> 1) It gets a SIGBUS on my Solaris box as it tries to do an unaligned
> access referencing a long value in the packet instead of copying those
> bytes to an aligned location then referencing it.
It shouldn't do that any more - I checked in changes to make it use
"memcmp()" when scanning the list of reference source strings and use
"pntohl()" to extract the reference clock ID as an IP address.
Try that with your NTP traces, to see if it works.
> 2) There is a comment in the code that all v3 and v4 servers (if not
> stratum 1) set the reference identifier field to the IP address of their
> higher-level server. Before attempting a hostname conversion, there is
> no check that this packet is FROM a server (in my case, it's from a
> client request packet, and I have NO idea what's in this field).
> Secondly, I'm not comfortable with the claim that ALL non-stratum-1
> servers set this field to an IP address.
RFC 1305 says:
In the case of stratum 2 and greater (secondary reference) this
is the four-octet Internet address of the primary reference
host.
so, as long as it Ethereal doesn't crash if you interpret it as such,
and you can find the raw bytes (which you can in the hex window), that
may be enough.
