r6 - 2013-07-28 - 14:04:37 - AllenZhongYou are here: NTP >  Dev Web > GoogleSummerOfCode > GSoC2013UnitTestingAllen > GSoC2013UnitTestingAllenWeeklyUpdates
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p13 was released on 07 March 2019. It addresses 1 medium-severity security issue in ntpd, and provides 17 non-security bugfixes and 1 other improvements over 4.2.8p12.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Weekly Updates for the GSoC 2013 Unit Testing Project of Allen

This page is the weekly updates of my GSoC project.

Jul 28, 2013 - 6th week

Done:

  • Some improvement of testing adj_systime()
  • Basic works about testing leap-second
  • Simple tests for ntp_util.c and ntp_crypto.c, need more work

Todo:

  • Mid-term evaluation
  • More about leapseconds
  • More about ntp_util.c and ntp_crypto.c (these two files have funcs related to leapseconds)

Problems:

  • Haven't figured out better way to test get_systime() and adj_systime() yet.
  • Not clear about how leapseconds been implemented in ntp, hard to write tests.

Jul 20, 2013 - 5th week

Done:

  • Tests for systime.c
  • - get_systime()
  • - adj_systime()

Todo:

  • Improve on get_systime()
  • step_systime()
  • Prepare for mid-term evaluation

Problems:

  • To test get_systime() I need to get system time manually, and I used part of get_ostime() to do so, this may couse problem as get_systime() also calls get_ostime() to obtain current time at the first place, need to find another way to do so.
  • In tests for adj_systime() I give the system a very small offset (5 nanosecond) to see if the adjustment made is correct, this is fine on my local machine as well as psp-deb1, mostly. In some cases, however, if the system got very buzy, this test may fail.
  • step_systime() changes the system time too much on scale, it's not likely to be a good idea to call it on real system just for test, like I did with adj_systime().

Jul 13, 2013 - 4th week

Done:

  • Adjust atolfp.cpp using lfptest.h
  • Tests for timetoa.c

Todo:

  • Tests for systime.c
  • Improve tests about l_fp

Problems:

  • Need to learn more about l_fp, reading RFC 5905
  • time_t is 64 bits long on most new systems but may be 32 bits on older ones, need some adjustment on testing its overflowing

Jul 07, 2013 - 3rd week

Done:

  • Fixed gtest issue, tests building normally (Thanks to Linus Karlsson)
  • Some more tests for atolfp.c
  • A simple script to collect time offset between client and server

Todo:

  • Finish tests for dofptoa.c - this is done in lfptostr.cpp
  • Improve testing scripts

Jul 01, 2013 - 2nd week

Done:

  • Set up a bk repo on dev machine
  • Unit tests for atolfp.c and dofptoa.c

Todo:

  • Write one or two more test files
  • Write scripts for server testing and setting up servers

Problems:

  • Still not sure how tests are build and run

Jun 24, 2013 - 1st week

Done:

  • Get through Google Test docs
  • Set up 3 VPS for testing in real environment
  • Set up git repos on local and dev machines
  • Wrote a simple unit test and a script to get start

Todo:

  • Write more test to cover adjtime() part of ntp
  • Write scripts to collect data from running ntpd
  • Write some docs or a blog for this project

Problems:

  • adjtimex() is a syscall in Linux so it's hard to write unit test to, as its implementation contains external codes of ntp
  • Still not very familiar with gtest and the makefiles, sample tests of libntpd failed to build
  • Unit tests can only tell if the codes are correct, not how the work, so scripts that collect data of running ntpd is necessary
  • New to bitkeeper, haven't set up a repo on dev machine yet, need to set up one and get it sync with my git repos
Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r6 < r5 < r4 < r3 < r2 | More topic actions
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback