From 9a2d899273e3a8a58bdb4c3834d65d22658e7821 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 20 Jul 2020 00:04:33 +0200 Subject: ntpd: fix refid reported in server mode, closes 13056 function old new delta resolve_peer_hostname 129 196 +67 recv_and_process_peer_pkt 2475 2476 +1 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 68/0) Total: 68 bytes Signed-off-by: Denys Vlasenko --- include/libbb.h | 7 +++++++ mailutils/popmaildir.c | 2 +- networking/ntpd.c | 37 +++++++++++++++++++++++++++++++++---- networking/tls.c | 2 -- 4 files changed, 41 insertions(+), 7 deletions(-) diff --git a/include/libbb.h b/include/libbb.h index 6be9349..8c79784 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -2063,6 +2063,13 @@ unsigned sha3_end(sha3_ctx_t *ctx, void *resbuf) FAST_FUNC; typedef struct md5_ctx_t md5sha_ctx_t; #define md5sha_hash md5_hash #define sha_end sha1_end +enum { + MD5_OUTSIZE = 16, + SHA1_OUTSIZE = 20, + SHA256_OUTSIZE = 32, + SHA512_OUTSIZE = 64, + SHA3_OUTSIZE = 28, +}; extern uint32_t *global_crc32_table; uint32_t *crc32_filltable(uint32_t *tbl256, int endian) FAST_FUNC; diff --git a/mailutils/popmaildir.c b/mailutils/popmaildir.c index 6927e3a..c5522f1 100644 --- a/mailutils/popmaildir.c +++ b/mailutils/popmaildir.c @@ -156,7 +156,7 @@ int popmaildir_main(int argc UNUSED_PARAM, char **argv) md5_ctx_t ctx; char hex[16 * 2 + 1]; } md5; - uint32_t res[16 / 4]; + uint32_t res[MD5_OUTSIZE / 4]; char *s = strchr(buf, '>'); if (s) diff --git a/networking/ntpd.c b/networking/ntpd.c index 0f12409..b08de50 100644 --- a/networking/ntpd.c +++ b/networking/ntpd.c @@ -337,6 +337,9 @@ typedef struct { #endif int p_fd; int datapoint_idx; +#if ENABLE_FEATURE_NTPD_SERVER + uint32_t p_refid; +#endif uint32_t lastpkt_refid; uint8_t lastpkt_status; uint8_t lastpkt_stratum; @@ -413,7 +416,9 @@ struct globals { * in stratum 2+ packets, it's IPv4 address or 4 first bytes * of MD5 hash of IPv6 */ +#if ENABLE_FEATURE_NTPD_SERVER uint32_t refid; +#endif uint8_t ntp_status; /* precision is defined as the larger of the resolution and time to * read the clock, in log2 units. For instance, the precision of a @@ -836,6 +841,24 @@ reset_peer_stats(peer_t *p, double offset) VERB6 bb_error_msg("%s->lastpkt_recv_time=%f", p->p_dotted, p->lastpkt_recv_time); } +#if ENABLE_FEATURE_NTPD_SERVER +static uint32_t calculate_refid(len_and_sockaddr *lsa) +{ +# if ENABLE_FEATURE_IPV6 + if (lsa->u.sa.sa_family == AF_INET6) { + md5_ctx_t md5; + uint32_t res[MD5_OUTSIZE / 4]; + + md5_begin(&md5); + md5_hash(&md5, &lsa->u.sin6.sin6_addr, sizeof(lsa->u.sin6.sin6_addr)); + md5_end(&md5, res); + return res[0]; + } +# endif + return lsa->u.sin.sin_addr.s_addr; +} +#endif + static len_and_sockaddr* resolve_peer_hostname(peer_t *p) { @@ -847,6 +870,9 @@ resolve_peer_hostname(peer_t *p) p->p_dotted = xmalloc_sockaddr2dotted_noport(&lsa->u.sa); VERB1 if (strcmp(p->p_hostname, p->p_dotted) != 0) bb_error_msg("'%s' is %s", p->p_hostname, p->p_dotted); +#if ENABLE_FEATURE_NTPD_SERVER + p->p_refid = calculate_refid(p->p_lsa); +#endif p->dns_errors = 0; return lsa; } @@ -1764,7 +1790,10 @@ update_local_clock(peer_t *p) G.reftime = G.cur_time; G.ntp_status = p->lastpkt_status; - G.refid = p->lastpkt_refid; +#if ENABLE_FEATURE_NTPD_SERVER + /* Our current refid is the IPv4 (or md5-hashed IPv6) address of the peer we took time from: */ + G.refid = p->p_refid; +#endif G.rootdelay = p->lastpkt_rootdelay + p->lastpkt_delay; dtemp = p->filter_jitter; // SQRT(SQUARE(p->filter_jitter) + SQUARE(G.cluster_jitter)); dtemp += MAXD(p->filter_dispersion + FREQ_TOLERANCE * (G.cur_time - p->lastpkt_recv_time) + abs_offset, MINDISP); @@ -2249,11 +2278,11 @@ recv_and_process_client_pkt(void /*int fd*/) * We don't support this. */ -#if ENABLE_FEATURE_NTP_AUTH +# if ENABLE_FEATURE_NTP_AUTH if (size != NTP_MSGSIZE_NOAUTH && size != NTP_MSGSIZE_MD5_AUTH && size != NTP_MSGSIZE_SHA1_AUTH) -#else +# else if (size != NTP_MSGSIZE_NOAUTH && size != NTP_MSGSIZE_MD5_AUTH) -#endif +# endif { char *addr; if (size < 0) { diff --git a/networking/tls.c b/networking/tls.c index 8549373..3412252 100644 --- a/networking/tls.c +++ b/networking/tls.c @@ -212,8 +212,6 @@ enum { SHA_INSIZE = 64, - SHA1_OUTSIZE = 20, - SHA256_OUTSIZE = 32, AES128_KEYSIZE = 16, AES256_KEYSIZE = 32, -- cgit v1.1