From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 24 Oct 2022 14:14:35 +0000 (+0200)
Subject: nts: warn if server started without ntsdumpdir
X-Git-Tag: 4.4-pre1~65
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6f5df7e4a437aca3014f2898ea65af5bd64acb39;p=thirdparty%2Fchrony.git

nts: warn if server started without ntsdumpdir

If an NTS server is configured without ntsdumpdir, keys will not be
saved and reloaded after restart, which will cause existing cookies
to be invalidated and can cause a short-term denial of service if
the server has so many clients that it cannot handle them all
making an NTS-KE session within one polling interval.

Log a warning message if a server key+certificate is specified without
ntsdumpdir.
---

diff --git a/nts_ke_server.c b/nts_ke_server.c
index 37310797..95c6a3d6 100644
--- a/nts_ke_server.c
+++ b/nts_ke_server.c
@@ -821,6 +821,11 @@ NKS_Initialise(void)
       key_delay = key_rotation_interval - (SCH_GetLastEventMonoTime() - last_server_key_ts);
       SCH_AddTimeoutByDelay(MAX(key_delay, 0.0), key_timeout, NULL);
     }
+
+    /* Warn if keys are not saved, which can cause a flood of requests
+       after server restart */
+    if (!CNF_GetNtsDumpDir())
+      LOG(LOGS_WARN, "No ntsdumpdir to save server keys");
   }
 
   initialised = 1;