On Thu, Sep 03, 2020 at 02:33:05PM +0200, Otto Moerbeek wrote:
> On Thu, Sep 03, 2020 at 02:02:36PM +0200, Christian Weisgerber wrote:
>
> > Otto Moerbeek:
> >
> > > Currently testing this.
> >
> > For "port unreachable" replies, this caused ntpd to become unsynced, but
> > the peer still remains valid.
>
> Hmm, it looks like we need to reduce trustlevel as well for the case:
> something was received but it was not a valid ntp packet. Will look
> into it. Thanks for testing.
This takes the observed issue into account,
-Otto
Index: client.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/client.c,v
retrieving revision 1.113
diff -u -p -r1.113 client.c
--- client.c 30 Jan 2020 15:55:41 -0000 1.113
+++ client.c 3 Sep 2020 18:08:48 -0000
@@ -264,6 +264,12 @@ handle_auto(uint8_t trusted, double offs
priv_settime(offset, "");
}
+
+/*
+ * -1: Not processed, not an NTP message (e.g. icmp induced ECONNREFUSED)
+ * 0: Not prrocessed due to validation issues
+ * 1: NTP message validated and processed
+ */
int
client_dispatch(struct ntp_peer *p, u_int8_t settime, u_int8_t automatic)
{
@@ -297,7 +303,7 @@ client_dispatch(struct ntp_peer *p, u_in
errno == ENOPROTOOPT || errno == ENOENT) {
client_log_error(p, "recvmsg", errno);
set_next(p, error_interval());
- return (0);
+ return (-1);
} else
fatal("recvfrom");
}
@@ -456,7 +462,7 @@ client_dispatch(struct ntp_peer *p, u_in
if (++p->shift >= OFFSET_ARRAY_SIZE)
p->shift = 0;
- return (0);
+ return (1);
}
int
Index: ntp.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
retrieving revision 1.166
diff -u -p -r1.166 ntp.c
--- ntp.c 30 Aug 2020 16:21:29 -0000 1.166
+++ ntp.c 3 Sep 2020 18:08:48 -0000
@@ -402,12 +402,29 @@ ntp_main(struct ntpd_conf *nconf, struct
for (; nfds > 0 && j < idx_clients; j++) {
if (pfd[j].revents & (POLLIN|POLLERR)) {
+ struct ntp_peer *pp = idx2peer[j - idx_peers];
+
nfds--;
- last_action = now;
- if (client_dispatch(idx2peer[j - idx_peers],
- conf->settime, conf->automatic) == -1) {
- log_warn("pipe write error (settime)");
- ntp_quit = 1;
+ switch (client_dispatch(pp, conf->settime,
+ conf->automatic)) {
+ case -1:
+ log_debug("no reply from %s "
+ "received", log_sockaddr(
+ (struct sockaddr *) &pp->addr->ss));
+ if (pp->trustlevel >=
+ TRUSTLEVEL_BADPEER &&
+ (pp->trustlevel /= 2) <
+ TRUSTLEVEL_BADPEER)
+ log_info("peer %s now invalid",
+ log_sockaddr(
+ (struct sockaddr *)
+ &pp->addr->ss));
+ break;
+ case 0: /* invalid replies are ignored */
+ break;
+ case 1:
+ last_action = now;
+ break;
}
}
}
