system/serenity
system/serenity
1
0
Fork 0
mirror of https://github.com/SerenityOS/serenity synced 2024-07-21 01:55:07 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

ntpquery: Don't leak local time, and check origin time in reply

Browse source 
This implements the transmit time suggestion in (abandoned?)
draft-ietf-ntp-data-minimization. (The other suggestions were already
implemented as far as I can tell.)
This commit is contained in:
Nico Weber 2020-10-16 15:59:53 -04:00 committed by Andreas Kling
parent 019788a150
commit 5f50af3b4f
2 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
AK/Random.h
View file

@ -62,3 +62,6 @@ inline T get_random()
}
}
using AK::fill_with_random;
using AK::get_random;

13
Userland/ntpquery.cpp
View file

@ -25,6 +25,7 @@
*/
#define _GNU_SOURCE
#include <AK/Random.h>
#include <LibCore/ArgsParser.h>
#include <arpa/inet.h>
#include <endian.h>
@ -168,9 +169,12 @@ int main(int argc, char** argv)
packet.li_vn_mode = (4 << 3) | 3; // Version 4, client connection.
// The server will copy the transmit_timestamp to origin_timestamp in the reply.
// To not leak the local time, keep the time we sent the packet locally and
// send random bytes to the server.
auto random_transmit_timestamp = get_random<NtpTimestamp>();
timeval local_transmit_time;
gettimeofday(&local_transmit_time, nullptr);
packet.transmit_timestamp = htobe64(ntp_timestamp_from_timeval(local_transmit_time));
packet.transmit_timestamp = random_transmit_timestamp;
ssize_t rc;
rc = sendto(fd, &packet, sizeof(packet), 0, (const struct sockaddr*)&peer_address, sizeof(peer_address));
@ -205,7 +209,12 @@ int main(int argc, char** argv)
timeval kernel_receive_time;
memcpy(&kernel_receive_time, CMSG_DATA(cmsg), sizeof(kernel_receive_time));
NtpTimestamp origin_timestamp = be64toh(packet.origin_timestamp);
if (packet.origin_timestamp != random_transmit_timestamp) {
fprintf(stderr, "expected %#016llx as origin timestamp, got %#016llx\n", random_transmit_timestamp, packet.origin_timestamp);
return 1;
}
NtpTimestamp origin_timestamp = ntp_timestamp_from_timeval(local_transmit_time);
NtpTimestamp receive_timestamp = be64toh(packet.receive_timestamp);
NtpTimestamp transmit_timestamp = be64toh(packet.transmit_timestamp);
NtpTimestamp destination_timestamp = ntp_timestamp_from_timeval(kernel_receive_time);