|
 |
e9ba41 |
diff -up ntp-4.2.6p5/include/ntp.h.randomtx ntp-4.2.6p5/include/ntp.h
|
|
|
e9ba41 |
--- ntp-4.2.6p5/include/ntp.h.randomtx 2020-05-27 16:11:23.206229510 +0200
|
|
|
e9ba41 |
+++ ntp-4.2.6p5/include/ntp.h 2020-05-27 16:11:23.217229536 +0200
|
|
|
e9ba41 |
@@ -351,6 +351,7 @@ struct peer {
|
|
|
e9ba41 |
l_fp dst; /* destination timestamp */
|
|
|
e9ba41 |
l_fp aorg; /* origin timestamp */
|
|
|
e9ba41 |
l_fp borg; /* alternate origin timestamp */
|
|
|
e9ba41 |
+ l_fp xorg; /* hidden origin timestamp (client mode) */
|
|
|
e9ba41 |
double offset; /* peer clock offset */
|
|
|
e9ba41 |
double delay; /* peer roundtrip delay */
|
|
|
e9ba41 |
double jitter; /* peer jitter (squares) */
|
|
|
e9ba41 |
diff -up ntp-4.2.6p5/ntpd/ntp_proto.c.randomtx ntp-4.2.6p5/ntpd/ntp_proto.c
|
|
|
e9ba41 |
--- ntp-4.2.6p5/ntpd/ntp_proto.c.randomtx 2020-05-27 16:11:23.216229533 +0200
|
|
|
e9ba41 |
+++ ntp-4.2.6p5/ntpd/ntp_proto.c 2020-05-28 09:02:50.973320647 +0200
|
|
|
e9ba41 |
@@ -1563,14 +1563,14 @@ process_packet(
|
|
|
e9ba41 |
/*
|
|
|
e9ba41 |
* Basic mode, otherwise known as the old fashioned way.
|
|
|
e9ba41 |
*
|
|
|
e9ba41 |
- * t1 = p_org, t2 = p_rec, t3 = p_xmt, t4 = peer->dst
|
|
|
e9ba41 |
+ * t1 = peer->xorg, t2 = p_rec, t3 = p_xmt, t4 = peer->dst
|
|
|
e9ba41 |
*/
|
|
|
e9ba41 |
} else {
|
|
|
e9ba41 |
ci = p_xmt; /* t3 - t4 */
|
|
|
e9ba41 |
L_SUB(&ci, &peer->dst);
|
|
|
e9ba41 |
LFPTOD(&ci, t34);
|
|
|
e9ba41 |
ci = p_rec; /* t2 - t1 */
|
|
|
e9ba41 |
- L_SUB(&ci, &p_org);
|
|
|
e9ba41 |
+ L_SUB(&ci, &peer->xorg);
|
|
|
e9ba41 |
LFPTOD(&ci, t21);
|
|
|
e9ba41 |
p_del = fabs(t21 - t34);
|
|
|
e9ba41 |
p_offset = (t21 + t34) / 2.;
|
|
|
e9ba41 |
@@ -2942,6 +2942,16 @@ peer_xmit(
|
|
|
e9ba41 |
HTONL_FP(&peer->rec, &xpkt.org);
|
|
|
e9ba41 |
HTONL_FP(&peer->dst, &xpkt.rec);
|
|
|
e9ba41 |
|
|
|
e9ba41 |
+ /* Generate a random transmit timestamp in the client mode to
|
|
|
e9ba41 |
+ make the server origin timestamp unpredictable */
|
|
|
e9ba41 |
+ if (peer->flip == 0 && peer->hmode == MODE_CLIENT) {
|
|
|
e9ba41 |
+ if (ntp_crypto_random_buf(&peer->aorg, sizeof (peer->aorg))) {
|
|
|
e9ba41 |
+ msyslog(LOG_ERR, "ntp_crypto_random_buf() failed.");
|
|
|
e9ba41 |
+ exit(1);
|
|
|
e9ba41 |
+ }
|
|
|
e9ba41 |
+ xpkt.precision = 32;
|
|
|
e9ba41 |
+ }
|
|
|
e9ba41 |
+
|
|
|
e9ba41 |
/*
|
|
|
e9ba41 |
* If the received packet contains a MAC, the transmitted packet
|
|
|
e9ba41 |
* is authenticated and contains a MAC. If not, the transmitted
|
|
|
e9ba41 |
@@ -2965,9 +2975,11 @@ peer_xmit(
|
|
|
e9ba41 |
* Transmit a-priori timestamps
|
|
|
e9ba41 |
*/
|
|
|
e9ba41 |
get_systime(&xmt_tx);
|
|
|
e9ba41 |
+ peer->xorg = xmt_tx;
|
|
|
e9ba41 |
if (peer->flip == 0) { /* basic mode */
|
|
|
e9ba41 |
- peer->aorg = xmt_tx;
|
|
|
e9ba41 |
- HTONL_FP(&xmt_tx, &xpkt.xmt);
|
|
|
e9ba41 |
+ if (peer->hmode != MODE_CLIENT)
|
|
|
e9ba41 |
+ peer->aorg = xmt_tx;
|
|
|
e9ba41 |
+ HTONL_FP(&peer->aorg, &xpkt.xmt);
|
|
|
e9ba41 |
} else { /* interleaved modes */
|
|
|
e9ba41 |
if (peer->hmode == MODE_BROADCAST) { /* bcst */
|
|
|
e9ba41 |
HTONL_FP(&xmt_tx, &xpkt.xmt);
|
|
|
e9ba41 |
@@ -3266,9 +3278,11 @@ peer_xmit(
|
|
|
e9ba41 |
* Transmit a-priori timestamps
|
|
|
e9ba41 |
*/
|
|
|
e9ba41 |
get_systime(&xmt_tx);
|
|
|
e9ba41 |
+ peer->xorg = xmt_tx;
|
|
|
e9ba41 |
if (peer->flip == 0) { /* basic mode */
|
|
|
e9ba41 |
- peer->aorg = xmt_tx;
|
|
|
e9ba41 |
- HTONL_FP(&xmt_tx, &xpkt.xmt);
|
|
|
e9ba41 |
+ if (peer->hmode != MODE_CLIENT)
|
|
|
e9ba41 |
+ peer->aorg = xmt_tx;
|
|
|
e9ba41 |
+ HTONL_FP(&peer->aorg, &xpkt.xmt);
|
|
|
e9ba41 |
} else { /* interleaved modes */
|
|
|
e9ba41 |
if (peer->hmode == MODE_BROADCAST) { /* bcst */
|
|
|
e9ba41 |
HTONL_FP(&xmt_tx, &xpkt.xmt);
|