confd: initial support for NTP server

Fixes #904

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>

Author: troglobit

src/confd/src/Makefile.am

@@ -40,6 +40,7 @@ confd_plugin_la_SOURCES =			\
 	  if-wifi.c				\
 	keystore.c				\
 	system.c				\
+	ntp.c					\
 	syslog.c				\
 	factory-default.c			\
 	routing.c				\

src/confd/src/core.c

@@ -206,6 +206,10 @@ static int change_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *mod
 	if ((rc = keystore_change(session, config, diff, event, confd)))
 		goto free_diff;
 
+	/* ietf-ntp */
+	if ((rc = ntp_change(session, config, diff, event, confd)))
+		goto free_diff;
+
 	/* infix-services */
 	if ((rc = services_change(session, config, diff, event, confd)))
 		goto free_diff;
@@ -244,6 +248,20 @@ static int change_cb(sr_session_ctx_t *session, uint32_t sub_id, const char *mod
 	if ((rc = meta_change_cb(session, config, diff, event, confd)))
 		goto free_diff;
 
+	/*
+	 * Manage chronyd service enable/disable state.  Must be done
+	 * after both ietf-system:ntp and ietf-ntp have are done.
+	 */
+	if (event == SR_EV_DONE && config) {
+		bool client = false;
+		bool server = false;
+
+		client = srx_enabled(session, "/ietf-system:system/ntp/enabled");
+		server = lydx_get_xpathf(config, "/ietf-ntp:ntp") != NULL;
+
+		systemf("initctl -nbq %s chronyd", client || server ? "enable" : "disable");
+	}
+
 	if (cfg)
 		sr_release_data(cfg);
 
@@ -332,6 +350,11 @@ int sr_plugin_init_cb(sr_session_ctx_t *session, void **priv)
 		ERROR("Failed to subscribe to ietf-netconf-acm");
 		goto err;
 	}
+	rc = subscribe_model("ietf-ntp", &confd, 0);
+	if (rc) {
+		ERROR("Failed to subscribe to ietf-ntp");
+		goto err;
+	}
 	rc = subscribe_model("infix-dhcp-client", &confd, 0);
 	if (rc) {
 		ERROR("Failed to subscribe to infix-dhcp-client");
@@ -432,6 +455,10 @@ int sr_plugin_init_cb(sr_session_ctx_t *session, void **priv)
 		goto err;
 
 	rc = dhcp_server_candidate_init(&confd);
+	if (rc)
+		goto err;
+
+	rc = ntp_candidate_init(&confd);
 	if (rc)
 		goto err;
 	/* YOUR_INIT GOES HERE */

src/confd/src/core.h

@@ -247,4 +247,10 @@ int firewall_rpc_init(struct confd *confd);
 int firewall_candidate_init(struct confd *confd);
 int firewall_change(sr_session_ctx_t *session, struct lyd_node *config, struct lyd_node *diff, sr_event_t event, struct confd *confd);
 
+/* ntp.c */
+int ntp_change(sr_session_ctx_t *session, struct lyd_node *config, struct lyd_node *diff, sr_event_t event, struct confd *confd);
+int ntp_cand(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
+	     const char *path, sr_event_t event, unsigned request_id, void *priv);
+int ntp_candidate_init(struct confd *confd);
+
 #endif	/* CONFD_CORE_H_ */

src/confd/src/ntp.c

@@ -0,0 +1,311 @@
+/* SPDX-License-Identifier: BSD-3-Clause */
+
+#include <assert.h>
+#include <jansson.h>
+
+#include <srx/common.h>
+#include <srx/lyx.h>
+#include <srx/srx_val.h>
+
+#include "core.h"
+
+#define XPATH_NTP_ "/ietf-ntp:ntp"
+#define NTP_CONF   "/etc/chrony/conf.d/ntp-server.conf"
+#define NTP_PREV   NTP_CONF "-"
+#define NTP_NEXT   NTP_CONF "+"
+
+/*
+ * NTP Server configuration handler
+ *
+ * This implements ietf-ntp (RFC 9249) for basic NTP server functionality
+ * using chronyd as the underlying daemon. The implementation is minimal,
+ * focusing on:
+ *
+ * - Local reference clock (stratum configuration)
+ * - Custom port (if not default 123)
+ * - Interface binding (restrict to specific interfaces)
+ * - Server mode enabling (allow clients to query)
+ *
+ * Mutual exclusion with ietf-system:ntp is enforced by YANG when statement,
+ * so no runtime validation is needed here.
+ */
+static int change_ntp_server(sr_session_ctx_t *session,
+			     struct lyd_node *config,
+			     struct lyd_node *diff,
+			     sr_event_t event,
+			     struct confd *confd)
+{
+	int port = 0, stratum = 0;
+	sr_val_t *val;
+	size_t cnt;
+	FILE *fp;
+	int rc;
+
+	if (diff && !lydx_get_xpathf(diff, XPATH_NTP_))
+		return SR_ERR_OK;
+
+	switch (event) {
+	case SR_EV_ENABLED:	/* first time, on register. */
+	case SR_EV_CHANGE:	/* regular change (copy cand running) */
+		/* Generate next config */
+		break;
+
+	case SR_EV_ABORT:	/* User abort, or other plugin failed */
+		(void)remove(NTP_NEXT);
+		return SR_ERR_OK;
+
+	case SR_EV_DONE:
+		/* Check if NTP container exists (presence container) */
+		if (!lydx_get_xpathf(config, XPATH_NTP_)) {
+			DEBUG("NTP server disabled, removing config");
+			systemf("rm -f %s", NTP_CONF);
+
+			return SR_ERR_OK;
+		}
+
+		/* Check if passed validation in previous event */
+		if (!fexist(NTP_NEXT))
+			return SR_ERR_OK;
+
+		(void)remove(NTP_PREV);
+		(void)rename(NTP_CONF, NTP_PREV);
+		(void)rename(NTP_NEXT, NTP_CONF);
+
+		/* Reload chronyd to pick up new config */
+		if (systemf("chronyc reload sources >/dev/null 2>&1"))
+			ERRNO("Failed reloading chronyd sources");
+
+		systemf("initctl -nbq touch chronyd");
+		return SR_ERR_OK;
+
+	default:
+		return SR_ERR_OK;
+	}
+
+	fp = fopen(NTP_NEXT, "w");
+	if (!fp) {
+		ERROR("Failed creating %s: %s", NTP_NEXT, strerror(errno));
+		return SR_ERR_SYS;
+	}
+
+	fprintf(fp, "# Generated by ietf-ntp\n");
+	fprintf(fp, "# This file configures chronyd as an NTP server\n\n");
+
+	/* Port configuration (optional) */
+	SRX_GET_UINT32(session, port, XPATH_NTP_"/port");
+	if (port && port != 123) {
+		fprintf(fp, "# Custom NTP port\n");
+		fprintf(fp, "port %d\n\n", port);
+		NOTE("NTP server configured on port %d", port);
+	}
+
+	/* makestep configuration - allow clock stepping for fast initial sync */
+	if (lydx_get_xpathf(config, XPATH_NTP_"/infix-ntp:makestep")) {
+		char *threshold_str = srx_get_str(session, XPATH_NTP_"/infix-ntp:makestep/threshold");
+		char *limit_str = srx_get_str(session, XPATH_NTP_"/infix-ntp:makestep/limit");
+		double threshold = 1.0;  /* Default */
+		int limit = 3;           /* Default */
+
+		if (threshold_str) {
+			threshold = atof(threshold_str);
+			free(threshold_str);
+		}
+		if (limit_str) {
+			limit = atoi(limit_str);
+			free(limit_str);
+		}
+
+		fprintf(fp, "# Allow clock stepping for fast initial sync\n");
+		fprintf(fp, "makestep %.1f %d\n\n", threshold, limit);
+		NOTE("NTP makestep configured: threshold %.1f seconds, limit %d updates",
+		     threshold, limit);
+	}
+
+	/* Upstream server/peer configuration (unicast-configuration) */
+	rc = sr_get_items(session, XPATH_NTP_"/unicast-configuration", 0, 0, &val, &cnt);
+	if (rc == SR_ERR_OK && cnt > 0) {
+		fprintf(fp, "# Upstream NTP servers and peers\n");
+
+		for (size_t i = 0; i < cnt; i++) {
+			char *address = srx_get_str(session, "%s/address", val[i].xpath);
+			char *type = srx_get_str(session, "%s/type", val[i].xpath);
+			const char *directive = NULL;
+
+			if (address) {
+ 				char *minpoll = srx_get_str(session, "%s/minpoll", val[i].xpath);
+ 				char *maxpoll = srx_get_str(session, "%s/maxpoll", val[i].xpath);
+ 				char *version = srx_get_str(session, "%s/version", val[i].xpath);
+ 				char *srcport = srx_get_str(session, "%s/port", val[i].xpath);
+				bool prefer   = srx_enabled(session, "%s/prefer", val[i].xpath);
+				bool burst    = srx_enabled(session, "%s/burst", val[i].xpath);
+				bool iburst   = srx_enabled(session, "%s/iburst", val[i].xpath);
+
+				if (type && strstr(type, "uc-server"))
+					directive = "server";
+				else if (type && strstr(type, "uc-peer"))
+					directive = "peer";
+
+				if (directive) {
+					fprintf(fp, "%s %s", directive, address);
+					if (srcport)
+						fprintf(fp, " port %s", srcport);
+					if (iburst)
+						fprintf(fp, " iburst");
+					if (burst)
+						fprintf(fp, " burst");
+					if (prefer)
+						fprintf(fp, " prefer");
+					if (minpoll)
+						fprintf(fp, " minpoll %s", minpoll);
+					if (maxpoll)
+						fprintf(fp, " maxpoll %s", maxpoll);
+					if (version)
+						fprintf(fp, " version %s", version);
+					fprintf(fp, "\n");
+
+					DEBUG("NTP %s: %s port %s%s%s%s minpoll %s maxpoll %s version %s", directive, address,
+					      srcport ?: "123",
+					      iburst ? " iburst" : "",
+					      burst  ? " burst " : "",
+					      prefer ? " prefer" : "",
+					      minpoll ?: "6",
+					      maxpoll ?: "10",
+					      version ?: "4");
+				}
+
+				if (minpoll)
+					free(minpoll);
+				if (maxpoll)
+					free(maxpoll);
+				if (version)
+					free(version);
+				if (srcport)
+					free(srcport);
+				free(address);
+			}
+			if (type)
+				free(type);
+		}
+		fprintf(fp, "\n");
+		sr_free_values(val, cnt);
+	}
+
+	/* Reference clock (local stratum) - fallback time source */
+	if (lydx_get_xpathf(config, XPATH_NTP_"/refclock-master")) {
+		SRX_GET_UINT8(session, stratum, XPATH_NTP_"/refclock-master/master-stratum");
+		if (!stratum)
+			stratum = 10; /* Default from RFC 9249 */
+
+		fprintf(fp, "# Local reference clock - fallback stratum %d source\n", stratum);
+		fprintf(fp, "local stratum %d orphan\n\n", stratum);
+		NOTE("NTP server configured with stratum %d fallback", stratum);
+	} else {
+		/* No refclock-master means server mode without local clock */
+		/* This is valid - device can still serve time from upstream servers */
+		DEBUG("NTP server without local reference clock");
+	}
+
+	/*
+	 * Enable NTP server mode - allow clients to query us
+	 *
+	 * Using 'allow' without arguments permits all clients.
+	 * In a future version with access-rules support, we could
+	 * restrict to specific subnets.
+	 */
+	fprintf(fp, "# Allow NTP clients to query this server\n");
+	fprintf(fp, "allow\n\n");
+
+	/*
+	 * Enable RTC synchronization
+	 *
+	 * On Linux, the kernel will copy system time to the hardware RTC
+	 * every 11 minutes when the clock is synchronized. This keeps the
+	 * RTC accurate for the next boot, which is important for embedded
+	 * systems without continuous network connectivity.
+	 */
+	fprintf(fp, "# Synchronize system time to hardware RTC\n");
+	fprintf(fp, "rtcsync\n");
+
+	fclose(fp);
+	return SR_ERR_OK;
+}
+
+/*
+ * Inference callback for NTP server configuration
+ *
+ * When a user creates the /ietf-ntp:ntp presence container without
+ * any configuration, we infer sensible defaults:
+ *
+ * - refclock-master with stratum 10 (local reference clock fallback)
+ * - makestep with threshold 1.0 and limit 3 (fast initial sync for embedded)
+ *
+ * This matches the DHCP client inference pattern where an empty
+ * container gets reasonable defaults.
+ */
+static int cand(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
+		const char *path, sr_event_t event, unsigned request_id, void *priv)
+{
+	sr_val_t inferred_uint8 = { .type = SR_UINT8_T };
+	sr_val_t inferred_dec64 = { .type = SR_DECIMAL64_T };
+	sr_val_t inferred_int32 = { .type = SR_INT32_T };
+	size_t cnt = 0;
+
+	if (event != SR_EV_UPDATE && event != SR_EV_CHANGE)
+		return SR_ERR_OK;
+
+	/* Check if NTP container exists */
+	if (srx_nitems(session, &cnt, XPATH_NTP_) || !cnt)
+		return SR_ERR_OK;
+
+	/* Check if refclock-master already configured */
+	if (!srx_nitems(session, &cnt, XPATH_NTP_"/refclock-master") && cnt > 0)
+		return SR_ERR_OK;
+
+	/* Check if unicast-configuration already configured */
+	if (!srx_nitems(session, &cnt, XPATH_NTP_"/unicast-configuration") && cnt > 0)
+		return SR_ERR_OK;
+
+	/* Infer refclock-master with stratum 10 (safe fallback) */
+	DEBUG("Inferring NTP refclock-master with stratum 10");
+	inferred_uint8.data.uint8_val = 10;
+	srx_set_item(session, &inferred_uint8, 0, XPATH_NTP_"/refclock-master/master-stratum");
+
+	/* Infer makestep for fast initial sync (critical for embedded systems) */
+	if (!srx_nitems(session, &cnt, XPATH_NTP_"/infix-ntp:makestep") || cnt == 0) {
+		DEBUG("Inferring NTP makestep with threshold 1.0, limit 3");
+
+		/* Create presence container by setting threshold */
+		inferred_dec64.data.decimal64_val = 10;  /* 1.0 with fraction-digits 1 */
+		srx_set_item(session, &inferred_dec64, 0, XPATH_NTP_"/infix-ntp:makestep/threshold");
+
+		/* Set limit */
+		inferred_int32.data.int32_val = 3;
+		srx_set_item(session, &inferred_int32, 0, XPATH_NTP_"/infix-ntp:makestep/limit");
+	}
+
+	return SR_ERR_OK;
+}
+
+int ntp_change(sr_session_ctx_t *session, struct lyd_node *config,
+	       struct lyd_node *diff, sr_event_t event, struct confd *confd)
+{
+	return change_ntp_server(session, config, diff, event, confd);
+}
+
+int ntp_cand(sr_session_ctx_t *session, uint32_t sub_id, const char *module,
+	     const char *path, sr_event_t event, unsigned request_id, void *priv)
+{
+	return cand(session, sub_id, module, path, event, request_id, priv);
+}
+
+int ntp_candidate_init(struct confd *confd)
+{
+	int rc;
+
+	REGISTER_CHANGE(confd->cand, "ietf-ntp", XPATH_NTP_ "//.", SR_SUBSCR_UPDATE, ntp_cand, confd, &confd->sub);
+
+	return SR_ERR_OK;
+fail:
+	ERROR("init failed: %s", sr_strerror(rc));
+	return rc;
+}