ntp: open server socket only when access is allowed

When changing access configuration, check if any address is allowed and open/close the server socket as needed.
2025-12-03 16:35:06 -05:00 · 2015-01-06 15:12:26 +01:00
parent 5214d42c07
commit 52e12e42e5
4 changed files with 78 additions and 12 deletions
--- a/addrfilt.c
+++ b/addrfilt.c
@@ -363,6 +363,44 @@ ADF_IsAllowed(ADF_AuthTable table,

 /* ================================================== */

+static int
+is_any_allowed(TableNode *node, State parent)
+{
+  State state;
+  int i;
+
+  state = node->state != AS_PARENT ? node->state : parent;
+  assert(state != AS_PARENT);
+
+  if (node->extended) {
+    for (i = 0; i < TABLE_SIZE; i++) {
+      if (is_any_allowed(&node->extended[i], state))
+        return 1;
+    }
+  } else if (state == ALLOW) {
+    return 1;
+  }
+
+  return 0;
+}
+
+/* ================================================== */
+
+int
+ADF_IsAnyAllowed(ADF_AuthTable table, int family)
+{
+  switch (family) {
+    case IPADDR_INET4:
+      return is_any_allowed(&table->base4, AS_PARENT);
+    case IPADDR_INET6:
+      return is_any_allowed(&table->base6, AS_PARENT);
+    default:
+      return 0;
+  }
+}
+
+/* ================================================== */
+
 #if defined TEST

 static void print_node(TableNode *node, uint32_t *addr, int ip_len, int shift, int subnet_bits)