]> git.ipfire.org Git - thirdparty/chrony.git/commit
projects / thirdparty / chrony.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f0f18a0) | patch
ntp: don't send packets with RX/TX timestamp equal to another timestamp
authorMiroslav Lichvar <mlichvar@redhat.com>
Tue, 20 Feb 2018 08:46:08 +0000 (09:46 +0100)
committerMiroslav Lichvar <mlichvar@redhat.com>
Mon, 26 Feb 2018 12:42:04 +0000 (13:42 +0100)
commit2c7ab98370933f3b08daf946949f63bbb68b2f66
tree298b74e2f36c00f747f6b3618b117d63e6afdc25tree | snapshot
parentf0f18a02a7d97a3cfb4cd9977f5ec12c6b1f1028commit | diff
ntp: don't send packets with RX/TX timestamp equal to another timestamp

Before sending a new packet, check if the receive/transmit timestamp
is not equal to the origin timestamp or the previous receive/transmit
timestamp in order to prevent the packet from being its own valid
response (in the symmetric mode) and invalidate responses to the
previous packet.

This improves protection against replay attacks in the symmetric mode.
ntp_core.c diff | blob | blame | history
util.c diff | blob | blame | history
util.h diff | blob | blame | history
Mirror of https://git.tuxfamily.org/chrony/chrony.git