[Git][NTPsec/ntpsec][master] Use is_refclock_packet() to avoid magic-address matching on restrictions.
Eric S. Raymond
gitlab at mg.gitlab.com
Fri Jun 24 10:21:32 UTC 2016
Eric S. Raymond pushed to branch master at NTPsec / ntpsec
Commits:
4f2d5f29 by Eric S. Raymond at 2016-06-24T06:20:36-04:00
Use is_refclock_packet() to avoid magic-address matching on restrictions.
- - - - -
2 changed files:
- ntpd/ntp_proto.c
- ntpd/ntp_restrict.c
Changes:
=====================================
ntpd/ntp_proto.c
=====================================
--- a/ntpd/ntp_proto.c
+++ b/ntpd/ntp_proto.c
@@ -420,7 +420,12 @@ receive(
sys_badlength++;
return; /* bogus port */
}
- restrict_mask = restrictions(&rbufp->recv_srcadr);
+#ifdef REFCLOCK
+ if (is_refclock_packet(rbufp))
+ restrict_mask = 0;
+ else
+#endif /* REFCLOCK */
+ restrict_mask = restrictions(&rbufp->recv_srcadr);
DPRINTF(2, ("receive: at %ld %s<-%s flags %x restrict %03x\n",
current_time, stoa(&rbufp->dstadr->sin),
stoa(&rbufp->recv_srcadr),
=====================================
ntpd/ntp_restrict.c
=====================================
--- a/ntpd/ntp_restrict.c
+++ b/ntpd/ntp_restrict.c
@@ -620,8 +620,7 @@ restrict_source(
restrict_u * res;
int found_specific;
- if (!restrict_source_enabled || SOCK_UNSPEC(addr) ||
- IS_MCAST(addr) || ISREFCLOCKADR(addr))
+ if (!restrict_source_enabled || SOCK_UNSPEC(addr) || IS_MCAST(addr))
return;
NTP_REQUIRE(AF_INET == AF(addr) || AF_INET6 == AF(addr));
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/4f2d5f29d7fdfb7f39dfb8642e7306d87b2ca6bd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20160624/348192e6/attachment.html>
More information about the vc
mailing list