From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 24 Mar 2014 16:10:35 +0000 (+0100)
Subject: ntp: check if packet was received by right socket
X-Git-Tag: 1.30-pre1~110
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2c4ab09a82f6a931d83b6b0cd5f79ae741d3f92;p=thirdparty%2Fchrony.git

ntp: check if packet was received by right socket
---

diff --git a/ntp_core.c b/ntp_core.c
index c963ab94..14d267b7 100644
--- a/ntp_core.c
+++ b/ntp_core.c
@@ -1275,6 +1275,7 @@ NCR_ProcessKnown
  struct timeval *now,           /* timestamp at time of receipt */
  double now_err,
  NCR_Instance inst,             /* the instance record for this peer/server */
+ int sock_fd,                   /* the receiving socket */
  int length                     /* the length of the received packet */
  )
 {
@@ -1282,6 +1283,14 @@ NCR_ProcessKnown
   int version;
   int auth_len;
 
+  /* Make sure the packet was received by the sending socket */
+  if (sock_fd != inst->local_addr.sock_fd) {
+    DEBUG_LOG(LOGF_NtpCore,
+              "Packet received by wrong socket %d (expected %d)",
+              sock_fd, inst->local_addr.sock_fd);
+    return;
+  }
+
   /* Ignore packets from offline sources */
   if (inst->opmode == MD_OFFLINE) {
     return;
diff --git a/ntp_core.h b/ntp_core.h
index a0352891..5af536f8 100644
--- a/ntp_core.h
+++ b/ntp_core.h
@@ -54,7 +54,7 @@ extern void NCR_DestroyInstance(NCR_Instance instance);
 
 /* This routine is called when a new packet arrives off the network,
    and it relates to a source we have an ongoing protocol exchange with */
-extern void NCR_ProcessKnown(NTP_Packet *message, struct timeval *now, double now_err, NCR_Instance data, int length);
+extern void NCR_ProcessKnown(NTP_Packet *message, struct timeval *now, double now_err, NCR_Instance data, int sock_fd, int length);
 
 /* This routine is called when a new packet arrives off the network,
    and we do not recognize its source */
diff --git a/ntp_sources.c b/ntp_sources.c
index 7391e54c..11085925 100644
--- a/ntp_sources.c
+++ b/ntp_sources.c
@@ -356,7 +356,8 @@ NSR_ProcessReceive(NTP_Packet *message, struct timeval *now, double now_err, NTP
   
   find_slot(remote_addr, &slot, &found);
   if (found == 2) { /* Must match IP address AND port number */
-    NCR_ProcessKnown(message, now, now_err, records[slot].data, length);
+    NCR_ProcessKnown(message, now, now_err, records[slot].data,
+                     local_addr->sock_fd, length);
   } else {
     NCR_ProcessUnknown(message, now, now_err, remote_addr, local_addr, length);
   }