From: Frank Kardel <kardel@ntp.org>
Date: Sat, 28 Apr 2007 10:19:57 +0000 (+0000)
Subject: ntp_peer.c:
X-Git-Tag: NTP_4_2_4P2_RC4~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b936c265e687c2870c85540183b85e7ffcc5cf5c;p=thirdparty%2Fntp.git

ntp_peer.c:
  Bug 789 (backported from ntp-dev):
  Fix multicast client crypto authentication and make sure arriving
  multicast packets do not disturb the autokey dance.
ChangeLog:
  Bug 789 (backported from ntp-dev):
  Fix multicast client crypto authentication and make sure arriving
  multicast packets do not disturb the autokey dance.

bk: 46331fcdeio_-DVPk-ERSSGssCQ2nA
---

diff --git a/ChangeLog b/ChangeLog
index f0e272edd..0d01ee121 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,7 @@
-* [Bug 785] improve handling of multicast interfaces (multicast routers still need to run a multicast routing software/daemon)
+* [Bug 789] Fix multicast client crypto authentication and make sure arriving
+	    multicast packets do not disturb the autokey dance.
+* [Bug 785] improve handling of multicast interfaces
+	    (multicast routers still need to run a multicast routing software/daemon)
 (4.2.4p1) Released by Harlan Stenn <stenn@ntp.org>
 * [Bug 811] ntpd should not read a .ntprc file.
 * [Bug 793] Update Hans Lambermont's email address in ntpsweep.
diff --git a/ntpd/ntp_peer.c b/ntpd/ntp_peer.c
index d568ab437..1655d327e 100644
--- a/ntpd/ntp_peer.c
+++ b/ntpd/ntp_peer.c
@@ -530,7 +530,17 @@ void
 set_peerdstadr(struct peer *peer, struct interface *interface)
 {
 	if (peer->dstadr != interface) {
-		struct interface *prev_dstadr = peer->dstadr;
+		if (interface != NULL &&
+		    (peer->cast_flags & MDF_BCLNT) &&
+		    (interface->flags & INT_MCASTIF) &&
+		    peer->burst) {
+			/*
+			 * don't accept updates to a true multicast reception
+			 * interface while a BCLNT peer is running it's
+			 * unicast protocol
+			 */
+			return;
+		}
 
 		if (peer->dstadr != NULL)
 		{
@@ -545,16 +555,6 @@ set_peerdstadr(struct peer *peer, struct interface *interface)
 
 		peer->dstadr = interface;
 
-		if (prev_dstadr != NULL) {
-			/*
-			 * reset crypto information if we change from an
-			 * active interface
-			 * all other crypto updates are handled by the crypto
-			 * machinery
-			 */
-			peer_crypto_clear(peer);
-		}
-
 		if (peer->dstadr != NULL)
 		{
 			ISC_LIST_APPEND(peer->dstadr->peers, peer, ilink);
@@ -569,7 +569,7 @@ set_peerdstadr(struct peer *peer, struct interface *interface)
 static void
 peer_refresh_interface(struct peer *peer)
 {
-	struct interface *niface;
+	struct interface *niface, *piface;
 
 	niface = select_peerinterface(peer, &peer->srcadr, NULL, peer->cast_flags);
 
@@ -607,9 +607,18 @@ peer_refresh_interface(struct peer *peer)
 	}
 #endif
 
+	piface = peer->dstadr;
+
 	set_peerdstadr(peer, niface);
 
 	if (peer->dstadr) {
+                /*
+                 * clear crypto if we change the local address
+                 */
+                if (peer->dstadr != piface && !(peer->cast_flags & MDF_BCLNT)) {
+			peer_crypto_clear(peer);
+		}
+
 		/*
 	 	 * Broadcast needs the socket enabled for broadcast
 	 	 */