[Git][NTPsec/ntpsec][master] 7 commits: Fixup test for res_init, drop test for resolv.h

Hal Murray gitlab at mg.gitlab.com
Sat Jun 3 07:44:31 UTC 2017


Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
6760f937 by Hal Murray at 2017-06-02T17:42:19-07:00
Fixup test for res_init, drop test for resolv.h

- - - - -
eeb0f149 by Hal Murray at 2017-06-02T17:42:19-07:00
Cleanups on DNS.

- - - - -
0b36a047 by Hal Murray at 2017-06-02T17:42:19-07:00
Another pass at DNS cleanup

- - - - -
d7231068 by Hal Murray at 2017-06-02T17:42:19-07:00
Reduce DNS logging slighty

- - - - -
56bf9417 by Hal Murray at 2017-06-02T21:44:23-07:00
Remove unused check for nanotime

- - - - -
1f834b74 by Hal Murray at 2017-06-02T23:40:14-07:00
Fixes to assert.c to compile on NetBSD

- - - - -
c56746df by Hal Murray at 2017-06-03T00:41:47-07:00
Add -a option to ntpd to test assert handler.

- - - - -


8 changed files:

- docs/includes/ntpd-body.txt
- include/ntp_dns.h
- libntp/assert.c
- libntp/ntp_dns.c
- ntpd/ntp_peer.c
- ntpd/ntp_proto.c
- ntpd/ntpd.c
- wscript


Changes:

=====================================
docs/includes/ntpd-body.txt
=====================================
--- a/docs/includes/ntpd-body.txt
+++ b/docs/includes/ntpd-body.txt
@@ -6,9 +6,9 @@
 == SYNOPSIS ==
 [verse]
 ntpd
-    [-46ghLmnNqx] [-c 'conffile'] [-f 'driftfile'] [-i 'jaildir']
-    [-k 'keyfile'] [-l 'logfile'] [-p 'pidfile'] [-P 'priority']
-    [-s 'statsdir']  [-t  'key']
+    [-46aghLmnNqx] [assert] [-c 'conffile'] [-f 'driftfile']
+    [-i 'jaildir'] [-k 'keyfile'] [-l 'logfile'] [-p 'pidfile']
+    [-P 'priority'] [-s 'statsdir']  [-t  'key']
     [-u 'user'[:'group']] [-U 'interface_update_interval']
     [-v 'variable'] [-V 'variable'] [server...]
 
@@ -71,6 +71,9 @@ the IPv4 namespace.
 Force DNS resolution of following host names on the command line to
 the IPv6 namespace.
 
++-a+, +--assert+::
+  REQUIRE(false) to test assert handler.
++
 +-c+ _string_, +--configfile+=_string_::
   configuration file name.
 +


=====================================
include/ntp_dns.h
=====================================
--- a/include/ntp_dns.h
+++ b/include/ntp_dns.h
@@ -4,18 +4,19 @@
 #ifndef GUARD_NTP_DNS_H
 #define GUARD_NTP_DNS_H
 
-/* Get addrinfo */
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
+#include "ntp_net.h"
+
+typedef enum {DNS_good, DNS_temp, DNS_error} DNS_Status;
 
 /* start DNS query (unless busy) */
 extern bool dns_probe(struct peer*);
 
-/* Process answers */
-extern void server_take_dns(struct peer*, struct addrinfo*);
-extern void pool_take_dns(struct peer*, struct addrinfo*);
+/* called by main thread to do callbacks */
+extern void dns_check(void);
 
-extern void dns_check(void);	/* called by main thread */
+/* Callbacks to process answers */
+extern void dns_take_server(struct peer*, sockaddr_u*);
+extern void dns_take_pool(struct peer*, sockaddr_u*);
+extern void dns_take_status(struct peer*, DNS_Status);
 
 #endif	/* GUARD_NTP_DNS_H */


=====================================
libntp/assert.c
=====================================
--- a/libntp/assert.c
+++ b/libntp/assert.c
@@ -83,9 +83,8 @@ btcallback(struct _Unwind_Context *uc, void *opq) {
 	return (0); /* _URC_NO_REASON */
 }
 
-isc_result_t backtrace_log(void);
 
-isc_result_t
+void
 backtrace_log(void) {
 	trace_arg_t arg;
 	void *buffer[BACKTRACE_MAXFRAME];
@@ -103,7 +102,6 @@ backtrace_log(void) {
 	    msyslog(LOG_ERR, "#%d %p in ??\n", i, buffer[i]);
 	}
 
-	return (ISC_R_SUCCESS);
 }
 #endif /* HAVE__UNWIND_BACKTRACE */
 


=====================================
libntp/ntp_dns.c
=====================================
--- a/libntp/ntp_dns.c
+++ b/libntp/ntp_dns.c
@@ -14,6 +14,12 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#ifdef HAVE_RES_INIT
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+#endif
+
 #include "ntpd.h"
 #include "ntp_dns.h"
 
@@ -47,18 +53,23 @@ bool dns_probe(struct peer* pp)
 	int rc;
         pthread_attr_t  thr_attr;
         sigset_t        block_mask, saved_sig_mask;
+	const char	* busy = "";
 
-	msyslog(LOG_INFO, "dns_probe: %s, 0x%x", pp->hostname, pp->cast_flags);
+	if (NULL != active)
+		busy = ", busy";
+	msyslog(LOG_INFO, "dns_probe: %s, cast_flags:%x, flags:%x%s",
+		pp->hostname, pp->cast_flags, pp->flags, busy);
         if (NULL != active)
 		return false;
 	active = pp;
 
         pthread_attr_init(&thr_attr);
-	/* FIXME-DNS: stack size? */
+	/* might want to set stack size */
         sigfillset(&block_mask);
         pthread_sigmask(SIG_BLOCK, &block_mask, &saved_sig_mask);
 	rc = pthread_create(&worker, &thr_attr, dns_lookup, pp);
         if (rc) {
+		errno = rc;
 		msyslog(LOG_ERR, "dns_probe: error from pthread_create: %s, %m", pp->hostname);
 		return true;  /* don't try again */
 	}
@@ -73,8 +84,11 @@ void dns_check(void)
 	int rc;
 	struct addrinfo *ai;
 	sockaddr_u sockaddr;
+	DNS_Status status;
+
+	msyslog(LOG_INFO, "dns_check: processing %s, %x, %x",
+		active->hostname, active->cast_flags, active->flags);
 
-	msyslog(LOG_INFO, "dns_check: lookup for %s", active->hostname);
 	rc = pthread_join(worker, NULL);
 	if (0 != rc) {
 		msyslog(LOG_ERR, "dns_check: join failed %m");
@@ -83,40 +97,63 @@ void dns_check(void)
 	if (0 != gai_rc) {
 		msyslog(LOG_INFO, "dns_check: DNS error %s",
 			gai_strerror(gai_rc));
-		/* FIXME-DNS callback with null? */
-		active = NULL;
-		return;
+		answer = NULL;
 	}
 
 	for (ai = answer; NULL != ai; ai = ai->ai_next) {
 		sockaddr.sa = *ai->ai_addr;
-		msyslog(LOG_INFO, "dns_check: found %s=%s",
-			socktoa(&sockaddr), ai->ai_canonname);
+		/* Both dns_take_pool and dns_take_server log something. */
+		if (active->cast_flags & MDF_POOL)
+			dns_take_pool(active, &sockaddr);
+		else
+			dns_take_server(active, &sockaddr);
 	}
 
-	msyslog(LOG_INFO, "dns_check: processing %s, %x",
-        	active->hostname, active->cast_flags);
+	switch (gai_rc) {
+		case 0:
+			status = DNS_good;
+			break;
 
-	if (active->cast_flags & MDF_POOL)
-		pool_take_dns(active, answer);
-	else
-		server_take_dns(active, answer);
+		case EAI_AGAIN:
+			status = DNS_temp;
+			break;
+
+		/* Treat all other errors as permanent.
+		 * Some values from man page weren't in headers.
+		 */
+		default:
+			status = DNS_error;
+	}
 
+	dns_take_status(active, status);
+
+	if (NULL != answer)
+		freeaddrinfo(answer);
 	active = NULL;
 };
 
+/* Beware: no calls to msyslog from here.
+ * It's not thread safe.
+ * This is the only other thread in ntpd.
+ */
 static void* dns_lookup(void* arg)
 {
 	struct peer *pp = (struct peer *) arg;
 	struct addrinfo hints;
 
-	// FIXME-DNS need occasional res_init()
+#ifdef HAVE_RES_INIT
+	/* Reload DNS servers from /etc/resolv.conf in case DHCP has updated it.
+	 * We only need to do this occasionally, but it's not expensive
+	 * and simpler to do it every time than it is to figure out when
+	 * to do it.
+	 */
+	res_init();
+#endif
+
 	ZERO(hints);
 	hints.ai_protocol = IPPROTO_UDP;
 	hints.ai_socktype = SOCK_DGRAM;
 	hints.ai_family = AF(&pp->srcadr);
-	// FIXME-DNS
-	// hints.ai_family = my_node->addr->type;
 	gai_rc = getaddrinfo(pp->hostname, "ntp", &hints, &answer);
 
 	kill(getpid(), SIGDNS);


=====================================
ntpd/ntp_peer.c
=====================================
--- a/ntpd/ntp_peer.c
+++ b/ntpd/ntp_peer.c
@@ -633,9 +633,6 @@ newpeer(
 	struct peer *	peer;
 	u_int		hash;
 
-msyslog(LOG_INFO, "newpeer: addr:%s, name:%s, cast_flags:%x, flags:%x",
-  socktoa(srcadr), hostname, cast_flags, flags);
-
 	/*
 	 * First search from the beginning for an association with given
 	 * remote address and mode. If an interface is given, search


=====================================
ntpd/ntp_proto.c
=====================================
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -2433,104 +2433,139 @@ fast_xmit(
  * server_take_dns - process DNS query for server.
  */
 void
-server_take_dns(
+dns_take_server(
 	struct peer *server,
-	struct addrinfo *ai
+	sockaddr_u *rmtadr
 	)
 {
-	sockaddr_u *		rmtadr;
-	int			restrict_mask;
-	struct peer *		p;
+	int		restrict_mask;
+	struct peer *	pp;
+
+	if(!(server->flags & FLAG_DNS))
+		/* Already got an address for this slot. */
+		return;
 
-	for ( ; NULL != ai; ai = ai->ai_next)  {
-		rmtadr = (sockaddr_u *)(void *)ai->ai_addr;
-msyslog(LOG_INFO, "Server checking: %s", socktoa(rmtadr));
-		p = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
-		if (NULL != p) continue;  /* already in use */
+	pp = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
+	if (NULL != pp) {
+		/* Already in use. */
+		msyslog(LOG_INFO, "Server skipping: %s", socktoa(rmtadr));
+		return;
+	}
 
-msyslog(LOG_INFO, "Server trying: %s", socktoa(rmtadr));
+	msyslog(LOG_INFO, "Server taking: %s", socktoa(rmtadr));
+	server->flags &= (unsigned)~FLAG_DNS;
 		
-		restrict_mask = restrictions(rmtadr);
-		if (RES_FLAGS & restrict_mask)
-			restrict_source(rmtadr, false, 0);
+	restrict_mask = restrictions(rmtadr);
+	if (RES_FLAGS & restrict_mask) {
+		msyslog(LOG_INFO, "Server poking hole in restrictions for: %s",
+			socktoa(rmtadr));
+		restrict_source(rmtadr, false, 0);
+	}
 
-		server->srcadr = *rmtadr;
-		server->dstadr = findinterface(rmtadr);
+	server->srcadr = *rmtadr;
+	server->dstadr = findinterface(rmtadr);
 if (NULL == server->dstadr)
-  msyslog(LOG_ERR, "server_take_dns: can't find interface for %s", server->hostname);
-		server->flags &= (unsigned)~FLAG_DNS;
-		server->hpoll = server->minpoll;
-		server->nextdate = current_time;
-		peer_update_hash(server);
-		peer_xmit(server);
-		poll_update(server, server->hpoll);
-
-		msyslog(LOG_INFO, "Setup server %s", socktoa(rmtadr));
-		return;
-	};
+  msyslog(LOG_ERR, "dns_take_server: can't find interface for %s", server->hostname);
+	server->hpoll = server->minpoll;
+	server->nextdate = current_time;
+	peer_update_hash(server);
+	peer_xmit(server);
+	poll_update(server, server->hpoll);
 }
 
 /*
  pool_take_dns - process DNS query for pool.
  */
 void
-pool_take_dns(
+dns_take_pool(
 	struct peer *pool,	/* pool solicitor association */
-	struct addrinfo *ai	/* answer from getaddrinfo */
+	sockaddr_u *		rmtadr
 	)
 {
-	sockaddr_u *		rmtadr;
 	struct peer *		peer;
 	int			restrict_mask;
 	endpt *			lcladr;
 
-	for ( ; NULL != ai; ai = ai->ai_next)  {
-		rmtadr = (sockaddr_u *)(void *)ai->ai_addr;
-msyslog(LOG_INFO, "Pool checking: %s", socktoa(rmtadr));
-		peer = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
-		if (NULL != peer) continue;  /* already in use */
-
-msyslog(LOG_INFO, "Pool trying: %s", socktoa(rmtadr));
-		restrict_mask = restrictions(rmtadr);
-		/* FIXME-DNS: RES_FLAGS includes RES_DONTSERVE?? */
-		if (RES_FLAGS & restrict_mask)
-			restrict_source(rmtadr, false,
+	peer = findexistingpeer(rmtadr, NULL, NULL, MODE_CLIENT);
+	if (NULL != peer) {
+		/* This address is already in use. */
+		msyslog(LOG_INFO, "Pool skipping: %s", socktoa(rmtadr));
+		return;
+	}
+
+	msyslog(LOG_INFO, "Pool taking: %s", socktoa(rmtadr));
+
+	restrict_mask = restrictions(rmtadr);
+	/* FIXME-DNS: RES_FLAGS includes RES_DONTSERVE?? */
+	if (RES_FLAGS & restrict_mask) {
+		msyslog(LOG_INFO, "Pool poking hole in restrictions for: %s",
+				socktoa(rmtadr));
+		restrict_source(rmtadr, false,
 				current_time + POOL_SOLICIT_WINDOW + 1);
+	}
 
-		lcladr = findinterface(rmtadr);
-		peer = newpeer(rmtadr, NULL, lcladr,
-			MODE_CLIENT, pool->version,
-			pool->minpoll, pool->maxpoll,
-			FLAG_PREEMPT | (FLAG_IBURST & pool->flags),
-			MDF_UCAST | MDF_UCLNT, 0, 0, false);
-		peer_xmit(peer);
-		poll_update(peer, peer->hpoll);
-
-#if 0
-		memset(&xpkt, 0, sizeof(xpkt));
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, pool->version,
-					 MODE_CLIENT);
-		xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
-		xpkt.ppoll = pool->hpoll;
-		xpkt.precision = sys_precision;
-		xpkt.refid = sys_refid;
-		xpkt.rootdelay = HTONS_FP(DTOUFP(sys_rootdelay));
-		xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp));
-		xpkt.reftime = htonl_fp(sys_reftime);
-		get_systime(&xmt_tx);
-		pool->org = xmt_tx;
-		xpkt.xmt = htonl_fp(xmt_tx);
-		sendpkt(rmtadr, lcladr, &xpkt, LEN_PKT_NOMAC);
-		pool->sent++;
-		pool->throttle += (1 << pool->minpoll) - 2;
-#endif
+	lcladr = findinterface(rmtadr);
+	peer = newpeer(rmtadr, NULL, lcladr,
+		MODE_CLIENT, pool->version,
+		pool->minpoll, pool->maxpoll,
+		FLAG_PREEMPT | (FLAG_IBURST & pool->flags),
+		MDF_UCAST | MDF_UCLNT, 0, 0, false);
+	peer_xmit(peer);
+	poll_update(peer, peer->hpoll);
 
-		DPRINTF(1, ("transmit: at %lu %s->%s pool\n",
-		    current_time, latoa(lcladr), socktoa(rmtadr)));
-		msyslog(LOG_INFO, "Soliciting pool server %s", socktoa(rmtadr));
-	};
+	DPRINTF(1, ("transmit: at %lu %s->%s pool\n",
+	    current_time, latoa(lcladr), socktoa(rmtadr)));
 }
 
+/*
+ * dns_take_status -- setup retry time
+ * There are 2 considerations.
+ * 1) clutter in the log file
+ * 2) the load on the server
+ *   (API is broken, no way to get TTL)
+ */
+void dns_take_status(struct peer* peer, DNS_Status status) {
+	const char *txt;
+	uint8_t hpoll = peer->hpoll;
+	if (hpoll < 8)
+		hpoll = 8;      /* min retry: 256 seconds, ~5 min */
+	switch (status) {
+		case DNS_good:
+			txt = "good";
+			if (FLAG_DNS & peer->flags)
+				/* server: got answer, but didn't like any */
+				/* (all) already in use ?? */
+				hpoll += 1;
+			else
+				/* pool: maybe need more */
+				hpoll = 8;
+			break;
+		case DNS_temp:
+			txt = "temp";
+			hpoll += 1;
+			break;
+		case DNS_error:
+			txt = "error";
+			hpoll += 4;
+			break;
+		default:
+			txt = "default";
+			hpoll += 4;
+	}
+	if (hpoll > 12)
+		hpoll = 12;  /* 4096, a bit over an hour */
+	if ((DNS_good == status) &&
+		(MDF_UCAST & peer->cast_flags) && !(FLAG_DNS & peer->flags))
+		hpoll = 0;  /* server: no more */
+	msyslog(LOG_INFO, "dns_take_status: %s=>%s, %d",
+		peer->hostname, txt, hpoll);
+	if (0 == hpoll)
+		return; /* hpoll already in use by new server */
+	peer->hpoll = hpoll;
+	peer->nextdate = current_time + (1 << hpoll);
+}
+
+
 
 /*
  * local_refid(peer) - check peer refid to avoid selecting peers


=====================================
ntpd/ntpd.c
=====================================
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -124,10 +124,11 @@ static  void    close_all_beyond(int);
 static  void    close_all_except(int);
 
 
-#define ALL_OPTIONS "46bc:dD:f:gGhi:I:k:l:LmnNp:Pqr:Rs:t:u:U:Vw:xzZ"
+#define ALL_OPTIONS "46abc:dD:f:gGhi:I:k:l:LmnNp:Pqr:Rs:t:u:U:Vw:xzZ"
 static const struct option longoptions[] = {
     { "ipv4",		    0, 0, '4' },
     { "ipv6",		    0, 0, '6' },
+    { "assert",	            0, 0, 'a' },
     { "configfile",	    1, 0, 'c' },
     { "debug",		    0, 0, 'd' },
     { "set-debug-level",    1, 0, 'D' },
@@ -166,6 +167,7 @@ static void ntpd_usage(void)
     P("				- prohibits the option 'ipv6'\n");
     P("   -6 no  ipv6           Force IPv6 DNS name resolution\n");
     P("				- prohibits the option 'ipv4'\n");
+    P("   -a no  assert         REQUIRE(false) to test assert handler\n");
     P("   -c Str configfile     configuration file name\n");
     P("   -d no  debug-level    Increase output debug message level\n");
     P("				- may appear multiple times\n");
@@ -239,6 +241,10 @@ parse_cmdline_opts(
 	    case '6':
 		opt_ipv6 = true;
 		break;
+	    case 'a':
+		fputs("Testing assert failure.\n", stderr);
+		REQUIRE(false);
+		break;
 	    case 'b':
 		fputs("ERROR: Obsolete and unsupported broadcast option -b\n",
                       stderr);


=====================================
wscript
=====================================
--- a/wscript
+++ b/wscript
@@ -618,10 +618,9 @@ int main(int argc, char **argv) {
         ('clock_gettime', ["time.h"], "RT"),
         ('clock_settime', ["time.h"], "RT"),
         ('getrusage', ["sys/time.h", "sys/resource.h"]),
-        ('nanotime', ["sys/time.h"]),     # Old OS X
         ('ntp_adjtime', ["sys/time.h", "sys/timex.h"]),     # BSD
         ('ntp_gettime', ["sys/time.h", "sys/timex.h"]),     # BSD
-        ('res_init', ["resolv.h"]),
+        ('res_init', ["netinet/in.h", "arpa/nameser.h", "resolv.h"]),
         ('sched_setscheduler', ["sched.h"]),
         ('strlcpy', ["string.h"]),
         ('strlcat', ["string.h"]),
@@ -677,10 +676,9 @@ int main(int argc, char **argv) {
         ("net/route.h", ["sys/types.h", "sys/socket.h", "net/if.h"]),
         "netinfo/ni.h",     # Apple
         "priv.h",           # Solaris
-        ("resolv.h", ["sys/types.h", "netinet/in.h", "arpa/nameser.h"]),
         "semaphore.h",
         "stdatomic.h",
-        "sys/clockctl.h",       # NetBSD
+        "sys/clockctl.h",   # NetBSD
         "sys/ioctl.h",
         "sys/modem.h",      # Apple
         "sys/sockio.h",



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/272e915fd73083345b1682be3e57961867f50006...c56746df9f858e9b579ef910ac349d503b23a927

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/272e915fd73083345b1682be3e57961867f50006...c56746df9f858e9b579ef910ac349d503b23a927
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170603/c4fc4060/attachment.html>


More information about the vc mailing list