xref: /openbsd/usr.sbin/ntpd/ntpd.h (revision ce7279d8) 
1 /*	$OpenBSD: ntpd.h,v 1.154 2024/05/21 05:00:48 jsg Exp $ */
2 
3 /*
4  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
5  * Copyright (c) 2012 Mike Miller <mmiller@mgm51.com>
6  *
7  * Permission to use, copy, modify, and distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 #include <sys/types.h>
21 #include <sys/uio.h>
22 #include <sys/socket.h>
23 #include <sys/queue.h>
24 #include <sys/time.h>
25 #include <netinet/in.h>
26 #include <netinet/ip.h>
27 #include <arpa/inet.h>
28 #include <netdb.h>
29 #include <pwd.h>
30 #include <stdarg.h>
31 #include <poll.h>
32 #include <imsg.h>
33 
34 #include "ntp.h"
35 #include "log.h"
36 
37 #define MAXIMUM(a, b)	((a) > (b) ? (a) : (b))
38 
39 #define	NTPD_USER	"_ntp"
40 #define	CONFFILE	"/etc/ntpd.conf"
41 #define DRIFTFILE	"/var/db/ntpd.drift"
42 #define	CTLSOCKET	"/var/run/ntpd.sock"
43 
44 #define	INTERVAL_QUERY_NORMAL		30	/* sync to peers every n secs */
45 #define	INTERVAL_QUERY_PATHETIC		60
46 #define	INTERVAL_QUERY_AGGRESSIVE	5
47 #define	INTERVAL_QUERY_ULTRA_VIOLENCE	1	/* used at startup for auto */
48 
49 #define	TRUSTLEVEL_BADPEER		6
50 #define	TRUSTLEVEL_PATHETIC		2
51 #define	TRUSTLEVEL_AGGRESSIVE		8
52 #define	TRUSTLEVEL_MAX			10
53 
54 #define	MAX_SERVERS_DNS			8
55 
56 #define	QSCALE_OFF_MIN			0.001
57 #define	QSCALE_OFF_MAX			0.050
58 
59 #define	QUERYTIME_MAX		15	/* single query might take n secs max */
60 #define	OFFSET_ARRAY_SIZE	8
61 #define	SENSOR_OFFSETS		6
62 #define	SETTIME_TIMEOUT		15	/* max seconds to wait with -s */
63 #define	LOG_NEGLIGIBLE_ADJTIME	32	/* negligible drift to not log (ms) */
64 #define	LOG_NEGLIGIBLE_ADJFREQ	0.05	/* negligible rate to not log (ppm) */
65 #define	FREQUENCY_SAMPLES	8	/* samples for est. of permanent drift */
66 #define	MAX_FREQUENCY_ADJUST	128e-5	/* max correction per iteration */
67 #define MAX_SEND_ERRORS		3	/* max send errors before reconnect */
68 #define	MAX_DISPLAY_WIDTH	80	/* max chars in ctl_show report line */
69 
70 #define FILTER_ADJFREQ		0x01	/* set after doing adjfreq */
71 #define AUTO_REPLIES    	4	/* # of ntp replies we want for auto */
72 #define AUTO_THRESHOLD		60	/* dont bother auto setting < this */
73 #define INTERVAL_AUIO_DNSFAIL	1	/* DNS tmpfail interval for auto */
74 #define TRIES_AUTO_DNSFAIL	4	/* DNS tmpfail quick retries */
75 
76 
77 #define	SENSOR_DATA_MAXAGE		(15*60)
78 #define	SENSOR_QUERY_INTERVAL		15
79 #define	SENSOR_QUERY_INTERVAL_SETTIME	(SETTIME_TIMEOUT/3)
80 #define	SENSOR_SCAN_INTERVAL		(1*60)
81 #define	SENSOR_DEFAULT_REFID		"HARD"
82 
83 #define CONSTRAINT_ERROR_MARGIN		(4)
84 #define CONSTRAINT_RETRY_INTERVAL	(15)
85 #define CONSTRAINT_SCAN_INTERVAL	(15*60)
86 #define CONSTRAINT_SCAN_TIMEOUT		(10)
87 #define CONSTRAINT_MARGIN		(2.0*60)
88 #define CONSTRAINT_PORT			"443"	/* HTTPS port */
89 #define	CONSTRAINT_MAXHEADERLENGTH	8192
90 #define CONSTRAINT_PASSFD		(STDERR_FILENO + 1)
91 
92 #define PARENT_SOCK_FILENO		CONSTRAINT_PASSFD
93 
94 #define NTP_PROC_NAME			"ntp_main"
95 #define NTPDNS_PROC_NAME		"ntp_dns"
96 #define CONSTRAINT_PROC_NAME		"constraint"
97 
98 enum client_state {
99 	STATE_NONE,
100 	STATE_DNS_INPROGRESS,
101 	STATE_DNS_TEMPFAIL,
102 	STATE_DNS_DONE,
103 	STATE_QUERY_SENT,
104 	STATE_REPLY_RECEIVED,
105 	STATE_TIMEOUT,
106 	STATE_INVALID
107 };
108 
109 struct listen_addr {
110 	TAILQ_ENTRY(listen_addr)	 entry;
111 	struct sockaddr_storage		 sa;
112 	int				 fd;
113 	int				 rtable;
114 };
115 
116 struct ntp_addr {
117 	struct ntp_addr		*next;
118 	struct sockaddr_storage	 ss;
119 	int			 notauth;
120 };
121 
122 struct ntp_addr_wrap {
123 	char			*name;
124 	char			*path;
125 	struct ntp_addr		*a;
126 	u_int8_t		 pool;
127 };
128 
129 struct ntp_addr_msg {
130 	struct ntp_addr		 a;
131 	size_t			 namelen;
132 	size_t			 pathlen;
133 	u_int8_t		 synced;
134 };
135 
136 struct ntp_status {
137 	double		rootdelay;
138 	double		rootdispersion;
139 	double		reftime;
140 	u_int32_t	refid;
141 	u_int32_t	send_refid;
142 	u_int8_t	synced;
143 	u_int8_t	leap;
144 	int8_t		precision;
145 	u_int8_t	poll;
146 	u_int8_t	stratum;
147 };
148 
149 struct ntp_offset {
150 	struct ntp_status	status;
151 	double			offset;
152 	double			delay;
153 	double			error;
154 	time_t			rcvd;
155 	u_int8_t		good;
156 };
157 
158 struct ntp_peer {
159 	TAILQ_ENTRY(ntp_peer)		 entry;
160 	struct ntp_addr_wrap		 addr_head;
161 	struct ntp_query		 query;
162 	struct ntp_addr			*addr;
163 	struct ntp_offset		 reply[OFFSET_ARRAY_SIZE];
164 	struct ntp_offset		 update;
165 	struct sockaddr_in		 query_addr4;
166 	struct sockaddr_in6		 query_addr6;
167 	enum client_state		 state;
168 	time_t				 next;
169 	time_t				 deadline;
170 	time_t				 poll;
171 	u_int32_t			 id;
172 	u_int8_t			 shift;
173 	u_int8_t			 trustlevel;
174 	u_int8_t			 weight;
175 	u_int8_t			 trusted;
176 	int				 lasterror;
177 	int				 senderrors;
178 };
179 
180 struct ntp_sensor {
181 	TAILQ_ENTRY(ntp_sensor)		 entry;
182 	struct ntp_offset		 offsets[SENSOR_OFFSETS];
183 	struct ntp_offset		 update;
184 	time_t				 next;
185 	time_t				 last;
186 	char				*device;
187 	u_int32_t			 refid;
188 	int				 sensordevid;
189 	int				 correction;
190 	u_int8_t			 stratum;
191 	u_int8_t			 weight;
192 	u_int8_t			 shift;
193 	u_int8_t			 trusted;
194 };
195 
196 struct constraint {
197 	TAILQ_ENTRY(constraint)		 entry;
198 	struct ntp_addr_wrap		 addr_head;
199 	struct ntp_addr			*addr;
200 	int				 senderrors;
201 	enum client_state		 state;
202 	u_int32_t			 id;
203 	int				 fd;
204 	pid_t				 pid;
205 	struct imsgbuf			 ibuf;
206 	time_t				 last;
207 	time_t				 constraint;
208 	int				 dnstries;
209 };
210 
211 struct ntp_conf_sensor {
212 	TAILQ_ENTRY(ntp_conf_sensor)		 entry;
213 	char					*device;
214 	char					*refstr;
215 	int					 correction;
216 	u_int8_t				 stratum;
217 	u_int8_t				 weight;
218 	u_int8_t				 trusted;
219 };
220 
221 struct ntp_freq {
222 	double				overall_offset;
223 	double				x, y;
224 	double				xx, xy;
225 	int				samples;
226 	u_int				num;
227 };
228 
229 struct ntpd_conf {
230 	TAILQ_HEAD(listen_addrs, listen_addr)		listen_addrs;
231 	TAILQ_HEAD(ntp_peers, ntp_peer)			ntp_peers;
232 	TAILQ_HEAD(ntp_sensors, ntp_sensor)		ntp_sensors;
233 	TAILQ_HEAD(ntp_conf_sensors, ntp_conf_sensor)	ntp_conf_sensors;
234 	TAILQ_HEAD(constraints, constraint)		constraints;
235 	struct ntp_status				status;
236 	struct ntp_freq					freq;
237 	struct sockaddr_in				query_addr4;
238 	struct sockaddr_in6				query_addr6;
239 	u_int32_t					scale;
240 	int				        	debug;
241 	int				        	verbose;
242 	u_int8_t					listen_all;
243 	u_int8_t					settime;
244 	u_int8_t					automatic;
245 	u_int8_t					noaction;
246 	u_int8_t					filters;
247 	u_int8_t					trusted_peers;
248 	u_int8_t					trusted_sensors;
249 	time_t						constraint_last;
250 	time_t						constraint_median;
251 	u_int						constraint_errors;
252 	u_int8_t					*ca;
253 	size_t						ca_len;
254 	int						tmpfail;
255 };
256 
257 struct ctl_show_status {
258 	time_t		 constraint_median;
259 	time_t		 constraint_last;
260 	double		 clock_offset;
261 	u_int		 peercnt;
262 	u_int		 sensorcnt;
263 	u_int		 valid_peers;
264 	u_int		 valid_sensors;
265 	u_int		 constraint_errors;
266 	u_int8_t	 synced;
267 	u_int8_t	 stratum;
268 	u_int8_t	 constraints;
269 };
270 
271 struct ctl_show_peer {
272 	char		 peer_desc[MAX_DISPLAY_WIDTH];
273 	u_int8_t	 syncedto;
274 	u_int8_t	 weight;
275 	u_int8_t	 trustlevel;
276 	u_int8_t	 stratum;
277 	time_t		 next;
278 	time_t		 poll;
279 	double		 offset;
280 	double		 delay;
281 	double		 jitter;
282 };
283 
284 struct ctl_show_sensor {
285 	char		 sensor_desc[MAX_DISPLAY_WIDTH];
286 	u_int8_t	 syncedto;
287 	u_int8_t	 weight;
288 	u_int8_t	 good;
289 	u_int8_t	 stratum;
290 	time_t		 next;
291 	time_t		 poll;
292 	double		 offset;
293 	double		 correction;
294 };
295 
296 struct ctl_conn {
297 	TAILQ_ENTRY(ctl_conn)	entry;
298 	struct imsgbuf		ibuf;
299 };
300 
301 TAILQ_HEAD(ctl_conns, ctl_conn)	;
302 
303 enum imsg_type {
304 	IMSG_NONE,
305 	IMSG_ADJTIME,
306 	IMSG_ADJFREQ,
307 	IMSG_SETTIME,
308 	IMSG_HOST_DNS,
309 	IMSG_CONSTRAINT_DNS,
310 	IMSG_CONSTRAINT_QUERY,
311 	IMSG_CONSTRAINT_RESULT,
312 	IMSG_CONSTRAINT_CLOSE,
313 	IMSG_CONSTRAINT_KILL,
314 	IMSG_CTL_SHOW_STATUS,
315 	IMSG_CTL_SHOW_PEERS,
316 	IMSG_CTL_SHOW_PEERS_END,
317 	IMSG_CTL_SHOW_SENSORS,
318 	IMSG_CTL_SHOW_SENSORS_END,
319 	IMSG_CTL_SHOW_ALL,
320 	IMSG_CTL_SHOW_ALL_END,
321 	IMSG_SYNCED,
322 	IMSG_UNSYNCED,
323 	IMSG_PROBE_ROOT
324 };
325 
326 enum ctl_actions {
327 	CTL_SHOW_STATUS,
328 	CTL_SHOW_PEERS,
329 	CTL_SHOW_SENSORS,
330 	CTL_SHOW_ALL
331 };
332 
333 /* prototypes */
334 
335 /* ntp.c */
336 void	 ntp_main(struct ntpd_conf *, struct passwd *, int, char **);
337 void	 peer_addr_head_clear(struct ntp_peer *);
338 int	 priv_adjtime(void);
339 void	 priv_settime(double, char *);
340 void	 priv_dns(int, char *, u_int32_t);
341 int	 offset_compare(const void *, const void *);
342 void	 update_scale(double);
343 time_t	 scale_interval(time_t);
344 time_t	 error_interval(void);
345 extern struct ntpd_conf *conf;
346 extern struct ctl_conns  ctl_conns;
347 
348 #define  SCALE_INTERVAL(x)	 MAXIMUM(5, (x) / 10)
349 
350 /* parse.y */
351 int	 parse_config(const char *, struct ntpd_conf *);
352 
353 /* config.c */
354 void			 host(const char *, struct ntp_addr **);
355 int			 host_dns(const char *, int, struct ntp_addr **);
356 void			 host_dns_free(struct ntp_addr *);
357 struct ntp_peer		*new_peer(void);
358 struct ntp_conf_sensor	*new_sensor(char *);
359 struct constraint	*new_constraint(void);
360 
361 /* ntp_msg.c */
362 int	ntp_getmsg(struct sockaddr *, char *, ssize_t, struct ntp_msg *);
363 int	ntp_sendmsg(int, struct sockaddr *, struct ntp_msg *);
364 
365 /* server.c */
366 int	setup_listeners(struct servent *, struct ntpd_conf *, u_int *);
367 int	server_dispatch(int, struct ntpd_conf *);
368 
369 /* client.c */
370 int	client_peer_init(struct ntp_peer *);
371 int	client_addr_init(struct ntp_peer *);
372 int	client_nextaddr(struct ntp_peer *);
373 int	client_query(struct ntp_peer *);
374 int	client_dispatch(struct ntp_peer *, u_int8_t, u_int8_t);
375 void	client_log_error(struct ntp_peer *, const char *, int);
376 void	set_next(struct ntp_peer *, time_t);
377 
378 /* constraint.c */
379 void	 constraint_add(struct constraint *);
380 void	 constraint_remove(struct constraint *);
381 void	 constraint_purge(void);
382 void	 constraint_reset(void);
383 int	 constraint_init(struct constraint *);
384 int	 constraint_query(struct constraint *, int);
385 int	 constraint_check(double);
386 void	 constraint_msg_dns(u_int32_t, u_int8_t *, size_t);
387 void	 constraint_msg_result(u_int32_t, u_int8_t *, size_t);
388 void	 constraint_msg_close(u_int32_t, u_int8_t *, size_t);
389 void	 priv_constraint_msg(u_int32_t, u_int8_t *, size_t, int, char **);
390 void	 priv_constraint_child(const char *, uid_t, gid_t);
391 void	 priv_constraint_kill(u_int32_t);
392 int	 priv_constraint_dispatch(struct pollfd *);
393 void	 priv_constraint_check_child(pid_t, int);
394 char	*get_string(u_int8_t *, size_t);
395 
396 /* util.c */
397 double			 gettime_corrected(void);
398 double			 gettime_from_timeval(struct timeval *);
399 double			 getoffset(void);
400 double			 gettime(void);
401 time_t			 getmonotime(void);
402 void			 d_to_tv(double, struct timeval *);
403 double			 lfp_to_d(struct l_fixedpt);
404 struct l_fixedpt	 d_to_lfp(double);
405 double			 sfp_to_d(struct s_fixedpt);
406 struct s_fixedpt	 d_to_sfp(double);
407 char			*print_rtable(int);
408 const char		*log_sockaddr(struct sockaddr *);
409 const char		*log_ntp_addr(struct ntp_addr *);
410 pid_t			 start_child(char *, int, int, char **);
411 int			 sanitize_argv(int *, char ***);
412 
413 /* sensors.c */
414 void			sensor_init(void);
415 int			sensor_scan(void);
416 void			sensor_query(struct ntp_sensor *);
417 
418 /* ntp_dns.c */
419 void			ntp_dns(struct ntpd_conf *, struct passwd *);
420 
421 /* control.c */
422 int			 control_check(char *);
423 int			 control_init(char *);
424 int			 control_listen(int);
425 void			 control_shutdown(int);
426 int			 control_accept(int);
427 struct ctl_conn		*control_connbyfd(int);
428 int			 control_close(int);
429 int			 control_dispatch_msg(struct pollfd *, u_int *);
430 void			 session_socket_nonblockmode(int);
431 void			 build_show_status(struct ctl_show_status *);
432 void			 build_show_peer(struct ctl_show_peer *,
433 			     struct ntp_peer *);
434 void			 build_show_sensor(struct ctl_show_sensor *,
435 			     struct ntp_sensor *);
436 
437