--- contrib/ntp/ChangeLog.orig +++ contrib/ntp/ChangeLog @@ -1,7 +1,108 @@ --- -(4.2.8p10-win-beta1) 2017/03/21 Released by Harlan Stenn -(4.2.8p10) +* [Sec 3454] Unauthenticated packet can reset authenticated interleave + associations. HStenn. +* [Sec 3453] Interleaved symmetric mode cannot recover from bad state. HStenn. +* [Sec 3415] Permit blocking authenticated symmetric/passive associations. + Implement ippeerlimit. HStenn, JPerlinger. +* [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits + - initial patch by , extended by +* [Sec 3412] ctl_getitem(): Don't compare names past NUL. +* [Sec 3012] Sybil vulnerability: noepeer support. HStenn, JPerlinger. +* [Bug 3457] OpenSSL FIPS mode regression +* [Bug 3455] ntpd doesn't use scope id when binding multicast + - applied patch by Sean Haugh +* [Bug 3452] PARSE driver prints uninitialized memory. +* [Bug 3450] Dubious error messages from plausibility checks in get_systime() + - removed error log caused by rounding/slew, ensured postcondition +* [Bug 3447] AES-128-CMAC (fixes) + - refactoring the MAC code, too +* [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org +* [Bug 3439] When running multiple commands / hosts in ntpq... + - applied patch by ggarvey +* [Bug 3438] Negative values and values > 999 days in... + - applied patch by ggarvey (with minor mods) +* [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain + - applied patch (with mods) by Miroslav Lichvar +* [Bug 3435] anchor NTP era alignment +* [Bug 3433] sntp crashes when run with -a. +* [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" + - fixed several issues with hash algos in ntpd, sntp, ntpq, + ntpdc and the test suites +* [Bug 3424] Trimble Thunderbolt 1024 week millenium bug + - initial patch by Daniel Pouzzner +* [Bug 3423] QNX adjtime() implementation error checking is + wrong +* [Bug 3417] ntpq ifstats packet counters can be negative + made IFSTATS counter quantities unsigned +* [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 + - raised receive buffer size to 1200 +* [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static + analysis tool. +* [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. +* [Bug 3404] Fix openSSL DLL usage under Windows + - fix/drop assumptions on OpenSSL libs directory layout +* [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation + - initial patch by timeflies@mail2tor.com +* [Bug 3398] tests fail with core dump + - patch contributed by Alexander Bluhm +* [Bug 3397] ctl_putstr() asserts that data fits in its buffer + rework of formatting & data transfer stuff in 'ntp_control.c' + avoids unecessary buffers and size limitations. +* [Bug 3394] Leap second deletion does not work on ntpd clients + - fixed handling of dynamic deletion w/o leap file +* [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size + - increased mimimum stack size to 32kB +* [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 + - reverted handling of PPS kernel consumer to 4.2.6 behavior +* [Bug 3365] Updates driver40(-ja).html and miscopt.html +* [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. +* [Bug 3016] wrong error position reported for bad ":config pool" + - fixed location counter & ntpq output +* [Bug 2900] libntp build order problem. HStenn. +* [Bug 2878] Tests are cluttering up syslog +* [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, + perlinger@ntp.org +* [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. +* [Bug 948] Trustedkey config directive leaks memory. +* Use strlcpy() to copy strings, not memcpy(). HStenn. +* Typos. HStenn. +* test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. +* refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. +* Build ntpq and libntpq.a with NTP_HARD_*FLAGS. perlinger@ntp.org +* Fix trivial warnings from 'make check'. perlinger@ntp.org +* Fix bug in the override portion of the compiler hardening macro. HStenn. +* record_raw_stats(): Log entire packet. Log writes. HStenn. +* AES-128-CMAC support. BInglis, HStenn, JPerlinger. +* sntp: tweak key file logging. HStenn. +* sntp: pkt_output(): Improve debug output. HStenn. +* update-leap: updates from Paul McMath. +* When using pkg-config, report --modversion. HStenn. +* Clean up libevent configure checks. HStenn. +* sntp: show the IP of who sent us a crypto-NAK. HStenn. +* Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. +* authistrustedip() - use it in more places. HStenn, JPerlinger. +* New sysstats: sys_lamport, sys_tsrounding. HStenn. +* Update ntp.keys .../N documentation. HStenn. +* Distribute testconf.yml. HStenn. +* Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. +* Rename the configuration flag fifo variables. HStenn. +* Improve saveconfig output. HStenn. +* Decode restrict flags on receive() debug output. HStenn. +* Decode interface flags on receive() debug output. HStenn. +* Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. +* Update the documentation in ntp.conf.def . HStenn. +* restrictions() must return restrict flags and ippeerlimit. HStenn. +* Update ntpq peer documentation to describe the 'p' type. HStenn. +* Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. +* Provide dump_restricts() for debugging. HStenn. +* Use consistent 4th arg type for [gs]etsockopt. JPerlinger. +* Some tests might need LIBM. HStenn. +* update-leap: Allow -h/--help early. HStenn. + +--- +(4.2.8p10) 2017/03/21 Released by Harlan Stenn + * [Sec 3389] NTP-01-016: Denial of Service via Malformed Config (Pentest report 01.2017) * [Sec 3388] NTP-01-014: Buffer Overflow in DPTS Clock --- contrib/ntp/Makefile.am.orig +++ contrib/ntp/Makefile.am @@ -5,10 +5,10 @@ # moved sntp first to get libtool and libevent built. SUBDIRS = \ - sntp \ scripts \ include \ libntp \ + sntp \ libparse \ ntpd \ ntpdate \ --- contrib/ntp/Makefile.in.orig +++ contrib/ntp/Makefile.in @@ -99,6 +99,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -523,10 +524,10 @@ # moved sntp first to get libtool and libevent built. SUBDIRS = \ - sntp \ scripts \ include \ libntp \ + sntp \ libparse \ ntpd \ ntpdate \ --- contrib/ntp/NEWS.orig +++ contrib/ntp/NEWS @@ -1,4 +1,331 @@ -- +NTP 4.2.8p11 (Harlan Stenn , 2018/02/27) + +NOTE: this NEWS file will be undergoing more revisions. + +Focus: Security, Bug fixes, enhancements. + +Severity: MEDIUM + +This release fixes 2 low-/medium-, 1 informational/medum-, and 2 low-severity +vulnerabilities in ntpd, one medium-severity vulernability in ntpq, and +provides 65 other non-security fixes and improvements: + +* NTP Bug 3454: Unauthenticated packet can reset authenticated interleaved + association (LOW/MED) + Date Resolved: Stable (4.2.8p11) 27 Feb 2018 + References: Sec 3454 / CVE-2018-7185 / VU#961909 + Affects: ntp-4.2.6, up to but not including ntp-4.2.8p11. + CVSS2: MED 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P) This could score between + 2.9 and 6.8. + CVSS3: LOW 3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L This could + score between 2.6 and 3.1 + Summary: + The NTP Protocol allows for both non-authenticated and + authenticated associations, in client/server, symmetric (peer), + and several broadcast modes. In addition to the basic NTP + operational modes, symmetric mode and broadcast servers can + support an interleaved mode of operation. In ntp-4.2.8p4 a bug + was inadvertently introduced into the protocol engine that + allows a non-authenticated zero-origin (reset) packet to reset + an authenticated interleaved peer association. If an attacker + can send a packet with a zero-origin timestamp and the source + IP address of the "other side" of an interleaved association, + the 'victim' ntpd will reset its association. The attacker must + continue sending these packets in order to maintain the + disruption of the association. In ntp-4.0.0 thru ntp-4.2.8p6, + interleave mode could be entered dynamically. As of ntp-4.2.8p7, + interleaved mode must be explicitly configured/enabled. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p11, or later, from the NTP Project Download Page + or the NTP Public Services Project Download Page. + If you are unable to upgrade to 4.2.8p11 or later and have + 'peer HOST xleave' lines in your ntp.conf file, remove the + 'xleave' option. + Have enough sources of time. + Properly monitor your ntpd instances. + If ntpd stops running, auto-restart it without -g . + Credit: + This weakness was discovered by Miroslav Lichvar of Red Hat. + +* NTP Bug 3453: Interleaved symmetric mode cannot recover from bad + state (LOW/MED) + Date Resolved: Stable (4.2.8p11) 27 Feb 2018 + References: Sec 3453 / CVE-2018-7184 / VU#961909 + Affects: ntpd in ntp-4.2.8p4, up to but not including ntp-4.2.8p11. + CVSS2: MED 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) + Could score between 2.9 and 6.8. + CVSS3: LOW 3.1 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L + Could score between 2.6 and 6.0. + Summary: + The fix for NtpBug2952 was incomplete, and while it fixed one + problem it created another. Specifically, it drops bad packets + before updating the "received" timestamp. This means a + third-party can inject a packet with a zero-origin timestamp, + meaning the sender wants to reset the association, and the + transmit timestamp in this bogus packet will be saved as the + most recent "received" timestamp. The real remote peer does + not know this value and this will disrupt the association until + the association resets. + Mitigation: + Implement BCP-38. + Upgrade to ntp-4.2.8p11 or later from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Use authentication with 'peer' mode. + Have enough sources of time. + Properly monitor your ntpd instances. + If ntpd stops running, auto-restart it without -g . + Credit: + This weakness was discovered by Miroslav Lichvar of Red Hat. + +* NTP Bug 3415: Provide a way to prevent authenticated symmetric passive + peering (LOW) + Date Resolved: Stable (4.2.8p11) 27 Feb 2018 + References: Sec 3415 / CVE-2018-7170 / VU#961909 + Sec 3012 / CVE-2016-1549 / VU#718152 + Affects: All ntp-4 releases up to, but not including 4.2.8p7, and + 4.3.0 up to, but not including 4.3.92. Resolved in 4.2.8p11. + CVSS2: LOW 3.5 - (AV:N/AC:M/Au:S/C:N/I:P/A:N) + CVSS3: LOW 3.1 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N + Summary: + ntpd can be vulnerable to Sybil attacks. If a system is set up to + use a trustedkey and if one is not using the feature introduced in + ntp-4.2.8p6 allowing an optional 4th field in the ntp.keys file to + specify which IPs can serve time, a malicious authenticated peer + -- i.e. one where the attacker knows the private symmetric key -- + can create arbitrarily-many ephemeral associations in order to win + the clock selection of ntpd and modify a victim's clock. Three + additional protections are offered in ntp-4.2.8p11. One is the + new 'noepeer' directive, which disables symmetric passive + ephemeral peering. Another is the new 'ippeerlimit' directive, + which limits the number of peers that can be created from an IP. + The third extends the functionality of the 4th field in the + ntp.keys file to include specifying a subnet range. + Mitigation: + Implement BCP-38. + Upgrade to ntp-4.2.8p11 or later from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Use the 'noepeer' directive to prohibit symmetric passive + ephemeral associations. + Use the 'ippeerlimit' directive to limit the number of peers + that can be created from an IP. + Use the 4th argument in the ntp.keys file to limit the IPs and + subnets that can be time servers. + Have enough sources of time. + Properly monitor your ntpd instances. + If ntpd stops running, auto-restart it without -g . + Credit: + This weakness was reported as Bug 3012 by Matthew Van Gundy of + Cisco ASIG, and separately by Stefan Moser as Bug 3415. + +* ntpq Bug 3414: decodearr() can write beyond its 'buf' limits (Medium) + Date Resolved: 27 Feb 2018 + References: Sec 3414 / CVE-2018-7183 / VU#961909 + Affects: ntpq in ntp-4.2.8p6, up to but not including ntp-4.2.8p11. + CVSS2: MED 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) + CVSS3: MED 5.0 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L + Summary: + ntpq is a monitoring and control program for ntpd. decodearr() + is an internal function of ntpq that is used to -- wait for it -- + decode an array in a response string when formatted data is being + displayed. This is a problem in affected versions of ntpq if a + maliciously-altered ntpd returns an array result that will trip this + bug, or if a bad actor is able to read an ntpq request on its way to + a remote ntpd server and forge and send a response before the remote + ntpd sends its response. It's potentially possible that the + malicious data could become injectable/executable code. + Mitigation: + Implement BCP-38. + Upgrade to ntp-4.2.8p11 or later from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Credit: + This weakness was discovered by Michael Macnair of Thales e-Security. + +* NTP Bug 3412: ctl_getitem(): buffer read overrun leads to undefined + behavior and information leak (Info/Medium) + Date Resolved: 27 Feb 2018 + References: Sec 3412 / CVE-2018-7182 / VU#961909 + Affects: ntp-4.2.8p6, up to but not including ntp-4.2.8p11. + CVSS2: INFO 0.0 - MED 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 0.0 if C:N + CVSS3: NONE 0.0 - MED 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + 0.0 if C:N + Summary: + ctl_getitem() is used by ntpd to process incoming mode 6 packets. + A malicious mode 6 packet can be sent to an ntpd instance, and + if the ntpd instance is from 4.2.8p6 thru 4.2.8p10, that will + cause ctl_getitem() to read past the end of its buffer. + Mitigation: + Implement BCP-38. + Upgrade to ntp-4.2.8p11 or later from the NTP Project Download Page + or the NTP Public Services Project Download Page. + Have enough sources of time. + Properly monitor your ntpd instances. + If ntpd stops running, auto-restart it without -g . + Credit: + This weakness was discovered by Yihan Lian of Qihoo 360. + +* NTP Bug 3012: Sybil vulnerability: ephemeral association attack + Also see Bug 3415, above. + Date Mitigated: Stable (4.2.8p7) 26 Apr 2016; Dev (4.3.92) 26 Apr 2016 + Date Resolved: Stable (4.2.8p11) 27 Feb 2018 + References: Sec 3012 / CVE-2016-1549 / VU#718152 + Affects: All ntp-4 releases up to, but not including 4.2.8p7, and + 4.3.0 up to, but not including 4.3.92. Resolved in 4.2.8p11. + CVSS2: LOW 3.5 - (AV:N/AC:M/Au:S/C:N/I:P/A:N) + CVSS3: MED 5.3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N + Summary: + ntpd can be vulnerable to Sybil attacks. If a system is set up + to use a trustedkey and if one is not using the feature + introduced in ntp-4.2.8p6 allowing an optional 4th field in the + ntp.keys file to specify which IPs can serve time, a malicious + authenticated peer -- i.e. one where the attacker knows the + private symmetric key -- can create arbitrarily-many ephemeral + associations in order to win the clock selection of ntpd and + modify a victim's clock. Two additional protections are + offered in ntp-4.2.8p11. One is the 'noepeer' directive, which + disables symmetric passive ephemeral peering. The other extends + the functionality of the 4th field in the ntp.keys file to + include specifying a subnet range. + Mitigation: + Implement BCP-38. + Upgrade to 4.2.8p11, or later, from the NTP Project Download Page or + the NTP Public Services Project Download Page. + Use the 'noepeer' directive to prohibit symmetric passive + ephemeral associations. + Use the 'ippeerlimit' directive to limit the number of peer + associations from an IP. + Use the 4th argument in the ntp.keys file to limit the IPs + and subnets that can be time servers. + Properly monitor your ntpd instances. + Credit: + This weakness was discovered by Matthew Van Gundy of Cisco ASIG. + +* Bug fixes: + [Bug 3457] OpenSSL FIPS mode regression + [Bug 3455] ntpd doesn't use scope id when binding multicast + - applied patch by Sean Haugh + [Bug 3452] PARSE driver prints uninitialized memory. + [Bug 3450] Dubious error messages from plausibility checks in get_systime() + - removed error log caused by rounding/slew, ensured postcondition + [Bug 3447] AES-128-CMAC (fixes) + - refactoring the MAC code, too + [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org + [Bug 3439] When running multiple commands / hosts in ntpq... + - applied patch by ggarvey + [Bug 3438] Negative values and values > 999 days in... + - applied patch by ggarvey (with minor mods) + [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain + - applied patch (with mods) by Miroslav Lichvar + [Bug 3435] anchor NTP era alignment + [Bug 3433] sntp crashes when run with -a. + [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" + - fixed several issues with hash algos in ntpd, sntp, ntpq, + ntpdc and the test suites + [Bug 3424] Trimble Thunderbolt 1024 week millenium bug + - initial patch by Daniel Pouzzner + [Bug 3423] QNX adjtime() implementation error checking is + wrong + [Bug 3417] ntpq ifstats packet counters can be negative + made IFSTATS counter quantities unsigned + [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 + - raised receive buffer size to 1200 + [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static + analysis tool. + [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. + [Bug 3404] Fix openSSL DLL usage under Windows + - fix/drop assumptions on OpenSSL libs directory layout + [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation + - initial patch by timeflies@mail2tor.com + [Bug 3398] tests fail with core dump + - patch contributed by Alexander Bluhm + [Bug 3397] ctl_putstr() asserts that data fits in its buffer + rework of formatting & data transfer stuff in 'ntp_control.c' + avoids unecessary buffers and size limitations. + [Bug 3394] Leap second deletion does not work on ntpd clients + - fixed handling of dynamic deletion w/o leap file + [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size + - increased mimimum stack size to 32kB + [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 + - reverted handling of PPS kernel consumer to 4.2.6 behavior + [Bug 3365] Updates driver40(-ja).html and miscopt.html + [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. + [Bug 3016] wrong error position reported for bad ":config pool" + - fixed location counter & ntpq output + [Bug 2900] libntp build order problem. HStenn. + [Bug 2878] Tests are cluttering up syslog + [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, + perlinger@ntp.org + [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. + [Bug 948] Trustedkey config directive leaks memory. + Use strlcpy() to copy strings, not memcpy(). HStenn. + Typos. HStenn. + test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. + refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. + Build ntpq and libntpq.a with NTP_HARD_*FLAGS. perlinger@ntp.org + Fix trivial warnings from 'make check'. perlinger@ntp.org + Fix bug in the override portion of the compiler hardening macro. HStenn. + record_raw_stats(): Log entire packet. Log writes. HStenn. + AES-128-CMAC support. BInglis, HStenn, JPerlinger. + sntp: tweak key file logging. HStenn. + sntp: pkt_output(): Improve debug output. HStenn. + update-leap: updates from Paul McMath. + When using pkg-config, report --modversion. HStenn. + Clean up libevent configure checks. HStenn. + sntp: show the IP of who sent us a crypto-NAK. HStenn. + Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. + authistrustedip() - use it in more places. HStenn, JPerlinger. + New sysstats: sys_lamport, sys_tsrounding. HStenn. + Update ntp.keys .../N documentation. HStenn. + Distribute testconf.yml. HStenn. + Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. + Rename the configuration flag fifo variables. HStenn. + Improve saveconfig output. HStenn. + Decode restrict flags on receive() debug output. HStenn. + Decode interface flags on receive() debug output. HStenn. + Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. + Update the documentation in ntp.conf.def . HStenn. + restrictions() must return restrict flags and ippeerlimit. HStenn. + Update ntpq peer documentation to describe the 'p' type. HStenn. + Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. + Provide dump_restricts() for debugging. HStenn. + Use consistent 4th arg type for [gs]etsockopt. JPerlinger. + +* Other items: + +* update-leap needs the following perl modules: + Net::SSLeay + IO::Socket::SSL + +* New sysstats variables: sys_lamport, sys_tsrounding +See them with: ntpq -c "rv 0 ss_lamport,ss_tsrounding" +sys_lamport counts the number of observed Lamport violations, while +sys_tsrounding counts observed timestamp rounding events. + +* New ntp.conf items: + +- restrict ... noepeer +- restrict ... ippeerlimit N + +The 'noepeer' directive will disallow all ephemeral/passive peer +requests. + +The 'ippeerlimit' directive limits the number of time associations +for each IP in the designated set of addresses. This limit does not +apply to explicitly-configured associations. A value of -1, the current +default, means an unlimited number of associations may connect from a +single IP. 0 means "none", etc. Ordinarily the only way multiple +associations would come from the same IP would be if the remote side +was using a proxy. But a trusted machine might become compromised, +in which case an attacker might spin up multiple authenticated sessions +from different ports. This directive should be helpful in this case. + +* New ntp.keys feature: Each IP in the optional list of IPs in the 4th +field may contain a /subnetbits specification, which identifies the +scope of IPs that may use this key. This IP/subnet restriction can be +used to limit the IPs that may use the key in most all situations where +a key is used. +-- NTP 4.2.8p10 (Harlan Stenn , 2017/03/21) Focus: Security, Bug fixes, enhancements. @@ -960,7 +1287,7 @@ Implement BCP-38. Upgrade to 4.2.8p7, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page - Properly monitor your =ntpd= instances + Properly monitor your ntpd instances Credit: This weakness was discovered by Stephen Gray and Matthew Van Gundy of Cisco ASIG. @@ -1029,7 +1356,7 @@ Implement BCP-38. Upgrade to 4.2.8p7, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page - Properly monitor your =ntpd= instances + Properly monitor your ntpd instances Credit: This weakness was discovered by Yihan Lian of the Cloud Security Team, Qihoo 360. @@ -1266,7 +1593,7 @@ Configure 'ntpd' to get time from multiple sources. Upgrade to 4.2.8p6, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page. - Monitor your 'ntpd= instances. + Monitor your 'ntpd' instances. Credit: This weakness was discovered by Matthey Van Gundy and Jonathan Gardner of Cisco ASIG. --- contrib/ntp/aclocal.m4.orig +++ contrib/ntp/aclocal.m4 @@ -1339,6 +1339,7 @@ m4_include([sntp/m4/ltsugar.m4]) m4_include([sntp/m4/ltversion.m4]) m4_include([sntp/m4/lt~obsolete.m4]) +m4_include([sntp/m4/ntp_af_unspec.m4]) m4_include([sntp/m4/ntp_cacheversion.m4]) m4_include([sntp/m4/ntp_compiler.m4]) m4_include([sntp/m4/ntp_crosscompile.m4]) --- contrib/ntp/adjtimed/Makefile.in.orig +++ contrib/ntp/adjtimed/Makefile.in @@ -108,6 +108,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -952,7 +953,6 @@ # check-libntp: ../libntp/libntp.a - @echo stamp > $@ ../libntp/libntp.a: cd ../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a --- contrib/ntp/clockstuff/Makefile.in.orig +++ contrib/ntp/clockstuff/Makefile.in @@ -101,6 +101,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -793,7 +794,6 @@ check-libntp: ../libntp/libntp.a - @echo stamp > $@ ../libntp/libntp.a: cd ../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a --- contrib/ntp/configure.orig +++ contrib/ntp/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ntp 4.2.8p10. +# Generated by GNU Autoconf 2.69 for ntp 4.2.8p11. # # Report bugs to . # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='ntp' PACKAGE_TARNAME='ntp' -PACKAGE_VERSION='4.2.8p10' -PACKAGE_STRING='ntp 4.2.8p10' +PACKAGE_VERSION='4.2.8p11' +PACKAGE_STRING='ntp 4.2.8p11' PACKAGE_BUGREPORT='http://bugs.ntp.org./' PACKAGE_URL='http://www.ntp.org./' @@ -944,6 +944,7 @@ enable_option_checking enable_silent_rules enable_dependency_tracking +with_hardenfile with_locfile enable_shared enable_static @@ -1613,7 +1614,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ntp 4.2.8p10 to adapt to many kinds of systems. +\`configure' configures ntp 4.2.8p11 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1683,7 +1684,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ntp 4.2.8p10:";; + short | recursive ) echo "Configuration of ntp 4.2.8p11:";; esac cat <<\_ACEOF @@ -1699,6 +1700,7 @@ do not reject slow dependency extractors --disable-dependency-tracking speeds up one-time build + --with-hardenfile=XXX os-specific or "/dev/null" --with-locfile=XXX os-specific or "legacy" --enable-shared[=PKGS] build shared libraries [default=no] --enable-static[=PKGS] build static libraries [default=yes] @@ -1921,7 +1923,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ntp configure 4.2.8p10 +ntp configure 4.2.8p11 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2630,7 +2632,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ntp $as_me 4.2.8p10, which was +It was created by ntp $as_me 4.2.8p11, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3631,7 +3633,7 @@ # Define the identity of the package. PACKAGE='ntp' - VERSION='4.2.8p10' + VERSION='4.2.8p11' cat >>confdefs.h <<_ACEOF @@ -6581,11 +6583,11 @@ $as_echo_n "checking for compile/link hardening flags... " >&6; } -# Check whether --with-locfile was given. -if test "${with_locfile+set}" = set; then : - withval=$with_locfile; +# Check whether --with-hardenfile was given. +if test "${with_hardenfile+set}" = set; then : + withval=$with_hardenfile; else - with_locfile=no + with_hardenfile=no fi @@ -6593,12 +6595,12 @@ ( \ SENTINEL_DIR="$PWD" && \ cd $srcdir/sntp && \ - case "$with_locfile" in \ + case "$with_hardenfile" in \ yes|no|'') \ scripts/genHardFlags -d "$SENTINEL_DIR" \ ;; \ *) \ - scripts/genHardFlags -d "$SENTINEL_DIR" -f "$with_locfile" \ + scripts/genHardFlags -d "$SENTINEL_DIR" -f "$with_hardenfile" \ ;; \ esac \ ) > genHardFlags.i 2> genHardFlags.err @@ -15937,8 +15939,13 @@ if $PKG_CONFIG --atleast-version=$ntp_libevent_min_version libevent then ntp_use_local_libevent=no - { $as_echo "$as_me:${as_lineno-$LINENO}: Using the installed libevent" >&5 -$as_echo "$as_me: Using the installed libevent" >&6;} + ntp_libevent_version="`$PKG_CONFIG --modversion libevent`" + case "$ntp_libevent_version" in + *.*) ;; + *) ntp_libevent_version='(unknown)' ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, version $ntp_libevent_version" >&5 +$as_echo "yes, version $ntp_libevent_version" >&6; } CFLAGS_LIBEVENT=`$PKG_CONFIG --cflags libevent_pthreads` CPPFLAGS_LIBEVENT=`$PKG_CONFIG --cflags-only-I libevent` # HMS: I hope the following is accurate. @@ -15966,8 +15973,6 @@ LDADD_LIBEVENT="$LDADD_LIBEVENT -levent_pthreads" esac LDADD_LIBEVENT="$LDADD_LIBEVENT -levent_core" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } else ntp_use_local_libevent=yes # HMS: do we only need to do this if LIBISC_PTHREADS_NOTHREADS @@ -26468,6 +26473,36 @@ done + + +# We could do a cv check here, but is it worth it? + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #ifndef AF_UNSPEC + #include "Bletch: AF_UNSPEC is undefined!" + #endif + #if AF_UNSPEC != 0 + #include "Bletch: AF_UNSPEC != 0" + #endif + +int +main () +{ +{ $as_echo "$as_me:${as_lineno-$LINENO}: AF_UNSPEC is zero, as expected." >&5 +$as_echo "$as_me: AF_UNSPEC is zero, as expected." >&6;} + ; + return 0; +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 $as_echo_n "checking return type of signal handlers... " >&6; } if ${ac_cv_type_signal+:} false; then : @@ -30114,8 +30149,13 @@ VER_SUFFIX=o ntp_openssl=yes ntp_openssl_from_pkg_config=yes - { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -$as_echo "yes" >&6; } + ntp_openssl_version="`$PKG_CONFIG --modversion $pkg`" + case "$ntp_openssl_version" in + *.*) ;; + *) ntp_openssl_version='(unknown)' ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, version $ntp_openssl_version" >&5 +$as_echo "yes, version $ntp_openssl_version" >&6; } break fi @@ -33924,7 +33964,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ntp $as_me 4.2.8p10, which was +This file was extended by ntp $as_me 4.2.8p11, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -33991,7 +34031,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ntp config.status 4.2.8p10 +ntp config.status 4.2.8p11 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" --- contrib/ntp/configure.ac.orig +++ contrib/ntp/configure.ac @@ -528,6 +528,8 @@ #endif ]) +NTP_AF_UNSPEC + AC_TYPE_SIGNAL AC_TYPE_OFF_T AC_STRUCT_TM dnl defines TM_IN_SYS_TIME used by refclock_parse.c --- contrib/ntp/html/access.html.orig +++ contrib/ntp/html/access.html @@ -19,7 +19,7 @@

giffrom Pogo, Walt Kelly

The skunk watches for intruders and sprays.

Last update: - 11-Sep-2010 05:53 + 26-Jul-2017 20:10 UTC


Related Links

@@ -32,7 +32,7 @@

The ACL is specified as a list of restrict commands in the following format:

restrict address [mask mask] [flag][...]

The address argument expressed in dotted-quad form is the address of a host or network. Alternatively, the address argument can be a valid host DNS name. The mask argument expressed in IPv4 or IPv6 numeric address form defaults to all mask bits on, meaning that the address is treated as the address of an individual host. A default entry (address 0.0.0.0, mask 0.0.0.0 for IPv4 and address :: mask :: for IPv6) is always the first entry in the list. restrict default, with no mask option, modifies both IPv4 and IPv6 default entries. restrict source configures a template restriction automatically added at runtime for each association, whether configured, ephemeral, or preemptable, and removed when the association is demobilized.

-

Some flags have the effect to deny service, some have the effect to enable service and some are conditioned by other flags. The flags. are not orthogonal, in that more restrictive flags will often make less restrictive ones redundant. The flags that deny service are classed in two categories, those that restrict time service and those that restrict informational queries and attempts to do run-time reconfiguration of the server.

+

Some flags have the effect to deny service, some have the effect to enable service and some are conditioned by other flags. The flags are not orthogonal, in that more restrictive flags will often make less restrictive ones redundant. The flags that deny service are classed in two categories, those that restrict time service and those that restrict informational queries and attempts to do run-time reconfiguration of the server.

An example may clarify how it works. Our campus has two class-B networks, 128.4 for the ECE and CIS departments and 128.175 for the rest of campus. Let's assume (not true!) that subnet 128.4.1 homes critical services like class rosters and spread sheets. A suitable ACL might look like this:

 restrict default nopeer					# deny new associations
--- contrib/ntp/html/accopt.html.orig
+++ contrib/ntp/html/accopt.html
@@ -3,89 +3,185 @@
 
 
 
-Access Control Commands and Options
-
+Access Control Commands and Options 
 
 
 
 
 

Access Control Commands and Options

-giffrom Pogo, Walt Kelly +giffrom Pogo, +Walt Kelly

The skunk watches for intruders and sprays.

-

Last update: - 13-Nov-2014 03:00 - UTC

+

Last update: 7-Jan-2018 23:56 UTC


Related Links

- - + +

Commands and Options

-

Unless noted otherwise, further information about these ccommands is on the Access Control Support page.

+

Unless noted otherwise, further information about these ccommands is on +the Access Control Support page.

-
discard [ average avg ][ minimum min ] [ monitor prob ]
-
Set the parameters of the rate control facility which protects the server from client abuse. If the limited flag is present in the ACL, packets that violate these limits are discarded. If, in addition, the kod flag is present, a kiss-o'-death packet is returned. See the Rate Management page for further information. The options are: +
discard [ average avg ][ minimum min ] + [ monitor prob ]
+
Set the parameters of the rate control facility which protects the + server from client abuse. If the limited flag is present in the + ACL, packets that violate these limits are discarded. If, in addition, + the kod flag is present, a kiss-o'-death packet is + returned. See the Rate Management page for + further information. The options are:
average avg
-
Specify the minimum average interpacket spacing (minimum average headway - time) in log2 s with default 3.
+
Specify the minimum average interpacket spacing (minimum average + headway time) in log2 s with default 3.
minimum min
-
Specify the minimum interpacket spacing (guard time) in seconds with default 2.
+
Specify the minimum interpacket spacing (guard time) in seconds + with default 2.
monitor
-
Specify the probability of being recorded for packets that overflow the MRU list size limit set by mru maxmem or mru maxdepth. This is a performance optimization for servers with aggregate arrivals of 1000 packets per second or more.
+
Specify the probability of being recorded for packets that + overflow the MRU list size limit set by mru maxmem + or mru maxdepth. This is a performance optimization for + servers with aggregate arrivals of 1000 packets per second or + more.
-
restrict default [flag][...]
- restrict source [flag][...]
- restrict address [mask mask] [flag][...]
-
The address argument expressed in dotted-quad form is the address of a host or network. Alternatively, the address argument can be a valid host DNS name. The mask argument expressed in IPv4 or IPv6 numeric address form defaults to all mask bits on, meaning that the address is treated as the address of an individual host. A default entry (address 0.0.0.0, mask 0.0.0.0 for IPv4 and address :: mask :: for IPv6) is always the first entry in the list. restrict default, with no mask option, modifies both IPv4 and IPv6 default entries. restrict source configures a template restriction automatically added at runtime for each association, whether configured, ephemeral, or preemptible, and removed when the association is demobilized.
-
Some flags have the effect to deny service, some have the effect to enable service and some are conditioned by other flags. The flags. are not orthogonal, in that more restrictive flags will often make less restrictive ones redundant. The flags that deny service are classed in two categories, those that restrict time service and those that restrict informational queries and attempts to do run-time reconfiguration of the server. One or more of the following flags may be specified:
+
restrict [-4 | -6] default [ippeerlimit num] + [flag][...]
restrict source [ippeerlimit num] + [flag][...]
restrict address [mask mask] + [ippeerlimit num] [flag][...]
+
The address argument expressed in IPv4 or IPv6 numeric + address form is the address of a host or network. Alternatively, + the address argument can be a valid host DNS + name. The mask argument expressed in IPv4 or IPv6 + numeric address form defaults to all mask bits on, meaning that + the address is treated as the address of an individual + host. A default entry (address 0.0.0.0, mask 0.0.0.0 for IPv4 and + address :: mask :: for IPv6) is always the first entry in the + list. restrict default, with no mask option, modifies both IPv4 + and IPv6 default entries. restrict source configures a template + restriction automatically added at runtime for each association, whether + configured, ephemeral, or preemptible, and removed when the association + is demobilized.
+
The optional ippeerlimit takes a numeric argument that + indicates how many incoming (at present) peer requests will be permitted + for each IP, regardless of whether or not the request comes from an + authenticated source. A value of -1 means "unlimited", which is the + current default. A value of 0 means "none". Ordinarily one would + expect at most 1 of these sessions to exist per IP, however if the + remote side is operating thru a proxy there would be one association for + each remote peer at that IP.
+
Some flags have the effect to deny service, some have the effect to + enable service and some are conditioned by other flags. The flags are + not orthogonal, in that more restrictive flags will often make less + restrictive ones redundant. The flags that deny service are classed in + two categories, those that restrict time service and those that restrict + informational queries and attempts to do run-time reconfiguration of the + server. One or more of the following flags may be specified:
flake
-
Discard received NTP packets with probability 0.1; that is, on average drop one packet in ten. This is for testing and amusement. The name comes from Bob Braden's flakeway, which once did a similar thing for early Internet testing.
+
Discard received NTP packets with probability 0.1; that is, on + average drop one packet in ten. This is for testing and + amusement. The name comes from Bob Braden's flakeway, which + once did a similar thing for early Internet testing.
ignore
-
Deny packets of all kinds, including ntpq and ntpdc queries.
+
Deny packets of all kinds, including ntpq + and ntpdc queries.
kod
-
Send a kiss-o'-death (KoD) packet if the limited flag is present and a packet violates the rate limits established by the discard command. KoD packets are themselves rate limited for each source address separately. If the kod flag is used in a restriction which does not have the limited flag, no KoD responses will result.
+
Send a kiss-o'-death (KoD) packet if the limited flag is + present and a packet violates the rate limits established by + the discard command. KoD packets are themselves rate + limited for each source address separately. If the kod flag + is used in a restriction which does not have the limited + flag, no KoD responses will result.
limited
-
Deny time service if the packet violates the rate limits established by the discard command. This does not apply to ntpq and ntpdc queries.
+
Deny time service if the packet violates the rate limits + established by the discard command. This does not apply + to ntpq and ntpdc queries.
lowpriotrap
-
Declare traps set by matching hosts to be low priority. The number of traps a server can maintain is limited (the current limit is 3). Traps are usually assigned on a first come, first served basis, with later trap requestors being denied service. This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps.
+
Declare traps set by matching hosts to be low priority. The number + of traps a server can maintain is limited (the current limit is + 3). Traps are usually assigned on a first come, first served basis, + with later trap requestors being denied service. This flag modifies + the assignment algorithm by allowing low priority traps to be + overridden by later requests for normal priority traps.
mssntp
-
Enable Microsoft Windows MS-SNTP authentication using Active Directory services. Note: Potential users should be aware that these services involve a TCP connection to another process that could potentially block, denying services to other users. Therefore, this flag should be used only for a dedicated server with no clients other than MS-SNTP.
+
Enable Microsoft Windows MS-SNTP authentication using Active + Directory services. Note: Potential users + should be aware that these services involve a TCP connection to + another process that could potentially block, denying services to + other users. Therefore, this flag should be used only for a + dedicated server with no clients other than MS-SNTP.
+
noepeer
+
Deny packets that would mobilize an ephemeral peering association, + even if authenticated.
nomodify
-
Deny ntpq and ntpdc queries which attempt to modify the state of the server (i.e., run time reconfiguration). Queries which return information are permitted.
+
Deny ntpq and ntpdc queries which attempt to + modify the state of the server (i.e., run time + reconfiguration). Queries which return information are + permitted.
noquery
-
Deny ntpq and ntpdc queries. Time service is not affected.
+
Deny ntpq and ntpdc queries. Time service is not + affected.
nopeer
-
Deny packets that might mobilize an association unless authenticated. This includes broadcast, symmetric-active and manycast server packets when a configured association does not exist. It also includes pool associations, so if you want to use servers from a pool directive and also want to use nopeer by default, you'll want a "restrict source ..." line as well that does not include the nopeer directive. Note that this flag does not apply to packets that do not attempt to mobilize an association.
+
Deny packets that might mobilize an association unless + authenticated. This includes broadcast, symmetric-active and + manycast server packets when a configured association does not + exist. It also includes pool associations, so if you want + to use servers from a pool directive and also want to + use nopeer by default, you'll want a "restrict source + ..." line as well that does not include + the nopeer directive. Note that this flag does not apply + to packets that do not attempt to mobilize an association.
noserve
-
Deny all packets except ntpq and ntpdc queries.
+
Deny all packets except ntpq and ntpdc + queries.
notrap
-
Decline to provide mode 6 control message trap service to matching hosts. The trap service is a subsystem of the ntpdc control message protocol which is intended for use by remote event logging programs.
+
Decline to provide mode 6 control message trap service to matching + hosts. The trap service is a subsystem of the ntpdc control + message protocol which is intended for use by remote event logging + programs.
notrust
-
Deny packets that are not cryptographically authenticated. Note carefully how this flag interacts with the auth option of the enable and disable commands. If auth is enabled, which is the default, authentication is required for all packets that might mobilize an association. If auth is disabled, but the notrust flag is not present, an association can be mobilized whether or not authenticated. If auth is disabled, but the notrust flag is present, authentication is required only for the specified address/mask range.
+
Deny packets that are not cryptographically authenticated. Note + carefully how this flag interacts with the auth option of + the enable and disable commands. If auth + is enabled, which is the default, authentication is required for all + packets that might mobilize an association. If auth is + disabled, but the notrust flag is not present, an + association can be mobilized whether or not + authenticated. If auth is disabled, but + the notrust flag is present, authentication is required + only for the specified address/mask range.
ntpport
-
This is actually a match algorithm modifier, rather than a restriction - flag. Its presence causes the restriction entry to be matched only if the - source port in the packet is the standard NTP UDP port (123). A restrict line - containing ntpport is considered more specific than one with the - same address and mask, but lacking ntpport.
+
This is actually a match algorithm modifier, rather than a + restriction flag. Its presence causes the restriction entry to be + matched only if the source port in the packet is the standard NTP + UDP port (123). A restrict line containing ntpport is + considered more specific than one with the same address and mask, + but lacking ntpport.
version
Deny packets that do not match the current NTP version.
-
Default restriction list entries with the flags ignore, ntpport, for each of the local host's interface addresses are inserted into the table at startup to prevent the server from attempting to synchronize to its own time. A default entry is also always present, though if it is otherwise unconfigured; no flags are associated with the default entry (i.e., everything besides your own NTP server is unrestricted).
+
Default restriction list entries with the flags ignore, + ntpport, for each of the local host's interface addresses are + inserted into the table at startup to prevent the server from + attempting to synchronize to its own time. A default entry is also + always present, though if it is otherwise unconfigured; no flags are + associated with the default entry (i.e., everything besides your own + NTP server is unrestricted).

- + --- contrib/ntp/html/authentic.html.orig +++ contrib/ntp/html/authentic.html @@ -46,14 +46,40 @@

By default, the client sends non-authenticated packets and the server responds with non-authenticated packets. If the client sends authenticated packets, the server responds with authenticated packets if correct, or a crypto-NAK packet if not. In the case of unsolicited packets which might consume significant resources, such as broadcast or symmetric mode packets, authentication is required, unless overridden by a disable auth command. In the current climate of targeted broadcast or "letterbomb" attacks, defeating this requirement would be decidedly dangerous. In any case, the notrust flag, described on the Access Control Options page, can be used to disable access to all but correctly authenticated clients.

Symmetric Key Cryptography

The original NTPv3 specification (RFC-1305), as well as the current NTPv4 specification (RFC-5905), allows any one of possibly 65,534 message digest keys (excluding zero), each distinguished by a 32-bit key ID, to authenticate an association. The servers and clients involved must agree on the key ID, key type and key to authenticate NTP packets.

-

The message digest is a cryptographic hash computed by an algorithm such as MD5 or SHA. When authentication is specified, a message authentication code (MAC) is appended to the NTP packet header. The MAC consists of a 32-bit key identifier (key ID) followed by a 128- or 160-bit message digest. The algorithm computes the digest as the hash of a 128- or 160- bit message digest key concatenated with the NTP packet header fields with the exception of the MAC. On transmit, the message digest is computed and inserted in the MAC. On receive, the message digest is computed and compared with the MAC. The packet is accepted only if the two MACs are identical. If a discrepancy is found by the client, the client ignores the packet, but raises an alarm. If this happens at the server, the server returns a special message called a crypto-NAK. Since the crypto-NAK is protected by the loopback test, an intruder cannot disrupt the protocol by sending a bogus crypto-NAK.

+

The message digest is a cryptographic hash computed by an algorithm such as MD5, SHA, or AES-128 CMAC. When authentication is specified, a message authentication code (MAC) is appended to the NTP packet header. The MAC consists of a 32-bit key identifier (key ID) followed by a 128- or 160-bit message digest. The algorithm computes the digest as the hash of a 128- or 160- bit message digest key concatenated with the NTP packet header fields with the exception of the MAC. On transmit, the message digest is computed and inserted in the MAC. On receive, the message digest is computed and compared with the MAC. The packet is accepted only if the two MACs are identical. If a discrepancy is found by the client, the client ignores the packet, but raises an alarm. If this happens at the server, the server returns a special message called a crypto-NAK. Since the crypto-NAK is protected by the loopback test, an intruder cannot disrupt the protocol by sending a bogus crypto-NAK.

Keys and related information are specified in a keys file, which must be distributed and stored using secure means beyond the scope of the NTP protocol itself. Besides the keys used for ordinary NTP associations, additional keys can be used as passwords for the ntpq and ntpdc utility programs. Ordinarily, the ntp.keys file is generated by the ntp-keygen program, but it can be constructed and edited using an ordinary text editor.

Each line of the keys file consists of three or four fields: a key ID in the range 1 to 65,534, inclusive, a key type, a message digest key consisting of a printable ASCII string less than 40 characters or a 40-character hex digit string, and an optional comma-separated list of IPs that are allowed to serve time. If the OpenSSL library is installed, the key type can be any message digest algorithm supported by the library. If the OpenSSL library is not installed, the only permitted key type is MD5.

-
-

gif

-

Figure 1. Typical Symmetric Key File

-
-

Figure 1 shows a typical keys file used by the reference implementation when the OpenSSL library is installed. In this figure, for key IDs in he range 1-10, the key is interpreted as a printable ASCII string. For key IDs in the range 11-20, the key is a 40-character hex digit string. The key is truncated or zero-filled internally to either 128 or 160 bits, depending on the key type. The line can be edited later or new lines can be added to change any field. The key can be change to a password, such as 2late4Me for key ID 10. Note that two or more keys files can be combined in any order as long as the key IDs are distinct.

+ + +
+ Figure 1. Typical Symmetric Key File +
+
+# ntpkey_MD5key_bk.ntp.org.3595864945
+# Thu Dec 12 19:22:25 2013
+
+1  MD5 L";Nw<`.I<f4U0)247"i  # MD5 key
+2  MD5 &>l0%XXK9O'51VwV<xq~  # MD5 key
+3  MD5 lb4zLW~d^!K:]RsD'qb6  # MD5 key
+4  MD5 Yue:tL[+vR)M`n~bY,'?  # MD5 key
+5  MD5 B;fxlKgr/&4ZTbL6=RxA  # MD5 key
+6  MD5 4eYwa`o}3i@@V@..R9!l  # MD5 key
+7  MD5 `A.([h+;wTQ|xfi%Sn_!  # MD5 key
+8  MD5 45:V,r4]l6y^JH6"Sh?F  # MD5 key
+9  MD5 3-5vcn*6l29DS?Xdsg)*  # MD5 key
+10 MD5 2late4Me              # MD5 key
+11 SHA1 a27872d3030a9025b8446c751b4551a7629af65c  # SHA1 key
+12 SHA1 21bc3b4865dbb9e920902abdccb3e04ff97a5e74  # SHA1 key
+13 SHA1 2b7736fe24fef5ba85ae11594132ab5d6f6daba9  # SHA1 key
+14 SHA  a5332809c8878dd3a5b918819108a111509aeceb  # SHA  key
+15 MD2  2fe16c88c760ff2f16d4267e36c1aa6c926e6964  # MD2  key
+16 MD4  b2691811dc19cfc0e2f9bcacd74213f29812183d  # MD4  key
+17 MD5  e4d6735b8bdad58ec5ffcb087300a17f7fef1f7c  # MD5  key
+18 MDC2 a8d5e2315c025bf3a79174c87fbd10477de2eabc  # MDC2 key
+19 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2  # RIPEMD160 key
+20 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878  # AES128CMAC key
+  
+

Figure 1 shows a typical keys file used by the reference implementation when the OpenSSL library is installed. In this figure, for key IDs in he range 1-10, the key is interpreted as a printable ASCII string. For key IDs in the range 11-20, the key is a 40-character hex digit string. The key is truncated or zero-filled internally to either 128 or 160 bits, depending on the key type. The line can be edited later or new lines can be added to change any field. The key can be changed to a password, such as 2late4Me for key ID 10. Note that two or more keys files can be combined in any order as long as the key IDs are distinct.

When ntpd is started, it reads the keys file specified by the keys command and installs the keys in the key cache. However, individual keys must be activated with the trustedkey configuration command before use. This allows, for instance, the installation of possibly several batches of keys and then activating a key remotely using ntpq or ntpdc. The requestkey command selects the key ID used as the password for the ntpdc utility, while the controlkey command selects the key ID used as the password for the ntpq utility.

Microsoft Windows Authentication

In addition to the above means, ntpd now supports Microsoft Windows MS-SNTP authentication using Active Directory services. This support was contributed by the Samba Team and is still in development. It is enabled using the mssntp flag of the restrict command described on the Access Control Options page. Note: Potential users should be aware that these services involve a TCP connection to another process that could potentially block, denying services to other users. Therefore, this flag should be used only for a dedicated server with no clients other than MS-SNTP.

--- contrib/ntp/html/drivers/driver18.html.orig +++ contrib/ntp/html/drivers/driver18.html @@ -10,7 +10,7 @@

NIST/USNO/PTB Modem Time Services

Author: David L. Mills (mills@udel.edu)
Last update: - 1-Dec-2012 10:44 + 12-Oct-2017 08:13 UTC


Synopsis

@@ -43,7 +43,7 @@ ...

MJD, YR, ST, UT1 and UTC(NIST) are not used by this driver. The <OTM> on-time character "*" changes to "#" when the delay correction is valid.

US Naval Observatory (USNO)

-

Phone: (202) 762-1594 (Washington, DC); (719) 567-6742 (Boulder, CO)

+

Phone: (202) 762-1594 (Washington, DC); (719) 567-6743 (Colorado Springs, CO)

Data Format (two lines, repeating at one-second intervals)

jjjjj nnn hhmmss UTC

* on-time character for previous timecode message
--- contrib/ntp/html/drivers/driver40.html.orig +++ contrib/ntp/html/drivers/driver40.html @@ -16,7 +16,7 @@

JJY Receivers

Last update: - 08-May-2016 00:00 + 12-Oct-2017 09:05 UTC          ENGLISH   JAPANESE


Synopsis

@@ -145,7 +145,8 @@
  • -

    Echo Keisokuki Co.,Ltd.   LT-2000   http://www.clock.co.jp/ (Japanese only)


    +

    Echo Keisokuki Co.,Ltd.   LT-2000  


    +

    Echo Keisokuki was dissolved. Some business of the company was taken over by FreqTime Co., Ltd. in July, 2015.


    NTP configuration ( ntp.conf )

    --- contrib/ntp/html/keygen.html.orig +++ contrib/ntp/html/keygen.html @@ -1,116 +1,354 @@ - - - -ntp-keygen - generate public and private keys - - - -

    ntp-keygen - generate public and private keys

    -

    giffrom Alice's Adventures in Wonderland, Lewis Carroll

    -

    Alice holds the key.

    -

    Last update: - 10-Mar-2014 05:11 - UTC

    -
    -

    Related Links

    - -

    Table of Contents

    - -
    -

    Synopsis

    -

    ntp-keygen [ -deGHIMPT ] [ -b modulus ] [ -c [ RSA-MD2 | RSA-MD5 | RSA-SHA - | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] - [ -C cipher ] [-i group ] [ -l days] - [ -m modulus ] [ -p passwd1 ] [ -q passwd2 ] - [ -S [ RSA | DSA ] ] [ -s host ] [ -V nkeys ]

    -

    Description

    -

    This program generates cryptographic data files used by the NTPv4 authentication and identity schemes. It can generate message digest keys used in symmetric key cryptography and, if the OpenSSL software library has been installed, it can generate host keys, sign keys, certificates, and identity keys and parameters used by the Autokey public key cryptography. The message digest keys file is generated in a format compatible with NTPv3. All other files are in PEM-encoded printable ASCII format so they can be embedded as MIME attachments in mail to other sites.

    -

    When used to generate message digest keys, the program produces a file containing - ten pseudo-random printable ASCII strings suitable for the MD5 message digest algorithm included in the distribution. If the OpenSSL library is installed, it produces an additional ten hex-encoded random bit strings suitable for the SHA1 and other message digest algorithms. The message digest keys file must be distributed and stored using secure means beyond the scope of NTP itself. Besides the keys used for ordinary NTP associations, additional keys can be defined as passwords for the ntpq and ntpdc utility programs.

    -

    The remaining generated files are compatible with other OpenSSL applications and other Public Key Infrastructure (PKI) resources. Certificates generated by this program are compatible with extant industry practice, although some users might find the interpretation of X509v3 extension fields somewhat liberal. However, the identity keys are probably not compatible with anything other than Autokey.

    -

    Some files used by this program are encrypted using a private password. The -p option specifies the password for local encrypted files and the -q option the password for encrypted files sent to remote sites. If no password is specified, the host name returned by the Unix gethostname() function, normally the DNS name of the host, is used.

    -

    The pw option of the crypto configuration command specifies the read password for previously encrypted local files. This must match the local password used by this program. If not specified, the host name is used. Thus, if files are generated by this program without password, they can be read back by ntpd without password, but only on the same host.

    -

    Normally, encrypted files for each host are generated by that host and used only by that host, although exceptions exist as noted later on this page. The symmetric keys file, normally called ntp.keys, is usually installed in /etc. Other files and links are usually installed in /usr/local/etc, which is normally in a shared filesystem in NFS-mounted networks and cannot be changed by shared clients. The location of the keys directory can be changed by the keysdir configuration command in such cases. Normally, this is in /etc.

    -

    This program directs commentary and error messages to the standard error stream stderr and remote files to the standard output stream stdout where they can be piped to other applications or redirected to files. The names used for generated files and links all begin with the string ntpkey and include the file type, generating host and filestamp, as described in the Cryptographic Data Files section below

    -

    Running the Program

    -

    To test and gain experience with Autokey concepts, log in as root and change to the keys directory, usually /usr/local/etc. When run for the first time, or if all files with names beginning ntpkey have been removed, use the ntp-keygen command without arguments to generate a default RSA host key and matching RSA-MD5 certificate with expiration date one year hence. If run again without options, the program uses the existing keys and parameters and generates only a new certificate with new expiration date one year hence.

    -

    Run the command on as many hosts as necessary. Designate one of them as the trusted host (TH) using ntp-keygen with the -T option and configure it to synchronize from reliable Internet servers. Then configure the other hosts to synchronize to the TH directly or indirectly. A certificate trail is created when Autokey asks the immediately ascendant host towards the TH to sign its certificate, which is then provided to the immediately descendant host on request. All group hosts should have acyclic certificate trails ending on the TH.

    -

    The host key is used to encrypt the cookie when required and so must be RSA type. By default, the host key is also the sign key used to encrypt signatures. A different sign key can be assigned using the -S option and this can be either RSA or DSA type. By default, the signature message digest type is MD5, but any combination of sign key type and message digest type supported by the OpenSSL library can be specified using the -c option.

    -
    The rules say cryptographic media should be generated with proventic filestamps, which means the host should already be synchronized before this program is run. This of course creates a chicken-and-egg problem when the host is started for the first time. Accordingly, the host time should be set by some other means, such as eyeball-and-wristwatch, at least so that the certificate lifetime is within the current year. After that and when the host is synchronized to a proventic source, the certificate should be re-generated.
    -

    Additional information on trusted groups and identity schemes is on the Autokey Public-Key Authentication page.

    -

    Command Line Options

    -
    -
    -b modulus
    -
    Set the modulus for generating identity keys to modulus bits. The modulus defaults to 256, but can be set from 256 (32 octets) to 2048 (256 octets). Use the larger moduli with caution, as this can consume considerable computing resources and increases the size of authenticated packets.
    -
    -c [ RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ]
    -
    Select certificate digital signature and message digest scheme. Note that RSA schemes must be used with an RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is RSA-MD5. If compatibility with FIPS 140-2 is required, either the DSA-SHA or DSA-SHA1 scheme must be used.
    -
    -C cipher
    -
    Select the OpenSSL cipher to use for password-protected keys. The openssl -h command provided with OpenSSL displays available ciphers. The default without this option is des-ede3-cbc.
    -
    -d
    -
    Enable debugging. This option displays the cryptographic data produced for eye-friendly billboards.
    -
    -e
    -
    Extract the IFF or GQ public parameters from the IFFkey or GQkey keys file previously specified. Send the unencrypted data to the standard output stream stdout.
    -
    -G
    -
    Generate a new encrypted GQ key file for the Guillou-Quisquater (GQ) identity scheme. This option is mutually exclusive with the -I and -V options.
    -
    -H
    -
    Generate a new encrypted RSA public/private host key file.
    -
    -i group
    -
    Set the optional Autokey group name to group. This is used in the identity scheme parameter file names. In that role, the default is the host name if no group is provided. The group name, if specified using -i or using -s following an @ character, is also used in certificate subject and issuer names in the form host@group and should match the group specified via crypto ident or server ident in ntpd's configuration file.
    -
    -I
    -
    Generate a new encrypted IFF key file for the Schnorr (IFF) identity scheme. This option is mutually exclusive with the -G and -V options.
    -
    -l days
    -
    Set the lifetime for certificates to days. The default lifetime is one year (365 d).
    -
    -m modulus
    -
    Set the modulus for generating files to modulus bits. The modulus defaults to 512, but can be set from 256 (32 octets) to 2048 (256 octets). Use the larger moduli with caution, as this can consume considerable computing resources and increases the size of authenticated packets.
    -
    -M
    -
    Generate a new keys file containing 10 MD5 keys and 10 SHA keys. An MD5 key is a string of 20 random printable ASCII characters, while a SHA key is a string of 40 random hex digits. The file can be edited using a text editor to change the key type or key content. This option is mutually exclusive with all other option.
    -
    -P
    -
    Generate a new private certificate used by the PC identity scheme. By default, the program generates public certificates. Note: the PC identity scheme is not recommended for new installations.
    -
    -p passwd
    -
    Set the password for reading and writing encrypted files to passwd. These include the host, sign and identify key files. By default, the password is the string returned by the Unix gethostname() routine.
    -
    -q passwd
    -
    Set the password for writing encrypted IFF, GQ and MV identity files redirected to stdout to passwd. In effect, these files are decrypted with the -p password, then encrypted with the -q password. By default, the password is the string returned by the Unix gethostname() routine.
    -
    -S [ RSA | DSA ]
    -
    Generate a new encrypted public/private sign key file of the specified type. By default, the sign key is - the host key and has the same type. If compatibly with FIPS 140-2 is required, - the sign key type must be DSA.
    -
    -s host[@group]
    -
    Specify the Autokey host name, where host is the host name and group is the optional group name. The host name, and if provided, group name are used in host@group form as certificate subject and issuer. Specifying -s @group is allowed, and results in leaving the host name unchanged, as with -i group. The group name, or if no group is provided, the host name are also used in the file names of IFF, GQ, and MV identity scheme parameter files. If host is not specified, the default host name is the string returned by the gethostname() routine.
    -
    -T
    -
    Generate a trusted certificate. By default, the program generates nontrusted certificates.
    -
    -V nkeys
    -
    Generate nkeys encrypted server keys for the Mu-Varadharajan (MV) identity scheme. This option is mutually exclusive with the -I and -G options. Note: support for this option should be considered a work in progress.
    -
    -

    Random Seed File

    -

    All cryptographically sound key generation schemes must have means to randomize the entropy seed used to initialize the internal pseudo-random number generator used by the OpenSSL library routines. If a site supports ssh, it is very likely that means to do this are already available. The entropy seed used by the OpenSSL library is contained in a file, usually called .rnd, which must be available when starting the ntp-keygen program or ntpd daemon.

    -

    The OpenSSL library looks for the file using the path specified by the RANDFILE environment variable in the user home directory, whether root or some other user. If the RANDFILE environment variable is not present, the library looks for the .rnd file in the user home directory. Since both the ntp-keygen program and ntpd daemon must run as root, the logical place to put this file is in /.rnd or /root/.rnd. If the file is not available or cannot be written, the program exits with a message to the system log.

    -

    Cryptographic Data Files

    -

    File and link names are in the form ntpkey_key_name.fstamp, where key is the key or parameter type, name is the host or group name and fstamp is the filestamp (NTP seconds) when the file was created). By convention, key names in generated file names include both upper and lower case characters, while key names in generated link names include only lower case characters. The filestamp is not used in generated link names.

    -

    The key name is a string defining the cryptographic key type. Key types include public/private keys host and sign, certificate cert and several challenge/response key types. By convention, client files used for challenges have a par subtype, as in the IFF challenge IFFpar, while server files for responses have a key subtype, as in the GQ response GQkey.

    -

    All files begin with two nonencrypted lines. The first line contains the file name in the format ntpkey_key_host.fstamp. The second line contains the datestamp in conventional Unix date format. Lines beginning with # are ignored.

    -

    The remainder of the file contains cryptographic data encoded first using ASN.1 rules, then encrypted using the DES-CBC algorithm with given password and finally written in PEM-encoded printable ASCII text preceded and followed by MIME content identifier lines.

    -

    The format of the symmetric keys file, ordinarily named ntp.keys, is somewhat different than the other files in the interest of backward compatibility. Ordinarily, the file is generated by this program, but it can be constructed and edited using an ordinary text editor.

    -
    -

    gif

    -

    Figure 1. Typical Symmetric Key File

    -
    -

    Figure 1 shows a typical symmetric keys file used by the reference implementation. Each line of the file contains three fields, first an integer between 1 and 65534, inclusive, representing the key identifier used in the server and peer configuration commands. Next is the key type for the message digest algorithm, which in the absence of the OpenSSL library must be MD5 to designate the MD5 message digest algorithm. If the OpenSSL library is installed, the key type can be any message digest algorithm supported by that library. However, if compatibility with FIPS 140-2 is required, the key type must be either SHA or SHA1. The key type can be changed using an ASCII text editor.

    -

    An MD5 key consists of a printable ASCII string less than or equal to 16 characters and terminated by whitespace or a # character. An OpenSSL key consists of a hex-encoded ASCII string of 40 characters, which is truncated as necessary.

    -

    Note that the keys used by the ntpq and ntpdc programs are checked against passwords requested by the programs and entered by hand, so it is generally appropriate to specify these keys in human readable ASCII format.

    -

    The ntp-keygen program generates a MD5 symmetric keys file ntpkey_MD5key_hostname.filestamp. Since the file contains private shared keys, it should be visible only to root and distributed by secure means to other subnet hosts. The NTP daemon loads the file ntp.keys, so ntp-keygen installs a soft link from this name to the generated file. Subsequently, similar soft links must be installed by manual or automated means on the other subnet hosts. While this file is not used with the Autokey Version 2 protocol, it is needed to authenticate some remote configuration commands used by the ntpq and ntpdc utilities.

    -

    Bugs

    -

    It can take quite a while to generate some cryptographic values, from one to several minutes with modern architectures such as UltraSPARC and up to tens of minutes to an hour with older architectures such as SPARC IPC.

    -
    - - + + + + ntp-keygen - generate public and private keys + + + +

    ntp-keygen - generate public and private keys

    +

    giffrom Alice's Adventures in Wonderland, Lewis Carroll

    +

    Alice holds the key.

    +

    Last update: + 11-Jan-2018 11:55 + UTC

    +
    +

    Related Links

    + +

    Table of Contents

    + +
    +

    Synopsis

    +

    ntp-keygen [ -deGHIMPT ] [ -b modulus ] [ -c [ RSA-MD2 | RSA-MD5 | RSA-SHA + | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] + [ -C cipher ] [-i group ] [ -l days] + [ -m modulus ] [ -p passwd1 ] [ -q passwd2 ] + [ -S [ RSA | DSA ] ] [ -s host ] [ -V nkeys ]

    +

    Description

    +

    This program generates cryptographic data files used by the NTPv4 + authentication and identity schemes. It can generate message digest keys + used in symmetric key cryptography and, if the OpenSSL software library + has been installed, it can generate host keys, sign keys, certificates, + and identity keys and parameters used by the Autokey public key + cryptography. The message digest keys file is generated in a format + compatible with NTPv3. All other files are in PEM-encoded printable ASCII + format so they can be embedded as MIME attachments in mail to other + sites.

    +

    When used to generate message digest keys, the program produces a file + containing ten pseudo-random printable ASCII strings suitable for the MD5 + message digest algorithm included in the distribution. If the OpenSSL + library is installed, it produces an additional ten hex-encoded random bit + strings suitable for the SHA1, AES-128 CMAC, and other message digest + algorithms. The message digest keys file must be distributed and stored + using secure means beyond the scope of NTP itself. Besides the keys used + for ordinary NTP associations, additional keys can be defined as passwords + for the ntpq + and ntpdc utility programs.

    +

    The remaining generated files are compatible with other OpenSSL + applications and other Public Key Infrastructure (PKI) + resources. Certificates generated by this program are compatible with + extant industry practice, although some users might find the + interpretation of X509v3 extension fields somewhat liberal. However, + the identity keys are probably not compatible with anything other than + Autokey.

    +

    Some files used by this program are encrypted using a private + password. The -p option specifies the password for local + encrypted files and the -q option the password for encrypted + files sent to remote sites. If no password is specified, the host name + returned by the Unix gethostname() function, normally the DNS + name of the host, is used.

    +

    The pw option of the crypto configuration command + specifies the read password for previously encrypted local files. + This must match the local password used by this program. If not + specified, the host name is used. Thus, if files are generated by + this program without password, they can be read back by ntpd + without password, but only on the same host.

    +

    Normally, encrypted files for each host are generated by that host + and used only by that host, although exceptions exist as noted later + on this page. The symmetric keys file, normally + called ntp.keys, is usually installed in /etc. + Other files and links are usually installed + in /usr/local/etc, which is normally in a shared filesystem + in NFS-mounted networks and cannot be changed by shared clients. The + location of the keys directory can be changed by the keysdir + configuration command in such cases. Normally, this is + in /etc.

    +

    This program directs commentary and error messages to the standard + error stream stderr and remote files to the standard output + stream stdout where they can be piped to other applications + or redirected to files. The names used for generated files and links + all begin with the string ntpkey and include the file type, + generating host and filestamp, as described in + the Cryptographic Data Files section below

    +

    Running the Program

    +

    To test and gain experience with Autokey concepts, log in as root and + change to the keys directory, usually /usr/local/etc. When + run for the first time, or if all files with names + beginning ntpkey have been removed, use + the ntp-keygen command without arguments to generate a + default RSA host key and matching RSA-MD5 certificate with expiration + date one year hence. If run again without options, the program uses + the existing keys and parameters and generates only a new certificate + with new expiration date one year hence.

    +

    Run the command on as many hosts as necessary. Designate one of them + as the trusted host (TH) using ntp-keygen with + the -T option and configure it to synchronize from reliable + Internet servers. Then configure the other hosts to synchronize to + the TH directly or indirectly. A certificate trail is created when + Autokey asks the immediately ascendant host towards the TH to sign its + certificate, which is then provided to the immediately descendant host + on request. All group hosts should have acyclic certificate trails + ending on the TH.

    +

    The host key is used to encrypt the cookie when required and so must + be RSA type. By default, the host key is also the sign key used to + encrypt signatures. A different sign key can be assigned using + the -S option and this can be either RSA or DSA type. By + default, the signature message digest type is MD5, but any combination + of sign key type and message digest type supported by the OpenSSL + library can be specified using the -c option.

    +

    The rules say cryptographic media should be generated with proventic + filestamps, which means the host should already be synchronized before + this program is run. This of course creates a chicken-and-egg problem + when the host is started for the first time. Accordingly, the host + time should be set by some other means, such as + eyeball-and-wristwatch, at least so that the certificate lifetime is + within the current year. After that and when the host is synchronized + to a proventic source, the certificate should be re-generated.

    +

    Additional information on trusted groups and identity schemes is on + the Autokey Public-Key Authentication + page.

    +

    Command Line Options

    +
    +
    -b modulus
    +
    Set the modulus for generating identity keys to modulus + bits. The modulus defaults to 256, but can be set from 256 (32 + octets) to 2048 (256 octets). Use the larger moduli with caution, + as this can consume considerable computing resources and increases + the size of authenticated packets.
    +
    -c [ RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ]
    +
    Select certificate digital signature and message digest scheme. + Note that RSA schemes must be used with an RSA sign key and DSA + schemes must be used with a DSA sign key. The default without this + option is RSA-MD5. If compatibility with FIPS 140-2 is + required, either the DSA-SHA or DSA-SHA1 scheme + must be used.
    +
    -C cipher
    +
    Select the OpenSSL cipher to use for password-protected keys. + The openssl -h command provided with OpenSSL displays + available ciphers. The default without this option + is des-ede3-cbc.
    +
    -d
    +
    Enable debugging. This option displays the cryptographic data + produced for eye-friendly billboards.
    +
    -e
    +
    Extract the IFF or GQ public parameters from the IFFkey + or GQkey keys file previously specified. Send the + unencrypted data to the standard output stream stdout.
    +
    -G
    +
    Generate a new encrypted GQ key file for the Guillou-Quisquater + (GQ) identity scheme. This option is mutually exclusive with + the -I and -V options.
    +
    -H
    +
    Generate a new encrypted RSA public/private host key file.
    +
    -i group
    +
    Set the optional Autokey group name to group. This + is used in the identity scheme parameter file names. In that role, + the default is the host name if no group is provided. The group + name, if specified using -i or using -s following + an @ character, is also used in certificate subject and + issuer names in the form host@group and + should match the group specified via crypto ident + or server ident in ntpd's configuration file.
    +
    -I
    +
    Generate a new encrypted IFF key file for the Schnorr (IFF) + identity scheme. This option is mutually exclusive with + the -G and -V options.
    +
    -l days
    +
    Set the lifetime for certificates to days. The + default lifetime is one year (365 d).
    +
    -m modulus
    +
    Set the modulus for generating files to modulus bits. The + modulus defaults to 512, but can be set from 256 (32 octets) to 2048 + (256 octets). Use the larger moduli with caution, as this can + consume considerable computing resources and increases the size of + authenticated packets.
    +
    -M
    +
    Generate a new keys file containing 10 MD5 keys and 10 SHA keys. + An MD5 key is a string of 20 random printable ASCII characters, + while a SHA key is a string of 40 random hex digits. The file can be + edited using a text editor to change the key type or key content. + This option is mutually exclusive with all other options.
    +
    -P
    +
    Generate a new private certificate used by the PC identity scheme. + By default, the program generates public certificates. Note: the PC + identity scheme is not recommended for new installations.
    +
    -p passwd
    +
    Set the password for reading and writing encrypted files + to passwd. These include the host, sign and + identify key files. By default, the password is the string returned + by the Unix gethostname() routine.
    +
    -q passwd
    +
    Set the password for writing encrypted IFF, GQ and MV identity + files redirected to stdout to passwd=. In + effect, these files are decrypted with the -p password, + then encrypted with the -q password. By default, the + password is the string returned by the Unix gethostname() + routine.
    +
    -S [ RSA | DSA ]
    +
    Generate a new encrypted public/private sign key file of the + specified type. By default, the sign key is the host key and has + the same type. If compatibly with FIPS 140-2 is required, the sign + key type must be DSA.
    +
    -s host[@group]
    +
    Specify the Autokey host name, where host is the + host name and group is the optional group name. The + host name, and if provided, group name are used + in host@group form as certificate subject and + issuer. Specifying -s @group is allowed, and + results in leaving the host name unchanged, as + with -i group. The group name, or if no group is + provided, the host name are also used in the file names of IFF, GQ, + and MV identity scheme parameter files. If host is + not specified, the default host name is the string returned by + the gethostname() routine.
    +
    -T
    +
    Generate a trusted certificate. By default, the program generates + nontrusted certificates.
    +
    -V nkeys
    +
    Generate nkeys encrypted server keys for the + Mu-Varadharajan (MV) identity scheme. This option is mutually + exclusive with the -I and -G options. Note: + support for this option should be considered a work in + progress.
    +
    +

    Random Seed File

    +

    All cryptographically sound key generation schemes must have means to + randomize the entropy seed used to initialize the internal + pseudo-random number generator used by the OpenSSL library routines. + If a site supports ssh, it is very likely that means to do + this are already available. The entropy seed used by the OpenSSL + library is contained in a file, usually called .rnd, which + must be available when starting the ntp-keygen program + or ntpd daemon.

    +

    The OpenSSL library looks for the file using the path specified by + the RANDFILE environment variable in the user home directory, + whether root or some other user. If the RANDFILE environment + variable is not present, the library looks for the .rnd file + in the user home directory. Since both the ntp-keygen + program and ntpd daemon must run as root, the logical place + to put this file is in /.rnd or /root/.rnd. If the + file is not available or cannot be written, the program exits with a + message to the system log.

    +

    Cryptographic Data Files

    +

    File and link names are in the + form ntpkey_key_name.fstamp, + where key is the key or parameter + type, name is the host or group name + and fstamp is the filestamp (NTP seconds) when the + file was created). By convention, key names in + generated file names include both upper and lower case characters, + while key names in generated link names include only + lower case characters. The filestamp is not used in generated link + names.

    +

    The key name is a string defining the cryptographic + key type. Key types include public/private keys host + and sign, certificate cert and several + challenge/response key types. By convention, client files used for + challenges have a par subtype, as in the IFF + challenge IFFpar, while server files for responses have + a key subtype, as in the GQ response GQkey.

    +

    All files begin with two nonencrypted lines. The first line contains + the file name in the + format ntpkey_key_host.fstamp. The second + line contains the datestamp in conventional Unix date format. + Lines beginning with # are ignored.

    +

    The remainder of the file contains cryptographic data encoded first + using ASN.1 rules, then encrypted using the DES-CBC algorithm with + given password and finally written in PEM-encoded printable ASCII text + preceded and followed by MIME content identifier lines.

    +

    The format of the symmetric keys file, ordinarily + named ntp.keys, is somewhat different than the other files in + the interest of backward compatibility. Ordinarily, the file is + generated by this program, but it can be constructed and edited using + an ordinary text editor.

    + + +
    + Figure 1. Typical Symmetric Key File +
    +
    +	    # ntpkey_MD5key_bk.ntp.org.3595864945
    +	    # Thu Dec 12 19:22:25 2013
    +
    +	    1  MD5 L";Nw<`.I<f4U0)247"i  # MD5 key
    +	    2  MD5 &>l0%XXK9O'51VwV<xq~  # MD5 key
    +	    3  MD5 lb4zLW~d^!K:]RsD'qb6  # MD5 key
    +	    4  MD5 Yue:tL[+vR)M`n~bY,'?  # MD5 key
    +	    5  MD5 B;fxlKgr/&4ZTbL6=RxA  # MD5 key
    +	    6  MD5 4eYwa`o}3i@@V@..R9!l  # MD5 key
    +	    7  MD5 `A.([h+;wTQ|xfi%Sn_!  # MD5 key
    +	    8  MD5 45:V,r4]l6y^JH6.Sh?F  # MD5 key
    +	    9  MD5 3-5vcn*6l29DS?Xdsg)*  # MD5 key
    +	    10 MD5 2late4Me              # MD5 key
    +	    11 SHA1 a27872d3030a9025b8446c751b4551a7629af65c  # SHA1 key
    +	    12 SHA1 21bc3b4865dbb9e920902abdccb3e04ff97a5e74  # SHA1 key
    +	    13 SHA1 2b7736fe24fef5ba85ae11594132ab5d6f6daba9  # SHA1 key
    +	    14 SHA  a5332809c8878dd3a5b918819108a111509aeceb  # SHA  key
    +	    15 MD2  2fe16c88c760ff2f16d4267e36c1aa6c926e6964  # MD2  key
    +	    16 MD4  b2691811dc19cfc0e2f9bcacd74213f29812183d  # MD4  key
    +	    17 MD5  e4d6735b8bdad58ec5ffcb087300a17f7fef1f7c  # MD5  key
    +	    18 MDC2 a8d5e2315c025bf3a79174c87fbd10477de2eabc  # MDC2 key
    +	    19 RIPEMD160 77ca332cafb30e3cafb174dcd5b80ded7ba9b3d2  # RIPEMD160 key
    +	    20 AES128CMAC f92ff73eee86c1e7dc638d6489a04e4e555af878  # AES128CMAC key
    +	    21 MD5 sampo 10.1.2.3/24
    +    
    +

    Figure 1 shows a typical symmetric keys file used by the reference + implementation. Each line of the file contains three or four fields, + first an integer between 1 and 65534, inclusive, representing the key + identifier used in the server and peer configuration + commands. Second is the key type for the message digest algorithm, + which in the absence of the OpenSSL library must be MD5 to + designate the MD5 message digest algorithm. If the OpenSSL library is + installed, the key type can be any message digest algorithm supported + by that library. However, if compatibility with FIPS 140-2 is + required, the key type must be either SHA or SHA1. + The key type can be changed using an ASCII text editor.

    +

    The third field is the key.

    +

    An MD5 key consists of a printable ASCII string less than or equal to + 16 characters and terminated by whitespace or a # character. An + OpenSSL key consists of a hex-encoded ASCII string of 40 characters, + which is truncated as necessary.

    +

    Note that the keys used by the ntpq and ntpdc + programs are checked against passwords requested by the programs and + entered by hand, so it is generally appropriate to specify these keys + in human readable ASCII format.

    +

    The optional fourth field is one or more IPs, with each IP separated + with a comma. An IP may end with an optional /subnetbits + suffix, which limits the acceptance of the key identifier to packets + claiming to be from the described IP space.

    +

    The ntp-keygen program generates a MD5 symmetric keys + file ntpkey_MD5key_hostname.filestamp. Since the file + contains private shared keys, it should be visible only to root and + distributed by secure means to other subnet hosts. The NTP daemon + loads the file ntp.keys, so ntp-keygen installs a + soft link from this name to the generated file. Subsequently, similar + soft links must be installed by manual or automated means on the other + subnet hosts. While this file is not used with the Autokey Version 2 + protocol, it is needed to authenticate some remote configuration + commands used by the ntpq + and ntpdc utilities.

    +

    Bugs

    +

    It can take quite a while to generate some cryptographic values.

    +
    + + --- contrib/ntp/html/miscopt.html.orig +++ contrib/ntp/html/miscopt.html @@ -3,7 +3,6 @@ Miscellaneous Commands and Options - @@ -11,7 +10,7 @@ giffrom Pogo, Walt Kelly

    We have three, now looking for more.

    Last update: - 9-Nov-2016 12:26 + 14-Oct-2017 08:34 UTC


    Related Links

    @@ -105,7 +104,10 @@
    nonvolatile threshold
    Specify the threshold in seconds to write the frequency file, with default of 1e-7 (0.1 PPM). The frequency file is inspected each hour. If the difference between the current frequency and the last value written exceeds the threshold, the file is written and the threshold becomes the new threshold value. If the threshold is not exceeded, it is reduced by half. This is intended to reduce the frequency of unnecessary file writes for embedded systems with nonvolatile memory.
    phone dial ...
    -
    This command is used in conjunction with the ACTS modem driver (type 18). The arguments consist of a maximum of 10 telephone numbers used to dial USNO, NIST or European time services. The Hayes command ATDT is normally prepended to the number, which can contain other modem control codes as well.
    +
    This command is used in conjunction with the ACTS modem driver (type 18) or the JJY driver (type 40 mode 100 - 180). + For the ACTS modem driver (type 18), the arguments consist of a maximum of 10 telephone numbers used to dial USNO, NIST or European time services. + For the JJY driver (type 40 mode 100 - 180), the argument is one telephone number used to dial the telephone JJY service. + The Hayes command ATDT is normally prepended to the number, which can contain other modem control codes as well.
    reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]
    Reset one or more groups of counters maintained by ntpd and exposed by ntpq and ntpdc.
    rlimit [memlock Nmegabytes | stacksize N4kPages | filenum Nfiledescriptors]
    @@ -145,10 +147,12 @@
    Specifies the stepout threshold in seconds. The default without this command is 300 s. Since this option also affects the training and startup intervals, it should not be set less than the default. Further details are on the Clock State Machine page.
    -
    tos [bcpollbstep poll-gate | beacon beacon | ceiling ceiling | cohort {0 | 1} | floor floor | maxclock maxclock | maxdist maxdist | minclock minclock | mindist mindist | minsane minsane | orphan stratum | orphanwait delay]
    +
    tos [basedate date | bcpollbstep poll-gate | beacon beacon | ceiling ceiling | cohort {0 | 1} | floor floor | maxclock maxclock | maxdist maxdist | minclock minclock | mindist mindist | minsane minsane | orphan stratum | orphanwait delay]
    This command alters certain system variables used by the the clock selection and clustering algorithms. The default values of these variables have been carefully optimized for a wide range of network speeds and reliability expectations. Very rarely is it necessary to change the default values; but, some folks can't resist twisting the knobs. It can be used to select the quality and quantity of peers used to synchronize the system clock and is most useful in dynamic server discovery schemes. The options are as follows:
    +
    basedate date
    +
    Set NTP era anchor. date is either a date in ISO8601 format (YYYY-MM-DD) or an integer giving the days since 1900-01-01, the start of the NTP epoch. ntpd will clamp the system time to an era starting with the begin of this this day (00:00:00Z), covering a range of 232 seconds or roughly 136 years. The default is the begin of the UNIX epoch, 1970-01-01.
    bcpollbstep poll-gate
    This option will cause the client to delay believing backward time steps from a broadcast server for bcpollbstep poll intervals. NTP Broadcast networks are expected to be trusted, and if the server's time gets stepped backwards then it's desireable that the clients follow this change as soon as possible. However, in spite of various protections built-in to the broadcast protocol, it is possible that an attacker could perform a carefully-constructed replay attack and cause clients to erroneously step their clocks backward. If the risk of a successful broadcast replay attack is greater than the risk of the clients being out of sync in the event that there is a backward step on the broadcast time servers, this option may be used to cause the clients to delay beliveving backward time steps until poll-gate consecutive polls have been received. The default is 0, which means the client will accept these steps upon receipt. Any value from 0 to 4 can be specified.
    beacon beacon
    --- contrib/ntp/html/monopt.html.orig +++ contrib/ntp/html/monopt.html @@ -11,7 +11,7 @@ gif from Pogo, Walt Kelly

    Pig was hired to watch the logs.

    Last update: - 14-Feb-2016 09:38 + 7-Dec-2017 10:17 UTC


    Related Links

    @@ -341,8 +341,10 @@ the Event Messages and Status Words page.
    rawstats
    Record timestamp statistics. Each NTP packet received appends one line to - the rawstats file set:
    +the rawstats file set. As of ntp-4.2.8p11, each NTP packet written appends one line to the rawstats file set, as well. The format of this line is:
    56285 54575.160 128.4.1.1 192.168.1.5 3565350574.400229473 3565350574.442385200 3565350574.442436000 3565350575.154505763 0 4 4 1 8 -21 0.000000 0.000320 .PPS.
    +
    56285 54575.160 128.4.1.1 192.168.1.5 3565350574.400229473 3565350574.442385200 3565350574.442436000 3565350575.154505763 0 4 4 1 8 -21 0.000000 0.000320 .PPS. 4: 0000
    +
    @@ -431,10 +433,24 @@ - - - + + + + + + + + + + + + + + + + +
    total dispersion to the primary reference clock
    PPS.IP or textrefid, association ID.PPS.REFIDsystem peer, association ID
    If there is data beyond the base packet:
    4:IntegerLength, in bytes
    0000Hex data
    sysstats
    @@ -516,7 +532,7 @@
    timingstats
    -
    (Only available when the deamon is compiled with process time debugging +
    (Only available when the daemon is compiled with process time debugging support (--enable-debug-timing - costs performance). Record processing time statistics for various selected code paths.
    53876 36.920 10.0.3.5 1 0.000014592 input processing delay
    --- contrib/ntp/html/ntpq.html.orig +++ contrib/ntp/html/ntpq.html @@ -11,7 +11,7 @@ giffrom Pogo, Walt Kelly

    A typical NTP monitoring packet

    Last update: - 31-Jan-2014 06:54 + 24-Jan-2018 08:35 UTC


    More Help

    @@ -71,7 +71,7 @@
    keyid keyid
    This command specifies the key number to be used to authenticate configuration requests. This must correspond to a key ID configured in ntp.conf for this purpose.
    keytype
    -
    Specify the digest algorithm to use for authenticated requests, with default MD5. If the OpenSSL library is installed, digest can be be any message digest algorithm supported by the library. The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
    +
    Specify the digest algorithm to use for authenticated requests, with default MD5. If the OpenSSL library is installed, digest can be be any message digest algorithm supported by the library. The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA, SHA1, and AES128CMAC.
    ntpversion 1 | 2 | 3 | 4
    Sets the NTP version number which ntpq claims in packets. Defaults to 2, Note that mode-6 control messages (and modes, for that matter) didn't exist in NTP version 1.
    passwd
    @@ -232,9 +232,16 @@ t - u: unicast or manycast client, b: - broadcast or multicast client, l: local (reference clock), s: symmetric (peer), A: manycast server, B: - broadcast server, M: multicast server + + u: unicast or manycast client, + b: broadcast or multicast client, + p: pool source, + l: local (reference clock), + s: symmetric (peer), + A: manycast server, + B: broadcast server, + M: multicast server + when --- contrib/ntp/include/Makefile.in.orig +++ contrib/ntp/include/Makefile.in @@ -100,6 +100,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ --- contrib/ntp/include/isc/Makefile.in.orig +++ contrib/ntp/include/isc/Makefile.in @@ -100,6 +100,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ --- contrib/ntp/include/ntp.h.orig +++ contrib/ntp/include/ntp.h @@ -553,11 +553,13 @@ l_fp rec; /* receive time stamp */ l_fp xmt; /* transmit time stamp */ -#define MIN_V4_PKT_LEN (12 * sizeof(u_int32)) /* min header length */ -#define LEN_PKT_NOMAC (12 * sizeof(u_int32)) /* min header length */ -#define MIN_MAC_LEN (1 * sizeof(u_int32)) /* crypto_NAK */ -#define MAX_MD5_LEN (5 * sizeof(u_int32)) /* MD5 */ +#define MIN_V4_PKT_LEN (12 * sizeof(u_int32)) /* min header length */ +#define LEN_PKT_NOMAC (12 * sizeof(u_int32)) /* min header length */ +#define MIN_MAC_LEN (1 * sizeof(u_int32)) /* crypto_NAK */ +#define MAX_MD5_LEN (5 * sizeof(u_int32)) /* MD5 */ #define MAX_MAC_LEN (6 * sizeof(u_int32)) /* SHA */ +#define KEY_MAC_LEN sizeof(u_int32) /* key ID in MAC */ +#define MAX_MDG_LEN (MAX_MAC_LEN-KEY_MAC_LEN) /* max. digest len */ /* * The length of the packet less MAC must be a multiple of 64 @@ -822,11 +824,12 @@ typedef struct restrict_u_tag restrict_u; struct restrict_u_tag { - restrict_u * link; /* link to next entry */ - u_int32 count; /* number of packets matched */ - u_short flags; /* accesslist flags */ - u_short mflags; /* match flags */ - u_long expire; /* valid until time */ + restrict_u * link; /* link to next entry */ + u_int32 count; /* number of packets matched */ + u_short rflags; /* restrict (accesslist) flags */ + u_short mflags; /* match flags */ + short ippeerlimit; /* IP peer limit */ + u_long expire; /* valid until time */ union { /* variant starting here */ res_addr4 v4; res_addr6 v6; @@ -837,8 +840,18 @@ #define V6_SIZEOF_RESTRICT_U (offsetof(restrict_u, u) \ + sizeof(res_addr6)) +typedef struct r4addr_tag r4addr; +struct r4addr_tag { + u_short rflags; /* match flags */ + short ippeerlimit; /* IP peer limit */ +}; + +char *build_iflags(u_int32 flags); +char *build_mflags(u_short mflags); +char *build_rflags(u_short rflags); + /* - * Access flags + * Restrict (Access) flags (rflags) */ #define RES_IGNORE 0x0001 /* ignore packet */ #define RES_DONTSERVE 0x0002 /* access denied */ @@ -845,20 +858,22 @@ #define RES_DONTTRUST 0x0004 /* authentication required */ #define RES_VERSION 0x0008 /* version mismatch */ #define RES_NOPEER 0x0010 /* new association denied */ -#define RES_LIMITED 0x0020 /* packet rate exceeded */ +#define RES_NOEPEER 0x0020 /* new ephemeral association denied */ +#define RES_LIMITED 0x0040 /* packet rate exceeded */ #define RES_FLAGS (RES_IGNORE | RES_DONTSERVE |\ RES_DONTTRUST | RES_VERSION |\ - RES_NOPEER | RES_LIMITED) + RES_NOPEER | RES_NOEPEER | RES_LIMITED) -#define RES_NOQUERY 0x0040 /* mode 6/7 packet denied */ -#define RES_NOMODIFY 0x0080 /* mode 6/7 modify denied */ -#define RES_NOTRAP 0x0100 /* mode 6/7 set trap denied */ -#define RES_LPTRAP 0x0200 /* mode 6/7 low priority trap */ +#define RES_NOQUERY 0x0080 /* mode 6/7 packet denied */ +#define RES_NOMODIFY 0x0100 /* mode 6/7 modify denied */ +#define RES_NOTRAP 0x0200 /* mode 6/7 set trap denied */ +#define RES_LPTRAP 0x0400 /* mode 6/7 low priority trap */ -#define RES_KOD 0x0400 /* send kiss of death packet */ -#define RES_MSSNTP 0x0800 /* enable MS-SNTP authentication */ -#define RES_FLAKE 0x1000 /* flakeway - drop 10% */ -#define RES_NOMRULIST 0x2000 /* mode 6 mrulist denied */ +#define RES_KOD 0x0800 /* send kiss of death packet */ +#define RES_MSSNTP 0x1000 /* enable MS-SNTP authentication */ +#define RES_FLAKE 0x2000 /* flakeway - drop 10% */ +#define RES_NOMRULIST 0x4000 /* mode 6 mrulist denied */ +#define RES_UNUSED 0x8000 /* Unused flag bits */ #define RES_ALLFLAGS (RES_FLAGS | RES_NOQUERY | \ RES_NOMODIFY | RES_NOTRAP | \ @@ -867,7 +882,7 @@ RES_NOMRULIST) /* - * Match flags + * Match flags (mflags) */ #define RESM_INTERFACE 0x1000 /* this is an interface */ #define RESM_NTPONLY 0x2000 /* match source port 123 */ @@ -876,10 +891,13 @@ /* * Restriction configuration ops */ -#define RESTRICT_FLAGS 1 /* add flags to restrict entry */ -#define RESTRICT_UNFLAG 2 /* remove flags from restrict entry */ -#define RESTRICT_REMOVE 3 /* remove a restrict entry */ -#define RESTRICT_REMOVEIF 4 /* remove an interface restrict entry */ +typedef enum +restrict_ops { + RESTRICT_FLAGS = 1, /* add rflags to restrict entry */ + RESTRICT_UNFLAG, /* remove rflags from restrict entry */ + RESTRICT_REMOVE, /* remove a restrict entry */ + RESTRICT_REMOVEIF, /* remove an interface restrict entry */ +} restrict_op; /* * Endpoint structure for the select algorithm --- contrib/ntp/include/ntp_calendar.h.orig +++ contrib/ntp/include/ntp_calendar.h @@ -382,7 +382,30 @@ extern int32_t ntpcal_weekday_lt(int32_t /* rdn */, int32_t /* dow */); + /* + * handling of base date spec + */ +extern int32_t +basedate_eval_buildstamp(void); + +extern int32_t +basedate_eval_string(const char *str); + +extern int32_t +basedate_set_day(int32_t dayno); + +extern uint32_t +basedate_get_day(void); + +extern time_t +basedate_get_eracenter(void); + +extern time_t +basedate_get_erabase(void); + + +/* * Additional support stuff for Ed Rheingold's calendrical calculations */ --- contrib/ntp/include/ntp_config.h.orig +++ contrib/ntp/include/ntp_config.h @@ -54,7 +54,15 @@ int last; } int_range; -/* Structure for storing an attribute-value pair */ +/* generic list node */ +typedef struct any_node_tag any_node; +struct any_node_tag { + any_node * link; +}; + +typedef DECL_FIFO_ANCHOR(any_node) any_node_fifo; + +/* Structure for storing an attribute-value pair */ typedef struct attr_val_tag attr_val; struct attr_val_tag { attr_val * link; @@ -102,8 +110,9 @@ restrict_node * link; address_node * addr; address_node * mask; - int_fifo * flags; + int_fifo * flag_tok_fifo; int line_no; + short ippeerlimit; }; typedef DECL_FIFO_ANCHOR(restrict_node) restrict_fifo; @@ -267,8 +276,12 @@ const char * token_name(int token); /* generic fifo routines for structs linked by 1st member */ -void* append_gen_fifo(void *fifo, void *entry); +typedef void (*fifo_deleter)(void*); +void * destroy_gen_fifo(void *fifo, fifo_deleter func); +void * append_gen_fifo(void *fifo, void *entry); void * concat_gen_fifos(void *first, void *second); +#define DESTROY_G_FIFO(pf, func) \ + ((pf) = destroy_gen_fifo((pf), (fifo_deleter)(func))) #define APPEND_G_FIFO(pf, pe) \ ((pf) = append_gen_fifo((pf), (pe))) #define CONCAT_G_FIFOS(first, second) \ @@ -288,11 +301,13 @@ attr_val *create_attr_uval(int attr, u_int value); attr_val *create_attr_rangeval(int attr, int first, int last); attr_val *create_attr_sval(int attr, const char *s); +void destroy_attr_val(attr_val *node); filegen_node *create_filegen_node(int filegen_token, attr_val_fifo *options); string_node *create_string_node(char *str); restrict_node *create_restrict_node(address_node *addr, address_node *mask, + short ippeerlimit, int_fifo *flags, int line_no); int_node *create_int_node(int val); addr_opts_node *create_addr_opts_node(address_node *addr, --- contrib/ntp/include/ntp_fp.h.orig +++ contrib/ntp/include/ntp_fp.h @@ -364,6 +364,7 @@ extern void get_systime (l_fp *); extern int step_systime (double); extern int adj_systime (double); +extern int clamp_systime (void); extern struct tm * ntp2unix_tm (u_int32 ntp, int local); --- contrib/ntp/include/ntp_keyacc.h.orig +++ contrib/ntp/include/ntp_keyacc.h @@ -8,12 +8,18 @@ struct keyaccess { KeyAccT * next; sockaddr_u addr; + unsigned int subnetbits; }; -extern KeyAccT* keyacc_new_push(KeyAccT *head, const sockaddr_u *addr); +extern KeyAccT* keyacc_new_push(KeyAccT *head, const sockaddr_u *addr, + unsigned int subnetbits); extern KeyAccT* keyacc_pop_free(KeyAccT *head); extern KeyAccT* keyacc_all_free(KeyAccT *head); extern int keyacc_contains(const KeyAccT *head, const sockaddr_u *addr, int res_on_empty_list); +/* public for testability: */ +extern int keyacc_amatch(const sockaddr_u *,const sockaddr_u *, + unsigned int mbits); + #endif /* NTP_KEYACC_H */ --- contrib/ntp/include/ntp_request.h.orig +++ contrib/ntp/include/ntp_request.h @@ -141,7 +141,7 @@ req_data_u u; /* data area */ l_fp tstamp; /* time stamp, for authentication */ keyid_t keyid; /* (optional) encryption key */ - char mac[MAX_MAC_LEN-sizeof(keyid_t)]; /* (optional) auth code */ + char mac[MAX_MDG_LEN]; /* (optional) auth code */ }; /* @@ -151,7 +151,7 @@ struct req_pkt_tail { l_fp tstamp; /* time stamp, for authentication */ keyid_t keyid; /* (optional) encryption key */ - char mac[MAX_MAC_LEN-sizeof(keyid_t)]; /* (optional) auth code */ + char mac[MAX_MDG_LEN]; /* (optional) auth code */ }; /* MODE_PRIVATE request packet header length before optional items. */ @@ -513,6 +513,8 @@ u_int32 badauth; /* bad authentication */ u_int32 received; /* packets received */ u_int32 limitrejected; /* rate exceeded */ + u_int32 lamport; /* Lamport violations */ + u_int32 tsrounding; /* Timestamp rounding errors */ }; @@ -652,7 +654,7 @@ u_int32 addr; /* match address */ u_int32 mask; /* match mask */ u_int32 count; /* number of packets matched */ - u_short flags; /* restrict flags */ + u_short rflags; /* restrict flags */ u_short mflags; /* match flags */ u_int v6_flag; /* is this v6 or not */ u_int unused1; /* unused, padding for addr6 */ @@ -667,6 +669,7 @@ struct conf_restrict { u_int32 addr; /* match address */ u_int32 mask; /* match mask */ + short ippeerlimit; /* ip peer limit */ u_short flags; /* restrict flags */ u_short mflags; /* match flags */ u_int v6_flag; /* is this v6 or not */ --- contrib/ntp/include/ntp_stdlib.h.orig +++ contrib/ntp/include/ntp_stdlib.h @@ -97,8 +97,8 @@ extern int ymd2yd (int, int, int); /* a_md5encrypt.c */ -extern int MD5authdecrypt (int, const u_char *, u_int32 *, size_t, size_t); -extern size_t MD5authencrypt (int, const u_char *, u_int32 *, size_t); +extern int MD5authdecrypt (int, const u_char *, size_t, u_int32 *, size_t, size_t); +extern size_t MD5authencrypt (int, const u_char *, size_t, u_int32 *, size_t); extern void MD5auth_setkey (keyid_t, int, const u_char *, size_t, KeyAccT *c); extern u_int32 addr2refid (sockaddr_u *); --- contrib/ntp/include/ntpd.h.orig +++ contrib/ntp/include/ntpd.h @@ -168,19 +168,19 @@ /* ntp_peer.c */ extern void init_peer (void); extern struct peer *findexistingpeer(sockaddr_u *, const char *, - struct peer *, int, u_char); + struct peer *, int, u_char, int *); extern struct peer *findpeer (struct recvbuf *, int, int *); extern struct peer *findpeerbyassoc(associd_t); extern void set_peerdstadr (struct peer *, endpt *); -extern struct peer *newpeer (sockaddr_u *, const char *, - endpt *, u_char, u_char, - u_char, u_char, u_int, u_char, u_int32, +extern struct peer *newpeer (sockaddr_u *, const char *, endpt *, + int, u_char, u_char, u_char, u_char, + u_int, u_char, u_int32, keyid_t, const char *); extern void peer_all_reset (void); extern void peer_clr_stats (void); -extern struct peer *peer_config(sockaddr_u *, const char *, - endpt *, u_char, u_char, - u_char, u_char, u_int, u_int32, +extern struct peer *peer_config(sockaddr_u *, const char *, endpt *, + int, u_char, u_char, u_char, u_char, + u_int, u_int32, keyid_t, const char *); extern void peer_reset (struct peer *); extern void refresh_all_peerinterfaces(void); @@ -257,10 +257,11 @@ /* ntp_restrict.c */ extern void init_restrict (void); -extern u_short restrictions (sockaddr_u *); -extern void hack_restrict (int, sockaddr_u *, sockaddr_u *, - u_short, u_short, u_long); +extern void restrictions (sockaddr_u *, r4addr *); +extern void hack_restrict (restrict_op, sockaddr_u *, sockaddr_u *, + short, u_short, u_short, u_long); extern void restrict_source (sockaddr_u *, int, u_long); +extern void dump_restricts (void); /* ntp_timer.c */ extern void init_timer (void); @@ -288,7 +289,7 @@ extern void record_clock_stats (sockaddr_u *, const char *); extern int mprintf_clock_stats(sockaddr_u *, const char *, ...) NTP_PRINTF(2, 3); -extern void record_raw_stats (sockaddr_u *srcadr, sockaddr_u *dstadr, l_fp *t1, l_fp *t2, l_fp *t3, l_fp *t4, int leap, int version, int mode, int stratum, int ppoll, int precision, double root_delay, double root_dispersion, u_int32 refid); +extern void record_raw_stats (sockaddr_u *srcadr, sockaddr_u *dstadr, l_fp *t1, l_fp *t2, l_fp *t3, l_fp *t4, int leap, int version, int mode, int stratum, int ppoll, int precision, double root_delay, double root_dispersion, u_int32 refid, int len, u_char *extra); extern void check_leap_file (int is_daily_check, u_int32 ntptime, const time_t * systime); extern void record_crypto_stats (sockaddr_u *, const char *); #ifdef DEBUG @@ -500,18 +501,19 @@ /* * Statistics counters */ -extern u_long sys_stattime; /* time since reset */ -extern u_long sys_received; /* packets received */ -extern u_long sys_processed; /* packets for this host */ -extern u_long sys_restricted; /* restricted packets */ +extern u_long sys_badauth; /* bad authentication */ +extern u_long sys_badlength; /* bad length or format */ +extern u_long sys_declined; /* declined */ +extern u_long sys_kodsent; /* KoD sent */ +extern u_long sys_lamport; /* Lamport violation */ +extern u_long sys_limitrejected; /* rate exceeded */ extern u_long sys_newversion; /* current version */ extern u_long sys_oldversion; /* old version */ +extern u_long sys_processed; /* packets for this host */ +extern u_long sys_received; /* packets received */ extern u_long sys_restricted; /* access denied */ -extern u_long sys_badlength; /* bad length or format */ -extern u_long sys_badauth; /* bad authentication */ -extern u_long sys_declined; /* declined */ -extern u_long sys_limitrejected; /* rate exceeded */ -extern u_long sys_kodsent; /* KoD sent */ +extern u_long sys_stattime; /* time since reset */ +extern u_long sys_tsrounding; /* timestamp rounding errors */ /* ntp_request.c */ extern keyid_t info_auth_keyid; /* keyid used to authenticate requests */ --- contrib/ntp/include/recvbuff.h.orig +++ contrib/ntp/include/recvbuff.h @@ -39,9 +39,10 @@ /* * the maximum length NTP packet contains the NTP header, one Autokey * request, one Autokey response and the MAC. Assuming certificates don't - * get too big, the maximum packet length is set arbitrarily at 1000. + * get too big, the maximum packet length is set arbitrarily at 1200. + * (was 1000, but that bumps on 2048 RSA keys) */ -#define RX_BUFF_SIZE 1000 /* hail Mary */ +#define RX_BUFF_SIZE 1200 /* hail Mary */ typedef struct recvbuf recvbuf_t; --- contrib/ntp/include/ssl_applink.c.orig +++ contrib/ntp/include/ssl_applink.c @@ -27,10 +27,10 @@ #endif #ifdef WRAP_DBG_MALLOC -void *wrap_dbg_malloc(size_t s, const char *f, int l); -void *wrap_dbg_realloc(void *p, size_t s, const char *f, int l); -void wrap_dbg_free(void *p); -void wrap_dbg_free_ex(void *p, const char *f, int l); +static void *wrap_dbg_malloc(size_t s, const char *f, int l); +static void *wrap_dbg_realloc(void *p, size_t s, const char *f, int l); +static void wrap_dbg_free(void *p); +static void wrap_dbg_free_ex(void *p, const char *f, int l); #endif @@ -42,17 +42,21 @@ ssl_applink(void) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L + # ifdef WRAP_DBG_MALLOC CRYPTO_set_mem_functions(wrap_dbg_malloc, wrap_dbg_realloc, wrap_dbg_free_ex); # else OPENSSL_malloc_init(); # endif -#else + +# else + # ifdef WRAP_DBG_MALLOC CRYPTO_set_mem_ex_functions(wrap_dbg_malloc, wrap_dbg_realloc, wrap_dbg_free); # else CRYPTO_malloc_init(); # endif + #endif /* OpenSSL version cascade */ } #else /* !OPENSSL || !SYS_WINNT */ @@ -66,7 +70,7 @@ * for DEBUG malloc/realloc/free (lacking block type). * Simple wrappers convert. */ -void *wrap_dbg_malloc(size_t s, const char *f, int l) +static void *wrap_dbg_malloc(size_t s, const char *f, int l) { void *ret; @@ -74,7 +78,7 @@ return ret; } -void *wrap_dbg_realloc(void *p, size_t s, const char *f, int l) +static void *wrap_dbg_realloc(void *p, size_t s, const char *f, int l) { void *ret; @@ -82,12 +86,12 @@ return ret; } -void wrap_dbg_free(void *p) +static void wrap_dbg_free(void *p) { _free_dbg(p, _NORMAL_BLOCK); } -void wrap_dbg_free_ex(void *p, const char *f, int l) +static void wrap_dbg_free_ex(void *p, const char *f, int l) { (void)f; (void)l; --- contrib/ntp/kernel/Makefile.in.orig +++ contrib/ntp/kernel/Makefile.in @@ -99,6 +99,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ --- contrib/ntp/kernel/sys/Makefile.in.orig +++ contrib/ntp/kernel/sys/Makefile.in @@ -100,6 +100,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ --- contrib/ntp/libntp/Makefile.in.orig +++ contrib/ntp/libntp/Makefile.in @@ -101,6 +101,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ --- contrib/ntp/libntp/a_md5encrypt.c.orig +++ contrib/ntp/libntp/a_md5encrypt.c @@ -11,6 +11,177 @@ #include "ntp.h" #include "ntp_md5.h" /* provides OpenSSL digest API */ #include "isc/string.h" + +#ifdef OPENSSL +# include "openssl/cmac.h" +# define CMAC "AES128CMAC" +# define AES_128_KEY_SIZE 16 +#endif + +typedef struct { + const void * buf; + size_t len; +} robuffT; + +typedef struct { + void * buf; + size_t len; +} rwbuffT; + +#ifdef OPENSSL +static size_t +cmac_ctx_size( + CMAC_CTX * ctx) +{ + size_t mlen = 0; + + if (ctx) { + EVP_CIPHER_CTX * cctx; + if (NULL != (cctx = CMAC_CTX_get0_cipher_ctx (ctx))) + mlen = EVP_CIPHER_CTX_block_size(cctx); + } + return mlen; +} +#endif /*OPENSSL*/ + +static size_t +make_mac( + const rwbuffT * digest, + int ktype, + const robuffT * key, + const robuffT * msg) +{ + /* + * Compute digest of key concatenated with packet. Note: the + * key type and digest type have been verified when the key + * was created. + */ + size_t retlen = 0; + +#ifdef OPENSSL + + INIT_SSL(); + + /* Check if CMAC key type specific code required */ + if (ktype == NID_cmac) { + CMAC_CTX * ctx = NULL; + void const * keyptr = key->buf; + u_char keybuf[AES_128_KEY_SIZE]; + + /* adjust key size (zero padded buffer) if necessary */ + if (AES_128_KEY_SIZE > key->len) { + memcpy(keybuf, keyptr, key->len); + memset((keybuf + key->len), 0, + (AES_128_KEY_SIZE - key->len)); + keyptr = keybuf; + } + + if (NULL == (ctx = CMAC_CTX_new())) { + msyslog(LOG_ERR, "MAC encrypt: CMAC %s CTX new failed.", CMAC); + goto cmac_fail; + } + if (!CMAC_Init(ctx, keyptr, AES_128_KEY_SIZE, EVP_aes_128_cbc(), NULL)) { + msyslog(LOG_ERR, "MAC encrypt: CMAC %s Init failed.", CMAC); + goto cmac_fail; + } + if (cmac_ctx_size(ctx) > digest->len) { + msyslog(LOG_ERR, "MAC encrypt: CMAC %s buf too small.", CMAC); + goto cmac_fail; + } + if (!CMAC_Update(ctx, msg->buf, msg->len)) { + msyslog(LOG_ERR, "MAC encrypt: CMAC %s Update failed.", CMAC); + goto cmac_fail; + } + if (!CMAC_Final(ctx, digest->buf, &retlen)) { + msyslog(LOG_ERR, "MAC encrypt: CMAC %s Final failed.", CMAC); + retlen = 0; + } + cmac_fail: + if (ctx) + CMAC_CTX_cleanup(ctx); + } + else { /* generic MAC handling */ + EVP_MD_CTX * ctx = EVP_MD_CTX_new(); + u_int uilen = 0; + + if ( ! ctx) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest CTX new failed.", + OBJ_nid2sn(ktype)); + goto mac_fail; + } + + #ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW + /* make sure MD5 is allowd */ + EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); + #endif + /* [Bug 3457] DON'T use plain EVP_DigestInit! It would + * kill the flags! */ + if (!EVP_DigestInit_ex(ctx, EVP_get_digestbynid(ktype), NULL)) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Init failed.", + OBJ_nid2sn(ktype)); + goto mac_fail; + } + if ((size_t)EVP_MD_CTX_size(ctx) > digest->len) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s buf too small.", + OBJ_nid2sn(ktype)); + goto mac_fail; + } + if (!EVP_DigestUpdate(ctx, key->buf, (u_int)key->len)) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Update key failed.", + OBJ_nid2sn(ktype)); + goto mac_fail; + } + if (!EVP_DigestUpdate(ctx, msg->buf, (u_int)msg->len)) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Update data failed.", + OBJ_nid2sn(ktype)); + goto mac_fail; + } + if (!EVP_DigestFinal(ctx, digest->buf, &uilen)) { + msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Final failed.", + OBJ_nid2sn(ktype)); + uilen = 0; + } + mac_fail: + retlen = (size_t)uilen; + + if (ctx) + EVP_MD_CTX_free(ctx); + } + +#else /* !OPENSSL follows */ + + if (ktype == NID_md5) + { + EVP_MD_CTX * ctx = EVP_MD_CTX_new(); + uint uilen = 0; + + if (digest->len < 16) { + msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 buf too small."); + } + else if ( ! ctx) { + msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 Digest CTX new failed."); + } + else { + EVP_DigestInit(ctx, EVP_get_digestbynid(ktype)); + EVP_DigestUpdate(ctx, key->buf, key->len); + EVP_DigestUpdate(ctx, msg->buf, msg->len); + EVP_DigestFinal(ctx, digest->buf, &uilen); + } + if (ctx) + EVP_MD_CTX_free(ctx); + retlen = (size_t)uilen; + } + else + { + msyslog(LOG_ERR, "MAC encrypt: invalid key type %d" , ktype); + } + +#endif /* !OPENSSL */ + + return retlen; +} + + /* * MD5authencrypt - generate message digest * @@ -20,36 +191,23 @@ MD5authencrypt( int type, /* hash algorithm */ const u_char * key, /* key pointer */ + size_t klen, /* key length */ u_int32 * pkt, /* packet pointer */ size_t length /* packet length */ ) { u_char digest[EVP_MAX_MD_SIZE]; - u_int len; - EVP_MD_CTX *ctx; + rwbuffT digb = { digest, sizeof(digest) }; + robuffT keyb = { key, klen }; + robuffT msgb = { pkt, length }; + size_t dlen = 0; - /* - * Compute digest of key concatenated with packet. Note: the - * key type and digest type have been verified when the key - * was creaded. - */ - INIT_SSL(); - ctx = EVP_MD_CTX_new(); - if (!(ctx && EVP_DigestInit(ctx, EVP_get_digestbynid(type)))) { - msyslog(LOG_ERR, - "MAC encrypt: digest init failed"); - EVP_MD_CTX_free(ctx); - return (0); - } - EVP_DigestUpdate(ctx, key, cache_secretsize); - EVP_DigestUpdate(ctx, (u_char *)pkt, length); - EVP_DigestFinal(ctx, digest, &len); - EVP_MD_CTX_free(ctx); + dlen = make_mac(&digb, type, &keyb, &msgb); /* If the MAC is longer than the MAX then truncate it. */ - if (len > MAX_MAC_LEN - 4) - len = MAX_MAC_LEN - 4; - memmove((u_char *)pkt + length + 4, digest, len); - return (len + 4); + if (dlen > MAX_MDG_LEN) + dlen = MAX_MDG_LEN; + memcpy((u_char *)pkt + length + KEY_MAC_LEN, digest, dlen); + return (dlen + KEY_MAC_LEN); } @@ -62,6 +220,7 @@ MD5authdecrypt( int type, /* hash algorithm */ const u_char * key, /* key pointer */ + size_t klen, /* key length */ u_int32 * pkt, /* packet pointer */ size_t length, /* packet length */ size_t size /* MAC size */ @@ -68,35 +227,23 @@ ) { u_char digest[EVP_MAX_MD_SIZE]; - u_int len; - EVP_MD_CTX *ctx; + rwbuffT digb = { digest, sizeof(digest) }; + robuffT keyb = { key, klen }; + robuffT msgb = { pkt, length }; + size_t dlen = 0; - /* - * Compute digest of key concatenated with packet. Note: the - * key type and digest type have been verified when the key - * was created. - */ - INIT_SSL(); - ctx = EVP_MD_CTX_new(); - if (!(ctx && EVP_DigestInit(ctx, EVP_get_digestbynid(type)))) { - msyslog(LOG_ERR, - "MAC decrypt: digest init failed"); - EVP_MD_CTX_free(ctx); - return (0); - } - EVP_DigestUpdate(ctx, key, cache_secretsize); - EVP_DigestUpdate(ctx, (u_char *)pkt, length); - EVP_DigestFinal(ctx, digest, &len); - EVP_MD_CTX_free(ctx); + dlen = make_mac(&digb, type, &keyb, &msgb); + /* If the MAC is longer than the MAX then truncate it. */ - if (len > MAX_MAC_LEN - 4) - len = MAX_MAC_LEN - 4; - if (size != (size_t)len + 4) { + if (dlen > MAX_MDG_LEN) + dlen = MAX_MDG_LEN; + if (size != (size_t)dlen + KEY_MAC_LEN) { msyslog(LOG_ERR, "MAC decrypt: MAC length error"); return (0); } - return !isc_tsmemcmp(digest, (u_char *)pkt + length + 4, len); + return !isc_tsmemcmp(digest, + (u_char *)pkt + length + KEY_MAC_LEN, dlen); } /* @@ -108,7 +255,7 @@ u_int32 addr2refid(sockaddr_u *addr) { - u_char digest[20]; + u_char digest[EVP_MAX_MD_SIZE]; u_int32 addr_refid; EVP_MD_CTX *ctx; u_int len; @@ -119,11 +266,12 @@ INIT_SSL(); ctx = EVP_MD_CTX_new(); - EVP_MD_CTX_init(ctx); -#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW +# ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW /* MD5 is not used as a crypto hash here. */ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); -#endif +# endif + /* [Bug 3457] DON'T use plain EVP_DigestInit! It would kill the + * flags! */ if (!EVP_DigestInit_ex(ctx, EVP_md5(), NULL)) { msyslog(LOG_ERR, "MD5 init failed"); --- contrib/ntp/libntp/adjtime.c.orig +++ contrib/ntp/libntp/adjtime.c @@ -314,7 +314,7 @@ /* * Get the current clock period (nanoseconds) */ - if (ClockPeriod (CLOCK_REALTIME, 0, &period, 0) < 0) + if (ClockPeriod (CLOCK_REALTIME, 0, &period, 0) == -1) return -1; /* @@ -354,7 +354,7 @@ adj.tick_count = 0; } - if (ClockAdjust (CLOCK_REALTIME, &adj, &oldadj) < 0) + if (ClockAdjust (CLOCK_REALTIME, &adj, &oldadj) == -1) return -1; /* --- contrib/ntp/libntp/authkeys.c.orig +++ contrib/ntp/libntp/authkeys.c @@ -114,13 +114,16 @@ KeyAccT* keyacc_new_push( KeyAccT * head, - const sockaddr_u * addr + const sockaddr_u * addr, + unsigned int subnetbits ) { KeyAccT * node = emalloc(sizeof(KeyAccT)); memcpy(&node->addr, addr, sizeof(sockaddr_u)); + node->subnetbits = subnetbits; node->next = head; + return node; } @@ -165,7 +168,8 @@ { if (head) { do { - if (SOCK_EQ(&head->addr, addr)) + if (keyacc_amatch(&head->addr, addr, + head->subnetbits)) return TRUE; } while (NULL != (head = head->next)); return FALSE; @@ -174,7 +178,99 @@ } } +#if CHAR_BIT != 8 +# error "don't know how to handle bytes with that bit size" +#endif +/* ----------------------------------------------------------------- */ +/* check two addresses for a match, taking a prefix length into account + * when doing the compare. + * + * The ISC lib contains a similar function with not entirely specified + * semantics, so it seemed somewhat cleaner to do this from scratch. + * + * Note 1: It *is* assumed that the addresses are stored in network byte + * order, that is, most significant byte first! + * + * Note 2: "no address" compares unequal to all other addresses, even to + * itself. This has the same semantics as NaNs have for floats: *any* + * relational or equality operation involving a NaN returns FALSE, even + * equality with itself. "no address" is either a NULL pointer argument + * or an address of type AF_UNSPEC. + */ +int/*BOOL*/ +keyacc_amatch( + const sockaddr_u * a1, + const sockaddr_u * a2, + unsigned int mbits + ) +{ + const uint8_t * pm1; + const uint8_t * pm2; + uint8_t msk; + unsigned int len; + + /* 1st check: If any address is not an address, it's inequal. */ + if ( !a1 || (AF_UNSPEC == AF(a1)) || + !a2 || (AF_UNSPEC == AF(a2)) ) + return FALSE; + + /* We could check pointers for equality here and shortcut the + * other checks if we find object identity. But that use case is + * too rare to care for it. + */ + + /* 2nd check: Address families must be the same. */ + if (AF(a1) != AF(a2)) + return FALSE; + + /* type check: address family determines buffer & size */ + switch (AF(a1)) { + case AF_INET: + /* IPv4 is easy: clamp size, get byte pointers */ + if (mbits > sizeof(NSRCADR(a1)) * 8) + mbits = sizeof(NSRCADR(a1)) * 8; + pm1 = (const void*)&NSRCADR(a1); + pm2 = (const void*)&NSRCADR(a2); + break; + + case AF_INET6: + /* IPv6 is slightly different: Both scopes must match, + * too, before we even consider doing a match! + */ + if ( ! SCOPE_EQ(a1, a2)) + return FALSE; + if (mbits > sizeof(NSRCADR6(a1)) * 8) + mbits = sizeof(NSRCADR6(a1)) * 8; + pm1 = (const void*)&NSRCADR6(a1); + pm2 = (const void*)&NSRCADR6(a2); + break; + + default: + /* don't know how to compare that!?! */ + return FALSE; + } + + /* Split bit length into byte length and partial byte mask. + * Note that the byte mask extends from the MSB of a byte down, + * and that zero shift (--> mbits % 8 == 0) results in an + * all-zero mask. + */ + msk = 0xFFu ^ (0xFFu >> (mbits & 7)); + len = mbits >> 3; + + /* 3rd check: Do memcmp() over full bytes, if any */ + if (len && memcmp(pm1, pm2, len)) + return FALSE; + + /* 4th check: compare last incomplete byte, if any */ + if (msk && ((pm1[len] ^ pm2[len]) & msk)) + return FALSE; + + /* If none of the above failed, we're successfully through. */ + return TRUE; +} + /* * init_auth - initialize internal data */ @@ -316,6 +412,10 @@ return (u_short)r; } +int/*BOOL*/ +ipaddr_match_masked(const sockaddr_u *,const sockaddr_u *, + unsigned int mbits); + static void authcache_flush_id( keyid_t id @@ -617,20 +717,19 @@ { symkey * sk; - /* That specific key was already used to authenticate the - * packet. Therefore, the key *must* exist... There's a chance - * that is not trusted, though. - */ if (keyno == cache_keyid) { return (KEY_TRUSTED & cache_flags) && keyacc_contains(cache_keyacclist, sau, TRUE); - } else { + } + + if (NULL != (sk = auth_findkey(keyno))) { authkeyuncached++; - sk = auth_findkey(keyno); - INSIST(NULL != sk); return (KEY_TRUSTED & sk->flags) && keyacc_contains(sk->keyacclist, sau, TRUE); } + + authkeynotfound++; + return FALSE; } /* Note: There are two locations below where 'strncpy()' is used. While @@ -795,7 +894,9 @@ return 0; } - return MD5authencrypt(cache_type, cache_secret, pkt, length); + return MD5authencrypt(cache_type, + cache_secret, cache_secretsize, + pkt, length); } @@ -822,6 +923,7 @@ return FALSE; } - return MD5authdecrypt(cache_type, cache_secret, pkt, length, - size); + return MD5authdecrypt(cache_type, + cache_secret, cache_secretsize, + pkt, length, size); } --- contrib/ntp/libntp/authreadkeys.c.orig +++ contrib/ntp/libntp/authreadkeys.c @@ -5,8 +5,8 @@ #include #include -#include "ntpd.h" /* Only for DPRINTF */ -#include "ntp_fp.h" +//#include "ntpd.h" /* Only for DPRINTF */ +//#include "ntp_fp.h" #include "ntp.h" #include "ntp_syslog.h" #include "ntp_stdlib.h" @@ -148,6 +148,7 @@ u_int nerr; KeyDataT *list = NULL; KeyDataT *next = NULL; + /* * Open file. Complain and return if it can't be opened. */ @@ -220,7 +221,8 @@ log_maybe(NULL, "authreadkeys: invalid type for key %d", keyno); - } else if (EVP_get_digestbynid(keytype) == NULL) { + } else if (NID_cmac != keytype && + EVP_get_digestbynid(keytype) == NULL) { log_maybe(NULL, "authreadkeys: no algorithm for key %d", keyno); @@ -295,22 +297,55 @@ } token = nexttok(&line); - DPRINTF(0, ("authreadkeys: full access list <%s>\n", (token) ? token : "NULL")); if (token != NULL) { /* A comma-separated IP access list */ char *tp = token; while (tp) { char *i; + char *snp; /* subnet text pointer */ + unsigned int snbits; sockaddr_u addr; i = strchr(tp, (int)','); - if (i) + if (i) { *i = '\0'; - DPRINTF(0, ("authreadkeys: access list: <%s>\n", tp)); + } + snp = strchr(tp, (int)'/'); + if (snp) { + char *sp; + *snp++ = '\0'; + snbits = 0; + sp = snp; + + while (*sp != '\0') { + if (!isdigit((unsigned char)*sp)) + break; + if (snbits > 1000) + break; /* overflow */ + snbits = 10 * snbits + (*sp++ - '0'); /* ascii dependent */ + } + if (*sp != '\0') { + log_maybe(&nerr, + "authreadkeys: Invalid character in subnet specification for <%s/%s> in key %d", + sp, snp, keyno); + goto nextip; + } + } else { + snbits = UINT_MAX; + } + if (is_ip_address(tp, AF_UNSPEC, &addr)) { - next->keyacclist = keyacc_new_push( - next->keyacclist, &addr); + /* Make sure that snbits is valid for addr */ + if ((snbits < UINT_MAX) && + ( (IS_IPV4(&addr) && snbits > 32) || + (IS_IPV6(&addr) && snbits > 128))) { + log_maybe(NULL, + "authreadkeys: excessive subnet mask <%s/%s> for key %d", + tp, snp, keyno); + } + next->keyacclist = keyacc_new_push( + next->keyacclist, &addr, snbits); } else { log_maybe(&nerr, "authreadkeys: invalid IP address <%s> for key %d", @@ -317,6 +352,7 @@ tp, keyno); } + nextip: if (i) { tp = i + 1; } else { --- contrib/ntp/libntp/libssl_compat.c.orig +++ contrib/ntp/libntp/libssl_compat.c @@ -74,7 +74,10 @@ EVP_MD_CTX* sslshim_EVP_MD_CTX_new(void) { - return calloc(1, sizeof(EVP_MD_CTX)); + EVP_MD_CTX * ctx; + if (NULL != (ctx = calloc(1, sizeof(EVP_MD_CTX)))) + EVP_MD_CTX_init(ctx); + return ctx; } void --- contrib/ntp/libntp/ntp_calendar.c.orig +++ contrib/ntp/libntp/ntp_calendar.c @@ -1825,4 +1825,113 @@ return isocal_date_to_ntp64(id).d_s.lo; } +/* + * ==================================================================== + * 'basedate' support functions + * ==================================================================== + */ + +static int32_t s_baseday = NTP_TO_UNIX_DAYS; + +int32_t +basedate_eval_buildstamp(void) +{ + struct calendar jd; + int32_t ed; + + if (!ntpcal_get_build_date(&jd)) + return NTP_TO_UNIX_DAYS; + + /* The time zone of the build stamp is unspecified; we remove + * one day to provide a certain slack. And in case somebody + * fiddled with the system clock, we make sure we do not go + * before the UNIX epoch (1970-01-01). It's probably not possible + * to do this to the clock on most systems, but there are other + * ways to tweak the build stamp. + */ + jd.monthday -= 1; + ed = ntpcal_date_to_rd(&jd) - DAY_NTP_STARTS; + return (ed < NTP_TO_UNIX_DAYS) ? NTP_TO_UNIX_DAYS : ed; +} + +int32_t +basedate_eval_string( + const char * str + ) +{ + u_short y,m,d; + u_long ned; + int rc, nc; + size_t sl; + + sl = strlen(str); + rc = sscanf(str, "%4hu-%2hu-%2hu%n", &y, &m, &d, &nc); + if (rc == 3 && (size_t)nc == sl) { + if (m >= 1 && m <= 12 && d >= 1 && d <= 31) + return ntpcal_edate_to_eradays(y-1, m-1, d) + - DAY_NTP_STARTS; + goto buildstamp; + } + + rc = scanf(str, "%lu%n", &ned, &nc); + if (rc == 1 && (size_t)nc == sl) { + if (ned <= INT32_MAX) + return (int32_t)ned; + goto buildstamp; + } + + buildstamp: + msyslog(LOG_WARNING, + "basedate string \"%s\" invalid, build date substituted!", + str); + return basedate_eval_buildstamp(); +} + +uint32_t +basedate_get_day(void) +{ + return s_baseday; +} + +int32_t +basedate_set_day( + int32_t day + ) +{ + struct calendar jd; + int32_t retv; + + if (day < NTP_TO_UNIX_DAYS) { + msyslog(LOG_WARNING, + "baseday_set_day: invalid day (%lu), UNIX epoch substituted", + (unsigned long)day); + day = NTP_TO_UNIX_DAYS; + } + retv = s_baseday; + s_baseday = day; + ntpcal_rd_to_date(&jd, day + DAY_NTP_STARTS); + msyslog(LOG_INFO, "basedate set to %04hu-%02hu-%02hu", + jd.year, (u_short)jd.month, (u_short)jd.monthday); + return retv; +} + +time_t +basedate_get_eracenter(void) +{ + time_t retv; + retv = (time_t)(s_baseday - NTP_TO_UNIX_DAYS); + retv *= SECSPERDAY; + retv += (UINT32_C(1) << 31); + return retv; +} + +time_t +basedate_get_erabase(void) +{ + time_t retv; + retv = (time_t)(s_baseday - NTP_TO_UNIX_DAYS); + retv *= SECSPERDAY; + return retv; +} + /* -*-EOF-*- */ --- contrib/ntp/libntp/ssl_init.c.orig +++ contrib/ntp/libntp/ssl_init.c @@ -5,7 +5,7 @@ * Moved from ntpd/ntp_crypto.c crypto_setup() */ #ifdef HAVE_CONFIG_H -#include +# include #endif #include #include @@ -13,12 +13,16 @@ #include #ifdef OPENSSL -#include "openssl/crypto.h" -#include "openssl/err.h" -#include "openssl/evp.h" -#include "openssl/opensslv.h" -#include "libssl_compat.h" +# include "openssl/cmac.h" +# include "openssl/crypto.h" +# include "openssl/err.h" +# include "openssl/evp.h" +# include "openssl/opensslv.h" +# include "libssl_compat.h" +# define CMAC_LENGTH 16 +# define CMAC "AES128CMAC" + int ssl_init_done; #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -26,8 +30,9 @@ static void atexit_ssl_cleanup(void) { - if (!ssl_init_done) + if (!ssl_init_done) { return; + } ssl_init_done = FALSE; EVP_cleanup(); @@ -63,7 +68,7 @@ ssl_check_version(void) { u_long v; - + v = OpenSSL_version_num(); if ((v ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { msyslog(LOG_WARNING, @@ -77,6 +82,8 @@ INIT_SSL(); } +#else /* !OPENSSL */ +# define MD5_LENGTH 16 #endif /* OPENSSL */ @@ -88,61 +95,95 @@ */ int keytype_from_text( - const char *text, - size_t *pdigest_len + const char * text, + size_t * pdigest_len ) { int key_type; u_int digest_len; -#ifdef OPENSSL +#ifdef OPENSSL /* --*-- OpenSSL code --*-- */ const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t); - u_char digest[EVP_MAX_MD_SIZE]; char * upcased; char * pch; + EVP_MD const * md; /* * OpenSSL digest short names are capitalized, so uppercase the * digest name before passing to OBJ_sn2nid(). If it is not - * recognized but begins with 'M' use NID_md5 to be consistent - * with past behavior. + * recognized but matches our CMAC string use NID_cmac, or if + * it begins with 'M' or 'm' use NID_md5 to be consistent with + * past behavior. */ INIT_SSL(); + + /* get name in uppercase */ LIB_GETBUF(upcased); strlcpy(upcased, text, LIB_BUFLENGTH); - for (pch = upcased; '\0' != *pch; pch++) + + for (pch = upcased; '\0' != *pch; pch++) { *pch = (char)toupper((unsigned char)*pch); + } + key_type = OBJ_sn2nid(upcased); + + if (!key_type && !strncmp(CMAC, upcased, strlen(CMAC) + 1)) { + key_type = NID_cmac; + + if (debug) { + fprintf(stderr, "%s:%d:%s():%s:key\n", + __FILE__, __LINE__, __func__, CMAC); + } + } #else + key_type = 0; #endif - if (!key_type && 'm' == tolower((unsigned char)text[0])) + if (!key_type && 'm' == tolower((unsigned char)text[0])) { key_type = NID_md5; + } - if (!key_type) + if (!key_type) { return 0; + } if (NULL != pdigest_len) { #ifdef OPENSSL - EVP_MD_CTX *ctx; + md = EVP_get_digestbynid(key_type); + digest_len = (md) ? EVP_MD_size(md) : 0; - ctx = EVP_MD_CTX_new(); - EVP_DigestInit(ctx, EVP_get_digestbynid(key_type)); - EVP_DigestFinal(ctx, digest, &digest_len); - EVP_MD_CTX_free(ctx); - if (digest_len > max_digest_len) { + if (!md || digest_len <= 0) { + if (key_type == NID_cmac) { + digest_len = CMAC_LENGTH; + + if (debug) { + fprintf(stderr, "%s:%d:%s():%s:len\n", + __FILE__, __LINE__, __func__, CMAC); + } + } else { fprintf(stderr, - "key type %s %u octet digests are too big, max %lu\n", - keytype_name(key_type), digest_len, - max_digest_len); + "key type %s is not supported by OpenSSL\n", + keytype_name(key_type)); msyslog(LOG_ERR, - "key type %s %u octet digests are too big, max %lu", - keytype_name(key_type), digest_len, - max_digest_len); + "key type %s is not supported by OpenSSL\n", + keytype_name(key_type)); return 0; + } } + + if (digest_len > max_digest_len) { + fprintf(stderr, + "key type %s %u octet digests are too big, max %lu\n", + keytype_name(key_type), digest_len, + max_digest_len); + msyslog(LOG_ERR, + "key type %s %u octet digests are too big, max %lu", + keytype_name(key_type), digest_len, + max_digest_len); + return 0; + } #else - digest_len = 16; + digest_len = MD5_LENGTH; #endif *pdigest_len = digest_len; } @@ -167,8 +208,18 @@ #ifdef OPENSSL INIT_SSL(); name = OBJ_nid2sn(nid); - if (NULL == name) + + if (NID_cmac == nid) { + name = CMAC; + + if (debug) { + fprintf(stderr, "%s:%d:%s():%s:nid\n", + __FILE__, __LINE__, __func__, CMAC); + } + } else + if (NULL == name) { name = unknown_type; + } #else /* !OPENSSL follows */ if (NID_md5 == nid) name = "MD5"; @@ -203,3 +254,4 @@ return getpass(pass_prompt); } + --- contrib/ntp/libntp/statestr.c.orig +++ contrib/ntp/libntp/statestr.c @@ -22,7 +22,8 @@ */ struct codestring { int code; - const char * const string; + const char * const string1; + const char * const string0; }; /* @@ -29,11 +30,11 @@ * Leap status (leap) */ static const struct codestring leap_codes[] = { - { LEAP_NOWARNING, "leap_none" }, - { LEAP_ADDSECOND, "leap_add_sec" }, - { LEAP_DELSECOND, "leap_del_sec" }, - { LEAP_NOTINSYNC, "leap_alarm" }, - { -1, "leap" } + { LEAP_NOWARNING, "leap_none", 0 }, + { LEAP_ADDSECOND, "leap_add_sec", 0 }, + { LEAP_DELSECOND, "leap_del_sec", 0 }, + { LEAP_NOTINSYNC, "leap_alarm", 0 }, + { -1, "leap", 0 } }; /* @@ -40,17 +41,17 @@ * Clock source status (sync) */ static const struct codestring sync_codes[] = { - { CTL_SST_TS_UNSPEC, "sync_unspec" }, - { CTL_SST_TS_ATOM, "sync_pps" }, - { CTL_SST_TS_LF, "sync_lf_radio" }, - { CTL_SST_TS_HF, "sync_hf_radio" }, - { CTL_SST_TS_UHF, "sync_uhf_radio" }, - { CTL_SST_TS_LOCAL, "sync_local" }, - { CTL_SST_TS_NTP, "sync_ntp" }, - { CTL_SST_TS_UDPTIME, "sync_other" }, - { CTL_SST_TS_WRSTWTCH, "sync_wristwatch" }, - { CTL_SST_TS_TELEPHONE, "sync_telephone" }, - { -1, "sync" } + { CTL_SST_TS_UNSPEC, "sync_unspec", 0 }, + { CTL_SST_TS_ATOM, "sync_pps", 0 }, + { CTL_SST_TS_LF, "sync_lf_radio", 0 }, + { CTL_SST_TS_HF, "sync_hf_radio", 0 }, + { CTL_SST_TS_UHF, "sync_uhf_radio", 0 }, + { CTL_SST_TS_LOCAL, "sync_local", 0 }, + { CTL_SST_TS_NTP, "sync_ntp", 0 }, + { CTL_SST_TS_UDPTIME, "sync_other", 0 }, + { CTL_SST_TS_WRSTWTCH, "sync_wristwatch", 0 }, + { CTL_SST_TS_TELEPHONE, "sync_telephone", 0 }, + { -1, "sync", 0 } }; /* @@ -57,15 +58,15 @@ * Peer selection status (sel) */ static const struct codestring select_codes[] = { - { CTL_PST_SEL_REJECT, "sel_reject" }, - { CTL_PST_SEL_SANE, "sel_falsetick" }, - { CTL_PST_SEL_CORRECT, "sel_excess" }, - { CTL_PST_SEL_SELCAND, "sel_outlier" }, - { CTL_PST_SEL_SYNCCAND, "sel_candidate" }, - { CTL_PST_SEL_EXCESS, "sel_backup" }, - { CTL_PST_SEL_SYSPEER, "sel_sys.peer" }, - { CTL_PST_SEL_PPS, "sel_pps.peer" }, - { -1, "sel" } + { CTL_PST_SEL_REJECT, "sel_reject", 0 }, + { CTL_PST_SEL_SANE, "sel_falsetick", 0 }, + { CTL_PST_SEL_CORRECT, "sel_excess", 0 }, + { CTL_PST_SEL_SELCAND, "sel_outlier", 0 }, + { CTL_PST_SEL_SYNCCAND, "sel_candidate", 0 }, + { CTL_PST_SEL_EXCESS, "sel_backup", 0 }, + { CTL_PST_SEL_SYSPEER, "sel_sys.peer", 0 }, + { CTL_PST_SEL_PPS, "sel_pps.peer", 0 }, + { -1, "sel", 0 } }; /* @@ -72,14 +73,14 @@ * Clock status (clk) */ static const struct codestring clock_codes[] = { - { CTL_CLK_OKAY, "clk_unspec" }, - { CTL_CLK_NOREPLY, "clk_no_reply" }, - { CTL_CLK_BADFORMAT, "clk_bad_format" }, - { CTL_CLK_FAULT, "clk_fault" }, - { CTL_CLK_PROPAGATION, "clk_bad_signal" }, - { CTL_CLK_BADDATE, "clk_bad_date" }, - { CTL_CLK_BADTIME, "clk_bad_time" }, - { -1, "clk" } + { CTL_CLK_OKAY, "clk_unspec", 0 }, + { CTL_CLK_NOREPLY, "clk_no_reply", 0 }, + { CTL_CLK_BADFORMAT, "clk_bad_format", 0 }, + { CTL_CLK_FAULT, "clk_fault", 0 }, + { CTL_CLK_PROPAGATION, "clk_bad_signal", 0 }, + { CTL_CLK_BADDATE, "clk_bad_date", 0 }, + { CTL_CLK_BADTIME, "clk_bad_time", 0 }, + { -1, "clk", 0 } }; @@ -88,20 +89,20 @@ * Flash bits -- see ntpq.c tstflags & tstflagnames */ static const struct codestring flash_codes[] = { - { TEST1, "pkt_dup" }, - { TEST2, "pkt_bogus" }, - { TEST3, "pkt_unsync" }, - { TEST4, "pkt_denied" }, - { TEST5, "pkt_auth" }, - { TEST6, "pkt_stratum" }, - { TEST7, "pkt_header" }, - { TEST8, "pkt_autokey" }, - { TEST9, "pkt_crypto" }, - { TEST10, "peer_stratum" }, - { TEST11, "peer_dist" }, - { TEST12, "peer_loop" }, - { TEST13, "peer_unreach" }, - { -1, "flash" } + { TEST1, "pkt_dup", 0 }, + { TEST2, "pkt_bogus", 0 }, + { TEST3, "pkt_unsync", 0 }, + { TEST4, "pkt_denied", 0 }, + { TEST5, "pkt_auth", 0 }, + { TEST6, "pkt_stratum", 0 }, + { TEST7, "pkt_header", 0 }, + { TEST8, "pkt_autokey", 0 }, + { TEST9, "pkt_crypto", 0 }, + { TEST10, "peer_stratum", 0 }, + { TEST11, "peer_dist", 0 }, + { TEST12, "peer_loop", 0 }, + { TEST13, "peer_unreach", 0 }, + { -1, "flash", 0 } }; #endif @@ -110,23 +111,23 @@ * System events (sys) */ static const struct codestring sys_codes[] = { - { EVNT_UNSPEC, "unspecified" }, - { EVNT_NSET, "freq_not_set" }, - { EVNT_FSET, "freq_set" }, - { EVNT_SPIK, "spike_detect" }, - { EVNT_FREQ, "freq_mode" }, - { EVNT_SYNC, "clock_sync" }, - { EVNT_SYSRESTART, "restart" }, - { EVNT_SYSFAULT, "panic_stop" }, - { EVNT_NOPEER, "no_sys_peer" }, - { EVNT_ARMED, "leap_armed" }, - { EVNT_DISARMED, "leap_disarmed" }, - { EVNT_LEAP, "leap_event" }, - { EVNT_CLOCKRESET, "clock_step" }, - { EVNT_KERN, "kern" }, - { EVNT_TAI, "TAI" }, - { EVNT_LEAPVAL, "stale_leapsecond_values" }, - { -1, "" } + { EVNT_UNSPEC, "unspecified", 0 }, + { EVNT_NSET, "freq_not_set", 0 }, + { EVNT_FSET, "freq_set", 0 }, + { EVNT_SPIK, "spike_detect", 0 }, + { EVNT_FREQ, "freq_mode", 0 }, + { EVNT_SYNC, "clock_sync", 0 }, + { EVNT_SYSRESTART, "restart", 0 }, + { EVNT_SYSFAULT, "panic_stop", 0 }, + { EVNT_NOPEER, "no_sys_peer", 0 }, + { EVNT_ARMED, "leap_armed", 0 }, + { EVNT_DISARMED, "leap_disarmed", 0 }, + { EVNT_LEAP, "leap_event", 0 }, + { EVNT_CLOCKRESET, "clock_step", 0 }, + { EVNT_KERN, "kern", 0 }, + { EVNT_TAI, "TAI", 0 }, + { EVNT_LEAPVAL, "stale_leapsecond_values", 0 }, + { -1, "", 0 } }; /* @@ -133,22 +134,22 @@ * Peer events (peer) */ static const struct codestring peer_codes[] = { - { PEVNT_MOBIL & ~PEER_EVENT, "mobilize" }, - { PEVNT_DEMOBIL & ~PEER_EVENT, "demobilize" }, - { PEVNT_UNREACH & ~PEER_EVENT, "unreachable" }, - { PEVNT_REACH & ~PEER_EVENT, "reachable" }, - { PEVNT_RESTART & ~PEER_EVENT, "restart" }, - { PEVNT_REPLY & ~PEER_EVENT, "no_reply" }, - { PEVNT_RATE & ~PEER_EVENT, "rate_exceeded" }, - { PEVNT_DENY & ~PEER_EVENT, "access_denied" }, - { PEVNT_ARMED & ~PEER_EVENT, "leap_armed" }, - { PEVNT_NEWPEER & ~PEER_EVENT, "sys_peer" }, - { PEVNT_CLOCK & ~PEER_EVENT, "clock_event" }, - { PEVNT_AUTH & ~PEER_EVENT, "bad_auth" }, - { PEVNT_POPCORN & ~PEER_EVENT, "popcorn" }, - { PEVNT_XLEAVE & ~PEER_EVENT, "interleave_mode" }, - { PEVNT_XERR & ~PEER_EVENT, "interleave_error" }, - { -1, "" } + { PEVNT_MOBIL & ~PEER_EVENT, "mobilize", 0 }, + { PEVNT_DEMOBIL & ~PEER_EVENT, "demobilize", 0 }, + { PEVNT_UNREACH & ~PEER_EVENT, "unreachable", 0 }, + { PEVNT_REACH & ~PEER_EVENT, "reachable", 0 }, + { PEVNT_RESTART & ~PEER_EVENT, "restart", 0 }, + { PEVNT_REPLY & ~PEER_EVENT, "no_reply", 0 }, + { PEVNT_RATE & ~PEER_EVENT, "rate_exceeded", 0 }, + { PEVNT_DENY & ~PEER_EVENT, "access_denied", 0 }, + { PEVNT_ARMED & ~PEER_EVENT, "leap_armed", 0 }, + { PEVNT_NEWPEER & ~PEER_EVENT, "sys_peer", 0 }, + { PEVNT_CLOCK & ~PEER_EVENT, "clock_event", 0 }, + { PEVNT_AUTH & ~PEER_EVENT, "bad_auth", 0 }, + { PEVNT_POPCORN & ~PEER_EVENT, "popcorn", 0 }, + { PEVNT_XLEAVE & ~PEER_EVENT, "interleave_mode", 0 }, + { PEVNT_XERR & ~PEER_EVENT, "interleave_error", 0 }, + { -1, "", 0 } }; /* @@ -155,11 +156,11 @@ * Peer status bits */ static const struct codestring peer_st_bits[] = { - { CTL_PST_CONFIG, "conf" }, - { CTL_PST_AUTHENABLE, "authenb" }, - { CTL_PST_AUTHENTIC, "auth" }, - { CTL_PST_REACH, "reach" }, - { CTL_PST_BCAST, "bcast" }, + { CTL_PST_CONFIG, "conf", 0 }, + { CTL_PST_AUTHENABLE, "authenb", 0 }, + { CTL_PST_AUTHENTIC, "auth", 0 }, + { CTL_PST_REACH, "reach", 0 }, + { CTL_PST_BCAST, "bcast", 0 }, /* not used with getcode(), no terminating entry needed */ }; @@ -167,9 +168,9 @@ * Restriction match bits */ static const struct codestring res_match_bits[] = { - { RESM_NTPONLY, "ntpport" }, - { RESM_INTERFACE, "interface" }, - { RESM_SOURCE, "source" }, + { RESM_NTPONLY, "ntpport", 0 }, + { RESM_INTERFACE, "interface", 0 }, + { RESM_SOURCE, "source", 0 }, /* not used with getcode(), no terminating entry needed */ }; @@ -177,18 +178,19 @@ * Restriction access bits */ static const struct codestring res_access_bits[] = { - { RES_IGNORE, "ignore" }, - { RES_DONTSERVE, "noserve" }, - { RES_DONTTRUST, "notrust" }, - { RES_NOQUERY, "noquery" }, - { RES_NOMODIFY, "nomodify" }, - { RES_NOPEER, "nopeer" }, - { RES_NOTRAP, "notrap" }, - { RES_LPTRAP, "lptrap" }, - { RES_LIMITED, "limited" }, - { RES_VERSION, "version" }, - { RES_KOD, "kod" }, - { RES_FLAKE, "flake" }, + { RES_IGNORE, "ignore", 0 }, + { RES_DONTSERVE, "noserve", "serve" }, + { RES_DONTTRUST, "notrust", "trust" }, + { RES_NOQUERY, "noquery", "query" }, + { RES_NOMODIFY, "nomodify", 0 }, + { RES_NOPEER, "nopeer", "peer" }, + { RES_NOEPEER, "noepeer", "epeer" }, + { RES_NOTRAP, "notrap", "trap" }, + { RES_LPTRAP, "lptrap", 0 }, + { RES_LIMITED, "limited", 0 }, + { RES_VERSION, "version", 0 }, + { RES_KOD, "kod", 0 }, + { RES_FLAKE, "flake", 0 }, /* not used with getcode(), no terminating entry needed */ }; @@ -197,23 +199,23 @@ * Crypto events (cryp) */ static const struct codestring crypto_codes[] = { - { XEVNT_OK & ~CRPT_EVENT, "success" }, - { XEVNT_LEN & ~CRPT_EVENT, "bad_field_format_or_length" }, - { XEVNT_TSP & ~CRPT_EVENT, "bad_timestamp" }, - { XEVNT_FSP & ~CRPT_EVENT, "bad_filestamp" }, - { XEVNT_PUB & ~CRPT_EVENT, "bad_or_missing_public_key" }, - { XEVNT_MD & ~CRPT_EVENT, "unsupported_digest_type" }, - { XEVNT_KEY & ~CRPT_EVENT, "unsupported_identity_type" }, - { XEVNT_SGL & ~CRPT_EVENT, "bad_signature_length" }, - { XEVNT_SIG & ~CRPT_EVENT, "signature_not_verified" }, - { XEVNT_VFY & ~CRPT_EVENT, "certificate_not_verified" }, - { XEVNT_PER & ~CRPT_EVENT, "host_certificate_expired" }, - { XEVNT_CKY & ~CRPT_EVENT, "bad_or_missing_cookie" }, - { XEVNT_DAT & ~CRPT_EVENT, "bad_or_missing_leapseconds" }, - { XEVNT_CRT & ~CRPT_EVENT, "bad_or_missing_certificate" }, - { XEVNT_ID & ~CRPT_EVENT, "bad_or_missing_group key" }, - { XEVNT_ERR & ~CRPT_EVENT, "protocol_error" }, - { -1, "" } + { XEVNT_OK & ~CRPT_EVENT, "success", 0 }, + { XEVNT_LEN & ~CRPT_EVENT, "bad_field_format_or_length", 0 }, + { XEVNT_TSP & ~CRPT_EVENT, "bad_timestamp", 0 }, + { XEVNT_FSP & ~CRPT_EVENT, "bad_filestamp", 0 }, + { XEVNT_PUB & ~CRPT_EVENT, "bad_or_missing_public_key", 0 }, + { XEVNT_MD & ~CRPT_EVENT, "unsupported_digest_type", 0 }, + { XEVNT_KEY & ~CRPT_EVENT, "unsupported_identity_type", 0 }, + { XEVNT_SGL & ~CRPT_EVENT, "bad_signature_length", 0 }, + { XEVNT_SIG & ~CRPT_EVENT, "signature_not_verified", 0 }, + { XEVNT_VFY & ~CRPT_EVENT, "certificate_not_verified", 0 }, + { XEVNT_PER & ~CRPT_EVENT, "host_certificate_expired", 0 }, + { XEVNT_CKY & ~CRPT_EVENT, "bad_or_missing_cookie", 0 }, + { XEVNT_DAT & ~CRPT_EVENT, "bad_or_missing_leapseconds", 0 }, + { XEVNT_CRT & ~CRPT_EVENT, "bad_or_missing_certificate", 0 }, + { XEVNT_ID & ~CRPT_EVENT, "bad_or_missing_group key", 0 }, + { XEVNT_ERR & ~CRPT_EVENT, "protocol_error", 0 }, + { -1, "", 0 } }; #endif /* AUTOKEY */ @@ -223,52 +225,52 @@ */ static const struct codestring k_st_bits[] = { # ifdef STA_PLL - { STA_PLL, "pll" }, + { STA_PLL, "pll", 0 }, # endif # ifdef STA_PPSFREQ - { STA_PPSFREQ, "ppsfreq" }, + { STA_PPSFREQ, "ppsfreq", 0 }, # endif # ifdef STA_PPSTIME - { STA_PPSTIME, "ppstime" }, + { STA_PPSTIME, "ppstime", 0 }, # endif # ifdef STA_FLL - { STA_FLL, "fll" }, + { STA_FLL, "fll", 0 }, # endif # ifdef STA_INS - { STA_INS, "ins" }, + { STA_INS, "ins", 0 }, # endif # ifdef STA_DEL - { STA_DEL, "del" }, + { STA_DEL, "del", 0 }, # endif # ifdef STA_UNSYNC - { STA_UNSYNC, "unsync" }, + { STA_UNSYNC, "unsync", 0 }, # endif # ifdef STA_FREQHOLD - { STA_FREQHOLD, "freqhold" }, + { STA_FREQHOLD, "freqhold", 0 }, # endif # ifdef STA_PPSSIGNAL - { STA_PPSSIGNAL, "ppssignal" }, + { STA_PPSSIGNAL, "ppssignal", 0 }, # endif # ifdef STA_PPSJITTER - { STA_PPSJITTER, "ppsjitter" }, + { STA_PPSJITTER, "ppsjitter", 0 }, # endif # ifdef STA_PPSWANDER - { STA_PPSWANDER, "ppswander" }, + { STA_PPSWANDER, "ppswander", 0 }, # endif # ifdef STA_PPSERROR - { STA_PPSERROR, "ppserror" }, + { STA_PPSERROR, "ppserror", 0 }, # endif # ifdef STA_CLOCKERR - { STA_CLOCKERR, "clockerr" }, + { STA_CLOCKERR, "clockerr", 0 }, # endif # ifdef STA_NANO - { STA_NANO, "nano" }, + { STA_NANO, "nano", 0 }, # endif # ifdef STA_MODE - { STA_MODE, "mode=fll" }, + { STA_MODE, "mode=fll", 0 }, # endif # ifdef STA_CLK - { STA_CLK, "src=B" }, + { STA_CLK, "src=B", 0 }, # endif /* not used with getcode(), no terminating entry needed */ }; @@ -292,12 +294,12 @@ while (codetab->code != -1) { if (codetab->code == code) - return codetab->string; + return codetab->string1; codetab++; } LIB_GETBUF(buf); - snprintf(buf, LIB_BUFLENGTH, "%s_%d", codetab->string, code); + snprintf(buf, LIB_BUFLENGTH, "%s_%d", codetab->string1, code); return buf; } @@ -354,10 +356,18 @@ sep = ""; for (b = 0; b < tab_ct; b++) { + const char * flagstr; + if (tab[b].code & bits) { + flagstr = tab[b].string1; + } else { + flagstr = tab[b].string0; + } + + if (flagstr) { size_t avail = lim - pch; rc = snprintf(pch, avail, "%s%s", sep, - tab[b].string); + flagstr); if ((size_t)rc >= avail) goto toosmall; pch += rc; --- contrib/ntp/libntp/systime.c.orig +++ contrib/ntp/libntp/systime.c @@ -5,8 +5,10 @@ * */ #include +#include #include "ntp.h" +#include "ntpd.h" #include "ntp_syslog.h" #include "ntp_stdlib.h" #include "ntp_random.h" @@ -14,6 +16,7 @@ #include "timevalops.h" #include "timespecops.h" #include "ntp_calendar.h" +#include "lib_strbuf.h" #ifdef HAVE_SYS_PARAM_H # include @@ -28,6 +31,9 @@ int allow_panic = FALSE; /* allow panic correction (-g) */ int enable_panic_check = TRUE; /* Can we check allow_panic's state? */ +u_long sys_lamport; /* Lamport violation */ +u_long sys_tsrounding; /* timestamp rounding errors */ + #ifndef USE_COMPILETIME_PIVOT # define USE_COMPILETIME_PIVOT 1 #endif @@ -110,7 +116,10 @@ sys_fuzz = fuzz_val; INSIST(sys_fuzz >= 0); INSIST(sys_fuzz <= 1.0); - sys_fuzz_nsec = (long)(sys_fuzz * 1e9 + 0.5); + /* [Bug 3450] ensure nsec fuzz >= sys_fuzz to reduce chance of + * short-falling fuzz advance + */ + sys_fuzz_nsec = (long)ceil(sys_fuzz * 1e9); } @@ -168,13 +177,10 @@ static struct timespec ts_last; /* last sampled os time */ static struct timespec ts_prev; /* prior os time */ static l_fp lfp_prev; /* prior result */ - static double dfuzz_prev; /* prior fuzz */ struct timespec ts; /* seconds and nanoseconds */ struct timespec ts_min; /* earliest permissible */ struct timespec ts_lam; /* lamport fictional increment */ - struct timespec ts_prev_log; /* for msyslog only */ double dfuzz; - double ddelta; l_fp result; l_fp lfpfuzz; l_fp lfpdelta; @@ -191,8 +197,10 @@ * introduce small steps backward. It should not be an issue on * systems where get_ostime() results in a true syscall.) */ - if (cmp_tspec(add_tspec_ns(ts, 50000000), ts_last) < 0) + if (cmp_tspec(add_tspec_ns(ts, 50000000), ts_last) < 0) { lamport_violated = 1; + sys_lamport++; + } ts_last = ts; /* @@ -216,14 +224,7 @@ if (!lamport_violated) ts = ts_min; } - ts_prev_log = ts_prev; ts_prev = ts; - } else { - /* - * Quiet "ts_prev_log.tv_sec may be used uninitialized" - * warning from x86 gcc 4.5.2. - */ - ZERO(ts_prev_log); } /* convert from timespec to l_fp fixed-point */ @@ -230,7 +231,9 @@ result = tspec_stamp_to_lfp(ts); /* - * Add in the fuzz. + * Add in the fuzz. 'ntp_random()' returns [0..2**31-1] so we + * must scale up the result by 2.0 to cover the full fractional + * range. */ dfuzz = ntp_random() * 2. / FRAC * sys_fuzz; DTOLFP(dfuzz, &lfpfuzz); @@ -240,30 +243,34 @@ * Ensure result is strictly greater than prior result (ignoring * sys_residual's effect for now) once sys_fuzz has been * determined. + * + * [Bug 3450] Rounding errors and time slew can lead to a + * violation of the expected postcondition. This is bound to + * happen from time to time (depending on state of the random + * generator, the current slew and the closeness of system time + * stamps drawn) and does not warrant a syslog entry. Instead it + * makes much more sense to ensure the postcondition and hop + * along silently. */ if (!USING_SIGIO()) { - if (!L_ISZERO(&lfp_prev) && !lamport_violated) { - if (!L_ISGTU(&result, &lfp_prev) && - sys_fuzz > 0.) { - msyslog(LOG_ERR, "ts_prev %s ts_min %s", - tspectoa(ts_prev_log), - tspectoa(ts_min)); - msyslog(LOG_ERR, "ts %s", tspectoa(ts)); - msyslog(LOG_ERR, "sys_fuzz %ld nsec, prior fuzz %.9f", - sys_fuzz_nsec, dfuzz_prev); - msyslog(LOG_ERR, "this fuzz %.9f", - dfuzz); - lfpdelta = lfp_prev; - L_SUB(&lfpdelta, &result); - LFPTOD(&lfpdelta, ddelta); - msyslog(LOG_ERR, - "prev get_systime 0x%x.%08x is %.9f later than 0x%x.%08x", - lfp_prev.l_ui, lfp_prev.l_uf, - ddelta, result.l_ui, result.l_uf); + if ( !L_ISZERO(&lfp_prev) + && !lamport_violated + && (sys_fuzz > 0.0) + ) { + lfpdelta = result; + L_SUB(&lfpdelta, &lfp_prev); + L_SUBUF(&lfpdelta, 1); + if (lfpdelta.l_i < 0) + { + L_NEG(&lfpdelta); + DPRINTF(1, ("get_systime: postcond failed by %s secs, fixed\n", + lfptoa(&lfpdelta, 9))); + result = lfp_prev; + L_ADDUF(&result, 1); + sys_tsrounding++; } } lfp_prev = result; - dfuzz_prev = dfuzz; if (lamport_violated) lamport_violated = FALSE; } @@ -362,106 +369,17 @@ } #endif - /* - * step_systime - step the system clock. + * helper to keep utmp/wtmp up to date */ - -int -step_systime( - double step +static void +update_uwtmp( + struct timeval timetv, + struct timeval tvlast ) { - time_t pivot; /* for ntp era unfolding */ - struct timeval timetv, tvlast, tvdiff; - struct timespec timets; - struct calendar jd; - l_fp fp_ofs, fp_sys; /* offset and target system time in FP */ - + struct timeval tvdiff; /* - * Get pivot time for NTP era unfolding. Since we don't step - * very often, we can afford to do the whole calculation from - * scratch. And we're not in the time-critical path yet. - */ -#if SIZEOF_TIME_T > 4 - /* - * This code makes sure the resulting time stamp for the new - * system time is in the 2^32 seconds starting at 1970-01-01, - * 00:00:00 UTC. - */ - pivot = 0x80000000; -#if USE_COMPILETIME_PIVOT - /* - * Add the compile time minus 10 years to get a possible target - * area of (compile time - 10 years) to (compile time + 126 - * years). This should be sufficient for a given binary of - * NTPD. - */ - if (ntpcal_get_build_date(&jd)) { - jd.year -= 10; - pivot += ntpcal_date_to_time(&jd); - } else { - msyslog(LOG_ERR, - "step-systime: assume 1970-01-01 as build date"); - } -#else - UNUSED_LOCAL(jd); -#endif /* USE_COMPILETIME_PIVOT */ -#else - UNUSED_LOCAL(jd); - /* This makes sure the resulting time stamp is on or after - * 1969-12-31/23:59:59 UTC and gives us additional two years, - * from the change of NTP era in 2036 to the UNIX rollover in - * 2038. (Minus one second, but that won't hurt.) We *really* - * need a longer 'time_t' after that! Or a different baseline, - * but that would cause other serious trouble, too. - */ - pivot = 0x7FFFFFFF; -#endif - - /* get the complete jump distance as l_fp */ - DTOLFP(sys_residual, &fp_sys); - DTOLFP(step, &fp_ofs); - L_ADD(&fp_ofs, &fp_sys); - - /* ---> time-critical path starts ---> */ - - /* get the current time as l_fp (without fuzz) and as struct timeval */ - get_ostime(&timets); - fp_sys = tspec_stamp_to_lfp(timets); - tvlast.tv_sec = timets.tv_sec; - tvlast.tv_usec = (timets.tv_nsec + 500) / 1000; - - /* get the target time as l_fp */ - L_ADD(&fp_sys, &fp_ofs); - - /* unfold the new system time */ - timetv = lfp_stamp_to_tval(fp_sys, &pivot); - - /* now set new system time */ - if (ntp_set_tod(&timetv, NULL) != 0) { - msyslog(LOG_ERR, "step-systime: %m"); - if (enable_panic_check && allow_panic) { - msyslog(LOG_ERR, "step_systime: allow_panic is TRUE!"); - } - return FALSE; - } - - /* <--- time-critical path ended with 'ntp_set_tod()' <--- */ - - sys_residual = 0; - lamport_violated = (step < 0); - if (step_callback) - (*step_callback)(); - -#ifdef NEED_HPUX_ADJTIME - /* - * CHECKME: is this correct when called by ntpdate????? - */ - _clear_adjtime(); -#endif - - /* * FreeBSD, for example, has: * struct utmp { * char ut_line[UT_LINESIZE]; @@ -589,6 +507,83 @@ #endif /* UPDATE_WTMPX */ } +} + +/* + * step_systime - step the system clock. + */ + +int +step_systime( + double step + ) +{ + time_t pivot; /* for ntp era unfolding */ + struct timeval timetv, tvlast; + struct timespec timets; + l_fp fp_ofs, fp_sys; /* offset and target system time in FP */ + + /* + * Get pivot time for NTP era unfolding. Since we don't step + * very often, we can afford to do the whole calculation from + * scratch. And we're not in the time-critical path yet. + */ +#if SIZEOF_TIME_T > 4 + pivot = basedate_get_eracenter(); +#else + /* This makes sure the resulting time stamp is on or after + * 1969-12-31/23:59:59 UTC and gives us additional two years, + * from the change of NTP era in 2036 to the UNIX rollover in + * 2038. (Minus one second, but that won't hurt.) We *really* + * need a longer 'time_t' after that! Or a different baseline, + * but that would cause other serious trouble, too. + */ + pivot = 0x7FFFFFFF; +#endif + + /* get the complete jump distance as l_fp */ + DTOLFP(sys_residual, &fp_sys); + DTOLFP(step, &fp_ofs); + L_ADD(&fp_ofs, &fp_sys); + + /* ---> time-critical path starts ---> */ + + /* get the current time as l_fp (without fuzz) and as struct timeval */ + get_ostime(&timets); + fp_sys = tspec_stamp_to_lfp(timets); + tvlast.tv_sec = timets.tv_sec; + tvlast.tv_usec = (timets.tv_nsec + 500) / 1000; + + /* get the target time as l_fp */ + L_ADD(&fp_sys, &fp_ofs); + + /* unfold the new system time */ + timetv = lfp_stamp_to_tval(fp_sys, &pivot); + + /* now set new system time */ + if (ntp_set_tod(&timetv, NULL) != 0) { + msyslog(LOG_ERR, "step-systime: %m"); + if (enable_panic_check && allow_panic) { + msyslog(LOG_ERR, "step_systime: allow_panic is TRUE!"); + } + return FALSE; + } + + /* <--- time-critical path ended with 'ntp_set_tod()' <--- */ + + sys_residual = 0; + lamport_violated = (step < 0); + if (step_callback) + (*step_callback)(); + +#ifdef NEED_HPUX_ADJTIME + /* + * CHECKME: is this correct when called by ntpdate????? + */ + _clear_adjtime(); +#endif + + update_uwtmp(timetv, tvlast); if (enable_panic_check && allow_panic) { msyslog(LOG_ERR, "step_systime: allow_panic is TRUE!"); INSIST(!allow_panic); @@ -596,4 +591,93 @@ return TRUE; } +static const char * +tv_fmt_libbuf( + const struct timeval * ptv + ) +{ + char * retv; + vint64 secs; + ntpcal_split dds; + struct calendar jd; + + secs = time_to_vint64(&ptv->tv_sec); + dds = ntpcal_daysplit(&secs); + ntpcal_daysplit_to_date(&jd, &dds, DAY_UNIX_STARTS); + LIB_GETBUF(retv); + snprintf(retv, LIB_BUFLENGTH, + "%04hu-%02hu-%02hu/%02hu:%02hu:%02hu.%06u", + jd.year, (u_short)jd.month, (u_short)jd.monthday, + (u_short)jd.hour, (u_short)jd.minute, (u_short)jd.second, + (u_int)ptv->tv_usec); + return retv; +} + + +int /*BOOL*/ +clamp_systime(void) +{ +#if SIZEOF_TIME_T > 4 + + struct timeval timetv, tvlast; + struct timespec timets; + uint32_t tdiff; + + + timetv.tv_sec = basedate_get_erabase(); + + /* ---> time-critical path starts ---> */ + + /* get the current time as l_fp (without fuzz) and as struct timeval */ + get_ostime(&timets); + tvlast.tv_sec = timets.tv_sec; + tvlast.tv_usec = (timets.tv_nsec + 500) / 1000; + if (tvlast.tv_usec >= 1000000) { + tvlast.tv_usec -= 1000000; + tvlast.tv_sec += 1; + } + timetv.tv_usec = tvlast.tv_usec; + + tdiff = (uint32_t)(tvlast.tv_sec & UINT32_MAX) - + (uint32_t)(timetv.tv_sec & UINT32_MAX); + timetv.tv_sec += tdiff; + if (timetv.tv_sec != tvlast.tv_sec) { + /* now set new system time */ + if (ntp_set_tod(&timetv, NULL) != 0) { + msyslog(LOG_ERR, "clamp-systime: %m"); + return FALSE; + } + } else { + msyslog(LOG_INFO, + "clamp-systime: clock (%s) in allowed range", + tv_fmt_libbuf(&timetv)); + return FALSE; + } + + /* <--- time-critical path ended with 'ntp_set_tod()' <--- */ + + sys_residual = 0; + lamport_violated = (timetv.tv_sec < tvlast.tv_sec); + if (step_callback) + (*step_callback)(); + +# ifdef NEED_HPUX_ADJTIME + /* + * CHECKME: is this correct when called by ntpdate????? + */ + _clear_adjtime(); +# endif + + update_uwtmp(timetv, tvlast); + msyslog(LOG_WARNING, + "clamp-systime: clock stepped from %s to %s!", + tv_fmt_libbuf(&tvlast), tv_fmt_libbuf(&timetv)); + return TRUE; + +#else + + return 0; +#endif +} + #endif /* !SIM */ --- contrib/ntp/libntp/work_thread.c.orig +++ contrib/ntp/libntp/work_thread.c @@ -27,7 +27,7 @@ #define CHILD_GONE_RESP CHILD_EXIT_REQ /* Queue size increments: * The request queue grows a bit faster than the response queue -- the - * deamon can push requests and pull results faster on avarage than the + * daemon can push requests and pull results faster on avarage than the * worker can process requests and push results... If this really pays * off is debatable. */ --- contrib/ntp/libparse/Makefile.in.orig +++ contrib/ntp/libparse/Makefile.in @@ -102,6 +102,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -1007,7 +1008,6 @@ @: do-nothing action to avoid default SCCS get check-libntp: ../libntp/libntp.a - @echo stamp > $@ ../libntp/libntp.a: cd ../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a --- contrib/ntp/ntpd/Makefile.in.orig +++ contrib/ntp/ntpd/Makefile.in @@ -109,6 +109,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -1856,7 +1857,6 @@ -cd ../sntp/libopts && $(MAKE) $(AM_MAKEFLAGS) libopts.la check-libntp: ../libntp/libntp.a - @echo stamp > $@ ../libntp/libntp.a: cd ../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a --- contrib/ntp/ntpd/complete.conf.in.orig +++ contrib/ntp/ntpd/complete.conf.in @@ -46,14 +46,14 @@ multicastclient 224.0.1.1 ff05::101 mru maxage 64 mindepth 600 initalloc 600 initmem 16 incalloc 99 incmem 4 maxdepth 1024 maxmem 4096 discard minimum 1 average 3 monitor 3000 -restrict default -restrict default nomodify limited kod noserve nomrulist -restrict source -restrict source nomodify limited kod -restrict trusted.host.name.example.com. nomodify -restrict [fe80::1] mask [ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] -restrict 127.0.0.1 mask 255.255.255.255 -restrict ::1 +restrict default ippeerlimit -1 +restrict default ippeerlimit 0 nomodify limited kod noserve nomrulist +restrict source ippeerlimit 1 +restrict source ippeerlimit 2 nomodify limited kod +restrict trusted.host.name.example.com. ippeerlimit -1 nomodify +restrict [fe80::1] mask [ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff] ippeerlimit -1 +restrict 127.0.0.1 mask 255.255.255.255 ippeerlimit -1 +restrict ::1 ippeerlimit -1 interface drop ipv6 interface ignore ipv4 interface drop wildcard --- contrib/ntp/ntpd/invoke-ntp.conf.texi.orig +++ contrib/ntp/ntpd/invoke-ntp.conf.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntp.conf.texi) # -# It has been AutoGen-ed March 21, 2017 at 10:44:16 AM by AutoGen 5.18.5 +# It has been AutoGen-ed February 27, 2018 at 05:14:34 PM by AutoGen 5.18.5 # From the definitions ntp.conf.def # and the template file agtexi-file.tpl @end ignore @@ -1462,7 +1462,7 @@ @code{monitor} subcommand specifies the probability of discard for packets that overflow the rate-control window. -@item @code{restrict} @code{address} @code{[@code{mask} @kbd{mask}]} @code{[@kbd{flag} @kbd{...}]} +@item @code{restrict} @code{address} @code{[@code{mask} @kbd{mask}]} @code{[@code{ippeerlimit} @kbd{int}]} @code{[@kbd{flag} @kbd{...}]} The @kbd{address} argument expressed in @@ -1486,6 +1486,15 @@ @code{default}, with no mask option, may be used to indicate the default entry. +The +@code{ippeerlimit} +directive limits the number of peer requests for each IP to +@kbd{int}, +where a value of -1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, @code{flag} always @@ -1536,6 +1545,18 @@ This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. +@item @code{noepeer} +Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +@file{ntp.keys} +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +@code{noepeer} +to become the default in ntp-4.4. @item @code{nomodify} Deny @code{ntpq(1ntpqmdoc)} @@ -1553,10 +1574,10 @@ queries. Time service is not affected. @item @code{nopeer} -Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes @code{pool} associations, so if you want to use servers from a @@ -1564,8 +1585,9 @@ directive and also want to use @code{nopeer} by default, you'll want a -@code{restrict source ...} @code{line} @code{as} @code{well} @code{that} @code{does} -@item not +@code{restrict source ...} +line as well that does +@emph{not} include the @code{nopeer} directive. @@ -1937,9 +1959,10 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed to any number of poll intervals between 0 and 4. +@end table @subsubsection Manycast Options @table @asis @item @code{tos} @code{[@code{ceiling} @kbd{ceiling} | @code{cohort} @code{@{} @code{0} | @code{1} @code{@}} | @code{floor} @kbd{floor} | @code{minclock} @kbd{minclock} | @code{minsane} @kbd{minsane}]} @@ -2255,7 +2278,7 @@ page (available as part of the HTML documentation provided in -@file{/usr/share/doc/ntp}). +@file{/usr/share/doc/ntp} @file{).} @item @code{stratum} @kbd{int} Specifies the stratum number assigned to the driver, an integer between 0 and 15. @@ -2516,6 +2539,69 @@ @code{ntpd(1ntpdmdoc)} on multiple hosts, with (mostly) common options (e.g., a restriction list). +@item @code{interface} @code{[@code{listen} | @code{ignore} | @code{drop}]} @code{[@code{all} | @code{ipv4} | @code{ipv6} | @code{wildcard} @kbd{name} | @kbd{address} @code{[@code{/} @kbd{prefixlen}]}]} +The +@code{interface} +directive controls which network addresses +@code{ntpd(1ntpdmdoc)} +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +@kbd{prefixlen} +determines how many bits must match for this rule to apply. +@code{ignore} +prevents opening matching addresses, +@code{drop} +causes +@code{ntpd(1ntpdmdoc)} +to open the address and drop all received packets without examination. +Multiple +@code{interface} +directives can be used. +The last rule which matches a particular address determines the action for it. +@code{interface} +directives are disabled if any +@code{-I}, +@code{--interface}, +@code{-L}, +or +@code{--novirtualips} +command-line options are specified in the configuration file, +all available network addresses are opened. +The +@code{nic} +directive is an alias for +@code{interface}. +@item @code{leapfile} @kbd{leapfile} +This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +@code{https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list} +or +@code{ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list}. +The +@code{leapfile} +is scanned when +@code{ntpd(1ntpdmdoc)} +processes the +@code{leapfile} @code{directive} @code{or} @code{when} +@code{ntpd} @code{detects} @code{that} @code{the} +@kbd{leapfile} +has changed. +@code{ntpd} +checks once a day to see if the +@kbd{leapfile} +has changed. +The +@code{update-leap(1update_leapmdoc)} +script can be run to see if the +@kbd{leapfile} +should be updated. @item @code{leapsmearinterval} @kbd{seconds} This EXPERIMENTAL option is only available if @code{ntpd(1ntpdmdoc)} @@ -2606,6 +2692,146 @@ This is the same operation as the @code{-l} command line option. +@item @code{mru} @code{[@code{maxdepth} @kbd{count} | @code{maxmem} @kbd{kilobytes} | @code{mindepth} @kbd{count} | @code{maxage} @kbd{seconds} | @code{initialloc} @kbd{count} | @code{initmem} @kbd{kilobytes} | @code{incalloc} @kbd{count} | @code{incmem} @kbd{kilobytes}]} +Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +@table @asis +@item @code{maxdepth} @kbd{count} +@item @code{maxmem} @kbd{kilobytes} +Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +@code{incalloc} +entries or +@code{incmem} +kilobytes larger. +As with all of the +@code{mru} +options offered in units of entries or kilobytes, if both +@code{maxdepth} +and +@code{maxmem} @code{are} @code{used,} @code{the} @code{last} @code{one} @code{used} @code{controls.} +The default is 1024 kilobytes. +@item @code{mindepth} @kbd{count} +Lower limit on the MRU list size. +When the MRU list has fewer than +@code{mindepth} +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +@item @code{maxage} @kbd{seconds} +Once the MRU list has +@code{mindepth} +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +@code{maxage} +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +@code{maxdepth} @code{/} @code{moxmem}. +The default is 64 seconds. +@item @code{initalloc} @kbd{count} +@item @code{initmem} @kbd{kilobytes} +Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +@item @code{incalloc} @kbd{count} +@item @code{incmem} @kbd{kilobytes} +Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +@end table +@item @code{nonvolatile} @kbd{threshold} +Specify the +@kbd{threshold} +delta in seconds before an hourly change to the +@code{driftfile} +(frequency file) will be written, with a default value of 1e-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +@code{threshold} +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +@item @code{phone} @kbd{dial} @kbd{...} +This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 - 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 - 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +@item @code{reset} @code{[@code{allpeers}]} @code{[@code{auth}]} @code{[@code{ctl}]} @code{[@code{io}]} @code{[@code{mem}]} @code{[@code{sys}]} @code{[@code{timer}]} +Reset one or more groups of counters maintained by +@code{ntpd} +and exposed by +@code{ntpq} +and +@code{ntpdc}. +@item @code{rlimit} @code{[@code{memlock} @kbd{Nmegabytes} | @code{stacksize} @kbd{N4kPages} @code{filenum} @kbd{Nfiledescriptors}]} +@table @asis +@item @code{memlock} @kbd{Nmegabytes} +Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +@code{-i} +option). +The default is 32 megabytes on non-Linux machines, and -1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +@item @code{stacksize} @kbd{N4kPages} +Specifies the maximum size of the process stack on systems with the +@code{mlockall()} +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +@item @code{filenum} @kbd{Nfiledescriptors} +Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +@end table +@item @code{saveconfigdir} @kbd{directory_path} +Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +@code{saveconfig} +command. +If +@code{saveconfigdir} +does not appear in the configuration file, +@code{saveconfig} +requests are rejected by +@code{ntpd}. +@item @code{saveconfig} @kbd{filename} +Write the current configuration, including any runtime +modifications given with +@code{:config} +or +@code{config-from-file} +to the +@code{ntpd} +host's +@kbd{filename} +in the +@code{saveconfigdir}. +This command will be rejected unless the +@code{saveconfigdir} +directive appears in +.Cm ntpd 's +configuration file. +@kbd{filename} +can use +@code{strftime(3)} +format directives to substitute the current date and time, +for example, +@code{saveconfig\ ntp-%Y%m%d-%H%M%S.conf}. +The filename used is stored in the system variable +@code{savedconfig}. +Authentication is required. @item @code{setvar} @kbd{variable} @code{[@code{default}]} This command adds an additional system variable. These @@ -2638,6 +2864,10 @@ the names of all peer variables and the @code{clock_var_list} holds the names of the reference clock variables. +@item @code{sysinfo} +Display operational summary. +@item @code{sysstats} +Show statistics counters maintained in the protocol module. @item @code{tinker} @code{[@code{allan} @kbd{allan} | @code{dispersion} @kbd{dispersion} | @code{freq} @kbd{freq} | @code{huffpuff} @kbd{huffpuff} | @code{panic} @kbd{panic} | @code{step} @kbd{step} | @code{stepback} @kbd{stepback} | @code{stepfwd} @kbd{stepfwd} | @code{stepout} @kbd{stepout}]} This command can be used to alter several system variables in very exceptional circumstances. @@ -2715,27 +2945,18 @@ If set to zero, the stepout pulses will not be suppressed. @end table -@item @code{rlimit} @code{[@code{memlock} @kbd{Nmegabytes} | @code{stacksize} @kbd{N4kPages} @code{filenum} @kbd{Nfiledescriptors}]} -@table @asis -@item @code{memlock} @kbd{Nmegabytes} -Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the -@code{-i} -option). -The default is 32 megabytes on non-Linux machines, and -1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -@item @code{stacksize} @kbd{N4kPages} -Specifies the maximum size of the process stack on systems with the -@code{mlockall()} -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -@item @code{filenum} @kbd{Nfiledescriptors} -Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -@end table +@item @code{writevar} @kbd{assocID\ name} @kbd{=} @kbd{value} @kbd{[,...]} +Write (create or update) the specified variables. +If the +@code{assocID} +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +@code{assocID} +is required, as the same name can occur in both name spaces. @item @code{trap} @kbd{host_address} @code{[@code{port} @kbd{port_number}]} @code{[@code{interface} @kbd{interface_address}]} This command configures a trap receiver at the given host address and port number for sending messages with the specified @@ -2747,6 +2968,13 @@ message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes. +@item @code{ttl} @kbd{hop} @kbd{...} +This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +@code{manycast} +mode these values are used in-turn in an expanding-ring search. +The default is eight multiples of 32 starting at 31. The trap receiver will generally log event messages and other information from the server in a log file. --- contrib/ntp/ntpd/invoke-ntp.keys.texi.orig +++ contrib/ntp/ntpd/invoke-ntp.keys.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntp.keys.texi) # -# It has been AutoGen-ed March 21, 2017 at 10:31:04 AM by AutoGen 5.18.5 +# It has been AutoGen-ed February 27, 2018 at 05:14:37 PM by AutoGen 5.18.5 # From the definitions ntp.keys.def # and the template file agtexi-file.tpl @end ignore @@ -45,16 +45,24 @@ is a positive integer (between 1 and 65534), @kbd{type} is the message digest algorithm, -and @kbd{key} is the key itself, and @kbd{opt_IP_list} is an optional comma-separated list of IPs +where the +@kbd{keyno} +should be trusted. that are allowed to serve time. +Each IP in +@kbd{opt_IP_list} +may contain an optional +@code{/subnetbits} +specification which identifies the number of bits for +the desired subnet of trust. If @kbd{opt_IP_list} is empty, -any properly-authenticated server message will be +any properly-authenticated message will be accepted. The --- contrib/ntp/ntpd/invoke-ntpd.texi.orig +++ contrib/ntp/ntpd/invoke-ntpd.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntpd.texi) # -# It has been AutoGen-ed March 21, 2017 at 10:44:20 AM by AutoGen 5.18.5 +# It has been AutoGen-ed February 27, 2018 at 05:14:39 PM by AutoGen 5.18.5 # From the definitions ntpd-opts.def # and the template file agtexi-cmd.tpl @end ignore @@ -142,7 +142,7 @@ @exampleindent 0 @example -ntpd - NTP daemon program - Ver. 4.2.8p10-beta +ntpd - NTP daemon program - Ver. 4.2.8p11 Usage: ntpd [ - [] | --[@{=| @}] ]... \ [ ... ] Flg Arg Option-Name Description --- contrib/ntp/ntpd/keyword-gen-utd.orig +++ contrib/ntp/ntpd/keyword-gen-utd @@ -1 +1 @@ - * Generated 2016-11-09 11:39:28 UTC diff_ignore_line + * Generated 2018-01-14 03:53:33 UTC diff_ignore_line --- contrib/ntp/ntpd/keyword-gen.c.orig +++ contrib/ntp/ntpd/keyword-gen.c @@ -153,11 +153,15 @@ { "orphan", T_Orphan, FOLLBY_TOKEN }, { "orphanwait", T_Orphanwait, FOLLBY_TOKEN }, { "nonvolatile", T_Nonvolatile, FOLLBY_TOKEN }, +{ "basedate", T_Basedate, FOLLBY_STRING }, /* access_control_flag */ { "default", T_Default, FOLLBY_TOKEN }, { "source", T_Source, FOLLBY_TOKEN }, +{ "epeer", T_Epeer, FOLLBY_TOKEN }, +{ "noepeer", T_Noepeer, FOLLBY_TOKEN }, { "flake", T_Flake, FOLLBY_TOKEN }, { "ignore", T_Ignore, FOLLBY_TOKEN }, +{ "ippeerlimit", T_Ippeerlimit, FOLLBY_TOKEN }, { "limited", T_Limited, FOLLBY_TOKEN }, { "mssntp", T_Mssntp, FOLLBY_TOKEN }, { "kod", T_Kod, FOLLBY_TOKEN }, --- contrib/ntp/ntpd/ntp.conf.5man.orig +++ contrib/ntp/ntpd/ntp.conf.5man @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntp.conf 5man "21 Mar 2017" "4.2.8p10-beta" "File Formats" +.TH ntp.conf 5man "27 Feb 2018" "4.2.8p11" "File Formats" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-UAaqtC/ag-6AaisC) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-LkaqTP/ag-XkaiSP) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:30:48 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:14:22 PM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agman-cmd.tpl .SH NAME @@ -1665,7 +1665,7 @@ subcommand specifies the probability of discard for packets that overflow the rate-control window. .TP 7 -.NOP \f\*[B-Font]restrict\f[] \f\*[B-Font]address\f[] [\f\*[B-Font]mask\f[] \f\*[I-Font]mask\f[]] [\f\*[I-Font]flag\f[] \f\*[I-Font]...\f[]] +.NOP \f\*[B-Font]restrict\f[] \f\*[B-Font]address\f[] [\f\*[B-Font]mask\f[] \f\*[I-Font]mask\f[]] [\f\*[B-Font]ippeerlimit\f[] \f\*[I-Font]int\f[]] [\f\*[I-Font]flag\f[] \f\*[I-Font]...\f[]] The \f\*[I-Font]address\f[] argument expressed in @@ -1689,6 +1689,15 @@ \f\*[B-Font]default\f[], with no mask option, may be used to indicate the default entry. +The +\f\*[B-Font]ippeerlimit\f[] +directive limits the number of peer requests for each IP to +\f\*[I-Font]int\f[], +where a value of \-1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, \f\*[B-Font]flag\f[] always @@ -1744,6 +1753,19 @@ modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. .TP 7 +.NOP \f\*[B-Font]noepeer\f[] +Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +\fIntp.keys\f[] +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +\f\*[B-Font]noepeer\f[] +to become the default in ntp-4.4. +.TP 7 .NOP \f\*[B-Font]nomodify\f[] Deny \fCntpq\f[]\fR(1ntpqmdoc)\f[] @@ -1763,10 +1785,10 @@ Time service is not affected. .TP 7 .NOP \f\*[B-Font]nopeer\f[] -Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes \f\*[B-Font]pool\f[] associations, so if you want to use servers from a @@ -1774,9 +1796,9 @@ directive and also want to use \f\*[B-Font]nopeer\f[] by default, you'll want a -\f\*[B-Font]restrict source ...\f[] \f\*[B-Font]line\f[] \f\*[B-Font]as\f[] \f\*[B-Font]well\f[] \f\*[B-Font]that\f[] \f\*[B-Font]does\f[] -.TP 7 -.NOP not +\f\*[B-Font]restrict source ...\f[] +line as well that does +\fInot\f[] include the \f\*[B-Font]nopeer\f[] directive. @@ -2186,11 +2208,11 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed to any number of poll intervals between 0 and 4. +.PP .SS Manycast Options -.RS .TP 7 .NOP \f\*[B-Font]tos\f[] [\f\*[B-Font]ceiling\f[] \f\*[I-Font]ceiling\f[] | \f\*[B-Font]cohort\f[] { \f\*[B-Font]0\f[] | \f\*[B-Font]1\f[] } | \f\*[B-Font]floor\f[] \f\*[I-Font]floor\f[] | \f\*[B-Font]minclock\f[] \f\*[I-Font]minclock\f[] | \f\*[B-Font]minsane\f[] \f\*[I-Font]minsane\f[]] This command affects the clock selection and clustering @@ -2260,7 +2282,7 @@ in an expanding-ring search. The default is eight multiples of 32 starting at 31. -.RE +.PP .SH Reference Clock Support The NTP Version 4 daemon supports some three dozen different radio, satellite and modem reference clocks plus a special pseudo-clock @@ -2427,7 +2449,6 @@ Except where noted, these options apply to all clock drivers. .SS Reference Clock Commands -.RS .TP 7 .NOP \f\*[B-Font]server\f[] \f[C]127.127.\f[]\f\*[I-Font]t\f[].\f\*[I-Font]u\f[] [\f\*[B-Font]prefer\f[]] [\f\*[B-Font]mode\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]minpoll\f[] \f\*[I-Font]int\f[]] [\f\*[B-Font]maxpoll\f[] \f\*[I-Font]int\f[]] This command can be used to configure reference clocks in @@ -2528,7 +2549,7 @@ page (available as part of the HTML documentation provided in -\fI/usr/share/doc/ntp\f[]). +\fI/usr/share/doc/ntp\f[] \fI).\f[] .TP 7 .NOP \f\*[B-Font]stratum\f[] \f\*[I-Font]int\f[] Specifies the stratum number assigned to the driver, an integer @@ -2576,9 +2597,8 @@ command can be found in \fIMonitoring\f[] \fIOptions\f[]. .RE -.RE +.PP .SH Miscellaneous Options -.RS .TP 7 .NOP \f\*[B-Font]broadcastdelay\f[] \f\*[I-Font]seconds\f[] The broadcast and multicast modes require a special calibration @@ -2817,6 +2837,71 @@ on multiple hosts, with (mostly) common options (e.g., a restriction list). .TP 7 +.NOP \f\*[B-Font]interface\f[] [\f\*[B-Font]listen\f[] | \f\*[B-Font]ignore\f[] | \f\*[B-Font]drop\f[]] [\f\*[B-Font]all\f[] | \f\*[B-Font]ipv4\f[] | \f\*[B-Font]ipv6\f[] | \f\*[B-Font]wildcard\f[] \f\*[I-Font]name\f[] | \f\*[I-Font]address\f[] [\f\*[B-Font]/\f[] \f\*[I-Font]prefixlen\f[]]] +The +\f\*[B-Font]interface\f[] +directive controls which network addresses +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +\f\*[I-Font]prefixlen\f[] +determines how many bits must match for this rule to apply. +\f\*[B-Font]ignore\f[] +prevents opening matching addresses, +\f\*[B-Font]drop\f[] +causes +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +to open the address and drop all received packets without examination. +Multiple +\f\*[B-Font]interface\f[] +directives can be used. +The last rule which matches a particular address determines the action for it. +\f\*[B-Font]interface\f[] +directives are disabled if any +\f\*[B-Font]\-I\f[], +\f\*[B-Font]\-\-interface\f[], +\f\*[B-Font]\-L\f[], +or +\f\*[B-Font]\-\-novirtualips\f[] +command-line options are specified in the configuration file, +all available network addresses are opened. +The +\f\*[B-Font]nic\f[] +directive is an alias for +\f\*[B-Font]interface\f[]. +.TP 7 +.NOP \f\*[B-Font]leapfile\f[] \f\*[I-Font]leapfile\f[] +This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +\f[C]https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list\f[] +or +\f[C]ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list\f[]. +The +\f\*[B-Font]leapfile\f[] +is scanned when +\fCntpd\f[]\fR(1ntpdmdoc)\f[] +processes the +\f\*[B-Font]leapfile\f[] \f\*[B-Font]directive\f[] \f\*[B-Font]or\f[] \f\*[B-Font]when\f[] +\f\*[B-Font]ntpd\f[] \f\*[B-Font]detects\f[] \f\*[B-Font]that\f[] \f\*[B-Font]the\f[] +\f\*[I-Font]leapfile\f[] +has changed. +\f\*[B-Font]ntpd\f[] +checks once a day to see if the +\f\*[I-Font]leapfile\f[] +has changed. +The +\fCupdate-leap\f[]\fR(1update_leapmdoc)\f[] +script can be run to see if the +\f\*[I-Font]leapfile\f[] +should be updated. +.TP 7 .NOP \f\*[B-Font]leapsmearinterval\f[] \f\*[I-Font]seconds\f[] This EXPERIMENTAL option is only available if \fCntpd\f[]\fR(1ntpdmdoc)\f[] @@ -2922,6 +3007,164 @@ \f\*[B-Font]\-l\f[] command line option. .TP 7 +.NOP \f\*[B-Font]mru\f[] [\f\*[B-Font]maxdepth\f[] \f\*[I-Font]count\f[] | \f\*[B-Font]maxmem\f[] \f\*[I-Font]kilobytes\f[] | \f\*[B-Font]mindepth\f[] \f\*[I-Font]count\f[] | \f\*[B-Font]maxage\f[] \f\*[I-Font]seconds\f[] | \f\*[B-Font]initialloc\f[] \f\*[I-Font]count\f[] | \f\*[B-Font]initmem\f[] \f\*[I-Font]kilobytes\f[] | \f\*[B-Font]incalloc\f[] \f\*[I-Font]count\f[] | \f\*[B-Font]incmem\f[] \f\*[I-Font]kilobytes\f[]] +Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +.RS +.TP 7 +.NOP \f\*[B-Font]maxdepth\f[] \f\*[I-Font]count\f[] +.TP 7 +.NOP \f\*[B-Font]maxmem\f[] \f\*[I-Font]kilobytes\f[] +Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +\f\*[B-Font]incalloc\f[] +entries or +\f\*[B-Font]incmem\f[] +kilobytes larger. +As with all of the +\f\*[B-Font]mru\f[] +options offered in units of entries or kilobytes, if both +\f\*[B-Font]maxdepth\f[] +and +\f\*[B-Font]maxmem\f[] \f\*[B-Font]are\f[] \f\*[B-Font]used,\f[] \f\*[B-Font]the\f[] \f\*[B-Font]last\f[] \f\*[B-Font]one\f[] \f\*[B-Font]used\f[] \f\*[B-Font]controls.\f[] +The default is 1024 kilobytes. +.TP 7 +.NOP \f\*[B-Font]mindepth\f[] \f\*[I-Font]count\f[] +Lower limit on the MRU list size. +When the MRU list has fewer than +\f\*[B-Font]mindepth\f[] +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +.TP 7 +.NOP \f\*[B-Font]maxage\f[] \f\*[I-Font]seconds\f[] +Once the MRU list has +\f\*[B-Font]mindepth\f[] +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +\f\*[B-Font]maxage\f[] +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +\f\*[B-Font]maxdepth\f[] \f\*[B-Font]/\f[] \f\*[B-Font]moxmem\f[]. +The default is 64 seconds. +.TP 7 +.NOP \f\*[B-Font]initalloc\f[] \f\*[I-Font]count\f[] +.TP 7 +.NOP \f\*[B-Font]initmem\f[] \f\*[I-Font]kilobytes\f[] +Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +.TP 7 +.NOP \f\*[B-Font]incalloc\f[] \f\*[I-Font]count\f[] +.TP 7 +.NOP \f\*[B-Font]incmem\f[] \f\*[I-Font]kilobytes\f[] +Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +.RE +.TP 7 +.NOP \f\*[B-Font]nonvolatile\f[] \f\*[I-Font]threshold\f[] +Specify the +\f\*[I-Font]threshold\f[] +delta in seconds before an hourly change to the +\f\*[B-Font]driftfile\f[] +(frequency file) will be written, with a default value of 1e-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +\f\*[B-Font]threshold\f[] +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +.TP 7 +.NOP \f\*[B-Font]phone\f[] \f\*[I-Font]dial\f[] \f\*[I-Font]...\f[] +This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 \- 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 \- 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +.TP 7 +.NOP \f\*[B-Font]reset\f[] [\f\*[B-Font]allpeers\f[]] [\f\*[B-Font]auth\f[]] [\f\*[B-Font]ctl\f[]] [\f\*[B-Font]io\f[]] [\f\*[B-Font]mem\f[]] [\f\*[B-Font]sys\f[]] [\f\*[B-Font]timer\f[]] +Reset one or more groups of counters maintained by +\f\*[B-Font]ntpd\f[] +and exposed by +\f\*[B-Font]ntpq\f[] +and +\f\*[B-Font]ntpdc\f[]. +.TP 7 +.NOP \f\*[B-Font]rlimit\f[] [\f\*[B-Font]memlock\f[] \f\*[I-Font]Nmegabytes\f[] | \f\*[B-Font]stacksize\f[] \f\*[I-Font]N4kPages\f[] \f\*[B-Font]filenum\f[] \f\*[I-Font]Nfiledescriptors\f[]] +.RS +.TP 7 +.NOP \f\*[B-Font]memlock\f[] \f\*[I-Font]Nmegabytes\f[] +Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +\f\*[B-Font]\-i\f[] +option). +The default is 32 megabytes on non-Linux machines, and \-1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +.TP 7 +.NOP \f\*[B-Font]stacksize\f[] \f\*[I-Font]N4kPages\f[] +Specifies the maximum size of the process stack on systems with the +\fBmlockall\f[]\fR()\f[] +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +.TP 7 +.NOP \f\*[B-Font]filenum\f[] \f\*[I-Font]Nfiledescriptors\f[] +Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +.RE +.TP 7 +.NOP \f\*[B-Font]saveconfigdir\f[] \f\*[I-Font]directory_path\f[] +Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +\f\*[B-Font]saveconfig\f[] +command. +If +\f\*[B-Font]saveconfigdir\f[] +does not appear in the configuration file, +\f\*[B-Font]saveconfig\f[] +requests are rejected by +\f\*[B-Font]ntpd\f[]. +.TP 7 +.NOP \f\*[B-Font]saveconfig\f[] \f\*[I-Font]filename\f[] +Write the current configuration, including any runtime +modifications given with +\f\*[B-Font]:config\f[] +or +\f\*[B-Font]config-from-file\f[] +to the +\f\*[B-Font]ntpd\f[] +host's +\f\*[I-Font]filename\f[] +in the +\f\*[B-Font]saveconfigdir\f[]. +This command will be rejected unless the +\f\*[B-Font]saveconfigdir\f[] +directive appears in +.Cm ntpd 's +configuration file. +\f\*[I-Font]filename\f[] +can use +\fCstrftime\f[]\fR(3)\f[] +format directives to substitute the current date and time, +for example, +\f\*[B-Font]saveconfig\ ntp-%Y%m%d-%H%M%S.conf\f[]. +The filename used is stored in the system variable +\f\*[B-Font]savedconfig\f[]. +Authentication is required. +.TP 7 .NOP \f\*[B-Font]setvar\f[] \f\*[I-Font]variable\f[] [\f\*[B-Font]default\f[]] This command adds an additional system variable. These @@ -2955,6 +3198,12 @@ \fIclock_var_list\f[] holds the names of the reference clock variables. .TP 7 +.NOP \f\*[B-Font]sysinfo\f[] +Display operational summary. +.TP 7 +.NOP \f\*[B-Font]sysstats\f[] +Show statistics counters maintained in the protocol module. +.TP 7 .NOP \f\*[B-Font]tinker\f[] [\f\*[B-Font]allan\f[] \f\*[I-Font]allan\f[] | \f\*[B-Font]dispersion\f[] \f\*[I-Font]dispersion\f[] | \f\*[B-Font]freq\f[] \f\*[I-Font]freq\f[] | \f\*[B-Font]huffpuff\f[] \f\*[I-Font]huffpuff\f[] | \f\*[B-Font]panic\f[] \f\*[I-Font]panic\f[] | \f\*[B-Font]step\f[] \f\*[I-Font]step\f[] | \f\*[B-Font]stepback\f[] \f\*[I-Font]stepback\f[] | \f\*[B-Font]stepfwd\f[] \f\*[I-Font]stepfwd\f[] | \f\*[B-Font]stepout\f[] \f\*[I-Font]stepout\f[]] This command can be used to alter several system variables in very exceptional circumstances. @@ -3044,31 +3293,19 @@ pulses will not be suppressed. .RE .TP 7 -.NOP \f\*[B-Font]rlimit\f[] [\f\*[B-Font]memlock\f[] \f\*[I-Font]Nmegabytes\f[] | \f\*[B-Font]stacksize\f[] \f\*[I-Font]N4kPages\f[] \f\*[B-Font]filenum\f[] \f\*[I-Font]Nfiledescriptors\f[]] -.RS +.NOP \f\*[B-Font]writevar\f[] \f\*[I-Font]assocID\ name\f[] \f\*[I-Font]=\f[] \f\*[I-Font]value\f[] \f\*[I-Font][,...]\f[] +Write (create or update) the specified variables. +If the +\f\*[B-Font]assocID\f[] +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +\f\*[B-Font]assocID\f[] +is required, as the same name can occur in both name spaces. .TP 7 -.NOP \f\*[B-Font]memlock\f[] \f\*[I-Font]Nmegabytes\f[] -Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the -\f\*[B-Font]\-i\f[] -option). -The default is 32 megabytes on non-Linux machines, and \-1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -.TP 7 -.NOP \f\*[B-Font]stacksize\f[] \f\*[I-Font]N4kPages\f[] -Specifies the maximum size of the process stack on systems with the -\fBmlockall\f[]\fR()\f[] -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -.TP 7 -.NOP \f\*[B-Font]filenum\f[] \f\*[I-Font]Nfiledescriptors\f[] -Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -.RE -.TP 7 .NOP \f\*[B-Font]trap\f[] \f\*[I-Font]host_address\f[] [\f\*[B-Font]port\f[] \f\*[I-Font]port_number\f[]] [\f\*[B-Font]interface\f[] \f\*[I-Font]interface_address\f[]] This command configures a trap receiver at the given host address and port number for sending messages with the specified @@ -3080,6 +3317,14 @@ message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes. +.TP 7 +.NOP \f\*[B-Font]ttl\f[] \f\*[I-Font]hop\f[] \f\*[I-Font]...\f[] +This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +\f\*[B-Font]manycast\f[] +mode these values are used in-turn in an expanding-ring search. +The default is eight multiples of 32 starting at 31. .sp \n(Ppu .ne 2 @@ -3097,9 +3342,8 @@ an expanding-ring search. The default is eight multiples of 32 starting at 31. -.RE +.PP .SH "OPTIONS" -.RS .TP .NOP \f\*[B-Font]\-\-help\f[] Display usage information and exit. @@ -3111,7 +3355,7 @@ Output version of program and exit. The default mode is `v', a simple version. The `c' mode will print copyright information and `n' will print the full copyright notice. -.RE +.PP .SH "OPTION PRESETS" Any option that is not marked as \fInot presettable\fP may be preset by loading values from environment variables named: @@ -3122,7 +3366,6 @@ .SH "ENVIRONMENT" See \fBOPTION PRESETS\fP for configuration environment variables. .SH FILES -.RS .TP 15 .NOP \fI/etc/ntp.conf\f[] the default name of the configuration file @@ -3146,10 +3389,9 @@ .TP 15 .NOP \fIntp_dh\f[] Diffie-Hellman agreement parameters -.RE +.PP .SH "EXIT STATUS" One of the following exit values will be returned: -.RS .TP .NOP 0 " (EXIT_SUCCESS)" Successful program execution. @@ -3160,7 +3402,7 @@ .NOP 70 " (EX_SOFTWARE)" libopts had an internal operational error. Please report it to autogen-users@lists.sourceforge.net. Thank you. -.RE +.PP .SH "SEE ALSO" \fCntpd\f[]\fR(1ntpdmdoc)\f[], \fCntpdc\f[]\fR(1ntpdcmdoc)\f[], --- contrib/ntp/ntpd/ntp.conf.5mdoc.orig +++ contrib/ntp/ntpd/ntp.conf.5mdoc @@ -1,9 +1,9 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTP_CONF 5mdoc File Formats .Os .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:31:09 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:14:42 PM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -1532,6 +1532,7 @@ for packets that overflow the rate\-control window. .It Xo Ic restrict address .Op Cm mask Ar mask +.Op Cm ippeerlimit Ar int .Op Ar flag ... .Xc The @@ -1557,6 +1558,15 @@ .Cm default , with no mask option, may be used to indicate the default entry. +The +.Cm ippeerlimit +directive limits the number of peer requests for each IP to +.Ar int , +where a value of \-1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, .Cm flag always @@ -1607,6 +1617,18 @@ This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. +.It Cm noepeer +Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +.Pa ntp.keys +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +.Cm noepeer +to become the default in ntp\-4.4. .It Cm nomodify Deny .Xr ntpq 1ntpqmdoc @@ -1624,10 +1646,10 @@ queries. Time service is not affected. .It Cm nopeer -Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes .Cm pool associations, so if you want to use servers from a @@ -1635,8 +1657,9 @@ directive and also want to use .Cm nopeer by default, you'll want a -.Cm "restrict source ..." line as well that does -.It not +.Cm "restrict source ..." +line as well that does +.Em not include the .Cm nopeer directive. @@ -2011,9 +2034,10 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed to any number of poll intervals between 0 and 4. +.El .Ss Manycast Options .Bl -tag -width indent .It Xo Ic tos @@ -2359,7 +2383,7 @@ page (available as part of the HTML documentation provided in -.Pa /usr/share/doc/ntp ) . +.Pa /usr/share/doc/ntp ). .It Cm stratum Ar int Specifies the stratum number assigned to the driver, an integer between 0 and 15. @@ -2637,6 +2661,79 @@ .Xr ntpd 1ntpdmdoc on multiple hosts, with (mostly) common options (e.g., a restriction list). +.It Xo Ic interface +.Oo +.Cm listen | Cm ignore | Cm drop +.Oc +.Oo +.Cm all | Cm ipv4 | Cm ipv6 | Cm wildcard +.Ar name | Ar address +.Oo Cm / Ar prefixlen +.Oc +.Oc +.Xc +The +.Cm interface +directive controls which network addresses +.Xr ntpd 1ntpdmdoc +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +.Ar prefixlen +determines how many bits must match for this rule to apply. +.Cm ignore +prevents opening matching addresses, +.Cm drop +causes +.Xr ntpd 1ntpdmdoc +to open the address and drop all received packets without examination. +Multiple +.Cm interface +directives can be used. +The last rule which matches a particular address determines the action for it. +.Cm interface +directives are disabled if any +.Fl I , +.Fl \-interface , +.Fl L , +or +.Fl \-novirtualips +command\-line options are specified in the configuration file, +all available network addresses are opened. +The +.Cm nic +directive is an alias for +.Cm interface . +.It Ic leapfile Ar leapfile +This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +.Li https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap\-seconds.list +or +.Li ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap\-seconds.list . +The +.Cm leapfile +is scanned when +.Xr ntpd 1ntpdmdoc +processes the +.Cm leapfile directive or when +.Cm ntpd detects that the +.Ar leapfile +has changed. +.Cm ntpd +checks once a day to see if the +.Ar leapfile +has changed. +The +.Xr update\-leap 1update_leapmdoc +script can be run to see if the +.Ar leapfile +should be updated. .It Ic leapsmearinterval Ar seconds This EXPERIMENTAL option is only available if .Xr ntpd 1ntpdmdoc @@ -2741,6 +2838,181 @@ This is the same operation as the .Fl l command line option. +.It Xo Ic mru +.Oo +.Cm maxdepth Ar count | Cm maxmem Ar kilobytes | +.Cm mindepth Ar count | Cm maxage Ar seconds | +.Cm initialloc Ar count | Cm initmem Ar kilobytes | +.Cm incalloc Ar count | Cm incmem Ar kilobytes +.Oc +.Xc +Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +.Bl -tag -width indent +.It Ic maxdepth Ar count +.It Ic maxmem Ar kilobytes +Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +.Cm incalloc +entries or +.Cm incmem +kilobytes larger. +As with all of the +.Cm mru +options offered in units of entries or kilobytes, if both +.Cm maxdepth +and +.Cm maxmem are used, the last one used controls. +The default is 1024 kilobytes. +.It Cm mindepth Ar count +Lower limit on the MRU list size. +When the MRU list has fewer than +.Cm mindepth +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +.It Cm maxage Ar seconds +Once the MRU list has +.Cm mindepth +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +.Cm maxage +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +.Cm maxdepth / moxmem . +The default is 64 seconds. +.It Cm initalloc Ar count +.It Cm initmem Ar kilobytes +Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +.It Cm incalloc Ar count +.It Cm incmem Ar kilobytes +Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +.El +.It Ic nonvolatile Ar threshold +Specify the +.Ar threshold +delta in seconds before an hourly change to the +.Cm driftfile +(frequency file) will be written, with a default value of 1e\-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +.Cm threshold +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +.It Ic phone Ar dial ... +This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 \- 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 \- 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +.It Xo Ic reset +.Oo +.Ic allpeers +.Oc +.Oo +.Ic auth +.Oc +.Oo +.Ic ctl +.Oc +.Oo +.Ic io +.Oc +.Oo +.Ic mem +.Oc +.Oo +.Ic sys +.Oc +.Oo +.Ic timer +.Oc +.Xc +Reset one or more groups of counters maintained by +.Cm ntpd +and exposed by +.Cm ntpq +and +.Cm ntpdc . +.It Xo Ic rlimit +.Oo +.Cm memlock Ar Nmegabytes | +.Cm stacksize Ar N4kPages +.Cm filenum Ar Nfiledescriptors +.Oc +.Xc +.Bl -tag -width indent +.It Cm memlock Ar Nmegabytes +Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +.Fl i +option). +The default is 32 megabytes on non\-Linux machines, and \-1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +.It Cm stacksize Ar N4kPages +Specifies the maximum size of the process stack on systems with the +.Fn mlockall +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +.It Cm filenum Ar Nfiledescriptors +Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +.El +.It Ic saveconfigdir Ar directory_path +Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +.Cm saveconfig +command. +If +.Cm saveconfigdir +does not appear in the configuration file, +.Cm saveconfig +requests are rejected by +.Cm ntpd . +.It Ic saveconfig Ar filename +Write the current configuration, including any runtime +modifications given with +.Cm :config +or +.Cm config\-from\-file +to the +.Cm ntpd +host's +.Ar filename +in the +.Cm saveconfigdir . +This command will be rejected unless the +.Cm saveconfigdir +directive appears in +.Cm ntpd 's +configuration file. +.Ar filename +can use +.Xr strftime 3 +format directives to substitute the current date and time, +for example, +.Cm saveconfig\ ntp\-%Y%m%d\-%H%M%S.conf . +The filename used is stored in the system variable +.Cm savedconfig . +Authentication is required. .It Ic setvar Ar variable Op Cm default This command adds an additional system variable. These @@ -2779,6 +3051,10 @@ the names of all peer variables and the .Va clock_var_list holds the names of the reference clock variables. +.It Cm sysinfo +Display operational summary. +.It Cm sysstats +Show statistics counters maintained in the protocol module. .It Xo Ic tinker .Oo .Cm allan Ar allan | @@ -2868,33 +3144,18 @@ If set to zero, the stepout pulses will not be suppressed. .El -.It Xo Ic rlimit -.Oo -.Cm memlock Ar Nmegabytes | -.Cm stacksize Ar N4kPages -.Cm filenum Ar Nfiledescriptors -.Oc -.Xc -.Bl -tag -width indent -.It Cm memlock Ar Nmegabytes -Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the -.Fl i -option). -The default is 32 megabytes on non\-Linux machines, and \-1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -.It Cm stacksize Ar N4kPages -Specifies the maximum size of the process stack on systems with the -.Fn mlockall -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -.It Cm filenum Ar Nfiledescriptors -Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -.El +.It Cm writevar Ar assocID\ name = value [,...] +Write (create or update) the specified variables. +If the +.Cm assocID +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +.Cm assocID +is required, as the same name can occur in both name spaces. .It Xo Ic trap Ar host_address .Op Cm port Ar port_number .Op Cm interface Ar interface_address @@ -2909,6 +3170,13 @@ message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes. +.It Cm ttl Ar hop ... +This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +.Cm manycast +mode these values are used in\-turn in an expanding\-ring search. +The default is eight multiples of 32 starting at 31. .Pp The trap receiver will generally log event messages and other information from the server in a log file. --- contrib/ntp/ntpd/ntp.conf.def.orig +++ contrib/ntp/ntpd/ntp.conf.def @@ -1534,6 +1534,7 @@ for packets that overflow the rate-control window. .It Xo Ic restrict address .Op Cm mask Ar mask +.Op Cm ippeerlimit Ar int .Op Ar flag ... .Xc The @@ -1559,6 +1560,15 @@ .Cm default , with no mask option, may be used to indicate the default entry. +The +.Cm ippeerlimit +directive limits the number of peer requests for each IP to +.Ar int , +where a value of -1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, .Cm flag always @@ -1609,6 +1619,18 @@ This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. +.It Cm noepeer +Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +.Pa ntp.keys +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +.Cm noepeer +to become the default in ntp-4.4. .It Cm nomodify Deny .Xr ntpq 1ntpqmdoc @@ -1626,10 +1648,10 @@ queries. Time service is not affected. .It Cm nopeer -Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes .Cm pool associations, so if you want to use servers from a @@ -1637,8 +1659,9 @@ directive and also want to use .Cm nopeer by default, you'll want a -.Cm "restrict source ..." line as well that does -.It not +.Cm "restrict source ..." +line as well that does +.Em not include the .Cm nopeer directive. @@ -2013,9 +2036,10 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed to any number of poll intervals between 0 and 4. +.El .Ss Manycast Options .Bl -tag -width indent .It Xo Ic tos @@ -2361,7 +2385,7 @@ page (available as part of the HTML documentation provided in -.Pa /usr/share/doc/ntp ) . +.Pa /usr/share/doc/ntp ). .It Cm stratum Ar int Specifies the stratum number assigned to the driver, an integer between 0 and 15. @@ -2639,6 +2663,79 @@ .Xr ntpd 1ntpdmdoc on multiple hosts, with (mostly) common options (e.g., a restriction list). +.It Xo Ic interface +.Oo +.Cm listen | Cm ignore | Cm drop +.Oc +.Oo +.Cm all | Cm ipv4 | Cm ipv6 | Cm wildcard +.Ar name | Ar address +.Oo Cm / Ar prefixlen +.Oc +.Oc +.Xc +The +.Cm interface +directive controls which network addresses +.Xr ntpd 1ntpdmdoc +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +.Ar prefixlen +determines how many bits must match for this rule to apply. +.Cm ignore +prevents opening matching addresses, +.Cm drop +causes +.Xr ntpd 1ntpdmdoc +to open the address and drop all received packets without examination. +Multiple +.Cm interface +directives can be used. +The last rule which matches a particular address determines the action for it. +.Cm interface +directives are disabled if any +.Fl I , +.Fl -interface , +.Fl L , +or +.Fl -novirtualips +command-line options are specified in the configuration file, +all available network addresses are opened. +The +.Cm nic +directive is an alias for +.Cm interface . +.It Ic leapfile Ar leapfile +This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +.Li https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list +or +.Li ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list . +The +.Cm leapfile +is scanned when +.Xr ntpd 1ntpdmdoc +processes the +.Cm leapfile directive or when +.Cm ntpd detects that the +.Ar leapfile +has changed. +.Cm ntpd +checks once a day to see if the +.Ar leapfile +has changed. +The +.Xr update-leap 1update_leapmdoc +script can be run to see if the +.Ar leapfile +should be updated. .It Ic leapsmearinterval Ar seconds This EXPERIMENTAL option is only available if .Xr ntpd 1ntpdmdoc @@ -2743,6 +2840,181 @@ This is the same operation as the .Fl l command line option. +.It Xo Ic mru +.Oo +.Cm maxdepth Ar count | Cm maxmem Ar kilobytes | +.Cm mindepth Ar count | Cm maxage Ar seconds | +.Cm initialloc Ar count | Cm initmem Ar kilobytes | +.Cm incalloc Ar count | Cm incmem Ar kilobytes +.Oc +.Xc +Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +.Bl -tag -width indent +.It Ic maxdepth Ar count +.It Ic maxmem Ar kilobytes +Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +.Cm incalloc +entries or +.Cm incmem +kilobytes larger. +As with all of the +.Cm mru +options offered in units of entries or kilobytes, if both +.Cm maxdepth +and +.Cm maxmem are used, the last one used controls. +The default is 1024 kilobytes. +.It Cm mindepth Ar count +Lower limit on the MRU list size. +When the MRU list has fewer than +.Cm mindepth +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +.It Cm maxage Ar seconds +Once the MRU list has +.Cm mindepth +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +.Cm maxage +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +.Cm maxdepth / moxmem . +The default is 64 seconds. +.It Cm initalloc Ar count +.It Cm initmem Ar kilobytes +Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +.It Cm incalloc Ar count +.It Cm incmem Ar kilobytes +Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +.El +.It Ic nonvolatile Ar threshold +Specify the +.Ar threshold +delta in seconds before an hourly change to the +.Cm driftfile +(frequency file) will be written, with a default value of 1e-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +.Cm threshold +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +.It Ic phone Ar dial ... +This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 - 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 - 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +.It Xo Ic reset +.Oo +.Ic allpeers +.Oc +.Oo +.Ic auth +.Oc +.Oo +.Ic ctl +.Oc +.Oo +.Ic io +.Oc +.Oo +.Ic mem +.Oc +.Oo +.Ic sys +.Oc +.Oo +.Ic timer +.Oc +.Xc +Reset one or more groups of counters maintained by +.Cm ntpd +and exposed by +.Cm ntpq +and +.Cm ntpdc . +.It Xo Ic rlimit +.Oo +.Cm memlock Ar Nmegabytes | +.Cm stacksize Ar N4kPages +.Cm filenum Ar Nfiledescriptors +.Oc +.Xc +.Bl -tag -width indent +.It Cm memlock Ar Nmegabytes +Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +.Fl i +option). +The default is 32 megabytes on non-Linux machines, and -1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +.It Cm stacksize Ar N4kPages +Specifies the maximum size of the process stack on systems with the +.Fn mlockall +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +.It Cm filenum Ar Nfiledescriptors +Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +.El +.It Ic saveconfigdir Ar directory_path +Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +.Cm saveconfig +command. +If +.Cm saveconfigdir +does not appear in the configuration file, +.Cm saveconfig +requests are rejected by +.Cm ntpd . +.It Ic saveconfig Ar filename +Write the current configuration, including any runtime +modifications given with +.Cm :config +or +.Cm config-from-file +to the +.Cm ntpd +host's +.Ar filename +in the +.Cm saveconfigdir . +This command will be rejected unless the +.Cm saveconfigdir +directive appears in +.Cm ntpd 's +configuration file. +.Ar filename +can use +.Xr strftime 3 +format directives to substitute the current date and time, +for example, +.Cm saveconfig\ ntp-%Y%m%d-%H%M%S.conf . +The filename used is stored in the system variable +.Cm savedconfig . +Authentication is required. .It Ic setvar Ar variable Op Cm default This command adds an additional system variable. These @@ -2781,6 +3053,10 @@ the names of all peer variables and the .Va clock_var_list holds the names of the reference clock variables. +.It Cm sysinfo +Display operational summary. +.It Cm sysstats +Show statistics counters maintained in the protocol module. .It Xo Ic tinker .Oo .Cm allan Ar allan | @@ -2870,33 +3146,18 @@ If set to zero, the stepout pulses will not be suppressed. .El -.It Xo Ic rlimit -.Oo -.Cm memlock Ar Nmegabytes | -.Cm stacksize Ar N4kPages -.Cm filenum Ar Nfiledescriptors -.Oc -.Xc -.Bl -tag -width indent -.It Cm memlock Ar Nmegabytes -Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the -.Fl i -option). -The default is 32 megabytes on non-Linux machines, and -1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -.It Cm stacksize Ar N4kPages -Specifies the maximum size of the process stack on systems with the -.Fn mlockall -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -.It Cm filenum Ar Nfiledescriptors -Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -.El +.It Cm writevar Ar assocID\ name = value [,...] +Write (create or update) the specified variables. +If the +.Cm assocID +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +.Cm assocID +is required, as the same name can occur in both name spaces. .It Xo Ic trap Ar host_address .Op Cm port Ar port_number .Op Cm interface Ar interface_address @@ -2911,6 +3172,13 @@ message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes. +.It Cm ttl Ar hop ... +This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +.Cm manycast +mode these values are used in-turn in an expanding-ring search. +The default is eight multiples of 32 starting at 31. .Pp The trap receiver will generally log event messages and other information from the server in a log file. --- contrib/ntp/ntpd/ntp.conf.html.orig +++ contrib/ntp/ntpd/ntp.conf.html @@ -33,9 +33,9 @@

    This document describes the configuration file for the NTP Project's ntpd program. -

    This document applies to version 4.2.8p10 of ntp.conf. +

    This document applies to version 4.2.8p11 of ntp.conf. -

    +

    Short Contents

      NTP's Configuration File User Manual @@ -1467,7 +1467,7 @@ monitor subcommand specifies the probability of discard for packets that overflow the rate-control window. -
      restrict address [mask mask] [flag ...]
      The +
      restrict address [mask mask] [ippeerlimit int] [flag ...]
      The address argument expressed in dotted-quad form is the address of a host or network. @@ -1490,6 +1490,15 @@ default, with no mask option, may be used to indicate the default entry. +The +ippeerlimit +directive limits the number of peer requests for each IP to +int, +where a value of -1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, flag always @@ -1536,6 +1545,17 @@ This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. +
      noepeer
      Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +ntp.keys +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +noepeer +to become the default in ntp-4.4.
      nomodify
      Deny ntpq(1ntpqmdoc) and @@ -1550,10 +1570,10 @@ ntpdc(1ntpdcmdoc) queries. Time service is not affected. -
      nopeer
      Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +
      nopeer
      Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes pool associations, so if you want to use servers from a @@ -1561,8 +1581,10 @@ directive and also want to use nopeer by default, you'll want a -restrict source ... line as well that does -
      not
      include the +restrict source ... +line as well that does +not +include the nopeer directive.
      noserve
      Deny all packets except @@ -1938,13 +1960,14 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed -to any number of poll intervals between 0 and 4. +to any number of poll intervals between 0 and 4. +
      Manycast Options
      -
      +
      tos [ceiling ceiling | cohort { 0 | 1 } | floor floor | minclock minclock | minsane minsane]
      This command affects the clock selection and clustering algorithms. It can be used to select the quality and @@ -1952,7 +1975,7 @@ and is most useful in manycast mode. The variables operate as follows: -
      +
      ceiling ceiling
      Peers with strata above ceiling will be discarded if there are at least @@ -1994,7 +2017,7 @@ should be at least 4 in order to detect and discard a single falseticker.
      -
      ttl hop ...
      This command specifies a list of TTL values in increasing +
      ttl hop ...
      This command specifies a list of TTL values in increasing order, up to 8 values can be specified. In manycast mode these values are used in turn in an expanding-ring search. @@ -2001,7 +2024,7 @@ The default is eight multiples of 32 starting at 31.
      -
      +



      @@ -2009,7 +2032,7 @@

      Reference Clock Support

      -

      The NTP Version 4 daemon supports some three dozen different radio, +

      The NTP Version 4 daemon supports some three dozen different radio, satellite and modem reference clocks plus a special pseudo-clock used for backup or when no other clock source is available. Detailed descriptions of individual device drivers and options can @@ -2046,7 +2069,7 @@ provided in /usr/share/doc/ntp). -

      A reference clock will generally (though not always) be a radio +

      A reference clock will generally (though not always) be a radio timecode receiver which is synchronized to a source of standard time such as the services offered by the NRC in Canada and NIST and USNO in the US. @@ -2062,7 +2085,7 @@ in a scalding remark to the system log file, but is otherwise non hazardous. -

      For the purposes of configuration, +

      For the purposes of configuration, ntpd(1ntpdmdoc) treats reference clocks in a manner analogous to normal NTP peers as much @@ -2083,7 +2106,7 @@ sometimes useful to configure multiple reference clocks of the same type, in which case the unit numbers must be unique. -

      The +

      The server command is used to configure a reference clock, where the @@ -2121,7 +2144,7 @@ See the individual clock driver document pages for additional information. -

      The +

      The fudge command is used to provide additional information for individual clock drivers and normally follows @@ -2143,7 +2166,7 @@ fudge command as well. -

      The stratum number of a reference clock is by default zero. +

      The stratum number of a reference clock is by default zero. Since the ntpd(1ntpdmdoc) daemon adds one to the stratum of each @@ -2166,11 +2189,11 @@

      Reference Clock Commands
      -
      +
      server 127.127.t.u [prefer] [mode int] [minpoll int] [maxpoll int]
      This command can be used to configure reference clocks in special ways. The options are interpreted as follows: -
      +
      prefer
      Marks the reference clock as preferred. All other things being equal, this host will be chosen for synchronization among a set of @@ -2203,7 +2226,7 @@ defaults to 14 (4.5 h). The allowable range is 4 (16 s) to 17 (36.4 h) inclusive.
      -
      fudge 127.127.t.u [time1 sec] [time2 sec] [stratum int] [refid string] [mode int] [flag1 0 | 1] [flag2 0 | 1] [flag3 0 | 1] [flag4 0 | 1]
      This command can be used to configure reference clocks in +
      fudge 127.127.t.u [time1 sec] [time2 sec] [stratum int] [refid string] [mode int] [flag1 0 | 1] [flag2 0 | 1] [flag3 0 | 1] [flag4 0 | 1]
      This command can be used to configure reference clocks in special ways. It must immediately follow the server @@ -2214,7 +2237,7 @@ program. The options are interpreted as follows: -
      +
      time1 sec
      Specifies a constant to be added to the time offset produced by the driver, a fixed-point decimal number in seconds. This is used @@ -2251,7 +2274,7 @@ page (available as part of the HTML documentation provided in -/usr/share/doc/ntp). +/usr/share/doc/ntp ).
      stratum int
      Specifies the stratum number assigned to the driver, an integer between 0 and 15. This number overrides the default stratum number @@ -2285,8 +2308,8 @@ command can be found in Monitoring Options.
      -
      -
      +
      +



      @@ -2294,7 +2317,7 @@

      Miscellaneous Options

      -
      +
      broadcastdelay seconds
      The broadcast and multicast modes require a special calibration to determine the network delay between the local and remote servers. @@ -2327,7 +2350,7 @@ If this command is not given, the daemon will always start with an initial frequency of zero. -

      The file format consists of a single line containing a single +

      The file format consists of a single line containing a single floating point number, which records the frequency offset measured in parts-per-million (PPM). The file is updated by first writing @@ -2347,7 +2370,7 @@ can be controlled remotely using the ntpdc(1ntpdcmdoc) utility program. -

      +
      auth
      Enables the server to synchronize with unconfigured peers only if the peer has been correctly authenticated using either public key or private key cryptography. @@ -2482,7 +2505,7 @@ default for this flag is enable.
      -
      includefile includefile
      This command allows additional configuration commands +
      includefile includefile
      This command allows additional configuration commands to be included from a separate file. Include files may be nested to a depth of five; upon reaching the end of any @@ -2492,6 +2515,67 @@ ntpd(1ntpdmdoc) on multiple hosts, with (mostly) common options (e.g., a restriction list). +
      interface [listen | ignore | drop] [all | ipv4 | ipv6 | wildcard name | address [/ prefixlen]]
      The +interface +directive controls which network addresses +ntpd(1ntpdmdoc) +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +prefixlen +determines how many bits must match for this rule to apply. +ignore +prevents opening matching addresses, +drop +causes +ntpd(1ntpdmdoc) +to open the address and drop all received packets without examination. +Multiple +interface +directives can be used. +The last rule which matches a particular address determines the action for it. +interface +directives are disabled if any +-I, +--interface, +-L, +or +--novirtualips +command-line options are specified in the configuration file, +all available network addresses are opened. +The +nic +directive is an alias for +interface. +
      leapfile leapfile
      This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list +or +ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list. +The +leapfile +is scanned when +ntpd(1ntpdmdoc) +processes the +leapfile directive or when +ntpd detects that the +leapfile +has changed. +ntpd +checks once a day to see if the +leapfile +has changed. +The +update-leap(1update_leapmdoc) +script can be run to see if the +leapfile +should be updated.
      leapsmearinterval seconds
      This EXPERIMENTAL option is only available if ntpd(1ntpdmdoc) was built with the @@ -2543,7 +2627,7 @@ status messages (status). -

      Configuration keywords are formed by concatenating the message class with +

      Configuration keywords are formed by concatenating the message class with the event class. The all @@ -2555,20 +2639,20 @@ messages of the respective message class. Thus, a minimal log configuration could look like this: -

                
      -          logconfig =syncstatus +sysevents
      -     
      +
           
      +     logconfig =syncstatus +sysevents
      +
      -

      This would just list the synchronizations state of +

      This would just list the synchronizations state of ntpd(1ntpdmdoc) and the major system events. For a simple reference server, the following minimum message configuration could be useful: -

                
      -          logconfig =syncall +clockall
      -     
      +
           
      +     logconfig =syncall +clockall
      +
      -

      This configuration will list all clock information and +

      This configuration will list all clock information and synchronization information. All other events and messages about peers, system events and so on is suppressed. @@ -2579,6 +2663,129 @@ This is the same operation as the -l command line option. +

      mru [maxdepth count | maxmem kilobytes | mindepth count | maxage seconds | initialloc count | initmem kilobytes | incalloc count | incmem kilobytes]
      Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +
      +
      maxdepth count
      maxmem kilobytes
      Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +incalloc +entries or +incmem +kilobytes larger. +As with all of the +mru +options offered in units of entries or kilobytes, if both +maxdepth +and +maxmem are used, the last one used controls. +The default is 1024 kilobytes. +
      mindepth count
      Lower limit on the MRU list size. +When the MRU list has fewer than +mindepth +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +
      maxage seconds
      Once the MRU list has +mindepth +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +maxage +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +maxdepth / moxmem. +The default is 64 seconds. +
      initalloc count
      initmem kilobytes
      Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +
      incalloc count
      incmem kilobytes
      Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +
      +
      nonvolatile threshold
      Specify the +threshold +delta in seconds before an hourly change to the +driftfile +(frequency file) will be written, with a default value of 1e-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +threshold +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +
      phone dial ...
      This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 - 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 - 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +
      reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]
      Reset one or more groups of counters maintained by +ntpd +and exposed by +ntpq +and +ntpdc. +
      rlimit [memlock Nmegabytes | stacksize N4kPages filenum Nfiledescriptors]
      +
      +
      memlock Nmegabytes
      Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +-i +option). +The default is 32 megabytes on non-Linux machines, and -1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +
      stacksize N4kPages
      Specifies the maximum size of the process stack on systems with the +mlockall() +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +
      filenum Nfiledescriptors
      Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +
      +
      saveconfigdir directory_path
      Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +saveconfig +command. +If +saveconfigdir +does not appear in the configuration file, +saveconfig +requests are rejected by +ntpd. +
      saveconfig filename
      Write the current configuration, including any runtime +modifications given with +:config +or +config-from-file +to the +ntpd +host's +filename +in the +saveconfigdir. +This command will be rejected unless the +saveconfigdir +directive appears in +.Cm ntpd 's +configuration file. +filename +can use +strftime(3) +format directives to substitute the current date and time, +for example, +saveconfig\ ntp-%Y%m%d-%H%M%S.conf. +The filename used is stored in the system variable +savedconfig. +Authentication is required.
      setvar variable [default]
      This command adds an additional system variable. These variables can be used to distribute additional information such as @@ -2610,6 +2817,8 @@ the names of all peer variables and the clock_var_list holds the names of the reference clock variables. +
      sysinfo
      Display operational summary. +
      sysstats
      Show statistics counters maintained in the protocol module.
      tinker [allan allan | dispersion dispersion | freq freq | huffpuff huffpuff | panic panic | step step | stepback stepback | stepfwd stepfwd | stepout stepout]
      This command can be used to alter several system variables in very exceptional circumstances. It should occur in the @@ -2627,8 +2836,8 @@ Emphasis added: twisters are on their own and can expect no help from the support group. -

      The variables operate as follows: -

      +

      The variables operate as follows: +

      allan allan
      The argument becomes the new value for the minimum Allan intercept, which is a parameter of the PLL/FLL clock discipline algorithm. @@ -2677,25 +2886,18 @@ If set to zero, the stepout pulses will not be suppressed.
      -
      rlimit [memlock Nmegabytes | stacksize N4kPages filenum Nfiledescriptors]
      -
      -
      memlock Nmegabytes
      Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the --i -option). -The default is 32 megabytes on non-Linux machines, and -1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -
      stacksize N4kPages
      Specifies the maximum size of the process stack on systems with the -mlockall() -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -
      filenum Nfiledescriptors
      Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -
      -
      trap host_address [port port_number] [interface interface_address]
      This command configures a trap receiver at the given host +
      writevar assocID\ name = value [,...]
      Write (create or update) the specified variables. +If the +assocID +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +assocID +is required, as the same name can occur in both name spaces. +
      trap host_address [port port_number] [interface interface_address]
      This command configures a trap receiver at the given host address and port number for sending messages with the specified local interface address. If the port number is unspecified, a value @@ -2704,9 +2906,15 @@ message is sent with a source address of the local interface the message is sent through. Note that on a multihomed host the -interface used may vary from time to time with routing changes. +interface used may vary from time to time with routing changes. +
      ttl hop ...
      This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +manycast +mode these values are used in-turn in an expanding-ring search. +The default is eight multiples of 32 starting at 31. -

      The trap receiver will generally log event messages and other +

      The trap receiver will generally log event messages and other information from the server in a log file. While such monitor programs may also request their own trap dynamically, configuring a @@ -2720,11 +2928,11 @@ 31.

      -

      This section was generated by AutoGen, +

      This section was generated by AutoGen, using the agtexi-cmd template and the option descriptions for the ntp.conf program. This software is released under the NTP license, <http://ntp.org/license>. -

      Status Words and Kiss Codes
      @@ -570,10 +652,10 @@ in a set of status words maintained by the system. Status information is also available on a per-association basis. -These words are displayed in the -rv +These words are displayed by the +readlist and -as +associations commands both in hexadecimal and in decoded short tip strings. The codes, tips and short explanations are documented on the .Lk decode.html "Event Messages and Status Words" @@ -592,9 +674,10 @@
      System Variables

      The following system variables appear in the -rv +readlist billboard. Not all variables are displayed in some configurations. +

      Variable
      Description
      status
      .Lk decode.html#sys "system status word" @@ -606,16 +689,16 @@
      precision
      precision (log2 s)
      rootdelay
      total roundtrip delay to the primary reference clock
      rootdisp
      total dispersion to the primary reference clock -
      peer
      system peer association ID +
      refid
      reference id or +.Lk decode.html#kiss "kiss code" +
      reftime
      reference time +
      clock
      date and time of day +
      peer
      system peer association id
      tc
      time constant and poll exponent (log2 s) (3-17)
      mintc
      minimum time constant (log2 s) (3-10) -
      clock
      date and time of day -
      refid
      reference ID or -.Lk decode.html#kiss "kiss code" -
      reftime
      reference time -
      offset
      combined offset of server relative to this host +
      offset
      combined offset of server relative to this host +
      frequency
      frequency drift (PPM) relative to hardware clock
      sys_jitter
      combined system jitter -
      frequency
      frequency offset (PPM) relative to hardware clock
      clk_wander
      clock frequency wander (PPM)
      clk_jitter
      clock jitter
      tai
      TAI-UTC offset (s) @@ -630,7 +713,6 @@ additional system variables are displayed, including some or all of the following, depending on the particular Autokey dance: -
      Variable
      Description
      host
      Autokey host name for this host @@ -646,13 +728,13 @@
      Peer Variables

      The following peer variables appear in the -rv +readlist billboard for each association. Not all variables are displayed in some configurations.

      Variable
      Description -
      associd
      association ID +
      associd
      association id
      status
      .Lk decode.html#peer "peer status word"
      srcadr
      source (remote) IP address
      srcport
      source (remote) port @@ -663,9 +745,10 @@
      precision
      precision (log2 s)
      rootdelay
      total roundtrip delay to the primary reference clock
      rootdisp
      total root dispersion to the primary reference clock -
      refid
      reference ID or +
      refid
      reference id or .Lk decode.html#kiss "kiss code"
      reftime
      reference time +
      rec
      last packet received time
      reach
      reach register (octal)
      unreach
      unreach counter
      hmode
      host mode (1-6) @@ -675,11 +758,11 @@
      headway
      headway (see .Lk rate.html "Rate Management and the Kiss-o'-Death Packet" )
      flash
      .Lk decode.html#flash "flash status word" +
      keyid
      symmetric key id
      offset
      filter offset
      delay
      filter delay
      dispersion
      filter dispersion
      jitter
      filter jitter -
      ident
      Autokey group name for this association
      bias
      unicast/broadcast bias
      xleave
      interleave delay (see .Lk xleave.html "NTP Interleaved Modes" ) @@ -688,7 +771,8 @@ bias variable is calculated when the first broadcast packet is received after the calibration volley. -It represents the offset of the broadcast subgraph relative to the unicast subgraph. +It represents the offset of the broadcast subgraph relative to the +unicast subgraph. The xleave variable appears only for the interleaved symmetric and interleaved modes. @@ -703,20 +787,21 @@
      host
      Autokey server name
      flags
      peer flags (see Autokey specification)
      signature
      OpenSSL digest/signature scheme -
      initsequence
      initial key ID +
      initsequence
      initial key id
      initkey
      initial key index
      timestamp
      Autokey signature timestamp +
      ident
      Autokey group name for this association
      Clock Variables

      The following clock variables appear in the -cv +clocklist billboard for each association with a reference clock. Not all variables are displayed in some configurations.

      Variable
      Description -
      associd
      association ID +
      associd
      association id
      status
      .Lk decode.html#clock "clock status word"
      device
      device description
      timecode
      ASCII time code string (specific to device) @@ -727,7 +812,7 @@
      fudgetime1
      fudge time 1
      fudgetime2
      fudge time 2
      stratum
      driver stratum -
      refid
      driver reference ID +
      refid
      driver reference id
      flags
      driver flags
      @@ -770,12 +855,12 @@ used to select the program, defaulting to more. Both will exit with a status code of 0. -
      ntpq - standard NTP query program - Ver. 4.2.8p10-beta
      +
      ntpq - standard NTP query program - Ver. 4.2.8p10
       Usage:  ntpq [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]
         Flg Arg Option-Name    Description
      -   -4 no  ipv4           Force IPv4 DNS name resolution
      +   -4 no  ipv4           Force IPv4 name resolution
                                       - prohibits the option 'ipv6'
      -   -6 no  ipv6           Force IPv6 DNS name resolution
      +   -6 no  ipv6           Force IPv6 name resolution
                                       - prohibits the option 'ipv4'
          -c Str command        run a command and exit
                                       - may appear multiple times
      @@ -826,7 +911,7 @@
       

      ipv4 option (-4)

      -This is the “force ipv4 dns name resolution” option. +This is the “force ipv4 name resolution” option.

      This option has some usage constraints. It:

        @@ -834,7 +919,7 @@ ipv6.
      -

      Force DNS resolution of following host names on the command line +

      Force resolution of following host names on the command line to the IPv4 namespace.


      @@ -847,7 +932,7 @@

      ipv6 option (-6)

      -This is the “force ipv6 dns name resolution” option. +This is the “force ipv6 name resolution” option.

      This option has some usage constraints. It:

        @@ -855,7 +940,7 @@ ipv4.
      -

      Force DNS resolution of following host names on the command line +

      Force resolution of following host names on the command line to the IPv6 namespace.


      @@ -1185,7 +1270,7 @@ with default MD5. If the OpenSSL library is installed, digest can be be any message digest algorithm supported by the library. -The current selections are: MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1. +The current selections are: AES128CMAC, MD2, MD4, MD5, MDC2, RIPEMD160, SHA and SHA1.
      ntpversion 1 | 2 | 3 | 4
      Sets the NTP version number which ntpq claims in packets. Defaults to 2. --- contrib/ntp/ntpq/ntpq.man.in.orig +++ contrib/ntp/ntpq/ntpq.man.in @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntpq @NTPQ_MS@ "21 Mar 2017" "4.2.8p10" "User Commands" +.TH ntpq @NTPQ_MS@ "27 Feb 2018" "4.2.8p11" "User Commands" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-P4aWgw/ag-p5aWew) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-D4aGRT/ag-Q4ayQT) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:26 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:22 PM by AutoGen 5.18.5 .\" From the definitions ntpq-opts.def .\" and the template file agman-cmd.tpl .SH NAME @@ -31,15 +31,14 @@ .ne 2 .SH DESCRIPTION +.sp \n(Ppu +.ne 2 + The \f\*[B-Font]ntpq\fP -utility program is used to query NTP servers which -implement the standard NTP mode 6 control message formats defined -in Appendix B of the NTPv3 specification RFC1305, requesting +utility program is used to query NTP servers to monitor NTP operations +and performance, requesting information about current state and/or changes in that state. -The same formats are used in NTPv4, although some of the -variables have changed and new ones added. The description on this -page is for the NTPv4 variables. The program may be run either in interactive mode or controlled using command line arguments. Requests to read and write arbitrary @@ -50,6 +49,9 @@ utility can also obtain and print a list of peers in a common format by sending multiple queries to the server. +.sp \n(Ppu +.ne 2 + If one or more request options is included on the command line when \f\*[B-Font]ntpq\fP @@ -67,6 +69,9 @@ \f\*[B-Font]ntpq\fP utility will prompt for commands if the standard input is a terminal device. +.sp \n(Ppu +.ne 2 + \f\*[B-Font]ntpq\fP uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on @@ -80,6 +85,21 @@ one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time. +.sp \n(Ppu +.ne 2 + +Note that in contexts where a host name is expected, a +\f\*[B-Font]\-4\f[] +qualifier preceding the host name forces resolution to the IPv4 +namespace, while a +\f\*[B-Font]\-6\f[] +qualifier forces resolution to the IPv6 namespace. +For examples and usage, see the +\*[Lq]NTP Debugging Techniques\*[Rq] +page. +.sp \n(Ppu +.ne 2 + Specifying a command line option other than \f\*[B-Font]\-i\f[] @@ -93,64 +113,65 @@ will attempt to read interactive format commands from the standard input. .SS "Internal Commands" +.sp \n(Ppu +.ne 2 + Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. +.sp \n(Ppu +.ne 2 + A number of interactive format commands are executed entirely within the \f\*[B-Font]ntpq\fP -utility itself and do not result in NTP mode 6 +utility itself and do not result in NTP requests being sent to a server. These are described following. -.TP 20 -.NOP \f\*[B-Font]?\f[] [\f\*[I-Font]command_keyword\f[]] +.TP 15 +.NOP \f\*[B-Font]?\f[] [\f\*[I-Font]command\f[]] .br .ns -.TP 20 -.NOP \f\*[B-Font]help\f[] [\f\*[I-Font]command_keyword\f[]] +.TP 15 +.NOP \f\*[B-Font]help\f[] [\f\*[I-Font]command\f[]] A \[oq]\&?\[cq] -by itself will print a list of all the command -keywords known to this incarnation of +by itself will print a list of all the commands +known to \f\*[B-Font]ntpq\fP. A \[oq]\&?\[cq] -followed by a command keyword will print function and usage +followed by a command name will print function and usage information about the command. -This command is probably a better -source of information about -\f\*[B-Font]ntpq\fP -than this manual -page. .br .ns -.TP 20 -.NOP \f\*[B-Font]addvars\f[] \f\*[I-Font]variable_name\f[][\f\*[B-Font]=value\f[]] \f\*[B-Font]...\f[] +.TP 15 +.NOP \f\*[B-Font]addvars\f[] \f\*[I-Font]name\f[][\&=\f\*[I-Font]value\f[]][,...] .br .ns -.TP 20 -.NOP \f\*[B-Font]rmvars\f[] \f\*[I-Font]variable_name\f[] \f\*[B-Font]...\f[] +.TP 15 +.NOP \f\*[B-Font]rmvars\f[] \f\*[I-Font]name\f[][,...] .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]clearvars\f[] .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]showvars\f[] -The data carried by NTP mode 6 messages consists of a list of +The arguments to this command consist of a list of items of the form -\[oq]variable_name=value\[cq], +\f\*[I-Font]name\f[][\&=\f\*[I-Font]value\f[]], where the -\[oq]=value\[cq] +.NOP \&=\f\*[I-Font]value\f[] is ignored, and can be omitted, in requests to the server to read variables. The \f\*[B-Font]ntpq\fP -utility maintains an internal list in which data to be included in control -messages can be assembled, and sent using the +utility maintains an internal list in which data to be included in +messages can be assembled, and displayed or set using the \f\*[B-Font]readlist\f[] and \f\*[B-Font]writelist\f[] @@ -165,7 +186,7 @@ \f\*[B-Font]rmvars\f[] command can be used to remove individual variables from the list, while the -\f\*[B-Font]clearlist\f[] +\f\*[B-Font]clearvars\f[] command removes all variables from the list. The @@ -173,33 +194,29 @@ command displays the current list of optional variables. .br .ns -.TP 20 -.NOP \f\*[B-Font]authenticate\f[] [yes | no] +.TP 15 +.NOP \f\*[B-Font]authenticate\f[] [\f\*[B-Font]yes\f[]|\f\*[B-Font]no\f[]] Normally \f\*[B-Font]ntpq\fP does not authenticate requests unless they are write requests. The command -\[oq]authenticate yes\[cq] +\f\*[B-Font]authenticate\f[] \f\*[B-Font]yes\f[] causes \f\*[B-Font]ntpq\fP to send authentication with all requests it makes. Authenticated requests causes some servers to handle -requests slightly differently, and can occasionally melt the CPU in -fuzzballs if you turn authentication on before doing a -\f\*[B-Font]peer\f[] -display. +requests slightly differently. The command -\[oq]authenticate\[cq] +\f\*[B-Font]authenticate\f[] causes \f\*[B-Font]ntpq\fP to display whether or not -\f\*[B-Font]ntpq\fP -is currently autheinticating requests. +it is currently authenticating requests. .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]cooked\f[] Causes output from query commands to be "cooked", so that variables which are recognized by @@ -208,19 +225,19 @@ values reformatted for human consumption. Variables which \f\*[B-Font]ntpq\fP -thinks should have a decodable value but didn't are +could not decode completely are marked with a trailing \[oq]\&?\[cq]. .br .ns -.TP 20 -.NOP \f\*[B-Font]debug\f[] [\f\*[B-Font]more\f[] | \f\*[B-Font]less\f[] | \f\*[B-Font]off\f[]] +.TP 15 +.NOP \f\*[B-Font]debug\f[] [\f\*[B-Font]more\f[]|\f\*[B-Font]less\f[]|\f\*[B-Font]off\f[]] With no argument, displays the current debug level. -Otherwise, the debug level is changed to the indicated level. +Otherwise, the debugging level is changed as indicated. .br .ns -.TP 20 -.NOP \f\*[B-Font]delay\f[] \f\*[I-Font]milliseconds\f[] +.TP 15 +.NOP \f\*[B-Font]delay\f[] [\f\*[I-Font]milliseconds\f[]] Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable @@ -229,23 +246,33 @@ Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete. +Without any arguments, displays the current delay. .br .ns -.TP 20 +.TP 15 +.NOP \f\*[B-Font]drefid\f[] [\f\*[B-Font]hash\f[]|\f\*[B-Font]ipv4\f[]] +Display refids as IPv4 or hash. +Without any arguments, displays whether refids are shown as IPv4 +addresses or hashes. +.br +.ns +.TP 15 .NOP \f\*[B-Font]exit\f[] Exit \f\*[B-Font]ntpq\fP. .br .ns -.TP 20 -.NOP \f\*[B-Font]host\f[] \f\*[I-Font]hostname\f[] +.TP 15 +.NOP \f\*[B-Font]host\f[] [\f\*[I-Font]name\f[]] Set the host to which future queries will be sent. -\f\*[I-Font]hostname\f[] +The +\f\*[I-Font]name\f[] may be either a host name or a numeric address. +Without any arguments, displays the current host. .br .ns -.TP 20 -.NOP \f\*[B-Font]hostnames\f[] [\f\*[B-Font]yes\f[] | \f\*[B-Font]no\f[]] +.TP 15 +.NOP \f\*[B-Font]hostnames\f[] [\f\*[B-Font]yes\f[]|\f\*[B-Font]no\f[]] If \f\*[B-Font]yes\f[] is specified, host names are printed in @@ -260,10 +287,12 @@ modified using the command line \f\*[B-Font]\-n\f[] switch. +Without any arguments, displays whether host names or numeric addresses +are shown. .br .ns -.TP 20 -.NOP \f\*[B-Font]keyid\f[] \f\*[I-Font]keyid\f[] +.TP 15 +.NOP \f\*[B-Font]keyid\f[] [\f\*[I-Font]keyid\f[]] This command allows the specification of a key number to be used to authenticate configuration requests. This must correspond @@ -271,24 +300,26 @@ \f\*[B-Font]controlkey\f[] key number the server has been configured to use for this purpose. +Without any arguments, displays the current +\f\*[I-Font]keyid\f[]. .br .ns -.TP 20 -.NOP \f\*[B-Font]keytype\f[] [\f\*[B-Font]md5\f[] | \f\*[B-Font]OpenSSLDigestType\f[]] -Specify the type of key to use for authenticating requests. -\f\*[B-Font]md5\f[] -is alway supported. +.TP 15 +.NOP \f\*[B-Font]keytype\f[] [\f\*[I-Font]digest\f[]] +Specify the digest algorithm to use for authenticating requests, with default +\f\*[B-Font]MD5\f[]. If \f\*[B-Font]ntpq\fP -was built with OpenSSL support, -any digest type supported by OpenSSL can also be provided. +was built with OpenSSL support, and OpenSSL is installed, +\f\*[I-Font]digest\f[] +can be any message digest algorithm supported by OpenSSL. If no argument is given, the current -\f\*[B-Font]keytype\f[] -is displayed. +\f\*[B-Font]keytype\f[] \f\*[I-Font]digest\f[] +algorithm used is displayed. .br .ns -.TP 20 -.NOP \f\*[B-Font]ntpversion\f[] [\f\*[B-Font]1\f[] | \f\*[B-Font]2\f[] | \f\*[B-Font]3\f[] | \f\*[B-Font]4\f[]] +.TP 15 +.NOP \f\*[B-Font]ntpversion\f[] [\f\*[B-Font]1\f[]|\f\*[B-Font]2\f[]|\f\*[B-Font]3\f[]|\f\*[B-Font]4\f[]] Sets the NTP version number which \f\*[B-Font]ntpq\fP claims in @@ -301,7 +332,7 @@ when communicating with servers. .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]passwd\f[] This command prompts you to type in a password (which will not be echoed) which will be used to authenticate configuration @@ -309,22 +340,23 @@ The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful. -.\" Not yet implemented. -.\" .It Ic poll -.\" .Op Ar n -.\" .Op Ic verbose -.\" Poll an NTP server in client mode -.\" .Ar n -.\" times. .br .ns -.TP 20 +.TP 15 +.NOP \f\*[B-Font]poll\f[] [\f\*[I-Font]n\f[]] [\f\*[B-Font]verbose\f[]] +Poll an NTP server in client mode +\f\*[I-Font]n\f[] +times. +Poll not implemented yet. +.br +.ns +.TP 15 .NOP \f\*[B-Font]quit\f[] Exit \f\*[B-Font]ntpq\fP. .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]raw\f[] Causes all output from query commands is printed as received from the remote server. @@ -333,11 +365,12 @@ understandable) form. .br .ns -.TP 20 -.NOP \f\*[B-Font]timeout\f[] \f\*[I-Font]milliseconds\f[] +.TP 15 +.NOP \f\*[B-Font]timeout\f[] [\f\*[I-Font]milliseconds\f[]] Specify a timeout period for responses to server queries. The default is about 5000 milliseconds. +Without any arguments, displays the current timeout period. Note that since \f\*[B-Font]ntpq\fP retries each query once after a timeout, the total waiting time for @@ -344,119 +377,202 @@ a timeout will be twice the timeout value set. .br .ns -.TP 20 +.TP 15 .NOP \f\*[B-Font]version\f[] -Print the version of the +Display the version of the \f\*[B-Font]ntpq\fP program. .PP .SS "Control Message Commands" -Association IDs are used to identify system, peer and clock variables. -System variables are assigned an association ID of zero and system name space, while each association is assigned a nonzero association ID and peer namespace. -Most control commands send a single mode-6 message to the server and expect a single response message. +Association ids are used to identify system, peer and clock variables. +System variables are assigned an association id of zero and system name +space, while each association is assigned a nonzero association id and +peer namespace. +Most control commands send a single message to the server and expect a +single response message. The exceptions are the -\f[C]peers\f[] +\f\*[B-Font]peers\f[] command, which sends a series of messages, and the -\f[C]mreadlist\f[] +\f\*[B-Font]mreadlist\f[] and -\f[C]mreadvar\f[] +\f\*[B-Font]mreadvar\f[] commands, which iterate over a range of associations. .TP 10 +.NOP \f\*[B-Font]apeers\f[] +Display a list of peers in the form: +.Dl [tally]remote refid assid st t when pool reach delay offset jitter +where the output is just like the +\f\*[B-Font]peers\f[] +command except that the +\f\*[B-Font]refid\f[] +is displayed in hex format and the association number is also displayed. +.br +.ns +.TP 10 .NOP \f\*[B-Font]associations\f[] Display a list of mobilized associations in the form: .Dl ind assid status conf reach auth condition last_event cnt .RS .IP \fB\(bu\fP 2 -.IP \fB\(bu\fP 2 \f[C]ind\f[] \f[C]Ta\f[] \f[C]index\f[] \f[C]on\f[] \f[C]this\f[] \f[C]list\f[] -.IP \fB\(bu\fP 2 \f[C]assid\f[] \f[C]Ta\f[] \f[C]association\f[] \f[C]ID\f[] -.IP \fB\(bu\fP 2 \f[C]status\f[] \f[C]Ta\f[] \f[C]peer\f[] \f[C]status\f[] \f[C]word\f[] -.IP \fB\(bu\fP 2 \f[C]conf\f[] \f[C]Ta\f[] \f[C]yes\f[]: \f[C]persistent,\f[] \f[C]no\f[]: \f[C]ephemeral\f[] -.IP \fB\(bu\fP 2 \f[C]reach\f[] \f[C]Ta\f[] \f[C]yes\f[]: \f[C]reachable,\f[] \f[C]no\f[]: \f[C]unreachable\f[] -.IP \fB\(bu\fP 2 \f[C]auth\f[] \f[C]Ta\f[] \f[C]ok\f[], \f[C]yes\f[], \f[C]bad\f[] \f[C]and\f[] \f[C]none\f[] -.IP \fB\(bu\fP 2 \f[C]condition\f[] \f[C]Ta\f[] \f[C]selection\f[] \f[C]status\f[] \f[C](see\f[] \f[C]the\f[] \f[C]select\f[] \f[C]field\f[] \f[C]of\f[] \f[C]the\f[] \f[C]peer\f[] \f[C]status\f[] \f[C]word)\f[] -.IP \fB\(bu\fP 2 \f[C]last_event\f[] \f[C]Ta\f[] \f[C]event\f[] \f[C]report\f[] \f[C](see\f[] \f[C]the\f[] \f[C]event\f[] \f[C]field\f[] \f[C]of\f[] \f[C]the\f[] \f[C]peer\f[] \f[C]status\f[] \f[C]word)\f[] -.IP \fB\(bu\fP 2 \f[C]cnt\f[] \f[C]Ta\f[] \f[C]event\f[] \f[C]count\f[] \f[C](see\f[] \f[C]the\f[] \f[C]count\f[] \f[C]field\f[] \f[C]of\f[] \f[C]the\f[] \f[C]peer\f[] \f[C]status\f[] \f[C]word)\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]ind\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]index\f[] \f\*[B-Font]on\f[] \f\*[B-Font]this\f[] \f\*[B-Font]list\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]assid\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]association\f[] \f\*[B-Font]id\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]status\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]peer\f[] \f\*[B-Font]status\f[] \f\*[B-Font]word\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]conf\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]yes\f[]: \f\*[B-Font]No\f[] \f\*[B-Font]persistent,\f[] \f\*[B-Font]no\f[]: \f\*[B-Font]No\f[] \f\*[B-Font]ephemeral\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]reach\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]yes\f[]: \f\*[B-Font]No\f[] \f\*[B-Font]reachable,\f[] \f\*[B-Font]no\f[]: \f\*[B-Font]No\f[] \f\*[B-Font]unreachable\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]auth\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]ok\f[], \f\*[B-Font]yes\f[], \f\*[B-Font]bad\f[] \f\*[B-Font]No\f[] \f\*[B-Font]and\f[] \f\*[B-Font]none\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]condition\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]selection\f[] \f\*[B-Font]status\f[] \f\*[B-Font]\&(see\f[] \f\*[B-Font]the\f[] \f\*[B-Font]select\f[] \f\*[B-Font]No\f[] \f\*[B-Font]field\f[] \f\*[B-Font]of\f[] \f\*[B-Font]the\f[] \f\*[B-Font]peer\f[] \f\*[B-Font]status\f[] \f\*[B-Font]word\&)\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]last_event\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]event\f[] \f\*[B-Font]report\f[] \f\*[B-Font]\&(see\f[] \f\*[B-Font]the\f[] \f\*[B-Font]event\f[] \f\*[B-Font]No\f[] \f\*[B-Font]field\f[] \f\*[B-Font]of\f[] \f\*[B-Font]the\f[] \f\*[B-Font]peer\f[] \f\*[B-Font]status\f[] \f\*[B-Font]word\&)\f[] +.IP \fB\(bu\fP 2 \f\*[B-Font]cnt\f[] \f\*[B-Font]Ta\f[] \f\*[B-Font]event\f[] \f\*[B-Font]count\f[] \f\*[B-Font]\&(see\f[] \f\*[B-Font]the\f[] \f\*[B-Font]count\f[] \f\*[B-Font]No\f[] \f\*[B-Font]field\f[] \f\*[B-Font]of\f[] \f\*[B-Font]the\f[] \f\*[B-Font]peer\f[] \f\*[B-Font]status\f[] \f\*[B-Font]word\&)\f[] .RE .br .ns .TP 10 .NOP \f\*[B-Font]authinfo\f[] -Display the authentication statistics. +Display the authentication statistics counters: +time since reset, stored keys, free keys, key lookups, keys not found, +uncached keys, expired keys, encryptions, decryptions. .br .ns .TP 10 -.NOP \f\*[B-Font]clockvar\f[] \f\*[I-Font]assocID\f[] [\f\*[I-Font]name\f[][\f\*[B-Font]=\f[]\f\*[I-Font]value\f[]] [] ...] +.NOP \f\*[B-Font]clocklist\f[] [\f\*[I-Font]associd\f[]] .br .ns .TP 10 -.NOP \f\*[B-Font]cv\f[] \f\*[I-Font]assocID\f[] [\f\*[I-Font]name\f[][\f\*[B-Font]=\f[]\f\*[I-Font]value\f[]] [] ...] -Display a list of clock variables for those associations supporting a reference clock. +.NOP \f\*[B-Font]cl\f[] [\f\*[I-Font]associd\f[]] +Display all clock variables in the variable list for those associations +supporting a reference clock. .br .ns .TP 10 -.NOP \f\*[B-Font]:config\f[] [...] -Send the remainder of the command line, including whitespace, to the server as a run-time configuration command in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is of course required. +.NOP \f\*[B-Font]clockvar\f[] [\f\*[I-Font]associd\f[]] [\f\*[I-Font]name\f[][\&=\f\*[I-Font]value\f[]][] ,...] .br .ns .TP 10 +.NOP \f\*[B-Font]cv\f[] [\f\*[I-Font]associd\f[]] [\f\*[I-Font]name\f[][\&=\f\*[I-Font]value\f[]][] ,...] +Display a list of clock variables for those associations supporting a +reference clock. +.br +.ns +.TP 10 +.NOP \f\*[B-Font]:config\f[] \f\*[I-Font]configuration command line\f[] +Send the remainder of the command line, including whitespace, to the +server as a run-time configuration command in the same format as a line +in the configuration file. +This command is experimental until further notice and clarification. +Authentication is of course required. +.br +.ns +.TP 10 .NOP \f\*[B-Font]config-from-file\f[] \f\*[I-Font]filename\f[] -Send the each line of +Send each line of \f\*[I-Font]filename\f[] -to the server as run-time configuration commands in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is required. +to the server as run-time configuration commands in the same format as +lines in the configuration file. +This command is experimental until further notice and clarification. +Authentication is required. .br .ns .TP 10 .NOP \f\*[B-Font]ifstats\f[] -Display statistics for each local network address. Authentication is required. +Display status and statistics counters for each local network interface address: +interface number, interface name and address or broadcast, drop, flag, +ttl, mc, received, sent, send failed, peers, uptime. +Authentication is required. .br .ns .TP 10 .NOP \f\*[B-Font]iostats\f[] -Display network and reference clock I/O statistics. +Display network and reference clock I/O statistics: +time since reset, receive buffers, free receive buffers, used receive buffers, +low water refills, dropped packets, ignored packets, received packets, +packets sent, packet send failures, input wakeups, useful input wakeups. .br .ns .TP 10 .NOP \f\*[B-Font]kerninfo\f[] -Display kernel loop and PPS statistics. As with other ntpq output, times are in milliseconds. The precision value displayed is in milliseconds as well, unlike the precision system variable. +Display kernel loop and PPS statistics: +associd, status, pll offset, pll frequency, maximum error, +estimated error, kernel status, pll time constant, precision, +frequency tolerance, pps frequency, pps stability, pps jitter, +calibration interval, calibration cycles, jitter exceeded, +stability exceeded, calibration errors. +As with other ntpq output, times are in milliseconds; very small values +may be shown as exponentials. +The precision value displayed is in milliseconds as well, unlike the +precision system variable. .br .ns .TP 10 .NOP \f\*[B-Font]lassociations\f[] -Perform the same function as the associations command, except display mobilized and unmobilized associations. +Perform the same function as the associations command, except display +mobilized and unmobilized associations, including all clients. .br .ns .TP 10 -.NOP \f\*[B-Font]lopeers\f[] [\f\*[B-Font]\-4\f[] | \f\*[B-Font]\-6\f[]] -Obtain and print a list of all peers and clients showing -\f\*[I-Font]dstadr\f[] -(associated with any given IP version). +.NOP \f\*[B-Font]lopeers\f[] [\f\*[B-Font]\-4\f[]|\f\*[B-Font]\-6\f[]] +Display a list of all peers and clients showing +\f\*[B-Font]dstadr\f[] +(associated with the given IP version). .br .ns .TP 10 -.NOP \f\*[B-Font]lpeers\f[] [\f\*[B-Font]\-4\f[] | \f\*[B-Font]\-6\f[]] -Print a peer spreadsheet for the appropriate IP version(s). -\f\*[I-Font]dstadr\f[] -(associated with any given IP version). +.NOP \f\*[B-Font]lpassociations\f[] +Display the last obtained list of associations, including all clients. .br .ns .TP 10 +.NOP \f\*[B-Font]lpeers\f[] [\f\*[B-Font]\-4\f[]|\f\*[B-Font]\-6\f[]] +Display a list of all peers and clients (associated with the given IP version). +.br +.ns +.TP 10 .NOP \f\*[B-Font]monstats\f[] -Display monitor facility statistics. +Display monitor facility status, statistics, and limits: +enabled, addresses, peak addresses, maximum addresses, +reclaim above count, reclaim older than, kilobytes, maximum kilobytes. .br .ns .TP 10 -.NOP \f\*[B-Font]mrulist\f[] [\f\*[B-Font]limited\f[] | \f\*[B-Font]kod\f[] | \f\*[B-Font]mincount\f[]=\f\*[I-Font]count\f[] | \f\*[B-Font]laddr\f[]=\f\*[I-Font]localaddr\f[] | \f\*[B-Font]sort\f[]=\f\*[I-Font]sortorder\f[] | \f\*[B-Font]resany\f[]=\f\*[I-Font]hexmask\f[] | \f\*[B-Font]resall\f[]=\f\*[I-Font]hexmask\f[]] -Obtain and print traffic counts collected and maintained by the monitor facility. +.NOP \f\*[B-Font]mreadlist\f[] \f\*[I-Font]associdlo\f[] \f\*[I-Font]associdhi\f[] +.br +.ns +.TP 10 +.NOP \f\*[B-Font]mrl\f[] \f\*[I-Font]associdlo\f[] \f\*[I-Font]associdhi\f[] +Perform the same function as the +\f\*[B-Font]readlist\f[] +command for a range of association ids. +.br +.ns +.TP 10 +.NOP \f\*[B-Font]mreadvar\f[] \f\*[I-Font]associdlo\f[] \f\*[I-Font]associdhi\f[] [\f\*[I-Font]name\f[]][,...] +This range may be determined from the list displayed by any +command showing associations. +.br +.ns +.TP 10 +.NOP \f\*[B-Font]mrv\f[] \f\*[I-Font]associdlo\f[] \f\*[I-Font]associdhi\f[] [\f\*[I-Font]name\f[]][,...] +Perform the same function as the +\f\*[B-Font]readvar\f[] +command for a range of association ids. +This range may be determined from the list displayed by any +command showing associations. +.br +.ns +.TP 10 +.NOP \f\*[B-Font]mrulist\f[] [\f\*[B-Font]limited\f[] | \f\*[B-Font]kod\f[] | \f\*[B-Font]mincount\f[]\&=\f\*[I-Font]count\f[] | \f\*[B-Font]laddr\f[]\&=\f\*[I-Font]localaddr\f[] | \f\*[B-Font]sort\f[]\&=[\&-]\f\*[I-Font]sortorder\f[] | \f\*[B-Font]resany\f[]\&=\f\*[I-Font]hexmask\f[] | \f\*[B-Font]resall\f[]\&=\f\*[I-Font]hexmask\f[]] +Display traffic counts of the most recently seen source addresses +collected and maintained by the monitor facility. With the exception of -\f\*[B-Font]sort\f[]=\f\*[I-Font]sortorder\f[], +\f\*[B-Font]sort\f[]\&=[\&-]\f\*[I-Font]sortorder\f[], the options filter the list returned by -\f\*[B-Font]ntpd.\f[] +\fCntpd\f[]\fR(8)\f[]. The \f\*[B-Font]limited\f[] and \f\*[B-Font]kod\f[] -options return only entries representing client addresses from which the last packet received triggered either discarding or a KoD response. +options return only entries representing client addresses from which the +last packet received triggered either discarding or a KoD response. The \f\*[B-Font]mincount\f[]=\f\*[I-Font]count\f[] option filters entries representing less than @@ -477,12 +593,14 @@ \f\*[I-Font]sortorder\f[] defaults to \f\*[B-Font]lstint\f[] -and may be any of +and may be \f\*[B-Font]addr\f[], +\f\*[B-Font]avgint\f[], \f\*[B-Font]count\f[], -\f\*[B-Font]avgint\f[], \f\*[B-Font]lstint\f[], -or any of those preceded by a minus sign (hyphen) to reverse the sort order. +or any of those preceded by +\[oq]\&-\[cq] +to reverse the sort order. The output columns are: .RS .TP 10 @@ -492,7 +610,8 @@ .ns .TP 10 .NOP \f\*[B-Font]lstint\f[] -Interval in s between the receipt of the most recent packet from this address and the completion of the retrieval of the MRU list by +Interval in seconds between the receipt of the most recent packet from +this address and the completion of the retrieval of the MRU list by \f\*[B-Font]ntpq\fP. .br .ns @@ -506,7 +625,8 @@ Restriction flags associated with this address. Most are copied unchanged from the matching \f\*[B-Font]restrict\f[] -command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless the last packet from this address triggered a rate control response. +command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless +the last packet from this address triggered a rate control response. .br .ns .TP 10 @@ -542,32 +662,18 @@ .ns .TP 10 .NOP \f\*[B-Font]remote\f[] \f\*[B-Font]address\f[] -DNS name, numeric address, or address followed by +host or DNS name, numeric address, or address followed by claimed DNS name which could not be verified in parentheses. .RE .br .ns .TP 10 -.NOP \f\*[B-Font]mreadvar\f[] \f\*[B-Font]assocID\f[] \f\*[B-Font]assocID\f[] [\f\*[I-Font]variable_name\f[][=\f\*[I-Font]value\f[]]] ... -.br -.ns -.TP 10 -.NOP \f\*[B-Font]mrv\f[] \f\*[B-Font]assocID\f[] \f\*[B-Font]assocID\f[] [\f\*[I-Font]variable_name\f[][=\f\*[I-Font]value\f[]]] ... -Perform the same function as the -\f\*[B-Font]readvar\f[] -command, except for a range of association IDs. -This range is determined from the association list cached by the most recent -\f\*[B-Font]associations\f[] -command. -.br -.ns -.TP 10 .NOP \f\*[B-Font]opeers\f[] [\f\*[B-Font]\-4\f[] | \f\*[B-Font]\-6\f[]] Obtain and print the old-style list of all peers and clients showing -\f\*[I-Font]dstadr\f[] -(associated with any given IP version), +\f\*[B-Font]dstadr\f[] +(associated with the given IP version), rather than the -\f\*[I-Font]refid\f[]. +\f\*[B-Font]refid\f[]. .br .ns .TP 10 @@ -599,22 +705,24 @@ .TP 10 .NOP \f\*[B-Font]remote\f[] host name (or IP number) of peer. -The value displayed will be truncated to 15 characters unless the +The value displayed will be truncated to 15 characters unless the +\f\*[B-Font]ntpq\fP \f\*[B-Font]\-w\f[] -flag is given, in which case the full value will be displayed -on the first line, -and the remaining data is displayed on the next line. +option is given, in which case the full value will be displayed +on the first line, and if too long, +the remaining data will be displayed on the next line. .br .ns .TP 10 .NOP \f\*[B-Font]refid\f[] -association ID or +source IP address or .Lk decode.html#kiss "'kiss code" .br .ns .TP 10 .NOP \f\*[B-Font]st\f[] -stratum +stratum: 0 for local reference clocks, 1 for servers with local +reference clocks, ..., 16 for unsynchronized server clocks .br .ns .TP 10 @@ -623,6 +731,8 @@ unicast or manycast client, \f\*[B-Font]b\f[]: broadcast or multicast client, +\f\*[B-Font]p\f[]: +pool source, \f\*[B-Font]l\f[]: local (reference clock), \f\*[B-Font]s\f[]: @@ -637,12 +747,15 @@ .ns .TP 10 .NOP \f\*[B-Font]when\f[] -sec/min/hr since last received packet +time in seconds, minutes, hours, or days since the last packet +was received, or +\[oq]\&-\[cq] +if a packet has never been received .br .ns .TP 10 .NOP \f\*[B-Font]poll\f[] -poll interval (log2 s) +poll interval (s) .br .ns .TP 10 @@ -662,45 +775,41 @@ .ns .TP 10 .NOP \f\*[B-Font]jitter\f[] -jitter +offset RMS error estimate. .RE .br .ns .TP 10 -.NOP \f\*[B-Font]apeers\f[] -Display a list of peers in the form: -.Dl [tally]remote refid assid st t when pool reach delay offset jitter -where the output is just like the -\f\*[B-Font]peers\f[] -command except that the -\f\*[B-Font]refid\f[] -is displayed in hex format and the association number is also displayed. +.NOP \f\*[B-Font]pstats\f[] \f\*[I-Font]associd\f[] +Display the statistics for the peer with the given +\f\*[I-Font]associd\f[]: +associd, status, remote host, local address, time last received, +time until next send, reachability change, packets sent, +packets received, bad authentication, bogus origin, duplicate, +bad dispersion, bad reference time, candidate order. .br .ns .TP 10 -.NOP \f\*[B-Font]pstats\f[] \f\*[I-Font]assocID\f[] -Show the statistics for the peer with the given -\f\*[I-Font]assocID\f[]. +.NOP \f\*[B-Font]readlist\f[] [\f\*[I-Font]associd\f[]] .br .ns .TP 10 -.NOP \f\*[B-Font]readlist\f[] \f\*[I-Font]assocID\f[] +.NOP \f\*[B-Font]rl\f[] [\f\*[I-Font]associd\f[]] +Display all system or peer variables. +If the +\f\*[I-Font]associd\f[] +is omitted, it is assumed to be zero. .br .ns .TP 10 -.NOP \f\*[B-Font]rl\f[] \f\*[I-Font]assocID\f[] -Read the system or peer variables included in the variable list. +.NOP \f\*[B-Font]readvar\f[] [\f\*[I-Font]associd\f[] \f\*[I-Font]name\f[][=\f\*[I-Font]value\f[]] [, ...]] .br .ns .TP 10 -.NOP \f\*[B-Font]readvar\f[] \f\*[I-Font]assocID\f[] \f\*[I-Font]name\f[][=\f\*[I-Font]value\f[]] [, ...] -.br -.ns -.TP 10 -.NOP \f\*[B-Font]rv\f[] \f\*[I-Font]assocID\f[] \f\*[I-Font]name\f[][=\f\*[I-Font]value\f[]] [, ...] -Display the specified variables. +.NOP \f\*[B-Font]rv\f[] [\f\*[I-Font]associd\f[] \f\*[I-Font]name\f[][=\f\*[I-Font]value\f[]] [, ...]] +Display the specified system or peer variables. If -\f\*[I-Font]assocID\f[] +\f\*[I-Font]associd\f[] is zero, the variables are from the \fISystem\f[] \fIVariables\f[] name space, otherwise they are from the @@ -707,50 +816,59 @@ \fIPeer\f[] \fIVariables\f[] name space. The -\f\*[I-Font]assocID\f[] +\f\*[I-Font]associd\f[] is required, as the same name can occur in both spaces. If no \f\*[I-Font]name\f[] is included, all operative variables in the name space are displayed. In this case only, if the -\f\*[I-Font]assocID\f[] -is omitted, it is assumed zero. +\f\*[I-Font]associd\f[] +is omitted, it is assumed to be zero. Multiple names are specified with comma separators and without whitespace. Note that time values are represented in milliseconds and frequency values in parts-per-million (PPM). Some NTP timestamps are represented in the format -YYYYMMDDTTTT , -where YYYY is the year, -MM the month of year, -DD the day of month and -TTTT the time of day. +\f\*[I-Font]YYYY\f[]\f\*[I-Font]MM\f[] \f\*[I-Font]DD\f[] \f\*[I-Font]TTTT\f[], +where +\f\*[I-Font]YYYY\f[] +is the year, +\f\*[I-Font]MM\f[] +the month of year, +\f\*[I-Font]DD\f[] +the day of month and +\f\*[I-Font]TTTT\f[] +the time of day. .br .ns .TP 10 .NOP \f\*[B-Font]reslist\f[] -Show the access control (restrict) list for +Display the access control (restrict) list for \f\*[B-Font]ntpq\fP. +Authentication is required. .br .ns .TP 10 .NOP \f\*[B-Font]saveconfig\f[] \f\*[I-Font]filename\f[] -Write the current configuration, -including any runtime modifications given with +Save the current configuration, +including any runtime modifications made by \f\*[B-Font]:config\f[] or \f\*[B-Font]config-from-file\f[], -to the ntpd host's file +to the NTP server host file \f\*[I-Font]filename\f[]. This command will be rejected by the server unless .Lk miscopt.html#saveconfigdir "saveconfigdir" appears in the -\f\*[B-Font]ntpd\f[] +\fCntpd\f[]\fR(8)\f[] configuration file. \f\*[I-Font]filename\f[] can use -\fCstrftime\f[]\fR()\f[] -format specifies to substitute the current date and time, for example, -\f\*[B-Font]q]saveconfig\f[] \f\*[B-Font]ntp-%Y%m%d-%H%M%S.confq]\f[]. +\fCdate\f[]\fR(1)\f[] +format specifiers to substitute the current date and time, for +example, +.in +4 +\f\*[B-Font]saveconfig\f[] \fIntp-%Y%m%d-%H%M%S.conf\f[]. +.in -4 The filename used is stored in system variable \f\*[B-Font]savedconfig\f[]. Authentication is required. @@ -757,20 +875,40 @@ .br .ns .TP 10 +.NOP \f\*[B-Font]sysinfo\f[] +Display system operational summary: +associd, status, system peer, system peer mode, leap indicator, +stratum, log2 precision, root delay, root dispersion, +reference id, reference time, system jitter, clock jitter, +clock wander, broadcast delay, symm. auth. delay. +.br +.ns +.TP 10 +.NOP \f\*[B-Font]sysstats\f[] +Display system uptime and packet counts maintained in the +protocol module: +uptime, sysstats reset, packets received, current version, +older version, bad length or format, authentication failed, +declined, restricted, rate limited, KoD responses, +processed for time. +.br +.ns +.TP 10 .NOP \f\*[B-Font]timerstats\f[] -Display interval timer counters. +Display interval timer counters: +time since reset, timer overruns, calls to transmit. .br .ns .TP 10 -.NOP \f\*[B-Font]writelist\f[] \f\*[I-Font]assocID\f[] -Write the system or peer variables included in the variable list. +.NOP \f\*[B-Font]writelist\f[] \f\*[I-Font]associd\f[] +Set all system or peer variables included in the variable list. .br .ns .TP 10 -.NOP \f\*[B-Font]writevar\f[] \f\*[I-Font]assocID\f[] \f\*[I-Font]name\f[]=\f\*[I-Font]value\f[] [, ...] -Write the specified variables. +.NOP \f\*[B-Font]writevar\f[] \f\*[I-Font]associd\f[] \f\*[I-Font]name\f[]=\f\*[I-Font]value\f[] [, ...] +Set the specified variables in the variable list. If the -\f\*[I-Font]assocID\f[] +\f\*[I-Font]associd\f[] is zero, the variables are from the \fISystem\f[] \fIVariables\f[] name space, otherwise they are from the @@ -777,18 +915,9 @@ \fIPeer\f[] \fIVariables\f[] name space. The -\f\*[I-Font]assocID\f[] +\f\*[I-Font]associd\f[] is required, as the same name can occur in both spaces. -.br -.ns -.TP 10 -.NOP \f\*[B-Font]sysinfo\f[] -Display operational summary. -.br -.ns -.TP 10 -.NOP \f\*[B-Font]sysstats\f[] -Print statistics counters maintained in the protocol module. +Authentication is required. .PP .SS Status Words and Kiss Codes The current state of the operating program is shown @@ -795,10 +924,10 @@ in a set of status words maintained by the system. Status information is also available on a per-association basis. -These words are displayed in the -\f\*[B-Font]rv\f[] +These words are displayed by the +\f\*[B-Font]readlist\f[] and -\f\*[B-Font]as\f[] +\f\*[B-Font]associations\f[] commands both in hexadecimal and in decoded short tip strings. The codes, tips and short explanations are documented on the .Lk decode.html "Event Messages and Status Words" @@ -817,9 +946,12 @@ in the reference identifier field in various billboards. .SS System Variables The following system variables appear in the -\f\*[B-Font]rv\f[] +\f\*[B-Font]readlist\f[] billboard. Not all variables are displayed in some configurations. +.sp \n(Ppu +.ne 2 + .TP 10 .NOP Variable Description @@ -871,49 +1003,49 @@ .br .ns .TP 10 -.NOP \f\*[B-Font]peer\f[] -system peer association ID +.NOP \f\*[B-Font]refid\f[] +reference id or +.Lk decode.html#kiss "kiss code" .br .ns .TP 10 -.NOP \f\*[B-Font]tc\f[] -time constant and poll exponent (log2 s) (3-17) +.NOP \f\*[B-Font]reftime\f[] +reference time .br .ns .TP 10 -.NOP \f\*[B-Font]mintc\f[] -minimum time constant (log2 s) (3-10) +.NOP \f\*[B-Font]clock\f[] +date and time of day .br .ns .TP 10 -.NOP \f\*[B-Font]clock\f[] -date and time of day +.NOP \f\*[B-Font]peer\f[] +system peer association id .br .ns .TP 10 -.NOP \f\*[B-Font]refid\f[] -reference ID or -.Lk decode.html#kiss "kiss code" +.NOP \f\*[B-Font]tc\f[] +time constant and poll exponent (log2 s) (3-17) .br .ns .TP 10 -.NOP \f\*[B-Font]reftime\f[] -reference time +.NOP \f\*[B-Font]mintc\f[] +minimum time constant (log2 s) (3-10) .br .ns .TP 10 .NOP \f\*[B-Font]offset\f[] -combined offset of server relative to this host +combined offset of server relative to this host .br .ns .TP 10 -.NOP \f\*[B-Font]sys_jitter\f[] -combined system jitter +.NOP \f\*[B-Font]frequency\f[] +frequency drift (PPM) relative to hardware clock .br .ns .TP 10 -.NOP \f\*[B-Font]frequency\f[] -frequency offset (PPM) relative to hardware clock +.NOP \f\*[B-Font]sys_jitter\f[] +combined system jitter .br .ns .TP 10 @@ -996,9 +1128,12 @@ .PP .SS Peer Variables The following peer variables appear in the -\f\*[B-Font]rv\f[] +\f\*[B-Font]readlist\f[] billboard for each association. Not all variables are displayed in some configurations. +.sp \n(Ppu +.ne 2 + .TP 10 .NOP Variable Description @@ -1006,7 +1141,7 @@ .ns .TP 10 .NOP \f\*[B-Font]associd\f[] -association ID +association id .br .ns .TP 10 @@ -1061,7 +1196,7 @@ .ns .TP 10 .NOP \f\*[B-Font]refid\f[] -reference ID or +reference id or .Lk decode.html#kiss "kiss code" .br .ns @@ -1071,6 +1206,11 @@ .br .ns .TP 10 +.NOP \f\*[B-Font]rec\f[] +last packet received time +.br +.ns +.TP 10 .NOP \f\*[B-Font]reach\f[] reach register (octal) .br @@ -1112,6 +1252,11 @@ .br .ns .TP 10 +.NOP \f\*[B-Font]keyid\f[] +symmetric key id +.br +.ns +.TP 10 .NOP \f\*[B-Font]offset\f[] filter offset .br @@ -1132,11 +1277,6 @@ .br .ns .TP 10 -.NOP \f\*[B-Font]ident\f[] -Autokey group name for this association -.br -.ns -.TP 10 .NOP \f\*[B-Font]bias\f[] unicast/broadcast bias .br @@ -1150,7 +1290,8 @@ \f\*[B-Font]bias\f[] variable is calculated when the first broadcast packet is received after the calibration volley. -It represents the offset of the broadcast subgraph relative to the unicast subgraph. +It represents the offset of the broadcast subgraph relative to the +unicast subgraph. The \f\*[B-Font]xleave\f[] variable appears only for the interleaved symmetric and interleaved modes. @@ -1188,7 +1329,7 @@ .ns .TP 10 .NOP \f\*[B-Font]initsequence\f[] -initial key ID +initial key id .br .ns .TP 10 @@ -1199,10 +1340,15 @@ .TP 10 .NOP \f\*[B-Font]timestamp\f[] Autokey signature timestamp +.br +.ns +.TP 10 +.NOP \f\*[B-Font]ident\f[] +Autokey group name for this association .PP .SS Clock Variables The following clock variables appear in the -\f\*[B-Font]cv\f[] +\f\*[B-Font]clocklist\f[] billboard for each association with a reference clock. Not all variables are displayed in some configurations. .TP 10 @@ -1212,7 +1358,7 @@ .ns .TP 10 .NOP \f\*[B-Font]associd\f[] -association ID +association id .br .ns .TP 10 @@ -1267,7 +1413,7 @@ .ns .TP 10 .NOP \f\*[B-Font]refid\f[] -driver reference ID +driver reference id .br .ns .TP 10 @@ -1277,19 +1423,19 @@ .SH "OPTIONS" .TP .NOP \f\*[B-Font]\-4\f[], \f\*[B-Font]\-\-ipv4\f[] -Force IPv4 DNS name resolution. +Force IPv4 name resolution. This option must not appear in combination with any of the following options: ipv6. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv4 namespace. .TP .NOP \f\*[B-Font]\-6\f[], \f\*[B-Font]\-\-ipv6\f[] -Force IPv6 DNS name resolution. +Force IPv6 name resolution. This option must not appear in combination with any of the following options: ipv4. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv6 namespace. .TP .NOP \f\*[B-Font]\-c\f[] \f\*[I-Font]cmd\f[], \f\*[B-Font]\-\-command\f[]=\f\*[I-Font]cmd\f[] @@ -1324,7 +1470,7 @@ numeric host addresses. .sp Output all host addresses in dotted-quad numeric format rather than -converting to the canonical host names. +converting to the canonical host names. .TP .NOP \f\*[B-Font]\-\-old\-rv\f[] Always output status line with readvar. --- contrib/ntp/ntpq/ntpq.mdoc.in.orig +++ contrib/ntp/ntpq/ntpq.mdoc.in @@ -1,9 +1,9 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTPQ @NTPQ_MS@ User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpq-opts.mdoc) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:31 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:28 PM by AutoGen 5.18.5 .\" From the definitions ntpq-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -18,15 +18,12 @@ [ host ...] .Pp .Sh DESCRIPTION +.Pp The .Nm -utility program is used to query NTP servers which -implement the standard NTP mode 6 control message formats defined -in Appendix B of the NTPv3 specification RFC1305, requesting +utility program is used to query NTP servers to monitor NTP operations +and performance, requesting information about current state and/or changes in that state. -The same formats are used in NTPv4, although some of the -variables have changed and new ones added. The description on this -page is for the NTPv4 variables. The program may be run either in interactive mode or controlled using command line arguments. Requests to read and write arbitrary @@ -37,6 +34,7 @@ utility can also obtain and print a list of peers in a common format by sending multiple queries to the server. +.Pp If one or more request options is included on the command line when .Nm @@ -54,6 +52,7 @@ .Nm utility will prompt for commands if the standard input is a terminal device. +.Pp .Nm uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on @@ -67,6 +66,17 @@ one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time. +.Pp +Note that in contexts where a host name is expected, a +.Fl 4 +qualifier preceding the host name forces resolution to the IPv4 +namespace, while a +.Fl 6 +qualifier forces resolution to the IPv6 namespace. +For examples and usage, see the +.Dq NTP Debugging Techniques +page. +.Pp Specifying a command line option other than .Fl i @@ -80,51 +90,46 @@ will attempt to read interactive format commands from the standard input. .Ss "Internal Commands" +.Pp Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. +.Pp A number of interactive format commands are executed entirely within the .Nm -utility itself and do not result in NTP mode 6 +utility itself and do not result in NTP requests being sent to a server. These are described following. -.Bl -tag -width "? [command_keyword]" -compact -offset indent -.It Ic ? Op Ar command_keyword -.It Ic help Op Ar command_keyword +.Bl -tag -width "help [command]" -compact -offset indent +.It Ic ? Op Ar command +.It Ic help Op Ar command A .Ql \&? -by itself will print a list of all the command -keywords known to this incarnation of +by itself will print a list of all the commands +known to .Nm . A .Ql \&? -followed by a command keyword will print function and usage +followed by a command name will print function and usage information about the command. -This command is probably a better -source of information about -.Nm -than this manual -page. -.It Ic addvars Ar variable_name Ns Xo Op Ic =value -.Ic ... -.Xc -.It Ic rmvars Ar variable_name Ic ... +.It Ic addvars Ar name Ns Oo \&= Ns Ar value Oc Ns Op ,... +.It Ic rmvars Ar name Ns Op ,... .It Ic clearvars .It Ic showvars -The data carried by NTP mode 6 messages consists of a list of +The arguments to this command consist of a list of items of the form -.Ql variable_name=value , +.Ar name Ns Op \&= Ns Ar value , where the -.Ql =value +.No \&= Ns Ar value is ignored, and can be omitted, in requests to the server to read variables. The .Nm -utility maintains an internal list in which data to be included in control -messages can be assembled, and sent using the +utility maintains an internal list in which data to be included in +messages can be assembled, and displayed or set using the .Ic readlist and .Ic writelist @@ -139,35 +144,31 @@ .Ic rmvars command can be used to remove individual variables from the list, while the -.Ic clearlist +.Ic clearvars command removes all variables from the list. The .Ic showvars command displays the current list of optional variables. -.It Ic authenticate Op yes | no +.It Ic authenticate Op Cm yes Ns | Ns Cm no Normally .Nm does not authenticate requests unless they are write requests. The command -.Ql authenticate yes +.Ic authenticate Cm yes causes .Nm to send authentication with all requests it makes. Authenticated requests causes some servers to handle -requests slightly differently, and can occasionally melt the CPU in -fuzzballs if you turn authentication on before doing a -.Ic peer -display. +requests slightly differently. The command -.Ql authenticate +.Ic authenticate causes .Nm to display whether or not -.Nm -is currently autheinticating requests. +it is currently authenticating requests. .It Ic cooked Causes output from query commands to be "cooked", so that variables which are recognized by @@ -176,20 +177,13 @@ values reformatted for human consumption. Variables which .Nm -thinks should have a decodable value but didn't are +could not decode completely are marked with a trailing .Ql \&? . -.It Xo -.Ic debug -.Oo -.Cm more | -.Cm less | -.Cm off -.Oc -.Xc +.It Ic debug Op Cm more Ns | Ns Cm less Ns | Ns Cm off With no argument, displays the current debug level. -Otherwise, the debug level is changed to the indicated level. -.It Ic delay Ar milliseconds +Otherwise, the debugging level is changed as indicated. +.It Ic delay Op Ar milliseconds Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable @@ -198,14 +192,21 @@ Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete. +Without any arguments, displays the current delay. +.It Ic drefid Op Cm hash Ns | Ns Cm ipv4 +Display refids as IPv4 or hash. +Without any arguments, displays whether refids are shown as IPv4 +addresses or hashes. .It Ic exit Exit .Nm . -.It Ic host Ar hostname +.It Ic host Op Ar name Set the host to which future queries will be sent. -.Ar hostname +The +.Ar name may be either a host name or a numeric address. -.It Ic hostnames Op Cm yes | Cm no +Without any arguments, displays the current host. +.It Ic hostnames Op Cm yes Ns | Ns Cm no If .Cm yes is specified, host names are printed in @@ -220,7 +221,9 @@ modified using the command line .Fl n switch. -.It Ic keyid Ar keyid +Without any arguments, displays whether host names or numeric addresses +are shown. +.It Ic keyid Op Ar keyid This command allows the specification of a key number to be used to authenticate configuration requests. This must correspond @@ -228,28 +231,20 @@ .Cm controlkey key number the server has been configured to use for this purpose. -.It Ic keytype Xo Oo -.Cm md5 | -.Cm OpenSSLDigestType -.Oc -.Xc -Specify the type of key to use for authenticating requests. -.Cm md5 -is alway supported. +Without any arguments, displays the current +.Ar keyid . +.It Ic keytype Op Ar digest +Specify the digest algorithm to use for authenticating requests, with default +.Cm MD5 . If .Nm -was built with OpenSSL support, -any digest type supported by OpenSSL can also be provided. +was built with OpenSSL support, and OpenSSL is installed, +.Ar digest +can be any message digest algorithm supported by OpenSSL. If no argument is given, the current -.Ic keytype -is displayed. -.It Ic ntpversion Xo Oo -.Cm 1 | -.Cm 2 | -.Cm 3 | -.Cm 4 -.Oc -.Xc +.Ic keytype Ar digest +algorithm used is displayed. +.It Ic ntpversion Op Cm 1 Ns | Ns Cm 2 Ns | Ns Cm 3 Ns | Ns Cm 4 Sets the NTP version number which .Nm claims in @@ -267,13 +262,11 @@ The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful. -.\" Not yet implemented. -.\" .It Ic poll -.\" .Op Ar n -.\" .Op Ic verbose -.\" Poll an NTP server in client mode -.\" .Ar n -.\" times. +.It Ic poll Oo Ar n Oc Op Cm verbose +Poll an NTP server in client mode +.Ar n +times. +Poll not implemented yet. .It Ic quit Exit .Nm . @@ -283,95 +276,150 @@ The only formating/interpretation done on the data is to transform nonascii data into a printable (but barely understandable) form. -.It Ic timeout Ar milliseconds +.It Ic timeout Op Ar milliseconds Specify a timeout period for responses to server queries. The default is about 5000 milliseconds. +Without any arguments, displays the current timeout period. Note that since .Nm retries each query once after a timeout, the total waiting time for a timeout will be twice the timeout value set. .It Ic version -Print the version of the +Display the version of the .Nm program. .El .Ss "Control Message Commands" -Association IDs are used to identify system, peer and clock variables. -System variables are assigned an association ID of zero and system name space, while each association is assigned a nonzero association ID and peer namespace. -Most control commands send a single mode\-6 message to the server and expect a single response message. +Association ids are used to identify system, peer and clock variables. +System variables are assigned an association id of zero and system name +space, while each association is assigned a nonzero association id and +peer namespace. +Most control commands send a single message to the server and expect a +single response message. The exceptions are the -.Li peers +.Ic peers command, which sends a series of messages, and the -.Li mreadlist +.Ic mreadlist and -.Li mreadvar +.Ic mreadvar commands, which iterate over a range of associations. .Bl -tag -width "something" -compact -offset indent -.It Cm associations +.It Ic apeers +Display a list of peers in the form: +.Dl [tally]remote refid assid st t when pool reach delay offset jitter +where the output is just like the +.Ic peers +command except that the +.Cm refid +is displayed in hex format and the association number is also displayed. +.It Ic associations Display a list of mobilized associations in the form: .Dl ind assid status conf reach auth condition last_event cnt -.Bl -column -offset indent ".Sy Variable" ".Sy Description" -.It Sy String Ta Sy Description -.It Li ind Ta index on this list -.It Li assid Ta association ID -.It Li status Ta peer status word -.It Li conf Ta Li yes : persistent, Li no : ephemeral -.It Li reach Ta Li yes : reachable, Li no : unreachable -.It Li auth Ta Li ok , Li yes , Li bad and Li none -.It Li condition Ta selection status (see the Li select field of the peer status word) -.It Li last_event Ta event report (see the Li event field of the peer status word) -.It Li cnt Ta event count (see the Li count field of the peer status word) +.Bl -column -offset indent ".Sy Variable" "see the select field of the peer status word" +.It Sy Variable Ta Sy Description +.It Cm ind Ta index on this list +.It Cm assid Ta association id +.It Cm status Ta peer status word +.It Cm conf Ta Cm yes : No persistent, Cm no : No ephemeral +.It Cm reach Ta Cm yes : No reachable, Cm no : No unreachable +.It Cm auth Ta Cm ok , Cm yes , Cm bad No and Cm none +.It Cm condition Ta selection status \&(see the Cm select No field of the peer status word\&) +.It Cm last_event Ta event report \&(see the Cm event No field of the peer status word\&) +.It Cm cnt Ta event count \&(see the Cm count No field of the peer status word\&) .El -.It Cm authinfo -Display the authentication statistics. -.It Cm clockvar Ar assocID Oo Ar name Ns Oo Cm = Ns Ar value Oc Oc Op ... -.It Cm cv Ar assocID Oo Ar name Ns Oo Cm = Ns Ar value Oc Oc Op ... -Display a list of clock variables for those associations supporting a reference clock. -.It Cm :config Op ... -Send the remainder of the command line, including whitespace, to the server as a run\-time configuration command in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is of course required. -.It Cm config\-from\-file Ar filename -Send the each line of +.It Ic authinfo +Display the authentication statistics counters: +time since reset, stored keys, free keys, key lookups, keys not found, +uncached keys, expired keys, encryptions, decryptions. +.It Ic clocklist Op Ar associd +.It Ic cl Op Ar associd +Display all clock variables in the variable list for those associations +supporting a reference clock. +.It Ic clockvar Oo Ar associd Oc Oo Ar name Ns Oo \&= Ns Ar value Oc Ns Oc Ns Op ,... +.It Ic cv Oo Ar associd Oc Oo Ar name Ns Oo \&= Ns Ar value Oc Ns Oc Ns Op ,... +Display a list of clock variables for those associations supporting a +reference clock. +.It Ic :config Ar "configuration command line" +Send the remainder of the command line, including whitespace, to the +server as a run\-time configuration command in the same format as a line +in the configuration file. +This command is experimental until further notice and clarification. +Authentication is of course required. +.It Ic config\-from\-file Ar filename +Send each line of .Ar filename -to the server as run\-time configuration commands in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is required. +to the server as run\-time configuration commands in the same format as +lines in the configuration file. +This command is experimental until further notice and clarification. +Authentication is required. .It Ic ifstats -Display statistics for each local network address. Authentication is required. +Display status and statistics counters for each local network interface address: +interface number, interface name and address or broadcast, drop, flag, +ttl, mc, received, sent, send failed, peers, uptime. +Authentication is required. .It Ic iostats -Display network and reference clock I/O statistics. +Display network and reference clock I/O statistics: +time since reset, receive buffers, free receive buffers, used receive buffers, +low water refills, dropped packets, ignored packets, received packets, +packets sent, packet send failures, input wakeups, useful input wakeups. .It Ic kerninfo -Display kernel loop and PPS statistics. As with other ntpq output, times are in milliseconds. The precision value displayed is in milliseconds as well, unlike the precision system variable. +Display kernel loop and PPS statistics: +associd, status, pll offset, pll frequency, maximum error, +estimated error, kernel status, pll time constant, precision, +frequency tolerance, pps frequency, pps stability, pps jitter, +calibration interval, calibration cycles, jitter exceeded, +stability exceeded, calibration errors. +As with other ntpq output, times are in milliseconds; very small values +may be shown as exponentials. +The precision value displayed is in milliseconds as well, unlike the +precision system variable. .It Ic lassociations -Perform the same function as the associations command, except display mobilized and unmobilized associations. -.It Ic lopeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc +Perform the same function as the associations command, except display +mobilized and unmobilized associations, including all clients. +.It Ic lopeers Op Fl 4 Ns | Ns Fl 6 +Display a list of all peers and clients showing +.Cm dstadr +(associated with the given IP version). +.It Ic lpassociations +Display the last obtained list of associations, including all clients. +.It Ic lpeers Op Fl 4 Ns | Ns Fl 6 +Display a list of all peers and clients (associated with the given IP version). +.It Ic monstats +Display monitor facility status, statistics, and limits: +enabled, addresses, peak addresses, maximum addresses, +reclaim above count, reclaim older than, kilobytes, maximum kilobytes. +.It Ic mreadlist Ar associdlo Ar associdhi +.It Ic mrl Ar associdlo Ar associdhi +Perform the same function as the +.Ic readlist +command for a range of association ids. +.It Ic mreadvar Ar associdlo Ar associdhi Oo Ar name Oc Ns Op ,... +This range may be determined from the list displayed by any +command showing associations. +.It Ic mrv Ar associdlo Ar associdhi Oo Ar name Oc Ns Op ,... +Perform the same function as the +.Ic readvar +command for a range of association ids. +This range may be determined from the list displayed by any +command showing associations. +.It Xo Ic mrulist Oo Cm limited | Cm kod | Cm mincount Ns \&= Ns Ar count | +.Cm laddr Ns \&= Ns Ar localaddr | Cm sort Ns \&= Ns Oo \&\- Oc Ns Ar sortorder | +.Cm resany Ns \&= Ns Ar hexmask | Cm resall Ns \&= Ns Ar hexmask Oc .Xc -Obtain and print a list of all peers and clients showing -.Ar dstadr -(associated with any given IP version). -.It Ic lpeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc -.Xc -Print a peer spreadsheet for the appropriate IP version(s). -.Ar dstadr -(associated with any given IP version). -.It Ic monstats -Display monitor facility statistics. -.It Ic mrulist Oo Ic limited | Ic kod | Ic mincount Ns = Ns Ar count | Ic laddr Ns = Ns Ar localaddr | Ic sort Ns = Ns Ar sortorder | Ic resany Ns = Ns Ar hexmask | Ic resall Ns = Ns Ar hexmask Oc -Obtain and print traffic counts collected and maintained by the monitor facility. +Display traffic counts of the most recently seen source addresses +collected and maintained by the monitor facility. With the exception of -.Cm sort Ns = Ns Ar sortorder , +.Cm sort Ns \&= Ns Oo \&\- Oc Ns Ar sortorder , the options filter the list returned by -.Cm ntpd. +.Xr ntpd 8 . The .Cm limited and .Cm kod -options return only entries representing client addresses from which the last packet received triggered either discarding or a KoD response. +options return only entries representing client addresses from which the +last packet received triggered either discarding or a KoD response. The .Cm mincount Ns = Ns Ar count option filters entries representing less than @@ -392,18 +440,21 @@ .Ar sortorder defaults to .Cm lstint -and may be any of +and may be .Cm addr , +.Cm avgint , .Cm count , -.Cm avgint , .Cm lstint , -or any of those preceded by a minus sign (hyphen) to reverse the sort order. +or any of those preceded by +.Ql \&\- +to reverse the sort order. The output columns are: .Bl -tag -width "something" -compact -offset indent .It Column Description .It Ic lstint -Interval in s between the receipt of the most recent packet from this address and the completion of the retrieval of the MRU list by +Interval in seconds between the receipt of the most recent packet from +this address and the completion of the retrieval of the MRU list by .Nm . .It Ic avgint Average interval in s between packets from this address. @@ -411,7 +462,8 @@ Restriction flags associated with this address. Most are copied unchanged from the matching .Ic restrict -command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless the last packet from this address triggered a rate control response. +command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless +the last packet from this address triggered a rate control response. .It Ic r Rate control indicator, either a period, @@ -429,27 +481,15 @@ .It Ic rport Source port of last packet from this address. .It Ic remote address -DNS name, numeric address, or address followed by +host or DNS name, numeric address, or address followed by claimed DNS name which could not be verified in parentheses. .El -.It Ic mreadvar assocID assocID Oo Ar variable_name Ns Oo = Ns Ar value Oc Oc ... -.It Ic mrv assocID assocID Oo Ar variable_name Ns Oo = Ns Ar value Oc Oc ... -Perform the same function as the -.Ic readvar -command, except for a range of association IDs. -This range is determined from the association list cached by the most recent -.Ic associations -command. -.It Ic opeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc -.Xc +.It Ic opeers Op Fl 4 | Fl 6 Obtain and print the old\-style list of all peers and clients showing -.Ar dstadr -(associated with any given IP version), +.Cm dstadr +(associated with the given IP version), rather than the -.Ar refid . +.Cm refid . .It Ic passociations Perform the same function as the .Ic associations @@ -461,28 +501,32 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic [tally] +.It Cm [tally] single\-character code indicating current value of the .Ic select field of the .Lk decode.html#peer "peer status word" -.It Ic remote +.It Cm remote host name (or IP number) of peer. -The value displayed will be truncated to 15 characters unless the +The value displayed will be truncated to 15 characters unless the +.Nm .Fl w -flag is given, in which case the full value will be displayed -on the first line, -and the remaining data is displayed on the next line. -.It Ic refid -association ID or +option is given, in which case the full value will be displayed +on the first line, and if too long, +the remaining data will be displayed on the next line. +.It Cm refid +source IP address or .Lk decode.html#kiss "'kiss code" -.It Ic st -stratum -.It Ic t +.It Cm st +stratum: 0 for local reference clocks, 1 for servers with local +reference clocks, ..., 16 for unsynchronized server clocks +.It Cm t .Ic u : unicast or manycast client, .Ic b : broadcast or multicast client, +.Ic p : +pool source, .Ic l : local (reference clock), .Ic s : @@ -493,38 +537,40 @@ broadcast server, .Ic M : multicast server -.It Ic when -sec/min/hr since last received packet -.It Ic poll -poll interval (log2 s) -.It Ic reach +.It Cm when +time in seconds, minutes, hours, or days since the last packet +was received, or +.Ql \&\- +if a packet has never been received +.It Cm poll +poll interval (s) +.It Cm reach reach shift register (octal) -.It Ic delay +.It Cm delay roundtrip delay -.It Ic offset +.It Cm offset offset of server relative to this host -.It Ic jitter -jitter +.It Cm jitter +offset RMS error estimate. .El -.It Ic apeers -Display a list of peers in the form: -.Dl [tally]remote refid assid st t when pool reach delay offset jitter -where the output is just like the -.Ic peers -command except that the -.Ic refid -is displayed in hex format and the association number is also displayed. -.It Ic pstats Ar assocID -Show the statistics for the peer with the given -.Ar assocID . -.It Ic readlist Ar assocID -.It Ic rl Ar assocID -Read the system or peer variables included in the variable list. -.It Ic readvar Ar assocID Ar name Ns Oo Ns = Ns Ar value Oc Oo , ... Oc -.It Ic rv Ar assocID Ar name Ns Oo Ns = Ns Ar value Oc Oo , ... Oc -Display the specified variables. +.It Ic pstats Ar associd +Display the statistics for the peer with the given +.Ar associd : +associd, status, remote host, local address, time last received, +time until next send, reachability change, packets sent, +packets received, bad authentication, bogus origin, duplicate, +bad dispersion, bad reference time, candidate order. +.It Ic readlist Op Ar associd +.It Ic rl Op Ar associd +Display all system or peer variables. +If the +.Ar associd +is omitted, it is assumed to be zero. +.It Ic readvar Op Ar associd Ar name Ns Oo Ns = Ns Ar value Oc Op , ... +.It Ic rv Op Ar associd Ar name Ns Oo Ns = Ns Ar value Oc Op , ... +Display the specified system or peer variables. If -.Ar assocID +.Ar associd is zero, the variables are from the .Sx System Variables name space, otherwise they are from the @@ -531,55 +577,76 @@ .Sx Peer Variables name space. The -.Ar assocID +.Ar associd is required, as the same name can occur in both spaces. If no .Ar name is included, all operative variables in the name space are displayed. In this case only, if the -.Ar assocID -is omitted, it is assumed zero. +.Ar associd +is omitted, it is assumed to be zero. Multiple names are specified with comma separators and without whitespace. Note that time values are represented in milliseconds and frequency values in parts\-per\-million (PPM). Some NTP timestamps are represented in the format -YYYYMMDDTTTT , -where YYYY is the year, -MM the month of year, -DD the day of month and -TTTT the time of day. +.Ar YYYY Ns Ar MM Ar DD Ar TTTT , +where +.Ar YYYY +is the year, +.Ar MM +the month of year, +.Ar DD +the day of month and +.Ar TTTT +the time of day. .It Ic reslist -Show the access control (restrict) list for +Display the access control (restrict) list for .Nm . +Authentication is required. .It Ic saveconfig Ar filename -Write the current configuration, -including any runtime modifications given with +Save the current configuration, +including any runtime modifications made by .Ic :config or .Ic config\-from\-file , -to the ntpd host's file +to the NTP server host file .Ar filename . This command will be rejected by the server unless .Lk miscopt.html#saveconfigdir "saveconfigdir" appears in the -.Ic ntpd +.Xr ntpd 8 configuration file. .Ar filename can use -.Xr strftime -format specifies to substitute the current date and time, for example, -.Ic q]saveconfig ntp\-%Y%m%d\-%H%M%S.confq] . +.Xr date 1 +format specifiers to substitute the current date and time, for +example, +.D1 Ic saveconfig Pa ntp\-%Y%m%d\-%H%M%S.conf . The filename used is stored in system variable -.Ic savedconfig . +.Cm savedconfig . Authentication is required. +.It Ic sysinfo +Display system operational summary: +associd, status, system peer, system peer mode, leap indicator, +stratum, log2 precision, root delay, root dispersion, +reference id, reference time, system jitter, clock jitter, +clock wander, broadcast delay, symm. auth. delay. +.It Ic sysstats +Display system uptime and packet counts maintained in the +protocol module: +uptime, sysstats reset, packets received, current version, +older version, bad length or format, authentication failed, +declined, restricted, rate limited, KoD responses, +processed for time. .It Ic timerstats -Display interval timer counters. -.It Ic writelist Ar assocID -Write the system or peer variables included in the variable list. -.It Ic writevar Ar assocID Ar name Ns = Ns Ar value Op , ... -Write the specified variables. +Display interval timer counters: +time since reset, timer overruns, calls to transmit. +.It Ic writelist Ar associd +Set all system or peer variables included in the variable list. +.It Ic writevar Ar associd Ar name Ns = Ns Ar value Op , ... +Set the specified variables in the variable list. If the -.Ar assocID +.Ar associd is zero, the variables are from the .Sx System Variables name space, otherwise they are from the @@ -586,12 +653,9 @@ .Sx Peer Variables name space. The -.Ar assocID +.Ar associd is required, as the same name can occur in both spaces. -.It Ic sysinfo -Display operational summary. -.It Ic sysstats -Print statistics counters maintained in the protocol module. +Authentication is required. .El .Ss Status Words and Kiss Codes The current state of the operating program is shown @@ -598,10 +662,10 @@ in a set of status words maintained by the system. Status information is also available on a per\-association basis. -These words are displayed in the -.Ic rv +These words are displayed by the +.Ic readlist and -.Ic as +.Ic associations commands both in hexadecimal and in decoded short tip strings. The codes, tips and short explanations are documented on the .Lk decode.html "Event Messages and Status Words" @@ -618,58 +682,59 @@ in the reference identifier field in various billboards. .Ss System Variables The following system variables appear in the -.Ic rv +.Ic readlist billboard. Not all variables are displayed in some configurations. +.Pp .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic status +.It Cm status .Lk decode.html#sys "system status word" -.It Ic version +.It Cm version NTP software version and build time -.It Ic processor +.It Cm processor hardware platform and version -.It Ic system +.It Cm system operating system and version -.It Ic leap +.It Cm leap leap warning indicator (0\-3) -.It Ic stratum +.It Cm stratum stratum (1\-15) -.It Ic precision +.It Cm precision precision (log2 s) -.It Ic rootdelay +.It Cm rootdelay total roundtrip delay to the primary reference clock -.It Ic rootdisp +.It Cm rootdisp total dispersion to the primary reference clock -.It Ic peer -system peer association ID -.It Ic tc +.It Cm refid +reference id or +.Lk decode.html#kiss "kiss code" +.It Cm reftime +reference time +.It Ic clock +date and time of day +.It Cm peer +system peer association id +.It Cm tc time constant and poll exponent (log2 s) (3\-17) -.It Ic mintc +.It Cm mintc minimum time constant (log2 s) (3\-10) -.It Ic clock -date and time of day -.It Ic refid -reference ID or -.Lk decode.html#kiss "kiss code" -.It Ic reftime -reference time -.It Ic offset -combined offset of server relative to this host -.It Ic sys_jitter +.It Cm offset +combined offset of server relative to this host +.It Cm frequency +frequency drift (PPM) relative to hardware clock +.It Cm sys_jitter combined system jitter -.It Ic frequency -frequency offset (PPM) relative to hardware clock -.It Ic clk_wander +.It Cm clk_wander clock frequency wander (PPM) -.It Ic clk_jitter +.It Cm clk_jitter clock jitter -.It Ic tai +.It Cm tai TAI\-UTC offset (s) -.It Ic leapsec +.It Cm leapsec NTP seconds when the next leap second is/was inserted -.It Ic expire +.It Cm expire NTP seconds when the NIST leapseconds file expires .El The jitter and wander statistics are exponentially\-weighted RMS averages. @@ -683,98 +748,102 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic host +.It Cm host Autokey host name for this host -.It Ic ident +.It Cm ident Autokey group name for this host -.It Ic flags +.It Cm flags host flags (see Autokey specification) -.It Ic digest +.It Cm digest OpenSSL message digest algorithm -.It Ic signature +.It Cm signature OpenSSL digest/signature scheme -.It Ic update +.It Cm update NTP seconds at last signature update -.It Ic cert +.It Cm cert certificate subject, issuer and certificate flags -.It Ic until +.It Cm until NTP seconds when the certificate expires .El .Ss Peer Variables The following peer variables appear in the -.Ic rv +.Ic readlist billboard for each association. Not all variables are displayed in some configurations. +.Pp .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic associd -association ID -.It Ic status +.It Cm associd +association id +.It Cm status .Lk decode.html#peer "peer status word" -.It Ic srcadr +.It Cm srcadr source (remote) IP address -.It Ic srcport +.It Cm srcport source (remote) port -.It Ic dstadr +.It Cm dstadr destination (local) IP address -.It Ic dstport +.It Cm dstport destination (local) port -.It Ic leap +.It Cm leap leap indicator (0\-3) -.It Ic stratum +.It Cm stratum stratum (0\-15) -.It Ic precision +.It Cm precision precision (log2 s) -.It Ic rootdelay +.It Cm rootdelay total roundtrip delay to the primary reference clock -.It Ic rootdisp +.It Cm rootdisp total root dispersion to the primary reference clock -.It Ic refid -reference ID or +.It Cm refid +reference id or .Lk decode.html#kiss "kiss code" -.It Ic reftime +.It Cm reftime reference time -.It Ic reach +.It Cm rec +last packet received time +.It Cm reach reach register (octal) -.It Ic unreach +.It Cm unreach unreach counter -.It Ic hmode +.It Cm hmode host mode (1\-6) -.It Ic pmode +.It Cm pmode peer mode (1\-5) -.It Ic hpoll +.It Cm hpoll host poll exponent (log2 s) (3\-17) -.It Ic ppoll +.It Cm ppoll peer poll exponent (log2 s) (3\-17) -.It Ic headway +.It Cm headway headway (see .Lk rate.html "Rate Management and the Kiss\-o'\-Death Packet" ) -.It Ic flash +.It Cm flash .Lk decode.html#flash "flash status word" -.It Ic offset +.It Cm keyid +symmetric key id +.It Cm offset filter offset -.It Ic delay +.It Cm delay filter delay -.It Ic dispersion +.It Cm dispersion filter dispersion -.It Ic jitter +.It Cm jitter filter jitter -.It Ic ident -Autokey group name for this association -.It Ic bias +.It Cm bias unicast/broadcast bias -.It Ic xleave +.It Cm xleave interleave delay (see .Lk xleave.html "NTP Interleaved Modes" ) .El The -.Ic bias +.Cm bias variable is calculated when the first broadcast packet is received after the calibration volley. -It represents the offset of the broadcast subgraph relative to the unicast subgraph. +It represents the offset of the broadcast subgraph relative to the +unicast subgraph. The -.Ic xleave +.Cm xleave variable appears only for the interleaved symmetric and interleaved modes. It represents the internal queuing, buffering and transmission delays for the preceding packet. @@ -784,71 +853,73 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic flags +.It Cm flags peer flags (see Autokey specification) -.It Ic host +.It Cm host Autokey server name -.It Ic flags +.It Cm flags peer flags (see Autokey specification) -.It Ic signature +.It Cm signature OpenSSL digest/signature scheme -.It Ic initsequence -initial key ID -.It Ic initkey +.It Cm initsequence +initial key id +.It Cm initkey initial key index -.It Ic timestamp +.It Cm timestamp Autokey signature timestamp +.It Cm ident +Autokey group name for this association .El .Ss Clock Variables The following clock variables appear in the -.Ic cv +.Ic clocklist billboard for each association with a reference clock. Not all variables are displayed in some configurations. .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic associd -association ID -.It Ic status +.It Cm associd +association id +.It Cm status .Lk decode.html#clock "clock status word" -.It Ic device +.It Cm device device description -.It Ic timecode +.It Cm timecode ASCII time code string (specific to device) -.It Ic poll +.It Cm poll poll messages sent -.It Ic noreply +.It Cm noreply no reply -.It Ic badformat +.It Cm badformat bad format -.It Ic baddata +.It Cm baddata bad date or time -.It Ic fudgetime1 +.It Cm fudgetime1 fudge time 1 -.It Ic fudgetime2 +.It Cm fudgetime2 fudge time 2 -.It Ic stratum +.It Cm stratum driver stratum -.It Ic refid -driver reference ID -.It Ic flags +.It Cm refid +driver reference id +.It Cm flags driver flags .El .Sh "OPTIONS" .Bl -tag .It Fl 4 , Fl \-ipv4 -Force IPv4 DNS name resolution. +Force IPv4 name resolution. This option must not appear in combination with any of the following options: ipv6. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv4 namespace. .It Fl 6 , Fl \-ipv6 -Force IPv6 DNS name resolution. +Force IPv6 name resolution. This option must not appear in combination with any of the following options: ipv4. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv6 namespace. .It Fl c Ar cmd , Fl \-command Ns = Ns Ar cmd run a command and exit. @@ -878,7 +949,7 @@ numeric host addresses. .sp Output all host addresses in dotted\-quad numeric format rather than -converting to the canonical host names. +converting to the canonical host names. .It Fl \-old\-rv Always output status line with readvar. .sp --- contrib/ntp/ntpq/ntpq.texi.orig +++ contrib/ntp/ntpq/ntpq.texi @@ -168,7 +168,7 @@ with default @code{MD5}. If the OpenSSL library is installed, digest can be be any message digest algorithm supported by the library. -The current selections are: @code{MD2}, @code{MD4}, @code{MD5}, @code{MDC2}, @code{RIPEMD160}, @code{SHA} and @code{SHA1}. +The current selections are: @code{AES128CMAC}, @code{MD2}, @code{MD4}, @code{MD5}, @code{MDC2}, @code{RIPEMD160}, @code{SHA} and @code{SHA1}. @item @anchor{ntpversion} @code{ntpversion 1 | 2 | 3 | 4} Sets the NTP version number which @code{ntpq} claims in packets. --- contrib/ntp/ntpsnmpd/Makefile.in.orig +++ contrib/ntp/ntpsnmpd/Makefile.in @@ -106,6 +106,7 @@ $(top_srcdir)/sntp/m4/ltsugar.m4 \ $(top_srcdir)/sntp/m4/ltversion.m4 \ $(top_srcdir)/sntp/m4/lt~obsolete.m4 \ + $(top_srcdir)/sntp/m4/ntp_af_unspec.m4 \ $(top_srcdir)/sntp/m4/ntp_cacheversion.m4 \ $(top_srcdir)/sntp/m4/ntp_compiler.m4 \ $(top_srcdir)/sntp/m4/ntp_crosscompile.m4 \ @@ -1198,7 +1199,6 @@ # check-libntp: ../libntp/libntp.a - @echo stamp > $@ ../libntp/libntp.a: cd ../libntp && $(MAKE) $(AM_MAKEFLAGS) libntp.a --- contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi.orig +++ contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-ntpsnmpd.texi) # -# It has been AutoGen-ed March 21, 2017 at 10:45:40 AM by AutoGen 5.18.5 +# It has been AutoGen-ed February 27, 2018 at 05:15:36 PM by AutoGen 5.18.5 # From the definitions ntpsnmpd-opts.def # and the template file agtexi-cmd.tpl @end ignore --- contrib/ntp/ntpsnmpd/netsnmp_daemonize.c.orig +++ contrib/ntp/ntpsnmpd/netsnmp_daemonize.c @@ -194,7 +194,7 @@ int i = 0; int saved_errno; - DEBUGMSGT(("daemonize","deamonizing...\n")); + DEBUGMSGT(("daemonize","daemonizing...\n")); #ifdef HAVE_WORKING_FORK /* * Fork to return control to the invoking process and to --- contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c.orig +++ contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpsnmpd-opts.c) * - * It has been AutoGen-ed March 21, 2017 at 10:45:37 AM by AutoGen 5.18.5 + * It has been AutoGen-ed February 27, 2018 at 05:15:31 PM by AutoGen 5.18.5 * From the definitions ntpsnmpd-opts.def * and the template file options * @@ -61,7 +61,7 @@ * static const strings for ntpsnmpd options */ static char const ntpsnmpd_opt_strs[1613] = -/* 0 */ "ntpsnmpd 4.2.8p10\n" +/* 0 */ "ntpsnmpd 4.2.8p11\n" "Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" "redistribution under the terms of the NTP License, copies of which\n" @@ -101,7 +101,7 @@ /* 1415 */ "no-load-opts\0" /* 1428 */ "no\0" /* 1431 */ "NTPSNMPD\0" -/* 1440 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p10\n" +/* 1440 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p11\n" "Usage: %s [ - [] | --[{=| }] ]...\n\0" /* 1544 */ "$HOME\0" /* 1550 */ ".\0" @@ -108,7 +108,7 @@ /* 1552 */ ".ntprc\0" /* 1559 */ "http://bugs.ntp.org, bugs@ntp.org\0" /* 1593 */ "\n\0" -/* 1595 */ "ntpsnmpd 4.2.8p10"; +/* 1595 */ "ntpsnmpd 4.2.8p11"; /** * nofork option description: @@ -554,7 +554,7 @@ translate option names. */ /* referenced via ntpsnmpdOptions.pzCopyright */ - puts(_("ntpsnmpd 4.2.8p10\n\ + puts(_("ntpsnmpd 4.2.8p11\n\ Copyright (C) 1992-2017 The University of Delaware and Network Time Foundation, all rights reserved.\n\ This is free software. It is licensed for use, modification and\n\ redistribution under the terms of the NTP License, copies of which\n\ @@ -599,7 +599,7 @@ puts(_("load options from a config file")); /* referenced via ntpsnmpdOptions.pzUsageTitle */ - puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p10\n\ + puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p11\n\ Usage: %s [ - [] | --[{=| }] ]...\n")); /* referenced via ntpsnmpdOptions.pzExplain */ @@ -606,7 +606,7 @@ puts(_("\n")); /* referenced via ntpsnmpdOptions.pzFullVersion */ - puts(_("ntpsnmpd 4.2.8p10")); + puts(_("ntpsnmpd 4.2.8p11")); /* referenced via ntpsnmpdOptions.pzFullUsage */ puts(_("<<>>")); --- contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h.orig +++ contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpsnmpd-opts.h) * - * It has been AutoGen-ed March 21, 2017 at 10:45:36 AM by AutoGen 5.18.5 + * It has been AutoGen-ed February 27, 2018 at 05:15:31 PM by AutoGen 5.18.5 * From the definitions ntpsnmpd-opts.def * and the template file options * @@ -76,9 +76,9 @@ /** count of all options for ntpsnmpd */ #define OPTION_CT 8 /** ntpsnmpd version */ -#define NTPSNMPD_VERSION "4.2.8p10" +#define NTPSNMPD_VERSION "4.2.8p11" /** Full ntpsnmpd version text */ -#define NTPSNMPD_FULL_VERSION "ntpsnmpd 4.2.8p10" +#define NTPSNMPD_FULL_VERSION "ntpsnmpd 4.2.8p11" /** * Interface defines for all options. Replace "n" with the UPPER_CASED --- contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman.orig +++ contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntpsnmpd 1ntpsnmpdman "21 Mar 2017" "4.2.8p10" "User Commands" +.TH ntpsnmpd 1ntpsnmpdman "27 Feb 2018" "4.2.8p11" "User Commands" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-yhaGex/ag-6haacx) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-_Ia4FU/ag-lJaWEU) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:40 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:33 PM by AutoGen 5.18.5 .\" From the definitions ntpsnmpd-opts.def .\" and the template file agman-cmd.tpl .SH NAME --- contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc.orig +++ contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc @@ -1,9 +1,9 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTPSNMPD 1ntpsnmpdmdoc User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpsnmpd-opts.mdoc) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:40 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:39 PM by AutoGen 5.18.5 .\" From the definitions ntpsnmpd-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME --- contrib/ntp/ntpsnmpd/ntpsnmpd.html.orig +++ contrib/ntp/ntpsnmpd/ntpsnmpd.html @@ -42,7 +42,7 @@

      The ntpsnmpd utility program is used to monitor NTP daemon ntpd operations and determine performance. It uses the standard NTP mode 6 control -

      This document applies to version 4.2.8p10 of ntpsnmpd. +

      This document applies to version 4.2.8p11 of ntpsnmpd.

      scheme is one of -RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160, +RSA-MD2, RSA-MD5, RSA-MDC2, RSA-SHA, RSA-SHA1, RSA-RIPEMD160, DSA-SHA, or DSA-SHA1. -

      Select the certificate message digest/signature encryption scheme. +

      Select the certificate signature encryption/message digest scheme. Note that RSA schemes must be used with a RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is RSA-MD5. @@ -1202,9 +1362,9 @@

      Select the cipher which is used to encrypt the files containing private keys. The default is three-key triple DES in CBC mode, -equivalent to "-C des-ede3-cbc". The openssl tool lists ciphers -available in "openssl -h" output. -

      +equivalent to "-C des-ede3-cbc". The openssl tool lists ciphers +available in "openssl -h" output. +


      Next: , Previous: ntp-keygen cipher, @@ -1222,8 +1382,9 @@
    • must be compiled in by defining AUTOKEY during the compilation.
    -

    Write the IFF or GQ client keys to the standard output. This is -intended for automatic key distribution by mail. +

    Write the public parameters from the IFF or GQ client keys to +the standard output. +This is intended for automatic key distribution by email.


    Next: , @@ -1306,14 +1467,14 @@ the file name of IFF, GQ, and MV client parameters files. In that role, the default is the host name if this option is not provided. The group name, if specified using -i/--ident or -using -s/--subject-name following an '}' character, -is also a part of the self-signed host certificate's subject and -issuer names in the form host -

    'crypto ident' or 'server ident' configuration in -ntpd's configuration file. -

    +using -s/--subject-name following an '@' character, +is also a part of the self-signed host certificate subject and +issuer names in the form host@group and should match the +'crypto ident' or 'server ident' configuration in the +ntpd configuration file. +


    -Next: , +Next: , Previous: ntp-keygen ident, Up: ntp-keygen Invocation
    @@ -1322,7 +1483,7 @@

    lifetime option (-l)

    -This is the ``set certificate lifetime'' option. +This is the “set certificate lifetime” option. This option takes a number argument lifetime.

    This option has some usage constraints. It: @@ -1333,29 +1494,16 @@

    Set the certificate expiration to lifetime days from now.

    -

    md5key option (-M)

    - -

    -This is the ``generate md5 keys'' option. -Generate MD5 keys, obsoleting any that may exist. -

    -

    modulus option (-m)

    -

    -This is the ``modulus'' option. +

    +This is the “prime modulus” option. This option takes a number argument modulus.

    This option has some usage constraints. It: @@ -1366,16 +1514,29 @@

    The number of bits in the prime modulus. The default is 512.

    +

    md5key option (-M)

    + +

    +This is the “generate symmetric keys” option. +Generate symmetric keys, obsoleting any that may exist. +

    +

    pvt-cert option (-P)

    -This is the ``generate pc private certificate'' option. +This is the “generate pc private certificate” option.

    This option has some usage constraints. It:

      @@ -1395,7 +1556,7 @@

      password option (-p)

      -This is the ``local private password'' option. +This is the “local private password” option. This option takes a string argument passwd.

      This option has some usage constraints. It: @@ -1410,7 +1571,7 @@ hostname.


      -Next: , +Next: , Previous: ntp-keygen password, Up: ntp-keygen Invocation
      @@ -1419,7 +1580,7 @@

      export-passwd option (-q)

      -This is the ``export iff or gq group keys with password'' option. +This is the “export iff or gq group keys with password” option. This option takes a string argument passwd.

      This option has some usage constraints. It: @@ -1431,20 +1592,20 @@ encrypted with the DES-CBC algorithm and the specified password. The same password must be specified to the remote ntpd via the "crypto pw password" configuration command. See also the option ---id-key (-e) for unencrypted exports. +–id-key (-e) for unencrypted exports.

      -

      sign-key option (-S)

      +

      subject-name option (-s)

      -

      -This is the ``generate sign key (rsa or dsa)'' option. -This option takes a string argument sign. +

      +This is the “set host and optionally group name” option. +This option takes a string argument host@group.

      This option has some usage constraints. It:

        @@ -1451,22 +1612,29 @@
      • must be compiled in by defining AUTOKEY during the compilation.
      -

      Generate a new sign key of the designated type, obsoleting any -that may exist. By default, the program uses the host key as the -sign key. +

      Set the Autokey host name, and optionally, group name specified +following an '@' character. The host name is used in the file +name of generated host and signing certificates, without the +group name. The host name, and if provided, group name are used +in host@group form for the host certificate subject and issuer +fields. Specifying '-s @group' is allowed, and results in +leaving the host name unchanged while appending @group to the +subject and issuer fields, as with -i group. The group name, or +if not provided, the host name are also used in the file names +of IFF, GQ, and MV client parameter files.

      -

      subject-name option (-s)

      +

      sign-key option (-S)

      -

      -This is the ``set host and optionally group name'' option. -This option takes a string argument host@group. +

      +This is the “generate sign key (rsa or dsa)” option. +This option takes a string argument sign.

      This option has some usage constraints. It:

        @@ -1473,20 +1641,13 @@
      • must be compiled in by defining AUTOKEY during the compilation.
      -

      Set the Autokey host name, and optionally, group name specified -following an '}' character. The host name is used in the file -name of generated host and signing certificates, without the -group name. The host name, and if provided, group name are used -in host -

      fields. Specifying '-s -

      leaving the host name unchanged while appending -

      subject and issuer fields, as with -i group. The group name, or -if not provided, the host name are also used in the file names -of IFF, GQ, and MV client parameter files. -

      +

      Generate a new sign key of the designated type, obsoleting any +that may exist. By default, the program uses the host key as the +sign key. +

      @@ -1494,7 +1655,7 @@

      trusted-cert option (-T)

      -This is the ``trusted certificate (tc scheme)'' option. +This is the “trusted certificate (tc scheme)” option.

      This option has some usage constraints. It:

        @@ -1514,7 +1675,7 @@

        mv-params option (-V)

        -This is the ``generate <num> mv parameters'' option. +This is the “generate <num> mv parameters” option. This option takes a number argument num.

        This option has some usage constraints. It: @@ -1535,7 +1696,7 @@

        mv-keys option (-v)

        -This is the ``update <num> mv keys'' option. +This is the “update <num> mv keys” option. This option takes a number argument num.

        This option has some usage constraints. It: --- contrib/ntp/util/ntp-keygen.man.in.orig +++ contrib/ntp/util/ntp-keygen.man.in @@ -10,11 +10,11 @@ .ds B-Font B .ds I-Font I .ds R-Font R -.TH ntp-keygen @NTP_KEYGEN_MS@ "21 Mar 2017" "ntp (4.2.8p10)" "User Commands" +.TH ntp-keygen @NTP_KEYGEN_MS@ "27 Feb 2018" "ntp (4.2.8p11)" "User Commands" .\" -.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-uUaiiy/ag-lVaahy) +.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-bBa46V/ag-nBaW5V) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:54 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:53 PM by AutoGen 5.18.5 .\" From the definitions ntp-keygen-opts.def .\" and the template file agman-cmd.tpl .SH NAME @@ -36,30 +36,33 @@ .SH DESCRIPTION This program generates cryptographic data files used by the NTPv4 authentication and identification schemes. -It generates MD5 key files used in symmetric key cryptography. -In addition, if the OpenSSL software library has been installed, -it generates keys, certificate and identity files used in public key -cryptography. +It can generate message digest keys used in symmetric key cryptography and, +if the OpenSSL software library has been installed, it can generate host keys, +signing keys, certificates, and identity keys and parameters used in Autokey +public key cryptography. These files are used for cookie encryption, -digital signature and challenge/response identification algorithms +digital signature, and challenge/response identification algorithms compatible with the Internet standard security infrastructure. .sp \n(Ppu .ne 2 -All files are in PEM-encoded printable ASCII format, -so they can be embedded as MIME attachments in mail to other sites +The message digest symmetric keys file is generated in a format +compatible with NTPv3. +All other files are in PEM-encoded printable ASCII format, +so they can be embedded as MIME attachments in email to other sites and certificate authorities. By default, files are not encrypted. .sp \n(Ppu .ne 2 -When used to generate message digest keys, the program produces a file -containing ten pseudo-random printable ASCII strings suitable for the -MD5 message digest algorithm included in the distribution. +When used to generate message digest symmetric keys, the program +produces a file containing ten pseudo-random printable ASCII strings +suitable for the MD5 message digest algorithm included in the +distribution. If the OpenSSL library is installed, it produces an additional ten -hex-encoded random bit strings suitable for the SHA1 and other message -digest algorithms. -The message digest keys file must be distributed and stored +hex-encoded random bit strings suitable for SHA1, AES-128-CMAC, and +other message digest algorithms. +The message digest symmetric keys file must be distributed and stored using secure means beyond the scope of NTP itself. Besides the keys used for ordinary NTP associations, additional keys can be defined as passwords for the @@ -83,27 +86,38 @@ Some files used by this program are encrypted using a private password. The \f\*[B-Font]\-p\f[] -option specifies the password for local encrypted files and the +option specifies the read password for local encrypted files and the \f\*[B-Font]\-q\f[] -option the password for encrypted files sent to remote sites. +option the write password for encrypted files sent to remote sites. If no password is specified, the host name returned by the Unix -\fBgethostname\f[]\fR()\f[] -function, normally the DNS name of the host is used. +\fChostname\f[]\fR(1)\f[] +command, normally the DNS name of the host, is used as the the default read +password, for convenience. +The +\f\*[B-Font]ntp-keygen\fP +program prompts for the password if it reads an encrypted file +and the password is missing or incorrect. +If an encrypted file is read successfully and +no write password is specified, the read password is used +as the write password by default. .sp \n(Ppu .ne 2 The -\f\*[I-Font]pw\f[] +\f\*[B-Font]pw\f[] option of the -\f\*[I-Font]crypto\f[] +\f\*[B-Font]crypto\f[] +\fCntpd\f[]\fR(@NTPD_MS@)\f[] configuration command specifies the read password for previously encrypted local files. -This must match the local password used by this program. +This must match the local read password used by this program. If not specified, the host name is used. -Thus, if files are generated by this program without password, +Thus, if files are generated by this program without an explicit password, they can be read back by -\f\*[I-Font]ntpd\f[] -without password but only on the same host. +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +without specifying an explicit password but only on the same host. +If the write password used for encryption is specified as the host name, +these files can be read by that host with no explicit password. .sp \n(Ppu .ne 2 @@ -111,7 +125,7 @@ used only by that host, although exceptions exist as noted later on this page. The symmetric keys file, normally called -\f\*[I-Font]ntp.keys\f[], +\fIntp.keys\f[], is usually installed in \fI/etc\f[]. Other files and links are usually installed in @@ -118,208 +132,95 @@ \fI/usr/local/etc\f[], which is normally in a shared filesystem in NFS-mounted networks and cannot be changed by shared clients. -The location of the keys directory can be changed by the -\f\*[I-Font]keysdir\f[] -configuration command in such cases. -Normally, this is in -\fI/etc\f[]. +In these cases, NFS clients can specify the files in another +directory such as +\fI/etc\f[] +using the +\f\*[B-Font]keysdir\f[] +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +configuration file command. .sp \n(Ppu .ne 2 This program directs commentary and error messages to the standard error stream -\f\*[I-Font]stderr\f[] +\fIstderr\f[] and remote files to the standard output stream -\f\*[I-Font]stdout\f[] +\fIstdout\f[] where they can be piped to other applications or redirected to files. The names used for generated files and links all begin with the string -\f\*[I-Font]ntpkey\f[] +\fIntpkey\&*\f[] and include the file type, generating host and filestamp, as described in the -\*[Lq]Cryptographic Data Files\*[Rq] +\fICryptographic Data Files\f[] section below. .SS Running the Program -To test and gain experience with Autokey concepts, log in as root and -change to the keys directory, usually -\fI/usr/local/etc\f[] -When run for the first time, or if all files with names beginning with -\f\*[I-Font]ntpkey\f[] -have been removed, use the +The safest way to run the \f\*[B-Font]ntp-keygen\fP -command without arguments to generate a -default RSA host key and matching RSA-MD5 certificate with expiration -date one year hence. -If run again without options, the program uses the -existing keys and parameters and generates only a new certificate with -new expiration date one year hence. -.sp \n(Ppu -.ne 2 - -Run the command on as many hosts as necessary. -Designate one of them as the trusted host (TH) using -\f\*[B-Font]ntp-keygen\fP -with the -\f\*[B-Font]\-T\f[] -option and configure it to synchronize from reliable Internet servers. -Then configure the other hosts to synchronize to the TH directly or -indirectly. -A certificate trail is created when Autokey asks the immediately -ascendant host towards the TH to sign its certificate, which is then -provided to the immediately descendant host on request. -All group hosts should have acyclic certificate trails ending on the TH. -.sp \n(Ppu -.ne 2 - -The host key is used to encrypt the cookie when required and so must be -RSA type. -By default, the host key is also the sign key used to encrypt -signatures. -A different sign key can be assigned using the -\f\*[B-Font]\-S\f[] -option and this can be either RSA or DSA type. -By default, the signature -message digest type is MD5, but any combination of sign key type and -message digest type supported by the OpenSSL library can be specified -using the -\f\*[B-Font]\-c\f[] -option. -The rules say cryptographic media should be generated with proventic -filestamps, which means the host should already be synchronized before -this program is run. -This of course creates a chicken-and-egg problem -when the host is started for the first time. -Accordingly, the host time -should be set by some other means, such as eyeball-and-wristwatch, at -least so that the certificate lifetime is within the current year. -After that and when the host is synchronized to a proventic source, the -certificate should be re-generated. -.sp \n(Ppu -.ne 2 - -Additional information on trusted groups and identity schemes is on the -\*[Lq]Autokey Public-Key Authentication\*[Rq] -page. -.sp \n(Ppu -.ne 2 - -The -\fCntpd\f[]\fR(@NTPD_MS@)\f[] -configuration command -\f\*[B-Font]crypto\f[] \f\*[B-Font]pw\f[] \f\*[I-Font]password\f[] -specifies the read password for previously encrypted files. -The daemon expires on the spot if the password is missing -or incorrect. -For convenience, if a file has been previously encrypted, -the default read password is the name of the host running -the program. -If the previous write password is specified as the host name, -these files can be read by that host with no explicit password. -.sp \n(Ppu -.ne 2 - -File names begin with the prefix -\f\*[B-Font]ntpkey_\f[] -and end with the postfix -\f\*[I-Font]_hostname.filestamp\f[], -where -\f\*[I-Font]hostname\f[] -is the owner name, usually the string returned -by the Unix gethostname() routine, and -\f\*[I-Font]filestamp\f[] -is the NTP seconds when the file was generated, in decimal digits. -This both guarantees uniqueness and simplifies maintenance -procedures, since all files can be quickly removed -by a -\f\*[B-Font]rm\f[] \f\*[B-Font]ntpkey\&*\f[] -command or all files generated -at a specific time can be removed by a -\f\*[B-Font]rm\f[] -\f\*[I-Font]\&*filestamp\f[] -command. -To further reduce the risk of misconfiguration, -the first two lines of a file contain the file name -and generation date and time as comments. -.sp \n(Ppu -.ne 2 - -All files are installed by default in the keys directory +program is logged in directly as root. +The recommended procedure is change to the +\f\*[I-Font]keys\f[] +directory, usually \fI/usr/local/etc\f[], -which is normally in a shared filesystem -in NFS-mounted networks. -The actual location of the keys directory -and each file can be overridden by configuration commands, -but this is not recommended. -Normally, the files for each host are generated by that host -and used only by that host, although exceptions exist -as noted later on this page. +then run the program. .sp \n(Ppu .ne 2 -Normally, files containing private values, -including the host key, sign key and identification parameters, -are permitted root read/write-only; -while others containing public values are permitted world readable. -Alternatively, files containing private values can be encrypted -and these files permitted world readable, -which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and -dependent clients can all be installed in the same shared directory. -.sp \n(Ppu -.ne 2 - -The recommended practice is to keep the file name extensions -when installing a file and to install a soft link -from the generic names specified elsewhere on this page -to the generated files. -This allows new file generations to be activated simply -by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. -If a link is not present, -\fCntpd\f[]\fR(@NTPD_MS@)\f[] -extracts the filestamp from the file itself. -This allows clients to verify that the file and generation times -are always current. -The +To test and gain experience with Autokey concepts, log in as root and +change to the +\f\*[I-Font]keys\f[] +directory, usually +\fI/usr/local/etc\f[]. +When run for the first time, or if all files with names beginning with +\fIntpkey\&*\f[] +have been removed, use the \f\*[B-Font]ntp-keygen\fP -program uses the same timestamp extension for all files generated -at one time, so each generation is distinct and can be readily -recognized in monitoring data. -.SS Running the program -The safest way to run the -\f\*[B-Font]ntp-keygen\fP -program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually -\fI/usr/local/etc\f[], -then run the program. -When run for the first time, -or if all -\f\*[B-Font]ntpkey\f[] -files have been removed, -the program generates a RSA host key file and matching RSA-MD5 certificate file, +command without arguments to generate a default +\f\*[B-Font]RSA\f[] +host key and matching +\f\*[B-Font]RSA-MD5\f[] +certificate file with expiration date one year hence, which is all that is necessary in many cases. The program also generates soft links from the generic names to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. +If run again without options, the program uses the +existing keys and parameters and generates a new certificate file with +new expiration date one year hence, and soft link. .sp \n(Ppu .ne 2 -The host key is used to encrypt the cookie when required and so must be RSA type. +The host key is used to encrypt the cookie when required and so must be +\f\*[B-Font]RSA\f[] +type. By default, the host key is also the sign key used to encrypt signatures. When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination +either +\f\*[B-Font]RSA\f[] +or +\f\*[B-Font]DSA\f[] +type. +By default, the message digest type is +\f\*[B-Font]MD5\f[], +but any combination of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. +can be specified, including those using the +\f\*[B-Font]AES128CMAC\f[], \f\*[B-Font]MD2\f[], \f\*[B-Font]MD5\f[], \f\*[B-Font]MDC2\f[], \f\*[B-Font]SHA\f[], \f\*[B-Font]SHA1\f[] +and +\f\*[B-Font]RIPE160\f[] +message digest algorithms. However, the scheme specified in the certificate must be compatible with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +Certificates using any digest algorithm are compatible with +\f\*[B-Font]RSA\f[] +sign keys; +however, only +\f\*[B-Font]SHA\f[] +and +\f\*[B-Font]SHA1\f[] +certificates are compatible with +\f\*[B-Font]DSA\f[] +sign keys. .sp \n(Ppu .ne 2 @@ -334,19 +235,19 @@ .ne 2 Running the program as other than root and using the Unix -\f\*[B-Font]su\f[] +\fCsu\f[]\fR(1)\f[] command to assume root may not work properly, since by default the OpenSSL library looks for the random seed file -\f\*[B-Font].rnd\f[] +\fI.rnd\f[] in the user home directory. However, there should be only one -\f\*[B-Font].rnd\f[], +\fI.rnd\f[], most conveniently in the root directory, so it is convenient to define the -\f\*[B-Font]$RANDFILE\f[] +RANDFILE environment variable used by the OpenSSL library as the path to -\f\*[B-Font]/.rnd\f[]. +\fI.rnd\f[]. .sp \n(Ppu .ne 2 @@ -358,7 +259,8 @@ \fI/etc\f[] using the \f\*[B-Font]keysdir\f[] -command. +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +configuration file command. There is no need for one client to read the keys and certificates of other clients or servers, as these data are obtained automatically by the Autokey protocol. @@ -397,8 +299,11 @@ Alternatively, files containing private values can be encrypted and these files permitted world readable, which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and +Since uniqueness is insured by the +\f\*[I-Font]hostname\f[] +and +\f\*[I-Font]filestamp\f[] +file name extensions, the files for an NTP server and dependent clients can all be installed in the same shared directory. .sp \n(Ppu .ne 2 @@ -409,108 +314,107 @@ to the generated files. This allows new file generations to be activated simply by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. +If a link is present, +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +follows it to the file name to extract the +\f\*[I-Font]filestamp\f[]. If a link is not present, \fCntpd\f[]\fR(@NTPD_MS@)\f[] -extracts the filestamp from the file itself. +extracts the +\f\*[I-Font]filestamp\f[] +from the file itself. This allows clients to verify that the file and generation times are always current. The \f\*[B-Font]ntp-keygen\fP -program uses the same timestamp extension for all files generated +program uses the same +\f\*[I-Font]filestamp\f[] +extension for all files generated at one time, so each generation is distinct and can be readily recognized in monitoring data. -.SS Running the program -The safest way to run the -\f\*[B-Font]ntp-keygen\fP -program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually -\fI/usr/local/etc\f[], -then run the program. -When run for the first time, -or if all -\f\*[B-Font]ntpkey\f[] -files have been removed, -the program generates a RSA host key file and matching RSA-MD5 certificate file, -which is all that is necessary in many cases. -The program also generates soft links from the generic names -to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. .sp \n(Ppu .ne 2 -The host key is used to encrypt the cookie when required and so must be RSA type. -By default, the host key is also the sign key used to encrypt signatures. -When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination -of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. -However, the scheme specified in the certificate must be compatible -with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +Run the command on as many hosts as necessary. +Designate one of them as the trusted host (TH) using +\f\*[B-Font]ntp-keygen\fP +with the +\f\*[B-Font]\-T\f[] +option and configure it to synchronize from reliable Internet servers. +Then configure the other hosts to synchronize to the TH directly or +indirectly. +A certificate trail is created when Autokey asks the immediately +ascendant host towards the TH to sign its certificate, which is then +provided to the immediately descendant host on request. +All group hosts should have acyclic certificate trails ending on the TH. .sp \n(Ppu .ne 2 -Private/public key files and certificates are compatible with -other OpenSSL applications and very likely other libraries as well. -Certificates or certificate requests derived from them should be compatible -with extant industry practice, although some users might find -the interpretation of X509v3 extension fields somewhat liberal. -However, the identification parameter files, although encoded -as the other files, are probably not compatible with anything other than Autokey. +The host key is used to encrypt the cookie when required and so must be +RSA type. +By default, the host key is also the sign key used to encrypt +signatures. +A different sign key can be assigned using the +\f\*[B-Font]\-S\f[] +option and this can be either +\f\*[B-Font]RSA\f[] +or +\f\*[B-Font]DSA\f[] +type. +By default, the signature +message digest type is +\f\*[B-Font]MD5\f[], +but any combination of sign key type and +message digest type supported by the OpenSSL library can be specified +using the +\f\*[B-Font]\-c\f[] +option. .sp \n(Ppu .ne 2 -Running the program as other than root and using the Unix -\f\*[B-Font]su\f[] -command -to assume root may not work properly, since by default the OpenSSL library -looks for the random seed file -\f\*[B-Font].rnd\f[] -in the user home directory. -However, there should be only one -\f\*[B-Font].rnd\f[], -most conveniently -in the root directory, so it is convenient to define the -\f\*[B-Font]$RANDFILE\f[] -environment variable used by the OpenSSL library as the path to -\f\*[B-Font]/.rnd\f[]. +The rules say cryptographic media should be generated with proventic +filestamps, which means the host should already be synchronized before +this program is run. +This of course creates a chicken-and-egg problem +when the host is started for the first time. +Accordingly, the host time +should be set by some other means, such as eyeball-and-wristwatch, at +least so that the certificate lifetime is within the current year. +After that and when the host is synchronized to a proventic source, the +certificate should be re-generated. .sp \n(Ppu .ne 2 -Installing the keys as root might not work in NFS-mounted -shared file systems, as NFS clients may not be able to write -to the shared keys directory, even as root. -In this case, NFS clients can specify the files in another -directory such as -\fI/etc\f[] -using the -\f\*[B-Font]keysdir\f[] -command. -There is no need for one client to read the keys and certificates -of other clients or servers, as these data are obtained automatically -by the Autokey protocol. +Additional information on trusted groups and identity schemes is on the +\*[Lq]Autokey Public-Key Authentication\*[Rq] +page. .sp \n(Ppu .ne 2 -Ordinarily, cryptographic files are generated by the host that uses them, -but it is possible for a trusted agent (TA) to generate these files -for other hosts; however, in such cases files should always be encrypted. -The subject name and trusted name default to the hostname -of the host generating the files, but can be changed by command line options. -It is convenient to designate the owner name and trusted name -as the subject and issuer fields, respectively, of the certificate. -The owner name is also used for the host and sign key files, -while the trusted name is used for the identity files. -seconds. -seconds. -s Trusted Hosts and Groups +File names begin with the prefix +\fIntpkey\f[]_ +and end with the suffix +\fI_\f[]\f\*[I-Font]hostname\f[]. \f\*[I-Font]filestamp\f[], +where +\f\*[I-Font]hostname\f[] +is the owner name, usually the string returned +by the Unix +\fChostname\f[]\fR(1)\f[] +command, and +\f\*[I-Font]filestamp\f[] +is the NTP seconds when the file was generated, in decimal digits. +This both guarantees uniqueness and simplifies maintenance +procedures, since all files can be quickly removed +by a +\f\*[B-Font]rm\f[] \fIntpkey\&*\f[] +command or all files generated +at a specific time can be removed by a +\f\*[B-Font]rm\f[] \fI\&*\f[]\f\*[I-Font]filestamp\f[] +command. +To further reduce the risk of misconfiguration, +the first two lines of a file contain the file name +and generation date and time as comments. +.SS Trusted Hosts and Groups Each cryptographic configuration involves selection of a signature scheme and identification scheme, called a cryptotype, as explained in the @@ -517,8 +421,14 @@ \fIAuthentication\f[] \fIOptions\f[] section of \fCntp.conf\f[]\fR(5)\f[]. -The default cryptotype uses RSA encryption, MD5 message digest -and TC identification. +The default cryptotype uses +\f\*[B-Font]RSA\f[] +encryption, +\f\*[B-Font]MD5\f[] +message digest +and +\f\*[B-Font]TC\f[] +identification. First, configure a NTP subnet including one or more low-stratum trusted hosts from which all other hosts derive synchronization directly or indirectly. @@ -538,7 +448,7 @@ On each trusted host as root, change to the keys directory. To insure a fresh fileset, remove all -\f\*[B-Font]ntpkey\f[] +\fIntpkey\f[] files. Then run \f\*[B-Font]ntp-keygen\fP @@ -565,7 +475,9 @@ \f\*[B-Font]RSA\f[] or \f\*[B-Font]DSA\f[]. -The most often need to do this is when a DSA-signed certificate is used. +The most frequent need to do this is when a +\f\*[B-Font]DSA\f[]\-signed +certificate is used. If it is necessary to use a different certificate scheme than the default, run \f\*[B-Font]ntp-keygen\fP @@ -574,10 +486,10 @@ option and selected \f\*[I-Font]scheme\f[] as needed. -f +If \f\*[B-Font]ntp-keygen\fP is run again without these options, it generates a new certificate -using the same scheme and sign key. +using the same scheme and sign key, and soft link. .sp \n(Ppu .ne 2 @@ -586,7 +498,7 @@ Simply run \f\*[B-Font]ntp-keygen\fP with the same flags as before to generate new certificates -using existing keys. +using existing keys, and soft links. However, if the host or sign key is changed, \fCntpd\f[]\fR(@NTPD_MS@)\f[] should be restarted. @@ -597,13 +509,15 @@ at which time the protocol is restarted. .SS Identity Schemes As mentioned on the Autonomous Authentication page, -the default TC identity scheme is vulnerable to a middleman attack. +the default +\f\*[B-Font]TC\f[] +identity scheme is vulnerable to a middleman attack. However, there are more secure identity schemes available, -including PC, IFF, GQ and MV described on the -"Identification Schemes" -page -(maybe available at -\f[C]http://www.eecis.udel.edu/%7emills/keygen.html\f[]). +including +\f\*[B-Font]PC\f[], \f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[] +and +\f\*[B-Font]MV\f[] +schemes described below. These schemes are based on a TA, one or more trusted hosts and some number of nontrusted hosts. Trusted hosts prove identity using values provided by the TA, @@ -632,12 +546,15 @@ \f\*[B-Font]\-P\f[] \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] to generate the host key file -\fIntpkey_RSAkey_\f[]\f\*[I-Font]alice.filestamp\f[] +\fIntpkey\f[]_ \f\*[B-Font]RSA\f[] \fIkey_alice.\f[] \f\*[I-Font]filestamp\f[] and trusted private certificate file -\fIntpkey_RSA-MD5_cert_\f[]\f\*[I-Font]alice.filestamp\f[]. +\fIntpkey\f[]_ \f\*[B-Font]RSA-MD5\f[] \f\*[B-Font]_\f[] \fIcert_alice.\f[] \f\*[I-Font]filestamp\f[], +and soft links. Copy both files to all group hosts; they replace the files which would be generated in other schemes. -On each host bob install a soft link from the generic name +On each host +\f\*[I-Font]bob\f[] +install a soft link from the generic name \fIntpkey_host_\f[]\f\*[I-Font]bob\f[] to the host key file and soft link \fIntpkey_cert_\f[]\f\*[I-Font]bob\f[] @@ -646,13 +563,19 @@ by trusted host alice. In this scheme it is not possible to refresh either the keys or certificates without copying them -to all other hosts in the group. +to all other hosts in the group, and recreating the soft links. .sp \n(Ppu .ne 2 -For the IFF scheme proceed as in the TC scheme to generate keys +For the +\f\*[B-Font]IFF\f[] +scheme proceed as in the +\f\*[B-Font]TC\f[] +scheme to generate keys and certificates for all group hosts, then for every trusted host in the group, -generate the IFF parameter file. +generate the +\f\*[B-Font]IFF\f[] +parameter file. On trusted host alice run \f\*[B-Font]ntp-keygen\fP \f\*[B-Font]\-T\f[] @@ -659,15 +582,17 @@ \f\*[B-Font]\-I\f[] \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] to produce her parameter file -\fIntpkey_IFFpar_\f[]\f\*[I-Font]alice.filestamp\f[], +\fIntpkey_IFFpar_alice.\f[]\f\*[I-Font]filestamp\f[], which includes both server and client keys. Copy this file to all group hosts that operate as both servers and clients and install a soft link from the generic -\fIntpkey_iff_\f[]\f\*[I-Font]alice\f[] +\fIntpkey_iff_alice\f[] to this file. If there are no hosts restricted to operate only as clients, there is nothing further to do. -As the IFF scheme is independent +As the +\f\*[B-Font]IFF\f[] +scheme is independent of keys and certificates, these files can be refreshed as needed. .sp \n(Ppu .ne 2 @@ -679,10 +604,10 @@ After generating the parameter file, on alice run \f\*[B-Font]ntp-keygen\fP \f\*[B-Font]\-e\f[] -and pipe the output to a file or mail program. -Copy or mail this file to all restricted clients. +and pipe the output to a file or email program. +Copy or email this file to all restricted clients. On these clients install a soft link from the generic -\fIntpkey_iff_\f[]\f\*[I-Font]alice\f[] +\fIntpkey_iff_alice\f[] to this file. To further protect the integrity of the keys, each file can be encrypted with a secret password. @@ -689,9 +614,15 @@ .sp \n(Ppu .ne 2 -For the GQ scheme proceed as in the TC scheme to generate keys +For the +\f\*[B-Font]GQ\f[] +scheme proceed as in the +\f\*[B-Font]TC\f[] +scheme to generate keys and certificates for all group hosts, then for every trusted host -in the group, generate the IFF parameter file. +in the group, generate the +\f\*[B-Font]IFF\f[] +parameter file. On trusted host alice run \f\*[B-Font]ntp-keygen\fP \f\*[B-Font]\-T\f[] @@ -698,22 +629,32 @@ \f\*[B-Font]\-G\f[] \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] to produce her parameter file -\fIntpkey_GQpar_\f[]\f\*[I-Font]alice.filestamp\f[], +\fIntpkey_GQpar_alice.\f[]\f\*[I-Font]filestamp\f[], which includes both server and client keys. Copy this file to all group hosts and install a soft link from the generic -\fIntpkey_gq_\f[]\f\*[I-Font]alice\f[] +\fIntpkey_gq_alice\f[] to this file. -In addition, on each host bob install a soft link +In addition, on each host +\f\*[I-Font]bob\f[] +install a soft link from generic \fIntpkey_gq_\f[]\f\*[I-Font]bob\f[] to this file. -As the GQ scheme updates the GQ parameters file and certificate +As the +\f\*[B-Font]GQ\f[] +scheme updates the +\f\*[B-Font]GQ\f[] +parameters file and certificate at the same time, keys and certificates can be regenerated as needed. .sp \n(Ppu .ne 2 -For the MV scheme, proceed as in the TC scheme to generate keys +For the +\f\*[B-Font]MV\f[] +scheme, proceed as in the +\f\*[B-Font]TC\f[] +scheme to generate keys and certificates for all group hosts. For illustration assume trish is the TA, alice one of several trusted hosts and bob one of her clients. @@ -725,9 +666,9 @@ \f\*[I-Font]n\f[] is the number of revokable keys (typically 5) to produce the parameter file -\fIntpkeys_MVpar_\f[]\f\*[I-Font]trish.filestamp\f[] +\fIntpkeys_MVpar_trish.\f[]\f\*[I-Font]filestamp\f[] and client key files -\fIntpkeys_MVkeyd_\f[]\f\*[I-Font]trish.filestamp\f[] +\fIntpkeys_MVkey\f[]\f\*[I-Font]d\f[] \f\*[I-Font]_\f[] \fItrish.\f[] \f\*[I-Font]filestamp\f[] where \f\*[I-Font]d\f[] is the key number (0 \&< @@ -736,95 +677,236 @@ \f\*[I-Font]n\f[]). Copy the parameter file to alice and install a soft link from the generic -\fIntpkey_mv_\f[]\f\*[I-Font]alice\f[] +\fIntpkey_mv_alice\f[] to this file. Copy one of the client key files to alice for later distribution to her clients. -It doesn't matter which client key file goes to alice, +It does not matter which client key file goes to alice, since they all work the same way. -Alice copies the client key file to all of her cliens. +Alice copies the client key file to all of her clients. On client bob install a soft link from generic -\fIntpkey_mvkey_\f[]\f\*[I-Font]bob\f[] +\fIntpkey_mvkey_bob\f[] to the client key file. -As the MV scheme is independent of keys and certificates, +As the +\f\*[B-Font]MV\f[] +scheme is independent of keys and certificates, these files can be refreshed as needed. .SS Command Line Options .TP 7 -.NOP \f\*[B-Font]\-c\f[] \f\*[I-Font]scheme\f[] -Select certificate message digest/signature encryption scheme. +.NOP \f\*[B-Font]\-b\f[] \f\*[B-Font]\-\-imbits\f[]= \f\*[I-Font]modulus\f[] +Set the number of bits in the identity modulus for generating identity keys to +\f\*[I-Font]modulus\f[] +bits. +The number of bits in the identity modulus defaults to 256, but can be set to +values from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.TP 7 +.NOP \f\*[B-Font]\-c\f[] \f\*[B-Font]\-\-certificate\f[]= \f\*[I-Font]scheme\f[] +Select certificate signature encryption/message digest scheme. The \f\*[I-Font]scheme\f[] can be one of the following: -. Cm RSA-MD2 , RSA-MD5 , RSA-SHA , RSA-SHA1 , RSA-MDC2 , RSA-RIPEMD160 , DSA-SHA , +\f\*[B-Font]RSA-MD2\f[], \f\*[B-Font]RSA-MD5\f[], \f\*[B-Font]RSA-MDC2\f[], \f\*[B-Font]RSA-SHA\f[], \f\*[B-Font]RSA-SHA1\f[], \f\*[B-Font]RSA-RIPEMD160\f[], \f\*[B-Font]DSA-SHA\f[], or \f\*[B-Font]DSA-SHA1\f[]. -Note that RSA schemes must be used with a RSA sign key and DSA -schemes must be used with a DSA sign key. +Note that +\f\*[B-Font]RSA\f[] +schemes must be used with an +\f\*[B-Font]RSA\f[] +sign key and +\f\*[B-Font]DSA\f[] +schemes must be used with a +\f\*[B-Font]DSA\f[] +sign key. The default without this option is \f\*[B-Font]RSA-MD5\f[]. +If compatibility with FIPS 140-2 is required, either the +\f\*[B-Font]DSA-SHA\f[] +or +\f\*[B-Font]DSA-SHA1\f[] +scheme must be used. .TP 7 -.NOP \f\*[B-Font]\-d\f[] -Enable debugging. +.NOP \f\*[B-Font]\-C\f[] \f\*[B-Font]\-\-cipher\f[]= \f\*[I-Font]cipher\f[] +Select the OpenSSL cipher to encrypt the files containing private keys. +The default without this option is three-key triple DES in CBC mode, +\f\*[B-Font]des-ede3-cbc\f[]. +The +\f\*[B-Font]openssl\f[] \f\*[B-Font]\-h\f[] +command provided with OpenSSL displays available ciphers. +.TP 7 +.NOP \f\*[B-Font]\-d\f[] \f\*[B-Font]\-\-debug-level\f[] +Increase debugging verbosity level. This option displays the cryptographic data produced in eye-friendly billboards. .TP 7 -.NOP \f\*[B-Font]\-e\f[] -Write the IFF client keys to the standard output. -This is intended for automatic key distribution by mail. +.NOP \f\*[B-Font]\-D\f[] \f\*[B-Font]\-\-set-debug-level\f[]= \f\*[I-Font]level\f[] +Set the debugging verbosity to +\f\*[I-Font]level\f[]. +This option displays the cryptographic data produced in eye-friendly billboards. .TP 7 -.NOP \f\*[B-Font]\-G\f[] -Generate parameters and keys for the GQ identification scheme, -obsoleting any that may exist. +.NOP \f\*[B-Font]\-e\f[] \f\*[B-Font]\-\-id-key\f[] +Write the +\f\*[B-Font]IFF\f[] +or +\f\*[B-Font]GQ\f[] +public parameters from the +\f\*[I-Font]IFFkey\f[] \f\*[I-Font]or\f[] \f\*[I-Font]GQkey\f[] +client keys file previously specified +as unencrypted data to the standard output stream +\fIstdout\f[]. +This is intended for automatic key distribution by email. .TP 7 -.NOP \f\*[B-Font]\-g\f[] -Generate keys for the GQ identification scheme -using the existing GQ parameters. -If the GQ parameters do not yet exist, create them first. +.NOP \f\*[B-Font]\-G\f[] \f\*[B-Font]\-\-gq-params\f[] +Generate a new encrypted +\f\*[B-Font]GQ\f[] +parameters and key file for the Guillou-Quisquater (GQ) identity scheme. +This option is mutually exclusive with the +\f\*[B-Font]\-I\f[] +and +\f\*[B-Font]\-V\f[] +options. .TP 7 -.NOP \f\*[B-Font]\-H\f[] -Generate new host keys, obsoleting any that may exist. +.NOP \f\*[B-Font]\-H\f[] \f\*[B-Font]\-\-host-key\f[] +Generate a new encrypted +\f\*[B-Font]RSA\f[] +public/private host key file. .TP 7 -.NOP \f\*[B-Font]\-I\f[] -Generate parameters for the IFF identification scheme, -obsoleting any that may exist. +.NOP \f\*[B-Font]\-I\f[] \f\*[B-Font]\-\-iffkey\f[] +Generate a new encrypted +\f\*[B-Font]IFF\f[] +key file for the Schnorr (IFF) identity scheme. +This option is mutually exclusive with the +\f\*[B-Font]\-G\f[] +and +Fl V +options. .TP 7 -.NOP \f\*[B-Font]\-i\f[] \f\*[I-Font]name\f[] -Set the suject name to -\f\*[I-Font]name\f[]. -This is used as the subject field in certificates -and in the file name for host and sign keys. +.NOP \f\*[B-Font]\-i\f[] \f\*[B-Font]\-\-ident\f[]= \f\*[I-Font]group\f[] +Set the optional Autokey group name to +\f\*[I-Font]group\f[]. +This is used in the identity scheme parameter file names of +\f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[], +and +\f\*[B-Font]MV\f[] +client parameters files. +In that role, the default is the host name if no group is provided. +The group name, if specified using +\f\*[B-Font]\-i\f[] +or +\f\*[B-Font]\-s\f[] +following an +\[oq]@@\[cq] +character, is also used in certificate subject and issuer names in the form +\f\*[I-Font]host\f[] \f\*[I-Font]@@\f[] \f\*[I-Font]group\f[] +and should match the group specified via +\f\*[B-Font]crypto\f[] \f\*[B-Font]ident\f[] +or +\f\*[B-Font]server\f[] \f\*[B-Font]ident\f[] +in the ntpd configuration file. .TP 7 -.NOP \f\*[B-Font]\-M\f[] -Generate MD5 keys, obsoleting any that may exist. +.NOP \f\*[B-Font]\-l\f[] \f\*[B-Font]\-\-lifetime\f[]= \f\*[I-Font]days\f[] +Set the lifetime for certificate expiration to +\f\*[I-Font]days\f[]. +The default lifetime is one year (365 days). .TP 7 -.NOP \f\*[B-Font]\-P\f[] -Generate a private certificate. +.NOP \f\*[B-Font]\-m\f[] \f\*[B-Font]\-\-modulus\f[]= \f\*[I-Font]bits\f[] +Set the number of bits in the prime modulus for generating files to +\f\*[I-Font]bits\f[]. +The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.TP 7 +.NOP \f\*[B-Font]\-M\f[] \f\*[B-Font]\-\-md5key\f[] +Generate a new symmetric keys file containing 10 +\f\*[B-Font]MD5\f[] +keys, and if OpenSSL is available, 10 +\f\*[B-Font]SHA\f[] +keys. +An +\f\*[B-Font]MD5\f[] +key is a string of 20 random printable ASCII characters, while a +\f\*[B-Font]SHA\f[] +key is a string of 40 random hex digits. +The file can be edited using a text editor to change the key type or key content. +This option is mutually exclusive with all other options. +.TP 7 +.NOP \f\*[B-Font]\-p\f[] \f\*[B-Font]\-\-password\f[]= \f\*[I-Font]passwd\f[] +Set the password for reading and writing encrypted files to +\f\*[I-Font]passwd\f[]. +These include the host, sign and identify key files. +By default, the password is the string returned by the Unix +\f\*[B-Font]hostname\f[] +command. +.TP 7 +.NOP \f\*[B-Font]\-P\f[] \f\*[B-Font]\-\-pvt-cert\f[] +Generate a new private certificate used by the +\f\*[B-Font]PC\f[] +identity scheme. By default, the program generates public certificates. +Note: the PC identity scheme is not recommended for new installations. .TP 7 -.NOP \f\*[B-Font]\-p\f[] \f\*[I-Font]password\f[] -Encrypt generated files containing private data with -\f\*[I-Font]password\f[] -and the DES-CBC algorithm. +.NOP \f\*[B-Font]\-q\f[] \f\*[B-Font]\-\-export-passwd\f[]= \f\*[I-Font]passwd\f[] +Set the password for writing encrypted +\f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[] \f\*[B-Font]and\f[] \f\*[B-Font]MV\f[] +identity files redirected to +\fIstdout\f[] +to +\f\*[I-Font]passwd\f[]. +In effect, these files are decrypted with the +\f\*[B-Font]\-p\f[] +password, then encrypted with the +\f\*[B-Font]\-q\f[] +password. +By default, the password is the string returned by the Unix +\f\*[B-Font]hostname\f[] +command. .TP 7 -.NOP \f\*[B-Font]\-q\f[] -Set the password for reading files to password. +.NOP \f\*[B-Font]\-s\f[] \f\*[B-Font]\-\-subject-key\f[]= [host] [@@ \f\*[I-Font]group\f[]] +Specify the Autokey host name, where +\f\*[I-Font]host\f[] +is the optional host name and +\f\*[I-Font]group\f[] +is the optional group name. +The host name, and if provided, group name are used in +\f\*[I-Font]host\f[] \f\*[I-Font]@@\f[] \f\*[I-Font]group\f[] +form as certificate subject and issuer. +Specifying +\f\*[B-Font]\-s\f[] \f\*[B-Font]\-@@\f[] \f\*[I-Font]group\f[] +is allowed, and results in leaving the host name unchanged, as with +\f\*[B-Font]\-i\f[] \f\*[I-Font]group\f[]. +The group name, or if no group is provided, the host name are also used in the +file names of +\f\*[B-Font]IFF\f[], \f\*[B-Font]GQ\f[], +and +\f\*[B-Font]MV\f[] +identity scheme client parameter files. +If +\f\*[I-Font]host\f[] +is not specified, the default host name is the string returned by the Unix +\f\*[B-Font]hostname\f[] +command. .TP 7 -.NOP \f\*[B-Font]\-S\f[] [\f\*[B-Font]RSA\f[] | \f\*[B-Font]DSA\f[]] -Generate a new sign key of the designated type, -obsoleting any that may exist. -By default, the program uses the host key as the sign key. +.NOP \f\*[B-Font]\-S\f[] \f\*[B-Font]\-\-sign-key\f[]= [\f\*[B-Font]RSA\f[] | \f\*[B-Font]DSA\f[]] +Generate a new encrypted public/private sign key file of the specified type. +By default, the sign key is the host key and has the same type. +If compatibility with FIPS 140-2 is required, the sign key type must be +\f\*[B-Font]DSA\f[]. .TP 7 -.NOP \f\*[B-Font]\-s\f[] \f\*[I-Font]name\f[] -Set the issuer name to -\f\*[I-Font]name\f[]. -This is used for the issuer field in certificates -and in the file name for identity files. -.TP 7 -.NOP \f\*[B-Font]\-T\f[] +.NOP \f\*[B-Font]\-T\f[] \f\*[B-Font]\-\-trusted-cert\f[] Generate a trusted certificate. By default, the program generates a non-trusted certificate. .TP 7 -.NOP \f\*[B-Font]\-V\f[] \f\*[I-Font]nkeys\f[] -Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme. +.NOP \f\*[B-Font]\-V\f[] \f\*[B-Font]\-\-mv-params\f[] \f\*[I-Font]nkeys\f[] +Generate +\f\*[I-Font]nkeys\f[] +encrypted server keys and parameters for the Mu-Varadharajan (MV) +identity scheme. +This option is mutually exclusive with the +\f\*[B-Font]\-I\f[] +and +\f\*[B-Font]\-G\f[] +options. +Note: support for this option should be considered a work in progress. .PP .SS Random Seed File All cryptographically sound key generation schemes must have means @@ -852,7 +934,7 @@ The entropy seed used by the OpenSSL library is contained in a file, usually called -\f\*[B-Font].rnd\f[], +\fI.rnd\f[], which must be available when starting the NTP daemon or the \f\*[B-Font]ntp-keygen\fP @@ -875,48 +957,131 @@ RANDFILE environment variable is not present, the library will look for the -\f\*[B-Font].rnd\f[] +\fI.rnd\f[] file in the user home directory. +Since both the +\f\*[B-Font]ntp-keygen\fP +program and +\fCntpd\f[]\fR(@NTPD_MS@)\f[] +daemon must run as root, the logical place to put this file is in +\fI/.rnd\f[] +or +\fI/root/.rnd\f[]. If the file is not available or cannot be written, the daemon exits with a message to the system log and the program exits with a suitable error message. .SS Cryptographic Data Files -All other file formats begin with two lines. -The first contains the file name, including the generated host name -and filestamp. -The second contains the datestamp in conventional Unix date format. -Lines beginning with # are considered comments and ignored by the +All file formats begin with two nonencrypted lines. +The first line contains the file name, including the generated host name +and filestamp, in the format +\fIntpkey_\f[]\f\*[I-Font]key\f[] \f\*[I-Font]_\f[] \f\*[I-Font]name\f[]. \f\*[I-Font]filestamp\f[], +where +\f\*[I-Font]key\f[] +is the key or parameter type, +\f\*[I-Font]name\f[] +is the host or group name and +\f\*[I-Font]filestamp\f[] +is the filestamp (NTP seconds) when the file was created. +By convention, +\f\*[I-Font]key\f[] +names in generated file names include both upper and lower case +characters, while +\f\*[I-Font]key\f[] +names in generated link names include only lower case characters. +The filestamp is not used in generated link names. +The second line contains the datestamp in conventional Unix +\fIdate\f[] +format. +Lines beginning with +\[oq]#\[cq] +are considered comments and ignored by the \f\*[B-Font]ntp-keygen\fP program and \fCntpd\f[]\fR(@NTPD_MS@)\f[] daemon. -Cryptographic values are encoded first using ASN.1 rules, -then encrypted if necessary, and finally written PEM-encoded -printable ASCII format preceded and followed by MIME content identifier lines. .sp \n(Ppu .ne 2 -The format of the symmetric keys file is somewhat different -than the other files in the interest of backward compatibility. -Since DES-CBC is deprecated in NTPv4, the only key format of interest -is MD5 alphanumeric strings. -Following hte heard the keys are -entered one per line in the format +The remainder of the file contains cryptographic data, encoded first using ASN.1 +rules, then encrypted if necessary, and finally written in PEM-encoded +printable ASCII text, preceded and followed by MIME content identifier lines. +.sp \n(Ppu +.ne 2 + +The format of the symmetric keys file, ordinarily named +\fIntp.keys\f[], +is somewhat different than the other files in the interest of backward compatibility. +Ordinarily, the file is generated by this program, but it can be constructed +and edited using an ordinary text editor. +.br .in +4 +.nf +# ntpkey_MD5key_bk.ntp.org.3595864945 +# Thu Dec 12 19:22:25 2013 +1 MD5 L";Nw<\`.Il0%XXK9O'51VwV. .SH BUGS -It can take quite a while to generate some cryptographic values, -from one to several minutes with modern architectures -such as UltraSPARC and up to tens of minutes to an hour -with older architectures such as SPARC IPC. +It can take quite a while to generate some cryptographic values. .sp \n(Ppu .ne 2 --- contrib/ntp/util/ntp-keygen.mdoc.in.orig +++ contrib/ntp/util/ntp-keygen.mdoc.in @@ -1,9 +1,9 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTP_KEYGEN @NTP_KEYGEN_MS@ User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc) .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:59 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:16:00 PM by AutoGen 5.18.5 .\" From the definitions ntp-keygen-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -21,26 +21,29 @@ .Sh DESCRIPTION This program generates cryptographic data files used by the NTPv4 authentication and identification schemes. -It generates MD5 key files used in symmetric key cryptography. -In addition, if the OpenSSL software library has been installed, -it generates keys, certificate and identity files used in public key -cryptography. +It can generate message digest keys used in symmetric key cryptography and, +if the OpenSSL software library has been installed, it can generate host keys, +signing keys, certificates, and identity keys and parameters used in Autokey +public key cryptography. These files are used for cookie encryption, -digital signature and challenge/response identification algorithms +digital signature, and challenge/response identification algorithms compatible with the Internet standard security infrastructure. .Pp -All files are in PEM\-encoded printable ASCII format, -so they can be embedded as MIME attachments in mail to other sites +The message digest symmetric keys file is generated in a format +compatible with NTPv3. +All other files are in PEM\-encoded printable ASCII format, +so they can be embedded as MIME attachments in email to other sites and certificate authorities. By default, files are not encrypted. .Pp -When used to generate message digest keys, the program produces a file -containing ten pseudo\-random printable ASCII strings suitable for the -MD5 message digest algorithm included in the distribution. +When used to generate message digest symmetric keys, the program +produces a file containing ten pseudo\-random printable ASCII strings +suitable for the MD5 message digest algorithm included in the +distribution. If the OpenSSL library is installed, it produces an additional ten -hex\-encoded random bit strings suitable for the SHA1 and other message -digest algorithms. -The message digest keys file must be distributed and stored +hex\-encoded random bit strings suitable for SHA1, AES\-128\-CMAC, and +other message digest algorithms. +The message digest symmetric keys file must be distributed and stored using secure means beyond the scope of NTP itself. Besides the keys used for ordinary NTP associations, additional keys can be defined as passwords for the @@ -60,31 +63,42 @@ Some files used by this program are encrypted using a private password. The .Fl p -option specifies the password for local encrypted files and the +option specifies the read password for local encrypted files and the .Fl q -option the password for encrypted files sent to remote sites. +option the write password for encrypted files sent to remote sites. If no password is specified, the host name returned by the Unix -.Fn gethostname -function, normally the DNS name of the host is used. +.Xr hostname 1 +command, normally the DNS name of the host, is used as the the default read +password, for convenience. +The +.Nm +program prompts for the password if it reads an encrypted file +and the password is missing or incorrect. +If an encrypted file is read successfully and +no write password is specified, the read password is used +as the write password by default. .Pp The -.Ar pw +.Cm pw option of the -.Ar crypto +.Ic crypto +.Xr ntpd @NTPD_MS@ configuration command specifies the read password for previously encrypted local files. -This must match the local password used by this program. +This must match the local read password used by this program. If not specified, the host name is used. -Thus, if files are generated by this program without password, +Thus, if files are generated by this program without an explicit password, they can be read back by -.Ar ntpd -without password but only on the same host. +.Xr ntpd @NTPD_MS@ +without specifying an explicit password but only on the same host. +If the write password used for encryption is specified as the host name, +these files can be read by that host with no explicit password. .Pp Normally, encrypted files for each host are generated by that host and used only by that host, although exceptions exist as noted later on this page. The symmetric keys file, normally called -.Ar ntp.keys , +.Pa ntp.keys , is usually installed in .Pa /etc . Other files and links are usually installed in @@ -91,188 +105,89 @@ .Pa /usr/local/etc , which is normally in a shared filesystem in NFS\-mounted networks and cannot be changed by shared clients. -The location of the keys directory can be changed by the -.Ar keysdir -configuration command in such cases. -Normally, this is in -.Pa /etc . +In these cases, NFS clients can specify the files in another +directory such as +.Pa /etc +using the +.Ic keysdir +.Xr ntpd @NTPD_MS@ +configuration file command. .Pp This program directs commentary and error messages to the standard error stream -.Ar stderr +.Pa stderr and remote files to the standard output stream -.Ar stdout +.Pa stdout where they can be piped to other applications or redirected to files. The names used for generated files and links all begin with the string -.Ar ntpkey +.Pa ntpkey\&* and include the file type, generating host and filestamp, as described in the -.Dq Cryptographic Data Files +.Sx "Cryptographic Data Files" section below. .Ss Running the Program -To test and gain experience with Autokey concepts, log in as root and -change to the keys directory, usually -.Pa /usr/local/etc -When run for the first time, or if all files with names beginning with -.Ar ntpkey -have been removed, use the -.Nm -command without arguments to generate a -default RSA host key and matching RSA\-MD5 certificate with expiration -date one year hence. -If run again without options, the program uses the -existing keys and parameters and generates only a new certificate with -new expiration date one year hence. -.Pp -Run the command on as many hosts as necessary. -Designate one of them as the trusted host (TH) using -.Nm -with the -.Fl T -option and configure it to synchronize from reliable Internet servers. -Then configure the other hosts to synchronize to the TH directly or -indirectly. -A certificate trail is created when Autokey asks the immediately -ascendant host towards the TH to sign its certificate, which is then -provided to the immediately descendant host on request. -All group hosts should have acyclic certificate trails ending on the TH. -.Pp -The host key is used to encrypt the cookie when required and so must be -RSA type. -By default, the host key is also the sign key used to encrypt -signatures. -A different sign key can be assigned using the -.Fl S -option and this can be either RSA or DSA type. -By default, the signature -message digest type is MD5, but any combination of sign key type and -message digest type supported by the OpenSSL library can be specified -using the -.Fl c -option. -The rules say cryptographic media should be generated with proventic -filestamps, which means the host should already be synchronized before -this program is run. -This of course creates a chicken\-and\-egg problem -when the host is started for the first time. -Accordingly, the host time -should be set by some other means, such as eyeball\-and\-wristwatch, at -least so that the certificate lifetime is within the current year. -After that and when the host is synchronized to a proventic source, the -certificate should be re\-generated. -.Pp -Additional information on trusted groups and identity schemes is on the -.Dq Autokey Public\-Key Authentication -page. -.Pp -The -.Xr ntpd @NTPD_MS@ -configuration command -.Ic crypto pw Ar password -specifies the read password for previously encrypted files. -The daemon expires on the spot if the password is missing -or incorrect. -For convenience, if a file has been previously encrypted, -the default read password is the name of the host running -the program. -If the previous write password is specified as the host name, -these files can be read by that host with no explicit password. -.Pp -File names begin with the prefix -.Cm ntpkey_ -and end with the postfix -.Ar _hostname.filestamp , -where -.Ar hostname -is the owner name, usually the string returned -by the Unix gethostname() routine, and -.Ar filestamp -is the NTP seconds when the file was generated, in decimal digits. -This both guarantees uniqueness and simplifies maintenance -procedures, since all files can be quickly removed -by a -.Ic rm ntpkey\&* -command or all files generated -at a specific time can be removed by a -.Ic rm -.Ar \&*filestamp -command. -To further reduce the risk of misconfiguration, -the first two lines of a file contain the file name -and generation date and time as comments. -.Pp -All files are installed by default in the keys directory -.Pa /usr/local/etc , -which is normally in a shared filesystem -in NFS\-mounted networks. -The actual location of the keys directory -and each file can be overridden by configuration commands, -but this is not recommended. -Normally, the files for each host are generated by that host -and used only by that host, although exceptions exist -as noted later on this page. -.Pp -Normally, files containing private values, -including the host key, sign key and identification parameters, -are permitted root read/write\-only; -while others containing public values are permitted world readable. -Alternatively, files containing private values can be encrypted -and these files permitted world readable, -which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and -dependent clients can all be installed in the same shared directory. -.Pp -The recommended practice is to keep the file name extensions -when installing a file and to install a soft link -from the generic names specified elsewhere on this page -to the generated files. -This allows new file generations to be activated simply -by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. -If a link is not present, -.Xr ntpd @NTPD_MS@ -extracts the filestamp from the file itself. -This allows clients to verify that the file and generation times -are always current. -The -.Nm -program uses the same timestamp extension for all files generated -at one time, so each generation is distinct and can be readily -recognized in monitoring data. -.Ss Running the program The safest way to run the .Nm program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually +The recommended procedure is change to the +.Ar keys +directory, usually .Pa /usr/local/etc , then run the program. -When run for the first time, -or if all -.Cm ntpkey -files have been removed, -the program generates a RSA host key file and matching RSA\-MD5 certificate file, +.Pp +To test and gain experience with Autokey concepts, log in as root and +change to the +.Ar keys +directory, usually +.Pa /usr/local/etc . +When run for the first time, or if all files with names beginning with +.Pa ntpkey\&* +have been removed, use the +.Nm +command without arguments to generate a default +.Cm RSA +host key and matching +.Cm RSA\-MD5 +certificate file with expiration date one year hence, which is all that is necessary in many cases. The program also generates soft links from the generic names to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. +If run again without options, the program uses the +existing keys and parameters and generates a new certificate file with +new expiration date one year hence, and soft link. .Pp -The host key is used to encrypt the cookie when required and so must be RSA type. +The host key is used to encrypt the cookie when required and so must be +.Cm RSA +type. By default, the host key is also the sign key used to encrypt signatures. When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination +either +.Cm RSA +or +.Cm DSA +type. +By default, the message digest type is +.Cm MD5 , +but any combination of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. +can be specified, including those using the +.Cm AES128CMAC , MD2 , MD5 , MDC2 , SHA , SHA1 +and +.Cm RIPE160 +message digest algorithms. However, the scheme specified in the certificate must be compatible with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +Certificates using any digest algorithm are compatible with +.Cm RSA +sign keys; +however, only +.Cm SHA +and +.Cm SHA1 +certificates are compatible with +.Cm DSA +sign keys. .Pp Private/public key files and certificates are compatible with other OpenSSL applications and very likely other libraries as well. @@ -283,19 +198,19 @@ as the other files, are probably not compatible with anything other than Autokey. .Pp Running the program as other than root and using the Unix -.Ic su +.Xr su 1 command to assume root may not work properly, since by default the OpenSSL library looks for the random seed file -.Cm .rnd +.Pa .rnd in the user home directory. However, there should be only one -.Cm .rnd , +.Pa .rnd , most conveniently in the root directory, so it is convenient to define the -.Cm $RANDFILE +.Ev RANDFILE environment variable used by the OpenSSL library as the path to -.Cm /.rnd . +.Pa .rnd . .Pp Installing the keys as root might not work in NFS\-mounted shared file systems, as NFS clients may not be able to write @@ -305,7 +220,8 @@ .Pa /etc using the .Ic keysdir -command. +.Xr ntpd @NTPD_MS@ +configuration file command. There is no need for one client to read the keys and certificates of other clients or servers, as these data are obtained automatically by the Autokey protocol. @@ -338,8 +254,11 @@ Alternatively, files containing private values can be encrypted and these files permitted world readable, which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and +Since uniqueness is insured by the +.Ar hostname +and +.Ar filestamp +file name extensions, the files for an NTP server and dependent clients can all be installed in the same shared directory. .Pp The recommended practice is to keep the file name extensions @@ -348,98 +267,97 @@ to the generated files. This allows new file generations to be activated simply by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. +If a link is present, +.Xr ntpd @NTPD_MS@ +follows it to the file name to extract the +.Ar filestamp . If a link is not present, .Xr ntpd @NTPD_MS@ -extracts the filestamp from the file itself. +extracts the +.Ar filestamp +from the file itself. This allows clients to verify that the file and generation times are always current. The .Nm -program uses the same timestamp extension for all files generated +program uses the same +.Ar filestamp +extension for all files generated at one time, so each generation is distinct and can be readily recognized in monitoring data. -.Ss Running the program -The safest way to run the +.Pp +Run the command on as many hosts as necessary. +Designate one of them as the trusted host (TH) using .Nm -program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually -.Pa /usr/local/etc , -then run the program. -When run for the first time, -or if all -.Cm ntpkey -files have been removed, -the program generates a RSA host key file and matching RSA\-MD5 certificate file, -which is all that is necessary in many cases. -The program also generates soft links from the generic names -to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. +with the +.Fl T +option and configure it to synchronize from reliable Internet servers. +Then configure the other hosts to synchronize to the TH directly or +indirectly. +A certificate trail is created when Autokey asks the immediately +ascendant host towards the TH to sign its certificate, which is then +provided to the immediately descendant host on request. +All group hosts should have acyclic certificate trails ending on the TH. .Pp -The host key is used to encrypt the cookie when required and so must be RSA type. -By default, the host key is also the sign key used to encrypt signatures. -When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination -of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. -However, the scheme specified in the certificate must be compatible -with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +The host key is used to encrypt the cookie when required and so must be +RSA type. +By default, the host key is also the sign key used to encrypt +signatures. +A different sign key can be assigned using the +.Fl S +option and this can be either +.Cm RSA +or +.Cm DSA +type. +By default, the signature +message digest type is +.Cm MD5 , +but any combination of sign key type and +message digest type supported by the OpenSSL library can be specified +using the +.Fl c +option. .Pp -Private/public key files and certificates are compatible with -other OpenSSL applications and very likely other libraries as well. -Certificates or certificate requests derived from them should be compatible -with extant industry practice, although some users might find -the interpretation of X509v3 extension fields somewhat liberal. -However, the identification parameter files, although encoded -as the other files, are probably not compatible with anything other than Autokey. +The rules say cryptographic media should be generated with proventic +filestamps, which means the host should already be synchronized before +this program is run. +This of course creates a chicken\-and\-egg problem +when the host is started for the first time. +Accordingly, the host time +should be set by some other means, such as eyeball\-and\-wristwatch, at +least so that the certificate lifetime is within the current year. +After that and when the host is synchronized to a proventic source, the +certificate should be re\-generated. .Pp -Running the program as other than root and using the Unix -.Ic su -command -to assume root may not work properly, since by default the OpenSSL library -looks for the random seed file -.Cm .rnd -in the user home directory. -However, there should be only one -.Cm .rnd , -most conveniently -in the root directory, so it is convenient to define the -.Cm $RANDFILE -environment variable used by the OpenSSL library as the path to -.Cm /.rnd . +Additional information on trusted groups and identity schemes is on the +.Dq Autokey Public\-Key Authentication +page. .Pp -Installing the keys as root might not work in NFS\-mounted -shared file systems, as NFS clients may not be able to write -to the shared keys directory, even as root. -In this case, NFS clients can specify the files in another -directory such as -.Pa /etc -using the -.Ic keysdir +File names begin with the prefix +.Pa ntpkey Ns _ +and end with the suffix +.Pa _ Ns Ar hostname . Ar filestamp , +where +.Ar hostname +is the owner name, usually the string returned +by the Unix +.Xr hostname 1 +command, and +.Ar filestamp +is the NTP seconds when the file was generated, in decimal digits. +This both guarantees uniqueness and simplifies maintenance +procedures, since all files can be quickly removed +by a +.Ic rm Pa ntpkey\&* +command or all files generated +at a specific time can be removed by a +.Ic rm Pa \&* Ns Ar filestamp command. -There is no need for one client to read the keys and certificates -of other clients or servers, as these data are obtained automatically -by the Autokey protocol. -.Pp -Ordinarily, cryptographic files are generated by the host that uses them, -but it is possible for a trusted agent (TA) to generate these files -for other hosts; however, in such cases files should always be encrypted. -The subject name and trusted name default to the hostname -of the host generating the files, but can be changed by command line options. -It is convenient to designate the owner name and trusted name -as the subject and issuer fields, respectively, of the certificate. -The owner name is also used for the host and sign key files, -while the trusted name is used for the identity files. -seconds. -seconds. -s Trusted Hosts and Groups +To further reduce the risk of misconfiguration, +the first two lines of a file contain the file name +and generation date and time as comments. +.Ss Trusted Hosts and Groups Each cryptographic configuration involves selection of a signature scheme and identification scheme, called a cryptotype, as explained in the @@ -446,8 +364,14 @@ .Sx Authentication Options section of .Xr ntp.conf 5 . -The default cryptotype uses RSA encryption, MD5 message digest -and TC identification. +The default cryptotype uses +.Cm RSA +encryption, +.Cm MD5 +message digest +and +.Cm TC +identification. First, configure a NTP subnet including one or more low\-stratum trusted hosts from which all other hosts derive synchronization directly or indirectly. @@ -465,7 +389,7 @@ .Pp On each trusted host as root, change to the keys directory. To insure a fresh fileset, remove all -.Cm ntpkey +.Pa ntpkey files. Then run .Nm @@ -490,7 +414,9 @@ .Cm RSA or .Cm DSA . -The most often need to do this is when a DSA\-signed certificate is used. +The most frequent need to do this is when a +.Cm DSA Ns \-signed +certificate is used. If it is necessary to use a different certificate scheme than the default, run .Nm @@ -499,10 +425,10 @@ option and selected .Ar scheme as needed. -f +If .Nm is run again without these options, it generates a new certificate -using the same scheme and sign key. +using the same scheme and sign key, and soft link. .Pp After setting up the environment it is advisable to update certificates from time to time, if only to extend the validity interval. @@ -509,7 +435,7 @@ Simply run .Nm with the same flags as before to generate new certificates -using existing keys. +using existing keys, and soft links. However, if the host or sign key is changed, .Xr ntpd @NTPD_MS@ should be restarted. @@ -520,13 +446,15 @@ at which time the protocol is restarted. .Ss Identity Schemes As mentioned on the Autonomous Authentication page, -the default TC identity scheme is vulnerable to a middleman attack. +the default +.Cm TC +identity scheme is vulnerable to a middleman attack. However, there are more secure identity schemes available, -including PC, IFF, GQ and MV described on the -.Qq Identification Schemes -page -(maybe available at -.Li http://www.eecis.udel.edu/%7emills/keygen.html ) . +including +.Cm PC , IFF , GQ +and +.Cm MV +schemes described below. These schemes are based on a TA, one or more trusted hosts and some number of nontrusted hosts. Trusted hosts prove identity using values provided by the TA, @@ -551,12 +479,15 @@ .Fl P .Fl p Ar password to generate the host key file -.Pa ntpkey_RSAkey_ Ns Ar alice.filestamp +.Pa ntpkey Ns _ Cm RSA Pa key_alice. Ar filestamp and trusted private certificate file -.Pa ntpkey_RSA\-MD5_cert_ Ns Ar alice.filestamp . +.Pa ntpkey Ns _ Cm RSA\-MD5 _ Pa cert_alice. Ar filestamp , +and soft links. Copy both files to all group hosts; they replace the files which would be generated in other schemes. -On each host bob install a soft link from the generic name +On each host +.Ar bob +install a soft link from the generic name .Pa ntpkey_host_ Ns Ar bob to the host key file and soft link .Pa ntpkey_cert_ Ns Ar bob @@ -565,11 +496,17 @@ by trusted host alice. In this scheme it is not possible to refresh either the keys or certificates without copying them -to all other hosts in the group. +to all other hosts in the group, and recreating the soft links. .Pp -For the IFF scheme proceed as in the TC scheme to generate keys +For the +.Cm IFF +scheme proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts, then for every trusted host in the group, -generate the IFF parameter file. +generate the +.Cm IFF +parameter file. On trusted host alice run .Nm .Fl T @@ -576,15 +513,17 @@ .Fl I .Fl p Ar password to produce her parameter file -.Pa ntpkey_IFFpar_ Ns Ar alice.filestamp , +.Pa ntpkey_IFFpar_alice. Ns Ar filestamp , which includes both server and client keys. Copy this file to all group hosts that operate as both servers and clients and install a soft link from the generic -.Pa ntpkey_iff_ Ns Ar alice +.Pa ntpkey_iff_alice to this file. If there are no hosts restricted to operate only as clients, there is nothing further to do. -As the IFF scheme is independent +As the +.Cm IFF +scheme is independent of keys and certificates, these files can be refreshed as needed. .Pp If a rogue client has the parameter file, it could masquerade @@ -594,17 +533,23 @@ After generating the parameter file, on alice run .Nm .Fl e -and pipe the output to a file or mail program. -Copy or mail this file to all restricted clients. +and pipe the output to a file or email program. +Copy or email this file to all restricted clients. On these clients install a soft link from the generic -.Pa ntpkey_iff_ Ns Ar alice +.Pa ntpkey_iff_alice to this file. To further protect the integrity of the keys, each file can be encrypted with a secret password. .Pp -For the GQ scheme proceed as in the TC scheme to generate keys +For the +.Cm GQ +scheme proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts, then for every trusted host -in the group, generate the IFF parameter file. +in the group, generate the +.Cm IFF +parameter file. On trusted host alice run .Nm .Fl T @@ -611,20 +556,30 @@ .Fl G .Fl p Ar password to produce her parameter file -.Pa ntpkey_GQpar_ Ns Ar alice.filestamp , +.Pa ntpkey_GQpar_alice. Ns Ar filestamp , which includes both server and client keys. Copy this file to all group hosts and install a soft link from the generic -.Pa ntpkey_gq_ Ns Ar alice +.Pa ntpkey_gq_alice to this file. -In addition, on each host bob install a soft link +In addition, on each host +.Ar bob +install a soft link from generic .Pa ntpkey_gq_ Ns Ar bob to this file. -As the GQ scheme updates the GQ parameters file and certificate +As the +.Cm GQ +scheme updates the +.Cm GQ +parameters file and certificate at the same time, keys and certificates can be regenerated as needed. .Pp -For the MV scheme, proceed as in the TC scheme to generate keys +For the +.Cm MV +scheme, proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts. For illustration assume trish is the TA, alice one of several trusted hosts and bob one of her clients. @@ -636,9 +591,9 @@ .Ar n is the number of revokable keys (typically 5) to produce the parameter file -.Pa ntpkeys_MVpar_ Ns Ar trish.filestamp +.Pa ntpkeys_MVpar_trish. Ns Ar filestamp and client key files -.Pa ntpkeys_MVkeyd_ Ns Ar trish.filestamp +.Pa ntpkeys_MVkey Ns Ar d _ Pa trish. Ar filestamp where .Ar d is the key number (0 \&< @@ -647,80 +602,217 @@ .Ar n ) . Copy the parameter file to alice and install a soft link from the generic -.Pa ntpkey_mv_ Ns Ar alice +.Pa ntpkey_mv_alice to this file. Copy one of the client key files to alice for later distribution to her clients. -It doesn't matter which client key file goes to alice, +It does not matter which client key file goes to alice, since they all work the same way. -Alice copies the client key file to all of her cliens. +Alice copies the client key file to all of her clients. On client bob install a soft link from generic -.Pa ntpkey_mvkey_ Ns Ar bob +.Pa ntpkey_mvkey_bob to the client key file. -As the MV scheme is independent of keys and certificates, +As the +.Cm MV +scheme is independent of keys and certificates, these files can be refreshed as needed. .Ss Command Line Options .Bl -tag -width indent -.It Fl c Ar scheme -Select certificate message digest/signature encryption scheme. +.It Fl b Fl \-imbits Ns = Ar modulus +Set the number of bits in the identity modulus for generating identity keys to +.Ar modulus +bits. +The number of bits in the identity modulus defaults to 256, but can be set to +values from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.It Fl c Fl \-certificate Ns = Ar scheme +Select certificate signature encryption/message digest scheme. The .Ar scheme can be one of the following: -. Cm RSA\-MD2 , RSA\-MD5 , RSA\-SHA , RSA\-SHA1 , RSA\-MDC2 , RSA\-RIPEMD160 , DSA\-SHA , +.Cm RSA\-MD2 , RSA\-MD5 , RSA\-MDC2 , RSA\-SHA , RSA\-SHA1 , RSA\-RIPEMD160 , DSA\-SHA , or .Cm DSA\-SHA1 . -Note that RSA schemes must be used with a RSA sign key and DSA -schemes must be used with a DSA sign key. +Note that +.Cm RSA +schemes must be used with an +.Cm RSA +sign key and +.Cm DSA +schemes must be used with a +.Cm DSA +sign key. The default without this option is .Cm RSA\-MD5 . -.It Fl d -Enable debugging. +If compatibility with FIPS 140\-2 is required, either the +.Cm DSA\-SHA +or +.Cm DSA\-SHA1 +scheme must be used. +.It Fl C Fl \-cipher Ns = Ar cipher +Select the OpenSSL cipher to encrypt the files containing private keys. +The default without this option is three\-key triple DES in CBC mode, +.Cm des\-ede3\-cbc . +The +.Ic openssl Fl h +command provided with OpenSSL displays available ciphers. +.It Fl d Fl \-debug\-level +Increase debugging verbosity level. This option displays the cryptographic data produced in eye\-friendly billboards. -.It Fl e -Write the IFF client keys to the standard output. -This is intended for automatic key distribution by mail. -.It Fl G -Generate parameters and keys for the GQ identification scheme, -obsoleting any that may exist. -.It Fl g -Generate keys for the GQ identification scheme -using the existing GQ parameters. -If the GQ parameters do not yet exist, create them first. -.It Fl H -Generate new host keys, obsoleting any that may exist. -.It Fl I -Generate parameters for the IFF identification scheme, -obsoleting any that may exist. -.It Fl i Ar name -Set the suject name to -.Ar name . -This is used as the subject field in certificates -and in the file name for host and sign keys. -.It Fl M -Generate MD5 keys, obsoleting any that may exist. -.It Fl P -Generate a private certificate. +.It Fl D Fl \-set\-debug\-level Ns = Ar level +Set the debugging verbosity to +.Ar level . +This option displays the cryptographic data produced in eye\-friendly billboards. +.It Fl e Fl \-id\-key +Write the +.Cm IFF +or +.Cm GQ +public parameters from the +.Ar IFFkey or GQkey +client keys file previously specified +as unencrypted data to the standard output stream +.Pa stdout . +This is intended for automatic key distribution by email. +.It Fl G Fl \-gq\-params +Generate a new encrypted +.Cm GQ +parameters and key file for the Guillou\-Quisquater (GQ) identity scheme. +This option is mutually exclusive with the +.Fl I +and +.Fl V +options. +.It Fl H Fl \-host\-key +Generate a new encrypted +.Cm RSA +public/private host key file. +.It Fl I Fl \-iffkey +Generate a new encrypted +.Cm IFF +key file for the Schnorr (IFF) identity scheme. +This option is mutually exclusive with the +.Fl G +and +Fl V +options. +.It Fl i Fl \-ident Ns = Ar group +Set the optional Autokey group name to +.Ar group . +This is used in the identity scheme parameter file names of +.Cm IFF , GQ , +and +.Cm MV +client parameters files. +In that role, the default is the host name if no group is provided. +The group name, if specified using +.Fl i +or +.Fl s +following an +.Ql @ +character, is also used in certificate subject and issuer names in the form +.Ar host @ group +and should match the group specified via +.Ic crypto Cm ident +or +.Ic server Cm ident +in the ntpd configuration file. +.It Fl l Fl \-lifetime Ns = Ar days +Set the lifetime for certificate expiration to +.Ar days . +The default lifetime is one year (365 days). +.It Fl m Fl \-modulus Ns = Ar bits +Set the number of bits in the prime modulus for generating files to +.Ar bits . +The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.It Fl M Fl \-md5key +Generate a new symmetric keys file containing 10 +.Cm MD5 +keys, and if OpenSSL is available, 10 +.Cm SHA +keys. +An +.Cm MD5 +key is a string of 20 random printable ASCII characters, while a +.Cm SHA +key is a string of 40 random hex digits. +The file can be edited using a text editor to change the key type or key content. +This option is mutually exclusive with all other options. +.It Fl p Fl \-password Ns = Ar passwd +Set the password for reading and writing encrypted files to +.Ar passwd . +These include the host, sign and identify key files. +By default, the password is the string returned by the Unix +.Ic hostname +command. +.It Fl P Fl \-pvt\-cert +Generate a new private certificate used by the +.Cm PC +identity scheme. By default, the program generates public certificates. -.It Fl p Ar password -Encrypt generated files containing private data with -.Ar password -and the DES\-CBC algorithm. -.It Fl q -Set the password for reading files to password. -.It Fl S Oo Cm RSA | DSA Oc -Generate a new sign key of the designated type, -obsoleting any that may exist. -By default, the program uses the host key as the sign key. -.It Fl s Ar name -Set the issuer name to -.Ar name . -This is used for the issuer field in certificates -and in the file name for identity files. -.It Fl T +Note: the PC identity scheme is not recommended for new installations. +.It Fl q Fl \-export\-passwd Ns = Ar passwd +Set the password for writing encrypted +.Cm IFF , GQ and MV +identity files redirected to +.Pa stdout +to +.Ar passwd . +In effect, these files are decrypted with the +.Fl p +password, then encrypted with the +.Fl q +password. +By default, the password is the string returned by the Unix +.Ic hostname +command. +.It Fl s Fl \-subject\-key Ns = Ar Oo host Oc Op @ Ar group +Specify the Autokey host name, where +.Ar host +is the optional host name and +.Ar group +is the optional group name. +The host name, and if provided, group name are used in +.Ar host @ group +form as certificate subject and issuer. +Specifying +.Fl s @ Ar group +is allowed, and results in leaving the host name unchanged, as with +.Fl i Ar group . +The group name, or if no group is provided, the host name are also used in the +file names of +.Cm IFF , GQ , +and +.Cm MV +identity scheme client parameter files. +If +.Ar host +is not specified, the default host name is the string returned by the Unix +.Ic hostname +command. +.It Fl S Fl \-sign\-key Ns = Op Cm RSA | DSA +Generate a new encrypted public/private sign key file of the specified type. +By default, the sign key is the host key and has the same type. +If compatibility with FIPS 140\-2 is required, the sign key type must be +.Cm DSA . +.It Fl T Fl \-trusted\-cert Generate a trusted certificate. By default, the program generates a non\-trusted certificate. -.It Fl V Ar nkeys -Generate parameters and keys for the Mu\-Varadharajan (MV) identification scheme. +.It Fl V Fl \-mv\-params Ar nkeys +Generate +.Ar nkeys +encrypted server keys and parameters for the Mu\-Varadharajan (MV) +identity scheme. +This option is mutually exclusive with the +.Fl I +and +.Fl G +options. +Note: support for this option should be considered a work in progress. .El .Ss Random Seed File All cryptographically sound key generation schemes must have means @@ -744,7 +836,7 @@ .Pp The entropy seed used by the OpenSSL library is contained in a file, usually called -.Cm .rnd , +.Pa .rnd , which must be available when starting the NTP daemon or the .Nm @@ -751,7 +843,7 @@ program. The NTP daemon will first look for the file using the path specified by the -.Ic randfile +.Cm randfile subcommand of the .Ic crypto configuration command. @@ -767,44 +859,118 @@ .Ev RANDFILE environment variable is not present, the library will look for the -.Cm .rnd +.Pa .rnd file in the user home directory. +Since both the +.Nm +program and +.Xr ntpd @NTPD_MS@ +daemon must run as root, the logical place to put this file is in +.Pa /.rnd +or +.Pa /root/.rnd . If the file is not available or cannot be written, the daemon exits with a message to the system log and the program exits with a suitable error message. .Ss Cryptographic Data Files -All other file formats begin with two lines. -The first contains the file name, including the generated host name -and filestamp. -The second contains the datestamp in conventional Unix date format. -Lines beginning with # are considered comments and ignored by the +All file formats begin with two nonencrypted lines. +The first line contains the file name, including the generated host name +and filestamp, in the format +.Pa ntpkey_ Ns Ar key _ Ar name . Ar filestamp , +where +.Ar key +is the key or parameter type, +.Ar name +is the host or group name and +.Ar filestamp +is the filestamp (NTP seconds) when the file was created. +By convention, +.Ar key +names in generated file names include both upper and lower case +characters, while +.Ar key +names in generated link names include only lower case characters. +The filestamp is not used in generated link names. +The second line contains the datestamp in conventional Unix +.Pa date +format. +Lines beginning with +.Ql # +are considered comments and ignored by the .Nm program and .Xr ntpd @NTPD_MS@ daemon. -Cryptographic values are encoded first using ASN.1 rules, -then encrypted if necessary, and finally written PEM\-encoded -printable ASCII format preceded and followed by MIME content identifier lines. .Pp -The format of the symmetric keys file is somewhat different -than the other files in the interest of backward compatibility. -Since DES\-CBC is deprecated in NTPv4, the only key format of interest -is MD5 alphanumeric strings. -Following hte heard the keys are -entered one per line in the format -.D1 Ar keyno type key +The remainder of the file contains cryptographic data, encoded first using ASN.1 +rules, then encrypted if necessary, and finally written in PEM\-encoded +printable ASCII text, preceded and followed by MIME content identifier lines. +.Pp +The format of the symmetric keys file, ordinarily named +.Pa ntp.keys , +is somewhat different than the other files in the interest of backward compatibility. +Ordinarily, the file is generated by this program, but it can be constructed +and edited using an ordinary text editor. +.Bd -literal -unfilled -offset center +# ntpkey_MD5key_bk.ntp.org.3595864945 +# Thu Dec 12 19:22:25 2013 +1 MD5 L";Nw<\`.Il0%XXK9O'51VwV. .Sh BUGS -It can take quite a while to generate some cryptographic values, -from one to several minutes with modern architectures -such as UltraSPARC and up to tens of minutes to an hour -with older architectures such as SPARC IPC. +It can take quite a while to generate some cryptographic values. .Pp Please report bugs to http://bugs.ntp.org . .Pp --- usr.sbin/ntp/config.h.orig +++ usr.sbin/ntp/config.h @@ -1396,9 +1396,6 @@ /* Should we NOT read /dev/kmem? */ #define NOKMEM 1 -/* Define to 1 if your C compiler doesn't accept -c and -o together. */ -/* #undef NO_MINUS_C_MINUS_O */ - /* Should we avoid #warning on option name collisions? */ /* #undef NO_OPTION_NAME_WARNINGS */ @@ -1448,7 +1445,7 @@ #define PACKAGE_NAME "ntp" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "ntp 4.2.8p10" +#define PACKAGE_STRING "ntp 4.2.8p11" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "ntp" @@ -1457,10 +1454,10 @@ #define PACKAGE_URL "http://www.ntp.org./" /* Define to the version of this package. */ -#define PACKAGE_VERSION "4.2.8p10" +#define PACKAGE_VERSION "4.2.8p11" /* data dir */ -#define PERLLIBDIR "/usr/local/share/ntp/lib" +#define PERLLIBDIR "/usr/share/ntp/lib" /* define to a working POSIX compliant shell */ #define POSIX_SHELL "/bin/sh" @@ -1638,7 +1635,7 @@ /* #undef USE_UDP_SIGPOLL */ /* Version number of package */ -#define VERSION "4.2.8p10" +#define VERSION "4.2.8p11" /* vsnprintf expands "%m" to strerror(errno) */ /* #undef VSNPRINTF_PERCENT_M */ @@ -1815,5 +1812,5 @@ /* * FreeBSD specific: Explicitly specify date/time for reproducible build. */ -#define MKREPRO_DATE "Mar 22 2017" -#define MKREPRO_TIME "05:40:15" +#define MKREPRO_DATE "Feb 28 2018" +#define MKREPRO_TIME "06:33:03" --- usr.sbin/ntp/doc/ntp-keygen.8.orig +++ usr.sbin/ntp/doc/ntp-keygen.8 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTP_KEYGEN 8 User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntp-keygen-opts.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:59 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:16:00 PM by AutoGen 5.18.5 .\" From the definitions ntp-keygen-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -23,26 +23,29 @@ .Sh DESCRIPTION This program generates cryptographic data files used by the NTPv4 authentication and identification schemes. -It generates MD5 key files used in symmetric key cryptography. -In addition, if the OpenSSL software library has been installed, -it generates keys, certificate and identity files used in public key -cryptography. +It can generate message digest keys used in symmetric key cryptography and, +if the OpenSSL software library has been installed, it can generate host keys, +signing keys, certificates, and identity keys and parameters used in Autokey +public key cryptography. These files are used for cookie encryption, -digital signature and challenge/response identification algorithms +digital signature, and challenge/response identification algorithms compatible with the Internet standard security infrastructure. .Pp -All files are in PEM\-encoded printable ASCII format, -so they can be embedded as MIME attachments in mail to other sites +The message digest symmetric keys file is generated in a format +compatible with NTPv3. +All other files are in PEM\-encoded printable ASCII format, +so they can be embedded as MIME attachments in email to other sites and certificate authorities. By default, files are not encrypted. .Pp -When used to generate message digest keys, the program produces a file -containing ten pseudo\-random printable ASCII strings suitable for the -MD5 message digest algorithm included in the distribution. +When used to generate message digest symmetric keys, the program +produces a file containing ten pseudo\-random printable ASCII strings +suitable for the MD5 message digest algorithm included in the +distribution. If the OpenSSL library is installed, it produces an additional ten -hex\-encoded random bit strings suitable for the SHA1 and other message -digest algorithms. -The message digest keys file must be distributed and stored +hex\-encoded random bit strings suitable for SHA1, AES\-128\-CMAC, and +other message digest algorithms. +The message digest symmetric keys file must be distributed and stored using secure means beyond the scope of NTP itself. Besides the keys used for ordinary NTP associations, additional keys can be defined as passwords for the @@ -62,31 +65,42 @@ Some files used by this program are encrypted using a private password. The .Fl p -option specifies the password for local encrypted files and the +option specifies the read password for local encrypted files and the .Fl q -option the password for encrypted files sent to remote sites. +option the write password for encrypted files sent to remote sites. If no password is specified, the host name returned by the Unix -.Fn gethostname -function, normally the DNS name of the host is used. +.Xr hostname 1 +command, normally the DNS name of the host, is used as the the default read +password, for convenience. +The +.Nm +program prompts for the password if it reads an encrypted file +and the password is missing or incorrect. +If an encrypted file is read successfully and +no write password is specified, the read password is used +as the write password by default. .Pp The -.Ar pw +.Cm pw option of the -.Ar crypto +.Ic crypto +.Xr ntpd 8 configuration command specifies the read password for previously encrypted local files. -This must match the local password used by this program. +This must match the local read password used by this program. If not specified, the host name is used. -Thus, if files are generated by this program without password, +Thus, if files are generated by this program without an explicit password, they can be read back by -.Ar ntpd -without password but only on the same host. +.Xr ntpd 8 +without specifying an explicit password but only on the same host. +If the write password used for encryption is specified as the host name, +these files can be read by that host with no explicit password. .Pp Normally, encrypted files for each host are generated by that host and used only by that host, although exceptions exist as noted later on this page. The symmetric keys file, normally called -.Ar ntp.keys , +.Pa ntp.keys , is usually installed in .Pa /etc . Other files and links are usually installed in @@ -93,188 +107,89 @@ .Pa /usr/local/etc , which is normally in a shared filesystem in NFS\-mounted networks and cannot be changed by shared clients. -The location of the keys directory can be changed by the -.Ar keysdir -configuration command in such cases. -Normally, this is in -.Pa /etc . +In these cases, NFS clients can specify the files in another +directory such as +.Pa /etc +using the +.Ic keysdir +.Xr ntpd 8 +configuration file command. .Pp This program directs commentary and error messages to the standard error stream -.Ar stderr +.Pa stderr and remote files to the standard output stream -.Ar stdout +.Pa stdout where they can be piped to other applications or redirected to files. The names used for generated files and links all begin with the string -.Ar ntpkey +.Pa ntpkey\&* and include the file type, generating host and filestamp, as described in the -.Dq Cryptographic Data Files +.Sx "Cryptographic Data Files" section below. .Ss Running the Program -To test and gain experience with Autokey concepts, log in as root and -change to the keys directory, usually -.Pa /usr/local/etc -When run for the first time, or if all files with names beginning with -.Ar ntpkey -have been removed, use the -.Nm -command without arguments to generate a -default RSA host key and matching RSA\-MD5 certificate with expiration -date one year hence. -If run again without options, the program uses the -existing keys and parameters and generates only a new certificate with -new expiration date one year hence. -.Pp -Run the command on as many hosts as necessary. -Designate one of them as the trusted host (TH) using -.Nm -with the -.Fl T -option and configure it to synchronize from reliable Internet servers. -Then configure the other hosts to synchronize to the TH directly or -indirectly. -A certificate trail is created when Autokey asks the immediately -ascendant host towards the TH to sign its certificate, which is then -provided to the immediately descendant host on request. -All group hosts should have acyclic certificate trails ending on the TH. -.Pp -The host key is used to encrypt the cookie when required and so must be -RSA type. -By default, the host key is also the sign key used to encrypt -signatures. -A different sign key can be assigned using the -.Fl S -option and this can be either RSA or DSA type. -By default, the signature -message digest type is MD5, but any combination of sign key type and -message digest type supported by the OpenSSL library can be specified -using the -.Fl c -option. -The rules say cryptographic media should be generated with proventic -filestamps, which means the host should already be synchronized before -this program is run. -This of course creates a chicken\-and\-egg problem -when the host is started for the first time. -Accordingly, the host time -should be set by some other means, such as eyeball\-and\-wristwatch, at -least so that the certificate lifetime is within the current year. -After that and when the host is synchronized to a proventic source, the -certificate should be re\-generated. -.Pp -Additional information on trusted groups and identity schemes is on the -.Dq Autokey Public\-Key Authentication -page. -.Pp -The -.Xr ntpd 8 -configuration command -.Ic crypto pw Ar password -specifies the read password for previously encrypted files. -The daemon expires on the spot if the password is missing -or incorrect. -For convenience, if a file has been previously encrypted, -the default read password is the name of the host running -the program. -If the previous write password is specified as the host name, -these files can be read by that host with no explicit password. -.Pp -File names begin with the prefix -.Cm ntpkey_ -and end with the postfix -.Ar _hostname.filestamp , -where -.Ar hostname -is the owner name, usually the string returned -by the Unix gethostname() routine, and -.Ar filestamp -is the NTP seconds when the file was generated, in decimal digits. -This both guarantees uniqueness and simplifies maintenance -procedures, since all files can be quickly removed -by a -.Ic rm ntpkey\&* -command or all files generated -at a specific time can be removed by a -.Ic rm -.Ar \&*filestamp -command. -To further reduce the risk of misconfiguration, -the first two lines of a file contain the file name -and generation date and time as comments. -.Pp -All files are installed by default in the keys directory -.Pa /usr/local/etc , -which is normally in a shared filesystem -in NFS\-mounted networks. -The actual location of the keys directory -and each file can be overridden by configuration commands, -but this is not recommended. -Normally, the files for each host are generated by that host -and used only by that host, although exceptions exist -as noted later on this page. -.Pp -Normally, files containing private values, -including the host key, sign key and identification parameters, -are permitted root read/write\-only; -while others containing public values are permitted world readable. -Alternatively, files containing private values can be encrypted -and these files permitted world readable, -which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and -dependent clients can all be installed in the same shared directory. -.Pp -The recommended practice is to keep the file name extensions -when installing a file and to install a soft link -from the generic names specified elsewhere on this page -to the generated files. -This allows new file generations to be activated simply -by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. -If a link is not present, -.Xr ntpd 8 -extracts the filestamp from the file itself. -This allows clients to verify that the file and generation times -are always current. -The -.Nm -program uses the same timestamp extension for all files generated -at one time, so each generation is distinct and can be readily -recognized in monitoring data. -.Ss Running the program The safest way to run the .Nm program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually +The recommended procedure is change to the +.Ar keys +directory, usually .Pa /usr/local/etc , then run the program. -When run for the first time, -or if all -.Cm ntpkey -files have been removed, -the program generates a RSA host key file and matching RSA\-MD5 certificate file, +.Pp +To test and gain experience with Autokey concepts, log in as root and +change to the +.Ar keys +directory, usually +.Pa /usr/local/etc . +When run for the first time, or if all files with names beginning with +.Pa ntpkey\&* +have been removed, use the +.Nm +command without arguments to generate a default +.Cm RSA +host key and matching +.Cm RSA\-MD5 +certificate file with expiration date one year hence, which is all that is necessary in many cases. The program also generates soft links from the generic names to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. +If run again without options, the program uses the +existing keys and parameters and generates a new certificate file with +new expiration date one year hence, and soft link. .Pp -The host key is used to encrypt the cookie when required and so must be RSA type. +The host key is used to encrypt the cookie when required and so must be +.Cm RSA +type. By default, the host key is also the sign key used to encrypt signatures. When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination +either +.Cm RSA +or +.Cm DSA +type. +By default, the message digest type is +.Cm MD5 , +but any combination of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. +can be specified, including those using the +.Cm AES128CMAC , MD2 , MD5 , MDC2 , SHA , SHA1 +and +.Cm RIPE160 +message digest algorithms. However, the scheme specified in the certificate must be compatible with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +Certificates using any digest algorithm are compatible with +.Cm RSA +sign keys; +however, only +.Cm SHA +and +.Cm SHA1 +certificates are compatible with +.Cm DSA +sign keys. .Pp Private/public key files and certificates are compatible with other OpenSSL applications and very likely other libraries as well. @@ -285,19 +200,19 @@ as the other files, are probably not compatible with anything other than Autokey. .Pp Running the program as other than root and using the Unix -.Ic su +.Xr su 1 command to assume root may not work properly, since by default the OpenSSL library looks for the random seed file -.Cm .rnd +.Pa .rnd in the user home directory. However, there should be only one -.Cm .rnd , +.Pa .rnd , most conveniently in the root directory, so it is convenient to define the -.Cm $RANDFILE +.Ev RANDFILE environment variable used by the OpenSSL library as the path to -.Cm /.rnd . +.Pa .rnd . .Pp Installing the keys as root might not work in NFS\-mounted shared file systems, as NFS clients may not be able to write @@ -307,7 +222,8 @@ .Pa /etc using the .Ic keysdir -command. +.Xr ntpd 8 +configuration file command. There is no need for one client to read the keys and certificates of other clients or servers, as these data are obtained automatically by the Autokey protocol. @@ -340,8 +256,11 @@ Alternatively, files containing private values can be encrypted and these files permitted world readable, which simplifies maintenance in shared file systems. -Since uniqueness is insured by the hostname and -file name extensions, the files for a NFS server and +Since uniqueness is insured by the +.Ar hostname +and +.Ar filestamp +file name extensions, the files for an NTP server and dependent clients can all be installed in the same shared directory. .Pp The recommended practice is to keep the file name extensions @@ -350,98 +269,97 @@ to the generated files. This allows new file generations to be activated simply by changing the link. -If a link is present, ntpd follows it to the file name -to extract the filestamp. +If a link is present, +.Xr ntpd 8 +follows it to the file name to extract the +.Ar filestamp . If a link is not present, .Xr ntpd 8 -extracts the filestamp from the file itself. +extracts the +.Ar filestamp +from the file itself. This allows clients to verify that the file and generation times are always current. The .Nm -program uses the same timestamp extension for all files generated +program uses the same +.Ar filestamp +extension for all files generated at one time, so each generation is distinct and can be readily recognized in monitoring data. -.Ss Running the program -The safest way to run the +.Pp +Run the command on as many hosts as necessary. +Designate one of them as the trusted host (TH) using .Nm -program is logged in directly as root. -The recommended procedure is change to the keys directory, -usually -.Pa /usr/local/etc , -then run the program. -When run for the first time, -or if all -.Cm ntpkey -files have been removed, -the program generates a RSA host key file and matching RSA\-MD5 certificate file, -which is all that is necessary in many cases. -The program also generates soft links from the generic names -to the respective files. -If run again, the program uses the same host key file, -but generates a new certificate file and link. +with the +.Fl T +option and configure it to synchronize from reliable Internet servers. +Then configure the other hosts to synchronize to the TH directly or +indirectly. +A certificate trail is created when Autokey asks the immediately +ascendant host towards the TH to sign its certificate, which is then +provided to the immediately descendant host on request. +All group hosts should have acyclic certificate trails ending on the TH. .Pp -The host key is used to encrypt the cookie when required and so must be RSA type. -By default, the host key is also the sign key used to encrypt signatures. -When necessary, a different sign key can be specified and this can be -either RSA or DSA type. -By default, the message digest type is MD5, but any combination -of sign key type and message digest type supported by the OpenSSL library -can be specified, including those using the MD2, MD5, SHA, SHA1, MDC2 -and RIPE160 message digest algorithms. -However, the scheme specified in the certificate must be compatible -with the sign key. -Certificates using any digest algorithm are compatible with RSA sign keys; -however, only SHA and SHA1 certificates are compatible with DSA sign keys. +The host key is used to encrypt the cookie when required and so must be +RSA type. +By default, the host key is also the sign key used to encrypt +signatures. +A different sign key can be assigned using the +.Fl S +option and this can be either +.Cm RSA +or +.Cm DSA +type. +By default, the signature +message digest type is +.Cm MD5 , +but any combination of sign key type and +message digest type supported by the OpenSSL library can be specified +using the +.Fl c +option. .Pp -Private/public key files and certificates are compatible with -other OpenSSL applications and very likely other libraries as well. -Certificates or certificate requests derived from them should be compatible -with extant industry practice, although some users might find -the interpretation of X509v3 extension fields somewhat liberal. -However, the identification parameter files, although encoded -as the other files, are probably not compatible with anything other than Autokey. +The rules say cryptographic media should be generated with proventic +filestamps, which means the host should already be synchronized before +this program is run. +This of course creates a chicken\-and\-egg problem +when the host is started for the first time. +Accordingly, the host time +should be set by some other means, such as eyeball\-and\-wristwatch, at +least so that the certificate lifetime is within the current year. +After that and when the host is synchronized to a proventic source, the +certificate should be re\-generated. .Pp -Running the program as other than root and using the Unix -.Ic su -command -to assume root may not work properly, since by default the OpenSSL library -looks for the random seed file -.Cm .rnd -in the user home directory. -However, there should be only one -.Cm .rnd , -most conveniently -in the root directory, so it is convenient to define the -.Cm $RANDFILE -environment variable used by the OpenSSL library as the path to -.Cm /.rnd . +Additional information on trusted groups and identity schemes is on the +.Dq Autokey Public\-Key Authentication +page. .Pp -Installing the keys as root might not work in NFS\-mounted -shared file systems, as NFS clients may not be able to write -to the shared keys directory, even as root. -In this case, NFS clients can specify the files in another -directory such as -.Pa /etc -using the -.Ic keysdir +File names begin with the prefix +.Pa ntpkey Ns _ +and end with the suffix +.Pa _ Ns Ar hostname . Ar filestamp , +where +.Ar hostname +is the owner name, usually the string returned +by the Unix +.Xr hostname 1 +command, and +.Ar filestamp +is the NTP seconds when the file was generated, in decimal digits. +This both guarantees uniqueness and simplifies maintenance +procedures, since all files can be quickly removed +by a +.Ic rm Pa ntpkey\&* +command or all files generated +at a specific time can be removed by a +.Ic rm Pa \&* Ns Ar filestamp command. -There is no need for one client to read the keys and certificates -of other clients or servers, as these data are obtained automatically -by the Autokey protocol. -.Pp -Ordinarily, cryptographic files are generated by the host that uses them, -but it is possible for a trusted agent (TA) to generate these files -for other hosts; however, in such cases files should always be encrypted. -The subject name and trusted name default to the hostname -of the host generating the files, but can be changed by command line options. -It is convenient to designate the owner name and trusted name -as the subject and issuer fields, respectively, of the certificate. -The owner name is also used for the host and sign key files, -while the trusted name is used for the identity files. -seconds. -seconds. -s Trusted Hosts and Groups +To further reduce the risk of misconfiguration, +the first two lines of a file contain the file name +and generation date and time as comments. +.Ss Trusted Hosts and Groups Each cryptographic configuration involves selection of a signature scheme and identification scheme, called a cryptotype, as explained in the @@ -448,8 +366,14 @@ .Sx Authentication Options section of .Xr ntp.conf 5 . -The default cryptotype uses RSA encryption, MD5 message digest -and TC identification. +The default cryptotype uses +.Cm RSA +encryption, +.Cm MD5 +message digest +and +.Cm TC +identification. First, configure a NTP subnet including one or more low\-stratum trusted hosts from which all other hosts derive synchronization directly or indirectly. @@ -467,7 +391,7 @@ .Pp On each trusted host as root, change to the keys directory. To insure a fresh fileset, remove all -.Cm ntpkey +.Pa ntpkey files. Then run .Nm @@ -492,7 +416,9 @@ .Cm RSA or .Cm DSA . -The most often need to do this is when a DSA\-signed certificate is used. +The most frequent need to do this is when a +.Cm DSA Ns \-signed +certificate is used. If it is necessary to use a different certificate scheme than the default, run .Nm @@ -501,10 +427,10 @@ option and selected .Ar scheme as needed. -f +If .Nm is run again without these options, it generates a new certificate -using the same scheme and sign key. +using the same scheme and sign key, and soft link. .Pp After setting up the environment it is advisable to update certificates from time to time, if only to extend the validity interval. @@ -511,7 +437,7 @@ Simply run .Nm with the same flags as before to generate new certificates -using existing keys. +using existing keys, and soft links. However, if the host or sign key is changed, .Xr ntpd 8 should be restarted. @@ -522,13 +448,15 @@ at which time the protocol is restarted. .Ss Identity Schemes As mentioned on the Autonomous Authentication page, -the default TC identity scheme is vulnerable to a middleman attack. +the default +.Cm TC +identity scheme is vulnerable to a middleman attack. However, there are more secure identity schemes available, -including PC, IFF, GQ and MV described on the -.Qq Identification Schemes -page -(maybe available at -.Li http://www.eecis.udel.edu/%7emills/keygen.html ) . +including +.Cm PC , IFF , GQ +and +.Cm MV +schemes described below. These schemes are based on a TA, one or more trusted hosts and some number of nontrusted hosts. Trusted hosts prove identity using values provided by the TA, @@ -553,12 +481,15 @@ .Fl P .Fl p Ar password to generate the host key file -.Pa ntpkey_RSAkey_ Ns Ar alice.filestamp +.Pa ntpkey Ns _ Cm RSA Pa key_alice. Ar filestamp and trusted private certificate file -.Pa ntpkey_RSA\-MD5_cert_ Ns Ar alice.filestamp . +.Pa ntpkey Ns _ Cm RSA\-MD5 _ Pa cert_alice. Ar filestamp , +and soft links. Copy both files to all group hosts; they replace the files which would be generated in other schemes. -On each host bob install a soft link from the generic name +On each host +.Ar bob +install a soft link from the generic name .Pa ntpkey_host_ Ns Ar bob to the host key file and soft link .Pa ntpkey_cert_ Ns Ar bob @@ -567,11 +498,17 @@ by trusted host alice. In this scheme it is not possible to refresh either the keys or certificates without copying them -to all other hosts in the group. +to all other hosts in the group, and recreating the soft links. .Pp -For the IFF scheme proceed as in the TC scheme to generate keys +For the +.Cm IFF +scheme proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts, then for every trusted host in the group, -generate the IFF parameter file. +generate the +.Cm IFF +parameter file. On trusted host alice run .Nm .Fl T @@ -578,15 +515,17 @@ .Fl I .Fl p Ar password to produce her parameter file -.Pa ntpkey_IFFpar_ Ns Ar alice.filestamp , +.Pa ntpkey_IFFpar_alice. Ns Ar filestamp , which includes both server and client keys. Copy this file to all group hosts that operate as both servers and clients and install a soft link from the generic -.Pa ntpkey_iff_ Ns Ar alice +.Pa ntpkey_iff_alice to this file. If there are no hosts restricted to operate only as clients, there is nothing further to do. -As the IFF scheme is independent +As the +.Cm IFF +scheme is independent of keys and certificates, these files can be refreshed as needed. .Pp If a rogue client has the parameter file, it could masquerade @@ -596,17 +535,23 @@ After generating the parameter file, on alice run .Nm .Fl e -and pipe the output to a file or mail program. -Copy or mail this file to all restricted clients. +and pipe the output to a file or email program. +Copy or email this file to all restricted clients. On these clients install a soft link from the generic -.Pa ntpkey_iff_ Ns Ar alice +.Pa ntpkey_iff_alice to this file. To further protect the integrity of the keys, each file can be encrypted with a secret password. .Pp -For the GQ scheme proceed as in the TC scheme to generate keys +For the +.Cm GQ +scheme proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts, then for every trusted host -in the group, generate the IFF parameter file. +in the group, generate the +.Cm IFF +parameter file. On trusted host alice run .Nm .Fl T @@ -613,20 +558,30 @@ .Fl G .Fl p Ar password to produce her parameter file -.Pa ntpkey_GQpar_ Ns Ar alice.filestamp , +.Pa ntpkey_GQpar_alice. Ns Ar filestamp , which includes both server and client keys. Copy this file to all group hosts and install a soft link from the generic -.Pa ntpkey_gq_ Ns Ar alice +.Pa ntpkey_gq_alice to this file. -In addition, on each host bob install a soft link +In addition, on each host +.Ar bob +install a soft link from generic .Pa ntpkey_gq_ Ns Ar bob to this file. -As the GQ scheme updates the GQ parameters file and certificate +As the +.Cm GQ +scheme updates the +.Cm GQ +parameters file and certificate at the same time, keys and certificates can be regenerated as needed. .Pp -For the MV scheme, proceed as in the TC scheme to generate keys +For the +.Cm MV +scheme, proceed as in the +.Cm TC +scheme to generate keys and certificates for all group hosts. For illustration assume trish is the TA, alice one of several trusted hosts and bob one of her clients. @@ -638,9 +593,9 @@ .Ar n is the number of revokable keys (typically 5) to produce the parameter file -.Pa ntpkeys_MVpar_ Ns Ar trish.filestamp +.Pa ntpkeys_MVpar_trish. Ns Ar filestamp and client key files -.Pa ntpkeys_MVkeyd_ Ns Ar trish.filestamp +.Pa ntpkeys_MVkey Ns Ar d _ Pa trish. Ar filestamp where .Ar d is the key number (0 \&< @@ -649,80 +604,217 @@ .Ar n ) . Copy the parameter file to alice and install a soft link from the generic -.Pa ntpkey_mv_ Ns Ar alice +.Pa ntpkey_mv_alice to this file. Copy one of the client key files to alice for later distribution to her clients. -It doesn't matter which client key file goes to alice, +It does not matter which client key file goes to alice, since they all work the same way. -Alice copies the client key file to all of her cliens. +Alice copies the client key file to all of her clients. On client bob install a soft link from generic -.Pa ntpkey_mvkey_ Ns Ar bob +.Pa ntpkey_mvkey_bob to the client key file. -As the MV scheme is independent of keys and certificates, +As the +.Cm MV +scheme is independent of keys and certificates, these files can be refreshed as needed. .Ss Command Line Options .Bl -tag -width indent -.It Fl c Ar scheme -Select certificate message digest/signature encryption scheme. +.It Fl b Fl \-imbits Ns = Ar modulus +Set the number of bits in the identity modulus for generating identity keys to +.Ar modulus +bits. +The number of bits in the identity modulus defaults to 256, but can be set to +values from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.It Fl c Fl \-certificate Ns = Ar scheme +Select certificate signature encryption/message digest scheme. The .Ar scheme can be one of the following: -. Cm RSA\-MD2 , RSA\-MD5 , RSA\-SHA , RSA\-SHA1 , RSA\-MDC2 , RSA\-RIPEMD160 , DSA\-SHA , +.Cm RSA\-MD2 , RSA\-MD5 , RSA\-MDC2 , RSA\-SHA , RSA\-SHA1 , RSA\-RIPEMD160 , DSA\-SHA , or .Cm DSA\-SHA1 . -Note that RSA schemes must be used with a RSA sign key and DSA -schemes must be used with a DSA sign key. +Note that +.Cm RSA +schemes must be used with an +.Cm RSA +sign key and +.Cm DSA +schemes must be used with a +.Cm DSA +sign key. The default without this option is .Cm RSA\-MD5 . -.It Fl d -Enable debugging. +If compatibility with FIPS 140\-2 is required, either the +.Cm DSA\-SHA +or +.Cm DSA\-SHA1 +scheme must be used. +.It Fl C Fl \-cipher Ns = Ar cipher +Select the OpenSSL cipher to encrypt the files containing private keys. +The default without this option is three\-key triple DES in CBC mode, +.Cm des\-ede3\-cbc . +The +.Ic openssl Fl h +command provided with OpenSSL displays available ciphers. +.It Fl d Fl \-debug\-level +Increase debugging verbosity level. This option displays the cryptographic data produced in eye\-friendly billboards. -.It Fl e -Write the IFF client keys to the standard output. -This is intended for automatic key distribution by mail. -.It Fl G -Generate parameters and keys for the GQ identification scheme, -obsoleting any that may exist. -.It Fl g -Generate keys for the GQ identification scheme -using the existing GQ parameters. -If the GQ parameters do not yet exist, create them first. -.It Fl H -Generate new host keys, obsoleting any that may exist. -.It Fl I -Generate parameters for the IFF identification scheme, -obsoleting any that may exist. -.It Fl i Ar name -Set the suject name to -.Ar name . -This is used as the subject field in certificates -and in the file name for host and sign keys. -.It Fl M -Generate MD5 keys, obsoleting any that may exist. -.It Fl P -Generate a private certificate. +.It Fl D Fl \-set\-debug\-level Ns = Ar level +Set the debugging verbosity to +.Ar level . +This option displays the cryptographic data produced in eye\-friendly billboards. +.It Fl e Fl \-id\-key +Write the +.Cm IFF +or +.Cm GQ +public parameters from the +.Ar IFFkey or GQkey +client keys file previously specified +as unencrypted data to the standard output stream +.Pa stdout . +This is intended for automatic key distribution by email. +.It Fl G Fl \-gq\-params +Generate a new encrypted +.Cm GQ +parameters and key file for the Guillou\-Quisquater (GQ) identity scheme. +This option is mutually exclusive with the +.Fl I +and +.Fl V +options. +.It Fl H Fl \-host\-key +Generate a new encrypted +.Cm RSA +public/private host key file. +.It Fl I Fl \-iffkey +Generate a new encrypted +.Cm IFF +key file for the Schnorr (IFF) identity scheme. +This option is mutually exclusive with the +.Fl G +and +Fl V +options. +.It Fl i Fl \-ident Ns = Ar group +Set the optional Autokey group name to +.Ar group . +This is used in the identity scheme parameter file names of +.Cm IFF , GQ , +and +.Cm MV +client parameters files. +In that role, the default is the host name if no group is provided. +The group name, if specified using +.Fl i +or +.Fl s +following an +.Ql @ +character, is also used in certificate subject and issuer names in the form +.Ar host @ group +and should match the group specified via +.Ic crypto Cm ident +or +.Ic server Cm ident +in the ntpd configuration file. +.It Fl l Fl \-lifetime Ns = Ar days +Set the lifetime for certificate expiration to +.Ar days . +The default lifetime is one year (365 days). +.It Fl m Fl \-modulus Ns = Ar bits +Set the number of bits in the prime modulus for generating files to +.Ar bits . +The modulus defaults to 512, but can be set from 256 to 2048 (32 to 256 octets). +Use the larger moduli with caution, as this can consume considerable computing +resources and increases the size of authenticated packets. +.It Fl M Fl \-md5key +Generate a new symmetric keys file containing 10 +.Cm MD5 +keys, and if OpenSSL is available, 10 +.Cm SHA +keys. +An +.Cm MD5 +key is a string of 20 random printable ASCII characters, while a +.Cm SHA +key is a string of 40 random hex digits. +The file can be edited using a text editor to change the key type or key content. +This option is mutually exclusive with all other options. +.It Fl p Fl \-password Ns = Ar passwd +Set the password for reading and writing encrypted files to +.Ar passwd . +These include the host, sign and identify key files. +By default, the password is the string returned by the Unix +.Ic hostname +command. +.It Fl P Fl \-pvt\-cert +Generate a new private certificate used by the +.Cm PC +identity scheme. By default, the program generates public certificates. -.It Fl p Ar password -Encrypt generated files containing private data with -.Ar password -and the DES\-CBC algorithm. -.It Fl q -Set the password for reading files to password. -.It Fl S Oo Cm RSA | DSA Oc -Generate a new sign key of the designated type, -obsoleting any that may exist. -By default, the program uses the host key as the sign key. -.It Fl s Ar name -Set the issuer name to -.Ar name . -This is used for the issuer field in certificates -and in the file name for identity files. -.It Fl T +Note: the PC identity scheme is not recommended for new installations. +.It Fl q Fl \-export\-passwd Ns = Ar passwd +Set the password for writing encrypted +.Cm IFF , GQ and MV +identity files redirected to +.Pa stdout +to +.Ar passwd . +In effect, these files are decrypted with the +.Fl p +password, then encrypted with the +.Fl q +password. +By default, the password is the string returned by the Unix +.Ic hostname +command. +.It Fl s Fl \-subject\-key Ns = Ar Oo host Oc Op @ Ar group +Specify the Autokey host name, where +.Ar host +is the optional host name and +.Ar group +is the optional group name. +The host name, and if provided, group name are used in +.Ar host @ group +form as certificate subject and issuer. +Specifying +.Fl s @ Ar group +is allowed, and results in leaving the host name unchanged, as with +.Fl i Ar group . +The group name, or if no group is provided, the host name are also used in the +file names of +.Cm IFF , GQ , +and +.Cm MV +identity scheme client parameter files. +If +.Ar host +is not specified, the default host name is the string returned by the Unix +.Ic hostname +command. +.It Fl S Fl \-sign\-key Ns = Op Cm RSA | DSA +Generate a new encrypted public/private sign key file of the specified type. +By default, the sign key is the host key and has the same type. +If compatibility with FIPS 140\-2 is required, the sign key type must be +.Cm DSA . +.It Fl T Fl \-trusted\-cert Generate a trusted certificate. By default, the program generates a non\-trusted certificate. -.It Fl V Ar nkeys -Generate parameters and keys for the Mu\-Varadharajan (MV) identification scheme. +.It Fl V Fl \-mv\-params Ar nkeys +Generate +.Ar nkeys +encrypted server keys and parameters for the Mu\-Varadharajan (MV) +identity scheme. +This option is mutually exclusive with the +.Fl I +and +.Fl G +options. +Note: support for this option should be considered a work in progress. .El .Ss Random Seed File All cryptographically sound key generation schemes must have means @@ -746,7 +838,7 @@ .Pp The entropy seed used by the OpenSSL library is contained in a file, usually called -.Cm .rnd , +.Pa .rnd , which must be available when starting the NTP daemon or the .Nm @@ -753,7 +845,7 @@ program. The NTP daemon will first look for the file using the path specified by the -.Ic randfile +.Cm randfile subcommand of the .Ic crypto configuration command. @@ -769,44 +861,118 @@ .Ev RANDFILE environment variable is not present, the library will look for the -.Cm .rnd +.Pa .rnd file in the user home directory. +Since both the +.Nm +program and +.Xr ntpd 8 +daemon must run as root, the logical place to put this file is in +.Pa /.rnd +or +.Pa /root/.rnd . If the file is not available or cannot be written, the daemon exits with a message to the system log and the program exits with a suitable error message. .Ss Cryptographic Data Files -All other file formats begin with two lines. -The first contains the file name, including the generated host name -and filestamp. -The second contains the datestamp in conventional Unix date format. -Lines beginning with # are considered comments and ignored by the +All file formats begin with two nonencrypted lines. +The first line contains the file name, including the generated host name +and filestamp, in the format +.Pa ntpkey_ Ns Ar key _ Ar name . Ar filestamp , +where +.Ar key +is the key or parameter type, +.Ar name +is the host or group name and +.Ar filestamp +is the filestamp (NTP seconds) when the file was created. +By convention, +.Ar key +names in generated file names include both upper and lower case +characters, while +.Ar key +names in generated link names include only lower case characters. +The filestamp is not used in generated link names. +The second line contains the datestamp in conventional Unix +.Pa date +format. +Lines beginning with +.Ql # +are considered comments and ignored by the .Nm program and .Xr ntpd 8 daemon. -Cryptographic values are encoded first using ASN.1 rules, -then encrypted if necessary, and finally written PEM\-encoded -printable ASCII format preceded and followed by MIME content identifier lines. .Pp -The format of the symmetric keys file is somewhat different -than the other files in the interest of backward compatibility. -Since DES\-CBC is deprecated in NTPv4, the only key format of interest -is MD5 alphanumeric strings. -Following hte heard the keys are -entered one per line in the format -.D1 Ar keyno type key +The remainder of the file contains cryptographic data, encoded first using ASN.1 +rules, then encrypted if necessary, and finally written in PEM\-encoded +printable ASCII text, preceded and followed by MIME content identifier lines. +.Pp +The format of the symmetric keys file, ordinarily named +.Pa ntp.keys , +is somewhat different than the other files in the interest of backward compatibility. +Ordinarily, the file is generated by this program, but it can be constructed +and edited using an ordinary text editor. +.Bd -literal -unfilled -offset center +# ntpkey_MD5key_bk.ntp.org.3595864945 +# Thu Dec 12 19:22:25 2013 +1 MD5 L";Nw<\`.Il0%XXK9O'51VwV. .Sh BUGS -It can take quite a while to generate some cryptographic values, -from one to several minutes with modern architectures -such as UltraSPARC and up to tens of minutes to an hour -with older architectures such as SPARC IPC. +It can take quite a while to generate some cryptographic values. .Pp Please report bugs to http://bugs.ntp.org . .Pp --- usr.sbin/ntp/doc/ntp.conf.5.orig +++ usr.sbin/ntp/doc/ntp.conf.5 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTP_CONF 5 File Formats .Os .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:31:09 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:14:42 PM by AutoGen 5.18.5 .\" From the definitions ntp.conf.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -1534,6 +1534,7 @@ for packets that overflow the rate\-control window. .It Xo Ic restrict address .Op Cm mask Ar mask +.Op Cm ippeerlimit Ar int .Op Ar flag ... .Xc The @@ -1559,6 +1560,15 @@ .Cm default , with no mask option, may be used to indicate the default entry. +The +.Cm ippeerlimit +directive limits the number of peer requests for each IP to +.Ar int , +where a value of \-1 means "unlimited", the current default. +A value of 0 means "none". +There would usually be at most 1 peering request per IP, +but if the remote peering requests are behind a proxy +there could well be more than 1 per IP. In the current implementation, .Cm flag always @@ -1609,6 +1619,18 @@ This flag modifies the assignment algorithm by allowing low priority traps to be overridden by later requests for normal priority traps. +.It Cm noepeer +Deny ephemeral peer requests, +even if they come from an authenticated source. +Note that the ability to use a symmetric key for authentication may be restricted to +one or more IPs or subnets via the third field of the +.Pa ntp.keys +file. +This restriction is not enabled by default, +to maintain backward compatability. +Expect +.Cm noepeer +to become the default in ntp\-4.4. .It Cm nomodify Deny .Xr ntpq 8 @@ -1626,10 +1648,10 @@ queries. Time service is not affected. .It Cm nopeer -Deny packets which would result in mobilizing a new association. -This -includes broadcast and symmetric active packets when a configured -association does not exist. +Deny unauthenticated packets which would result in mobilizing a new association. +This includes +broadcast and symmetric active packets +when a configured association does not exist. It also includes .Cm pool associations, so if you want to use servers from a @@ -1637,8 +1659,9 @@ directive and also want to use .Cm nopeer by default, you'll want a -.Cm "restrict source ..." line as well that does -.It not +.Cm "restrict source ..." +line as well that does +.Em not include the .Cm nopeer directive. @@ -2013,9 +2036,10 @@ as soon as possible. Attacks such as replay attacks can happen, however, and even though there are a number of protections built in to -broadcast mode, attempts to perform a replay attack are possible. +broadcast mode, attempts to perform a replay attack are possible. This value defaults to 0, but can be changed to any number of poll intervals between 0 and 4. +.El .Ss Manycast Options .Bl -tag -width indent .It Xo Ic tos @@ -2361,7 +2385,7 @@ page (available as part of the HTML documentation provided in -.Pa /usr/share/doc/ntp ) . +.Pa /usr/share/doc/ntp ). .It Cm stratum Ar int Specifies the stratum number assigned to the driver, an integer between 0 and 15. @@ -2639,6 +2663,79 @@ .Xr ntpd 8 on multiple hosts, with (mostly) common options (e.g., a restriction list). +.It Xo Ic interface +.Oo +.Cm listen | Cm ignore | Cm drop +.Oc +.Oo +.Cm all | Cm ipv4 | Cm ipv6 | Cm wildcard +.Ar name | Ar address +.Oo Cm / Ar prefixlen +.Oc +.Oc +.Xc +The +.Cm interface +directive controls which network addresses +.Xr ntpd 8 +opens, and whether input is dropped without processing. +The first parameter determines the action for addresses +which match the second parameter. +The second parameter specifies a class of addresses, +or a specific interface name, +or an address. +In the address case, +.Ar prefixlen +determines how many bits must match for this rule to apply. +.Cm ignore +prevents opening matching addresses, +.Cm drop +causes +.Xr ntpd 8 +to open the address and drop all received packets without examination. +Multiple +.Cm interface +directives can be used. +The last rule which matches a particular address determines the action for it. +.Cm interface +directives are disabled if any +.Fl I , +.Fl \-interface , +.Fl L , +or +.Fl \-novirtualips +command\-line options are specified in the configuration file, +all available network addresses are opened. +The +.Cm nic +directive is an alias for +.Cm interface . +.It Ic leapfile Ar leapfile +This command loads the IERS leapseconds file and initializes the +leapsecond values for the next leapsecond event, leapfile expiration +time, and TAI offset. +The file can be obtained directly from the IERS at +.Li https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap\-seconds.list +or +.Li ftp://hpiers.obspm.fr/iers/bul/bulc/ntp/leap\-seconds.list . +The +.Cm leapfile +is scanned when +.Xr ntpd 8 +processes the +.Cm leapfile directive or when +.Cm ntpd detects that the +.Ar leapfile +has changed. +.Cm ntpd +checks once a day to see if the +.Ar leapfile +has changed. +The +.Xr update\-leap 1update_leapmdoc +script can be run to see if the +.Ar leapfile +should be updated. .It Ic leapsmearinterval Ar seconds This EXPERIMENTAL option is only available if .Xr ntpd 8 @@ -2743,6 +2840,181 @@ This is the same operation as the .Fl l command line option. +.It Xo Ic mru +.Oo +.Cm maxdepth Ar count | Cm maxmem Ar kilobytes | +.Cm mindepth Ar count | Cm maxage Ar seconds | +.Cm initialloc Ar count | Cm initmem Ar kilobytes | +.Cm incalloc Ar count | Cm incmem Ar kilobytes +.Oc +.Xc +Controls size limite of the monitoring facility's Most Recently Used +(MRU) list +of client addresses, which is also used by the +rate control facility. +.Bl -tag -width indent +.It Ic maxdepth Ar count +.It Ic maxmem Ar kilobytes +Equivalent upper limits on the size of the MRU list, in terms of entries or kilobytes. +The acutal limit will be up to +.Cm incalloc +entries or +.Cm incmem +kilobytes larger. +As with all of the +.Cm mru +options offered in units of entries or kilobytes, if both +.Cm maxdepth +and +.Cm maxmem are used, the last one used controls. +The default is 1024 kilobytes. +.It Cm mindepth Ar count +Lower limit on the MRU list size. +When the MRU list has fewer than +.Cm mindepth +entries, existing entries are never removed to make room for newer ones, +regardless of their age. +The default is 600 entries. +.It Cm maxage Ar seconds +Once the MRU list has +.Cm mindepth +entries and an additional client is to ba added to the list, +if the oldest entry was updated more than +.Cm maxage +seconds ago, that entry is removed and its storage is reused. +If the oldest entry was updated more recently the MRU list is grown, +subject to +.Cm maxdepth / moxmem . +The default is 64 seconds. +.It Cm initalloc Ar count +.It Cm initmem Ar kilobytes +Initial memory allocation at the time the monitoringfacility is first enabled, +in terms of the number of entries or kilobytes. +The default is 4 kilobytes. +.It Cm incalloc Ar count +.It Cm incmem Ar kilobytes +Size of additional memory allocations when growing the MRU list, in entries or kilobytes. +The default is 4 kilobytes. +.El +.It Ic nonvolatile Ar threshold +Specify the +.Ar threshold +delta in seconds before an hourly change to the +.Cm driftfile +(frequency file) will be written, with a default value of 1e\-7 (0.1 PPM). +The frequency file is inspected each hour. +If the difference between the current frequency and the last value written +exceeds the threshold, the file is written and the +.Cm threshold +becomes the new threshold value. +If the threshold is not exceeeded, it is reduced by half. +This is intended to reduce the number of file writes +for embedded systems with nonvolatile memory. +.It Ic phone Ar dial ... +This command is used in conjunction with +the ACTS modem driver (type 18) +or the JJY driver (type 40, mode 100 \- 180). +For the ACTS modem driver (type 18), the arguments consist of +a maximum of 10 telephone numbers used to dial USNO, NIST, or European +time service. +For the JJY driver (type 40 mode 100 \- 180), the argument is +one telephone number used to dial the telephone JJY service. +The Hayes command ATDT is normally prepended to the number. +The number can contain other modem control codes as well. +.It Xo Ic reset +.Oo +.Ic allpeers +.Oc +.Oo +.Ic auth +.Oc +.Oo +.Ic ctl +.Oc +.Oo +.Ic io +.Oc +.Oo +.Ic mem +.Oc +.Oo +.Ic sys +.Oc +.Oo +.Ic timer +.Oc +.Xc +Reset one or more groups of counters maintained by +.Cm ntpd +and exposed by +.Cm ntpq +and +.Cm ntpdc . +.It Xo Ic rlimit +.Oo +.Cm memlock Ar Nmegabytes | +.Cm stacksize Ar N4kPages +.Cm filenum Ar Nfiledescriptors +.Oc +.Xc +.Bl -tag -width indent +.It Cm memlock Ar Nmegabytes +Specify the number of megabytes of memory that should be +allocated and locked. +Probably only available under Linux, this option may be useful +when dropping root (the +.Fl i +option). +The default is 32 megabytes on non\-Linux machines, and \-1 under Linux. +-1 means "do not lock the process into memory". +0 means "lock whatever memory the process wants into memory". +.It Cm stacksize Ar N4kPages +Specifies the maximum size of the process stack on systems with the +.Fn mlockall +function. +Defaults to 50 4k pages (200 4k pages in OpenBSD). +.It Cm filenum Ar Nfiledescriptors +Specifies the maximum number of file descriptors ntpd may have open at once. +Defaults to the system default. +.El +.It Ic saveconfigdir Ar directory_path +Specify the directory in which to write configuration snapshots +requested with +.Cm ntpq 's +.Cm saveconfig +command. +If +.Cm saveconfigdir +does not appear in the configuration file, +.Cm saveconfig +requests are rejected by +.Cm ntpd . +.It Ic saveconfig Ar filename +Write the current configuration, including any runtime +modifications given with +.Cm :config +or +.Cm config\-from\-file +to the +.Cm ntpd +host's +.Ar filename +in the +.Cm saveconfigdir . +This command will be rejected unless the +.Cm saveconfigdir +directive appears in +.Cm ntpd 's +configuration file. +.Ar filename +can use +.Xr strftime 3 +format directives to substitute the current date and time, +for example, +.Cm saveconfig\ ntp\-%Y%m%d\-%H%M%S.conf . +The filename used is stored in the system variable +.Cm savedconfig . +Authentication is required. .It Ic setvar Ar variable Op Cm default This command adds an additional system variable. These @@ -2781,6 +3053,10 @@ the names of all peer variables and the .Va clock_var_list holds the names of the reference clock variables. +.It Cm sysinfo +Display operational summary. +.It Cm sysstats +Show statistics counters maintained in the protocol module. .It Xo Ic tinker .Oo .Cm allan Ar allan | @@ -2870,33 +3146,18 @@ If set to zero, the stepout pulses will not be suppressed. .El -.It Xo Ic rlimit -.Oo -.Cm memlock Ar Nmegabytes | -.Cm stacksize Ar N4kPages -.Cm filenum Ar Nfiledescriptors -.Oc -.Xc -.Bl -tag -width indent -.It Cm memlock Ar Nmegabytes -Specify the number of megabytes of memory that should be -allocated and locked. -Probably only available under Linux, this option may be useful -when dropping root (the -.Fl i -option). -The default is 32 megabytes on non\-Linux machines, and \-1 under Linux. --1 means "do not lock the process into memory". -0 means "lock whatever memory the process wants into memory". -.It Cm stacksize Ar N4kPages -Specifies the maximum size of the process stack on systems with the -.Fn mlockall -function. -Defaults to 50 4k pages (200 4k pages in OpenBSD). -.It Cm filenum Ar Nfiledescriptors -Specifies the maximum number of file descriptors ntpd may have open at once. -Defaults to the system default. -.El +.It Cm writevar Ar assocID\ name = value [,...] +Write (create or update) the specified variables. +If the +.Cm assocID +is zero, the variablea re from the +system variables +name space, otherwise they are from the +peer variables +name space. +The +.Cm assocID +is required, as the same name can occur in both name spaces. .It Xo Ic trap Ar host_address .Op Cm port Ar port_number .Op Cm interface Ar interface_address @@ -2911,6 +3172,13 @@ message is sent through. Note that on a multihomed host the interface used may vary from time to time with routing changes. +.It Cm ttl Ar hop ... +This command specifies a list of TTL values in increasing order. +Up to 8 values can be specified. +In +.Cm manycast +mode these values are used in\-turn in an expanding\-ring search. +The default is eight multiples of 32 starting at 31. .Pp The trap receiver will generally log event messages and other information from the server in a log file. --- usr.sbin/ntp/doc/ntp.keys.5.orig +++ usr.sbin/ntp/doc/ntp.keys.5 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTP_KEYS 5 File Formats .Os SunOS 5.10 .\" EDIT THIS FILE WITH CAUTION (ntp.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:44:22 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:14:46 PM by AutoGen 5.18.5 .\" From the definitions ntp.keys.def .\" and the template file agmdoc-file.tpl .Sh NAME @@ -53,16 +53,24 @@ is a positive integer (between 1 and 65534), .Ar type is the message digest algorithm, -and .Ar key is the key itself, and .Ar opt_IP_list is an optional comma\-separated list of IPs +where the +.Ar keyno +should be trusted. that are allowed to serve time. +Each IP in +.Ar opt_IP_list +may contain an optional +.Cm /subnetbits +specification which identifies the number of bits for +the desired subnet of trust. If .Ar opt_IP_list is empty, -any properly\-authenticated server message will be +any properly\-authenticated message will be accepted. .Pp The --- usr.sbin/ntp/doc/ntpd.8.orig +++ usr.sbin/ntp/doc/ntpd.8 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTPD 8 User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpd-opts.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:44:23 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:14:47 PM by AutoGen 5.18.5 .\" From the definitions ntpd-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME --- usr.sbin/ntp/doc/ntpdc.8.orig +++ usr.sbin/ntp/doc/ntpdc.8 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTPDC 8 User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpdc-opts.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:44:57 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:09 PM by AutoGen 5.18.5 .\" From the definitions ntpdc-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME --- usr.sbin/ntp/doc/ntpq.8.orig +++ usr.sbin/ntp/doc/ntpq.8 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt NTPQ 8 User Commands .Os .\" EDIT THIS FILE WITH CAUTION (ntpq-opts.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:45:31 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:15:28 PM by AutoGen 5.18.5 .\" From the definitions ntpq-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -20,15 +20,12 @@ [ host ...] .Pp .Sh DESCRIPTION +.Pp The .Nm -utility program is used to query NTP servers which -implement the standard NTP mode 6 control message formats defined -in Appendix B of the NTPv3 specification RFC1305, requesting +utility program is used to query NTP servers to monitor NTP operations +and performance, requesting information about current state and/or changes in that state. -The same formats are used in NTPv4, although some of the -variables have changed and new ones added. The description on this -page is for the NTPv4 variables. The program may be run either in interactive mode or controlled using command line arguments. Requests to read and write arbitrary @@ -39,6 +36,7 @@ utility can also obtain and print a list of peers in a common format by sending multiple queries to the server. +.Pp If one or more request options is included on the command line when .Nm @@ -56,6 +54,7 @@ .Nm utility will prompt for commands if the standard input is a terminal device. +.Pp .Nm uses NTP mode 6 packets to communicate with the NTP server, and hence can be used to query any compatible server on @@ -69,6 +68,17 @@ one attempt to retransmit requests, and will time requests out if the remote host is not heard from within a suitable timeout time. +.Pp +Note that in contexts where a host name is expected, a +.Fl 4 +qualifier preceding the host name forces resolution to the IPv4 +namespace, while a +.Fl 6 +qualifier forces resolution to the IPv6 namespace. +For examples and usage, see the +.Dq NTP Debugging Techniques +page. +.Pp Specifying a command line option other than .Fl i @@ -82,51 +92,46 @@ will attempt to read interactive format commands from the standard input. .Ss "Internal Commands" +.Pp Interactive format commands consist of a keyword followed by zero to four arguments. Only enough characters of the full keyword to uniquely identify the command need be typed. +.Pp A number of interactive format commands are executed entirely within the .Nm -utility itself and do not result in NTP mode 6 +utility itself and do not result in NTP requests being sent to a server. These are described following. -.Bl -tag -width "? [command_keyword]" -compact -offset indent -.It Ic ? Op Ar command_keyword -.It Ic help Op Ar command_keyword +.Bl -tag -width "help [command]" -compact -offset indent +.It Ic ? Op Ar command +.It Ic help Op Ar command A .Ql \&? -by itself will print a list of all the command -keywords known to this incarnation of +by itself will print a list of all the commands +known to .Nm . A .Ql \&? -followed by a command keyword will print function and usage +followed by a command name will print function and usage information about the command. -This command is probably a better -source of information about -.Nm -than this manual -page. -.It Ic addvars Ar variable_name Ns Xo Op Ic =value -.Ic ... -.Xc -.It Ic rmvars Ar variable_name Ic ... +.It Ic addvars Ar name Ns Oo \&= Ns Ar value Oc Ns Op ,... +.It Ic rmvars Ar name Ns Op ,... .It Ic clearvars .It Ic showvars -The data carried by NTP mode 6 messages consists of a list of +The arguments to this command consist of a list of items of the form -.Ql variable_name=value , +.Ar name Ns Op \&= Ns Ar value , where the -.Ql =value +.No \&= Ns Ar value is ignored, and can be omitted, in requests to the server to read variables. The .Nm -utility maintains an internal list in which data to be included in control -messages can be assembled, and sent using the +utility maintains an internal list in which data to be included in +messages can be assembled, and displayed or set using the .Ic readlist and .Ic writelist @@ -141,35 +146,31 @@ .Ic rmvars command can be used to remove individual variables from the list, while the -.Ic clearlist +.Ic clearvars command removes all variables from the list. The .Ic showvars command displays the current list of optional variables. -.It Ic authenticate Op yes | no +.It Ic authenticate Op Cm yes Ns | Ns Cm no Normally .Nm does not authenticate requests unless they are write requests. The command -.Ql authenticate yes +.Ic authenticate Cm yes causes .Nm to send authentication with all requests it makes. Authenticated requests causes some servers to handle -requests slightly differently, and can occasionally melt the CPU in -fuzzballs if you turn authentication on before doing a -.Ic peer -display. +requests slightly differently. The command -.Ql authenticate +.Ic authenticate causes .Nm to display whether or not -.Nm -is currently autheinticating requests. +it is currently authenticating requests. .It Ic cooked Causes output from query commands to be "cooked", so that variables which are recognized by @@ -178,20 +179,13 @@ values reformatted for human consumption. Variables which .Nm -thinks should have a decodable value but didn't are +could not decode completely are marked with a trailing .Ql \&? . -.It Xo -.Ic debug -.Oo -.Cm more | -.Cm less | -.Cm off -.Oc -.Xc +.It Ic debug Op Cm more Ns | Ns Cm less Ns | Ns Cm off With no argument, displays the current debug level. -Otherwise, the debug level is changed to the indicated level. -.It Ic delay Ar milliseconds +Otherwise, the debugging level is changed as indicated. +.It Ic delay Op Ar milliseconds Specify a time interval to be added to timestamps included in requests which require authentication. This is used to enable @@ -200,14 +194,21 @@ Actually the server does not now require timestamps in authenticated requests, so this command may be obsolete. +Without any arguments, displays the current delay. +.It Ic drefid Op Cm hash Ns | Ns Cm ipv4 +Display refids as IPv4 or hash. +Without any arguments, displays whether refids are shown as IPv4 +addresses or hashes. .It Ic exit Exit .Nm . -.It Ic host Ar hostname +.It Ic host Op Ar name Set the host to which future queries will be sent. -.Ar hostname +The +.Ar name may be either a host name or a numeric address. -.It Ic hostnames Op Cm yes | Cm no +Without any arguments, displays the current host. +.It Ic hostnames Op Cm yes Ns | Ns Cm no If .Cm yes is specified, host names are printed in @@ -222,7 +223,9 @@ modified using the command line .Fl n switch. -.It Ic keyid Ar keyid +Without any arguments, displays whether host names or numeric addresses +are shown. +.It Ic keyid Op Ar keyid This command allows the specification of a key number to be used to authenticate configuration requests. This must correspond @@ -230,28 +233,20 @@ .Cm controlkey key number the server has been configured to use for this purpose. -.It Ic keytype Xo Oo -.Cm md5 | -.Cm OpenSSLDigestType -.Oc -.Xc -Specify the type of key to use for authenticating requests. -.Cm md5 -is alway supported. +Without any arguments, displays the current +.Ar keyid . +.It Ic keytype Op Ar digest +Specify the digest algorithm to use for authenticating requests, with default +.Cm MD5 . If .Nm -was built with OpenSSL support, -any digest type supported by OpenSSL can also be provided. +was built with OpenSSL support, and OpenSSL is installed, +.Ar digest +can be any message digest algorithm supported by OpenSSL. If no argument is given, the current -.Ic keytype -is displayed. -.It Ic ntpversion Xo Oo -.Cm 1 | -.Cm 2 | -.Cm 3 | -.Cm 4 -.Oc -.Xc +.Ic keytype Ar digest +algorithm used is displayed. +.It Ic ntpversion Op Cm 1 Ns | Ns Cm 2 Ns | Ns Cm 3 Ns | Ns Cm 4 Sets the NTP version number which .Nm claims in @@ -269,13 +264,11 @@ The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful. -.\" Not yet implemented. -.\" .It Ic poll -.\" .Op Ar n -.\" .Op Ic verbose -.\" Poll an NTP server in client mode -.\" .Ar n -.\" times. +.It Ic poll Oo Ar n Oc Op Cm verbose +Poll an NTP server in client mode +.Ar n +times. +Poll not implemented yet. .It Ic quit Exit .Nm . @@ -285,95 +278,150 @@ The only formating/interpretation done on the data is to transform nonascii data into a printable (but barely understandable) form. -.It Ic timeout Ar milliseconds +.It Ic timeout Op Ar milliseconds Specify a timeout period for responses to server queries. The default is about 5000 milliseconds. +Without any arguments, displays the current timeout period. Note that since .Nm retries each query once after a timeout, the total waiting time for a timeout will be twice the timeout value set. .It Ic version -Print the version of the +Display the version of the .Nm program. .El .Ss "Control Message Commands" -Association IDs are used to identify system, peer and clock variables. -System variables are assigned an association ID of zero and system name space, while each association is assigned a nonzero association ID and peer namespace. -Most control commands send a single mode\-6 message to the server and expect a single response message. +Association ids are used to identify system, peer and clock variables. +System variables are assigned an association id of zero and system name +space, while each association is assigned a nonzero association id and +peer namespace. +Most control commands send a single message to the server and expect a +single response message. The exceptions are the -.Li peers +.Ic peers command, which sends a series of messages, and the -.Li mreadlist +.Ic mreadlist and -.Li mreadvar +.Ic mreadvar commands, which iterate over a range of associations. .Bl -tag -width "something" -compact -offset indent -.It Cm associations +.It Ic apeers +Display a list of peers in the form: +.Dl [tally]remote refid assid st t when pool reach delay offset jitter +where the output is just like the +.Ic peers +command except that the +.Cm refid +is displayed in hex format and the association number is also displayed. +.It Ic associations Display a list of mobilized associations in the form: .Dl ind assid status conf reach auth condition last_event cnt -.Bl -column -offset indent ".Sy Variable" ".Sy Description" -.It Sy String Ta Sy Description -.It Li ind Ta index on this list -.It Li assid Ta association ID -.It Li status Ta peer status word -.It Li conf Ta Li yes : persistent, Li no : ephemeral -.It Li reach Ta Li yes : reachable, Li no : unreachable -.It Li auth Ta Li ok , Li yes , Li bad and Li none -.It Li condition Ta selection status (see the Li select field of the peer status word) -.It Li last_event Ta event report (see the Li event field of the peer status word) -.It Li cnt Ta event count (see the Li count field of the peer status word) +.Bl -column -offset indent ".Sy Variable" "see the select field of the peer status word" +.It Sy Variable Ta Sy Description +.It Cm ind Ta index on this list +.It Cm assid Ta association id +.It Cm status Ta peer status word +.It Cm conf Ta Cm yes : No persistent, Cm no : No ephemeral +.It Cm reach Ta Cm yes : No reachable, Cm no : No unreachable +.It Cm auth Ta Cm ok , Cm yes , Cm bad No and Cm none +.It Cm condition Ta selection status \&(see the Cm select No field of the peer status word\&) +.It Cm last_event Ta event report \&(see the Cm event No field of the peer status word\&) +.It Cm cnt Ta event count \&(see the Cm count No field of the peer status word\&) .El -.It Cm authinfo -Display the authentication statistics. -.It Cm clockvar Ar assocID Oo Ar name Ns Oo Cm = Ns Ar value Oc Oc Op ... -.It Cm cv Ar assocID Oo Ar name Ns Oo Cm = Ns Ar value Oc Oc Op ... -Display a list of clock variables for those associations supporting a reference clock. -.It Cm :config Op ... -Send the remainder of the command line, including whitespace, to the server as a run\-time configuration command in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is of course required. -.It Cm config\-from\-file Ar filename -Send the each line of +.It Ic authinfo +Display the authentication statistics counters: +time since reset, stored keys, free keys, key lookups, keys not found, +uncached keys, expired keys, encryptions, decryptions. +.It Ic clocklist Op Ar associd +.It Ic cl Op Ar associd +Display all clock variables in the variable list for those associations +supporting a reference clock. +.It Ic clockvar Oo Ar associd Oc Oo Ar name Ns Oo \&= Ns Ar value Oc Ns Oc Ns Op ,... +.It Ic cv Oo Ar associd Oc Oo Ar name Ns Oo \&= Ns Ar value Oc Ns Oc Ns Op ,... +Display a list of clock variables for those associations supporting a +reference clock. +.It Ic :config Ar "configuration command line" +Send the remainder of the command line, including whitespace, to the +server as a run\-time configuration command in the same format as a line +in the configuration file. +This command is experimental until further notice and clarification. +Authentication is of course required. +.It Ic config\-from\-file Ar filename +Send each line of .Ar filename -to the server as run\-time configuration commands in the same format as a line in the configuration file. This command is experimental until further notice and clarification. Authentication is required. +to the server as run\-time configuration commands in the same format as +lines in the configuration file. +This command is experimental until further notice and clarification. +Authentication is required. .It Ic ifstats -Display statistics for each local network address. Authentication is required. +Display status and statistics counters for each local network interface address: +interface number, interface name and address or broadcast, drop, flag, +ttl, mc, received, sent, send failed, peers, uptime. +Authentication is required. .It Ic iostats -Display network and reference clock I/O statistics. +Display network and reference clock I/O statistics: +time since reset, receive buffers, free receive buffers, used receive buffers, +low water refills, dropped packets, ignored packets, received packets, +packets sent, packet send failures, input wakeups, useful input wakeups. .It Ic kerninfo -Display kernel loop and PPS statistics. As with other ntpq output, times are in milliseconds. The precision value displayed is in milliseconds as well, unlike the precision system variable. +Display kernel loop and PPS statistics: +associd, status, pll offset, pll frequency, maximum error, +estimated error, kernel status, pll time constant, precision, +frequency tolerance, pps frequency, pps stability, pps jitter, +calibration interval, calibration cycles, jitter exceeded, +stability exceeded, calibration errors. +As with other ntpq output, times are in milliseconds; very small values +may be shown as exponentials. +The precision value displayed is in milliseconds as well, unlike the +precision system variable. .It Ic lassociations -Perform the same function as the associations command, except display mobilized and unmobilized associations. -.It Ic lopeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc +Perform the same function as the associations command, except display +mobilized and unmobilized associations, including all clients. +.It Ic lopeers Op Fl 4 Ns | Ns Fl 6 +Display a list of all peers and clients showing +.Cm dstadr +(associated with the given IP version). +.It Ic lpassociations +Display the last obtained list of associations, including all clients. +.It Ic lpeers Op Fl 4 Ns | Ns Fl 6 +Display a list of all peers and clients (associated with the given IP version). +.It Ic monstats +Display monitor facility status, statistics, and limits: +enabled, addresses, peak addresses, maximum addresses, +reclaim above count, reclaim older than, kilobytes, maximum kilobytes. +.It Ic mreadlist Ar associdlo Ar associdhi +.It Ic mrl Ar associdlo Ar associdhi +Perform the same function as the +.Ic readlist +command for a range of association ids. +.It Ic mreadvar Ar associdlo Ar associdhi Oo Ar name Oc Ns Op ,... +This range may be determined from the list displayed by any +command showing associations. +.It Ic mrv Ar associdlo Ar associdhi Oo Ar name Oc Ns Op ,... +Perform the same function as the +.Ic readvar +command for a range of association ids. +This range may be determined from the list displayed by any +command showing associations. +.It Xo Ic mrulist Oo Cm limited | Cm kod | Cm mincount Ns \&= Ns Ar count | +.Cm laddr Ns \&= Ns Ar localaddr | Cm sort Ns \&= Ns Oo \&\- Oc Ns Ar sortorder | +.Cm resany Ns \&= Ns Ar hexmask | Cm resall Ns \&= Ns Ar hexmask Oc .Xc -Obtain and print a list of all peers and clients showing -.Ar dstadr -(associated with any given IP version). -.It Ic lpeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc -.Xc -Print a peer spreadsheet for the appropriate IP version(s). -.Ar dstadr -(associated with any given IP version). -.It Ic monstats -Display monitor facility statistics. -.It Ic mrulist Oo Ic limited | Ic kod | Ic mincount Ns = Ns Ar count | Ic laddr Ns = Ns Ar localaddr | Ic sort Ns = Ns Ar sortorder | Ic resany Ns = Ns Ar hexmask | Ic resall Ns = Ns Ar hexmask Oc -Obtain and print traffic counts collected and maintained by the monitor facility. +Display traffic counts of the most recently seen source addresses +collected and maintained by the monitor facility. With the exception of -.Cm sort Ns = Ns Ar sortorder , +.Cm sort Ns \&= Ns Oo \&\- Oc Ns Ar sortorder , the options filter the list returned by -.Cm ntpd. +.Xr ntpd 8 . The .Cm limited and .Cm kod -options return only entries representing client addresses from which the last packet received triggered either discarding or a KoD response. +options return only entries representing client addresses from which the +last packet received triggered either discarding or a KoD response. The .Cm mincount Ns = Ns Ar count option filters entries representing less than @@ -394,18 +442,21 @@ .Ar sortorder defaults to .Cm lstint -and may be any of +and may be .Cm addr , +.Cm avgint , .Cm count , -.Cm avgint , .Cm lstint , -or any of those preceded by a minus sign (hyphen) to reverse the sort order. +or any of those preceded by +.Ql \&\- +to reverse the sort order. The output columns are: .Bl -tag -width "something" -compact -offset indent .It Column Description .It Ic lstint -Interval in s between the receipt of the most recent packet from this address and the completion of the retrieval of the MRU list by +Interval in seconds between the receipt of the most recent packet from +this address and the completion of the retrieval of the MRU list by .Nm . .It Ic avgint Average interval in s between packets from this address. @@ -413,7 +464,8 @@ Restriction flags associated with this address. Most are copied unchanged from the matching .Ic restrict -command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless the last packet from this address triggered a rate control response. +command, however 0x400 (kod) and 0x20 (limited) flags are cleared unless +the last packet from this address triggered a rate control response. .It Ic r Rate control indicator, either a period, @@ -431,27 +483,15 @@ .It Ic rport Source port of last packet from this address. .It Ic remote address -DNS name, numeric address, or address followed by +host or DNS name, numeric address, or address followed by claimed DNS name which could not be verified in parentheses. .El -.It Ic mreadvar assocID assocID Oo Ar variable_name Ns Oo = Ns Ar value Oc Oc ... -.It Ic mrv assocID assocID Oo Ar variable_name Ns Oo = Ns Ar value Oc Oc ... -Perform the same function as the -.Ic readvar -command, except for a range of association IDs. -This range is determined from the association list cached by the most recent -.Ic associations -command. -.It Ic opeers Xo -.Oo Ic \-4 | -.Ic \-6 -.Oc -.Xc +.It Ic opeers Op Fl 4 | Fl 6 Obtain and print the old\-style list of all peers and clients showing -.Ar dstadr -(associated with any given IP version), +.Cm dstadr +(associated with the given IP version), rather than the -.Ar refid . +.Cm refid . .It Ic passociations Perform the same function as the .Ic associations @@ -463,28 +503,32 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic [tally] +.It Cm [tally] single\-character code indicating current value of the .Ic select field of the .Lk decode.html#peer "peer status word" -.It Ic remote +.It Cm remote host name (or IP number) of peer. -The value displayed will be truncated to 15 characters unless the +The value displayed will be truncated to 15 characters unless the +.Nm .Fl w -flag is given, in which case the full value will be displayed -on the first line, -and the remaining data is displayed on the next line. -.It Ic refid -association ID or +option is given, in which case the full value will be displayed +on the first line, and if too long, +the remaining data will be displayed on the next line. +.It Cm refid +source IP address or .Lk decode.html#kiss "'kiss code" -.It Ic st -stratum -.It Ic t +.It Cm st +stratum: 0 for local reference clocks, 1 for servers with local +reference clocks, ..., 16 for unsynchronized server clocks +.It Cm t .Ic u : unicast or manycast client, .Ic b : broadcast or multicast client, +.Ic p : +pool source, .Ic l : local (reference clock), .Ic s : @@ -495,38 +539,40 @@ broadcast server, .Ic M : multicast server -.It Ic when -sec/min/hr since last received packet -.It Ic poll -poll interval (log2 s) -.It Ic reach +.It Cm when +time in seconds, minutes, hours, or days since the last packet +was received, or +.Ql \&\- +if a packet has never been received +.It Cm poll +poll interval (s) +.It Cm reach reach shift register (octal) -.It Ic delay +.It Cm delay roundtrip delay -.It Ic offset +.It Cm offset offset of server relative to this host -.It Ic jitter -jitter +.It Cm jitter +offset RMS error estimate. .El -.It Ic apeers -Display a list of peers in the form: -.Dl [tally]remote refid assid st t when pool reach delay offset jitter -where the output is just like the -.Ic peers -command except that the -.Ic refid -is displayed in hex format and the association number is also displayed. -.It Ic pstats Ar assocID -Show the statistics for the peer with the given -.Ar assocID . -.It Ic readlist Ar assocID -.It Ic rl Ar assocID -Read the system or peer variables included in the variable list. -.It Ic readvar Ar assocID Ar name Ns Oo Ns = Ns Ar value Oc Oo , ... Oc -.It Ic rv Ar assocID Ar name Ns Oo Ns = Ns Ar value Oc Oo , ... Oc -Display the specified variables. +.It Ic pstats Ar associd +Display the statistics for the peer with the given +.Ar associd : +associd, status, remote host, local address, time last received, +time until next send, reachability change, packets sent, +packets received, bad authentication, bogus origin, duplicate, +bad dispersion, bad reference time, candidate order. +.It Ic readlist Op Ar associd +.It Ic rl Op Ar associd +Display all system or peer variables. +If the +.Ar associd +is omitted, it is assumed to be zero. +.It Ic readvar Op Ar associd Ar name Ns Oo Ns = Ns Ar value Oc Op , ... +.It Ic rv Op Ar associd Ar name Ns Oo Ns = Ns Ar value Oc Op , ... +Display the specified system or peer variables. If -.Ar assocID +.Ar associd is zero, the variables are from the .Sx System Variables name space, otherwise they are from the @@ -533,55 +579,76 @@ .Sx Peer Variables name space. The -.Ar assocID +.Ar associd is required, as the same name can occur in both spaces. If no .Ar name is included, all operative variables in the name space are displayed. In this case only, if the -.Ar assocID -is omitted, it is assumed zero. +.Ar associd +is omitted, it is assumed to be zero. Multiple names are specified with comma separators and without whitespace. Note that time values are represented in milliseconds and frequency values in parts\-per\-million (PPM). Some NTP timestamps are represented in the format -YYYYMMDDTTTT , -where YYYY is the year, -MM the month of year, -DD the day of month and -TTTT the time of day. +.Ar YYYY Ns Ar MM Ar DD Ar TTTT , +where +.Ar YYYY +is the year, +.Ar MM +the month of year, +.Ar DD +the day of month and +.Ar TTTT +the time of day. .It Ic reslist -Show the access control (restrict) list for +Display the access control (restrict) list for .Nm . +Authentication is required. .It Ic saveconfig Ar filename -Write the current configuration, -including any runtime modifications given with +Save the current configuration, +including any runtime modifications made by .Ic :config or .Ic config\-from\-file , -to the ntpd host's file +to the NTP server host file .Ar filename . This command will be rejected by the server unless .Lk miscopt.html#saveconfigdir "saveconfigdir" appears in the -.Ic ntpd +.Xr ntpd 8 configuration file. .Ar filename can use -.Xr strftime -format specifies to substitute the current date and time, for example, -.Ic q]saveconfig ntp\-%Y%m%d\-%H%M%S.confq] . +.Xr date 1 +format specifiers to substitute the current date and time, for +example, +.D1 Ic saveconfig Pa ntp\-%Y%m%d\-%H%M%S.conf . The filename used is stored in system variable -.Ic savedconfig . +.Cm savedconfig . Authentication is required. +.It Ic sysinfo +Display system operational summary: +associd, status, system peer, system peer mode, leap indicator, +stratum, log2 precision, root delay, root dispersion, +reference id, reference time, system jitter, clock jitter, +clock wander, broadcast delay, symm. auth. delay. +.It Ic sysstats +Display system uptime and packet counts maintained in the +protocol module: +uptime, sysstats reset, packets received, current version, +older version, bad length or format, authentication failed, +declined, restricted, rate limited, KoD responses, +processed for time. .It Ic timerstats -Display interval timer counters. -.It Ic writelist Ar assocID -Write the system or peer variables included in the variable list. -.It Ic writevar Ar assocID Ar name Ns = Ns Ar value Op , ... -Write the specified variables. +Display interval timer counters: +time since reset, timer overruns, calls to transmit. +.It Ic writelist Ar associd +Set all system or peer variables included in the variable list. +.It Ic writevar Ar associd Ar name Ns = Ns Ar value Op , ... +Set the specified variables in the variable list. If the -.Ar assocID +.Ar associd is zero, the variables are from the .Sx System Variables name space, otherwise they are from the @@ -588,12 +655,9 @@ .Sx Peer Variables name space. The -.Ar assocID +.Ar associd is required, as the same name can occur in both spaces. -.It Ic sysinfo -Display operational summary. -.It Ic sysstats -Print statistics counters maintained in the protocol module. +Authentication is required. .El .Ss Status Words and Kiss Codes The current state of the operating program is shown @@ -600,10 +664,10 @@ in a set of status words maintained by the system. Status information is also available on a per\-association basis. -These words are displayed in the -.Ic rv +These words are displayed by the +.Ic readlist and -.Ic as +.Ic associations commands both in hexadecimal and in decoded short tip strings. The codes, tips and short explanations are documented on the .Lk decode.html "Event Messages and Status Words" @@ -620,58 +684,59 @@ in the reference identifier field in various billboards. .Ss System Variables The following system variables appear in the -.Ic rv +.Ic readlist billboard. Not all variables are displayed in some configurations. +.Pp .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic status +.It Cm status .Lk decode.html#sys "system status word" -.It Ic version +.It Cm version NTP software version and build time -.It Ic processor +.It Cm processor hardware platform and version -.It Ic system +.It Cm system operating system and version -.It Ic leap +.It Cm leap leap warning indicator (0\-3) -.It Ic stratum +.It Cm stratum stratum (1\-15) -.It Ic precision +.It Cm precision precision (log2 s) -.It Ic rootdelay +.It Cm rootdelay total roundtrip delay to the primary reference clock -.It Ic rootdisp +.It Cm rootdisp total dispersion to the primary reference clock -.It Ic peer -system peer association ID -.It Ic tc +.It Cm refid +reference id or +.Lk decode.html#kiss "kiss code" +.It Cm reftime +reference time +.It Ic clock +date and time of day +.It Cm peer +system peer association id +.It Cm tc time constant and poll exponent (log2 s) (3\-17) -.It Ic mintc +.It Cm mintc minimum time constant (log2 s) (3\-10) -.It Ic clock -date and time of day -.It Ic refid -reference ID or -.Lk decode.html#kiss "kiss code" -.It Ic reftime -reference time -.It Ic offset -combined offset of server relative to this host -.It Ic sys_jitter +.It Cm offset +combined offset of server relative to this host +.It Cm frequency +frequency drift (PPM) relative to hardware clock +.It Cm sys_jitter combined system jitter -.It Ic frequency -frequency offset (PPM) relative to hardware clock -.It Ic clk_wander +.It Cm clk_wander clock frequency wander (PPM) -.It Ic clk_jitter +.It Cm clk_jitter clock jitter -.It Ic tai +.It Cm tai TAI\-UTC offset (s) -.It Ic leapsec +.It Cm leapsec NTP seconds when the next leap second is/was inserted -.It Ic expire +.It Cm expire NTP seconds when the NIST leapseconds file expires .El The jitter and wander statistics are exponentially\-weighted RMS averages. @@ -685,98 +750,102 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic host +.It Cm host Autokey host name for this host -.It Ic ident +.It Cm ident Autokey group name for this host -.It Ic flags +.It Cm flags host flags (see Autokey specification) -.It Ic digest +.It Cm digest OpenSSL message digest algorithm -.It Ic signature +.It Cm signature OpenSSL digest/signature scheme -.It Ic update +.It Cm update NTP seconds at last signature update -.It Ic cert +.It Cm cert certificate subject, issuer and certificate flags -.It Ic until +.It Cm until NTP seconds when the certificate expires .El .Ss Peer Variables The following peer variables appear in the -.Ic rv +.Ic readlist billboard for each association. Not all variables are displayed in some configurations. +.Pp .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic associd -association ID -.It Ic status +.It Cm associd +association id +.It Cm status .Lk decode.html#peer "peer status word" -.It Ic srcadr +.It Cm srcadr source (remote) IP address -.It Ic srcport +.It Cm srcport source (remote) port -.It Ic dstadr +.It Cm dstadr destination (local) IP address -.It Ic dstport +.It Cm dstport destination (local) port -.It Ic leap +.It Cm leap leap indicator (0\-3) -.It Ic stratum +.It Cm stratum stratum (0\-15) -.It Ic precision +.It Cm precision precision (log2 s) -.It Ic rootdelay +.It Cm rootdelay total roundtrip delay to the primary reference clock -.It Ic rootdisp +.It Cm rootdisp total root dispersion to the primary reference clock -.It Ic refid -reference ID or +.It Cm refid +reference id or .Lk decode.html#kiss "kiss code" -.It Ic reftime +.It Cm reftime reference time -.It Ic reach +.It Cm rec +last packet received time +.It Cm reach reach register (octal) -.It Ic unreach +.It Cm unreach unreach counter -.It Ic hmode +.It Cm hmode host mode (1\-6) -.It Ic pmode +.It Cm pmode peer mode (1\-5) -.It Ic hpoll +.It Cm hpoll host poll exponent (log2 s) (3\-17) -.It Ic ppoll +.It Cm ppoll peer poll exponent (log2 s) (3\-17) -.It Ic headway +.It Cm headway headway (see .Lk rate.html "Rate Management and the Kiss\-o'\-Death Packet" ) -.It Ic flash +.It Cm flash .Lk decode.html#flash "flash status word" -.It Ic offset +.It Cm keyid +symmetric key id +.It Cm offset filter offset -.It Ic delay +.It Cm delay filter delay -.It Ic dispersion +.It Cm dispersion filter dispersion -.It Ic jitter +.It Cm jitter filter jitter -.It Ic ident -Autokey group name for this association -.It Ic bias +.It Cm bias unicast/broadcast bias -.It Ic xleave +.It Cm xleave interleave delay (see .Lk xleave.html "NTP Interleaved Modes" ) .El The -.Ic bias +.Cm bias variable is calculated when the first broadcast packet is received after the calibration volley. -It represents the offset of the broadcast subgraph relative to the unicast subgraph. +It represents the offset of the broadcast subgraph relative to the +unicast subgraph. The -.Ic xleave +.Cm xleave variable appears only for the interleaved symmetric and interleaved modes. It represents the internal queuing, buffering and transmission delays for the preceding packet. @@ -786,71 +855,73 @@ .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic flags +.It Cm flags peer flags (see Autokey specification) -.It Ic host +.It Cm host Autokey server name -.It Ic flags +.It Cm flags peer flags (see Autokey specification) -.It Ic signature +.It Cm signature OpenSSL digest/signature scheme -.It Ic initsequence -initial key ID -.It Ic initkey +.It Cm initsequence +initial key id +.It Cm initkey initial key index -.It Ic timestamp +.It Cm timestamp Autokey signature timestamp +.It Cm ident +Autokey group name for this association .El .Ss Clock Variables The following clock variables appear in the -.Ic cv +.Ic clocklist billboard for each association with a reference clock. Not all variables are displayed in some configurations. .Bl -tag -width "something" -compact -offset indent .It Variable Description -.It Ic associd -association ID -.It Ic status +.It Cm associd +association id +.It Cm status .Lk decode.html#clock "clock status word" -.It Ic device +.It Cm device device description -.It Ic timecode +.It Cm timecode ASCII time code string (specific to device) -.It Ic poll +.It Cm poll poll messages sent -.It Ic noreply +.It Cm noreply no reply -.It Ic badformat +.It Cm badformat bad format -.It Ic baddata +.It Cm baddata bad date or time -.It Ic fudgetime1 +.It Cm fudgetime1 fudge time 1 -.It Ic fudgetime2 +.It Cm fudgetime2 fudge time 2 -.It Ic stratum +.It Cm stratum driver stratum -.It Ic refid -driver reference ID -.It Ic flags +.It Cm refid +driver reference id +.It Cm flags driver flags .El .Sh "OPTIONS" .Bl -tag .It Fl 4 , Fl \-ipv4 -Force IPv4 DNS name resolution. +Force IPv4 name resolution. This option must not appear in combination with any of the following options: ipv6. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv4 namespace. .It Fl 6 , Fl \-ipv6 -Force IPv6 DNS name resolution. +Force IPv6 name resolution. This option must not appear in combination with any of the following options: ipv4. .sp -Force DNS resolution of following host names on the command line +Force resolution of following host names on the command line to the IPv6 namespace. .It Fl c Ar cmd , Fl \-command Ns = Ns Ar cmd run a command and exit. @@ -880,7 +951,7 @@ numeric host addresses. .sp Output all host addresses in dotted\-quad numeric format rather than -converting to the canonical host names. +converting to the canonical host names. .It Fl \-old\-rv Always output status line with readvar. .sp --- usr.sbin/ntp/doc/sntp.8.orig +++ usr.sbin/ntp/doc/sntp.8 @@ -1,4 +1,4 @@ -.Dd March 21 2017 +.Dd February 27 2018 .Dt SNTP 8 User Commands .Os .\" EDIT THIS FILE WITH CAUTION (sntp-opts.mdoc) @@ -5,7 +5,7 @@ .\" .\" $FreeBSD$ .\" -.\" It has been AutoGen-ed March 21, 2017 at 10:36:52 AM by AutoGen 5.18.5 +.\" It has been AutoGen-ed February 27, 2018 at 05:13:14 PM by AutoGen 5.18.5 .\" From the definitions sntp-opts.def .\" and the template file agmdoc-cmd.tpl .Sh NAME @@ -140,6 +140,11 @@ warning message will be displayed. The file will not be created. .It Fl k Ar file\-name , Fl \-keyfile Ns = Ns Ar file\-name Look in this file for the key specified with \fB\-a\fP. +The default +.Ar file\-name +for this option is: +.ti +4 + /etc/ntp.keys .sp This option specifies the keyfile. \fBsntp\fP will search for the key specified with \fB\-a\fP --- usr.sbin/ntp/ntp-keygen/Makefile.orig +++ usr.sbin/ntp/ntp-keygen/Makefile @@ -20,7 +20,7 @@ -I${.CURDIR}/lib/libc/${MACHINE_ARCH} \ -I${.CURDIR:H} -LIBADD+= ntp opts pthread +LIBADD+= m ntp opts pthread .if ${MK_OPENSSL} != "no" LIBADD+= crypto --- usr.sbin/ntp/ntptime/Makefile.orig +++ usr.sbin/ntp/ntptime/Makefile @@ -11,6 +11,6 @@ -I${SRCTOP}/contrib/ntp/lib/isc/pthreads/include \ -I${.CURDIR:H} -LIBADD= ntp pthread +LIBADD= m ntp pthread .include --- usr.sbin/ntp/scripts/mkver.orig +++ usr.sbin/ntp/scripts/mkver @@ -6,7 +6,7 @@ ConfStr="$PROG" -ConfStr="$ConfStr 4.2.8p10" +ConfStr="$ConfStr 4.2.8p11" case "$CSET" in '') ;;