[Git][NTPsec/ntpsec][master] 3 commits: Comment out unused mode 6 opcodes
Hal Murray
gitlab at mg.gitlab.com
Fri Sep 4 08:37:25 UTC 2020
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
92f911bc by Hal Murray at 2020-09-04T01:35:22-07:00
Comment out unused mode 6 opcodes
- - - - -
f4ed3993 by Hal Murray at 2020-09-04T01:35:22-07:00
Update cloudflare examples to use port 4460
- - - - -
70918b5a by Hal Murray at 2020-09-04T01:35:22-07:00
Add error message for duplicate server line in ntp.conf
- - - - -
3 changed files:
- docs/NTS-QuickStart.adoc
- include/ntp_control.h
- ntpd/ntp_config.c
Changes:
=====================================
docs/NTS-QuickStart.adoc
=====================================
@@ -52,8 +52,8 @@ following should work:
Public NTP servers supporting NTS:
------------------------------------------------------------
-server time.cloudflare.com:1234 nts # Global, anycast
-server nts.ntp.se:4443 nts # Sweden
+server time.cloudflare.com nts # Global, anycast
+server nts.ntp.se:4443 nts # Sweden
------------------------------------------------------------
These are development machines, so there may be gaps in availability:
@@ -147,22 +147,25 @@ similar to below.
As a client, you should see lines like this:
------------------------------------------------------------
- 1 Aug 01:58:47 ntpd[43278]: DNS: dns_probe: time.cloudflare.com:1234, cast_flags:1, flags:21901
- 1 Aug 01:58:47 ntpd[43278]: NTSc: DNS lookup of time.cloudflare.com:1234 took 0.022 sec
- 1 Aug 01:58:47 ntpd[43278]: NTSc: connecting to time.cloudflare.com:1234 => 162.159.200.1:1234
- 1 Aug 01:58:47 ntpd[43278]: NTSc: set cert host: time.cloudflare.com
- 1 Aug 01:58:47 ntpd[43278]: NTSc: Using TLSv1.3, TLS_AES_256_GCM_SHA384 (256)
- 1 Aug 01:58:47 ntpd[43278]: NTSc: certificate subject name: /C=US/ST=California/L=San Francisco/O=Cloudflare, Inc./CN=time.cloudflare.com
- 1 Aug 01:58:47 ntpd[43278]: NTSc: certificate issuer name: /C=US/O=DigiCert Inc/CN=DigiCert ECC Secure Server CA
- 1 Aug 01:58:47 ntpd[43278]: NTSc: certificate is valid.
- 1 Aug 01:58:47 ntpd[43278]: NTSc: Good ALPN from time.cloudflare.com:1234
- 1 Aug 01:58:47 ntpd[43278]: NTSc: read 750 bytes
- 1 Aug 01:58:47 ntpd[43278]: NTSc: Using port 123
- 1 Aug 01:58:47 ntpd[43278]: NTSc: Got 7 cookies, length 100, aead=15.
- 1 Aug 01:58:47 ntpd[43278]: NTSc: NTS-KE req to time.cloudflare.com:1234 took 0.033 sec, OK
- 1 Aug 01:58:47 ntpd[43278]: DNS: dns_check: processing time.cloudflare.com:1234, 1, 21901
- 1 Aug 01:58:47 ntpd[43278]: DNS: Server taking: 162.159.200.1
- 1 Aug 01:58:47 ntpd[43278]: DNS: dns_take_status: time.cloudflare.com:1234=>good, 0
+ 3 Sep 13:36:40 ntpd[89030]: DNS: dns_probe: time.cloudflare.com, cast_flags:1, flags:21a01
+ 3 Sep 13:36:40 ntpd[89030]: NTSc: DNS lookup of time.cloudflare.com took 0.698 sec
+ 3 Sep 13:36:40 ntpd[89030]: NTSc: connecting to time.cloudflare.com:4460 => 162.159.200.1:4460
+ 3 Sep 13:36:41 ntpd[89030]: NTSc: set cert host: time.cloudflare.com
+ 3 Sep 13:36:44 ntpd[89030]: NTSc: Using TLSv1.3, TLS_AES_256_GCM_SHA384 (256)
+ 3 Sep 13:36:44 ntpd[89030]: NTSc: certificate subject name: /C=US/ST=California/L=San Francisco/O=Cloudflare, Inc./CN=time.cloudflare.com
+ 3 Sep 13:36:44 ntpd[89030]: NTSc: certificate issuer name: /C=US/O=DigiCert Inc/CN=DigiCert ECC Secure Server CA
+ 3 Sep 13:36:44 ntpd[89030]: NTSc: certificate is valid.
+ 3 Sep 13:36:44 ntpd[89030]: NTSc: Good ALPN from time.cloudflare.com
+ 3 Sep 13:36:46 ntpd[89030]: NTSc: read 750 bytes
+ 3 Sep 13:36:46 ntpd[89030]: NTSc: Using port 123
+ 3 Sep 13:36:46 ntpd[89030]: NTSc: Got 7 cookies, length 100, aead=15.
+ 3 Sep 13:36:46 ntpd[89030]: NTSc: NTS-KE req to time.cloudflare.com took 6.063 sec, OK
+ 3 Sep 13:36:46 ntpd[89030]: DNS: dns_check: processing time.cloudflare.com, 1, 21a01
+ 3 Sep 13:36:46 ntpd[89030]: DNS: Server taking: 162.159.200.1
+ 3 Sep 13:36:46 ntpd[89030]: DNS: Server poking hole in restrictions for: 162.159.200.1
+ 3 Sep 13:36:46 ntpd[89030]: PROTO: 162.159.200.1 unlink local addr 127.0.0.1 -> 192.168.1.2
+ 3 Sep 13:36:46 ntpd[89030]: DNS: dns_take_status: time.cloudflare.com=>good, 0
+ 3 Sep 13:36:47 ntpd[89030]: PROTO: 162.159.200.1 e014 84 reachable
------------------------------------------------------------
For initializing a server, you should see lines like this:
=====================================
include/ntp_control.h
=====================================
@@ -56,13 +56,14 @@ struct ntp_control {
#define CTL_OP_WRITEVAR 3 /* write variables */
#define CTL_OP_READCLOCK 4 /* read clock variables */
#define CTL_OP_WRITECLOCK 5 /* write clock variables */
-#define CTL_OP_SETTRAP 6 /* set trap address (obsolete, unused) */
-#define CTL_OP_ASYNCMSG 7 /* asynchronous message */
+/* #def CTL_OP_SETTRAP 6 ** set trap address (unused) */
+/* #def CTL_OP_ASYNCMSG 7 ** trap message (unused) */
#define CTL_OP_CONFIGURE 8 /* runtime configuration */
+/* #def CTL_OP_EXCONFIG 9 ** export config to file (unused) */
#define CTL_OP_READ_MRU 10 /* retrieve MRU (mrulist) */
#define CTL_OP_READ_ORDLIST_A 11 /* ordered list req. auth. */
#define CTL_OP_REQ_NONCE 12 /* request a client nonce */
-#define CTL_OP_UNSETTRAP 31 /* unset trap (obsolete, unused) */
+/* #def CTL_OP_UNSETTRAP 31 ** unset trap (unused) */
/*
* {En,De}coding of the system status word
=====================================
ntpd/ntp_config.c
=====================================
@@ -2799,12 +2799,14 @@ config_peers(
/* DNS lookup */
} else {
AF(&peeraddr) = curr_peer->addr->type;
- peer_config(
+ struct peer *peer = peer_config(
&peeraddr,
curr_peer->addr->address,
NULL,
curr_peer->host_mode,
&curr_peer->ctl);
+ if (NULL == peer)
+ msyslog(LOG_INFO, "CONFIG: configpeers: Ignoring duplicate '%s'", curr_peer->addr->address);
}
}
}
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/04d6ca9dc1e0a1e004bbcec5272a8cf21c07c75d...70918b5a3c4c48b85d5b3dfdb4503fb72f8365a3
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/04d6ca9dc1e0a1e004bbcec5272a8cf21c07c75d...70918b5a3c4c48b85d5b3dfdb4503fb72f8365a3
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20200904/b3313868/attachment-0001.htm>
More information about the vc
mailing list