[Git][NTPsec/ntpsec][master] 7 commits: Fixup test for res_init, drop test for resolv.h
Hal Murray
gitlab at mg.gitlab.com
Sat Jun 3 07:44:31 UTC 2017
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
6760f937 by Hal Murray at 2017-06-02T17:42:19-07:00
Fixup test for res_init, drop test for resolv.h
- - - - -
eeb0f149 by Hal Murray at 2017-06-02T17:42:19-07:00
Cleanups on DNS.
- - - - -
0b36a047 by Hal Murray at 2017-06-02T17:42:19-07:00
Another pass at DNS cleanup
- - - - -
d7231068 by Hal Murray at 2017-06-02T17:42:19-07:00
Reduce DNS logging slighty
- - - - -
56bf9417 by Hal Murray at 2017-06-02T21:44:23-07:00
Remove unused check for nanotime
- - - - -
1f834b74 by Hal Murray at 2017-06-02T23:40:14-07:00
Fixes to assert.c to compile on NetBSD
- - - - -
c56746df by Hal Murray at 2017-06-03T00:41:47-07:00
Add -a option to ntpd to test assert handler.
- - - - -
8 changed files:
- docs/includes/ntpd-body.txt
- include/ntp_dns.h
- libntp/assert.c
- libntp/ntp_dns.c
- ntpd/ntp_peer.c
- ntpd/ntp_proto.c
- ntpd/ntpd.c
- wscript
Changes:
=====================================
docs/includes/ntpd-body.txt
=====================================
--- a/docs/includes/ntpd-body.txt
+++ b/docs/includes/ntpd-body.txt
@@ -6,9 +6,9 @@
== SYNOPSIS ==
[verse]
ntpd
- [-46ghLmnNqx] [-c 'conffile'] [-f 'driftfile'] [-i 'jaildir']
- [-k 'keyfile'] [-l 'logfile'] [-p 'pidfile'] [-P 'priority']
- [-s 'statsdir'] [-t 'key']
+ [-46aghLmnNqx] [assert] [-c 'conffile'] [-f 'driftfile']
+ [-i 'jaildir'] [-k 'keyfile'] [-l 'logfile'] [-p 'pidfile']
+ [-P 'priority'] [-s 'statsdir'] [-t 'key']
[-u 'user'[:'group']] [-U 'interface_update_interval']
[-v 'variable'] [-V 'variable'] [server...]
@@ -71,6 +71,9 @@ the IPv4 namespace.
Force DNS resolution of following host names on the command line to
the IPv6 namespace.
++-a+, +--assert+::
+ REQUIRE(false) to test assert handler.
++
+-c+ _string_, +--configfile+=_string_::
configuration file name.
+
=====================================
include/ntp_dns.h
=====================================
--- a/include/ntp_dns.h
+++ b/include/ntp_dns.h
@@ -4,18 +4,19 @@
#ifndef GUARD_NTP_DNS_H
#define GUARD_NTP_DNS_H
-/* Get addrinfo */
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
+#include "ntp_net.h"
+
+typedef enum {DNS_good, DNS_temp, DNS_error} DNS_Status;
/* start DNS query (unless busy) */
extern bool dns_probe(struct peer*);
-/* Process answers */
-extern void server_take_dns(struct peer*, struct addrinfo*);
-extern void pool_take_dns(struct peer*, struct addrinfo*);
+/* called by main thread to do callbacks */
+extern void dns_check(void);
-extern void dns_check(void); /* called by main thread */
+/* Callbacks to process answers */
+extern void dns_take_server(struct peer*, sockaddr_u*);
+extern void dns_take_pool(struct peer*, sockaddr_u*);
+extern void dns_take_status(struct peer*, DNS_Status);
#endif /* GUARD_NTP_DNS_H */
=====================================
libntp/assert.c
=====================================
--- a/libntp/assert.c
+++ b/libntp/assert.c
@@ -83,9 +83,8 @@ btcallback(struct _Unwind_Context *uc, void *opq) {
return (0); /* _URC_NO_REASON */
}
-isc_result_t backtrace_log(void);
-isc_result_t
+void
backtrace_log(void) {
trace_arg_t arg;
void *buffer[BACKTRACE_MAXFRAME];
@@ -103,7 +102,6 @@ backtrace_log(void) {
msyslog(LOG_ERR, "#%d %p in ??\n", i, buffer[i]);
}
- return (ISC_R_SUCCESS);
}
#endif /* HAVE__UNWIND_BACKTRACE */
=====================================
libntp/ntp_dns.c
=====================================
--- a/libntp/ntp_dns.c
+++ b/libntp/ntp_dns.c
@@ -14,6 +14,12 @@
#include <sys/types.h>
#include <unistd.h>
+#ifdef HAVE_RES_INIT
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+#endif
+
#include "ntpd.h"
#include "ntp_dns.h"
@@ -47,18 +53,23 @@ bool dns_probe(struct peer* pp)
int rc;
pthread_attr_t thr_attr;
sigset_t block_mask, saved_sig_mask;
+ const char * busy = "";
- msyslog(LOG_INFO, "dns_probe: %s, 0x%x", pp->hostname, pp->cast_flags);
+ if (NULL != active)
+ busy = ", busy";
+ msyslog(LOG_INFO, "dns_probe: %s, cast_flags:%x, flags:%x%s",
+ pp->hostname, pp->cast_flags, pp->flags, busy);
if (NULL != active)
return false;
active = pp;
pthread_attr_init(&thr_attr);
- /* FIXME-DNS: stack size? */
+ /* might want to set stack size */
sigfillset(&block_mask);
pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
rc = pthread_create(&worker, &thr_attr, dns_lookup, pp);
if (rc) {
+ errno = rc;
msyslog(LOG_ERR, "dns_probe: error from pthread_create: %s, %m", pp->hostname);
return true; /* don't try again */
}
@@ -73,8 +84,11 @@ void dns_check(void)
int rc;
struct addrinfo *ai;
sockaddr_u sockaddr;
+ DNS_Status status;
+
+ msyslog(LOG_INFO, "dns_check: processing %s, %x, %x",
+ active->hostname, active->cast_flags, active->flags);
- msyslog(LOG_INFO, "dns_check: lookup for %s", active->hostname);
rc = pthread_join(worker, NULL);
if (0 != rc) {
msyslog(LOG_ERR, "dns_check: join failed %m");
@@ -83,40 +97,63 @@ void dns_check(void)
if (0 != gai_rc) {
msyslog(LOG_INFO, "dns_check: DNS error %s",
gai_strerror(gai_rc));
- /* FIXME-DNS callback with null? */
- active = NULL;
- return;
+ answer = NULL;
}
for (ai = answer; NULL != ai; ai = ai->ai_next) {
sockaddr.sa = *ai->ai_addr;
- msyslog(LOG_INFO, "dns_check: found %s=%s",
- socktoa(&sockaddr), ai->ai_canonname);
+ /* Both dns_take_pool and dns_take_server log something. */
+ if (active->cast_flags & MDF_POOL)
+ dns_take_pool(active, &sockaddr);
+ else
+ dns_take_server(active, &sockaddr);
}
- msyslog(LOG_INFO, "dns_check: processing %s, %x",
- active->hostname, active->cast_flags);
+ switch (gai_rc) {
+ case 0:
+ status = DNS_good;
+ break;
- if (active->cast_flags & MDF_POOL)
- pool_take_dns(active, answer);
- else
- server_take_dns(active, answer);
+ case EAI_AGAIN:
+ status = DNS_temp;
+ break;
+
+ /* Treat all other errors as permanent.
+ * Some values from man page weren't in headers.
+ */
+ default:
+ status = DNS_error;
+ }
+ dns_take_status(active, status);
+
+ if (NULL != answer)
+ freeaddrinfo(answer);
active = NULL;
};
+/* Beware: no calls to msyslog from here.
+ * It's not thread safe.
+ * This is the only other thread in ntpd.
+ */
static void* dns_lookup(void* arg)
{
struct peer *pp = (struct peer *) arg;
struct addrinfo hints;
- // FIXME-DNS need occasional res_init()
+#ifdef HAVE_RES_INIT
+ /* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it.
+ * We only need to do this occasionally, but it's not expensive
+ * and simpler to do it every time than it is to figure out when
+ * to do it.
+ */
+ res_init();
+#endif
+
ZERO(hints);
hints.ai_protocol = IPPROTO_UDP;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_family = AF(&pp->srcadr);
- // FIXME-DNS
- // hints.ai_family = my_node->addr->type;
gai_rc = getaddrinfo(pp->hostname, "ntp", &hints, &answer);
kill(getpid(), SIGDNS);
=====================================
ntpd/ntp_peer.c
=====================================
--- a/ntpd/ntp_peer.c
+++ b/ntpd/ntp_peer.c
@@ -633,9 +633,6 @@ newpeer(
struct peer * peer;
u_int hash;
-msyslog(LOG_INFO, "newpeer: addr:%s, name:%s, cast_flags:%x, flags:%x",
- socktoa(srcadr), hostname, cast_flags, flags);
-
/*
* First search from the beginning for an association with given
* remote address and mode. If an interface is given, search
=====================================
ntpd/ntp_proto.c
=====================================
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -2433,104 +2433,139 @@ fast_xmit(
* server_take_dns - process DNS query for server.
*/
void
-server_take_dns(
+dns_take_server(
struct peer *server,
- struct addrinfo *ai
+ sockaddr_u *rmtadr
)
{
- sockaddr_u * rmtadr;
- int restrict_mask;
- struct peer * p;
+ int restrict_mask;
+ struct peer * pp;
+
+ if(!(server->flags & FLAG_DNS))
+ /* Already got an address for this slot. */
+ return;
- for ( ; NULL != ai; ai = ai->ai_next) {
- rmtadr = (sockaddr_u *)(void *)ai->ai_addr;
-msyslog(LOG_INFO, "Server checking: %s", socktoa(rmtadr));
- p = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
- if (NULL != p) continue; /* already in use */
+ pp = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
+ if (NULL != pp) {
+ /* Already in use. */
+ msyslog(LOG_INFO, "Server skipping: %s", socktoa(rmtadr));
+ return;
+ }
-msyslog(LOG_INFO, "Server trying: %s", socktoa(rmtadr));
+ msyslog(LOG_INFO, "Server taking: %s", socktoa(rmtadr));
+ server->flags &= (unsigned)~FLAG_DNS;
- restrict_mask = restrictions(rmtadr);
- if (RES_FLAGS & restrict_mask)
- restrict_source(rmtadr, false, 0);
+ restrict_mask = restrictions(rmtadr);
+ if (RES_FLAGS & restrict_mask) {
+ msyslog(LOG_INFO, "Server poking hole in restrictions for: %s",
+ socktoa(rmtadr));
+ restrict_source(rmtadr, false, 0);
+ }
- server->srcadr = *rmtadr;
- server->dstadr = findinterface(rmtadr);
+ server->srcadr = *rmtadr;
+ server->dstadr = findinterface(rmtadr);
if (NULL == server->dstadr)
- msyslog(LOG_ERR, "server_take_dns: can't find interface for %s", server->hostname);
- server->flags &= (unsigned)~FLAG_DNS;
- server->hpoll = server->minpoll;
- server->nextdate = current_time;
- peer_update_hash(server);
- peer_xmit(server);
- poll_update(server, server->hpoll);
-
- msyslog(LOG_INFO, "Setup server %s", socktoa(rmtadr));
- return;
- };
+ msyslog(LOG_ERR, "dns_take_server: can't find interface for %s", server->hostname);
+ server->hpoll = server->minpoll;
+ server->nextdate = current_time;
+ peer_update_hash(server);
+ peer_xmit(server);
+ poll_update(server, server->hpoll);
}
/*
pool_take_dns - process DNS query for pool.
*/
void
-pool_take_dns(
+dns_take_pool(
struct peer *pool, /* pool solicitor association */
- struct addrinfo *ai /* answer from getaddrinfo */
+ sockaddr_u * rmtadr
)
{
- sockaddr_u * rmtadr;
struct peer * peer;
int restrict_mask;
endpt * lcladr;
- for ( ; NULL != ai; ai = ai->ai_next) {
- rmtadr = (sockaddr_u *)(void *)ai->ai_addr;
-msyslog(LOG_INFO, "Pool checking: %s", socktoa(rmtadr));
- peer = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
- if (NULL != peer) continue; /* already in use */
-
-msyslog(LOG_INFO, "Pool trying: %s", socktoa(rmtadr));
- restrict_mask = restrictions(rmtadr);
- /* FIXME-DNS: RES_FLAGS includes RES_DONTSERVE?? */
- if (RES_FLAGS & restrict_mask)
- restrict_source(rmtadr, false,
+ peer = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
+ if (NULL != peer) {
+ /* This address is already in use. */
+ msyslog(LOG_INFO, "Pool skipping: %s", socktoa(rmtadr));
+ return;
+ }
+
+ msyslog(LOG_INFO, "Pool taking: %s", socktoa(rmtadr));
+
+ restrict_mask = restrictions(rmtadr);
+ /* FIXME-DNS: RES_FLAGS includes RES_DONTSERVE?? */
+ if (RES_FLAGS & restrict_mask) {
+ msyslog(LOG_INFO, "Pool poking hole in restrictions for: %s",
+ socktoa(rmtadr));
+ restrict_source(rmtadr, false,
current_time + POOL_SOLICIT_WINDOW + 1);
+ }
- lcladr = findinterface(rmtadr);
- peer = newpeer(rmtadr, NULL, lcladr,
- MODE_CLIENT, pool->version,
- pool->minpoll, pool->maxpoll,
- FLAG_PREEMPT | (FLAG_IBURST & pool->flags),
- MDF_UCAST | MDF_UCLNT, 0, 0, false);
- peer_xmit(peer);
- poll_update(peer, peer->hpoll);
-
-#if 0
- memset(&xpkt, 0, sizeof(xpkt));
- xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, pool->version,
- MODE_CLIENT);
- xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
- xpkt.ppoll = pool->hpoll;
- xpkt.precision = sys_precision;
- xpkt.refid = sys_refid;
- xpkt.rootdelay = HTONS_FP(DTOUFP(sys_rootdelay));
- xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp));
- xpkt.reftime = htonl_fp(sys_reftime);
- get_systime(&xmt_tx);
- pool->org = xmt_tx;
- xpkt.xmt = htonl_fp(xmt_tx);
- sendpkt(rmtadr, lcladr, &xpkt, LEN_PKT_NOMAC);
- pool->sent++;
- pool->throttle += (1 << pool->minpoll) - 2;
-#endif
+ lcladr = findinterface(rmtadr);
+ peer = newpeer(rmtadr, NULL, lcladr,
+ MODE_CLIENT, pool->version,
+ pool->minpoll, pool->maxpoll,
+ FLAG_PREEMPT | (FLAG_IBURST & pool->flags),
+ MDF_UCAST | MDF_UCLNT, 0, 0, false);
+ peer_xmit(peer);
+ poll_update(peer, peer->hpoll);
- DPRINTF(1, ("transmit: at %lu %s->%s pool\n",
- current_time, latoa(lcladr), socktoa(rmtadr)));
- msyslog(LOG_INFO, "Soliciting pool server %s", socktoa(rmtadr));
- };
+ DPRINTF(1, ("transmit: at %lu %s->%s pool\n",
+ current_time, latoa(lcladr), socktoa(rmtadr)));
}
+/*
+ * dns_take_status -- setup retry time
+ * There are 2 considerations.
+ * 1) clutter in the log file
+ * 2) the load on the server
+ * (API is broken, no way to get TTL)
+ */
+void dns_take_status(struct peer* peer, DNS_Status status) {
+ const char *txt;
+ uint8_t hpoll = peer->hpoll;
+ if (hpoll < 8)
+ hpoll = 8; /* min retry: 256 seconds, ~5 min */
+ switch (status) {
+ case DNS_good:
+ txt = "good";
+ if (FLAG_DNS & peer->flags)
+ /* server: got answer, but didn't like any */
+ /* (all) already in use ?? */
+ hpoll += 1;
+ else
+ /* pool: maybe need more */
+ hpoll = 8;
+ break;
+ case DNS_temp:
+ txt = "temp";
+ hpoll += 1;
+ break;
+ case DNS_error:
+ txt = "error";
+ hpoll += 4;
+ break;
+ default:
+ txt = "default";
+ hpoll += 4;
+ }
+ if (hpoll > 12)
+ hpoll = 12; /* 4096, a bit over an hour */
+ if ((DNS_good == status) &&
+ (MDF_UCAST & peer->cast_flags) && !(FLAG_DNS & peer->flags))
+ hpoll = 0; /* server: no more */
+ msyslog(LOG_INFO, "dns_take_status: %s=>%s, %d",
+ peer->hostname, txt, hpoll);
+ if (0 == hpoll)
+ return; /* hpoll already in use by new server */
+ peer->hpoll = hpoll;
+ peer->nextdate = current_time + (1 << hpoll);
+}
+
+
/*
* local_refid(peer) - check peer refid to avoid selecting peers
=====================================
ntpd/ntpd.c
=====================================
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -124,10 +124,11 @@ static void close_all_beyond(int);
static void close_all_except(int);
-#define ALL_OPTIONS "46bc:dD:f:gGhi:I:k:l:LmnNp:Pqr:Rs:t:u:U:Vw:xzZ"
+#define ALL_OPTIONS "46abc:dD:f:gGhi:I:k:l:LmnNp:Pqr:Rs:t:u:U:Vw:xzZ"
static const struct option longoptions[] = {
{ "ipv4", 0, 0, '4' },
{ "ipv6", 0, 0, '6' },
+ { "assert", 0, 0, 'a' },
{ "configfile", 1, 0, 'c' },
{ "debug", 0, 0, 'd' },
{ "set-debug-level", 1, 0, 'D' },
@@ -166,6 +167,7 @@ static void ntpd_usage(void)
P(" - prohibits the option 'ipv6'\n");
P(" -6 no ipv6 Force IPv6 DNS name resolution\n");
P(" - prohibits the option 'ipv4'\n");
+ P(" -a no assert REQUIRE(false) to test assert handler\n");
P(" -c Str configfile configuration file name\n");
P(" -d no debug-level Increase output debug message level\n");
P(" - may appear multiple times\n");
@@ -239,6 +241,10 @@ parse_cmdline_opts(
case '6':
opt_ipv6 = true;
break;
+ case 'a':
+ fputs("Testing assert failure.\n", stderr);
+ REQUIRE(false);
+ break;
case 'b':
fputs("ERROR: Obsolete and unsupported broadcast option -b\n",
stderr);
=====================================
wscript
=====================================
--- a/wscript
+++ b/wscript
@@ -618,10 +618,9 @@ int main(int argc, char **argv) {
('clock_gettime', ["time.h"], "RT"),
('clock_settime', ["time.h"], "RT"),
('getrusage', ["sys/time.h", "sys/resource.h"]),
- ('nanotime', ["sys/time.h"]), # Old OS X
('ntp_adjtime', ["sys/time.h", "sys/timex.h"]), # BSD
('ntp_gettime', ["sys/time.h", "sys/timex.h"]), # BSD
- ('res_init', ["resolv.h"]),
+ ('res_init', ["netinet/in.h", "arpa/nameser.h", "resolv.h"]),
('sched_setscheduler', ["sched.h"]),
('strlcpy', ["string.h"]),
('strlcat', ["string.h"]),
@@ -677,10 +676,9 @@ int main(int argc, char **argv) {
("net/route.h", ["sys/types.h", "sys/socket.h", "net/if.h"]),
"netinfo/ni.h", # Apple
"priv.h", # Solaris
- ("resolv.h", ["sys/types.h", "netinet/in.h", "arpa/nameser.h"]),
"semaphore.h",
"stdatomic.h",
- "sys/clockctl.h", # NetBSD
+ "sys/clockctl.h", # NetBSD
"sys/ioctl.h",
"sys/modem.h", # Apple
"sys/sockio.h",
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/272e915fd73083345b1682be3e57961867f50006...c56746df9f858e9b579ef910ac349d503b23a927
---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/272e915fd73083345b1682be3e57961867f50006...c56746df9f858e9b579ef910ac349d503b23a927
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170603/c4fc4060/attachment.html>
More information about the vc
mailing list