[ntp:bk-ntp-dev-send] BitKeeper diffs

Harlan Stenn stenn at whimsy.udel.edu
Fri Aug 17 05:42:07 UTC 2007


#### ChangeSet ####
2007-08-17 01:38:48-04:00, stenn at whimsy.udel.edu 
  Cleanup from Dave Mills

==== html/assoc.html ====
2007-08-17 01:35:18-04:00, stenn at whimsy.udel.edu +22 -13
  Cleanup from Dave Mills

--- 1.21/html/assoc.html	2005-09-15 02:22:25 -04:00
+++ 1.22/html/assoc.html	2007-08-17 01:35:18 -04:00
@@ -13,7 +13,7 @@
 		<h3>Association Management</h3>
 		<img src="pic/alice51.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/~mills/pictures.html">from <i>Alice's Adventures in Wonderland</i>, Lewis Carroll</a>
 		<p>Make sure who your friends are.</p>
-		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">18:35</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="246">Thursday, July 28, 2005</csobj></p>
+		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">02:59</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="266">Tuesday, August 14, 2007</csobj></p>
 		<br clear="left">
 		<h4>Related Links</h4>
 		<script type="text/javascript" language="javascript" src="scripts/links7.txt"></script>
@@ -24,34 +24,43 @@
 			<li class="inline"><a href="#symact">Symmetric Active/Passive Mode</a>
 			<li class="inline"><a href="#broad">Broadcast/Multicast Modes</a>
 			<li class="inline"><a href="#umlt">Multicasting</a>
-			<li class="inline"><a href="#umlt">Multicasting</a>
+			<li class="inline"><a href="#orphan">Orphan Mode</a>
 			<li class="inline"><a href="#burst">Burst Modes</a>
 		</ul>
 		<hr>
 		<h4 id="modes">Association Modes</h4>
-		<p>NTP Version 4 (NTPv4) incorporates new features and refinements to the NTP Version 3 (NTPv3) algorithms; however, it continues the tradition of backwards compatibility with older versions. A number of new operating modes for automatic server discovery and improved accuracy in occasionally connected networks are provided. Following is an overview of the new features; additional information is available on the <a href="confopt.html">Configuration Options</a> and <a href="authopt.html">Authentication Options</a> pages and in the papers, reports, memoranda and briefings at <a href="http://www.ntp.org">www.ntp.org</a>.</p>
-		<p>There are two types of associations: persistent associations, which result from configuration file commands, and ephemeral associations, which result from protocol operations described below. A persistent association is never demobilized, although it may become dormant when the associated server becomes unreachable. An ephemeral association is mobilized when a message arrives from a server; for instance, a symmetric passive association is mobilized upon arrival of a symmetric active message. A broadcast client association is mobilized upon arrival of a broadcast server message, while a Manycast client association is mobilized upon arrival of a Manycast server message.</p>
-		<p>Ordinarily, successful mobilization of an ephemeral association requires the server to be cryptographically authenticated to the dependent client. This can be done using either symmetric-key or public-key cryptography, as described in the <a href="authopt.html">Authentication Options</a> page. The cryptographic means insure an unbroken chain of trust between the dependent client and the primary servers at the root of the synchronization subnet. We call this chain the <i>provenance</i> of the client and define new vocabulary as to proventicate a client or provide proventic credentials. Once mobilized, ephemeral associations are demobilized when either (a) the server becomes unreachable or (b) the server refreshes the key media without notifying the client.</p>
-		<p>There are three principal modes of operation: client/server, symmetric active/passive and broadcast. In addition, there are two modes using IP multicast support: multicast and manycast. These modes are selected based on the scope of service, intended flow of time and proventic values and means of configuration. Following is a summary of the operations in each mode.</p>
+		<p>NTP Version 4 (NTPv4) incorporates new features and refinements to the NTP Version 3 (NTPv3) algorithms; however, it continues the tradition of backwards compatibility with older versions. A number of new operating modes for automatic server discovery and improved accuracy in occasionally connected networks are provided. Following is an overview of the various modes of operation; additional information is available on the <a href="confopt.html">Configuration Options</a> and <a href="authopt.html">Authentication Options</a> pages and in the papers, reports, memoranda and briefings at <a href="http://www.ntp.org">www.ntp.org</a>.</p>
+		<p>There are three types of associations: persistent associations, which result from configuration file commands, and preemptable and ephemeral associations, which result from protocol operations described below. A persistent association is never demobilized, although it may become dormant when the associated server becomes unavailable. Preemptable and ephemeral associations are mobilized when a message arrives from a server; for instance, a symmetric passive association is mobilized upon arrival of a symmetric active message. A broadcast client association is mobilized upon arrival of a broadcast server message, while a manycast client association is mobilized upon arrival of a manycast server message. Preemptable associations differ from ephemeral associations in that the former can be demobilized by the mitigation algorithms when a &quot;better&quot; server comes along, while the latter can be demobilized only by protocol error or timeout.</p>
+		<p>Ordinarily, successful mobilization of preemptable or ephemeral associations requires the server to be cryptographically authenticated to the dependent client. This can be done using either symmetric key or public key cryptography, as described in the <a href="authopt.html">Authentication Options</a> page. </p>
+		<p>There are three principal modes of operation: client/server, symmetric active/passive and broadcast. In addition, there are two modes using IP multicast support: multicast and manycast. These modes are selected based on the scope of service, intended flow of time and cryptographic values and means of configuration.</p>
+		<p>The original NTPv3 authentication scheme is applicable in all mode, ass well as the new NTPv4 Autokey authentication scheme. In addition, the orphan and burst modes described below can be used in appropriate cases. Following is a summary of the operations in each mode.</p>
 		<h4 id="client">Client/Server Mode</h4>
-		<p>Client/server mode is probably the most common configuration in the Internet today. It operates in the classic remote-procedure-call (RPC) paradigm with stateless servers. In this mode a client sends a request to the server and expects a reply at some future time. In some contexts this would be described as a &quot;pull&quot; operation, in that the client pulls the time and proventic values from the server. A client is configured in client mode using the <tt>server</tt> (sic) command and specifying the server IPv4 or IPv6 DNS name or address; the server requires no prior configuration. The original NTPv3 authentication scheme is applicable in this mode, as well as the new NTPv4 Autokey proventication scheme. In addition, two burst modes described below can be used in appropriate cases.</p>
+		<p>Client/server mode is probably the most common configuration in the Internet today. It operates in the classic remote-procedure-call (RPC) paradigm with stateless servers. In this mode a client sends a request to the server and expects a reply at some future time. In some contexts this would be described as a &quot;pull&quot; operation, in that the client pulls the time and cryptographic values from the server. A client is configured in client mode using the <tt>server</tt> (sic) command and specifying the server IPv4 or IPv6 DNS name or address; the server requires no prior configuration.</p>
+		<p>The IBURST&nbsp;mode described later on this page is recommended for use by  clients, as this speeds up initial synchronization from several minutes to several seconds. The BURST&nbsp;mode described later on this page us useful to improve jitter on very noisy dial-up or ISDN&nbsp;network links. This mode should always be used when the maximum expected poll interval is above 1024 s.</p>
 		<h4 id="symact">Symmetric Active/Passive Mode</h4>
-		<p>Symmetric active/passive mode is intended for configurations were a clique of low-stratum peers operate as mutual backups for each other. Each peer operates with one or more primary reference sources, such as a radio clock, or a subset of secondary servers known to be reliable and proventicated. Should one of the peers lose all reference sources or simply cease operation, the other peers will automatically reconfigure so that time and proventication values can flow from the surviving peers to all the others in the clique. In some contexts this would be described as a &quot;push-pull&quot; operation, in that the peer either pulls or pushes the time and proventic values depending on the particular configuration.</p>
-		<p>Symmetric peers operate with their sources in some NTP mode and with each other in symmetric mode. A peer is configured in symmetric active mode using the <tt>peer</tt> command and specifying the other peer IPv4 or IPv6 DNS name or address. The other peer can also be configured in symmetric active mode in a similar way. However, if the other peer is not specifically configured in this way, a symmetric passive association is mobilized upon arrival of a symmetric active message. Since an intruder can impersonate a symmetric active peer and inject false time values, symmetric mode should always be cryptographically validated. The original NTPv3 authentication scheme is applicable in this mode, as well as the new NTPv4 Autokey proventication scheme.</p>
+		<p>Symmetric active/passive mode is intended for configurations were a clique of low-stratum peers operate as mutual backups for each other. Each peer operates with one or more primary reference sources, such as a radio clock, or a subset of secondary servers known to be reliable and authenticated. Should one of the peers lose all reference sources or simply cease operation, the other peers will automatically reconfigure so that time and proventication values can flow from the surviving peers to all the others in the clique. In some contexts this would be described as a &quot;push-pull&quot; operation, in that the peer either pulls or pushes the time and proventic values depending on the particular configuration.</p>
+		<p>Symmetric peers operate with their sources in some NTP mode and with each other in symmetric mode. A peer is configured in symmetric active mode using the <tt>peer</tt> command and specifying the other peer IPv4 or IPv6 DNS name or address. The other peer can also be configured in symmetric active mode in a similar way. However, if the other peer is not specifically configured in this way, a symmetric passive association is mobilized upon arrival of a symmetric active message. Since an intruder can impersonate a symmetric active peer and inject false time values, symmetric mode should always be cryptographically validated.</p>
+		<p>The BURST&nbsp;and IBURST&nbsp;modes should not be used in symetric- modes, as this can upset the intended symmetry of the protocol and result in spurious duplicate or dropped messages. In those topologies where symmetric modes are indicates, it is generally best to set the maximum poll interval to the valu of the minimum poll interval. </p>
 		<h4 id="broad">Broadcast/Multicast Modes</h4>
 		<p>IPv4 broadcast mode in both NTPv3 and NTPv4 is limited to directly connected subnets such as Ethernets which support broadcast technology. Ordinarily, this technology does not operate beyond the first hop router or gateway. In IPv6 and where service is intended beyond the local subnet, IP multicasting can be used where supported by the operating system and the routers support the Internet Group Management Protocol (IGMP). Most current kernels and available routers do support IP multicast technology, although service providers are sometimes reluctant to deploy it.</p>
-		<p>IPv4 broadcast mode is intended for configurations involving one or a few servers and a possibly very large client population on the same subnet. A broadcast server is configured using the <tt>broadcast</tt> command and a IPv4 local subnet broadcast address. A broadcast client is configured using the <tt>broadcastclient</tt> command, in which case it responds to broadcast messages received on any interface. Since an intruder can impersonate a broadcast server and inject false time values, this mode should always be cryptographically validated. The original NTPv3 authentication scheme is applicable in this mode, as well as the new NTPv4 Autokey proventication scheme.</p>
-		<p>The server generates broadcast messages continuously at intervals specified by the <tt>minpoll</tt> keyword and with a time-to-live span specified by the <tt>ttl</tt> keyword. A broadcast client responds to the first message received by waiting a short interval to avoid implosion at the server. Then, the client polls the server in burst mode in order to quickly set the host clock and validate the source. This normally results in a volley of eight client/server cycles at 2-s intervals during which both the synchronization and cryptographic protocols run concurrently. Following the volley, the client computes the offset between the apparent broadcast time and the (unicast) client time. This offset is used to compensate for the propagation time between the broadcast server and client. Once the offset is computed, the server continues as before and the client sends no further messages. If for some reason the broadcast server does not respond to client messages, the client w
 ill time out the volley and continue in listen-only mode with a default propagation delay.</p>
+		<p>IPv4 broadcast mode is intended for configurations involving one or a few servers and a possibly very large client population on the same subnet. A broadcast server is configured using the <tt>broadcast</tt> command and a IPv4 local subnet broadcast address. A broadcast client is configured using the <tt>broadcastclient</tt> command, in which case it responds to broadcast messages received on any interface. Since an intruder can impersonate a broadcast server and inject false time values, this mode should always be cryptographically validated.</p>
+		<p>The server generates broadcast messages continuously at intervals specified by the <tt>minpoll</tt> keyword and with a time-to-live span specified by the <tt>ttl</tt> keyword. A broadcast client responds to the first message received by waiting a short interval to avoid implosion at the server. Then, the client polls the server in IBURST mode in order to quickly set the host clock and validate the source. This normally results in a volley of eight client/server cycles at 2-s intervals during which both the synchronization and cryptographic protocols run concurrently. Following the volley, the client computes the offset between the apparent broadcast time and the (unicast) client time. This offset is used to compensate for the propagation time between the broadcast server and client. Once the offset is computed, the server continues as before and the client sends no further messages. If for some reason the broadcast server does not respond to client messages, the client 
 will time out the volley and continue in listen-only mode with a default propagation delay.</p>
 		<h4 id="umlt">Multicasting</h4>
 		<p>Multicasting can be used to extend the scope of a timekeeping subnet in two ways: multicasting and manycasting. A general discussion of IP multicast technology is beyond the scope of this page. In simple terms a host or router sending to a IPv4 or IPv6 multicast group address expects all hosts or routers listening on this address to receive the message. There is no intrinsic limit on the number of senders or receivers and senders can be receivers and vice versa. The IANA has assigned multicast group address IPv4 224.0.1.1 and IPv6 FF05::101 (site local) to NTP, but these addresses should be used only where the multicast span can be reliably constrained to protect neighbor networks. In general, administratively scoped IPv4 group addresses should be used, as described in RFC-2365, or GLOP group addresses, as described in RFC-2770.</p>
 		<p>A multicast server is configured using the <tt>broadcast</tt> command, but with a multicast group address instead of a broadcast address. A multicast client is configured using the <tt>multicastclient</tt> command with a multicast group address. However, there is a subtle difference between IPv4 broadcasting and multicasting. IPv4 broadcasting is specific to each interface and local subnet address. If more than one interface is attached to a machine, a separate <tt>broadcast</tt> command applies to each one separately. This provides a way to limit exposure in a firewall, for example. For IPv6 the same distinction can be made using link-local prefix FF02 for each interface and site-local FF05 for all interfacesl.</p>
 		<p>IP multicasting is a different paradigm. By design, multicast messages travel from the sender via a shortest-path or shared tree to the receivers, which may require these messages emit from one or all interfaces, but carry a common source address. However, it is possible to configure multiple multicast group addresses using multiple <tt>broadcast</tt> or <tt>multicastclient</tt> commands. Other than these particulars, multicast messages are processed just like broadcast messages. Note that the calibration feature in broadcast mode is extremely important, since IP multicast messages can travel far different paths through the IP routing fabric than ordinary IP unicast messages.</p>
 		<h4 id="many">Manycasting</h4>
 		<p>Manycasting is a automatic discovery and configuration paradigm new to NTPv4. It is intended as a means for a multicast client to troll the nearby network neighborhood to find cooperating manycast servers, validate them using cryptographic means and evaluate their time values with respect to other servers that might be lurking in the vicinity. The intended result is that each manycast client mobilizes client associations with some number of the &quot;best&quot; of the nearby anycast servers, yet automatically reconfigures to sustain this number of servers should one or another fail. Additional information is on the <a href="manyopt.html">Automatic NTP Configuration Options</a> page.</p>
+		<h4 id="orphan">Orphan Mode</h4>
+		Orphan mode is designed for use in private networks with no connectivity to public time servers and without access to a radio clock or modem time service. It is also useful as backup when such support is available but for one reason or another it fails or becomes seriously degraded. Under conditions when all synchronization sources are lost, the network automatically reorganizes so that all synchronization is ultimately dependent on a single orphan host which need not be explicitly selected in advance. In this design the network time might not be synchronized to UTC, but all network hosts will follow the orphan host time.
+		<p>Orphan mode is similar to the local clock driver; but, unlike the local clock driver, there can be more than one orphan host that potentially can assume that role with selection determined by an election algorithm command. Typically, one or more hosts near or at the root of the synchronization tree are assigned an orphan stratum using the <tt>tos orphan</tt> command. During initialization orphan hosts are assigned a random metric conveyed between hosts at orphan stratum level in the root delay field of the NTP packet header.</p>
+		<p>If the orphan hosts have access to servers at lower stratum levels, they operate in the usual way and with strict adherence to the NTP&nbsp;protocol rules. If not and they communicate with each other, the host with the lowest root delay becomes the root server and the remaining hosts in the network use the NTP protocol to determine the network topology. When the original connectivity is restored, the topology is restored.</p>
+		<p>Two scenarios will clarify how orphan mode can be used to provide smart backup. The first, scenario includes two secondary servers normally synchronized to different public Internet primary servers and connected to the same Ethernet LAN. Each are configured with <tt>broadcast</tt> and <tt>broadcastclient</tt> commands and in addition the <tt>tos orphan</tt> command. If one of the primary servers becomes unavailable, the associated LAN&nbsp;server will resynchronize to the other LAN&nbsp;server as a consequence of normal NTP&nbsp;operations. If both primary servers become unavailable, both LAN&nbsp;servers will eventually become orphan hosts with the root server selected as the one with the lowest root distance. Other non-orphan hosts will synchronize to the root server using normal NTP&nbsp;operations.</p>
+		<p>The second scenario includes three secondary servers A, B and C, each normally synchronized to public primary NTP&nbsp;servers or to radio clocks and to the same Ethernet LAN. These servers operate in symmetric modes in a circular topology; active A server is B, active B server is C and active C server is A. Each server is configured with the <tt>tos orphan</tt> command. While this topology provides a massive degree of redundancy and survivability, the interesting case is when all primary servers are unavailable. The eventual result is the same as the previous scenario; all three servers or orphans and the one with the lowest root delay becomes the root server.</p>
 		<h4 id="burst">Burst Modes</h4>
-		<p>There are two burst modes where a single poll event triggers a burst of eight packets at 2-s intervals instead of the usual one. The <tt>burst</tt> mode sends a burst when the server is reachable, while the <tt>iburst</tt> mode sends a burst when the server is unreachable. Each mode is independently of the other and both can be used if necessary. The <tt>calldelay</tt> command can be used to increase the interval between the first and second packets in the burst in order to allow a modem to complete a call. Received server packets update the clock filter, which selects the best (most accurate) time values. When the last packet in the burst is sent, the next received packet updates the system variables and sets the system clock in the usual manner, as if only a single client/server cycle had occurred. The result is not only a rapid and reliable setting of the system clock, but a considerable reduction in network jitter.</p>
+		<p>There are two burst modes where a single poll event triggers a burst of eight packets at 2-s intervals instead of the normal poll interval. The <tt>burst</tt> mode sends a burst when the server is reachable, while the <tt>iburst</tt> mode sends a burst when the server is unreachable. Each mode is independently of the other and both can be used if necessary. The <tt>calldelay</tt> command can be used to increase the interval between the first and second packets in the burst in order to allow a modem to complete a call, for instance. Received server packets update the clock filter, which selects the best (most accurate) time values. When the last packet in the burst is sent, the next received packet updates the system variables and sets the system clock in the usual manner, as if only a single client/server cycle had occurred. The result is not only a rapid and reliable setting of the system clock, but a considerable reduction in network jitter.</p>
 		<p>The <tt>iburst</tt> keyword is used where it is important to set the clock quickly when an association is first mobilized or first becomes reachable or when the network attachment requires an initial calling or training procedure. The burst is initiated only when the server first becomes reachable and results in good accuracy with intermittent connections typical of PPP and ISDN services. Outlyers due to initial dial-up delays, etc., are avoided and the client sets the clock within a few seconds after the first message.</p>
-		<p>The <tt>burst</tt> keyword can be configured in cases of excessive network jitter or when the network attachment requires an initial calling or training procedure. The burst is initiated at each poll interval when the server is reachable. The burst does produce additional network overhead and can cause trouble if used indiscriminately. It should only be used where the poll interval is expected to settle to values at or above 1024 s.</p>
+		<p>The <tt>burst</tt> keyword can be configured in cases of excessive network jitter or when the network attachment requires an initial calling or training procedure. The burst is initiated at each poll interval when the server is reachable. The burst does produce additional network overhead and can cause trouble if used indiscriminately. In general, It should only be used where the poll interval is expected to settle to values at or above 1024 s.</p>
 		<hr>
 		<script type="text/javascript" language="javascript" src="scripts/footer.txt"></script>
 	</body>

==== html/index.html ====
2007-08-17 01:35:20-04:00, stenn at whimsy.udel.edu +6 -6
  Cleanup from Dave Mills

--- 1.33/html/index.html	2007-07-23 01:31:12 -04:00
+++ 1.34/html/index.html	2007-08-17 01:35:20 -04:00
@@ -13,7 +13,7 @@
 		<h3>The Network Time Protocol (NTP) Distribution</h3>
 		<img src="pic/barnstable.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/%7emills/pictures.html"><i>P.T. Bridgeport Bear</i>; from <i>Pogo</i>, Walt Kelly</a>
 		<p>Pleased to meet you.</p>
-		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">03:09</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="223">Friday, June 22, 2007</csobj></p>
+		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">02:59</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="261">Tuesday, August 14, 2007</csobj></p>
 		<br clear="left">
 		<h4>Related Links</h4>
 		<script type="text/javascript" language="javascript" src="scripts/links7.txt"></script>
@@ -31,12 +31,12 @@
 		<hr>
 		<h4 id="intro">Introduction</h4>
 		<p>Note: The software contained in this distribution is available without charge under the conditions set forth in the <a href="copyright.html">Copyright Notice</a>.</p>
-		<p>The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source, such as a radio or satellite receiver or modem. It provides accuracies typically within a millisecond on LANs and up to a few tens of milliseconds on WANs relative to Coordinated Universal Time (UTC) via a Global Positioning Service (GPS) receiver, for example. Typical NTP configurations utilize multiple redundant servers and diverse network paths in order to achieve high accuracy and reliability.</p>
-		<p>This software release implements NTP Version 4 (NTPv4), but is in general backwards compatible with previous versions except NTP Version 1, support for which is no longer viable. NTPv4 includes support for both symmetric key and public key cryptography to prevent accidental or malicious protocol attacks, as well as automatic server discovery using IP multicast means. This release includes full support for the IPv6 address family, where the operating system supports it, as well as the default IPv4 address family. Either or both families can be used at the same time on the same machine.</p>
-		<p>Background information on computer network time synchronization can be found on the <a href="http://www.eecis.udel.edu/%7emills/exec.html">Executive Summary - Computer Network Time Synchronization</a> page. Discussion on protocol conformance issues and interoperability with previous NTP versions can be found on the <a href="http://www.eecis.udel.edu/%7emills/biblio.html">Protocol Conformance Statement</a> page. Discussion on how NTP reckons the time can be found on the <a href="http://www.eecis.udel.edu/%7emills/leap.html">NTP Timescale and Leap Seconds</a> page. Background information, bibliography and briefing slides suitable for presentations can be found on the <a href="http://www.eecis.udel.edu/%7emills/ntp.html">Network Time Synchronization Project</a> page. Additional information can be found at the NTP web site <a href="http://www.ntp.org">www.ntp.org</a>. Please send bug reports to <a href="mailto:bugs at mail.ntp.org">&lt;bugs at mail.ntp.org&gt;</a>.</p>
+		<p>The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source, such as a radio or satellite receiver or modem. It provides accuracies typically less than a millisecond on LANs and up to a few milliseconds on WANs relative to a Global Positioning Service (GPS) receiver, for example. Typical NTP configurations utilize multiple redundant servers and diverse network paths in order to achieve high accuracy and reliability.</p>
+		<p>This software release implements NTP Version 4 (NTPv4), but is in general backwards compatible with previous versions except NTP Version 1, support for which is no longer viable. NTPv4 includes support for both symmetric key and public key cryptography to prevent accidental or malicious protocol attacks, as well as automatic server discovery using IP multicast means. This release includes full support for the IPv6 address family, where the operating system supports it, as well as the IPv4 address family. Either or both families can be used at the same time on the same machine.</p>
+		<p>Background information on computer network time synchronization can be found on the <a href="http://www.eecis.udel.edu/%7emills/exec.html">Executive Summary - Computer Network Time Synchronization</a> page. Discussion on protocol conformance issues and interoperability with previous NTP versions can be found on the <a href="release.html">NTP Version 4 Release Notes</a> page. Discussion on how NTP reckons the time can be found on the <a href="http://www.eecis.udel.edu/%7emills/leap.html">NTP Timescale and Leap Seconds</a> page. Background information, bibliography and briefing slides suitable for presentations can be found on the <a href="http://www.eecis.udel.edu/%7emills/ntp.html">Network Time Synchronization Project</a> page. Additional information can be found at the NTP web site <a href="http://www.ntp.org">www.ntp.org</a>. Please send bug reports to <a href="mailto:bugs at ntp.org">&lt;bugs at ntp.org&gt;</a>.</p>
 		<h4 id="build">Building and Installing NTP</h4>
 		<p>NTP supports Unix and Windows (XP, NT4 and 2000) systems. The <a href="build/build.html">Building and Installing the Distribution</a> page presents an overview of the procedures for compiling the distribution and installing it on a typical client or server. The build procedures inspect the system hardware and software environment and automatically select the appropriate options for that environment. While these procedures work with most computers and operating systems marketed today, exceptions requiring manual intervention do exist, as documented on the <a href="build/config.html">Configuration Options</a> and <a href="release.html">Release Notes</a> pages.</p>
-		<p>Bringing up a NTP primary server requires a radio or satellite receiver or modem. The distribution includes hardware drivers for some forty radio and satellite clocks and modem services. A list of supported drivers is given on the <a href="refclock.html">Reference Clock Drivers</a> page. It is also possible to use an otherwise undisciplined machine as a primary or backup server, as described on the <a href="drivers/driver1.html">Undisciplined Local Clock</a> page. For most popular workstations marketed by Sun, Silicon Graphics and Hewlett Packard, as well as widely available Unix clones such as FreeBSD and Linux, the automatic build procedures select all drivers that run on the target machine. While this increases the size of the executable binary somewhat, individual drivers can be included or excluded using the configure utility documented in the Configuration Options page.</p>
+		<p>Bringing up a NTP primary server requires a radio or satellite receiver or modem. The distribution includes hardware drivers for over 40 radio and satellite receivers and modem services in both the US and Europe. A list of supported drivers is given on the <a href="refclock.html">Reference Clock Drivers</a> page. It is also possible to use an otherwise undisciplined machine as a primary or backup server, as described on the <a href="drivers/driver1.html">Undisciplined Local Clock</a> page. For most popular workstations marketed by Sun, Silicon Graphics and Hewlett Packard, as well as widely available Unix clones such as FreeBSD and Linux, the automatic build procedures select all drivers that run on the target machine. While this increases the size of the executable binary somewhat, individual drivers can be included or excluded using the configure utility documented in the Configuration Options page.</p>
 		<p>Some programs included in this distribution use cryptographic algorithms to verify authenticity and credentials. Where local security policy permits relatively weak symmetric key cryptography, the required software is included in this distribution. However, where local policy requires stronger public key cryptography, additional software not in this distribution is required. This distribution uses the OpenSSL library available from <a href="http://www.openssl.org">http://www.openssl.org</a>. This library is also used by the Secure Shell facility, so is often already installed on Unix workstations and servers. It includes support for most message digest and digital signature algorithms used in the industry, as well as X.509 certificate generation, signing and verification.</p>
 		<p>While public key cryptography is optional but highly recommended for all NTP operations, it is required for the NTPv4 Autokey protocol described on the <a href="http://www.eecis.udel.edu/%7emills/autokey.html">Autonomous Authentication</a> page and is an integral component of the generic automatic configuration scheme described on the <a href="http://www.eecis.udel.edu/%7emills/autocfg.html">Autonomous Configuration</a> page. In addition, access can be restricted in various ways described on the <a href="accopt.html">Access Control Options</a> page.</p>
 		<h4 id="conf">Configuring Clients and Servers</h4>
@@ -44,7 +44,7 @@
 		<p>However, in order to participate in the existing NTP synchronization subnet and obtain accurate, reliable time, it is usually necessary to construct an appropriate configuration file, commonly called <tt>ntp.conf</tt>, which establishes the servers and/or external receivers or modems to be used by this particular machine. Directions for constructing this file are in the <a href="notes.html">Notes on Configuring NTP and Setting up a NTP Subnet</a> page. However, in many common cases involving simple network topologies and workstations, the configuration data can be specified entirely on the command line for the <a href="ntpd.html"><tt>ntpd</tt> - Network Time Protocol (NTP) daemon</a>.</p>
 		<p>The most important factor in providing accurate, reliable time is the selection of modes and servers to be used in the configuration file. A discussion on the available modes is on the <a href="assoc.html">Association Management</a> page. NTP support for one or more computers is normally engineered as part of the existing public NTP synchronization subnet. The public subnet consists of a multiply redundant hierarchy of servers and clients, with each level in the hierarchy identified by stratum number. Primary servers operate at stratum one and provide synchronization to secondary servers operating at stratum two and so on to higher strata. In this hierarchy, clients are simply servers that have no dependents.</p>
 		<p>Configuring a corporate or campus NTP subnet can be an engineering challenge. NTP contains many features designed to survive system and network failures, software bugs, clock errors and hacker attacks. Surviving these hazards requires intricate design of the timekeeping network using good principles of server redundancy and path diversity. The Manycast mode, new to NTPv4, is designed to track the current server and network states and adjust the client/server configuration for the best available accuracy and reliability. More information on the Manycast mode is on the <a href="authopt.html">Athentication Options</a> and <a href="manyopt.html">Automatic NTP Configuration Options</a> pages.</p>
-		<p>The NTP subnet in early 2003 includes well over a hundred public primary (stratum 1) servers synchronized directly to UTC by radio, satellite or modem and located in every continent of the globe, including Antarctica. Normally, client workstations and servers with a relatively small number of clients do not synchronize to primary servers. There are well over a hundred public secondary (stratum 2) servers synchronized to the primary servers and providing synchronization to a total well over 100,000 clients and servers in the Internet. The current lists are maintained on the <a href="http://www.eecis.udel.edu/%7emills/ntp/index.html">Information on Time and Frequency Services</a> page, which is updated frequently. There are thousands upon thousands of private primary and secondary servers not normally available to the public, many hiding behind firewalls. Clients are strongly discouraged against using these servers, since they sometimes hide in little ghettos behind dinky
  links to the outside world and unwanted traffic can bring up expensive ISDN lines, causing much grief and frustration. There are defensive means described on the Access Control Options page, including the Kiss-of-Death packet.</p>
+		<p>The NTP subnet in 2007 includes several hundred public primary (stratum 1) servers synchronized directly to UTC by radio, satellite or modem and located in every continent of the globe, including Antarctica. Normally, client workstations and servers with a relatively small number of clients do not synchronize to primary servers. There are several hundred public secondary (stratum 2) servers synchronized to the primary servers and providing synchronization to a total population estimated at over 25 million clients and servers in the public Internet. The current lists are maintained on the <a href="http://www.eecis.udel.edu/%7emills/ntp/index.html">Information on Time and Frequency Services</a> page, which is updated frequently. There are thousands upon thousands of private primary and secondary servers not normally available to the public, many hiding behind firewalls. Clients are strongly discouraged to use these servers, since they sometimes hide in little ghettos behi
 nd dinky links to the outside world and unwanted traffic can bring up expensive ISDN lines, causing much grief and frustration. There are defensive means described on the Access Control Options page, including the Kiss-of-Death packet.</p>
 		<h4 id="prob">Resolving Problems</h4>
 		<p>Like other things Internet, the NTP synchronization subnets tend to be large and devilishly intricate, with many opportunities for misconfiguration and network problems. The NTP engineering model is specifically designed to help isolate and repair such problems using an integrated management protocol, together with a suite of monitoring and debugging tools. There is an optional statistics data recording facility which can be used to record normal and aberrant operation, log problems to the system log facility, and retain records of client access. The <a href="debug.html">NTP Debugging Techniques</a> and <a href="build/hints.html">Hints and Kinks</a> pages contain useful information for identifying problems and devising solutions. In extreme cases, problems can be detected through the use of the <a href="ntpdsim.html"><tt>ntpdsim</tt> - Network Time Protocol (NTP) simulator</a> included in this software distribution.</p>
 		<p>Users are requested to report bugs, offer suggestions and contribute additions to this distribution. The <a href="build/patches.html">Patching Procedures</a> page suggests procedures which greatly simplify distribution updates, while the <a href="build/porting.html">Porting Hints</a> page suggest ways to make porting this code to new hardware and operating systems easier. Additional information on reference clock driver construction and debugging can be found in the <a href="rdebug.html">Debugging Hints for Reference Clock Drivers</a> page.</p>

==== html/release.html ====
2007-08-17 01:35:24-04:00, stenn at whimsy.udel.edu +7 -9
  Cleanup from Dave Mills

--- 1.31/html/release.html	2005-10-13 00:32:59 -04:00
+++ 1.32/html/release.html	2007-08-17 01:35:24 -04:00
@@ -13,21 +13,19 @@
 		<h3>NTP Version 4 Release Notes</h3>
 		<img src="pic/hornraba.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/%7emills/pictures.html">from <i>Alice's Adventures in Wonderland</i>, Lewis Carroll</a>
 		<p>The rabbit toots to make sure you read this</p>
-		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">19:17</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="270">Monday, October 10, 2005</csobj></p>
+		<p>Last update: <csobj format="ShortTime" h="25" locale="00000409" region="0" t="DateTime" w="61">03:05</csobj> UTC <csobj format="LongDate" h="25" locale="00000409" region="0" t="DateTime" w="266">Tuesday, August 14, 2007</csobj></p>
 		.<br clear="left">
 		<hr>
 		<h4>NTP Version 4 Release Notes</h4>
-		<p>This release of the NTP Version 4 (NTPv4) daemon for Unix, VMS and Windows incorporates new features and refinements to the NTP Version 3 (NTPv3) algorithms. However, it continues the tradition of retaining backwards compatibility with older versions, including NTPv3 and NTPv2, but not NTPv1. Support for NTPv1 has been discontinued because of certain security vulnerabilities. The NTPv4 version has been under development for quite a while and isn't finished yet. In fact, quite a number of NTPv4 features have already been retrofitted in the older NTPv3, although this version is not actively maintained by the NTPv4 developer corps.</p>
-		<p>The code compiles and runs properly in all test host configurations available to the developer corps, including Sun Microsystems, Digital/Compaq, Hewlett Packard, FreeBSD and Linux. Other volunteers have verified it works in IRIX and Windows NT and XP. We invite comments and corrections about the various architectures, operating systems and hardware complement that can't be verified by the developer corps. Of particular interest are other Windows versions, VMS and various reference clock drivers. As always, corrections and bugfixes are warmly received, especially in the form of context diffs sent to <a href="mailto:bugs at ntp.org">bugs at ntp.org</a>.</p>
-		<p>This release has been compiled and tested on many systems, including SunOS 4.1.3, Solaris 2.5.1-2.10, Alpha Tru64 4.0-5.1, Ultrix 4.4, Linux 2.4.2, FreeBSD 4.5-5.3 and HP-UX 10.02. It has been compiled and tested by others on Windows NT4, 2000 and XP, but not yet on other Windows versions or for VMS. There are several new features apparently incompatible with Linux systems, including some modes used with the Autokey protocol. The developer corps looks for help elsewhere to resolve these differences.</p>
-		<p>This note summarizes the differences between this software release of NTPv4, called ntp-4.x.x, and the previous NTPv3 version, called xntp3-5.x.x. Additional information on protocol compatibility details is on the <a href="http://www.eecis.udel.edu/%7emills/biblio.html">Protocol Conformance Statement</a> page.</p>
+		<p>This release of the NTP Version 4 (NTPv4) daemon for Unix, VMS and Windows incorporates new features and refinements to the NTP Version 3 (NTPv3) algorithms. However, it continues the tradition of retaining backwards compatibility with older versions, including NTPv3 and NTPv2, but not NTPv1. Support for NTPv1 has been discontinued because of certain security vulnerabilities. The NTPv4 version has been under development for quite a while and isn't finished yet.</p>
+		<p>The code compiles and runs properly in all test host configurations available to the developer corps, including Sun Microsystems, Digital/Compaq/Hewlett Packard, FreeBSD and Linux. Other volunteers have verified it works in IRIX and Windows NT and XP. We invite comments and corrections about the various architectures, operating systems and hardware complement that can't be verified by the developer corps. Of particular interest are other Windows versions, VMS and various reference clock drivers. As always, corrections and bugfixes are warmly received, especially in the form of context diffs sent to <a href="mailto:bugs at ntp.org">bugs at ntp.org</a>.</p>
+		<p>This release has been compiled and tested on many systems, including SunOS 4.1.3, Solaris 2.5.1-2.10, Alpha Tru64 4.0-5.1, Ultrix 4.4, Linux 2.4.2, FreeBSD 4.5-6.2 and HP-UX 10.02. It has been compiled and tested by others on Windows NT4, 2000 and XP, but not yet on other Windows versions or for VMS. There are several new features apparently incompatible with Linux systems, including some modes used with the Autokey protocol. The developer corps looks for help elsewhere to resolve these differences.</p>
+		<p>This note summarizes the differences between this software release of NTPv4, called ntp-4.x.x, and the previous NTPv3 version, called xntp3-5.x.x.</p>
 		<h4>New Features</h4>
 		<ol>
-			<li>Support for the IPv6 addressing family is included in this distribution. If the Basic Socket Interface Extensions for IPv6 (RFC-2553) is detected, support for the IPv6 address family is generated in addition to the default support for the IPv4 address family. Combination IPv6 and IPv4 configurations have been successfully tested in all protocol modes supported by NTP and using both symmetric and public key (Autokey) cryptography. However, users should note that IPv6 support is new and we have not had a lot of experience with it in various operational scenarios and local infrastructure environments. As always, feedback is welcome.
-			<li>Most calculations are now done using 64-bit floating double format, rather than 64-bit fixed point format. The motivation for this is to reduce size, improve speed and avoid messy bounds checking. Workstations of today are much faster than when the original NTP version was designed in the early 1980s, and it is rare to find a processor architecture that does not support floating double. The fixed point format is still used with raw timestamps, in order to retain the full precision of about 212 picoseconds. However, the algorithms which process raw timestamps all produce fixed point differences before converting to floating double. The differences are ordinarily quite small so can be expressed without loss of accuracy in this format.
+			<li>Support for the IPv6 addressing family is included in this distribution. If the Basic Socket Interface Extensions for IPv6 (RFC-2553) is detected, support for the IPv6 address family is generated in addition to the default support for the IPv4 address family. Combination IPv6 and IPv4 configurations have been successfully tested in all protocol modes supported by NTP and using both symmetric and public key (Autokey) cryptography.<li>Most calculations are now done using 64-bit floating double format, rather than 64-bit fixed point format. The motivation for this is to reduce size, improve speed and avoid messy bounds checking. Workstations of today are much faster than when the original NTP version was designed in the early 1980s, and it is rare to find a processor architecture that does not support floating double. The fixed point format is still used with raw timestamps, in order to retain the full precision of about 212 picoseconds. However, the algorithms which pro
 cess raw timestamps all produce fixed point differences before converting to floating double. The differences are ordinarily quite small so can be expressed without loss of accuracy in this format.
 			
-			<li>The clock discipline algorithm has been redesigned to improve accuracy, reduce the impact of network jitter and allow increased in poll intervals to well over one day with only moderate sacrifice in accuracy.
-		</ol>
+			<li>The clock discipline algorithm has been redesigned to improve accuracy, reduce the impact of network jitter and allow increased in poll intervals to 36 hours with only moderate sacrifice in accuracy.</ol>
 		<ul>
 			<ul>
 				<li>A new feature called <i>huffpuff</i> maximizes accuracy in cases of highly asymmetric network delays typical of ISDN and modem access circuits.

==== include/ntp.h ====
2007-08-17 01:35:37-04:00, stenn at whimsy.udel.edu +11 -10
  Cleanup from Dave Mills

--- 1.134/include/ntp.h	2007-07-22 23:16:35 -04:00
+++ 1.135/include/ntp.h	2007-08-17 01:35:37 -04:00
@@ -126,7 +126,7 @@ typedef char s_char;
 #define	NTP_MAXCLOCK	10	/* max candidates */
 #define	NTP_MAXASSOC	50	/* max associations */
 #define MINDISPERSE	.005	/* min dispersion increment */
-#define MAXDISTANCE	1.	/* max root distance (select threshold) */
+#define MAXDISTANCE	1.5	/* max root distance (select threshold) */
 #define CLOCK_SGATE	3.	/* popcorn spike gate */
 #define HUFFPUFF	900	/* huff-n'-puff sample interval (s) */
 #define MAXHOP		2	/* anti-clockhop threshold */
@@ -264,7 +264,6 @@ struct peer {
 	u_char	maxpoll;	/* max poll interval */
 	u_int	flags;		/* association flags */
 	u_char	cast_flags;	/* additional flags */
-	u_int	flash;		/* protocol error test tally bits */
 	u_char	last_event;	/* last peer error code */
 	u_char	num_events;	/* number of error events */
 	u_char	ttl;		/* ttl/refclock mode */
@@ -287,8 +286,8 @@ struct peer {
 	u_char	stratum;	/* remote stratum */
 	u_char	ppoll;		/* remote poll interval */
 	s_char	precision;	/* remote clock precision */
-	double	rootdelay;	/* roundtrip delay to primary clock */
-	double	rootdispersion;	/* dispersion to primary clock */
+	double	rootdelay;	/* roundtrip delay to primary source */
+	double	rootdisp;	/* dispersion to primary source */
 	u_int32	refid;		/* remote reference ID */
 	l_fp	reftime;	/* update epoch */
 
@@ -331,8 +330,10 @@ struct peer {
 	 */
 	u_char	status;		/* peer status */
 	u_char	reach;		/* reachability register */
+	u_int	flash;		/* protocol error test tally bits */
 	u_long	epoch;		/* reference epoch */
 	u_int	burst;		/* packets remaining in burst */
+	u_int	speed;		/* force minpoll */
 	u_int	filter_nextpt;	/* index into filter shift register */
 	double	filter_delay[NTP_SHIFT]; /* delay shift register */
 	double	filter_offset[NTP_SHIFT]; /* offset shift register */
@@ -364,7 +365,6 @@ struct peer {
 	 */
 	u_long	update;		/* receive epoch */
 	u_int	unreach;	/* unreachable count */
-#define end_clear_to_zero unreach
 	u_long	outdate;	/* send time last packet */
 	u_long	nextdate;	/* send time next packet */
 	u_long	nextaction;	/* peer local activity timeout (refclocks) */
@@ -374,6 +374,7 @@ struct peer {
 	 * Statistic counters
 	 */
 	u_long	timereset;	/* time stat counters were reset */
+#define end_clear_to_zero timereset
 	u_long	timereceived;	/* last packet received time */
 	u_long	timereachable;	/* last reachable/unreachable time */
 
@@ -603,14 +604,14 @@ struct peer {
  * and must be converted (except the mac, which isn't, really).
  */
 struct pkt {
-	u_char	li_vn_mode;	/* leap indicator, version and mode */
+	u_char	li_vn_mode;	/* peer leap indicator */
 	u_char	stratum;	/* peer stratum */
 	u_char	ppoll;		/* peer poll interval */
 	s_char	precision;	/* peer clock precision */
-	u_fp	rootdelay;	/* distance to primary clock */
-	u_fp	rootdispersion;	/* clock dispersion */
-	u_int32	refid;		/* reference clock ID */
-	l_fp	reftime;	/* time peer clock was last updated */
+	u_fp	rootdelay;	/* roundtrip delay to primary source */
+	u_fp	rootdisp;	/* dispersion to primary source*/
+	u_int32	refid;		/* reference id */
+	l_fp	reftime;	/* last update time */
 	l_fp	org;		/* originate time stamp */
 	l_fp	rec;		/* receive time stamp */
 	l_fp	xmt;		/* transmit time stamp */

==== include/ntp_crypto.h ====
2007-08-17 01:35:38-04:00, stenn at whimsy.udel.edu +21 -17
  Cleanup from Dave Mills

--- 1.40/include/ntp_crypto.h	2007-07-22 23:16:37 -04:00
+++ 1.41/include/ntp_crypto.h	2007-08-17 01:35:38 -04:00
@@ -2,6 +2,26 @@
  * ntp_crypto.h - definitions for cryptographic operations
  */
 
+#ifndef NTP_CRYPTO_H
+#define NTP_CRYPTO_H
+
+/* We need the following for the config parser code */
+
+/*
+ * Configuration codes
+ */
+#define CRYPTO_CONF_NONE  0	/* nothing doing */
+#define CRYPTO_CONF_PRIV  1	/* host keys file name */
+#define CRYPTO_CONF_SIGN  2	/* signature keys file name */
+#define CRYPTO_CONF_LEAP  3	/* leapseconds table file name */
+#define CRYPTO_CONF_CERT  4	/* certificate file name */
+#define CRYPTO_CONF_RAND  5	/* random seed file name */
+#define CRYPTO_CONF_IFFPAR 6	/* IFF parameters file name */
+#define CRYPTO_CONF_GQPAR 7	/* GQ parameters file name */
+#define	CRYPTO_CONF_MVPAR 8	/* GQ parameters file name */
+#define CRYPTO_CONF_PW	  9	/* private key password */
+#define	CRYPTO_CONF_IDENT 10	/* specify identity scheme */
+
 #ifdef OPENSSL
 #include "openssl/evp.h"
 /*
@@ -80,23 +100,6 @@
 #define	XEVNT_SRV	XEVNT_CMD(16) /* server certificate expired */
 
 /*
- * Configuration codes
- */
-#define CRYPTO_CONF_NONE  0	/* nothing doing */
-#define CRYPTO_CONF_PRIV  1	/* host keys file name */
-#define CRYPTO_CONF_SIGN  2	/* signature keys file name */
-#define CRYPTO_CONF_LEAP  3	/* leapseconds table file name */
-#define CRYPTO_CONF_KEYS  4	/* keys directory path */
-#define CRYPTO_CONF_CERT  5	/* certificate file name */
-#define CRYPTO_CONF_RAND  6	/* random seed file name */
-#define	CRYPTO_CONF_TRST  7	/* specify trust */
-#define CRYPTO_CONF_IFFPAR 8	/* IFF parameters file name */
-#define CRYPTO_CONF_GQPAR 9	/* GQ parameters file name */
-#define	CRYPTO_CONF_MVPAR 10	/* GQ parameters file name */
-#define CRYPTO_CONF_PW	  11	/* private key password */
-#define	CRYPTO_CONF_IDENT 12	/* specify identity scheme */
-
-/*
  * Miscellaneous crypto stuff
  */
 #define NTP_MAXSESSION	100	/* maximum session key list entries */
@@ -167,3 +170,4 @@ extern	struct value hostval;	/* host nam
 extern	struct cert_info *cinfo; /* host certificate information */
 extern	struct value tai_leap;	/* leapseconds table */
 #endif /* OPENSSL */
+#endif /* NTP_CRYPTO_H */

==== include/ntp_refclock.h ====
2007-08-17 01:35:41-04:00, stenn at whimsy.udel.edu +1 -1
  Cleanup from Dave Mills

--- 1.21/include/ntp_refclock.h	2007-01-03 16:39:51 -05:00
+++ 1.22/include/ntp_refclock.h	2007-08-17 01:35:41 -04:00
@@ -185,7 +185,7 @@ struct refclockproc {
 	const char *clockdesc;	/* clock description */
 
 	char	a_lastcode[BMAX]; /* last timecode received */
-	u_short	lencode;	/* length of last timecode */
+	int	lencode;	/* length of last timecode */
 
 	int	year;		/* year of eternity */
 	int	day;		/* day of year */

==== include/ntp_request.h ====
2007-08-17 01:35:41-04:00, stenn at whimsy.udel.edu +2 -2
  Cleanup from Dave Mills

--- 1.32/include/ntp_request.h	2007-06-02 18:28:47 -04:00
+++ 1.33/include/ntp_request.h	2007-08-17 01:35:41 -04:00
@@ -382,7 +382,7 @@ struct info_peer {
 	u_int32 pkeyid;		/* unused */
 	u_int32 refid;		/* peer.refid */
 	u_int32 timer;		/* peer.timer */
-	s_fp rootdelay;		/* peer.distance */
+	s_fp rootdelay;		/* peer.delay */
 	u_fp rootdispersion;	/* peer.dispersion */
 	l_fp reftime;		/* peer.reftime */
 	l_fp org;		/* peer.org */
@@ -466,7 +466,7 @@ struct info_sys {
 	u_char leap;		/* system leap bits */
 	u_char stratum;		/* our stratum */
 	s_char precision;	/* local clock precision */
-	s_fp rootdelay;		/* distance from sync source */
+	s_fp rootdelay;		/* delay from sync source */
 	u_fp rootdispersion;	/* dispersion from sync source */
 	u_int32 refid;		/* reference ID of sync source */
 	l_fp reftime;		/* system reference time */

==== include/ntpd.h ====
2007-08-17 01:35:44-04:00, stenn at whimsy.udel.edu +12 -12
  Cleanup from Dave Mills

--- 1.107/include/ntpd.h	2007-07-24 14:59:45 -04:00
+++ 1.108/include/ntpd.h	2007-08-17 01:35:44 -04:00
@@ -116,7 +116,7 @@ extern	int	leap_actual (int);
 
 /* ntp_loopfilter.c */
 extern	void	init_loopfilter (void);
-extern	int 	local_clock (struct peer *, double);
+extern	int 	local_clock (struct peer *, u_long, double);
 extern	void	adj_host_clock	(void);
 extern	void	loop_config (int, double);
 extern	void	huffpuff	(void);
@@ -166,7 +166,7 @@ extern	void	crypto_update	(void);
 extern	void	crypto_config	(int, char *);
 extern	void	crypto_setup	(void);
 extern	u_int	crypto_ident	(struct peer *);
-extern	struct exten *crypto_args (struct peer *, u_int, char *);
+extern	struct exten *crypto_args (struct peer *, u_int, associd_t, char *);
 extern	int	crypto_public	(struct peer *, u_char *, u_int);
 extern	void	value_free	(struct value *);
 extern	char	*iffpar_file;
@@ -252,7 +252,7 @@ extern	void	record_timing_stats (const c
 extern  int	sock_hash (struct sockaddr_storage *);
 extern	double	old_drift;
 extern	int	drift_file_sw;
-
+extern	double	wander_threshold;
 /*
  * Variable declarations for ntpd.
  */
@@ -352,7 +352,7 @@ extern int	state;			/* clock discipline 
 extern int	tc_counter;		/* poll-adjust counter */
 extern u_long	last_time;		/* time of last clock update (s) */
 extern double	last_offset;		/* last clock offset (s) */
-extern double	allan_xpt;		/* Allan intercept (s) */
+extern u_char	allan_xpt;		/* Allan intercept (log2 s) */
 extern double	clock_jitter;		/* clock jitter (s) */
 extern double	sys_jitter;		/* system jitter (s) */
 
@@ -385,15 +385,15 @@ extern int	peer_preempt;		/* preemptable
  * specification.
  */
 extern u_char	sys_leap;		/* system leap indicator */
-extern u_char	sys_stratum;		/* stratum of system */
+extern u_char	sys_stratum;		/* system stratum */
 extern s_char	sys_precision;		/* local clock precision */
-extern double	sys_rootdelay;		/* distance to current sync source */
-extern double	sys_rootdispersion;	/* dispersion of system clock */
-extern u_int32	sys_refid;		/* reference source for local clock */
-extern l_fp	sys_reftime;		/* time we were last updated */
-extern struct peer *sys_peer;		/* our current peer */
-extern struct peer *sys_pps;		/* our current PPS peer */
-extern struct peer *sys_prefer;		/* our cherished peer */
+extern double	sys_rootdelay;		/* roundtrip delay to primary source */
+extern double	sys_rootdisp;		/* dispersion to primary source */
+extern u_int32	sys_refid;		/* reference id */
+extern l_fp	sys_reftime;		/* last update time */
+extern struct peer *sys_peer;		/* current peer */
+extern struct peer *sys_pps;		/* current PPS peer */
+extern struct peer *sys_prefer;		/* cherished peer */
 
 /*
  * Nonspecified system state variables.

==== libntp/statestr.c ====
2007-08-17 01:36:00-04:00, stenn at whimsy.udel.edu +1 -1
  Cleanup from Dave Mills

--- 1.11/libntp/statestr.c	2007-01-03 16:39:57 -05:00
+++ 1.12/libntp/statestr.c	2007-08-17 01:36:00 -04:00
@@ -140,7 +140,7 @@ struct codestring crypto_codes[] = {
 	{ XEVNT_CRT & ~CRPT_EVENT,	"bad_or_missing_certificate" },	
 	{ XEVNT_ID & ~CRPT_EVENT,	"bad_or_missing_group_key" },
 	{ XEVNT_ERR & ~CRPT_EVENT,	"protocol_error" },
-	{ XEVNT_SRV & ~CRPT_EVENT,	"server certificate expired" },
+	{ XEVNT_SRV & ~CRPT_EVENT,	"server_certificate_expired" },
 	{ -1,				"crypto" }
 };
 #endif /* OPENSSL */

==== ntpd/ntp_config.c ====
2007-08-17 01:36:57-04:00, stenn at whimsy.udel.edu +6 -9
  Cleanup from Dave Mills

--- 1.161/ntpd/ntp_config.c	2007-07-24 14:58:56 -04:00
+++ 1.162/ntpd/ntp_config.c	2007-08-17 01:36:57 -04:00
@@ -63,7 +63,6 @@ HANDLE ResolverThreadHandle = NULL;
 void yyerror (char *msg);
 
 extern int priority_done;
-extern double wander_threshold;
 
 
 /*
@@ -971,19 +970,17 @@ config_auth(void)
 			    dequeue(my_config.auth.crypto_cmd_list);
 #ifdef OPENSSL
 			crypto_config(my_val->attr, my_val->value.s);
-#else
-			printf("Warning: Code not built with OpenSSL libraries!\n"
-			       "Crypto commands are ignored\n");
-			msyslog(LOG_ERR, "config_auth: Crypto commands are ignored\n");
-#endif
-            
+#endif /* OPENSSL */
 			free(my_val->value.s);
 			free_node(my_val);
 		}
 		destroy_queue(my_config.auth.crypto_cmd_list);
 		my_config.auth.crypto_cmd_list = NULL;
 	}
-    
+#ifdef OPENSSL
+	crypto_setup();
+#endif /* OPENSSL */
+ 
 	/* Keys Command */
 	if (my_config.auth.keys)
 		getauthkeys(my_config.auth.keys);
@@ -1019,7 +1016,7 @@ config_auth(void)
     
 #ifdef OPENSSL
 	/* Revoke Command */
-	if (my_config.auth.revoke) 
+	if (my_config.auth.revoke)
 		sys_revoke = my_config.auth.revoke;
 #endif /* OPENSSL */
 

==== ntpd/ntp_control.c ====
2007-08-17 01:36:58-04:00, stenn at whimsy.udel.edu +8 -5
  Cleanup from Dave Mills

--- 1.97/ntpd/ntp_control.c	2007-07-24 01:31:07 -04:00
+++ 1.98/ntpd/ntp_control.c	2007-08-17 01:36:58 -04:00
@@ -99,7 +99,7 @@ static struct ctl_var sys_var[] = {
 	{ CS_STRATUM,	RO, "stratum" },	/* 2 */
 	{ CS_PRECISION, RO, "precision" },	/* 3 */
 	{ CS_ROOTDELAY, RO, "rootdelay" },	/* 4 */
-	{ CS_ROOTDISPERSION, RO, "rootdispersion" }, /* 5 */
+	{ CS_ROOTDISPERSION, RO, "rootdisp" },	/* 5 */
 	{ CS_REFID,	RO, "refid" },		/* 6 */
 	{ CS_REFTIME,	RO, "reftime" },	/* 7 */
 	{ CS_POLL,	RO, "poll" },		/* 8 */
@@ -190,7 +190,7 @@ static struct ctl_var peer_var[] = {
 	{ CP_HPOLL,	RO, "hpoll" },		/* 12 */
 	{ CP_PRECISION,	RO, "precision" },	/* 13 */
 	{ CP_ROOTDELAY,	RO, "rootdelay" },	/* 14 */
-	{ CP_ROOTDISPERSION, RO, "rootdispersion" }, /* 15 */
+	{ CP_ROOTDISPERSION, RO, "rootdisp" },	/* 15 */
 	{ CP_REFID,	RO, "refid" },		/* 16 */
 	{ CP_REFTIME,	RO, "reftime" },	/* 17 */
 	{ CP_ORG,	RO, "org" },		/* 18 */
@@ -1243,7 +1243,7 @@ ctl_putsys(
 
 	    case CS_ROOTDISPERSION:
 		ctl_putdbl(sys_var[CS_ROOTDISPERSION].text,
-			   sys_rootdispersion * 1e3);
+			   sys_rootdisp * 1e3);
 		break;
 
 	    case CS_REFID:
@@ -1564,7 +1564,7 @@ ctl_putpeer(
 
 	    case CP_ROOTDISPERSION:
 		ctl_putdbl(peer_var[CP_ROOTDISPERSION].text,
-			   peer->rootdispersion * 1e3);
+			   peer->rootdisp * 1e3);
 		break;
 
 	    case CP_REFID:
@@ -1639,7 +1639,10 @@ ctl_putpeer(
 		break;
 
 	    case CP_KEYID:
-		ctl_putuint(peer_var[CP_KEYID].text, peer->keyid);
+		if (peer->keyid > NTP_MAXKEY)
+			ctl_puthex(peer_var[CP_KEYID].text, peer->keyid);
+		else
+			ctl_putuint(peer_var[CP_KEYID].text, peer->keyid);
 		break;
 
 	    case CP_FILTDELAY:

==== ntpd/ntp_crypto.c ====
2007-08-17 01:37:00-04:00, stenn at whimsy.udel.edu +175 -101
  Cleanup from Dave Mills

--- 1.112/ntpd/ntp_crypto.c	2007-07-22 23:18:06 -04:00
+++ 1.113/ntpd/ntp_crypto.c	2007-08-17 01:37:00 -04:00
@@ -80,13 +80,28 @@
  * creator or signor is synchronized to an authoritative source and
  * proventicated to a trusted authority.
  *
- * Note there are four conditions required for server trust. First, the
- * public key on the certificate must be verified, which involves a
- * number of format, content and consistency checks. Next, the server
- * identity must be confirmed by one of four schemes: private
- * certificate, IFF scheme, GQ scheme or certificate trail hike to a
- * self signed trusted certificate. Finally, the server signature must
- * be verified.
+ * Note there are several conditions required for server trust. First,
+ * the public key on the server certificate must be verified, which can
+ * involve a hike along the certificate trail to a trusted host. Next,
+ * the server trust must be confirmed by one of several identity
+ * schemes. Valid cryptographic values are signed with attached
+ * timestamp and filestamp. Individual packet trust is confirmed
+ * relative to these values by a message digest with keys generated by a
+ * reverse-order pseudorandom hash.
+ *
+ * State decomposition. These flags are lit in the order given. They are
+ * dim only when the association is demobilized.
+ *
+ * CRYPTO_FLAG_ENAB	Lit upon acceptance of a CRYPTO_ASSOC message
+ * CRYPTO_FLAG_VALID	Lit when a self-digned trusted certificate is
+ *			accepted.
+ * CRYPTO_FLAG_VRFY	Lit when identity is confirmed.
+ * CRYPTO_FLAG_PROV	Lit when the first signature is verified.
+ * CRYPTO_FLAG_AGREE	Lit when a valid cookie is accepted.
+ * CRYPTO_FLAG_AUTO	Lit when valid autokey values are accepted.
+ * CRYPTO_FLAG_SIGN	Lit when the server signed certificate is
+ *			accepted.
+ * CRYPTO_FLAG_TAI	Lit when the leapsecond values are accepted.
  */
 /*
  * Cryptodefines
@@ -151,13 +166,13 @@ static	int	crypto_mv	(struct exten *, st
 static	u_int	crypto_send	(struct exten *, struct value *, int *);
 static	tstamp_t crypto_time	(void);
 static	u_long	asn2ntp		(ASN1_TIME *);
-static	struct cert_info *cert_parse (u_char *, u_int, tstamp_t);
+static	struct cert_info *cert_parse (u_char *, u_int, tstamp_t, int);
 static	int	cert_sign	(struct exten *, struct value *);
 static	int	cert_valid	(struct cert_info *, EVP_PKEY *);
 static	int	cert_install	(struct exten *, struct peer *);
 static	void	cert_free	(struct cert_info *);
 static	EVP_PKEY *crypto_key	(char *, tstamp_t *);
-static	int	bighash		(BIGNUM *, BIGNUM *);
+static	void	bighash		(BIGNUM *, BIGNUM *);
 static	struct cert_info *crypto_cert (char *);
 
 #ifdef SYS_WINNT
@@ -445,12 +460,8 @@ crypto_recv(
 		 * fake association ID over the fence, we better toss it
 		 * out. Only the first one counts.
 		 */
-		if (!(code & CRYPTO_RESP)) {
-			if (peer->assoc == 0)
-				peer->assoc = associd;
-			else if (peer->assoc != associd)
-				code |= CRYPTO_ERROR;
-		}
+		if (peer->assoc == 0)
+			peer->assoc = associd;
 		if (len >= VALUE_LEN) {
 			tstamp = ntohl(ep->tstamp);
 			fstamp = ntohl(ep->fstamp);
@@ -471,12 +482,12 @@ crypto_recv(
 		case CRYPTO_ASSOC:
 
 			/*
-			 * If the machine is running when this message
-			 * arrives, the other fellow has reset and so
-			 * must we. Otherwise, pass the extension field
-			 * to the transmit side.
+			 * If our state machine is running when this
+			 * message arrives, the other fellow has reset
+			 * and so must we. Otherwise, pass the extension
+			 * field to the transmit side.
 			 */
-			if (peer->crypto) {
+			if (peer->crypto & CRYPTO_FLAG_VALID) {
 				rval = XEVNT_ERR;
 				break;
 			}
@@ -569,8 +580,13 @@ crypto_recv(
 
 			/*
 			 * Save status word, host name and message
-			 * digest/signature type.
-			 */
+			 * digest/signature type.As this is the first
+			 * time we heard of this guy, initialize the
+			 * volley counter.
+			 */
+			if (peer->speed == 0)
+				peer->speed = NTP_BURST;
+			poll_update(peer, peer->hpoll);
 			peer->crypto = fstamp;
 			peer->digest = dp;
 			peer->subject = emalloc(vallen + 1);
@@ -657,12 +673,12 @@ crypto_recv(
 			break;
 
 		/*
-		 * Schnorr (IFF)identity scheme. This scheme is designed
-		 * for use with shared secret group keys and where the
-		 * certificate may be generated by a third party. The
-		 * client sends a challenge to the server, which
-		 * performs a calculation and returns the result. A
-		 * positive result is possible only if both client and
+		 * Schnorr (IFF) identity scheme. This scheme is
+		 * designed for use with shared secret server group keys
+		 * and where the certificate may be generated by a third
+		 * party. The client sends a challenge to the server,
+		 * which performs a calculation and returns the result.
+		 * A positive result is possible only if both client and
 		 * server contain the same secret group key.
 		 */
 		case CRYPTO_IFF | CRYPTO_RESP:
@@ -752,7 +768,13 @@ crypto_recv(
 			break;
 
 		/*
-		 * MV
+		 * Mu-Varadharajan (MV) identity scheme. This scheme is
+		 * designed for use with three levels of trust, trusted
+		 * host, server and client. The trusted host key is
+		 * opaque to servers and clients; the server keys are
+		 * opaque to clients and each client key is different.
+		 * Client keys can be revoked without requiring new key
+		 * generations.
 		 */
 		case CRYPTO_MV | CRYPTO_RESP:
 
@@ -925,6 +947,16 @@ crypto_recv(
 		case CRYPTO_AUTO | CRYPTO_RESP:
 
 			/*
+			 * Discard the message if a CRYPTO_ASSOC
+			 * message has not been received. This is to
+			 * suppress spurious protocol errors if this is
+			 * the first message received by a broadcast
+			 * client.
+			 */
+			if (!(peer->crypto))
+				break;
+
+			/*
 			 * Discard the message if invalid or identity
 			 * not confirmed or signature not verified with
 			 * respect to the receive autokey values.
@@ -977,7 +1009,7 @@ crypto_recv(
 			 * Discard the message if invalid or not
 			 * proventic.
 			 */
-			if (!(peer->crypto & CRYPTO_FLAG_PROV)) {
+			if (!(peer->crypto & CRYPTO_FLAG_VRFY)) {
 				rval = XEVNT_ERR;
 				break;
 			}
@@ -1078,7 +1110,7 @@ crypto_recv(
 			peer->crypto |= CRYPTO_FLAG_LEAP;
 			peer->flash &= ~TEST8;
 			sprintf(statstr,
-			    "leap tai %d add %u expire %u fs %u",
+			    "leap TAI offset %d at %u expire %u fs %u",
 			    ntohl(ep->pkt[0]), ntohl(ep->pkt[1]),
 			    ntohl(ep->pkt[2]), ntohl(ep->fstamp));
 			record_crypto_stats(&peer->srcadr, statstr);
@@ -1616,19 +1648,15 @@ crypto_verify(
 	/*
 	 * Darn, I thought we would never get here. Verify the
 	 * signature. If the identity exchange is verified, light the
-	 * proventic bit. If no client identity scheme is specified,
-	 * avoid doing the sign exchange.
+	 * proventic bit.
 	 */
 	EVP_VerifyInit(&ctx, peer->digest);
 	EVP_VerifyUpdate(&ctx, (u_char *)&ep->tstamp, vallen + 12);
 	if (!EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey))
 		return (XEVNT_SIG);
 
-	if (peer->crypto & CRYPTO_FLAG_VRFY) {
+	if (peer->crypto & CRYPTO_FLAG_VRFY)
 		peer->crypto |= CRYPTO_FLAG_PROV;
-		if (!(crypto_flags & CRYPTO_FLAG_MASK))
-			peer->crypto |= CRYPTO_FLAG_SIGN;
-	}
 	return (XEVNT_OK);
 }
 
@@ -1792,12 +1820,13 @@ crypto_ident(
  * extension field is created here, but freed after the crypto_xmit()
  * call in the protocol module.
  *
- * Returns extension field pointer (no errors).
+ * Returns extension field pointer (no errors)
  */
 struct exten *
 crypto_args(
 	struct peer *peer,	/* peer structure pointer */
 	u_int	opcode,		/* operation code */
+	associd_t associd,	/* association ID */
 	char	*str		/* argument string */
 	)
 {
@@ -1820,7 +1849,7 @@ crypto_args(
 	 * If a request, send our ID; if a response, send the
 	 * requestor's ID.
 	 */
-	ep->associd = htonl(peer->associd);
+	ep->associd = htonl(associd);
 	ep->tstamp = htonl(tstamp);
 	ep->fstamp = hostval.tstamp;
 	ep->vallen = 0;
@@ -1917,10 +1946,9 @@ crypto_send(
  * cinfo	certificate info/value list
  * tai_leap	leap values
  *
- * Filestamps are proventicated data, so this routine is run only when
- * the host has been synchronized to a proventicated source. Thus, the
- * timestamp is proventicated, too, and can be used to deflect
- * clogging attacks and even cook breakfast.
+ * Filestamps are proventic data, so this routine runs only when the
+ * host is synchronized to a proventicated source. Thus, the timestamp
+ * is proventic and can be used to deflect clogging attacks.
  *
  * Returns void (no errors)
  */
@@ -1934,7 +1962,8 @@ crypto_update(void)
 	u_int32	*ptr;
 	u_int	len;
 
-	if ((tstamp = crypto_time()) == 0)
+	tstamp = crypto_time();
+	if (tstamp == 0)
 		return;
 
 	hostval.tstamp = htonl(tstamp);
@@ -1999,7 +2028,8 @@ crypto_update(void)
 		tai_leap.siglen = htonl(len);
 	if (leap_tai > 0)
 		crypto_flags |= CRYPTO_FLAG_TAI;
-	sprintf(statstr, "update ts %u", ntohl(hostval.tstamp)); 
+	sprintf(statstr, "update at %lu ts %u", current_time,
+	    ntohl(hostval.tstamp)); 
 	record_crypto_stats(NULL, statstr);
 #ifdef DEBUG
 	if (debug)
@@ -2027,12 +2057,14 @@ value_free(
 
 
 /*
- * crypto_time - returns current NTP time in seconds.
+ * crypto_time - returns current NTP time.
+ *
+ * Returns NTP seconds if in synch, 0 otherwise
  */
 tstamp_t
 crypto_time()
 {
-	l_fp	tstamp;		/* NTP time */	L_CLR(&tstamp);
+	l_fp	tstamp;		/* NTP time */
 
 	L_CLR(&tstamp);
 	if (sys_leap != LEAP_NOTINSYNC)
@@ -2042,7 +2074,9 @@ crypto_time()
 
 
 /*
- * asn2ntp - convert ASN1_TIME time structure to NTP time in seconds.
+ * asn2ntp - convert ASN1_TIME time structure to NTP time.
+ *
+ * Returns NTP seconds (no errors)
  */
 u_long
 asn2ntp	(
@@ -2055,13 +2089,10 @@ asn2ntp	(
 	/*
 	 * Extract time string YYMMDDHHMMSSZ from ASN1 time structure.
 	 * Note that the YY, MM, DD fields start with one, the HH, MM,
-	 * SS fiels start with zero and the Z character should be 'Z'
-	 * for UTC. Also note that years less than 50 map to years
-	 * greater than 100. Dontcha love ASN.1? Better than MIL-188.
+	 * SS fiels start with zero and the Z character is ignored.
+	 * Also note that years less than 50 map to years greater than
+	 * 100. Dontcha love ASN.1? Better than MIL-188.
 	 */
-	if (asn1time->length > 13)
-		return ((u_long)(~0));	/* We can't use -1 here. It's invalid */
-
 	v = (char *)asn1time->data;
 	tm.tm_year = (v[0] - '0') * 10 + v[1] - '0';
 	if (tm.tm_year < 50)
@@ -2080,8 +2111,10 @@ asn2ntp	(
 
 /*
  * bigdig() - compute a BIGNUM MD5 hash of a BIGNUM number.
+ *
+ * Returns void (no errors)
  */
-static int
+static void
 bighash(
 	BIGNUM	*bn,		/* BIGNUM * from */
 	BIGNUM	*bk		/* BIGNUM * to */
@@ -2100,7 +2133,6 @@ bighash(
 	EVP_DigestFinal(&ctx, dgst, &len);
 	BN_bin2bn(dgst, len, bk);
 	free(ptr);
-	return (1);
 }
 
 
@@ -3055,7 +3087,8 @@ struct cert_info *		/* certificate infor
 cert_parse(
 	u_char	*asn1cert,	/* X509 certificate */
 	u_int	len,		/* certificate length */
-	tstamp_t fstamp		/* filestamp */
+	tstamp_t fstamp,	/* filestamp */
+	int	ssflag		/* check self-signed certificate */
 	)
 {
 	X509	*cert;		/* X509 certificate */
@@ -3179,9 +3212,29 @@ cert_parse(
 	}
 
 	/*
+	 * Check for a certificate loop.
+	 */
+	if (strcmp(sys_hostname, ret->issuer) == 0 && ssflag) {
+		msyslog(LOG_INFO,
+		    "cert_parse: certificate trail loop %s",
+		    pathbuf);
+		cert_free(ret);
+		X509_free(cert);
+		return (NULL);
+	}
+	
+	/*
 	 * If certificate is self signed, verify signature.
 	 */
-	if (strcmp(ret->subject, ret->issuer) == 0) {
+	if (strcmp(ret->subject, ret->issuer) == 0 && ssflag) {
+		if (!(ret->flags & CERT_TRUST)) {
+			msyslog(LOG_INFO,
+			    "cert_parse: self-signed but not trusted %s",
+			    pathbuf);
+			cert_free(ret);
+			X509_free(cert);
+			return (NULL);
+		}
 		if (!X509_verify(cert, ret->pkey)) {
 			msyslog(LOG_INFO,
 			    "cert_parse: signature not verified %s",
@@ -3198,7 +3251,7 @@ cert_parse(
 	 */
 	if (ret->first > ret->last || ret->first < fstamp) {
 		msyslog(LOG_INFO,
-		    "cert_parse: invalid certificate %s first %u last %u fstamp %u",
+		    "cert_parse: invalid times %s first %u last %u fstamp %u",
 		    ret->subject, ret->first, ret->last, fstamp);
 		cert_free(ret);
 		X509_free(cert);
@@ -3427,7 +3480,7 @@ cert_install(
 	 * construct the info/value structure; otherwise, scamper home.
 	 */
 	if ((cp = cert_parse((u_char *)ep->pkt, ntohl(ep->vallen),
-	    ntohl(ep->fstamp))) == NULL)
+	    ntohl(ep->fstamp), 1)) == NULL)
 		return (XEVNT_CRT);
 
 	/*
@@ -3754,7 +3807,7 @@ crypto_cert(
 	/*
 	 * Parse certificate and generate info/value structure.
 	 */
-	ret = cert_parse(data, len, fstamp);
+	ret = cert_parse(data, len, fstamp, 0);
 	free(data);
 	(void)fclose(str);
 	if (ret == NULL)
@@ -3781,6 +3834,10 @@ crypto_cert(
  * the host key, and leapseconds table. The host key must be RSA, but
  * the sign key can be either RSA or DSA. In either case, the public key
  * on the certificate must agree with the sign key.
+ *
+ * Required but missing files and inconsistent data and errors are
+ * fatal. Allowing configuration to continue would be hazardous and
+ * require really messy error checks.
  */
 void
 crypto_setup(void)
@@ -3794,11 +3851,24 @@ crypto_setup(void)
 	u_char	*ptr;
 
 	/*
-	 * Initialize structures.
+	 * Check for correct OpenSSL version and avoid initialization in
+	 * the case of multiple crypto commands.
 	 */
-	if (!crypto_flags)
+	if (crypto_flags & CRYPTO_FLAG_ENAB) {
+		msyslog(LOG_ERR,
+		    "crypto_setup: spurious crypto command");
 		return;
+	}
+	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
+		msyslog(LOG_ERR,
+		    "crypto_setup: OpenSSL version mismatch. Built against %lx, you have %lx",
+		    OPENSSL_VERSION_NUMBER, SSLeay());
+                exit (-1);
+        }
 
+	/*
+	 * Initialize structures.
+	 */
 	gethostname(filename, MAXFILENAME);
 	bytes = strlen(filename) + 1;
 	sys_hostname = emalloc(bytes);
@@ -3994,7 +4064,7 @@ crypto_setup(void)
 	sign_digest = cinfo->digest;
 	if (cinfo->flags & CERT_PRIV)
 		crypto_flags |= CRYPTO_FLAG_PRIV;
-	crypto_flags |= cinfo->nid << 16;
+	crypto_flags |= CRYPTO_FLAG_ENAB | (cinfo->nid << 16);
 #ifdef DEBUG
 	if (debug)
 		printf(
@@ -4005,34 +4075,39 @@ crypto_setup(void)
 
 
 /*
- * crypto_config - configure data from crypto configuration command.
+ * crypto_config - configure data from the crypto command.
  */
 void
 crypto_config(
 	int	item,		/* configuration item */
-	char	*cp		/* file name */
+	char	*cp		/* item name */
 	)
 {
+
+#ifdef DEBUG
+	if (debug > 1)
+		printf("crypto_setup: item %d %s\n", item, cp);
+#endif
 	switch (item) {
 
 	/*
-	 * Set random seed file name.
+	 * Set certificate file name (cert).
 	 */
-	case CRYPTO_CONF_RAND:
-		rand_file = emalloc(strlen(cp) + 1);
-		strcpy(rand_file, cp);
+	case CRYPTO_CONF_CERT:
+		cert_file = emalloc(strlen(cp) + 1);
+		strcpy(cert_file, cp);
 		break;
 
 	/*
-	 * Set private key password.
+	 * Set gq parameters file name (gqpar).
 	 */
-	case CRYPTO_CONF_PW:
-		passwd = emalloc(strlen(cp) + 1);
-		strcpy(passwd, cp);
+	case CRYPTO_CONF_GQPAR:
+		gqpar_file = emalloc(strlen(cp) + 1);
+		strcpy(gqpar_file, cp);
 		break;
 
 	/*
-	 * Set host file name.
+	 * Set host file name (host).
 	 */
 	case CRYPTO_CONF_PRIV:
 		host_file = emalloc(strlen(cp) + 1);
@@ -4040,15 +4115,19 @@ crypto_config(
 		break;
 
 	/*
-	 * Set sign key file name.
+	 * Set identity scheme (ident).
 	 */
-	case CRYPTO_CONF_SIGN:
-		sign_file = emalloc(strlen(cp) + 1);
-		strcpy(sign_file, cp);
+	case CRYPTO_CONF_IDENT:
+		if (!strcasecmp(cp, "iff"))
+			ident_scheme |= CRYPTO_FLAG_IFF;
+		else if (!strcasecmp(cp, "gq"))
+			ident_scheme |= CRYPTO_FLAG_GQ;
+		else if (!strcasecmp(cp, "mv"))
+			ident_scheme |= CRYPTO_FLAG_MV;
 		break;
 
 	/*
-	 * Set iff parameters file name.
+	 * Set iff parameters file name (iffpar).
 	 */
 	case CRYPTO_CONF_IFFPAR:
 		iffpar_file = emalloc(strlen(cp) + 1);
@@ -4056,42 +4135,37 @@ crypto_config(
 		break;
 
 	/*
-	 * Set gq parameters file name.
+	 * Set mv parameters file name (mvpar).
 	 */
-	case CRYPTO_CONF_GQPAR:
-		gqpar_file = emalloc(strlen(cp) + 1);
-		strcpy(gqpar_file, cp);
+	case CRYPTO_CONF_MVPAR:
+		mvpar_file = emalloc(strlen(cp) + 1);
+		strcpy(mvpar_file, cp);
 		break;
 
 	/*
-	 * Set mv parameters file name.
+	 * Set private key password (pw).
 	 */
-	case CRYPTO_CONF_MVPAR:
-		mvpar_file = emalloc(strlen(cp) + 1);
-		strcpy(mvpar_file, cp);
+	case CRYPTO_CONF_PW:
+		passwd = emalloc(strlen(cp) + 1);
+		strcpy(passwd, cp);
 		break;
 
 	/*
-	 * Set identity scheme.
+	 * Set random seed file name (randfile).
 	 */
-	case CRYPTO_CONF_IDENT:
-		if (!strcasecmp(cp, "iff"))
-			ident_scheme |= CRYPTO_FLAG_IFF;
-		else if (!strcasecmp(cp, "gq"))
-			ident_scheme |= CRYPTO_FLAG_GQ;
-		else if (!strcasecmp(cp, "mv"))
-			ident_scheme |= CRYPTO_FLAG_MV;
+	case CRYPTO_CONF_RAND:
+		rand_file = emalloc(strlen(cp) + 1);
+		strcpy(rand_file, cp);
 		break;
 
 	/*
-	 * Set certificate file name.
+	 * Set sign key file name (sign).
 	 */
-	case CRYPTO_CONF_CERT:
-		cert_file = emalloc(strlen(cp) + 1);
-		strcpy(cert_file, cp);
+	case CRYPTO_CONF_SIGN:
+		sign_file = emalloc(strlen(cp) + 1);
+		strcpy(sign_file, cp);
 		break;
 	}
-	crypto_flags |= CRYPTO_FLAG_ENAB;
 }
 # else
 int ntp_crypto_bs_pubkey;

==== ntpd/ntp_loopfilter.c ====
2007-08-17 01:37:02-04:00, stenn at whimsy.udel.edu +85 -77
  Cleanup from Dave Mills

--- 1.138/ntpd/ntp_loopfilter.c	2007-07-27 23:44:02 -04:00
+++ 1.139/ntpd/ntp_loopfilter.c	2007-08-17 01:37:02 -04:00
@@ -41,7 +41,7 @@
 #define CLOCK_PLL	16.	/* PLL loop gain (log2) */
 #define CLOCK_AVG	8.	/* parameter averaging constant */
 #define CLOCK_FLL	(NTP_MAXPOLL + CLOCK_AVG) /* FLL loop gain */
-#define	CLOCK_ALLAN	1500.	/* compromise Allan intercept (s) */
+#define	CLOCK_ALLAN	11	/* Allan intercept (log2 s) */
 #define CLOCK_DAY	86400.	/* one day in seconds (s) */
 #define CLOCK_JUNE	(CLOCK_DAY * 30) /* June in seconds (s) */
 #define CLOCK_LIMIT	30	/* poll-adjust threshold */
@@ -111,29 +111,29 @@
  * via this routine, which then calls ntp_adjtime() with the STA_PLL bit
  * set to zero, in which case the system clock is not adjusted. This is
  * also a signal for the external clock driver to discipline the system
- * clock.
+ * clock. Unless specified otherwise, all times are in seconds.
  */
 /*
  * Program variables that can be tinkered.
  */
-double	clock_max = CLOCK_MAX;	/* step threshold (s) */
-double	clock_minstep = CLOCK_MINSTEP; /* stepout threshold (s) */
-double	clock_panic = CLOCK_PANIC; /* panic threshold (s) */
+double	clock_max = CLOCK_MAX;	/* step threshold */
+double	clock_minstep = CLOCK_MINSTEP; /* stepout threshold */
+double	clock_panic = CLOCK_PANIC; /* panic threshold */
 double	clock_phi = CLOCK_PHI;	/* dispersion rate (s/s) */
-double	allan_xpt = CLOCK_ALLAN; /* Allan intercept (s) */
+u_char	allan_xpt = CLOCK_ALLAN; /* Allan intercept (log2 s) */
 
 /*
  * Program variables
  */
-static double clock_offset;	/* offset (s) */
-double	clock_jitter;		/* offset jitter (s) */
+static double clock_offset;	/* offset */
+double	clock_jitter;		/* offset jitter */
 double	drift_comp;		/* frequency (s/s) */
 double	clock_stability;	/* frequency stability (wander) (s/s) */
-double	clock_codec;		/* audio codec frequency (sambles/s) */
-u_long	sys_clocktime;		/* last system clock update */
+double	clock_codec;		/* audio codec frequency (samples/s) */
+u_long	clock_epoch;		/* interval since last update */
 u_long	pps_control;		/* last pps update */
-u_int	sys_tai;		/* TAI offset from UTC (s) */
-static void rstclock (int, u_long, double); /* transition function */
+u_int	sys_tai;		/* TAI offset from UTC */
+static void rstclock (int, double); /* transition function */
 
 #ifdef KERNEL_PLL
 struct timex ntv;		/* kernel API parameters */
@@ -192,7 +192,7 @@ init_loopfilter(void)
 	 * file, so set the state to S_NSET. If a drift file is present,
 	 * it will be detected later and the state set to S_FSET.
 	 */
-	rstclock(S_NSET, 0, 0);
+	rstclock(S_NSET, 0);
 	clock_jitter = LOGTOD(sys_precision);
 }
 
@@ -206,16 +206,16 @@ init_loopfilter(void)
  * 2	clock was stepped
  *
  * LOCKCLOCK: The only thing this routine does is set the
- * sys_rootdispersion variable equal to the peer dispersion.
+ * sys_rootdisp variable equal to the peer dispersion.
  */
 int
 local_clock(
 	struct	peer *peer,	/* synch source peer structure */
+	u_long	mu,		/* measurement interval */
 	double	fp_offset	/* clock offset (s) */
 	)
 {
 	int	rval;		/* return code */
-	u_long	mu;		/* interval since last update (s) */
 	double	flladj;		/* FLL frequency adjustment (ppm) */
 	double	plladj;		/* PLL frequency adjustment (ppm) */
 	double	clock_frequency; /* clock frequency adjustment (ppm) */
@@ -325,8 +325,8 @@ local_clock(
 	 * stepped. Note also the kernel is disabled if step is
 	 * disabled or greater than 0.5 s. 
 	 */
+	clock_epoch += mu;
 	clock_frequency = flladj = plladj = 0;
-	mu = peer->epoch - sys_clocktime;
 	rval = 1;
 	if (fabs(fp_offset) > clock_max && clock_max > 0) {
 		switch (state) {
@@ -346,11 +346,11 @@ local_clock(
 		 * the phase.
 		 */
 		case S_FREQ:
-			if (mu < clock_minstep)
+			if (clock_epoch < clock_minstep)
 				return (0);
 
 			clock_frequency = (fp_offset - clock_offset) /
-			    mu;
+			    clock_epoch;
 
 			/* fall through to S_SPIK */
 
@@ -360,7 +360,7 @@ local_clock(
 		 * exceeded.
 		 */
 		case S_SPIK:
-			if (mu < clock_minstep)
+			if (clock_epoch < clock_minstep)
 				return (0);
 
 			/* fall through to default */
@@ -399,12 +399,12 @@ local_clock(
 			rval = 2;
 			clock_stepcnt++;
 			if (state == S_NSET || clock_stepcnt > 2) {
-				rstclock(S_FREQ, peer->epoch, 0);
+				rstclock(S_FREQ, 0);
 				return (rval);
 			}
 			break;
 		}
-		rstclock(S_SYNC, peer->epoch, 0);
+		rstclock(S_SYNC, 0);
 	} else {
 
 		/*
@@ -426,7 +426,7 @@ local_clock(
 		 * the stepout threshold.
 		 */
 		case S_NSET:
-			rstclock(S_FREQ, peer->epoch, fp_offset);
+			rstclock(S_FREQ, fp_offset);
 			break;
 
 		/*
@@ -436,7 +436,7 @@ local_clock(
 		 * update.
 		 */
 		case S_FSET:
-			rstclock(S_SYNC, peer->epoch, fp_offset);
+			rstclock(S_SYNC, fp_offset);
 			break;
 
 		/*
@@ -445,12 +445,12 @@ local_clock(
 		 * frequency and switch to S_SYNC state.
 		 */
 		case S_FREQ:
-			if (mu < clock_minstep)
+			if (clock_epoch < clock_minstep)
 				return (0);
 
 			clock_frequency = (fp_offset - clock_offset) /
-			    mu;
-			rstclock(S_SYNC, peer->epoch, fp_offset);
+			    clock_epoch;
+			rstclock(S_SYNC, fp_offset);
 			break;
 
 		/*
@@ -470,10 +470,11 @@ local_clock(
 			 * the Allan intercept. Above that the loop gain
 			 * increases in steps to 1 / CLOCK_AVG. 
 			 */
-			if (ULOGTOD(sys_poll) > allan_xpt / 2) {
+			if (sys_poll > allan_xpt - 1) {
 				dtemp = CLOCK_FLL - sys_poll;
 				flladj = (fp_offset - clock_offset) /
-				    (max(mu, allan_xpt) * dtemp);
+				    (max(clock_epoch, allan_xpt) *
+				    dtemp);
 			}
 
 			/*
@@ -482,10 +483,11 @@ local_clock(
 			 * interval and poll interval. This allows
 			 * oversampling, but not undersampling.
 			 */ 
-			etemp = min(mu, (u_long)ULOGTOD(sys_poll));
+			etemp = min(clock_epoch,
+			    (u_long)ULOGTOD(sys_poll));
 			dtemp = 4 * CLOCK_PLL * ULOGTOD(sys_poll);
 			plladj = fp_offset * etemp / (dtemp * dtemp);
-			rstclock(S_SYNC, peer->epoch, fp_offset);
+			rstclock(S_SYNC, fp_offset);
 			break;
 		}
 	}
@@ -554,7 +556,7 @@ local_clock(
 			}
 			ntv.esterror = (u_int32)(clock_jitter * 1e6);
 			ntv.maxerror = (u_int32)((sys_rootdelay / 2 +
-			    sys_rootdispersion) * 1e6);
+			    sys_rootdisp) * 1e6);
 			ntv.status = STA_PLL;
 
 			/*
@@ -695,11 +697,11 @@ local_clock(
 	record_loop_stats(clock_offset, drift_comp, clock_jitter,
 	    clock_stability, sys_poll);
 #ifdef DEBUG
-	if (debug)
+	if (debug > 1)
 		printf(
-		    "local_clock: mu %lu jitr %.6f freq %.3f stab %.6f poll %d count %d\n",
-		    mu, clock_jitter, drift_comp * 1e6,
-		    clock_stability * 1e6, sys_poll, tc_counter);
+		    "local_clock: jitr %.6f freq %.3f stab %.6f thres %.6f\n",
+		    clock_jitter, drift_comp * 1e6, clock_stability *
+		    1e6, wander_threshold * 1e6);
 #endif /* DEBUG */
 	return (rval);
 #endif /* LOCKCLOCK */
@@ -710,7 +712,7 @@ local_clock(
  * adj_host_clock - Called once every second to update the local clock.
  *
  * LOCKCLOCK: The only thing this routine does is increment the
- * sys_rootdispersion variable.
+ * sys_rootdisp variable.
  */
 void
 adj_host_clock(
@@ -729,7 +731,7 @@ adj_host_clock(
 	 * maximum error and the local clock driver will pick it up and
 	 * pass to the common refclock routines. Very elegant.
 	 */
-	sys_rootdispersion += clock_phi;
+	sys_rootdisp += clock_phi;
 
 #ifndef LOCKCLOCK
 	/*
@@ -758,8 +760,8 @@ adj_host_clock(
 	 * beyond this point and it helps to damp residual offset at the
 	 * longer poll intervals.
 	 */
-	adjustment = clock_offset / (CLOCK_PLL * min(ULOGTOD(sys_poll),
-	    allan_xpt));
+	adjustment = clock_offset / (CLOCK_PLL * ULOGTOD(min(sys_poll,
+	    allan_xpt)));
 	clock_offset -= adjustment;
 	adj_systime(adjustment + drift_comp);
 #endif /* LOCKCLOCK */
@@ -774,19 +776,18 @@ adj_host_clock(
 static void
 rstclock(
 	int	trans,		/* new state */
-	u_long	update,		/* new update time */
 	double	offset		/* new offset */
 	)
 {
 #ifdef DEBUG
 	if (debug)
-		printf("local_clock: at %lu offset %.9f freq %.6f state %d step %d\n",
-		    update, offset, drift_comp * 1e6, trans,
-		    clock_stepcnt);
+		printf("local_clock: intvl %lu offset %.6f freq %.3f state %d poll %d count %d\n",
+		    clock_epoch, offset, drift_comp * 1e6, trans,
+		    sys_poll, tc_counter);
 #endif
 	state = trans;
-	sys_clocktime = update;
 	last_offset = clock_offset = offset;
+	clock_epoch = 0; 
 }
 
 
@@ -818,12 +819,15 @@ huffpuff()
  */
 void
 loop_config(
-	int item,
-	double freq
+	int	item,
+	double	freq
 	)
 {
 	int i;
 
+#ifdef DEBUG
+	printf("loop_config: item %d freq %f\n", item, freq);
+#endif
 	switch (item) {
 
 	case LOOP_DRIFTINIT:
@@ -907,7 +911,7 @@ loop_config(
 		 */
 		if (freq <= NTP_MAXFREQ && freq >= -NTP_MAXFREQ) {
 			drift_comp = freq;
-			rstclock(S_FSET, 0, 0);
+			rstclock(S_FSET, 0);
 		} else {
 			drift_comp = 0;
 		}
@@ -947,32 +951,37 @@ loop_config(
 #endif /* LOCKCLOCK */
 		break;
 
+	case LOOP_LEAP:		/* set kernel TAI offset */
+#if defined(STA_NANO) && NTP_API == 4
+		if (pll_control && kern_enable) {
+			ntv.modes = MOD_TAI;
+			ntv.constant = sys_tai;
+			ntp_adjtime(&ntv);
+		}
+#endif /* STA_NANO */
+		break;
+
 	/*
-	 * Special tinker variables for Ulrich Windl. Very dangerous.
+	 * tinker command variables for Ulrich Windl. Very dangerous.
 	 */
-	case LOOP_MAX:			/* step threshold */
-		clock_max = freq;
-		if (clock_max == 0 || clock_max > 0.5)
-		kern_enable = 0;
+	case LOOP_ALLAN:	/* Allan intercept (log2) (allan) */
+		allan_xpt = (u_char)freq;
 		break;
 
-	case LOOP_PANIC:		/* panic threshold */
-		clock_panic = freq;
+	case LOOP_CODEC:	/* audio codec frequency (codec) */
+		clock_codec = freq / 1e6;
 		break;
-
-	case LOOP_PHI:			/* dispersion rate */
-		clock_phi = freq;
+	
+	case LOOP_PHI:		/* dispersion threshold (dispersion) */
+		clock_phi = freq / 1e6;
 		break;
 
-	case LOOP_MINSTEP:		/* watchdog bark */
-		clock_minstep = freq; 
+	case LOOP_FREQ:		/* initial frequency (freq) */	
+		drift_comp = freq / 1e6;
+		rstclock(S_FSET, 0);
 		break;
 
-	case LOOP_ALLAN:		/* Allan intercept */
-		allan_xpt = freq;
-		break;
-	
-	case LOOP_HUFFPUFF:		/* huff-n'-puff filter length */
+	case LOOP_HUFFPUFF:	/* huff-n'-puff length (huffpuff) */
 		if (freq < HUFFPUFF)
 			freq = HUFFPUFF;
 		sys_hufflen = (int)(freq / HUFFPUFF);
@@ -983,24 +992,23 @@ loop_config(
 		sys_mindly = 1e9;
 		break;
 
-	case LOOP_FREQ:			/* initial frequency */	
-		drift_comp = freq / 1e6;
-		rstclock(S_FSET, 0, 0);
+	case LOOP_PANIC:	/* panic threshold (panic) */
+		clock_panic = freq;
 		break;
 
-	case LOOP_CODEC:		/* audio codec frequency */
-		clock_codec = freq;
+	case LOOP_MAX:		/* step threshold (step) */
+		clock_max = freq;
+		if (clock_max == 0 || clock_max > 0.5)
+		kern_enable = 0;
 		break;
 
-	case LOOP_LEAP:			/* set kernel TAI offset */
-#if defined(STA_NANO) && NTP_API == 4
-		if (pll_control && kern_enable) {
-			ntv.modes = MOD_TAI;
-			ntv.constant = sys_tai;
-			ntp_adjtime(&ntv);
-		}
-#endif /* STA_NANO */
+	case LOOP_MINSTEP:	/* stepout threshold (stepout) */
+		clock_minstep = freq; 
 		break;
+
+	default:
+		msyslog(LOG_INFO,
+		    "loop_config: unsupported option %d", item);
 	}
 }
 

==== ntpd/ntp_parser.c ====
2007-08-17 01:37:04-04:00, stenn at whimsy.udel.edu +239 -261
  Cleanup from Dave Mills

--- 1.18/ntpd/ntp_parser.c	2007-08-07 03:10:32 -04:00
+++ 1.19/ntpd/ntp_parser.c	2007-08-17 01:37:04 -04:00
@@ -1,4 +1,4 @@
-/* A Bison parser, made from /deacon/backroom/ntp-dev/A.whimsy/ntpd/../../ntpd/ntp_parser.y
+/* A Bison parser, made from /backroom/ntp-dev/A.whimsy-noopenssl/ntpd/../../ntpd/ntp_parser.y
    by GNU bison 1.35.  */
 
 #define YYBISON 1  /* Identify Bison output.  */
@@ -169,6 +169,7 @@
   #include "ntp_data_structures.h"
   #include "ntp_scanner.h"
   #include "ntp_config.h"
+  #include "ntp_crypto.h"
 
   #include "ntpsim.h"		/* HMS: Do we really want this all the time? */
                                 /* SK: It might be a good idea to always
@@ -191,30 +192,7 @@
   void yyerror (char *msg);
   extern int input_from_file;  /* 0=input from ntpq>config command buffer */
 
-  /* SK: The following is a terrible hack to allow the NTP code to be built
-   * without OPENSSL. The following symbols need to be defined in the
-   * here because bison will balk at the presence of a C like preprocesser
-   * directive in the rules section.
-   *
-   * There should be a better way of doing this...
-   */
-#ifndef OPENSSL
-  #define CRYPTO_CONF_NONE  0
-  #define CRYPTO_CONF_PRIV  1
-  #define CRYPTO_CONF_SIGN  2
-  #define CRYPTO_CONF_LEAP  3
-  #define CRYPTO_CONF_KEYS  4
-  #define CRYPTO_CONF_CERT  5
-  #define CRYPTO_CONF_RAND  6
-  #define CRYPTO_CONF_TRST  7
-  #define CRYPTO_CONF_IFFPAR 8
-  #define CRYPTO_CONF_GQPAR 9
-  #define CRYPTO_CONF_MVPAR 10
-  #define CRYPTO_CONF_PW    11
- #define CRYPTO_CONF_IDENT 12
-#endif
-
-#line 70 "ntp_parser.y"
+#line 48 "ntp_parser.y"
 #ifndef YYSTYPE
 typedef union {
     char   *String;
@@ -391,29 +369,29 @@ static const short yyrhs[] =
 /* YYRLINE[YYN] -- source line where rule number YYN was defined. */
 static const short yyrline[] =
 {
-       0,   302,   306,   307,   312,   323,   324,   325,   326,   327,
-     328,   329,   330,   331,   332,   333,   334,   342,   348,   357,
-     358,   359,   360,   361,   365,   366,   367,   383,   384,   388,
-     389,   394,   395,   396,   397,   398,   399,   400,   401,   402,
-     403,   404,   405,   406,   416,   418,   420,   422,   433,   435,
-     437,   443,   445,   447,   449,   454,   455,   459,   461,   463,
-     465,   467,   469,   471,   473,   475,   477,   479,   489,   494,
-     495,   499,   501,   503,   505,   507,   509,   511,   513,   515,
-     517,   519,   529,   531,   533,   541,   542,   546,   548,   550,
-     552,   554,   556,   561,   562,   566,   567,   568,   569,   570,
-     571,   575,   576,   577,   578,   579,   580,   581,   590,   592,
-     597,   602,   610,   611,   615,   616,   617,   618,   619,   620,
-     621,   622,   623,   624,   625,   626,   630,   631,   635,   636,
-     637,   645,   650,   651,   655,   657,   659,   661,   663,   665,
-     667,   669,   678,   680,   685,   686,   690,   691,   692,   693,
-     694,   695,   697,   705,   709,   710,   714,   715,   716,   717,
-     718,   719,   720,   728,   744,   750,   752,   754,   756,   758,
-     761,   763,   765,   768,   770,   772,   774,   776,   780,   782,
-     785,   790,   792,   798,   799,   803,   804,   809,   810,   814,
-     815,   832,   833,   834,   843,   844,   848,   849,   853,   854,
-     858,   867,   868,   872,   873,   881,   896,   900,   901,   905,
-     906,   910,   911,   915,   920,   924,   928,   929,   933,   934,
-     938,   943,   944,   948,   950,   952,   954,   956
+       0,   280,   284,   285,   290,   301,   302,   303,   304,   305,
+     306,   307,   308,   309,   310,   311,   312,   320,   326,   335,
+     336,   337,   338,   339,   343,   344,   345,   361,   362,   366,
+     367,   372,   373,   374,   375,   376,   377,   378,   379,   380,
+     381,   382,   383,   384,   394,   396,   398,   400,   411,   413,
+     415,   421,   423,   425,   427,   432,   433,   437,   439,   441,
+     443,   445,   447,   449,   451,   453,   455,   457,   467,   472,
+     473,   477,   479,   481,   483,   485,   487,   489,   491,   493,
+     495,   497,   507,   509,   511,   519,   520,   524,   526,   528,
+     530,   532,   534,   539,   540,   544,   545,   546,   547,   548,
+     549,   553,   554,   555,   556,   557,   558,   559,   568,   570,
+     575,   580,   588,   589,   593,   594,   595,   596,   597,   598,
+     599,   600,   601,   602,   603,   604,   608,   609,   613,   614,
+     615,   623,   628,   629,   633,   635,   637,   639,   641,   643,
+     645,   647,   656,   658,   663,   664,   668,   669,   670,   671,
+     672,   673,   675,   683,   687,   688,   692,   693,   694,   695,
+     696,   697,   698,   706,   722,   728,   730,   732,   734,   736,
+     739,   741,   743,   746,   748,   750,   752,   754,   758,   760,
+     763,   768,   770,   776,   777,   781,   782,   787,   788,   792,
+     793,   810,   811,   812,   821,   822,   826,   827,   831,   832,
+     836,   845,   846,   850,   851,   859,   874,   878,   879,   883,
+     884,   888,   889,   893,   898,   902,   906,   907,   911,   912,
+     916,   921,   922,   926,   928,   930,   932,   934
 };
 #endif
 
@@ -1458,7 +1436,7 @@ yyreduce:
   switch (yyn) {
 
 case 4:
-#line 313 "ntp_parser.y"
+#line 291 "ntp_parser.y"
 {
 					if (input_from_file == 1) {
 			msyslog(LOG_INFO, "parse error %s line %d ignored\n",
@@ -1469,7 +1447,7 @@ case 4:
                 }
     break;
 case 17:
-#line 343 "ntp_parser.y"
+#line 321 "ntp_parser.y"
 {
                         struct peer_node *my_node =  create_peer_node(yyvsp[-2].Integer, yyvsp[-1].Address_node, yyvsp[0].Queue);
                         if (my_node)
@@ -1477,7 +1455,7 @@ case 17:
                     }
     break;
 case 18:
-#line 349 "ntp_parser.y"
+#line 327 "ntp_parser.y"
 {
                         struct peer_node *my_node = create_peer_node(yyvsp[-1].Integer, yyvsp[0].Address_node, NULL);
                         if (my_node)
@@ -1485,35 +1463,35 @@ case 18:
                     }
     break;
 case 19:
-#line 357 "ntp_parser.y"
+#line 335 "ntp_parser.y"
 { yyval.Integer = T_Server; }
     break;
 case 20:
-#line 358 "ntp_parser.y"
+#line 336 "ntp_parser.y"
 { yyval.Integer = T_Pool; }
     break;
 case 21:
-#line 359 "ntp_parser.y"
+#line 337 "ntp_parser.y"
 { yyval.Integer = T_Peer; }
     break;
 case 22:
-#line 360 "ntp_parser.y"
+#line 338 "ntp_parser.y"
 { yyval.Integer = T_Broadcast; }
     break;
 case 23:
-#line 361 "ntp_parser.y"
+#line 339 "ntp_parser.y"
 { yyval.Integer = T_Manycastclient; }
     break;
 case 24:
-#line 365 "ntp_parser.y"
+#line 343 "ntp_parser.y"
 { yyval.Address_node = yyvsp[0].Address_node; }
     break;
 case 25:
-#line 366 "ntp_parser.y"
+#line 344 "ntp_parser.y"
 { yyval.Address_node = create_address_node(yyvsp[0].String, default_ai_family); }
     break;
 case 26:
-#line 368 "ntp_parser.y"
+#line 346 "ntp_parser.y"
 {
                         if (yyvsp[-1].Integer == -4)
                             yyval.Address_node = create_address_node(yyvsp[0].String, AF_INET);
@@ -1526,99 +1504,99 @@ case 26:
                     }
     break;
 case 27:
-#line 383 "ntp_parser.y"
+#line 361 "ntp_parser.y"
 { yyval.Address_node = create_address_node(yyvsp[0].String, AF_INET); }
     break;
 case 28:
-#line 384 "ntp_parser.y"
+#line 362 "ntp_parser.y"
 { yyval.Address_node = create_address_node(yyvsp[0].String, AF_INET6); }
     break;
 case 29:
-#line 388 "ntp_parser.y"
+#line 366 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 30:
-#line 389 "ntp_parser.y"
+#line 367 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 31:
-#line 394 "ntp_parser.y"
+#line 372 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_SKEY | FLAG_AUTHENABLE); }
     break;
 case 32:
-#line 395 "ntp_parser.y"
+#line 373 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_BURST); }
     break;
 case 33:
-#line 396 "ntp_parser.y"
+#line 374 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_IBURST); }
     break;
 case 34:
-#line 397 "ntp_parser.y"
+#line 375 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Key, yyvsp[0].Integer); }
     break;
 case 35:
-#line 398 "ntp_parser.y"
+#line 376 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Minpoll, yyvsp[0].Integer); }
     break;
 case 36:
-#line 399 "ntp_parser.y"
+#line 377 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Maxpoll, yyvsp[0].Integer); }
     break;
 case 37:
-#line 400 "ntp_parser.y"
+#line 378 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_NOSELECT);}
     break;
 case 38:
-#line 401 "ntp_parser.y"
+#line 379 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_PREEMPT); }
     break;
 case 39:
-#line 402 "ntp_parser.y"
+#line 380 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_PREFER); }
     break;
 case 40:
-#line 403 "ntp_parser.y"
+#line 381 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, FLAG_TRUE); }
     break;
 case 41:
-#line 404 "ntp_parser.y"
+#line 382 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Ttl, yyvsp[0].Integer); }
     break;
 case 42:
-#line 405 "ntp_parser.y"
+#line 383 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Mode, yyvsp[0].Integer); }
     break;
 case 43:
-#line 406 "ntp_parser.y"
+#line 384 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Version, yyvsp[0].Integer); }
     break;
 case 44:
-#line 417 "ntp_parser.y"
+#line 395 "ntp_parser.y"
 { my_config.broadcastclient = SIMPLE; }
     break;
 case 45:
-#line 419 "ntp_parser.y"
+#line 397 "ntp_parser.y"
 { my_config.broadcastclient = NOVOLLEY;  }
     break;
 case 46:
-#line 421 "ntp_parser.y"
+#line 399 "ntp_parser.y"
 { append_queue(my_config.manycastserver, yyvsp[0].Queue);  }
     break;
 case 47:
-#line 423 "ntp_parser.y"
+#line 401 "ntp_parser.y"
 { append_queue(my_config.multicastclient, yyvsp[0].Queue);  }
     break;
 case 48:
-#line 434 "ntp_parser.y"
+#line 412 "ntp_parser.y"
 { my_config.auth.autokey = yyvsp[0].Integer;  }
     break;
 case 49:
-#line 436 "ntp_parser.y"
+#line 414 "ntp_parser.y"
 { my_config.auth.control_key = yyvsp[0].Integer;  }
     break;
 case 50:
-#line 438 "ntp_parser.y"
+#line 416 "ntp_parser.y"
 { if (my_config.auth.crypto_cmd_list != NULL)
 					append_queue(my_config.auth.crypto_cmd_list, yyvsp[0].Queue);
 				else
@@ -1626,467 +1604,467 @@ case 50:
 			}
     break;
 case 51:
-#line 444 "ntp_parser.y"
+#line 422 "ntp_parser.y"
 { my_config.auth.keys = yyvsp[0].String;  }
     break;
 case 52:
-#line 446 "ntp_parser.y"
+#line 424 "ntp_parser.y"
 { my_config.auth.keysdir = yyvsp[0].String;  }
     break;
 case 53:
-#line 448 "ntp_parser.y"
+#line 426 "ntp_parser.y"
 { my_config.auth.requested_key = yyvsp[0].Integer;  }
     break;
 case 54:
-#line 450 "ntp_parser.y"
+#line 428 "ntp_parser.y"
 { my_config.auth.trusted_key_list = yyvsp[0].Queue;  }
     break;
 case 55:
-#line 454 "ntp_parser.y"
+#line 432 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 56:
-#line 455 "ntp_parser.y"
+#line 433 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 57:
-#line 460 "ntp_parser.y"
+#line 438 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_CERT, yyvsp[0].String); }
     break;
 case 58:
-#line 462 "ntp_parser.y"
+#line 440 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_GQPAR, yyvsp[0].String); }
     break;
 case 59:
-#line 464 "ntp_parser.y"
+#line 442 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_PRIV, yyvsp[0].String); }
     break;
 case 60:
-#line 466 "ntp_parser.y"
+#line 444 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_IDENT, yyvsp[0].String); }
     break;
 case 61:
-#line 468 "ntp_parser.y"
+#line 446 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_IFFPAR, yyvsp[0].String); }
     break;
 case 62:
-#line 470 "ntp_parser.y"
+#line 448 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_LEAP, yyvsp[0].String); }
     break;
 case 63:
-#line 472 "ntp_parser.y"
+#line 450 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_MVPAR, yyvsp[0].String); }
     break;
 case 64:
-#line 474 "ntp_parser.y"
+#line 452 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_PW, yyvsp[0].String); }
     break;
 case 65:
-#line 476 "ntp_parser.y"
+#line 454 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_RAND, yyvsp[0].String); }
     break;
 case 66:
-#line 478 "ntp_parser.y"
+#line 456 "ntp_parser.y"
 { my_config.auth.revoke = yyvsp[0].Integer;  }
     break;
 case 67:
-#line 480 "ntp_parser.y"
+#line 458 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CRYPTO_CONF_SIGN, yyvsp[0].String); }
     break;
 case 68:
-#line 490 "ntp_parser.y"
+#line 468 "ntp_parser.y"
 { append_queue(my_config.orphan_cmds,yyvsp[0].Queue);  }
     break;
 case 69:
-#line 494 "ntp_parser.y"
+#line 472 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 70:
-#line 495 "ntp_parser.y"
+#line 473 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 71:
-#line 500 "ntp_parser.y"
+#line 478 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_CEILING, (double)yyvsp[0].Integer); }
     break;
 case 72:
-#line 502 "ntp_parser.y"
+#line 480 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_FLOOR, (double)yyvsp[0].Integer); }
     break;
 case 73:
-#line 504 "ntp_parser.y"
+#line 482 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_COHORT, (double)yyvsp[0].Integer); }
     break;
 case 74:
-#line 506 "ntp_parser.y"
+#line 484 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_ORPHAN, (double)yyvsp[0].Integer); }
     break;
 case 75:
-#line 508 "ntp_parser.y"
+#line 486 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MINDISP, yyvsp[0].Double); }
     break;
 case 76:
-#line 510 "ntp_parser.y"
+#line 488 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MAXDIST, yyvsp[0].Double); }
     break;
 case 77:
-#line 512 "ntp_parser.y"
+#line 490 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MINCLOCK, yyvsp[0].Double); }
     break;
 case 78:
-#line 514 "ntp_parser.y"
+#line 492 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MAXCLOCK, yyvsp[0].Double); }
     break;
 case 79:
-#line 516 "ntp_parser.y"
+#line 494 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MINSANE, (double)yyvsp[0].Integer); }
     break;
 case 80:
-#line 518 "ntp_parser.y"
+#line 496 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_BEACON, (double)yyvsp[0].Integer); }
     break;
 case 81:
-#line 520 "ntp_parser.y"
+#line 498 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(PROTO_MAXHOP, (double)yyvsp[0].Integer); }
     break;
 case 82:
-#line 530 "ntp_parser.y"
+#line 508 "ntp_parser.y"
 { append_queue(my_config.stats_list, yyvsp[0].Queue);  }
     break;
 case 83:
-#line 532 "ntp_parser.y"
+#line 510 "ntp_parser.y"
 { my_config.stats_dir = yyvsp[0].String;  }
     break;
 case 84:
-#line 534 "ntp_parser.y"
+#line 512 "ntp_parser.y"
 {
                         enqueue(my_config.filegen_opts,
                                 create_filegen_node(yyvsp[-1].VoidPtr, yyvsp[0].Queue));
                     }
     break;
 case 85:
-#line 541 "ntp_parser.y"
+#line 519 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].VoidPtr); }
     break;
 case 86:
-#line 542 "ntp_parser.y"
+#line 520 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].VoidPtr); }
     break;
 case 87:
-#line 547 "ntp_parser.y"
+#line 525 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("clockstats"); }
     break;
 case 88:
-#line 549 "ntp_parser.y"
+#line 527 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("cryptostats"); }
     break;
 case 89:
-#line 551 "ntp_parser.y"
+#line 529 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("loopstats"); }
     break;
 case 90:
-#line 553 "ntp_parser.y"
+#line 531 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("peerstats"); }
     break;
 case 91:
-#line 555 "ntp_parser.y"
+#line 533 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("rawstats"); }
     break;
 case 92:
-#line 557 "ntp_parser.y"
+#line 535 "ntp_parser.y"
 { yyval.VoidPtr = create_pval("sysstats"); }
     break;
 case 93:
-#line 561 "ntp_parser.y"
+#line 539 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 94:
-#line 562 "ntp_parser.y"
+#line 540 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 95:
-#line 566 "ntp_parser.y"
+#line 544 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(T_File, yyvsp[0].String); }
     break;
 case 96:
-#line 567 "ntp_parser.y"
+#line 545 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Type, yyvsp[0].Integer); }
     break;
 case 97:
-#line 568 "ntp_parser.y"
+#line 546 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, T_Link); }
     break;
 case 98:
-#line 569 "ntp_parser.y"
+#line 547 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, T_Nolink); }
     break;
 case 99:
-#line 570 "ntp_parser.y"
+#line 548 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, T_Enable); }
     break;
 case 100:
-#line 571 "ntp_parser.y"
+#line 549 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, T_Disable); }
     break;
 case 101:
-#line 575 "ntp_parser.y"
+#line 553 "ntp_parser.y"
 { yyval.Integer = FILEGEN_NONE; }
     break;
 case 102:
-#line 576 "ntp_parser.y"
+#line 554 "ntp_parser.y"
 { yyval.Integer = FILEGEN_PID; }
     break;
 case 103:
-#line 577 "ntp_parser.y"
+#line 555 "ntp_parser.y"
 { yyval.Integer = FILEGEN_DAY; }
     break;
 case 104:
-#line 578 "ntp_parser.y"
+#line 556 "ntp_parser.y"
 { yyval.Integer = FILEGEN_WEEK; }
     break;
 case 105:
-#line 579 "ntp_parser.y"
+#line 557 "ntp_parser.y"
 { yyval.Integer = FILEGEN_MONTH; }
     break;
 case 106:
-#line 580 "ntp_parser.y"
+#line 558 "ntp_parser.y"
 { yyval.Integer = FILEGEN_YEAR; }
     break;
 case 107:
-#line 581 "ntp_parser.y"
+#line 559 "ntp_parser.y"
 { yyval.Integer = FILEGEN_AGE; }
     break;
 case 108:
-#line 591 "ntp_parser.y"
+#line 569 "ntp_parser.y"
 {   append_queue(my_config.discard_opts, yyvsp[0].Queue); }
     break;
 case 109:
-#line 593 "ntp_parser.y"
+#line 571 "ntp_parser.y"
 {
                         enqueue(my_config.restrict_opts,
                                 create_restrict_node(yyvsp[-1].Address_node, NULL, yyvsp[0].Queue, ip_file->line_no));
                     }
     break;
 case 110:
-#line 598 "ntp_parser.y"
+#line 576 "ntp_parser.y"
 {
                         enqueue(my_config.restrict_opts,
                                 create_restrict_node(NULL, NULL, yyvsp[0].Queue, ip_file->line_no));
                     }
     break;
 case 111:
-#line 603 "ntp_parser.y"
+#line 581 "ntp_parser.y"
 {
                         enqueue(my_config.restrict_opts,
                                 create_restrict_node(yyvsp[-3].Address_node, yyvsp[-1].Address_node, yyvsp[0].Queue, ip_file->line_no));
                     }
     break;
 case 112:
-#line 610 "ntp_parser.y"
+#line 588 "ntp_parser.y"
 { yyval.Queue = create_queue(); }
     break;
 case 113:
-#line 611 "ntp_parser.y"
+#line 589 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].VoidPtr); }
     break;
 case 114:
-#line 615 "ntp_parser.y"
+#line 593 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_IGNORE); }
     break;
 case 115:
-#line 616 "ntp_parser.y"
+#line 594 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_DEMOBILIZE); }
     break;
 case 116:
-#line 617 "ntp_parser.y"
+#line 595 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_LIMITED); }
     break;
 case 117:
-#line 618 "ntp_parser.y"
+#line 596 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_LPTRAP); }
     break;
 case 118:
-#line 619 "ntp_parser.y"
+#line 597 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_NOMODIFY); }
     break;
 case 119:
-#line 620 "ntp_parser.y"
+#line 598 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_NOPEER); }
     break;
 case 120:
-#line 621 "ntp_parser.y"
+#line 599 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_NOQUERY); }
     break;
 case 121:
-#line 622 "ntp_parser.y"
+#line 600 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_DONTSERVE); }
     break;
 case 122:
-#line 623 "ntp_parser.y"
+#line 601 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_NOTRAP); }
     break;
 case 123:
-#line 624 "ntp_parser.y"
+#line 602 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_DONTTRUST); }
     break;
 case 124:
-#line 625 "ntp_parser.y"
+#line 603 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RESM_NTPONLY); }
     break;
 case 125:
-#line 626 "ntp_parser.y"
+#line 604 "ntp_parser.y"
 { yyval.VoidPtr = create_ival(RES_VERSION); }
     break;
 case 126:
-#line 630 "ntp_parser.y"
+#line 608 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 127:
-#line 631 "ntp_parser.y"
+#line 609 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 128:
-#line 635 "ntp_parser.y"
+#line 613 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Average, yyvsp[0].Integer); }
     break;
 case 129:
-#line 636 "ntp_parser.y"
+#line 614 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Minimum, yyvsp[0].Integer); }
     break;
 case 130:
-#line 637 "ntp_parser.y"
+#line 615 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Monitor, yyvsp[0].Integer); }
     break;
 case 131:
-#line 646 "ntp_parser.y"
+#line 624 "ntp_parser.y"
 { enqueue(my_config.fudge, create_addr_opts_node(yyvsp[-1].Address_node, yyvsp[0].Queue));  }
     break;
 case 132:
-#line 650 "ntp_parser.y"
+#line 628 "ntp_parser.y"
 { enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 133:
-#line 651 "ntp_parser.y"
+#line 629 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 134:
-#line 656 "ntp_parser.y"
+#line 634 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(CLK_HAVETIME1, yyvsp[0].Double); }
     break;
 case 135:
-#line 658 "ntp_parser.y"
+#line 636 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(CLK_HAVETIME2, yyvsp[0].Double); }
     break;
 case 136:
-#line 660 "ntp_parser.y"
+#line 638 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(CLK_HAVEVAL1,  yyvsp[0].Integer); }
     break;
 case 137:
-#line 662 "ntp_parser.y"
+#line 640 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(CLK_HAVEVAL2,  yyvsp[0].String); }
     break;
 case 138:
-#line 664 "ntp_parser.y"
+#line 642 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(CLK_HAVEFLAG1, yyvsp[0].Integer); }
     break;
 case 139:
-#line 666 "ntp_parser.y"
+#line 644 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(CLK_HAVEFLAG2, yyvsp[0].Integer); }
     break;
 case 140:
-#line 668 "ntp_parser.y"
+#line 646 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(CLK_HAVEFLAG3, yyvsp[0].Integer); }
     break;
 case 141:
-#line 670 "ntp_parser.y"
+#line 648 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(CLK_HAVEFLAG4, yyvsp[0].Integer); }
     break;
 case 142:
-#line 679 "ntp_parser.y"
+#line 657 "ntp_parser.y"
 { append_queue(my_config.enable_opts,yyvsp[0].Queue);  }
     break;
 case 143:
-#line 681 "ntp_parser.y"
+#line 659 "ntp_parser.y"
 { append_queue(my_config.disable_opts,yyvsp[0].Queue);  }
     break;
 case 144:
-#line 685 "ntp_parser.y"
+#line 663 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 145:
-#line 686 "ntp_parser.y"
+#line 664 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 146:
-#line 690 "ntp_parser.y"
+#line 668 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_AUTHENTICATE); }
     break;
 case 147:
-#line 691 "ntp_parser.y"
+#line 669 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_BROADCLIENT); }
     break;
 case 148:
-#line 692 "ntp_parser.y"
+#line 670 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_CAL); }
     break;
 case 149:
-#line 693 "ntp_parser.y"
+#line 671 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_KERNEL); }
     break;
 case 150:
-#line 694 "ntp_parser.y"
+#line 672 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_MONITOR); }
     break;
 case 151:
-#line 695 "ntp_parser.y"
+#line 673 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_NTP); }
     break;
 case 152:
-#line 697 "ntp_parser.y"
+#line 675 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Flag, PROTO_FILEGEN); }
     break;
 case 153:
-#line 705 "ntp_parser.y"
+#line 683 "ntp_parser.y"
 { append_queue(my_config.tinker, yyvsp[0].Queue);  }
     break;
 case 154:
-#line 709 "ntp_parser.y"
+#line 687 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 155:
-#line 710 "ntp_parser.y"
+#line 688 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 156:
-#line 714 "ntp_parser.y"
+#line 692 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_ALLAN, yyvsp[0].Double); }
     break;
 case 157:
-#line 715 "ntp_parser.y"
+#line 693 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_PHI, yyvsp[0].Double); }
     break;
 case 158:
-#line 716 "ntp_parser.y"
+#line 694 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_FREQ, yyvsp[0].Double); }
     break;
 case 159:
-#line 717 "ntp_parser.y"
+#line 695 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_HUFFPUFF, yyvsp[0].Double); }
     break;
 case 160:
-#line 718 "ntp_parser.y"
+#line 696 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_PANIC, yyvsp[0].Double); }
     break;
 case 161:
-#line 719 "ntp_parser.y"
+#line 697 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_MAX, yyvsp[0].Double); }
     break;
 case 162:
-#line 720 "ntp_parser.y"
+#line 698 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(LOOP_MINSTEP, yyvsp[0].Double); }
     break;
 case 163:
-#line 729 "ntp_parser.y"
+#line 707 "ntp_parser.y"
 {
                     if (curr_include_level >= MAXINCLUDELEVEL) {
                         fprintf(stderr, "getconfig: Maximum include file level exceeded.\n");
@@ -2104,116 +2082,116 @@ case 163:
                 }
     break;
 case 164:
-#line 745 "ntp_parser.y"
+#line 723 "ntp_parser.y"
 {
                     while (curr_include_level != -1)
                         FCLOSE(fp[curr_include_level--]);
                 }
     break;
 case 165:
-#line 751 "ntp_parser.y"
+#line 729 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_dval(T_Broadcastdelay, yyvsp[0].Double));  }
     break;
 case 166:
-#line 753 "ntp_parser.y"
+#line 731 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_ival(T_Calldelay, yyvsp[0].Integer));  }
     break;
 case 167:
-#line 755 "ntp_parser.y"
+#line 733 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_dval(T_Tick, yyvsp[0].Double));  }
     break;
 case 168:
-#line 757 "ntp_parser.y"
+#line 735 "ntp_parser.y"
 { /* Null action, possibly all null parms */ }
     break;
 case 169:
-#line 759 "ntp_parser.y"
+#line 737 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_sval(T_Leapfile, yyvsp[0].String)); }
     break;
 case 170:
-#line 762 "ntp_parser.y"
+#line 740 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_sval(T_Pidfile, yyvsp[0].String));  }
     break;
 case 171:
-#line 764 "ntp_parser.y"
+#line 742 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_sval(T_Logfile, yyvsp[0].String));  }
     break;
 case 172:
-#line 766 "ntp_parser.y"
+#line 744 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_ival(T_Automax, yyvsp[0].Integer));  }
     break;
 case 173:
-#line 769 "ntp_parser.y"
+#line 747 "ntp_parser.y"
 { append_queue(my_config.logconfig, yyvsp[0].Queue);  }
     break;
 case 174:
-#line 771 "ntp_parser.y"
+#line 749 "ntp_parser.y"
 { append_queue(my_config.phone, yyvsp[0].Queue);  }
     break;
 case 175:
-#line 773 "ntp_parser.y"
+#line 751 "ntp_parser.y"
 { enqueue(my_config.setvar, yyvsp[0].Set_var);  }
     break;
 case 176:
-#line 775 "ntp_parser.y"
+#line 753 "ntp_parser.y"
 { enqueue(my_config.trap, create_addr_opts_node(yyvsp[-1].Address_node, yyvsp[0].Queue));  }
     break;
 case 177:
-#line 777 "ntp_parser.y"
+#line 755 "ntp_parser.y"
 { append_queue(my_config.ttl, yyvsp[0].Queue); }
     break;
 case 178:
-#line 781 "ntp_parser.y"
+#line 759 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_sval(T_Driftfile, yyvsp[0].String)); }
     break;
 case 179:
-#line 783 "ntp_parser.y"
+#line 761 "ntp_parser.y"
 { enqueue(my_config.vars, create_attr_dval(T_WanderThreshold, yyvsp[0].Double));
 		  enqueue(my_config.vars, create_attr_sval(T_Driftfile, yyvsp[-1].String)); }
     break;
 case 180:
-#line 785 "ntp_parser.y"
+#line 763 "ntp_parser.y"
 { /* Null driftfile,  indicated by null string "\0" */
 		  enqueue(my_config.vars, create_attr_sval(T_Driftfile, "\0")); }
     break;
 case 181:
-#line 791 "ntp_parser.y"
+#line 769 "ntp_parser.y"
 { yyval.Set_var = create_setvar_node(yyvsp[-3].String, yyvsp[-1].String, DEF); }
     break;
 case 182:
-#line 793 "ntp_parser.y"
+#line 771 "ntp_parser.y"
 { yyval.Set_var = create_setvar_node(yyvsp[-2].String, yyvsp[0].String, 0); }
     break;
 case 183:
-#line 798 "ntp_parser.y"
+#line 776 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 184:
-#line 799 "ntp_parser.y"
+#line 777 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 185:
-#line 803 "ntp_parser.y"
+#line 781 "ntp_parser.y"
 { yyval.Attr_val = create_attr_ival(T_Port, yyvsp[0].Integer); }
     break;
 case 186:
-#line 804 "ntp_parser.y"
+#line 782 "ntp_parser.y"
 { yyval.Attr_val = create_attr_pval(T_Interface, yyvsp[0].Address_node); }
     break;
 case 187:
-#line 809 "ntp_parser.y"
+#line 787 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Attr_val); }
     break;
 case 188:
-#line 810 "ntp_parser.y"
+#line 788 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Attr_val); }
     break;
 case 189:
-#line 814 "ntp_parser.y"
+#line 792 "ntp_parser.y"
 { yyval.Attr_val = create_attr_sval(yyvsp[-1].Integer, yyvsp[0].String); }
     break;
 case 190:
-#line 816 "ntp_parser.y"
+#line 794 "ntp_parser.y"
 {
                     /* YUCK!! This is needed because '+' and '-' are not special characters
                      * while '=' is.
@@ -2229,43 +2207,43 @@ case 190:
                 }
     break;
 case 191:
-#line 832 "ntp_parser.y"
+#line 810 "ntp_parser.y"
 { yyval.Integer = '+'; }
     break;
 case 192:
-#line 833 "ntp_parser.y"
+#line 811 "ntp_parser.y"
 { yyval.Integer = '-'; }
     break;
 case 193:
-#line 834 "ntp_parser.y"
+#line 812 "ntp_parser.y"
 { yyval.Integer = '='; }
     break;
 case 194:
-#line 843 "ntp_parser.y"
+#line 821 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, create_ival(yyvsp[0].Integer)); }
     break;
 case 195:
-#line 844 "ntp_parser.y"
+#line 822 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(create_ival(yyvsp[0].Integer)); }
     break;
 case 196:
-#line 848 "ntp_parser.y"
+#line 826 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, create_pval(yyvsp[0].String)); }
     break;
 case 197:
-#line 849 "ntp_parser.y"
+#line 827 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(create_pval(yyvsp[0].String)); }
     break;
 case 198:
-#line 853 "ntp_parser.y"
+#line 831 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Address_node); }
     break;
 case 199:
-#line 854 "ntp_parser.y"
+#line 832 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Address_node); }
     break;
 case 200:
-#line 859 "ntp_parser.y"
+#line 837 "ntp_parser.y"
 {
                     if (yyvsp[0].Integer != 0 && yyvsp[0].Integer != 1) {
                         yyerror("Integer value is not boolean (0 or 1). Assuming 1");
@@ -2276,23 +2254,23 @@ case 200:
                 }
     break;
 case 201:
-#line 867 "ntp_parser.y"
+#line 845 "ntp_parser.y"
 { yyval.Integer = 1; }
     break;
 case 202:
-#line 868 "ntp_parser.y"
+#line 846 "ntp_parser.y"
 { yyval.Integer = 0; }
     break;
 case 203:
-#line 872 "ntp_parser.y"
+#line 850 "ntp_parser.y"
 { yyval.Double = (double)yyvsp[0].Integer; }
     break;
 case 204:
-#line 873 "ntp_parser.y"
+#line 851 "ntp_parser.y"
 { yyval.Double = yyvsp[0].Double; }
     break;
 case 205:
-#line 882 "ntp_parser.y"
+#line 860 "ntp_parser.y"
 {
                  my_config.sim_details = create_sim_node(yyvsp[-2].Queue, yyvsp[-1].Queue);
 
@@ -2301,91 +2279,91 @@ case 205:
              }
     break;
 case 206:
-#line 896 "ntp_parser.y"
+#line 874 "ntp_parser.y"
 { old_config_style = 0; }
     break;
 case 207:
-#line 900 "ntp_parser.y"
+#line 878 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-2].Queue, yyvsp[-1].Attr_val); }
     break;
 case 208:
-#line 901 "ntp_parser.y"
+#line 879 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[-1].Attr_val); }
     break;
 case 209:
-#line 905 "ntp_parser.y"
+#line 883 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Beep_Delay, yyvsp[0].Double); }
     break;
 case 210:
-#line 906 "ntp_parser.y"
+#line 884 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Sim_Duration, yyvsp[0].Double); }
     break;
 case 211:
-#line 910 "ntp_parser.y"
+#line 888 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Sim_server); }
     break;
 case 212:
-#line 911 "ntp_parser.y"
+#line 889 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Sim_server); }
     break;
 case 213:
-#line 916 "ntp_parser.y"
+#line 894 "ntp_parser.y"
 { yyval.Sim_server = create_sim_server(yyvsp[-4].Address_node, yyvsp[-2].Double, yyvsp[-1].Queue); }
     break;
 case 214:
-#line 920 "ntp_parser.y"
+#line 898 "ntp_parser.y"
 { yyval.Double = yyvsp[-1].Double; }
     break;
 case 215:
-#line 924 "ntp_parser.y"
+#line 902 "ntp_parser.y"
 { yyval.Address_node = yyvsp[0].Address_node; }
     break;
 case 216:
-#line 928 "ntp_parser.y"
+#line 906 "ntp_parser.y"
 { yyval.Address_node = yyvsp[0].Address_node; }
     break;
 case 217:
-#line 929 "ntp_parser.y"
+#line 907 "ntp_parser.y"
 { yyval.Address_node = create_address_node(yyvsp[0].String, T_String); }
     break;
 case 218:
-#line 933 "ntp_parser.y"
+#line 911 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-1].Queue, yyvsp[0].Sim_script); }
     break;
 case 219:
-#line 934 "ntp_parser.y"
+#line 912 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[0].Sim_script); }
     break;
 case 220:
-#line 939 "ntp_parser.y"
+#line 917 "ntp_parser.y"
 { yyval.Sim_script = create_sim_script_info(yyvsp[-3].Double, yyvsp[-1].Queue); }
     break;
 case 221:
-#line 943 "ntp_parser.y"
+#line 921 "ntp_parser.y"
 { yyval.Queue = enqueue(yyvsp[-2].Queue, yyvsp[-1].Attr_val); }
     break;
 case 222:
-#line 944 "ntp_parser.y"
+#line 922 "ntp_parser.y"
 { yyval.Queue = enqueue_in_new_queue(yyvsp[-1].Attr_val); }
     break;
 case 223:
-#line 949 "ntp_parser.y"
+#line 927 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Freq_Offset, yyvsp[0].Double); }
     break;
 case 224:
-#line 951 "ntp_parser.y"
+#line 929 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Wander, yyvsp[0].Double); }
     break;
 case 225:
-#line 953 "ntp_parser.y"
+#line 931 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Jitter, yyvsp[0].Double); }
     break;
 case 226:
-#line 955 "ntp_parser.y"
+#line 933 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Prop_Delay, yyvsp[0].Double); }
     break;
 case 227:
-#line 957 "ntp_parser.y"
+#line 935 "ntp_parser.y"
 { yyval.Attr_val = create_attr_dval(T_Proc_Delay, yyvsp[0].Double); }
     break;
 }
@@ -2621,7 +2599,7 @@ yyreturn:
 #endif
   return yyresult;
 }
-#line 961 "ntp_parser.y"
+#line 939 "ntp_parser.y"
 
 
 /* KEYWORDS

==== ntpd/ntp_parser.y ====
2007-08-17 01:37:07-04:00, stenn at whimsy.udel.edu +1 -23
  Cleanup from Dave Mills

--- 1.14/ntpd/ntp_parser.y	2007-08-07 03:10:33 -04:00
+++ 1.15/ntpd/ntp_parser.y	2007-08-17 01:37:07 -04:00
@@ -21,6 +21,7 @@
   #include "ntp_data_structures.h"
   #include "ntp_scanner.h"
   #include "ntp_config.h"
+  #include "ntp_crypto.h"
 
   #include "ntpsim.h"		/* HMS: Do we really want this all the time? */
                                 /* SK: It might be a good idea to always
@@ -42,29 +43,6 @@
   #define YYERROR_VERBOSE
   void yyerror (char *msg);
   extern int input_from_file;  /* 0=input from ntpq>config command buffer */
-
-  /* SK: The following is a terrible hack to allow the NTP code to be built
-   * without OPENSSL. The following symbols need to be defined in the
-   * here because bison will balk at the presence of a C like preprocesser
-   * directive in the rules section.
-   *
-   * There should be a better way of doing this...
-   */
-#ifndef OPENSSL
-  #define CRYPTO_CONF_NONE  0
-  #define CRYPTO_CONF_PRIV  1
-  #define CRYPTO_CONF_SIGN  2
-  #define CRYPTO_CONF_LEAP  3
-  #define CRYPTO_CONF_KEYS  4
-  #define CRYPTO_CONF_CERT  5
-  #define CRYPTO_CONF_RAND  6
-  #define CRYPTO_CONF_TRST  7
-  #define CRYPTO_CONF_IFFPAR 8
-  #define CRYPTO_CONF_GQPAR 9
-  #define CRYPTO_CONF_MVPAR 10
-  #define CRYPTO_CONF_PW    11
- #define CRYPTO_CONF_IDENT 12
-#endif
 %}
 
 %union {

==== ntpd/ntp_peer.c ====
2007-08-17 01:37:08-04:00, stenn at whimsy.udel.edu +4 -14
  Cleanup from Dave Mills

--- 1.105/ntpd/ntp_peer.c	2007-07-29 15:38:57 -04:00
+++ 1.106/ntpd/ntp_peer.c	2007-08-17 01:37:08 -04:00
@@ -257,9 +257,7 @@ findpeer(
 		*action = MATCH_ASSOC(NO_PEER, pkt_mode);
 		return ((struct peer *)0);
 	}
-
 	set_peerdstadr(peer, dstadr);
-
 	return (peer);
 }
 
@@ -549,7 +547,7 @@ set_peerdstadr(struct peer *peer, struct
 			    ilink, struct peer);
 		}
 		msyslog(LOG_INFO,
-		    "set_peerdstadr(%s): change interface from %s to %s\n",
+		    "set_peerdstadr(%s): change interface from %s to %s",
 		    stoa(&peer->srcadr), (peer->dstadr != NULL) ?
 		    stoa(&peer->dstadr->sin) : "<null>", (interface !=
 		    NULL) ? stoa(&interface->sin) : "<null>");
@@ -971,10 +969,8 @@ expire_all(void)
 	/*
 	 * This routine is called about once per day from the timer
 	 * routine and when the client is first synchronized. Search the
-	 * peer list for all associations and flush only the key list
-	 * and cookie. If a manycast client association, flush
-	 * everything. Then, recompute and sign the agreement public
-	 * values, if present, and refresh the leap values.
+	 * peer list for all associations and flush the key list. Also, 	 * restart the protocol to retrieve the cookie, autokey and leap
+	 * values.
 	 */
 	if (!crypto_flags)
 		return;
@@ -985,14 +981,8 @@ expire_all(void)
 			if (!(peer->flags & FLAG_SKEY)) {
 				continue;
 
-			} else if (peer->hmode == MODE_ACTIVE ||
-			    peer->hmode == MODE_PASSIVE) {
-				key_expire(peer);
-				peer->crypto &= ~(CRYPTO_FLAG_AUTO |
-				    CRYPTO_FLAG_AGREE |
-				    CRYPTO_FLAG_LEAP);
 			}
-				
+			key_expire(peer);
 		}
 	}
 	RAND_bytes((u_char *)&sys_private, 4);

==== ntpd/ntp_proto.c ====
2007-08-17 01:37:09-04:00, stenn at whimsy.udel.edu +390 -490
  Cleanup from Dave Mills

--- 1.259/ntpd/ntp_proto.c	2007-07-27 23:44:05 -04:00
+++ 1.260/ntpd/ntp_proto.c	2007-08-17 01:37:09 -04:00
@@ -37,20 +37,19 @@
 			    (y) == AUTH_NONE)
 
 /*
- * System variables are declared here. See Section 3.2 of the
- * specification.
+ * System variables are declared here. Unless specified otherwise, all
+ * times are in seconds.
  */
 u_char	sys_leap;		/* system leap indicator */
-u_char	sys_stratum;		/* stratum of system */
+u_char	sys_stratum;		/* system stratum */
 s_char	sys_precision;		/* local clock precision (log2 s) */
 double	sys_rootdelay;		/* roundtrip delay to primary source */
-double	sys_rootdispersion;	/* dispersion to primary source */
-u_int32 sys_refid;		/* source/loop in network byte order */
-static	double sys_offset;	/* current local clock offset */
-l_fp	sys_reftime;		/* time we were last updated */
-struct	peer *sys_peer;		/* our current peer */
-struct	peer *sys_pps;		/* our PPS peer */
-struct	peer *sys_prefer;	/* our cherished peer */
+double	sys_rootdisp;		/* dispersion to primary source */
+u_int32 sys_refid;		/* reference id (network byte order) */
+l_fp	sys_reftime;		/* last update time */
+struct	peer *sys_peer;		/* current peer */
+struct	peer *sys_pps;		/* PPS peer */
+struct	peer *sys_prefer;	/* prefer peer */
 int	sys_kod;		/* kod credit */
 int	sys_kod_rate = 2;	/* max kod packets per second */
 
@@ -62,15 +61,17 @@ double	sys_bdelay;		/* broadcast client 
 int	sys_calldelay;		/* modem callup delay (s) */
 int	sys_authenticate;	/* requre authentication for config */
 l_fp	sys_authdelay;		/* authentication delay */
+static	double sys_offset;	/* current local clock offset */
 static	u_long sys_authdly[2];	/* authentication delay shift reg */
 static	double sys_mindisp = MINDISPERSE; /* min disp increment (s) */
-static	double sys_maxdist = MAXDISTANCE; /* selection threshold (s) */
-double	sys_jitter;		/* system jitter (s) */
+static	double sys_maxdist = MAXDISTANCE; /* selection threshold */
+double	sys_jitter;		/* system jitter */
+u_long 	sys_epoch;		/* last clock update time */
 static	int sys_hopper;		/* anticlockhop counter */
 static	int sys_maxhop = MAXHOP; /* anticlockhop counter threshold */
 int	leap_tai;		/* TAI at next next leap */
 u_long	leap_ins;		/* seconds at next leap */
-u_long	leap_expire;		/* seconds leapfile expires */
+u_long	leap_expire;		/* leapfile expiration time */
 u_long	leap_sec;		/* leap countdown */
 static int leap_next;		/* leap consensus */
 static int leap_sw;		/* leap is from file */
@@ -88,7 +89,7 @@ char	*sys_hostname;		/* gethostname() na
 int	sys_floor = 0;		/* cluster stratum floor */
 int	sys_ceiling = STRATUM_UNSPEC; /* cluster stratum ceiling */
 int	sys_minsane = 1;	/* minimum candidates */
-int	sys_minclock = NTP_MINCLOCK; /* minimum survivors */
+int	sys_minclock = NTP_MINCLOCK; /* minimum candidates */
 int	sys_maxclock = NTP_MAXCLOCK; /* maximum candidates */
 int	sys_cohort = 0;		/* cohort switch */
 int	sys_orphan = STRATUM_UNSPEC + 1; /* orphan stratum */
@@ -116,14 +117,13 @@ static	void	clock_combine	(struct peer *
 static	void	peer_xmit	(struct peer *);
 static	void	fast_xmit	(struct recvbuf *, int, keyid_t,
 				    int);
-static	void	clock_update	(void);
+static	void	clock_update	(struct peer *);
 static	int	default_get_precision (void);
 static	int	peer_unfit	(struct peer *);
 
 
 /*
- * transmit - Transmit Procedure. See Section 3.4.2 of the
- *	specification.
+ * transmit - transmit procedure called by poll timeout
  */
 void
 transmit(
@@ -153,8 +153,9 @@ transmit(
 		sys_leap = LEAP_NOWARNING;
 		sys_stratum = sys_orphan;
 		sys_refid = htonl(LOOPBACKADR);
-		sys_rootdelay = 0;
-		sys_rootdispersion = 0;
+		sys_rootdelay = sys_orphandelay;
+		sys_rootdisp = sys_mindisp;
+		sys_offset = 0;
 	}
 
 	/*
@@ -163,7 +164,8 @@ transmit(
 	 */
 	if (peer->cast_flags & (MDF_BCAST | MDF_MCAST)) {
 		peer->outdate = current_time;
-		peer_xmit(peer);
+		if (sys_leap != LEAP_NOTINSYNC)
+			peer_xmit(peer);
 		poll_update(peer, hpoll);
 		return;
 	}
@@ -199,6 +201,8 @@ transmit(
 	 * desigmed to back off whenever possible to minimize network
 	 * traffic.
 	 */
+	if (peer->speed > 0)
+		peer->speed--;
 	if (peer->burst == 0) {
 		u_char oreach;
 
@@ -207,45 +211,39 @@ transmit(
 		 * three consecutive polls, stuff infinity in the clock
 		 * filter. 
 		 */
-		oreach = peer->reach;
+		oreach = peer->reach & 0xfe;
 		peer->outdate = current_time;
-		if (peer == sys_peer)
-			sys_hopper++;
 		peer->reach <<= 1;
-		if (!(peer->reach & 0x07))
+		if (!(peer->reach & 0x0f))
 			clock_filter(peer, 0., 0., MAXDISPERSE);
 		if (!peer->reach) {
 
 			/*
 			 * Here the peer is unreachable. If it was
-			 * previously reachable, raise a trap.
+			 * previously reachable raise a trap. Bump the
+			 * unreach counter such that the association
+			 * times out in a reasonable time after becoming
+			 * unreachable.
 			 */
 			if (oreach) {
 				report_event(EVNT_UNREACH, peer);
 				peer->timereachable = current_time;
 			}
+			peer->unreach += 2;
+		} else {
 
 			/*
-			 * Send a burst if enabled, but only once after
-			 * a peer becomes unreachable. If the prempt
-			 * flag is dim, bump the unreach counter by one;
-			 * otherwise, bump it by three.
+			 * Here the peer is reachable. Use the system
+			 * poll interval, but note this can be overriden
+			 * later if a volley is pending. Send a burst
+			 * only if enabled and the peer is fit.
 			 */
-			if (peer->flags & FLAG_IBURST &&
-			    peer->unreach < NTP_UNREACH) {
+			hpoll = sys_poll;
+			if (peer->flags & FLAG_BURST &&
+			    !peer_unfit(peer))
 				peer->burst = NTP_BURST;
-			}
-			if (!(peer->flags & FLAG_PREEMPT))	
-				peer->unreach++;
-			else
-				peer->unreach += 3;
-		} else {
 
 			/*
-			 * Here the peer is reachable. Set the poll
-			 * interval to the system poll interval. Send a
-			 * burst only if enabled and the peer is fit.
-			 *
 			 * Respond to the peer evaluation produced by
 			 * the selection algorithm. If less than the
 			 * outlyer level, up the unreach by three. If
@@ -264,15 +262,12 @@ transmit(
 			} else {
 				peer->unreach = 0;
 			}
-			hpoll = sys_poll;
-			if (peer->flags & FLAG_BURST &&
-			    !peer_unfit(peer))
-				peer->burst = NTP_BURST;
 		}
 
 		/*
 		 * Watch for timeout. If ephemeral or preemptable, toss
-		 * the rascal; otherwise, bump the poll interval.
+		 * the rascal; otherwise, bump the poll interval. Note
+		 * the poll_update() routine will clamp it to maxpoll.
 		 */ 
 		if (peer->unreach >= NTP_UNREACH) {
 			if (peer->flags & FLAG_PREEMPT ||
@@ -280,8 +275,17 @@ transmit(
 				peer_clear(peer, "TIME");
 				unpeer(peer);
 				return;
+
 			} else {
+#ifdef OPENSSL
+				/*
+				 * If timeout in Autokey dance, restart
+				 * the protocol.
+				 */
+				if (peer->crypto)
+					peer_clear(peer, "TIME");
 				hpoll++;
+#endif /* OPENSSL */
 			}
 		}
 	} else {
@@ -309,7 +313,7 @@ transmit(
 				peer_ntpdate--;
 				if (peer_ntpdate == 0) {
 					msyslog(LOG_NOTICE,
-					    "proto: no reply; clock not set");
+					    "ntpdate: no reply; clock not set");
 					exit (0);
 				}
 			}
@@ -326,7 +330,7 @@ transmit(
 
 
 /*
- * receive - Receive Procedure.  See section 3.4.3 in the specification.
+ * receive - receive procedure called for each packet received
  */
 void
 receive(
@@ -547,7 +551,8 @@ receive(
 		is_authentic = AUTH_NONE; /* not required */
 #ifdef DEBUG
 		if (debug)
-			printf("receive: at %ld %s<-%s mode %d len %d\n",
+			printf(
+			    "receive: at %ld %s<-%s mode %d len %d\n",
 			    current_time, stoa(dstadr_sin),
 			    stoa(&rbufp->recv_srcadr), hismode,
 			    authlen);
@@ -790,6 +795,10 @@ receive(
 	 * the packet is authentic and we are enabled as broadcast
 	 * client, mobilize a broadcast client association. We don't
 	 * kiss any frogs here.
+	 *
+	 * Note that the minpoll is taken from the broadcast packet,
+	 * normally 6 (64 s). The maxpoll is the maximum of this and the
+	 * Allan intercept reduced by 32. 
 	 */
 	case AM_NEWBCL:
 		if (!AUTH(sys_authenticate | (restrict_mask &
@@ -821,11 +830,19 @@ receive(
 		case 1:
 			if ((peer = newpeer(&rbufp->recv_srcadr,
 			    rbufp->dstadr, MODE_CLIENT, hisversion,
-			    NTP_MINDPOLL, NTP_MAXDPOLL, FLAG_MCAST |
-			    FLAG_IBURST, MDF_BCLNT, 0, skeyid)) ==
-			    NULL)
+			    pkt->ppoll, max(pkt->ppoll, allan_xpt - 5),
+			    FLAG_MCAST | FLAG_IBURST, MDF_BCLNT, 0,
+			    skeyid)) == NULL)
 				return;		/* system error */
 #ifdef OPENSSL
+			/*
+			 * Ordinarily this will be an association reply
+			 * message which initializes the dance. If an
+			 * autokey reply message, it is ignored. Any
+			 * other message is a protocol error leaving the
+			 * asssociation ready for a following
+			 * association reply message.
+			 */
 			if (skeyid > NTP_MAXKEY)
 				crypto_recv(peer, rbufp);
 #endif /* OPENSSL */
@@ -849,8 +866,8 @@ receive(
 #endif /* OPENSSL */
 			if ((peer = newpeer(&rbufp->recv_srcadr,
 			    rbufp->dstadr, MODE_BCLIENT, hisversion,
-			    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_BCLNT, 0,
-			    skeyid)) == NULL)
+			    pkt->ppoll, max(pkt->ppoll, allan_xpt - 5),
+			    0, MDF_BCLNT, 0, skeyid)) == NULL)
 				return;		/* system error */
 		}
 		break;
@@ -861,21 +878,23 @@ receive(
 	 * mobilize a passive association. If not, kiss the frog.
 	 */
 	case AM_NEWPASS:
+		if (!AUTH(sys_authenticate | (restrict_mask &
+		    (RES_NOPEER | RES_DONTTRUST)), is_authentic))
+			return;			/* bad auth */
 
 		/*
-		 * If the inbound packet is correctly authenticated and
-		 * enabled, a symmetric passive association is
-		 * mobilized. If not but correctly authenticated, a
-		 * symmetric active response is sent. If authentication
-		 * fails, send a crypto-NAK packet. 
-		 */
-		if (!AUTH(restrict_mask & RES_DONTTRUST, is_authentic))
-		    {
-			if (is_authentic == AUTH_ERROR)
-				fast_xmit(rbufp, MODE_ACTIVE, 0,
-				    restrict_mask);
-			return;			/* bad auth */
-		}
+		 * Do not respond if unsynchronized or stratum is below
+		 * the floor or at or above the ceiling.
+		 */
+		if (hisleap == LEAP_NOTINSYNC || hisstratum <
+		    sys_floor || hisstratum >= sys_ceiling)
+			return;			/* bad stratum */
+
+		/*
+		 * If correctly authenticated but not enabled, send a
+		 * summetric active response without mobilizing
+		 * an association.
+		 */
 		if (!AUTH(sys_authenticate | (restrict_mask &
 		    RES_NOPEER), is_authentic)) {
 			fast_xmit(rbufp, MODE_ACTIVE, skeyid,
@@ -884,11 +903,9 @@ receive(
 		}
 
 		/*
-		 * Do not respond if stratum is below the floor.
+		 * The message is correctly authenticated and
+		 * enabled. Mobiliae a symmetric passive association.
 		 */
-		if (hisstratum < sys_floor)
-			return;			/* bad stratum */
-
 		if ((peer = newpeer(&rbufp->recv_srcadr,
 		    rbufp->dstadr, MODE_PASSIVE, hisversion,
 		    NTP_MINDPOLL, NTP_MAXDPOLL, 0, MDF_UCAST, 0,
@@ -924,7 +941,8 @@ receive(
 	 * transmit timestamp is zero, the server is horribly broken.
 	 */
 	if (L_ISZERO(&p_xmt)) {
-		return;				/* read rfc1305 */
+		peer->flash |= TEST2;
+		return;				/* bogus packet */
 
 	/*
 	 * If the transmit timestamp duplicates a previous one, the
@@ -945,37 +963,17 @@ receive(
 			peer->flash |= TEST3;	/* protocol unsynch */
 		else if (!L_ISEQU(&p_org, &peer->xmt))
 			peer->flash |= TEST2;	/* bogus packet */
-		else
-			L_CLR(&peer->org);	/* avoid replay */
 	}
 
 	/*
-	 * Update the origin and destination timestamps. If
-	 * unsynchronized or bogus abandon ship. If the crypto machine
-	 * breaks, demobilize the association and wait for calmer seas.
+	 * If this is a crypto_NAK and the timestamp checks are correct,
+	 * the server might have just changed keys. We reset the
+	 * association and restart the protocol.
 	 */
-	peer->org = p_xmt;
-	peer->rec = rbufp->recv_time;
-	if (peer->flash & PKT_TEST_MASK) {
-#ifdef OPENSSL
-		if (crypto_flags && (peer->flags & FLAG_SKEY)) {
-			rval = crypto_recv(peer, rbufp);
-			if (rval != XEVNT_OK)
-				peer_clear(peer, "CRYP");
-		}
-#endif /* OPENSSL */
-		return;				/* unsynch */
-	}
-
-	/*
-	 * The timestamps are valid and the receive packet matches the
-	 * last one sent. If the packet is a crypto-NAK, the server
-	 * might have just changed keys. We reset the association
-	 * and restart the protocol.
-	 */
-	if (is_authentic == AUTH_CRYPTO) {
+	if (is_authentic == AUTH_CRYPTO && !(peer->flash &
+	    PKT_TEST_MASK)) {
 		peer_clear(peer, "AUTH");
-		return;				/* crypto-NAK */
+		return;
 
 	/* 
 	 * If the association is authenticated, the key ID is nonzero
@@ -993,6 +991,16 @@ receive(
 	}
 
 	/*
+	 * Update the timestamps. If unsynchronized, replay or bogus
+	 * abandon ship. 
+	 */
+	peer->org = p_xmt;
+	peer->rec = rbufp->recv_time;
+	L_CLR(&peer->xmt);			/* avoid replay */
+	if (peer->flash & PKT_TEST_MASK)
+		return;				/* unsynch */
+
+	/*
 	 * That was hard and I am sweaty, but the packet is squeaky
 	 * clean. Get on with real work.
 	 */
@@ -1057,6 +1065,7 @@ receive(
 				}
 				if (i > ap->seq)
 					break;
+
 				tkeyid = session_key(
 				    &rbufp->recv_srcadr, dstadr_sin,
 				    tkeyid, pkeyid, 0);
@@ -1109,10 +1118,8 @@ process_packet(
 {
 	double	t34, t21;
 	double	p_offset, p_del, p_disp;
-	l_fp	p_rec, p_xmt, p_org, p_reftime;
-	l_fp	ci;
+	l_fp	p_rec, p_xmt, p_org, p_reftime, ci;
 	u_char	pmode, pleap, pstratum;
-
 	double	etemp, ftemp;	/* experimental */
 	int	itemp;
 	double	td;
@@ -1120,7 +1127,7 @@ process_packet(
 	sys_processed++;
 	peer->processed++;
 	p_del = FPTOD(NTOHS_FP(pkt->rootdelay));
-	p_disp = FPTOD(NTOHS_FP(pkt->rootdispersion));
+	p_disp = FPTOD(NTOHS_FP(pkt->rootdisp));
 	NTOHL_FP(&pkt->reftime, &p_reftime);
 	NTOHL_FP(&pkt->rec, &p_rec);
 	NTOHL_FP(&pkt->xmt, &p_xmt);
@@ -1155,7 +1162,7 @@ process_packet(
 	peer->ppoll = pkt->ppoll;
 	peer->precision = pkt->precision;
 	peer->rootdelay = p_del;
-	peer->rootdispersion = p_disp;
+	peer->rootdisp = p_disp;
 	peer->refid = pkt->refid;		/* network byte order */
 	peer->reftime = p_reftime;
 
@@ -1168,8 +1175,8 @@ process_packet(
 	if (pleap == LEAP_NOTINSYNC ||		/* test 6 */
 	    pstratum < sys_floor || pstratum >= sys_ceiling)
 		peer->flash |= TEST6;		/* peer not synch */
-	if (p_del < 0 || p_disp < 0 || p_del /	/* test 7 */
-	    2 + p_disp >= MAXDISPERSE || !L_ISHIS(&p_xmt, &p_reftime))
+	if (p_del / 2 + p_disp >=		/* test 7 */
+	    MAXDISPERSE || !L_ISHIS(&p_xmt, &p_reftime))
 		peer->flash |= TEST7;		/* bad header */
 
 	/*
@@ -1185,12 +1192,20 @@ process_packet(
 #endif
 		return;
 	}
-	if (!(peer->reach)) {
+
+	/*
+	 * If the peer was previously unreachable, raise a trap and
+	 * initialize the volley counter. In any case, mark as
+	 * reachable.
+	 */ 
+	if (!peer->reach) {
 		report_event(EVNT_REACH, peer);
 		peer->timereachable = current_time;
+		if (peer->speed == 0 && peer->burst == 0)
+			peer->speed = NTP_BURST;
 	}
-	poll_update(peer, peer->hpoll);
 	peer->reach |= 1;
+	poll_update(peer, peer->hpoll);
 
 	/*
 	 * For a client/server association, calculate the clock offset,
@@ -1258,7 +1273,7 @@ process_packet(
 	peer->t21_last = peer->t21_bytes;
 	peer->t34 = -t34;
 	peer->t34_bytes = len;
-	p_del = t21 - t34;
+	p_del = max(0, t21 - t34);
 #ifdef DEBUG
 	if (debug > 1)
 		printf("proto: t21 %.9lf %d t34 %.9lf %d\n", peer->t21,
@@ -1292,7 +1307,7 @@ process_packet(
 
 	/*
 	 * If running in a broadcast association, the clock offset is
-	 * (t1 - t0) corrected by the one-way delay, but we can't
+	 * (t3 - t4) corrected by the one-way delay, but we can't
 	 * measure that directly. Therefore, we start up in MODE_CLIENT
 	 * mode, set FLAG_MCAST and exchange eight messages to determine
 	 * the clock offset. When the last message is sent, we switch to
@@ -1310,17 +1325,13 @@ process_packet(
 		}
 		p_offset += peer->estbdelay;
 		p_del = peer->delay;
-		p_disp = 0;
 	} else {
 		p_offset = (t21 + t34) / 2.;
-		LFPTOD(&ci, p_disp);
-		p_disp = LOGTOD(sys_precision) +
-		    LOGTOD(peer->precision) + clock_phi * p_disp;
 	}
 	p_del = max(p_del, LOGTOD(sys_precision));
+	p_disp = LOGTOD(sys_precision) + LOGTOD(peer->precision) +
+	    clock_phi * p_del;
 	clock_filter(peer, p_offset, p_del, p_disp);
-	record_peer_stats(&peer->srcadr, ctlpeerstatus(peer),
-	    peer->offset, peer->delay, peer->disp, peer->jitter);
 }
 
 
@@ -1328,11 +1339,14 @@ process_packet(
  * clock_update - Called at system process update intervals.
  */
 static void
-clock_update(void)
+clock_update(
+	struct peer *peer	/* peer structure pointer */
+	)
 {
 	u_char	ostratum;
 	double	dtemp;
 	l_fp	now;
+	u_long	epoch;
 #ifdef HAVE_LIBSCF_H
 	char	*fmri;
 #endif /* HAVE_LIBSCF_H */
@@ -1340,23 +1354,39 @@ clock_update(void)
 	/*
 	 * There must be a system peer at this point. If we just changed
 	 * the system peer, but have a newer sample from the old one,
-	 * wait until newer data are available.
-	 */
-	if (sys_poll < sys_peer->minpoll)
-		sys_poll = sys_peer->minpoll;
-	if (sys_poll > sys_peer->maxpoll)
-		sys_poll = sys_peer->maxpoll;
-	poll_update(sys_peer, sys_poll);
-	if (sys_peer->epoch <= sys_clocktime)
+	 * wait until newer data are available. Note that the root
+	 * dispersion is updated even if the offset has already been
+	 * processed.
+	 */
+	if (sys_poll < peer->minpoll)
+		sys_poll = peer->minpoll;
+	if (sys_poll > peer->maxpoll)
+		sys_poll = peer->maxpoll;
+	poll_update(peer, sys_poll);
+	dtemp = peer->disp + sys_jitter + fabs(sys_offset) + clock_phi *
+	    (current_time - peer->update);
+#ifdef REFCLOCK
+	if (!(peer->flags & FLAG_REFCLOCK) && sys_rootdisp <
+	    sys_mindisp)
+		dtemp = sys_mindisp;
+#else
+	if (sys_rootdisp < sys_mindisp)
+		dtemp = sys_mindisp;
+#endif /* REFCLOCK */
+	sys_rootdisp = dtemp + peer->rootdisp;
+	epoch = peer->epoch - sys_epoch;
+	if (epoch <= 0)
 		return;
 
 #ifdef DEBUG
 	if (debug)
-		printf("clock_update: at %lu associd %d leap %lu TAI %d\n",
-		    current_time, sys_peer->associd, leap_sec, sys_tai);
+		printf(
+		    "clock_update: at %lu sample %lu associd %d\n",
+		    current_time, peer->epoch, peer->associd);
 #endif
+	sys_epoch = peer->epoch;
 	ostratum = sys_stratum;
-	switch (local_clock(sys_peer, sys_offset)) {
+	switch (local_clock(peer, epoch, sys_offset)) {
 
 	/*
 	 * Clock exceeds panic threshold. Life as we know it ends.
@@ -1391,7 +1421,7 @@ clock_update(void)
 		sys_leap = LEAP_NOTINSYNC;
 		sys_stratum = STRATUM_UNSPEC;
 		sys_rootdelay = 0;
-		sys_rootdispersion = 0;
+		sys_rootdisp = 0;
 		L_CLR(&sys_reftime);
 		sys_jitter = LOGTOD(sys_precision);
 		memcpy(&sys_refid, "STEP", 4);
@@ -1405,42 +1435,61 @@ clock_update(void)
 	 * is not less than sys_mindisp.
 	 */
 	case 1:
-		sys_stratum = min(sys_peer->stratum + 1,
-		    STRATUM_UNSPEC);
-		sys_reftime = sys_peer->rec;
+
+		/*
+		 * If this is the first time the clock is set,
+		 * reset the leap bits. If crypto, the timer will goose
+		 * the setup process.
+		 */
+		if (sys_leap == LEAP_NOTINSYNC) {
+			sys_leap = LEAP_NOWARNING;
+			report_event(EVNT_SYNCCHG, NULL);
+		}
+		sys_stratum = min(peer->stratum + 1, STRATUM_UNSPEC);
+		sys_reftime = peer->rec;
 
 		/*
 		 * If a leapseconds file is not present and the number
 		 * of survivor leap bits is greater than half the number
 		 * of survivors, schedule a leap for the end of the
-		 * current month.
+		 * current month, but only if less than 28 days remain
+		 * until the leap.This avoids spurious indications on
+		 * the day after a previous leap.
 		 */
 		get_systime(&now);
 		if (leap_ins == 0) {
-			if (leap_next > sys_survivors / 2) {
+			u_long leapsec;
+
+			if (leap_next > sys_survivors / 2 ) {
 				if (!leap_sw) {
-					leap_sw++;
-					leap_sec = leap_month(now.l_ui);
-					msyslog(LOG_NOTICE,
-					    "proto: leap second armed %lu s",
-					    leap_sec);
+					leapsec = leap_month(now.l_ui);
+					if (leapsec < 28 * 86400) {
+						leap_sw++;
+						leap_sec = leapsec;
+						sys_leap =
+						    LEAP_ADDSECOND;
+						msyslog(LOG_NOTICE,
+						    "proto: leap second armed %lu s",
+						    leap_sec);
+					}
 				}
 			} else {
 				leap_sw = 0;
 				leap_sec = 0;
+				sys_leap = LEAP_NOWARNING;
 			}
 
 		/*
 		 * If a leapseconds file is present and a future leap is
-		 * indicated, decrement the TAI offset. If the kernel
-		 * code is available and enabled, pass the TAI offset to
-		 * the kernel. If less than 28 days remain to the leap,
-		 * schedule a leap when the leapseconds counter expires.
+		 * indicated, decrement the TAI offset. If less than 28
+		 * days remain to the leap, schedule a leap when the
+		 * leapseconds counter expires.
 		 */
 		} else if (leap_sec == 0) {
 			if (leap_ins > now.l_ui) {
 				if (leap_ins - now.l_ui < 28 * 86400) {
 					leap_sec = leap_ins - now.l_ui;
+					sys_leap = LEAP_ADDSECOND;
 					msyslog(LOG_NOTICE,
 					    "proto: leap second armed %lu s",
 					    leap_sec);
@@ -1462,42 +1511,17 @@ clock_update(void)
 		}
 
 		/*
-		 * If this is the first time the clock is set,
-		 * reset the leap bits. If crypto, the timer will goose
-		 * the setup process.
-		 */
-		if (sys_leap == LEAP_NOTINSYNC) {
-			sys_leap = LEAP_NOWARNING;
-			report_event(EVNT_SYNCCHG, NULL);
-		}
-
-		/*
 		 * In orphan mode the stratum defaults to the orphan
 		 * stratum. The root delay is set to a random value
 		 * generated at startup. The root dispersion is set from
 		 * the peer dispersion; the peer root dispersion is
 		 * ignored.
 		 */
-		dtemp = sys_peer->disp + clock_phi * (current_time -
-		    sys_peer->update) + sys_jitter +
-		    fabs(sys_peer->offset);
-#ifdef REFCLOCK
-		if (!(sys_peer->flags & FLAG_REFCLOCK) && dtemp <
-		    sys_mindisp)
-			dtemp = sys_mindisp;
-#else
-		if (dtemp < sys_mindisp)
-			dtemp = sys_mindisp;
-#endif /* REFCLOCK */
 		if (sys_stratum >= sys_orphan) {
 			sys_stratum = sys_orphan;
-			sys_rootdelay = sys_peer->delay;
-			sys_rootdispersion = dtemp;
+			sys_rootdelay = sys_orphandelay;
 		} else {
-			sys_rootdelay = sys_peer->delay +
-			    sys_peer->rootdelay;
-			sys_rootdispersion = dtemp +
-			    sys_peer->rootdispersion;
+			sys_rootdelay = peer->delay + peer->rootdelay;
 		}
 		break;
 	/*
@@ -1517,7 +1541,7 @@ clock_update(void)
  */
 void
 poll_update(
-	struct peer *peer,
+	struct peer *peer,	/* peer structure pointer */
 	int	mpoll
 	)
 {
@@ -1535,9 +1559,9 @@ poll_update(
 	 * First, bracket the poll interval according to the type of
 	 * association and options. If a fixed interval is configured,
 	 * use minpoll. This primarily is for reference clocks, but
-	 * works for any association.
+	 * works for any association. If in a volley, clamp at minpoll.
 	 */
-	if (peer->flags & FLAG_FIXPOLL) {
+	if (peer->flags & FLAG_FIXPOLL || peer->speed > 0) {
 		hpoll = peer->minpoll;
 
 	/*
@@ -1547,6 +1571,7 @@ poll_update(
 	} else {
 		hpoll = max(min(peer->maxpoll, mpoll), peer->minpoll);
 	}
+
 #ifdef OPENSSL
 	/*
 	 * Bit of crass arrogance at this point. If the poll interval
@@ -1591,6 +1616,16 @@ poll_update(
 			peer->nextdate += sys_calldelay;
 		else
 			peer->nextdate += BURST_DELAY;
+
+	/*
+	 * If this is the first in a volley and a burst is enabled, do
+	 * and reset the volley counter. Delicously intricate.
+	 */
+	} else if (peer->speed > 0 && peer->flags & FLAG_IBURST) {
+		peer->speed = 0;
+		peer->burst = NTP_BURST;
+		peer->nextdate = peer->outdate + BURST_DELAY;
+
 	/*
 	 * The ordinary case; use the minimum of the host and peer
 	 * intervals, but not less than minpoll. In other words,
@@ -1651,8 +1686,6 @@ peer_clear(
 	 * purged, too. This makes it much harder to sneak in some
 	 * unauthenticated data in the clock filter.
 	 */
-	peer->assoc = 0;
-	peer->crypto = 0;
 	if (peer->pkey != NULL)
 		EVP_PKEY_free(peer->pkey);
 	peer->pkey = NULL;
@@ -1724,9 +1757,13 @@ peer_clear(
 	    ident);
 		record_crypto_stats(&peer->srcadr, statstr);
 #endif /* OPENSSL */
-	DPRINTF(1, ("peer_clear: at %ld next %ld associd %d refid %s\n",
+#ifdef DEBUG
+	if (debug)
+		printf(
+		    "peer_clear: at %ld next %ld associd %d refid %s\n",
 		    current_time, peer->nextdate, peer->associd,
-		    ident));
+		    ident);
+#endif
 }
 
 
@@ -1758,7 +1795,7 @@ clock_filter(
 	 */
 	j = peer->filter_nextpt;
 	peer->filter_offset[j] = sample_offset;
-	peer->filter_delay[j] = max(0, sample_delay);
+	peer->filter_delay[j] = sample_delay;
 	peer->filter_disp[j] = sample_disp;
 	peer->filter_epoch[j] = current_time;
 	j = (j + 1) % NTP_SHIFT;
@@ -1768,8 +1805,8 @@ clock_filter(
 	 * Update dispersions since the last update and at the same
 	 * time initialize the distance and index lists. The distance
 	 * list uses a compound metric. If the sample is valid and
-	 * younger than the minimum Allan intercept, use delay;
-	 * otherwise, use biased dispersion.
+	 * younger than the Allan intercept, use delay; otherwise, use
+	 * biased dispersion.
 	 */
 	dtemp = clock_phi * (current_time - peer->update);
 	peer->update = current_time;
@@ -1781,7 +1818,7 @@ clock_filter(
 		if (peer->filter_disp[j] >= MAXDISPERSE)
 			dst[i] = MAXDISPERSE;
 		else if (peer->update - peer->filter_epoch[j] >
-		    allan_xpt)
+		    ULOGTOD(allan_xpt))
 			dst[i] = sys_maxdist + peer->filter_disp[j];
 		else
 			dst[i] = peer->filter_delay[j];
@@ -1862,20 +1899,6 @@ clock_filter(
 	peer->jitter = max(SQRT(peer->jitter), LOGTOD(sys_precision));
 
 	/*
-	 * A new sample is useful only if it is younger than the last
-	 * one used. Note the order is FIFO if the clock discipline has
-	 * not stabilized.
-	 */
-	if (peer->filter_epoch[k] <= peer->epoch) {
-#ifdef DEBUG
-		if (debug)
-			printf("clock_filter: discard %lu\n",
-			    peer->epoch - peer->filter_epoch[k]);
-#endif
-		return;
-	}
-
-	/*
 	 * If the difference between the last offset and the current one
 	 * exceeds the jitter by CLOCK_SGATE and the interval since the
 	 * last update is less than twice the system poll interval,
@@ -1893,10 +1916,16 @@ clock_filter(
 	}
 
 	/*
-	 * The mitigated sample statistics are saved for later
-	 * processing. If not in a burst, tickle the select.
+	 * A new sample is useful only if it is younger than the last
+	 * one used. Note the order is FIFO if the clock discipline has
+	 * not stabilized.
 	 */
-	peer->epoch = peer->filter_epoch[k];
+	if (peer->filter_epoch[k] > peer->epoch) {
+		peer->epoch = peer->filter_epoch[k];
+		record_peer_stats(&peer->srcadr, ctlpeerstatus(peer),
+		    peer->offset, peer->delay, peer->disp,
+		    peer->jitter);
+	}
 #ifdef DEBUG
 	if (debug)
 		printf(
@@ -1904,6 +1933,12 @@ clock_filter(
 		    m, peer->offset, peer->delay, peer->disp,
 		    peer->jitter, current_time - peer->epoch);
 #endif
+
+	/*
+	 * The mitigated sample statistics are saved for later
+	 * processing. If not synchronized or in a burst,
+	 * tickle the select.
+	 */
 	if (peer->burst == 0 || sys_leap == LEAP_NOTINSYNC)
 		clock_select();
 }
@@ -1924,12 +1959,12 @@ clock_select(void)
 	struct peer *peer;
 	int	i, j, k, n;
 	int	nlist, nl3;
-
 	int	allow, osurv;
 	double	d, e, f, g;
 	double	high, low;
+	double	seljitter;
 	double	synch[NTP_MAXASSOC], error[NTP_MAXASSOC];
-	struct peer *osys_peer;
+	struct peer *osys_peer = NULL;
 	struct peer *typeacts = NULL;
 	struct peer *typelocal = NULL;
 	struct peer *typesystem = NULL;
@@ -2212,11 +2247,11 @@ clock_select(void)
 	if (nlist == 0) {
 		error[0] = 0;
 		synch[0] = 0;
-		if (typeacts != 0) {
+		if (typeacts != NULL) {
 			typeacts->status = CTL_PST_SEL_DISTSYSPEER;
 			peer_list[0] = typeacts;
 			nlist = 1;
-		} else if (typelocal != 0) {
+		} else if (typelocal != NULL) {
 			typelocal->status = CTL_PST_SEL_DISTSYSPEER;
 			peer_list[0] = typelocal;
 			nlist = 1;
@@ -2253,6 +2288,7 @@ clock_select(void)
 	 * discard a TRUE or PREFER  peer, who of course has the
 	 * immunity idol.
 	 */
+	seljitter = 0;
 	while (1) {
 		d = 1e9;
 		e = -1e9;
@@ -2277,6 +2313,7 @@ clock_select(void)
 		f = max(f, LOGTOD(sys_precision));
 		if (nlist <= sys_minclock || f <= d ||
 		    peer_list[k]->flags & (FLAG_TRUE | FLAG_PREFER))
+			seljitter = f;
 			break;
 #ifdef DEBUG
 		if (debug > 2)
@@ -2293,20 +2330,27 @@ clock_select(void)
 
 	/*
 	 * What remains is a list usually not greater than sys_minclock
-	 * peers. We want only a peer at the lowest stratum to become
+	 * peers. We want only the peer at the lowest stratum to become
 	 * the system peer, although all survivors are eligible for the
-	 * combining algorithm. Consider each peer in turn and compute
-	 * the total number of leap bits. Check for prefer and pps peers
-	 * at any stratum. Note that the head of the list is at the
-	 * lowest stratum and that unsynchronized peers cannot survive
-	 * this far.
+	 * combining algorithm. Check for prefer and pps peers at any
+	 * stratum. Note that the head of the list is at the lowest
+	 * stratum and that unsynchronized peers cannot survivethis far.
+	 *
+	 * While at it, count the number of leap warning bits found.
+	 * This will be used later to vote the system leap warning bit.
+	 * If a leap warning bit is found on a reference clock, the vote
+	 * is always won.
 	 */
 	leap_next = 0;
 	for (i = 0; i < nlist; i++) {
 		peer = peer_list[i];
 		sys_survivors++;
-		if (peer->leap == LEAP_ADDSECOND)
-			leap_next++;
+		if (peer->leap == LEAP_ADDSECOND) {
+			if (peer->flags & FLAG_REFCLOCK)
+				leap_next = nlist;
+			else 
+				leap_next++;
+		}
 		peer->status = CTL_PST_SEL_SYNCCAND;
 		if (peer->flags & FLAG_PREFER)
 			sys_prefer = peer;
@@ -2328,12 +2372,12 @@ clock_select(void)
 	 * a survivor but not first in the list. But do that only HOPPER
 	 * times.
 	 */
-	if (osys_peer == NULL || typesystem == NULL || typesystem ==
-	    peer_list[0] || sys_hopper > sys_maxhop) {
+	if (typesystem == NULL || typesystem == peer_list[0] ||
+	    sys_hopper > sys_maxhop) {
 		typesystem = peer_list[0];
 		sys_hopper = 0;
 	} else {
-		peer->selbroken++;
+		sys_hopper++;
 	}
 
 	/*
@@ -2346,19 +2390,17 @@ clock_select(void)
 	if (typesystem->stratum >= sys_orphan) {
 
 		/*
-		 * If in orphan mode, choose the system peer. If the
-		 * lowest distance, we are the orphan parent and the
-		 * offset is zero.
+		 * If in orphan modeand the lowest distance, we are the
+		 * orphan parent otherwise, we are an orphan child.
 		 */
+		if (sys_orphandelay <= typesystem->rootdelay) {
+			sys_peer = NULL;
+			return;
+		}
 		sys_peer = typesystem;
 		sys_peer->status = CTL_PST_SEL_SYSPEER;
-		if (sys_orphandelay < sys_peer->rootdelay) {
-			sys_offset = 0;
-			sys_refid = htonl(LOOPBACKADR);
-		} else {
-			sys_offset = sys_peer->offset;
-			sys_refid = addr2refid(&sys_peer->srcadr);
-		}
+		sys_offset = sys_peer->offset;
+		sys_refid = addr2refid(&sys_peer->srcadr);
 		sys_jitter = LOGTOD(sys_precision);
 #ifdef DEBUG
 		if (debug > 1)
@@ -2415,7 +2457,7 @@ clock_select(void)
 		else
 			sys_refid = addr2refid(&sys_peer->srcadr);
 		sys_jitter = SQRT(SQUARE(sys_peer->jitter) +
-		    SQUARE(sys_jitter));
+		    SQUARE(sys_jitter) + SQUARE(seljitter));
 #ifdef DEBUG
 		if (debug > 1)
 			printf("select: combine offset %.6f\n",
@@ -2442,7 +2484,7 @@ clock_select(void)
 		    msyslog(LOG_INFO, "synchronized to %s, stratum %d",
 			src, sys_peer->stratum);
 	}
-	clock_update();
+	clock_update(sys_peer);
 }
 
 
@@ -2451,8 +2493,8 @@ clock_select(void)
  */
 static void
 clock_combine(
-	struct peer **peers,		/* survivor list */
-	int	npeers			/* number of survivors */
+	struct peer **peers,	/* survivor list */
+	int	npeers		/* number of survivors */
 	)
 {
 	int	i;
@@ -2469,32 +2511,33 @@ clock_combine(
 	sys_jitter = SQRT(w / y);
 }
 
+
 /*
  * root_distance - compute synchronization distance from peer to root
  */
 static double
 root_distance(
-	struct peer *peer
+	struct peer *peer	/* peer structure pointer */
 	)
 {
-	double	dist;
+	double ftemp;
 
 	/*
 	 * Careful squeak here. The value returned must be greater than
 	 * the minimum root dispersion in order to avoid clockhop with
-	 * highly precise reference clocks. In orphan mode lose the peer
-	 * root delay, as that is used by the election algorithm.
+	 * highly precise reference clocks. In orphan mode use only the
+	 * peer root delay, as that is used by the mitigation algorithm.
 	 */
 	if (peer->stratum >= sys_orphan)
-		dist = 0;
+		ftemp = 0;
 	else
-		dist = peer->rootdelay;
-	dist += max(sys_mindisp, dist + peer->delay) / 2 +
-	    peer->rootdispersion + peer->disp + clock_phi *
-	    (current_time - peer->update) + peer->jitter;
-	return (dist);
+		ftemp = peer->rootdelay;
+	return ((peer->delay + ftemp) / 2 + peer->disp +
+	    peer->rootdisp + clock_phi * (current_time - peer->update) +
+	    peer->jitter);
 }
 
+
 /*
  * peer_xmit - send packet for persistent association.
  */
@@ -2508,59 +2551,20 @@ peer_xmit(
 	keyid_t	xkeyid = 0;	/* transmit key ID */
 	l_fp	xmt_tx;
 
-	if (!peer->dstadr)	/* don't bother with peers without interface */
+	if (!peer->dstadr)	/* drop peers without interface */
 		return;
 
 	/*
-	 * This is deliciously complicated. There are three cases.
-	 *
-	 * case		leap	stratum	refid	delay	dispersion
-	 *
-	 * normal	system	system	system	system	system
-	 * orphan child	00	orphan	system	orphan	system
-	 * orphan parent 00	orphan	loopbk	0	0
-	 */
-	/*
-	 * This is a normal packet. Use the system variables.
-	 */
-	if (sys_stratum < sys_orphan) {
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap,
-		    peer->version, peer->hmode);
-		xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
-		xpkt.refid = sys_refid;
-		xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay));
-		xpkt.rootdispersion =
-		    HTONS_FP(DTOUFP(sys_rootdispersion));
-
-	/*
-	 * This is a orphan child packet. The host is synchronized to an
-	 * orphan parent. Show leap synchronized, orphan stratum, system
-	 * reference ID, orphan root delay and system root dispersion.
-	 */
-	} else if (sys_peer != NULL) {
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-		    peer->version, peer->hmode);
-		xpkt.stratum = STRATUM_TO_PKT(sys_orphan);
-		xpkt.refid = htonl(LOOPBACKADR);
-		xpkt.rootdelay = HTONS_FP(DTOFP(sys_orphandelay));
-		xpkt.rootdispersion =
-		    HTONS_FP(DTOUFP(sys_rootdispersion));
-
-	/*
-	 * This is an orphan parent. Show leap synchronized, orphan
-	 * stratum, loopack reference ID and zero root delay and root
-	 * dispersion.
+	 * Construct the packet header.
 	 */
-	} else {
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-		    peer->version, peer->hmode);
-		xpkt.stratum = STRATUM_TO_PKT(sys_orphan);
-		xpkt.refid = sys_refid;
-		xpkt.rootdelay = 0;
-		xpkt.rootdispersion = 0;
-	}
+	xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap, peer->version,
+	    peer->hmode);
+	xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
 	xpkt.ppoll = peer->hpoll;
 	xpkt.precision = sys_precision;
+	xpkt.refid = sys_refid;
+	xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay));
+	xpkt.rootdisp =  HTONS_FP(DTOUFP(sys_rootdisp));
 	HTONL_FP(&sys_reftime, &xpkt.reftime);
 	HTONL_FP(&peer->org, &xpkt.org);
 	HTONL_FP(&peer->rec, &xpkt.rec);
@@ -2596,9 +2600,9 @@ peer_xmit(
 	}
 
 	/*
-	 * The received packet contains a MAC, so the transmitted packet
-	 * must be authenticated. If autokey is enabled, fuss with the
-	 * various modes; otherwise, symmetric key cryptography is used.
+	 * Authentication is enabled, so the transmitted packet must be
+	 * authenticated. If autokey is enabled, fuss with the various
+	 * modes; otherwise, symmetric key cryptography is used.
 	 */
 #ifdef OPENSSL
 	if (crypto_flags && (peer->flags & FLAG_SKEY)) {
@@ -2672,10 +2676,10 @@ peer_xmit(
 		case MODE_BROADCAST:
 			if (peer->flags & FLAG_ASSOC)
 				exten = crypto_args(peer, CRYPTO_AUTO |
-				    CRYPTO_RESP, NULL);
+				    CRYPTO_RESP, peer->associd, NULL);
 			else
 				exten = crypto_args(peer, CRYPTO_ASSOC |
-				    CRYPTO_RESP, NULL);
+				    CRYPTO_RESP, peer->associd, NULL);
 			break;
 
 		/*
@@ -2698,10 +2702,10 @@ peer_xmit(
 			 */
 			if (!peer->crypto)
 				exten = crypto_args(peer, CRYPTO_ASSOC,
-				    sys_hostname);
+				    peer->associd, sys_hostname);
 			else if (!(peer->crypto & CRYPTO_FLAG_VALID))
 				exten = crypto_args(peer, CRYPTO_CERT,
-				    peer->issuer);
+				    peer->associd, peer->issuer);
 
 			/*
 			 * Identity. Note we have to sign the
@@ -2711,11 +2715,12 @@ peer_xmit(
 			 */
 			else if (!(peer->crypto & CRYPTO_FLAG_VRFY))
 				exten = crypto_args(peer,
-				    crypto_ident(peer), NULL);
+				    crypto_ident(peer), peer->associd,
+				    NULL);
 			else if (sys_leap != LEAP_NOTINSYNC &&
 			    !(peer->crypto & CRYPTO_FLAG_SIGN))
 				exten = crypto_args(peer, CRYPTO_SIGN,
-				    sys_hostname);
+				    peer->associd, sys_hostname);
 
 			/*
 			 * Autokey. We request the cookie only when the
@@ -2731,13 +2736,13 @@ peer_xmit(
 			    peer->leap != LEAP_NOTINSYNC &&
 			    !(peer->crypto & CRYPTO_FLAG_AGREE))
 				exten = crypto_args(peer, CRYPTO_COOK,
-				    NULL);
+				    peer->associd, NULL);
 			else if (peer->flags & FLAG_ASSOC)
 				exten = crypto_args(peer, CRYPTO_AUTO |
-				    CRYPTO_RESP, NULL);
+				    CRYPTO_RESP, peer->associd, NULL);
 			else if (!(peer->crypto & CRYPTO_FLAG_AUTO))
 				exten = crypto_args(peer, CRYPTO_AUTO,
-				    NULL);
+				    peer->associd, NULL);
 
 			/*
 			 * Postamble. We trade leapseconds only when the
@@ -2747,7 +2752,7 @@ peer_xmit(
 			    peer->leap != LEAP_NOTINSYNC &&
 			    !(peer->crypto & CRYPTO_FLAG_LEAP))
 				exten = crypto_args(peer, CRYPTO_TAI,
-				    NULL);
+				    peer->associd, NULL);
 			break;
 
 		/*
@@ -2778,17 +2783,18 @@ peer_xmit(
 			 */
 			if (!peer->crypto)
 				exten = crypto_args(peer, CRYPTO_ASSOC,
-				    sys_hostname);
+				    peer->associd, sys_hostname);
 			else if (!(peer->crypto & CRYPTO_FLAG_VALID))
 				exten = crypto_args(peer, CRYPTO_CERT,
-				    peer->issuer);
+				    peer->associd, peer->issuer);
 
 			/*
 			 * Identity. Nothing special here.
 			 */
 			else if (!(peer->crypto & CRYPTO_FLAG_VRFY))
 				exten = crypto_args(peer,
-				    crypto_ident(peer), NULL);
+				    crypto_ident(peer), peer->associd,
+				    NULL);
 
 			/*
 			 * Cookie and autokey data. In broadcast client
@@ -2797,11 +2803,11 @@ peer_xmit(
 			 */
 			else if (!(peer->crypto & CRYPTO_FLAG_AGREE))
 				exten = crypto_args(peer, CRYPTO_COOK,
-				    NULL);
+				    peer->associd, NULL);
 			else if (!(peer->crypto & CRYPTO_FLAG_AUTO) &&
 			    (peer->cast_flags & MDF_BCLNT))
 				exten = crypto_args(peer, CRYPTO_AUTO,
-				    NULL);
+				    peer->assoc, NULL);
 
 			/*
 			 * Postamble. We can sign the certificate here,
@@ -2810,11 +2816,11 @@ peer_xmit(
 			else if (sys_leap != LEAP_NOTINSYNC &&
 				!(peer->crypto & CRYPTO_FLAG_SIGN))
 				exten = crypto_args(peer, CRYPTO_SIGN,
-				    sys_hostname);
+				    peer->associd, sys_hostname);
 			else if (sys_leap != LEAP_NOTINSYNC &&
 			    !(peer->crypto & CRYPTO_FLAG_LEAP))
 				exten = crypto_args(peer, CRYPTO_TAI,
-				    NULL);
+				    peer->associd, NULL);
 			break;
 		}
 
@@ -2945,28 +2951,12 @@ fast_xmit(
 	 * buffer provided. We leave some fields intact as received. If
 	 * the gazinta was from a multicast address, the gazoutta must
 	 * go out another way.
-	 *
-	 * The root delay field is special. If the system stratum is
-	 * less than the orphan stratum, send the real root delay.
-	 * Otherwise, if there is no system peer, send the orphan delay.
-	 * Otherwise, we must be an orphan parent, so send zero.
 	 */
 	rpkt = &rbufp->recv_pkt;
 	if (rbufp->dstadr->flags & INT_MCASTOPEN)
 		rbufp->dstadr = findinterface(&rbufp->recv_srcadr);
-
-	/*
-	 * This is deliciously complicated. There are four cases.
-	 *
-	 * case		leap	stratum	refid	delay	dispersion
-	 *
-	 * KoD		11	16	KISS	system	system
-	 * normal	system	system	system	system	system
-	 * orphan child	00	orphan	system	orphan	system
-	 * orphan parent 00	orphan	loopbk	0	0
-	 */
 	/*
-	 * This is a kiss-of-death (KoD) packet. Show leap
+	 * If this is a kiss-of-death (KoD) packet, show leap
 	 * unsynchronized, stratum zero, reference ID the four-character
 	 * kiss code and system root delay. Note the rate limit on these
 	 * packets. Once a second initialize a bucket counter. Every
@@ -2984,53 +2974,24 @@ fast_xmit(
 		xpkt.stratum = STRATUM_PKT_UNSPEC;
 		memcpy(&xpkt.refid, "RATE", 4);
 		xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay));
-		xpkt.rootdispersion =
-		    HTONS_FP(DTOUFP(sys_rootdispersion));
+		xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp));
 
 	/*
 	 * This is a normal packet. Use the system variables.
 	 */
-	} else if (sys_stratum < sys_orphan) {
+	} else {
 		xpkt.li_vn_mode = PKT_LI_VN_MODE(sys_leap,
 		    PKT_VERSION(rpkt->li_vn_mode), xmode);
 		xpkt.stratum = STRATUM_TO_PKT(sys_stratum);
+		xpkt.ppoll = rpkt->ppoll;
+		xpkt.precision = sys_precision;
 		xpkt.refid = sys_refid;
 		xpkt.rootdelay = HTONS_FP(DTOFP(sys_rootdelay));
-		xpkt.rootdispersion =
-		    HTONS_FP(DTOUFP(sys_rootdispersion));
-
-	/*
-	 * This is a orphan child packet. The host is synchronized to an
-	 * orphan parent. Show leap synchronized, orphan stratum, system
-	 * reference ID and orphan root delay.
-	 */
-	} else if (sys_peer != NULL) {
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-		    PKT_VERSION(rpkt->li_vn_mode), xmode);
-		xpkt.stratum = STRATUM_TO_PKT(sys_orphan);
-		xpkt.refid = sys_refid;
-		xpkt.rootdelay = HTONS_FP(DTOFP(sys_orphandelay));
-		xpkt.rootdispersion =
-		    HTONS_FP(DTOUFP(sys_rootdispersion));
-
-	/*
-	 * This is an orphan parent. Show leap synchronized, orphan
-	 * stratum, loopback reference ID and zero root delay.
-	 */
-	} else {
-		xpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-		    PKT_VERSION(rpkt->li_vn_mode), xmode);
-		xpkt.stratum = STRATUM_TO_PKT(sys_orphan);
-		xpkt.refid = htonl(LOOPBACKADR);
-		xpkt.rootdelay = HTONS_FP(DTOFP(0));
-		xpkt.rootdispersion = HTONS_FP(DTOFP(0));
+		xpkt.rootdisp = HTONS_FP(DTOUFP(sys_rootdisp));
+		HTONL_FP(&sys_reftime, &xpkt.reftime);
+		xpkt.org = rpkt->xmt;
+		HTONL_FP(&rbufp->recv_time, &xpkt.rec);
 	}
-	xpkt.ppoll = rpkt->ppoll;
-	xpkt.precision = sys_precision;
-	xpkt.rootdispersion = HTONS_FP(DTOUFP(sys_rootdispersion));
-	HTONL_FP(&sys_reftime, &xpkt.reftime);
-	xpkt.org = rpkt->xmt;
-	HTONL_FP(&rbufp->recv_time, &xpkt.rec);
 
 	/*
 	 * If the received packet contains a MAC, the transmitted packet
@@ -3045,7 +3006,8 @@ fast_xmit(
 		    sendlen);
 #ifdef DEBUG
 		if (debug)
-			printf("transmit: at %ld %s->%s mode %d len %d\n",
+			printf(
+			    "transmit: at %ld %s->%s mode %d len %d\n",
 			    current_time, stoa(&rbufp->dstadr->sin),
 			    stoa(&rbufp->recv_srcadr), xmode, sendlen);
 #endif
@@ -3146,7 +3108,8 @@ key_expire(
 	peer->flags &= ~FLAG_ASSOC;
 #ifdef DEBUG
 	if (debug)
-		printf("key_expire: at %lu\n", current_time);
+		printf("key_expire: at %lu associd %d\n", current_time,
+		    peer->associd);
 #endif
 }
 #endif /* OPENSSL */
@@ -3299,7 +3262,7 @@ init_proto(void)
 	sys_stratum = STRATUM_UNSPEC;
 	sys_peer = NULL;
 	sys_rootdelay = 0;
-	sys_rootdispersion = 0;
+	sys_rootdisp = 0;
 	L_CLR(&sys_reftime);
 	sys_jitter = 0;
 	sys_peer = NULL;
@@ -3342,196 +3305,133 @@ proto_config(
 	/*
 	 * Figure out what he wants to change, then do it
 	 */
+#ifdef DEBUG
+	if (debug > 1)
+		printf("proto_config: code %d value %lu dvalue %lf\n",
+		    item, value, dvalue);
+#endif
 	switch (item) {
 
 	/*
-	 * Turn on/off kernel discipline.
+	 * enable and disable commands - arguments are Boolean.
 	 */
-	case PROTO_KERNEL:
-		kern_enable = (int)value;
+	case PROTO_AUTHENTICATE: /* authentication (auth) */
+		sys_authenticate = value;
 		break;
 
-	/*
-	 * Turn on/off clock discipline.
-	 */
-	case PROTO_NTP:
-		ntp_enable = (int)value;
+	case PROTO_BROADCLIENT: /* broadcast client (bclient) */
+		sys_bclient = (int)value;
+		if (sys_bclient == 0)
+			io_unsetbclient();
+		else
+			io_setbclient();
 		break;
 
-	/*
-	 * Turn on/off monitoring.
-	 */
-	case PROTO_MONITOR:
-		if (value)
-			mon_start(MON_ON);
-		else
-			mon_stop(MON_ON);
+#ifdef REFCLOCK
+	case PROTO_CAL:		/* refclock calibrate (calibrate) */
+		cal_enable = value;
 		break;
+#endif /* REFCLOCK */
 
-	/*
-	 * Turn on/off statistics.
-	 */
-	case PROTO_FILEGEN:
-		stats_control = (int)value;
+	case PROTO_KERNEL:	/* kernel discipline (kernel) */
+		kern_enable = value;
 		break;
 
-	/*
-	 * Turn on/off enable broadcasts.
-	 */
-	case PROTO_BROADCLIENT:
-		sys_bclient = (int)value;
-		if (sys_bclient == 0)
-			io_unsetbclient();
+	case PROTO_MONITOR:	/* monitoring (monitor) */
+		if (value)
+			mon_start(MON_ON);
 		else
-			io_setbclient();
+			mon_stop(MON_ON);
 		break;
 
-	/*
-	 * Turn on/off PPS discipline.
-	 */
-	case PROTO_PPS:
-		pps_enable = (int)value;
+	case PROTO_NTP:		/* NTP discipline (ntp) */
+		ntp_enable = value;
 		break;
 
-	/*
-	 * Add muliticast group address.
-	 */
-	case PROTO_MULTICAST_ADD:
-		if (svalue)
-		    io_multicast_add(*svalue);
-		sys_bclient = 1;
+	case PROTO_PPS:		/* PPS discipline (pps) */
+		pps_enable = value;
 		break;
 
-	/*
-	 * Delete multicast group address.
-	 */
-	case PROTO_MULTICAST_DEL:
-		if (svalue)
-		    io_multicast_del(*svalue);
+	case PROTO_FILEGEN:	/* statistics (stats) */
+		stats_control = value;
 		break;
 
 	/*
-	 * Set default broadcast delay.
+	 * tos command - arguments are double, sometimes cast to int
 	 */
-	case PROTO_BROADDELAY:
-		sys_bdelay = dvalue;
+	case PROTO_BEACON:	/* manycast beacon (beacon) */
+		sys_beacon = (int)dvalue;
 		break;
 
-	/*
-	 * Set modem call delay.
-	 */
-	case PROTO_CALLDELAY:
-		sys_calldelay = (int)value;
+	case PROTO_BROADDELAY:	/* default broadcast delay (bdelay) */
+		sys_bdelay = dvalue;
 		break;
 
-	/*
-	 * Turn on/off authentication to mobilize ephemeral
-	 * associations.
-	 */
-	case PROTO_AUTHENTICATE:
-		sys_authenticate = (int)value;
+	case PROTO_CEILING:	/* stratum ceiling (ceiling) */
+		sys_ceiling = (int)dvalue;
 		break;
 
-	/*
-	 * Set minimum number of survivors.
-	 */
-	case PROTO_MINCLOCK:
-		sys_minclock = (int)dvalue;
+	case PROTO_MAXHOP:	/* clockhop threshold (clockhop) */
+		sys_maxhop = (int)dvalue;
 		break;
 
-	/*
-	 * Set maximum number of preemptable associations.
-	 */
-	case PROTO_MAXCLOCK:
-		sys_maxclock = (int)dvalue;
+	case PROTO_COHORT:	/* cohort switch (cohort) */
+		sys_cohort = (int)dvalue;
 		break;
 
-	/*
-	 * Set minimum number of survivors.
-	 */
-	case PROTO_MINSANE:
-		sys_minsane = (int)dvalue;
+	case PROTO_FLOOR:	/* stratum floor (floor) */
+		sys_floor = (int)dvalue;
 		break;
 
-	/*
-	 * Set stratum floor.
-	 */
-	case PROTO_FLOOR:
-		sys_floor = (int)dvalue;
+	case PROTO_MAXCLOCK:	/* maximum candidates (maxclock) */
+		sys_maxclock = (int)dvalue;
 		break;
 
-	/*
-	 * Set stratum ceiling.
-	 */
-	case PROTO_CEILING:
-		sys_ceiling = (int)dvalue;
+	case PROTO_MAXDIST:	/* select threshold (maxdist) */
+		sys_maxdist = dvalue;
 		break;
 
-	/*
-	 * Set orphan stratum.
-	 */
-	case PROTO_ORPHAN:
-		sys_orphan = (int)dvalue;
+	case PROTO_CALLDELAY:	/* modem call delay (mdelay) */
+		sys_calldelay = (int)dvalue;
 		break;
 
-	/*
-	 * Set cohort switch.
-	 */
-	case PROTO_COHORT:
-		sys_cohort = (int)dvalue;
+	case PROTO_MINCLOCK:	/* minimum candidates (minclock) */
+		sys_minclock = (int)dvalue;
 		break;
 
-	/*
-	 * Set minimum dispersion increment.
-	 */
-	case PROTO_MINDISP:
+	case PROTO_MINDISP:	/* distance increment (mindist) */
 		sys_mindisp = dvalue;
 		break;
 
-	/*
-	 * Set maximum distance (select threshold).
-	 */
-	case PROTO_MAXDIST:
-		sys_maxdist = dvalue;
+	case PROTO_MINSANE:	/* minimum survivors (minsane) */
+		sys_minsane = (int)dvalue;
 		break;
 
-	/*
-	 * Set anticlockhop threshold.
-	 */
-	case PROTO_MAXHOP:
-		sys_maxhop = (int)dvalue;
+	case PROTO_ORPHAN:	/* orphan stratum (orphan) */
+		sys_orphan = (int)dvalue;
 		break;
 
-	/*
-	 * Set adjtime() resolution (s).
-	 */
-	case PROTO_ADJ:
+	case PROTO_ADJ:		/* tick increment (tick) */
 		sys_tick = dvalue;
 		break;
 
 	/*
-	 * Set manycast beacon interval.
+	 * Miscellaneous commands
 	 */
-	case PROTO_BEACON:
-		sys_beacon = (int)dvalue;
+	case PROTO_MULTICAST_ADD: /* add group address */
+		if (svalue)
+		    io_multicast_add(*svalue);
+		sys_bclient = 1;
 		break;
 
-#ifdef REFCLOCK
-	/*
-	 * Turn on/off refclock calibrate
-	 */
-	case PROTO_CAL:
-		cal_enable = (int)value;
+	case PROTO_MULTICAST_DEL: /* delete group address */
+		if (svalue)
+		    io_multicast_del(*svalue);
 		break;
-#endif /* REFCLOCK */
-	default:
 
-		/*
-		 * Log this error.
-		 */
+	default:
 		msyslog(LOG_INFO,
-		    "proto_config: illegal item %d, value %ld", item,
-		    value);
+		    "proto_config: unsupported option %d", item);
 	}
 }
 

==== ntpd/ntp_refclock.c ====
2007-08-17 01:37:11-04:00, stenn at whimsy.udel.edu +4 -6
  Cleanup from Dave Mills

--- 1.76/ntpd/ntp_refclock.c	2007-01-03 16:40:04 -05:00
+++ 1.77/ntpd/ntp_refclock.c	2007-08-17 01:37:11 -04:00
@@ -365,8 +365,10 @@ refclock_transmit(
 		 * Update reachability and poll variables like the
 		 * network code.
 		 */
-		oreach = peer->reach;
+		oreach = peer->reach & 0xfe;
 		peer->reach <<= 1;
+		if (!(peer->reach & 0x0f))
+			clock_filter(peer, 0., 0., MAXDISPERSE);
 		peer->outdate = current_time;
 		if (!peer->reach) {
 			if (oreach) {
@@ -374,10 +376,6 @@ refclock_transmit(
 				peer->timereachable = current_time;
 			}
 		} else {
-			if (!(oreach & 0x07)) {
-				clock_filter(peer, 0., 0., MAXDISPERSE);
-				clock_select();
-			}
 			if (peer->flags & FLAG_BURST)
 				peer->burst = NSTAGE;
 		}
@@ -617,7 +615,7 @@ refclock_receive(
 	peer->reach |= 1;
 	peer->reftime = pp->lastref;
 	peer->org = pp->lastrec;
-	peer->rootdispersion = pp->disp;
+	peer->rootdisp = pp->disp;
 	get_systime(&peer->rec);
 	if (!refclock_sample(pp))
 		return;

==== ntpd/ntp_request.c ====
2007-08-17 01:37:12-04:00, stenn at whimsy.udel.edu +4 -4
  Cleanup from Dave Mills

--- 1.68/ntpd/ntp_request.c	2007-06-02 18:28:46 -04:00
+++ 1.69/ntpd/ntp_request.c	2007-08-17 01:37:12 -04:00
@@ -915,7 +915,7 @@ peer_info (
 		ip->ttl = pp->ttl;
 		ip->associd = htons(pp->associd);
 		ip->rootdelay = HTONS_FP(DTOUFP(pp->rootdelay));
-		ip->rootdispersion = HTONS_FP(DTOUFP(pp->rootdispersion));
+		ip->rootdispersion = HTONS_FP(DTOUFP(pp->rootdisp));
 		ip->refid = pp->refid;
 		HTONL_FP(&pp->reftime, &ip->reftime);
 		HTONL_FP(&pp->org, &ip->org);
@@ -1098,7 +1098,7 @@ sys_info(
 	is->stratum = sys_stratum;
 	is->precision = sys_precision;
 	is->rootdelay = htonl(DTOFP(sys_rootdelay));
-	is->rootdispersion = htonl(DTOUFP(sys_rootdispersion));
+	is->rootdispersion = htonl(DTOUFP(sys_rootdisp));
 	is->frequency = htonl(DTOFP(sys_jitter));
 	is->stability = htonl(DTOUFP(clock_stability));
 	is->refid = sys_refid;
@@ -1301,7 +1301,7 @@ loop_info(
 	extern double last_offset;
 	extern double drift_comp;
 	extern int tc_counter;
-	extern u_long sys_clocktime;
+	extern u_long sys_epoch;
 
 	li = (struct info_loop *)prepare_pkt(srcadr, inter, inpkt,
 	    sizeof(struct info_loop));
@@ -1311,7 +1311,7 @@ loop_info(
 	DTOLFP(drift_comp * 1e6, &ltmp);
 	HTONL_FP(&ltmp, &li->drift_comp);
 	li->compliance = htonl((u_int32)(tc_counter));
-	li->watchdog_timer = htonl((u_int32)(current_time - sys_clocktime));
+	li->watchdog_timer = htonl((u_int32)(current_time - sys_epoch));
 
 	(void) more_pkt();
 	flush_pkt();

==== ntpd/ntp_restrict.c ====
2007-08-17 01:37:13-04:00, stenn at whimsy.udel.edu +2 -2
  Cleanup from Dave Mills

--- 1.22/ntpd/ntp_restrict.c	2006-09-08 19:23:11 -04:00
+++ 1.23/ntpd/ntp_restrict.c	2007-08-17 01:37:13 -04:00
@@ -259,7 +259,7 @@ restrictions(
 	 * The following implements a generalized call gap facility.
 	 * Douse the RES_LIMITED bit only if the interval since the last
 	 * packet is greater than res_min_interval and the average is
-	 * greater thatn res_avg_interval.
+	 * greater than res_avg_interval.
 	 */
 	if (!at_listhead || mon_enabled == MON_OFF) {
 		flags &= ~RES_LIMITED;
@@ -267,7 +267,7 @@ restrictions(
 		struct mon_data *md;
 
 		/*
-		 * At this poin the most recent arrival is first in the
+		 * At this point the most recent arrival is first in the
 		 * MRU list. Let the first 10 packets in for free until
 		 * the average stabilizes.
 		 */

==== ntpd/ntp_timer.c ====
2007-08-17 01:37:15-04:00, stenn at whimsy.udel.edu +7 -20
  Cleanup from Dave Mills

--- 1.39/ntpd/ntp_timer.c	2007-07-22 23:18:15 -04:00
+++ 1.40/ntpd/ntp_timer.c	2007-08-17 01:37:15 -04:00
@@ -264,9 +264,6 @@ void
 timer(void)
 {
 	register struct peer *peer, *next_peer;
-#ifdef OPENSSL
-	char	statstr[NTP_MAXSTRLEN]; /* statistics for filegen */
-#endif /* OPENSSL */
 	u_int	n;
 	l_fp	now;
 
@@ -322,24 +319,21 @@ timer(void)
 	 * here, cheerfully ignored.
 	 */
 	if (leap_sec > 0) {
-		sys_leap = LEAP_ADDSECOND;
 		leap_sec--;
 		if (leap_sec == 0) {
-			get_systime(&now);
-			msyslog(LOG_NOTICE, "timer: leap second at %u",
-			    now.l_ui);
 			sys_leap = LEAP_NOWARNING;
-			if (sys_tai > 0) {
+			if (sys_tai > 0)
 				sys_tai++;
 #ifdef KERNEL_PLL
-				if (!(pll_control && kern_enable))
-					step_systime(-1.0);
+			if (!(pll_control && kern_enable))
+				step_systime(-1.0);
 #else /* KERNEL_PLL */
 				step_systime(-1.0);
 #endif /* KERNEL_PLL */
-				msyslog(LOG_NOTICE,
-				    "timer: TAI offset %d s", sys_tai);
-			}
+			get_systime(&now);
+			msyslog(LOG_NOTICE,
+			    "timer: leap second at %u TAI %d s",
+			    now.l_ui);
 		}
 	}
 
@@ -370,13 +364,6 @@ timer(void)
 	    LEAP_NOTINSYNC) {
 		revoke_timer += sys_revoke;
 		expire_all();
-		sprintf(statstr, "refresh ts %u",
-		    ntohl(hostval.tstamp));
-		record_crypto_stats(NULL, statstr);
-#ifdef DEBUG
-		if (debug)
-			printf("timer: %s\n", statstr);
-#endif
 	}
 #endif /* OPENSSL */
 

==== ntpd/ntp_util.c ====
2007-08-17 01:37:15-04:00, stenn at whimsy.udel.edu +1 -3
  Cleanup from Dave Mills

--- 1.58/ntpd/ntp_util.c	2007-07-29 15:42:20 -04:00
+++ 1.59/ntpd/ntp_util.c	2007-08-17 01:37:15 -04:00
@@ -142,8 +142,6 @@ write_stats(void)
 {
 	FILE	*fp;
 	double	ftemp;
-
-
 #ifdef DOSYNCTODR
 	struct timeval tv;
 #if !defined(VMS)
@@ -830,7 +828,7 @@ leap_file(
 	leap_ins = leapsec;
 	leap_expire = expire;
 	msyslog(LOG_INFO,
-	    "leap_file: %s TAI offset %d s insert %lu expire %lu",
+	    "leap_file: %s TAI offset %d s at %lu expire %lu",
 	    cp, leap_tai, leap_ins, leap_expire);
 }
 

==== ntpd/ntpd.c ====
2007-08-17 01:37:17-04:00, stenn at whimsy.udel.edu +6 -21
  Cleanup from Dave Mills

--- 1.87/ntpd/ntpd.c	2007-06-07 06:39:53 -04:00
+++ 1.88/ntpd/ntpd.c	2007-08-17 01:37:17 -04:00
@@ -501,15 +501,6 @@ ntpdmain(
 	}
 #endif
 
-#ifdef OPENSSL
-	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
-		msyslog(LOG_ERR,
-		    "ntpd: OpenSSL version mismatch. Built against %lx, you have %lx",
-		    OPENSSL_VERSION_NUMBER, SSLeay());
-		exit(1);
-	}
-#endif
-
 	/* getstartup(argc, argv); / * startup configuration, may set debug */
 
 #ifdef DEBUG
@@ -841,9 +832,6 @@ ntpdmain(
 	getconfig(argc, argv);
 
 	loop_config(LOOP_DRIFTCOMP, old_drift);
-#ifdef OPENSSL
-	crypto_setup();
-#endif /* OPENSSL */
 	initializing = 0;
 
 #ifdef HAVE_DROPROOT
@@ -1156,24 +1144,21 @@ finish(
 	int sig
 	)
 {
-
 	msyslog(LOG_NOTICE, "ntpd exiting on signal %d", sig);
-	write_stats();
 #ifdef HAVE_DNSREGISTRATION
 	if (mdns != NULL)
-	DNSServiceRefDeallocate(mdns);
+		DNSServiceRefDeallocate(mdns);
 #endif
-
-	switch (sig)
-	{
+	switch (sig) {
 # ifdef SIGBUS
-		case SIGBUS:
+	case SIGBUS:
 		printf("\nfinish(SIGBUS)\n");
 		exit(0);
 # endif
-		case 0: 		/* Should never happen... */
+	case 0: 		/* Should never happen... */
 		return;
-		default:
+
+	default:
 		exit(0);
 	}
 }

==== ntpd/ntpsim.c ====
2007-08-17 01:37:19-04:00, stenn at whimsy.udel.edu +1 -1
  Cleanup from Dave Mills

--- 1.17/ntpd/ntpsim.c	2007-05-16 03:38:46 -04:00
+++ 1.18/ntpd/ntpsim.c	2007-08-17 01:37:19 -04:00
@@ -245,7 +245,7 @@ int simulate_server(
     xpkt.ppoll = rpkt->ppoll;
     xpkt.precision = rpkt->precision;
     xpkt.rootdelay = 0;
-    xpkt.rootdispersion = 0;
+    xpkt.rootdisp = 0;
     
     /* TIMESTAMP CALCULATIONS
             t1                           t4

==== ntpd/refclock_acts.c ====
2007-08-17 01:37:20-04:00, stenn at whimsy.udel.edu +1 -3
  Cleanup from Dave Mills

--- 1.30/ntpd/refclock_acts.c	2007-07-22 23:18:20 -04:00
+++ 1.31/ntpd/refclock_acts.c	2007-08-17 01:37:20 -04:00
@@ -136,6 +136,7 @@
 #define REFID		"NONE"	/* default reference ID */
 #define MSGCNT		20	/* max message count */
 #define SMAX		256	/* max clockstats line length */
+#define	MAXPHONE	10	/* max number of phone numbers */
 
 /*
  * Calling program modes
@@ -233,8 +234,6 @@ struct	refclock refclock_acts = {
 	acts_timer		/* housekeeping timer */
 };
 
-struct	refclock refclock_ptb;
-
 /*
  * Initialize data for processing
  */
@@ -925,7 +924,6 @@ acts_disc (
 	up->timer = SETUP;
 	up->state = S_CLOSE;
 }
-
 #else
 int refclock_acts_bs;
 #endif /* REFCLOCK */

==== ntpdate/ntpdate.c ====
2007-08-17 01:38:06-04:00, stenn at whimsy.udel.edu +2 -2
  Cleanup from Dave Mills

--- 1.62/ntpdate/ntpdate.c	2007-02-21 15:29:35 -05:00
+++ 1.63/ntpdate/ntpdate.c	2007-08-17 01:38:06 -04:00
@@ -720,7 +720,7 @@ transmit(
 	xpkt.ppoll = NTP_MINPOLL;
 	xpkt.precision = NTPDATE_PRECISION;
 	xpkt.rootdelay = htonl(NTPDATE_DISTANCE);
-	xpkt.rootdispersion = htonl(NTPDATE_DISP);
+	xpkt.rootdisp = htonl(NTPDATE_DISP);
 	xpkt.refid = htonl(NTPDATE_REFID);
 	L_CLR(&xpkt.reftime);
 	L_CLR(&xpkt.org);
@@ -865,7 +865,7 @@ receive(
 	server->stratum = PKT_TO_STRATUM(rpkt->stratum);
 	server->precision = rpkt->precision;
 	server->rootdelay = ntohl(rpkt->rootdelay);
-	server->rootdispersion = ntohl(rpkt->rootdispersion);
+	server->rootdisp = ntohl(rpkt->rootdisp);
 	server->refid = rpkt->refid;
 	NTOHL_FP(&rpkt->reftime, &server->reftime);
 	NTOHL_FP(&rpkt->rec, &rec);

==== ntpdate/ntpdate.h ====
2007-08-17 01:38:07-04:00, stenn at whimsy.udel.edu +1 -1
  Cleanup from Dave Mills

--- 1.8/ntpdate/ntpdate.h	2007-01-03 16:40:11 -05:00
+++ 1.9/ntpdate/ntpdate.h	2007-08-17 01:38:07 -04:00
@@ -22,7 +22,7 @@ struct server {
 	s_char precision;		/* server's clock precision */
 	u_char trust;			/* trustability of the filtered data */
 	u_fp rootdelay;			/* distance from primary clock */
-	u_fp rootdispersion;		/* peer clock dispersion */
+	u_fp rootdisp;			/* peer clock dispersion */
 	u_int32 refid;			/* peer reference ID */
 	l_fp reftime;			/* time of peer's last update */
 	u_long event_time;		/* time for next timeout */

==== ntpq/ntpq.c ====
2007-08-17 01:38:18-04:00, stenn at whimsy.udel.edu +4 -4
  Cleanup from Dave Mills

--- 1.68/ntpq/ntpq.c	2007-04-18 16:29:52 -04:00
+++ 1.69/ntpq/ntpq.c	2007-08-17 01:38:18 -04:00
@@ -224,17 +224,17 @@ struct ctl_var clock_var[] = {
 static const char *tstflagnames[] = {
 	"pkt_dup",		/* TEST1 */
 	"pkt_bogus",		/* TEST2 */
-	"pkt_proto",		/* TEST3 */
+	"pkt_unsync",		/* TEST3 */
 	"pkt_denied",		/* TEST4 */
 	"pkt_auth",		/* TEST5 */
-	"pkt_synch",		/* TEST6 */
-	"pkt_dist",		/* TEST7 */
+	"pkt_stratum",		/* TEST6 */
+	"pkt_head",		/* TEST7 */
 	"pkt_autokey",		/* TEST8 */
 	"pkt_crypto",		/* TEST9 */
 	"peer_stratum",		/* TEST10 */
 	"peer_dist",		/* TEST11 */
 	"peer_loop",		/* TEST12 */
-	"peer_unfit"		/* TEST13 */
+	"peer_unreach"		/* TEST13 */
 };
 
 


More information about the bk-ntp-dev-send mailing list