From 8cc7ebffa91152d94b86247106e3fafe49600fc9 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Wed, 25 May 2011 16:59:40 +0200
Subject: [PATCH] Accept packets with compatible NTP versions

All incoming NTP packets are now required to have version 2, 3 or 4.
---
 acquire.c  |  8 ++++++--
 ntp_core.c | 26 ++++++++++++++++++++++----
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/acquire.c b/acquire.c
index ff554ca..742f0f8 100644
--- a/acquire.c
+++ b/acquire.c
@@ -63,6 +63,10 @@
 
 #define RETRANSMISSION_TIMEOUT (1.0)
 
+#define NTP_VERSION 3
+#define NTP_MAX_COMPAT_VERSION 4
+#define NTP_MIN_COMPAT_VERSION 2
+
 typedef struct {
   IPAddr ip_addr;               /* Address of the server */
   int sanity;                   /* Flag indicating whether source
@@ -246,7 +250,7 @@ static void
 probe_source(SourceRecord *src)
 {
   NTP_Packet pkt;
-  int version = 3;
+  int version = NTP_VERSION;
   NTP_Mode my_mode = MODE_CLIENT;
   struct timeval cooked;
   union sockaddr_in46 his_addr;
@@ -372,7 +376,7 @@ process_receive(NTP_Packet *msg, SourceRecord *src, struct timeval *now)
   mode = lvm & 0x7;
 
   if ((leap == LEAP_Unsynchronised) ||
-      (version != 3) ||
+      (version  < NTP_MIN_COMPAT_VERSION || version > NTP_MAX_COMPAT_VERSION) ||
       (mode != MODE_SERVER && mode != MODE_PASSIVE)) {
     return;
   }
diff --git a/ntp_core.c b/ntp_core.c
index 6c8a4ea..eec6d9c 100644
--- a/ntp_core.c
+++ b/ntp_core.c
@@ -192,6 +192,10 @@ struct NCR_Instance_Record {
 /* The NTP protocol version that we support */
 #define NTP_VERSION 3
 
+/* Compatible NTP protocol versions */
+#define NTP_MAX_COMPAT_VERSION 4
+#define NTP_MIN_COMPAT_VERSION 2
+
 /* Maximum allowed dispersion - as defined in RFC1305 (16 seconds) */
 #define NTP_MAX_DISPERSION 16.0
 
@@ -515,7 +519,7 @@ transmit_packet(NTP_Mode my_mode, /* The mode this machine wants to be */
   struct timeval our_ref_time;
   double our_root_delay, our_root_dispersion;
 
-  version = 3;
+  version = NTP_VERSION;
 
   LCL_ReadCookedTime(&local_transmit, NULL);
   REF_GetReferenceParams(&local_transmit,
@@ -1329,7 +1333,7 @@ process_known
 
   /* Check version */
   version = (message->lvm >> 3) & 0x7;
-  if (version != NTP_VERSION) {
+  if (version < NTP_MIN_COMPAT_VERSION || version > NTP_MAX_COMPAT_VERSION) {
     /* Ignore packet, but might want to log it */
     return;
   } 
@@ -1521,7 +1525,14 @@ NCR_ProcessNoauthUnknown(NTP_Packet *message, struct timeval *now, double now_er
 
   NTP_Mode his_mode;
   NTP_Mode my_mode;
-  int my_poll;
+  int my_poll, version;
+
+  /* Check version */
+  version = (message->lvm >> 3) & 0x7;
+  if (version < NTP_MIN_COMPAT_VERSION || version > NTP_MAX_COMPAT_VERSION) {
+    /* Ignore packet, but might want to log it */
+    return;
+  }
 
   if (ADF_IsAllowed(access_auth_table, &remote_addr->ip_addr)) {
 
@@ -1589,10 +1600,17 @@ NCR_ProcessAuthUnknown(NTP_Packet *message, struct timeval *now, double now_err,
 
   NTP_Mode his_mode;
   NTP_Mode my_mode;
-  int my_poll;
+  int my_poll, version;
   int valid_key, valid_auth;
   unsigned long key_id;
 
+  /* Check version */
+  version = (message->lvm >> 3) & 0x7;
+  if (version < NTP_MIN_COMPAT_VERSION || version > NTP_MAX_COMPAT_VERSION) {
+    /* Ignore packet, but might want to log it */
+    return;
+  }
+
   if (ADF_IsAllowed(access_auth_table, &remote_addr->ip_addr)) {
 
     his_mode = message->lvm & 0x07;