From: Harlan Stenn <stenn@ntp.org>
Date: Thu, 21 Apr 2016 09:11:51 +0000 (+0000)
Subject: [Bug 3036] autokey trips an INSIST in authistrustedip()
X-Git-Tag: NTP_4_2_8P7~7^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=874361eb9522d826a4f204123b4a92cbfdeb8dea;p=thirdparty%2Fntp.git

[Bug 3036] autokey trips an INSIST in authistrustedip()

bk: 57189957BP88H-3KgE1tKyPyzFUXxw
---

diff --git a/ChangeLog b/ChangeLog
index a99c3a9fe..95eda28c8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,7 @@
   - Check the initial delay calculation and reject/unpeer the broadcast
     server if the delay exceeds 50ms. Retry again after the next
     broadcast packet.
+* [Bug 3036] autokey trips an INSIST in authistrustedip().  Harlan Stenn.
 * Document ntp.key's optional IP list in authenetic.html.  Harlan Stenn.
 * Fix some Credit: attributions in the NEWS file.  Harlan Stenn.
 * Fix typo in html/monopt.html.  Harlan Stenn.
diff --git a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c
index 34d022d51..f076f6c33 100644
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -1606,17 +1606,22 @@ receive(
 	/*
 	 * If:
 	 *	- this is a *cast (uni-, broad-, or m-) server packet
-	 *	- and it's authenticated
+	 *	- and it's symmetric-key authenticated
 	 * then see if the sender's IP is trusted for this keyid.
 	 * If it is, great - nothing special to do here.
 	 * Otherwise, we should report and bail.
+	 *
+	 * Autokey-authenticated packets are accepted.
 	 */
 
 	switch (hismode) {
 	    case MODE_SERVER:		/* server mode */
 	    case MODE_BROADCAST:	/* broadcast mode */
 	    case MODE_ACTIVE:		/* symmetric active mode */
+		DEBUG_INSIST((is_authentic == AUTH_OK) && !skeyid);
 		if (   is_authentic == AUTH_OK
+		    && skeyid
+		    && skeyid <= NTP_MAXKEY
 		    && !authistrustedip(skeyid, &peer->srcadr)) {
 			report_event(PEVNT_AUTH, peer, "authIP");
 			peer->badauth++;