faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nts: rework update of NTP server address

Browse source 
In the NTS-NTP client instance, maintain a local copy of the NTP address
instead of using a pointer to the NCR's address, which may change at
unexpected times.

Also, change the NNC_CreateInstance() to accept only the NTP port to
make it clear the initial NTP address is the same as the NTS-KE address
and to make it consistent with NNC_ChangeAddress(), which accepts only
one address.
This commit is contained in:
Miroslav Lichvar 2021-02-09 17:40:17 +01:00
parent 2e52aca3bf
commit c1d56ede3f
8 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ntp_auth.c
View file

@ -161,11 +161,11 @@ NAU_CreateSymmetricInstance(uint32_t key_id)
/* ================================================== */
NAU_Instance
NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
{
NAU_Instance instance = create_instance(NTP_AUTH_NTS);
instance->nts = NNC_CreateInstance(nts_address, name, ntp_address);
instance->nts = NNC_CreateInstance(nts_address, name, ntp_port);
return instance;
}

2
ntp_auth.h
View file

@ -37,7 +37,7 @@ typedef struct NAU_Instance_Record *NAU_Instance;
extern NAU_Instance NAU_CreateNoneInstance(void);
extern NAU_Instance NAU_CreateSymmetricInstance(uint32_t key_id);
extern NAU_Instance NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name,
const IPSockAddr *ntp_address);
uint16_t ntp_port);
/* Destroy an instance */
extern void NAU_DestroyInstance(NAU_Instance instance);

3
ntp_core.c
View file

@ -571,7 +571,7 @@ NCR_CreateInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type,
nts_address.ip_addr = remote_addr->ip_addr;
nts_address.port = params->nts_port;
result->auth = NAU_CreateNtsInstance(&nts_address, name, &result->remote_addr);
result->auth = NAU_CreateNtsInstance(&nts_address, name, result->remote_addr.port);
} else if (params->authkey != INACTIVE_AUTHKEY) {
result->auth = NAU_CreateSymmetricInstance(params->authkey);
} else {
@ -703,7 +703,6 @@ NCR_ChangeRemoteAddress(NCR_Instance inst, NTP_Remote_Address *remote_addr, int
memset(&inst->report, 0, sizeof (inst->report));
NCR_ResetInstance(inst);
/* Update the authentication-specific address before NTP address */
if (!ntp_only)
NAU_ChangeAddress(inst->auth, &remote_addr->ip_addr);

16
nts_ntp_client.c
View file

@ -50,12 +50,12 @@
#define DUMP_IDENTIFIER "NNC0\n"
struct NNC_Instance_Record {
/* Pointer to current address of NTP server */
const IPSockAddr *ntp_address;
/* Address of NTS-KE server */
IPSockAddr nts_address;
/* Hostname or IP address for certificate verification */
char *name;
/* Address of NTP server (can be negotiated in NTS-KE) */
IPSockAddr ntp_address;
NKC_Instance nke;
SIV_Instance siv;
@ -114,15 +114,16 @@ reset_instance(NNC_Instance inst)
/* ================================================== */
NNC_Instance
NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
NNC_CreateInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
{
NNC_Instance inst;
inst = MallocNew(struct NNC_Instance_Record);
inst->ntp_address = ntp_address;
inst->nts_address = *nts_address;
inst->name = Strdup(name);
inst->ntp_address.ip_addr = nts_address->ip_addr;
inst->ntp_address.port = ntp_port;
inst->siv = NULL;
inst->nke = NULL;
@ -168,7 +169,7 @@ set_ntp_address(NNC_Instance inst, NTP_Remote_Address *negotiated_address)
{
NTP_Remote_Address old_address, new_address;
old_address = *inst->ntp_address;
old_address = inst->ntp_address;
new_address = *negotiated_address;
if (new_address.ip_addr.family == IPADDR_UNSPEC)
@ -187,6 +188,8 @@ set_ntp_address(NNC_Instance inst, NTP_Remote_Address *negotiated_address)
return 0;
}
inst->ntp_address = new_address;
return 1;
}
@ -521,6 +524,7 @@ NNC_ChangeAddress(NNC_Instance inst, IPAddr *address)
save_cookies(inst);
inst->nts_address.ip_addr = *address;
inst->ntp_address.ip_addr = *address;
reset_instance(inst);
@ -557,7 +561,7 @@ save_cookies(NNC_Instance inst)
if (fprintf(f, "%s%s\n%.1f\n%s %d\n%u %d ",
DUMP_IDENTIFIER, inst->name, context_time,
UTI_IPToString(&inst->ntp_address->ip_addr), inst->ntp_address->port,
UTI_IPToString(&inst->ntp_address.ip_addr), inst->ntp_address.port,
inst->context_id, (int)inst->context.algorithm) < 0 ||
!UTI_BytesToHex(inst->context.s2c.key, inst->context.s2c.length, buf, sizeof (buf)) ||
fprintf(f, "%s ", buf) < 0 ||

2
nts_ntp_client.h
View file

@ -34,7 +34,7 @@
typedef struct NNC_Instance_Record *NNC_Instance;
extern NNC_Instance NNC_CreateInstance(IPSockAddr *nts_address, const char *name,
const IPSockAddr *ntp_address);
uint16_t ntp_port);
extern void NNC_DestroyInstance(NNC_Instance inst);
extern int NNC_PrepareForAuth(NNC_Instance inst);
extern int NNC_GenerateRequestAuth(NNC_Instance inst, NTP_Packet *packet,

2
stubs.c
View file

@ -491,7 +491,7 @@ NNS_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *req_info,
}
NNC_Instance
NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
NNC_CreateInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
{
return NULL;
}

2
test/unit/ntp_auth.c
View file

@ -177,7 +177,7 @@ test_unit(void)
can_auth_res = can_auth_req;
break;
case 2:
inst = NAU_CreateNtsInstance(&nts_addr, "test", &nts_addr);
inst = NAU_CreateNtsInstance(&nts_addr, "test", 0);
TEST_CHECK(NAU_IsAuthEnabled(inst));
TEST_CHECK(NAU_GetSuggestedNtpVersion(inst) == 4);
mode = NTP_AUTH_NTS;

2
test/unit/nts_ntp_client.c
View file

@ -227,7 +227,7 @@ test_unit(void)
SCK_GetLoopbackIPAddress(AF_INET, &addr.ip_addr);
addr.port = 0;
inst = NNC_CreateInstance(&addr, "test", &addr);
inst = NNC_CreateInstance(&addr, "test", 0);
TEST_CHECK(inst);
for (i = 0; i < 100000; i++) {