[Git][NTPsec/ntpsec][master] 2 commits: Fix configure parameter name for MS-SNTP

Eric S. Raymond gitlab at mg.gitlab.com
Fri Oct 7 05:42:53 UTC 2016 

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
9e00a032 by Matt Selsky at 2016-10-07T01:32:34-04:00
Fix configure parameter name for MS-SNTP

- - - - -
c2a0c211 by Matt Selsky at 2016-10-07T01:32:34-04:00
syslog a warning when we encounter usage of "notrap" in ntp.conf

Log once per line containing "notrap" and give the user a shot at cleaning up

- - - - -


2 changed files:

- include/ntp.h
- ntpd/ntp_config.c


Changes:

=====================================
include/ntp.h
=====================================
--- a/include/ntp.h
+++ b/include/ntp.h
@@ -759,6 +759,7 @@ struct restrict_u_tag {
 #define	RES_MSSNTP		0x0200	/* enable MS-SNTP authentication */
 #define	RES_FLAKE		0x0400	/* flakeway - drop 10% */
 #define	RES_NOMRULIST		0x0800	/* mode 6 mrulist denied */
+#define	RES_NOTRAP		0x1000  /* no longer used */
 
 #define	RES_ALLFLAGS		(RES_FLAGS | RES_NOQUERY |	\
 				 RES_NOMODIFY | RES_KOD |	\


=====================================
ntpd/ntp_config.c
=====================================
--- a/ntpd/ntp_config.c
+++ b/ntpd/ntp_config.c
@@ -1621,7 +1621,7 @@ config_access(
 #ifdef ENABLE_MSSNTP
 	    "MS-SNTP signd operations currently block ntpd degrading service to all clients.";
 #else
-	    "mssntp restrict bit ignored, this ntpd was configured without --enable-ntp-signd.";
+	    "mssntp restrict bit ignored, this ntpd was configured without --enable-mssntp.";
 #endif
 
 	/* Configure the mru options */
@@ -1801,6 +1801,7 @@ config_access(
 				 * with all the world's boilerplate ntp.conf
 				 * files.
 				 */
+				flags |= RES_NOTRAP;
 				break;
 
 			case T_Notrust:
@@ -1832,6 +1833,16 @@ config_access(
 			msyslog(LOG_WARNING, "restrict %s: %s", kod_where, kod_warn);
 		}
 
+		if (RES_NOTRAP & flags) {
+			const char *notrap_where = (my_node->addr)
+					  ? my_node->addr->address
+					  : (mflags & RESM_SOURCE)
+					    ? "source"
+					    : "default";
+
+			msyslog(LOG_WARNING, "restrict %s: notrap keyword is ignored.", notrap_where);
+		}
+
 		ZERO_SOCK(&addr);
 		ai_list = NULL;
 		pai = NULL;



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/592315de0c0c6703b691d72744a54c31cf031e95...c2a0c2118ba59e64734da1b70753a491d560a0e6
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20161007/71e5e449/attachment.html>

More information about the vc mailing list