Interesting (to me) Compiler checking

[Hal Murray via devel]

While I was working on the extra+port stuff

I had the following code
  bool new_interface;
...
  new_interface = update_interfaces_phase1(NTP_PORT);
  if (extra_port)
new_interface |= update_interfaces_phase1(extra_port);

Note that there is no initialization on new_interface.

I wanted to reverse the order of that pair of calls.  So I just moved 2 lines 
up.  That gives this code.
  bool new_interface;
...
  if (extra_port)
new_interface |= update_interfaces_phase1(extra_port);
  new_interface = update_interfaces_phase1(NTP_PORT);

There are 2 bugs in there.  I didn't initialize new_interface and I left the 
last line as an = rather than changing t to an |=


Fedora, Debian, and Ubuntu didn't complain.  
FreeBSD complained: uninitialized variable on the |=.

The |= is working on an uninitialized variable.  But the following line 
"fixes" whatever was there.


Here is the correct code.

static bool
update_interfaces(void)
{
  bool new_interface = false;
  update_interfaces_phase0();
  if (extra_port)
/* do first so our requests are sent from extra_port */
new_interface |= update_interfaces_phase1(extra_port);
  new_interface |= update_interfaces_phase1(NTP_PORT);
  update_interfaces_phase2();
  update_interfaces_phase3();
  return new_interface;
}




-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Alternatives to port 123

[Hal Murray via devel]

Richard Laager  said:
> Why two options that do the same thing?

Thanks for asking.  I meant to say something about that.

I think the reason there are two is that I had a typo or such and couldn't get 
>extra port < to work.  After banging my head against the wall for a 
while, I gave up and added the other one.  Eventually I found the typo.

Anybody got good suggestions for what to do here?

Should we split things into two options?
Using only nts port  may not work if we have disabled NTS at configure 
time.  Do we care about that case?

I don't like adding a new top level (extra) to the config file syntax.  There 
is already tinker, but that is all (maybe just mostly) for tweaking geeky 
parameters.  I was looking for a friendly place for a new option.





-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Alternatives to port 123

[Hal Murray via devel]

I've pushed the code for alternatives to port 123.  It's working for me, but 
could use more testing.  You might hit a case I didn't consider.

There are 2 new options for the config file:
  nts port 
  extra port 
They do the same thing.  Pick one.

There are two parts.

If a server uses either, the NTS-KE step will tell the client to use the 
alterante port.  (Be sure your firewall lets that port in.)
If a client uses either, it will send requests from the alternate port.

Note that if both client and server use this feature, neither end will use port 
123 so typical filtering is very unlikely to be a problem.  That does require 
action on both ends.

---

UDP port 123 filtering is still a black art, at least to me.

If you had asked me a few weeks ago, I would have said that AT blocks traffic 
going in to UDP port 123 and traffic going out from UDP port 123.

When I tested the first try at this code, it didn't work.  I was testing with 
port 8123.  Plain NTP (48 bytes) and NTP+AES (68 bytes) from a client using UDP 
port 123 to a server on AT using 8123 worked as expected.  But NTP+NTS (232 
bytes) from port 123 didn't make it in to my server.  Sending from other than 
port 123 worked.  So I added a trivial change to send from the alternate port 
and now it works.  But note that requires changes on both ends.

(I don't know where that new filtering is happening.  It might be some ISP 
between my test client on DigitalOcean and AT)

If anybody gets data on NTP blocking/filtering, please send me details.

Note that for AT, the normal case of an NTP client goes through NAT so NTP 
isn't using port 123 and doesn't get blocked.

--

We should teach the server config stuff to allow:
  server name:port
The complication is that IPv6 literals contain colons.  So we need [] around 
the address literal.  Therer is code in libntp/decodenetnum.c that does much of 
the work, but it also does the DNS lookup so we would have to split that.  
(There is some ugly code someplace in NTS that could get cleaned up after we 
get that working.)

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Testing

[Hal Murray via devel]

Does anybody test our code on Apple?  Solaris?

Does anybody use any of the fancy interface logic?
  It's available both vie the command line and the config file.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Is anybody using/testing the interface options?

[Hal Murray via devel]

There is an option in the config file and more on the command line.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Hack for monitoring NTP servers

[Hal Murray via devel]

James Browning said:
> If you were thinking of adding way too many servers you might want to replace
> the bubble sort around lines 1709-1728 of ntp_proto.c 

That code is only sorting the servers that get used.  Anything with noselect 
got tossed back at line 1619.
if (peer_unfit(peer)) {
continue;


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Crappy testing

[Hal Murray via devel]

If you use the extra port stuff I pushed last night, port 123 stops working.

Ugh, blush.  I usually do better than that.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

extra port nnnn, nts port nnnn

[Hal Murray via devel]

I just pushed code that optionally listens on a second port.

The NTS-KE server will tell the client to use that port.
Requests going out will be from the new port.

The idea is to bypass ISP filtering on port 123.

Testing encouraged.  I've been testing with
  nts port 8123

Be sure to let traffic on that port through your firewall.

I'm pretty sure I didn't break anything if you don't use this feature.

It hasn't been tested with ethernets that get unplugged and plugged back in or 
wifi that comes and goes or laptops going to sleep...

We should tweak the code so that server foo.example.com:8123 does the obvious 
thing.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

CI is broken

[Hal Murray via devel]

I just pushed some code.  The CI stuff sent me a Failed pipeline message.


[0K[31;1mERROR: Job failed: failed to pull image "registry.gitlab.com/gitlab-or
g/gitlab-runner/gitlab-runner-helper:x86_64-v16.11.0" with specified policies 
[always]: Error response from daemon: manifest for 
registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-v16.11
.0 not found: manifest unknown: manifest unknown (manager.go:250:0s)

https://gitlab.com/NTPsec/ntpsec/-/jobs/6619973110/raw

There are 9 copies that looked the same to me.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Hack for monitoring NTP servers

[Hal Murray via devel]

If somebody feels like hacking, something like this should be fun.

The idea is to setup a ntpd server watching the servers you want to monitor.  
(noselect on the server line does that)

The new code is a program that watches that server to see if the servers to be 
monitored are responding correctly and sends you email if they aren't.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What next?

[Hal Murray via devel]

James Browning said:
>> I think we should split ntpd into several independant programs.
>> More in another message.
> I gave up on that notion; I lacked the patience to do it. 

I think we can take small steps.  Or at least some of them.


> Yeah, the IETF NTP WG shot down the notion of NTP alternative port.

It wasn't the NTP WG -- they had a draft RFC ready to go.  The group that 
vetoed it was the group in charge of rationing port assignments.



[testing config file]
> I think somewhere in the middle might be a program that takes config files
> and dumps them into some format that is easy to eyeball and machine parse. 

Internally, there is a parse tree.  But it doesn't contain the comments.

I'm not interested in that, but if you want to work on it, it might be a 
useful utility.


[testing FIPS]
> None of the CI runners support FIPS140-2 at the moment. I don't know how to
> make them either. 

There is a HOWTO-OpenSSL that tells you how to build OpenSSL from source.  
Adding enable-fips to the configure step builds/tests/installs the FIPS 
library too.

The recent FIPS discussion has a recipe for getting libssl to use it.  I 
haven't tried that step yet.


>> I'd like a script that checks the certificates.  When do they expire?
> That sounds like a simple wrapper around 'openssl x509' would work. 

I think it will be something simple like that after we do it.  I've poked 
around a few times but never ended up with anything clean.  The openssl 
command has a blizzard of options.

This just got more important for me.  I fatfingered renewing a certificate and 
a KE server stopped working.  [I did the certbot step but forgot to copy the 
new cert/key over to /etc/ntp/.]


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What next?

[Hal Murray via devel]

(I found some more notes...)


We should test the config file stuff to see that all the options at least get 
past the parser.  Better would be to actually run the code.

We should check FIPS mode.  Do any of the CI options include FIPS?
I got half way there by building OpenSSL to include FIPS mode but I haven't 
made the config file to use it.



I'd like a script that checks the certificates.  When do they expire?

I'd like a script that finds out who signed a certificate and pokes around in 
my local certificate collection and tells me a filename so I can add that to a 
server line in the config file.  The idea is to make sure that we are using 
the right root-cert rather than one from a CA that was arm twisted by your 
local repressive govt or broken into by the KBG or NSA.



I'd like some code that goes through the NTS-KE dance and prints the answer.  
Extra credit if it can request various options.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Splitting ntpd

[Hal Murray via devel]

Here are the cnhnks I have in mind:
  NTP server
  NTS-KE server

  NTP/NTS client
  refclocks

  monitoring/ntpq


I have debugged the lockclock mode so we now have a stand-alone NTP server.  
It gets the error data from the krenel.  (Or can/should.  I haven't checked 
that code.)  As just a server, ntpd is horribly bloated, but it's enough of a 
proof of concept that we can play with it.

The NTS-KE server needs to cooperate with the NTP server to get cookies.  
That's easy if they are co-packaged.  If we split them up, the KE server can 
read the cookie file and we can scp that to other machines.  It may be cleaner 
to split them when we get to paying attention to DoS-ing.


The key idea with the client side is to use threads.  Each thread would use 
its own socket.  Nobody would be listening on port 123.  That will take a lot 
of work.


I haven't thought much about splitting out refclocks.  I assume they should 
use Unix sockets to talk to the client.  We need some way for 
monitoring/debugging code to watch.  Maybe the data goes in shared memory too. 
 Or maybe the refclock opens several sockets.


For monitoring/ntpq, I think we can use shared memory.  They would be 
read-only by ntpq.  I picture ntpq running in two modes.  For starters, it 
looks directly into shared memory and only works when run on the target 
machine.  Then we split it into two parts connected via the network.

I want a simple and reliable way to update this area.  It's going to take at 
least 2 edits.  One to define the counter and one to bump it.  I picture a text 
file that gets translated into the structs for the code and also for the table 
that ntpq needs.


It isn't really part of splitting ntpd, but I think a clean sntp client will 
fit into this collection.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

What next?

[Hal Murray via devel]

Is anybody thinking about what we should be doing?


Here is my list:

Port to Windows
  Does anybody know anything about Windows?
Is there a decent POSIX environment?
How well does waf work on Windows?
  We can get the magic code from ntp-classic.

I think we should split ntpd into several independant programs.
  More in another message.

I think we need a good SNTP client.  Something like the old ntpdate.
  I'm looking for a clean example.
  This would be a good opportunity to experiment with Go and/or Rust.

Getting off the ground.
  There is a chicken-egg problem with getting started when using NTS.  TLS 
needs the time to check certificates.  I think we can do something like skip 
the date part of certificate checking, then come back and see if the 
certificates pass the date-check after we have a candidate date.

Alternate port for use with NTS.
  There is a lot of blocking/filtering on port 123.  NTS-KE includes 
specifying the port to use.  We should be able to listen on another port too.  
I haven't looked carefully.  This feels like medium complexity.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

FreeBSD is phasing out support for 32 bit systems

[Hal Murray via devel]

Future of 32-bit platform support in FreeBSD

FreeBSD is deprecating 32-bit platforms over the next couple of major
releases.  We anticipate FreeBSD 15.0 will not include the armv6,
i386, and powerpc platforms, and FreeBSD 16.0 will not include armv7.
Support for executing 32-bit binaries on 64-bit kernels will be
retained through at least the lifetime of the stable/16 branch if not
longer.  (There is currently no plan to remove support for 32-bit
binaries on 64-bit kernels.)


Whole thing:
  https://lists.freebsd.org/archives/freebsd-announce/2024-February/000117.html


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [mailop] Why is mail forwarding such a mess?

[Hal Murray via mailop]

m...@dorfdsl.de said:
> Bypassing spam checking would make spammers use exactly that way to send
> spam. 

Sorry I wasn't clear enough.

My "handshke to set things up" was meant to keep out spammers.

The idea was that the final receiving MTA would know that it was expecting 
forwarded mail for user@domain from a set of IP addresses.

I was picturing something like:
  user goes to final MTA and says I want you to accept forwarded mail for me 
from example.com
  then he goes to example.com and says "please forward my mail to 
m...@final.com"
example.com would then contact final.com and say "OK if I forward me's mail to 
you?"
If yes, then example.com says "Here are the IP addresses I use for 
forwarding"


-- 
These are my opinions.  I hate spam.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Why is mail forwarding such a mess?

[Hal Murray via mailop]

I expect that there would be a protocol to handle it.  I can't be the only one 
who has thought of this.  After a handshke to set things up, the sender adds a 
forwarding header and the receiver verifies that a forwarded message is coming 
from an allowed IP Address then bypasses spam checking for that message.  (but 
not phish/malware checking???)

Is there a technical reason why something like that doesn't work?  Or some 
economic/policical reason why too many key players aren't interested?

-- 
These are my opinions.  I hate spam.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: RIP Dave Mills

[Hal Murray]

Word got out a week ago with a message from Vint cerf to the internet-history 
list.

The thread Vint started is here:
  https://elists.isoc.org/pipermail/internet-history/2024-January/009265.html

Vint is collecting anecdotes here:

Many good stories...  So much more than NTP.



-- 
These are my opinions.  I hate spam.

FYI: Dave Mills has passed away

[Hal Murray via devel]

On Thu, Jan 18, 2024 at 08:35:14PM -0500, vinton cerf via Internet-history 
wrote:
> His daughter, Leigh, just sent me the news that Dave passed away peacefully
> on January 17, 2024. He was such an iconic element of the early Internet.
> Network Time Protocol, the Fuzzball routers of the early NSFNET, INARG
> taskforce lead, COMSAT Labs and University of Delaware and so much more.
> 
> R.I.P.
> vint
> -- 
> Internet-history mailing list
> internet-hist...@elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

[mailop] Displaying logos

[Hal Murray via mailop]

Robert L Mathews said:
> I hope nobody creates MUA features that show non-BIMI logos in the same space
> as BIMI logos (or that make it difficult for users to notice the difference,
> such as a tiny padlock superimposed on it sometimes). 

Superimposing something to indicate validity won't work.  The bad guys can 
just use a "logo" with that mark already installed.

It might work to put a gold border around checked logos and a black/red dashed 
line around non-validated logos.

Another possibility would be to differentiate by size, shape, or location.



-- 
These are my opinions.  I hate spam.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: Addressing the Python 2, AsciiDoc classic, and AsciiDoc 3 tangle

[Hal Murray via devel]

I have no strong opinions on this area.

I won't grumble if our doc stuff doesn't build on Python2 as long as we have a 
copy of the doc on the web.  Or somebody who really wants their own can build 
it on a more modern system and copy the files over.





-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: NTPsec 1.2.3 released

[Hal Murray via devel]

Fred Wright said:
[context is my reply to the released message.]
> For some reason the antecedent to this message wasn't sent to the list,
> though I'd noticed the release by checking the repo. 

My copy was sent to:
  Subject: NTPsec 1.2.3 released
  From: Matthew Selsky via announce 
  Date: Sun, 31 Dec 2023 06:50:59 + (Sat 22:50 PST)
  To: , , 

I'm on all 3 lists but only got one copy to announce.

It's in the announce archives, but not users or devel.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: NTPsec 1.2.3 released

[Hal Murray via devel]

Thanks.


and thanks to all who contributed and tested.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

[LEAPSECS] UT1 offset

[Hal Murray]

>>> . Please keep DUT1 less than 100 seconds.
>> They /really/ dont want to ever see a leapsecond or leapminute, do they ?
> I'd love for them to have 6 digits for the offset..  .99.

Why try to make that field big enough?  Why not just drop it?

Who uses DUT1 via radio?  Who will be using it 50 years from now?

Is it needed for anything other than navigation and astronomy?  I assume 
astronomers will have a network connection.  Do ships listen to WWV or similar 
to get DUT1?

How many ships are big enough to need DUT1 for navigation yet small enough 
that they don't have GPS?


Another option would be to drop the high digits.  Fill them in with firmware 
the same way that software now fixes GPS WNRO glitches.  (That would take an 
extra line of code if you have to go both forward and backward.)  2 digits of 
seconds would be good for 50 old-leaps either way.  Or you could make it 75 
one way and 25 the other...

-

I poked >Who uses DUT1?< into Google.

It found:
  https://www.ucolick.org/~sla/navyls/0907.html
  Who uses DUT1?
  From: Tom Van Baak 
  Date: Sat, 30 Jul 2005 10:18:42 -0700

The by-thread index doesn't show that thread.  Google found Steve Allen's 
reply.
  https://www.ucolick.org/~sla/navyls/0900.html
  Re: Who uses DUT1?
  From: Steve Allen 
  Date: Sat, 30 Jul 2005 23:31:52 -0700
Both are in the by-date index.

Steve discussed astronomy and navigation.


-- 
These are my opinions.  I hate spam.



___
LEAPSECS mailing list
LEAPSECS@leapsecond.com
https://pairlist6.pair.net/mailman/listinfo/leapsecs

Re: Regression in OpenBSD

[Hal Murray via devel]

>> Please say more about your Mac patches?
> The patches come in two categories:
> Fallback for missing clock_gettime() and clock_settime().

My copy of OpenBSD 7.4 has clock_gettime() and clock_settime().
So we can take the first step without changing that area.


The timex stuff will be a bit more complicated.  They have something to set the 
drift.  I forget what it is called.What ntp_adjtime() does is kick the 
drift by 500 PPM for as long as it takes to make the target adjustment.  We can 
fake that.  It won't be as good as as doing it in the kernel.  It will be fun 
to measure.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Regression in OpenBSD

[Hal Murray via devel]

Let's put that stuff on the back burner until the release is out.


> Ntpsec doesn't fully support OpenBSD anyway, due to the lack of "timex"
> (though my Mac patches fix that), and the fact that OpenBSD provides
> LibreSSL rather than OpenSSL, but the 1.2.2a "Mac" version did build with
> --disable-nts. 

Please say more about your Mac patches?  Does ntpd work?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Missing clockwork

[Hal Murray via devel]

James said:
> It sounds like a race condition in our wscript files or waf. How willing are
> you to sink time into this, I think it's a losing proposition. 

I've got a --jobs=1 in my script.  That was added to make sure the printout 
was easy to read when there were compiler errors.

I'm willing to invest some time on this but I don't have any ideas on what to 
do.

Note that it was building 3 copies of clockwork
  [  1/137] Compiling libntp/clockwork.c
  [  2/137] Compiling libaes_siv/aes_siv.c
  [  3/137] Compiling libntp/clockwork.c
  [  4/137] Compiling libntp/clockwork.c
I only expect 2
  ./test-classic/main/libntp/clockwork.c.2.o
  ./test-doc/main/libntp/clockwork.c.1.o
  ./test-doc/main/libntp/clockwork.c.2.o
  ./libntp/clockwork.c


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Missing clockwork

[Hal Murray via devel]

Anybody recognize this?  I've seen a missing file once before.  I think it was 
clockwork.??

It works if I try it again.

Waf: Entering directory `/home/murray/ntpsec/raw/test-all/main'
--- PYTHONPATH is not set, loading the Python ntp library may be troublesome 
---
[  1/137] Compiling libntp/clockwork.c
[  2/137] Compiling libaes_siv/aes_siv.c
[  3/137] Compiling libntp/clockwork.c
[  4/137] Compiling libntp/clockwork.c
[  5/137] Compiling libntp/ntp_endian.c
[  6/137] Compiling libntp/macencrypt.c
[  7/137] Compiling libntp/isc_net.c
[  8/137] Compiling libntp/isc_interfaceiter.c
[  9/137] Compiling libntp/initnetwork.c
[ 10/137] Compiling libntp/getopt.c
[ 11/137] Compiling libntp/timespecops.c
Waf: Leaving directory `/home/murray/ntpsec/raw/test-all/main'
Build failed
-> missing file: '/home/murray/ntpsec/raw/test-all/main/libntp/clockwork.c.1.o'


[murray@hgm raw]$ find . -name clockwork*
./test-all/main/libntp/clockwork.c.1.o
./test-minimal/main/libntp/clockwork.c.1.o
./test-minimal/main/libntp/clockwork.c.2.o
./test-classic/main/libntp/clockwork.c.1.o
./test-classic/main/libntp/clockwork.c.2.o
./test-doc/main/libntp/clockwork.c.1.o
./test-doc/main/libntp/clockwork.c.2.o
./libntp/clockwork.c
./hgm/main/libntp/clockwork.c.1.o
./hgm/main/libntp/clockwork.c.2.o
./test-default/main/libntp/clockwork.c.1.o
./test-default/main/libntp/clockwork.c.2.o


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Release

[Hal Murray via devel]

Fred Wright said:
> I also stumbled across something (which may not be new) where it appears
> that if libaes_siv is installed as a system library, it's preferred over the
> bundled version.  That probably doesn't change the actual behavior, but may
> lead to opportunistic builds. 

That seems worth fixing.

I don't think we should hold up the release unless somebody fixes it in the 
next day or two.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Release

[Hal Murray via devel]

Fred Wright said:
> The main issue I've found is that the "struct var" in ntp_control.c, is
> relying on anonymous unions, which are a relatively new language feature.

That is my attempt at getting a sane procedure for adding slots to the table.  
The old scheme required coordinated edits in several places and there was no 
checking that you got them right.

> Turning the "p_" and "p2_" prefixes into names of the union instances  seems
> fairly reasonable (e.g., "p_time" becomes "p.time"), but would  require
> changing the initializers.  I'd be willing to look into that if  I'm not
> wasting my time.

I think I just fixed that.  I'll push in a while after more local testing.


> There are also a bunch of warnings with some compilers, which might be  worth
> looking at.  They're often fairly easy to fix, and sometimes indicate actual
> problems. 

Which compilers?  Or rather which OS/distros?

Can we set things up so that the gitlab CI stuff tells us about warnings?

James suggested adding the compiler flag that turns warnings into errors.  
That won't work on the old old version of Bison that has a missing default or 
something like that.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

[NNagain] Starlink

[Hal Murray via Nnagain]

Frantisek Borsik said:
> The only way to deliver it to them in a reasonable timeframe is Starlink. 

What sort of bandwidth/latency do I get from Starlink if I'm the only user in 
a large area?

The spectrum is shared.  Does the bandwidth per user go down as more users in 
the antenna footprint become active?  How many users per square mile/km can 
Starlink support at the current target bandwidth?  ...

What fraction of the country is rural enough that it won't get fiber?  How 
much of that is sparse enough so that Starlink will work?

What should I be asking?


-- 
These are my opinions.  I hate spam.



___
Nnagain mailing list
Nnagain@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/nnagain

Re: Certificate geekery

[Hal Murray via devel]

Thanks.

> If that's a thing you want to do on your system, you can. IMHO, it's not
> something that we particularly need to promote, nor would I find it
> desirable operationally. If my NTP server changes their CA provider,  then I
> won't be able to talk to them any more until I take manual action  to adjust
> the pin. 

I was assuming there would be a script that would do the work, say run as a 
cron job.  Probably send you email so you can do the actual edit.


> Yes, that's how the CA ecosystem works. That is absolutely a threat.  Keep in
> mind that if a CA gets caught doing that, they will get the CA  death
> penalty, ending their money printing business.

Some CAs are run by governments.  That area gets messy.

There was a news item recently (month or 3??) about a Russian social media 
server located in a German cloud provider that got MITM-ed.  The bad guys got 
a Let's Encrypt certificate.  They could do that by just stealing the IP 
Address for a few minutes which only takes one insider at the hosting service.

Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
  https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.htm
l

I can't tell how paranoid to be.  It would be nice if we didn't depend on all 
the root certificates.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What does gitlab's "Successful pipeline" mean?

[Hal Murray via devel]

James said:
> Maybe we should add -Werror or such to CFLAGS.

Sounds like a good idea to me.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

What does gitlab's "Successful pipeline" mean?

[Hal Murray via devel]

Does that mean no warnings?

If not, how are we expected to learn about code that generates warnings on 
obscure systems?



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Any Coverity wizards?

[Hal Murray via devel]

I expect the comment on the previous line to tell Coverity to not complain 
about this case.

Is there a typo or such that I'm missing?

149/* coverity[checked_return] */
  CID 462307 (#1 of 1): Unchecked return value (CHECKED_RETURN)
  15. check_return: Calling CMAC_Update without checking return value (as is 
done elsewhere 5 out of 6 times).
150CMAC_Update(cmac_ctx, data, (unsigned int)datalen);

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Release

[Hal Murray via devel]

> I'll aim to release ~15-Dec-2023

Sounds good.  Thanks.


> I'm thinking about AES becoming the new default for ntpq, etc.

I got a few a day or so ago.  I missed that one.  I'll get it tonight.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: How does the parser work?

[Hal Murray via devel]

James said:
>The host phase of Waf build generates tablegen which in turn generates
>keywords.h IIRC. I have no idea how the internals work.

I took a look at the code.

It looks like there are 2 tables of keywords, one in ntp_keyword.h (build by 
keyword-gen) and another in ntp_parser.y.  Because the tokens in each table 
look so similar, my brain jumped to the conclusion that they were parallel.  
Wrong.

The values of the corresponding tokens are different.  I don't know how the 
values from the keyword table get translated into parser values.

The parser table also has a few extra entries like integer and string.


keyword.h is more than just a list of keywords.  It's also table/tree of steps 
along the way of recognizing a keyword:
  S_ST( 's',3,  675,   422 ), /*   674 tru   */
  S_ST( 't',3,  676, 0 ), /*   675 trus  */
  S_ST( 'e',3,  677, 0 ), /*   676 trust */
  S_ST( 'd',3,  678, 0 ), /*   677 truste*/
  S_ST( 'k',3,  679, 0 ), /*   678 trusted   */
  S_ST( 'e',3,  423, 0 ), /*   679 trustedk  */


Anyway, I think extra "keywords" in the parser table are just useless.  The 
parser will never get there because the keyword table doesn't know about them.

When we run out of better things to do, we should make a config file that uses 
all the keywords so we can make sure they work and are all useful.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [chrony-dev] Chrony and leap-second table expiration

[Hal Murray]

mlich...@redhat.com said:
>> * If Chrony reads leap-seconds.list should it also look at the
>> leap second expiration and reject old files?
> As currently chrony works, there would be no functional difference between
> rejecting old file and using old file unless someone was interested in
> replaying old leap seconds. 

If you know that the data in the file covers "now", you can ignore the 
leap-pending in NTP packets from servers.

If you know that the file has expired, you can keep track of leap-pending from 
servers and if you get more than x% or more than N (that agree) you can 
believe that a leap will happen soon and pass that to the kernel.



-- 
These are my opinions.  I hate spam.




-- 
To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" 
in the subject.
For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the 
subject.
Trouble?  Email listmas...@chrony.tuxfamily.org.

How does the parser work?

[Hal Murray via devel]

ntp_parser.y contqains:

%token T_Tinker
%token T_Tlsciphers
%token T_Tlsciphersuites

I'd expect those tokens to come from the keywords header file.
But tlsciphers isn't in the keyword list.
tlscipehrswuites is in the list.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Asciidoc question

[Hal Murray via devel]

What does the $$ after the +aga+ do?

|+year+|One generation file element is generated per year.
The filename  suffix consists of a dot and a 4 digit year number.
|+age+$$   |This type of file generation sets changes to a new element 
of
the file set every 24 hours of server operation. The filename


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Release

[Hal Murray via devel]

Gary said:
> DO you have an account on: https://scan.coverity.com/
> If so, I think I can add you to the project. 

Thanks.  I think i worked.

How does their stuff work?  How often do they check NTPsec?
  Or what should I be asking?
How much mail should I expect?  ...

There are 3 Coverity quirks.  I'll go fix the filegen one.

Should I push the fix?  That will require more testing.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Release

[Hal Murray via devel]

Gary said:
> Uh, not quite.  Check the Coverity stuff.

How do I do that?

I'd expect something to send me email but I don't remember anything about 
Coverity.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Certificate geekery

[Hal Murray via devel]

I'm working on devel-TODO-NTS.  (mostly deleting things)

Currently, if a bad guy hacks or arm-twists a certificate authority, they can 
sign a certificate that the bad guy can use for a MITM attack.

We can make that a lot harder if we lookup the current root certificate that a 
server is currently using, find that certificate in a system's root cert 
collection, and add a ca xxx to the server line.  That doesn't take any 
changes to ntpd.

It needs some script hacking.  I think the openssl command can handle much of 
the details.

Is that called pinning?  If not, is there a term for it?
Wiki has a page for a related proposal: 
  https://en.wikipedia.org/wiki/Certificate_pinning

Is this interesting?

Anybody interested in writing that script?

--

There is another tangle with verifying certificates.  OCSP
Is that interesting?
  https://en.wikipedia.org/wiki/OCSP



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Release

[Hal Murray via devel]

I think you should release what we have as soon as it is convenient.

There are many more things I would like to include but we aren't making much 
progress so it's time to do it.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [mailop] salesforce phishing emails

[Hal Murray via mailop]

Giovanni Bechis said:
> I maintain an ESP rbl that includes SalesForce bad customers,

How well does that work?

This month, I have 6 copies of the same crap:
  After reviewing your company's profile, we believe that
  your knowledge and experience will be beneficial to the
  projects that ARAMCO is working on in this 2023 and 2024 session

Another one in Sep.

All from Salesforce.  All different vendors.

All sent to an address that hasn't sent anything for 2 years but was/is on 
lots of spammer lists.

Just in case anybody isn't sure, I don't have a company and I don't know 
anything about the oil business.


-- 
These are my opinions.  I hate spam.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [Git][NTPsec/ntpsec][master] Fix mode 6 client to round up to 4 bytes (was 8)

[Hal Murray via devel]

> Does the comment on line 880 also need to be updated?

Good catch.  Thanks.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Documentation tangle

[Hal Murray via devel]

We have a mix of man pages and web pages.

I think all the man pages have a web version generated from the same source.  
There are some/many web pages without the corresponding man page.

Debian includes the web pages in ntpsec-doc

Fedora doesn't have a separate doc package for ntpsec.
Their ntpsec package includes the man pages but not the web pages.

I haven't checked what FreeBSD does.

What should we do if a man page wants to refer to a html only page?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: I/we need a lesson in git and/or gitlab and/or merge requests

[Hal Murray via devel]

Fred Wright said:
> In general, it's a good idea to read an actual book on git, rather than
> trying to understand it purely through manpages.  The one I used (almost a
> decade ago) is this one:

>   https://www.amazon.com/gp/product/1449316387/ 

Thanks.  I like books.

There is a 3rd edition out now.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [NNagain] Fwd: separable processes for live in-person and live zoom-like faces

[Hal Murray via Nnagain]

rjmcmahon said:
> The human brain is way too complicated to make simplified analysis like  this
> is the latency required. It's a vast prediction machine and much,  much more.

I agree that the brain is very complex, but it isn't a total mystery.  We can 
measure some things and work out some timing requirements.

Examples:

Movies/TV have a minimum frame rate to avoid flicker.

Phone systems have a max round trip latency.
(I think back in the days of satellites, they decided that one sat link was OK 
but 2 was too long.)

You can measure the time to push a button after a light goes on.
That's tangled up with hand/eye coordination for catching a ball or using a 
mouse.


I get (slightly) annoyed by the delay when news shows switch to a (very) 
remote reporter.

I see no reason why a latency requirement couldn't be worked out for something 
like a Zoom meeting.


-- 
These are my opinions.  I hate spam.



___
Nnagain mailing list
Nnagain@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/nnagain

SHA1 or SHA-1?

[Hal Murray via devel]

I'm looking into making our documentation consistent.

NIST and Wikipedia use SHA-1.

Ages ago. ntpkeygen used SHA1.

OpenSSL seems to prefer SHA1, but it has an alias for SHA-1.


To list the digests:
  openssl dgst -list


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

I/we need a lesson in git and/or gitlab and/or merge requests

[Hal Murray via devel]

Merge requests seem reasonable if all goes well.  My work flow is roughly:
  download the patch  (URL plus ".patch")
  scan it
  maybe apply and test
  approve and merge

But things go downhill if I don't like something.  What I get from James is an 
update to the MR, a patch to the patch.  That makes reading/checking the patch 
harder and clutters up the git log.

What if I don't like the description of a patch?

Merge has an option to reduce all the patches to one.  But often that isn't 
appropriate.


git works so well for most things.  I think I/we are missing something in the 
workflow.


Should we be throwing away merges and making new ones rather than patching 
them?

How do I backup a bunch of commits that turned into a MR so I can make them 
better and try again?

I'm on a list or two where patches are distributed via email.  git has several 
commands for that.  Iterations usually have a v1 v2 ... as part of the 
Subject.  Often individual parts will be approved.  It's a lof of clutter in 
the email stream but the discussion gets archived in email rather than hidden 
over in a MR.

Is there a way in gitlab to approve only one of the patches rather than all of 
them?  I think I could do that by downloading the patch which is several email 
messages, editing out the one I want...  Again, if that was the right thing to 
be doing, I'd expect git to support it which it probably does if you use their 
email mode.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Time for a release?

[Hal Murray via devel]

Is updating PIVOT.h on your checklist and/or should I update it now while I/we 
think of it?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Time for a release?

[Hal Murray via devel]

> What sort of testing did you have in mind?

Nothing in particular.  We haven't had a release in a while so I hope 
everybody will run git head and keep an eye out for glitches, make sure their 
favorite toys work as expected, double check log files, etc...

> Any specific doc cleanup?

Our doc always seems to need work.

On my list was making sure it mentioned mssntpinfo.  When I took a quick look 
at the man page, I got distracted with multicast/broadcast stuff.

> Here are the open issues the caught my eye:
> https://gitlab.com/NTPsec/ntpsec/-/issues/806

I think we should fix that.  Or at least try.  It sounds like a bug in 
ntp_control.  I just tried rv xxx for some xxx that was a reasonable assid.  
It didn't print any garbage.  Anybody got a handy test case?

Looking at the code...
It fills a buffer with 8 " %.2f", then calls the routine that prints that as 
name=value.
That won't work with spaces in there -- well, maybe it will, but it depends on 
what the parser in ntpq does.  I'd expect it to call the routine that prints 
it as name="value".  But I don't know what ntpq is doing...  We should print 
that stuff in a nice table.


> https://gitlab.com/NTPsec/ntpsec/-/issues/802 (is this resolved with our
> latest FIPS changes, and do we have an environment to test it?) 

I think it is fixed.  I don't think we have any way to test it.
Google says maybe we can get CentOS into FIPS mode, but maybe that only works 
for a particular version of CentOS...


> Are we able to use our ntpq to probe *cast fields on other
> ntp daemons that support it? If so, leave it in.

If you point ntpq -p at a Mills/classic box, it might be configred with a 
*cast slot or a peer slot.  If so, our ntpq would print something in the t 
column that you can't get from our servers.

Plan 1 is to move the stuff I don't like to a footnote.

Plan 2 is to fix the codes in the t column to be sensible for our use.  The 
old use is "s" for symmetric (aka peer) and "u" for unicast (aka normal 
server).  I'd like to see "s" for server and "p" for a pool host.  (That would 
make the footnote a bit bigger.)  But "p" is already used for the pool slot.  
We could change that to P or people could notice the POOL in the refid slot.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Time for a release?

[Hal Murray via devel]

The last time this was suggested, I encouraged waiting until we fixed mssntp.  
Well, I think we have it fixed but we haven't found anybody to test it.

So I think it's time to get ready for a release.

Time for lots of testing.  And documentation checking/cleanup.

Does anybody have any features that should or must go in or bugs we should fix?
(I haven't looked through issues yet.)


What is the policy on ntpq documentation?  We have tuned the code for use with 
our version of ntpd, but it still mostly(?) talks to the old Mills/classic 
version.  I noticed lots of references to multicast and broadcast in the man 
page.  We removed the code that supported that stuff ages ago.  The *cast 
references are now clutter if you are interested in our code, but might be 
relevant if you are looking at an old old system.  Should we leave the *cast 
documentation in or clean it out?

I have 3 hacks that were used to debug talking to Samba.  Is a subdir under 
attic a reasonable place for them?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

[NNagain] Spam filtering

[Hal Murray via Nnagain]

[Was Amtrack]


> 2) I could get mad that I figure 80% of this new email list is vanishing into
> spam boxes.


> What of the 10s of thousands of other emails that have come over the years
> not just from lists.bufferbloat.net but from people trying honestly to
> communicate? 

There is/was a good discussion of all the good things that network geeks have 
done.

How about discussing the things they haven't done?

Spam would be pretty high on my list.  It's tangled up with (in)security -- a 
lot comes from infected systems or phished accounts.

The current approach to spam is cost shifting.  If you don't pay for your 
abuse desk, the crap that you send or phishing sites you host..., means that 
the rest of the net has to spend more on defense.

Anybody remember Spamford Wallace?  He was going to setup a spam friendly ISP. 
 Nobody would connect to him.  I wonder what would happen if a few ISPs that 
host a lot of abuse had  more troubles getting connected to the net.  Would a 
few well publicized examples be enough to spread the word?



High on my list would be dis/mis-information.  The business model seems to be 
to show customers things that will keep them online so you can show them more 
ads.  Gues what does that?

Is this also cost shifting?  It's society as a whole that has to pay for the 
disruption caused by bogus information.


-- 
These are my opinions.  I hate spam.



___
Nnagain mailing list
Nnagain@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/nnagain

Re: What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

Found it.  systemd sets up separate /tmp for some services.



Features/ServicesPrivateTmp
  https://fedoraproject.org/wiki/Features/ServicesPrivateTmp

Run some services started by systemd with a private /tmp directory. This would 
mitigate the chance of a service making a mistake with how it handles its /tmp 
data allowing a user on the system to get a privilege escalation, since users 
would not have access to the services /tmp directory.

Poking around finds these:
/var/tmp/systemd-private-2c3b3b4c2ab247d6818605b23cd9d8a8-ntpd.service-oWq0lA/t
mp
/tmp/systemd-private-2c3b3b4c2ab247d6818605b23cd9d8a8-ntpd.service-2VABCf/tmp

Both are empty.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

matthew.sel...@twosigma.com said:
> Are you running ntpd with --jaildir (or -i) or some chroot-like
> functionality? 

Not that I know of.
Oct 18 23:17:42 hgm ntpd[16099]: INIT: Command line: /usr/local/sbin/ntpd -g 
-N -u ntp:ntp


But systemd might be doing something like that without telling me and/or it is 
telling me but I don't know where to look.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

Gary said:
> Notice the "nodev"?
> From "man chmod":
>nodev
>Do not interpret character or block special devices on the
>filesystem. 

It works fine from my test program.  What's different about ntpd?

Is a UNIX socket (fifo?) a special device?
When I see "device", I think of the stuff in /dev/



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

devel@ntpsec.org said:
> Can you provide:
> ~ $ ls -ld /tmp drwxrwxrwt 12 root root 580 Oct 19 11:00 /tmp

srwxrwxrwx  1 murray murray   0 Oct 18 20:51 /tmp/fake-samba-socket/socket
drwxrwxrwx  2 ntpntp 60 Oct 18 20:51 /tmp/fake-samba-socket/
drwxrwxrwt 19 root   root   500 Oct 19 13:19 /tmp/

Changing the owner to ntp didn't make any difference.

> And:
>  ~ $ mount | fgrep /tmp tmpfs on /tmp type tmpfs (rw,nosuid,relatime,size=3D20
> 97152k) 

tmpfs on /tmp type tmpfs (rw,nosuid,nodev,nr_inodes=1048576,inode64)


We may be shooting ourselves in the foot.  There is a lot of stuff in 
ntp_sandbox.  When we droproot, we retain privs for setting the clock.  Is 
there a priv for accessing /tmp/?  I just scanned the list in the 
capabilities(7) man page and didn't see anything but I could easily have 
missed something.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

matthew.sel...@twosigma.com said:
> Are you using selinux or something that would prevent access to /tmp?

I have  selinux=0 and audit=0 on the kernel command line.

What sort of rule would keep ntpd from seeing /tmp/ and where would that sort 
of rule live?

Is this something from systemd?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

What's magic about /tmp/? ntpd can't find UNIX socket

[Hal Murray via devel]

I'm working on MS-SNTP.  I have some hack programs that should help exercise 
all the code.  [We should have done this ages ago.]

I put James's patches into my server and tweaked the config.

I put the samba socket in /tmp/
ntpd couldn't see it.  My test programs work fine.

18 Oct 20:52:00 ntpd[5671]: SIGND: can not connect socket 
'/tmp/fake-samba-socket/socket': No such file or directory

What's magic about ntpd and /tmp/?
I'm running on Fedora.

It works when I move the socket to /home/murray/, but I was trying to keep my 
name out of it so somebody else could run my hacks without any edits.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Too many merge requests

[Hal Murray via devel]

James said:
> MR 1333 should address the issue where every response in an mssntp-restricted
> subnet gets lost in ntp_signd.

Is there any reason to approve it now when we don't know if it works yet?

Are all the changes inside an #ifdef?  (and thus unlikely to break normal 
operations)


> MR 1331 addresses several issues with ntpdig and MAC handling. 

I hate big python programs.  It would be nice if somebody else took a look at 
that one.


> MR 1325 holds lost patches.

What does "lost patches" mean.? If they are useful, it will be much easier to 
approve them if they are split up -- one problem will hold up the whole 
collection.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [NNagain] Internet Education for Non-technorati?

[Hal Murray via Nnagain]

Jack Haverty said:
> A few days ago I made some comments about the idea of "educating" the
> lawyers, politicians, and other smart, but not necessarily technically
> adept, decision makers.

That process might work.

Stanford has run programs on cyber security for congressional staffers.

From 2015:
Congressional Staffers Headed to Stanford for Cybersecurity Training
https://cisac.fsi.stanford.edu/news/congressional-staffers-headed-stanford-cybe
rsecurity-training



> Today I saw a news story about a recent FCC action, to mandate "nutrition
> labels" on Internet services offered by ISPs:

Is there a chicken-egg problem in this area?

Suppose I had a nutrition-label sort of spec for a retail ISP offering.  How 
would I know if an installation was meeting the specs?  That seems to need a 
way to collect data -- either stand alone programs or patches to existing 
programs like web browsers.

Would it make sense to work on those programs now?  How much could we learn if 
volunteers ran those programs and contributed data to a public data base?  How 
many volunteers would we need to get off the ground?


Could servers collect useful data?  Consider Zoom, YouTube, gmail, downloads 
for software updates...



-- 
These are my opinions.  I hate spam.



___
Nnagain mailing list
Nnagain@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/nnagain

Re: mssntp option breaking time service: tester(s) wanted

[Hal Murray via devel]

Google found this:

[MS-SNTP]: Network Time Protocol (NTP) Authentication Extensions
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-sntp/8106cb73-
ab3a-4542-8bc8-784dd32031cc

Which links to:

[MS-SNTP]:
Network Time Protocol (NTP) Authentication Extensions
https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SNTP/
%5bMS-SNTP%5d.pdf
54 pages.

It has lots of details, but I've only skimmed it.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: mssntp option breaking time service: tester(s) wanted

[Hal Murray via devel]

Does anybody have details on how MSSNTP signing works?

If we can find that, we can write some POSIX code to test things.

There is a link in ntpd/ntp_signd.c
  http://msdn.microsoft.com/en-us/library/cc212930.aspx
But I didn't find anything interesting there.  (Maybe my browser was filtering 
something.)

We still need to test with real Windows at least once to make sure our test 
code does the right thing.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: I just pushed ntsstats and ntskestats

[Hal Murray via devel]

> After glancing at the tops and bottoms fo some of the HTML docs, I think I
> have some issues to correct.

I think the last line of the man pages used to have the version number.  I'm 
not seeing that now.

Is that because I'm doing something special to get the date in the version 
string ( --build-desc=xxx to waf) or did that fall throug the cracks somehow?  
(Or was it my imagination?)



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: I just pushed ntsstats and ntskestats

[Hal Murray via devel]

>I am willing to break out some instant expert credentials on this until
>someone better shows up. 

Thanks.

>I will take a look at it. Would you like a single or double-line 'box' 

I have a slight preference for double, but it doesn't really matter.

I've seen some example with double on the left bar and single on the 
top/bottom.
That was probably the web version.

--

I thought I send in an Issue but can't find it...

Please check the bottom few lines on the man pages.  At least one of them 
didn't get updated to use our trailer stuff and still has the Mills version.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

I just pushed ntsstats and ntskestats

[Hal Murray via devel]

There was a request for ntpviz to show NTS traffic.  We now have the log files 
to make that possible.

Any documentation wizards?

Please look at the indentation around the info for the *stats options in both 
the man page for ntp.conf and the html pages for ntp_conf and monopt.

The web pages have a box around the sample lines for the log file.  That's 
missing from the man pages.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Testing -4 and -6

[Hal Murray via devel]

Does anybody have a recipe (or pointer to one) for how to get a system running 
without any IPv6?

I want something such that isc_net_probeipv6_bool() will return false.

Do we have to build our own kernel with some config variable turned off?
Or will just not configuring any IPv6 interfaces be good enough?

Same for IPv4.

The code for isc_net_probeipv6_bool is slightly different from that for 
isc_net_probeipv4_bool.  I didn't go down that rathole.  It looks like 
somebody may be assuming that some or all of IPv4 always exists.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Tangle with -4 and -6

[Hal Murray via devel]

-4 and -6 work on the server line in ntp.conf but are not documented

-4/ipv4 and -6/ipv6 "work" on the command line, but they don't do what the 
documentation says.  The man page says:
   Force DNS resolution of following host names on the command line to
   the IPv4 namespace.
What they do is turn off setting up sockets for the other protocol.

I'm not sure what the NTS server does if, say, the system doesn't support IPv6 
when it tries to listen on an IPv6 address.

--

The network side sets up two flags: ipv4_works and ipv6_works
The command line -4 and -6 flags turn off the other _works flag.

I wrote the DNS code for both server/pool and NTS.  I don't remember how the 
-4/-6 options work (and a quick look didn't refresh my memory).  I don't 
remember ever checking the above flags or thinking about doing it.

Note that there are 2 DNS lookups on the NTS path, one for the NTS-KE server 
and another if the server returns a name/address rather than using the default 
of the same address as was used for the NTS-KE lookup.

I'm pretty sure the command line processing doesn't do any DNS lookups.
It roughly adds a server line, and does a DNS lookup with the constant-only 
(no net traffic) flag so that slot won't get delayed behing a real DNS lookup 
that is skow.

--

I think we should clean up this area.  That includes:

Making sure DNS lookups don't use an address for a disabled protocol.

Add enable/disable -4/ipv4 -6/ipv6 to ntp.conf
Note that these will have a backwards meaning from the -4 on the command line.
  -4 on the command line <=> disable -6


Does this make sense?
Am I missing anything?

This will take a lot of testing.



We should move the command line code in config_peers to that checks for a 
numeric address to the main processing loop.
 

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Windows time scrambling (from the TZ list)

[Hal Murray via devel]

"Windows feature that resets system clocks based on random data is wreaking
havoc."

https://arstechnica.com/security/2023/08/windows-feature-that-resets-system-clo
cks-based-on-random-data-is-wreaking-havoc/




-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Go GC

[Hal Murray via devel]

Gary said:
> Avoiding creating garbage is hard.

In general, yes.  But the inner loop of the server side is not very 
complicated.

The APIs that I'm looking at are read-into-my-buffer rather than return a new 
buffer that needs to be GCed.

I think it's worth some effort to investigate this area.  I'm prepared to give 
up if we find a fatal problem.  Again, I'm assuming that we split ntpd into 
client and server parts so all we have to work on is the server half.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Go GC

[Hal Murray via devel]

Gary said:
>James Browning via devel  wrote:
>> It would appear there is a way to turn off GC under runtime/,
> How?  Link? 

https://pkg.go.dev/runtime/debug#SetGCPercent

It's not clear to me how to take advantage of that.  You still have to turn it 
on occasionally or your world will fill up with garbage.

I poked around a bit.  I'm pretty sure that we can write a server that doesn't 
generate any garbage when processing a normal client request.  The APIs for 
recvmsg/sendto don't allocate anything.  If we split ntpd into client side and 
server side, I think we can write the server code such that the GC never runs. 
 Or maybe never needs to run and we have to explicitly tell it not to bother 
trying.

Logging stuff would probably generate garbage.  The server side doesn't need 
to do that.


Gary said:
> Hal said:
>> There are lots of ways to inject timing bumps before we get to
>> garbage collecting.  cache, scheduler, interrupts, CPU speed, ...
> Any that work? 

What do you mean by "work"?

I don't know how to avoid any of the above.  Note that there are 2 levels of 
interrupt.  The firmware steals a few cycles every now and then for things 
that it doesn't trust the OS to get right.  The main example is checking the 
temperature and turning the CPU clock down if things are too hot.

Then there are interrupts that get passed to the OS.  You can fight that 
somewhat by manually assigning work to CPUs.  But the scheduler still has to 
run occasionally and if your workload doesn't use the whole CPU, that CPU is 
likely to slow down when you are waiting for work.

I did a bit of hacking with attic/clocks.c
On this machine, the average time to read the clock is 13 ns.
Within a burst of a million samples, there is usually a few in the 10-15 
microsecond range.

Occasinally, there is something in the 60-70 microseconds range.  They are 
rare enough that it's easy to miss one in a million sample pairs of reading 
the clock.

Slowest from each batch of 100...
  11331  18540  11282  11341  11306  11311  11307  11316  11307  11322
  16188  14920  11322  11293  13337  13025  32270  11352  21706  11313
  32463  22764  11812  11308  11319  60664  11301  14530  20428  11319
  14973  11308  11287  14181  13127  11320  11298  11312  12053  15081
  17762  17329  11279  12430  11299  16946  14470  14745  13816  11323
Slowest was 60664

Histogram: CLOCK_REALTIME, 1 ns per bucket, 100 samples.
ns  hits
10  6646
11124028
12410522
13229036
14177996
15 48724
16   259
17   535
18  1430
19   585
2070
2124
2214
2313
2410
59 samples were bigger than 24.

Histogram: CLOCK_REALTIME, 250 ns per bucket, 100 samples.
ns  hits
 049
  2250 2
  3250 1
  3500 3
  3750 3
  4000 1
  8250 1
  8500 1
  875020
  9000 1
  9250 1
 10250 1
 11000 9
 11250 4
 13250 1
2 samples were bigger than 13250.
Slowest was 14424.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Is python2 dead?

[Hal Murray via devel]

Gary said:
> Please, no.  Go is a garbage collected language.  Just what NTPsec does not
> need, random, unpredictable delays. 

I was thinking of the Python code in ntpclients/ and pylib/
Is there anything in there that is time sensitive?

There are lots of ways to inject timing bumps before we get to garbage 
collecting.  cache, scheduler, interrupts, CPU speed, ...

Do you have any data on Go GC times?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Is python2 dead?

[Hal Murray via devel]

Thanks.

Maybe it's time to switch to Go?

How long would it take us to rewrite, from scratch, everything in ntpclients?

I occasionally poke around in ntpq.  I find it very hard to work with.  I 
think the others are much simpler.

Is the basic structure right?  If we were starting from scratch, what would 
pylib look like?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Is python2 dead?

[Hal Murray via devel]

Gary said:
> Let's try again in a year. 

Sounds good to me.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Is python2 dead?

[Hal Murray via devel]

Really really dead?  Or maybe just hiding in some dark corner?

Should we drop support for python2 as part of the next release?
Or announce in the next release that we will drop it as part of the following 
release?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: nts and ntske log files

[Hal Murray via devel]

>Expires February 2036 minus the current date
>is about 12 years and 5 months maybe ish... 

The context is a duration of time rather than time of day.  eg the result of 
sub_tspec()  How many seconds did it take to do X?  The current date has 
nothing to do with it.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: nts and ntske log files

[Hal Murray via devel]

James Browning said:
> The NTP solution would be to convert the mess to l_fp which
> will work for a bit less than 13 years. 

Thanks.  l_fp is the right answer.

How did you get 13 years?  I get 136.  Did you drop/typo the 6?

> My joke would be to have it as a long long of micro-seconds which would be
> good for hundreds of thousands of years.  

l_fp has 32 bits of fraction.  micro takes 20 bits.  So using micro seconds 
would gain 12 bits.  So that would be 557xxx years.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

nts and ntske log files

[Hal Murray via devel]

I just pushed the first cut.

No documentation yet.

Like sysstats and usestats, ntsstats and ntskestats get logged every hour.

If you look at the output from ntpq -c nts, the counters fall into two clumps, 
one for NTS and one for NTS-KE.  All the counters get logged in the same order.

Should we add counters for IPv4 and IPv6?
I think I'll merge the CPU usage.  (getrusage provides separate user and 
system CPU slots)

There are 3 cases for the server side of NTS-KE:
  OK: Worked
  Failed: SSL got started but something didn't work (http?)
  NoSSL: SSL didn't get started (telnet?)
I think I'll add wall/CPU counters for the no-SSL case.

Should we split things client/server rather than NTS/NTS-KE?  With the current 
split, you can't get NTS packets per NTS-KE without looking in two separate 
files.

What's the right type/units for wall time and CPU time?  The current code is 
double and seconds.  That won't ever overflow, but some day in the far future 
a very busy KE server might drop low bits.  We could solve that by using 
timespec.  Should I switch to timespec now so we never have to think about 
this again?  Can ntpq handle timespecs as elapsed times rather than time of 
day?  ...


I'd like ntpq to display both the total and recent counters like sysstats does.

The code that does hourly logging has to remember the totals when it prints 
things so it can subtract them off from the new totals next time.  It's easy 
for me to return the old values but slightly inconvenient to do the subtract.  
How hard is it to do the subtract in ntpq?



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Windows time confusion (long)

[Hal Murray via devel]

Windows feature that resets system clocks based on random data is wreaking 
havoc
  https://arstechnica.com/security/2023/08/windows-feature-that-resets-system-c
locks-based-on-random-data-is-wreaking-havoc/

Windows Secure Time Seeding resets clocks months or years off the correct time.

That's 4 web pages of several screens each.


>From the 3rd web page:

> Simen said he believes the STS design is based on a fundamental
> misinterpretation of the TLS specification. Microsoft's description of
> STS acknowledges that some SSL implementations don't put the current
> system time of the server in the ServerUnixTime field at all. Instead, these
> implementations--most notably the widely used OpenSSL code library
> starting in 2014--populate the field with random values. Microsoft's
> description goes on to say, "We have observed that most servers provide
> a fairly accurate value in this field and the rest provide random
> values."


> "The false assumption is that most SSL implementations return the server
> time," Simen said. "This was probably true in a Microsoft-only
> ecosystem back when they implemented it, but at that time [when STS was
> introduced], OpenSSL was already sending random data instead."


The background story continues over here:

[TLS] Let's remove gmt_unix_time from TLS
  https://mailarchive.ietf.org/arch/msg/tls/_clS-TIIlZUcid_2S4WPej9iMWk/
(There are roughly 20 messages in that thread.)

Time was in there to provide some protection against broken random number 
sources.

But it leaks enough information to help tracking which is a big no-no for 
things like TOR.
That's from 2013.  OpenSSL has been using random since 1.0.1f [6 Jan 2014]
  * Don't include gmt_unix_time in TLS server and client random values




-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: [mailop] Legit-looking mail to the wrong address with no unsubscribe

[Hal Murray via mailop]

> To receive first an email requesting you to confirm your address, only to
> next receive another email from them with the actual information? That seems
> over-engineered...

How often is it only one message?  I typically get 3, often 4 sometimes even 5:
  we got your order
  we shipped it
  it was delivered
  how did you like it?
  please please please give us a good rating

They are often full of bloat, pages of HTML only
and lots of crappy advertising.

Even if there was an unsubscribe/error link, it would be hard to find.

How many people are selling make-more-money by sending lots of bloated email?


> Mantra: always provide a valid reply-to method on emails which preferably
> directs to a customer service team capable of resolving the problem. It can
> sometimes come in very useful. 

I wonder how often that type of address would get added to a spammer's list?


-- 
These are my opinions.  I hate spam.



___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: Release, project sleeping, and running down the clock.

[Hal Murray via devel]

James Browning said:
> If the project is sleeping, then you may as
>well cut the new release now.

I think we should do a normal release.  That includes scanning the issues and 
merge requests.  And lots of testing.

I'm working on making a couple of new stats files for NTP packets using NTS 
and NTS-KE.  That should enable fixing #795 (ntpviz) and provide data for 
thinking about #797 (TLS server priority bit).

I think we should fix the mssntp hack or decide to rip it out.



> I would
>appreciate it if people commented on my merge
>requests 1331, 1333, and 1335.

1335:
sysstats are not resetting hourly when not logged to a file
ntp.poly.polychr() is broken on Python 2 (incorrectly reported as Python 3 
on the ML)
./waf requires Python development headers when building no ntp.ntpc or 
Python w/ FFI ntp.ntpc
Minor text fixups in many Python files
9 tests/libntp/*y do not have pyshebang headers
6 test files, two wscript files, and ntp.agentx all lack SPDX licenses 
declarations
9 pylib files and 8 test files lack license attribution
wscript files in tests and pylib lack UTF-8 coding lines

That looks like 4 unrelated things in one MR.  There is only one "approve" 
button.
I'm interested in the first one, but not interested enough to try to dig it out 
from all the other stuff.


1333:
2403ed08 - 1 commit from branch NTPsec:master
18336fa1 - ms-sntp: works up to trying to connect to the socket.
5535c882 - ms-sntp: Add excessive logging.

Do we have a test setup yet?  There was a lot of discussion a few weeks ago, 
but I don't remember seeing a recipe for one.

Again, There is only one "approve" button and I'm not going to approve anything 
that says "excessive logging".

If you need more info for debugging...  There are several approaches.

1) Use the normal msyslog, but make sure it doesn't turn into a self-DoS.  You 
can add some rate limiting.  

2) You can use the DEBUG stuff.  I've never been happy with that -- too much 
other printout to wade through.

3) You can add the msyslog stuff with an ifdef or if (0) that defaults to off.  
You edit the file and rebuild to turn on your extra printout.  This seems to 
work well if you are likely to want the same printout in the future.  You 
change a (0) to (1) rather than typing in the whole long line again.


1331:
ntpdig appends a new mac after each host dug
ntpdig can try to take the trusted attribute of a byte string.
the authenticator bits in ntp.packet do not truncate digests

I can't quite figure out what that means.  Does it print something stupid?  
Crash?
How would I test it?

My head doesn't like python.  I'd be happier if somebody else tested/approved 
this.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

What does bison do with undefined tokens?

[Hal Murray via devel]

ntpd/ntp_parser.y has this line:

%token T_Timingstats

T_Timingstats is never defined.  All the other similar tokens are defined in 
ntpd/keyword-gen.c

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: NTPsec 1.2.2a released

[Hal Murray via devel]

Should that also go to users@ and devel@?

What fraction of people on users or devel are also on announce?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Old email on gitlab

[Hal Murray via devel]

Thanks Gary and Fred.

I found it in ~/.gitconfig

It would have taken me a long long long time to look there.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Old email on gitlab

[Hal Murray via devel]

git log on a fresh clone shows things like this:

Author: Hal Murray 
Date:   Tue Jul 4 15:16:47 2023 -0700

Squash warnings about not handled enumeration

I haven't used that email in ages.  My profile has been updated.  Mail from 
gitlab goes to the right place.

Where is the other address stored and how do I fix it?

All my updates are setup and tested locally, then pushed with git push which 
uses ssh.
That directory was cloned ages ago.  The old email address may be on my disk.

A friesh clone has the old/wrong email in .git/logs/refs/remotes/origin/HEAD

Is anybody familiar with this tangle?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Northern Virginia has had enough with data centers

[Hal Murray]

> Even traditional data centers have not been known to be especially
> considerate about scheduling their -loud- genset tests. Doesn't matter so
> much in the middle of an industrial zone but when you do it near where people
> live you're going to make them angry. 

Why are gensets loud?

Is there a fundamental physics problem or are they all designed for industrial 
areas where the noise isn't much of a problem?

If I wanted a less noisy one, could I get it?  How much more would it cost?

Are the zoning people smart enough to include noise limits?  ...


-- 
These are my opinions.  I hate spam.

Re: Warnings from unity

[Hal Murray via devel]

> That usually means there is no "default:" case in a switch.

OK, but where did the unity code come from and/or have we cloned it or are we 
tracking what they do?  Or ...

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Warnings from unity

[Hal Murray via devel]

Is anybdy familiar with this area?
Is this something I did?  Or are others seeing the same problem?
(I might have turned on some more-warnings flag, but I don't think so.)

../../tests/unity/unity.c:984:5: warning: enumeration value 
\u2018UNITY_FLOAT_INVALID_TRAIT\u2019 not handled in switch [-Wswitch-enum]
../../tests/unity/unity.c:1124:5: warning: enumeration value 
\u2018UNITY_FLOAT_INVALID_TRAIT\u2019 not handled in switch [-Wswitch-enum]



Speaking of warnings, some versions of OpenSSL and/or some compilers generate 
this:

/usr/local/ssl/include/openssl/ssl.h:1491:53: warning: cast discards "const" 
qualifier from pointer target type [-Wcast-qual]

I've looked into it a bit and don't understand what's going on.  I think our 
code is OK.  This is passing a string literal through a maze of macros.  I've 
decided not to spend much time on this since it doesn't happen with newer 
OpenSSL and/or compilers.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: UnicodeDecodeError from tty.readline(), u-Blox 8

[Hal Murray via devel]

Gary said:
> Weird...  Since ttyACM0 is USB, maybe a driver thing.

Yes, I'm using the USB port rather than the serial port.

The question is:  Which driver?  Linux or U-Blox?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: UnicodeDecodeError from tty.readline(), u-Blox 8

[Hal Murray via devel]

Gary said:
> To open to read binary:
> tty = open("/dev/ttyACM0", "rb")
> The line will be binary.  Getting just the NMEA out will be fun. 

Thanks.  That's what I needed.

There is no problem getting just the NMEA.  I'm using isASCII to detect the 
garbage cases.

I get things like:
### Not ASCII 2023 Jun 3, 22:46:41 UTC
### "$GLG\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\x
cd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\
xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd
\xcd\xcd\xcd$GLGSV,3,3,11,87,43,333,,88,01,306,,90,13,029,*5A"

I get several bogus lines each day.  I haven't seen anything other then 0xcd 
in the non-ASCII part.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

UnicodeDecodeError from tty.readline(), u-Blox 8

[Hal Murray via devel]

Can somebody give me a lesson on this area?

The code is:
  tty = open("/dev/ttyACM0")
  forever:
line = tty.readline()


a) How do I read mostly ASCII without crashing when there is non-ASCII?

b) Why is a u-Blox LEA-M8T sending me non-ASCII crap?
  This is coming from the USB port.  It's running in NMEA mode.
  I don't think I have sent it any commands.

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Book: The Go Programming Language

[Hal Murray via devel]

By Alan L Donovan and Brian W Kernighan
350+ pages

In case you didn't notice, that's the K of K

I don't know anything about Go, yet, but I like books.  This is a good one.

I flipped around, reading a paragraph or a page or two.  It feels good.  Lots 
of examples.  The text is easy to read and understand.  It's probably too 
verbose if you know what you are looking for, for example what is the name of 
the thing that does xxx?

I read all of chapter 9, Concurency with Shared Variables.  I think I know 
something about that area.  It was always one step ahead of me.  It covered 
many important cases that I wouldn't have thought to mention.

I'm looking forward to reading more.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: ntpsec | mssntp in ntp.conf breaks time service to all clients (#785)

[Hal Murray via devel]

I took a scan at the code.  It's pretty broken.  It won't be a quick fix.

Given how broken the code is, this seems to be the first time anybody has 
tried to use that feature. :)  [If there were others, they didn't bother to 
tell anybody.]


Can we get a packet trace of a working example?
I think we'll need a Windows box to generate the SNTP request.
Either old/classic ntpd or a real DC should provide a good response.


I think we should write/collect a HOWTO setup and run a test environment.  I 
assume that will have several sections:
  Setup Samba as a DC
  Build/setup ntpd to process MS-SNTP
  Build/run some test code.

I'm willing to write some hack code to generate/check MS-SNTP requests.

Does anybody know enough about Samba to write (or point us at) a minimal 
setup?  All it needs to do is sign MS-SNTP requests.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: master broken on macos

[Hal Murray via devel]

> one is to append '||cat build/config.log' to lines 386 and 402 (ish) of 
> .gitlab-ci.yml

Worked.  Thanks.

err: ../../test.c:3:10: fatal error: 'openssl/opensslv.h' file not found
#include 

-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

master broken on macos

[Hal Murray via devel]

I merged James' latest version for printing out the OpenSSL version during 
configure.

It barfs on macos.
  https://gitlab.com/NTPsec/ntpsec/-/jobs/4105995926#L126


The log file says:

Checking for OpenSSL != 1.1.1a  : yes 
OpenSSL version : The 
configuration failed
(complete log in /Users/gitlab/builds/NTPsec/ntpsec/build/config.log)
Cleaning up project directory and file based variables 00:00
ERROR: Job failed (system failure): exit status 2

How do I get to the "complete log"?


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

ntpq/mode6 cleanup

[Hal Murray via devel]

>> For a small project, I think we should make mode6/ntpq require the cookie on
>> everything but getting the cookie, and we should make sure that there is no
>> amplification when getting the cookie.
> That would break compatibility with ntpq from classic NTP. 

There are 2 areas I'm interested in.

First is to make sure there is no way to get amplification on reflection.  I'm 
willing to break compatibility to get that.

The second would be a big cleanup.  I'd like to do something like split the 
current daemon into several parts, for example:
  server, client, refclocks, ntpq-server, NTS-KE server

Splitting out ntpq-server would be a good start.  Again, I'm willing, even 
expecting, to break compatibility.

Handwave, strawman...
  Using TCP rather than UDP avoids reflection problems.
  Most of ntpq would work fine if we put all the counters info read only SHM.  
We don't need a lock.  The results may be slightly inconsistent.

The mru list stuff won't work in simple read-only SHM, at least with the 
current approach of scanning the list in chronological order.  It almost 
doesn't work as is.  If the list is big enough to be interesting for busy 
servers, it takes a long time to scan it.  Too long to be useful.

Or maybe we should shift to SNMP.  I hate that level of obfuscatiion, but if 
somebody likes it and is willing to run with it, I'll put things in SHM.

But suppose we scan it in physical order, and sort things out at the client?  
That also solves the problem of the current approach never finishing on a busy 
server because the data changes faster than it can be retrieved.

The other tool in the mru area would be to log interesting stuff.  But I 
haven't worked out a simple/clean version of "interesting".

Putting things in SHM introduces version control issues.  I think they are not 
a problem as long as the stuff on the wire is text rather than offsets.  Then 
all we have to keep in sync is the ntpq-server and ntp-server and ntp-client.



-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Updated to-do list?

[Hal Murray via devel]

[Context is a multi-threaded Go echo server]

> I can manage to do that.

I'll send you the C code off list.

Here is an outline of the big picture:

Linux and FreeBSD have a SO_REUSEPORT option.  The idea is that you can open 
several sockets on the same port number.  The kernel will hash on source IP 
address and source port.  (so packets for a connection go to the same thread 
-- the thread can save state for a connection)

The main server thread sets up worker threads
  Each worker thread opens a socket
  The worker threads bump counters.
  The main thread will read/collect and print the info.

The worker threads have an option to spin for N microseconds between recvfrom 
and sendto.  The idea is to simulate crypto work.

The limiting factor on packet throughput is the kernel thread
  That thread puts arriving packets on the right socket queue
and wakes up a waiting thread if there is one
  So larger packets reduce the load on the kernel thread for a given traffic 
load in bits/second (rather than packets/second).

Handwave...
  The CPU load for a NTP server is roughly constant in terms of bits/second.

So you want to assign the kernel thread to one core (leaving the other 
hyperthread idle) and disable interrupt coalescing.
Then fill up the rest of the CPUs on the chip with worker threads.

It's roughly a microsecond per packet for the kernel thread,
a microsecond each for recvfrom and sendto
and (handwave) a microsecond for basic NTP server work.



Up a level...

There is a companion client side that runs several worker threads sending to 
the server.
You can run it on multiple old/slow PCs to get enough traffic to saturate the 
target server.

There is an option to send N extra packets, like ping -l.  I call them "in 
flight".

Things are setup assuming that no packets are lost.  So you have to be sane on 
picking combinations of multiple clients and extra packets in flight.

-

Up another level...

I have some hackish scripts that
  fire up a server
  fire up several clients
  read/reset the server stats
  wait a bit
  read server stats
  print results
loop for various CPU load/delays or packet lengths


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel

Re: Updated to-do list?

[Hal Murray via devel]

>Given that the things I have been turning in are not in the direction
>we are headed, what should I be working on? Other than trying to do a
>Golang port by myself, or revisiting the more than a-year-old list? 

MR 1307 and/or 1309 is high on my list.  I was hoping somebody else would be 
interested.

What's on your year old list?

For a small project, I think we should make mode6/ntpq require the cookie on 
everything but getting the cookie, and we should make sure that there is no 
amplification when getting the cookie.

How much do you know about Go?  Can you write a multi-threaded echo server?

I have a collection of hacks for measuring performance of NTP servers.  Down 
hill and with a tailwind, I can get 1,000,000 packets per second.  I have C 
and Rust versions.  It would be neat to try a Go version.


-- 
These are my opinions.  I hate spam.



___
devel mailing list
devel@ntpsec.org
https://lists.ntpsec.org/mailman/listinfo/devel