[Git][NTPsec/ntpsec][master] 2 commits: Remove unused sys_manycastserver
Hal Murray
gitlab at mg.gitlab.com
Thu Feb 22 07:07:14 UTC 2018
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
dd64bab7 by Hal Murray at 2018-02-21T23:06:27-08:00
Remove unused sys_manycastserver
- - - - -
3703251c by Hal Murray at 2018-02-21T23:06:27-08:00
Remove multicast, ttl, and preempt from parser and documentation.
The documentation probably needs more work.
- - - - -
12 changed files:
- docs/discover.txt
- docs/includes/assoc-commands.txt
- docs/includes/assoc-options.txt
- docs/includes/confopt.txt
- docs/includes/mon-commands.txt
- docs/includes/ntpq-body.txt
- docs/ntpsec.txt
- ntpd/keyword-gen.c
- ntpd/ntp_config.c
- ntpd/ntp_parser.y
- ntpd/ntp_proto.c
- tests/option-tester.sh
Changes:
=====================================
docs/discover.txt
=====================================
--- a/docs/discover.txt
+++ b/docs/discover.txt
@@ -16,8 +16,6 @@ include::includes/hand.txt[]
== Table of Contents ==
* link:#assoc[Association Management]
-* link:#bcst[Broadcast/Multicast Scheme]
-* link:#mcst[Manycast Scheme]
* link:#pool[Server Pool Scheme]
'''''
@@ -83,85 +81,6 @@ Following is a summary of each scheme. Note that reference to option
applies to the commands described on the link:confopt.html[Configuration
Options] page. See that page for applicability and defaults.
-[[bcst]]
-== Broadcast/Multicast Scheme ==
-
-The broadcast/multicast scheme is deprecated in NTPsec due to
-irreparable security flaws. Client-side support has been removed.
-Server-side support for broadcast only remains present but may be
-removed in a future version, and its use is strongly discouraged.
-
-A broadcast server generates messages continuously at intervals by
-default 64 s and time-to-live by default 127. These defaults can be
-overridden by the +minpoll+ and +ttl+ options, respectively. Not all
-kernels support the +ttl+ option. A broadcast client responds to the
-first message received by waiting a randomized interval to avoid
-implosion at the server. It then polls the server in client/server mode
-using the +iburst+ option in order to quickly authenticate the server,
-calibrate the propagation delay and set the client clock. This normally
-results in a volley of six client/server exchanges at 2-s intervals
-during which both the synchronization and cryptographic protocols run
-concurrently.
-
-If for some reason the broadcast server does not
-respond to these messages, the client will cease transmission and
-continue in listen-only mode with a default propagation delay. The
-volley can be avoided by using the +broadcastdelay+ command with nonzero
-argument.
-
-Following the volley, the server continues in listen-only mode and sends
-no further messages for this association.
-
-A server is configured in broadcast mode using the +broadcast+ command
-and specifying the broadcast address of a local interface. If two or
-more local interfaces are installed with different broadcast addresses,
-a +broadcast+ command is needed for each address. This provides a way to
-limit exposure in a firewall, for example.
-
-NTPsec permits the use of symmetric authentication with broadcast mode
-the same way as any other mode; however, it is not effective at
-providing security because the sessionless, one-way nature of the
-protocol makes detection of replayed or delayed packets
-impossible. Regardless of whether authentication is employed,
-broadcast mode must be used only on physically-secure networks where
-all systems on the subnet are fully trusted.
-
-[[mcst]]
-== Manycast Scheme ==
-
-Note: This mode of operation is deprecated, because manycast
-associations cannot be effectively secured. Accordingly, manycast
-client support has been removed from NTPsec; manycast server mode is
-retained for backwards compatibility but may be removed in a future
-release.
-
-Manycast is an automatic server discovery and configuration paradigm.
-It is intended as a means for a client to troll the nearby network
-neighborhood (not necessarily on the same link, where broadcast
-would work), to find cooperating servers, validate them using
-cryptographic means and evaluate their time values with respect to
-other servers that might be lurking in the vicinity. It uses the
-grab-n'-drop paradigm with the additional feature that active means
-are used to grab additional servers should the number of associations
-fall below the +maxclock+ option of the +tos+ command. The intended
-result is that each manycast client mobilizes client associations with
-some number of the "best" of the nearby manycast servers, yet
-automatically reconfigures to sustain this number of servers should
-one or another fail.
-
-The manycast paradigm is not the anycast paradigm described in RFC 1546,
-which is designed to find a single server from a clique of servers
-providing the same service. The manycast paradigm is designed to find a
-plurality of redundant servers satisfying defined optimality criteria.
-
-Manycasting can be used with symmetric-key cryptography.
-
-A manycast server is configured using the +manycastserver+ command,
-which listens on the specified address for manycast client
-messages. If a manycast server is in scope of the current TTL and is
-itself synchronized to a valid source and operating at a stratum level
-equal to or lower than the manycast client, it replies with an ordinary
-unicast server message.
[[pool]]
== Server Pool Scheme ==
=====================================
docs/includes/assoc-commands.txt
=====================================
--- a/docs/includes/assoc-commands.txt
+++ b/docs/includes/assoc-commands.txt
@@ -13,8 +13,6 @@ link-local IPV6 address with an interface specified in
+peer+ _address_ [+key+ _key_] [+version+ _version_] [+prefer+] [+minpoll+ _minpoll_] [+maxpoll+ _maxpoll_]
-+broadcast+ _address_ [+key+ _key_] [+version+ _version_] [+prefer+] [+minpoll+ _minpoll_] [+ttl+ _ttl_]
-
+unpeer+ ['address' | 'associd' | +clock+ 'clocktype' [ +unit+ 'unitnum']]::
These six commands specify the time server name or address to be
used and the mode in which to operate. The _address_ can be either a
@@ -43,19 +41,6 @@ link-local IPV6 address with an interface specified in
NTP peer mode has been removed for security reasons. peer is now just
an alias for the server keyword. See above.
-[[broadcast]]
-+broadcast+::
- Note: This mode of server operation is deprecated, as broadcast
- associations cannot be secured. Broadcast-client mode has been
- completely removed.
-+
-For broadcast addresses (only), this command mobilizes a persistent
-broadcast mode association. Multiple commands can be used to specify
-multiple local broadcast interfaces (subnets) In broadcast mode the
-local server sends periodic broadcast messages to a client population
-at the _address_ specified, which is usually the broadcast address on
-(one of) the local network(s).
-
[[unpeer]]
+unpeer+::
This command removes a previously configured association. An address
=====================================
docs/includes/assoc-options.txt
=====================================
--- a/docs/includes/assoc-options.txt
+++ b/docs/includes/assoc-options.txt
@@ -46,33 +46,19 @@
limit of 0 (1 s).
+mode+ 'option'::
- Pass the +option+ to a reference clock driver, where +option+ is an
- integer in the range from 0 to 255, inclusive. This option is valid
+ Pass the +option+ to a reference clock driver. This option is valid
only with refclock addresses.
+noselect+::
Marks the server as unused, except for display purposes. The server is
discarded by the selection algorithm.
-+preempt+::
- Specifies the association as preemptable rather than the default
- persistent. This option is ignored with the +broadcast+ command and is
- most useful with the +pool+ command.
-
+prefer+::
Marks the server as preferred. All other things being equal, this host
will be chosen for synchronization among a set of correctly operating
hosts. See the "Mitigation Rules and the prefer Keyword" page
for further information.
-+ttl+ _ttl_::
- This option is used only with broadcast server mode. It specifies
- the time-to-live _ttl_ to use on broadcast server
- and the maximum _ttl_ for the expanding ring search with
- manycast client packets. Selection of the proper value, which
- defaults to 127, is something of a black art and should be
- coordinated with the network administrator.
-
+true+::
Mark the association to assume truechimer status; that is, always
survive the selection and clustering algorithms. This option can be
@@ -80,7 +66,7 @@
with large jitter on the serial port and precision pulse-per-second
(PPS) signals. Caution: this option defeats the algorithms designed to
cast out falsetickers and can allow these sources to set the system
- clock. This option is valid only with the +server+ and +peer+ commands.
+ clock. This option is valid only with the +server+ command.
+version+ _version_::
Specifies the version number to be used for outgoing NTP packets.
=====================================
docs/includes/confopt.txt
=====================================
--- a/docs/includes/confopt.txt
+++ b/docs/includes/confopt.txt
@@ -1,8 +1,6 @@
=== Server Commands and Options ===
* link:confopt.html#server[server - configure client association]
-* link:confopt.html#broadcast[broadcast - configure broadcast server association]
* link:confopt.html#pool[pool - configure pool association]
* link:confopt.html#unpeer[unpeer - remove association]
-* link:discover.html#mcst[manycastserver - enable manycast server]
* link:comdex.html[Command Index]
=====================================
docs/includes/mon-commands.txt
=====================================
--- a/docs/includes/mon-commands.txt
+++ b/docs/includes/mon-commands.txt
@@ -139,7 +139,7 @@ show the offset, delay, dispersion and RMS jitter, all in seconds.
|3565350575.154505763|NTP s |destination timestamp
|0 |0: OK, 1: insert pending, 2: delete pending, 3: not synced |leap warning indicator
|4 |4 was current in 2012 |NTP version
-|4 |3: client, 4: server, 5: broadcast|mode
+|4 |3: client, 4: server, 6: ntpq |mode
|1 |1-15, 16: not synced |stratum
|8 |log~2~ seconds |poll
|-21 |log~2~ seconds |precision
=====================================
docs/includes/ntpq-body.txt
=====================================
--- a/docs/includes/ntpq-body.txt
+++ b/docs/includes/ntpq-body.txt
@@ -491,25 +491,9 @@ association. Not all variables are displayed in some configurations.
|+delay+ |filter delay
|+dispersion+ |filter dispersion
|+jitter+ |filter jitter
-|+bias+ |unicast/broadcast bias
+|+bias+ |fudge for asymmetric links/paths
|=======================================================================
-The bias variable is calculated when the first broadcast packet is
-received after the calibration volley. It represents the offset of the
-broadcast subgraph relative to the unicast subgraph.
-
-When ntpd is compiled with the OpenSSL software library,
-additional peer variables are displayed, including the following:
-
-[width="100%",cols="<20%,<80%"]
-|=====================================
-|Variable |Description
-|+flags+ |peer flags
-|+signature+ |OpenSSL digest/signature scheme
-|+initsequence+|initial key ID
-|+initkey+ |initial key index
-|=====================================
-
[[clock]]
== Clock Variables ==
=====================================
docs/ntpsec.txt
=====================================
--- a/docs/ntpsec.txt
+++ b/docs/ntpsec.txt
@@ -87,9 +87,6 @@ a build-time switch, not a run-time one).
has been removed from the NTPsec code as part of
getting it fully IPv6-ready.
-* The ttl-hop option for broadcast mode has been removed from the
- configuration grammar. It was never actually implemented.
-
* ntpq no longer has the +-i+/+--interactive+ option, as there was no
situation in which it was meaningful.
@@ -113,10 +110,8 @@ codebase has been outright removed, with less than 5% new code added.
* peer mode has been removed. The keyword peer in ntp.conf is now
just an alias for keyword server.
-* Broadcast- and multicast client modes, which are impossible to
- secure, have been removed. Broadcast (but not multicast) service can
- still be enabled, though this is a deprecated and unsupported mode
- of operation and may be entirely removed in a future release.
+* Broadcast- and multicast modes, which are impossible to
+ secure, have been removed.
* The authentication requirement for remote configuration commands
(e.g., via +ntpq+) can no longer be disabled.
=====================================
ntpd/keyword-gen.c
=====================================
--- a/ntpd/keyword-gen.c
+++ b/ntpd/keyword-gen.c
@@ -25,7 +25,6 @@ struct key_tok ntp_keywords[] = {
{ "...", T_Ellipsis, FOLLBY_TOKEN },
{ "allpeers", T_Allpeers, FOLLBY_TOKEN },
{ "bias", T_Bias, FOLLBY_TOKEN },
-{ "broadcast", T_Broadcast, FOLLBY_STRING },
{ "baud", T_Baud, FOLLBY_TOKEN },
{ "clock", T_Clock, FOLLBY_STRING },
{ "ctl", T_Ctl, FOLLBY_TOKEN },
@@ -86,11 +85,9 @@ struct key_tok ntp_keywords[] = {
{ "minpoll", T_Minpoll, FOLLBY_TOKEN },
{ "mode", T_Mode, FOLLBY_TOKEN },
{ "noselect", T_Noselect, FOLLBY_TOKEN },
-{ "preempt", T_Preempt, FOLLBY_TOKEN },
{ "true", T_True, FOLLBY_TOKEN },
{ "prefer", T_Prefer, FOLLBY_TOKEN },
{ "subtype", T_Subtype, FOLLBY_TOKEN },
-{ "ttl", T_Ttl, FOLLBY_TOKEN },
{ "version", T_Version, FOLLBY_TOKEN },
/*** MONITORING COMMANDS ***/
/* stat */
=====================================
ntpd/ntp_config.c
=====================================
--- a/ntpd/ntp_config.c
+++ b/ntpd/ntp_config.c
@@ -627,10 +627,6 @@ create_peer_node(
my_node->ctl.flags |= FLAG_NOSELECT;
break;
- case T_Preempt:
- my_node->ctl.flags |= FLAG_PREEMPT;
- break;
-
case T_Prefer:
my_node->ctl.flags |= FLAG_PREFER;
break;
@@ -679,10 +675,6 @@ create_peer_node(
}
break;
- case T_Ttl:
- msyslog(LOG_ERR, "CONFIG: ttl, argument ignored");
- break;
-
case T_Subtype:
case T_Mode:
my_node->ctl.mode = option->value.u;
@@ -2591,10 +2583,6 @@ peer_config(
* configure code is rebuilt. Note only one flag can be set.
*/
switch (htype) {
- case T_Broadcast:
- cast_flags = MDF_BCAST;
- hmode = MODE_BROADCAST;
- break;
case T_Pool:
cast_flags = MDF_POOL;
=====================================
ntpd/ntp_parser.y
=====================================
--- a/ntpd/ntp_parser.y
+++ b/ntpd/ntp_parser.y
@@ -58,7 +58,6 @@
%token <Integer> T_Average
%token <Integer> T_Baud
%token <Integer> T_Bias
-%token <Integer> T_Broadcast
%token <Integer> T_Burst
%token <Integer> T_Calibrate
%token <Integer> T_Ceiling
@@ -170,7 +169,6 @@
%token <Integer> T_Pool
%token <Integer> T_Ppspath
%token <Integer> T_Port
-%token <Integer> T_Preempt
%token <Integer> T_Prefer
%token <Integer> T_Protostats
%token <Integer> T_Rawstats
@@ -207,7 +205,6 @@
%token <Integer> T_Trap
%token <Integer> T_True
%token <Integer> T_Trustedkey
-%token <Integer> T_Ttl
%token <Integer> T_Type
%token <Integer> T_U_int /* Not a token */
%token <Integer> T_Unit
@@ -360,7 +357,6 @@ client_type
: T_Server
| T_Pool
| T_Peer
- | T_Broadcast
;
address
@@ -408,7 +404,6 @@ option_flag_keyword
: T_Burst
| T_Iburst
| T_Noselect
- | T_Preempt
| T_Prefer
| T_True
;
@@ -433,7 +428,6 @@ option_int_keyword
: T_Key
| T_Minpoll
| T_Maxpoll
- | T_Ttl
| T_Mode
| T_Subtype
| T_Version
=====================================
ntpd/ntp_proto.c
=====================================
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -137,7 +137,6 @@ static double sys_clockhop; /* clockhop threshold */
static int leap_vote_ins; /* leap consensus for insert */
static int leap_vote_del; /* leap consensus for delete */
static unsigned long leapsec; /* seconds to next leap (proximity class) */
-static int sys_manycastserver; /* respond to manycast client pkts */
int peer_ntpdate; /* active peers in ntpdate mode */
static int sys_survivors; /* truest of the truechimers */
@@ -501,17 +500,7 @@ handle_fastxmit(
(void)peer;
if (rbufp->dstadr->flags & INT_MCASTOPEN) {
- if (!sys_manycastserver) {
sys_restricted++;
- return;
- }
-
- /* Do not bother responding to manycast requests if we
- * are not synchronized. */
- if (sys_leap == LEAP_NOTINSYNC) {
- sys_declined++;
- return;
- }
}
/* To prevent exposing an authentication oracle, only MAC
@@ -2841,7 +2830,6 @@ init_proto(const bool verbose)
measure_precision(verbose);
get_systime(&dummy);
sys_survivors = 0;
- sys_manycastserver = 0;
sys_stattime = current_time;
orphwait = current_time + (unsigned long)sys_orphwait;
proto_clr_stats();
=====================================
tests/option-tester.sh
=====================================
--- a/tests/option-tester.sh
+++ b/tests/option-tester.sh
@@ -54,18 +54,19 @@ doit ()
echo
}
+# no --disable-manpage on default and all
doit default ""
-doit minimal "--disable-droproot --disable-dns-lookup --disable-mdns-registration"
+doit minimal "--disable-droproot --disable-dns-lookup --disable-mdns-registration --disable-manpage"
# This also tests refclocks without DEBUG
-doit classic "--enable-classic-mode --refclock=all"
+doit classic "--enable-classic-mode --refclock=all --disable-manpage"
doit all "--enable-debug --enable-debug-gdb --enable-debug-timing --refclock=all --enable-lockclock --enable-leap-smear --enable-mssntp --enable-early-droproot $LINUX"
if [ "`which asciidoc 2>/dev/null`" != "" -a \
"`which xsltproc 2>/dev/null`" != "" ]
then
-doit doc "--enable-doc"
+doit doc "--enable-doc --disable-manpage"
fi
# should try cross compile
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/d6543a5ef9da5b340ae19a0e45ff710dc8e1630c...3703251c18d4dfd4c1b5c334875d4f7392d4789a
---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/d6543a5ef9da5b340ae19a0e45ff710dc8e1630c...3703251c18d4dfd4c1b5c334875d4f7392d4789a
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20180222/301a88e0/attachment.html>
More information about the vc
mailing list