faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nts: reset packet length after failed auth encryption

Browse source 
If encryption of the NTS authenticator field fails, don't leave
uninitialized data in the packet in case a bug causes the packet to be
sent.
This commit is contained in:
Miroslav Lichvar 2020-09-21 15:29:37 +02:00
parent 59ad433b6b
commit d9a363606b
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nts_ntp_auth.c
View file

@ -112,6 +112,7 @@ NNA_GenerateAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv,
if (!SIV_Encrypt(siv, nonce, nonce_length, packet, assoc_length, if (!SIV_Encrypt(siv, nonce, nonce_length, packet, assoc_length,
plaintext, plaintext_length, ciphertext, ciphertext_length)) { plaintext, plaintext_length, ciphertext, ciphertext_length)) {
DEBUG_LOG("SIV encrypt failed"); DEBUG_LOG("SIV encrypt failed");
info->length = assoc_length;
return 0; return 0;
} }