[ntp:security] [Bug 2901] Clients that receive a KoD should validate the origin timestamp field.
bugzilla-daemon at ntp.org
bugzilla-daemon at ntp.org
Thu Jan 21 11:41:27 UTC 2016
http://bugs.ntp.org/show_bug.cgi?id=2901
Harlan Stenn <stenn at ntp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |IN_PROGRESS
Resolution|FIXED |
--- Comment #13 from Harlan Stenn <stenn at ntp.org> 2016-01-21 11:41:27 UTC ---
Miroslav,
I'm marking this as IN_PROGRESS per your comment.
I don't yet see what you are describing.
In ntp_proto.c, starting at line 1462, we have the case where:
- we are not in interleave mode
- if we are not a KOD packet {(in this case we *are*) clear the origin stamp}
- else if(aorg is zero, or the org stamps differ) we:
- - flash TEST2
- - log a message about unexpected origin timestamps
- - see if this qualifies for starting interleave
- - RETURN
This case should cover this bug report - a KoD packet is tested for origin
timestamp. Only if the origin timestamps are OK do we get past this point.
- else we clear the origin timestamp
Otherwise, we *are* handling interleave.
We look for a TEST3 violation.
If there isn't a TEST3 violation we do TEST2 checks for interleaved symmetric
mode.
I think I may see a case here - the case where we get a KoD response and we're
in interleave mode.
Or do you see something else I'm missing?
Now I'm curious about exactly what should happen with KoD packets in interleave
mode.
--
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the security
mailing list