DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-05 02:15:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1.31-security'

Browse Source 
Conflicts:
	NEWS
	ntp_core.c
This commit is contained in:
Miroslav Lichvar
2015-04-07 15:34:39 +02:00
parent f6a9c5c1b7 54bbd2b1c0
commit a8239b865a
3 changed files with 21 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ntp_core.c
View File

@@ -1217,11 +1217,13 @@ receive_packet(NTP_Packet *message, struct timeval *now, double now_err, NCR_Ins
kod_rate = 1;
}
/* Regardless of any validity checks we apply, we are required to
save these fields from the packet into the ntp source instance record.
Note we can't do this assignment before test 1 has been carried out. */
inst->remote_orig = message->transmit_ts;
inst->local_rx = *now;
/* The transmit timestamp and local receive timestamp must not be saved when
the authentication test failed to prevent denial-of-service attacks on
symmetric associations using authentication */
if (test5) {
inst->remote_orig = message->transmit_ts;
inst->local_rx = *now;
}
/* This protects against replay of the last packet we sent */
if (test2)