[Git][NTPsec/ntpsec][master] Add nts_cookie_not_server

Mon Jul 24 22:51:47 UTC 2023


Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
d9a786fe by Hal Murray at 2023-07-23T22:14:01-07:00
Add nts_cookie_not_server

See #794, but that bug was accidentally fixed
by bd596fa36738fab8de3e38a29ed0f218b7dda28d
when I updated the cookie_decode counters.

- - - - -


4 changed files:

- include/nts.h
- ntpclients/ntpq.py
- ntpd/ntp_control.c
- ntpd/nts_cookie.c


Changes:

=====================================
include/nts.h
=====================================
@@ -244,7 +244,8 @@ extern uint64_t nts_server_send;
 extern uint64_t nts_server_recv_good;
 extern uint64_t nts_server_recv_bad;
 extern uint64_t nts_cookie_make;
-extern uint64_t nts_cookie_decode_total;  /* total attempts, includes too old */
+extern uint64_t nts_cookie_not_server;   /* we are not a NTS server */
+extern uint64_t nts_cookie_decode_total; /* total attempts, includes too old */
 extern uint64_t nts_cookie_decode_current;
 extern uint64_t nts_cookie_decode_old;
 extern uint64_t nts_cookie_decode_old2;


=====================================
ntpclients/ntpq.py
=====================================
@@ -1657,6 +1657,7 @@ usage: authinfo
    ("nts_server_recv_bad",       "NTS server recvs w error:   ", NTP_UINT),
    ("nts_server_send",           "NTS server sends:           ", NTP_UINT),
    ("nts_cookie_make",           "NTS make cookies:           ", NTP_UINT),
+   ("nts_cookie_not_server",     "NTS cookies not server:     ", NTP_UINT),
    ("nts_cookie_decode_total",   "NTS decode cookies total:   ", NTP_UINT),
    ("nts_cookie_decode_current", " NTS decode cookies current:", NTP_UINT),
    ("nts_cookie_decode_old",     " NTS decode cookies old:    ", NTP_UINT),


=====================================
ntpd/ntp_control.c
=====================================
@@ -415,6 +415,7 @@ static const struct var sys_var[] = {
   Var_u64("nts_server_recv_good", RO, nts_server_recv_good),
   Var_u64("nts_server_recv_bad", RO, nts_server_recv_bad),
   Var_u64("nts_cookie_make", RO, nts_cookie_make),
+  Var_u64("nts_cookie_not_server", RO, nts_cookie_not_server),
   Var_u64("nts_cookie_decode_total", RO, nts_cookie_decode_total),
   Var_u64("nts_cookie_decode_current", RO, nts_cookie_decode_current),
   /* Following line is a hack for old versions of ntpq


=====================================
ntpd/nts_cookie.c
=====================================
@@ -103,10 +103,11 @@ AES_SIV_CTX* cookie_ctx;
 
 /* Statistics for ntpq */
 uint64_t nts_cookie_make = 0;
+uint64_t nts_cookie_not_server = 0;
 uint64_t nts_cookie_decode_total = 0;
-uint64_t nts_cookie_decode_current = 0;
-uint64_t nts_cookie_decode_old = 0;	/* one day old */
-uint64_t nts_cookie_decode_old2 = 0;	/* two days old */
+uint64_t nts_cookie_decode_current = 0; /* less than one day old, current key*/
+uint64_t nts_cookie_decode_old = 0;	/* zero to one day old */
+uint64_t nts_cookie_decode_old2 = 0;	/* one to two days old */
 uint64_t nts_cookie_decode_older = 0;	/* more than 2 days old */
 uint64_t nts_cookie_decode_too_old = 0;
 uint64_t nts_cookie_decode_error = 0;
@@ -383,6 +384,11 @@ bool nts_unpack_cookie(uint8_t *cookie, int cookielen,
 	if (NULL == cookie_ctx)
 		return false;	/* We aren't initialized yet. */
 
+	if (0 == nts_nKeys) {
+		nts_cookie_not_server++;
+		return false;  /* We are not a NTS enabled server. */
+	}
+
 	/* We may get garbage from the net */
 	if (cookielen > NTS_MAX_COOKIELEN)
 		return false;



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/d9a786fe0fafa7ed7357783798b1f206884d28b7

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/d9a786fe0fafa7ed7357783798b1f206884d28b7
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20230724/1a2ecace/attachment-0001.htm>
