From owner-svn-ports-all@freebsd.org Sun Sep 13 14:14:27 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D904B3DB0DF; Sun, 13 Sep 2020 14:14:27 +0000 (UTC) (envelope-from naddy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BqBM75Tjdz4DrR; Sun, 13 Sep 2020 14:14:27 +0000 (UTC) (envelope-from naddy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9E39827518; Sun, 13 Sep 2020 14:14:27 +0000 (UTC) (envelope-from naddy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08DEERWH079371; Sun, 13 Sep 2020 14:14:27 GMT (envelope-from naddy@FreeBSD.org) Received: (from naddy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08DEEQGK079366; Sun, 13 Sep 2020 14:14:26 GMT (envelope-from naddy@FreeBSD.org) Message-Id: <202009131414.08DEEQGK079366@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: naddy set sender to naddy@FreeBSD.org using -f From: Christian Weisgerber Date: Sun, 13 Sep 2020 14:14:26 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r548477 - in head/net/openntpd: . files X-SVN-Group: ports-head X-SVN-Commit-Author: naddy X-SVN-Commit-Paths: in head/net/openntpd: . files X-SVN-Commit-Revision: 548477 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Sep 2020 14:14:28 -0000 Author: naddy Date: Sun Sep 13 14:14:26 2020 New Revision: 548477 URL: https://svnweb.freebsd.org/changeset/ports/548477 Log: Merge back fixes from OpenBSD 6.8-beta: If no replies are received for a while due to connectivity issues, go into unsynced mode. PR: 221282 Reported by: Rene Wagner Obtained from: OpenBSD Added: head/net/openntpd/files/patch-src_client.c (contents, props changed) head/net/openntpd/files/patch-src_ntpd.h (contents, props changed) Modified: head/net/openntpd/Makefile head/net/openntpd/files/patch-src_ntp.c head/net/openntpd/files/patch-src_ntpd.conf.5 Modified: head/net/openntpd/Makefile ============================================================================== --- head/net/openntpd/Makefile Sun Sep 13 12:57:07 2020 (r548476) +++ head/net/openntpd/Makefile Sun Sep 13 14:14:26 2020 (r548477) @@ -2,7 +2,7 @@ PORTNAME= openntpd PORTVERSION= 6.2p3 -PORTREVISION= 7 +PORTREVISION= 8 PORTEPOCH= 2 CATEGORIES= net MASTER_SITES= OPENBSD/OpenNTPD Added: head/net/openntpd/files/patch-src_client.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/openntpd/files/patch-src_client.c Sun Sep 13 14:14:26 2020 (r548477) @@ -0,0 +1,92 @@ +--- src/client.c.orig 2017-10-30 08:57:40 UTC ++++ src/client.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: client.c,v 1.105 2017/05/30 23:30:48 benno Exp $ */ ++/* $OpenBSD: client.c,v 1.114 2020/09/11 07:09:41 otto Exp $ */ + + /* + * Copyright (c) 2003, 2004 Henning Brauer +@@ -215,6 +215,12 @@ client_query(struct ntp_peer *p) + return (0); + } + ++ ++/* ++ * -1: Not processed, not an NTP message (e.g. icmp induced ECONNREFUSED) ++ * 0: Not prrocessed due to validation issues ++ * 1: NTP message validated and processed ++ */ + int + client_dispatch(struct ntp_peer *p, u_int8_t settime) + { +@@ -231,7 +237,7 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) + struct cmsghdr *cmsg; + #endif + ssize_t size; +- double T1, T2, T3, T4; ++ double T1, T2, T3, T4, offset, delay; + time_t interval; + + memset(&somsg, 0, sizeof(somsg)); +@@ -249,7 +255,7 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) + errno == ENOPROTOOPT || errno == ENOENT) { + client_log_error(p, "recvmsg", errno); + set_next(p, error_interval()); +- return (0); ++ return (-1); + } else + fatal("recvfrom"); + } +@@ -391,14 +397,6 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) + } else + p->reply[p->shift].status.send_refid = msg.xmttime.fractionl; + +- if (p->trustlevel < TRUSTLEVEL_PATHETIC) +- interval = scale_interval(INTERVAL_QUERY_PATHETIC); +- else if (p->trustlevel < TRUSTLEVEL_AGGRESSIVE) +- interval = scale_interval(INTERVAL_QUERY_AGGRESSIVE); +- else +- interval = scale_interval(INTERVAL_QUERY_NORMAL); +- +- set_next(p, interval); + p->state = STATE_REPLY_RECEIVED; + + /* every received reply which we do not discard increases trust */ +@@ -410,20 +408,32 @@ client_dispatch(struct ntp_peer *p, u_int8_t settime) + p->trustlevel++; + } + ++ offset = p->reply[p->shift].offset; ++ delay = p->reply[p->shift].delay; ++ ++ client_update(p); ++ if (settime) ++ priv_settime(p->reply[p->shift].offset); ++ ++ if (p->trustlevel < TRUSTLEVEL_PATHETIC) ++ interval = scale_interval(INTERVAL_QUERY_PATHETIC); ++ else if (p->trustlevel < TRUSTLEVEL_AGGRESSIVE) ++ interval = scale_interval(INTERVAL_QUERY_AGGRESSIVE); ++ else ++ interval = scale_interval(INTERVAL_QUERY_NORMAL); ++ + log_debug("reply from %s: offset %f delay %f, " + "next query %llds", + log_sockaddr((struct sockaddr *)&p->addr->ss), +- p->reply[p->shift].offset, p->reply[p->shift].delay, ++ offset, delay, + (long long)interval); + +- client_update(p); +- if (settime) +- priv_settime(p->reply[p->shift].offset); ++ set_next(p, interval); + + if (++p->shift >= OFFSET_ARRAY_SIZE) + p->shift = 0; + +- return (0); ++ return (1); + } + + int Modified: head/net/openntpd/files/patch-src_ntp.c ============================================================================== --- head/net/openntpd/files/patch-src_ntp.c Sun Sep 13 12:57:07 2020 (r548476) +++ head/net/openntpd/files/patch-src_ntp.c Sun Sep 13 14:14:26 2020 (r548477) @@ -1,5 +1,11 @@ --- src/ntp.c.orig 2017-06-19 13:23:10 UTC +++ src/ntp.c +@@ -1,4 +1,4 @@ +-/* $OpenBSD: ntp.c,v 1.146 2017/05/30 23:30:48 benno Exp $ */ ++/* $OpenBSD: ntp.c,v 1.167 2020/09/11 07:09:41 otto Exp $ */ + + /* + * Copyright (c) 2003, 2004 Henning Brauer @@ -42,7 +42,7 @@ volatile sig_atomic_t ntp_quit = 0; @@ -9,3 +15,79 @@ struct ntpd_conf *conf; struct ctl_conns ctl_conns; u_int peer_cnt; +@@ -87,6 +87,7 @@ ntp_main(struct ntpd_conf *nconf, struct passwd *pw, i + struct stat stb; + struct ctl_conn *cc; + time_t nextaction, last_sensor_scan = 0, now; ++ time_t last_action = 0, interval; + void *newp; + + if (socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, PF_UNSPEC, +@@ -395,11 +396,28 @@ ntp_main(struct ntpd_conf *nconf, struct passwd *pw, i + + for (; nfds > 0 && j < idx_clients; j++) { + if (pfd[j].revents & (POLLIN|POLLERR)) { ++ struct ntp_peer *pp = idx2peer[j - idx_peers]; ++ + nfds--; +- if (client_dispatch(idx2peer[j - idx_peers], +- conf->settime) == -1) { +- log_warn("pipe write error (settime)"); +- ntp_quit = 1; ++ switch (client_dispatch(pp, conf->settime)) { ++ case -1: ++ log_debug("no reply from %s " ++ "received", log_sockaddr( ++ (struct sockaddr *) &pp->addr->ss)); ++ if (pp->trustlevel >= ++ TRUSTLEVEL_BADPEER && ++ (pp->trustlevel /= 2) < ++ TRUSTLEVEL_BADPEER) ++ log_info("peer %s now invalid", ++ log_sockaddr( ++ (struct sockaddr *) ++ &pp->addr->ss)); ++ break; ++ case 0: /* invalid replies are ignored */ ++ break; ++ case 1: ++ last_action = now; ++ break; + } + } + } +@@ -411,9 +429,24 @@ ntp_main(struct ntpd_conf *nconf, struct passwd *pw, i + for (s = TAILQ_FIRST(&conf->ntp_sensors); s != NULL; + s = next_s) { + next_s = TAILQ_NEXT(s, entry); +- if (s->next <= getmonotime()) ++ if (s->next <= now) { ++ last_action = now; + sensor_query(s); ++ } + } ++ ++ /* ++ * Compute maximum of scale_interval(INTERVAL_QUERY_NORMAL), ++ * if we did not process a time message for three times that ++ * interval, stop advertising we're synced. ++ */ ++ interval = INTERVAL_QUERY_NORMAL * conf->scale; ++ interval += SCALE_INTERVAL(interval) - 1; ++ if (conf->status.synced && last_action + 3 * interval < now) { ++ log_info("clock is now unsynced due to lack of replies"); ++ conf->status.synced = 0; ++ conf->scale = 1; ++ } + } + + msgbuf_write(&ibuf_main->w); +@@ -760,7 +793,7 @@ scale_interval(time_t requested) + time_t interval, r; + + interval = requested * conf->scale; +- r = arc4random_uniform(MAXIMUM(5, interval / 10)); ++ r = arc4random_uniform(SCALE_INTERVAL(interval)); + return (interval + r); + } + Modified: head/net/openntpd/files/patch-src_ntpd.conf.5 ============================================================================== --- head/net/openntpd/files/patch-src_ntpd.conf.5 Sun Sep 13 12:57:07 2020 (r548476) +++ head/net/openntpd/files/patch-src_ntpd.conf.5 Sun Sep 13 14:14:26 2020 (r548477) @@ -1,6 +1,6 @@ ---- src/ntpd.conf.5.orig 2016-05-30 22:50:02 UTC +--- src/ntpd.conf.5.orig 2017-10-30 08:57:40 UTC +++ src/ntpd.conf.5 -@@ -218,8 +218,8 @@ constraints from "https://www.google.com +@@ -232,8 +232,8 @@ constraints from "https://www.google.com/" .Ed .El .Sh FILES Added: head/net/openntpd/files/patch-src_ntpd.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/openntpd/files/patch-src_ntpd.h Sun Sep 13 14:14:26 2020 (r548477) @@ -0,0 +1,17 @@ +--- src/ntpd.h.orig 2017-10-30 08:57:40 UTC ++++ src/ntpd.h +@@ -1,4 +1,4 @@ +-/* $OpenBSD: ntpd.h,v 1.135 2017/05/30 23:30:48 benno Exp $ */ ++/* $OpenBSD: ntpd.h,v 1.150 2020/08/30 16:21:29 otto Exp $ */ + + /* + * Copyright (c) 2003, 2004 Henning Brauer +@@ -341,6 +341,8 @@ time_t scale_interval(time_t); + time_t error_interval(void); + extern struct ntpd_conf *conf; + extern struct ctl_conns ctl_conns; ++ ++#define SCALE_INTERVAL(x) MAXIMUM(5, (x) / 10) + + /* parse.y */ + int parse_config(const char *, struct ntpd_conf *);