faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nts: encode key ID in cookie in network order

Browse source 
This allows the server cookie to be decoded on different platforms.
This commit is contained in:
Miroslav Lichvar 2020-04-15 10:44:20 +02:00
parent d690faeb19
commit 04f6329773
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
nts_ke_server.c
View file

@ -746,8 +746,7 @@ NKS_GenerateCookie(NKE_Context *context, NKE_Cookie *cookie)
header = (ServerCookieHeader *)cookie->cookie; header = (ServerCookieHeader *)cookie->cookie;
/* Keep the fields in the host byte order */ header->key_id = htonl(key->id);
header->key_id = key->id;
UTI_GetRandomBytes(header->nonce, sizeof (header->nonce)); UTI_GetRandomBytes(header->nonce, sizeof (header->nonce));
plaintext_length = context->c2s.length + context->s2c.length; plaintext_length = context->c2s.length + context->s2c.length;
@ -780,6 +779,7 @@ NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Context *context)
int ciphertext_length, plaintext_length, tag_length; int ciphertext_length, plaintext_length, tag_length;
ServerCookieHeader *header; ServerCookieHeader *header;
ServerKey *key; ServerKey *key;
uint32_t key_id;
if (!initialised) { if (!initialised) {
DEBUG_LOG("NTS server disabled"); DEBUG_LOG("NTS server disabled");
@ -795,9 +795,10 @@ NKS_DecodeCookie(NKE_Cookie *cookie, NKE_Context *context)
ciphertext = cookie->cookie + sizeof (*header); ciphertext = cookie->cookie + sizeof (*header);
ciphertext_length = cookie->length - sizeof (*header); ciphertext_length = cookie->length - sizeof (*header);
key = &server_keys[header->key_id % MAX_SERVER_KEYS]; key_id = ntohl(header->key_id);
if (header->key_id != key->id) { key = &server_keys[key_id % MAX_SERVER_KEYS];
DEBUG_LOG("Unknown key %"PRIX32, header->key_id); if (key_id != key->id) {
DEBUG_LOG("Unknown key %"PRIX32, key_id);
return 0; return 0;
} }