclock <= l_maxclock)) {
2275 "tos error: must have minsane (%d) < minclock (%d) <= maxclock (%d)"
2276 " - daemon will not operate properly!",
2277 l_minsane, l_minclock, l_maxclock);
2280 /* -*- phase two: forward the values to the protocol machinery */
2281 tos = HEAD_PFIFO(ptree->orphan_cmds);
2282 for (; tos != NULL; tos = tos->link) {
2286 fatal_error("config-tos: attr-token=%d", tos->attr);
2289 item = PROTO_BCPOLLBSTEP;
2293 item = PROTO_CEILING;
2301 item = PROTO_COHORT;
2305 item = PROTO_ORPHAN;
2309 item = PROTO_ORPHWAIT;
2313 item = PROTO_MINDISP;
2317 item = PROTO_MAXDIST;
2321 item = PROTO_MINCLOCK;
2325 item = PROTO_MAXCLOCK;
2329 item = PROTO_MINSANE;
2333 item = PROTO_BEACON;
2337 continue; /* SKIP proto-config for this! */
2339 proto_config(item, 0, tos->value.d, NULL);
2350 FREE_ATTR_VAL_FIFO(ptree->orphan_cmds);
2352 #endif /* FREE_CFG_T */
2360 int_node *pfilegen_token;
2361 const char *filegen_string;
2362 const char *filegen_file;
2364 filegen_node *my_node;
2369 /* Set the statistics directory */
2370 if (ptree->stats_dir)
2371 stats_config(STATS_STATSDIR, ptree->stats_dir, 0);
2374 * Calling filegen_get is brain dead. Doing a string
2375 * comparison to find the relavant filegen structure is
2378 * Through the parser, we already know which filegen is
2379 * being specified. Hence, we should either store a
2380 * pointer to the specified structure in the syntax tree
2381 * or an index into a filegen array.
2383 * Need to change the filegen code to reflect the above.
2386 /* Turn on the specified statistics */
2387 pfilegen_token = HEAD_PFIFO(ptree->stats_list);
2388 for (; pfilegen_token != NULL; pfilegen_token = pfilegen_token->link) {
2389 filegen_string = keyword(pfilegen_token->i);
2390 filegen = filegen_get(filegen_string);
2391 if (NULL == filegen) {
2393 "stats %s unrecognized",
2397 DPRINTF(4, ("enabling filegen for %s statistics '%s%s'\n",
2398 filegen_string, filegen->dir,
2400 filegen_flag = filegen->flag;
2401 filegen_flag |= FGEN_FLAG_ENABLED;
2402 filegen_config(filegen, statsdir, filegen_string,
2403 filegen->type, filegen_flag);
2406 /* Configure the statistics with the options */
2407 my_node = HEAD_PFIFO(ptree->filegen_opts);
2408 for (; my_node != NULL; my_node = my_node->link) {
2409 filegen_string = keyword(my_node->filegen_token);
2410 filegen = filegen_get(filegen_string);
2411 if (NULL == filegen) {
2413 "filegen category '%s' unrecognized",
2417 filegen_file = filegen_string;
2419 /* Initialize the filegen variables to their pre-configuration states */
2420 filegen_flag = filegen->flag;
2421 filegen_type = filegen->type;
2423 /* "filegen ... enabled" is the default (when filegen is used) */
2424 filegen_flag |= FGEN_FLAG_ENABLED;
2426 my_opts = HEAD_PFIFO(my_node->options);
2427 for (; my_opts != NULL; my_opts = my_opts->link) {
2428 switch (my_opts->attr) {
2431 filegen_file = my_opts->value.s;
2435 switch (my_opts->value.i) {
2438 fatal_error("config-monitor: type-token=%d", my_opts->value.i);
2441 filegen_type = FILEGEN_NONE;
2445 filegen_type = FILEGEN_PID;
2449 filegen_type = FILEGEN_DAY;
2453 filegen_type = FILEGEN_WEEK;
2457 filegen_type = FILEGEN_MONTH;
2461 filegen_type = FILEGEN_YEAR;
2465 filegen_type = FILEGEN_AGE;
2471 switch (my_opts->value.i) {
2474 filegen_flag |= FGEN_FLAG_LINK;
2478 filegen_flag &= ~FGEN_FLAG_LINK;
2482 filegen_flag |= FGEN_FLAG_ENABLED;
2486 filegen_flag &= ~FGEN_FLAG_ENABLED;
2491 "Unknown filegen flag token %d",
2499 "Unknown filegen option token %d",
2504 filegen_config(filegen, statsdir, filegen_file,
2505 filegen_type, filegen_flag);
2512 free_config_monitor(
2516 if (ptree->stats_dir) {
2517 free(ptree->stats_dir);
2518 ptree->stats_dir = NULL;
2521 FREE_INT_FIFO(ptree->stats_list);
2522 FREE_FILEGEN_FIFO(ptree->filegen_opts);
2524 #endif /* FREE_CFG_T */
2533 static int warned_signd;
2535 restrict_node * my_node;
2538 struct addrinfo hints;
2539 struct addrinfo * ai_list;
2540 struct addrinfo * pai;
2542 int restrict_default;
2547 psl_item my_psl_item;
2549 attr_val * dflt_psl_atr;
2550 const char * signd_warning =
2551 #ifdef HAVE_NTP_SIGND
2552 "MS-SNTP signd operations currently block ntpd degrading service to all clients.";
2554 "mssntp restrict bit ignored, this ntpd was configured without --enable-ntp-signd.";
2557 /* Configure the mru options */
2558 my_opt = HEAD_PFIFO(ptree->mru_opts);
2559 for (; my_opt != NULL; my_opt = my_opt->link) {
2563 switch (my_opt->attr) {
2566 if (0 <= my_opt->value.i)
2567 mru_incalloc = my_opt->value.u;
2573 if (0 <= my_opt->value.i)
2574 mru_incalloc = (my_opt->value.u * 1024U)
2575 / sizeof(mon_entry);
2581 if (0 <= my_opt->value.i)
2582 mru_initalloc = my_opt->value.u;
2588 if (0 <= my_opt->value.i)
2589 mru_initalloc = (my_opt->value.u * 1024U)
2590 / sizeof(mon_entry);
2596 if (0 <= my_opt->value.i)
2597 mru_mindepth = my_opt->value.u;
2603 mru_maxage = my_opt->value.i;
2607 if (0 <= my_opt->value.i)
2608 mru_maxdepth = my_opt->value.u;
2610 mru_maxdepth = UINT_MAX;
2614 if (0 <= my_opt->value.i)
2615 mru_maxdepth = (my_opt->value.u * 1024U) /
2618 mru_maxdepth = UINT_MAX;
2623 "Unknown mru option %s (%d)",
2624 keyword(my_opt->attr), my_opt->attr);
2629 "mru %s %d out of range, ignored.",
2630 keyword(my_opt->attr), my_opt->value.i);
2633 /* Configure the discard options */
2634 my_opt = HEAD_PFIFO(ptree->discard_opts);
2635 for (; my_opt != NULL; my_opt = my_opt->link) {
2637 switch (my_opt->attr) {
2640 if (0 <= my_opt->value.i &&
2641 my_opt->value.i <= UCHAR_MAX)
2642 ntp_minpoll = (u_char)my_opt->value.u;
2645 "discard average %d out of range, ignored.",
2650 ntp_minpkt = my_opt->value.i;
2654 mon_age = my_opt->value.i;
2659 "Unknown discard option %s (%d)",
2660 keyword(my_opt->attr), my_opt->attr);
2665 /* Configure each line of restrict options */
2666 my_node = HEAD_PFIFO(ptree->restrict_opts);
2668 for (; my_node != NULL; my_node = my_node->link) {
2670 /* Grab the ippeerlmit */
2671 ippeerlimit = my_node->ippeerlimit;
2673 /* Parse the flags */
2677 my_opt = HEAD_PFIFO(my_node->flag_tok_fifo);
2678 for (; my_opt != NULL; my_opt = my_opt->link) {
2679 switch (my_opt->attr) {
2682 fatal_error("config_access: Unknown flag-type-token=%s/%d", keyword(my_opt->attr), my_opt->attr);
2685 mflags |= RESM_NTPONLY;
2689 mflags |= RESM_SOURCE;
2693 rflags |= RES_FLAKE;
2697 rflags |= RES_IGNORE;
2705 rflags |= RES_LIMITED;
2709 rflags |= RES_LPTRAP;
2713 rflags |= RES_MSSNTP;
2717 rflags |= RES_NOMODIFY;
2721 rflags |= RES_NOMRULIST;
2725 rflags |= RES_NOEPEER;
2729 rflags |= RES_NOPEER;
2733 rflags |= RES_NOQUERY;
2737 rflags |= RES_DONTSERVE;
2741 rflags |= RES_NOTRAP;
2745 rflags |= RES_DONTTRUST;
2748 case T_ServerresponseFuzz:
2749 rflags |= RES_SRVRSPFUZ;
2753 rflags |= RES_VERSION;
2758 if ((RES_MSSNTP & rflags) && !warned_signd) {
2760 fprintf(stderr, "%s\n", signd_warning);
2761 msyslog(LOG_WARNING, "%s", signd_warning);
2764 /* It would be swell if we could identify the line number */
2765 if ((RES_KOD & rflags) && !(RES_LIMITED & rflags)) {
2766 const char *kod_where = (my_node->addr)
2767 ? my_node->addr->address
2768 : (mflags & RESM_SOURCE)
2771 const char *kod_warn = "KOD does nothing without LIMITED.";
2773 fprintf(stderr, "restrict %s: %s\n", kod_where, kod_warn);
2774 msyslog(LOG_WARNING, "restrict %s: %s", kod_where, kod_warn);
2780 restrict_default = 0;
2782 if (NULL == my_node->addr) {
2784 if (!(RESM_SOURCE & mflags)) {
2786 * The user specified a default rule
2787 * without a -4 / -6 qualifier, add to
2790 restrict_default = 1;
2792 /* apply "restrict source ..." */
2793 DPRINTF(1, ("restrict source template ippeerlimit %d mflags %x rflags %x\n",
2794 ippeerlimit, mflags, rflags));
2795 hack_restrict(RESTRICT_FLAGS, NULL, NULL,
2796 ippeerlimit, mflags, rflags, 0);
2800 /* Resolve the specified address */
2801 AF(&addr) = (u_short)my_node->addr->type;
2803 if (getnetnum(my_node->addr->address,
2804 &addr, 1, t_UNK) != 1) {
2806 * Attempt a blocking lookup. This
2807 * is in violation of the nonblocking
2808 * design of ntpd's mainline code. The
2809 * alternative of running without the
2810 * restriction until the name resolved
2812 * Ideally some scheme could be used for
2813 * restrict directives in the startup
2814 * ntp.conf to delay starting up the
2815 * protocol machinery until after all
2816 * restrict hosts have been resolved.
2820 hints.ai_protocol = IPPROTO_UDP;
2821 hints.ai_socktype = SOCK_DGRAM;
2822 hints.ai_family = my_node->addr->type;
2823 rc = getaddrinfo(my_node->addr->address,
2828 "restrict: ignoring line %d, address/host '%s' unusable.",
2830 my_node->addr->address);
2833 INSIST(ai_list != NULL);
2835 INSIST(pai->ai_addr != NULL);
2836 INSIST(sizeof(addr) >=
2838 memcpy(&addr, pai->ai_addr,
2840 INSIST(AF_INET == AF(&addr) ||
2841 AF_INET6 == AF(&addr));
2844 SET_HOSTMASK(&mask, AF(&addr));
2846 /* Resolve the mask */
2847 if (my_node->mask) {
2849 AF(&mask) = my_node->mask->type;
2850 if (getnetnum(my_node->mask->address,
2851 &mask, 1, t_MSK) != 1) {
2853 "restrict: ignoring line %d, mask '%s' unusable.",
2855 my_node->mask->address);
2862 if (restrict_default) {
2863 AF(&addr) = AF_INET;
2864 AF(&mask) = AF_INET;
2865 hack_restrict(RESTRICT_FLAGS, &addr, &mask,
2866 ippeerlimit, mflags, rflags, 0);
2867 AF(&addr) = AF_INET6;
2868 AF(&mask) = AF_INET6;
2872 hack_restrict(RESTRICT_FLAGS, &addr, &mask,
2873 ippeerlimit, mflags, rflags, 0);
2875 NULL != (pai = pai->ai_next)) {
2876 INSIST(pai->ai_addr != NULL);
2877 INSIST(sizeof(addr) >=
2880 memcpy(&addr, pai->ai_addr,
2882 INSIST(AF_INET == AF(&addr) ||
2883 AF_INET6 == AF(&addr));
2884 SET_HOSTMASK(&mask, AF(&addr));
2886 } while (pai != NULL);
2888 if (ai_list != NULL)
2889 freeaddrinfo(ai_list);
2892 /* Deal with the Poll Skew List */
2898 * First, find the last default pollskewlist item.
2899 * There should only be one of these with the current grammar,
2900 * but better safe than sorry.
2902 dflt_psl_atr = NULL;
2903 atrv = HEAD_PFIFO(ptree->pollskewlist);
2904 for ( ; atrv != NULL; atrv = atrv->link) {
2905 switch (atrv->attr) {
2906 case -1: /* default */
2907 dflt_psl_atr = atrv;
2910 case 3: /* Fall through */
2911 case 4: /* Fall through */
2912 case 5: /* Fall through */
2913 case 6: /* Fall through */
2914 case 7: /* Fall through */
2915 case 8: /* Fall through */
2916 case 9: /* Fall through */
2917 case 10: /* Fall through */
2918 case 11: /* Fall through */
2919 case 12: /* Fall through */
2920 case 13: /* Fall through */
2921 case 14: /* Fall through */
2922 case 15: /* Fall through */
2923 case 16: /* Fall through */
2930 "config_access: default PSL scan: ignoring unexpected poll value %d",
2936 /* If we have a nonzero default, initialize the PSL */
2938 && ( 0 != dflt_psl_atr->value.r.first
2939 || 0 != dflt_psl_atr->value.r.last)) {
2942 for (i = 3; i <= 17; ++i) {
2943 attrtopsl(i, dflt_psl_atr);
2947 /* Finally, update the PSL with any explicit entries */
2948 atrv = HEAD_PFIFO(ptree->pollskewlist);
2949 for ( ; atrv != NULL; atrv = atrv->link) {
2950 switch (atrv->attr) {
2951 case -1: /* default */
2955 case 3: /* Fall through */
2956 case 4: /* Fall through */
2957 case 5: /* Fall through */
2958 case 6: /* Fall through */
2959 case 7: /* Fall through */
2960 case 8: /* Fall through */
2961 case 9: /* Fall through */
2962 case 10: /* Fall through */
2963 case 11: /* Fall through */
2964 case 12: /* Fall through */
2965 case 13: /* Fall through */
2966 case 14: /* Fall through */
2967 case 15: /* Fall through */
2968 case 16: /* Fall through */
2970 attrtopsl(atrv->attr, atrv);
2974 break; /* Ignore - we reported this above */
2980 msyslog(LOG_INFO, "Dumping PSL:");
2981 for (p = 3; p <= 17; ++p) {
2984 if (0 == get_pollskew(p, &psi)) {
2985 msyslog(LOG_INFO, "poll %d: sub %d, qty %d, msk %d",
2986 p, psi.sub, psi.qty, psi.msk);
2988 msyslog(LOG_ERR, "Dumping PSL: get_pollskew(%d) failed!", p);
2996 attrtopsl(int poll, attr_val *avp)
2999 DEBUG_INSIST((poll - 3) < sizeof psl);
3000 if (poll < 3 || poll > 17) {
3001 msyslog(LOG_ERR, "attrtopsl(%d, ...): Poll value is out of range - ignoring", poll);
3003 int pao = poll - 3; /* poll array offset */
3004 int lower = avp->value.r.first; /* a positive number */
3005 int upper = avp->value.r.last;
3006 int psmax = 1 << (poll - 1);
3009 if (lower > psmax) {
3010 msyslog(LOG_WARNING, "attrtopsl: default: poll %d lower bound reduced from %d to %d",
3011 poll, lower, psmax);
3014 if (upper > psmax) {
3015 msyslog(LOG_WARNING, "attrtopsl: default: poll %d upper bound reduced from %d to %d",
3016 poll, upper, psmax);
3019 psl[pao].sub = lower;
3020 psl[pao].qty = lower + upper;
3023 while (qmsk < (lower + upper)) {
3027 psl[pao].msk = qmsk;
3042 DEBUG_INSIST(3 <= p && 17 >= p);
3043 if (3 <= p && 17 >= p) {
3048 msyslog(LOG_ERR, "get_pollskew(%d): poll is not between 3 and 17!", p);
3062 FREE_ATTR_VAL_FIFO(ptree->mru_opts);
3063 FREE_ATTR_VAL_FIFO(ptree->discard_opts);
3064 FREE_RESTRICT_FIFO(ptree->restrict_opts);
3066 #endif /* FREE_CFG_T */
3074 attr_val * rlimit_av;
3076 rlimit_av = HEAD_PFIFO(ptree->rlimit);
3077 for (; rlimit_av != NULL; rlimit_av = rlimit_av->link) {
3078 switch (rlimit_av->attr) {
3081 fatal_error("config-rlimit: value-token=%d", rlimit_av->attr);
3084 /* What if we HAVE_OPT(SAVECONFIGQUIT) ? */
3085 if (HAVE_OPT( SAVECONFIGQUIT )) {
3088 if (rlimit_av->value.i == -1) {
3089 # if defined(HAVE_MLOCKALL)
3090 if (cur_memlock != 0) {
3091 if (-1 == munlockall()) {
3092 msyslog(LOG_ERR, "munlockall() failed: %m");
3096 # endif /* HAVE_MLOCKALL */
3097 } else if (rlimit_av->value.i >= 0) {
3098 #if defined(RLIMIT_MEMLOCK)
3099 # if defined(HAVE_MLOCKALL)
3100 if (cur_memlock != 1) {
3101 if (-1 == mlockall(MCL_CURRENT|MCL_FUTURE)) {
3102 msyslog(LOG_ERR, "mlockall() failed: %m");
3105 # endif /* HAVE_MLOCKALL */
3106 ntp_rlimit(RLIMIT_MEMLOCK,
3107 (rlim_t)(rlimit_av->value.i * 1024 * 1024),
3112 /* STDERR as well would be fine... */
3113 msyslog(LOG_WARNING, "'rlimit memlock' specified but is not available on this system.");
3114 #endif /* RLIMIT_MEMLOCK */
3116 msyslog(LOG_WARNING, "'rlimit memlock' value of %d is unexpected!", rlimit_av->value.i);
3121 #if defined(RLIMIT_STACK)
3122 ntp_rlimit(RLIMIT_STACK,
3123 (rlim_t)(rlimit_av->value.i * 4096),
3127 /* STDERR as well would be fine... */
3128 msyslog(LOG_WARNING, "'rlimit stacksize' specified but is not available on this system.");
3129 #endif /* RLIMIT_STACK */
3133 #if defined(RLIMIT_NOFILE)
3134 ntp_rlimit(RLIMIT_NOFILE,
3135 (rlim_t)(rlimit_av->value.i),
3139 /* STDERR as well would be fine... */
3140 msyslog(LOG_WARNING, "'rlimit filenum' specified but is not available on this system.");
3141 #endif /* RLIMIT_NOFILE */
3157 tinker = HEAD_PFIFO(ptree->tinker);
3158 for (; tinker != NULL; tinker = tinker->link) {
3159 switch (tinker->attr) {
3162 fatal_error("config_tinker: attr-token=%d", tinker->attr);
3177 item = LOOP_HUFFPUFF;
3189 item = LOOP_MAX_BACK;
3193 item = LOOP_MAX_FWD;
3197 item = LOOP_MINSTEP;
3204 loop_config(item, tinker->value.d);
3215 FREE_ATTR_VAL_FIFO(ptree->rlimit);
3223 FREE_ATTR_VAL_FIFO(ptree->tinker);
3225 #endif /* FREE_CFG_T */
3229 * config_nic_rules - apply interface listen/ignore/drop items
3235 int/*BOOL*/ input_from_file
3238 nic_rule_node * curr_node;
3240 nic_rule_match match_type;
3241 nic_rule_action action;
3247 curr_node = HEAD_PFIFO(ptree->nic_rules);
3249 if (curr_node != NULL
3250 && (HAVE_OPT( NOVIRTUALIPS ) || HAVE_OPT( INTERFACE ))) {
3252 "interface/nic rules are not allowed with --interface (-I) or --novirtualips (-L)%s",
3253 (input_from_file) ? ", exiting" : "");
3254 if (input_from_file)
3260 for (; curr_node != NULL; curr_node = curr_node->link) {
3262 if_name = curr_node->if_name;
3263 if (if_name != NULL)
3264 if_name = estrdup(if_name);
3266 switch (curr_node->match_class) {
3269 fatal_error("config_nic_rules: match-class-token=%d", curr_node->match_class);
3273 * 0 is out of range for valid token T_...
3274 * and in a nic_rules_node indicates the
3275 * interface descriptor is either a name or
3276 * address, stored in if_name in either case.
3278 INSIST(if_name != NULL);
3279 pchSlash = strchr(if_name, '/');
3280 if (pchSlash != NULL)
3282 if (is_ip_address(if_name, AF_UNSPEC, &addr)) {
3283 match_type = MATCH_IFADDR;
3284 if (pchSlash != NULL
3285 && 1 == sscanf(pchSlash + 1, "%d",
3288 SIZEOF_INADDR(AF(&addr));
3289 prefixlen = max(-1, prefixlen);
3290 prefixlen = min(prefixlen,
3294 match_type = MATCH_IFNAME;
3295 if (pchSlash != NULL)
3301 match_type = MATCH_ALL;
3305 match_type = MATCH_IPV4;
3309 match_type = MATCH_IPV6;
3313 match_type = MATCH_WILDCARD;
3317 switch (curr_node->action) {
3320 fatal_error("config_nic_rules: action-token=%d", curr_node->action);
3323 action = ACTION_LISTEN;
3327 action = ACTION_IGNORE;
3331 action = ACTION_DROP;
3335 add_nic_rule(match_type, if_name, prefixlen,
3337 timer_interfacetimeout(current_time + 2);
3338 if (if_name != NULL)
3347 free_config_nic_rules(
3351 nic_rule_node *curr_node;
3353 if (ptree->nic_rules != NULL) {
3355 UNLINK_FIFO(curr_node, *ptree->nic_rules, link);
3356 if (NULL == curr_node)
3358 free(curr_node->if_name);
3361 free(ptree->nic_rules);
3362 ptree->nic_rules = NULL;
3365 #endif /* FREE_CFG_T */
3369 apply_enable_disable(
3370 attr_val_fifo * fifo,
3374 attr_val *curr_tok_fifo;
3376 #ifdef BC_LIST_FRAMEWORK_NOT_YET_USED
3380 for (curr_tok_fifo = HEAD_PFIFO(fifo);
3381 curr_tok_fifo != NULL;
3382 curr_tok_fifo = curr_tok_fifo->link) {
3384 option = curr_tok_fifo->value.i;
3389 "can not apply enable/disable token %d, unknown",
3394 proto_config(PROTO_AUTHENTICATE, enable, 0., NULL);
3398 proto_config(PROTO_BROADCLIENT, enable, 0., NULL);
3402 proto_config(PROTO_CAL, enable, 0., NULL);
3406 proto_config(PROTO_KERNEL, enable, 0., NULL);
3410 proto_config(PROTO_MONITOR, enable, 0., NULL);
3414 proto_config(PROTO_MODE7, enable, 0., NULL);
3418 proto_config(PROTO_NTP, enable, 0., NULL);
3422 proto_config(PROTO_PCEDIGEST, enable, 0., NULL);
3426 proto_config(PROTO_FILEGEN, enable, 0., NULL);
3430 proto_config(PROTO_UECRYPTO, enable, 0., NULL);
3434 proto_config(PROTO_UECRYPTONAK, enable, 0., NULL);
3438 proto_config(PROTO_UEDIGEST, enable, 0., NULL);
3441 #ifdef BC_LIST_FRAMEWORK_NOT_YET_USED
3444 while (pentry->token) {
3445 if (pentry->token == option)
3449 if (!pentry->token) {
3451 "compat token %d not in bc_list[]",
3455 pentry->enabled = enable;
3468 apply_enable_disable(ptree->enable_opts, 1);
3469 apply_enable_disable(ptree->disable_opts, 0);
3475 free_config_system_opts(
3479 FREE_ATTR_VAL_FIFO(ptree->enable_opts);
3480 FREE_ATTR_VAL_FIFO(ptree->disable_opts);
3482 #endif /* FREE_CFG_T */
3492 my_lc = HEAD_PFIFO(ptree->logconfig);
3493 for (; my_lc != NULL; my_lc = my_lc->link) {
3494 switch (my_lc->attr) {
3497 ntp_syslogmask |= get_logmask(my_lc->value.s);
3501 ntp_syslogmask &= ~get_logmask(my_lc->value.s);
3505 ntp_syslogmask = get_logmask(my_lc->value.s);
3508 fatal_error("config-logconfig: modifier='%c'", my_lc->attr);
3516 free_config_logconfig(
3520 FREE_ATTR_VAL_FIFO(ptree->logconfig);
3522 #endif /* FREE_CFG_T */
3535 sn = HEAD_PFIFO(ptree->phone);
3536 for (; sn != NULL; sn = sn->link) {
3537 /* need to leave array entry for NULL terminator */
3538 if (i < COUNTOF(sys_phone) - 1) {
3539 sys_phone[i++] = estrdup(sn->s);
3540 sys_phone[i] = NULL;
3543 "phone: Number of phone entries exceeds %zu. Ignoring phone %s...",
3544 (COUNTOF(sys_phone) - 1), sn->s);
3555 #ifdef HAVE_DNSREGISTRATION
3556 extern int mdnstries;
3557 mdnstries = ptree->mdnstries;
3558 #endif /* HAVE_DNSREGISTRATION */
3567 FREE_STRING_FIFO(ptree->phone);
3569 #endif /* FREE_CFG_T */
3578 setvar_node *my_node;
3579 size_t varlen, vallen, octets;
3583 my_node = HEAD_PFIFO(ptree->setvar);
3584 for (; my_node != NULL; my_node = my_node->link) {
3585 varlen = strlen(my_node->var);
3586 vallen = strlen(my_node->val);
3587 octets = varlen + vallen + 1 + 1;
3588 str = erealloc(str, octets);
3589 snprintf(str, octets, "%s=%s", my_node->var,
3591 set_sys_var(str, octets, (my_node->isdefault)
3607 FREE_SETVAR_FIFO(ptree->setvar);
3609 #endif /* FREE_CFG_T */
3621 /* [Bug 3465] There is a built-in default for the TTLs. We must
3622 * overwrite 'sys_ttlmax' if we change that preset, and leave it
3625 curr_ttl = HEAD_PFIFO(ptree->ttl);
3626 for (; curr_ttl != NULL; curr_ttl = curr_ttl->link) {
3627 if (i < COUNTOF(sys_ttl))
3628 sys_ttl[i++] = (u_char)curr_ttl->i;
3631 "ttl: Number of TTL entries exceeds %zu. Ignoring TTL %d...",
3632 COUNTOF(sys_ttl), curr_ttl->i);
3634 if (0 != i) /* anything written back at all? */
3646 FREE_INT_FIFO(ptree->ttl);
3648 #endif /* FREE_CFG_T */
3657 addr_opts_node *curr_trap;
3659 sockaddr_u addr_sock;
3660 sockaddr_u peeraddr;
3661 struct interface *localaddr;
3662 struct addrinfo hints;
3664 settrap_parms *pstp;
3669 /* silence warning about addr_sock potentially uninitialized */
3670 AF(&addr_sock) = AF_UNSPEC;
3672 curr_trap = HEAD_PFIFO(ptree->trap);
3673 for (; curr_trap != NULL; curr_trap = curr_trap->link) {
3678 curr_opt = HEAD_PFIFO(curr_trap->options);
3679 for (; curr_opt != NULL; curr_opt = curr_opt->link) {
3680 if (T_Port == curr_opt->attr) {
3681 if (curr_opt->value.i < 1
3682 || curr_opt->value.i > USHRT_MAX) {
3684 "invalid port number "
3689 port = (u_short)curr_opt->value.i;
3691 else if (T_Interface == curr_opt->attr) {
3692 /* Resolve the interface address */
3693 ZERO_SOCK(&addr_sock);
3694 if (getnetnum(curr_opt->value.s,
3695 &addr_sock, 1, t_UNK) != 1) {
3700 localaddr = findinterface(&addr_sock);
3702 if (NULL == localaddr) {
3704 "can't find interface with address %s",
3711 /* Now process the trap for the specified interface
3717 ZERO_SOCK(&peeraddr);
3718 rc = getnetnum(curr_trap->addr->address,
3719 &peeraddr, 1, t_UNK);
3723 "trap: unable to use IP address %s.",
3724 curr_trap->addr->address);
3725 #else /* WORKER follows */
3727 * save context and hand it off
3728 * for name resolution.
3731 hints.ai_protocol = IPPROTO_UDP;
3732 hints.ai_socktype = SOCK_DGRAM;
3733 snprintf(port_text, sizeof(port_text),
3735 hints.ai_flags = Z_AI_NUMERICSERV;
3736 pstp = emalloc_zero(sizeof(*pstp));
3737 if (localaddr != NULL) {
3738 hints.ai_family = localaddr->family;
3739 pstp->ifaddr_nonnull = 1;
3740 memcpy(&pstp->ifaddr,
3742 sizeof(pstp->ifaddr));
3744 rc = getaddrinfo_sometime(
3745 curr_trap->addr->address,
3748 &trap_name_resolved,
3752 "config_trap: getaddrinfo_sometime(%s,%s): %m",
3753 curr_trap->addr->address,
3758 /* port is at same location for v4 and v6 */
3759 SET_PORT(&peeraddr, port);
3761 if (NULL == localaddr)
3762 localaddr = ANY_INTERFACE_CHOOSE(&peeraddr);
3764 AF(&peeraddr) = AF(&addr_sock);
3766 if (!ctlsettrap(&peeraddr, localaddr, 0,
3769 "set trap %s -> %s failed.",
3778 * trap_name_resolved()
3780 * Callback invoked when config_trap()'s DNS lookup completes.
3789 const char * service,
3790 const struct addrinfo * hints,
3791 const struct addrinfo * res
3794 settrap_parms *pstp;
3795 struct interface *localaddr;
3796 sockaddr_u peeraddr;
3804 "giving up resolving trap host %s: %s (%d)",
3805 name, gai_strerror(rescode), rescode);
3809 INSIST(sizeof(peeraddr) >= res->ai_addrlen);
3811 memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
3813 if (pstp->ifaddr_nonnull)
3814 localaddr = findinterface(&pstp->ifaddr);
3815 if (NULL == localaddr)
3816 localaddr = ANY_INTERFACE_CHOOSE(&peeraddr);
3817 if (!ctlsettrap(&peeraddr, localaddr, 0, NTP_VERSION))
3818 msyslog(LOG_ERR, "set trap %s -> %s failed.",
3819 latoa(localaddr), stoa(&peeraddr));
3822 # endif /* WORKER */
3832 FREE_ADDR_OPTS_FIFO(ptree->trap);
3834 #endif /* FREE_CFG_T */
3843 addr_opts_node *curr_fudge;
3845 sockaddr_u addr_sock;
3846 address_node *addr_node;
3847 struct refclockstat clock_stat;
3850 curr_fudge = HEAD_PFIFO(ptree->fudge);
3851 for (; curr_fudge != NULL; curr_fudge = curr_fudge->link) {
3854 /* Get the reference clock address and
3855 * ensure that it is sane
3857 addr_node = curr_fudge->addr;
3858 ZERO_SOCK(&addr_sock);
3859 if (getnetnum(addr_node->address, &addr_sock, 1, t_REF)
3863 "unrecognized fudge reference clock address %s, line ignored",
3864 addr_node->address);
3865 } else if (!ISREFCLOCKADR(&addr_sock)) {
3868 "inappropriate address %s for the fudge command, line ignored",
3872 /* Parse all the options to the fudge command */
3874 /* some things are not necessarily cleared by ZERO...*/
3875 clock_stat.fudgeminjitter = 0.0;
3876 clock_stat.fudgetime1 = 0.0;
3877 clock_stat.fudgetime2 = 0.0;
3878 clock_stat.p_lastcode = NULL;
3879 clock_stat.clockdesc = NULL;
3880 clock_stat.kv_list = NULL;
3881 curr_opt = HEAD_PFIFO(curr_fudge->options);
3882 for (; curr_opt != NULL; curr_opt = curr_opt->link) {
3883 switch (curr_opt->attr) {
3886 clock_stat.haveflags |= CLK_HAVETIME1;
3887 clock_stat.fudgetime1 = curr_opt->value.d;
3891 clock_stat.haveflags |= CLK_HAVETIME2;
3892 clock_stat.fudgetime2 = curr_opt->value.d;
3896 clock_stat.haveflags |= CLK_HAVEVAL1;
3897 clock_stat.fudgeval1 = curr_opt->value.i;
3901 clock_stat.haveflags |= CLK_HAVEVAL2;
3902 /* strncpy() does exactly what we want here: */
3903 strncpy((char*)&clock_stat.fudgeval2,
3904 curr_opt->value.s, 4);
3908 clock_stat.haveflags |= CLK_HAVEFLAG1;
3909 if (curr_opt->value.i)
3910 clock_stat.flags |= CLK_FLAG1;
3912 clock_stat.flags &= ~CLK_FLAG1;
3916 clock_stat.haveflags |= CLK_HAVEFLAG2;
3917 if (curr_opt->value.i)
3918 clock_stat.flags |= CLK_FLAG2;
3920 clock_stat.flags &= ~CLK_FLAG2;
3924 clock_stat.haveflags |= CLK_HAVEFLAG3;
3925 if (curr_opt->value.i)
3926 clock_stat.flags |= CLK_FLAG3;
3928 clock_stat.flags &= ~CLK_FLAG3;
3932 clock_stat.haveflags |= CLK_HAVEFLAG4;
3933 if (curr_opt->value.i)
3934 clock_stat.flags |= CLK_FLAG4;
3936 clock_stat.flags &= ~CLK_FLAG4;
3940 clock_stat.haveflags |= CLK_HAVEMINJIT;
3941 clock_stat.fudgeminjitter = curr_opt->value.d;
3946 "Unexpected fudge flag %s (%d) for %s",
3947 token_name(curr_opt->attr),
3948 curr_opt->attr, addr_node->address);
3949 exit(curr_opt->attr ? curr_opt->attr : 1);
3954 refclock_control(&addr_sock, &clock_stat, NULL);
3967 FREE_ADDR_OPTS_FIFO(ptree->fudge);
3969 #endif /* FREE_CFG_T */
3980 curr_var = HEAD_PFIFO(ptree->vars);
3981 for (; curr_var != NULL; curr_var = curr_var->link) {
3982 /* Determine which variable to set and set it */
3983 switch (curr_var->attr) {
3985 case T_Broadcastdelay:
3986 proto_config(PROTO_BROADDELAY, 0, curr_var->value.d, NULL);
3990 loop_config(LOOP_TICK, curr_var->value.d);
3994 if ('\0' == curr_var->value.s[0]) {
3995 stats_drift_file = 0;
3996 msyslog(LOG_INFO, "config: driftfile disabled");
3998 stats_config(STATS_FREQ_FILE, curr_var->value.s, 0);
4002 /* DSCP is in the upper 6 bits of the IP TOS/DS field */
4003 qos = curr_var->value.i << 2;
4007 sys_ident = curr_var->value.s;
4010 case T_WanderThreshold: /* FALLTHROUGH */
4012 wander_threshold = curr_var->value.d;
4016 stats_config(STATS_LEAP_FILE, curr_var->value.s, curr_var->flag);
4020 case T_Leapsmearinterval:
4021 leap_smear_intv = curr_var->value.i;
4022 msyslog(LOG_INFO, "config: leap smear interval %i s", leap_smear_intv);
4027 stats_config(STATS_PID_FILE, curr_var->value.s, 0);
4031 if (-1 == change_logfile(curr_var->value.s, TRUE))
4033 "Cannot open logfile %s: %m",
4037 case T_Saveconfigdir:
4038 if (saveconfigdir != NULL)
4039 free(saveconfigdir);
4040 len = strlen(curr_var->value.s);
4042 saveconfigdir = NULL;
4043 } else if (DIR_SEP != curr_var->value.s[len - 1]
4044 #ifdef SYS_WINNT /* slash is also a dir. sep. on Windows */
4045 && '/' != curr_var->value.s[len - 1]
4049 saveconfigdir = emalloc(len + 1);
4050 snprintf(saveconfigdir, len + 1,
4055 saveconfigdir = estrdup(
4062 if (curr_var->value.i > 2 && curr_var->value.i < 32)
4063 sys_automax = (u_char)curr_var->value.i;
4066 "'automax' value %d ignored",
4073 "config_vars(): unexpected token %d",
4086 FREE_ATTR_VAL_FIFO(ptree->vars);
4088 #endif /* FREE_CFG_T */
4091 /* Define a function to check if a resolved address is sane.
4092 * If yes, return 1, else return 0;
4095 is_sane_resolved_address(
4096 sockaddr_u * peeraddr,
4100 if (!ISREFCLOCKADR(peeraddr) && ISBADADR(peeraddr)) {
4102 "attempt to configure invalid address %s",
4107 * Shouldn't be able to specify:
4108 * - multicast address for server/peer!
4109 * - unicast address for manycastclient!
4111 if ((T_Server == hmode || T_Peer == hmode || T_Pool == hmode)
4112 && IS_MCAST(peeraddr)) {
4114 "attempt to configure invalid address %s",
4118 if (T_Manycastclient == hmode && !IS_MCAST(peeraddr)) {
4120 "attempt to configure invalid address %s",
4125 if (IS_IPV6(peeraddr) && !ipv6_works)
4128 /* Ok, all tests succeeded, now we can return 1 */
4135 get_correct_host_mode(
4143 case T_Manycastclient:
4150 return MODE_BROADCAST;
4159 * peerflag_bits() get config_peers() peerflags value from a
4160 * peer_node's queue of flag attr_val entries.
4172 /* translate peerflags options to bits */
4174 hmode = pn->host_mode;
4175 option = HEAD_PFIFO(pn->peerflags);
4176 for (; option != NULL; option = option->link) {
4177 switch (option->value.i) {
4180 fatal_error("peerflag_bits: option-token=%d", option->value.i);
4183 peerflags |= FLAG_SKEY;
4187 peerflags |= FLAG_BURST;
4191 peerflags |= FLAG_IBURST;
4195 peerflags |= FLAG_NOSELECT;
4199 peerflags |= FLAG_PREEMPT;
4203 peerflags |= FLAG_PREFER;
4207 peerflags |= FLAG_TRUE;
4211 peerflags |= FLAG_XLEAVE;
4215 if ( MODE_CLIENT == hmode ) {
4216 peerflags |= FLAG_LOOPNONCE;
4231 sockaddr_u peeraddr;
4232 struct addrinfo hints;
4233 peer_node * curr_peer;
4234 peer_resolved_ctx * ctx;
4237 /* add servers named on the command line with iburst implied */
4239 cmdline_server_count > 0;
4240 cmdline_server_count--, cmdline_servers++) {
4242 ZERO_SOCK(&peeraddr);
4244 * If we have a numeric address, we can safely
4245 * proceed in the mainline with it. Otherwise, hand
4246 * the hostname off to the blocking child.
4248 * Note that if we're told to add the peer here, we
4249 * do that regardless of ippeerlimit.
4251 if (is_ip_address(*cmdline_servers, AF_UNSPEC,
4254 SET_PORT(&peeraddr, NTP_PORT);
4255 if (is_sane_resolved_address(&peeraddr,
4271 /* we have a hostname to resolve */
4273 ctx = emalloc_zero(sizeof(*ctx));
4274 ctx->family = AF_UNSPEC;
4275 ctx->host_mode = T_Server;
4276 ctx->hmode = MODE_CLIENT;
4277 ctx->version = NTP_VERSION;
4278 ctx->flags = FLAG_IBURST;
4281 hints.ai_family = (u_short)ctx->family;
4282 hints.ai_socktype = SOCK_DGRAM;
4283 hints.ai_protocol = IPPROTO_UDP;
4285 getaddrinfo_sometime_ex(*cmdline_servers,
4288 &peer_name_resolved,
4289 (void *)ctx, DNSFLAGS);
4290 # else /* !WORKER follows */
4292 "hostname %s can not be used, please use IP address instead.",
4293 curr_peer->addr->address);
4298 /* add associations from the configuration file */
4299 curr_peer = HEAD_PFIFO(ptree->peers);
4300 for (; curr_peer != NULL; curr_peer = curr_peer->link) {
4301 ZERO_SOCK(&peeraddr);
4302 /* Find the correct host-mode */
4303 hmode = get_correct_host_mode(curr_peer->host_mode);
4306 if (T_Pool == curr_peer->host_mode) {
4307 AF(&peeraddr) = curr_peer->addr->type;
4310 curr_peer->addr->address,
4314 curr_peer->peerversion,
4317 peerflag_bits(curr_peer),
4322 * If we have a numeric address, we can safely
4323 * proceed in the mainline with it. Otherwise, hand
4324 * the hostname off to the blocking child.
4326 } else if (is_ip_address(curr_peer->addr->address,
4327 curr_peer->addr->type, &peeraddr)) {
4329 SET_PORT(&peeraddr, NTP_PORT);
4330 if (is_sane_resolved_address(&peeraddr,
4331 curr_peer->host_mode))
4338 curr_peer->peerversion,
4341 peerflag_bits(curr_peer),
4346 /* we have a hostname to resolve */
4348 ctx = emalloc_zero(sizeof(*ctx));
4349 ctx->family = curr_peer->addr->type;
4350 ctx->host_mode = curr_peer->host_mode;
4352 ctx->version = curr_peer->peerversion;
4353 ctx->minpoll = curr_peer->minpoll;
4354 ctx->maxpoll = curr_peer->maxpoll;
4355 ctx->flags = peerflag_bits(curr_peer);
4356 ctx->ttl = curr_peer->ttl;
4357 ctx->keyid = curr_peer->peerkey;
4358 ctx->group = curr_peer->group;
4361 hints.ai_family = ctx->family;
4362 hints.ai_socktype = SOCK_DGRAM;
4363 hints.ai_protocol = IPPROTO_UDP;
4365 getaddrinfo_sometime_ex(curr_peer->addr->address,
4368 &peer_name_resolved, ctx,
4370 # else /* !WORKER follows */
4372 "hostname %s can not be used, please use IP address instead.",
4373 curr_peer->addr->address);
4381 * peer_name_resolved()
4383 * Callback invoked when config_peers()'s DNS lookup completes.
4392 const char * service,
4393 const struct addrinfo * hints,
4394 const struct addrinfo * res
4397 sockaddr_u peeraddr;
4398 peer_resolved_ctx * ctx;
4400 const char * fam_spec;
4407 DPRINTF(1, ("peer_name_resolved(%s) rescode %d\n", name, rescode));
4412 "giving up resolving host %s: %s (%d)",
4413 name, gai_strerror(rescode), rescode);
4417 /* Loop to configure a single association */
4418 for (; res != NULL; res = res->ai_next) {
4419 memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
4420 if (is_sane_resolved_address(&peeraddr,
4422 NLOG(NLOG_SYSINFO) {
4424 fam_spec = (AF_INET6 == af)
4429 msyslog(LOG_INFO, "DNS %s %s-> %s",
4460 peer_node *curr_peer;
4462 if (ptree->peers != NULL) {
4464 UNLINK_FIFO(curr_peer, *ptree->peers, link);
4465 if (NULL == curr_peer)
4467 destroy_address_node(curr_peer->addr);
4468 destroy_attr_val_fifo(curr_peer->peerflags);
4472 ptree->peers = NULL;
4475 #endif /* FREE_CFG_T */
4484 sockaddr_u peeraddr;
4485 struct addrinfo hints;
4486 unpeer_node * curr_unpeer;
4491 curr_unpeer = HEAD_PFIFO(ptree->unpeers);
4492 for (; curr_unpeer != NULL; curr_unpeer = curr_unpeer->link) {
4494 * If we have no address attached, assume we have to
4495 * unpeer by AssocID.
4497 if (!curr_unpeer->addr) {
4498 p = findpeerbyassoc(curr_unpeer->assocID);
4500 msyslog(LOG_NOTICE, "unpeered %s",
4502 peer_clear(p, "GONE");
4509 AF(&peeraddr) = curr_unpeer->addr->type;
4510 name = curr_unpeer->addr->address;
4511 rc = getnetnum(name, &peeraddr, 0, t_UNK);
4512 /* Do we have a numeric address? */
4514 DPRINTF(1, ("unpeer: searching for %s\n",
4516 p = findexistingpeer(&peeraddr, NULL, NULL, -1, 0, NULL);
4518 msyslog(LOG_NOTICE, "unpeered %s",
4520 peer_clear(p, "GONE");
4526 * It's not a numeric IP address, it's a hostname.
4527 * Check for associations with a matching hostname.
4529 for (p = peer_list; p != NULL; p = p->p_link)
4530 if (p->hostname != NULL)
4531 if (!strcasecmp(p->hostname, name))
4534 msyslog(LOG_NOTICE, "unpeered %s", name);
4535 peer_clear(p, "GONE");
4538 /* Resolve the hostname to address(es). */
4541 hints.ai_family = curr_unpeer->addr->type;
4542 hints.ai_socktype = SOCK_DGRAM;
4543 hints.ai_protocol = IPPROTO_UDP;
4544 getaddrinfo_sometime(name, "ntp", &hints,
4546 &unpeer_name_resolved, NULL);
4547 # else /* !WORKER follows */
4549 "hostname %s can not be used, please use IP address instead.",
4558 * unpeer_name_resolved()
4560 * Callback invoked when config_unpeers()'s DNS lookup completes.
4564 unpeer_name_resolved(
4569 const char * service,
4570 const struct addrinfo * hints,
4571 const struct addrinfo * res
4574 sockaddr_u peeraddr;
4577 const char * fam_spec;
4581 DPRINTF(1, ("unpeer_name_resolved(%s) rescode %d\n", name, rescode));
4584 msyslog(LOG_ERR, "giving up resolving unpeer %s: %s (%d)",
4585 name, gai_strerror(rescode), rescode);
4589 * Loop through the addresses found
4591 for (; res != NULL; res = res->ai_next) {
4592 INSIST(res->ai_addrlen <= sizeof(peeraddr));
4593 memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
4594 DPRINTF(1, ("unpeer: searching for peer %s\n",
4596 peer = findexistingpeer(&peeraddr, NULL, NULL, -1, 0, NULL);
4599 fam_spec = (AF_INET6 == af)
4604 msyslog(LOG_NOTICE, "unpeered %s %s-> %s", name,
4605 fam_spec, stoa(&peeraddr));
4606 peer_clear(peer, "GONE");
4616 free_config_unpeers(
4620 unpeer_node *curr_unpeer;
4622 if (ptree->unpeers != NULL) {
4624 UNLINK_FIFO(curr_unpeer, *ptree->unpeers, link);
4625 if (NULL == curr_unpeer)
4627 destroy_address_node(curr_unpeer->addr);
4630 free(ptree->unpeers);
4633 #endif /* FREE_CFG_T */
4638 config_reset_counters(
4642 int_node *counter_set;
4644 for (counter_set = HEAD_PFIFO(ptree->reset_counters);
4645 counter_set != NULL;
4646 counter_set = counter_set->link) {
4647 switch (counter_set->i) {
4649 DPRINTF(1, ("config_reset_counters %s (%d) invalid\n",
4650 keyword(counter_set->i), counter_set->i));
4688 free_config_reset_counters(
4692 FREE_INT_FIFO(ptree->reset_counters);
4694 #endif /* FREE_CFG_T */
4704 server_info *serv_info;
4705 attr_val *init_stmt;
4708 /* Check if a simulate block was found in the configuration code.
4709 * If not, return an error and exit
4711 sim_n = HEAD_PFIFO(ptree->sim_details);
4712 if (NULL == sim_n) {
4713 fprintf(stderr, "ERROR!! I couldn't find a \"simulate\" block for configuring the simulator.\n");
4714 fprintf(stderr, "\tCheck your configuration file.\n");
4718 /* Process the initialization statements
4719 * -------------------------------------
4721 init_stmt = HEAD_PFIFO(sim_n->init_opts);
4722 for (; init_stmt != NULL; init_stmt = init_stmt->link) {
4723 switch(init_stmt->attr) {
4726 simulation.beep_delay = init_stmt->value.d;
4729 case T_Sim_Duration:
4730 simulation.end_time = init_stmt->value.d;
4735 "Unknown simulator init token %d\n",
4741 /* Process the server list
4742 * -----------------------
4744 simulation.num_of_servers = 0;
4745 serv_info = HEAD_PFIFO(sim_n->servers);
4746 for (; serv_info != NULL; serv_info = serv_info->link)
4747 simulation.num_of_servers++;
4748 simulation.servers = eallocarray(simulation.num_of_servers,
4749 sizeof(simulation.servers[0]));
4752 serv_info = HEAD_PFIFO(sim_n->servers);
4753 for (; serv_info != NULL; serv_info = serv_info->link) {
4754 if (NULL == serv_info) {
4755 fprintf(stderr, "Simulator server list is corrupt\n");
4758 simulation.servers[i] = *serv_info;
4759 simulation.servers[i].link = NULL;
4764 printf("Creating server associations\n");
4765 create_server_associations();
4766 fprintf(stderr,"\tServer associations successfully created!!\n");
4777 server_info *serv_n;
4778 script_info *script_n;
4780 if (NULL == ptree->sim_details)
4782 sim_n = HEAD_PFIFO(ptree->sim_details);
4783 free(ptree->sim_details);
4784 ptree->sim_details = NULL;
4788 FREE_ATTR_VAL_FIFO(sim_n->init_opts);
4790 UNLINK_FIFO(serv_n, *sim_n->servers, link);
4793 free(serv_n->curr_script);
4794 if (serv_n->script != NULL) {
4796 UNLINK_FIFO(script_n, *serv_n->script,
4798 if (script_n == NULL)
4802 free(serv_n->script);
4808 #endif /* FREE_CFG_T */
4812 /* Define two different config functions. One for the daemon and the other for
4813 * the simulator. The simulator ignores a lot of the standard ntpd configuration
4820 int/*BOOL*/ input_from_files
4823 /* [Bug 3435] check and esure clock sanity if configured from
4824 * file and clock sanity parameters (-> basedate) are given. Do
4825 * this ASAP, so we don't disturb the closed loop controller.
4827 if (input_from_files) {
4828 if (config_tos_clock(ptree))
4832 config_nic_rules(ptree, input_from_files);
4833 config_monitor(ptree);
4836 config_access(ptree);
4837 config_tinker(ptree);
4838 config_rlimit(ptree);
4839 config_system_opts(ptree);
4840 config_logconfig(ptree);
4841 config_phone(ptree);
4842 config_mdnstries(ptree);
4843 config_setvar(ptree);
4847 io_open_sockets(); /* [bug 2837] dep. on config_vars() */
4849 config_trap(ptree); /* [bug 2923] dep. on io_open_sockets() */
4850 config_other_modes(ptree);
4851 config_peers(ptree);
4852 config_unpeers(ptree);
4853 config_fudge(ptree);
4854 config_reset_counters(ptree);
4862 #ifdef TEST_BLOCKING_WORKER
4864 struct addrinfo hints;
4867 hints.ai_socktype = SOCK_STREAM;
4868 hints.ai_protocol = IPPROTO_TCP;
4869 getaddrinfo_sometime("www.cnn.com", "ntp", &hints,
4871 gai_test_callback, (void *)1);
4872 hints.ai_family = AF_INET6;
4873 getaddrinfo_sometime("ipv6.google.com", "ntp", &hints,
4875 gai_test_callback, (void *)0x600);
4888 printf("Configuring Simulator...\n");
4889 printf("Some ntpd-specific commands in the configuration file will be ignored.\n");
4892 config_monitor(ptree);
4893 config_tinker(ptree);
4895 config_rlimit(ptree); /* not needed for the simulator */
4896 config_system_opts(ptree);
4897 config_logconfig(ptree);
4905 * config_remotely() - implements ntpd side of ntpq :config
4909 sockaddr_u * remote_addr
4914 snprintf(origin, sizeof(origin), "remote config from %s",
4916 lex_init_stack(origin, NULL); /* no checking needed... */
4917 init_syntax_tree(&cfgt);
4921 cfgt.source.attr = CONF_SOURCE_NTPQ;
4922 cfgt.timestamp = time(NULL);
4923 cfgt.source.value.s = estrdup(stoa(remote_addr));
4925 DPRINTF(1, ("Finished Parsing!!\n"));
4927 save_and_apply_config_tree(FALSE);
4932 * getconfig() - process startup configuration file e.g /etc/ntp.conf
4943 atexit(free_all_config_trees);
4946 config_file = CONFIG_FILE;
4949 if (!ExpandEnvironmentStringsA(temp, config_file_storage,
4950 sizeof(config_file_storage))) {
4951 msyslog(LOG_ERR, "ExpandEnvironmentStrings CONFIG_FILE failed: %m");
4954 config_file = config_file_storage;
4956 temp = ALT_CONFIG_FILE;
4957 if (!ExpandEnvironmentStringsA(temp, alt_config_file_storage,
4958 sizeof(alt_config_file_storage))) {
4959 msyslog(LOG_ERR, "ExpandEnvironmentStrings ALT_CONFIG_FILE failed: %m");
4962 alt_config_file = alt_config_file_storage;
4963 #endif /* SYS_WINNT */
4966 * install a non default variable with this daemon version
4968 snprintf(line, sizeof(line), "daemon_version=\"%s\"", Version);
4969 set_sys_var(line, strlen(line) + 1, RO);
4972 * Set up for the first time step to install a variable showing
4973 * which syscall is being used to step.
4975 set_tod_using = &ntpd_set_tod_using;
4977 getCmdOpts(argc, argv);
4978 init_syntax_tree(&cfgt);
4980 !lex_init_stack(FindConfig(config_file), "r")
4982 /* If there is no config_file, try NetInfo. */
4983 && check_netinfo && !(config_netinfo = get_netinfo_config())
4984 #endif /* HAVE_NETINFO */
4986 msyslog(LOG_INFO, "getconfig: Couldn't open <%s>: %m", FindConfig(config_file));
4992 /* Under WinNT try alternate_config_file name, first NTP.CONF, then NTP.INI */
4994 if (!lex_init_stack(FindConfig(alt_config_file), "r")) {
4996 * Broadcast clients can sometimes run without
4997 * a configuration file.
4999 msyslog(LOG_INFO, "getconfig: Couldn't open <%s>: %m", FindConfig(alt_config_file));
5004 cfgt.source.value.s = estrdup(alt_config_file);
5005 #endif /* SYS_WINNT */
5007 cfgt.source.value.s = estrdup(config_file);
5010 /*** BULK OF THE PARSER ***/
5012 yydebug = !!(debug >= 5);
5017 DPRINTF(1, ("Finished Parsing!!\n"));
5019 cfgt.source.attr = CONF_SOURCE_FILE;
5020 cfgt.timestamp = time(NULL);
5022 save_and_apply_config_tree(TRUE);
5026 free_netinfo_config(config_netinfo);
5027 #endif /* HAVE_NETINFO */
5032 save_and_apply_config_tree(int/*BOOL*/ input_from_file)
5036 config_tree *punlinked;
5040 * Keep all the configuration trees applied since startup in
5041 * a list that can be used to dump the configuration back to
5044 ptree = emalloc(sizeof(*ptree));
5045 memcpy(ptree, &cfgt, sizeof(*ptree));
5048 LINK_TAIL_SLIST(cfg_tree_history, ptree, link, config_tree);
5051 if (HAVE_OPT( SAVECONFIGQUIT )) {
5056 dumpfile = fopen(OPT_ARG( SAVECONFIGQUIT ), "w");
5057 if (NULL == dumpfile) {
5060 "can not create save file %s, error %d %m\n",
5061 OPT_ARG(SAVECONFIGQUIT), err);
5065 dumpfailed = dump_all_config_trees(dumpfile, 0);
5068 "--saveconfigquit %s error %d\n",
5069 OPT_ARG( SAVECONFIGQUIT ),
5073 "configuration saved to %s\n",
5074 OPT_ARG( SAVECONFIGQUIT ));
5078 #endif /* SAVECONFIG */
5080 /* The actual configuration done depends on whether we are configuring the
5081 * simulator or the daemon. Perform a check and call the appropriate
5082 * function as needed.
5086 config_ntpd(ptree, input_from_file);
5088 config_ntpdsim(ptree);
5092 * With configure --disable-saveconfig, there's no use keeping
5093 * the config tree around after application, so free it.
5096 UNLINK_SLIST(punlinked, cfg_tree_history, ptree, link,
5098 INSIST(punlinked == ptree);
5099 free_config_tree(ptree);
5103 /* Hack to disambiguate 'server' statements for refclocks and network peers.
5104 * Please note the qualification 'hack'. It's just that.
5108 const address_node * addr
5111 return addr && addr->address && !strncmp(addr->address, "127.127.", 8);
5121 snprintf(line, sizeof(line), "settimeofday=\"%s\"", which);
5122 set_sys_var(line, strlen(line) + 1, RO);
5136 snprintf(buf, LIB_BUFLENGTH, "%g", d);
5138 /* use lowercase 'e', strip any leading zeroes in exponent */
5139 pch_e = strchr(buf, 'e');
5140 if (NULL == pch_e) {
5141 pch_e = strchr(buf, 'E');
5150 while ('0' == *pch_nz)
5152 if (pch_nz == pch_e)
5154 strlcpy(pch_e, pch_nz, LIB_BUFLENGTH - (pch_e - buf));
5160 /* FUNCTIONS COPIED FROM THE OLDER ntp_config.c
5161 * --------------------------------------------
5166 * get_pfxmatch - find value for prefixmatch
5167 * and update char * accordingly
5175 while (m->name != NULL) {
5176 if (strncmp(*pstr, m->name, strlen(m->name)) == 0) {
5177 *pstr += strlen(m->name);
5187 * get_match - find logmask value
5195 while (m->name != NULL) {
5196 if (strcmp(str, m->name) == 0)
5205 * get_logmask - build bitmask for ntp_syslogmask
5216 mask = get_match(str, logcfg_noclass_items);
5221 offset = get_pfxmatch(&t, logcfg_class);
5222 mask = get_match(t, logcfg_class_items);
5225 return mask << offset;
5227 msyslog(LOG_ERR, "logconfig: '%s' not recognized - ignored",
5237 * get_netinfo_config - find the nearest NetInfo domain with an ntp
5238 * configuration and initialize the configuration state.
5240 static struct netinfo_config_state *
5241 get_netinfo_config(void)
5246 struct netinfo_config_state *config;
5248 if (ni_open(NULL, ".", &domain) != NI_OK) return NULL;
5250 while ((status = ni_pathsearch(domain, &config_dir, NETINFO_CONFIG_DIR)) == NI_NODIR) {
5252 if (ni_open(domain, "..", &next_domain) != NI_OK) {
5253 ni_free(next_domain);
5257 domain = next_domain;
5259 if (status != NI_OK) {
5264 config = emalloc(sizeof(*config));
5265 config->domain = domain;
5266 config->config_dir = config_dir;
5267 config->prop_index = 0;
5268 config->val_index = 0;
5269 config->val_list = NULL;
5276 * free_netinfo_config - release NetInfo configuration state
5279 free_netinfo_config(
5280 struct netinfo_config_state *config
5283 ni_free(config->domain);
5289 * gettokens_netinfo - return tokens from NetInfo
5293 struct netinfo_config_state *config,
5298 int prop_index = config->prop_index;
5299 int val_index = config->val_index;
5300 char **val_list = config->val_list;
5303 * Iterate through each keyword and look for a property that matches it.
5307 for (; prop_index < COUNTOF(keywords); prop_index++)
5309 ni_namelist namelist;
5310 struct keyword current_prop = keywords[prop_index];
5314 * For each value associated in the property, we're going to return
5315 * a separate line. We squirrel away the values in the config state
5316 * so the next time through, we don't need to do this lookup.
5319 if (NI_OK == ni_lookupprop(config->domain,
5320 &config->config_dir, current_prop.text,
5323 /* Found the property, but it has no values */
5324 if (namelist.ni_namelist_len == 0) continue;
5328 (namelist.ni_namelist_len + 1),
5330 val_list = config->val_list;
5333 index < namelist.ni_namelist_len;
5337 value = namelist.ni_namelist_val[index];
5338 val_list[index] = estrdup(value);
5340 val_list[index] = NULL;
5344 ni_namelist_free(&namelist);
5346 config->prop_index = prop_index;
5349 /* No list; we're done here. */
5351 return CONFIG_UNKNOWN;
5354 * We have a list of values for the current property.
5355 * Iterate through them and return each in order.
5357 if (val_list[val_index]) {
5360 char *tokens = val_list[val_index];
5362 msyslog(LOG_INFO, "%s %s", keywords[prop_index].text, val_list[val_index]);
5364 (const char*)tokenlist[0] = keywords[prop_index].text;
5365 for (ntok = 1; ntok < MAXTOKENS; ntok++) {
5366 tokenlist[ntok] = tokens;
5367 while (!ISEOL(*tokens) && (!ISSPACE(*tokens) || quoted))
5368 quoted ^= (*tokens++ == '"');
5370 if (ISEOL(*tokens)) {
5373 } else { /* must be space */
5375 while (ISSPACE(*tokens))
5382 if (ntok == MAXTOKENS) {
5383 /* HMS: chomp it to lose the EOL? */
5385 "gettokens_netinfo: too many tokens. Ignoring: %s",
5388 *ntokens = ntok + 1;
5391 config->val_index++; /* HMS: Should this be in the 'else'? */
5393 return keywords[prop_index].keytype;
5396 /* We're done with the current property. */
5397 prop_index = ++config->prop_index;
5399 /* Free val_list and reset counters. */
5400 for (val_index = 0; val_list[val_index]; val_index++)
5401 free(val_list[val_index]);
5403 val_list = config->val_list = NULL;
5404 val_index = config->val_index = 0;
5408 #endif /* HAVE_NETINFO */
5412 * getnetnum - return a net number (this is crude, but careful)
5414 * returns 1 for success, and mysteriously, 0 for most failures, and
5415 * -1 if the address found is IPv6 and we believe IPv6 isn't working.
5423 enum gnn_type a_type /* ignored */
5426 REQUIRE(AF_UNSPEC == AF(addr) ||
5427 AF_INET == AF(addr) ||
5428 AF_INET6 == AF(addr));
5430 if (!is_ip_address(num, AF(addr), addr))
5433 if (IS_IPV6(addr) && !ipv6_works)
5436 # ifdef ISC_PLATFORM_HAVESALEN
5437 addr->sa.sa_len = SIZEOF_SOCKADDR(AF(addr));
5439 SET_PORT(addr, NTP_PORT);
5441 DPRINTF(2, ("getnetnum given %s, got %s\n", num, stoa(addr)));
5447 #if defined(HAVE_SETRLIMIT)
5453 const char * rl_sstr
5459 # ifdef RLIMIT_MEMLOCK
5460 case RLIMIT_MEMLOCK:
5461 if (HAVE_OPT( SAVECONFIGQUIT )) {
5465 * The default RLIMIT_MEMLOCK is very low on Linux systems.
5466 * Unless we increase this limit malloc calls are likely to
5467 * fail if we drop root privilege. To be useful the value
5468 * has to be larger than the largest ntpd resident set size.
5470 DPRINTF(2, ("ntp_rlimit: MEMLOCK: %d %s\n",
5471 (int)(rl_value / rl_scale), rl_sstr));
5472 rl.rlim_cur = rl.rlim_max = rl_value;
5473 if (setrlimit(RLIMIT_MEMLOCK, &rl) == -1)
5474 msyslog(LOG_ERR, "Cannot set RLIMIT_MEMLOCK: %m");
5476 # endif /* RLIMIT_MEMLOCK */
5478 # ifdef RLIMIT_NOFILE
5481 * For large systems the default file descriptor limit may
5484 DPRINTF(2, ("ntp_rlimit: NOFILE: %d %s\n",
5485 (int)(rl_value / rl_scale), rl_sstr));
5486 rl.rlim_cur = rl.rlim_max = rl_value;
5487 if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
5488 msyslog(LOG_ERR, "Cannot set RLIMIT_NOFILE: %m");
5490 # endif /* RLIMIT_NOFILE */
5492 # ifdef RLIMIT_STACK
5495 * Provide a way to set the stack limit to something
5496 * smaller, so that we don't lock a lot of unused
5499 DPRINTF(2, ("ntp_rlimit: STACK: %d %s pages\n",
5500 (int)(rl_value / rl_scale), rl_sstr));
5501 if (-1 == getrlimit(RLIMIT_STACK, &rl)) {
5502 msyslog(LOG_ERR, "getrlimit(RLIMIT_STACK) failed: %m");
5504 if (rl_value > rl.rlim_max) {
5505 msyslog(LOG_WARNING,
5506 "ntp_rlimit: using maximum allowed stack limit %lu instead of %lu.",
5507 (u_long)rl.rlim_max,
5509 rl_value = rl.rlim_max;
5511 rl.rlim_cur = rl_value;
5512 if (-1 == setrlimit(RLIMIT_STACK, &rl)) {
5514 "ntp_rlimit: Cannot set RLIMIT_STACK: %m");
5518 # endif /* RLIMIT_STACK */
5521 fatal_error("ntp_rlimit: unexpected RLIMIT case: %d", rl_what);
5524 #endif /* HAVE_SETRLIMIT */
5532 static char ifs[1024];
5536 if (iflags & INT_UP) {
5538 appendstr(ifs, sizeof ifs, "up");
5541 if (iflags & INT_PPP) {
5543 appendstr(ifs, sizeof ifs, "ppp");
5546 if (iflags & INT_LOOPBACK) {
5547 iflags &= ~INT_LOOPBACK;
5548 appendstr(ifs, sizeof ifs, "loopback");
5551 if (iflags & INT_BROADCAST) {
5552 iflags &= ~INT_BROADCAST;
5553 appendstr(ifs, sizeof ifs, "broadcast");
5556 if (iflags & INT_MULTICAST) {
5557 iflags &= ~INT_MULTICAST;
5558 appendstr(ifs, sizeof ifs, "multicast");
5561 if (iflags & INT_BCASTOPEN) {
5562 iflags &= ~INT_BCASTOPEN;
5563 appendstr(ifs, sizeof ifs, "bcastopen");
5566 if (iflags & INT_MCASTOPEN) {
5567 iflags &= ~INT_MCASTOPEN;
5568 appendstr(ifs, sizeof ifs, "mcastopen");
5571 if (iflags & INT_WILDCARD) {
5572 iflags &= ~INT_WILDCARD;
5573 appendstr(ifs, sizeof ifs, "wildcard");
5576 if (iflags & INT_MCASTIF) {
5577 iflags &= ~INT_MCASTIF;
5578 appendstr(ifs, sizeof ifs, "MCASTif");
5581 if (iflags & INT_PRIVACY) {
5582 iflags &= ~INT_PRIVACY;
5583 appendstr(ifs, sizeof ifs, "IPv6privacy");
5586 if (iflags & INT_BCASTXMIT) {
5587 iflags &= ~INT_BCASTXMIT;
5588 appendstr(ifs, sizeof ifs, "bcastxmit");
5594 snprintf(string, sizeof string, "%0x", iflags);
5595 appendstr(ifs, sizeof ifs, string);
5607 static char mfs[1024];
5611 if (mflags & RESM_NTPONLY) {
5612 mflags &= ~RESM_NTPONLY;
5613 appendstr(mfs, sizeof mfs, "ntponly");
5616 if (mflags & RESM_SOURCE) {
5617 mflags &= ~RESM_SOURCE;
5618 appendstr(mfs, sizeof mfs, "source");
5624 snprintf(string, sizeof string, "%0x", mflags);
5625 appendstr(mfs, sizeof mfs, string);
5637 static char rfs[1024];
5641 if (rflags & RES_FLAKE) {
5642 rflags &= ~RES_FLAKE;
5643 appendstr(rfs, sizeof rfs, "flake");
5646 if (rflags & RES_IGNORE) {
5647 rflags &= ~RES_IGNORE;
5648 appendstr(rfs, sizeof rfs, "ignore");
5651 if (rflags & RES_KOD) {
5653 appendstr(rfs, sizeof rfs, "kod");
5656 if (rflags & RES_MSSNTP) {
5657 rflags &= ~RES_MSSNTP;
5658 appendstr(rfs, sizeof rfs, "mssntp");
5661 if (rflags & RES_LIMITED) {
5662 rflags &= ~RES_LIMITED;
5663 appendstr(rfs, sizeof rfs, "limited");
5666 if (rflags & RES_LPTRAP) {
5667 rflags &= ~RES_LPTRAP;
5668 appendstr(rfs, sizeof rfs, "lptrap");
5671 if (rflags & RES_NOMODIFY) {
5672 rflags &= ~RES_NOMODIFY;
5673 appendstr(rfs, sizeof rfs, "nomodify");
5676 if (rflags & RES_NOMRULIST) {
5677 rflags &= ~RES_NOMRULIST;
5678 appendstr(rfs, sizeof rfs, "nomrulist");
5681 if (rflags & RES_NOEPEER) {
5682 rflags &= ~RES_NOEPEER;
5683 appendstr(rfs, sizeof rfs, "noepeer");
5686 if (rflags & RES_NOPEER) {
5687 rflags &= ~RES_NOPEER;
5688 appendstr(rfs, sizeof rfs, "nopeer");
5691 if (rflags & RES_NOQUERY) {
5692 rflags &= ~RES_NOQUERY;
5693 appendstr(rfs, sizeof rfs, "noquery");
5696 if (rflags & RES_DONTSERVE) {
5697 rflags &= ~RES_DONTSERVE;
5698 appendstr(rfs, sizeof rfs, "dontserve");
5701 if (rflags & RES_NOTRAP) {
5702 rflags &= ~RES_NOTRAP;
5703 appendstr(rfs, sizeof rfs, "notrap");
5706 if (rflags & RES_DONTTRUST) {
5707 rflags &= ~RES_DONTTRUST;
5708 appendstr(rfs, sizeof rfs, "notrust");
5711 if (rflags & RES_SRVRSPFUZ) {
5712 rflags &= ~RES_SRVRSPFUZ;
5713 appendstr(rfs, sizeof rfs, "srvrspfuz");
5716 if (rflags & RES_VERSION) {
5717 rflags &= ~RES_VERSION;
5718 appendstr(rfs, sizeof rfs, "version");
5724 snprintf(string, sizeof string, "%0x", rflags);
5725 appendstr(rfs, sizeof rfs, string);
5728 if ('\0' == rfs[0]) {
5729 appendstr(rfs, sizeof rfs, "(none)");
5743 if (*string != '\0') {
5744 (void)strlcat(string, ",", s);
5746 (void)strlcat(string, new, s);