Re: ntpd errors after upgrade on current amd64

[Ollivier Robert]

According to Cy Schubert on Thu, Apr 02, 2015 at 06:26:42PM -0700:
 Ntp_parser.y is not redundant. It is referenced by ntp_parser.c. I put that 
 fix in two days ago.

No, it is the source of ntp_parser.c/h through yacc (or bison) as jkim said.

In theory, you have only the .y and during build you generate the .c/.h.  In 
practice, you always use the ntp_parser.c/.h that come pre-built and build with 
that.  As jkim shows, the generated file can be quite different.

-- 
Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- robe...@keltia.net
In memoriam to Ondine, our 2nd child: http://ondine.keltia.net/

___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: ntpd errors after upgrade on current amd64

[Jung-uk Kim]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 04/02/2015 21:26, Cy Schubert wrote:
 In message 551da257.6060...@freebsd.org, Jung-uk Kim writes:
 This is a multi-part message in MIME format. 
 --090800070300040107060309 Content-Type: text/plain;
 charset=utf-8 Content-Transfer-Encoding: 8bit
 
 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256
 
 On 04/01/2015 11:32, Manfred Antar wrote:
 After build install world on current ntpd doesn't work. Here
 is error:
 
 FreeBSD/amd64 (pozo.com) (ttyu0)
 
 login: Apr  1 08:29:19 pozo ntpd[49825]: line 22 column 1
 syntax error
 
 ntp_crypto.c was not properly merged.  Basically, the fix for 
 SA-14:31.ntp was applied twice.  Please try the attached patch.
 
 Apr  1 08:29:19 pozo ntpd[49825]: setsockopt IPV6_MULTICAST_IF
 0 for fe80::1%2 fails: Can't assign requested address
 
 A separate issue, I think.
 
 Jung-uk Kim
 
 * Note: ntp_parser.y is redundant and it was the root cause of 
 inconsistent builds and build failures, i.e., ntp_parser.c and 
 ntp_parser.h may be regenerated on the *source* directory
 depending on phase of the moon.  Although we can re-gen them
 after r280915, upstream does not support BSD yacc.
 
 Ntp_parser.y is not redundant.

It is redundant because ntp_parser.c and ntp_parser.h are generated
from ntp_parser.y.  Once it is done, it can be safely removed.  Remove
it and see for yourself.

 It is referenced by ntp_parser.c.

Nope.

# grep ntp_parser.y /usr/src/contrib/ntp/ntpd/ntp_parser.c
#line 14 ntp_parser.y /* yacc.c:339  */
#line 54 ntp_parser.y /* yacc.c:355  */
#line 371 ntp_parser.y /* yacc.c:1646  */
...
# grep ntp_parser.y /usr/src/contrib/ntp/ntpd/ntp_parser.h
#line 54 ntp_parser.y /* yacc.c:1909  */

These are inserted for debugging purpose only.  See yacc(1) for -l optio
n.

 I put that fix in two days ago.

Your fix is just to make ntp_parser.y compilable with our yacc(1).
Now ntp_parser.c and ntp_parser.h may be regenerated and *overwritten*
depending upon timestamps of these files.

# svn revert /usr/src/contrib/ntp/ntpd/ntp_parser.[chy]
# touch /usr/src/contrib/ntp/ntpd/ntp_parser.y
# cd /usr/src/usr.sbin/ntp/ntpd
# make depend
yacc -d /usr/src/usr.sbin/ntp/ntpd/../../../contrib/ntp/ntpd/ntp_parser.
y
mv y.tab.c
/usr/src/usr.sbin/ntp/ntpd/../../../contrib/ntp/ntpd/ntp_parser.c
...
# svn stat /usr/src/contrib/ntp/ntpd/ntp_parser.?
M   /usr/src/contrib/ntp/ntpd/ntp_parser.c

Unfortunately, bundled ntp_parser.c and ntp_parser.h were originally
generated with GNU Bison and the new ntp_parser.c is totally different.

# svn diff /usr/src/contrib/ntp/ntpd/ntp_parser.c | grep ^+ | wc -l
1918
# svn diff /usr/src/contrib/ntp/ntpd/ntp_parser.c | grep ^- | wc -l
3214.

If you really want to keep ntp_parser.y for some reason, ntp_parser.c
and ntp_parser.h must be removed from source tree instead.  Also, you
have to patch /usr/src/usr.sbin/ntp/ntpd/Makefile a little (hint:
replace ntp_parser.c with ntp_parser.y for SRCS and add -I. to CFLAGS)
.

Basically, you have to remove either ntp_parser.y or ntp_parser.[ch].
 You just can't keep them all.

 I'll re-merge based on your second patch/the posted fix. I'll try
 it first in the port though.

Okay.

Jung-uk Kim
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJVHkDoAAoJEHyflib82/FGTVQIAJ6wEudATveKaYSTok9Q5T5K
xwE3Ym6XdZqEXprKCSfeIea+EqeWNLmf7uDOsPqr2k0KwwN//sHhXAWR/9ze4+em
auypHxM3LTUEYZnoBvy17dOJ1gde/3jXZt9q8ZLnz3M91W439j5jWGGU6LXY97wy
Vlv97eqISEMPvI21pA3EI3xC3f56xM6fjruDMAq6VLarAfTaLmhn5fbMpP5XEBBF
hybSde+YVf36i/ojKPUYz2mSyJ1y7j+zR0n+S+ccLnGfoS/sXePdoDzjm0lNWVDa
bRpkZYbWrVQiGyw+equs6WORKBh0ZIICBaQa0IPGycrD0UKt37wx0YzN7xRDsQo=
=tkma
-END PGP SIGNATURE-
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: ntpd errors after upgrade on current amd64

[Cy Schubert]

In message 20150403080118.ga2...@roberto-aw.eurocontrol.fr, Ollivier 
Robert w
rites:
 According to Cy Schubert on Thu, Apr 02, 2015 at 06:26:42PM -0700:
  Ntp_parser.y is not redundant. It is referenced by ntp_parser.c. I put that
  
  fix in two days ago.
 
 No, it is the source of ntp_parser.c/h through yacc (or bison) as jkim said.
 
 In theory, you have only the .y and during build you generate the .c/.h.  In 
 practice, you always use the ntp_parser.c/.h that come pre-built and build wi
 th that.  As jkim shows, the generated file can be quite different.

The fix has just been committed.

4.2.8p2 should be released shortly to resolve the other issues. I've added 
an ntp-rc port to track the release candidates.


-- 
Cheers,
Cy Schubert cy.schub...@komquats.com or cy.schub...@cschubert.com
FreeBSD UNIX:  c...@freebsd.org   Web:  http://www.FreeBSD.org

The need of the many outweighs the greed of the few.


___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: ntpd errors after upgrade on current amd64

[Jung-uk Kim]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 04/01/2015 11:32, Manfred Antar wrote:
 After build install world on current ntpd doesn't work. Here is
 error:
 
 FreeBSD/amd64 (pozo.com) (ttyu0)
 
 login: Apr  1 08:29:19 pozo ntpd[49825]: line 22 column 1 syntax
 error

ntp_crypto.c was not properly merged.  Basically, the fix for
SA-14:31.ntp was applied twice.  Please try the attached patch.

 Apr  1 08:29:19 pozo ntpd[49825]: setsockopt IPV6_MULTICAST_IF 0
 for fe80::1%2 fails: Can't assign requested address

A separate issue, I think.

Jung-uk Kim

* Note: ntp_parser.y is redundant and it was the root cause of
inconsistent builds and build failures, i.e., ntp_parser.c and
ntp_parser.h may be regenerated on the *source* directory depending on
phase of the moon.  Although we can re-gen them after r280915,
upstream does not support BSD yacc.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJVHaJXAAoJEHyflib82/FGla0H/i7cQunatuUUhGYPGGenmy1X
DEo7zL/LYNWX7XY392dIDKFGZguvErehVy7KNiVXZzrlsz0JRVpQp/r8OT6xPrFF
lGFaOgGB9tfIYKZl+Bn2gE40mwtfp7UX3B2nIswwF2SFBhyuJPiIZ5Y+j3YDyIHS
/BGUs0D+CaKq9RgU66QrowMOtA/uElWix44VHVSNJ2knAL+x6cZF4VzNTC+6wG2c
DVODrTMSqMAwiIkPYJCndbxH7C9ZaQEHVq19pTmYRb1V7x2VO0/3NrBJJYSP9GGe
PQS/HiU9lkIi/JSj3AN9+ntyzKpne/DJz6/AAe/JpCGj/o1Ke+ageA6m7yoqHL8=
=wNw9
-END PGP SIGNATURE-
Index: contrib/ntp/ntpd/ntp_crypto.c
===
--- contrib/ntp/ntpd/ntp_crypto.c	(revision 280991)
+++ contrib/ntp/ntpd/ntp_crypto.c	(working copy)
@@ -826,10 +826,10 @@ crypto_recv(
 			 * Decrypt the cookie, hunting all the time for
 			 * errors.
 			 */
-			if (vallen == (u_int) EVP_PKEY_size(host_pkey)) {
+			if (vallen == (u_int)EVP_PKEY_size(host_pkey)) {
 u_int32 *cookiebuf = malloc(
 RSA_size(host_pkey-pkey.rsa));
-if (cookiebuf == NULL) {
+if (!cookiebuf) {
 	rval = XEVNT_CKY;
 	break;
 }
@@ -3817,7 +3817,7 @@ crypto_setup(void)
 			randfile);
 			exit (-1);
 		}
-		get_systime(seed);
+		arc4random_buf(seed, sizeof(l_fp));
 		RAND_seed(seed, sizeof(l_fp));
 		RAND_write_file(randfile);
 #ifdef DEBUG
@@ -3850,36 +3850,6 @@ crypto_setup(void)
 	pinfo = crypto_key(filename, passwd, NULL);
 	if (pinfo == NULL) {
 		msyslog(LOG_ERR,
-		crypto_setup: random seed file not specified);
-		exit (-1);
-	}
-	if ((bytes = RAND_load_file(rand_file, -1)) == 0) {
-		msyslog(LOG_ERR,
-		crypto_setup: random seed file %s not found\n,
-		rand_file);
-		exit (-1);
-	}
-	arc4random_buf(seed, sizeof(l_fp));
-	RAND_seed(seed, sizeof(l_fp));
-	RAND_write_file(rand_file);
-	OpenSSL_add_all_algorithms();
-#ifdef DEBUG
-	if (debug)
-		printf(
-		crypto_setup: OpenSSL version %lx random seed file %s bytes read %d\n,
-		SSLeay(), rand_file, bytes);
-#endif
-
-	/*
-	 * Load required host key from file ntpkey_host_hostname. If
-	 * no host key file is not found or has invalid password, life
-	 * as we know it ends. The host key also becomes the default
-	 * sign key. 
-	 */
-	snprintf(filename, sizeof(filename), ntpkey_host_%s, hostname);
-	pinfo = crypto_key(filename, passwd, NULL);
-	if (pinfo == NULL) {
-		msyslog(LOG_ERR,
 		crypto_setup: host key file %s not found or corrupt,
 		filename);
 		exit (-1);
Index: contrib/ntp/ntpd/ntp_parser.y
===
--- contrib/ntp/ntpd/ntp_parser.y	(revision 280991)
+++ contrib/ntp/ntpd/ntp_parser.y	(working copy)
@@ -1,1641 +0,0 @@
-/* ntp_parser.y
- *
- * The parser for the NTP configuration file.
- *
- * Written By:	Sachin Kamboj
- *		University of Delaware
- *		Newark, DE 19711
- * Copyright (c) 2006
- */
-
-%parse-param { struct FILE_INFO *ip_file }
-%lex-param { struct FILE_INFO *ip_file }
-
-%{
-  #ifdef HAVE_CONFIG_H
-  # include config.h
-  #endif
-
-  #include ntp.h
-  #include ntpd.h
-  #include ntp_machine.h
-  #include ntp_stdlib.h
-  #include ntp_filegen.h
-  #include ntp_scanner.h
-  #include ntp_config.h
-  #include ntp_crypto.h
-
-  #include ntpsim.h		/* HMS: Do we really want this all the time? */
-/* SK: It might be a good idea to always
-   include the simulator code. That way
-   someone can use the same configuration file
-   for both the simulator and the daemon
-*/
-
-  #define YYMALLOC	emalloc
-  #define YYFREE	free
-  #define YYERROR_VERBOSE
-  #define YYMAXDEPTH	1000	/* stop the madness sooner */
-  void yyerror(struct FILE_INFO *ip_file, const char *msg);
-
-  #ifdef SIM
-  #  define ONLY_SIM(a)	(a)
-  #else
-  #  define ONLY_SIM(a)	NULL
-  #endif
-%}
-
-/* 
- * Enable generation of token names array even without YYDEBUG.
- * We access via token_name() defined below.
- */
-%token-table
-
-%union {
-	char *			String;
-	double			Double;
-	int			Integer;
-	unsigned		U_int;
-	gen_fifo *		Generic_fifo;
-	attr_val *		Attr_val;
-	attr_val_fifo *		Attr_val_fifo;
-	int_fifo *		Int_fifo;
-	string_fifo *		String_fifo;
-	address_node *		Address_node;
-	address_fifo *		

Re: ntpd errors after upgrade on current amd64

[Jung-uk Kim]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On 04/02/2015 16:11, Jung-uk Kim wrote:
 On 04/01/2015 11:32, Manfred Antar wrote:
 Apr  1 08:29:19 pozo ntpd[49825]: setsockopt IPV6_MULTICAST_IF 0 
 for fe80::1%2 fails: Can't assign requested address
 
 A separate issue, I think.

This issue will be fixed in the next release, it seems.

http://lists.ntp.org/pipermail/bk-ntp-stable-send/2015-March/000594.html

Please try the updated patch.  It fixed the problem for me.  Note this
patch supersedes the previous patch.

Jung-uk Kim
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJVHbTRAAoJEHyflib82/FGPP0H/iZpzPxGokR1CD16K4i/dH/F
qSfefNpW20dnl3ozIv3P0e1yC/xxMUJJNF4HQ8fwjr1bTI3efZ8gTPR2Zk3k5r7i
2OcQfrQma3cSkzoks6tjobor/yGpQEHJkwFwSSEsUKgA/rI0FpvviHQsQOi/6BnA
KbWQWLt5ZTe/V/27Zc2AU38evJxRFiYiJTycutQzMZ1NHle8DWqQ7vMKOe+CilAW
MX/16AW2tp2yrBs9XQKmkh0Yd2dTLJuBxAV7Rl8cVUZgdELqyE2FNSEL7L7TKKbs
QjJj6+7oee/c22Fc11CA7fBRFkK6m8fzmL/2CuTvf0JLefisCvMMcymvxH/edoM=
=UPrE
-END PGP SIGNATURE-
Index: contrib/ntp/lib/isc/unix/ifiter_getifaddrs.c
===
--- contrib/ntp/lib/isc/unix/ifiter_getifaddrs.c	(revision 281003)
+++ contrib/ntp/lib/isc/unix/ifiter_getifaddrs.c	(working copy)
@@ -212,6 +212,9 @@ internal_current(isc_interfaceiter_t *iter) {
 		get_addr(family, iter-current.broadcast, ifa-ifa_broadaddr,
 			 ifa-ifa_name);
 
+#ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX
+	iter-current.ifindex = if_nametoindex(iter-current.name);
+#endif
 	return (ISC_R_SUCCESS);
 }
 
Index: contrib/ntp/lib/isc/unix/ifiter_ioctl.c
===
--- contrib/ntp/lib/isc/unix/ifiter_ioctl.c	(revision 281003)
+++ contrib/ntp/lib/isc/unix/ifiter_ioctl.c	(working copy)
@@ -588,6 +588,9 @@ internal_current4(isc_interfaceiter_t *iter) {
 		}
 		iter-current.netmask.type.in6.s6_addr[i] = (~0  bits)  0xff;
 	}
+#ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX
+	iter-current.ifindex = if_nametoindex(iter-current.name);
+#endif
 	return (ISC_R_SUCCESS);
 
  inet:
@@ -664,6 +667,9 @@ internal_current4(isc_interfaceiter_t *iter) {
 	}
 	get_addr(family, iter-current.netmask,
 		 (struct sockaddr *)ifreq.ifr_addr, ifreq.ifr_name);
+#ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX
+	iter-current.ifindex = if_nametoindex(iter-current.name);
+#endif
 	return (ISC_R_SUCCESS);
 }
 
@@ -704,7 +710,6 @@ internal_current6(isc_interfaceiter_t *iter) {
 	get_addr(family, iter-current.address,
 		 (struct sockaddr *)lifreq.lifr_addr, lifreq.lifr_name);
 
-	iter-current.ifindex = lifreq.lifr_index;
 	if (isc_netaddr_islinklocal(iter-current.address))
 		isc_netaddr_setzone(iter-current.address, 
 (isc_uint32_t)lifreq.lifr_index);
@@ -844,7 +849,9 @@ internal_current6(isc_interfaceiter_t *iter) {
 			iter-current.netmask.type.in6.s6_addr[i / 8] =
 (~0  bits)  0xff;
 		}
-
+#ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX
+		iter-current.ifindex = if_nametoindex(iter-current.name);
+#endif
 		return (ISC_R_SUCCESS);
 	}
 #endif
@@ -867,6 +874,9 @@ internal_current6(isc_interfaceiter_t *iter) {
 	get_addr(family, iter-current.netmask,
 		 (struct sockaddr *)lifreq.lifr_addr, lifreq.lifr_name);
 
+#ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX
+	iter-current.ifindex = if_nametoindex(iter-current.name);
+#endif
 	return (ISC_R_SUCCESS);
 }
 #endif
Index: contrib/ntp/ntpd/ntp_crypto.c
===
--- contrib/ntp/ntpd/ntp_crypto.c	(revision 281003)
+++ contrib/ntp/ntpd/ntp_crypto.c	(working copy)
@@ -826,10 +826,10 @@ crypto_recv(
 			 * Decrypt the cookie, hunting all the time for
 			 * errors.
 			 */
-			if (vallen == (u_int) EVP_PKEY_size(host_pkey)) {
+			if (vallen == (u_int)EVP_PKEY_size(host_pkey)) {
 u_int32 *cookiebuf = malloc(
 RSA_size(host_pkey-pkey.rsa));
-if (cookiebuf == NULL) {
+if (!cookiebuf) {
 	rval = XEVNT_CKY;
 	break;
 }
@@ -3817,7 +3817,7 @@ crypto_setup(void)
 			randfile);
 			exit (-1);
 		}
-		get_systime(seed);
+		arc4random_buf(seed, sizeof(l_fp));
 		RAND_seed(seed, sizeof(l_fp));
 		RAND_write_file(randfile);
 #ifdef DEBUG
@@ -3850,36 +3850,6 @@ crypto_setup(void)
 	pinfo = crypto_key(filename, passwd, NULL);
 	if (pinfo == NULL) {
 		msyslog(LOG_ERR,
-		crypto_setup: random seed file not specified);
-		exit (-1);
-	}
-	if ((bytes = RAND_load_file(rand_file, -1)) == 0) {
-		msyslog(LOG_ERR,
-		crypto_setup: random seed file %s not found\n,
-		rand_file);
-		exit (-1);
-	}
-	arc4random_buf(seed, sizeof(l_fp));
-	RAND_seed(seed, sizeof(l_fp));
-	RAND_write_file(rand_file);
-	OpenSSL_add_all_algorithms();
-#ifdef DEBUG
-	if (debug)
-		printf(
-		crypto_setup: OpenSSL version %lx random seed file %s bytes read %d\n,
-		SSLeay(), rand_file, bytes);
-#endif
-
-	/*
-	 * Load required host key from file ntpkey_host_hostname. If
-	 * no host key file is not found or has invalid password, life
-	 * as we know it ends. The host key also becomes 

Re: ntpd errors after upgrade on current amd64

[Cy Schubert]

In message 551da257.6060...@freebsd.org, Jung-uk Kim writes:
 This is a multi-part message in MIME format.
 --090800070300040107060309
 Content-Type: text/plain; charset=utf-8
 Content-Transfer-Encoding: 8bit
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA256
 
 On 04/01/2015 11:32, Manfred Antar wrote:
  After build install world on current ntpd doesn't work. Here is
  error:
  
  FreeBSD/amd64 (pozo.com) (ttyu0)
  
  login: Apr  1 08:29:19 pozo ntpd[49825]: line 22 column 1 syntax
  error
 
 ntp_crypto.c was not properly merged.  Basically, the fix for
 SA-14:31.ntp was applied twice.  Please try the attached patch.
 
  Apr  1 08:29:19 pozo ntpd[49825]: setsockopt IPV6_MULTICAST_IF 0
  for fe80::1%2 fails: Can't assign requested address
 
 A separate issue, I think.
 
 Jung-uk Kim
 
 * Note: ntp_parser.y is redundant and it was the root cause of
 inconsistent builds and build failures, i.e., ntp_parser.c and
 ntp_parser.h may be regenerated on the *source* directory depending on
 phase of the moon.  Although we can re-gen them after r280915,
 upstream does not support BSD yacc.

Ntp_parser.y is not redundant. It is referenced by ntp_parser.c. I put that 
fix in two days ago.

I'll re-merge based on your second patch/the posted fix. I'll try it first 
in the port though.


-- 
Cheers,
Cy Schubert cy.schub...@komquats.com or cy.schub...@cschubert.com
FreeBSD UNIX:  c...@freebsd.org   Web:  http://www.FreeBSD.org

The need of the many outweighs the greed of the few.


___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: ntpd errors after upgrade on current amd64

[Joel Dahl]

FWIW, I’m seeing the same thing.

—
Joel

 1 apr 2015 kl. 17:32 skrev Manfred Antar n...@pozo.com:
 
 After build install world on current ntpd doesn't work.
 Here is error:
 
 FreeBSD/amd64 (pozo.com) (ttyu0)
 
 login: Apr  1 08:29:19 pozo ntpd[49825]: line 22 column 1 syntax error
 Apr  1 08:29:19 pozo ntpd[49825]: setsockopt IPV6_MULTICAST_IF 0 for 
 fe80::1%2 fails: Can't assign requested address
 
 I'm using the stock ntp.conf from /usr/src/etc.
 It worked fine before the upgrade
 Thanks
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org