[ntp:bk-ntp-dev-send] BitKeeper patch

Harlan Stenn stenn at whimsy.udel.edu
Wed Jul 20 00:27:38 UTC 2005


This BitKeeper patch contains the following changesets:
stenn at whimsy.udel.edu|ChangeSet|20050720002529|41341
stenn at whimsy.udel.edu|ChangeSet|20050720001343|47019

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# ID:	stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
# User:	stenn
# Host:	whimsy.udel.edu
# Root:	/deacon/backroom/ntp-dev

#
#--- 1.179/ntpd/ntp_proto.c	2004-05-04 01:57:24 -04:00
#+++ 1.226/ntpd/ntp_proto.c	2005-07-19 20:25:24 -04:00
#@@ -25,6 +25,13 @@
# #endif
# 
# /*
#+ * This macro defines the authentication state. If x is 1 authentication
#+ * is required; othewise it is optional.
#+ */
#+#define	AUTH(x, y)	((x) ? (y) == AUTH_OK : (y) == AUTH_OK || \
#+			    (y) == AUTH_NONE)
#+
#+/*
#  * System variables are declared here. See Section 3.2 of the
#  * specification.
#  */
#@@ -41,7 +48,6 @@
# struct	peer *sys_prefer;	/* our cherished peer */
# int	sys_kod;		/* kod credit */
# int	sys_kod_rate = 2;	/* max kod packets per second */
#-u_long	sys_clocktime;		/* last system clock update */
# #ifdef OPENSSL
# u_long	sys_automax;		/* maximum session key lifetime */
# #endif /* OPENSSL */
#@@ -56,8 +62,11 @@
# l_fp	sys_authdelay;		/* authentication delay */
# static	u_long sys_authdly[2];	/* authentication delay shift reg */
# static	u_char leap_consensus;	/* consensus of survivor leap bits */
#-static	double sys_selerr;	/* select jitter (s) */
#+static	double sys_mindist = MINDISTANCE; /* selection threshold (s) */
#+static	double sys_maxdist = MAXDISTANCE; /* selection ceiling (s) */
# double	sys_jitter;		/* system jitter (s) */
#+static	int sys_hopper;		/* anticlockhop counter */
#+static	int sys_maxhop = MAXHOP; /* anticlockhop counter threshold */
# keyid_t	sys_private;		/* private value for session seed */
# int	sys_manycastserver;	/* respond to manycast client pkts */
# int	peer_ntpdate;		/* active peers in ntpdate mode */
#@@ -69,8 +78,8 @@
# /*
#  * TOS and multicast mapping stuff
#  */
#-int	sys_floor = 1;		/* cluster stratum floor */
#-int	sys_ceiling = STRATUM_UNSPEC; /* cluster stratum ceiling*/
#+int	sys_floor = 0;		/* cluster stratum floor */
#+int	sys_ceiling = STRATUM_UNSPEC; /* cluster stratum ceiling */
# int	sys_minsane = 1;	/* minimum candidates */
# int	sys_minclock = NTP_MINCLOCK; /* minimum survivors */
# int	sys_cohort = 0;		/* cohort switch */
#@@ -92,12 +101,13 @@
# u_long	sys_limitrejected;	/* rate exceeded */
# 
# static	double	root_distance	P((struct peer *));
#-static	double	clock_combine	P((struct peer **, int));
#+static	void	clock_combine	P((struct peer **, int));
# static	void	peer_xmit	P((struct peer *));
#-static	void	fast_xmit	P((struct recvbuf *, int, keyid_t, int));
#+static	void	fast_xmit	P((struct recvbuf *, int, keyid_t,
#+				    int));
# static	void	clock_update	P((void));
#-int	default_get_precision	P((void));
#-static	int	peer_unfit	P((struct peer *));
#+static	int	default_get_precision	P((void));
#+
# 
# /*
#  * transmit - Transmit Procedure. See Section 3.4.2 of the
#@@ -116,158 +126,133 @@
# 	 * server modes) and those that do (all other modes). The dance
# 	 * is intricate...
# 	 */
#+	/*
#+	 * In broadcast mode the poll interval is never changed from
#+	 * minpoll.
#+	 */
# 	hpoll = peer->hpoll;
# 	if (peer->cast_flags & (MDF_BCAST | MDF_MCAST)) {
#-
#-		/*
#-		 * In broadcast mode the poll interval is never changed
#-		 * from minpoll.
#-		 */
# 		peer->outdate = current_time;
#+		if (sys_peer != NULL)
#+			peer_xmit(peer);
#+		poll_update(peer, hpoll);
#+		return;
#+	}
# 
#-	} else if (peer->cast_flags & MDF_ACAST) {
#-
#-		/*
#-		 * In manycast mode we start with the minpoll interval
#-		 * and unity ttl. The ttl is increased by one for each
#-		 * poll until either enough servers have been found or
#-		 * the maximum ttl is reached. About once per day when
#-		 * the agreement parameters are refreshed, the manycast
#-		 * clients are reset and we start from the beginning.
#-		 * This is to catch and clamp the ttl to the lowest
#-		 * practical value and avoid knocking on spurious doors.
#-		 */
#+	/*
#+	 * In manycast mode we start with the minpoll interval and unity
#+	 * ttl. The ttl is increased by one for each poll until either
#+	 * enough servers have been found or the maximum ttl is reached.
#+	 * About once per day when the agreement parameters are
#+	 * refreshed, the manycast clients are reset and we start from
#+	 * the beginning. This is to catch and clamp the ttl to the
#+	 * lowest practical value and avoid knocking on spurious doors.
#+	 */
#+	if (peer->cast_flags & MDF_ACAST) {
# 		peer->outdate = current_time;
# 		if (sys_survivors < sys_minclock && peer->ttl <
# 		    sys_ttlmax)
# 			peer->ttl++;
#-	} else {
#-		if (peer->burst == 0) {
#-			u_char oreach;
#+		peer_xmit(peer);
#+		poll_update(peer, hpoll);
#+		return;
#+	}
# 
#-			oreach = peer->reach;
#-			peer->outdate = current_time;
#-			peer->reach <<= 1;
#-			peer->hyst *= HYST_TC;
#-			if (!peer->reach) {
#+	/*
#+	 * In unicast modes the dance is much more intricate. It is
#+	 * desigmed to back off whenever possible to minimize network
#+	 * traffic.
#+	 */
#+	if (peer->burst == 0) {
#+		u_char oreach;
#+
#+		if (peer == sys_peer)
#+			sys_hopper++;
#+		oreach = peer->reach;
#+		peer->outdate = current_time;
#+		peer->reach <<= 1;
#+		if (!peer->reach) {
# 
#-				/*
#-				 * If this association has become
#-				 * unreachable, clear it and raise a
#-				 * trap.
#-				 */
#-				if (oreach != 0) {
#-					report_event(EVNT_UNREACH,
#-					    peer);
#-					peer->timereachable =
#-					    current_time;
#-					if (peer->flags & FLAG_CONFIG) {
#-						peer_clear(peer,
#-						    "INIT");
#-					} else {
#-						unpeer(peer);
#-						return;
#-					}
#+			/*
#+			 * If this association was reachable but now
#+			 * unreachable, raise a trap. If ephemeral, dump
#+			 * it right away.
#+			 */
#+			if (oreach) {
#+				report_event(EVNT_UNREACH, peer);
#+				if (!(peer->flags & FLAG_CONFIG)) {
#+					unpeer(peer);
#+					return;
# 				}
#+				peer->timereachable = current_time;
#+			}
# 
#-				/*
#-				 * If a configured association has been
#-				 * unreachable for a long time, double
#-				 * it at each poll and send a single
#-				 * packet instead of a burst. If not
#-				 * configured, off it. If it flashes
#-				 * authentic error, mark it
#-				 * cryptographically dead.
#-				 */
#-				if (peer->unreach < NTP_UNREACH) {
#-					peer->unreach++;
#-					if (peer->flags & FLAG_IBURST &&
#-					    !(peer->flash & TEST5))
#-						peer->burst = NTP_BURST;
#-				} else if (!(peer->flags &
#-				    FLAG_CONFIG)) {
#+			/*
#+			 * We send an initial burst only once after a
#+			 * server becomes unreachable. After the unreach
#+			 * counter trips, we send a single packet and
#+			 * double the poll interval if persistent or
#+			 * dump the association if ephemeral. Here it
#+			 * can be ephemeral only if the server has never
#+			 * been reachable.
#+			 */
#+			if (peer->flags & FLAG_IBURST &&
#+			    peer->unreach == 0) {
#+				peer->burst = NTP_BURST;
#+			} else if (peer->unreach > NTP_UNREACH) {
#+				if (!(peer->flags & FLAG_CONFIG)) {
# 					unpeer(peer);
# 					return;
#-
#-				} else if (peer->flash & TEST5) {
#-					peer_clear(peer, "CRYPTO");
#-					peer->flash += TEST4;
#-				} else {
#-					if (hpoll < peer->maxpoll)
#-						hpoll++;
#-				}
#-			} else {
#-				/*
#-				 * Here the peer is reachable. If it has
#-				 * not been heard for three consecutive
#-				 * polls, stuff infinity in the clock
#-				 * filter. Next, determine the poll
#-				 * interval. If the peer is unfit for
#-				 * synchronization, increase it by one;
#-				 * else, use the system poll interval,
#-				 * but clamp it within bounds for this
#-				 * peer. 
#-				 */
#-				peer->unreach = 0;
#-				if (!(peer->reach & 0x07))
#-					clock_filter(peer, 0., 0.,
#-					    MAXDISPERSE);
#-				if (peer_unfit(peer)) {
#-					if (hpoll < peer->maxpoll)
#-						hpoll++;
#-				} else {
#-					hpoll = sys_poll;
#-					if (hpoll > peer->maxpoll)
#-						hpoll = peer->maxpoll;
#-					else if (hpoll < peer->minpoll)
#-						hpoll = peer->minpoll;
#-					if (peer->flags & FLAG_BURST)
#-						peer->burst = NTP_BURST;
#-				}
#+				} 
#+				hpoll++;
# 			}
#+			peer->unreach++;
# 		} else {
# 
# 			/*
#-			 * Call-gap control. If we are restrained, each
#-			 * burst consists of only one packet.
#+			 * Here the peer is reachable. If it has not
#+			 * been heard for three consecutive polls, stuff
#+			 * infinity in the clock filter dispersion.
#+			 * Next, set the host poll interval to the
#+			 * system poll interval. Send a burst only if
#+			 * enabled and the peer is fit.
# 			 */
#-			if (memcmp(&peer->refid, "RSTR", 4) == 0)
#-				peer->burst = 0;
#-			else
#-				peer->burst--;
#-			if (peer->burst == 0) {
#+			peer->unreach = 0;
#+			if (!(peer->reach & 0x07))
#+				clock_filter(peer, 0., 0., MAXDISPERSE);
#+			hpoll = sys_poll;
#+			if (peer->flags & FLAG_BURST &&
#+			    !peer_unfit(peer))
#+				peer->burst = NTP_BURST;
#+		}
#+	} else {
#+		peer->burst--;
# 
#-				/*
#-				 * If a broadcast client at this point,
#-				 * the burst has concluded, so we switch
#-				 * to client mode and purge the keylist,
#-				 * since no further transmissions will
#-				 * be made.
#-				 */
#-				if (peer->cast_flags & MDF_BCLNT) {
#-					peer->hmode = MODE_BCLIENT;
#+		/*
#+		 * If a broadcast client at this point, the burst has
#+		 * concluded, so we switch to client mode and purge the
#+		 * keylist, since no further transmissions will be made.
#+		 */
#+		if (peer->burst == 0) {
#+			if (peer->cast_flags & MDF_BCLNT) {
#+				peer->hmode = MODE_BCLIENT;
# #ifdef OPENSSL
#-					key_expire(peer);
#+				key_expire(peer);
# #endif /* OPENSSL */
#-				}
#+			}
# 
#-				/*
#-				 * If ntpdate mode and the clock has not
#-				 * been set and all peers have completed
#-				 * the burst, we declare a successful
#-				 * failure.
#-				 */
#-				if (mode_ntpdate) {
#-					peer_ntpdate--;
#-					if (peer_ntpdate == 0) {
#-						msyslog(LOG_NOTICE,
#-						    "no reply; clock not set");
#-						exit (0);
#-					}
#+			/*
#+			 * If ntpdate mode and the clock has not been
#+			 * set and all peers have completed the burst,
#+			 * we declare a successful failure.
#+			 */
#+			if (mode_ntpdate) {
#+				peer_ntpdate--;
#+				if (peer_ntpdate == 0) {
#+					msyslog(LOG_NOTICE,
#+					    "no reply; clock not set");
#+					exit (0);
# 				}
#-				clock_select();
#-				poll_update(peer, hpoll);
#-				return;
# 			}
# 		}
# 	}
#@@ -275,34 +260,12 @@
# 	/*
# 	 * Do not transmit if in broadcast client mode. 
# 	 */
#-	if (peer->hmode == MODE_BCLIENT) {
#-		poll_update(peer, hpoll);
#-		return;
#-
#-	/*
#-	 * Do not transmit in broadcast mode unless we are synchronized.
#-	 */
#-	} else if (peer->hmode == MODE_BROADCAST && sys_peer == NULL) {
#-		poll_update(peer, hpoll);
#-		return;
#-	}
#-
#-	/*
#-	 * Do not transmit if in access-deny or crypto jail. Clamp the
#-	 * poll to minimum if a get out of jail free card shows up.
#-	 */
#-	if (peer->flash & TEST4) {
#-		if (!(peer->flags & FLAG_CONFIG)) {
#-			unpeer(peer);
#-			return;
#-		}
#-		poll_update(peer, peer->minpoll);
#-	} else {
#+	if (peer->hmode != MODE_BCLIENT)
# 		peer_xmit(peer);
#-		poll_update(peer, hpoll);
#-	}
#+	poll_update(peer, hpoll);
# }
# 
#+
# /*
#  * receive - Receive Procedure.  See section 3.4.3 in the specification.
#  */
#@@ -313,15 +276,18 @@
# {
# 	register struct peer *peer;	/* peer structure pointer */
# 	register struct pkt *pkt;	/* receive packet pointer */
#+	int	hisversion;		/* packet version */
# 	int	hismode;		/* packet mode */
#+	int	hisstratum;		/* packet stratum */
# 	int	restrict_mask;		/* restrict bits */
# 	int	has_mac;		/* length of MAC field */
# 	int	authlen;		/* offset of MAC field */
#-	int	is_authentic;		/* cryptosum ok */
#+	int	is_authentic = 0;	/* cryptosum ok */
# 	keyid_t	skeyid = 0;		/* key ID */
# 	struct sockaddr_storage *dstadr_sin; /* active runway */
# 	struct peer *peer2;		/* aux peer structure pointer */
#-	l_fp	p_org;			/* originate timestamp */
#+	l_fp	p_org;			/* origin timestamp */
#+	l_fp	p_rec;			/* receive timestamp */
# 	l_fp	p_xmt;			/* transmit timestamp */
# #ifdef OPENSSL
# 	keyid_t tkeyid = 0;		/* temporary key ID */
#@@ -354,16 +320,19 @@
# 	restrict_mask = restrictions(&rbufp->recv_srcadr);
# #ifdef DEBUG
# 	if (debug > 1)
#-		printf("receive: at %ld %s<-%s restrict %03x\n",
#+		printf("receive: at %ld %s<-%s flags %x restrict %03x\n",
# 		    current_time, stoa(&rbufp->dstadr->sin),
#-		    stoa(&rbufp->recv_srcadr), restrict_mask);
#+		    stoa(&rbufp->recv_srcadr),
#+		    rbufp->dstadr->flags, restrict_mask);
# #endif
# 	if (restrict_mask & RES_IGNORE) {
# 		sys_restricted++;
#-		return;				/* no anything */
#+		return;				/* ignore everything */
# 	}
# 	pkt = &rbufp->recv_pkt;
#+	hisversion = PKT_VERSION(pkt->li_vn_mode);
# 	hismode = (int)PKT_MODE(pkt->li_vn_mode);
#+	hisstratum = PKT_TO_STRATUM(pkt->stratum);
# 	if (hismode == MODE_PRIVATE) {
# 		if (restrict_mask & RES_NOQUERY) {
# 			sys_restricted++;
#@@ -394,10 +363,10 @@
# 	 * Version check must be after the query packets, since they
# 	 * intentionally use early version.
# 	 */
#-	if (PKT_VERSION(pkt->li_vn_mode) == NTP_VERSION) {
#+	if (hisversion == NTP_VERSION) {
# 		sys_newversionpkt++;		/* new version */
#-	} else if (!(restrict_mask & RES_VERSION) &&
#-	    PKT_VERSION(pkt->li_vn_mode) >= NTP_OLDVERSION) {
#+	} else if (!(restrict_mask & RES_VERSION) && hisversion >=
#+	    NTP_OLDVERSION) {
# 		sys_oldversionpkt++;		/* previous version */
# 	} else {
# 		sys_unknownversion++;
#@@ -411,7 +380,7 @@
# 	 * would interpret as client mode.
# 	 */
# 	if (hismode == MODE_UNSPEC) {
#-		if (PKT_VERSION(pkt->li_vn_mode) == NTP_OLDVERSION) {
#+		if (hisversion == NTP_OLDVERSION) {
# 			hismode = MODE_CLIENT;
# 		} else {
# 			sys_badlength++;
#@@ -420,35 +389,15 @@
# 	}
# 
# 	/*
#-	 * Discard broadcast if not enabled as broadcast client. If
#-	 * Autokey, the wildcard interface cannot be used, so dump
#-	 * packets gettiing off the bus at that stop as well. This means
#-	 * that some systems with broken interface code, specifically
#-	 * Linux, will not work with Autokey.
#-	 */
#-	if (hismode == MODE_BROADCAST) {
#-		if (!sys_bclient || restrict_mask & RES_NOPEER) {
#-			sys_restricted++;
#-			return;			/* no client */
#-		}
#-#ifdef OPENSSL
#-		if (crypto_flags && rbufp->dstadr == any_interface) {
#-			sys_restricted++;
#-			return;			/* no client */
#-		}
#-#endif /* OPENSSL */
#-	}
#-
#-	/*
# 	 * Parse the extension field if present. We figure out whether
# 	 * an extension field is present by measuring the MAC size. If
#-	 * the number of words following the packet header is 0 or 1, no
#-	 * MAC is present and the packet is not authenticated. If 1, the
#-	 * packet is a reply to a previous request that failed to
#-	 * authenticate. If 3, the packet is authenticated with DES; if
#-	 * 5, the packet is authenticated with MD5. If greater than 5,
#-	 * an extension field is present. If 2 or 4, the packet is a
#-	 * runt and goes poof! with a brilliant flash.
#+	 * the number of words following the packet header is 0, no MAC
#+	 * is present and the packet is not authenticated. If 1, the
#+	 * packet is a crypto-NAK; if 3, the packet is authenticated
#+	 * with DES; if 5, the packet is authenticated with MD5. If 2 or
#+	 * 4, the packet is a runt and discarded forthwith. If greater
#+	 * than 5, an extension field is present, so we subtract the
#+	 * length of the field and go around again.
# 	 */
# 	authlen = LEN_PKT_NOMAC;
# 	has_mac = rbufp->recv_length - authlen;
#@@ -498,21 +447,58 @@
# 	 * address used to construct the autokey is the unicast address
# 	 * of the interface. However, if the sender is a broadcaster,
# 	 * the interface broadcast address is used instead.
#-	 * Notwithstanding this technobabble, if the sender is a
#+	 & Notwithstanding this technobabble, if the sender is a
# 	 * multicaster, the broadcast address is null, so we use the
# 	 * unicast address anyway. Don't ask.
# 	 */
# 	peer = findpeer(&rbufp->recv_srcadr, rbufp->dstadr, rbufp->fd,
#-	    hismode, &retcode);
#-	is_authentic = 0;
#+	    hisversion, hismode, &retcode);
# 	dstadr_sin = &rbufp->dstadr->sin;
#+	NTOHL_FP(&pkt->org, &p_org);
#+	NTOHL_FP(&pkt->rec, &p_rec);
#+	NTOHL_FP(&pkt->xmt, &p_xmt);
#+
#+	/*
#+	 * Authentication is conditioned by three switches:
#+	 *
#+	 * NOPEER  (RES_NOPEER) do not mobilize an association unless
#+	 *         authenticated
#+	 * NOTRUST (RES_DONTTRUST) do not allow access unless
#+	 *         authenticated (implies NOPEER)
#+	 * enable  (sys_authenticate) master NOPEER switch, by default
#+	 *         on
#+	 *
#+	 * The NOPEER and NOTRUST can be specified on a per-client basis
#+	 * using the restrict command. The enable switch if on implies
#+	 * NOPEER for all clients. There are four outcomes:
#+	 *
#+	 * NONE    The packet has no MAC.
#+	 * OK      the packet has a MAC and authentication succeeds
#+	 * ERROR   the packet has a MAC and authentication fails
#+	 * CRYPTO  crypto-NAK. The MAC has four octets only.
#+	 *
#+	 * Note: The AUTH(x, y) macro is used to filter outcomes. If x
#+	 * is zero, acceptable outcomes of y are NONE and OK. If x is
#+	 * one, the only acceptable outcome of y is OK.
#+	 */
# 	if (has_mac == 0) {
#+		is_authentic = AUTH_NONE; /* not required */
# #ifdef DEBUG
# 		if (debug)
#-			printf("receive: at %ld %s<-%s mode %d code %d\n",
#-			    current_time, stoa(&rbufp->dstadr->sin),
#-			    stoa(&rbufp->recv_srcadr), hismode,
#-			    retcode);
#+			printf("receive: at %ld %s<-%s mode %d code %d auth %d\n",
#+			    current_time, stoa(dstadr_sin),
#+			    stoa(&rbufp->recv_srcadr), hismode, retcode,
#+			    is_authentic);
#+#endif
#+	} else if (has_mac == 4) {
#+			is_authentic = AUTH_CRYPTO; /* crypto-NAK */
#+#ifdef DEBUG
#+		if (debug)
#+			printf(
#+			    "receive: at %ld %s<-%s mode %d code %d keyid %08x len %d mac %d auth %d\n",
#+			    current_time, stoa(dstadr_sin),
#+			    stoa(&rbufp->recv_srcadr), hismode, retcode,
#+			    skeyid, authlen, has_mac, is_authentic);
# #endif
# 	} else {
# #ifdef OPENSSL
#@@ -555,8 +541,14 @@
# 				 * broadcast address when available;
# 				 * otherwise, use the unicast address
# 				 * found when the association was
#-				 * mobilized.
#+				 * mobilized. However, if this is from
#+				 * the wildcard interface, game over.
# 				 */
#+				if (crypto_flags && rbufp->dstadr ==
#+				    any_interface) {
#+					sys_restricted++;
#+					return;	     /* no wildcard */
#+				}
# 				pkeyid = 0;
# 				if (!SOCKNUL(&rbufp->dstadr->bcast))
# 					dstadr_sin =
#@@ -595,15 +587,15 @@
# 		 * Compute the cryptosum. Note a clogging attack may
# 		 * succeed in bloating the key cache. If an autokey,
# 		 * purge it immediately, since we won't be needing it
#-		 * again. If the packet is authentic, it may mobilize an
#-		 * association.
#+		 * again. If the packet is authentic, it can mobilize an
#+		 * association. Note that there is no key zero.
# 		 */
#-		if (authdecrypt(skeyid, (u_int32 *)pkt, authlen,
#+		if (!authdecrypt(skeyid, (u_int32 *)pkt, authlen,
# 		    has_mac)) {
#-			is_authentic = 1;
#-			restrict_mask &= ~RES_DONTTRUST;
#-		} else {
#+			is_authentic = AUTH_ERROR;
# 			sys_badauth++;
#+		} else {
#+			is_authentic = AUTH_OK;
# 		}
# #ifdef OPENSSL
# 		if (skeyid > NTP_MAXKEY)
#@@ -615,103 +607,112 @@
# 			    "receive: at %ld %s<-%s mode %d code %d keyid %08x len %d mac %d auth %d\n",
# 			    current_time, stoa(dstadr_sin),
# 			    stoa(&rbufp->recv_srcadr), hismode, retcode,
#-			    skeyid, authlen, has_mac,
#-			    is_authentic);
#+			    skeyid, authlen, has_mac, is_authentic);
# #endif
# 	}
# 
# 	/*
# 	 * The association matching rules are implemented by a set of
#-	 * routines and a table in ntp_peer.c. A packet matching an
#-	 * association is processed by that association. If not and
#-	 * certain conditions prevail, then an ephemeral association is
#-	 * mobilized: a broadcast packet mobilizes a broadcast client
#+	 * routines and an association table. A packet matching an
#+	 * association is processed by the peer process for that
#+	 * association. If there are no errors, an ephemeral association
#+	 * is mobilized: a broadcast packet mobilizes a broadcast client
# 	 * aassociation; a manycast server packet mobilizes a manycast
# 	 * client association; a symmetric active packet mobilizes a
#-	 * symmetric passive association. And, the adventure
#-	 * continues...
#+	 * symmetric passive association.
# 	 */
# 	switch (retcode) {
#+
#+	/*
#+	 * This is a client mode packet not matching any association. If
#+	 * an ordinary client, simply toss a server mode packet back
#+	 * over the fence. If a manycast client, we have to work a
#+	 * little harder.
#+	 */
# 	case AM_FXMIT:
# 
# 		/*
#-		 * This is a client mode packet not matching a known
#-		 * association. If from a manycast client we run a few
#-		 * sanity checks before deciding to send a unicast
#-		 * server response. Otherwise, it must be a client
#-		 * request, so send a server response and go home.
#+		 * The vanilla case is when this is not a multicast
#+		 * interface. If authentication succeeds, return a
#+		 * server mode packet; if not and the key ID is nonzero,
#+		 * return a crypto-NAK.
#+		 */
#+		if (!(rbufp->dstadr->flags & INT_MCASTOPEN)) {
#+			if (AUTH(restrict_mask & RES_DONTTRUST,
#+			   is_authentic))
#+				fast_xmit(rbufp, MODE_SERVER, skeyid,
#+				    restrict_mask);
#+			else if (is_authentic == AUTH_ERROR)
#+				fast_xmit(rbufp, MODE_SERVER, 0,
#+				    restrict_mask);
#+			return;			/* hooray */
#+		}
#+
#+		/*
#+		 * This must be manycast. Do not respond if not
#+		 * configured as a manycast server.
# 		 */
#-		if (rbufp->dstadr->flags & INT_MULTICAST) {
#+		if (hismode == MODE_CLIENT && !sys_manycastserver) {
#+			sys_restricted++;
#+			return;			/* not enabled */
#+		}
# 
#-			/*
#-			 * Do not respond to multicast if not configured
#-			 * as a manycast server.
#-			 */
#-			if (hismode == MODE_CLIENT &&
#-			    !sys_manycastserver)
#-				return;
#+		/*
#+		 * Do not respond if the stratum is below the floor or
#+		 * at or above the ceiling.
#+		 */
#+		if (hisstratum < sys_floor || hisstratum >= sys_ceiling)
#+			return;
# 
#-			/*
#-			 * There is no reason to respond to a request if
#-			 * our time is worse than the manycaster or it
#-			 * has already synchronized to us.
#-			 */
#-			if (sys_peer == NULL ||
#-			    PKT_TO_STRATUM(pkt->stratum) <
#-			    sys_stratum || (sys_cohort &&
#-			    PKT_TO_STRATUM(pkt->stratum) ==
#-			    sys_stratum) || rbufp->dstadr->addr_refid ==
#-			    pkt->refid)
#-				return;		/* manycast dropped */
#-		}
#+		/*
#+		 * Do not respond if our time is worse than the
#+		 * manycaster or it has already synchronized to us.
#+		 */
#+		if (sys_peer == NULL || hisstratum < sys_stratum ||
#+		    (sys_cohort && hisstratum) == sys_stratum ||
#+		    rbufp->dstadr->addr_refid == pkt->refid)
#+			return;			/* no help */
# 
# 		/*
#-		 * Note that we don't require an authentication check
#-		 * here, since we can't set the system clock; but, we do
#-		 * send a crypto-NAK to tell the caller about this.
#+		 * Respond only if authentication succeeds. Don't do a
#+		 * crypto-NAK, as that would not be useful.
# 		 */
#-		if (has_mac && !is_authentic)
#-			fast_xmit(rbufp, MODE_SERVER, 0, restrict_mask);
#-		else
#+		if (AUTH(restrict_mask & RES_DONTTRUST, is_authentic))
# 			fast_xmit(rbufp, MODE_SERVER, skeyid,
# 			    restrict_mask);
#-		return;
# 
#+		return;				/* hooray */
#+
#+	/*
#+	 * This is a server mode packet returned in response to a client
#+	 * mode packet sent to a multicast group address. The origin
#+	 * timestamp is a good nonce to reliably associate the reply
#+	 * with what was sent. If there is no match, that's curious and
#+	 * could be an intruder attempting to clog, so we just ignore
#+	 * it.
#+	 *
#+	 * If the packet is authentic and the manycast association is
#+	 * found, we mobilize a client association and copy pertinent
#+	 * variables from the manycast association to the new client
#+	 * association. If not, just ignore the packet.
#+	 *
#+	 * There is an implosion hazard at the manycast client, since
#+	 * the manycast servers send the server packet immediately. If
#+	 * the guy is already here, don't fire up a duplicate.
#+	 */
# 	case AM_MANYCAST:
#+		if (!AUTH(sys_authenticate | (restrict_mask &
#+		    (RES_NOPEER | RES_DONTTRUST)), is_authentic))
#+			return;			/* bad auth */
# 
#-		/*
#-		 * This is a server mode packet returned in response to
#-		 * a client mode packet sent to a multicast group
#-		 * address. The originate timestamp is a good nonce to
#-		 * reliably associate the reply with what was sent. If
#-		 * there is no match, that's curious and could be an
#-		 * intruder attempting to clog, so we just ignore it.
#-		 *
#-		 * First, make sure the packet is authentic and not
#-		 * restricted. If so and the manycast association is
#-		 * found, we mobilize a client association and copy
#-		 * pertinent variables from the manycast association to
#-		 * the new client association.
#-		 *
#-		 * There is an implosion hazard at the manycast client,
#-		 * since the manycast servers send the server packet
#-		 * immediately. If the guy is already here, don't fire
#-		 * up a duplicate.
#-		 */
#-		if (restrict_mask & RES_DONTTRUST) {
#+		if ((peer2 = findmanycastpeer(rbufp)) == NULL) {
# 			sys_restricted++;
#-			return;			/* no trust */
#+			return;			/* not enabled */
# 		}
#-		if (sys_authenticate && !is_authentic)
#-			return;			/* bad auth */
#-
#-		if ((peer2 = findmanycastpeer(rbufp)) == NULL)
#-			return;			/* no assoc match */
#-
#-		if ((peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
#-		    MODE_CLIENT, PKT_VERSION(pkt->li_vn_mode),
#-		    NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_IBURST, MDF_UCAST |
#-		    MDF_ACLNT, 0, skeyid)) == NULL)
#+		if ((peer = newpeer(&rbufp->recv_srcadr,
#+		    rbufp->dstadr, MODE_CLIENT,
#+		    hisversion, NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_IBURST,
#+		    MDF_UCAST | MDF_ACLNT, 0, skeyid)) == NULL)
# 			return;			/* system error */
# 
# 		/*
#@@ -720,270 +721,217 @@
# 		peer->ttl = peer2->ttl;
# 		break;
# 
#-	case AM_NEWPASS:
#+	/*
#+	 * This is the first packet received from a broadcast server. If
#+	 * the packet is authentic and we are enabled as broadcast
#+	 * client, mobilize a broadcast client association. We don't
#+	 * kiss any frogs here.
#+	 */
#+	case AM_NEWBCL:
#+		if (!AUTH(sys_authenticate | (restrict_mask &
#+		    (RES_NOPEER | RES_DONTTRUST)), is_authentic))
#+			return;			/* bad auth */
# 
# 		/*
#-		 * This is the first packet received from a symmetric
#-		 * active peer. First, make sure it is authentic and not
#-		 * restricted. If so, mobilize a passive association.
#-		 * If authentication fails send a crypto-NAK; otherwise,
#-		 * kiss the frog.
#+		 * Do not respond if the stratum is below the floor or
#+		 * at or above the ceiling.
# 		 */
#-		if (restrict_mask & RES_DONTTRUST) {
#-			sys_restricted++;
#-			return;			/* no trust */
#-		}
#-		if (sys_authenticate && !is_authentic) {
#-			fast_xmit(rbufp, MODE_PASSIVE, 0,
#-			    restrict_mask);
#-			return;			/* bad auth */
#-		}
#-		if ((peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
#-		    MODE_PASSIVE, PKT_VERSION(pkt->li_vn_mode),
#-		    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_UCAST, 0,
#-		    skeyid)) == NULL)
#-			return;			/* system error */
#-
#-		break;
#+		if (hisstratum < sys_floor || hisstratum >= sys_ceiling)
#+			return;
# 
#-	case AM_NEWBCL:
#+		switch (sys_bclient) {
# 
# 		/*
#-		 * This is the first packet received from a broadcast
#-		 * server. First, make sure it is authentic and not
#-		 * restricted and that we are a broadcast client. If so,
#-		 * mobilize a broadcast client association. We don't
#-		 * kiss any frogs here.
#+		 * If not enabled, just skedaddle.
# 		 */
#-		if (restrict_mask & RES_DONTTRUST) {
#+		case 0:
# 			sys_restricted++;
#-			return;			/* no trust */
#-		}
#-		if (sys_authenticate && !is_authentic)
#-			return;			/* bad auth */
#-
#-		if (sys_bclient == 0)
#-			return;			/* not a client */
#+			return;			/* not enabled */
# 
#-		if (sys_bclient == 1)
#-			peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
#-			    MODE_CLIENT, PKT_VERSION(pkt->li_vn_mode),
#+		/*
#+		 * Execute the initial volley in order to calibrate the
#+		 * propagation delay and run the Autokey protocol, if
#+		 * enabled.
#+		 */
#+		case 1:
#+			if ((peer = newpeer(&rbufp->recv_srcadr,
#+			    rbufp->dstadr, MODE_CLIENT, hisversion,
# 			    NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_MCAST |
#-			    FLAG_IBURST, MDF_BCLNT, 0, skeyid);
#-		else
#-			peer = newpeer(&rbufp->recv_srcadr, rbufp->dstadr,
#-			    MODE_BCLIENT, PKT_VERSION(pkt->li_vn_mode),
#-			    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_BCLNT, 0,
#-			    skeyid);
#-		if (peer == NULL)
#-			return;			/* system error */
#+			    FLAG_IBURST, MDF_BCLNT, 0, skeyid)) == NULL)
#+				return;		/* system error */
# #ifdef OPENSSL
#-		/*
#-		 * Danger looms. If this is autokey, go process the
#-		 * extension fields. If something goes wrong, abandon
#-		 * ship and don't trust subsequent packets.
#-		 */
#-		if (crypto_flags) {
#-			if ((rval = crypto_recv(peer, rbufp)) !=
#-			    XEVNT_OK) {
#-				struct sockaddr_storage mskadr_sin;
#+			if (skeyid <= NTP_MAXKEY)
#+				return;
# 
#-				unpeer(peer);
#-				sys_restricted++;
#-				SET_HOSTMASK(&mskadr_sin,
#-				    rbufp->recv_srcadr.ss_family);
#-				hack_restrict(RESTRICT_FLAGS,
#-				    &rbufp->recv_srcadr, &mskadr_sin,
#-				    0, RES_DONTTRUST | RES_TIMEOUT);
#-#ifdef DEBUG
#-				if (debug)
#-					printf(
#-					    "packet: bad exten %x\n",
#-					    rval);
#-#endif
#-			}
#-		}
#-#endif /* OPENSSL */
#-		return;
#+			if (crypto_recv(peer, rbufp) == XEVNT_OK)
#+				return;
# 
#-	case AM_POSSBCL:
#+			peer_clear(peer, "CRYP");
#+			unpeer(peer);
#+#endif /* OPENSSL */
#+			return;
# 
#-		/*
#-		 * This is a broadcast packet received in client mode.
#-		 * It could happen if the initial client/server volley
#-		 * is not complete before the next broadcast packet is
#-		 * received. Be liberal in what we accept.
#-		 */ 
#-	case AM_PROCPKT:
# 
# 		/*
#-		 * This is a symmetric mode packet received in symmetric
#-		 * mode, a server packet received in client mode or a
#-		 * broadcast packet received in broadcast client mode.
#-		 * If it is restricted, this is very strange because it
#-		 * is rude to send a packet to a restricted address. If
#-		 * anyway, flash a restrain kiss and skedaddle to
#-		 * Seattle. If not authentic, leave a light on and
#-		 * continue.
#+		 * Do not execute the initial volley.
# 		 */
#-		if (restrict_mask & RES_DONTTRUST) {
#-			sys_restricted++;
#-			if (peer->flags & FLAG_CONFIG)
#-				peer_clear(peer, "RSTR");
#-			else
#-				unpeer(peer);
#-			return;			/* no trust */
#+		case 2:
#+#ifdef OPENSSL
#+			/*
#+			 * If a two-way exchange is not possible,
#+			 * neither is Autokey.
#+			 */
#+			if (skeyid <= NTP_MAXKEY) {
#+				msyslog(LOG_INFO,
#+				    "receive: broadcast requires two-way communication");
#+				return;		/* no autokey */
#+			}
#+#endif /* OPENSSL */
#+			if ((peer = newpeer(&rbufp->recv_srcadr,
#+			    rbufp->dstadr, MODE_BCLIENT, hisversion,
#+			    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_BCLNT, 0,
#+			    skeyid)) == NULL)
#+				return;		/* system error */
# 		}
# 		break;
# 
#-	default:
#+	/*
#+	 * This is the first packet received from a symmetric active
#+	 * peer. If the packet is authentic and the first he sent,
#+	 * mobilize a passive association. If not, kiss the frog.
#+	 */
#+	case AM_NEWPASS:
#+
#+		/*
#+		 * If the inbound packet is correctly authenticated and
#+		 * enabled, a symmetric passive association is
#+		 * mobilized. If not but correctly authenticated, a
#+		 * symmetric active response is sent. If authentication
#+		 * fails, send a crypto-NAK packet. 
#+		 */
#+		if (!AUTH(restrict_mask & RES_DONTTRUST, is_authentic))
#+		    {
#+			if (is_authentic == AUTH_ERROR)
#+				fast_xmit(rbufp, MODE_ACTIVE, 0,
#+				    restrict_mask);
#+			return;			/* bad auth */
#+		}
#+		if (!AUTH(sys_authenticate | (restrict_mask &
#+		    RES_NOPEER), is_authentic)) {
#+			fast_xmit(rbufp, MODE_ACTIVE, skeyid,
#+			    restrict_mask);
#+			return;			/* hooray */
#+		}
# 
# 		/*
#-		 * Invalid mode combination. This happens when a passive
#-		 * mode packet arrives and matches another passive
#-		 * association or no association at all, or when a
#-		 * server mode packet arrives and matches a broadcast
#-		 * client association. This is usually the result of
#-		 * reconfiguring a client on-fly. If authenticated
#-		 * passive mode packet, send a crypto-NAK; otherwise,
#-		 * ignore it.
#+		 * Do not respond if the stratum is below the floor or
#+		 * at or above the ceiling.
# 		 */
#-		if (has_mac && hismode == MODE_PASSIVE)
#-			fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask);
#-#ifdef DEBUG
#-		if (debug)
#-			printf("receive: bad protocol %d\n", retcode);
#-#endif
#-		return;
#-	}
#+		if (hisstratum < sys_floor || hisstratum >= sys_ceiling)
#+			return;
#+
#+		if ((peer = newpeer(&rbufp->recv_srcadr,
#+		    rbufp->dstadr, MODE_PASSIVE, hisversion,
#+		    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_UCAST, 0,
#+		    skeyid)) == NULL)
#+			return;			/* system error */
#+
#+		break;
# 
# 	/*
#-	 * We do a little homework. Note we can get here with an
#-	 * authentication error. We need to do this in order to validate
#-	 * a crypto-NAK later. Note the order of processing; it is very
#-	 * important to avoid livelocks, deadlocks and lockpicks.
#+	 * Process regular packet. Nothing special.
# 	 */
#-	peer->received++;
#-	peer->timereceived = current_time;
#-	peer->flash = 0;
#-	peer->flags &= ~FLAG_AUTHENTIC;
#-	if (has_mac) {
#-		if (is_authentic)
#-			peer->flags |= FLAG_AUTHENTIC;
#-		else if (sys_authenticate)
#-			peer->flash |= TEST5;	/* bad auth */
#-	}
#-	NTOHL_FP(&pkt->org, &p_org);
#-	NTOHL_FP(&pkt->xmt, &p_xmt);
#+	case AM_PROCPKT:
#+		break;
# 
# 	/*
#-	 * If the packet is an old duplicate, drop it.
#+	 * A passive packet matches a passive association. This is
#+	 * usually the result of reconfiguring a client on the fly. The
#+	 * association must be ephemeral, so just kill it.
# 	 */
#-	if (L_ISEQU(&peer->org, &p_xmt)) {	/* test 1 */
#-		peer->flash |= TEST1;		/* dupe */
#+	case AM_ERR:
#+		unpeer(peer);
# 		/* fall through */
# 
# 	/*
#-	 * For broadcast server mode, loopback checking is disabled. An
#-	 * authentication error probably means the server restarted or
#-	 * rolled a new private value. If so, dump the association
#-	 * and wait for the next message.
#+	 * For everything else there is the bit bucket.
# 	 */
#-	} else if (hismode == MODE_BROADCAST) {
#-		if (peer->flash & TEST5) {
#-			unpeer(peer);
#-			return;
#-		}
#-		/* fall through */
#+	default:
#+		return;
#+	}
#+	peer->flash = 0;
# 
# 	/*
#-	 * For server and symmetric modes, if the association transmit
#-	 * timestamp matches the packet originate timestamp, loopback is
#-	 * confirmed. Note in symmetric modes this also happens when the
#-	 * first packet from the active peer arrives at the newly
#-	 * mobilized passive peer. An authentication error probably
#-	 * means the server or peer restarted or rolled a new private
#-	 * value, but could be an intruder trying to stir up trouble.
#-	 * However, if this is a crypto-NAK, we know it is authentic. If
#-	 * the server is reachable, restart the protocol; if not, ignore
#-	 * it and wait for timeout.
#-	 */
#-	} else if (L_ISEQU(&peer->xmt, &p_org)) {
#-		if (peer->flash & TEST5) {
#-			if (has_mac == 4 && pkt->exten[0] == 0 &&
#-				peer->reach) {
#-				if (peer->flags & FLAG_CONFIG) {
#-					peer_clear(peer, "AUTH");
#-				} else {
#-					unpeer(peer);
#-				}
#-			}
#-			return;
#-		}
#-		/* fall through */
#+	 * Next comes a rigorous schedule of timestamp checking. If the
#+	 * transmit timestamp is zero, the server is horribly broken.
#+	 */
#+	if (L_ISZERO(&p_xmt))
#+		return;				/* read rfc1305 */
# 
# 	/*
#-	 * If the client or passive peer has never transmitted anything,
#-	 * this is either the first message from a symmetric peer or
#-	 * possibly a duplicate received before the transmit timeout.
#-	 * Pass it on.
#+	 * If the transmit timestamp duplicates a previous one, the
#+	 * packet is a replay. This prevents the bad guys from replaying
#+	 * the most recent packet, authenticated or not.
# 	 */
#-	} else if (L_ISZERO(&peer->xmt)) {
#-		/* fall through */
#+	if (L_ISEQU(&peer->org, &p_xmt)) {
#+		peer->flash |= TEST1;
#+		peer->oldpkt++;
#+		return;				/* dupe */
#+	}
# 
# 	/*
#-	 * Now it gets interesting. We have transmitted at least one
#-	 * packet. If the packet originate timestamp is nonzero, it
#-	 * does not match the association transmit timestamp, which is a
#-	 * loopback error. This error might mean a manycast server has
#-	 * answered a manycast honk from us and we already have an
#-	 * association for him, in which case quietly drop the packet
#-	 * here. It might mean an old duplicate, dropped packet or
#-	 * intruder replay, in which case we drop it later after
#-	 * extension field processing, but never let it touch the time
#-	 * values.
#-	 */
#-	} else if (!L_ISZERO(&p_org)) {
#-		if (peer->cast_flags & MDF_ACLNT)
#-			return;			/* not a client */
#-
#-		peer->flash |= TEST2;
#-		/* fall through */
#+	 * If this is a broadcast mode packet, skip further checking.
#+	 */
#+	if (hismode != MODE_BROADCAST) {
#+		if (L_ISZERO(&p_org))
#+			peer->flash |= TEST3;	/* unsynch */
#+		else if (!L_ISEQU(&p_org, &peer->xmt))
#+			peer->flash |= TEST2;	/* bogus */
#+	}
# 
# 	/*
#-	 * The packet originate timestamp is zero, meaning the other guy
#-	 * either didn't receive the first packet or died and restarted.
#-	 * If the association originate timestamp is zero, this is the
#-	 * first packet received, so we pass it on.
#+	 * Update the origin and destination timestamps. If
#+	 * unsynchronized or bogus abandon ship.
# 	 */
#-	} else if (L_ISZERO(&peer->org)) {
#-		/* fall through */
#+	peer->org = p_xmt;
#+	peer->rec = rbufp->recv_time;
#+	if (peer->flash)
#+		return;				/* unsynch */
# 
# 	/*
#-	 * The other guy has restarted and we are still on the wire. We
#-	 * should demobilize/clear and get out of Dodge. If this is
#-	 * symmetric mode, we should also send a crypto-NAK.
#+	 * The timestamps are valid and the receive packet matches the
#+	 * last one sent. If the packet is a crypto-NAK, the server
#+	 * might have just changed keys. We demobilize the association
#+	 * and wait for better times.
# 	 */
#-	} else {
#-		if (hismode == MODE_ACTIVE)
#-			fast_xmit(rbufp, MODE_PASSIVE, 0,
#-			    restrict_mask);
#-		else if (hismode == MODE_PASSIVE)
#-			fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask);
#-#if DEBUG
#-		if (debug)
#-			printf("receive: dropped %03x\n", peer->flash);
#-#endif
#-		if (peer->flags & FLAG_CONFIG)
#-			peer_clear(peer, "DROP");
#-		else
#+	if (is_authentic == AUTH_CRYPTO) {
#+		peer_clear(peer, "AUTH");
#+		if (!(peer->flags & FLAG_CONFIG))
# 			unpeer(peer);
#-		return;
#-	}
#-	if (peer->flash & ~TEST2) {
#-		return;
#+		return;				/* crypto-NAK */
#+
#+	/* 
#+	 * If the association is authenticated, the key ID is nonzero
#+	 * and received packets must be authenticated. This is designed
#+	 * to avoid a bait-and-switch attack, which was possible in past
#+	 * versions.
#+	 */
#+	} else if (!AUTH(peer->keyid || (restrict_mask & RES_DONTTRUST),
#+	    is_authentic)) {
#+		peer->flash |= TEST5;
#+		return;				/* bad auth */
# 	}
# 
#+	/*
#+	 * That was hard and I am sweaty, but the packet is squeaky
#+	 * clean. Get on with real work.
#+	 */
#+	peer->received++;
#+	peer->timereceived = current_time;
#+	if (is_authentic == AUTH_OK)
#+		peer->flags |= FLAG_AUTHENTIC;
#+	else
#+		peer->flags &= ~FLAG_AUTHENTIC;
# #ifdef OPENSSL
# 	/*
# 	 * More autokey dance. The rules of the cha-cha are as follows:
#@@ -1006,17 +954,22 @@
# 	 *    match, sit the dance and wait for timeout.
# 	 *
# 	 * In case of crypto error, fire the orchestra and stop dancing.
#+	 * This is considered a permanant error, so go directly to jail.
# 	 */
# 	if (crypto_flags && (peer->flags & FLAG_SKEY)) {
#-		peer->flash |= TEST10;
#+		peer->flash |= TEST8;
# 		rval = crypto_recv(peer, rbufp);
# 		if (rval != XEVNT_OK) {
# 			peer_clear(peer, "CRYP");
#-			peer->flash |= TEST4;	/* crypto error */
#+			peer->flash |= TEST9;	/* crypto error */
#+			if (!(peer->flags & FLAG_CONFIG)) {
#+				unpeer(peer);
#+				return;
#+			}
# 		} else if (hismode == MODE_SERVER) {
# 			if (skeyid == peer->keyid)
#-				peer->flash &= ~TEST10;
#-		} else if (!peer->flash & TEST10) {
#+				peer->flash &= ~TEST8;
#+		} else if (!peer->flash & TEST8) {
# 			peer->pkeyid = skeyid;
# 		} else if ((ap = (struct autokey *)peer->recval.ptr) !=
# 		    NULL) {
#@@ -1025,7 +978,7 @@
# 			for (i = 0; ; i++) {
# 				if (tkeyid == peer->pkeyid ||
# 				    tkeyid == ap->key) {
#-					peer->flash &= ~TEST10;
#+					peer->flash &= ~TEST8;
# 					peer->pkeyid = skeyid;
# 					break;
# 				}
#@@ -1036,8 +989,8 @@
# 				    tkeyid, pkeyid, 0);
# 			}
# 		}
#-		if (!(peer->crypto & CRYPTO_FLAG_PROV)) /* test 11 */
#-			peer->flash |= TEST11;	/* not proventic */
#+		if (!(peer->crypto & CRYPTO_FLAG_PROV)) /* test 9 */
#+			peer->flash |= TEST8;	/* not proventic */
# 
# 		/*
# 		 * If the transmit queue is nonempty, clamp the host
#@@ -1055,7 +1008,7 @@
# 	 * the packet over the fence for processing, which may light up
# 	 * more flashers.
# 	 */
#-	process_packet(peer, pkt, &rbufp->recv_time);
#+	process_packet(peer, pkt);
# 
# 	/*
# 	 * Well, that was nice. If TEST4 is lit, either the crypto
#@@ -1063,7 +1016,7 @@
# 	 * which is fatal.
# 	 */
# 	if (peer->flash & TEST4) {
#-		msyslog(LOG_INFO, "receive: fatal error %03x for %s",
#+		msyslog(LOG_INFO, "receive: fatal error %04x for %s",
# 		    peer->flash, stoa(&peer->srcadr));
# 		if (!(peer->flags & FLAG_CONFIG))
# 			unpeer(peer);
#@@ -1072,19 +1025,18 @@
# 
# #ifdef OPENSSL
# 	/*
#-	 * If TEST10 is lit, the autokey sequence has broken, which
#+	 * If TEST8 is lit, the autokey sequence has broken, which
# 	 * probably means the server has refreshed its private value.
# 	 * Not to worry, reset and wait for the next time.
# 	 */
#-	if (peer->flash & TEST10 && peer->crypto & CRYPTO_FLAG_AUTO) {
#+	if (peer->flash & TEST8 && peer->crypto & CRYPTO_FLAG_AUTO) {
# #ifdef DEBUG
# 		if (debug)
# 			printf(
#-			    "receive: bad auto %03x\n", peer->flash);
#+			    "receive: flash auto %04x\n", peer->flash);
# #endif
#-		if (peer->flags & FLAG_CONFIG)
#-			peer_clear(peer, "AUTO");
#-		else
#+		peer_clear(peer, "AUTO");
#+		if (!(peer->flags & FLAG_CONFIG))
# 			unpeer(peer);
# 	}
# #endif /* OPENSSL */
#@@ -1100,23 +1052,15 @@
# void
# process_packet(
# 	register struct peer *peer,
#-	register struct pkt *pkt,
#-	l_fp	*recv_ts
#+	register struct pkt *pkt
# 	)
# {
# 	double	t34, t21;
# 	double	p_offset, p_del, p_disp;
#-	double	dtemp;
# 	l_fp	p_rec, p_xmt, p_org, p_reftime;
# 	l_fp	ci;
# 	u_char	pmode, pleap, pstratum;
# 
#-	/*
#-	 * Swap header fields and keep the books. The books amount to
#-	 * the receive timestamp and poll interval in the header. We
#-	 * need these even if there are other problems in order to crank
#-	 * up the state machine.
#-	 */
# 	sys_processed++;
# 	peer->processed++;
# 	p_del = FPTOD(NTOHS_FP(pkt->rootdelay));
#@@ -1133,98 +1077,69 @@
# 	pstratum = PKT_TO_STRATUM(pkt->stratum);
# 
# 	/*
#-	 * Test for kiss-o'death packet (DENY or CRYP)
#+	 * Test for kiss-o'death packet)
# 	 */
# 	if (pleap == LEAP_NOTINSYNC && pstratum == STRATUM_UNSPEC) {
# 		if (memcmp(&pkt->refid, "DENY", 4) == 0) {
# 			peer_clear(peer, "DENY");
# 			peer->flash |= TEST4;	/* access deny */
#-		} else if (memcmp(&pkt->refid, "CRYP", 4) == 0) {
#-			peer_clear(peer, "CRYP");
#-			peer->flash |= TEST4;	/* crypto error */
#+			if (!(peer->flags & FLAG_CONFIG)) {
#+				unpeer(peer);
#+				return;
#+			}
# 		}
# 	}
# 
# 	/*
#-	 * Test for unsynchronized server.
#-	 */
#-	if (L_ISHIS(&peer->org, &p_xmt))	/* count old packets */
#-		peer->oldpkt++;
#-	if (pmode != MODE_BROADCAST && (L_ISZERO(&p_rec) ||
#-	    L_ISZERO(&p_org)))			/* test 3 */
#-		peer->flash |= TEST3;		/* unsynch */
#-	if (L_ISZERO(&p_xmt))			/* test 3 */
#-		peer->flash |= TEST3;		/* unsynch */
#-
#-	/*
#-	 * If any tests fail, the packet is discarded leaving only the
#-	 * timestamps, which are enough to get the protocol started. The
#-	 * originate timestamp is copied from the packet transmit
#-	 * timestamp and the receive timestamp is copied from the
#-	 * packet receive timestamp. If okay so far, we save the leap,
#-	 * stratum and refid for billboards.
#-	 */
#-	peer->org = p_xmt;
#-	peer->rec = *recv_ts;
#-	if (peer->flash) {
#-#ifdef DEBUG
#-		if (debug)
#-			printf("packet: bad data %03x from %s\n",
#-			    peer->flash, stoa(&peer->srcadr));
#-#endif
#-		return;
#-	}
#-	peer->leap = pleap;
#-	peer->stratum = pstratum;
#-	peer->refid = pkt->refid;		/* network byte order */
#-
#-	/*
#-	 * Test for valid peer data (tests 6-8)
#+	 * Verify the server is synchronized; that is, the leap bits and
#+	 * stratum are valid, the root delay and root dispersion are
#+	 * valid and the reference timestamp is not later than the
#+	 * transmit timestamp.
# 	 */
# 	ci = p_xmt;
# 	L_SUB(&ci, &p_reftime);
#-	LFPTOD(&ci, dtemp);
# 	if (pleap == LEAP_NOTINSYNC ||		/* test 6 */
#-	    pstratum >= STRATUM_UNSPEC || dtemp < 0)
#-		peer->flash |= TEST6;		/* bad synch */
#-	if (!(peer->flags & FLAG_CONFIG) && sys_peer != NULL) { /* test 7 */
#-		if (pstratum > sys_stratum && pmode != MODE_ACTIVE)
#-			peer->flash |= TEST7;	/* bad stratum */
#-	}
#-	if (p_del < 0 || p_disp < 0 || p_del /	/* test 8 */
#+	    pstratum >= STRATUM_UNSPEC || L_ISNEG(&ci))
#+		peer->flash |= TEST6;		/* peer not synch */
#+	if (p_del < 0 || p_disp < 0 || p_del /	/* test 7 */
# 	    2 + p_disp >= MAXDISPERSE)
#-		peer->flash |= TEST8;		/* bad peer values */
#+		peer->flash |= TEST7;		/* invalid distance */
# 
# 	/*
# 	 * If any tests fail at this point, the packet is discarded.
#+	 * Note that some flashers may have already been set in the
#+	 * receive() routine.
# 	 */
# 	if (peer->flash) {
# #ifdef DEBUG
# 		if (debug)
#-			printf("packet: bad header %03x\n",
#+			printf("packet: flash header %04x\n",
# 			    peer->flash);
# #endif
# 		return;
# 	}
# 
# 	/*
#-	 * The header is valid. Capture the remaining header values and
#-	 * mark as reachable.
#+	 * The protocol and server are verified. Capture the remaining
#+	 * header values and mark as reachable.
# 	 */
# 	record_raw_stats(&peer->srcadr, &peer->dstadr->sin, &p_org,
# 	    &p_rec, &p_xmt, &peer->rec);
#+	peer->leap = pleap;
#+	peer->stratum = pstratum;
# 	peer->pmode = pmode;
# 	peer->ppoll = pkt->ppoll;
# 	peer->precision = pkt->precision;
# 	peer->rootdelay = p_del;
# 	peer->rootdispersion = p_disp;
#+	peer->refid = pkt->refid;		/* network byte order */
# 	peer->reftime = p_reftime;
# 	if (!(peer->reach)) {
# 		report_event(EVNT_REACH, peer);
# 		peer->timereachable = current_time;
# 	}
#-	peer->reach |= 1;
# 	poll_update(peer, peer->hpoll);
#+	peer->reach |= 1;
# 
# 	/*
# 	 * For a client/server association, calculate the clock offset,
#@@ -1234,7 +1149,7 @@
# 	 * computed delay during the client/server volley. Note that
# 	 * org has been set to the time of last reception. Note the
# 	 * computation of dispersion includes the system precision plus
#-	 * that due to the frequency error since the originate time.
#+	 * that due to the frequency error since the origin time.
# 	 *
# 	 * It is very important to respect the hazards of overflow. The
# 	 * only permitted operation on raw timestamps is subtraction,
#@@ -1260,9 +1175,6 @@
# 	LFPTOD(&ci, t21);
# 	ci = peer->rec;			/* t4 - t1 */
# 	L_SUB(&ci, &p_org);
#-	LFPTOD(&ci, p_disp);
#-	p_disp = LOGTOD(sys_precision) + LOGTOD(peer->precision) +
#-	    clock_phi * p_disp;
# 
# 	/*
# 	 * If running in a broadcast association, the clock offset is
#@@ -1280,18 +1192,19 @@
# 			if (peer->hmode == MODE_CLIENT)
# 				return;
# 
#-			peer->flags &= ~FLAG_MCAST;
#+			peer->flags &= ~(FLAG_MCAST | FLAG_BURST);
# 		}
# 		p_offset += peer->estbdelay;
# 		p_del = peer->delay;
#+		p_disp = 0;
# 	} else {
# 		p_offset = (t21 + t34) / 2.;
# 		p_del = t21 - t34;
#+		LFPTOD(&ci, p_disp);
#+		p_disp = LOGTOD(sys_precision) +
#+		    LOGTOD(peer->precision) + clock_phi * p_disp;
# 	}
# 	p_del = max(p_del, LOGTOD(sys_precision));
#-	if ((peer->rootdelay + p_del) / 2. + peer->rootdispersion +
#-	    p_disp >= MAXDISPERSE)		/* test 9 */
#-		peer->flash |= TEST9;		/* bad root distance */
# 
# 	/*
# 	 * If any flasher bits remain set at this point, abandon ship.
#@@ -1300,7 +1213,7 @@
# 	if (peer->flash) {
# #ifdef DEBUG
# 		if (debug)
#-			printf("packet: bad packet data %03x\n",
#+			printf("packet: flash data %04x\n",
# 			    peer->flash);
# #endif
# 		return;
#@@ -1330,14 +1243,10 @@
# 		sys_poll = sys_peer->minpoll;
# 	if (sys_poll > sys_peer->maxpoll)
# 		sys_poll = sys_peer->maxpoll;
#-#ifdef REFCLOCK
#-	if (!(sys_peer->flags & FLAG_REFCLOCK))
#-		poll_update(sys_peer, sys_poll);
#-#endif /* REFCLOCK */
#+	poll_update(sys_peer, sys_poll);
# 	if (sys_peer->epoch <= sys_clocktime)
# 		return;
# 
#-	sys_clocktime = sys_peer->epoch;
# #ifdef DEBUG
# 	if (debug)
# 		printf("clock_update: at %ld assoc %d \n", current_time,
#@@ -1353,16 +1262,15 @@
# 	case -1:
# 		report_event(EVNT_SYSFAULT, NULL);
# 		exit (-1);
#-		/*NOTREACHED*/
#+		/* not reached */
# 
# 	/*
# 	 * Clock was stepped. Flush all time values of all peers.
# 	 */
# 	case 2:
# 		clear_all();
#-		sys_peer = NULL;
# 		sys_stratum = STRATUM_UNSPEC;
#-			memcpy(&sys_refid, "STEP", 4);
#+		memcpy(&sys_refid, "STEP", 4);
# 		sys_poll = NTP_MINPOLL;
# 		report_event(EVNT_CLOCKRESET, NULL);
# #ifdef OPENSSL
#@@ -1385,15 +1293,15 @@
# 		sys_reftime = sys_peer->rec;
# 		sys_rootdelay = sys_peer->rootdelay + sys_peer->delay;
# 		dtemp = sys_peer->disp + clock_phi * (current_time -
#-		    sys_peer->epoch) + sys_peer->jitter +
#+		    sys_peer->epoch) + sys_jitter +
# 		    fabs(sys_peer->offset);
# #ifdef REFCLOCK
# 		if (!(sys_peer->flags & FLAG_REFCLOCK) && dtemp <
#-		    MINDISPERSE)
#-			dtemp = MINDISPERSE;
#+		    sys_mindist)
#+			dtemp = sys_mindist;
# #else
#-		if (dtemp < MINDISPERSE)
#-			dtemp = MINDISPERSE;
#+		if (dtemp < sys_mindist)
#+			dtemp = sys_mindist;
# #endif /* REFCLOCK */
# 		sys_rootdispersion = sys_peer->rootdispersion + dtemp;
# 		sys_leap = leap_consensus;
#@@ -1428,19 +1336,57 @@
# 	int	hpoll;
# 
# 	/*
#-	 * This routine figures out when the next poll should set, and
#-	 * that turns out to be wickedly complicated. The big problem is
#+	 * This routine figures out when the next poll should be sent.
#+	 * That turns out to be wickedly complicated. The big problem is
# 	 * that sometimes the time for the next poll is in the past.
# 	 * Watch out for races here between the receive process and the
#-	 * poll process. The key assertion is that, if nextdate ==
#+	 * poll process. The key assertion is that, if nextdate equals
# 	 * current_time, the call is from the poll process; otherwise,
# 	 * it is from the receive process.
#+	 *
#+	 * First, bracket the poll interval according to the type of
#+	 * association and options. If a fixed interval is configured,
#+	 * use minpoll. This primarily is for reference clocks, but
#+	 * works for any association.
#+	 */
#+	if (peer->flags & FLAG_FIXPOLL) {
#+		hpoll = peer->minpoll;
#+
#+	/*
#+	 * A manycast server beacons at minpoll until a sufficient
#+	 * number of servers have been found or the ttl has topped out,
#+	 * then beacons at maxpoll.
#+	 */
#+	} else if (peer->cast_flags & MDF_ACAST) {
#+		if (sys_survivors >= sys_minclock || peer->ttl >=
#+		    sys_ttlmax)
#+			hpoll = peer->maxpoll;
#+		else
#+			hpoll = peer->minpoll;
#+
#+	/*
#+	 * The ordinary case; clamp the poll interval between minpoll
#+	 * and maxpoll.
#+	 */
#+	} else {
#+		hpoll = max(min(peer->maxpoll, mpoll), peer->minpoll);
#+	}
#+#ifdef OPENSSL
#+	/*
#+	 * Bit of crass arrogance at this point. If the poll interval
#+	 * has changed and we have a keylist, the lifetimes in the
#+	 * keylist are probably bogus. In this case purge the keylist
#+	 * and regenerate it later.
# 	 */
#-	hpoll = mpoll;
#+	if (hpoll != peer->hpoll)
#+		key_expire(peer);
#+#endif /* OPENSSL */
#+	peer->hpoll = hpoll;
# 
# 	/*
#-	 * If during the crypto protocol and a message is pending, make
#-	 * it wait no more than two seconds.
#+	 * Now we figure out if there is an override. If during the
#+	 * crypto protocol and a message is pending, make it wait not
#+	 * more than two seconds.
# 	 */
# #ifdef OPENSSL
# 	if (peer->cmmd != NULL && (sys_leap != LEAP_NOTINSYNC ||
#@@ -1470,33 +1416,14 @@
# 		else
# 			peer->nextdate += BURST_DELAY;
# 	/*
#-	 * A manycast server beacons at the minimum poll interval times
#-	 * the ttl until a sufficient number of servers have been found,
#-	 * then beacons at the maximum poll interval.
#-	 */
#-	} else if (peer->cast_flags & MDF_ACAST) {
#-		if (sys_survivors >= sys_minclock || peer->ttl >=
#-		    sys_ttlmax)
#-			hpoll = peer->maxpoll;
#-		else
#-			hpoll = peer->minpoll;
#-		peer->nextdate = peer->outdate + RANDPOLL(hpoll);
#-
#-	/*
#-	 * The normal case after all those pesky exceptions. Set the
#-	 * poll to the minimum of the host and peer values, but not
#-	 * below minpoll. That's max(min(ppoll, hpoll), minpoll).
#+	 * The ordinary case; use the minimum of the host and peer
#+	 * intervals, but not less than minpoll. In other words,
#+	 * oversampling is okay but understampling is evil.
# 	 */
# 	} else {
#-		if (peer->ppoll < peer->minpoll)
#-			peer->nextdate = peer->outdate +
#-			    RANDPOLL(peer->minpoll);
#-		if (peer->ppoll < hpoll)
#-			peer->nextdate = peer->outdate +
#-			    RANDPOLL(peer->ppoll);
#-		else
#-			peer->nextdate = peer->outdate +
#-			    RANDPOLL(hpoll);
#+		peer->nextdate = peer->outdate +
#+		    RANDPOLL(max(min(peer->ppoll, hpoll),
#+		    peer->minpoll));
# 	}
# 
# 	/*
#@@ -1506,17 +1433,6 @@
# 	 */
# 	if (peer->nextdate <= current_time)
# 		peer->nextdate = current_time + 1;
#-#ifdef OPENSSL
#-	/*
#-	 * Bit of crass arrogance at this point. If the poll interval
#-	 * has changed and we have a keylist, the lifetimes in the
#-	 * keylist are probably bogus. In this case purge the keylist
#-	 * and regenerate it later.
#-	 */
#-	if (hpoll != peer->hpoll)
#-		key_expire(peer);
#-#endif /* OPENSSL */
#-	peer->hpoll = hpoll;
# #ifdef DEBUG
# 	if (debug > 1)
# 		printf("poll_update: at %lu %s flags %04x poll %d burst %d last %lu next %lu\n",
#@@ -1536,7 +1452,7 @@
# 	char	*ident			/* tally lights */
# 	)
# {
#-	u_char	oreach, i;
#+	int	i;
# 
# 	/*
# 	 * If cryptographic credentials have been acquired, toss them to
#@@ -1547,7 +1463,6 @@
# 	 * purged, too. This makes it much harder to sneak in some
# 	 * unauthenticated data in the clock filter.
# 	 */
#-	oreach = peer->reach;
# #ifdef OPENSSL
# 	key_expire(peer);
# 	if (peer->pkey != NULL)
#@@ -1562,26 +1477,31 @@
# 		BN_free(peer->iffval);
# 	if (peer->grpkey != NULL)
# 		BN_free(peer->grpkey);
#-	if (peer->cmmd != NULL)
#+	if (peer->cmmd != NULL) {
# 		free(peer->cmmd);
#+		peer->cmmd = NULL;
#+	}
# 	value_free(&peer->cookval);
# 	value_free(&peer->recval);
# 	value_free(&peer->tai_leap);
# 	value_free(&peer->encrypt);
# 	value_free(&peer->sndval);
# #endif /* OPENSSL */
#+	if (peer == sys_peer)
#+		sys_peer = NULL;
# 
# 	/*
# 	 * Wipe the association clean and initialize the nonzero values.
# 	 */
# 	memset(CLEAR_TO_ZERO(peer), 0, LEN_CLEAR_TO_ZERO);
#-	if (peer == sys_peer)
#-		sys_peer = NULL;
# 	peer->estbdelay = sys_bdelay;
#-	peer->hpoll = peer->minpoll;
# 	peer->ppoll = peer->maxpoll;
#-	peer->jitter = SQRT(MAXDISPERSE);
#-	peer->epoch = current_time;
#+	peer->disp = MAXDISPERSE;
#+	peer->jitter = LOGTOD(sys_precision);
#+	for (i = 0; i < NTP_SHIFT; i++) {
#+		peer->filter_order[i] = i;
#+		peer->filter_disp[i] = MAXDISPERSE;
#+	}
# #ifdef REFCLOCK
# 	if (!(peer->flags & FLAG_REFCLOCK)) {
# 		peer->leap = LEAP_NOTINSYNC;
#@@ -1593,30 +1513,23 @@
# 	peer->stratum = STRATUM_UNSPEC;
# 	memcpy(&peer->refid, ident, 4);
# #endif /* REFCLOCK */
#-	for (i = 0; i < NTP_SHIFT; i++) {
#-		peer->filter_order[i] = i;
#-		peer->filter_disp[i] = MAXDISPERSE;
#-		peer->filter_epoch[i] = current_time;
#-	}
# 
# 	/*
#-	 * Randomize the first poll to avoid bunching, but only if the
#-	 * rascal has never been heard. During initialization use the
#-	 * association count to spread out the polls at one-second
#-	 * intervals.
#+	 * During initialization use the association count to spread out
#+	 * the polls at one-second intervals. Othersie, randomize over
#+	 * the minimum poll interval in order to avoid broadcast
#+	 * implosion.
# 	 */
# 	peer->nextdate = peer->update = peer->outdate = current_time;
#-	if (oreach)
#-		poll_update(peer, peer->minpoll);
#-	else if (initializing)
#+	if (initializing)
# 		peer->nextdate = current_time + peer_associations;
# 	else
#-		peer->nextdate = current_time + max((u_int)RANDOM %
#-		    peer_associations, BURST_DELAY);
#+		peer->nextdate = current_time + (RANDOM & ((1 <<
#+		    NTP_MINPOLL) - 1));
# #ifdef DEBUG
# 	if (debug)
#-		printf("peer_clear: at %ld assoc ID %d refid %s\n",
#-		    current_time, peer->associd, ident);
#+		printf("peer_clear: at %ld next %ld assoc ID %d refid %s\n",
#+		    current_time, peer->nextdate, peer->associd, ident);
# #endif
# }
# 
#@@ -1651,7 +1564,8 @@
# 	peer->filter_offset[j] = sample_offset;
# 	peer->filter_delay[j] = max(0, sample_delay);
# 	peer->filter_disp[j] = sample_disp;
#-	j++; j %= NTP_SHIFT;
#+	peer->filter_epoch[j] = current_time;
#+	j = (j + 1) % NTP_SHIFT;
# 	peer->filter_nextpt = j;
# 
# 	/*
#@@ -1672,20 +1586,21 @@
# 			dst[i] = MAXDISPERSE;
# 		else if (peer->update - peer->filter_epoch[j] >
# 		    allan_xpt)
#-			dst[i] = MAXDISTANCE + peer->filter_disp[j];
#+			dst[i] = sys_maxdist + peer->filter_disp[j];
# 		else
# 			dst[i] = peer->filter_delay[j];
# 		ord[i] = j;
# 		j++; j %= NTP_SHIFT;
# 	}
#-	peer->filter_epoch[j] = current_time;
# 
#         /*
#-	 * Sort the samples in both lists by distance.
#+	 * Sort the samples in both lists by distance. Note, we do not
#+	 * displace a higher distance sample by a lower distance one
#+	 * unless lower by at least the precision.  
# 	 */
# 	for (i = 1; i < NTP_SHIFT; i++) {
# 		for (j = 0; j < i; j++) {
#-			if (dst[j] > dst[i]) {
#+			if (dst[j] > dst[i] + LOGTOD(sys_precision)) {
# 				k = ord[j];
# 				ord[j] = ord[i];
# 				ord[i] = k;
#@@ -1699,14 +1614,14 @@
# 	/*
# 	 * Copy the index list to the association structure so ntpq
# 	 * can see it later. Prune the distance list to samples less
#-	 * than MAXDISTANCE, but keep at least two valid samples for
#+	 * than max distance, but keep at least two valid samples for
# 	 * jitter calculation.
# 	 */
# 	m = 0;
# 	for (i = 0; i < NTP_SHIFT; i++) {
# 		peer->filter_order[i] = (u_char) ord[i];
# 		if (dst[i] >= MAXDISPERSE || (m >= 2 && dst[i] >=
#-		    MAXDISTANCE))
#+		    sys_maxdist))
# 			continue;
# 		m++;
# 	}
#@@ -1734,7 +1649,7 @@
# 	 * If no acceptable samples remain in the shift register,
# 	 * quietly tiptoe home leaving only the dispersion. Otherwise,
# 	 * save the offset, delay and jitter. Note the jitter must not
#-	 * be less than the system precision.
#+	 * be less than the precision.
# 	 */
# 	if (m == 0)
# 		return;
#@@ -1766,7 +1681,7 @@
# 	 * last update is less than twice the system poll interval,
# 	 * consider the update a popcorn spike and ignore it.
# 	 */
#-	if (etemp > CLOCK_SGATE * peer->jitter &&
#+	if (etemp > CLOCK_SGATE * peer->jitter && m > 1 &&
# 	    peer->filter_epoch[k] - peer->epoch < 2. *
# 	    ULOGTOD(sys_poll)) {
# #ifdef DEBUG
#@@ -1787,7 +1702,7 @@
# 		printf(
# 		    "clock_filter: n %d off %.6f del %.6f dsp %.6f jit %.6f, age %lu\n",
# 		    m, peer->offset, peer->delay, peer->disp,
#-		    peer->jitter, peer->update - peer->epoch);
#+		    peer->jitter, current_time - peer->epoch);
# #endif
# 	if (peer->burst == 0 || sys_leap == LEAP_NOTINSYNC)
# 		clock_select();
#@@ -1810,7 +1725,7 @@
# 	int	nlist, nl3;
# 
# 	int	allow, osurv;
#-	double	d, e, f;
#+	double	d, e, f, g;
# 	double	high, low;
# 	double	synch[NTP_MAXCLOCK], error[NTP_MAXCLOCK];
# 	struct peer *osys_peer;
#@@ -1833,9 +1748,9 @@
# 	osys_peer = sys_peer;
# 	sys_peer = NULL;
# 	sys_pps = NULL;
#+	sys_prefer = NULL;
# 	osurv = sys_survivors;
# 	sys_survivors = 0;
#-	sys_prefer = NULL;
# #ifdef LOCKCLOCK
# 	sys_leap = LEAP_NOTINSYNC;
# 	sys_stratum = STRATUM_UNSPEC;
#@@ -1882,9 +1797,7 @@
# 			 * Leave the island immediately if the peer is
# 			 * unfit to synchronize.
# 			 */
#-			if (peer_unfit(peer) || root_distance(peer) >=
#-			    MAXDISTANCE + 2. * clock_phi *
#-			    ULOGTOD(sys_poll))
#+			if (peer_unfit(peer))
# 				continue;
# 
# 			/*
#@@ -1933,6 +1846,7 @@
# 			for (i = nl3 - 1; i >= 0; i--) {
# 				if (e >= endpoint[indx[i]].val)
# 					break;
#+
# 				indx[i + 3] = indx[i];
# 			}
# 			indx[i + 3] = nl3;
#@@ -1943,6 +1857,7 @@
# 			for (; i >= 0; i--) {
# 				if (e >= endpoint[indx[i]].val)
# 					break;
#+
# 				indx[i + 2] = indx[i];
# 			}
# 			indx[i + 2] = nl3;
#@@ -1953,6 +1868,7 @@
# 			for (; i >= 0; i--) {
# 				if (e >= endpoint[indx[i]].val)
# 					break;
#+
# 				indx[i + 1] = indx[i];
# 			}
# 			indx[i + 1] = nl3;
#@@ -1985,7 +1901,9 @@
# 	 * correct synchronization is not possible.
# 	 *
# 	 * Here, nlist is the number of candidates and allow is the
#-	 * number of falsetickers.
#+	 * number of falsetickers. Upon exit, the truechimers are the
#+	 * susvivors with offsets not less than low and not greater than
#+	 * high. There may be none of them.
# 	 */
# 	low = 1e9;
# 	high = -1e9;
#@@ -2036,12 +1954,62 @@
# 	}
# 
# 	/*
#+	 * Clustering algorithm. Construct candidate list in order first
#+	 * by stratum then by root distance, but keep only the best
#+	 * NTP_MAXCLOCK of them. Scan the list to find falsetickers, who
#+	 * leave the island immediately. If a falseticker is not
#+	 * configured, his association raft is drowned as well, but only
#+	 * if at at least eight poll intervals have gone. We must leave
#+	 * at least one peer to collect the million bucks.
#+	 */
#+	j = 0;
#+	for (i = 0; i < nlist; i++) {
#+		peer = peer_list[i];
#+		if (nlist > 1 && (peer->offset <= low || peer->offset >=
#+		    high) && !(peer->flags & (FLAG_TRUE |
#+		    FLAG_PREFER))) {
#+			if (!(peer->flags & FLAG_CONFIG))
#+				unpeer(peer);
#+			continue;
#+		}
#+		peer->status = CTL_PST_SEL_DISTSYSPEER;
#+
#+		/*
#+		 * The order metric is formed from the stratum times
#+		 * max distance (1.) plus the root distance. It strongly
#+		 * favors the lowest stratum, but a higher stratum peer
#+		 * can capture the clock if the low stratum dominant
#+		 * hasn't been heard for awhile.
#+		 */
#+		d = root_distance(peer) + peer->stratum * sys_maxdist;
#+		if (j >= NTP_MAXCLOCK) {
#+			if (d >= synch[j - 1])
#+				continue;
#+			else
#+				j--;
#+		}
#+		for (k = j; k > 0; k--) {
#+			if (d >= synch[k - 1])
#+				break;
#+
#+			peer_list[k] = peer_list[k - 1];
#+			error[k] = error[k - 1];
#+			synch[k] = synch[k - 1];
#+		}
#+		peer_list[k] = peer;
#+		error[k] = peer->jitter;
#+		synch[k] = d;
#+		j++;
#+	}
#+	nlist = j;
#+
#+	/*
# 	 * If no survivors remain at this point, check if the local
# 	 * clock or modem drivers have been found. If so, nominate one
# 	 * of them as the only survivor. Otherwise, give up and leave
# 	 * the island to the rats.
# 	 */
#-	if (high <= low) {
#+	if (nlist == 0) {
# 		if (typeacts != 0) {
# 			typeacts->status = CTL_PST_SEL_SANE;
# 			peer_list[0] = typeacts;
#@@ -2076,63 +2044,6 @@
# 	if (nlist < sys_minsane)
# 		return;
# 
#-	/*
#-	 * Clustering algorithm. Construct candidate list in order first
#-	 * by stratum then by root distance, but keep only the best
#-	 * NTP_MAXCLOCK of them. Scan the list to find falsetickers, who
#-	 * leave the island immediately. If a falseticker is not
#-	 * configured, his association raft is drowned as well, but only
#-	 * if at at least eight poll intervals have gone. We must leave
#-	 * at least one peer to collect the million bucks.
#-	 *
#-	 * Note the hysteresis gimmick that increases the effective
#-	 * distance for those rascals that have not made the final cut.
#-	 * This is to discourage clockhopping. Note also the prejudice
#-	 * against lower stratum peers if the floor is elevated.
#-	 */
#-	j = 0;
#-	for (i = 0; i < nlist; i++) {
#-		peer = peer_list[i];
#-		if (nlist > 1 && (peer->offset <= low || peer->offset >=
#-		    high)) {
#-			if (!(peer->flags & FLAG_CONFIG))
#-				unpeer(peer);
#-			continue;
#-		}
#-		peer->status = CTL_PST_SEL_DISTSYSPEER;
#-		d = peer->stratum;
#-		if (d < sys_floor)
#-			d += sys_floor;
#-		if (d > sys_ceiling)
#-			d = STRATUM_UNSPEC;
#-		d = root_distance(peer) + d * MAXDISTANCE;
#-		d *= 1. - peer->hyst;
#-		if (j >= NTP_MAXCLOCK) {
#-			if (d >= synch[j - 1])
#-				continue;
#-			else
#-				j--;
#-		}
#-		for (k = j; k > 0; k--) {
#-			if (d >= synch[k - 1])
#-				break;
#-			peer_list[k] = peer_list[k - 1];
#-			error[k] = error[k - 1];
#-			synch[k] = synch[k - 1];
#-		}
#-		peer_list[k] = peer;
#-		error[k] = peer->jitter;
#-		synch[k] = d;
#-		j++;
#-	}
#-	nlist = j;
#-	if (nlist == 0) {
#-#ifdef DEBUG
#-		if (debug)
#-			printf("clock_select: empty intersection interval\n");
#-#endif
#-		return;
#-	}
# 	for (i = 0; i < nlist; i++) {
# 		peer_list[i]->status = CTL_PST_SEL_SELCAND;
# 
#@@ -2154,7 +2065,7 @@
# 	while (1) {
# 		d = 1e9;
# 		e = -1e9;
#-		f = 0;
#+		f = g = 0;
# 		k = 0;
# 		for (i = 0; i < nlist; i++) {
# 			if (error[i] < d)
#@@ -2167,20 +2078,20 @@
# 				f = SQRT(f / (nlist - 1));
# 			}
# 			if (f * synch[i] > e) {
#-				sys_selerr = f;
#+				g = f;
# 				e = f * synch[i];
# 				k = i;
# 			}
# 		}
# 		f = max(f, LOGTOD(sys_precision));
# 		if (nlist <= sys_minclock || f <= d ||
#-		    peer_list[k]->flags & FLAG_PREFER)
#+		    peer_list[k]->flags & FLAG_TRUE)
# 			break;
# #ifdef DEBUG
# 		if (debug > 2)
# 			printf(
# 			    "select: drop %s select %.6f jitter %.6f\n",
#-			    ntoa(&peer_list[k]->srcadr), sys_selerr, d);
#+			    ntoa(&peer_list[k]->srcadr), g, d);
# #endif
# 		if (!(peer_list[k]->flags & FLAG_CONFIG) &&
# 		    peer_list[k]->hmode == MODE_CLIENT)
#@@ -2205,41 +2116,39 @@
# 	 * stratum. Note that the head of the list is at the lowest
# 	 * stratum and that unsynchronized peers cannot survive this
# 	 * far.
#-	 *
#-	 * Fiddle for hysteresis. Pump it up for a peer only if the peer
#-	 * stratum is at least the floor and there are enough survivors.
#-	 * This minimizes the pain when tossing out rascals beneath the
#-	 * floorboard. Don't count peers with stratum above the ceiling.
#-	 * Manycast is sooo complicated.
# 	 */
# 	leap_consensus = 0;
# 	for (i = nlist - 1; i >= 0; i--) {
# 		peer = peer_list[i];
# 		leap_consensus |= peer->leap;
# 		peer->status = CTL_PST_SEL_SYNCCAND;
#-		peer->rank++;
#-		peer->flags |= FLAG_SYSPEER;
#-		if (peer->stratum >= sys_floor && osurv >= sys_minclock)
#-			peer->hyst = HYST;
#-		else
#-			peer->hyst = 0;
#-		if (peer->stratum <= sys_ceiling)
#-			sys_survivors++;
#+		sys_survivors++;
# 		if (peer->flags & FLAG_PREFER)
# 			sys_prefer = peer;
#+		if (peer == osys_peer)
#+			typesystem = peer;
# #ifdef REFCLOCK
# 		if (peer->refclktype == REFCLK_ATOM_PPS)
# 			sys_pps = peer;
# #endif /* REFCLOCK */
#+#if DEBUG
#+		if (debug > 1)
#+			printf("cluster: survivor %s metric %.6f\n",
#+			    ntoa(&peer_list[i]->srcadr), synch[i]);
#+#endif
#+	}
# 
#-		/*
#-		 * If this is the old system peer and it's stratum is
#-		 * the same as the head of the list, don't hop the
#-		 * clock.
#-		 */
#-		if (peer == osys_peer && peer->stratum ==
#-		    peer_list[0]->stratum)
#-			typesystem = peer;
#+	/*
#+	 * Anticlockhop provision. Keep the current system peer if it is
#+	 * a survivor but not first in the list. But do that only HOPPER
#+	 * times.
#+	 */
#+	if (osys_peer == NULL || typesystem == NULL || typesystem ==
#+	    peer_list[0] || sys_hopper > sys_maxhop) {
#+		typesystem = peer_list[0];
#+		sys_hopper = 0;
#+	} else {
#+		peer->selbroken++;
# 	}
# 
# 	/*
#@@ -2258,10 +2167,8 @@
# 	 * Mitigation rules of the game. There are several types of
# 	 * peers that can be selected here: (1) prefer peer (flag
# 	 * FLAG_PREFER) (2) pps peers (type REFCLK_ATOM_PPS), (3) the
#-	 * existing system peer, if any, and (4) the head of the
#-	 * survivor list. Note that only one peer can be declared
#-	 * prefer. Note that all of these must be at the lowest stratum,
#-	 * i.e., the stratum of the head of the survivor list.
#+	 * existing system peer, if any, and (3) the head of the
#+	 * survivor list.
# 	 */
# 	if (sys_prefer) {
# 
#@@ -2293,29 +2200,29 @@
# 			if (debug > 1)
# 				printf("select: prefer offset %.6f\n",
# 				    sys_offset);
#-		}
# #endif
#+		}
# 	} else {
# 
# 		/*
#-		 * If a system peer has been identified, choose it;
#-		 * otherwise choose the head of the survivor list.
#+		 * Otherwise, choose the anticlockhopper.
# 		 */ 
#-		if (typesystem)
#-			sys_peer = typesystem;
#-		else
#-			sys_peer = peer_list[0];
#+		sys_peer = typesystem;
# 		sys_peer->status = CTL_PST_SEL_SYSPEER;
#-		sys_peer->rank++;
#-		sys_offset = clock_combine(peer_list, nlist);
#+		clock_combine(peer_list, nlist);
# 		sys_jitter = SQRT(SQUARE(sys_peer->jitter) +
#-		    SQUARE(sys_selerr));
#+		    SQUARE(sys_jitter));
# #ifdef DEBUG
# 		if (debug > 1)
# 			printf("select: combine offset %.6f\n",
# 			   sys_offset);
# #endif
# 	}
#+
#+	/*
#+	 * We have found the alpha male.
#+	 */
#+	sys_peer->flags |= FLAG_SYSPEER;
# 	if (osys_peer != sys_peer) {
# 		char *src;
# 
#@@ -2334,25 +2241,28 @@
# 	clock_update();
# }
# 
#+
# /*
#  * clock_combine - combine offsets from selected peers
#  */
#-static double
#+static void
# clock_combine(
#-	struct peer **peers,
#-	int	npeers
#+	struct peer **peers,		/* survivor list */
#+	int	npeers			/* number of survivors */
# 	)
# {
# 	int	i;
#-	double	x, y, z;
#+	double	x, y, z, w;
# 
#-	y = z = 0;
#+	y = z = w = 0;
# 	for (i = 0; i < npeers; i++) {
# 		x = root_distance(peers[i]);
# 		y += 1. / x;
# 		z += peers[i]->offset / x;
#+		w += SQUARE(peers[i]->offset - peers[0]->offset) / x;
# 	}
#-	return (z / y);
#+	sys_offset = z / y;
#+	sys_jitter = SQRT(w / y);
# }
# 
# /*
#@@ -2365,8 +2275,8 @@
# {
# 	/*
# 	 * Careful squeak here. The value returned must be greater than
#-	 * zero blamed on the peer jitter, which is not be less then
#-	 * sys_precision.
#+	 * the minimum root distance in order to avoid clockhop with
#+	 * highly precise reference clocks.
# 	 */
# 	return ((peer->rootdelay + peer->delay) / 2 +
# 	    peer->rootdispersion + peer->disp + clock_phi *
#@@ -2383,12 +2293,16 @@
# {
# 	struct pkt xpkt;	/* transmit packet */
# 	int	sendlen, authlen;
#-	keyid_t	xkeyid = 0;		/* transmit key ID */
#+	keyid_t	xkeyid = 0;	/* transmit key ID */
# 	l_fp	xmt_tx;
# 
# 	/*
#-	 * Initialize the transmit packet header fields.
#+	 * If the crypto is broken, don't make it worse. Otherwise,
#+	 * initialize the header fields.
# 	 */
#+	if (peer->flash & TEST9)
#+		return;
#+
# 	xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, peer->version,
# 	    peer->hmode);
# 	xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
#@@ -2406,10 +2320,12 @@
# 	 * is authenticated and contains a MAC. If not, the transmitted
# 	 * packet is not authenticated.
# 	 *
#-	 * In the current I/O semantics the default interface is set
#-	 * until after receiving a packet and setting the right
#-	 * interface. So, the first packet goes out unauthenticated.
#-	 * That's why the really icky test next is here.
#+	 * It is most important when autokey is in use that the local
#+	 * interface IP address be known before the first packet is
#+	 * sent. Otherwise, it is not possible to compute a correct MAC
#+	 * the recipient will accept. Thus, the I/O semantics have to do
#+	 * a little more work. In particular, the wildcard interface
#+	 * might not be usable.
# 	 */
# 	sendlen = LEN_PKT_NOMAC;
# 	if (!(peer->flags & FLAG_AUTHENABLE)) {
#@@ -2653,14 +2569,16 @@
# 			if (exten->opcode != 0) {
# 				sendlen += crypto_xmit(&xpkt,
# 				    &peer->srcadr, sendlen, exten, 0);
#+				free(exten);
# 			} else {
# 				peer_clear(peer, "CRYP");
#-				peer->flash |= TEST4; /* crypto error */
#+				peer->flash |= TEST9; /* crypto error */
# 				msyslog(LOG_INFO,
# 				    "transmit: crypto error for %s",
# 				    stoa(&peer->srcadr));
#+				free(exten);
#+				return;
# 			}
#-			free(exten);
# 		}
# 
# 		/*
#@@ -2672,14 +2590,6 @@
# 			    xkeyid, 0, 2);
# 	} 
# #endif /* OPENSSL */
#-
#-	/*
#-	 * If something broke go directly to jail without sending the
#-	 * packet.
#-	 */
#-	if (peer->flash & TEST4)
#-		return;
#-
# 	xkeyid = peer->keyid;
# 	get_systime(&peer->xmt);
# 	L_ADD(&peer->xmt, &sys_authdelay);
#@@ -2687,7 +2597,7 @@
# 	authlen = authencrypt(xkeyid, (u_int32 *)&xpkt, sendlen);
# 	if (authlen == 0) {
# 		peer_clear(peer, "NKEY");
#-		peer->flash |= TEST4;		/* no key found */
#+		peer->flash |= TEST9;		/* no key found */
# 		msyslog(LOG_INFO, "transmit: key %u not found for %s",
# 		    xkeyid, stoa(&peer->srcadr));
# 		return;
#@@ -2768,23 +2678,14 @@
# 	 * go out another way.
# 	 */
# 	rpkt = &rbufp->recv_pkt;
#-	if (rbufp->dstadr->flags & INT_MULTICAST)
#+	if (rbufp->dstadr->flags & INT_MCASTOPEN)
# 		rbufp->dstadr = findinterface(&rbufp->recv_srcadr);
# 
# 	/*
# 	 * If the packet has picked up a restriction due to either
# 	 * access denied or rate exceeded, decide what to do with it.
# 	 */
#-	if (mask & (RES_DONTTRUST | RES_LIMITED)) {
#-		char	*code = "????";
#-
#-		if (mask & RES_LIMITED) {
#-			sys_limitrejected++;
#-			code = "RATE";
#-		} else if (mask & RES_DONTTRUST) {
#-			sys_restricted++;
#-			code = "DENY";
#-		}
#+	if (mask & RES_LIMITED) {
# 
# 		/*
# 		 * Here we light up a kiss-of-death (KoD) packet. KoD
#@@ -2799,7 +2700,7 @@
# 			return;
# 
# 		sys_kod--;
#-		memcpy(&xpkt.refid, code, 4);
#+		memcpy(&xpkt.refid, "RATE", 4);
# 		xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC,
# 		    PKT_VERSION(rpkt->li_vn_mode), xmode);
# 		xpkt.stratum = STRATUM_UNSPEC;
#@@ -2861,8 +2762,8 @@
# 		 */
# 		cookie = session_key(&rbufp->recv_srcadr,
# 		    &rbufp->dstadr->sin, 0, sys_private, 0);
#-		if (rbufp->recv_length >= (int)(sendlen + MAX_MAC_LEN + 2 *
#-		    sizeof(u_int32))) {
#+		if (rbufp->recv_length >= (int)(sendlen + MAX_MAC_LEN +
#+		    2 * sizeof(u_int32))) {
# 			session_key(&rbufp->dstadr->sin,
# 			    &rbufp->recv_srcadr, xkeyid, 0, 2);
# 			temp32 = CRYPTO_RESP;
#@@ -2946,23 +2847,36 @@
#  * Determine if the peer is unfit for synchronization
#  *
#  * A peer is unfit for synchronization if
#- * > not reachable
#+ * > unreachable or bad leap or noselect
#+ * > stratum below the floor or at or above the ceiling
#+ * > root distance exceeded
#  * > a synchronization loop would form
#- * > never been synchronized
#- * > stratum undefined or too high
#- * > designated noselect
#  */
#-static int			/* 0 if no, 1 if yes */
#+int				/* FALSE if fit, TRUE if unfit */
# peer_unfit(
# 	struct peer *peer	/* peer structure pointer */
# 	)
# {
#-	return (!peer->reach ||		/* unreachable */
#-	    (peer->stratum > 1 && peer->dstadr->addr_refid ==
#-	    peer->refid) ||		/* timing loop */
#-	    peer->leap == LEAP_NOTINSYNC || /* never synchronized */
#-	    peer->stratum >= STRATUM_UNSPEC || /* no source */
#-	    peer->flags & FLAG_NOSELECT); /* unselected */
#+	int	rval = 0;
#+
#+	peer->flash &= ~(TEST10 | TEST11 | TEST12 | TEST13);
#+	if (!peer->reach || peer->leap == LEAP_NOTINSYNC ||
#+	    peer->flags & FLAG_NOSELECT)
#+		rval |= TEST13;		/* unfit */
#+
#+	if (peer->stratum < sys_floor || peer->stratum >= sys_ceiling)
#+		rval |= TEST10;		/* stratum out of bounds */
#+
#+	if (root_distance(peer) >= sys_maxdist + clock_phi *
#+	    ULOGTOD(sys_poll))
#+		rval |= TEST11;		/* distance exceeded */
#+
#+	if (peer->stratum > 1 && peer->dstadr->addr_refid ==
#+	    peer->refid)
#+		rval |= TEST12;		/* synch loop */
#+
#+	peer->flash |= rval;
#+	return (rval);
# }
# 
# 
#@@ -2975,7 +2889,7 @@
# 
# /*
#  * This routine calculates the system precision, defined as the minimum
#- * of a sequency of differences between successive readings of the
#+ * of a sequence of differences between successive readings of the
#  * system clock. However, if the system clock can be read more than once
#  * during a tick interval, the difference can be zero or one LSB unit,
#  * where the LSB corresponds to one nanosecond or one microsecond.
#@@ -3157,6 +3071,7 @@
# 	case PROTO_MULTICAST_ADD:
# 		if (svalue)
# 		    io_multicast_add(*svalue);
#+		sys_bclient = 1;
# 		break;
# 
# 	/*
#@@ -3224,11 +3139,33 @@
# 		break;
# 
# 	/*
#+	 * Set the select threshold.
#+	 */
#+	case PROTO_MINDIST:
#+		sys_mindist = dvalue;
#+		break;
#+
#+	/*
#+	 * Set the select threshold.
#+	 */
#+	case PROTO_MAXDIST:
#+		sys_maxdist = dvalue;
#+		break;
#+
#+	/*
# 	 * Set the cohort switch.
# 	 */
# 	case PROTO_COHORT:
#-		sys_cohort= (int)dvalue;
#+		sys_cohort = (int)dvalue;
# 		break;
#+
#+	/*
#+	 * Set the anticlockhop threshold.
#+	 */
#+	case PROTO_MAXHOP:
#+		sys_maxhop = (int)dvalue;
#+		break;
#+
# 	/*
# 	 * Set the adjtime() resolution (s).
# 	 */
#

# Diff checksum=1b6b3e09


# Patch vers:	1.3
# Patch type:	REGULAR

== ChangeSet ==
stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
stenn at whimsy.udel.edu|ChangeSet|20050703055405|47036
D 1.1178.5.3 05/07/19 20:13:43-04:00 stenn at whimsy.udel.edu +1 -0
B stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
C
c [Bug 464] building ntp with debugging disabled fails
K 47019
P ChangeSet
------------------------------------------------

0a0
> stenn at whimsy.udel.edu|ntpd/ntp_proto.c|19990526004817|01635|3aed0663 stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20050720001220|65095

mayer at pogo.udel.edu|ChangeSet|20050703123038|41346
D 1.1388 05/07/19 20:25:29-04:00 stenn at whimsy.udel.edu +1 -0
B stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
C
c Merge whimsy.udel.edu:/backroom/ntp-stable
c into  whimsy.udel.edu:/deacon/backroom/ntp-dev
i stenn at whimsy.udel.edu|ChangeSet|20050720001343|47019
K 41341
M stenn at whimsy.udel.edu|ChangeSet|20050720001343|47019
P ChangeSet
------------------------------------------------

0a0
> stenn at whimsy.udel.edu|ntpd/ntp_proto.c|19990526004817|01635|3aed0663 stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20050720002524|23884

== ntpd/ntp_proto.c ==
stenn at whimsy.udel.edu|ntpd/ntp_proto.c|19990526004817|01635|3aed0663
stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20040504055724|65095
D 1.179.1.1 05/07/19 20:12:20-04:00 stenn at whimsy.udel.edu +1 -1
B stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
C
c [Bug 464] building ntp with debugging disabled fails
K 65095
O -rw-rw-r--
P ntpd/ntp_proto.c
------------------------------------------------

D2296 1
I2297 1
		}

stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20050629003025|23884
D 1.226 05/07/19 20:25:24-04:00 stenn at whimsy.udel.edu +0 -1
B stenn at whimsy.udel.edu|ChangeSet|19990526004811|57482|8983e65c737bb465
C
c Auto merged
i stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20050720001220|65095
K 23884
M stenn at whimsy.udel.edu|ntpd/ntp_proto.c|20050720001220|65095
O -rw-rw-r--
P ntpd/ntp_proto.c
------------------------------------------------

D2205 1

# Patch checksum=79916084


More information about the bk-ntp-dev-send mailing list