DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 18:05:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

nts: don't load zero-length keys with unsupported algorithm

Browse Source 
Don't load keys and cookies from the client's dump file if it has an
unsupported algorithm and unparseable keys (matching the algorithm's
expected length of zero). They would fail all SIV operations and trigger
new NTS-KE session.
This commit is contained in:
Miroslav Lichvar
2023-05-29 14:12:54 +02:00
parent de678ff780
commit c9d791e02d
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nts_ntp_client.c
View File

@@ -650,6 +650,7 @@ load_cookies(NNC_Instance inst)
sizeof (inst->context.c2s.key));
if (inst->context.s2c.length != SIV_GetKeyLength(algorithm) ||
inst->context.s2c.length <= 0 ||
inst->context.c2s.length != inst->context.s2c.length)
goto error;