2 * NTP client/server, based on OpenNTPD 3.9p1
4 * Author: Adam Tkac <vonsch@gmail.com>
6 * Licensed under GPLv2, see file LICENSE in this source tree.
9 #include <netinet/ip.h> /* For IPTOS_LOWDELAY definition */
10 #include <sys/resource.h> /* setpriority */
11 #ifndef IPTOS_LOWDELAY
12 # define IPTOS_LOWDELAY 0x10
15 # error "Sorry, your kernel has to support IP_PKTINFO"
19 /* Sync to peers every N secs */
20 #define INTERVAL_QUERY_NORMAL 30
21 #define INTERVAL_QUERY_PATHETIC 60
22 #define INTERVAL_QUERY_AGRESSIVE 5
24 /* Bad if *less than* TRUSTLEVEL_BADPEER */
25 #define TRUSTLEVEL_BADPEER 6
26 #define TRUSTLEVEL_PATHETIC 2
27 #define TRUSTLEVEL_AGRESSIVE 8
28 #define TRUSTLEVEL_MAX 10
30 #define QSCALE_OFF_MIN 0.05
31 #define QSCALE_OFF_MAX 0.50
33 /* Single query might take N secs max */
34 #define QUERYTIME_MAX 15
35 /* Min offset for settime at start. "man ntpd" says it's 128 ms */
36 #define STEPTIME_MIN_OFFSET 0.128
50 NTP_MSGSIZE_NOAUTH
= 48,
51 NTP_MSGSIZE
= (NTP_MSGSIZE_NOAUTH
+ 4 + NTP_DIGESTSIZE
),
55 uint8_t m_status
; /* status of local clock and leap info */
56 uint8_t m_stratum
; /* stratum level */
57 uint8_t m_ppoll
; /* poll value */
58 int8_t m_precision_exp
;
59 s_fixedpt_t m_rootdelay
;
60 s_fixedpt_t m_dispersion
;
62 l_fixedpt_t m_reftime
;
63 l_fixedpt_t m_orgtime
;
64 l_fixedpt_t m_rectime
;
65 l_fixedpt_t m_xmttime
;
67 uint8_t m_digest
[NTP_DIGESTSIZE
];
76 VERSION_MASK
= (7 << 3),
80 /* Leap Second Codes (high order two bits of m_status) */
81 LI_NOWARNING
= (0 << 6), /* no warning */
82 LI_PLUSSEC
= (1 << 6), /* add a second (61 seconds) */
83 LI_MINUSSEC
= (2 << 6), /* minus a second (59 seconds) */
84 LI_ALARM
= (3 << 6), /* alarm condition */
87 MODE_RES0
= 0, /* reserved */
88 MODE_SYM_ACT
= 1, /* symmetric active */
89 MODE_SYM_PAS
= 2, /* symmetric passive */
90 MODE_CLIENT
= 3, /* client */
91 MODE_SERVER
= 4, /* server */
92 MODE_BROADCAST
= 5, /* broadcast */
93 MODE_RES1
= 6, /* reserved for NTP control message */
94 MODE_RES2
= 7, /* reserved for private use */
97 #define OFFSET_1900_1970 2208988800UL /* 1970 - 1900 in seconds */
102 //UNUSED: double d_error;
110 #define NUM_DATAPOINTS 8
112 len_and_sockaddr
*p_lsa
;
114 /* When to send new query (if p_fd == -1)
115 * or when receive times out (if p_fd >= 0): */
116 time_t next_action_time
;
118 uint8_t p_datapoint_idx
;
119 uint8_t p_trustlevel
;
122 datapoint_t p_datapoint
[NUM_DATAPOINTS
];
131 /* Insert new options above this line. */
132 /* Non-compat options: */
134 OPT_l
= (1 << 5) * ENABLE_FEATURE_NTPD_SERVER
,
139 /* total round trip delay to currently selected reference clock */
141 /* reference timestamp: time when the system clock was last set or corrected */
144 #if ENABLE_FEATURE_NTPD_SERVER
154 #define G_precision_exp -6
155 // int8_t precision_exp;
157 uint8_t time_was_stepped
;
158 uint8_t first_adj_done
;
160 #define G (*ptr_to_globals)
162 static const int const_IPTOS_LOWDELAY
= IPTOS_LOWDELAY
;
166 set_next(peer_t
*p
, unsigned t
)
168 p
->next_action_time
= time(NULL
) + t
;
176 p
= xzalloc(sizeof(*p
));
177 p
->p_lsa
= xhost2sockaddr(s
, 123);
178 p
->p_dotted
= xmalloc_sockaddr2dotted_noport(&p
->p_lsa
->u
.sa
);
180 p
->p_xmt_msg
.m_status
= MODE_CLIENT
| (NTP_VERSION
<< 3);
181 p
->p_trustlevel
= TRUSTLEVEL_PATHETIC
;
182 p
->next_action_time
= time(NULL
); /* = set_next(p, 0); */
184 llist_add_to(&G
.ntp_peers
, p
);
192 gettimeofday(&tv
, NULL
); /* never fails */
193 return (tv
.tv_sec
+ 1.0e-6 * tv
.tv_usec
+ OFFSET_1900_1970
);
197 d_to_tv(double d
, struct timeval
*tv
)
199 tv
->tv_sec
= (long)d
;
200 tv
->tv_usec
= (d
- tv
->tv_sec
) * 1000000;
204 lfp_to_d(l_fixedpt_t lfp
)
207 lfp
.int_partl
= ntohl(lfp
.int_partl
);
208 lfp
.fractionl
= ntohl(lfp
.fractionl
);
209 ret
= (double)lfp
.int_partl
+ ((double)lfp
.fractionl
/ UINT_MAX
);
215 sfp_to_d(s_fixedpt_t sfp
)
218 sfp
.int_parts
= ntohs(sfp
.int_parts
);
219 sfp
.fractions
= ntohs(sfp
.fractions
);
220 ret
= (double)sfp
.int_parts
+ ((double)sfp
.fractions
/ USHRT_MAX
);
225 #if ENABLE_FEATURE_NTPD_SERVER
230 lfp
.int_partl
= (uint32_t)d
;
231 lfp
.fractionl
= (uint32_t)((d
- lfp
.int_partl
) * UINT_MAX
);
232 lfp
.int_partl
= htonl(lfp
.int_partl
);
233 lfp
.fractionl
= htonl(lfp
.fractionl
);
241 sfp
.int_parts
= (uint16_t)d
;
242 sfp
.fractions
= (uint16_t)((d
- sfp
.int_parts
) * USHRT_MAX
);
243 sfp
.int_parts
= htons(sfp
.int_parts
);
244 sfp
.fractions
= htons(sfp
.fractions
);
252 unsigned interval
, r
;
253 interval
= INTERVAL_QUERY_PATHETIC
* QSCALE_OFF_MAX
/ QSCALE_OFF_MIN
;
254 r
= (unsigned)random() % (unsigned)(interval
/ 10);
255 return (interval
+ r
);
260 const struct sockaddr
*from
, const struct sockaddr
*to
, socklen_t addrlen
,
261 msg_t
*msg
, ssize_t len
)
267 ret
= sendto(fd
, msg
, len
, MSG_DONTWAIT
, to
, addrlen
);
269 ret
= send_to_from(fd
, msg
, len
, MSG_DONTWAIT
, to
, from
, addrlen
);
272 bb_perror_msg("send failed");
279 send_query_to_peer(peer_t
*p
)
281 // Why do we need to bind()?
282 // See what happens when we don't bind:
284 // socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
285 // setsockopt(3, SOL_IP, IP_TOS, [16], 4) = 0
286 // gettimeofday({1259071266, 327885}, NULL) = 0
287 // sendto(3, "xxx", 48, MSG_DONTWAIT, {sa_family=AF_INET, sin_port=htons(123), sin_addr=inet_addr("10.34.32.125")}, 16) = 48
288 // ^^^ we sent it from some source port picked by kernel.
289 // time(NULL) = 1259071266
290 // write(2, "ntpd: entering poll 15 secs\n", 28) = 28
291 // poll([{fd=3, events=POLLIN}], 1, 15000) = 1 ([{fd=3, revents=POLLIN}])
292 // recv(3, "yyy", 68, MSG_DONTWAIT) = 48
293 // ^^^ this recv will receive packets to any local port!
295 // Uncomment this and use strace to see it in action:
296 #define PROBE_LOCAL_ADDR // { len_and_sockaddr lsa; lsa.len = LSA_SIZEOF_SA; getsockname(p->query.fd, &lsa.u.sa, &lsa.len); }
300 len_and_sockaddr
*local_lsa
;
302 family
= p
->p_lsa
->u
.sa
.sa_family
;
303 p
->p_fd
= fd
= xsocket_type(&local_lsa
, family
, SOCK_DGRAM
);
304 /* local_lsa has "null" address and port 0 now.
305 * bind() ensures we have a *particular port* selected by kernel
306 * and remembered in p->p_fd, thus later recv(p->p_fd)
307 * receives only packets sent to this port.
310 xbind(fd
, &local_lsa
->u
.sa
, local_lsa
->len
);
312 #if ENABLE_FEATURE_IPV6
313 if (family
== AF_INET
)
315 setsockopt(fd
, IPPROTO_IP
, IP_TOS
, &const_IPTOS_LOWDELAY
, sizeof(const_IPTOS_LOWDELAY
));
320 * Send out a random 64-bit number as our transmit time. The NTP
321 * server will copy said number into the originate field on the
322 * response that it sends us. This is totally legal per the SNTP spec.
324 * The impact of this is two fold: we no longer send out the current
325 * system time for the world to see (which may aid an attacker), and
326 * it gives us a (not very secure) way of knowing that we're not
327 * getting spoofed by an attacker that can't capture our traffic
328 * but can spoof packets from the NTP server we're communicating with.
330 * Save the real transmit timestamp locally.
332 p
->p_xmt_msg
.m_xmttime
.int_partl
= random();
333 p
->p_xmt_msg
.m_xmttime
.fractionl
= random();
334 p
->p_xmttime
= gettime1900d();
336 if (do_sendto(p
->p_fd
, /*from:*/ NULL
, /*to:*/ &p
->p_lsa
->u
.sa
, /*addrlen:*/ p
->p_lsa
->len
,
337 &p
->p_xmt_msg
, NTP_MSGSIZE_NOAUTH
) == -1
341 set_next(p
, INTERVAL_QUERY_PATHETIC
);
346 bb_error_msg("sent query to %s", p
->p_dotted
);
347 set_next(p
, QUERYTIME_MAX
);
353 /* Time is stepped only once, when the first packet from a peer is received.
356 step_time_once(double offset
)
364 if (G
.time_was_stepped
)
366 G
.time_was_stepped
= 1;
368 /* if the offset is small, don't step, slew (later) */
369 if (offset
< STEPTIME_MIN_OFFSET
&& offset
> -STEPTIME_MIN_OFFSET
)
372 gettimeofday(&tv
, NULL
); /* never fails */
373 dtime
= offset
+ tv
.tv_sec
;
374 dtime
+= 1.0e-6 * tv
.tv_usec
;
377 if (settimeofday(&tv
, NULL
) == -1)
378 bb_perror_msg_and_die("settimeofday");
381 strftime(buf
, sizeof(buf
), "%a %b %e %H:%M:%S %Z %Y", localtime(&tval
));
383 bb_error_msg("setting clock to %s (offset %fs)", buf
, offset
);
385 for (item
= G
.ntp_peers
; item
!= NULL
; item
= item
->link
) {
386 peer_t
*p
= (peer_t
*) item
->data
;
387 p
->next_action_time
-= (time_t)offset
;
391 if (option_mask32
& OPT_q
)
396 /* Time is periodically slewed when we collect enough
400 compare_offsets(const void *aa
, const void *bb
)
402 const peer_t
*const *a
= aa
;
403 const peer_t
*const *b
= bb
;
404 if ((*a
)->update
.d_offset
< (*b
)->update
.d_offset
)
406 return ((*a
)->update
.d_offset
> (*b
)->update
.d_offset
);
409 updated_scale(double offset
)
413 if (offset
> QSCALE_OFF_MAX
)
415 if (offset
< QSCALE_OFF_MIN
)
416 return QSCALE_OFF_MAX
/ QSCALE_OFF_MIN
;
417 return QSCALE_OFF_MAX
/ offset
;
423 double offset_median
;
427 peer_t
**peers
= xzalloc(sizeof(peers
[0]) * G
.peer_cnt
);
428 unsigned goodpeer_cnt
= 0;
431 for (item
= G
.ntp_peers
; item
!= NULL
; item
= item
->link
) {
432 peer_t
*p
= (peer_t
*) item
->data
;
433 if (p
->p_trustlevel
< TRUSTLEVEL_BADPEER
)
435 if (!p
->update
.d_good
) {
439 peers
[goodpeer_cnt
++] = p
;
442 if (goodpeer_cnt
== 0) {
447 qsort(peers
, goodpeer_cnt
, sizeof(peers
[0]), compare_offsets
);
449 middle
= goodpeer_cnt
/ 2;
450 if (middle
!= 0 && (goodpeer_cnt
& 1) == 0) {
451 offset_median
= (peers
[middle
-1]->update
.d_offset
+ peers
[middle
]->update
.d_offset
) / 2;
452 G
.rootdelay
= (peers
[middle
-1]->update
.d_delay
+ peers
[middle
]->update
.d_delay
) / 2;
453 G
.stratum
= 1 + MAX(peers
[middle
-1]->update
.d_stratum
, peers
[middle
]->update
.d_stratum
);
455 offset_median
= peers
[middle
]->update
.d_offset
;
456 G
.rootdelay
= peers
[middle
]->update
.d_delay
;
457 G
.stratum
= 1 + peers
[middle
]->update
.d_stratum
;
459 G
.leap
= peers
[middle
]->update
.d_leap
;
460 G
.refid4
= peers
[middle
]->update
.d_refid4
;
462 #if ENABLE_FEATURE_IPV6
463 peers
[middle
]->p_lsa
->u
.sa
.sa_family
!= AF_INET
?
466 peers
[middle
]->p_lsa
->u
.sin
.sin_addr
.s_addr
;
469 //TODO: if (offset_median > BIG) step_time(offset_median)?
471 G
.scale
= updated_scale(offset_median
);
473 bb_error_msg("adjusting clock by %fs, our stratum is %u, time scale %u",
474 offset_median
, G
.stratum
, G
.scale
);
477 d_to_tv(offset_median
, &tv
);
478 if (adjtime(&tv
, &tv
) == -1)
479 bb_perror_msg_and_die("adjtime failed");
481 bb_error_msg("old adjust: %d.%06u", (int)tv
.tv_sec
, (unsigned)tv
.tv_usec
);
483 if (G
.first_adj_done
) {
484 uint8_t synced
= (tv
.tv_sec
== 0 && tv
.tv_usec
== 0);
485 if (synced
!= G
.synced
) {
487 bb_error_msg("clock is %ssynced", synced
? "" : "un");
490 G
.first_adj_done
= 1;
492 G
.reftime
= gettime1900d();
495 for (item
= G
.ntp_peers
; item
!= NULL
; item
= item
->link
) {
496 peer_t
*p
= (peer_t
*) item
->data
;
497 p
->update
.d_good
= 0;
502 update_peer_data(peer_t
*p
)
505 * Find the datapoint with the lowest delay.
506 * Use that as the peer update.
507 * Invalidate it and all older ones.
513 for (i
= 0; i
< NUM_DATAPOINTS
; i
++) {
514 if (p
->p_datapoint
[i
].d_good
) {
516 if (best
< 0 || p
->p_datapoint
[i
].d_delay
< p
->p_datapoint
[best
].d_delay
)
521 if (good
< 8) //FIXME: was it meant to be NUM_DATAPOINTS, not 8?
524 p
->update
= p
->p_datapoint
[best
]; /* struct copy */
527 for (i
= 0; i
< NUM_DATAPOINTS
; i
++)
528 if (p
->p_datapoint
[i
].d_rcv_time
<= p
->p_datapoint
[best
].d_rcv_time
)
529 p
->p_datapoint
[i
].d_good
= 0;
533 scale_interval(unsigned requested
)
535 unsigned interval
, r
;
536 interval
= requested
* G
.scale
;
537 r
= (unsigned)random() % (unsigned)(MAX(5, interval
/ 10));
538 return (interval
+ r
);
541 recv_and_process_peer_pkt(peer_t
*p
)
545 double T1
, T2
, T3
, T4
;
547 datapoint_t
*datapoint
;
549 /* We can recvfrom here and check from.IP, but some multihomed
550 * ntp servers reply from their *other IP*.
551 * TODO: maybe we should check at least what we can: from.port == 123?
553 size
= recv(p
->p_fd
, &msg
, sizeof(msg
), MSG_DONTWAIT
);
555 bb_perror_msg("recv(%s) error", p
->p_dotted
);
556 if (errno
== EHOSTUNREACH
|| errno
== EHOSTDOWN
557 || errno
== ENETUNREACH
|| errno
== ENETDOWN
558 || errno
== ECONNREFUSED
|| errno
== EADDRNOTAVAIL
561 //TODO: always do this?
562 set_next(p
, error_interval());
568 if (size
!= NTP_MSGSIZE_NOAUTH
&& size
!= NTP_MSGSIZE
) {
569 bb_error_msg("malformed packet received from %s", p
->p_dotted
);
573 if (msg
.m_orgtime
.int_partl
!= p
->p_xmt_msg
.m_xmttime
.int_partl
574 || msg
.m_orgtime
.fractionl
!= p
->p_xmt_msg
.m_xmttime
.fractionl
579 if ((msg
.m_status
& LI_ALARM
) == LI_ALARM
580 || msg
.m_stratum
== 0
581 || msg
.m_stratum
> NTP_MAXSTRATUM
583 // TODO: stratum 0 responses may have commands in 32-bit m_refid field:
584 // "DENY", "RSTR" - peer does not like us at all
585 // "RATE" - peer is overloaded, reduce polling freq
586 interval
= error_interval();
587 bb_error_msg("reply from %s: not synced, next query in %us", p
->p_dotted
, interval
);
592 * From RFC 2030 (with a correction to the delay math):
594 * Timestamp Name ID When Generated
595 * ------------------------------------------------------------
596 * Originate Timestamp T1 time request sent by client
597 * Receive Timestamp T2 time request received by server
598 * Transmit Timestamp T3 time reply sent by server
599 * Destination Timestamp T4 time reply received by client
601 * The roundtrip delay and local clock offset are defined as
603 * delay = (T4 - T1) - (T3 - T2); offset = ((T2 - T1) + (T3 - T4)) / 2
606 T2
= lfp_to_d(msg
.m_rectime
);
607 T3
= lfp_to_d(msg
.m_xmttime
);
610 datapoint
= &p
->p_datapoint
[p
->p_datapoint_idx
];
612 datapoint
->d_offset
= ((T2
- T1
) + (T3
- T4
)) / 2;
613 datapoint
->d_delay
= (T4
- T1
) - (T3
- T2
);
614 if (datapoint
->d_delay
< 0) {
615 bb_error_msg("reply from %s: negative delay %f", p
->p_dotted
, datapoint
->d_delay
);
616 interval
= error_interval();
617 set_next(p
, interval
);
620 //UNUSED: datapoint->d_error = (T2 - T1) - (T3 - T4);
621 datapoint
->d_rcv_time
= (time_t)(T4
- OFFSET_1900_1970
); /* = time(NULL); */
622 datapoint
->d_good
= 1;
624 datapoint
->d_leap
= (msg
.m_status
& LI_MASK
);
625 //UNUSED: datapoint->o_precision = msg.m_precision_exp;
626 //UNUSED: datapoint->o_rootdelay = sfp_to_d(msg.m_rootdelay);
627 //UNUSED: datapoint->o_rootdispersion = sfp_to_d(msg.m_dispersion);
628 //UNUSED: datapoint->d_refid = ntohl(msg.m_refid);
629 datapoint
->d_refid4
= msg
.m_xmttime
.fractionl
;
630 //UNUSED: datapoint->o_reftime = lfp_to_d(msg.m_reftime);
631 //UNUSED: datapoint->o_poll = msg.m_ppoll;
632 datapoint
->d_stratum
= msg
.m_stratum
;
634 if (p
->p_trustlevel
< TRUSTLEVEL_PATHETIC
)
635 interval
= scale_interval(INTERVAL_QUERY_PATHETIC
);
636 else if (p
->p_trustlevel
< TRUSTLEVEL_AGRESSIVE
)
637 interval
= scale_interval(INTERVAL_QUERY_AGRESSIVE
);
639 interval
= scale_interval(INTERVAL_QUERY_NORMAL
);
641 set_next(p
, interval
);
643 /* Every received reply which we do not discard increases trust */
644 if (p
->p_trustlevel
< TRUSTLEVEL_MAX
) {
646 if (p
->p_trustlevel
== TRUSTLEVEL_BADPEER
)
647 bb_error_msg("peer %s now valid", p
->p_dotted
);
651 bb_error_msg("reply from %s: offset %f delay %f, next query in %us", p
->p_dotted
,
652 datapoint
->d_offset
, datapoint
->d_delay
, interval
);
655 //TODO: do it after all peers had a chance to return at least one reply?
656 step_time_once(datapoint
->d_offset
);
658 p
->p_datapoint_idx
++;
659 if (p
->p_datapoint_idx
>= NUM_DATAPOINTS
)
660 p
->p_datapoint_idx
= 0;
663 /* We do not expect any more packets from this peer for now.
664 * Closing the socket informs kernel about it.
665 * We open a new socket when we send a new query.
673 #if ENABLE_FEATURE_NTPD_SERVER
675 recv_and_process_client_pkt(void /*int fd*/)
680 len_and_sockaddr
*to
;
681 struct sockaddr
*from
;
683 uint8_t query_status
;
685 l_fixedpt_t query_xmttime
;
687 to
= get_sock_lsa(G
.listen_fd
);
688 from
= xzalloc(to
->len
);
690 size
= recv_from_to(G
.listen_fd
, &msg
, sizeof(msg
), MSG_DONTWAIT
, from
, &to
->u
.sa
, to
->len
);
691 if (size
!= NTP_MSGSIZE_NOAUTH
&& size
!= NTP_MSGSIZE
) {
696 bb_perror_msg_and_die("recv");
698 addr
= xmalloc_sockaddr2dotted_noport(from
);
699 bb_error_msg("malformed packet received from %s: size %u", addr
, (int)size
);
704 query_status
= msg
.m_status
;
705 query_ppoll
= msg
.m_ppoll
;
706 query_xmttime
= msg
.m_xmttime
;
708 /* Build a reply packet */
709 memset(&msg
, 0, sizeof(msg
));
710 msg
.m_status
= G
.synced
? G
.leap
: LI_ALARM
;
711 msg
.m_status
|= (query_status
& VERSION_MASK
);
712 msg
.m_status
|= ((query_status
& MODE_MASK
) == MODE_CLIENT
) ?
713 MODE_SERVER
: MODE_SYM_PAS
;
714 msg
.m_stratum
= G
.stratum
;
715 msg
.m_ppoll
= query_ppoll
;
716 msg
.m_precision_exp
= G_precision_exp
;
717 rectime
= gettime1900d();
718 msg
.m_xmttime
= msg
.m_rectime
= d_to_lfp(rectime
);
719 msg
.m_reftime
= d_to_lfp(G
.reftime
);
720 //msg.m_xmttime = d_to_lfp(gettime1900d()); // = msg.m_rectime
721 msg
.m_orgtime
= query_xmttime
;
722 msg
.m_rootdelay
= d_to_sfp(G
.rootdelay
);
723 version
= (query_status
& VERSION_MASK
); /* ... >> VERSION_SHIFT - done below instead */
724 msg
.m_refid
= (version
> (3 << VERSION_SHIFT
)) ? G
.refid4
: G
.refid
;
726 /* We reply from the local address packet was sent to,
727 * this makes to/from look swapped here: */
728 do_sendto(G
.listen_fd
,
729 /*from:*/ &to
->u
.sa
, /*to:*/ from
, /*addrlen:*/ to
->len
,
738 /* Upstream ntpd's options:
740 * -4 Force DNS resolution of host names to the IPv4 namespace.
741 * -6 Force DNS resolution of host names to the IPv6 namespace.
742 * -a Require cryptographic authentication for broadcast client,
743 * multicast client and symmetric passive associations.
744 * This is the default.
745 * -A Do not require cryptographic authentication for broadcast client,
746 * multicast client and symmetric passive associations.
747 * This is almost never a good idea.
748 * -b Enable the client to synchronize to broadcast servers.
750 * Specify the name and path of the configuration file,
751 * default /etc/ntp.conf
752 * -d Specify debugging mode. This option may occur more than once,
753 * with each occurrence indicating greater detail of display.
755 * Specify debugging level directly.
757 * Specify the name and path of the frequency file.
758 * This is the same operation as the "driftfile FILE"
759 * configuration command.
760 * -g Normally, ntpd exits with a message to the system log
761 * if the offset exceeds the panic threshold, which is 1000 s
762 * by default. This option allows the time to be set to any value
763 * without restriction; however, this can happen only once.
764 * If the threshold is exceeded after that, ntpd will exit
765 * with a message to the system log. This option can be used
766 * with the -q and -x options. See the tinker command for other options.
768 * Chroot the server to the directory jaildir. This option also implies
769 * that the server attempts to drop root privileges at startup
770 * (otherwise, chroot gives very little additional security).
771 * You may need to also specify a -u option.
773 * Specify the name and path of the symmetric key file,
774 * default /etc/ntp/keys. This is the same operation
775 * as the "keys FILE" configuration command.
777 * Specify the name and path of the log file. The default
778 * is the system log file. This is the same operation as
779 * the "logfile FILE" configuration command.
780 * -L Do not listen to virtual IPs. The default is to listen.
782 * -N To the extent permitted by the operating system,
783 * run the ntpd at the highest priority.
785 * Specify the name and path of the file used to record the ntpd
786 * process ID. This is the same operation as the "pidfile FILE"
787 * configuration command.
789 * To the extent permitted by the operating system,
790 * run the ntpd at the specified priority.
791 * -q Exit the ntpd just after the first time the clock is set.
792 * This behavior mimics that of the ntpdate program, which is
793 * to be retired. The -g and -x options can be used with this option.
794 * Note: The kernel time discipline is disabled with this option.
796 * Specify the default propagation delay from the broadcast/multicast
797 * server to this client. This is necessary only if the delay
798 * cannot be computed automatically by the protocol.
800 * Specify the directory path for files created by the statistics
801 * facility. This is the same operation as the "statsdir DIR"
802 * configuration command.
804 * Add a key number to the trusted key list. This option can occur
807 * Specify a user, and optionally a group, to switch to.
810 * Add a system variable listed by default.
811 * -x Normally, the time is slewed if the offset is less than the step
812 * threshold, which is 128 ms by default, and stepped if above
813 * the threshold. This option sets the threshold to 600 s, which is
814 * well within the accuracy window to set the clock manually.
815 * Note: since the slew rate of typical Unix kernels is limited
816 * to 0.5 ms/s, each second of adjustment requires an amortization
817 * interval of 2000 s. Thus, an adjustment as much as 600 s
818 * will take almost 14 days to complete. This option can be used
819 * with the -g and -q options. See the tinker command for other options.
820 * Note: The kernel time discipline is disabled with this option.
823 /* By doing init in a separate function we decrease stack usage
826 static NOINLINE
void ntp_init(char **argv
)
834 bb_error_msg_and_die(bb_msg_you_must_be_root
);
837 opt_complementary
= "dd:p::"; /* d: counter, p: list */
838 opts
= getopt32(argv
,
840 "p:"IF_FEATURE_NTPD_SERVER("l") /* NOT compat */
842 "46aAbgL", /* compat, ignored */
844 if (!(opts
& (OPT_p
|OPT_l
)))
846 if (opts
& OPT_x
) /* disable stepping, only slew is allowed */
847 G
.time_was_stepped
= 1;
849 add_peers(llist_pop(&peers
));
850 if (!(opts
& OPT_n
)) {
851 bb_daemonize_or_rexec(DAEMON_DEVNULL_STDIO
, argv
);
852 logmode
= LOGMODE_NONE
;
854 #if ENABLE_FEATURE_NTPD_SERVER
857 G
.listen_fd
= create_and_bind_dgram_or_die(NULL
, 123);
858 socket_want_pktinfo(G
.listen_fd
);
859 setsockopt(G
.listen_fd
, IPPROTO_IP
, IP_TOS
, &const_IPTOS_LOWDELAY
, sizeof(const_IPTOS_LOWDELAY
));
862 /* I hesitate to set -20 prio. -15 should be high enough for timekeeping */
864 setpriority(PRIO_PROCESS
, 0, -15);
866 /* Set some globals */
868 /* With constant b = 100, G.precision_exp is also constant -6.
869 * Uncomment this and you'll see */
875 /* We can use sys_clock_getres but assuming 10ms tick should be fine */
876 clock_getres(CLOCK_REALTIME
, &tp
);
878 tp
.tv_nsec
= 10000000;
879 b
= 1000000000 / tp
.tv_nsec
; /* convert to Hz */
881 b
= 100; /* b = 1000000000/10000000 = 100 */
885 //G.precision_exp = prec;
886 bb_error_msg("G.precision_exp:%d", prec
); /* -6 */
891 bb_signals((1 << SIGTERM
) | (1 << SIGINT
), record_signo
);
892 bb_signals((1 << SIGPIPE
) | (1 << SIGHUP
), SIG_IGN
);
895 int ntpd_main(int argc UNUSED_PARAM
, char **argv
) MAIN_EXTERNALLY_VISIBLE
;
896 int ntpd_main(int argc UNUSED_PARAM
, char **argv
)
902 memset(&g
, 0, sizeof(g
));
903 SET_PTR_TO_GLOBALS(&g
);
908 /* if ENABLE_FEATURE_NTPD_SERVER, + 1 for listen_fd: */
909 unsigned cnt
= g
.peer_cnt
+ ENABLE_FEATURE_NTPD_SERVER
;
910 idx2peer
= xzalloc(sizeof(idx2peer
[0]) * cnt
);
911 pfd
= xzalloc(sizeof(pfd
[0]) * cnt
);
914 while (!bb_got_signal
) {
917 unsigned sent_cnt
, trial_cnt
;
919 time_t cur_time
, nextaction
;
921 /* Nothing between here and poll() blocks for any significant time */
923 cur_time
= time(NULL
);
924 nextaction
= cur_time
+ 3600;
927 #if ENABLE_FEATURE_NTPD_SERVER
928 if (g
.listen_fd
!= -1) {
929 pfd
[0].fd
= g
.listen_fd
;
930 pfd
[0].events
= POLLIN
;
934 /* Pass over peer list, send requests, time out on receives */
935 sent_cnt
= trial_cnt
= 0;
936 for (item
= g
.ntp_peers
; item
!= NULL
; item
= item
->link
) {
937 peer_t
*p
= (peer_t
*) item
->data
;
939 /* Overflow-safe "if (p->next_action_time <= cur_time) ..." */
940 if ((int)(cur_time
- p
->next_action_time
) >= 0) {
942 /* Time to send new req */
944 if (send_query_to_peer(p
) == 0)
947 /* Timed out waiting for reply */
950 timeout
= error_interval();
951 bb_error_msg("timed out waiting for %s, "
952 "next query in %us", p
->p_dotted
, timeout
);
953 if (p
->p_trustlevel
>= TRUSTLEVEL_BADPEER
) {
954 p
->p_trustlevel
/= 2;
955 if (p
->p_trustlevel
< TRUSTLEVEL_BADPEER
)
956 bb_error_msg("peer %s now invalid", p
->p_dotted
);
958 set_next(p
, timeout
);
962 if (p
->next_action_time
< nextaction
)
963 nextaction
= p
->next_action_time
;
966 /* Wait for reply from this peer */
968 pfd
[i
].events
= POLLIN
;
974 if ((trial_cnt
> 0 && sent_cnt
== 0) || g
.peer_cnt
== 0)
975 step_time_once(0); /* no good peers, don't wait */
977 timeout
= nextaction
- cur_time
;
981 /* Here we may block */
983 bb_error_msg("poll %us, sockets:%u", timeout
, i
);
984 nfds
= poll(pfd
, i
, timeout
* 1000);
988 /* Process any received packets */
990 #if ENABLE_FEATURE_NTPD_SERVER
991 if (g
.listen_fd
!= -1) {
992 if (pfd
[0].revents
/* & (POLLIN|POLLERR)*/) {
994 recv_and_process_client_pkt(/*g.listen_fd*/);
999 for (; nfds
!= 0 && j
< i
; j
++) {
1000 if (pfd
[j
].revents
/* & (POLLIN|POLLERR)*/) {
1002 recv_and_process_peer_pkt(idx2peer
[j
]);
1005 } /* while (!bb_got_signal) */
1007 kill_myself_with_sig(bb_got_signal
);