twekkel / htpdate Goto Github PK

View Code? Open in Web Editor NEW

46.0 2.0 12.0 160 KB

HTTP Time protocol

Home Page: https://www.vervest.org/htp

License: Other

Makefile 2.84% Roff 12.42% C 79.67% Shell 5.07%

time ntp rdate-ntpdate-replacement

htpdate's Introduction

htpdate

Time synchronization... quick and dirty

date -s "`curl --head -s https://example.com | grep -i "Date: " | cut -d' ' -f2-`"

Better solution... htpdate

The above one-liner might result in unexpected behavior,

when the website is not reachable
when the website has the wrong time
when time steps/jumps (backwards!) in time
because precision is only 1 second

Htpdate addresses these issues by using multiple time sources, filtering out 'false tickers', gradually adjusts time, enhancing precision and capable of running as a daemon.

The HTTP Time Protocol (HTP) is used to synchronize a computer's time with web servers as reference time source. Htpdate will synchronize your computer's time by extracting timestamps from HTTP headers found in web server responses. Htpdate can be used as a daemon, to keep your computer synchronized. The accuracy of htpdate is at least -+0.5 seconds, but can be in the range of ~10 ms (see -p option). If this is not good enough for you, use a ntp package.

Install the htpdate package if you need tools for keeping your system's time synchronized via the HTP protocol. Htpdate works also through proxy servers.

Installation

build:

make

or for HTTPS support (OpenSSL is required)

make https

install:

make install

Packages

Many Linux distributions and FreeBSD system provide a htpdate package, which should be preferred over manual compilation and installation from downloaded source code as the packages are likely integrated with the rest of the system (e.g. service files and networking scripts).

Usage

Htpdate can be used to query the time of one or multiple web servers,

htpdate www.example.com http://www.example.com https://example.com

Htpdate can run as daemon,

htpdate -D http://www.example.com

Another option is to run htpdate periodically from cron. For a daily time synchronization,

5 3 * * * /usr/sbin/htpdate -a www.example.com

All htpdate options,

Usage: htpdate [-046acdhlnqstvxDF] [-f driftfile] [-i pidfile] [-m minpoll]
         [-M maxpoll] [-p precision] [-P <proxyserver>[:port]]
         [-u user[:group]] <URL> ...

See man page for more details.

htpdate's People

Contributors

Stargazers

Watchers

Forkers

angeloc ambientai gfcittolin teacup-on-rockingchair danielmewes patryk9200 dongxiaoyi whitehara r-cc-c sunsetmkt stepnem 00gh

htpdate's Issues

New release

Could you release the 1.3.5 version?

Thanks!

Doesn't work behind network proxy with authentication

Hello,

I'm trying to use htpdate behind a network proxy with authentication. Proxy username/password are set (and url-encoded) in the proxy URL as follows:

sudo ./htpdate -t -d -q -P http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HOSTNAME}:${PROXY_PORT}  jjy.nict.go.jp

jjy.nict.go.jp host or service unavailable
No server suitable for synchronization found

I also tried without success different declaration of the proxy:

without or without http://
with or with url-encoding the username/password.

Any idea?

PS: I'm using a freshly compiled version of htpdate: commit 7964ca0 on Linux Ubuntu 18.04.6 LTS

Memory leak from strdup when proxy is enabled

It seem there is a memory leak when using strdup(), the memory is not free.

https://github.com/twekkel/htpdate/blob/master/htpdate.c#L831

You might want to perform some checking using clang in Ubuntu 22.04.

$ wget https://github.com/llvm/llvm-project/releases/download/llvmorg-17.0.2/clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz
$ sudo mkdir -p /opt/llvm
$ sudo tar -C /opt/llvm --no-same-owner --owner=root --group=root -xvf clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz
$ sudo ln -sfn "clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04" /opt/llvm/clang
$ rm -f clang+llvm-17.0.2-x86_64-linux-gnu-ubuntu-22.04.tar.xz

Perform scan-build check

$ /opt/llvm/clang/bin/scan-build -o ${PWD}/static-analysis/htpdate -k -stats -internal-stats -analyze-headers -maxloop 25 -enable-checker security.FloatLoopCounter -enable-checker security.insecureAPI.DeprecatedOrUnsafeBufferHandling make CC=clang clean https

View the html report using /opt/llvm/clang/bin/scan-view or web browser in directory static-analysis/htpdate

Tag a new version

Would you mind to tag a new version so I can release a new buildroot package?

Thanks!

double free detected in tcache 2 error

In getHTTPdate() if the call to getaddrinfo() returns a nonzero error code the freeaddrinfo(res) that follows results in a 'free(): double free detected in tcache 2' error which crashes htpdate when in daemon mode.

Looking at the getaddrinfo programming info at https://man7.org/linux/man-pages/man3/getaddrinfo.3.html and the example code there freeaddrinfo() is not called if the call to getaddrinfo() returns a nonzero error code. I've commented out the freeaddrinfo(res) in getHTTPdate(), recompiled and can confirm this resolves the fatal error/crash.

I'm compiling with https support, running in daemon mode and using https://www.google.com, https://firebase.google.com, https://azure.microsoft.com & https://aws.amazon.com as the time sources. Occasionally the call to getaddrinfo() for one of these will return a nonzero error code (not clear yet as to why) and this was killing the htpdate service. I am running htpdate as a service under systemd, full Exec_Startup;

path=/usr/sbin/htpdate ; argv[]=/usr/sbin/htpdate -F -4 -a -l -s -t -d https://www.google.com https://firebase.google.com https://azure.microsoft.com https://aws.amazon.com ; ignore_errors=no

Swapped month and day in Windows 11

Today is 9th Feb 2023
So when I run htpdate, it swaps the date to 2nd Sept 2023

All my format setting is default to EN-US Windows 11

Time being corrected to half the offset

Hello again!

I've noted that the time is being corrected to half the measured offset from the servers. For example, if server time is now 10:00:00, and computer's time is 08:00:00 (wrong by -2h), after adjustment, the time is set to 09:00:00.

In my scenario, the clock can be very wrong due to RTC failure, years behind actually, and setting the clock to half the way still yields a perceptibly wrong clock, albeit less wrong :)

I think the expected behavior could be, in this example, to set the clock to 10:00:00, but by inspecting the git history, I can see this change was explicitly introduced by c92a3a2. Is there any reason for this I couldn't foresee?

Sorry for bothering once again, and thank you for the excellent work!

htpdate fails to read the date header

if the date header does not appear within the first 1024 bytes of the server first response, then it is not parsed at all:

$ htpdate -q https://www.pool.ntp.org -d
burst: 1 try: 1 when: 500000
www.pool.ntp.org no timestamp
burst: 1 try: 2 when: 500000
www.pool.ntp.org no timestamp
No server suitable for synchronization found

This prevents for example the synchro from https://www.pool.ntp.org, as the date header appears after a bunch of other headers. It would require a bigger buffer and multiple calls to SSL_read to work.

EDIT: in recent versions of htpdate the BUFFERSIZE was bumped to 8192 but there is still a single call to SSL_read so it still fails.

Include CPPFLAGS to the build

Hi twekkel,
thanks for your work!
Please, if possible include CPPFLAGS to the build.
I'm attached the .diff to the Makefile.
Thanks a lot
Makefile.txt

Error in synchronizing time

# date
Thu Jan  1 00:00:11 UTC 1970
# htpdate -t -s -d https://google.com
google.com                443, 16 Jan 2022 18:04:01 GMT (89 ms) => 0
google.com                443, 16 Jan 2022 18:04:01 GMT (101 ms) => 0
google.com                443, 16 Jan 2022 18:04:01 GMT (67 ms) => 0
google.com                443, 16 Jan 2022 18:04:02 GMT (82 ms) => -1
when: 812500000, nap: -62500000
offset: 0.187500
Setting 0.188 seconds
Set time: Sat Jan  1 18:04:02 2022
# date
Sat Jan  1 18:04:17 UTC 2022

As you can see, the datetime is 15 days less than the real time.

Any idea?

Set time mode (-s) fails to set time on network error on first attempt

Hi there!

I'd like to propose a subtle behavior change when the -s option is given, that allows the clock to jump directly to the new time on the first poll cycle.

Right now setmode is dropped to 1 in the end of the infinite loop, regardless of whether it had success fetching the time. This has the consequence that, if the check fails in the first attempt for whatever the reason (e.g. network not ready) and the clock is sufficiently out of sync, htpdate cannot sync it anymore.

The change proposed is to only drop mode if the check has been successful (inside if (goodtimes) {), so that we are sure at least one check has been made and we got our clock in sync

Feed daemon updates into Chrony

I love the idea of HTPDate, it's perfect for firewalled environments.

For devices which will be moving between firewalled and not, it would be great if htpdate could play nice with Chrony.

Using Chrony SOCK protocol we could feed updates to Chrony, so that HTPDate daemon could become another chrony timesource for if/when NTP is blocked or not available due to firewall.

Any chance this feature could be considered?

Chrony uses SOCK protocol to handle incoming updates (basically

htpdate.c:(.text+0x4e6): undefined reference to `TLS_method'

Hi,

while trying to switch upstream for htpdate in Gentoo, I stumbled upon the following compile issue:

x86_64-pc-linux-gnu-gcc -Wall -march=native -mtune=native -O2 -pipe -DENABLE_HTTPS -o htpdate htpdate.c
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: /var/tmp/portage/net-misc/htpdate-9999/temp/ccjeTQYF.o: in function `getHTTPdate':
htpdate.c:(.text+0x4e6): undefined reference to `TLS_method'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x4ee): undefined reference to `SSL_CTX_new'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x4fe): undefined reference to `SSL_CTX_set_default_verify_paths'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x50b): undefined reference to `SSL_CTX_set_verify_depth'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x525): undefined reference to `SSL_new'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x657): undefined reference to `SSL_set_fd'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x707): undefined reference to `SSL_write'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0x721): undefined reference to `SSL_read'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0xa1a): undefined reference to `SSL_shutdown'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0xa24): undefined reference to `SSL_CTX_free'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0xa2c): undefined reference to `SSL_free'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0xbfd): undefined reference to `SSL_CTX_set_verify'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: htpdate.c:(.text+0xcc4): undefined reference to `SSL_connect'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.2.0/../../../../x86_64-pc-linux-gnu/bin/ld: /var/tmp/portage/net-misc/htpdate-9999/temp/ccjeTQYF.o: in function `main':
htpdate.c:(.text.startup+0x4ca): undefined reference to `OPENSSL_init_ssl'
collect2: error: ld returned 1 exit status
make: *** [Makefile:14: htpdate] Error 1

This is an an up-to-date Gentoo machine having openssl-1.1.1m installed. Any chance this can be fixed?

Chrony not working as expected following https://www.vervest.org/htp/?ntppool

Environment

htpdate version 1.3.6
chronyd (chrony) version 4.3

htpdate service environment file contents

HTP_PROXY="-P 192.18.170.12:3128"
HTP_SERVERS="-s http://jjy.nict.go.jp/"
HTP_OPTIONS="-Dx -p 7 -f /var/lib/chrony/chrony.drift"

htpdate service status

● htpdate.service - HTTP based time synchronization tool
     Loaded: loaded (/lib/systemd/system/htpdate.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-09-22 12:17:57 JST; 38min ago
       Docs: man:htpdate
    Process: 3881 ExecStart=/usr/sbin/htpdate $HTP_OPTIONS $HTP_PROXY -i /run/htpdate.pid $HTP_SERVERS (code=exited, status=0/SUCCESS)
   Main PID: 3885 (htpdate)
      Tasks: 1 (limit: 76811)
     Memory: 244.0K
     CGroup: /system.slice/htpdate.service
             └─3885 /usr/sbin/htpdate -Dx -p 7 -f /etc/htpdate.drift -P 192.18.170.12 3128 -i /run/htpdate.pid -s http://jjy.nict.go.jp/

Sep 22 12:17:57 s-master systemd[1]: Starting HTTP based time synchronization tool...
Sep 22 12:17:57 s-master htpdate[3881]: Error reading frequency from /etc/htpdate.drift
Sep 22 12:17:57 s-master htpdate[3885]: htpdate version 1.3.6 started
Sep 22 12:17:57 s-master systemd[1]: htpdate.service: Supervising process 3885 which is not our child. We'll most likely not notice when it exits.
Sep 22 12:17:57 s-master systemd[1]: Started HTTP based time synchronization tool.
Sep 22 12:17:59 s-master htpdate[3885]: Setting 0.016 seconds
Sep 22 12:17:59 s-master htpdate[3885]: Set time: Thu Sep 22 12:17:59 2022
Sep 22 12:47:58 s-master htpdate[3885]: sleep for 1800 s

Looking for inputs on resolving "Error reading frequency from /etc/htpdate.drift"

Added below lines in /etc/chrony/chrony.conf

local stratum 5
driftfile /etc/htpdate.drift

On execution of chronyc sourcestats -v, it returns a empty list.

                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================

Exepecting localhost will be displayed.

On execution of chronyc activity, it returns a 0 sources.
I was expecting 1 source as localhost.

200 OK
0 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

Looking for some guidance/inputs to sync between htpdate and chrony.

Release a new version

I would like to package the software for buildroot with the latest enhancements (cross compilation fixes, non glibc and no time limit).

Could you please tag another release?

Thanks!

twekkel / htpdate Goto Github PK

htpdate's Introduction

htpdate

Time synchronization... quick and dirty

Better solution... htpdate

Installation

Packages

Usage

See also

htpdate's People

Contributors

Stargazers

Watchers

Forkers

htpdate's Issues

Recommend Projects

Recommend Topics

Recommend Org