summaryrefslogtreecommitdiff
path: root/usr.sbin/ntpd/ntpd.h
blob: 16a2fe2944db79ba6ab55cc1c6e57a5af4704802 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
/*	$OpenBSD: ntpd.h,v 1.151 2022/03/24 07:37:19 otto Exp $ */

/*
 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
 * Copyright (c) 2012 Mike Miller <mmiller@mgm51.com>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/types.h>
#include <sys/uio.h>
#include <sys/socket.h>
#include <sys/queue.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <pwd.h>
#include <stdarg.h>
#include <poll.h>
#include <imsg.h>

#include "ntp.h"
#include "log.h"

#define MAXIMUM(a, b)	((a) > (b) ? (a) : (b))

#define	NTPD_USER	"_ntp"
#define	CONFFILE	"/etc/ntpd.conf"
#define DRIFTFILE	"/var/db/ntpd.drift"
#define	CTLSOCKET	"/var/run/ntpd.sock"

#define	INTERVAL_QUERY_NORMAL		30	/* sync to peers every n secs */
#define	INTERVAL_QUERY_PATHETIC		60
#define	INTERVAL_QUERY_AGGRESSIVE	5
#define	INTERVAL_QUERY_ULTRA_VIOLENCE	1	/* used at startup for auto */

#define	TRUSTLEVEL_BADPEER		6
#define	TRUSTLEVEL_PATHETIC		2
#define	TRUSTLEVEL_AGGRESSIVE		8
#define	TRUSTLEVEL_MAX			10

#define	MAX_SERVERS_DNS			8

#define	QSCALE_OFF_MIN			0.001
#define	QSCALE_OFF_MAX			0.050

#define	QUERYTIME_MAX		15	/* single query might take n secs max */
#define	OFFSET_ARRAY_SIZE	8
#define	SENSOR_OFFSETS		6
#define	SETTIME_TIMEOUT		15	/* max seconds to wait with -s */
#define	LOG_NEGLIGIBLE_ADJTIME	32	/* negligible drift to not log (ms) */
#define	LOG_NEGLIGIBLE_ADJFREQ	0.05	/* negligible rate to not log (ppm) */
#define	FREQUENCY_SAMPLES	8	/* samples for est. of permanent drift */
#define	MAX_FREQUENCY_ADJUST	128e-5	/* max correction per iteration */
#define MAX_SEND_ERRORS		3	/* max send errors before reconnect */
#define	MAX_DISPLAY_WIDTH	80	/* max chars in ctl_show report line */

#define FILTER_ADJFREQ		0x01	/* set after doing adjfreq */
#define AUTO_REPLIES    	4	/* # of ntp replies we want for auto */
#define AUTO_THRESHOLD		60	/* dont bother auto setting < this */
#define INTERVAL_AUIO_DNSFAIL	1	/* DNS tmpfail interval for auto */
#define TRIES_AUTO_DNSFAIL	4	/* DNS tmpfail quick retries */


#define	SENSOR_DATA_MAXAGE		(15*60)
#define	SENSOR_QUERY_INTERVAL		15
#define	SENSOR_QUERY_INTERVAL_SETTIME	(SETTIME_TIMEOUT/3)
#define	SENSOR_SCAN_INTERVAL		(1*60)
#define	SENSOR_DEFAULT_REFID		"HARD"

#define CONSTRAINT_ERROR_MARGIN		(4)
#define CONSTRAINT_RETRY_INTERVAL	(15)
#define CONSTRAINT_SCAN_INTERVAL	(15*60)
#define CONSTRAINT_SCAN_TIMEOUT		(10)
#define CONSTRAINT_MARGIN		(2.0*60)
#define CONSTRAINT_PORT			"443"	/* HTTPS port */
#define	CONSTRAINT_MAXHEADERLENGTH	8192
#define CONSTRAINT_PASSFD		(STDERR_FILENO + 1)

#define PARENT_SOCK_FILENO		CONSTRAINT_PASSFD

#define NTP_PROC_NAME			"ntp_main"
#define NTPDNS_PROC_NAME		"ntp_dns"
#define CONSTRAINT_PROC_NAME		"constraint"

enum client_state {
	STATE_NONE,
	STATE_DNS_INPROGRESS,
	STATE_DNS_TEMPFAIL,
	STATE_DNS_DONE,
	STATE_QUERY_SENT,
	STATE_REPLY_RECEIVED,
	STATE_TIMEOUT,
	STATE_INVALID
};

struct listen_addr {
	TAILQ_ENTRY(listen_addr)	 entry;
	struct sockaddr_storage		 sa;
	int				 fd;
	int				 rtable;
};

struct ntp_addr {
	struct ntp_addr		*next;
	struct sockaddr_storage	 ss;
	int			 notauth;
};

struct ntp_addr_wrap {
	char			*name;
	char			*path;
	struct ntp_addr		*a;
	u_int8_t		 pool;
};

struct ntp_addr_msg {
	struct ntp_addr		 a;
	size_t			 namelen;
	size_t			 pathlen;
};

struct ntp_status {
	double		rootdelay;
	double		rootdispersion;
	double		reftime;
	u_int32_t	refid;
	u_int32_t	send_refid;
	u_int8_t	synced;
	u_int8_t	leap;
	int8_t		precision;
	u_int8_t	poll;
	u_int8_t	stratum;
};

struct ntp_offset {
	struct ntp_status	status;
	double			offset;
	double			delay;
	double			error;
	time_t			rcvd;
	u_int8_t		good;
};

struct ntp_peer {
	TAILQ_ENTRY(ntp_peer)		 entry;
	struct ntp_addr_wrap		 addr_head;
	struct ntp_query		 query;
	struct ntp_addr			*addr;
	struct ntp_offset		 reply[OFFSET_ARRAY_SIZE];
	struct ntp_offset		 update;
	struct sockaddr_in		 query_addr4;
	struct sockaddr_in6		 query_addr6;
	enum client_state		 state;
	time_t				 next;
	time_t				 deadline;
	time_t				 poll;
	u_int32_t			 id;
	u_int8_t			 shift;
	u_int8_t			 trustlevel;
	u_int8_t			 weight;
	u_int8_t			 trusted;
	int				 lasterror;
	int				 senderrors;
};

struct ntp_sensor {
	TAILQ_ENTRY(ntp_sensor)		 entry;
	struct ntp_offset		 offsets[SENSOR_OFFSETS];
	struct ntp_offset		 update;
	time_t				 next;
	time_t				 last;
	char				*device;
	u_int32_t			 refid;
	int				 sensordevid;
	int				 correction;
	u_int8_t			 stratum;
	u_int8_t			 weight;
	u_int8_t			 shift;
	u_int8_t			 trusted;
};

struct constraint {
	TAILQ_ENTRY(constraint)		 entry;
	struct ntp_addr_wrap		 addr_head;
	struct ntp_addr			*addr;
	int				 senderrors;
	enum client_state		 state;
	u_int32_t			 id;
	int				 fd;
	pid_t				 pid;
	struct imsgbuf			 ibuf;
	time_t				 last;
	time_t				 constraint;
	int				 dnstries;
};

struct ntp_conf_sensor {
	TAILQ_ENTRY(ntp_conf_sensor)		 entry;
	char					*device;
	char					*refstr;
	int					 correction;
	u_int8_t				 stratum;
	u_int8_t				 weight;
	u_int8_t				 trusted;
};

struct ntp_freq {
	double				overall_offset;
	double				x, y;
	double				xx, xy;
	int				samples;
	u_int				num;
};

struct ntpd_conf {
	TAILQ_HEAD(listen_addrs, listen_addr)		listen_addrs;
	TAILQ_HEAD(ntp_peers, ntp_peer)			ntp_peers;
	TAILQ_HEAD(ntp_sensors, ntp_sensor)		ntp_sensors;
	TAILQ_HEAD(ntp_conf_sensors, ntp_conf_sensor)	ntp_conf_sensors;
	TAILQ_HEAD(constraints, constraint)		constraints;
	struct ntp_status				status;
	struct ntp_freq					freq;
	struct sockaddr_in				query_addr4;
	struct sockaddr_in6				query_addr6;
	u_int32_t					scale;
	int				        	debug;
	int				        	verbose;
	u_int8_t					listen_all;
	u_int8_t					settime;
	u_int8_t					automatic;
	u_int8_t					noaction;
	u_int8_t					filters;
	u_int8_t					trusted_peers;
	u_int8_t					trusted_sensors;
	time_t						constraint_last;
	time_t						constraint_median;
	u_int						constraint_errors;
	u_int8_t					*ca;
	size_t						ca_len;
	int						tmpfail;
};

struct ctl_show_status {
	time_t		 constraint_median;
	time_t		 constraint_last;
	double		 clock_offset;
	u_int		 peercnt;
	u_int		 sensorcnt;
	u_int		 valid_peers;
	u_int		 valid_sensors;
	u_int		 constraint_errors;
	u_int8_t	 synced;
	u_int8_t	 stratum;
	u_int8_t	 constraints;
};

struct ctl_show_peer {
	char		 peer_desc[MAX_DISPLAY_WIDTH];
	u_int8_t	 syncedto;
	u_int8_t	 weight;
	u_int8_t	 trustlevel;
	u_int8_t	 stratum;
	time_t		 next;
	time_t		 poll;
	double		 offset;
	double		 delay;
	double		 jitter;
};

struct ctl_show_sensor {
	char		 sensor_desc[MAX_DISPLAY_WIDTH];
	u_int8_t	 syncedto;
	u_int8_t	 weight;
	u_int8_t	 good;
	u_int8_t	 stratum;
	time_t		 next;
	time_t		 poll;
	double		 offset;
	double		 correction;
};

struct ctl_conn {
	TAILQ_ENTRY(ctl_conn)	entry;
	struct imsgbuf		ibuf;
};

TAILQ_HEAD(ctl_conns, ctl_conn)	;

enum imsg_type {
	IMSG_NONE,
	IMSG_ADJTIME,
	IMSG_ADJFREQ,
	IMSG_SETTIME,
	IMSG_HOST_DNS,
	IMSG_CONSTRAINT_DNS,
	IMSG_CONSTRAINT_QUERY,
	IMSG_CONSTRAINT_RESULT,
	IMSG_CONSTRAINT_CLOSE,
	IMSG_CONSTRAINT_KILL,
	IMSG_CTL_SHOW_STATUS,
	IMSG_CTL_SHOW_PEERS,
	IMSG_CTL_SHOW_PEERS_END,
	IMSG_CTL_SHOW_SENSORS,
	IMSG_CTL_SHOW_SENSORS_END,
	IMSG_CTL_SHOW_ALL,
	IMSG_CTL_SHOW_ALL_END,
	IMSG_SYNCED,
	IMSG_UNSYNCED,
	IMSG_PROBE_ROOT
};

enum ctl_actions {
	CTL_SHOW_STATUS,
	CTL_SHOW_PEERS,
	CTL_SHOW_SENSORS,
	CTL_SHOW_ALL
};

/* prototypes */

/* ntp.c */
void	 ntp_main(struct ntpd_conf *, struct passwd *, int, char **);
void	 peer_addr_head_clear(struct ntp_peer *);
int	 priv_adjtime(void);
void	 priv_settime(double, char *);
void	 priv_dns(int, char *, u_int32_t);
int	 offset_compare(const void *, const void *);
void	 update_scale(double);
time_t	 scale_interval(time_t);
time_t	 error_interval(void);
extern struct ntpd_conf *conf;
extern struct ctl_conns  ctl_conns;

#define  SCALE_INTERVAL(x)	 MAXIMUM(5, (x) / 10)

/* parse.y */
int	 parse_config(const char *, struct ntpd_conf *);

/* config.c */
void			 host(const char *, struct ntp_addr **);
int			 host_dns(const char *, int, struct ntp_addr **);
void			 host_dns_free(struct ntp_addr *);
struct ntp_peer		*new_peer(void);
struct ntp_conf_sensor	*new_sensor(char *);
struct constraint	*new_constraint(void);

/* ntp_msg.c */
int	ntp_getmsg(struct sockaddr *, char *, ssize_t, struct ntp_msg *);
int	ntp_sendmsg(int, struct sockaddr *, struct ntp_msg *);

/* server.c */
int	setup_listeners(struct servent *, struct ntpd_conf *, u_int *);
int	ntp_reply(int, struct sockaddr *, struct ntp_msg *, int);
int	server_dispatch(int, struct ntpd_conf *);

/* client.c */
int	client_peer_init(struct ntp_peer *);
int	client_addr_init(struct ntp_peer *);
int	client_nextaddr(struct ntp_peer *);
int	client_query(struct ntp_peer *);
int	client_dispatch(struct ntp_peer *, u_int8_t, u_int8_t);
void	client_log_error(struct ntp_peer *, const char *, int);
void	set_next(struct ntp_peer *, time_t);

/* constraint.c */
void	 constraint_add(struct constraint *);
void	 constraint_remove(struct constraint *);
void	 constraint_purge(void);
void	 constraint_reset(void);
int	 constraint_init(struct constraint *);
int	 constraint_query(struct constraint *);
int	 constraint_check(double);
void	 constraint_msg_dns(u_int32_t, u_int8_t *, size_t);
void	 constraint_msg_result(u_int32_t, u_int8_t *, size_t);
void	 constraint_msg_close(u_int32_t, u_int8_t *, size_t);
void	 priv_constraint_msg(u_int32_t, u_int8_t *, size_t, int, char **);
void	 priv_constraint_child(const char *, uid_t, gid_t);
void	 priv_constraint_kill(u_int32_t);
int	 priv_constraint_dispatch(struct pollfd *);
void	 priv_constraint_check_child(pid_t, int);
char	*get_string(u_int8_t *, size_t);

/* util.c */
double			 gettime_corrected(void);
double			 gettime_from_timeval(struct timeval *);
double			 getoffset(void);
double			 gettime(void);
time_t			 getmonotime(void);
void			 d_to_tv(double, struct timeval *);
double			 lfp_to_d(struct l_fixedpt);
struct l_fixedpt	 d_to_lfp(double);
double			 sfp_to_d(struct s_fixedpt);
struct s_fixedpt	 d_to_sfp(double);
char			*print_rtable(int);
const char		*log_sockaddr(struct sockaddr *);
pid_t			 start_child(char *, int, int, char **);
int			 sanitize_argv(int *, char ***);

/* sensors.c */
void			sensor_init(void);
int			sensor_scan(void);
void			sensor_query(struct ntp_sensor *);

/* ntp_dns.c */
void			ntp_dns(struct ntpd_conf *, struct passwd *);

/* control.c */
int			 control_check(char *);
int			 control_init(char *);
int			 control_listen(int);
void			 control_shutdown(int);
int			 control_accept(int);
struct ctl_conn		*control_connbyfd(int);
int			 control_close(int);
int			 control_dispatch_msg(struct pollfd *, u_int *);
void			 session_socket_nonblockmode(int);
void			 build_show_status(struct ctl_show_status *);
void			 build_show_peer(struct ctl_show_peer *,
			     struct ntp_peer *);
void			 build_show_sensor(struct ctl_show_sensor *,
			     struct ntp_sensor *);