diff options
Diffstat (limited to 'libntp')
37 files changed, 463 insertions, 372 deletions
diff --git a/libntp/Makefile.am b/libntp/Makefile.am index 99ce273d4cd1..85ac6e3f9b92 100644 --- a/libntp/Makefile.am +++ b/libntp/Makefile.am @@ -192,7 +192,6 @@ libntp_a_SRCS = \ ntp_rfc2553.c \ ntp_worker.c \ numtoa.c \ - numtohost.c \ octtoint.c \ prettydate.c \ refidsmear.c \ diff --git a/libntp/Makefile.in b/libntp/Makefile.in index 439c5a9fe07a..08032399cbeb 100644 --- a/libntp/Makefile.in +++ b/libntp/Makefile.in @@ -175,12 +175,12 @@ am__libntp_a_SOURCES_DIST = systime.c a_md5encrypt.c adjtime.c \ mktime.c modetoa.c mstolfp.c msyslog.c netof.c ntp_calendar.c \ ntp_calgps.c ntp_crypto_rnd.c ntp_intres.c ntp_libopts.c \ ntp_lineedit.c ntp_random.c ntp_realpath.c ntp_rfc2553.c \ - ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \ - refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \ - socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ - strl_obsd.c syssignal.c timespecops.c timetoa.c timevalops.c \ - timexsup.c uglydate.c vint64ops.c work_fork.c work_thread.c \ - xsbprintf.c ymd2yd.c lib/isc/assertions.c lib/isc/buffer.c \ + ntp_worker.c numtoa.c octtoint.c prettydate.c refidsmear.c \ + recvbuff.c refnumtoa.c snprintf.c socket.c socktoa.c \ + socktohost.c ssl_init.c statestr.c strdup.c strl_obsd.c \ + syssignal.c timespecops.c timetoa.c timevalops.c timexsup.c \ + uglydate.c vint64ops.c work_fork.c work_thread.c xsbprintf.c \ + ymd2yd.c lib/isc/assertions.c lib/isc/buffer.c \ lib/isc/backtrace-emptytbl.c lib/isc/backtrace.c \ lib/isc/unix/dir.c lib/isc/error.c lib/isc/unix/errno2result.c \ lib/isc/event.c lib/isc/unix/file.c lib/isc/inet_ntop.c \ @@ -238,15 +238,15 @@ am__objects_5 = a_md5encrypt.$(OBJEXT) adjtime.$(OBJEXT) \ ntp_libopts.$(OBJEXT) ntp_lineedit.$(OBJEXT) \ ntp_random.$(OBJEXT) ntp_realpath.$(OBJEXT) \ ntp_rfc2553.$(OBJEXT) ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) \ - numtohost.$(OBJEXT) octtoint.$(OBJEXT) prettydate.$(OBJEXT) \ - refidsmear.$(OBJEXT) recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) \ - snprintf.$(OBJEXT) socket.$(OBJEXT) socktoa.$(OBJEXT) \ - socktohost.$(OBJEXT) ssl_init.$(OBJEXT) statestr.$(OBJEXT) \ - strdup.$(OBJEXT) strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) \ - timespecops.$(OBJEXT) timetoa.$(OBJEXT) timevalops.$(OBJEXT) \ - timexsup.$(OBJEXT) uglydate.$(OBJEXT) vint64ops.$(OBJEXT) \ - work_fork.$(OBJEXT) work_thread.$(OBJEXT) xsbprintf.$(OBJEXT) \ - ymd2yd.$(OBJEXT) $(am__objects_4) $(am__objects_1) + octtoint.$(OBJEXT) prettydate.$(OBJEXT) refidsmear.$(OBJEXT) \ + recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) snprintf.$(OBJEXT) \ + socket.$(OBJEXT) socktoa.$(OBJEXT) socktohost.$(OBJEXT) \ + ssl_init.$(OBJEXT) statestr.$(OBJEXT) strdup.$(OBJEXT) \ + strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) timespecops.$(OBJEXT) \ + timetoa.$(OBJEXT) timevalops.$(OBJEXT) timexsup.$(OBJEXT) \ + uglydate.$(OBJEXT) vint64ops.$(OBJEXT) work_fork.$(OBJEXT) \ + work_thread.$(OBJEXT) xsbprintf.$(OBJEXT) ymd2yd.$(OBJEXT) \ + $(am__objects_4) $(am__objects_1) am_libntp_a_OBJECTS = systime.$(OBJEXT) $(am__objects_5) libntp_a_OBJECTS = $(am_libntp_a_OBJECTS) libntpsim_a_AR = $(AR) $(ARFLAGS) @@ -261,12 +261,12 @@ am__libntpsim_a_SOURCES_DIST = systime_s.c a_md5encrypt.c adjtime.c \ mktime.c modetoa.c mstolfp.c msyslog.c netof.c ntp_calendar.c \ ntp_calgps.c ntp_crypto_rnd.c ntp_intres.c ntp_libopts.c \ ntp_lineedit.c ntp_random.c ntp_realpath.c ntp_rfc2553.c \ - ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \ - refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \ - socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \ - strl_obsd.c syssignal.c timespecops.c timetoa.c timevalops.c \ - timexsup.c uglydate.c vint64ops.c work_fork.c work_thread.c \ - xsbprintf.c ymd2yd.c lib/isc/assertions.c lib/isc/buffer.c \ + ntp_worker.c numtoa.c octtoint.c prettydate.c refidsmear.c \ + recvbuff.c refnumtoa.c snprintf.c socket.c socktoa.c \ + socktohost.c ssl_init.c statestr.c strdup.c strl_obsd.c \ + syssignal.c timespecops.c timetoa.c timevalops.c timexsup.c \ + uglydate.c vint64ops.c work_fork.c work_thread.c xsbprintf.c \ + ymd2yd.c lib/isc/assertions.c lib/isc/buffer.c \ lib/isc/backtrace-emptytbl.c lib/isc/backtrace.c \ lib/isc/unix/dir.c lib/isc/error.c lib/isc/unix/errno2result.c \ lib/isc/event.c lib/isc/unix/file.c lib/isc/inet_ntop.c \ @@ -321,21 +321,20 @@ am__depfiles_remade = ./$(DEPDIR)/a_md5encrypt.Po \ ./$(DEPDIR)/ntp_libopts.Po ./$(DEPDIR)/ntp_lineedit.Po \ ./$(DEPDIR)/ntp_random.Po ./$(DEPDIR)/ntp_realpath.Po \ ./$(DEPDIR)/ntp_rfc2553.Po ./$(DEPDIR)/ntp_worker.Po \ - ./$(DEPDIR)/numtoa.Po ./$(DEPDIR)/numtohost.Po \ - ./$(DEPDIR)/octtoint.Po ./$(DEPDIR)/prettydate.Po \ - ./$(DEPDIR)/recvbuff.Po ./$(DEPDIR)/refidsmear.Po \ - ./$(DEPDIR)/refnumtoa.Po ./$(DEPDIR)/snprintf.Po \ - ./$(DEPDIR)/socket.Po ./$(DEPDIR)/socktoa.Po \ - ./$(DEPDIR)/socktohost.Po ./$(DEPDIR)/ssl_init.Po \ - ./$(DEPDIR)/statestr.Po ./$(DEPDIR)/strdup.Po \ - ./$(DEPDIR)/strl_obsd.Po ./$(DEPDIR)/syssignal.Po \ - ./$(DEPDIR)/systime.Po ./$(DEPDIR)/systime_s.Po \ - ./$(DEPDIR)/timespecops.Po ./$(DEPDIR)/timetoa.Po \ - ./$(DEPDIR)/timevalops.Po ./$(DEPDIR)/timexsup.Po \ - ./$(DEPDIR)/uglydate.Po ./$(DEPDIR)/vint64ops.Po \ - ./$(DEPDIR)/work_fork.Po ./$(DEPDIR)/work_thread.Po \ - ./$(DEPDIR)/xsbprintf.Po ./$(DEPDIR)/ymd2yd.Po \ - lib/isc/$(DEPDIR)/assertions.Po \ + ./$(DEPDIR)/numtoa.Po ./$(DEPDIR)/octtoint.Po \ + ./$(DEPDIR)/prettydate.Po ./$(DEPDIR)/recvbuff.Po \ + ./$(DEPDIR)/refidsmear.Po ./$(DEPDIR)/refnumtoa.Po \ + ./$(DEPDIR)/snprintf.Po ./$(DEPDIR)/socket.Po \ + ./$(DEPDIR)/socktoa.Po ./$(DEPDIR)/socktohost.Po \ + ./$(DEPDIR)/ssl_init.Po ./$(DEPDIR)/statestr.Po \ + ./$(DEPDIR)/strdup.Po ./$(DEPDIR)/strl_obsd.Po \ + ./$(DEPDIR)/syssignal.Po ./$(DEPDIR)/systime.Po \ + ./$(DEPDIR)/systime_s.Po ./$(DEPDIR)/timespecops.Po \ + ./$(DEPDIR)/timetoa.Po ./$(DEPDIR)/timevalops.Po \ + ./$(DEPDIR)/timexsup.Po ./$(DEPDIR)/uglydate.Po \ + ./$(DEPDIR)/vint64ops.Po ./$(DEPDIR)/work_fork.Po \ + ./$(DEPDIR)/work_thread.Po ./$(DEPDIR)/xsbprintf.Po \ + ./$(DEPDIR)/ymd2yd.Po lib/isc/$(DEPDIR)/assertions.Po \ lib/isc/$(DEPDIR)/backtrace-emptytbl.Po \ lib/isc/$(DEPDIR)/backtrace.Po lib/isc/$(DEPDIR)/buffer.Po \ lib/isc/$(DEPDIR)/error.Po lib/isc/$(DEPDIR)/event.Po \ @@ -581,6 +580,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_NET_SNMP_CONFIG = @PATH_NET_SNMP_CONFIG@ +PATH_OPENSSL = @PATH_OPENSSL@ PATH_PERL = @PATH_PERL@ PATH_RUBY = @PATH_RUBY@ PATH_SEPARATOR = @PATH_SEPARATOR@ @@ -822,7 +822,6 @@ libntp_a_SRCS = \ ntp_rfc2553.c \ ntp_worker.c \ numtoa.c \ - numtohost.c \ octtoint.c \ prettydate.c \ refidsmear.c \ @@ -1093,7 +1092,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntp_rfc2553.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntp_worker.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numtoa.Po@am__quote@ # am--include-marker -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/numtohost.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/octtoint.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prettydate.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/recvbuff.Po@am__quote@ # am--include-marker @@ -1380,7 +1378,6 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/ntp_rfc2553.Po -rm -f ./$(DEPDIR)/ntp_worker.Po -rm -f ./$(DEPDIR)/numtoa.Po - -rm -f ./$(DEPDIR)/numtohost.Po -rm -f ./$(DEPDIR)/octtoint.Po -rm -f ./$(DEPDIR)/prettydate.Po -rm -f ./$(DEPDIR)/recvbuff.Po @@ -1535,7 +1532,6 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/ntp_rfc2553.Po -rm -f ./$(DEPDIR)/ntp_worker.Po -rm -f ./$(DEPDIR)/numtoa.Po - -rm -f ./$(DEPDIR)/numtohost.Po -rm -f ./$(DEPDIR)/octtoint.Po -rm -f ./$(DEPDIR)/prettydate.Po -rm -f ./$(DEPDIR)/recvbuff.Po diff --git a/libntp/a_md5encrypt.c b/libntp/a_md5encrypt.c index 7a372969123f..a571405a5d87 100644 --- a/libntp/a_md5encrypt.c +++ b/libntp/a_md5encrypt.c @@ -21,7 +21,6 @@ typedef struct { size_t len; } rwbuffT; - #if defined(OPENSSL) && defined(ENABLE_CMAC) static size_t cmac_ctx_size( @@ -40,6 +39,37 @@ cmac_ctx_size( #endif /* OPENSSL && ENABLE_CMAC */ +/* + * Allocate and initialize a digest context. As a speed optimization, + * take an idea from ntpsec and cache the context to avoid malloc/free + * overhead in time-critical paths. ntpsec also caches the algorithms + * with each key. + * This is not thread-safe, but that is + * not a problem at present. + */ +static EVP_MD_CTX * +get_md_ctx( + int nid + ) +{ +#ifndef OPENSSL + static MD5_CTX md5_ctx; + + DEBUG_INSIST(NID_md5 == nid); + MD5Init(&md5_ctx); + + return &md5_ctx; +#else + if (!EVP_DigestInit(digest_ctx, EVP_get_digestbynid(nid))) { + msyslog(LOG_ERR, "%s init failed", OBJ_nid2sn(nid)); + return NULL; + } + + return digest_ctx; +#endif /* OPENSSL */ +} + + static size_t make_mac( const rwbuffT * digest, @@ -99,26 +129,13 @@ make_mac( CMAC_CTX_free(ctx); } else -# endif /*ENABLE_CMAC*/ +# endif /* ENABLE_CMAC */ { /* generic MAC handling */ - EVP_MD_CTX * ctx = EVP_MD_CTX_new(); + EVP_MD_CTX * ctx; u_int uilen = 0; - if ( ! ctx) { - msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest CTX new failed.", - OBJ_nid2sn(ktype)); - goto mac_fail; - } - - #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - /* make sure MD5 is allowd */ - EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); - #endif - /* [Bug 3457] DON'T use plain EVP_DigestInit! It would - * kill the flags! */ - if (!EVP_DigestInit_ex(ctx, EVP_get_digestbynid(ktype), NULL)) { - msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Init failed.", - OBJ_nid2sn(ktype)); + ctx = get_md_ctx(ktype); + if (NULL == ctx) { goto mac_fail; } if ((size_t)EVP_MD_CTX_size(ctx) > digest->len) { @@ -143,39 +160,25 @@ make_mac( } mac_fail: retlen = (size_t)uilen; - - if (ctx) - EVP_MD_CTX_free(ctx); } #else /* !OPENSSL follows */ - if (ktype == NID_md5) - { - EVP_MD_CTX * ctx = EVP_MD_CTX_new(); - u_int uilen = 0; + if (NID_md5 == ktype) { + EVP_MD_CTX * ctx; - if (digest->len < 16) { + ctx = get_md_ctx(ktype); + if (digest->len < MD5_LENGTH) { msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 buf too small."); + } else { + MD5Init(ctx); + MD5Update(ctx, (const void *)key->buf, key->len); + MD5Update(ctx, (const void *)msg->buf, msg->len); + MD5Final(digest->buf, ctx); + retlen = MD5_LENGTH; } - else if ( ! ctx) { - msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 Digest CTX new failed."); - } - else if (!EVP_DigestInit(ctx, EVP_get_digestbynid(ktype))) { - msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 Digest INIT failed."); - } - else { - EVP_DigestUpdate(ctx, key->buf, key->len); - EVP_DigestUpdate(ctx, msg->buf, msg->len); - EVP_DigestFinal(ctx, digest->buf, &uilen); - } - if (ctx) - EVP_MD_CTX_free(ctx); - retlen = (size_t)uilen; - } - else - { - msyslog(LOG_ERR, "MAC encrypt: invalid key type %d" , ktype); + } else { + msyslog(LOG_ERR, "MAC encrypt: invalid key type %d", ktype); } #endif /* !OPENSSL */ @@ -187,7 +190,7 @@ make_mac( /* * MD5authencrypt - generate message digest * - * Returns length of MAC including key ID and digest. + * Returns 0 on failure or length of MAC including key ID. */ size_t MD5authencrypt( @@ -202,13 +205,14 @@ MD5authencrypt( rwbuffT digb = { digest, sizeof(digest) }; robuffT keyb = { key, klen }; robuffT msgb = { pkt, length }; - size_t dlen = 0; + size_t dlen; dlen = make_mac(&digb, type, &keyb, &msgb); - /* If the MAC is longer than the MAX then truncate it. */ - if (dlen > MAX_MDG_LEN) - dlen = MAX_MDG_LEN; - memcpy((u_char *)pkt + length + KEY_MAC_LEN, digest, dlen); + if (0 == dlen) { + return 0; + } + memcpy((u_char *)pkt + length + KEY_MAC_LEN, digest, + min(dlen, MAX_MDG_LEN)); return (dlen + KEY_MAC_LEN); } @@ -236,15 +240,11 @@ MD5authdecrypt( size_t dlen = 0; dlen = make_mac(&digb, type, &keyb, &msgb); - - /* If the MAC is longer than the MAX then truncate it. */ - if (dlen > MAX_MDG_LEN) - dlen = MAX_MDG_LEN; - if (size != (size_t)dlen + KEY_MAC_LEN) { + if (0 == dlen || size != dlen + KEY_MAC_LEN) { msyslog(LOG_ERR, - "MAC decrypt: MAC length error: len=%u key=%d", - (u_int)size, keyno); - return (0); + "MAC decrypt: MAC length error: %u not %u for key %u", + (u_int)size, (u_int)(dlen + KEY_MAC_LEN), keyno); + return FALSE; } return !isc_tsmemcmp(digest, (u_char *)pkt + length + KEY_MAC_LEN, dlen); @@ -254,39 +254,36 @@ MD5authdecrypt( * Calculate the reference id from the address. If it is an IPv4 * address, use it as is. If it is an IPv6 address, do a md5 on * it and use the bottom 4 bytes. - * The result is in network byte order. + * The result is in network byte order for IPv4 addreseses. For + * IPv6, ntpd long differed in the hash calculated on big-endian + * vs. little-endian because the first four bytes of the MD5 hash + * were used as a u_int32 without any byte swapping. This broke + * the refid-based loop detection between mixed-endian systems. + * In order to preserve behavior on the more-common little-endian + * systems, the hash is now byte-swapped on big-endian systems to + * match the little-endian hash. This is ugly but it seems better + * than changing the IPv6 refid calculation on the more-common + * systems. + * This is not thread safe, not a problem so far. */ u_int32 addr2refid(sockaddr_u *addr) { - u_char digest[EVP_MAX_MD_SIZE]; - u_int32 addr_refid; - EVP_MD_CTX *ctx; - u_int len; + static MD5_CTX md5_ctx; + union u_tag { + u_char digest[MD5_DIGEST_LENGTH]; + u_int32 addr_refid; + } u; - if (IS_IPV4(addr)) + if (IS_IPV4(addr)) { return (NSRCADR(addr)); - - INIT_SSL(); - - ctx = EVP_MD_CTX_new(); -# ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - /* MD5 is not used as a crypto hash here. */ - EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); -# endif - /* [Bug 3457] DON'T use plain EVP_DigestInit! It would kill the - * flags! */ - if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) { - msyslog(LOG_ERR, - "MD5 init failed"); - EVP_MD_CTX_free(ctx); /* pedantic... but safe */ - exit(1); } - - EVP_DigestUpdate(ctx, (u_char *)PSOCK_ADDR6(addr), - sizeof(struct in6_addr)); - EVP_DigestFinal(ctx, digest, &len); - EVP_MD_CTX_free(ctx); - memcpy(&addr_refid, digest, sizeof(addr_refid)); - return (addr_refid); + /* MD5 is not used for authentication here. */ + MD5Init(&md5_ctx); + MD5Update(&md5_ctx, (void *)&SOCK_ADDR6(addr), sizeof(SOCK_ADDR6(addr))); + MD5Final(u.digest, &md5_ctx); +#ifdef WORDS_BIGENDIAN + u.addr_refid = BYTESWAP32(u.addr_refid); +#endif + return u.addr_refid; } diff --git a/libntp/adjtime.c b/libntp/adjtime.c index b536cc555d9a..57accd68642d 100644 --- a/libntp/adjtime.c +++ b/libntp/adjtime.c @@ -381,6 +381,6 @@ adjtime (struct timeval *delta, struct timeval *olddelta) return 0; } # else /* no special adjtime() needed */ -int adjtime_bs; +NONEMPTY_TRANSLATION_UNIT # endif #endif diff --git a/libntp/audio.c b/libntp/audio.c index f404cc078bdc..2cbae7a30a11 100644 --- a/libntp/audio.c +++ b/libntp/audio.c @@ -517,5 +517,5 @@ audio_show(void) #endif /* not PCM_STYLE_SOUND */ } #else -int audio_bs; +NONEMPTY_TRANSLATION_UNIT #endif /* HAVE_{SYS_AUDIOIO,SUN_AUDIOIO,MACHINE_SOUNDCARD,SYS_SOUNDCARD}_H */ diff --git a/libntp/authkeys.c b/libntp/authkeys.c index d28b4b932b84..29671ac922bb 100644 --- a/libntp/authkeys.c +++ b/libntp/authkeys.c @@ -611,6 +611,9 @@ authhavekey( /* * The key is found and trusted. Initialize the key cache. + * The cache really should be a struct savekey to streamline + * this code. Using a sk pointer would be even faster but more + * fragile around pointing to freed memory. */ cache_keyid = sk->keyid; cache_type = sk->type; @@ -927,6 +930,7 @@ authdecrypt( pkt, length, size, keyno); } + /* password decoding helpers */ static size_t pwdecode_plain( diff --git a/libntp/authreadkeys.c b/libntp/authreadkeys.c index fa2f5b540de4..e4aee723d33a 100644 --- a/libntp/authreadkeys.c +++ b/libntp/authreadkeys.c @@ -218,14 +218,14 @@ authreadkeys( keytype = keytype_from_text(token, NULL); if (keytype == 0) { log_maybe(NULL, - "authreadkeys: invalid type for key %d", - keyno); + "authreadkeys: unsupported type %s for key %d", + token, keyno); # ifdef ENABLE_CMAC } else if (NID_cmac != keytype && EVP_get_digestbynid(keytype) == NULL) { log_maybe(NULL, - "authreadkeys: no algorithm for key %d", - keyno); + "authreadkeys: no algorithm for %s key %d", + token, keyno); keytype = 0; # endif /* ENABLE_CMAC */ } @@ -270,11 +270,13 @@ authreadkeys( "authreadkeys: passwd has bad char for key %d", keyno); break; +#ifdef DEBUG default: log_maybe(&nerr, - "authreadkeys: unknown errno %d for key %d", + "authreadkeys: unexpected errno %d for key %d: %m", errno, keyno); break; +#endif } continue; } diff --git a/libntp/bsd_strerror.c b/libntp/bsd_strerror.c index 5ace9aa48542..23888a2d1437 100644 --- a/libntp/bsd_strerror.c +++ b/libntp/bsd_strerror.c @@ -45,5 +45,5 @@ strerror( return ebuf; } #else -int strerror_bs; +NONEMPTY_TRANSLATION_UNIT #endif diff --git a/libntp/clocktypes.c b/libntp/clocktypes.c index de7f6b4f3854..1b44546ee172 100644 --- a/libntp/clocktypes.c +++ b/libntp/clocktypes.c @@ -6,7 +6,6 @@ #include "ntp_fp.h" #include "ntp.h" -#include "lib_strbuf.h" #include "ntp_refclock.h" #include "ntp_stdlib.h" diff --git a/libntp/dofptoa.c b/libntp/dofptoa.c index c21d1455e7f0..a3f7c9e710dd 100644 --- a/libntp/dofptoa.c +++ b/libntp/dofptoa.c @@ -5,8 +5,6 @@ #include <stdio.h> #include "ntp_fp.h" -#include "lib_strbuf.h" -#include "ntp_string.h" #include "ntp_stdlib.h" char * diff --git a/libntp/dolfptoa.c b/libntp/dolfptoa.c index 00e1faf793bc..2fa3cc5502d6 100644 --- a/libntp/dolfptoa.c +++ b/libntp/dolfptoa.c @@ -5,8 +5,6 @@ #include <stdio.h> #include "ntp_fp.h" -#include "lib_strbuf.h" -#include "ntp_string.h" #include "ntp_stdlib.h" char * diff --git a/libntp/humandate.c b/libntp/humandate.c index d9d5e89df017..94b3e6023e17 100644 --- a/libntp/humandate.c +++ b/libntp/humandate.c @@ -6,7 +6,6 @@ #include "ntp_fp.h" #include "ntp_unixtime.h" /* includes <sys/time.h> and <time.h> */ -#include "lib_strbuf.h" #include "ntp_stdlib.h" diff --git a/libntp/lib/isc/win32/strerror.c b/libntp/lib/isc/win32/strerror.c index 40c5da002f8c..21bdad97778e 100644 --- a/libntp/lib/isc/win32/strerror.c +++ b/libntp/lib/isc/win32/strerror.c @@ -29,6 +29,8 @@ #include <isc/strerror.h> #include <isc/util.h> +#include "lib_strbuf.h" + /* * Forward declarations */ @@ -88,19 +90,47 @@ isc__strerror(int num, char *buf, size_t size) { */ char * FormatError(int error) { - LPVOID lpMsgBuf = NULL; + char *lpMsgBuf = NULL; + char *pch; + const char boiler[] = + " For information about network troubleshooting, see Windows Help."; + size_t last; + FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | - FORMAT_MESSAGE_IGNORE_INSERTS, + (FORMAT_MESSAGE_MAX_WIDTH_MASK - 1), NULL, error, /* Default language */ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), - (LPTSTR) &lpMsgBuf, + (LPTSTR)(PVOID)&lpMsgBuf, 0, NULL); + /* remove useless boilerplate */ + pch = strstr(lpMsgBuf, boiler); + if (pch != NULL) { + *pch = '\0'; + } + + /* strip any trailing CR/LF and spaces */ + if (lpMsgBuf != NULL) { + last = strlen(lpMsgBuf); + if (last > 0) { + --last; + } + while ('\n' == lpMsgBuf[last] || + '\r' == lpMsgBuf[last] || + ' ' == lpMsgBuf[last]) { + + lpMsgBuf[last] = '\0'; + if (last > 0) { + --last; + } + } + } + return (lpMsgBuf); } @@ -113,27 +143,31 @@ char * NTstrerror(int err, BOOL *bfreebuf) { char *retmsg = NULL; - /* Copy the error value first in case of other errors */ - DWORD errval = err; - *bfreebuf = FALSE; /* Get the Winsock2 error messages */ - if (errval >= WSABASEERR && errval <= (WSABASEERR + 1999)) { - retmsg = GetWSAErrorMessage(errval); - if (retmsg != NULL) - return (retmsg); + /* DLH this may not be needed, FormatError/FormatMessage may handle Winsock error codes */ + if (err >= WSABASEERR && err <= (WSABASEERR + 1999)) { + retmsg = GetWSAErrorMessage(err); } /* * If it's not one of the standard Unix error codes, * try a system error message */ - if (errval > (DWORD) _sys_nerr) { - *bfreebuf = TRUE; - return (FormatError(errval)); - } else { - return (strerror(errval)); + if (NULL == retmsg) { + if (err > _sys_nerr) { + *bfreebuf = TRUE; + retmsg = FormatError(err); + } else { + retmsg = lib_getbuf(); + if (0 != strerror_s(retmsg, LIB_BUFLENGTH, err)) { + snprintf(retmsg, LIB_BUFLENGTH, + "Unknown error number %d/0x%x", + err, err); + } + } } + return retmsg; } /* diff --git a/libntp/lib_strbuf.c b/libntp/lib_strbuf.c index 76f70163de98..225c430f7e02 100644 --- a/libntp/lib_strbuf.c +++ b/libntp/lib_strbuf.c @@ -1,10 +1,11 @@ /* - * lib_strbuf - library string storage + * lib_strbuf.c - init_lib() and library string storage */ #ifdef HAVE_CONFIG_H #include <config.h> #endif +#include <isc/mutex.h> #include <isc/net.h> #include <isc/result.h> @@ -12,17 +13,18 @@ #include "ntp_stdlib.h" #include "lib_strbuf.h" +#define LIB_NUMBUF 10 /* * Storage declarations */ -int debug; -libbufstr lib_stringbuf[LIB_NUMBUF]; -int lib_nextbuf; -int ipv4_works; -int ipv6_works; -int lib_inited; - +static char lib_stringbuf_storage[LIB_NUMBUF][LIB_BUFLENGTH]; +static char * lib_stringbuf[LIB_NUMBUF]; +int lib_inited; +static isc_mutex_t lib_mutex; +int ipv4_works; +int ipv6_works; +int debug; /* * initialization routine. Might be needed if the code is ROMized. @@ -30,10 +32,41 @@ int lib_inited; void init_lib(void) { - if (lib_inited) + u_int u; + + if (lib_inited) { return; + } ipv4_works = (ISC_R_SUCCESS == isc_net_probeipv4()); ipv6_works = (ISC_R_SUCCESS == isc_net_probeipv6()); init_systime(); + /* + * Avoid -Wrestrict warnings by keeping a pointer to each buffer + * so the compiler can see copying from one buffer to another is + * not violating restrict qualifiers on, e.g. memcpy() args. + */ + for (u = 0; u < COUNTOF(lib_stringbuf); u++) { + lib_stringbuf[u] = lib_stringbuf_storage[u]; + } + isc_mutex_init(&lib_mutex); lib_inited = TRUE; } + + +char * +lib_getbuf(void) +{ + static int lib_nextbuf; + int mybuf; + + if (!lib_inited) { + init_lib(); + } + isc_mutex_lock(&lib_mutex); + mybuf = lib_nextbuf; + lib_nextbuf = (1 + mybuf) % COUNTOF(lib_stringbuf); + isc_mutex_unlock(&lib_mutex); + zero_mem(lib_stringbuf[mybuf], LIB_BUFLENGTH); + + return lib_stringbuf[mybuf]; +}
\ No newline at end of file diff --git a/libntp/machines.c b/libntp/machines.c index 7a29ac07ea5f..163abf15c6db 100644 --- a/libntp/machines.c +++ b/libntp/machines.c @@ -13,17 +13,16 @@ #include "ntp_syslog.h" #include "ntp_stdlib.h" #include "ntp_unixtime.h" -#include "lib_strbuf.h" #include "ntp_debug.h" +#include "ntp_tty.h" #ifdef HAVE_UNISTD_H #include <unistd.h> #endif #ifdef SYS_WINNT -int _getch(void); /* Declare the one function rather than include conio.h */ +#include <conio.h> #else - #ifdef SYS_VXWORKS #include "taskLib.h" #include "sysLib.h" @@ -531,3 +530,58 @@ getpass(const char * prompt) return password; } #endif /* SYS_WINNT */ + + +static const int baudTable[][2] = { + {B0, 0}, + {B50, 50}, + {B75, 75}, + {B110, 110}, + {B134, 134}, + {B150, 150}, + {B200, 200}, + {B300, 300}, + {B600, 600}, + {B1200, 1200}, + {B1800, 1800}, + {B2400, 2400}, + {B4800, 4800}, + {B9600, 9600}, + {B19200, 19200}, + {B38400, 38400}, +# ifdef B57600 + {B57600, 57600 }, +# endif +# ifdef B115200 + {B115200, 115200}, +# endif + {-1, -1} +}; + + +int symBaud2numBaud(int symBaud) +{ + int i; + + for (i = 0; baudTable[i][1] >= 0; ++i) { + if (baudTable[i][0] == symBaud) { + break; + } + } + return baudTable[i][1]; +} + + +#if 0 /* unused */ +int numBaud2symBaud(int numBaud) +{ + int i; + + for (i = 0; baudTable[i][1] >= 0; ++i) { + if (baudTable[i][1] == numBaud) { + break; + } + } + return baudTable[i][0]; +} +#endif /* unused fn */ diff --git a/libntp/modetoa.c b/libntp/modetoa.c index 6f13d20580bf..de14c9edd34c 100644 --- a/libntp/modetoa.c +++ b/libntp/modetoa.c @@ -4,7 +4,6 @@ #include <config.h> #include <stdio.h> -#include "lib_strbuf.h" #include "ntp_stdlib.h" const char * diff --git a/libntp/msyslog.c b/libntp/msyslog.c index a1ba72792595..b72d5c8dc379 100644 --- a/libntp/msyslog.c +++ b/libntp/msyslog.c @@ -348,15 +348,14 @@ msyslog( ... ) { - char buf[1024]; va_list ap; va_start(ap, fmt); - mvsnprintf(buf, sizeof(buf), fmt, ap); + mvsyslog(level, fmt, ap); va_end(ap); - addto_syslog(level, buf); } + void mvsyslog( int level, @@ -365,6 +364,7 @@ mvsyslog( ) { char buf[1024]; + mvsnprintf(buf, sizeof(buf), fmt, ap); addto_syslog(level, buf); } diff --git a/libntp/netof.c b/libntp/netof.c index c8831c3dd9cd..5f1e3662de78 100644 --- a/libntp/netof.c +++ b/libntp/netof.c @@ -1,5 +1,5 @@ /* - * netof - return the net address part of an ip address in a sockaddr_storage structure + * netof - return the net address part of an ip address in a sockaddr_u structure * (zero out host part) */ #include <config.h> @@ -11,12 +11,19 @@ #include "ntp_stdlib.h" #include "ntp.h" +/* + * Return the network portion of a host address. Used by ntp_io.c + * findbcastinter() to find a multicast/broadcast interface for + * a given remote address. Note static storage is used, with room + * for only two addresses, which is all that is needed at present. + * + */ sockaddr_u * netof( sockaddr_u *hostaddr ) { - static sockaddr_u netofbuf[8]; + static sockaddr_u netofbuf[2]; static int next_netofbuf; u_int32 netnum; sockaddr_u * netaddr; @@ -27,20 +34,11 @@ netof( memcpy(netaddr, hostaddr, sizeof(*netaddr)); if (IS_IPV4(netaddr)) { - netnum = SRCADR(netaddr); - /* - * We live in a modern CIDR world where the basement nets, which - * used to be class A, are now probably associated with each - * host address. So, for class-A nets, all bits are significant. + * We live in a modern classless IPv4 world. Assume /24. */ - if (IN_CLASSC(netnum)) - netnum &= IN_CLASSC_NET; - else if (IN_CLASSB(netnum)) - netnum &= IN_CLASSB_NET; - + netnum = SRCADR(netaddr) & IN_CLASSC_NET; SET_ADDR4(netaddr, netnum); - } else if (IS_IPV6(netaddr)) /* assume the typical /64 subnet size */ zero_mem(&NSRCADR6(netaddr)[8], 8); diff --git a/libntp/ntp_calendar.c b/libntp/ntp_calendar.c index 9fc0b48229f2..b850a9db59b8 100644 --- a/libntp/ntp_calendar.c +++ b/libntp/ntp_calendar.c @@ -56,7 +56,6 @@ #include "ntp_unixtime.h" #include "ntpd.h" -#include "lib_strbuf.h" /* For now, let's take the conservative approach: if the target property * macros are not defined, check a few well-known compiler/architecture diff --git a/libntp/ntp_intres.c b/libntp/ntp_intres.c index 9fc3815ef007..29546147db8a 100644 --- a/libntp/ntp_intres.c +++ b/libntp/ntp_intres.c @@ -84,12 +84,6 @@ # include <netdb.h> # endif # include <resolv.h> -# ifdef HAVE_INT32_ONLY_WITH_DNS -# define HAVE_INT32 -# endif -# ifdef HAVE_U_INT32_ONLY_WITH_DNS -# define HAVE_U_INT32 -# endif #endif #include "ntp.h" diff --git a/libntp/ntp_realpath.c b/libntp/ntp_realpath.c index 116542945153..90e5a0d59e75 100644 --- a/libntp/ntp_realpath.c +++ b/libntp/ntp_realpath.c @@ -103,7 +103,7 @@ realpath1(const char *path, char *resolved) size_t left_len, resolved_len, next_token_len; unsigned symlinks; ssize_t slen; - char left[NTP_PATH_MAX], next_token[NTP_PATH_MAX], symlink[NTP_PATH_MAX]; + char left[NTP_PATH_MAX], next_token[NTP_PATH_MAX], link_tgt[NTP_PATH_MAX]; symlinks = 0; if (path[0] == '/') { @@ -157,7 +157,7 @@ realpath1(const char *path, char *resolved) resolved[resolved_len++] = '/'; resolved[resolved_len] = '\0'; } - if (next_token[0] == '\0') { + if ('\0' == next_token[0]) { /* Handle consequential slashes. */ continue; } else if (strcmp(next_token, ".") == 0) { @@ -187,23 +187,24 @@ realpath1(const char *path, char *resolved) if (lstat(resolved, &sb) != 0) return (NULL); if (S_ISLNK(sb.st_mode)) { - if (symlinks++ > NTP_MAXSYMLINKS) { + if (++symlinks > NTP_MAXSYMLINKS) { errno = ELOOP; return (NULL); } - slen = readlink(resolved, symlink, sizeof(symlink)); - if (slen <= 0 || slen >= (ssize_t)sizeof(symlink)) { - if (slen < 0) - ; /* keep errno from readlink(2) call */ - else if (slen == 0) + slen = readlink(resolved, link_tgt, sizeof(link_tgt)); + if (slen <= 0 || slen >= (ssize_t)sizeof(link_tgt)) { + if (slen < 0) { + /* keep errno from readlink(2) call */ + } else if (slen == 0) { errno = ENOENT; - else + } else { errno = ENAMETOOLONG; + } return (NULL); } - symlink[slen] = '\0'; - if (symlink[0] == '/') { - resolved[1] = 0; + link_tgt[slen] = '\0'; + if (link_tgt[0] == '/') { + resolved[1] = '\0'; resolved_len = 1; } else { /* Strip the last path component. */ @@ -214,26 +215,26 @@ realpath1(const char *path, char *resolved) /* * If there are any path components left, then - * append them to symlink. The result is placed + * append them to link_tgt. The result is placed * in `left'. */ if (p != NULL) { - if (symlink[slen - 1] != '/') { - if (slen + 1 >= (ssize_t)sizeof(symlink)) { + if (link_tgt[slen - 1] != '/') { + if (slen + 1 >= (ssize_t)sizeof(link_tgt)) { errno = ENAMETOOLONG; return (NULL); } - symlink[slen] = '/'; - symlink[slen + 1] = 0; + link_tgt[slen] = '/'; + link_tgt[slen + 1] = 0; } - left_len = strlcat(symlink, left, - sizeof(symlink)); - if (left_len >= sizeof(symlink)) { + left_len = strlcat(link_tgt, left, + sizeof(link_tgt)); + if (left_len >= sizeof(link_tgt)) { errno = ENAMETOOLONG; return (NULL); } } - left_len = strlcpy(left, symlink, sizeof(left)); + left_len = strlcpy(left, link_tgt, sizeof(left)); } else if (!S_ISDIR(sb.st_mode) && p != NULL) { errno = ENOTDIR; return (NULL); diff --git a/libntp/numtoa.c b/libntp/numtoa.c index 51645de01c30..ac8978ee5e58 100644 --- a/libntp/numtoa.c +++ b/libntp/numtoa.c @@ -12,7 +12,6 @@ #include <ctype.h> #include "ntp_fp.h" -#include "lib_strbuf.h" #include "ntp_stdlib.h" char * @@ -34,7 +33,11 @@ numtoa( } -/* Convert a refid & stratum to a string */ +/* + * Convert a refid & stratum to a string. If stratum is negative and the + * refid consists entirely of graphic chars, up to an optional + * terminating zero, display as text similar to stratum 0 & 1. + */ const char * refid_str( u_int32 refid, @@ -43,33 +46,44 @@ refid_str( { char * text; size_t tlen; - char * cp; - - if (stratum > 1) - return numtoa(refid); - - LIB_GETBUF(text); - text[0] = '.'; - /* What if any non-NUL char is not printable? */ - memcpy(&text[1], &refid, sizeof(refid)); - text[1 + sizeof(refid)] = '\0'; - tlen = strlen(text); - text[tlen] = '.'; - text[tlen + 1] = '\0'; + char * cp; + int printable; /* - * Now make sure the contents are 'graphic'. - * - * This refid is expected to be up to 4 ascii graphics. - * If any character is not a graphic, replace it with a space. - * This will at least alert the viewer of a problem. + * ntpd can have stratum = 0 and refid 127.0.0.1 in orphan mode. + * https://bugs.ntp.org/3854. Mirror the refid logic in timer(). */ - for (cp = text + 1; *cp; ++cp) { - if (!isgraph((int)*cp)) { - *cp = ' '; + if (0 == stratum && LOOPBACKADR_N == refid) { + return ".ORPH."; + } + printable = FALSE; + if (stratum < 2) { + text = lib_getbuf(); + text[0] = '.'; + memcpy(&text[1], &refid, sizeof(refid)); + text[1 + sizeof(refid)] = '\0'; + tlen = strlen(text); + text[tlen] = '.'; + text[tlen + 1] = '\0'; + /* + * Now make sure the contents are 'graphic'. + * + * This refid is expected to be up to 4 printable ASCII. + * isgraph() is similar to isprint() but excludes space. + * If any character is not graphic, replace it with a '?'. + * This will at least alert the viewer of a problem. + */ + for (cp = text + 1; '\0' != *cp; ++cp) { + if (!isgraph((int)*cp)) { + printable = FALSE; + *cp = '?'; + } + } + if ( (stratum < 0 && printable) + || stratum < 2) { + return text; } } - - return text; + return numtoa(refid); } diff --git a/libntp/numtohost.c b/libntp/numtohost.c deleted file mode 100644 index 6b250d602de0..000000000000 --- a/libntp/numtohost.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * numtohost - convert network number to host name. - */ -#include <config.h> - -#include <sys/types.h> -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> /* ntohl */ -#endif - -#include "ntp_fp.h" -#include "ntp_stdlib.h" -#include "lib_strbuf.h" - -#define LOOPBACKNET 0x7f000000 -#define LOOPBACKHOST 0x7f000001 -#define LOOPBACKNETMASK 0xff000000 - -char * -numtohost( - u_int32 netnum - ) -{ - char *bp; - struct hostent *hp; - - /* - * This is really gross, but saves lots of hanging looking for - * hostnames for the radio clocks. Don't bother looking up - * addresses on the loopback network except for the loopback - * host itself. - */ - if ((((ntohl(netnum) & LOOPBACKNETMASK) == LOOPBACKNET) - && (ntohl(netnum) != LOOPBACKHOST)) - || ((hp = gethostbyaddr((char *)&netnum, sizeof netnum, AF_INET)) - == 0)) - return numtoa(netnum); - - LIB_GETBUF(bp); - strlcpy(bp, hp->h_name, LIB_BUFLENGTH); - - return bp; -} diff --git a/libntp/prettydate.c b/libntp/prettydate.c index deacc26bbe2b..060f79e5e327 100644 --- a/libntp/prettydate.c +++ b/libntp/prettydate.c @@ -6,7 +6,6 @@ #include "ntp_fp.h" #include "ntp_unixtime.h" /* includes <sys/time.h> */ -#include "lib_strbuf.h" #include "ntp_stdlib.h" #include "ntp_assert.h" #include "ntp_calendar.h" diff --git a/libntp/recvbuff.c b/libntp/recvbuff.c index d84a87d68501..6e7cda5d373d 100644 --- a/libntp/recvbuff.c +++ b/libntp/recvbuff.c @@ -93,41 +93,54 @@ initialise_buffer(recvbuf_t *buff) static void create_buffers( - size_t nbufs) + size_t nbufs +) { + static const u_int chunk = # ifndef DEBUG - static const u_int chunk = RECV_INC; + RECV_INC; # else /* Allocate each buffer individually so they can be free()d * during ntpd shutdown on DEBUG builds to keep them out of heap * leak reports. */ - static const u_int chunk = 1; + 1; # endif - - register recvbuf_t *bufp; - u_int i; - size_t abuf; + static int/*BOOL*/ doneonce; + recvbuf_t * bufp; + u_int i; + size_t abuf; /*[bug 3666]: followup -- reset shortfalls in all cases */ abuf = nbufs + buffer_shortfall; buffer_shortfall = 0; - if (limit_recvbufs <= total_recvbufs) + if (limit_recvbufs <= total_recvbufs) { + if (!doneonce) { + msyslog(LOG_CRIT, "Unable to allocate receive" + " buffer, %lu/%lu", + total_recvbufs, limit_recvbufs); + doneonce = TRUE; + } return; - - if (abuf < nbufs || abuf > RECV_BATCH) + } + + if (abuf < nbufs || abuf > RECV_BATCH) { abuf = RECV_BATCH; /* clamp on overflow */ - else + } else { abuf += (~abuf + 1) & (RECV_INC - 1); /* round up */ - - if (abuf > (limit_recvbufs - total_recvbufs)) + } + if (abuf > (limit_recvbufs - total_recvbufs)) { abuf = limit_recvbufs - total_recvbufs; + } abuf += (~abuf + 1) & (chunk - 1); /* round up */ while (abuf) { bufp = calloc(chunk, sizeof(*bufp)); if (!bufp) { + msyslog(LOG_CRIT, "Out of memory, allocating " + "%u recvbufs, %lu bytes", + chunk, (u_long)sizeof(*bufp) * chunk); limit_recvbufs = total_recvbufs; break; } diff --git a/libntp/refnumtoa.c b/libntp/refnumtoa.c index cfebefe1ed18..1e1aa4e06b4c 100644 --- a/libntp/refnumtoa.c +++ b/libntp/refnumtoa.c @@ -5,7 +5,6 @@ #include <stdio.h> #include "ntp_net.h" -#include "lib_strbuf.h" #include "ntp_stdlib.h" const char * diff --git a/libntp/snprintf.c b/libntp/snprintf.c index f4685e1ad4b6..52ec17a04eb2 100644 --- a/libntp/snprintf.c +++ b/libntp/snprintf.c @@ -1587,7 +1587,7 @@ rpl_asprintf(va_alist) va_dcl } #endif /* HW_WANT_RPL_ASPRINTF */ #else /* Dummy declaration to avoid empty translation unit warnings. */ -int main(void); +NONEMPTY_TRANSLATION_UNIT #endif /* HW_WANT_RPL_SNPRINTF || HW_WANT_RPL_VSNPRINTF || HW_WANT_RPL_ASPRINTF || [...] */ #if TEST_SNPRINTF diff --git a/libntp/socket.c b/libntp/socket.c index 11fb004690c4..08e6ffbebb6a 100644 --- a/libntp/socket.c +++ b/libntp/socket.c @@ -195,11 +195,11 @@ open_socket( ) void sendpkt( - sockaddr_u * dest, - struct interface * ep, - int ttl, - struct pkt * pkt, - int len + sockaddr_u * dest, + endpt * ep, + int ttl, + struct pkt * pkt, + int len ) static inline int @@ -207,9 +207,9 @@ read_refclock_packet(SOCKET fd, struct refclockio *rp, l_fp ts) static inline int read_network_packet( - SOCKET fd, - struct interface * itf, - l_fp ts + SOCKET fd, + endpt * itf, + l_fp ts ) void diff --git a/libntp/socktoa.c b/libntp/socktoa.c index 4071b0a45be0..f83f78b87981 100644 --- a/libntp/socktoa.c +++ b/libntp/socktoa.c @@ -21,7 +21,6 @@ #include <isc/sockaddr.h> #include "ntp_fp.h" -#include "lib_strbuf.h" #include "ntp_stdlib.h" #include "ntp.h" diff --git a/libntp/socktohost.c b/libntp/socktohost.c index fdf9adb9e2e6..3ea5b56004d8 100644 --- a/libntp/socktohost.c +++ b/libntp/socktohost.c @@ -15,7 +15,6 @@ #include <stdio.h> #include "ntp_fp.h" -#include "lib_strbuf.h" #include "ntp_stdlib.h" #include "ntp.h" #include "ntp_debug.h" diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c index 925893257b7f..6de8a0b5fccc 100644 --- a/libntp/ssl_init.c +++ b/libntp/ssl_init.c @@ -23,67 +23,60 @@ # define CMAC_LENGTH 16 # define CMAC "AES128CMAC" # endif /*HAVE_OPENSSL_CMAC_H*/ -int ssl_init_done; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +EVP_MD_CTX *digest_ctx; + static void atexit_ssl_cleanup(void) { - if (!ssl_init_done) { + if (NULL == digest_ctx) { return; } - - ssl_init_done = FALSE; + EVP_MD_CTX_free(digest_ctx); + digest_ctx = NULL; +#if OPENSSL_VERSION_NUMBER < 0x10100000L EVP_cleanup(); ERR_free_strings(); +#endif /* OpenSSL < 1.1 */ } + void ssl_init(void) { init_lib(); - if ( ! ssl_init_done) { - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); - atexit(&atexit_ssl_cleanup); - ssl_init_done = TRUE; + if (NULL == digest_ctx) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); +#endif /* OpenSSL < 1.1 */ + digest_ctx = EVP_MD_CTX_new(); + INSIST(digest_ctx != NULL); + atexit(&atexit_ssl_cleanup); } } -#else /* OPENSSL_VERSION_NUMBER >= 0x10100000L */ - -void -ssl_init(void) -{ - init_lib(); - ssl_init_done = TRUE; -} - -#endif /* OPENSSL_VERSION_NUMBER */ - void ssl_check_version(void) { u_long v; + char * buf; v = OpenSSL_version_num(); if ((v ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { - msyslog(LOG_WARNING, - "OpenSSL version mismatch. Built against %lx, you have %lx", - (u_long)OPENSSL_VERSION_NUMBER, v); - fprintf(stderr, - "OpenSSL version mismatch. Built against %lx, you have %lx\n", - (u_long)OPENSSL_VERSION_NUMBER, v); + LIB_GETBUF(buf); + snprintf(buf, LIB_BUFLENGTH, + "OpenSSL version mismatch." + "Built against %lx, you have %lx\n", + (u_long)OPENSSL_VERSION_NUMBER, v); + msyslog(LOG_WARNING, "%s", buf); + fputs(buf, stderr); } - INIT_SSL(); } - -#else /* !OPENSSL */ -# define MD5_LENGTH 16 #endif /* OPENSSL */ @@ -102,7 +95,7 @@ keytype_from_text( int key_type; u_int digest_len; #ifdef OPENSSL /* --*-- OpenSSL code --*-- */ - const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t); + const u_long max_digest_len = MAX_MDG_LEN; char * upcased; char * pch; EVP_MD const * md; @@ -204,7 +197,7 @@ keytype_from_text( */ const char * keytype_name( - int nid + int type ) { static const char unknown_type[] = "(unknown key type)"; @@ -212,23 +205,18 @@ keytype_name( #ifdef OPENSSL INIT_SSL(); - name = OBJ_nid2sn(nid); + name = OBJ_nid2sn(type); # ifdef ENABLE_CMAC - if (NID_cmac == nid) { + if (NID_cmac == type) { name = CMAC; - - if (debug) { - fprintf(stderr, "%s:%d:%s():%s:nid\n", - __FILE__, __LINE__, __func__, CMAC); - } } else # endif /*ENABLE_CMAC*/ if (NULL == name) { name = unknown_type; } #else /* !OPENSSL follows */ - if (NID_md5 == nid) + if (NID_md5 == type) name = "MD5"; else name = unknown_type; @@ -251,13 +239,13 @@ keytype_name( */ char * getpass_keytype( - int keytype + int type ) { char pass_prompt[64 + 11 + 1]; /* 11 for " Password: " */ snprintf(pass_prompt, sizeof(pass_prompt), - "%.64s Password: ", keytype_name(keytype)); + "%.64s Password: ", keytype_name(type)); return getpass(pass_prompt); } diff --git a/libntp/statestr.c b/libntp/statestr.c index e712dc87e32d..bde1f50e7e74 100644 --- a/libntp/statestr.c +++ b/libntp/statestr.c @@ -8,7 +8,6 @@ #include "ntp_stdlib.h" #include "ntp_fp.h" #include "ntp.h" -#include "lib_strbuf.h" #include "ntp_refclock.h" #include "ntp_control.h" #include "ntp_string.h" diff --git a/libntp/systime.c b/libntp/systime.c index 76fba7fe1608..8d10b2e43f82 100644 --- a/libntp/systime.c +++ b/libntp/systime.c @@ -16,7 +16,6 @@ #include "timevalops.h" #include "timespecops.h" #include "ntp_calendar.h" -#include "lib_strbuf.h" #ifdef HAVE_SYS_PARAM_H # include <sys/param.h> diff --git a/libntp/timexsup.c b/libntp/timexsup.c index 979a7c4aea8e..21f7738d3e5f 100644 --- a/libntp/timexsup.c +++ b/libntp/timexsup.c @@ -6,14 +6,27 @@ */ #include "config.h" -#include "timexsup.h" #include <limits.h> #include <math.h> +#ifdef HAVE_SYS_TIME_H +# include <sys/time.h> +#else +# ifdef HAVE_TIME_H +# include <time.h> +# endif +#endif #ifdef HAVE_SYS_TIMEX_H # include <sys/timex.h> +#else +# ifdef HAVE_TIMEX_H +# include <timex.h> +# endif #endif +#include "ntp_types.h" +#include "timexsup.h" + #if defined(MOD_NANO) != defined(STA_NANO) # warning inconsistent definitions of MOD_NANO vs STA_NANO #endif @@ -41,10 +54,11 @@ dbl_from_var_long( ) { #ifdef STA_NANO - if (status & STA_NANO) + if (STA_NANO & status) { return (double)lval * 1e-9; + } #else - (void)status; + UNUSED_ARG(status); #endif return (double)lval * 1e-6; } @@ -67,7 +81,7 @@ var_long_from_dbl( *modes |= MOD_NANO; dval *= 1e+9; #else - (void)modes; + UNUSED_ARG(modes); dval *= 1e+6; #endif return clamp_rounded(dval); diff --git a/libntp/uglydate.c b/libntp/uglydate.c index 66b5139096b4..165578674185 100644 --- a/libntp/uglydate.c +++ b/libntp/uglydate.c @@ -7,7 +7,6 @@ #include "ntp_fp.h" #include "ntp_unixtime.h" -#include "lib_strbuf.h" #include "ntp_stdlib.h" diff --git a/libntp/vint64ops.c b/libntp/vint64ops.c index 1d5087d95438..23c9f26dcfac 100644 --- a/libntp/vint64ops.c +++ b/libntp/vint64ops.c @@ -15,24 +15,25 @@ #include "ntp_types.h" #include "ntp_fp.h" +#include "ntp_malloc.h" #include "vint64ops.h" /* -------------------------------------------------------------------------*/ vint64 strtouv64( - char const * begp, - char const ** const endp, - int base + char * begp, + char ** endp, + int base ) { - vint64 res; - u_char digit; - int sig, num; - const u_char *src; + vint64 res; + u_char digit; + int sig, num; + u_char *src; num = sig = 0; - src = (const u_char*)begp; + src = (u_char *)begp; while (isspace(*src)) src++; @@ -61,7 +62,7 @@ strtouv64( return res; } - memset(&res, 0, sizeof(res)); + ZERO(res); while (*src) { if (isdigit(*src)) digit = *src - '0'; @@ -97,7 +98,7 @@ strtouv64( if (!num) errno = EINVAL; if (endp) - *endp = (const char *)src; + *endp = (char *)src; if (sig) M_NEG(res.D_s.hi, res.D_s.lo); return res; diff --git a/libntp/work_thread.c b/libntp/work_thread.c index c1fe5c20c995..0d15c6e36e6f 100644 --- a/libntp/work_thread.c +++ b/libntp/work_thread.c @@ -376,8 +376,12 @@ send_blocking_resp_internal( { # ifdef WORK_PIPE if (1 != write(c->resp_write_pipe, "", 1)) - msyslog(LOG_WARNING, "async resolver: %s", - "failed to notify main thread!"); + msyslog(LOG_WARNING, "async resolver: blocking_get%sinfo" + " failed to notify main thread!", + (BLOCKING_GETNAMEINFO == resp->rtype) + ? "name" + : "addr" + ); # else tickle_sem(c->responses_pending); # endif @@ -489,7 +493,7 @@ start_blocking_thread( /* -------------------------------------------------------------------- * Create a worker thread. There are several differences between POSIX - * and Windows, of course -- most notably the Windows thread is no + * and Windows, of course -- most notably the Windows thread is a * detached thread, and we keep the handle around until we want to get * rid of the thread. The notification scheme also differs: Windows * makes use of semaphores in both directions, POSIX uses a pipe for @@ -520,9 +524,12 @@ start_blocking_thread_internal( } /* remember the thread priority is only within the process class */ if (!SetThreadPriority(c->thr_table[0].thnd, - THREAD_PRIORITY_BELOW_NORMAL)) + THREAD_PRIORITY_BELOW_NORMAL)) { msyslog(LOG_ERR, "Error lowering blocking thread priority: %m"); - + } + if (NULL != pSetThreadDescription) { + (*pSetThreadDescription)(c->thr_table[0].thnd, L"ntp_worker"); + } resumed = ResumeThread(c->thr_table[0].thnd); DEBUG_INSIST(resumed); c->thread_ref = &c->thr_table[0]; |