From: Miroslav Lichvar Date: Thu, 2 Feb 2023 10:12:31 +0000 (+0100) Subject: sourcestats: don't fudge refclock LastRx in sources report X-Git-Tag: 4.4-pre1~40 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dec07aa844f81e275ff60d74e14e6fada3e4734a;p=thirdparty%2Fchrony.git sourcestats: don't fudge refclock LastRx in sources report The sample time used in calculation of the last_meas_ago (LastRx) value in the sources report is aligned to the second to minimize the leak of the NTP receive timestamp, which could be useful in some attacks. There is no need to do that with reference clocks, which are often used with very short polling intervals and an extra second in the LastRx value can be misinterpreted as a missed sample. --- diff --git a/sourcestats.c b/sourcestats.c index eb4705ec..ce326e94 100644 --- a/sourcestats.c +++ b/sourcestats.c @@ -80,7 +80,7 @@ static LOG_FileID logfileid; struct SST_Stats_Record { - /* Reference ID and IP address of source, used for logging to statistics log */ + /* Reference ID and IP address (NULL if not an NTP source) */ uint32_t refid; IPAddr *ip_addr; @@ -964,9 +964,10 @@ SST_DoSourceReport(SST_Stats inst, RPT_SourceReport *report, struct timespec *no report->latest_meas = inst->offsets[i]; report->latest_meas_err = 0.5*inst->root_delays[j] + inst->root_dispersions[j]; - /* Align the sample time to reduce the leak of the receive timestamp */ + /* Align the sample time to reduce the leak of the NTP receive timestamp */ last_sample_time = inst->sample_times[i]; - last_sample_time.tv_nsec = 0; + if (inst->ip_addr) + last_sample_time.tv_nsec = 0; report->latest_meas_ago = UTI_DiffTimespecsToDouble(now, &last_sample_time); } else { report->latest_meas_ago = (uint32_t)-1;