From dec07aa844f81e275ff60d74e14e6fada3e4734a Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 2 Feb 2023 11:12:31 +0100 Subject: [PATCH] sourcestats: don't fudge refclock LastRx in sources report The sample time used in calculation of the last_meas_ago (LastRx) value in the sources report is aligned to the second to minimize the leak of the NTP receive timestamp, which could be useful in some attacks. There is no need to do that with reference clocks, which are often used with very short polling intervals and an extra second in the LastRx value can be misinterpreted as a missed sample. --- sourcestats.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sourcestats.c b/sourcestats.c index eb4705e..ce326e9 100644 --- a/sourcestats.c +++ b/sourcestats.c @@ -80,7 +80,7 @@ static LOG_FileID logfileid; struct SST_Stats_Record { - /* Reference ID and IP address of source, used for logging to statistics log */ + /* Reference ID and IP address (NULL if not an NTP source) */ uint32_t refid; IPAddr *ip_addr; @@ -964,9 +964,10 @@ SST_DoSourceReport(SST_Stats inst, RPT_SourceReport *report, struct timespec *no report->latest_meas = inst->offsets[i]; report->latest_meas_err = 0.5*inst->root_delays[j] + inst->root_dispersions[j]; - /* Align the sample time to reduce the leak of the receive timestamp */ + /* Align the sample time to reduce the leak of the NTP receive timestamp */ last_sample_time = inst->sample_times[i]; - last_sample_time.tv_nsec = 0; + if (inst->ip_addr) + last_sample_time.tv_nsec = 0; report->latest_meas_ago = UTI_DiffTimespecsToDouble(now, &last_sample_time); } else { report->latest_meas_ago = (uint32_t)-1;