From c1d56ede3ffb4c49bc0b73a0a0d81ba0f3bbca1f Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Tue, 9 Feb 2021 17:40:17 +0100
Subject: [PATCH] nts: rework update of NTP server address

In the NTS-NTP client instance, maintain a local copy of the NTP address
instead of using a pointer to the NCR's address, which may change at
unexpected times.

Also, change the NNC_CreateInstance() to accept only the NTP port to
make it clear the initial NTP address is the same as the NTS-KE address
and to make it consistent with NNC_ChangeAddress(), which accepts only
one address.
---
 ntp_auth.c                 |  4 ++--
 ntp_auth.h                 |  2 +-
 ntp_core.c                 |  3 +--
 nts_ntp_client.c           | 16 ++++++++++------
 nts_ntp_client.h           |  2 +-
 stubs.c                    |  2 +-
 test/unit/ntp_auth.c       |  2 +-
 test/unit/nts_ntp_client.c |  2 +-
 8 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/ntp_auth.c b/ntp_auth.c
index ee0611c..a5da2f3 100644
--- a/ntp_auth.c
+++ b/ntp_auth.c
@@ -161,11 +161,11 @@ NAU_CreateSymmetricInstance(uint32_t key_id)
 /* ================================================== */
 
 NAU_Instance
-NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
 {
   NAU_Instance instance = create_instance(NTP_AUTH_NTS);
 
-  instance->nts = NNC_CreateInstance(nts_address, name, ntp_address);
+  instance->nts = NNC_CreateInstance(nts_address, name, ntp_port);
 
   return instance;
 }
diff --git a/ntp_auth.h b/ntp_auth.h
index 4a5deb4..9d6c512 100644
--- a/ntp_auth.h
+++ b/ntp_auth.h
@@ -37,7 +37,7 @@ typedef struct NAU_Instance_Record *NAU_Instance;
 extern NAU_Instance NAU_CreateNoneInstance(void);
 extern NAU_Instance NAU_CreateSymmetricInstance(uint32_t key_id);
 extern NAU_Instance NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name,
-                                          const IPSockAddr *ntp_address);
+                                          uint16_t ntp_port);
 
 /* Destroy an instance */
 extern void NAU_DestroyInstance(NAU_Instance instance);
diff --git a/ntp_core.c b/ntp_core.c
index 50146ef..4e5fc59 100644
--- a/ntp_core.c
+++ b/ntp_core.c
@@ -571,7 +571,7 @@ NCR_CreateInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type,
     nts_address.ip_addr = remote_addr->ip_addr;
     nts_address.port = params->nts_port;
 
-    result->auth = NAU_CreateNtsInstance(&nts_address, name, &result->remote_addr);
+    result->auth = NAU_CreateNtsInstance(&nts_address, name, result->remote_addr.port);
   } else if (params->authkey != INACTIVE_AUTHKEY) {
     result->auth = NAU_CreateSymmetricInstance(params->authkey);
   } else {
@@ -703,7 +703,6 @@ NCR_ChangeRemoteAddress(NCR_Instance inst, NTP_Remote_Address *remote_addr, int
   memset(&inst->report, 0, sizeof (inst->report));
   NCR_ResetInstance(inst);
 
-  /* Update the authentication-specific address before NTP address */
   if (!ntp_only)
     NAU_ChangeAddress(inst->auth, &remote_addr->ip_addr);
 
diff --git a/nts_ntp_client.c b/nts_ntp_client.c
index cbedf0b..ed89edd 100644
--- a/nts_ntp_client.c
+++ b/nts_ntp_client.c
@@ -50,12 +50,12 @@
 #define DUMP_IDENTIFIER "NNC0\n"
 
 struct NNC_Instance_Record {
-  /* Pointer to current address of NTP server */
-  const IPSockAddr *ntp_address;
   /* Address of NTS-KE server */
   IPSockAddr nts_address;
   /* Hostname or IP address for certificate verification */
   char *name;
+  /* Address of NTP server (can be negotiated in NTS-KE) */
+  IPSockAddr ntp_address;
 
   NKC_Instance nke;
   SIV_Instance siv;
@@ -114,15 +114,16 @@ reset_instance(NNC_Instance inst)
 /* ================================================== */
 
 NNC_Instance
-NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+NNC_CreateInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
 {
   NNC_Instance inst;
 
   inst = MallocNew(struct NNC_Instance_Record);
 
-  inst->ntp_address = ntp_address;
   inst->nts_address = *nts_address;
   inst->name = Strdup(name);
+  inst->ntp_address.ip_addr = nts_address->ip_addr;
+  inst->ntp_address.port = ntp_port;
   inst->siv = NULL;
   inst->nke = NULL;
 
@@ -168,7 +169,7 @@ set_ntp_address(NNC_Instance inst, NTP_Remote_Address *negotiated_address)
 {
   NTP_Remote_Address old_address, new_address;
 
-  old_address = *inst->ntp_address;
+  old_address = inst->ntp_address;
   new_address = *negotiated_address;
 
   if (new_address.ip_addr.family == IPADDR_UNSPEC)
@@ -187,6 +188,8 @@ set_ntp_address(NNC_Instance inst, NTP_Remote_Address *negotiated_address)
     return 0;
   }
 
+  inst->ntp_address = new_address;
+
   return 1;
 }
 
@@ -521,6 +524,7 @@ NNC_ChangeAddress(NNC_Instance inst, IPAddr *address)
   save_cookies(inst);
 
   inst->nts_address.ip_addr = *address;
+  inst->ntp_address.ip_addr = *address;
 
   reset_instance(inst);
 
@@ -557,7 +561,7 @@ save_cookies(NNC_Instance inst)
 
   if (fprintf(f, "%s%s\n%.1f\n%s %d\n%u %d ",
               DUMP_IDENTIFIER, inst->name, context_time,
-              UTI_IPToString(&inst->ntp_address->ip_addr), inst->ntp_address->port,
+              UTI_IPToString(&inst->ntp_address.ip_addr), inst->ntp_address.port,
               inst->context_id, (int)inst->context.algorithm) < 0 ||
       !UTI_BytesToHex(inst->context.s2c.key, inst->context.s2c.length, buf, sizeof (buf)) ||
       fprintf(f, "%s ", buf) < 0 ||
diff --git a/nts_ntp_client.h b/nts_ntp_client.h
index 18e3357..88287f1 100644
--- a/nts_ntp_client.h
+++ b/nts_ntp_client.h
@@ -34,7 +34,7 @@
 typedef struct NNC_Instance_Record *NNC_Instance;
 
 extern NNC_Instance NNC_CreateInstance(IPSockAddr *nts_address, const char *name,
-                                                   const IPSockAddr *ntp_address);
+                                       uint16_t ntp_port);
 extern void NNC_DestroyInstance(NNC_Instance inst);
 extern int NNC_PrepareForAuth(NNC_Instance inst);
 extern int NNC_GenerateRequestAuth(NNC_Instance inst, NTP_Packet *packet,
diff --git a/stubs.c b/stubs.c
index ae41a83..02e8636 100644
--- a/stubs.c
+++ b/stubs.c
@@ -491,7 +491,7 @@ NNS_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *req_info,
 }
 
 NNC_Instance
-NNC_CreateInstance(IPSockAddr *nts_address, const char *name, const IPSockAddr *ntp_address)
+NNC_CreateInstance(IPSockAddr *nts_address, const char *name, uint16_t ntp_port)
 {
   return NULL;
 }
diff --git a/test/unit/ntp_auth.c b/test/unit/ntp_auth.c
index c83cf29..a1a2d53 100644
--- a/test/unit/ntp_auth.c
+++ b/test/unit/ntp_auth.c
@@ -177,7 +177,7 @@ test_unit(void)
         can_auth_res = can_auth_req;
         break;
       case 2:
-        inst = NAU_CreateNtsInstance(&nts_addr, "test", &nts_addr);
+        inst = NAU_CreateNtsInstance(&nts_addr, "test", 0);
         TEST_CHECK(NAU_IsAuthEnabled(inst));
         TEST_CHECK(NAU_GetSuggestedNtpVersion(inst) == 4);
         mode = NTP_AUTH_NTS;
diff --git a/test/unit/nts_ntp_client.c b/test/unit/nts_ntp_client.c
index 4ee33b0..2b1e5a7 100644
--- a/test/unit/nts_ntp_client.c
+++ b/test/unit/nts_ntp_client.c
@@ -227,7 +227,7 @@ test_unit(void)
   SCK_GetLoopbackIPAddress(AF_INET, &addr.ip_addr);
   addr.port = 0;
 
-  inst = NNC_CreateInstance(&addr, "test", &addr);
+  inst = NNC_CreateInstance(&addr, "test", 0);
   TEST_CHECK(inst);
 
   for (i = 0; i < 100000; i++) {