📄 ntp_config.c
字号:
case CONF_CRYPTO_SIGN: crypto_config(CRYPTO_CONF_SIGN, tokens[i]); break; default: msyslog(LOG_ERR, "crypto: unknown keyword"); break; } } break;#endif /* OPENSSL */ case CONFIG_RESTRICT: if (ntokens < 2) { msyslog(LOG_ERR, "restrict requires an address"); break; } istart = 1; memset((char *)&peeraddr, 0, sizeof(peeraddr)); peeraddr.ss_family = default_ai_family; switch (matchkey(tokens[istart], addr_type, 0)) { case CONF_ADDR_IPV4: peeraddr.ss_family = AF_INET; istart++; break; case CONF_ADDR_IPV6: peeraddr.ss_family = AF_INET6; istart++; break; } /* * Assume default means an IPv4 address, except * if forced by a -4 or -6. */ if (STREQ(tokens[istart], "default")) { if (peeraddr.ss_family == 0) peeraddr.ss_family = AF_INET; } else if (getnetnum(tokens[istart], &peeraddr, 1, t_UNK) != 1) break; /* * Use peerversion as flags, peerkey as mflags. Ick. */ peerversion = 0; peerkey = 0; errflg = 0; SET_HOSTMASK(&maskaddr, peeraddr.ss_family); istart++; for (i = istart; i < ntokens; i++) { switch (matchkey(tokens[i], res_keywords, 1)) { case CONF_RES_MASK: if (i >= ntokens-1) { msyslog(LOG_ERR, "mask keyword needs argument"); errflg++; break; } i++; if (getnetnum(tokens[i], &maskaddr, 1, t_MSK) != 1) errflg++; break; case CONF_RES_IGNORE: peerversion |= RES_IGNORE; break; case CONF_RES_NOSERVE: peerversion |= RES_DONTSERVE; break; case CONF_RES_NOTRUST: peerversion |= RES_DONTTRUST; break; case CONF_RES_NOQUERY: peerversion |= RES_NOQUERY; break; case CONF_RES_NOMODIFY: peerversion |= RES_NOMODIFY; break; case CONF_RES_NOPEER: peerversion |= RES_NOPEER; break; case CONF_RES_NOTRAP: peerversion |= RES_NOTRAP; break; case CONF_RES_LPTRAP: peerversion |= RES_LPTRAP; break; case CONF_RES_NTPPORT: peerkey |= RESM_NTPONLY; break; case CONF_RES_VERSION: peerversion |= RES_VERSION; break; case CONF_RES_DEMOBILIZE: peerversion |= RES_DEMOBILIZE; break; case CONF_RES_LIMITED: peerversion |= RES_LIMITED; break; case CONFIG_UNKNOWN: errflg++; break; } } if (SOCKNUL(&peeraddr)) ANYSOCK(&maskaddr); if (!errflg) hack_restrict(RESTRICT_FLAGS, &peeraddr, &maskaddr, (int)peerkey, peerversion); break; case CONFIG_BDELAY: if (ntokens >= 2) { double tmp; if (sscanf(tokens[1], "%lf", &tmp) != 1) { msyslog(LOG_ERR, "broadcastdelay value %s undecodable", tokens[1]); } else { proto_config(PROTO_BROADDELAY, 0, tmp, NULL); } } break; case CONFIG_CDELAY: if (ntokens >= 2) { u_long ui; if (sscanf(tokens[1], "%ld", &ui) != 1) msyslog(LOG_ERR, "illegal value - line ignored"); else proto_config(PROTO_CALLDELAY, ui, 0, NULL); } break; case CONFIG_TRUSTEDKEY: for (i = 1; i < ntokens; i++) { keyid_t tkey; tkey = atol(tokens[i]); if (tkey == 0) { msyslog(LOG_ERR, "trusted key %s unlikely", tokens[i]); } else { authtrust(tkey, 1); } } break; case CONFIG_REQUESTKEY: if (ntokens >= 2) { if (!atouint(tokens[1], &ul)) { msyslog(LOG_ERR, "%s is undecodable as request key", tokens[1]); } else if (ul == 0) { msyslog(LOG_ERR, "%s makes a poor request keyid", tokens[1]); } else {#ifdef DEBUG if (debug > 3) printf( "set info_auth_key to %08lx\n", ul);#endif info_auth_keyid = (keyid_t)ul; } } break; case CONFIG_CONTROLKEY: if (ntokens >= 2) { keyid_t ckey; ckey = atol(tokens[1]); if (ckey == 0) { msyslog(LOG_ERR, "%s makes a poor control keyid", tokens[1]); } else { ctl_auth_keyid = ckey; } } break; case CONFIG_TRAP: if (ntokens < 2) { msyslog(LOG_ERR, "no address for trap command, line ignored"); break; } istart = 1; memset((char *)&peeraddr, 0, sizeof(peeraddr)); peeraddr.ss_family = default_ai_family; switch (matchkey(tokens[istart], addr_type, 0)) { case CONF_ADDR_IPV4: peeraddr.ss_family = AF_INET; istart++; break; case CONF_ADDR_IPV6: peeraddr.ss_family = AF_INET6; istart++; break; } if (getnetnum(tokens[istart], &peeraddr, 1, t_UNK) != 1) break; /* * Use peerversion for port number. Barf. */ errflg = 0; peerversion = 0; localaddr = 0; istart++; for (i = istart; i < ntokens-1; i++) switch (matchkey(tokens[i], trap_keywords, 1)) { case CONF_TRAP_PORT: if (i >= ntokens-1) { msyslog(LOG_ERR, "trap port requires an argument"); errflg = 1; break; } peerversion = atoi(tokens[++i]); if (peerversion <= 0 || peerversion > 32767) { msyslog(LOG_ERR, "invalid port number %s, trap ignored", tokens[i]); errflg = 1; } break; case CONF_TRAP_INTERFACE: if (i >= ntokens-1) { msyslog(LOG_ERR, "trap interface requires an argument"); errflg = 1; break; } memset((char *)&maskaddr, 0, sizeof(maskaddr)); maskaddr.ss_family = peeraddr.ss_family; if (getnetnum(tokens[++i], &maskaddr, 1, t_UNK) != 1) { errflg = 1; break; } localaddr = findinterface(&maskaddr); if (localaddr == NULL) { msyslog(LOG_ERR, "can't find interface with address %s", stoa(&maskaddr)); errflg = 1; } break; case CONFIG_UNKNOWN: errflg++; break; } if (!errflg) { if (peerversion != 0) ((struct sockaddr_in6*)&peeraddr)->sin6_port = htons( (u_short) peerversion); else ((struct sockaddr_in6*)&peeraddr)->sin6_port = htons(TRAPPORT); if (localaddr == NULL) localaddr = ANY_INTERFACE_CHOOSE(&peeraddr); if (!ctlsettrap(&peeraddr, localaddr, 0, NTP_VERSION)) msyslog(LOG_ERR, "can't set trap for %s, no resources", stoa(&peeraddr)); } break; case CONFIG_FUDGE: if (ntokens < 2) { msyslog(LOG_ERR, "no address for fudge command, line ignored"); break; } memset((char *)&peeraddr, 0, sizeof(peeraddr)); if (getnetnum(tokens[1], &peeraddr, 1, t_REF) != 1) break; if (!ISREFCLOCKADR(&peeraddr)) { msyslog(LOG_ERR, "%s is inappropriate address for the fudge command, line ignored", stoa(&peeraddr)); break; } memset((void *)&clock_stat, 0, sizeof clock_stat); fudgeflag = 0; errflg = 0; for (i = 2; i < ntokens-1; i++) { switch (c = matchkey(tokens[i], fudge_keywords, 1)) { case CONF_FDG_TIME1: if (sscanf(tokens[++i], "%lf", &clock_stat.fudgetime1) != 1) { msyslog(LOG_ERR, "fudge %s time1 value in error", stoa(&peeraddr)); errflg = i; break; } clock_stat.haveflags |= CLK_HAVETIME1; break; case CONF_FDG_TIME2: if (sscanf(tokens[++i], "%lf", &clock_stat.fudgetime2) != 1) { msyslog(LOG_ERR, "fudge %s time2 value in error", stoa(&peeraddr)); errflg = i; break; } clock_stat.haveflags |= CLK_HAVETIME2; break; case CONF_FDG_STRATUM: if (!atoint(tokens[++i], &stratum)) { msyslog(LOG_ERR, "fudge %s stratum value in error", stoa(&peeraddr)); errflg = i; break; } clock_stat.fudgeval1 = stratum; clock_stat.haveflags |= CLK_HAVEVAL1; break; case CONF_FDG_REFID: i++; memcpy(&clock_stat.fudgeval2, tokens[i], min(strlen(tokens[i]), 4)); clock_stat.haveflags |= CLK_HAVEVAL2; break; case CONF_FDG_FLAG1: case CONF_FDG_FLAG2: case CONF_FDG_FLAG3: case CONF_FDG_FLAG4: if (!atouint(tokens[++i], &fudgeflag) || fudgeflag > 1) { msyslog(LOG_ERR, "fudge %s flag value in error", stoa(&peeraddr)); errflg = i; break; } switch(c) { case CONF_FDG_FLAG1: c = CLK_FLAG1; clock_stat.haveflags|=CLK_HAVEFLAG1; break; case CONF_FDG_FLAG2: c = CLK_FLAG2; clock_stat.haveflags|=CLK_HAVEFLAG2; break; case CONF_FDG_FLAG3: c = CLK_FLAG3; clock_stat.haveflags|=CLK_HAVEFLAG3; break; case CONF_FDG_FLAG4: c = CLK_FLAG4; clock_stat.haveflags|=CLK_HAVEFLAG4; break; } if (fudgeflag == 0) clock_stat.flags &= ~c; else clock_stat.flags |= c; break; case CONFIG_UNKNOWN: errflg = -1; break; } }#ifdef REFCLOCK /* * If reference clock support isn't defined the * fudge line will still be accepted and syntax * checked, but will essentially do nothing. */ if (!errflg) { refclock_control(&peeraddr, &clock_stat, (struct refclockstat *)0); }#endif break; case CONFIG_STATSDIR: if (ntokens >= 2) stats_config(STATS_STATSDIR,tokens[1]); break; case CONFIG_STATISTICS: for (i = 1; i < ntokens; i++) { filegen = filegen_get(tokens[i]); if (filegen == NULL) { msyslog(LOG_ERR, "no statistics named %s available", tokens[i]); continue; }#ifdef DEBUG if (debug > 3) printf("enabling filegen for %s statistics \"%s%s\"\n", tokens[i], filegen->prefix, filegen->basename);#endif filegen->flag |= FGEN_FLAG_ENABLED; } break; case CONFIG_FILEGEN: if (ntokens < 2) { msyslog(LOG_ERR, "no id for filegen command, line ignored"); break; } filegen = filegen_get(tokens[1]); if (filegen == NULL) { msyslog(LOG_ERR, "unknown filegen \"%s\" ignored", tokens[1]); break; } /* * peerversion is (ab)used for filegen file (index) * peerkey is (ab)used for filegen type * peerflags is (ab)used for filegen flags */ peerversion = 0; peerkey = filegen->type; peerflags = filegen->flag; errflg = 0; for (i = 2; i < ntokens; i++) { switch (matchkey(tokens[i], filegen_keywords, 1)) { case CONF_FGEN_FILE: if (i >= ntokens - 1) { msyslog(LOG_ERR, "filegen %s file requires argument", tokens[1]); errflg = i; break; } peerversion = ++i; break; case CONF_FGEN_TYPE: if (i >= ntokens -1) { msyslog(LOG_ERR, "filegen %s type requires argument", tokens[1]); errflg = i; break; } peerkey = matchkey(tokens[++i], fgen_types, 1); if (peerkey == CONFIG_UNKNOWN) { msyslog(LOG_ERR, "filegen %s unknown type \"%s\"", tokens[1], tokens[i]); errflg = i; break; } break; case CONF_FGEN_FLAG_LINK: peerflags |= FGEN_FLAG_LINK; break; case CONF_FGEN_FLAG_NOLINK: peerflags &= ~FGEN_FLAG_LINK; break; case CONF_FGEN_FLAG_ENABLE: peerflags |= FGEN_FLAG_ENABLED; break; case CONF_FGEN_FLAG_DISABLE: peerflags &= ~FGEN_FLAG_ENABLED; break; } } if (!errflg) filegen_config(filegen, tokens[peerversion], (u_char)peerkey, (u_char)peerflags); break; case CONFIG_SETVAR: if (ntokens < 2) { msyslog(LOG_ERR, "no value for setvar command - line ignored"); } else { set_sys_var(tokens[1], strlen(tokens[1])+1, (u_short) (RW | ((((ntokens > 2) && !strcmp(tokens[2], "default"))) ? DEF : 0))); } break; case CONFIG_ENABLE: for (i = 1; i < ntokens; i++) { int flag; flag = matchkey(tokens[i], flags_keywords, 1); if (flag == CONFIG_UNKNOWN) { msyslog(LOG_ERR, "enable unknown flag %s", tokens[i]); errflg = 1; break; } proto_config(flag, 1, 0., NULL); } break; case CONFIG_DISABLE: for (i = 1; i < ntokens; i++) { int flag; flag = matchkey(tokens[i], flags_keywords, 1); if (flag == CONFIG_UNKNOWN) { msyslog(LOG_ERR, "disable unknown flag %s", tokens[i]); errflg = 1; break; } proto_config(flag, 0, 0., NULL); } break; case CONFIG_PHONE: for (i = 1; i < ntokens && i < MAXPHONE - 1; i++) { sys_phone[i - 1] = emalloc(strlen(tokens[i]) + 1); strcpy(sys_phone[i - 1], tokens[i]); } sys_phone[i] = NULL; break; case CONFIG_ADJ: { double ftemp; sscanf(tokens[1], "%lf", &ftemp); proto_config(PROTO_ADJ, 0, ftemp, NULL); } break; } } if (fp[0]) (void)fclose(fp[0]);#ifdef HAVE_NETINFO if (config_netinfo) free_netinfo_config(config_netinfo);#endif /* HAVE_NETINFO */#if !defined(VMS) && !defined(SYS_VXWORKS) /* find a keyid */ if (info_auth_keyid == 0) req_keyid = 65535; else req_keyid = info_auth_keyid; /* if doesn't exist, make up one at random */ if (!authhavekey(req_keyid)) { char rankey[9]; int j; for (i = 0; i < 8; i++) for (j = 1; j < 100; ++j) { rankey[i] = (char) (ntp_random() & 0xff); if (rankey[i] != 0) break; } rankey[8] = 0; authusekey(req_keyid, KEY_TYPE_MD5, (u_char *)rankey); authtrust(req_keyid, 1); if (!authhavekey(req_keyid)) { msyslog(LOG_ERR, "getconfig: Couldn't generate a valid random key!"); /* HMS: Should this be fatal? */ } } /* save keyid so we will accept config requests with it */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -