summaryrefslogtreecommitdiffstats
path: root/conf.c
diff options
context:
space:
mode:
Diffstat (limited to 'conf.c')
-rw-r--r--conf.c2647
1 files changed, 2647 insertions, 0 deletions
diff --git a/conf.c b/conf.c
new file mode 100644
index 0000000..fa74459
--- /dev/null
+++ b/conf.c
@@ -0,0 +1,2647 @@
+/*
+ chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Richard P. Curnow 1997-2003
+ * Copyright (C) Miroslav Lichvar 2009-2017, 2020
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ **********************************************************************
+
+ =======================================================================
+
+ Module that reads and processes the configuration file.
+ */
+
+#include "config.h"
+
+#include "sysincl.h"
+
+#include "array.h"
+#include "conf.h"
+#include "ntp_sources.h"
+#include "ntp_core.h"
+#include "nts_ke.h"
+#include "refclock.h"
+#include "cmdmon.h"
+#include "socket.h"
+#include "srcparams.h"
+#include "logging.h"
+#include "nameserv.h"
+#include "memory.h"
+#include "cmdparse.h"
+#include "util.h"
+
+/* ================================================== */
+
+#define MAX_LINE_LENGTH 2048
+#define MAX_CONF_DIRS 10
+#define MAX_INCLUDE_LEVEL 10
+
+/* ================================================== */
+/* Forward prototypes */
+
+static int parse_string(char *line, char **result);
+static int parse_int(char *line, int *result);
+static int parse_double(char *line, double *result);
+static int parse_null(char *line);
+
+static void parse_allow_deny(char *line, ARR_Instance restrictions, int allow);
+static void parse_authselectmode(char *);
+static void parse_bindacqaddress(char *);
+static void parse_bindaddress(char *);
+static void parse_bindcmdaddress(char *);
+static void parse_broadcast(char *);
+static void parse_clientloglimit(char *);
+static void parse_confdir(char *);
+static void parse_fallbackdrift(char *);
+static void parse_hwtimestamp(char *);
+static void parse_include(char *);
+static void parse_initstepslew(char *);
+static void parse_leapsecmode(char *);
+static void parse_local(char *);
+static void parse_log(char *);
+static void parse_mailonchange(char *);
+static void parse_makestep(char *);
+static void parse_maxchange(char *);
+static void parse_ntsserver(char *, ARR_Instance files);
+static void parse_ntstrustedcerts(char *);
+static void parse_ratelimit(char *line, int *enabled, int *interval,
+ int *burst, int *leak);
+static void parse_refclock(char *);
+static void parse_smoothtime(char *);
+static void parse_source(char *line, char *type, int fatal);
+static void parse_sourcedir(char *);
+static void parse_tempcomp(char *);
+
+/* ================================================== */
+/* Configuration variables */
+
+static int print_config = 0;
+static int restarted = 0;
+static char *rtc_device;
+static int acquisition_port = -1;
+static int ntp_port = NTP_PORT;
+static char *keys_file = NULL;
+static char *drift_file = NULL;
+static char *rtc_file = NULL;
+static double max_update_skew = 1000.0;
+static double correction_time_ratio = 3.0;
+static double max_clock_error = 1.0; /* in ppm */
+static double max_drift = 500000.0; /* in ppm */
+static double max_slew_rate = 1e6 / 12.0; /* in ppm */
+static double clock_precision = 0.0; /* in seconds */
+
+static SRC_AuthSelectMode authselect_mode = SRC_AUTHSELECT_MIX;
+static double max_distance = 3.0;
+static double max_jitter = 1.0;
+static double reselect_distance = 1e-4;
+static double stratum_weight = 1e-3;
+static double combine_limit = 3.0;
+
+static int cmd_port = DEFAULT_CANDM_PORT;
+
+static int raw_measurements = 0;
+static int do_log_measurements = 0;
+static int do_log_selection = 0;
+static int do_log_statistics = 0;
+static int do_log_tracking = 0;
+static int do_log_rtc = 0;
+static int do_log_refclocks = 0;
+static int do_log_tempcomp = 0;
+static int log_banner = 32;
+static char *logdir = NULL;
+static char *dumpdir = NULL;
+
+static int enable_local=0;
+static int local_stratum;
+static int local_orphan;
+static double local_distance;
+
+/* Threshold (in seconds) - if absolute value of initial error is less
+ than this, slew instead of stepping */
+static double init_slew_threshold;
+/* Array of IPAddr */
+static ARR_Instance init_sources;
+
+static int enable_manual=0;
+
+/* Flag set if the RTC runs UTC (default is it runs local time
+ incl. daylight saving). */
+static int rtc_on_utc = 0;
+
+/* Filename used to read the hwclock(8) LOCAL/UTC setting */
+static char *hwclock_file;
+
+/* Flag set if the RTC should be automatically synchronised by kernel */
+static int rtc_sync = 0;
+
+/* Limit and threshold for clock stepping */
+static int make_step_limit = 0;
+static double make_step_threshold = 0.0;
+
+/* Threshold for automatic RTC trimming */
+static double rtc_autotrim_threshold = 0.0;
+
+/* Minimum number of selectables sources required to update the clock */
+static int min_sources = 1;
+
+/* Number of updates before offset checking, number of ignored updates
+ before exiting and the maximum allowed offset */
+static int max_offset_delay = -1;
+static int max_offset_ignore;
+static double max_offset;
+
+/* Maximum and minimum number of samples per source */
+static int max_samples = 0; /* no limit */
+static int min_samples = 6;
+
+/* Threshold for a time adjustment to be logged to syslog */
+static double log_change_threshold = 1.0;
+
+static char *mail_user_on_change = NULL;
+static double mail_change_threshold = 0.0;
+
+/* Flag indicating that we don't want to log clients, e.g. to save
+ memory */
+static int no_client_log = 0;
+
+/* Limit memory allocated for the clients log */
+static unsigned long client_log_limit = 524288;
+
+/* Minimum and maximum fallback drift intervals */
+static int fb_drift_min = 0;
+static int fb_drift_max = 0;
+
+/* IP addresses for binding the NTP server sockets to. UNSPEC family means
+ INADDR_ANY will be used */
+static IPAddr bind_address4, bind_address6;
+
+/* IP addresses for binding the NTP client sockets to. UNSPEC family means
+ INADDR_ANY will be used */
+static IPAddr bind_acq_address4, bind_acq_address6;
+
+/* IP addresses for binding the command socket to. UNSPEC family means
+ the loopback address will be used */
+static IPAddr bind_cmd_address4, bind_cmd_address6;
+
+/* Interface names to bind the NTP server, NTP client, and command socket */
+static char *bind_ntp_iface = NULL;
+static char *bind_acq_iface = NULL;
+static char *bind_cmd_iface = NULL;
+
+/* Path to the Unix domain command socket. */
+static char *bind_cmd_path = NULL;
+
+/* Differentiated Services Code Point (DSCP) in transmitted NTP packets */
+static int ntp_dscp = 0;
+
+/* Path to Samba (ntp_signd) socket. */
+static char *ntp_signd_socket = NULL;
+
+/* Filename to use for storing pid of running chronyd, to prevent multiple
+ * chronyds being started. */
+static char *pidfile = NULL;
+
+/* Rate limiting parameters */
+static int ntp_ratelimit_enabled = 0;
+static int ntp_ratelimit_interval = 3;
+static int ntp_ratelimit_burst = 8;
+static int ntp_ratelimit_leak = 2;
+static int nts_ratelimit_enabled = 0;
+static int nts_ratelimit_interval = 6;
+static int nts_ratelimit_burst = 8;
+static int nts_ratelimit_leak = 2;
+static int cmd_ratelimit_enabled = 0;
+static int cmd_ratelimit_interval = -4;
+static int cmd_ratelimit_burst = 8;
+static int cmd_ratelimit_leak = 2;
+
+/* Smoothing constants */
+static double smooth_max_freq = 0.0; /* in ppm */
+static double smooth_max_wander = 0.0; /* in ppm/s */
+static int smooth_leap_only = 0;
+
+/* Temperature sensor, update interval and compensation coefficients */
+static char *tempcomp_sensor_file = NULL;
+static char *tempcomp_point_file = NULL;
+static double tempcomp_interval;
+static double tempcomp_T0, tempcomp_k0, tempcomp_k1, tempcomp_k2;
+
+static int sched_priority = 0;
+static int lock_memory = 0;
+
+/* Leap second handling mode */
+static REF_LeapMode leapsec_mode = REF_LeapModeSystem;
+
+/* Name of a system timezone containing leap seconds occuring at midnight */
+static char *leapsec_tz = NULL;
+
+/* Name of the user to which will be dropped root privileges. */
+static char *user;
+
+/* Address refresh interval */
+static int refresh = 1209600; /* 2 weeks */
+
+/* NTS server and client configuration */
+static char *nts_dump_dir = NULL;
+static char *nts_ntp_server = NULL;
+static ARR_Instance nts_server_cert_files; /* array of (char *) */
+static ARR_Instance nts_server_key_files; /* array of (char *) */
+static int nts_server_port = NKE_PORT;
+static int nts_server_processes = 1;
+static int nts_server_connections = 100;
+static int nts_refresh = 2419200; /* 4 weeks */
+static int nts_rotate = 604800; /* 1 week */
+static ARR_Instance nts_trusted_certs_paths; /* array of (char *) */
+static ARR_Instance nts_trusted_certs_ids; /* array of uint32_t */
+
+/* Number of clock updates needed to enable certificate time checks */
+static int no_cert_time_check = 0;
+
+/* Flag disabling use of system trusted certificates */
+static int no_system_cert = 0;
+
+/* Array of CNF_HwTsInterface */
+static ARR_Instance hwts_interfaces;
+
+/* Timeout for resuming reading from sockets waiting for HW TX timestamp */
+static double hwts_timeout = 0.001;
+
+/* PTP event port (disabled by default) */
+static int ptp_port = 0;
+
+typedef struct {
+ NTP_Source_Type type;
+ int pool;
+ CPS_NTP_Source params;
+} NTP_Source;
+
+/* Array of NTP_Source */
+static ARR_Instance ntp_sources;
+/* Array of (char *) */
+static ARR_Instance ntp_source_dirs;
+/* Array of uint32_t corresponding to ntp_sources (for sourcedirs reload) */
+static ARR_Instance ntp_source_ids;
+
+/* Array of RefclockParameters */
+static ARR_Instance refclock_sources;
+
+typedef struct _AllowDeny {
+ IPAddr ip;
+ int subnet_bits;
+ int all; /* 1 to override existing more specific defns */
+ int allow; /* 0 for deny, 1 for allow */
+} AllowDeny;
+
+/* Arrays of AllowDeny */
+static ARR_Instance ntp_restrictions;
+static ARR_Instance cmd_restrictions;
+
+typedef struct {
+ NTP_Remote_Address addr;
+ int interval;
+} NTP_Broadcast_Destination;
+
+/* Array of NTP_Broadcast_Destination */
+static ARR_Instance broadcasts;
+
+/* ================================================== */
+
+/* The line number in the configuration file being processed */
+static int line_number;
+static const char *processed_file;
+static const char *processed_command;
+
+static int include_level = 0;
+
+/* ================================================== */
+
+static void
+command_parse_error(void)
+{
+ LOG_FATAL("Could not parse %s directive at line %d%s%s",
+ processed_command, line_number, processed_file ? " in file " : "",
+ processed_file ? processed_file : "");
+}
+
+/* ================================================== */
+
+static void
+other_parse_error(const char *message)
+{
+ LOG_FATAL("%s at line %d%s%s",
+ message, line_number, processed_file ? " in file " : "",
+ processed_file ? processed_file : "");
+}
+
+/* ================================================== */
+
+static int
+get_number_of_args(char *line)
+{
+ int num = 0;
+
+ /* The line is normalized, between arguments is just one space */
+ if (*line == ' ')
+ line++;
+ if (*line)
+ num++;
+ for (; *line; line++) {
+ if (*line == ' ')
+ num++;
+ }
+
+ return num;
+}
+
+/* ================================================== */
+
+static void
+check_number_of_args(char *line, int num)
+{
+ num -= get_number_of_args(line);
+
+ if (num) {
+ LOG_FATAL("%s arguments for %s directive at line %d%s%s",
+ num > 0 ? "Missing" : "Too many",
+ processed_command, line_number, processed_file ? " in file " : "",
+ processed_file ? processed_file : "");
+ }
+}
+
+/* ================================================== */
+
+void
+CNF_Initialise(int r, int client_only)
+{
+ restarted = r;
+
+ hwts_interfaces = ARR_CreateInstance(sizeof (CNF_HwTsInterface));
+
+ init_sources = ARR_CreateInstance(sizeof (IPAddr));
+ ntp_sources = ARR_CreateInstance(sizeof (NTP_Source));
+ ntp_source_dirs = ARR_CreateInstance(sizeof (char *));
+ ntp_source_ids = ARR_CreateInstance(sizeof (uint32_t));
+ refclock_sources = ARR_CreateInstance(sizeof (RefclockParameters));
+ broadcasts = ARR_CreateInstance(sizeof (NTP_Broadcast_Destination));
+
+ ntp_restrictions = ARR_CreateInstance(sizeof (AllowDeny));
+ cmd_restrictions = ARR_CreateInstance(sizeof (AllowDeny));
+
+ nts_server_cert_files = ARR_CreateInstance(sizeof (char *));
+ nts_server_key_files = ARR_CreateInstance(sizeof (char *));
+ nts_trusted_certs_paths = ARR_CreateInstance(sizeof (char *));
+ nts_trusted_certs_ids = ARR_CreateInstance(sizeof (uint32_t));
+
+ rtc_device = Strdup(DEFAULT_RTC_DEVICE);
+ hwclock_file = Strdup(DEFAULT_HWCLOCK_FILE);
+ user = Strdup(DEFAULT_USER);
+
+ if (client_only) {
+ cmd_port = ntp_port = 0;
+ } else {
+ bind_cmd_path = Strdup(DEFAULT_COMMAND_SOCKET);
+ pidfile = Strdup(DEFAULT_PID_FILE);
+ }
+
+ SCK_GetAnyLocalIPAddress(IPADDR_INET4, &bind_address4);
+ SCK_GetAnyLocalIPAddress(IPADDR_INET6, &bind_address6);
+ SCK_GetAnyLocalIPAddress(IPADDR_INET4, &bind_acq_address4);
+ SCK_GetAnyLocalIPAddress(IPADDR_INET6, &bind_acq_address6);
+ SCK_GetLoopbackIPAddress(IPADDR_INET4, &bind_cmd_address4);
+ SCK_GetLoopbackIPAddress(IPADDR_INET6, &bind_cmd_address6);
+}
+
+/* ================================================== */
+
+void
+CNF_Finalise(void)
+{
+ unsigned int i;
+
+ for (i = 0; i < ARR_GetSize(hwts_interfaces); i++)
+ Free(((CNF_HwTsInterface *)ARR_GetElement(hwts_interfaces, i))->name);
+ ARR_DestroyInstance(hwts_interfaces);
+
+ for (i = 0; i < ARR_GetSize(ntp_sources); i++)
+ Free(((NTP_Source *)ARR_GetElement(ntp_sources, i))->params.name);
+ for (i = 0; i < ARR_GetSize(ntp_source_dirs); i++)
+ Free(*(char **)ARR_GetElement(ntp_source_dirs, i));
+ for (i = 0; i < ARR_GetSize(refclock_sources); i++) {
+ Free(((RefclockParameters *)ARR_GetElement(refclock_sources, i))->driver_name);
+ Free(((RefclockParameters *)ARR_GetElement(refclock_sources, i))->driver_parameter);
+ }
+ for (i = 0; i < ARR_GetSize(nts_server_cert_files); i++)
+ Free(*(char **)ARR_GetElement(nts_server_cert_files, i));
+ for (i = 0; i < ARR_GetSize(nts_server_key_files); i++)
+ Free(*(char **)ARR_GetElement(nts_server_key_files, i));
+ for (i = 0; i < ARR_GetSize(nts_trusted_certs_paths); i++)
+ Free(*(char **)ARR_GetElement(nts_trusted_certs_paths, i));
+
+ ARR_DestroyInstance(init_sources);
+ ARR_DestroyInstance(ntp_sources);
+ ARR_DestroyInstance(ntp_source_dirs);
+ ARR_DestroyInstance(ntp_source_ids);
+ ARR_DestroyInstance(refclock_sources);
+ ARR_DestroyInstance(broadcasts);
+
+ ARR_DestroyInstance(ntp_restrictions);
+ ARR_DestroyInstance(cmd_restrictions);
+
+ ARR_DestroyInstance(nts_server_cert_files);
+ ARR_DestroyInstance(nts_server_key_files);
+ ARR_DestroyInstance(nts_trusted_certs_paths);
+ ARR_DestroyInstance(nts_trusted_certs_ids);
+
+ Free(drift_file);
+ Free(dumpdir);
+ Free(hwclock_file);
+ Free(keys_file);
+ Free(leapsec_tz);
+ Free(logdir);
+ Free(bind_ntp_iface);
+ Free(bind_acq_iface);
+ Free(bind_cmd_iface);
+ Free(bind_cmd_path);
+ Free(ntp_signd_socket);
+ Free(pidfile);
+ Free(rtc_device);
+ Free(rtc_file);
+ Free(user);
+ Free(mail_user_on_change);
+ Free(tempcomp_sensor_file);
+ Free(tempcomp_point_file);
+ Free(nts_dump_dir);
+ Free(nts_ntp_server);
+}
+
+/* ================================================== */
+
+void
+CNF_EnablePrint(void)
+{
+ print_config = 1;
+}
+
+/* ================================================== */
+
+/* Read the configuration file */
+void
+CNF_ReadFile(const char *filename)
+{
+ FILE *in;
+ char line[MAX_LINE_LENGTH + 1];
+ int i;
+
+ include_level++;
+ if (include_level > MAX_INCLUDE_LEVEL)
+ LOG_FATAL("Maximum include level reached");
+
+ in = UTI_OpenFile(NULL, filename, NULL, 'R', 0);
+
+ for (i = 1; fgets(line, sizeof(line), in); i++) {
+ CNF_ParseLine(filename, i, line);
+ }
+
+ fclose(in);
+
+ include_level--;
+}
+
+/* ================================================== */
+
+/* Parse one configuration line */
+void
+CNF_ParseLine(const char *filename, int number, char *line)
+{
+ char *p, *command;
+
+ /* Set global variables used in error messages */
+ processed_file = filename;
+ line_number = number;
+
+ /* Detect truncated line */
+ if (strlen(line) >= MAX_LINE_LENGTH)
+ other_parse_error("String too long");
+
+ /* Remove extra white-space and comments */
+ CPS_NormalizeLine(line);
+
+ /* Skip blank lines */
+ if (!*line) {
+ processed_file = NULL;
+ return;
+ }
+
+ /* We have a real line, now try to match commands */
+ processed_command = command = line;
+ p = CPS_SplitWord(line);
+
+ if (print_config && strcasecmp(command, "include") && strcasecmp(command, "confdir"))
+ printf("%s%s%s\n", command, p[0] != '\0' ? " " : "", p);
+
+ if (!strcasecmp(command, "acquisitionport")) {
+ parse_int(p, &acquisition_port);
+ } else if (!strcasecmp(command, "allow")) {
+ parse_allow_deny(p, ntp_restrictions, 1);
+ } else if (!strcasecmp(command, "authselectmode")) {
+ parse_authselectmode(p);
+ } else if (!strcasecmp(command, "bindacqaddress")) {
+ parse_bindacqaddress(p);
+ } else if (!strcasecmp(command, "bindacqdevice")) {
+ parse_string(p, &bind_acq_iface);
+ } else if (!strcasecmp(command, "bindaddress")) {
+ parse_bindaddress(p);
+ } else if (!strcasecmp(command, "bindcmdaddress")) {
+ parse_bindcmdaddress(p);
+ } else if (!strcasecmp(command, "bindcmddevice")) {
+ parse_string(p, &bind_cmd_iface);
+ } else if (!strcasecmp(command, "binddevice")) {
+ parse_string(p, &bind_ntp_iface);
+ } else if (!strcasecmp(command, "broadcast")) {
+ parse_broadcast(p);
+ } else if (!strcasecmp(command, "clientloglimit")) {
+ parse_clientloglimit(p);
+ } else if (!strcasecmp(command, "clockprecision")) {
+ parse_double(p, &clock_precision);
+ } else if (!strcasecmp(command, "cmdallow")) {
+ parse_allow_deny(p, cmd_restrictions, 1);
+ } else if (!strcasecmp(command, "cmddeny")) {
+ parse_allow_deny(p, cmd_restrictions, 0);
+ } else if (!strcasecmp(command, "cmdport")) {
+ parse_int(p, &cmd_port);
+ } else if (!strcasecmp(command, "cmdratelimit")) {
+ parse_ratelimit(p, &cmd_ratelimit_enabled, &cmd_ratelimit_interval,
+ &cmd_ratelimit_burst, &cmd_ratelimit_leak);
+ } else if (!strcasecmp(command, "combinelimit")) {
+ parse_double(p, &combine_limit);
+ } else if (!strcasecmp(command, "confdir")) {
+ parse_confdir(p);
+ } else if (!strcasecmp(command, "corrtimeratio")) {
+ parse_double(p, &correction_time_ratio);
+ } else if (!strcasecmp(command, "deny")) {
+ parse_allow_deny(p, ntp_restrictions, 0);
+ } else if (!strcasecmp(command, "driftfile")) {
+ parse_string(p, &drift_file);
+ } else if (!strcasecmp(command, "dscp")) {
+ parse_int(p, &ntp_dscp);
+ } else if (!strcasecmp(command, "dumpdir")) {
+ parse_string(p, &dumpdir);
+ } else if (!strcasecmp(command, "dumponexit")) {
+ /* Silently ignored */
+ } else if (!strcasecmp(command, "fallbackdrift")) {
+ parse_fallbackdrift(p);
+ } else if (!strcasecmp(command, "hwclockfile")) {
+ parse_string(p, &hwclock_file);
+ } else if (!strcasecmp(command, "hwtimestamp")) {
+ parse_hwtimestamp(p);
+ } else if (!strcasecmp(command, "hwtstimeout")) {
+ parse_double(p, &hwts_timeout);
+ } else if (!strcasecmp(command, "include")) {
+ parse_include(p);
+ } else if (!strcasecmp(command, "initstepslew")) {
+ parse_initstepslew(p);
+ } else if (!strcasecmp(command, "keyfile")) {
+ parse_string(p, &keys_file);
+ } else if (!strcasecmp(command, "leapsecmode")) {
+ parse_leapsecmode(p);
+ } else if (!strcasecmp(command, "leapsectz")) {
+ parse_string(p, &leapsec_tz);
+ } else if (!strcasecmp(command, "local")) {
+ parse_local(p);
+ } else if (!strcasecmp(command, "lock_all")) {
+ lock_memory = parse_null(p);
+ } else if (!strcasecmp(command, "log")) {
+ parse_log(p);
+ } else if (!strcasecmp(command, "logbanner")) {
+ parse_int(p, &log_banner);
+ } else if (!strcasecmp(command, "logchange")) {
+ parse_double(p, &log_change_threshold);
+ } else if (!strcasecmp(command, "logdir")) {
+ parse_string(p, &logdir);
+ } else if (!strcasecmp(command, "mailonchange")) {
+ parse_mailonchange(p);
+ } else if (!strcasecmp(command, "makestep")) {
+ parse_makestep(p);
+ } else if (!strcasecmp(command, "manual")) {
+ enable_manual = parse_null(p);
+ } else if (!strcasecmp(command, "maxchange")) {
+ parse_maxchange(p);
+ } else if (!strcasecmp(command, "maxclockerror")) {
+ parse_double(p, &max_clock_error);
+ } else if (!strcasecmp(command, "maxdistance")) {
+ parse_double(p, &max_distance);
+ } else if (!strcasecmp(command, "maxdrift")) {
+ parse_double(p, &max_drift);
+ } else if (!strcasecmp(command, "maxjitter")) {
+ parse_double(p, &max_jitter);
+ } else if (!strcasecmp(command, "maxntsconnections")) {
+ parse_int(p, &nts_server_connections);
+ } else if (!strcasecmp(command, "maxsamples")) {
+ parse_int(p, &max_samples);
+ } else if (!strcasecmp(command, "maxslewrate")) {
+ parse_double(p, &max_slew_rate);
+ } else if (!strcasecmp(command, "maxupdateskew")) {
+ parse_double(p, &max_update_skew);
+ } else if (!strcasecmp(command, "minsamples")) {
+ parse_int(p, &min_samples);
+ } else if (!strcasecmp(command, "minsources")) {
+ parse_int(p, &min_sources);
+ } else if (!strcasecmp(command, "nocerttimecheck")) {
+ parse_int(p, &no_cert_time_check);
+ } else if (!strcasecmp(command, "noclientlog")) {
+ no_client_log = parse_null(p);
+ } else if (!strcasecmp(command, "nosystemcert")) {
+ no_system_cert = parse_null(p);
+ } else if (!strcasecmp(command, "ntpsigndsocket")) {
+ parse_string(p, &ntp_signd_socket);
+ } else if (!strcasecmp(command, "ntsratelimit")) {
+ parse_ratelimit(p, &nts_ratelimit_enabled, &nts_ratelimit_interval,
+ &nts_ratelimit_burst, &nts_ratelimit_leak);
+ } else if (!strcasecmp(command, "ntscachedir") ||
+ !strcasecmp(command, "ntsdumpdir")) {
+ parse_string(p, &nts_dump_dir);
+ } else if (!strcasecmp(command, "ntsntpserver")) {
+ parse_string(p, &nts_ntp_server);
+ } else if (!strcasecmp(command, "ntsport")) {
+ parse_int(p, &nts_server_port);
+ } else if (!strcasecmp(command, "ntsprocesses")) {
+ parse_int(p, &nts_server_processes);
+ } else if (!strcasecmp(command, "ntsrefresh")) {
+ parse_int(p, &nts_refresh);
+ } else if (!strcasecmp(command, "ntsrotate")) {
+ parse_int(p, &nts_rotate);
+ } else if (!strcasecmp(command, "ntsservercert")) {
+ parse_ntsserver(p, nts_server_cert_files);
+ } else if (!strcasecmp(command, "ntsserverkey")) {
+ parse_ntsserver(p, nts_server_key_files);
+ } else if (!strcasecmp(command, "ntstrustedcerts")) {
+ parse_ntstrustedcerts(p);
+ } else if (!strcasecmp(command, "peer")) {
+ parse_source(p, command, 1);
+ } else if (!strcasecmp(command, "pidfile")) {
+ parse_string(p, &pidfile);
+ } else if (!strcasecmp(command, "pool")) {
+ parse_source(p, command, 1);
+ } else if (!strcasecmp(command, "port")) {
+ parse_int(p, &ntp_port);
+ } else if (!strcasecmp(command, "ptpport")) {
+ parse_int(p, &ptp_port);
+ } else if (!strcasecmp(command, "ratelimit")) {
+ parse_ratelimit(p, &ntp_ratelimit_enabled, &ntp_ratelimit_interval,
+ &ntp_ratelimit_burst, &ntp_ratelimit_leak);
+ } else if (!strcasecmp(command, "refclock")) {
+ parse_refclock(p);
+ } else if (!strcasecmp(command, "refresh")) {
+ parse_int(p, &refresh);
+ } else if (!strcasecmp(command, "reselectdist")) {
+ parse_double(p, &reselect_distance);
+ } else if (!strcasecmp(command, "rtcautotrim")) {
+ parse_double(p, &rtc_autotrim_threshold);
+ } else if (!strcasecmp(command, "rtcdevice")) {
+ parse_string(p, &rtc_device);
+ } else if (!strcasecmp(command, "rtcfile")) {
+ parse_string(p, &rtc_file);
+ } else if (!strcasecmp(command, "rtconutc")) {
+ rtc_on_utc = parse_null(p);
+ } else if (!strcasecmp(command, "rtcsync")) {
+ rtc_sync = parse_null(p);
+ } else if (!strcasecmp(command, "sched_priority")) {
+ parse_int(p, &sched_priority);
+ } else if (!strcasecmp(command, "server")) {
+ parse_source(p, command, 1);
+ } else if (!strcasecmp(command, "smoothtime")) {
+ parse_smoothtime(p);
+ } else if (!strcasecmp(command, "sourcedir")) {
+ parse_sourcedir(p);
+ } else if (!strcasecmp(command, "stratumweight")) {
+ parse_double(p, &stratum_weight);
+ } else if (!strcasecmp(command, "tempcomp")) {
+ parse_tempcomp(p);
+ } else if (!strcasecmp(command, "user")) {
+ parse_string(p, &user);
+ } else if (!strcasecmp(command, "commandkey") ||
+ !strcasecmp(command, "generatecommandkey") ||
+ !strcasecmp(command, "linux_freq_scale") ||
+ !strcasecmp(command, "linux_hz")) {
+ LOG(LOGS_WARN, "%s directive is no longer supported", command);
+ } else {
+ other_parse_error("Invalid directive");
+ }
+
+ processed_file = processed_command = NULL;
+}
+
+/* ================================================== */
+
+static int
+parse_string(char *line, char **result)
+{
+ check_number_of_args(line, 1);
+ Free(*result);
+ *result = Strdup(line);
+ return 1;
+}
+
+/* ================================================== */
+
+static int
+parse_int(char *line, int *result)
+{
+ check_number_of_args(line, 1);
+ if (sscanf(line, "%d", result) != 1) {
+ command_parse_error();
+ return 0;
+ }
+ return 1;
+}
+
+/* ================================================== */
+
+static int
+parse_double(char *line, double *result)
+{
+ check_number_of_args(line, 1);
+ if (sscanf(line, "%lf", result) != 1) {
+ command_parse_error();
+ return 0;
+ }
+ return 1;
+}
+
+/* ================================================== */
+
+static int
+parse_null(char *line)
+{
+ check_number_of_args(line, 0);
+ return 1;
+}
+
+/* ================================================== */
+
+static void
+parse_source(char *line, char *type, int fatal)
+{
+ NTP_Source source;
+
+ if (strcasecmp(type, "peer") == 0) {
+ source.type = NTP_PEER;
+ source.pool = 0;
+ } else if (strcasecmp(type, "pool") == 0) {
+ source.type = NTP_SERVER;
+ source.pool = 1;
+ } else if (strcasecmp(type, "server") == 0) {
+ source.type = NTP_SERVER;
+ source.pool = 0;
+ } else {
+ if (fatal)
+ command_parse_error();
+ return;
+ }
+
+ /* Avoid comparing uninitialized data in compare_sources() */
+ memset(&source.params, 0, sizeof (source.params));
+
+ if (!CPS_ParseNTPSourceAdd(line, &source.params)) {
+ if (fatal)
+ command_parse_error();
+ return;
+ }
+
+ source.params.name = Strdup(source.params.name);
+ ARR_AppendElement(ntp_sources, &source);
+}
+
+/* ================================================== */
+
+static void
+parse_sourcedir(char *line)
+{
+ char *s;
+
+ s = Strdup(line);
+ ARR_AppendElement(ntp_source_dirs, &s);
+}
+
+/* ================================================== */
+
+static void
+parse_ratelimit(char *line, int *enabled, int *interval, int *burst, int *leak)
+{
+ int n, val;
+ char *opt;
+
+ *enabled = 1;
+
+ while (*line) {
+ opt = line;
+ line = CPS_SplitWord(line);
+ if (sscanf(line, "%d%n", &val, &n) != 1) {
+ command_parse_error();
+ return;
+ }
+ line += n;
+ if (!strcasecmp(opt, "interval"))
+ *interval = val;
+ else if (!strcasecmp(opt, "burst"))
+ *burst = val;
+ else if (!strcasecmp(opt, "leak"))
+ *leak = val;
+ else
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_refclock(char *line)
+{
+ int n, poll, dpoll, filter_length, pps_rate, min_samples, max_samples, sel_options;
+ int local, max_lock_age, pps_forced, sel_option, stratum, tai;
+ uint32_t ref_id, lock_ref_id;
+ double offset, delay, precision, max_dispersion, pulse_width;
+ char *p, *cmd, *name, *param;
+ RefclockParameters *refclock;
+
+ poll = 4;
+ dpoll = 0;
+ filter_length = 64;
+ local = 0;
+ pps_forced = 0;
+ pps_rate = 0;
+ min_samples = SRC_DEFAULT_MINSAMPLES;
+ max_samples = SRC_DEFAULT_MAXSAMPLES;
+ sel_options = 0;
+ offset = 0.0;
+ delay = 1e-9;
+ precision = 0.0;
+ max_dispersion = 0.0;
+ pulse_width = 0.0;
+ ref_id = 0;
+ max_lock_age = 2;
+ lock_ref_id = 0;
+ stratum = 0;
+ tai = 0;
+
+ if (!*line) {
+ command_parse_error();
+ return;
+ }
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ if (!*line) {
+ command_parse_error();
+ return;
+ }
+
+ name = Strdup(p);
+
+ p = line;
+ line = CPS_SplitWord(line);
+ param = Strdup(p);
+
+ for (cmd = line; *cmd; line += n, cmd = line) {
+ line = CPS_SplitWord(line);
+
+ if (!strcasecmp(cmd, "refid")) {
+ if ((n = CPS_ParseRefid(line, &ref_id)) == 0)
+ break;
+ } else if (!strcasecmp(cmd, "lock")) {
+ if ((n = CPS_ParseRefid(line, &lock_ref_id)) == 0)
+ break;
+ } else if (!strcasecmp(cmd, "poll")) {
+ if (sscanf(line, "%d%n", &poll, &n) != 1) {
+ break;
+ }
+ } else if (!strcasecmp(cmd, "dpoll")) {
+ if (sscanf(line, "%d%n", &dpoll, &n) != 1) {
+ break;
+ }
+ } else if (!strcasecmp(cmd, "filter")) {
+ if (sscanf(line, "%d%n", &filter_length, &n) != 1) {
+ break;
+ }
+ } else if (!strcasecmp(cmd, "local")) {
+ n = 0;
+ local = 1;
+ } else if (!strcasecmp(cmd, "rate")) {
+ if (sscanf(line, "%d%n", &pps_rate, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "minsamples")) {
+ if (sscanf(line, "%d%n", &min_samples, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "maxlockage")) {
+ if (sscanf(line, "%d%n", &max_lock_age, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "maxsamples")) {
+ if (sscanf(line, "%d%n", &max_samples, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "offset")) {
+ if (sscanf(line, "%lf%n", &offset, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "delay")) {
+ if (sscanf(line, "%lf%n", &delay, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "pps")) {
+ n = 0;
+ pps_forced = 1;
+ } else if (!strcasecmp(cmd, "precision")) {
+ if (sscanf(line, "%lf%n", &precision, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "maxdispersion")) {
+ if (sscanf(line, "%lf%n", &max_dispersion, &n) != 1)
+ break;
+ } else if (!strcasecmp(cmd, "stratum")) {
+ if (sscanf(line, "%d%n", &stratum, &n) != 1 ||
+ stratum >= NTP_MAX_STRATUM || stratum < 0)
+ break;
+ } else if (!strcasecmp(cmd, "tai")) {
+ n = 0;
+ tai = 1;
+ } else if (!strcasecmp(cmd, "width")) {
+ if (sscanf(line, "%lf%n", &pulse_width, &n) != 1)
+ break;
+ } else if ((sel_option = CPS_GetSelectOption(cmd)) != 0) {
+ n = 0;
+ sel_options |= sel_option;
+ } else {
+ other_parse_error("Invalid refclock option");
+ return;
+ }
+ }
+
+ if (*cmd) {
+ command_parse_error();
+ return;
+ }
+
+ refclock = (RefclockParameters *)ARR_GetNewElement(refclock_sources);
+ refclock->driver_name = name;
+ refclock->driver_parameter = param;
+ refclock->driver_poll = dpoll;
+ refclock->poll = poll;
+ refclock->filter_length = filter_length;
+ refclock->local = local;
+ refclock->pps_forced = pps_forced;
+ refclock->pps_rate = pps_rate;
+ refclock->min_samples = min_samples;
+ refclock->max_samples = max_samples;
+ refclock->sel_options = sel_options;
+ refclock->stratum = stratum;
+ refclock->tai = tai;
+ refclock->offset = offset;
+ refclock->delay = delay;
+ refclock->precision = precision;
+ refclock->max_dispersion = max_dispersion;
+ refclock->pulse_width = pulse_width;
+ refclock->ref_id = ref_id;
+ refclock->max_lock_age = max_lock_age;
+ refclock->lock_ref_id = lock_ref_id;
+}
+
+/* ================================================== */
+
+static void
+parse_log(char *line)
+{
+ char *log_name;
+ do {
+ log_name = line;
+ line = CPS_SplitWord(line);
+ if (*log_name) {
+ if (!strcmp(log_name, "rawmeasurements")) {
+ do_log_measurements = 1;
+ raw_measurements = 1;
+ } else if (!strcmp(log_name, "measurements")) {
+ do_log_measurements = 1;
+ } else if (!strcmp(log_name, "selection")) {
+ do_log_selection = 1;
+ } else if (!strcmp(log_name, "statistics")) {
+ do_log_statistics = 1;
+ } else if (!strcmp(log_name, "tracking")) {
+ do_log_tracking = 1;
+ } else if (!strcmp(log_name, "rtc")) {
+ do_log_rtc = 1;
+ } else if (!strcmp(log_name, "refclocks")) {
+ do_log_refclocks = 1;
+ } else if (!strcmp(log_name, "tempcomp")) {
+ do_log_tempcomp = 1;
+ } else {
+ other_parse_error("Invalid log parameter");
+ break;
+ }
+ } else {
+ break;
+ }
+ } while (1);
+}
+
+/* ================================================== */
+
+static void
+parse_local(char *line)
+{
+ if (!CPS_ParseLocal(line, &local_stratum, &local_orphan, &local_distance))
+ command_parse_error();
+ enable_local = 1;
+}
+
+/* ================================================== */
+
+static void
+parse_initstepslew(char *line)
+{
+ char *p, *hostname;
+ IPAddr ip_addr;
+
+ /* Ignore the line if chronyd was started with -R. */
+ if (restarted) {
+ return;
+ }
+
+ ARR_SetSize(init_sources, 0);
+ p = CPS_SplitWord(line);
+
+ if (sscanf(line, "%lf", &init_slew_threshold) != 1) {
+ command_parse_error();
+ return;
+ }
+
+ while (*p) {
+ hostname = p;
+ p = CPS_SplitWord(p);
+ if (*hostname) {
+ if (DNS_Name2IPAddress(hostname, &ip_addr, 1) == DNS_Success) {
+ ARR_AppendElement(init_sources, &ip_addr);
+ } else {
+ LOG(LOGS_WARN, "Could not resolve address of initstepslew server %s", hostname);
+ }
+ }
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_leapsecmode(char *line)
+{
+ if (!strcasecmp(line, "system"))
+ leapsec_mode = REF_LeapModeSystem;
+ else if (!strcasecmp(line, "slew"))
+ leapsec_mode = REF_LeapModeSlew;
+ else if (!strcasecmp(line, "step"))
+ leapsec_mode = REF_LeapModeStep;
+ else if (!strcasecmp(line, "ignore"))
+ leapsec_mode = REF_LeapModeIgnore;
+ else
+ command_parse_error();
+}
+
+/* ================================================== */
+
+static void
+parse_clientloglimit(char *line)
+{
+ check_number_of_args(line, 1);
+ if (sscanf(line, "%lu", &client_log_limit) != 1) {
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_fallbackdrift(char *line)
+{
+ check_number_of_args(line, 2);
+ if (sscanf(line, "%d %d", &fb_drift_min, &fb_drift_max) != 2) {
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_makestep(char *line)
+{
+ check_number_of_args(line, 2);
+ if (sscanf(line, "%lf %d", &make_step_threshold, &make_step_limit) != 2) {
+ make_step_limit = 0;
+ command_parse_error();
+ }
+
+ /* Disable limited makestep if chronyd was started with -R. */
+ if (restarted && make_step_limit > 0) {
+ make_step_limit = 0;
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_maxchange(char *line)
+{
+ check_number_of_args(line, 3);
+ if (sscanf(line, "%lf %d %d", &max_offset, &max_offset_delay, &max_offset_ignore) != 3) {
+ max_offset_delay = -1;
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_mailonchange(char *line)
+{
+ char *address;
+ check_number_of_args(line, 2);
+ address = line;
+ line = CPS_SplitWord(line);
+ Free(mail_user_on_change);
+ if (sscanf(line, "%lf", &mail_change_threshold) == 1) {
+ mail_user_on_change = Strdup(address);
+ } else {
+ mail_user_on_change = NULL;
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_ntsserver(char *line, ARR_Instance files)
+{
+ char *file = NULL;
+
+ parse_string(line, &file);
+ ARR_AppendElement(files, &file);
+}
+
+/* ================================================== */
+
+static void
+parse_ntstrustedcerts(char *line)
+{
+ uint32_t id;
+ char *path;
+
+ if (get_number_of_args(line) == 2) {
+ path = CPS_SplitWord(line);
+ if (sscanf(line, "%"SCNu32, &id) != 1)
+ command_parse_error();
+ } else {
+ check_number_of_args(line, 1);
+ path = line;
+ id = 0;
+ }
+
+ path = Strdup(path);
+
+ ARR_AppendElement(nts_trusted_certs_paths, &path);
+ ARR_AppendElement(nts_trusted_certs_ids, &id);
+}
+
+/* ================================================== */
+
+static void
+parse_allow_deny(char *line, ARR_Instance restrictions, int allow)
+{
+ int all, subnet_bits;
+ AllowDeny *node;
+ IPAddr ip;
+
+ if (!CPS_ParseAllowDeny(line, &all, &ip, &subnet_bits))
+ command_parse_error();
+
+ node = ARR_GetNewElement(restrictions);
+ node->allow = allow;
+ node->all = all;
+ node->ip = ip;
+ node->subnet_bits = subnet_bits;
+}
+
+/* ================================================== */
+
+static void
+parse_authselectmode(char *line)
+{
+ if (!strcasecmp(line, "require"))
+ authselect_mode = SRC_AUTHSELECT_REQUIRE;
+ else if (!strcasecmp(line, "prefer"))
+ authselect_mode = SRC_AUTHSELECT_PREFER;
+ else if (!strcasecmp(line, "mix"))
+ authselect_mode = SRC_AUTHSELECT_MIX;
+ else if (!strcasecmp(line, "ignore"))
+ authselect_mode = SRC_AUTHSELECT_IGNORE;
+ else
+ command_parse_error();
+}
+
+/* ================================================== */
+
+static void
+parse_bindacqaddress(char *line)
+{
+ IPAddr ip;
+
+ check_number_of_args(line, 1);
+ if (UTI_StringToIP(line, &ip)) {
+ if (ip.family == IPADDR_INET4)
+ bind_acq_address4 = ip;
+ else if (ip.family == IPADDR_INET6)
+ bind_acq_address6 = ip;
+ } else {
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_bindaddress(char *line)
+{
+ IPAddr ip;
+
+ check_number_of_args(line, 1);
+ if (UTI_StringToIP(line, &ip)) {
+ if (ip.family == IPADDR_INET4)
+ bind_address4 = ip;
+ else if (ip.family == IPADDR_INET6)
+ bind_address6 = ip;
+ } else {
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_bindcmdaddress(char *line)
+{
+ IPAddr ip;
+
+ check_number_of_args(line, 1);
+
+ /* Address starting with / is for the Unix domain socket */
+ if (line[0] == '/') {
+ parse_string(line, &bind_cmd_path);
+ /* / disables the socket */
+ if (strcmp(bind_cmd_path, "/") == 0) {
+ Free(bind_cmd_path);
+ bind_cmd_path = NULL;
+ }
+ } else if (UTI_StringToIP(line, &ip)) {
+ if (ip.family == IPADDR_INET4)
+ bind_cmd_address4 = ip;
+ else if (ip.family == IPADDR_INET6)
+ bind_cmd_address6 = ip;
+ } else {
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+
+static void
+parse_broadcast(char *line)
+{
+ /* Syntax : broadcast <interval> <broadcast-IP-addr> [<port>] */
+ NTP_Broadcast_Destination *destination;
+ int port;
+ int interval;
+ char *p;
+ IPAddr ip;
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ if (sscanf(p, "%d", &interval) != 1) {
+ command_parse_error();
+ return;
+ }
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ if (!UTI_StringToIP(p, &ip)) {
+ command_parse_error();
+ return;
+ }
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ if (*p) {
+ if (sscanf(p, "%d", &port) != 1 || *line) {
+ command_parse_error();
+ return;
+ }
+ } else {
+ /* default port */
+ port = NTP_PORT;
+ }
+
+ destination = (NTP_Broadcast_Destination *)ARR_GetNewElement(broadcasts);
+ destination->addr.ip_addr = ip;
+ destination->addr.port = port;
+ destination->interval = interval;
+}
+
+/* ================================================== */
+
+static void
+parse_smoothtime(char *line)
+{
+ if (get_number_of_args(line) != 3)
+ check_number_of_args(line, 2);
+
+ if (sscanf(line, "%lf %lf", &smooth_max_freq, &smooth_max_wander) != 2) {
+ smooth_max_freq = 0.0;
+ command_parse_error();
+ }
+
+ line = CPS_SplitWord(CPS_SplitWord(line));
+ smooth_leap_only = 0;
+
+ if (*line) {
+ if (!strcasecmp(line, "leaponly"))
+ smooth_leap_only = 1;
+ else
+ command_parse_error();
+ }
+}
+
+/* ================================================== */
+static void
+parse_tempcomp(char *line)
+{
+ char *p;
+ int point_form;
+
+ point_form = get_number_of_args(line) == 3;
+
+ if (!point_form)
+ check_number_of_args(line, 6);
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ if (!*p) {
+ command_parse_error();
+ return;
+ }
+
+ Free(tempcomp_point_file);
+
+ if (point_form) {
+ if (sscanf(line, "%lf", &tempcomp_interval) != 1) {
+ command_parse_error();
+ return;
+ }
+ tempcomp_point_file = Strdup(CPS_SplitWord(line));
+ } else {
+ if (sscanf(line, "%lf %lf %lf %lf %lf", &tempcomp_interval,
+ &tempcomp_T0, &tempcomp_k0, &tempcomp_k1, &tempcomp_k2) != 5) {
+ command_parse_error();
+ return;
+ }
+ tempcomp_point_file = NULL;
+ }
+
+ Free(tempcomp_sensor_file);
+ tempcomp_sensor_file = Strdup(p);
+}
+
+/* ================================================== */
+
+static void
+parse_hwtimestamp(char *line)
+{
+ CNF_HwTsInterface *iface;
+ int n, maxpoll_set = 0;
+ char *p, filter[5];
+
+ if (!*line) {
+ command_parse_error();
+ return;
+ }
+
+ p = line;
+ line = CPS_SplitWord(line);
+
+ iface = ARR_GetNewElement(hwts_interfaces);
+ iface->name = Strdup(p);
+ iface->minpoll = 0;
+ iface->min_samples = 2;
+ iface->max_samples = 16;
+ iface->nocrossts = 0;
+ iface->rxfilter = CNF_HWTS_RXFILTER_ANY;
+ iface->precision = 100.0e-9;
+ iface->tx_comp = 0.0;
+ iface->rx_comp = 0.0;
+
+ for (p = line; *p; line += n, p = line) {
+ line = CPS_SplitWord(line);
+
+ if (!strcasecmp(p, "maxsamples")) {
+ if (sscanf(line, "%d%n", &iface->max_samples, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "minpoll")) {
+ if (sscanf(line, "%d%n", &iface->minpoll, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "maxpoll")) {
+ if (sscanf(line, "%d%n", &iface->maxpoll, &n) != 1)
+ break;
+ maxpoll_set = 1;
+ } else if (!strcasecmp(p, "minsamples")) {
+ if (sscanf(line, "%d%n", &iface->min_samples, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "precision")) {
+ if (sscanf(line, "%lf%n", &iface->precision, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "rxcomp")) {
+ if (sscanf(line, "%lf%n", &iface->rx_comp, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "txcomp")) {
+ if (sscanf(line, "%lf%n", &iface->tx_comp, &n) != 1)
+ break;
+ } else if (!strcasecmp(p, "rxfilter")) {
+ if (sscanf(line, "%4s%n", filter, &n) != 1)
+ break;
+ if (!strcasecmp(filter, "none"))
+ iface->rxfilter = CNF_HWTS_RXFILTER_NONE;
+ else if (!strcasecmp(filter, "ntp"))
+ iface->rxfilter = CNF_HWTS_RXFILTER_NTP;
+ else if (!strcasecmp(filter, "ptp"))
+ iface->rxfilter = CNF_HWTS_RXFILTER_PTP;
+ else if (!strcasecmp(filter, "all"))
+ iface->rxfilter = CNF_HWTS_RXFILTER_ALL;
+ else
+ break;
+ } else if (!strcasecmp(p, "nocrossts")) {
+ n = 0;
+ iface->nocrossts = 1;
+ } else {
+ break;
+ }
+ }
+
+ if (*p)
+ command_parse_error();
+
+ if (!maxpoll_set)
+ iface->maxpoll = iface->minpoll + 1;
+}
+
+/* ================================================== */
+
+static const char *
+get_basename(const char *path)
+{
+ const char *b = strrchr(path, '/');
+ return b ? b + 1 : path;
+}
+
+/* ================================================== */
+
+static int
+compare_basenames(const void *a, const void *b)
+{
+ return strcmp(get_basename(*(const char * const *)a),
+ get_basename(*(const char * const *)b));
+}
+
+/* ================================================== */
+
+static int
+search_dirs(char *line, const char *suffix, void (*file_handler)(const char *path))
+{
+ char *dirs[MAX_CONF_DIRS], buf[MAX_LINE_LENGTH], *path;
+ size_t i, j, k, locations, n_dirs;
+ glob_t gl;
+
+ n_dirs = UTI_SplitString(line, dirs, MAX_CONF_DIRS);
+ if (n_dirs < 1 || n_dirs > MAX_CONF_DIRS)
+ return 0;
+
+ /* Get the paths of all config files in the specified directories */
+ for (i = 0; i < n_dirs; i++) {
+ if (snprintf(buf, sizeof (buf), "%s/*%s", dirs[i], suffix) >= sizeof (buf))
+ assert(0);
+ if (glob(buf, GLOB_NOSORT | (i > 0 ? GLOB_APPEND : 0), NULL, &gl) != 0)
+ ;
+ }
+
+ if (gl.gl_pathc > 0) {
+ /* Sort the paths by filenames */
+ qsort(gl.gl_pathv, gl.gl_pathc, sizeof (gl.gl_pathv[0]), compare_basenames);
+
+ for (i = 0; i < gl.gl_pathc; i += locations) {
+ /* Count directories containing files with this name */
+ for (j = i + 1, locations = 1; j < gl.gl_pathc; j++, locations++) {
+ if (compare_basenames(&gl.gl_pathv[i], &gl.gl_pathv[j]) != 0)
+ break;
+ }
+
+ /* Read the first file of this name in the order of the directive */
+ for (j = 0; j < n_dirs; j++) {
+ for (k = 0; k < locations; k++) {
+ path = gl.gl_pathv[i + k];
+ if (strncmp(path, dirs[j], strlen(dirs[j])) == 0 &&
+ strlen(dirs[j]) + 1 + strlen(get_basename(path)) == strlen(path)) {
+ file_handler(path);
+ break;
+ }
+ }
+ if (k < locations)
+ break;
+ }
+ }
+ }
+
+ globfree(&gl);
+
+ return 1;
+}
+
+/* ================================================== */
+
+static void
+parse_confdir(char *line)
+{
+ if (!search_dirs(line, ".conf", CNF_ReadFile))
+ command_parse_error();
+}
+
+/* ================================================== */
+
+static void
+parse_include(char *line)
+{
+ glob_t gl;
+ size_t i;
+ int r;
+
+ check_number_of_args(line, 1);
+
+ if ((r = glob(line,
+#ifdef GLOB_NOMAGIC
+ GLOB_NOMAGIC |
+#endif
+ GLOB_ERR, NULL, &gl)) != 0) {
+ if (r != GLOB_NOMATCH)
+ LOG_FATAL("Could not search for files matching %s", line);
+
+ DEBUG_LOG("glob of %s failed", line);
+ return;
+ }
+
+ for (i = 0; i < gl.gl_pathc; i++)
+ CNF_ReadFile(gl.gl_pathv[i]);
+
+ globfree(&gl);
+}
+
+/* ================================================== */
+
+static void
+load_source_file(const char *filename)
+{
+ char line[MAX_LINE_LENGTH + 1];
+ FILE *f;
+
+ f = UTI_OpenFile(NULL, filename, NULL, 'r', 0);
+ if (!f)
+ return;
+
+ while (fgets(line, sizeof (line), f)) {
+ /* Require lines to be terminated */
+ if (line[0] == '\0' || line[strlen(line) - 1] != '\n')
+ break;
+
+ CPS_NormalizeLine(line);
+ if (line[0] == '\0')
+ continue;
+
+ parse_source(CPS_SplitWord(line), line, 0);
+ }
+
+ fclose(f);
+}
+
+/* ================================================== */
+
+static int
+compare_sources(const void *a, const void *b)
+{
+ const NTP_Source *sa = a, *sb = b;
+ int d;
+
+ if (!sa->params.name)
+ return -1;
+ if (!sb->params.name)
+ return 1;
+ if ((d = strcmp(sa->params.name, sb->params.name)) != 0)
+ return d;
+ if ((d = (int)sa->type - (int)sb->type) != 0)
+ return d;
+ if ((d = (int)sa->pool - (int)sb->pool) != 0)
+ return d;
+ if ((d = (int)sa->params.port - (int)sb->params.port) != 0)
+ return d;
+ return memcmp(&sa->params.params, &sb->params.params, sizeof (sa->params.params));
+}
+
+/* ================================================== */
+
+static void
+reload_source_dirs(void)
+{
+ NTP_Source *prev_sources, *new_sources, *source;
+ unsigned int i, j, prev_size, new_size, unresolved;
+ uint32_t *prev_ids, *new_ids;
+ char buf[MAX_LINE_LENGTH];
+ NSR_Status s;
+ int d, pass;
+
+ prev_size = ARR_GetSize(ntp_source_ids);
+ if (prev_size > 0 && ARR_GetSize(ntp_sources) != prev_size)
+ assert(0);
+
+ /* Save the current sources and their configuration IDs */
+ prev_ids = MallocArray(uint32_t, prev_size);
+ memcpy(prev_ids, ARR_GetElements(ntp_source_ids), prev_size * sizeof (prev_ids[0]));
+ prev_sources = MallocArray(NTP_Source, prev_size);
+ memcpy(prev_sources, ARR_GetElements(ntp_sources), prev_size * sizeof (prev_sources[0]));
+
+ /* Load the sources again */
+ ARR_SetSize(ntp_sources, 0);
+ for (i = 0; i < ARR_GetSize(ntp_source_dirs); i++) {
+ if (snprintf(buf, sizeof (buf), "%s",
+ *(char **)ARR_GetElement(ntp_source_dirs, i)) >= sizeof (buf))
+ assert(0);
+ search_dirs(buf, ".sources", load_source_file);
+ }
+
+ /* Add new and remove existing sources according to the new configuration.
+ Avoid removing and adding the same source again to keep its state. */
+
+ new_size = ARR_GetSize(ntp_sources);
+ new_sources = ARR_GetElements(ntp_sources);
+ ARR_SetSize(ntp_source_ids, new_size);
+ new_ids = ARR_GetElements(ntp_source_ids);
+ unresolved = 0;
+
+ LOG_SetContext(LOGC_SourceFile);
+
+ qsort(new_sources, new_size, sizeof (new_sources[0]), compare_sources);
+
+ for (pass = 0; pass < 2; pass++) {
+ for (i = j = 0; i < prev_size || j < new_size; i += d <= 0, j += d >= 0) {
+ if (i < prev_size && j < new_size)
+ d = compare_sources(&prev_sources[i], &new_sources[j]);
+ else
+ d = i < prev_size ? -1 : 1;
+
+ /* Remove missing sources before adding others to avoid conflicts */
+ if (pass == 0 && d < 0 && prev_sources[i].params.name[0] != '\0') {
+ NSR_RemoveSourcesById(prev_ids[i]);
+ }
+
+ /* Add new sources */
+ if (pass == 1 && d > 0) {
+ source = &new_sources[j];
+ s = NSR_AddSourceByName(source->params.name, source->params.port, source->pool,
+ source->type, &source->params.params, &new_ids[j]);
+
+ if (s == NSR_UnresolvedName) {
+ unresolved++;
+ } else if (s != NSR_Success) {
+ LOG(LOGS_ERR, "Could not add source %s : %s",
+ source->params.name, NSR_StatusToString(s));
+
+ /* Mark the source as not present */
+ source->params.name[0] = '\0';
+ }
+ }
+
+ /* Keep unchanged sources */
+ if (pass == 1 && d == 0)
+ new_ids[j] = prev_ids[i];
+ }
+ }
+
+ LOG_UnsetContext(LOGC_SourceFile);
+
+ for (i = 0; i < prev_size; i++)
+ Free(prev_sources[i].params.name);
+ Free(prev_sources);
+ Free(prev_ids);
+
+ if (unresolved > 0)
+ NSR_ResolveSources();
+}
+
+/* ================================================== */
+
+void
+CNF_CreateDirs(uid_t uid, gid_t gid)
+{
+ char *dir;
+
+ /* Create a directory for the Unix domain command socket */
+ if (bind_cmd_path) {
+ dir = UTI_PathToDir(bind_cmd_path);
+ UTI_CreateDirAndParents(dir, 0770, uid, gid);
+
+ /* Check the permissions and owner/group in case the directory already
+ existed. It MUST NOT be accessible by others as permissions on Unix
+ domain sockets are ignored on some systems (e.g. Solaris). */
+ if (!UTI_CheckDirPermissions(dir, 0770, uid, gid)) {
+ LOG(LOGS_WARN, "Disabled command socket %s", bind_cmd_path);
+ Free(bind_cmd_path);
+ bind_cmd_path = NULL;
+ }
+
+ Free(dir);
+ }
+
+ if (logdir)
+ UTI_CreateDirAndParents(logdir, 0750, uid, gid);
+ if (dumpdir)
+ UTI_CreateDirAndParents(dumpdir, 0750, uid, gid);
+ if (nts_dump_dir)
+ UTI_CreateDirAndParents(nts_dump_dir, 0750, uid, gid);
+}
+
+/* ================================================== */
+
+void
+CNF_CheckReadOnlyAccess(void)
+{
+ unsigned int i;
+
+ if (keys_file)
+ UTI_CheckReadOnlyAccess(keys_file);
+ for (i = 0; i < ARR_GetSize(nts_server_key_files); i++)
+ UTI_CheckReadOnlyAccess(*(char **)ARR_GetElement(nts_server_key_files, i));
+}
+
+/* ================================================== */
+
+void
+CNF_AddInitSources(void)
+{
+ CPS_NTP_Source cps_source;
+ NTP_Remote_Address ntp_addr;
+ char dummy_hostname[2] = "H";
+ unsigned int i;
+
+ for (i = 0; i < ARR_GetSize(init_sources); i++) {
+ /* Get the default NTP params */
+ CPS_ParseNTPSourceAdd(dummy_hostname, &cps_source);
+
+ /* Add the address as a server specified with the iburst option */
+ ntp_addr.ip_addr = *(IPAddr *)ARR_GetElement(init_sources, i);
+ ntp_addr.port = cps_source.port;
+ cps_source.params.iburst = 1;
+
+ if (NSR_AddSource(&ntp_addr, NTP_SERVER, &cps_source.params, NULL) != NSR_Success)
+ LOG(LOGS_ERR, "Could not add source %s", UTI_IPToString(&ntp_addr.ip_addr));
+ }
+
+ ARR_SetSize(init_sources, 0);
+}
+
+/* ================================================== */
+
+void
+CNF_AddSources(void)
+{
+ NTP_Source *source;
+ unsigned int i;
+ NSR_Status s;
+
+ for (i = 0; i < ARR_GetSize(ntp_sources); i++) {
+ source = (NTP_Source *)ARR_GetElement(ntp_sources, i);
+
+ s = NSR_AddSourceByName(source->params.name, source->params.port, source->pool,
+ source->type, &source->params.params, NULL);
+ if (s != NSR_Success && s != NSR_UnresolvedName)
+ LOG(LOGS_ERR, "Could not add source %s", source->params.name);
+
+ Free(source->params.name);
+ }
+
+ ARR_SetSize(ntp_sources, 0);
+
+ reload_source_dirs();
+}
+
+/* ================================================== */
+
+void
+CNF_AddRefclocks(void)
+{
+ RefclockParameters *refclock;
+ unsigned int i;
+
+ for (i = 0; i < ARR_GetSize(refclock_sources); i++) {
+ refclock = ARR_GetElement(refclock_sources, i);
+ RCL_AddRefclock(refclock);
+ Free(refclock->driver_name);
+ Free(refclock->driver_parameter);
+ }
+
+ ARR_SetSize(refclock_sources, 0);
+}
+
+/* ================================================== */
+
+void
+CNF_AddBroadcasts(void)
+{
+ unsigned int i;
+ NTP_Broadcast_Destination *destination;
+
+ for (i = 0; i < ARR_GetSize(broadcasts); i++) {
+ destination = (NTP_Broadcast_Destination *)ARR_GetElement(broadcasts, i);
+ NCR_AddBroadcastDestination(&destination->addr, destination->interval);
+ }
+
+ ARR_SetSize(broadcasts, 0);
+}
+
+/* ================================================== */
+
+void
+CNF_ReloadSources(void)
+{
+ reload_source_dirs();
+}
+
+/* ================================================== */
+
+int
+CNF_GetNTPPort(void)
+{
+ return ntp_port;
+}
+
+/* ================================================== */
+
+int
+CNF_GetAcquisitionPort(void)
+{
+ return acquisition_port;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetDriftFile(void)
+{
+ return drift_file;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogBanner(void)
+{
+ return log_banner;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetLogDir(void)
+{
+ return logdir;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetDumpDir(void)
+{
+ return dumpdir;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogMeasurements(int *raw)
+{
+ *raw = raw_measurements;
+ return do_log_measurements;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogSelection(void)
+{
+ return do_log_selection;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogStatistics(void)
+{
+ return do_log_statistics;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogTracking(void)
+{
+ return do_log_tracking;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogRtc(void)
+{
+ return do_log_rtc;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogRefclocks(void)
+{
+ return do_log_refclocks;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLogTempComp(void)
+{
+ return do_log_tempcomp;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetKeysFile(void)
+{
+ return keys_file;
+}
+
+/* ================================================== */
+
+double
+CNF_GetRtcAutotrim(void)
+{
+ return rtc_autotrim_threshold;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetRtcFile(void)
+{
+ return rtc_file;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetRtcDevice(void)
+{
+ return rtc_device;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxUpdateSkew(void)
+{
+ return max_update_skew;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxDrift(void)
+{
+ return max_drift;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxClockError(void)
+{
+ return max_clock_error;
+}
+
+/* ================================================== */
+
+double
+CNF_GetCorrectionTimeRatio(void)
+{
+ return correction_time_ratio;
+}
+
+/* ================================================== */
+
+SRC_AuthSelectMode
+CNF_GetAuthSelectMode(void)
+{
+ return authselect_mode;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxSlewRate(void)
+{
+ return max_slew_rate;
+}
+
+/* ================================================== */
+
+double
+CNF_GetClockPrecision(void)
+{
+ return clock_precision;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxDistance(void)
+{
+ return max_distance;
+}
+
+/* ================================================== */
+
+double
+CNF_GetMaxJitter(void)
+{
+ return max_jitter;
+}
+
+/* ================================================== */
+
+double
+CNF_GetReselectDistance(void)
+{
+ return reselect_distance;
+}
+
+/* ================================================== */
+
+double
+CNF_GetStratumWeight(void)
+{
+ return stratum_weight;
+}
+
+/* ================================================== */
+
+double
+CNF_GetCombineLimit(void)
+{
+ return combine_limit;
+}
+
+/* ================================================== */
+
+int
+CNF_GetManualEnabled(void)
+{
+ return enable_manual;
+}
+
+/* ================================================== */
+
+int
+CNF_GetCommandPort(void) {
+ return cmd_port;
+}
+
+/* ================================================== */
+
+int
+CNF_AllowLocalReference(int *stratum, int *orphan, double *distance)
+{
+ if (enable_local) {
+ *stratum = local_stratum;
+ *orphan = local_orphan;
+ *distance = local_distance;
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+/* ================================================== */
+
+int
+CNF_GetRtcOnUtc(void)
+{
+ return rtc_on_utc;
+}
+
+/* ================================================== */
+
+int
+CNF_GetRtcSync(void)
+{
+ return rtc_sync;
+}
+
+/* ================================================== */
+
+void
+CNF_GetMakeStep(int *limit, double *threshold)
+{
+ *limit = make_step_limit;
+ *threshold = make_step_threshold;
+}
+
+/* ================================================== */
+
+void
+CNF_GetMaxChange(int *delay, int *ignore, double *offset)
+{
+ *delay = max_offset_delay;
+ *ignore = max_offset_ignore;
+ *offset = max_offset;
+}
+
+/* ================================================== */
+
+double
+CNF_GetLogChange(void)
+{
+ return log_change_threshold;
+}
+
+/* ================================================== */
+
+void
+CNF_GetMailOnChange(int *enabled, double *threshold, char **user)
+{
+ if (mail_user_on_change) {
+ *enabled = 1;
+ *threshold = mail_change_threshold;
+ *user = mail_user_on_change;
+ } else {
+ *enabled = 0;
+ *threshold = 0.0;
+ *user = NULL;
+ }
+}
+
+/* ================================================== */
+
+void
+CNF_SetupAccessRestrictions(void)
+{
+ AllowDeny *node;
+ int status;
+ unsigned int i;
+
+ for (i = 0; i < ARR_GetSize(ntp_restrictions); i++) {
+ node = ARR_GetElement(ntp_restrictions, i);
+ status = NCR_AddAccessRestriction(&node->ip, node->subnet_bits, node->allow, node->all);
+ if (!status) {
+ LOG_FATAL("Bad subnet in %s/%d", UTI_IPToString(&node->ip), node->subnet_bits);
+ }
+ }
+
+ for (i = 0; i < ARR_GetSize(cmd_restrictions); i++) {
+ node = ARR_GetElement(cmd_restrictions, i);
+ status = CAM_AddAccessRestriction(&node->ip, node->subnet_bits, node->allow, node->all);
+ if (!status) {
+ LOG_FATAL("Bad subnet in %s/%d", UTI_IPToString(&node->ip), node->subnet_bits);
+ }
+ }
+
+ ARR_SetSize(ntp_restrictions, 0);
+ ARR_SetSize(cmd_restrictions, 0);
+}
+
+/* ================================================== */
+
+int
+CNF_GetNoClientLog(void)
+{
+ return no_client_log;
+}
+
+/* ================================================== */
+
+unsigned long
+CNF_GetClientLogLimit(void)
+{
+ return client_log_limit;
+}
+
+/* ================================================== */
+
+void
+CNF_GetFallbackDrifts(int *min, int *max)
+{
+ *min = fb_drift_min;
+ *max = fb_drift_max;
+}
+
+/* ================================================== */
+
+void
+CNF_GetBindAddress(int family, IPAddr *addr)
+{
+ if (family == IPADDR_INET4)
+ *addr = bind_address4;
+ else if (family == IPADDR_INET6)
+ *addr = bind_address6;
+ else
+ addr->family = IPADDR_UNSPEC;
+}
+
+/* ================================================== */
+
+void
+CNF_GetBindAcquisitionAddress(int family, IPAddr *addr)
+{
+ if (family == IPADDR_INET4)
+ *addr = bind_acq_address4;
+ else if (family == IPADDR_INET6)
+ *addr = bind_acq_address6;
+ else
+ addr->family = IPADDR_UNSPEC;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetBindNtpInterface(void)
+{
+ return bind_ntp_iface;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetBindAcquisitionInterface(void)
+{
+ return bind_acq_iface;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetBindCommandInterface(void)
+{
+ return bind_cmd_iface;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetBindCommandPath(void)
+{
+ return bind_cmd_path;
+}
+
+/* ================================================== */
+
+void
+CNF_GetBindCommandAddress(int family, IPAddr *addr)
+{
+ if (family == IPADDR_INET4)
+ *addr = bind_cmd_address4;
+ else if (family == IPADDR_INET6)
+ *addr = bind_cmd_address6;
+ else
+ addr->family = IPADDR_UNSPEC;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtpDscp(void)
+{
+ return ntp_dscp;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtpSigndSocket(void)
+{
+ return ntp_signd_socket;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetPidFile(void)
+{
+ return pidfile;
+}
+
+/* ================================================== */
+
+REF_LeapMode
+CNF_GetLeapSecMode(void)
+{
+ return leapsec_mode;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetLeapSecTimezone(void)
+{
+ return leapsec_tz;
+}
+
+/* ================================================== */
+
+int
+CNF_GetSchedPriority(void)
+{
+ return sched_priority;
+}
+
+/* ================================================== */
+
+int
+CNF_GetLockMemory(void)
+{
+ return lock_memory;
+}
+
+/* ================================================== */
+
+int CNF_GetNTPRateLimit(int *interval, int *burst, int *leak)
+{
+ *interval = ntp_ratelimit_interval;
+ *burst = ntp_ratelimit_burst;
+ *leak = ntp_ratelimit_leak;
+ return ntp_ratelimit_enabled;
+}
+
+/* ================================================== */
+
+int CNF_GetNtsRateLimit(int *interval, int *burst, int *leak)
+{
+ *interval = nts_ratelimit_interval;
+ *burst = nts_ratelimit_burst;
+ *leak = nts_ratelimit_leak;
+ return nts_ratelimit_enabled;
+}
+
+/* ================================================== */
+
+int CNF_GetCommandRateLimit(int *interval, int *burst, int *leak)
+{
+ *interval = cmd_ratelimit_interval;
+ *burst = cmd_ratelimit_burst;
+ *leak = cmd_ratelimit_leak;
+ return cmd_ratelimit_enabled;
+}
+
+/* ================================================== */
+
+void
+CNF_GetSmooth(double *max_freq, double *max_wander, int *leap_only)
+{
+ *max_freq = smooth_max_freq;
+ *max_wander = smooth_max_wander;
+ *leap_only = smooth_leap_only;
+}
+
+/* ================================================== */
+
+void
+CNF_GetTempComp(char **file, double *interval, char **point_file, double *T0, double *k0, double *k1, double *k2)
+{
+ *file = tempcomp_sensor_file;
+ *point_file = tempcomp_point_file;
+ *interval = tempcomp_interval;
+ *T0 = tempcomp_T0;
+ *k0 = tempcomp_k0;
+ *k1 = tempcomp_k1;
+ *k2 = tempcomp_k2;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetUser(void)
+{
+ return user;
+}
+
+/* ================================================== */
+
+int
+CNF_GetMaxSamples(void)
+{
+ return max_samples;
+}
+
+/* ================================================== */
+
+int
+CNF_GetMinSamples(void)
+{
+ return min_samples;
+}
+
+/* ================================================== */
+
+int
+CNF_GetMinSources(void)
+{
+ return min_sources;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetHwclockFile(void)
+{
+ return hwclock_file;
+}
+
+/* ================================================== */
+
+int
+CNF_GetInitSources(void)
+{
+ return ARR_GetSize(init_sources);
+}
+
+/* ================================================== */
+
+double
+CNF_GetInitStepThreshold(void)
+{
+ return init_slew_threshold;
+}
+
+/* ================================================== */
+
+int
+CNF_GetHwTsInterface(unsigned int index, CNF_HwTsInterface **iface)
+{
+ if (index >= ARR_GetSize(hwts_interfaces))
+ return 0;
+
+ *iface = (CNF_HwTsInterface *)ARR_GetElement(hwts_interfaces, index);
+ return 1;
+}
+
+/* ================================================== */
+
+double
+CNF_GetHwTsTimeout(void)
+{
+ return hwts_timeout;
+}
+
+/* ================================================== */
+
+int
+CNF_GetPtpPort(void)
+{
+ return ptp_port;
+}
+
+/* ================================================== */
+
+int
+CNF_GetRefresh(void)
+{
+ return refresh;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtsDumpDir(void)
+{
+ return nts_dump_dir;
+}
+
+/* ================================================== */
+
+char *
+CNF_GetNtsNtpServer(void)
+{
+ return nts_ntp_server;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerCertAndKeyFiles(const char ***certs, const char ***keys)
+{
+ *certs = ARR_GetElements(nts_server_cert_files);
+ *keys = ARR_GetElements(nts_server_key_files);
+
+ if (ARR_GetSize(nts_server_cert_files) != ARR_GetSize(nts_server_key_files))
+ LOG_FATAL("Uneven number of NTS certs and keys");
+
+ return ARR_GetSize(nts_server_cert_files);
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerPort(void)
+{
+ return nts_server_port;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerProcesses(void)
+{
+ return nts_server_processes;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsServerConnections(void)
+{
+ return nts_server_connections;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsRefresh(void)
+{
+ return nts_refresh;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsRotate(void)
+{
+ return nts_rotate;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNtsTrustedCertsPaths(const char ***paths, uint32_t **ids)
+{
+ *paths = ARR_GetElements(nts_trusted_certs_paths);
+ *ids = ARR_GetElements(nts_trusted_certs_ids);
+
+ if (ARR_GetSize(nts_trusted_certs_paths) != ARR_GetSize(nts_trusted_certs_ids))
+ assert(0);
+
+ return ARR_GetSize(nts_trusted_certs_paths);
+}
+
+/* ================================================== */
+
+int
+CNF_GetNoSystemCert(void)
+{
+ return no_system_cert;
+}
+
+/* ================================================== */
+
+int
+CNF_GetNoCertTimeCheck(void)
+{
+ return no_cert_time_check;
+}