[systemd-commits] configure.ac src/timesync

Lennart Poettering lennart at kemper.freedesktop.org
Tue May 6 09:08:34 PDT 2014 

 configure.ac             |    9 +++++++++
 src/timesync/timesyncd.c |    8 +++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

New commits:
commit 661278ee297247c0c7e0708924f8ce52284529fc
Author: Lennart Poettering <lennart at poettering.net>
Date:   Tue May 6 18:08:04 2014 +0200

    timesyncd: never accept NTP time from server that is older than systemd's release time

diff --git a/configure.ac b/configure.ac
index 318d77b..972fc2f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -836,6 +836,14 @@ AC_ARG_WITH(ntp-servers,
 AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers])
 AC_SUBST(NTP_SERVERS)
 
+AC_ARG_WITH(time-epoch,
+        AS_HELP_STRING([--with-time-epoch=SECONDS],
+                [TIme epoch for time clients]),
+        [TIME_EPOCH="$withval"],
+        [TIME_EPOCH="`stat -c %Y ${srcdir}/NEWS 2>/dev/null || echo 0`"])
+
+AC_DEFINE_UNQUOTED(TIME_EPOCH, [$TIME_EPOCH], [Time Epoch])
+
 # ------------------------------------------------------------------------------
 have_localed=no
 AC_ARG_ENABLE(localed, AS_HELP_STRING([--disable-localed], [disable locale daemon]))
@@ -1169,6 +1177,7 @@ AC_MSG_RESULT([
         timedated:               ${have_timedated}
         timesyncd:               ${have_timesyncd}
         default NTP servers:     ${NTP_SERVERS}
+        time epoch:              ${TIME_EPOCH}
         localed:                 ${have_localed}
         networkd:                ${have_networkd}
         coredump:                ${have_coredump}
diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c
index 6e38a2c..dabad5e 100644
--- a/src/timesync/timesyncd.c
+++ b/src/timesync/timesyncd.c
@@ -573,12 +573,18 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re
 
         m->event_timeout = sd_event_source_unref(m->event_timeout);
 
+        if (be32toh(ntpmsg.recv_time.sec) < TIME_EPOCH + OFFSET_1900_1970 ||
+            be32toh(ntpmsg.trans_time.sec) < TIME_EPOCH + OFFSET_1900_1970) {
+                log_debug("Invalid reply, returned times before epoch. Ignoring.");
+                return manager_connect(m);
+        }
+
         if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
                 log_debug("Server is not synchronized. Disconnecting.");
                 return manager_connect(m);
         }
 
-        if (NTP_FIELD_VERSION(ntpmsg.field) != 4 && NTP_FIELD_VERSION(ntpmsg.field) != 3) {
+        if (!IN_SET(NTP_FIELD_VERSION(ntpmsg.field), 3, 4)) {
                 log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
                 return manager_connect(m);
         }

More information about the systemd-commits mailing list