diff options
author | glebius <glebius@FreeBSD.org> | 2015-10-26 11:35:40 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2015-10-26 11:35:40 +0000 |
commit | c62812877398840dae0ba74b03e9e6a43cc56fc5 (patch) | |
tree | 304551aa93f09787d4f56a966c6409faf1b1bcb0 /contrib/ntp/ntpd/ntp_proto.c | |
parent | 9e809ce638c9be9ffb800ced1b91c0e8997f4c9e (diff) | |
download | FreeBSD-src-c62812877398840dae0ba74b03e9e6a43cc56fc5.zip FreeBSD-src-c62812877398840dae0ba74b03e9e6a43cc56fc5.tar.gz |
Upgrade NTP to 4.2.8p4.
Security: FreeBSD-SA-15:25.ntp
Security: CVE-2015-7871
Security: CVE-2015-7855
Security: CVE-2015-7854
Security: CVE-2015-7853
Security: CVE-2015-7852
Security: CVE-2015-7851
Security: CVE-2015-7850
Security: CVE-2015-7849
Security: CVE-2015-7848
Security: CVE-2015-7701
Security: CVE-2015-7703
Security: CVE-2015-7704, CVE-2015-7705
Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702
Diffstat (limited to 'contrib/ntp/ntpd/ntp_proto.c')
-rw-r--r-- | contrib/ntp/ntpd/ntp_proto.c | 297 |
1 files changed, 199 insertions, 98 deletions
diff --git a/contrib/ntp/ntpd/ntp_proto.c b/contrib/ntp/ntpd/ntp_proto.c index 4062406..2a15d72 100644 --- a/contrib/ntp/ntpd/ntp_proto.c +++ b/contrib/ntp/ntpd/ntp_proto.c @@ -28,8 +28,8 @@ * This macro defines the authentication state. If x is 1 authentication * is required; othewise it is optional. */ -#define AUTH(x, y) ((x) ? (y) == AUTH_OK : (y) == AUTH_OK || \ - (y) == AUTH_NONE) +#define AUTH(x, y) ((x) ? (y) == AUTH_OK \ + : (y) == AUTH_OK || (y) == AUTH_NONE) #define AUTH_NONE 0 /* authentication not required */ #define AUTH_OK 1 /* authentication OK */ @@ -37,6 +37,19 @@ #define AUTH_CRYPTO 3 /* crypto_NAK */ /* + * Set up Kiss Code values + */ + +enum kiss_codes { + NOKISS, /* No Kiss Code */ + RATEKISS, /* Rate limit Kiss Code */ + DENYKISS, /* Deny Kiss */ + RSTRKISS, /* Restricted Kiss */ + XKISS, /* Experimental Kiss */ + UNKNOWNKISS /* Unknown Kiss Code */ +}; + +/* * traffic shaping parameters */ #define NTP_IBURST 6 /* packets in iburst */ @@ -139,6 +152,7 @@ u_long sys_declined; /* declined */ u_long sys_limitrejected; /* rate exceeded */ u_long sys_kodsent; /* KoD sent */ +static int kiss_code_check(u_char hisleap, u_char hisstratum, u_char hismode, u_int32 refid); static double root_distance (struct peer *); static void clock_combine (peer_select *, int, int); static void peer_xmit (struct peer *); @@ -185,7 +199,34 @@ set_sys_leap(u_char new_sys_leap) { } } +/* + * Kiss Code check + */ +int kiss_code_check(u_char hisleap, u_char hisstratum, u_char hismode, u_int32 refid) { + if ( hismode == MODE_SERVER + && hisleap == LEAP_NOTINSYNC + && hisstratum == STRATUM_UNSPEC) { + if(memcmp(&refid,"RATE", 4) == 0) { + return (RATEKISS); + } + else if(memcmp(&refid,"DENY", 4) == 0) { + return (DENYKISS); + } + else if(memcmp(&refid,"RSTR", 4) == 0) { + return (RSTRKISS); + } + else if(memcmp(&refid,"X", 1) == 0) { + return (XKISS); + } + else { + return (UNKNOWNKISS); + } + } + else { + return (NOKISS); + } +} /* * transmit - transmit procedure called by poll timeout */ @@ -235,8 +276,8 @@ transmit( peer->unreach = 0; peer->ttl = 0; peer_xmit(peer); - } else if (sys_survivors < sys_minclock || - peer_associations < sys_maxclock) { + } else if ( sys_survivors < sys_minclock + || peer_associations < sys_maxclock) { if (peer->ttl < (u_int32)sys_ttlmax) peer->ttl++; peer_xmit(peer); @@ -260,9 +301,9 @@ transmit( */ if (peer->cast_flags & MDF_POOL) { peer->outdate = current_time; - if ((peer_associations <= 2 * sys_maxclock) && - (peer_associations < sys_maxclock || - sys_survivors < sys_minclock)) + if ( (peer_associations <= 2 * sys_maxclock) + && ( peer_associations < sys_maxclock + || sys_survivors < sys_minclock)) pool_xmit(peer); poll_update(peer, hpoll); return; @@ -297,8 +338,8 @@ transmit( peer_unfit(peer); report_event(PEVNT_UNREACH, peer, NULL); } - if ((peer->flags & FLAG_IBURST) && - peer->retry == 0) + if ( (peer->flags & FLAG_IBURST) + && peer->retry == 0) peer->retry = NTP_RETRY; } else { @@ -312,8 +353,9 @@ transmit( hpoll = sys_poll; if (!(peer->flags & FLAG_PREEMPT)) peer->unreach = 0; - if ((peer->flags & FLAG_BURST) && peer->retry == - 0 && !peer_unfit(peer)) + if ( (peer->flags & FLAG_BURST) + && peer->retry == 0 + && !peer_unfit(peer)) peer->retry = NTP_RETRY; } @@ -334,9 +376,9 @@ transmit( unpeer(peer); return; } - if ((peer->flags & FLAG_PREEMPT) && - (peer_associations > sys_maxclock) && - score_all(peer)) { + if ( (peer->flags & FLAG_PREEMPT) + && (peer_associations > sys_maxclock) + && score_all(peer)) { report_event(PEVNT_RESTART, peer, "timeout"); peer_clear(peer, "TIME"); unpeer(peer); @@ -392,6 +434,7 @@ receive( u_char hismode; /* packet mode */ u_char hisstratum; /* packet stratum */ u_short restrict_mask; /* restrict bits */ + int kissCode = NOKISS; /* Kiss Code */ int has_mac; /* length of MAC field */ int authlen; /* offset of MAC field */ int is_authentic = 0; /* cryptosum ok */ @@ -483,8 +526,8 @@ receive( */ if (hisversion == NTP_VERSION) { sys_newversion++; /* new version */ - } else if (!(restrict_mask & RES_VERSION) && hisversion >= - NTP_OLDVERSION) { + } else if ( !(restrict_mask & RES_VERSION) + && hisversion >= NTP_OLDVERSION) { sys_oldversion++; /* previous version */ } else { sys_badlength++; @@ -538,8 +581,9 @@ receive( } else { opcode = ntohl(((u_int32 *)pkt)[authlen / 4]); len = opcode & 0xffff; - if (len % 4 != 0 || len < 4 || (int)len + - authlen > rbufp->recv_length) { + if ( len % 4 != 0 + || len < 4 + || (int)len + authlen > rbufp->recv_length) { sys_badlength++; return; /* bad length */ } @@ -549,13 +593,13 @@ receive( * sys_groupname is non-NULL, there must be * a group name provided to elicit a response. */ - if ((opcode & 0x3fff0000) == CRYPTO_ASSOC && - sys_groupname != NULL) { + if ( (opcode & 0x3fff0000) == CRYPTO_ASSOC + && sys_groupname != NULL) { ep = (struct exten *)&((u_int32 *)pkt)[authlen / 4]; hostlen = ntohl(ep->vallen); - if (hostlen >= sizeof(hostname) || - hostlen > len - - offsetof(struct exten, pkt)) { + if ( hostlen >= sizeof(hostname) + || hostlen > len - + offsetof(struct exten, pkt)) { sys_badlength++; return; /* bad length */ } @@ -599,8 +643,9 @@ receive( restrict_mask = ntp_monitor(rbufp, restrict_mask); if (restrict_mask & RES_LIMITED) { sys_limitrejected++; - if (!(restrict_mask & RES_KOD) || MODE_BROADCAST == - hismode || MODE_SERVER == hismode) { + if ( !(restrict_mask & RES_KOD) + || MODE_BROADCAST == hismode + || MODE_SERVER == hismode) { if (MODE_SERVER == hismode) DPRINTF(1, ("Possibly self-induced rate limiting of MODE_SERVER from %s\n", stoa(&rbufp->recv_srcadr))); @@ -698,10 +743,11 @@ receive( * This is described in Microsoft's WSPP docs, in MS-SNTP: * http://msdn.microsoft.com/en-us/library/cc212930.aspx */ - } else if (has_mac == MAX_MD5_LEN && (restrict_mask & RES_MSSNTP) && - (retcode == AM_FXMIT || retcode == AM_NEWPASS) && - (memcmp(zero_key, (char *)pkt + authlen + 4, MAX_MD5_LEN - 4) == - 0)) { + } else if ( has_mac == MAX_MD5_LEN + && (restrict_mask & RES_MSSNTP) + && (retcode == AM_FXMIT || retcode == AM_NEWPASS) + && (memcmp(zero_key, (char *)pkt + authlen + 4, + MAX_MD5_LEN - 4) == 0)) { is_authentic = AUTH_NONE; #endif /* HAVE_NTP_SIGND */ @@ -754,8 +800,9 @@ receive( * mobilized. However, if this is from * the wildcard interface, game over. */ - if (crypto_flags && rbufp->dstadr == - ANY_INTERFACE_CHOOSE(&rbufp->recv_srcadr)) { + if ( crypto_flags + && rbufp->dstadr == + ANY_INTERFACE_CHOOSE(&rbufp->recv_srcadr)) { sys_restricted++; return; /* no wildcard */ } @@ -882,10 +929,10 @@ receive( * stratum is greater than the manycaster or the * manycaster has already synchronized to us. */ - if (sys_leap == LEAP_NOTINSYNC || sys_stratum >= - hisstratum || (!sys_cohort && sys_stratum == - hisstratum + 1) || rbufp->dstadr->addr_refid == - pkt->refid) { + if ( sys_leap == LEAP_NOTINSYNC + || sys_stratum >= hisstratum + || (!sys_cohort && sys_stratum == hisstratum + 1) + || rbufp->dstadr->addr_refid == pkt->refid) { sys_declined++; return; /* no help */ } @@ -933,9 +980,10 @@ receive( sys_restricted++; return; /* not enabled */ } - if (!AUTH((!(peer2->cast_flags & MDF_POOL) && - sys_authenticate) | (restrict_mask & (RES_NOPEER | - RES_DONTTRUST)), is_authentic)) { + if (!AUTH( (!(peer2->cast_flags & MDF_POOL) + && sys_authenticate) + || (restrict_mask & (RES_NOPEER | + RES_DONTTRUST)), is_authentic)) { sys_restricted++; return; /* access denied */ } @@ -944,8 +992,9 @@ receive( * Do not respond if unsynchronized or stratum is below * the floor or at or above the ceiling. */ - if (hisleap == LEAP_NOTINSYNC || hisstratum < - sys_floor || hisstratum >= sys_ceiling) { + if ( hisleap == LEAP_NOTINSYNC + || hisstratum < sys_floor + || hisstratum >= sys_ceiling) { sys_declined++; return; /* no help */ } @@ -1007,8 +1056,9 @@ receive( * Do not respond if unsynchronized or stratum is below * the floor or at or above the ceiling. */ - if (hisleap == LEAP_NOTINSYNC || hisstratum < - sys_floor || hisstratum >= sys_ceiling) { + if ( hisleap == LEAP_NOTINSYNC + || hisstratum < sys_floor + || hisstratum >= sys_ceiling) { sys_declined++; return; /* no help */ } @@ -1018,8 +1068,8 @@ receive( * Do not respond if Autokey and the opcode is not a * CRYPTO_ASSOC response with association ID. */ - if (crypto_flags && skeyid > NTP_MAXKEY && (opcode & - 0xffff0000) != (CRYPTO_ASSOC | CRYPTO_RESP)) { + if ( crypto_flags && skeyid > NTP_MAXKEY + && (opcode & 0xffff0000) != (CRYPTO_ASSOC | CRYPTO_RESP)) { sys_declined++; return; /* protocol error */ } @@ -1133,6 +1183,24 @@ receive( sys_restricted++; return; } + /* [Bug 2941] + * If we got here, the packet isn't part of an + * existing association, it isn't correctly + * authenticated, and it didn't meet either of + * the previous two special cases so we should + * just drop it on the floor. For example, + * crypto-NAKs (is_authentic == AUTH_CRYPTO) + * will make it this far. This is just + * debug-printed and not logged to avoid log + * flooding. + */ + DPRINTF(1, ("receive: at %ld refusing to mobilize passive association" + " with unknown peer %s mode %d keyid %08x len %d auth %d\n", + current_time, stoa(&rbufp->recv_srcadr), + hismode, skeyid, (authlen + has_mac), + is_authentic)); + sys_declined++; + return; } /* @@ -1145,8 +1213,8 @@ receive( * we will spin an ephemeral association in response to * MODE_ACTIVE KoDs, which will time out eventually. */ - if (hisleap != LEAP_NOTINSYNC && (hisstratum < - sys_floor || hisstratum >= sys_ceiling)) { + if ( hisleap != LEAP_NOTINSYNC + && (hisstratum < sys_floor || hisstratum >= sys_ceiling)) { sys_declined++; return; /* no help */ } @@ -1205,9 +1273,9 @@ receive( * have a public key ID; if not, the packet must have a * symmetric key ID. */ - if (is_authentic != AUTH_CRYPTO && (((peer->flags & - FLAG_SKEY) && skeyid <= NTP_MAXKEY) || (!(peer->flags & - FLAG_SKEY) && skeyid > NTP_MAXKEY))) { + if ( is_authentic != AUTH_CRYPTO + && ( ((peer->flags & FLAG_SKEY) && skeyid <= NTP_MAXKEY) + || (!(peer->flags & FLAG_SKEY) && skeyid > NTP_MAXKEY))) { sys_badauth++; return; } @@ -1256,16 +1324,23 @@ receive( * Check for bogus packet in basic mode. If found, switch to * interleaved mode and resynchronize, but only after confirming * the packet is not bogus in symmetric interleaved mode. + * + * This could also mean somebody is forging packets claiming to + * be from us, attempting to cause our server to KoD us. */ } else if (peer->flip == 0) { if (!L_ISEQU(&p_org, &peer->aorg)) { peer->bogusorg++; peer->flash |= TEST2; /* bogus */ - if (!L_ISZERO(&peer->dst) && L_ISEQU(&p_org, - &peer->dst)) { + msyslog(LOG_INFO, + "receive: Unexpected origin timestamp from %s", + ntoa(&peer->srcadr)); + if ( !L_ISZERO(&peer->dst) + && L_ISEQU(&p_org, &peer->dst)) { peer->flip = 1; report_event(PEVNT_XLEAVE, peer, NULL); } + return; /* Bogus packet, we are done */ } else { L_CLR(&peer->aorg); } @@ -1282,11 +1357,12 @@ receive( * can happen if a packet is lost, duplicated or crossed. If * found, flip and resynchronize. */ - } else if (!L_ISZERO(&peer->dst) && !L_ISEQU(&p_org, - &peer->dst)) { + } else if ( !L_ISZERO(&peer->dst) + && !L_ISEQU(&p_org, &peer->dst)) { peer->bogusorg++; peer->flags |= FLAG_XBOGUS; peer->flash |= TEST2; /* bogus */ + return; /* Bogus packet, we are done */ } /* @@ -1321,8 +1397,8 @@ receive( report_event(PEVNT_AUTH, peer, "digest"); peer->flash |= TEST5; /* bad auth */ peer->badauth++; - if (has_mac && - (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE)) + if ( has_mac + && (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE)) fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask); if (peer->flags & FLAG_PREEMPT) { unpeer(peer); @@ -1351,11 +1427,22 @@ receive( * this maximum and advance the headway to give the sender some * headroom. Very intricate. */ + + /* + * Check for any kiss codes. Note this is only used when a server + * responds to a packet request + */ + + kissCode = kiss_code_check(hisleap, hisstratum, hismode, pkt->refid); + + /* + * Check to see if this is a RATE Kiss Code + * Currently this kiss code will accept whatever poll + * rate that the server sends + */ peer->ppoll = max(peer->minpoll, pkt->ppoll); - if (hismode == MODE_SERVER && hisleap == LEAP_NOTINSYNC && - hisstratum == STRATUM_UNSPEC && memcmp(&pkt->refid, - "RATE", 4) == 0) { - peer->selbroken++; + if (kissCode == RATEKISS) { + peer->selbroken++; /* Increment the KoD count */ report_event(PEVNT_RATE, peer, NULL); if (pkt->ppoll > peer->minpoll) peer->minpoll = peer->ppoll; @@ -1364,6 +1451,11 @@ receive( poll_update(peer, pkt->ppoll); return; /* kiss-o'-death */ } + if (kissCode != NOKISS) { + peer->selbroken++; /* Increment the KoD count */ + return; /* Drop any other kiss code packets */ + } + /* * That was hard and I am sweaty, but the packet is squeaky @@ -1455,8 +1547,8 @@ receive( int i; for (i = 0; ; i++) { - if (tkeyid == peer->pkeyid || - tkeyid == ap->key) { + if ( tkeyid == peer->pkeyid + || tkeyid == ap->key) { peer->flash &= ~TEST8; peer->pkeyid = skeyid; ap->seq -= i; @@ -1589,8 +1681,8 @@ process_packet( * Verify the server is synchronized; that is, the leap bits, * stratum and root distance are valid. */ - if (pleap == LEAP_NOTINSYNC || /* test 6 */ - pstratum < sys_floor || pstratum >= sys_ceiling) + if ( pleap == LEAP_NOTINSYNC /* test 6 */ + || pstratum < sys_floor || pstratum >= sys_ceiling) peer->flash |= TEST6; /* bad synch or strat */ if (p_del / 2 + p_disp >= MAXDISPERSE) /* test 7 */ peer->flash |= TEST7; /* bad header */ @@ -1823,8 +1915,9 @@ process_packet( * client mode when the client is fit and the autokey dance is * complete. */ - if ((FLAG_BC_VOL & peer->flags) && MODE_CLIENT == peer->hmode && - !(TEST11 & peer_unfit(peer))) { /* distance exceeded */ + if ( (FLAG_BC_VOL & peer->flags) + && MODE_CLIENT == peer->hmode + && !(TEST11 & peer_unfit(peer))) { /* distance exceeded */ #ifdef AUTOKEY if (peer->flags & FLAG_SKEY) { if (!(~peer->crypto & CRYPTO_FLAG_ALL)) @@ -1865,8 +1958,8 @@ clock_update( sys_poll = peer->maxpoll; poll_update(peer, sys_poll); sys_stratum = min(peer->stratum + 1, STRATUM_UNSPEC); - if (peer->stratum == STRATUM_REFCLOCK || - peer->stratum == STRATUM_UNSPEC) + if ( peer->stratum == STRATUM_REFCLOCK + || peer->stratum == STRATUM_UNSPEC) sys_refid = peer->refid; else sys_refid = addr2refid(&peer->srcadr); @@ -1992,12 +2085,12 @@ clock_update( * once is mostly harmless.) */ if (leapsec == LSPROX_NOWARN) { - if (leap_vote_ins > leap_vote_del + if ( leap_vote_ins > leap_vote_del && leap_vote_ins > sys_survivors / 2) { get_systime(&now); leapsec_add_dyn(TRUE, now.l_ui, NULL); } - if (leap_vote_del > leap_vote_ins + if ( leap_vote_del > leap_vote_ins && leap_vote_del > sys_survivors / 2) { get_systime(&now); leapsec_add_dyn(FALSE, now.l_ui, NULL); @@ -2320,8 +2413,8 @@ clock_filter( m = 0; for (i = 0; i < NTP_SHIFT; i++) { peer->filter_order[i] = (u_char) ord[i]; - if (dst[i] >= MAXDISPERSE || (m >= 2 && dst[i] >= - sys_maxdist)) + if ( dst[i] >= MAXDISPERSE + || (m >= 2 && dst[i] >= sys_maxdist)) continue; m++; } @@ -2367,10 +2460,11 @@ clock_filter( * than twice the host poll interval, consider the new sample * a popcorn spike and ignore it. */ - if (peer->disp < sys_maxdist && peer->filter_disp[k] < - sys_maxdist && etemp > CLOCK_SGATE * peer->jitter && - peer->filter_epoch[k] - peer->epoch < 2. * - ULOGTOD(peer->hpoll)) { + if ( peer->disp < sys_maxdist + && peer->filter_disp[k] < sys_maxdist + && etemp > CLOCK_SGATE * peer->jitter + && peer->filter_epoch[k] - peer->epoch + < 2. * ULOGTOD(peer->hpoll)) { snprintf(tbuf, sizeof(tbuf), "%.6f s", etemp); report_event(PEVNT_POPCORN, peer, tbuf); return; @@ -2547,14 +2641,14 @@ clock_select(void) if (!(peer->flags & FLAG_PREFER)) { switch (peer->refclktype) { case REFCLK_LOCALCLOCK: - if (current_time > orphwait && - typelocal == NULL) + if ( current_time > orphwait + && typelocal == NULL) typelocal = peer; continue; case REFCLK_ACTS: - if (current_time > orphwait && - typeacts == NULL) + if ( current_time > orphwait + && typeacts == NULL) typeacts = peer; continue; } @@ -2684,8 +2778,10 @@ clock_select(void) peer = peers[i].peer; h = peers[i].synch; - if ((high <= low || peer->offset + h < low || - peer->offset - h > high) && !(peer->flags & FLAG_TRUE)) + if (( high <= low + || peer->offset + h < low + || peer->offset - h > high + ) && !(peer->flags & FLAG_TRUE)) continue; #ifdef REFCLOCK @@ -2742,7 +2838,7 @@ clock_select(void) } /* - * Now, vote outlyers off the island by select jitter weighted + * Now, vote outliers off the island by select jitter weighted * by root distance. Continue voting as long as there are more * than sys_minclock survivors and the select jitter of the peer * with the worst metric is greater than the minimum peer @@ -2772,8 +2868,9 @@ clock_select(void) } } g = max(g, LOGTOD(sys_precision)); - if (nlist <= max(1, sys_minclock) || g <= d || - ((FLAG_TRUE | FLAG_PREFER) & peers[k].peer->flags)) + if ( nlist <= max(1, sys_minclock) + || g <= d + || ((FLAG_TRUE | FLAG_PREFER) & peers[k].peer->flags)) break; DPRINTF(3, ("select: drop %s seljit %.6f jit %.6f\n", @@ -2898,10 +2995,12 @@ clock_select(void) * if there is a prefer peer or there are no survivors and none * are required. */ - if (typepps != NULL && fabs(sys_offset) < 0.4 && - (typepps->refclktype != REFCLK_ATOM_PPS || - (typepps->refclktype == REFCLK_ATOM_PPS && (sys_prefer != - NULL || (typesystem == NULL && sys_minsane == 0))))) { + if ( typepps != NULL + && fabs(sys_offset) < 0.4 + && ( typepps->refclktype != REFCLK_ATOM_PPS + || ( typepps->refclktype == REFCLK_ATOM_PPS + && ( sys_prefer != NULL + || (typesystem == NULL && sys_minsane == 0))))) { typesystem = typepps; sys_clockhop = 0; typesystem->new_status = CTL_PST_SEL_PPS; @@ -3240,16 +3339,16 @@ peer_xmit( * autokey sequence, the autokey exchange is * used to retrieve the autokey values. */ - else if (sys_leap != LEAP_NOTINSYNC && - peer->leap != LEAP_NOTINSYNC && - !(peer->crypto & CRYPTO_FLAG_COOK)) + else if ( sys_leap != LEAP_NOTINSYNC + && peer->leap != LEAP_NOTINSYNC + && !(peer->crypto & CRYPTO_FLAG_COOK)) exten = crypto_args(peer, CRYPTO_COOK, peer->associd, NULL); else if (!(peer->crypto & CRYPTO_FLAG_AUTO)) exten = crypto_args(peer, CRYPTO_AUTO, peer->associd, NULL); - else if (peer->flags & FLAG_ASSOC && - peer->crypto & CRYPTO_FLAG_SIGN) + else if ( peer->flags & FLAG_ASSOC + && peer->crypto & CRYPTO_FLAG_SIGN) exten = crypto_args(peer, CRYPTO_AUTO | CRYPTO_RESP, peer->assoc, NULL); @@ -3693,7 +3792,7 @@ pool_xmit( pool->hostname)); else msyslog(LOG_ERR, - "unable to start pool DNS %s %m", + "unable to start pool DNS %s: %m", pool->hostname); return; } @@ -3883,8 +3982,9 @@ peer_unfit( * synchronized, (2) the server stratum is below the floor or * greater than or equal to the ceiling. */ - if (peer->leap == LEAP_NOTINSYNC || peer->stratum < sys_floor || - peer->stratum >= sys_ceiling) + if ( peer->leap == LEAP_NOTINSYNC + || peer->stratum < sys_floor + || peer->stratum >= sys_ceiling) rval |= TEST10; /* bad synch or stratum */ /* @@ -3892,8 +3992,9 @@ peer_unfit( * distance is greater than or equal to the distance threshold * plus the increment due to one host poll interval. */ - if (!(peer->flags & FLAG_REFCLOCK) && root_distance(peer) >= - sys_maxdist + clock_phi * ULOGTOD(peer->hpoll)) + if ( !(peer->flags & FLAG_REFCLOCK) + && root_distance(peer) >= sys_maxdist + + clock_phi * ULOGTOD(peer->hpoll)) rval |= TEST11; /* distance exceeded */ /* |