diff options
Diffstat (limited to 'include/ntp.h')
-rw-r--r-- | include/ntp.h | 195 |
1 files changed, 106 insertions, 89 deletions
diff --git a/include/ntp.h b/include/ntp.h index d7e87582d708..38343f23a705 100644 --- a/include/ntp.h +++ b/include/ntp.h @@ -9,10 +9,9 @@ #include <ntp_fp.h> #include <ntp_types.h> +#include <ntp_lists.h> #include <ntp_stdlib.h> -#ifdef OPENSSL #include <ntp_crypto.h> -#endif /* OPENSSL */ #include <ntp_random.h> #include <ntp_net.h> @@ -90,12 +89,6 @@ typedef char s_char; # undef SO_SNDBUF # endif #endif -#ifndef TRUE -# define TRUE 1 -#endif /* TRUE */ -#ifndef FALSE -# define FALSE 0 -#endif /* FALSE */ /* * NTP protocol parameters. See section 3.2.6 of the specification. @@ -113,7 +106,7 @@ typedef char s_char; #define NTP_MAXDPOLL 10 /* log2 default max poll (~17 m) */ #define NTP_MAXPOLL 17 /* log2 max poll interval (~36 h) */ #define NTP_RETRY 3 /* max packet retries */ -#define NTP_MINPKT 1 /* log2 min interburst interval (2 s) */ +#define NTP_MINPKT 2 /* guard time (s) */ /* * Clock filter algorithm tuning parameters @@ -127,7 +120,6 @@ typedef char s_char; */ #define NTP_MINCLOCK 3 /* min survivors */ #define NTP_MAXCLOCK 10 /* max candidates */ -#define NTP_MAXASSOC 50 /* max associations */ #define MINDISPERSE .001 /* min distance */ #define MAXDISTANCE 1.5 /* max root distance (select threshold) */ #define CLOCK_SGATE 3. /* popcorn spike gate */ @@ -136,6 +128,7 @@ typedef char s_char; #define MAX_TTL 8 /* max ttl mapping vector size */ #define BEACON 7200 /* manycast beacon interval */ #define NTP_MAXEXTEN 2048 /* max extension field size */ +#define NTP_ORPHWAIT 300 /* orphan wair (s) */ /* * Miscellaneous stuff @@ -145,7 +138,7 @@ typedef char s_char; /* * Limits of things */ -#define MAXFILENAME 128 /* max length of file name */ +#define MAXFILENAME 256 /* max length of file name */ #define MAXHOSTNAME 512 /* max length of host/node name */ #define NTP_MAXSTRLEN 256 /* max string length */ @@ -163,10 +156,9 @@ typedef char s_char; #define SQUARE(x) ((x) * (x)) #define SQRT(x) (sqrt(x)) #define DIFF(x, y) (SQUARE((x) - (y))) -#define LOGTOD(a) ((a) < 0 ? 1. / (1L << -(a)) : \ - 1L << (int)(a)) /* log2 to double */ +#define LOGTOD(a) ldexp(1., (int)(a)) /* log2 to double */ #define UNIVAR(x) (SQUARE(.28867513 * LOGTOD(x))) /* std uniform distr */ -#define ULOGTOD(a) (1L << (int)(a)) /* ulog2 to double */ +#define ULOGTOD(a) ldexp(1., (int)(a)) /* ulog2 to double */ #define EVENT_TIMEOUT 0 /* one second, that is */ @@ -214,11 +206,12 @@ struct interface { #define INT_LOOPBACK 0x004 /* the loopback interface */ #define INT_BROADCAST 0x008 /* can broadcast out this interface */ #define INT_MULTICAST 0x010 /* can multicast out this interface */ -#define INT_BCASTOPEN 0x020 /* broadcast socket is open */ +#define INT_BCASTOPEN 0x020 /* broadcast receive socket is open */ #define INT_MCASTOPEN 0x040 /* multicasting enabled */ #define INT_WILDCARD 0x080 /* wildcard interface - usually skipped */ #define INT_MCASTIF 0x100 /* bound directly to MCAST address */ #define INT_PRIVACY 0x200 /* RFC 4941 IPv6 privacy address */ +#define INT_BCASTXMIT 0x400 /* socket setup to allow broadcasts */ /* * Define flasher bits (tests 1 through 11 in packet procedure) @@ -254,10 +247,14 @@ struct interface { * spec. */ struct peer { - struct peer *next; /* link pointer in peer hash */ - struct peer *ass_next; /* link pointer in associd hash */ + struct peer *p_link; /* link pointer in free & peer lists */ + struct peer *adr_link; /* link pointer in address hash */ + struct peer *aid_link; /* link pointer in associd hash */ struct peer *ilink; /* list of peers for interface */ sockaddr_u srcadr; /* address of remote host */ + char * hostname; /* if non-NULL, remote name */ + struct addrinfo *addrs; /* hostname query result */ + struct addrinfo *ai; /* position within addrs */ endpt * dstadr; /* local address */ associd_t associd; /* association ID */ u_char version; /* version number */ @@ -269,7 +266,8 @@ struct peer { u_char cast_flags; /* additional flags */ u_char last_event; /* last peer error code */ u_char num_events; /* number of error events */ - u_char ttl; /* ttl/refclock mode */ + u_int32 ttl; /* ttl/refclock mode */ + char *ident; /* group identifier name */ /* * Variables used by reference clock support @@ -298,7 +296,7 @@ struct peer { * Variables used by authenticated client */ keyid_t keyid; /* current key ID */ -#ifdef OPENSSL +#ifdef AUTOKEY #define clear_to_zero opcode u_int32 opcode; /* last request opcode */ associd_t assoc; /* peer association ID */ @@ -326,9 +324,9 @@ struct peer { int keynumber; /* current key number */ struct value encrypt; /* send encrypt values */ struct value sndval; /* send autokey values */ -#else /* OPENSSL */ +#else /* !AUTOKEY follows */ #define clear_to_zero status -#endif /* OPENSSL */ +#endif /* !AUTOKEY */ /* * Ephemeral state variables @@ -357,7 +355,7 @@ struct peer { double jitter; /* peer jitter (squares) */ double disp; /* peer dispersion */ double xleave; /* interleave delay */ - double bias; /* bias for NIC asymmetry */ + double bias; /* programmed offset bias */ /* * Variables used to correct for packet length and asymmetry. @@ -379,8 +377,6 @@ struct peer { int throttle; /* rate control */ u_long outdate; /* send time last packet */ u_long nextdate; /* send time next packet */ - u_long nextaction; /* peer local activity timeout (refclocks) */ - void (*action) (struct peer *); /* action timeout function */ /* * Statistic counters @@ -413,7 +409,7 @@ struct peer { * function. MODE_CONTROL and MODE_PRIVATE can appear in packets, * but those never survive to the transition function. * is a - */ +/ */ #define MODE_UNSPEC 0 /* unspecified (old version) */ #define MODE_ACTIVE 1 /* symmetric active mode */ #define MODE_PASSIVE 2 /* symmetric passive mode */ @@ -467,19 +463,13 @@ struct peer { */ #define CLEAR_TO_ZERO(p) ((char *)&((p)->clear_to_zero)) #define END_CLEAR_TO_ZERO(p) ((char *)&((p)->end_clear_to_zero)) -#define LEN_CLEAR_TO_ZERO (END_CLEAR_TO_ZERO((struct peer *)0) \ - - CLEAR_TO_ZERO((struct peer *)0)) +#define LEN_CLEAR_TO_ZERO(p) (END_CLEAR_TO_ZERO(p) - CLEAR_TO_ZERO(p)) #define CRYPTO_TO_ZERO(p) ((char *)&((p)->clear_to_zero)) #define END_CRYPTO_TO_ZERO(p) ((char *)&((p)->end_clear_to_zero)) #define LEN_CRYPTO_TO_ZERO (END_CRYPTO_TO_ZERO((struct peer *)0) \ - CRYPTO_TO_ZERO((struct peer *)0)) /* - * Reference clock identifiers (for pps signal) - */ -#define PPSREFID (u_int32)"PPS " /* used when pps controls stratum>1 */ - -/* * Reference clock types. Added as necessary. */ #define REFCLK_NONE 0 /* unknown or missing */ @@ -526,7 +516,9 @@ struct peer { #define REFCLK_ZYFER 42 /* Zyfer GPStarplus receiver */ #define REFCLK_RIPENCC 43 /* RIPE NCC Trimble driver */ #define REFCLK_NEOCLOCK4X 44 /* NeoClock4X DCF77 or TDF receiver */ -#define REFCLK_MAX 44 /* NeoClock4X DCF77 or TDF receiver */ +#define REFCLK_TSYNCPCI 45 /* Spectracom TSYNC PCI timing board */ +#define REFCLK_GPSDJSON 46 +#define REFCLK_MAX 46 /* @@ -564,13 +556,19 @@ struct pkt { * response, so the maximum total extension field length is 864 * octets. But, to handle humungus certificates, the bank must * be broke. + * + * The different definitions of the 'exten' field are here for + * the benefit of applications that want to send a packet from + * an auto variable in the stack - not using the AUTOKEY version + * saves 2KB of stack space. The receive buffer should ALWAYS be + * big enough to hold a full extended packet if the extension + * fields have to be parsed or skipped. */ -#ifdef OPENSSL - u_int32 exten[NTP_MAXEXTEN / 4]; /* max extension field */ -#else /* OPENSSL */ - u_int32 exten[1]; /* misused */ -#endif /* OPENSSL */ - u_char mac[MAX_MAC_LEN]; /* mac */ +#ifdef AUTOKEY + u_int32 exten[(NTP_MAXEXTEN + MAX_MAC_LEN) / sizeof(u_int32)]; +#else /* !AUTOKEY follows */ + u_int32 exten[(MAX_MAC_LEN) / sizeof(u_int32)]; +#endif /* !AUTOKEY */ }; /* @@ -581,10 +579,11 @@ struct pkt { #define PKT_LEAP(li_vn_mode) ((u_char)(((li_vn_mode) >> 6) & 0x3)) /* - * Stuff for putting things back into li_vn_mode + * Stuff for putting things back into li_vn_mode in packets and vn_mode + * in ntp_monitor.c's mon_entry. */ -#define PKT_LI_VN_MODE(li, vn, md) \ - ((u_char)((((li) << 6) & 0xc0) | (((vn) << 3) & 0x38) | ((md) & 0x7))) +#define VN_MODE(v, m) ((((v) & 7) << 3) | ((m) & 0x7)) +#define PKT_LI_VN_MODE(l, v, m) ((((l) & 3) << 6) | VN_MODE((v), (m))) /* @@ -622,7 +621,6 @@ struct pkt { #define EVNT_KERN 13 /* kernel event */ #define EVNT_TAI 14 /* TAI */ #define EVNT_LEAPVAL 15 /* stale leapsecond values */ -#define EVNT_CLKHOP 16 /* clockhop */ /* * Peer event codes @@ -642,7 +640,6 @@ struct pkt { #define PEVNT_POPCORN (13 | PEER_EVENT) /* popcorn */ #define PEVNT_XLEAVE (14 | PEER_EVENT) /* interleave mode */ #define PEVNT_XERR (15 | PEER_EVENT) /* interleave error */ -#define PEVNT_TAI (16 | PEER_EVENT) /* TAI */ /* * Clock event codes @@ -666,9 +663,9 @@ struct pkt { * To speed lookups, peers are hashed by the low order bits of the * remote IP address. These definitions relate to that. */ -#define NTP_HASH_SIZE 128 -#define NTP_HASH_MASK (NTP_HASH_SIZE-1) -#define NTP_HASH_ADDR(src) sock_hash(src) +#define NTP_HASH_SIZE 128 +#define NTP_HASH_MASK (NTP_HASH_SIZE-1) +#define NTP_HASH_ADDR(src) (sock_hash(src) & NTP_HASH_MASK) /* * min, min3 and max. Makes it easier to transliterate the spec without @@ -704,16 +701,18 @@ struct pkt { #define PROTO_CALLDELAY 20 #define PROTO_MINDISP 21 #define PROTO_MAXDIST 22 -#define PROTO_ADJ 23 + /* available 23 */ #define PROTO_MAXHOP 24 #define PROTO_BEACON 25 #define PROTO_ORPHAN 26 +#define PROTO_ORPHWAIT 27 +#define PROTO_MODE7 28 /* * Configuration items for the loop filter */ -#define LOOP_DRIFTINIT 1 /* set initial frequency offset */ -#define LOOP_DRIFTCOMP 2 /* set frequency offset */ +#define LOOP_DRIFTINIT 1 /* iniitialize frequency */ +#define LOOP_KERN_CLEAR 2 /* set initial frequency offset */ #define LOOP_MAX 3 /* set step offset */ #define LOOP_PANIC 4 /* set panic offseet */ #define LOOP_PHI 5 /* set dispersion rate */ @@ -722,9 +721,9 @@ struct pkt { #define LOOP_ALLAN 8 /* set minimum Allan intercept */ #define LOOP_HUFFPUFF 9 /* set huff-n'-puff filter length */ #define LOOP_FREQ 10 /* set initial frequency */ -#define LOOP_KERN_CLEAR 11 /* reset kernel pll parameters */ -#define LOOP_CODEC 12 /* set audio codec frequency */ -#define LOOP_LEAP 13 /* insert leap after second 23:59 */ +#define LOOP_CODEC 11 /* set audio codec frequency */ +#define LOOP_LEAP 12 /* insert leap after second 23:59 */ +#define LOOP_TICK 13 /* sim. low precision clock */ /* * Configuration items for the stats printer @@ -744,40 +743,51 @@ struct pkt { /* * Structure used optionally for monitoring when this is turned on. */ +typedef struct mon_data mon_entry; struct mon_data { - struct mon_data *hash_next; /* next structure in hash list */ - struct mon_data *mru_next; /* next structure in MRU list */ - struct mon_data *mru_prev; /* previous structure in MRU list */ - int flags; /* restrict flags */ - int leak; /* leaky bucket accumulator */ - int count; /* total packet count */ - u_long firsttime; /* first time found */ - u_long lasttime; /* last time found */ - sockaddr_u rmtadr; /* address of remote host */ - struct interface *interface; /* interface on which this arrived */ - u_short rmtport; /* remote port last came from */ - u_char mode; /* packet mode */ - u_char version; /* packet version */ - u_char cast_flags; /* flags MDF_?CAST */ + mon_entry * hash_next; /* next structure in hash list */ + DECL_DLIST_LINK(mon_entry, mru);/* MRU list link pointers */ + struct interface * lcladr; /* address on which this arrived */ + l_fp first; /* first time seen */ + l_fp last; /* last time seen */ + int leak; /* leaky bucket accumulator */ + int count; /* total packet count */ + u_short flags; /* restrict flags */ + u_char vn_mode; /* packet mode & version */ + u_char cast_flags; /* flags MDF_?CAST */ + sockaddr_u rmtadr; /* address of remote host */ }; /* - * Values for cast_flags + * Values for cast_flags in mon_entry and struct peer. mon_entry uses + * only the first three, MDF_UCAST, MDF_MCAST, and MDF_BCAST. */ -#define MDF_UCAST 0x01 /* unicast */ -#define MDF_MCAST 0x02 /* multicast */ -#define MDF_BCAST 0x04 /* broadcast */ -#define MDF_LCAST 0x08 /* localcast */ -#define MDF_ACAST 0x10 /* manycast */ -#define MDF_BCLNT 0x20 /* broadcast client */ -#define MDF_ACLNT 0x40 /* manycast client */ - +#define MDF_UCAST 0x01 /* unicast client */ +#define MDF_MCAST 0x02 /* multicast server */ +#define MDF_BCAST 0x04 /* broadcast server */ +#define MDF_POOL 0x08 /* pool client solicitor */ +#define MDF_ACAST 0x10 /* manycast client solicitor */ +#define MDF_BCLNT 0x20 /* eph. broadcast/multicast client */ +#define MDF_UCLNT 0x40 /* preemptible manycast or pool client */ +/* + * In the context of struct peer in ntpd, three of the cast_flags bits + * represent configured associations which never receive packets, and + * whose reach is always 0: MDF_BCAST, MDF_MCAST, and MDF_ACAST. The + * last can be argued as responses are received, but those responses do + * not affect the MDF_ACAST association's reach register, rather they + * (may) result in mobilizing ephemeral MDF_ACLNT associations. + */ +#define MDF_TXONLY_MASK (MDF_BCAST | MDF_MCAST | MDF_ACAST | MDF_POOL) +/* + * manycastclient-like solicitor association cast_flags bits + */ +#define MDF_SOLICIT_MASK (MDF_ACAST | MDF_POOL) /* * Values used with mon_enabled to indicate reason for enabling monitoring */ -#define MON_OFF 0x00 /* no monitoring */ -#define MON_ON 0x01 /* monitoring explicitly enabled */ -#define MON_RES 0x02 /* implicit monitoring for RES_LIMITED */ +#define MON_OFF 0x00 /* no monitoring */ +#define MON_ON 0x01 /* monitoring explicitly enabled */ +#define MON_RES 0x02 /* implicit monitoring for RES_LIMITED */ /* * Structure used for restrictlist entries */ @@ -797,6 +807,7 @@ struct restrict_u_tag { u_int32 count; /* number of packets matched */ u_short flags; /* accesslist flags */ u_short mflags; /* match flags */ + u_long expire; /* valid until time */ union { /* variant starting here */ res_addr4 v4; res_addr6 v6; @@ -807,7 +818,6 @@ struct restrict_u_tag { #define V6_SIZEOF_RESTRICT_U (offsetof(restrict_u, u) \ + sizeof(res_addr6)) - /* * Access flags */ @@ -826,20 +836,23 @@ struct restrict_u_tag { #define RES_NOTRAP 0x0100 /* mode 6/7 set trap denied */ #define RES_LPTRAP 0x0200 /* mode 6/7 low priority trap */ -#define RES_KOD 0x0400 /* send kiss of death packet */ +#define RES_KOD 0x0400 /* send kiss of death packet */ #define RES_MSSNTP 0x0800 /* enable MS-SNTP authentication */ -#define RES_TIMEOUT 0x1000 /* timeout this entry */ +#define RES_FLAKE 0x1000 /* flakeway - drop 10% */ +#define RES_NOMRULIST 0x2000 /* mode 6 mrulist denied */ -#define RES_ALLFLAGS (RES_FLAGS | RES_NOQUERY |\ - RES_NOMODIFY | RES_NOTRAP |\ - RES_LPTRAP | RES_KOD |\ - RES_MSSNTP | RES_TIMEOUT) +#define RES_ALLFLAGS (RES_FLAGS | RES_NOQUERY | \ + RES_NOMODIFY | RES_NOTRAP | \ + RES_LPTRAP | RES_KOD | \ + RES_MSSNTP | RES_FLAKE | \ + RES_NOMRULIST) /* * Match flags */ #define RESM_INTERFACE 0x1000 /* this is an interface */ -#define RESM_NTPONLY 0x2000 /* match ntp port only */ +#define RESM_NTPONLY 0x2000 /* match source port 123 */ +#define RESM_SOURCE 0x4000 /* from "restrict source" */ /* * Restriction configuration ops @@ -847,7 +860,7 @@ struct restrict_u_tag { #define RESTRICT_FLAGS 1 /* add flags to restrict entry */ #define RESTRICT_UNFLAG 2 /* remove flags from restrict entry */ #define RESTRICT_REMOVE 3 /* remove a restrict entry */ -#define RESTRICT_REMOVEIF 4 /* remove an interface restrict entry */ +#define RESTRICT_REMOVEIF 4 /* remove an interface restrict entry */ /* * Endpoint structure for the select algorithm @@ -865,7 +878,7 @@ struct endpoint { #define AM_PROCPKT 1 /* server/symmetric packet */ #define AM_BCST 2 /* broadcast packet */ #define AM_FXMIT 3 /* client packet */ -#define AM_MANYCAST 4 /* manycast packet */ +#define AM_MANYCAST 4 /* manycast or pool */ #define AM_NEWPASS 5 /* new passive */ #define AM_NEWBCL 6 /* new broadcast */ #define AM_POSSBCL 7 /* discard broadcast */ @@ -875,4 +888,8 @@ struct endpoint { #define NETINFO_CONFIG_DIR "/config/ntp" #endif +/* ntpq -c mrulist rows per request limit in ntpd */ +#define MRU_ROW_LIMIT 256 +/* similar datagrams per response limit for ntpd */ +#define MRU_FRAGS_LIMIT 128 #endif /* NTP_H */ |