1 /* $NetBSD: ntpd.c,v 1.12 2016/01/08 21:35:39 christos Exp $ */ 2 3 /* 4 * ntpd.c - main program for the fixed point NTP daemon 5 */ 6 7 #ifdef HAVE_CONFIG_H 8 # include <config.h> 9 #endif 10 11 #include "ntp_machine.h" 12 #include "ntpd.h" 13 #include "ntp_io.h" 14 #include "ntp_stdlib.h" 15 #include <ntp_random.h> 16 17 #include "ntp_config.h" 18 #include "ntp_syslog.h" 19 #include "ntp_assert.h" 20 #include "isc/error.h" 21 #include "isc/strerror.h" 22 #include "isc/formatcheck.h" 23 #include "iosignal.h" 24 25 #ifdef SIM 26 # include "ntpsim.h" 27 #endif 28 29 #include "ntp_libopts.h" 30 #include "ntpd-opts.h" 31 32 /* there's a short treatise below what the thread stuff is for. 33 * [Bug 2954] enable the threading warm-up only for Linux. 34 */ 35 #if defined(HAVE_PTHREADS) && HAVE_PTHREADS && !defined(NO_THREADS) 36 # ifdef HAVE_PTHREAD_H 37 # include <pthread.h> 38 # endif 39 # if defined(linux) 40 # define NEED_PTHREAD_WARMUP 41 # endif 42 #endif 43 44 #ifdef HAVE_UNISTD_H 45 # include <unistd.h> 46 #endif 47 #ifdef HAVE_SYS_STAT_H 48 # include <sys/stat.h> 49 #endif 50 #include <stdio.h> 51 #ifdef HAVE_SYS_PARAM_H 52 # include <sys/param.h> 53 #endif 54 #ifdef HAVE_SYS_SIGNAL_H 55 # include <sys/signal.h> 56 #else 57 # include <signal.h> 58 #endif 59 #ifdef HAVE_SYS_IOCTL_H 60 # include <sys/ioctl.h> 61 #endif /* HAVE_SYS_IOCTL_H */ 62 #if defined(HAVE_RTPRIO) 63 # ifdef HAVE_SYS_LOCK_H 64 # include <sys/lock.h> 65 # endif 66 # include <sys/rtprio.h> 67 #else 68 # ifdef HAVE_PLOCK 69 # ifdef HAVE_SYS_LOCK_H 70 # include <sys/lock.h> 71 # endif 72 # endif 73 #endif 74 #if defined(HAVE_SCHED_SETSCHEDULER) 75 # ifdef HAVE_SCHED_H 76 # include <sched.h> 77 # else 78 # ifdef HAVE_SYS_SCHED_H 79 # include <sys/sched.h> 80 # endif 81 # endif 82 #endif 83 #if defined(HAVE_SYS_MMAN_H) 84 # include <sys/mman.h> 85 #endif 86 87 #ifdef HAVE_TERMIOS_H 88 # include <termios.h> 89 #endif 90 91 #ifdef SYS_DOMAINOS 92 # include <apollo/base.h> 93 #endif /* SYS_DOMAINOS */ 94 95 96 #include "recvbuff.h" 97 #include "ntp_cmdargs.h" 98 99 #if 0 /* HMS: I don't think we need this. 961223 */ 100 #ifdef LOCK_PROCESS 101 # ifdef SYS_SOLARIS 102 # include <sys/mman.h> 103 # else 104 # include <sys/lock.h> 105 # endif 106 #endif 107 #endif 108 109 #ifdef _AIX 110 # include <ulimit.h> 111 #endif /* _AIX */ 112 113 #ifdef SCO5_CLOCK 114 # include <sys/ci/ciioctl.h> 115 #endif 116 117 #ifdef HAVE_DROPROOT 118 # include <ctype.h> 119 # include <grp.h> 120 # include <pwd.h> 121 #ifdef HAVE_LINUX_CAPABILITIES 122 # include <sys/capability.h> 123 # include <sys/prctl.h> 124 #endif /* HAVE_LINUX_CAPABILITIES */ 125 #if defined(HAVE_PRIV_H) && defined(HAVE_SOLARIS_PRIVS) 126 # include <priv.h> 127 #endif /* HAVE_PRIV_H */ 128 #endif /* HAVE_DROPROOT */ 129 130 #if defined (LIBSECCOMP) && (KERN_SECCOMP) 131 /* # include <sys/types.h> */ 132 # include <sys/resource.h> 133 # include <seccomp.h> 134 #endif /* LIBSECCOMP and KERN_SECCOMP */ 135 136 #ifdef HAVE_DNSREGISTRATION 137 # include <dns_sd.h> 138 DNSServiceRef mdns; 139 #endif 140 141 #ifdef HAVE_SETPGRP_0 142 # define ntp_setpgrp(x, y) setpgrp() 143 #else 144 # define ntp_setpgrp(x, y) setpgrp(x, y) 145 #endif 146 147 #ifdef HAVE_SOLARIS_PRIVS 148 # define LOWPRIVS "basic,sys_time,net_privaddr,proc_setid,!proc_info,!proc_session,!proc_exec" 149 static priv_set_t *lowprivs = NULL; 150 static priv_set_t *highprivs = NULL; 151 #endif /* HAVE_SOLARIS_PRIVS */ 152 /* 153 * Scheduling priority we run at 154 */ 155 #define NTPD_PRIO (-12) 156 157 int priority_done = 2; /* 0 - Set priority */ 158 /* 1 - priority is OK where it is */ 159 /* 2 - Don't set priority */ 160 /* 1 and 2 are pretty much the same */ 161 162 int listen_to_virtual_ips = TRUE; 163 164 /* 165 * No-fork flag. If set, we do not become a background daemon. 166 */ 167 int nofork; /* Fork by default */ 168 169 #ifdef HAVE_DNSREGISTRATION 170 /* 171 * mDNS registration flag. If set, we attempt to register with the mDNS system, but only 172 * after we have synched the first time. If the attempt fails, then try again once per 173 * minute for up to 5 times. After all, we may be starting before mDNS. 174 */ 175 int mdnsreg = FALSE; 176 int mdnstries = 5; 177 #endif /* HAVE_DNSREGISTRATION */ 178 179 #ifdef HAVE_DROPROOT 180 int droproot; 181 int root_dropped; 182 char *user; /* User to switch to */ 183 char *group; /* group to switch to */ 184 const char *chrootdir; /* directory to chroot to */ 185 uid_t sw_uid; 186 gid_t sw_gid; 187 char *endp; 188 struct group *gr; 189 struct passwd *pw; 190 #endif /* HAVE_DROPROOT */ 191 192 #ifdef HAVE_WORKING_FORK 193 int waitsync_fd_to_close = -1; /* -w/--wait-sync */ 194 #endif 195 196 /* 197 * Version declaration 198 */ 199 extern const char *Version; 200 201 char const *progname; 202 203 int was_alarmed; 204 205 #ifdef DECL_SYSCALL 206 /* 207 * We put this here, since the argument profile is syscall-specific 208 */ 209 extern int syscall (int, ...); 210 #endif /* DECL_SYSCALL */ 211 212 213 #if !defined(SIM) && defined(SIGDIE1) 214 static RETSIGTYPE finish (int); 215 #endif 216 217 #if !defined(SIM) && defined(HAVE_WORKING_FORK) 218 static int wait_child_sync_if (int, long); 219 #endif 220 221 #if !defined(SIM) && !defined(SYS_WINNT) 222 # ifdef DEBUG 223 static RETSIGTYPE moredebug (int); 224 static RETSIGTYPE lessdebug (int); 225 # else /* !DEBUG follows */ 226 static RETSIGTYPE no_debug (int); 227 # endif /* !DEBUG */ 228 #endif /* !SIM && !SYS_WINNT */ 229 230 int saved_argc; 231 char ** saved_argv; 232 233 #ifndef SIM 234 int ntpdmain (int, char **); 235 static void set_process_priority (void); 236 static void assertion_failed (const char *, int, 237 isc_assertiontype_t, 238 const char *) 239 __attribute__ ((__noreturn__)); 240 static void library_fatal_error (const char *, int, 241 const char *, va_list) 242 ISC_FORMAT_PRINTF(3, 0); 243 static void library_unexpected_error(const char *, int, 244 const char *, va_list) 245 ISC_FORMAT_PRINTF(3, 0); 246 #endif /* !SIM */ 247 248 249 /* Bug2332 unearthed a problem in the interaction of reduced user 250 * privileges, the limits on memory usage and some versions of the 251 * pthread library on Linux systems. The 'pthread_cancel()' function and 252 * likely some others need to track the stack of the thread involved, 253 * and uses a function that comes from GCC (--> libgcc_s.so) to do 254 * this. Unfortunately the developers of glibc decided to load the 255 * library on demand, which speeds up program start but can cause 256 * trouble here: Due to all the things NTPD does to limit its resource 257 * usage, this deferred load of libgcc_s does not always work once the 258 * restrictions are in effect. 259 * 260 * One way out of this was attempting a forced link against libgcc_s 261 * when possible because it makes the library available immediately 262 * without deferred load. (The symbol resolution would still be dynamic 263 * and on demand, but the code would already be in the process image.) 264 * 265 * This is a tricky thing to do, since it's not necessary everywhere, 266 * not possible everywhere, has shown to break the build of other 267 * programs in the NTP suite and is now generally frowned upon. 268 * 269 * So we take a different approach here: We creat a worker thread that does 270 * actually nothing except waiting for cancellation and cancel it. If 271 * this is done before all the limitations are put in place, the 272 * machinery is pre-heated and all the runtime stuff should be in place 273 * and useable when needed. 274 * 275 * This uses only the standard pthread API and should work with all 276 * implementations of pthreads. It is not necessary everywhere, but it's 277 * cheap enough to go on nearly unnoticed. 278 * 279 * Addendum: Bug 2954 showed that the assumption that this should work 280 * with all OS is wrong -- at least FreeBSD bombs heavily. 281 */ 282 #ifdef NEED_PTHREAD_WARMUP 283 284 /* simple thread function: sleep until cancelled, just to exercise 285 * thread cancellation. 286 */ 287 static void* 288 my_pthread_warmup_worker( 289 void *thread_args) 290 { 291 (void)thread_args; 292 for (;;) 293 sleep(10); 294 return NULL; 295 } 296 297 /* pre-heat threading: create a thread and cancel it, just to exercise 298 * thread cancellation. 299 */ 300 static void 301 my_pthread_warmup(void) 302 { 303 pthread_t thread; 304 int rc; 305 rc = pthread_create( 306 &thread, NULL, my_pthread_warmup_worker, NULL); 307 if (0 == rc) { 308 pthread_cancel(thread); 309 pthread_join(thread, NULL); 310 } 311 } 312 313 #endif /*defined(NEED_PTHREAD_WARMUP)*/ 314 315 316 void 317 parse_cmdline_opts( 318 int * pargc, 319 char ***pargv 320 ) 321 { 322 static int parsed; 323 static int optct; 324 325 if (!parsed) 326 optct = ntpOptionProcess(&ntpdOptions, *pargc, *pargv); 327 328 parsed = 1; 329 330 *pargc -= optct; 331 *pargv += optct; 332 } 333 334 335 #ifdef SIM 336 int 337 main( 338 int argc, 339 char *argv[] 340 ) 341 { 342 progname = argv[0]; 343 parse_cmdline_opts(&argc, &argv); 344 #ifdef DEBUG 345 debug = OPT_VALUE_SET_DEBUG_LEVEL; 346 DPRINTF(1, ("%s\n", Version)); 347 #endif 348 349 return ntpsim(argc, argv); 350 } 351 #else /* !SIM follows */ 352 #ifdef NO_MAIN_ALLOWED 353 CALL(ntpd,"ntpd",ntpdmain); 354 #else /* !NO_MAIN_ALLOWED follows */ 355 #ifndef SYS_WINNT 356 int 357 main( 358 int argc, 359 char *argv[] 360 ) 361 { 362 return ntpdmain(argc, argv); 363 } 364 #endif /* !SYS_WINNT */ 365 #endif /* !NO_MAIN_ALLOWED */ 366 #endif /* !SIM */ 367 368 #ifdef _AIX 369 /* 370 * OK. AIX is different than solaris in how it implements plock(). 371 * If you do NOT adjust the stack limit, you will get the MAXIMUM 372 * stack size allocated and PINNED with you program. To check the 373 * value, use ulimit -a. 374 * 375 * To fix this, we create an automatic variable and set our stack limit 376 * to that PLUS 32KB of extra space (we need some headroom). 377 * 378 * This subroutine gets the stack address. 379 * 380 * Grover Davidson and Matt Ladendorf 381 * 382 */ 383 static char * 384 get_aix_stack(void) 385 { 386 char ch; 387 return (&ch); 388 } 389 390 /* 391 * Signal handler for SIGDANGER. 392 */ 393 static void 394 catch_danger(int signo) 395 { 396 msyslog(LOG_INFO, "ntpd: setpgid(): %m"); 397 /* Make the system believe we'll free something, but don't do it! */ 398 return; 399 } 400 #endif /* _AIX */ 401 402 /* 403 * Set the process priority 404 */ 405 #ifndef SIM 406 static void 407 set_process_priority(void) 408 { 409 410 # ifdef DEBUG 411 if (debug > 1) 412 msyslog(LOG_DEBUG, "set_process_priority: %s: priority_done is <%d>", 413 ((priority_done) 414 ? "Leave priority alone" 415 : "Attempt to set priority" 416 ), 417 priority_done); 418 # endif /* DEBUG */ 419 420 # if defined(HAVE_SCHED_SETSCHEDULER) 421 if (!priority_done) { 422 extern int config_priority_override, config_priority; 423 int pmax, pmin; 424 struct sched_param sched; 425 426 pmax = sched_get_priority_max(SCHED_FIFO); 427 sched.sched_priority = pmax; 428 if ( config_priority_override ) { 429 pmin = sched_get_priority_min(SCHED_FIFO); 430 if ( config_priority > pmax ) 431 sched.sched_priority = pmax; 432 else if ( config_priority < pmin ) 433 sched.sched_priority = pmin; 434 else 435 sched.sched_priority = config_priority; 436 } 437 if ( sched_setscheduler(0, SCHED_FIFO, &sched) == -1 ) 438 msyslog(LOG_ERR, "sched_setscheduler(): %m"); 439 else 440 ++priority_done; 441 } 442 # endif /* HAVE_SCHED_SETSCHEDULER */ 443 # ifdef HAVE_RTPRIO 444 # ifdef RTP_SET 445 if (!priority_done) { 446 struct rtprio srtp; 447 448 srtp.type = RTP_PRIO_REALTIME; /* was: RTP_PRIO_NORMAL */ 449 srtp.prio = 0; /* 0 (hi) -> RTP_PRIO_MAX (31,lo) */ 450 451 if (rtprio(RTP_SET, getpid(), &srtp) < 0) 452 msyslog(LOG_ERR, "rtprio() error: %m"); 453 else 454 ++priority_done; 455 } 456 # else /* !RTP_SET follows */ 457 if (!priority_done) { 458 if (rtprio(0, 120) < 0) 459 msyslog(LOG_ERR, "rtprio() error: %m"); 460 else 461 ++priority_done; 462 } 463 # endif /* !RTP_SET */ 464 # endif /* HAVE_RTPRIO */ 465 # if defined(NTPD_PRIO) && NTPD_PRIO != 0 466 # ifdef HAVE_ATT_NICE 467 if (!priority_done) { 468 errno = 0; 469 if (-1 == nice (NTPD_PRIO) && errno != 0) 470 msyslog(LOG_ERR, "nice() error: %m"); 471 else 472 ++priority_done; 473 } 474 # endif /* HAVE_ATT_NICE */ 475 # ifdef HAVE_BSD_NICE 476 if (!priority_done) { 477 if (-1 == setpriority(PRIO_PROCESS, 0, NTPD_PRIO)) 478 msyslog(LOG_ERR, "setpriority() error: %m"); 479 else 480 ++priority_done; 481 } 482 # endif /* HAVE_BSD_NICE */ 483 # endif /* NTPD_PRIO && NTPD_PRIO != 0 */ 484 if (!priority_done) 485 msyslog(LOG_ERR, "set_process_priority: No way found to improve our priority"); 486 } 487 #endif /* !SIM */ 488 489 490 /* 491 * Main program. Initialize us, disconnect us from the tty if necessary, 492 * and loop waiting for I/O and/or timer expiries. 493 */ 494 #ifndef SIM 495 int 496 ntpdmain( 497 int argc, 498 char *argv[] 499 ) 500 { 501 l_fp now; 502 struct recvbuf *rbuf; 503 const char * logfilename; 504 # ifdef HAVE_UMASK 505 mode_t uv; 506 # endif 507 # if defined(HAVE_GETUID) && !defined(MPE) /* MPE lacks the concept of root */ 508 uid_t uid; 509 # endif 510 # if defined(HAVE_WORKING_FORK) 511 long wait_sync = 0; 512 int pipe_fds[2]; 513 int rc; 514 int exit_code; 515 # ifdef _AIX 516 struct sigaction sa; 517 # endif 518 # if !defined(HAVE_SETSID) && !defined (HAVE_SETPGID) && defined(TIOCNOTTY) 519 int fid; 520 # endif 521 # endif /* HAVE_WORKING_FORK*/ 522 # ifdef SCO5_CLOCK 523 int fd; 524 int zero; 525 # endif 526 527 # ifdef NEED_PTHREAD_WARMUP 528 my_pthread_warmup(); 529 # endif 530 531 # ifdef HAVE_UMASK 532 uv = umask(0); 533 if (uv) 534 umask(uv); 535 else 536 umask(022); 537 # endif 538 saved_argc = argc; 539 saved_argv = argv; 540 progname = argv[0]; 541 initializing = TRUE; /* mark that we are initializing */ 542 parse_cmdline_opts(&argc, &argv); 543 # ifdef DEBUG 544 debug = OPT_VALUE_SET_DEBUG_LEVEL; 545 # ifdef HAVE_SETLINEBUF 546 setlinebuf(stdout); 547 # endif 548 # endif 549 550 if (HAVE_OPT(NOFORK) || HAVE_OPT(QUIT) 551 # ifdef DEBUG 552 || debug 553 # endif 554 || HAVE_OPT(SAVECONFIGQUIT)) 555 nofork = TRUE; 556 557 init_logging(progname, NLOG_SYNCMASK, TRUE); 558 /* honor -l/--logfile option to log to a file */ 559 if (HAVE_OPT(LOGFILE)) { 560 logfilename = OPT_ARG(LOGFILE); 561 syslogit = FALSE; 562 change_logfile(logfilename, FALSE); 563 } else { 564 logfilename = NULL; 565 if (nofork) 566 msyslog_term = TRUE; 567 if (HAVE_OPT(SAVECONFIGQUIT)) 568 syslogit = FALSE; 569 } 570 msyslog(LOG_NOTICE, "%s: Starting", Version); 571 572 { 573 int i; 574 char buf[1024]; /* Secret knowledge of msyslog buf length */ 575 char *cp = buf; 576 577 /* Note that every arg has an initial space character */ 578 snprintf(cp, sizeof(buf), "Command line:"); 579 cp += strlen(cp); 580 581 for (i = 0; i < saved_argc ; ++i) { 582 snprintf(cp, sizeof(buf) - (cp - buf), 583 " %s", saved_argv[i]); 584 cp += strlen(cp); 585 } 586 msyslog(LOG_INFO, "%s", buf); 587 } 588 589 /* 590 * Install trap handlers to log errors and assertion failures. 591 * Default handlers print to stderr which doesn't work if detached. 592 */ 593 isc_assertion_setcallback(assertion_failed); 594 isc_error_setfatal(library_fatal_error); 595 isc_error_setunexpected(library_unexpected_error); 596 597 /* MPE lacks the concept of root */ 598 # if defined(HAVE_GETUID) && !defined(MPE) 599 uid = getuid(); 600 if (uid && !HAVE_OPT( SAVECONFIGQUIT )) { 601 msyslog_term = TRUE; 602 msyslog(LOG_ERR, 603 "must be run as root, not uid %ld", (long)uid); 604 exit(1); 605 } 606 # endif 607 608 /* 609 * Enable the Multi-Media Timer for Windows? 610 */ 611 # ifdef SYS_WINNT 612 if (HAVE_OPT( MODIFYMMTIMER )) 613 set_mm_timer(MM_TIMER_HIRES); 614 # endif 615 616 #ifdef HAVE_DNSREGISTRATION 617 /* 618 * Enable mDNS registrations? 619 */ 620 if (HAVE_OPT( MDNS )) { 621 mdnsreg = TRUE; 622 } 623 #endif /* HAVE_DNSREGISTRATION */ 624 625 if (HAVE_OPT( NOVIRTUALIPS )) 626 listen_to_virtual_ips = 0; 627 628 /* 629 * --interface, listen on specified interfaces 630 */ 631 if (HAVE_OPT( INTERFACE )) { 632 int ifacect = STACKCT_OPT( INTERFACE ); 633 const char** ifaces = STACKLST_OPT( INTERFACE ); 634 sockaddr_u addr; 635 636 while (ifacect-- > 0) { 637 add_nic_rule( 638 is_ip_address(*ifaces, AF_UNSPEC, &addr) 639 ? MATCH_IFADDR 640 : MATCH_IFNAME, 641 *ifaces, -1, ACTION_LISTEN); 642 ifaces++; 643 } 644 } 645 646 if (HAVE_OPT( NICE )) 647 priority_done = 0; 648 649 # ifdef HAVE_SCHED_SETSCHEDULER 650 if (HAVE_OPT( PRIORITY )) { 651 config_priority = OPT_VALUE_PRIORITY; 652 config_priority_override = 1; 653 priority_done = 0; 654 } 655 # endif 656 657 # ifdef HAVE_WORKING_FORK 658 /* make sure the FDs are initialised */ 659 pipe_fds[0] = -1; 660 pipe_fds[1] = -1; 661 do { /* 'loop' once */ 662 if (!HAVE_OPT( WAIT_SYNC )) 663 break; 664 wait_sync = OPT_VALUE_WAIT_SYNC; 665 if (wait_sync <= 0) { 666 wait_sync = 0; 667 break; 668 } 669 /* -w requires a fork() even with debug > 0 */ 670 nofork = FALSE; 671 if (pipe(pipe_fds)) { 672 exit_code = (errno) ? errno : -1; 673 msyslog(LOG_ERR, 674 "Pipe creation failed for --wait-sync: %m"); 675 exit(exit_code); 676 } 677 waitsync_fd_to_close = pipe_fds[1]; 678 } while (0); /* 'loop' once */ 679 # endif /* HAVE_WORKING_FORK */ 680 681 init_lib(); 682 # ifdef SYS_WINNT 683 /* 684 * Start interpolation thread, must occur before first 685 * get_systime() 686 */ 687 init_winnt_time(); 688 # endif 689 /* 690 * Initialize random generator and public key pair 691 */ 692 get_systime(&now); 693 694 ntp_srandom((int)(now.l_i * now.l_uf)); 695 696 /* 697 * Detach us from the terminal. May need an #ifndef GIZMO. 698 */ 699 if (!nofork) { 700 701 # ifdef HAVE_WORKING_FORK 702 rc = fork(); 703 if (-1 == rc) { 704 exit_code = (errno) ? errno : -1; 705 msyslog(LOG_ERR, "fork: %m"); 706 exit(exit_code); 707 } 708 if (rc > 0) { 709 /* parent */ 710 exit_code = wait_child_sync_if(pipe_fds[0], 711 wait_sync); 712 exit(exit_code); 713 } 714 715 /* 716 * child/daemon 717 * close all open files excepting waitsync_fd_to_close. 718 * msyslog() unreliable until after init_logging(). 719 */ 720 closelog(); 721 if (syslog_file != NULL) { 722 fclose(syslog_file); 723 syslog_file = NULL; 724 syslogit = TRUE; 725 } 726 close_all_except(waitsync_fd_to_close); 727 INSIST(0 == open("/dev/null", 0) && 1 == dup2(0, 1) \ 728 && 2 == dup2(0, 2)); 729 730 init_logging(progname, 0, TRUE); 731 /* we lost our logfile (if any) daemonizing */ 732 setup_logfile(logfilename); 733 734 # ifdef SYS_DOMAINOS 735 { 736 uid_$t puid; 737 status_$t st; 738 739 proc2_$who_am_i(&puid); 740 proc2_$make_server(&puid, &st); 741 } 742 # endif /* SYS_DOMAINOS */ 743 # ifdef HAVE_SETSID 744 if (setsid() == (pid_t)-1) 745 msyslog(LOG_ERR, "setsid(): %m"); 746 # elif defined(HAVE_SETPGID) 747 if (setpgid(0, 0) == -1) 748 msyslog(LOG_ERR, "setpgid(): %m"); 749 # else /* !HAVE_SETSID && !HAVE_SETPGID follows */ 750 # ifdef TIOCNOTTY 751 fid = open("/dev/tty", 2); 752 if (fid >= 0) { 753 ioctl(fid, (u_long)TIOCNOTTY, NULL); 754 close(fid); 755 } 756 # endif /* TIOCNOTTY */ 757 ntp_setpgrp(0, getpid()); 758 # endif /* !HAVE_SETSID && !HAVE_SETPGID */ 759 # ifdef _AIX 760 /* Don't get killed by low-on-memory signal. */ 761 sa.sa_handler = catch_danger; 762 sigemptyset(&sa.sa_mask); 763 sa.sa_flags = SA_RESTART; 764 sigaction(SIGDANGER, &sa, NULL); 765 # endif /* _AIX */ 766 # endif /* HAVE_WORKING_FORK */ 767 } 768 769 # ifdef SCO5_CLOCK 770 /* 771 * SCO OpenServer's system clock offers much more precise timekeeping 772 * on the base CPU than the other CPUs (for multiprocessor systems), 773 * so we must lock to the base CPU. 774 */ 775 fd = open("/dev/at1", O_RDONLY); 776 if (fd >= 0) { 777 zero = 0; 778 if (ioctl(fd, ACPU_LOCK, &zero) < 0) 779 msyslog(LOG_ERR, "cannot lock to base CPU: %m"); 780 close(fd); 781 } 782 # endif 783 784 /* Setup stack size in preparation for locking pages in memory. */ 785 # if defined(HAVE_MLOCKALL) 786 # ifdef HAVE_SETRLIMIT 787 ntp_rlimit(RLIMIT_STACK, DFLT_RLIMIT_STACK * 4096, 4096, "4k"); 788 # ifdef RLIMIT_MEMLOCK 789 /* 790 * The default RLIMIT_MEMLOCK is very low on Linux systems. 791 * Unless we increase this limit malloc calls are likely to 792 * fail if we drop root privilege. To be useful the value 793 * has to be larger than the largest ntpd resident set size. 794 */ 795 ntp_rlimit(RLIMIT_MEMLOCK, DFLT_RLIMIT_MEMLOCK * 1024 * 1024, 1024 * 1024, "MB"); 796 # endif /* RLIMIT_MEMLOCK */ 797 # endif /* HAVE_SETRLIMIT */ 798 # else /* !HAVE_MLOCKALL follows */ 799 # ifdef HAVE_PLOCK 800 # ifdef PROCLOCK 801 # ifdef _AIX 802 /* 803 * set the stack limit for AIX for plock(). 804 * see get_aix_stack() for more info. 805 */ 806 if (ulimit(SET_STACKLIM, (get_aix_stack() - 8 * 4096)) < 0) 807 msyslog(LOG_ERR, 808 "Cannot adjust stack limit for plock: %m"); 809 # endif /* _AIX */ 810 # endif /* PROCLOCK */ 811 # endif /* HAVE_PLOCK */ 812 # endif /* !HAVE_MLOCKALL */ 813 814 /* 815 * Set up signals we pay attention to locally. 816 */ 817 # ifdef SIGDIE1 818 signal_no_reset(SIGDIE1, finish); 819 signal_no_reset(SIGDIE2, finish); 820 signal_no_reset(SIGDIE3, finish); 821 signal_no_reset(SIGDIE4, finish); 822 # endif 823 # ifdef SIGBUS 824 signal_no_reset(SIGBUS, finish); 825 # endif 826 827 # if !defined(SYS_WINNT) && !defined(VMS) 828 # ifdef DEBUG 829 (void) signal_no_reset(MOREDEBUGSIG, moredebug); 830 (void) signal_no_reset(LESSDEBUGSIG, lessdebug); 831 # else 832 (void) signal_no_reset(MOREDEBUGSIG, no_debug); 833 (void) signal_no_reset(LESSDEBUGSIG, no_debug); 834 # endif /* DEBUG */ 835 # endif /* !SYS_WINNT && !VMS */ 836 837 /* 838 * Set up signals we should never pay attention to. 839 */ 840 # ifdef SIGPIPE 841 signal_no_reset(SIGPIPE, SIG_IGN); 842 # endif 843 844 /* 845 * Call the init_ routines to initialize the data structures. 846 * 847 * Exactly what command-line options are we expecting here? 848 */ 849 INIT_SSL(); 850 init_auth(); 851 init_util(); 852 init_restrict(); 853 init_mon(); 854 init_timer(); 855 init_request(); 856 init_control(); 857 init_peer(); 858 # ifdef REFCLOCK 859 init_refclock(); 860 # endif 861 set_process_priority(); 862 init_proto(); /* Call at high priority */ 863 init_io(); 864 init_loopfilter(); 865 mon_start(MON_ON); /* monitor on by default now */ 866 /* turn off in config if unwanted */ 867 868 /* 869 * Get the configuration. This is done in a separate module 870 * since this will definitely be different for the gizmo board. 871 */ 872 getconfig(argc, argv); 873 874 if (-1 == cur_memlock) { 875 # if defined(HAVE_MLOCKALL) 876 /* 877 * lock the process into memory 878 */ 879 if ( !HAVE_OPT(SAVECONFIGQUIT) 880 # ifdef RLIMIT_MEMLOCK 881 && -1 != DFLT_RLIMIT_MEMLOCK 882 # endif 883 && 0 != mlockall(MCL_CURRENT|MCL_FUTURE)) 884 msyslog(LOG_ERR, "mlockall(): %m"); 885 # else /* !HAVE_MLOCKALL follows */ 886 # ifdef HAVE_PLOCK 887 # ifdef PROCLOCK 888 /* 889 * lock the process into memory 890 */ 891 if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(PROCLOCK)) 892 msyslog(LOG_ERR, "plock(PROCLOCK): %m"); 893 # else /* !PROCLOCK follows */ 894 # ifdef TXTLOCK 895 /* 896 * Lock text into ram 897 */ 898 if (!HAVE_OPT(SAVECONFIGQUIT) && 0 != plock(TXTLOCK)) 899 msyslog(LOG_ERR, "plock(TXTLOCK) error: %m"); 900 # else /* !TXTLOCK follows */ 901 msyslog(LOG_ERR, "plock() - don't know what to lock!"); 902 # endif /* !TXTLOCK */ 903 # endif /* !PROCLOCK */ 904 # endif /* HAVE_PLOCK */ 905 # endif /* !HAVE_MLOCKALL */ 906 } 907 908 loop_config(LOOP_DRIFTINIT, 0); 909 report_event(EVNT_SYSRESTART, NULL, NULL); 910 initializing = FALSE; 911 912 # ifdef HAVE_DROPROOT 913 if (droproot) { 914 /* Drop super-user privileges and chroot now if the OS supports this */ 915 916 # ifdef HAVE_LINUX_CAPABILITIES 917 /* set flag: keep privileges accross setuid() call (we only really need cap_sys_time): */ 918 if (prctl( PR_SET_KEEPCAPS, 1L, 0L, 0L, 0L ) == -1) { 919 msyslog( LOG_ERR, "prctl( PR_SET_KEEPCAPS, 1L ) failed: %m" ); 920 exit(-1); 921 } 922 # elif HAVE_SOLARIS_PRIVS 923 /* Nothing to do here */ 924 # else 925 /* we need a user to switch to */ 926 if (user == NULL) { 927 msyslog(LOG_ERR, "Need user name to drop root privileges (see -u flag!)" ); 928 exit(-1); 929 } 930 # endif /* HAVE_LINUX_CAPABILITIES || HAVE_SOLARIS_PRIVS */ 931 932 if (user != NULL) { 933 if (isdigit((unsigned char)*user)) { 934 sw_uid = (uid_t)strtoul(user, &endp, 0); 935 if (*endp != '\0') 936 goto getuser; 937 938 if ((pw = getpwuid(sw_uid)) != NULL) { 939 free(user); 940 user = estrdup(pw->pw_name); 941 sw_gid = pw->pw_gid; 942 } else { 943 errno = 0; 944 msyslog(LOG_ERR, "Cannot find user ID %s", user); 945 exit (-1); 946 } 947 948 } else { 949 getuser: 950 errno = 0; 951 if ((pw = getpwnam(user)) != NULL) { 952 sw_uid = pw->pw_uid; 953 sw_gid = pw->pw_gid; 954 } else { 955 if (errno) 956 msyslog(LOG_ERR, "getpwnam(%s) failed: %m", user); 957 else 958 msyslog(LOG_ERR, "Cannot find user `%s'", user); 959 exit (-1); 960 } 961 } 962 } 963 if (group != NULL) { 964 if (isdigit((unsigned char)*group)) { 965 sw_gid = (gid_t)strtoul(group, &endp, 0); 966 if (*endp != '\0') 967 goto getgroup; 968 } else { 969 getgroup: 970 if ((gr = getgrnam(group)) != NULL) { 971 sw_gid = gr->gr_gid; 972 } else { 973 errno = 0; 974 msyslog(LOG_ERR, "Cannot find group `%s'", group); 975 exit (-1); 976 } 977 } 978 } 979 980 if (chrootdir ) { 981 /* make sure cwd is inside the jail: */ 982 if (chdir(chrootdir)) { 983 msyslog(LOG_ERR, "Cannot chdir() to `%s': %m", chrootdir); 984 exit (-1); 985 } 986 if (chroot(chrootdir)) { 987 msyslog(LOG_ERR, "Cannot chroot() to `%s': %m", chrootdir); 988 exit (-1); 989 } 990 if (chdir("/")) { 991 msyslog(LOG_ERR, "Cannot chdir() to`root after chroot(): %m"); 992 exit (-1); 993 } 994 } 995 # ifdef HAVE_SOLARIS_PRIVS 996 if ((lowprivs = priv_str_to_set(LOWPRIVS, ",", NULL)) == NULL) { 997 msyslog(LOG_ERR, "priv_str_to_set() failed:%m"); 998 exit(-1); 999 } 1000 if ((highprivs = priv_allocset()) == NULL) { 1001 msyslog(LOG_ERR, "priv_allocset() failed:%m"); 1002 exit(-1); 1003 } 1004 (void) getppriv(PRIV_PERMITTED, highprivs); 1005 (void) priv_intersect(highprivs, lowprivs); 1006 if (setppriv(PRIV_SET, PRIV_PERMITTED, lowprivs) == -1) { 1007 msyslog(LOG_ERR, "setppriv() failed:%m"); 1008 exit(-1); 1009 } 1010 # endif /* HAVE_SOLARIS_PRIVS */ 1011 if (user && initgroups(user, sw_gid)) { 1012 msyslog(LOG_ERR, "Cannot initgroups() to user `%s': %m", user); 1013 exit (-1); 1014 } 1015 if (group && setgid(sw_gid)) { 1016 msyslog(LOG_ERR, "Cannot setgid() to group `%s': %m", group); 1017 exit (-1); 1018 } 1019 if (group && setegid(sw_gid)) { 1020 msyslog(LOG_ERR, "Cannot setegid() to group `%s': %m", group); 1021 exit (-1); 1022 } 1023 if (group) { 1024 if (0 != setgroups(1, &sw_gid)) { 1025 msyslog(LOG_ERR, "setgroups(1, %d) failed: %m", sw_gid); 1026 exit (-1); 1027 } 1028 } 1029 else if (pw) 1030 if (0 != initgroups(pw->pw_name, pw->pw_gid)) { 1031 msyslog(LOG_ERR, "initgroups(<%s>, %d) filed: %m", pw->pw_name, pw->pw_gid); 1032 exit (-1); 1033 } 1034 if (user && setuid(sw_uid)) { 1035 msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user); 1036 exit (-1); 1037 } 1038 if (user && seteuid(sw_uid)) { 1039 msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user); 1040 exit (-1); 1041 } 1042 1043 # if !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS) 1044 /* 1045 * for now assume that the privilege to bind to privileged ports 1046 * is associated with running with uid 0 - should be refined on 1047 * ports that allow binding to NTP_PORT with uid != 0 1048 */ 1049 disable_dynamic_updates |= (sw_uid != 0); /* also notifies routing message listener */ 1050 # endif /* !HAVE_LINUX_CAPABILITIES && !HAVE_SOLARIS_PRIVS */ 1051 1052 if (disable_dynamic_updates && interface_interval) { 1053 interface_interval = 0; 1054 msyslog(LOG_INFO, "running as non-root disables dynamic interface tracking"); 1055 } 1056 1057 # ifdef HAVE_LINUX_CAPABILITIES 1058 { 1059 /* 1060 * We may be running under non-root uid now, but we still hold full root privileges! 1061 * We drop all of them, except for the crucial one or two: cap_sys_time and 1062 * cap_net_bind_service if doing dynamic interface tracking. 1063 */ 1064 cap_t caps; 1065 char *captext; 1066 1067 captext = (0 != interface_interval) 1068 ? "cap_sys_time,cap_net_bind_service=pe" 1069 : "cap_sys_time=pe"; 1070 caps = cap_from_text(captext); 1071 if (!caps) { 1072 msyslog(LOG_ERR, 1073 "cap_from_text(%s) failed: %m", 1074 captext); 1075 exit(-1); 1076 } 1077 if (-1 == cap_set_proc(caps)) { 1078 msyslog(LOG_ERR, 1079 "cap_set_proc() failed to drop root privs: %m"); 1080 exit(-1); 1081 } 1082 cap_free(caps); 1083 } 1084 # endif /* HAVE_LINUX_CAPABILITIES */ 1085 # ifdef HAVE_SOLARIS_PRIVS 1086 if (priv_delset(lowprivs, "proc_setid") == -1) { 1087 msyslog(LOG_ERR, "priv_delset() failed:%m"); 1088 exit(-1); 1089 } 1090 if (setppriv(PRIV_SET, PRIV_PERMITTED, lowprivs) == -1) { 1091 msyslog(LOG_ERR, "setppriv() failed:%m"); 1092 exit(-1); 1093 } 1094 priv_freeset(lowprivs); 1095 priv_freeset(highprivs); 1096 # endif /* HAVE_SOLARIS_PRIVS */ 1097 root_dropped = TRUE; 1098 fork_deferred_worker(); 1099 } /* if (droproot) */ 1100 # endif /* HAVE_DROPROOT */ 1101 1102 /* libssecomp sandboxing */ 1103 #if defined (LIBSECCOMP) && (KERN_SECCOMP) 1104 scmp_filter_ctx ctx; 1105 1106 if ((ctx = seccomp_init(SCMP_ACT_KILL)) < 0) 1107 msyslog(LOG_ERR, "%s: seccomp_init(SCMP_ACT_KILL) failed: %m", __func__); 1108 else { 1109 msyslog(LOG_DEBUG, "%s: seccomp_init(SCMP_ACT_KILL) succeeded", __func__); 1110 } 1111 1112 #ifdef __x86_64__ 1113 int scmp_sc[] = { 1114 SCMP_SYS(adjtimex), 1115 SCMP_SYS(bind), 1116 SCMP_SYS(brk), 1117 SCMP_SYS(chdir), 1118 SCMP_SYS(clock_gettime), 1119 SCMP_SYS(clock_settime), 1120 SCMP_SYS(close), 1121 SCMP_SYS(connect), 1122 SCMP_SYS(exit_group), 1123 SCMP_SYS(fstat), 1124 SCMP_SYS(fsync), 1125 SCMP_SYS(futex), 1126 SCMP_SYS(getitimer), 1127 SCMP_SYS(getsockname), 1128 SCMP_SYS(ioctl), 1129 SCMP_SYS(lseek), 1130 SCMP_SYS(madvise), 1131 SCMP_SYS(mmap), 1132 SCMP_SYS(munmap), 1133 SCMP_SYS(open), 1134 SCMP_SYS(poll), 1135 SCMP_SYS(read), 1136 SCMP_SYS(recvmsg), 1137 SCMP_SYS(rename), 1138 SCMP_SYS(rt_sigaction), 1139 SCMP_SYS(rt_sigprocmask), 1140 SCMP_SYS(rt_sigreturn), 1141 SCMP_SYS(select), 1142 SCMP_SYS(sendto), 1143 SCMP_SYS(setitimer), 1144 SCMP_SYS(setsid), 1145 SCMP_SYS(socket), 1146 SCMP_SYS(stat), 1147 SCMP_SYS(time), 1148 SCMP_SYS(write), 1149 }; 1150 #endif 1151 #ifdef __i386__ 1152 int scmp_sc[] = { 1153 SCMP_SYS(_newselect), 1154 SCMP_SYS(adjtimex), 1155 SCMP_SYS(brk), 1156 SCMP_SYS(chdir), 1157 SCMP_SYS(clock_gettime), 1158 SCMP_SYS(clock_settime), 1159 SCMP_SYS(close), 1160 SCMP_SYS(exit_group), 1161 SCMP_SYS(fsync), 1162 SCMP_SYS(futex), 1163 SCMP_SYS(getitimer), 1164 SCMP_SYS(madvise), 1165 SCMP_SYS(mmap), 1166 SCMP_SYS(mmap2), 1167 SCMP_SYS(munmap), 1168 SCMP_SYS(open), 1169 SCMP_SYS(poll), 1170 SCMP_SYS(read), 1171 SCMP_SYS(rename), 1172 SCMP_SYS(rt_sigaction), 1173 SCMP_SYS(rt_sigprocmask), 1174 SCMP_SYS(select), 1175 SCMP_SYS(setitimer), 1176 SCMP_SYS(setsid), 1177 SCMP_SYS(sigprocmask), 1178 SCMP_SYS(sigreturn), 1179 SCMP_SYS(socketcall), 1180 SCMP_SYS(stat64), 1181 SCMP_SYS(time), 1182 SCMP_SYS(write), 1183 }; 1184 #endif 1185 { 1186 int i; 1187 1188 for (i = 0; i < COUNTOF(scmp_sc); i++) { 1189 if (seccomp_rule_add(ctx, 1190 SCMP_ACT_ALLOW, scmp_sc[i], 0) < 0) { 1191 msyslog(LOG_ERR, 1192 "%s: seccomp_rule_add() failed: %m", 1193 __func__); 1194 } 1195 } 1196 } 1197 1198 if (seccomp_load(ctx) < 0) 1199 msyslog(LOG_ERR, "%s: seccomp_load() failed: %m", 1200 __func__); 1201 else { 1202 msyslog(LOG_DEBUG, "%s: seccomp_load() succeeded", __func__); 1203 } 1204 #endif /* LIBSECCOMP and KERN_SECCOMP */ 1205 1206 # ifdef HAVE_IO_COMPLETION_PORT 1207 1208 for (;;) { 1209 GetReceivedBuffers(); 1210 # else /* normal I/O */ 1211 1212 BLOCK_IO_AND_ALARM(); 1213 was_alarmed = FALSE; 1214 1215 for (;;) { 1216 if (alarm_flag) { /* alarmed? */ 1217 was_alarmed = TRUE; 1218 alarm_flag = FALSE; 1219 } 1220 1221 if (!was_alarmed && !has_full_recv_buffer()) { 1222 /* 1223 * Nothing to do. Wait for something. 1224 */ 1225 io_handler(); 1226 } 1227 1228 if (alarm_flag) { /* alarmed? */ 1229 was_alarmed = TRUE; 1230 alarm_flag = FALSE; 1231 } 1232 1233 if (was_alarmed) { 1234 UNBLOCK_IO_AND_ALARM(); 1235 /* 1236 * Out here, signals are unblocked. Call timer routine 1237 * to process expiry. 1238 */ 1239 timer(); 1240 was_alarmed = FALSE; 1241 BLOCK_IO_AND_ALARM(); 1242 } 1243 1244 # endif /* !HAVE_IO_COMPLETION_PORT */ 1245 1246 # ifdef DEBUG_TIMING 1247 { 1248 l_fp pts; 1249 l_fp tsa, tsb; 1250 int bufcount = 0; 1251 1252 get_systime(&pts); 1253 tsa = pts; 1254 # endif 1255 rbuf = get_full_recv_buffer(); 1256 while (rbuf != NULL) { 1257 if (alarm_flag) { 1258 was_alarmed = TRUE; 1259 alarm_flag = FALSE; 1260 } 1261 UNBLOCK_IO_AND_ALARM(); 1262 1263 if (was_alarmed) { 1264 /* avoid timer starvation during lengthy I/O handling */ 1265 timer(); 1266 was_alarmed = FALSE; 1267 } 1268 1269 /* 1270 * Call the data procedure to handle each received 1271 * packet. 1272 */ 1273 if (rbuf->receiver != NULL) { 1274 # ifdef DEBUG_TIMING 1275 l_fp dts = pts; 1276 1277 L_SUB(&dts, &rbuf->recv_time); 1278 DPRINTF(2, ("processing timestamp delta %s (with prec. fuzz)\n", lfptoa(&dts, 9))); 1279 collect_timing(rbuf, "buffer processing delay", 1, &dts); 1280 bufcount++; 1281 # endif 1282 (*rbuf->receiver)(rbuf); 1283 } else { 1284 msyslog(LOG_ERR, "fatal: receive buffer callback NULL"); 1285 abort(); 1286 } 1287 1288 BLOCK_IO_AND_ALARM(); 1289 freerecvbuf(rbuf); 1290 rbuf = get_full_recv_buffer(); 1291 } 1292 # ifdef DEBUG_TIMING 1293 get_systime(&tsb); 1294 L_SUB(&tsb, &tsa); 1295 if (bufcount) { 1296 collect_timing(NULL, "processing", bufcount, &tsb); 1297 DPRINTF(2, ("processing time for %d buffers %s\n", bufcount, lfptoa(&tsb, 9))); 1298 } 1299 } 1300 # endif 1301 1302 /* 1303 * Go around again 1304 */ 1305 1306 # ifdef HAVE_DNSREGISTRATION 1307 if (mdnsreg && (current_time - mdnsreg ) > 60 && mdnstries && sys_leap != LEAP_NOTINSYNC) { 1308 mdnsreg = current_time; 1309 msyslog(LOG_INFO, "Attempting to register mDNS"); 1310 if ( DNSServiceRegister (&mdns, 0, 0, NULL, "_ntp._udp", NULL, NULL, 1311 htons(NTP_PORT), 0, NULL, NULL, NULL) != kDNSServiceErr_NoError ) { 1312 if (!--mdnstries) { 1313 msyslog(LOG_ERR, "Unable to register mDNS, giving up."); 1314 } else { 1315 msyslog(LOG_INFO, "Unable to register mDNS, will try later."); 1316 } 1317 } else { 1318 msyslog(LOG_INFO, "mDNS service registered."); 1319 mdnsreg = FALSE; 1320 } 1321 } 1322 # endif /* HAVE_DNSREGISTRATION */ 1323 1324 } 1325 UNBLOCK_IO_AND_ALARM(); 1326 return 1; 1327 } 1328 #endif /* !SIM */ 1329 1330 1331 #if !defined(SIM) && defined(SIGDIE1) 1332 /* 1333 * finish - exit gracefully 1334 */ 1335 static RETSIGTYPE 1336 finish( 1337 int sig 1338 ) 1339 { 1340 const char *sig_desc; 1341 1342 sig_desc = NULL; 1343 #ifdef HAVE_STRSIGNAL 1344 sig_desc = strsignal(sig); 1345 #endif 1346 if (sig_desc == NULL) 1347 sig_desc = ""; 1348 msyslog(LOG_NOTICE, "%s exiting on signal %d (%s)", progname, 1349 sig, sig_desc); 1350 /* See Bug 2513 and Bug 2522 re the unlink of PIDFILE */ 1351 # ifdef HAVE_DNSREGISTRATION 1352 if (mdns != NULL) 1353 DNSServiceRefDeallocate(mdns); 1354 # endif 1355 peer_cleanup(); 1356 exit(0); 1357 } 1358 #endif /* !SIM && SIGDIE1 */ 1359 1360 1361 #ifndef SIM 1362 /* 1363 * wait_child_sync_if - implements parent side of -w/--wait-sync 1364 */ 1365 # ifdef HAVE_WORKING_FORK 1366 static int 1367 wait_child_sync_if( 1368 int pipe_read_fd, 1369 long wait_sync 1370 ) 1371 { 1372 int rc; 1373 int exit_code; 1374 time_t wait_end_time; 1375 time_t cur_time; 1376 time_t wait_rem; 1377 fd_set readset; 1378 struct timeval wtimeout; 1379 1380 if (0 == wait_sync) 1381 return 0; 1382 1383 /* waitsync_fd_to_close used solely by child */ 1384 close(waitsync_fd_to_close); 1385 wait_end_time = time(NULL) + wait_sync; 1386 do { 1387 cur_time = time(NULL); 1388 wait_rem = (wait_end_time > cur_time) 1389 ? (wait_end_time - cur_time) 1390 : 0; 1391 wtimeout.tv_sec = wait_rem; 1392 wtimeout.tv_usec = 0; 1393 FD_ZERO(&readset); 1394 FD_SET(pipe_read_fd, &readset); 1395 rc = select(pipe_read_fd + 1, &readset, NULL, NULL, 1396 &wtimeout); 1397 if (-1 == rc) { 1398 if (EINTR == errno) 1399 continue; 1400 exit_code = (errno) ? errno : -1; 1401 msyslog(LOG_ERR, 1402 "--wait-sync select failed: %m"); 1403 return exit_code; 1404 } 1405 if (0 == rc) { 1406 /* 1407 * select() indicated a timeout, but in case 1408 * its timeouts are affected by a step of the 1409 * system clock, select() again with a zero 1410 * timeout to confirm. 1411 */ 1412 FD_ZERO(&readset); 1413 FD_SET(pipe_read_fd, &readset); 1414 wtimeout.tv_sec = 0; 1415 wtimeout.tv_usec = 0; 1416 rc = select(pipe_read_fd + 1, &readset, NULL, 1417 NULL, &wtimeout); 1418 if (0 == rc) /* select() timeout */ 1419 break; 1420 else /* readable */ 1421 return 0; 1422 } else /* readable */ 1423 return 0; 1424 } while (wait_rem > 0); 1425 1426 fprintf(stderr, "%s: -w/--wait-sync %ld timed out.\n", 1427 progname, wait_sync); 1428 return ETIMEDOUT; 1429 } 1430 # endif /* HAVE_WORKING_FORK */ 1431 1432 1433 /* 1434 * assertion_failed - Redirect assertion failures to msyslog(). 1435 */ 1436 static void 1437 assertion_failed( 1438 const char *file, 1439 int line, 1440 isc_assertiontype_t type, 1441 const char *cond 1442 ) 1443 { 1444 isc_assertion_setcallback(NULL); /* Avoid recursion */ 1445 1446 msyslog(LOG_ERR, "%s:%d: %s(%s) failed", 1447 file, line, isc_assertion_typetotext(type), cond); 1448 msyslog(LOG_ERR, "exiting (due to assertion failure)"); 1449 1450 #if defined(DEBUG) && defined(SYS_WINNT) 1451 if (debug) 1452 DebugBreak(); 1453 #endif 1454 1455 abort(); 1456 } 1457 1458 1459 /* 1460 * library_fatal_error - Handle fatal errors from our libraries. 1461 */ 1462 static void 1463 library_fatal_error( 1464 const char *file, 1465 int line, 1466 const char *format, 1467 va_list args 1468 ) 1469 { 1470 char errbuf[256]; 1471 1472 isc_error_setfatal(NULL); /* Avoid recursion */ 1473 1474 msyslog(LOG_ERR, "%s:%d: fatal error:", file, line); 1475 vsnprintf(errbuf, sizeof(errbuf), format, args); 1476 msyslog(LOG_ERR, "%s", errbuf); 1477 msyslog(LOG_ERR, "exiting (due to fatal error in library)"); 1478 1479 #if defined(DEBUG) && defined(SYS_WINNT) 1480 if (debug) 1481 DebugBreak(); 1482 #endif 1483 1484 abort(); 1485 } 1486 1487 1488 /* 1489 * library_unexpected_error - Handle non fatal errors from our libraries. 1490 */ 1491 # define MAX_UNEXPECTED_ERRORS 100 1492 int unexpected_error_cnt = 0; 1493 static void 1494 library_unexpected_error( 1495 const char *file, 1496 int line, 1497 const char *format, 1498 va_list args 1499 ) 1500 { 1501 char errbuf[256]; 1502 1503 if (unexpected_error_cnt >= MAX_UNEXPECTED_ERRORS) 1504 return; /* avoid clutter in log */ 1505 1506 msyslog(LOG_ERR, "%s:%d: unexpected error:", file, line); 1507 vsnprintf(errbuf, sizeof(errbuf), format, args); 1508 msyslog(LOG_ERR, "%s", errbuf); 1509 1510 if (++unexpected_error_cnt == MAX_UNEXPECTED_ERRORS) 1511 msyslog(LOG_ERR, "Too many errors. Shutting up."); 1512 1513 } 1514 #endif /* !SIM */ 1515 1516 #if !defined(SIM) && !defined(SYS_WINNT) 1517 # ifdef DEBUG 1518 1519 /* 1520 * moredebug - increase debugging verbosity 1521 */ 1522 static RETSIGTYPE 1523 moredebug( 1524 int sig 1525 ) 1526 { 1527 int saved_errno = errno; 1528 1529 if (debug < 255) 1530 { 1531 debug++; 1532 msyslog(LOG_DEBUG, "debug raised to %d", debug); 1533 } 1534 errno = saved_errno; 1535 } 1536 1537 1538 /* 1539 * lessdebug - decrease debugging verbosity 1540 */ 1541 static RETSIGTYPE 1542 lessdebug( 1543 int sig 1544 ) 1545 { 1546 int saved_errno = errno; 1547 1548 if (debug > 0) 1549 { 1550 debug--; 1551 msyslog(LOG_DEBUG, "debug lowered to %d", debug); 1552 } 1553 errno = saved_errno; 1554 } 1555 1556 # else /* !DEBUG follows */ 1557 1558 1559 /* 1560 * no_debug - We don't do the debug here. 1561 */ 1562 static RETSIGTYPE 1563 no_debug( 1564 int sig 1565 ) 1566 { 1567 int saved_errno = errno; 1568 1569 msyslog(LOG_DEBUG, "ntpd not compiled for debugging (signal %d)", sig); 1570 errno = saved_errno; 1571 } 1572 # endif /* !DEBUG */ 1573 #endif /* !SIM && !SYS_WINNT */ 1574