1182007SrobertoSNTP (Simple Network Time Protocol Utility) - Version 1.6 2132451Sroberto---------------------------------------------------------- 3132451Sroberto 4132451SrobertoPlease read the file Copyright first. Also note that the file RFC2030.TXT is 5132451SrobertoDavid Mills's copyright and not the author's - it is just a copy of the RFC 6132451Srobertothat is available from so many Internet archives. 7132451Sroberto 8132451SrobertoRFC 1305 (Network Time Protocol - NTP) is an attempt to provide globally 9132451Srobertoconsistent timestamps in an extremely hostile environment; it is fiendishly 10132451Srobertocomplicated and an impressive piece of virtuosity. RFC 2030 (Simple Network 11132451SrobertoTime Protocol - SNTP) which supersedes RFC 1769 describes a subset of this that 12132451Srobertowill give excellent accuracy in most environments encountered in practice; it 13132451Srobertouses only the obvious algorithms that have been used since time immemorial. 14132451Sroberto 15132451SrobertoWARNING: the text version of RFC 1305 is incomplete, and omits the tables that 16132451Srobertoare in the Postscript version. Unfortunately, these contain the only copy of 17132451Srobertosome critical information. 18132451Sroberto 19182007Srobertodraft-mills-sntp-v4-00.txt is the next proposed revision of RFC 2030, 20182007Srobertoand the current goal is to have this code implement that specification. 21132451Sroberto 22132451SrobertoSNTP Servers - Some Little-Known Facts 23132451Sroberto-------------------------------------- 24132451Sroberto 25132451SrobertoRFC 2030 states that SNTP clients should be used only at the lowest level, 26132451Srobertowhich is good practice. It then states that SNTP servers should be used only 27132451Srobertoat stratum 1 (i.e. top level), which is bizarre! A far saner use of them would 28132451Srobertobe for the very lowest level of server, exporting solely to local clients that 29132451Srobertodo not themselves act as servers to ANY system (e.g. on a Netware server, 30132451Srobertoexporting only to the PCs that it manages). 31132451Sroberto 32182007Sroberto[There is missing language in the previous paragraph. SNTP is designed 33182007Srobertoto be used in 2 cases: as a client at the lowest levels of the timing 34182007Srobertohierarchy, or as a server of last resort at stratum 1 when connected to 35182007Srobertoa modem or radio clock.] 36182007Sroberto 37182007Sroberto[This is as far as I have updated this file as part of the upgrade.] 38182007Sroberto 39132451SrobertoIf the NTP network were being run as a directed acyclic graph (i.e. using SNTP 40132451Srobertorather than full NTP), with a diameter of D links and a maximum error per link 41132451Srobertoof E, the maximum synchronisation error would be D*E. Reasonable figures for D 42132451Srobertoand E are 5 and 0.1 seconds, so this would be adequate for most uses. Note 43132451Srobertothat the fact that the graph is acyclic is critical, which is one reason why 44132451SrobertoSNTP client/servers must NEVER be embedded WITHIN an NTP network. 45132451Sroberto 46132451SrobertoThe other reason is that inserting SNTP client/servers at a low stratum (but 47132451Srobertonot the root) of an NTP network could easily break NTP! See RFC 1305 for why, 48132451Srobertobut don't expect the answer to stand out at you. It would be easy to extend 49182007SrobertoSNTP to a full-function client/server application, thus making it into a true 50182007Srobertoalternative to ntp, but this incompatibility is why it MUST NOT be done. 51132451Sroberto 52132451SrobertoThe above does not mean that the SNTP approach is unsatisfactory, but only that 53132451Srobertoit is incompatible with full NTP. The author would favour a complete SNTP 54132451Srobertonetwork using the SNTP approach, and the statistical error reduction used in 55182007SrobertoSNTP, but it actually addresses a slightly different problem from that 56132451Srobertoaddressed by NTP. TANSTAAFL. 57132451Sroberto 58132451SrobertoFINAL WARNING: do NOT use this program to serve NTP requests from outside the 59132451Srobertosystems that you manage. If you do this, and manage to break the time 60132451Srobertosynchronisation on other people's systems, you will be regarded very 61132451Srobertounfavourably. Actually, this should be possible only if their NTP client is 62182007Srobertocompletely broken, because SNTP does its damnedest to declare its packets as 63132451Srobertothe lowest form of NTP timestamp. 64132451Sroberto 65132451Sroberto 66132451Sroberto 67182007SrobertoSNTP and its Assumptions 68132451Sroberto------------------------- 69132451Sroberto 70182007SrobertoSNTP is intended to be a straightforward SNTP daemon/utility that is easy to 71132451Srobertobuild on any reasonable Unix platform (and most near-Unix ones), whether or not 72132451Srobertoit has ever been ported to them before. It is intended to answer the following 73132451Srobertorequirements, either by challenge and response or the less reliable broadcast 74132451Srobertomethod: 75132451Sroberto 76132451Sroberto A simple command to run on Unix systems that will check the time 77132451Sroberto and optionally drift compared with a known, local and reliable NTP 78132451Sroberto time server. No privilege is required just to read the time and 79132451Sroberto estimate the drift. 80132451Sroberto 81132451Sroberto A client for Unix systems that will synchronise the time from a known, 82132451Sroberto local and reliable NTP time server. This is probably the most common 83132451Sroberto one, and the need that caused the program to be written. 84132451Sroberto 85132451Sroberto A server for Unix systems that are synchronised other than by NTP 86132451Sroberto methods and that need to synchronise other systems by NTP. This is 87132451Sroberto the classroom of PCs with a central server scenario. It is NOT 88132451Sroberto intended to work as a peer with true NTP servers, and won't. 89132451Sroberto 90132451Sroberto A simple method by which two or more Unix systems can keep themselves 91132451Sroberto synchronised using what is becoming a standard protocol. Yes, I know 92132451Sroberto that there are half-a-dozen other such methods. 93132451Sroberto 94132451Sroberto A base for building non-Unix SNTP clients. Some 3/4 of the code 95132451Sroberto (including all of the complicated algorithms and NTP packet handling) 96132451Sroberto should work, unchanged, on any system with an ANSI/ISO C compiler. 97132451Sroberto 98132451SrobertoThere are full tracing facilities and a lot of paranoia in the code to check 99182007Srobertofor bad packets (more than in ntp) which may need relaxing in the light of 100132451Srobertoexperience. Unfortunately, RFC 1305 does not include a precise description of 101132451Srobertothe data protocol, despite its length, and there are some internal 102182007Srobertoinconsistencies and differences between it and RFC 2030 and ntp's behaviour. 103132451Sroberto 104182007SrobertoWARNING: SNTP has not been tested in conjunction with ntp broadcasts or ntp 105132451Srobertoclients, as the ability to do so was not available to the author. It is very 106132451Srobertounlikely that it won't work, but you should check. Much of the paranoid code 107132451Srobertois only partially tested, too, because it is dealing with cases that are very 108132451Srobertohard to provoke. 109132451Sroberto 110132451SrobertoIt assumes that the local network is tolerably secure and that any accessible 111132451SrobertoNTP or SNTP servers are trustworthy. It also makes no attempt to check that 112132451Srobertoit has been installed and is being used correctly (e.g. at an appropriate 113132451Srobertopriority) or that the changes it makes have the desired effect. When you first 114132451Srobertouse it, you should both run it in display mode and use the date command as a 115132451Srobertocross-check. 116132451Sroberto 117132451SrobertoFurthermore, it does not attempt to solve all of the problems addressed by the 118132451SrobertoNTP protocol and you should NOT use it if any of those problems are likely to 119182007Srobertocause you serious trouble. If they are, bite the bullet and implement ntp, or 120132451Srobertobuy a fancy time-server. 121132451Sroberto 122132451Sroberto 123132451SrobertoBuilding SNTP 124132451Sroberto------------- 125132451Sroberto 126132451SrobertoThe contents of the distribution are: 127132451Sroberto 128132451SrobertoREADME - this file 129132451SrobertoCopyright - the copyright notice and conditions of use 130132451SrobertoMakefile - the makefile, with comments for several systems 131132451Srobertoheader.h - the main header (almost entirely portable) 132132451Srobertokludges.h - dirty kludges for difficult systems 133132451Srobertointernet.h - a very small header for internet.c and socket.c 134132451Srobertomain.c - most of the source (almost entirely portable) 135132451Srobertounix.c - just for isatty, sleep and locking 136132451Srobertointernet.c - Internet host and service name lookup 137132451Srobertosocket.c - the Berkeley socket code 138182007Srobertosntp.1 - the man page 139132451SrobertoRFC2030.TXT - the SNTPv4 specification 140132451Sroberto 141132451SrobertoAll you SHOULD need to do is to uncomment the settings in file Makefile for 142132451Srobertoyour system or to add new ones. But real life is not always so simple. As 143132451SrobertoPOSIX does not yet define sub-second timers, Internet addressing facilities, 144132451Srobertosockets etc., the code has to rely on the facilities described in the 145132451Srobertoill-defined and non-standard 'X/Open' documents and the almost totally 146132451Srobertounspecified 'BSD' extensions. 147132451Sroberto 148132451SrobertoMost hacks should be limited to the compiler options (e.g. setting flags like 149132451Sroberto_XOPEN_SOURCE), but perverse systems may need additions to kludges.h - please 150132451Srobertoreport them to the author. See Makefile and kludges.h for documentation on 151132451Srobertothe standard hacks - there only 6, and most are only for obsolete systems. 152132451SrobertoBut, generally, using the generic set of C options usually works with no 153132451Srobertofurther ado. 154132451Sroberto 155132451Sroberto 156132451SrobertoSick, Bizarre or non-Unix Systems 157132451Sroberto--------------------------------- 158132451Sroberto 159132451SrobertoA very few Unix systems and almost all non-Unix systems may need changes to the 160132451Srobertocode, such as: 161132451Sroberto 162132451Sroberto If the system doesn't have Berkeley sockets, you will need to replace 163132451Sroberto socket.c and possibly modify internet.h and internet.c. All of the 164132451Sroberto systems for which the author needs this have Berkeley sockets. 165132451Sroberto 166132451Sroberto NTP is supposedly an Internet protocol, but is not Internet specific. 167132451Sroberto For other types of network, you will need to replace internet.c and 168132451Sroberto probably modify internet.h. 169132451Sroberto 170132451Sroberto If the system doesn't have gettimeofday or settimeofday, you will 171132451Sroberto need to modify timing.c. If it doesn't have adjtime (e.g. HP-UX 172132451Sroberto on PA-RISC before 10.0), you can set -DADJTIME_MISSING and the code 173132451Sroberto will compile but the -a option will always give an error. 174132451Sroberto 175132451Sroberto If the system has totally broken signal handling, the program will 176132451Sroberto hang or crash if it can't reach its name server or responses time 177132451Sroberto out. You may be able to improve matters by hacking internet.c and 178132451Sroberto socket.c, but don't bet on it. 179132451Sroberto 180132451Sroberto If the the program won't be able to create files in /etc when 181132451Sroberto updating the clock, you can use another lock file or even set 182132451Sroberto -DLOCKFILE=NULL, which will disable the locking code entirely. On 183132451Sroberto systems that have it, using /var/run would be better than /etc. 184132451Sroberto 185132451Sroberto If the the program hangs when flushing outstanding packets (which 186132451Sroberto you can tell by setting -W), it may help to set -DNONBLOCK_BROKEN. 187132451Sroberto This seems needed only for obsolete systems, like Ultrix. 188132451Sroberto 189132451Sroberto If the system isn't Unix, even vaguely, you will probably need to 190132451Sroberto modify all of the above, and unix.c as well. 191132451Sroberto 192132451Sroberto Note that adjtime is commonly sick, but you don't need to change the 193132451Sroberto code - just use the -r option whan making large corrections (see below 194132451Sroberto for more details). 195132451Sroberto 196132451SrobertoAny changes needed to header.h or main.c are bugs. They may be bugs in the 197132451Srobertocode or in the compiler or libraries, but they are bugs. Please prod the 198132451Srobertopeople responsible and tell the author, who may be able to bypass them cleanly 199132451Srobertoeven if they aren't bugs in his code. The code also makes the following 200132451Srobertoassumptions, which would be quite hard to remove: 201132451Sroberto 202132451Sroberto 8-bit bytes. Strictly, neither ANSI/ISO C nor POSIX require these, 203132451Sroberto and there were some very early versions of Unix on systems with other 204132451Sroberto byte sizes. But, without a defined sub-byte facility in C, .... 205132451Sroberto 206132451Sroberto At least 32-bit ints. Well, actually, this wouldn't be too hard to 207132451Sroberto remove. But most Unix programs make this assumption, and I have very 208132451Sroberto little interest in the more rudimentary versions of MS-DOS etc. 209132451Sroberto 210132451Sroberto An ANSI/ISO C compiler. It didn't seem worth writing dual-language 211132451Sroberto code in 1996. Tough luck if you haven't got one. 212132451Sroberto 213132451Sroberto Tolerably efficient floating-point arithmetic, with at least 13 digits 214132451Sroberto (decimal), preferably 15, in the mantissa of doubles. Ditto. If you 215132451Sroberto want to port this to a toaster, please accept my insincerest sympathies 216132451Sroberto and don't bother me. 217132451Sroberto 218132451Sroberto A trustworthy local network. It does not check for DNS, Ethernet, 219132451Sroberto packet or other spoofing, and assumes that any accessible NTP or SNTP 220132451Sroberto servers are properly synchronised. 221132451Sroberto 222132451Sroberto 223132451SrobertoWarnings about Installation and Use 224132451Sroberto----------------------------------- 225132451Sroberto 226132451SrobertoAnyone attempting to fiddle with the clock on their system should already know 227132451Srobertohow to write system administration scripts, install daemons and so on. There 228132451Srobertoare a few warnings: 229132451Sroberto 230132451Sroberto Don't use the broadcast modes unless you really have to, as the 231132451Sroberto client-server modes are far more reliable. The broadcast modes were 232132451Sroberto implemented more for virtuosity (a.k.a. SNTP conformance) than use. 233132451Sroberto In particular, the error estimates are mere guesses, and may be low 234132451Sroberto or even very low. And even reading broadcasts needs privilege. 235132451Sroberto 236132451Sroberto The program is not intended to be installed setuid or setgid, and 237132451Sroberto doing so is asking for trouble. Its ownerships and access modes are 238132451Sroberto not important. It need not be run by root for merely displaying the 239132451Sroberto time (even in daemon mode). 240132451Sroberto 241132451Sroberto The program does not need to run at a high priority (low in Unix 242132451Sroberto terms!) even when being used to set the clock or as a server, except 243132451Sroberto when the '-r' option is used. However, doing so may improve its 244132451Sroberto accuracy. 245132451Sroberto 246132451Sroberto Unlike NTP, the SNTP protocol contains no protection against 247132451Sroberto client-server loops. If you set one up, your systems will spin 248132451Sroberto themselves off into a disconnected vortex of unreality! 249132451Sroberto 250132451Sroberto It will get very confused if another process changes the local time 251132451Sroberto while it is running. There is some locking code in unix.c to prevent 252132451Sroberto this program doing this to itself, but it will protect only against 253132451Sroberto some errors. However, the remaining failures should be harmless. 254132451Sroberto 255132451Sroberto Don't run it as a server unless you REALLY know what you are doing. 256132451Sroberto It should be used as a server only on a system that is properly 257132451Sroberto synchronised, by fair means or foul. If it isn't, you will simply 258132451Sroberto perpetrate misinformation. And remember that broadcasts are most 259132451Sroberto unpopular with overloaded administrators of overloaded networks. 260132451Sroberto 261132451Sroberto Watch out for multi-server broadcasts and systems with multiple ports 262132451Sroberto onto the same Ethernet; there is some code to protect against this, 263132451Sroberto but it is still easy to get confused. 264132451Sroberto 265132451Sroberto Don't put the lock file onto an automounted partition or delete it by 266132451Sroberto hand, unless you really want to start two daemons at the same time. 267132451Sroberto Both will probably fail horribly if you do this. 268132451Sroberto 269132451Sroberto The daemon save file is checked fairly carefully, but should be in a 270132451Sroberto reasonably safe directory, unless you want hackers to cause trouble. 271132451Sroberto /tmp is safe enough on most systems, but not all - /etc is better. 272132451Sroberto 273132451Sroberto 274132451SrobertoInstalling and Using the Program 275132451Sroberto-------------------------------- 276132451Sroberto 277132451SrobertoStart by copying the executable and man page to where you want them. If you 278132451Srobertowant only to display the time and as a replacement for the rdate or date 279132451Srobertocommands, the installation is finished! 280132451Sroberto 281132451SrobertoYou can use it as a simple unprivileged command to check the time, quite 282132451Srobertoindependently of whether it is running as a time-updating daemon or server, or 283182007Srobertowhether you are running ntp. You can run it in daemon mode without updating 284132451Srobertothe clock, to check for drift, but it may fail if the clock is changed under 285132451Srobertoits feet. Unfortunately, you cannot listen to broadcasts without privilege. 286132451Sroberto 287132451SrobertoIf it is used with the -a option to keep the time synchronised, it is best to 288132451Srobertorun it as one of root's cron jobs - for many systems, running it once a day 289132451Srobertoshould be adequate, but it will depend on the reliability of the local clock. 290132451SrobertoThe author runs it this way with -a and -x - see below. 291132451Sroberto 292132451SrobertoIf it is used with the -r option to set the time (instead of the rdate or date 293132451Srobertocommands), it should be used interactively and either on a lightly loaded 294132451Srobertosystem or at a high priority. You should then check the result by running it 295132451Srobertoin display mode. 296132451Sroberto 297132451SrobertoYou are advised NOT to run it with the -r option in a cron job, though this is 298132451Srobertonot locked out. If you have to (for example under HP-UX before 10.0), be sure 299132451Srobertoto run it as the highest priority that will not cause other system problems and 300132451Srobertoset the maximum automatic change to as low a value as you can get away with. 301132451Sroberto 302132451SrobertoWARNING: adjtime is more than a bit sick on many systems, and will ignore large 303132451Srobertocorrections, usually without any form of hint that it has done so. It is often 304132451Sroberto(even usually) necessary to reset the clock to approximately the right time 305132451Srobertousing the -r option before using the -a and -x options to keep it correct. 306132451Sroberto 307132451SrobertoIt can be started as a time-updating daemon with the -a and -x options (or -r 308132451Srobertoand -x if you must), and will perform some limited drift correction. In this 309132451Srobertocase, start it from any suitable system initialisation script and leave it 310132451Srobertorunning. Note that it will stop if it thinks that the time difference or drift 311132451Srobertohas got out of control, and you will need to reset the time and restart it by 312132451Srobertohand. 313132451Sroberto 314132451SrobertoIn daemon mode, it will survive its time server or network disappearing for a 315132451Srobertowhile, but will eventually fail, and will fail immediately if the network call 316132451Srobertoreturns an unexpected error. If this is a problem, you can start it (say, 317132451Srobertohourly or nightly) from cron, and it will fail if it is already running 318132451Sroberto(provided that you haven't disabled or deleted the lock file). 319132451Sroberto 320132451SrobertoIf it is used as a server, it should be started from any suitable system 321132451Srobertoinitialisation script, just like any other daemon. It must be started after 322132451Srobertothe networking, of course. To run it in both server modes, start one copy with 323132451Srobertothe -B option and one with the -S option. 324132451Sroberto 325132451Sroberto 326132451SrobertoSimple Examples of Use 327132451Sroberto---------------------- 328132451Sroberto 329132451SrobertoMany people use it solely to check the time of their system, especially as a 330182007Srobertocross-check on ntpd. You do not need privilege and it will not cause trouble 331132451Srobertoto the local network, so you can use it on someone else's system! You can 332132451Srobertospecify one server or several. For example: 333132451Sroberto 334132451Sroberto msntp ntp.server.local ntp.server.neighbour 335132451Sroberto 336132451SrobertoYou can use it to check how your system is drifting, but it isn't very good at 337132451Srobertothis if the system is drifting very badly (in which case use the previous 338182007Srobertotechnique and dc) or if you are running ntp. You do not need privilege and it 339132451Srobertowill not cause trouble to the local network. For example: 340132451Sroberto 341182007Sroberto sntp -x 120 -f /tmp/msntp.state ntp.server.local 342132451Sroberto 343132451SrobertoMore generally, it is used to synchronise the clock, in which case you DO need 344132451Srobertoroot privilege. It can be used in many ways, but the author favours running it 345132451Srobertoin daemon mode, started from a cron job, which will restart after power cuts 346132451Srobertowith no attention, and send a mail message (if cron is configured to do that) 347132451Srobertowhen it fails badly. For example, the author uses a root crontab entry on one 348132451Srobertosystem of: 349132451Sroberto 350182007Sroberto 15 0 * * * /bin/nice --10 /usr/local/bin/sntp -a -x 480 ntp.server.local 351132451Sroberto 352132451SrobertoIf you have a home computer, it can be set up to resynchronise each time you 353182007Srobertodial up. For example, the author uses a /etc/ppp/ip-up.d/sntp file on his 354132451Srobertohome Linux system of: 355132451Sroberto 356132451Sroberto #!/bin/sh 357132451Sroberto sleep 60 358182007Sroberto /bin/nice --10 /usr/local/sbin/sntp -r -P 60 ntp.server.local 359132451Sroberto 360132451Sroberto-a would be better, but adjtime is broken in Linux. 361132451Sroberto 362132451Sroberto 363132451SrobertoDebugging or Hacking the Program 364132451Sroberto-------------------------------- 365132451Sroberto 366132451SrobertoAlmost everybody who does this is likely to need to modify only the system 367132451Srobertointerfaces. While they are messy, they are pretty simple and have a simple 368132451Srobertospecification. This is documented in comments in the source. This is 369132451Srobertodescribed above. 370132451Sroberto 371132451SrobertoThe main program SHOULD need no attention, though it may need the odd tweak to 372132451Srobertobypass compiler problems - please report these, if you encounter any. If 373132451Srobertosomething looks odd while it is running, start by setting the -v option (lower 374132451Srobertocase), as for investigating network problems, and checking any diagnostics that 375132451Srobertoappear. Note that most of it can be checked in display mode without harming 376132451Srobertoyour system. 377132451Sroberto 378132451SrobertoThe client will sometimes give up, complaining about inconsistent timestamps or 379132451Srobertosimilar. This can be caused by the server being rebooted and similar glitches 380132451Srobertoto the time - unfortunately, there is no reliable way to tell an ignorable 381132451Srobertofluctuation from a server up the spout. If this happens annoyingly often, 382132451Srobertothe -V option may help tie down the problem. In actual use, it is simplest 383132451Srobertojust to restart the client in a cron job! 384132451Sroberto 385132451SrobertoIf it needs more than this, then you will need to debug the source seriously. 386132451SrobertoStart by putting an icepack on your head and pouring yourself a large whisky! 387132451SrobertoWhile it is commented, it is not well commented, and much of the code interacts 388132451Srobertoin complex and horrible ways. This isn't so much because it lacks 'structure' 389132451Srobertoas because one part needs to make assumptions about the numerical properties of 390132451Srobertoanother. 391132451Sroberto 392132451SrobertoThe -W option (upper case) will print out a complete trace of everything it 393132451Srobertodoes, and this should be enough to tie down the problem. It does distort the 394132451Srobertotiming a bit, but not usually too badly. However, wading through that amount 395132451Srobertoof gibberish (let alone looking at the source) is not a pleasant task. If you 396132451Srobertoare pretty sure that you have a bug, you may tell the author, and he may ask 397132451Srobertofor a copy of the output - but he will reply rudely if you send thousands of 398132451Srobertolines of tracing to him by Email! 399132451Sroberto 400132451SrobertoNote that there are a fair number of circumstances where its error recovery 401132451Srobertocould be better, but is left as it is to keep the code simple. Most of these 402132451Srobertoshould be pretty rare. 403132451Sroberto 404132451Sroberto 405132451SrobertoChanges in Version 1.2 406132451Sroberto---------------------- 407132451Sroberto 408132451SrobertoThe main change was the addition of the daemon mode for drift correction (i.e. 409132451Srobertothe -x option). The daemon code is complex and has a lot of special-casing for 410132451Srobertostrange circumstances, not all of which are testable in practice. 411132451Sroberto 412132451SrobertoA lot of the code was reordered while doing this. The output was slightly 413132451Srobertodifferent - considerably different with -V. 414132451Sroberto 415132451SrobertoThe error estimation for broadcasts was modified, and should bear more relation 416132451Srobertoto reality. It remains a guess, as there is no way to get decent error error 417132451Srobertoestimates under such circumstances. 418132451Sroberto 419132451SrobertoThe -B option is now in minutes, and has a different permissible range and 420132451Srobertodefault value. 421132451Sroberto 422132451SrobertoThe argument consistency checking for broadcasts was tightened up a bit, and a 423132451Srobertofew other internal checks added. These should not affect any reasonable 424132451Srobertorequirement. 425132451Sroberto 426132451SrobertoA couple of new functions were added to the portability base, but they don't 427132451Srobertouse any non-standard new facilities. However, the specification of the 428132451Srobertofunctions has changed slightly. 429132451Sroberto 430132451Sroberto 431132451SrobertoChanges in Version 1.3 432132451Sroberto---------------------- 433132451Sroberto 434132451SrobertoThe main change was the addition of the restarting facility for daemon mode 435132451Sroberto(i.e. the -f option), which is pretty straightforward. 436132451Sroberto 437132451SrobertoThere were also a lot of minor changes to the paranoia code in daemon mode, to 438132451Srobertotry to separate out the case of a demented server from network and other 439132451Sroberto'ignorable' problems. These are not entirely successful. 440132451Sroberto 441132451Sroberto 442132451SrobertoChanges in Version 1.4 and 1.5 443132451Sroberto------------------------------ 444132451Sroberto 445132451SrobertoThere turned out to be a couple of places where the author misunderstood the 446132451Srobertospecification of NTP, which affect only its use in server mode. The main 447132451Srobertochange is to use stratum 15 instead of stratum 0. 448132451Sroberto 449132451SrobertoAnd there were some more relaxations of the paranoia code, to allow for more 450132451Srobertoerratic servers, plus a kludge to improve restarting in daemon mode after a 451132451Srobertoperiod of down time has unsynchronised the clock. There is also an 452132451Srobertoincompatible change to the debugging options to add a new level - the old -V 453132451Srobertooption is now -W, and -V is an intermediate one for debugging daemon mode - but 454132451Srobertothey are both hacker's facilities, and not for normal use. 455132451Sroberto 456132451SrobertoVersion 1.5 adds some very minor fixes. 457132451Sroberto 458132451Sroberto 459132451SrobertoChanges in Version 1.6 460132451Sroberto---------------------- 461132451Sroberto 462132451SrobertoThe first change is support for multiple server addresses - it uses these in a 463132451Srobertoround-robin fashion. This may be useful when you have access to several 464132451Srobertoservers, all of which are a bit iffy. This means that the restart file format 465132451Srobertois incompatible with msntp 1.5. 466132451Sroberto 467132451SrobertoIt has also been modified to reset itself automatically after detecting an 468132451Srobertoinconsistency in its server's timestamps, because the author got sick of the 469132451Srobertofailures. It writes a comment to syslog (uniquely) in such cases. 470132451Sroberto 471132451SrobertoThe ability to query a daemon save file was added. 472132451Sroberto 473132451SrobertoRelated to the above, the -E argument has been redefined to mean an error bound 474132451Srobertoon various internal times (which is what it had become, anyway) and a -P option 475132451Srobertointroduced to be what the -E argument was documented to be. 476132451Sroberto 477132451SrobertoThe lock and save file handling have been changed to allow defaults to be set 478132451Srobertoat installation time, and to be overridable at run-time. To disable these 479132451Srobertoat either stage, simply set the file names to the null string. 480132451Sroberto 481132451SrobertoAnd there have been the usual changes for portability, as standards have been 482132451Srobertomodified and/or introduced. 483132451Sroberto 484132451Sroberto 485132451SrobertoFuture Versions 486132451Sroberto--------------- 487132451Sroberto 488132451SrobertoThere are unlikely to be any, except probably one to fix bugs in version 1.6. 489132451Sroberto 490132451SrobertoI attempted to put support for intermittent connexions (e.g. dial-up) into the 491132451Srobertodaemon mode, but doing so needs so much code reorganisation that it isn't worth 492132451Srobertoit. What needs doing for that is to separate the socket handling from the 493132451Srobertotimekeeping, so that they can be run asynchronously (either in separate 494132451Srobertoprocesses or threads), and to look up a network name and open a socket only 495132451Srobertowhen prodded (and to close it immediately thereafter). So just running it 496132451Srobertowith the -r option is the current best solution. 497132451Sroberto 498132451SrobertoI also attempted to put support for the "Unix 2000" interfaces into the code. 499132451SrobertoHa, ha. Not merely do very few systems define socklen_t (needed for IPv6 500132451Srobertosupport), but "Unix 2000" neither addresses the leap second problem nor even 501132451Srobertoprovides an adjtime replacement! Some function like the latter is critical, 502132451Srobertonot so much because of the gradual change, but because of its atomicity; 503132451Srobertowithout it, msntp really needs to be made non-interruptible, and that brings in 504132451Srobertoa ghastly number of system-dependencies. 505132451Sroberto 506132451SrobertoRealistically, it needs a complete rewrite before adding any more function. 507132451SrobertoAnd, worse, the Unix 'standards' need fixing, too. 508132451Sroberto 509132451Sroberto 510132451Sroberto 511132451SrobertoMiscellaneous 512132451Sroberto------------- 513132451Sroberto 514132451SrobertoThanks are due to Douglas M. Wells of Connection Technologies for helping the 515132451Srobertoauthor with several IP-related conventions, to Sam Nelson of Stirling 516132451SrobertoUniversity for testing it on some very strange systems, and to David Mills for 517132451Srobertoclarifying what the NTP specification really is. 518132451Sroberto 519132451SrobertoThanks are also due to several other people with locating bugs, finding 520132451Srobertoappropriate options for the Makefile and passing on extension code and 521132451Srobertosuggestions. As I am sure to leave someone out, I shall not name anyone else. 522132451Sroberto 523132451SrobertoVersion 1.0 - October 1996. 524132451SrobertoVersion 1.1 - November 1996 - mainly portability improvements. 525132451SrobertoVersion 1.2 - January 1997 - mainly drift handling, but much reorganisation. 526132451SrobertoVersion 1.3 - February 1997 - daemon save file, and some robustness changes. 527132451SrobertoVersion 1.4 - May 1997 - relatively minor fixes, more diagnostic levels etc. 528132451SrobertoVersion 1.5 - December 1997 - some very minor fixes 529132451SrobertoVersion 1.6 - October 2000 - quite a few miscellaneous changes 530132451Sroberto 531132451Sroberto 532132451SrobertoNick Maclaren, 533132451SrobertoUniversity of Cambridge Computer Laboratory, 534132451SrobertoNew Museums Site, Pembroke Street, Cambridge CB2 3QG, England. 535132451SrobertoEmail: nmm1@cam.ac.uk 536132451SrobertoTel.: +44 1223 334761 Fax: +44 1223 334679 537