diff options
author | Xin LI <delphij@FreeBSD.org> | 2018-02-28 07:59:55 +0000 |
---|---|---|
committer | Xin LI <delphij@FreeBSD.org> | 2018-02-28 07:59:55 +0000 |
commit | 091002585974d17c9533f943ec351c13a69788ab (patch) | |
tree | bbec1fc0a4b38e43c77b88d63529f7c983f36704 /contrib/ntp/ntpd/ntp_control.c | |
parent | 230061c53d4087036d9555911b73b63af26b1f50 (diff) | |
parent | d14ac12f8738acac881f20b4d6244cfc22c68ead (diff) | |
download | src-091002585974d17c9533f943ec351c13a69788ab.tar.gz src-091002585974d17c9533f943ec351c13a69788ab.zip |
MFV r330102: ntp 4.2.8p11
Notes
Notes:
svn path=/head/; revision=330104
Diffstat (limited to 'contrib/ntp/ntpd/ntp_control.c')
-rw-r--r-- | contrib/ntp/ntpd/ntp_control.c | 466 |
1 files changed, 261 insertions, 205 deletions
diff --git a/contrib/ntp/ntpd/ntp_control.c b/contrib/ntp/ntpd/ntp_control.c index a18a4d3007e0..d98f6aa50886 100644 --- a/contrib/ntp/ntpd/ntp_control.c +++ b/contrib/ntp/ntpd/ntp_control.c @@ -176,56 +176,58 @@ static const struct ctl_proc control_codes[] = { #define CS_SS_LIMITED 41 #define CS_SS_KODSENT 42 #define CS_SS_PROCESSED 43 -#define CS_PEERADR 44 -#define CS_PEERMODE 45 -#define CS_BCASTDELAY 46 -#define CS_AUTHDELAY 47 -#define CS_AUTHKEYS 48 -#define CS_AUTHFREEK 49 -#define CS_AUTHKLOOKUPS 50 -#define CS_AUTHKNOTFOUND 51 -#define CS_AUTHKUNCACHED 52 -#define CS_AUTHKEXPIRED 53 -#define CS_AUTHENCRYPTS 54 -#define CS_AUTHDECRYPTS 55 -#define CS_AUTHRESET 56 -#define CS_K_OFFSET 57 -#define CS_K_FREQ 58 -#define CS_K_MAXERR 59 -#define CS_K_ESTERR 60 -#define CS_K_STFLAGS 61 -#define CS_K_TIMECONST 62 -#define CS_K_PRECISION 63 -#define CS_K_FREQTOL 64 -#define CS_K_PPS_FREQ 65 -#define CS_K_PPS_STABIL 66 -#define CS_K_PPS_JITTER 67 -#define CS_K_PPS_CALIBDUR 68 -#define CS_K_PPS_CALIBS 69 -#define CS_K_PPS_CALIBERRS 70 -#define CS_K_PPS_JITEXC 71 -#define CS_K_PPS_STBEXC 72 +#define CS_SS_LAMPORT 44 +#define CS_SS_TSROUNDING 45 +#define CS_PEERADR 46 +#define CS_PEERMODE 47 +#define CS_BCASTDELAY 48 +#define CS_AUTHDELAY 49 +#define CS_AUTHKEYS 50 +#define CS_AUTHFREEK 51 +#define CS_AUTHKLOOKUPS 52 +#define CS_AUTHKNOTFOUND 53 +#define CS_AUTHKUNCACHED 54 +#define CS_AUTHKEXPIRED 55 +#define CS_AUTHENCRYPTS 56 +#define CS_AUTHDECRYPTS 57 +#define CS_AUTHRESET 58 +#define CS_K_OFFSET 59 +#define CS_K_FREQ 60 +#define CS_K_MAXERR 61 +#define CS_K_ESTERR 62 +#define CS_K_STFLAGS 63 +#define CS_K_TIMECONST 64 +#define CS_K_PRECISION 65 +#define CS_K_FREQTOL 66 +#define CS_K_PPS_FREQ 67 +#define CS_K_PPS_STABIL 68 +#define CS_K_PPS_JITTER 69 +#define CS_K_PPS_CALIBDUR 70 +#define CS_K_PPS_CALIBS 71 +#define CS_K_PPS_CALIBERRS 72 +#define CS_K_PPS_JITEXC 73 +#define CS_K_PPS_STBEXC 74 #define CS_KERN_FIRST CS_K_OFFSET #define CS_KERN_LAST CS_K_PPS_STBEXC -#define CS_IOSTATS_RESET 73 -#define CS_TOTAL_RBUF 74 -#define CS_FREE_RBUF 75 -#define CS_USED_RBUF 76 -#define CS_RBUF_LOWATER 77 -#define CS_IO_DROPPED 78 -#define CS_IO_IGNORED 79 -#define CS_IO_RECEIVED 80 -#define CS_IO_SENT 81 -#define CS_IO_SENDFAILED 82 -#define CS_IO_WAKEUPS 83 -#define CS_IO_GOODWAKEUPS 84 -#define CS_TIMERSTATS_RESET 85 -#define CS_TIMER_OVERRUNS 86 -#define CS_TIMER_XMTS 87 -#define CS_FUZZ 88 -#define CS_WANDER_THRESH 89 -#define CS_LEAPSMEARINTV 90 -#define CS_LEAPSMEAROFFS 91 +#define CS_IOSTATS_RESET 75 +#define CS_TOTAL_RBUF 76 +#define CS_FREE_RBUF 77 +#define CS_USED_RBUF 78 +#define CS_RBUF_LOWATER 79 +#define CS_IO_DROPPED 80 +#define CS_IO_IGNORED 81 +#define CS_IO_RECEIVED 82 +#define CS_IO_SENT 83 +#define CS_IO_SENDFAILED 84 +#define CS_IO_WAKEUPS 85 +#define CS_IO_GOODWAKEUPS 86 +#define CS_TIMERSTATS_RESET 87 +#define CS_TIMER_OVERRUNS 88 +#define CS_TIMER_XMTS 89 +#define CS_FUZZ 90 +#define CS_WANDER_THRESH 91 +#define CS_LEAPSMEARINTV 92 +#define CS_LEAPSMEAROFFS 93 #define CS_MAX_NOAUTOKEY CS_LEAPSMEAROFFS #ifdef AUTOKEY #define CS_FLAGS (1 + CS_MAX_NOAUTOKEY) @@ -376,55 +378,57 @@ static const struct ctl_var sys_var[] = { { CS_SS_LIMITED, RO, "ss_limited" }, /* 41 */ { CS_SS_KODSENT, RO, "ss_kodsent" }, /* 42 */ { CS_SS_PROCESSED, RO, "ss_processed" }, /* 43 */ - { CS_PEERADR, RO, "peeradr" }, /* 44 */ - { CS_PEERMODE, RO, "peermode" }, /* 45 */ - { CS_BCASTDELAY, RO, "bcastdelay" }, /* 46 */ - { CS_AUTHDELAY, RO, "authdelay" }, /* 47 */ - { CS_AUTHKEYS, RO, "authkeys" }, /* 48 */ - { CS_AUTHFREEK, RO, "authfreek" }, /* 49 */ - { CS_AUTHKLOOKUPS, RO, "authklookups" }, /* 50 */ - { CS_AUTHKNOTFOUND, RO, "authknotfound" }, /* 51 */ - { CS_AUTHKUNCACHED, RO, "authkuncached" }, /* 52 */ - { CS_AUTHKEXPIRED, RO, "authkexpired" }, /* 53 */ - { CS_AUTHENCRYPTS, RO, "authencrypts" }, /* 54 */ - { CS_AUTHDECRYPTS, RO, "authdecrypts" }, /* 55 */ - { CS_AUTHRESET, RO, "authreset" }, /* 56 */ - { CS_K_OFFSET, RO, "koffset" }, /* 57 */ - { CS_K_FREQ, RO, "kfreq" }, /* 58 */ - { CS_K_MAXERR, RO, "kmaxerr" }, /* 59 */ - { CS_K_ESTERR, RO, "kesterr" }, /* 60 */ - { CS_K_STFLAGS, RO, "kstflags" }, /* 61 */ - { CS_K_TIMECONST, RO, "ktimeconst" }, /* 62 */ - { CS_K_PRECISION, RO, "kprecis" }, /* 63 */ - { CS_K_FREQTOL, RO, "kfreqtol" }, /* 64 */ - { CS_K_PPS_FREQ, RO, "kppsfreq" }, /* 65 */ - { CS_K_PPS_STABIL, RO, "kppsstab" }, /* 66 */ - { CS_K_PPS_JITTER, RO, "kppsjitter" }, /* 67 */ - { CS_K_PPS_CALIBDUR, RO, "kppscalibdur" }, /* 68 */ - { CS_K_PPS_CALIBS, RO, "kppscalibs" }, /* 69 */ - { CS_K_PPS_CALIBERRS, RO, "kppscaliberrs" }, /* 70 */ - { CS_K_PPS_JITEXC, RO, "kppsjitexc" }, /* 71 */ - { CS_K_PPS_STBEXC, RO, "kppsstbexc" }, /* 72 */ - { CS_IOSTATS_RESET, RO, "iostats_reset" }, /* 73 */ - { CS_TOTAL_RBUF, RO, "total_rbuf" }, /* 74 */ - { CS_FREE_RBUF, RO, "free_rbuf" }, /* 75 */ - { CS_USED_RBUF, RO, "used_rbuf" }, /* 76 */ - { CS_RBUF_LOWATER, RO, "rbuf_lowater" }, /* 77 */ - { CS_IO_DROPPED, RO, "io_dropped" }, /* 78 */ - { CS_IO_IGNORED, RO, "io_ignored" }, /* 79 */ - { CS_IO_RECEIVED, RO, "io_received" }, /* 80 */ - { CS_IO_SENT, RO, "io_sent" }, /* 81 */ - { CS_IO_SENDFAILED, RO, "io_sendfailed" }, /* 82 */ - { CS_IO_WAKEUPS, RO, "io_wakeups" }, /* 83 */ - { CS_IO_GOODWAKEUPS, RO, "io_goodwakeups" }, /* 84 */ - { CS_TIMERSTATS_RESET, RO, "timerstats_reset" },/* 85 */ - { CS_TIMER_OVERRUNS, RO, "timer_overruns" }, /* 86 */ - { CS_TIMER_XMTS, RO, "timer_xmts" }, /* 87 */ - { CS_FUZZ, RO, "fuzz" }, /* 88 */ - { CS_WANDER_THRESH, RO, "clk_wander_threshold" }, /* 89 */ - - { CS_LEAPSMEARINTV, RO, "leapsmearinterval" }, /* 90 */ - { CS_LEAPSMEAROFFS, RO, "leapsmearoffset" }, /* 91 */ + { CS_SS_LAMPORT, RO, "ss_lamport" }, /* 44 */ + { CS_SS_TSROUNDING, RO, "ss_tsrounding" }, /* 45 */ + { CS_PEERADR, RO, "peeradr" }, /* 46 */ + { CS_PEERMODE, RO, "peermode" }, /* 47 */ + { CS_BCASTDELAY, RO, "bcastdelay" }, /* 48 */ + { CS_AUTHDELAY, RO, "authdelay" }, /* 49 */ + { CS_AUTHKEYS, RO, "authkeys" }, /* 50 */ + { CS_AUTHFREEK, RO, "authfreek" }, /* 51 */ + { CS_AUTHKLOOKUPS, RO, "authklookups" }, /* 52 */ + { CS_AUTHKNOTFOUND, RO, "authknotfound" }, /* 53 */ + { CS_AUTHKUNCACHED, RO, "authkuncached" }, /* 54 */ + { CS_AUTHKEXPIRED, RO, "authkexpired" }, /* 55 */ + { CS_AUTHENCRYPTS, RO, "authencrypts" }, /* 56 */ + { CS_AUTHDECRYPTS, RO, "authdecrypts" }, /* 57 */ + { CS_AUTHRESET, RO, "authreset" }, /* 58 */ + { CS_K_OFFSET, RO, "koffset" }, /* 59 */ + { CS_K_FREQ, RO, "kfreq" }, /* 60 */ + { CS_K_MAXERR, RO, "kmaxerr" }, /* 61 */ + { CS_K_ESTERR, RO, "kesterr" }, /* 62 */ + { CS_K_STFLAGS, RO, "kstflags" }, /* 63 */ + { CS_K_TIMECONST, RO, "ktimeconst" }, /* 64 */ + { CS_K_PRECISION, RO, "kprecis" }, /* 65 */ + { CS_K_FREQTOL, RO, "kfreqtol" }, /* 66 */ + { CS_K_PPS_FREQ, RO, "kppsfreq" }, /* 67 */ + { CS_K_PPS_STABIL, RO, "kppsstab" }, /* 68 */ + { CS_K_PPS_JITTER, RO, "kppsjitter" }, /* 69 */ + { CS_K_PPS_CALIBDUR, RO, "kppscalibdur" }, /* 70 */ + { CS_K_PPS_CALIBS, RO, "kppscalibs" }, /* 71 */ + { CS_K_PPS_CALIBERRS, RO, "kppscaliberrs" }, /* 72 */ + { CS_K_PPS_JITEXC, RO, "kppsjitexc" }, /* 73 */ + { CS_K_PPS_STBEXC, RO, "kppsstbexc" }, /* 74 */ + { CS_IOSTATS_RESET, RO, "iostats_reset" }, /* 75 */ + { CS_TOTAL_RBUF, RO, "total_rbuf" }, /* 76 */ + { CS_FREE_RBUF, RO, "free_rbuf" }, /* 77 */ + { CS_USED_RBUF, RO, "used_rbuf" }, /* 78 */ + { CS_RBUF_LOWATER, RO, "rbuf_lowater" }, /* 79 */ + { CS_IO_DROPPED, RO, "io_dropped" }, /* 80 */ + { CS_IO_IGNORED, RO, "io_ignored" }, /* 81 */ + { CS_IO_RECEIVED, RO, "io_received" }, /* 82 */ + { CS_IO_SENT, RO, "io_sent" }, /* 83 */ + { CS_IO_SENDFAILED, RO, "io_sendfailed" }, /* 84 */ + { CS_IO_WAKEUPS, RO, "io_wakeups" }, /* 85 */ + { CS_IO_GOODWAKEUPS, RO, "io_goodwakeups" }, /* 86 */ + { CS_TIMERSTATS_RESET, RO, "timerstats_reset" },/* 87 */ + { CS_TIMER_OVERRUNS, RO, "timer_overruns" }, /* 88 */ + { CS_TIMER_XMTS, RO, "timer_xmts" }, /* 89 */ + { CS_FUZZ, RO, "fuzz" }, /* 90 */ + { CS_WANDER_THRESH, RO, "clk_wander_threshold" }, /* 91 */ + + { CS_LEAPSMEARINTV, RO, "leapsmearinterval" }, /* 92 */ + { CS_LEAPSMEAROFFS, RO, "leapsmearoffset" }, /* 93 */ #ifdef AUTOKEY { CS_FLAGS, RO, "flags" }, /* 1 + CS_MAX_NOAUTOKEY */ @@ -436,7 +440,7 @@ static const struct ctl_var sys_var[] = { { CS_IDENT, RO, "ident" }, /* 7 + CS_MAX_NOAUTOKEY */ { CS_DIGEST, RO, "digest" }, /* 8 + CS_MAX_NOAUTOKEY */ #endif /* AUTOKEY */ - { 0, EOV, "" } /* 87/95 */ + { 0, EOV, "" } /* 94/102 */ }; static struct ctl_var *ext_sys_var = NULL; @@ -1264,7 +1268,7 @@ process_control( rbufp->recv_length, properlen, res_keyid, maclen)); - if (!authistrusted(res_keyid)) + if (!authistrustedip(res_keyid, &rbufp->recv_srcadr)) DPRINTF(3, ("invalid keyid %08x\n", res_keyid)); else if (authdecrypt(res_keyid, (u_int32 *)pkt, rbufp->recv_length - maclen, @@ -1472,28 +1476,46 @@ ctl_flushpkt( } -/* - * ctl_putdata - write data into the packet, fragmenting and starting - * another if this one is full. +/* -------------------------------------------------------------------- + * block transfer API -- stream string/data fragments into xmit buffer + * without additional copying + */ + +/* buffer descriptor: address & size of fragment + * 'buf' may only be NULL when 'len' is zero! */ +typedef struct { + const void *buf; + size_t len; +} CtlMemBufT; + +/* put ctl data in a gather-style operation */ static void -ctl_putdata( - const char *dp, - unsigned int dlen, - int bin /* set to 1 when data is binary */ +ctl_putdata_ex( + const CtlMemBufT * argv, + size_t argc, + int/*BOOL*/ bin /* set to 1 when data is binary */ ) { - int overhead; - unsigned int currentlen; + const char * src_ptr; + size_t src_len, cur_len, add_len, argi; - overhead = 0; - if (!bin) { + /* text / binary preprocessing, possibly create new linefeed */ + if (bin) { + add_len = 0; + } else { datanotbinflag = TRUE; - overhead = 3; + add_len = 3; + if (datasent) { *datapt++ = ','; datalinelen++; - if ((dlen + datalinelen + 1) >= MAXDATALINELEN) { + + /* sum up total length */ + for (argi = 0, src_len = 0; argi < argc; ++argi) + src_len += argv[argi].len; + /* possibly start a new line, assume no size_t overflow */ + if ((src_len + datalinelen + 1) >= MAXDATALINELEN) { *datapt++ = '\r'; *datapt++ = '\n'; datalinelen = 0; @@ -1504,31 +1526,56 @@ ctl_putdata( } } - /* - * Save room for trailing junk - */ - while (dlen + overhead + datapt > dataend) { - /* - * Not enough room in this one, flush it out. - */ - currentlen = MIN(dlen, (unsigned int)(dataend - datapt)); + /* now stream out all buffers */ + for (argi = 0; argi < argc; ++argi) { + src_ptr = argv[argi].buf; + src_len = argv[argi].len; - memcpy(datapt, dp, currentlen); + if ( ! (src_ptr && src_len)) + continue; - datapt += currentlen; - dp += currentlen; - dlen -= currentlen; - datalinelen += currentlen; + cur_len = (size_t)(dataend - datapt); + while ((src_len + add_len) > cur_len) { + /* Not enough room in this one, flush it out. */ + if (src_len < cur_len) + cur_len = src_len; + + memcpy(datapt, src_ptr, cur_len); + datapt += cur_len; + datalinelen += cur_len; + + src_ptr += cur_len; + src_len -= cur_len; + + ctl_flushpkt(CTL_MORE); + cur_len = (size_t)(dataend - datapt); + } - ctl_flushpkt(CTL_MORE); - } + memcpy(datapt, src_ptr, src_len); + datapt += src_len; + datalinelen += src_len; - memcpy(datapt, dp, dlen); - datapt += dlen; - datalinelen += dlen; - datasent = TRUE; + datasent = TRUE; + } } +/* + * ctl_putdata - write data into the packet, fragmenting and starting + * another if this one is full. + */ +static void +ctl_putdata( + const char *dp, + unsigned int dlen, + int bin /* set to 1 when data is binary */ + ) +{ + CtlMemBufT args[1]; + + args[0].buf = dp; + args[0].len = dlen; + ctl_putdata_ex(args, 1, bin); +} /* * ctl_putstr - write a tagged string into the response packet @@ -1546,16 +1593,21 @@ ctl_putstr( size_t len ) { - char buffer[512]; - int rc; - - INSIST(len < sizeof(buffer)); - if (len) - rc = snprintf(buffer, sizeof(buffer), "%s=\"%.*s\"", tag, (int)len, data); - else - rc = snprintf(buffer, sizeof(buffer), "%s", tag); - INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + CtlMemBufT args[4]; + + args[0].buf = tag; + args[0].len = strlen(tag); + if (data && len) { + args[1].buf = "=\""; + args[1].len = 2; + args[2].buf = data; + args[2].len = len; + args[3].buf = "\""; + args[3].len = 1; + ctl_putdata_ex(args, 4, FALSE); + } else { + ctl_putdata_ex(args, 1, FALSE); + } } @@ -1575,16 +1627,19 @@ ctl_putunqstr( size_t len ) { - char buffer[512]; - int rc; - - INSIST(len < sizeof(buffer)); - if (len) - rc = snprintf(buffer, sizeof(buffer), "%s=%.*s", tag, (int)len, data); - else - rc = snprintf(buffer, sizeof(buffer), "%s", tag); - INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + CtlMemBufT args[3]; + + args[0].buf = tag; + args[0].len = strlen(tag); + if (data && len) { + args[1].buf = "="; + args[1].len = 1; + args[2].buf = data; + args[2].len = len; + ctl_putdata_ex(args, 3, FALSE); + } else { + ctl_putdata_ex(args, 1, FALSE); + } } @@ -1599,14 +1654,14 @@ ctl_putdblf( double d ) { - char buffer[200]; + char buffer[40]; int rc; rc = snprintf(buffer, sizeof(buffer), - (use_f ? "%s=%.*f" : "%s=%.*g"), - tag, precision, d); + (use_f ? "%.*f" : "%.*g"), + precision, d); INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } /* @@ -1618,12 +1673,12 @@ ctl_putuint( u_long uval ) { - char buffer[200]; + char buffer[24]; /* needs to fit for 64 bits! */ int rc; - rc = snprintf(buffer, sizeof(buffer), "%s=%lu", tag, uval); + rc = snprintf(buffer, sizeof(buffer), "%lu", uval); INSIST(rc >= 0 && rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } /* @@ -1637,17 +1692,16 @@ ctl_putcal( const struct calendar *pcal ) { - char buffer[100]; + char buffer[16]; int rc; rc = snprintf(buffer, sizeof(buffer), - "%s=%04d%02d%02d%02d%02d", - tag, + "%04d%02d%02d%02d%02d", pcal->year, pcal->month, pcal->monthday, pcal->hour, pcal->minute ); INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } #endif @@ -1660,23 +1714,21 @@ ctl_putfs( tstamp_t uval ) { - char buffer[200]; - struct tm *tm = NULL; - time_t fstamp; - int rc; + char buffer[16]; + int rc; - fstamp = (time_t)uval - JAN_1970; - tm = gmtime(&fstamp); + time_t fstamp = (time_t)uval - JAN_1970; + struct tm *tm = gmtime(&fstamp); + if (NULL == tm) return; rc = snprintf(buffer, sizeof(buffer), - "%s=%04d%02d%02d%02d%02d", - tag, + "%04d%02d%02d%02d%02d", tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min); INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } @@ -1690,12 +1742,12 @@ ctl_puthex( u_long uval ) { - char buffer[200]; + char buffer[24]; /* must fit 64bit int! */ int rc; - rc = snprintf(buffer, sizeof(buffer), "%s=0x%lx", tag, uval); + rc = snprintf(buffer, sizeof(buffer), "0x%lx", uval); INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } @@ -1708,12 +1760,12 @@ ctl_putint( long ival ) { - char buffer[200]; + char buffer[24]; /*must fit 64bit int */ int rc; - rc = snprintf(buffer, sizeof(buffer), "%s=%ld", tag, ival); + rc = snprintf(buffer, sizeof(buffer), "%ld", ival); INSIST(rc >= 0 && rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } @@ -1726,14 +1778,14 @@ ctl_putts( l_fp *ts ) { - char buffer[200]; + char buffer[24]; int rc; rc = snprintf(buffer, sizeof(buffer), - "%s=0x%08lx.%08lx", - tag, (u_long)ts->l_ui, (u_long)ts->l_uf); + "0x%08lx.%08lx", + (u_long)ts->l_ui, (u_long)ts->l_uf); INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, buffer, rc); } @@ -1748,16 +1800,12 @@ ctl_putadr( ) { const char *cq; - char buffer[200]; - int rc; if (NULL == addr) cq = numtoa(addr32); else cq = stoa(addr); - rc = snprintf(buffer, sizeof(buffer), "%s=%s", tag, cq); - INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, 0); + ctl_putunqstr(tag, cq, strlen(cq)); } @@ -1770,8 +1818,7 @@ ctl_putrefid( u_int32 refid ) { - char buffer[128]; - int rc, i; + size_t nc; union { uint32_t w; @@ -1779,13 +1826,10 @@ ctl_putrefid( } bytes; bytes.w = refid; - for (i = 0; i < sizeof(bytes.b); ++i) - if (bytes.b[i] && !isprint(bytes.b[i])) - bytes.b[i] = '.'; - rc = snprintf(buffer, sizeof(buffer), "%s=%.*s", - tag, (int)sizeof(bytes.b), bytes.b); - INSIST(rc >= 0 && (size_t)rc < sizeof(buffer)); - ctl_putdata(buffer, (u_int)rc, FALSE); + for (nc = 0; nc < sizeof(bytes.b) && bytes.b[nc]; ++nc) + if (!isprint(bytes.b[nc])) + bytes.b[nc] = '.'; + ctl_putunqstr(tag, (const char*)bytes.b, nc); } @@ -1805,21 +1849,16 @@ ctl_putarray( cp = buffer; ep = buffer + sizeof(buffer); - - rc = snprintf(cp, (size_t)(ep - cp), "%s=", tag); - INSIST(rc >= 0 && rc < (ep - cp)); - cp += rc; - - i = start; + i = start; do { if (i == 0) i = NTP_SHIFT; i--; rc = snprintf(cp, (size_t)(ep - cp), " %.2f", arr[i] * 1e3); - INSIST(rc >= 0 && rc < (ep - cp)); + INSIST(rc >= 0 && (size_t)rc < (size_t)(ep - cp)); cp += rc; } while (i != start); - ctl_putdata(buffer, (u_int)(cp - buffer), 0); + ctl_putunqstr(tag, buffer, (size_t)(cp - buffer)); } /* @@ -2183,6 +2222,14 @@ ctl_putsys( ctl_putuint(sys_var[varid].text, sys_limitrejected); break; + case CS_SS_LAMPORT: + ctl_putuint(sys_var[varid].text, sys_lamport); + break; + + case CS_SS_TSROUNDING: + ctl_putuint(sys_var[varid].text, sys_tsrounding); + break; + case CS_SS_KODSENT: ctl_putuint(sys_var[varid].text, sys_kodsent); break; @@ -3095,7 +3142,9 @@ ctl_getitem( const char *sp1 = reqpt; const char *sp2 = v->text; - while ((sp1 != tp) && (*sp1 == *sp2)) { + /* [Bug 3412] do not compare past NUL byte in name */ + while ( (sp1 != tp) + && ('\0' != *sp2) && (*sp1 == *sp2)) { ++sp1; ++sp2; } @@ -3594,7 +3643,13 @@ static u_int32 derive_nonce( } ctx = EVP_MD_CTX_new(); +# if defined(OPENSSL) && defined(EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) + /* [Bug 3457] set flags and don't kill them again */ + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + EVP_DigestInit_ex(ctx, EVP_get_digestbynid(NID_md5), NULL); +# else EVP_DigestInit(ctx, EVP_get_digestbynid(NID_md5)); +# endif EVP_DigestUpdate(ctx, salt, sizeof(salt)); EVP_DigestUpdate(ctx, &ts_i, sizeof(ts_i)); EVP_DigestUpdate(ctx, &ts_f, sizeof(ts_f)); @@ -4373,6 +4428,7 @@ send_restrict_entry( while (sent[which]) which = (which + 1) % COUNTOF(sent); + /* XXX: Numbers? Really? */ switch (which) { case 0: @@ -4395,7 +4451,7 @@ send_restrict_entry( case 3: snprintf(tag, sizeof(tag), flags_fmt, idx); match_str = res_match_flags(pres->mflags); - access_str = res_access_flags(pres->flags); + access_str = res_access_flags(pres->rflags); if ('\0' == match_str[0]) { pch = access_str; } else { |