From: Juergen Perlinger <perlinger@ntp.org>
Date: Sun, 31 Dec 2017 10:03:00 +0000 (+0100)
Subject: make 'authistrustedip()' more flexible
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=afbcc0e7ab783efcce5cf0aeb2bc070235111e11;p=thirdparty%2Fntp.git

make 'authistrustedip()' more flexible

bk: 5a48b5d4iisz8C7m0z4QyFaHVcCE8w
---

diff --git a/libntp/authkeys.c b/libntp/authkeys.c
index e3c1bf0a0..7c1cbb065 100644
--- a/libntp/authkeys.c
+++ b/libntp/authkeys.c
@@ -717,20 +717,19 @@ authistrusted(
 {
 	symkey *	sk;
 
-	/* That specific key was already used to authenticate the
-	 * packet. Therefore, the key *must* exist...  There's a chance
-	 * that is not trusted, though.
-	 */
 	if (keyno == cache_keyid) {
 		return (KEY_TRUSTED & cache_flags) &&
 		    keyacc_contains(cache_keyacclist, sau, TRUE);
-	} else {
+	}
+
+	if (NULL != (sk = auth_findkey(keyno))) {
 		authkeyuncached++;
-		sk = auth_findkey(keyno);
-		INSIST(NULL != sk);
 		return (KEY_TRUSTED & sk->flags) &&
 		    keyacc_contains(sk->keyacclist, sau, TRUE);
 	}
+	
+	authkeynotfound++;
+	return FALSE;    
 }
 
 /* Note: There are two locations below where 'strncpy()' is used. While