[Git][NTPsec/ntpsec][master] Make authentication code from libntp available in the Python extension.

Eric S. Raymond gitlab at mg.gitlab.com
Wed Oct 26 18:25:30 UTC 2016


Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
899ed8ed by Eric S. Raymond at 2016-10-26T14:09:00-04:00
Make authentication code from libntp available in the Python extension.

This required breaking some adhesions. Notably (1) progname now lives in
msyslog.c, which is what uses it, and (2) the authkeys and msyslog stuff
can no longer call the ISC assert macros.

The latter could be fixed by relocating the ISC assertion stuff into
the list of sharables the Pyton extension is built with, but using
those macros there was probably not the best of ideas to begin with.

Python interfaces for the auth functions aren't written yet.

- - - - -


9 changed files:

- include/ntpd.h
- libisc/wscript
- libntp/authkeys.c
- libisc/md5.c → libntp/md5.c
- libntp/msyslog.c
- libntp/pymodule.c
- libntp/wscript
- ntpd/ntpd.c
- ntpq/pyntpq


Changes:

=====================================
include/ntpd.h
=====================================
--- a/include/ntpd.h
+++ b/include/ntpd.h
@@ -256,7 +256,7 @@ size_t packet_undump(char *, int len, char *);
  */
 
 /* ntp_config.c */
-extern char const *	progname;
+extern char *	progname;
 extern char	*sys_phone[];		/* ACTS phone numbers */
 extern char *ntp_signd_socket;
 extern struct config_tree_tag *cfg_tree_history;


=====================================
libisc/wscript
=====================================
--- a/libisc/wscript
+++ b/libisc/wscript
@@ -6,7 +6,6 @@ def build(ctx):
 		"backtrace-emptytbl.c",
 		"backtrace.c",
 		"error.c",
-		"md5.c",
 		"netaddr.c",
 		"sha1.c",
 		"errno2result.c",


=====================================
libntp/authkeys.c
=====================================
--- a/libntp/authkeys.c
+++ b/libntp/authkeys.c
@@ -267,7 +267,7 @@ allocsymkey(
 	if (authnumfreekeys < 1)
 		auth_moremem(-1);
 	UNLINK_HEAD_SLIST(sk, authfreekeys, llink.f);
-	DEBUG_ENSURE(sk != NULL);
+	//DEBUG_ENSURE(sk != NULL);
 	sk->keyid = id;
 	sk->flags = flags;
 	sk->type = type;
@@ -297,7 +297,7 @@ freesymkey(
                 sk->secret = NULL;
 	}
 	UNLINK_SLIST(unlinked, *bucket, sk, hlink, symkey);
-	DEBUG_ENSURE(sk == unlinked);
+	//DEBUG_ENSURE(sk == unlinked);
 	UNLINK_DLIST(sk, llink);
 	memset((char *)sk + offsetof(symkey, symkey_payload), '\0',
 	       sizeof(*sk) - offsetof(symkey, symkey_payload));
@@ -497,8 +497,8 @@ MD5auth_setkey(
 	uint8_t *	secret;
 	size_t		secretsize;
 	
-	DEBUG_ENSURE(keytype <= USHRT_MAX);
-	DEBUG_ENSURE(len < 4 * 1024);
+	//DEBUG_ENSURE(keytype <= USHRT_MAX);
+	//DEBUG_ENSURE(len < 4 * 1024);
 	/*
 	 * See if we already have the key.  If so just stick in the
 	 * new value.


=====================================
libisc/md5.c → libntp/md5.c
=====================================
--- a/libisc/md5.c
+++ b/libntp/md5.c


=====================================
libntp/msyslog.c
=====================================
--- a/libntp/msyslog.c
+++ b/libntp/msyslog.c
@@ -403,7 +403,7 @@ change_logfile(
 	size_t		cd_octets;
 	size_t		octets;
 
-	NTP_REQUIRE(fname != NULL);
+	//NTP_REQUIRE(fname != NULL);
 	log_fname = fname;
 
 	/*


=====================================
libntp/pymodule.c
=====================================
--- a/libntp/pymodule.c
+++ b/libntp/pymodule.c
@@ -25,11 +25,24 @@
 
 #include "python_compatibility.h"
 
+char *progname = "libntpc";
+
 /*
  * Client utility functions
  */
 
 static PyObject *
+ntpc_setprogname(PyObject *self, PyObject *args)
+{
+    char *s;
+    UNUSED_ARG(self);
+    if (!PyArg_ParseTuple(args, "s", &s))
+	return NULL;
+    progname = strdup(s);
+    Py_RETURN_NONE;
+}
+
+static PyObject *
 ntpc_statustoa(PyObject *self, PyObject *args)
 {
     int status1, status2;
@@ -80,6 +93,8 @@ ntpc_lfptofloat(PyObject *self, PyObject *args)
 /* List of functions defined in the module */
 
 static PyMethodDef ntpc_methods[] = {
+    {"setprogname",    ntpc_setprogname,  	METH_VARARGS,
+     PyDoc_STR("Set program name for logging purposes.")},
     {"statustoa",      	ntpc_statustoa,  	METH_VARARGS,
      PyDoc_STR("Status string display from peer status word.")},
     {"prettydate",     	ntpc_prettydate,  	METH_VARARGS,


=====================================
libntp/wscript
=====================================
--- a/libntp/wscript
+++ b/libntp/wscript
@@ -4,25 +4,18 @@ def build(ctx):
 	srcnode = ctx.srcnode.abspath()
 
 	libntp_source = [
-		"a_md5encrypt.c",
 		"atolfp.c",
-		"authkeys.c",
-		"authreadkeys.c",
-		"authusekey.c",
 #		"calyearstart.c",
 		"clocktime.c",
 		"decodenetnum.c",
 		"dofptoa.c",
 		"dolfptoa.c",
-		"emalloc.c",
 		"getopt.c",
-		"humandate.c",
 		"initnetwork.c",
 		"lib_strbuf.c",
 		"machines.c",
 		"modetoa.c",
 		"mstolfp.c",
-		"msyslog.c",
 		"netof.c",
 		"ntp_endian.c",
 		"ntp_intres.c",
@@ -46,8 +39,16 @@ def build(ctx):
 	]
 
 	libntp_source_sharable = [
+		"a_md5encrypt.c",
+		"authkeys.c",
+		"authreadkeys.c",
+		"authusekey.c",
+		"emalloc.c",
 		"hextolfp.c",
+		"humandate.c",
 		"lib_strbuf.c",
+		"md5.c",
+		"msyslog.c",
 		"ntp_calendar.c",
 		"prettydate.c",
 		"statestr.c",


=====================================
ntpd/ntpd.c
=====================================
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -89,7 +89,7 @@ const char *chrootdir;	/* directory to chroot to */
 int	waitsync_fd_to_close = -1;	/* -w/--wait-sync */
 #endif
 
-char const *progname;
+char *progname;
 
 #ifdef HAVE_NETINFO_NI_H
 extern bool	check_netinfo;


=====================================
ntpq/pyntpq
=====================================
--- a/ntpq/pyntpq
+++ b/ntpq/pyntpq
@@ -142,7 +142,7 @@ class Ntpq(cmd.Cmd):
         #self.auth_hashlen = 16		# MD5
         self.rawmode           = False	# Flag which indicates raw mode output.
         self.showhostnames     = True	# If false, display numeric IPs
-        self.auth_delay			# delay time
+        self.auth_delay    = 20		# delay time (default 20msec)
         self.wideremote = False		# show wide remote names?
         self.ccmds = []			# Queued commands
         self.chosts = []		# Command-line hosts
@@ -1534,10 +1534,7 @@ USAGE: ntpq [-46dphinOV] [-c str] [-D lvl] [ host ...]
 '''
 
 if __name__ == '__main__':
-    #delay_time.l_ui = 0
-    #delay_time.l_uf = DEFDELAY
-
-    #init_lib()	# sets up ipv4_works, ipv6_works
+    setprogname("pyntpq")
     #init_auth()
 
     try:



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/899ed8edc0fa379e69a57bfa051a3148dad35909
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20161026/4fdbdf6b/attachment.html>


More information about the vc mailing list