ntp: don't accept packets with unexpected authentication

If authentication is not enabled in configuration, responses are not
expected to be authenticated. Handle such responses as having failed
authentication.

A case where this could happen is a misconfigured symmetric association
where only one peer has specified the other with a key. Before this
change synchronization would work in one direction and used packets
with an asymmetric length.

ntp_auth.c

@@ -401,11 +401,6 @@ NAU_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *request_info,
 int
 NAU_CheckResponseAuth(NAU_Instance instance, NTP_Packet *response, NTP_PacketInfo *info)
 {
-  /* If we don't expect the packet to be authenticated, ignore any
-     authentication data in the packet */
-  if (instance->mode == NTP_AUTH_NONE)
-    return 1;
-
   /* The authentication must match the expected mode */
   if (info->auth.mode != instance->mode)
     return 0;

test/unit/ntp_core.c

@@ -356,9 +356,9 @@ test_unit(void)
                                      inst1->tx_count < MAX_CLIENT_INTERLEAVED_TX);
       authenticated = random() % 2;
       valid = (!interleaved || (source.params.interleaved && has_updated)) &&
-              (!source.params.authkey || authenticated);
+              ((source.params.authkey == INACTIVE_AUTHKEY) == !authenticated);
       updated = (valid || inst1->mode == MODE_ACTIVE) &&
-                (!source.params.authkey || authenticated);
+                ((source.params.authkey == INACTIVE_AUTHKEY) == !authenticated);
       has_updated = has_updated || updated;
       if (inst1->mode == MODE_CLIENT)
         updated = 0;