sane_time.c

[詳解]

/*++
/* NAME
/*  sane_time 3
/* SUMMARY
/*  time(2) with backward time jump protection.
/* SYNOPSIS
/*  #include <sane_time.h>
/*
/*  time_t sane_time(void)
/*
/* DESCRIPTION
/*  This module provides time(2) like call for applications
/*  which need monotonically increasing time function rather
/*  than the real exact time. It eliminates the need for various
/*  workarounds all over the application which would handle
/*  potential problems if time suddenly jumps backward.
/*  Instead we choose to deal with this problem inside this
/*  module and let the application focus on its own tasks.
/*
/*  sane_time() returns the current timestamp as obtained from
/*  time(2) call, at least most of the time. In case this routine
/*  detects that time has jumped backward, it keeps returning
/*  whatever timestamp it returned before, until this timestamp
/*  and the time(2) timestamp become synchronized again.
/*  Additionally, the returned timestamp is slowly increased to
/*  prevent the faked clock from freezing for too long.
/* SEE ALSO
/*  time(2) get current time
/* DIAGNOSTICS
/*  Warning message is logged if backward time jump is detected.
/* LICENSE
/* .ad
/* .fi
/*  The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/*  Patrik Rak
/*  Modra 6
/*  155 00, Prague, Czech Republic
/*--*/

/* System library. */

#include <sys_defs.h>

/* Utility library. */

#include <msg.h>

/* Application-specific. */

#include "sane_time.h"

/*
 * How many times shall we slow down the real clock when recovering from
 * time jump.
 */
#define SLEW_FACTOR 2

/* sane_time - get current time, protected against time warping */

time_t  sane_time(void)
{
    time_t  now;
    static time_t last_time, last_real;
    long    delta;
    static int fraction;
    static int warned;

    now = time((time_t *) 0);

    if ((delta = now - last_time) < 0 && last_time != 0) {
    if ((delta = now - last_real) < 0) {
        msg_warn("%sbackward time jump detected -- slewing clock",
             warned++ ? "another " : "");
    } else {
        delta += fraction;
        last_time += delta / SLEW_FACTOR;
        fraction = delta % SLEW_FACTOR;
    }
    } else {
    if (warned) {
        warned = 0;
        msg_warn("backward time jump recovered -- back to normality");
        fraction = 0;
    }
    last_time = now;
    }
    last_real = now;

    return (last_time);
}

#ifdef TEST

 /*
  * Proof-of-concept test program. Repeatedly print current system time and
  * time returned by sane_time(). Meanwhile, try stepping your system clock
  * back and forth to see what happens.
  */

#include <stdlib.h>
#include <msg_vstream.h>
#include <iostuff.h>            /* doze() */

int     main(int argc, char **argv)
{
    int     delay = 1000000;
    time_t  now;

    msg_vstream_init(argv[0], VSTREAM_ERR);

    if (argc == 2 && (delay = atol(argv[1]) * 1000) > 0)
     /* void */ ;
    else if (argc != 1)
    msg_fatal("usage: %s [delay in ms (default 1 second)]", argv[0]);

    for (;;) {
    now = time((time_t *) 0);
    vstream_printf("real: %s", ctime(&now));
    now = sane_time();
    vstream_printf("fake: %s\n", ctime(&now));
    vstream_fflush(VSTREAM_OUT);
    doze(delay);
    }
}

#endif