timesyncd: never accept NTP time from server that is older than systemd's release time
This commit is contained in:
parent
dfdb269daf
commit
661278ee29
|
@ -836,6 +836,14 @@ AC_ARG_WITH(ntp-servers,
|
||||||
AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers])
|
AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers])
|
||||||
AC_SUBST(NTP_SERVERS)
|
AC_SUBST(NTP_SERVERS)
|
||||||
|
|
||||||
|
AC_ARG_WITH(time-epoch,
|
||||||
|
AS_HELP_STRING([--with-time-epoch=SECONDS],
|
||||||
|
[TIme epoch for time clients]),
|
||||||
|
[TIME_EPOCH="$withval"],
|
||||||
|
[TIME_EPOCH="`stat -c %Y ${srcdir}/NEWS 2>/dev/null || echo 0`"])
|
||||||
|
|
||||||
|
AC_DEFINE_UNQUOTED(TIME_EPOCH, [$TIME_EPOCH], [Time Epoch])
|
||||||
|
|
||||||
# ------------------------------------------------------------------------------
|
# ------------------------------------------------------------------------------
|
||||||
have_localed=no
|
have_localed=no
|
||||||
AC_ARG_ENABLE(localed, AS_HELP_STRING([--disable-localed], [disable locale daemon]))
|
AC_ARG_ENABLE(localed, AS_HELP_STRING([--disable-localed], [disable locale daemon]))
|
||||||
|
@ -1169,6 +1177,7 @@ AC_MSG_RESULT([
|
||||||
timedated: ${have_timedated}
|
timedated: ${have_timedated}
|
||||||
timesyncd: ${have_timesyncd}
|
timesyncd: ${have_timesyncd}
|
||||||
default NTP servers: ${NTP_SERVERS}
|
default NTP servers: ${NTP_SERVERS}
|
||||||
|
time epoch: ${TIME_EPOCH}
|
||||||
localed: ${have_localed}
|
localed: ${have_localed}
|
||||||
networkd: ${have_networkd}
|
networkd: ${have_networkd}
|
||||||
coredump: ${have_coredump}
|
coredump: ${have_coredump}
|
||||||
|
|
|
@ -573,12 +573,18 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re
|
||||||
|
|
||||||
m->event_timeout = sd_event_source_unref(m->event_timeout);
|
m->event_timeout = sd_event_source_unref(m->event_timeout);
|
||||||
|
|
||||||
|
if (be32toh(ntpmsg.recv_time.sec) < TIME_EPOCH + OFFSET_1900_1970 ||
|
||||||
|
be32toh(ntpmsg.trans_time.sec) < TIME_EPOCH + OFFSET_1900_1970) {
|
||||||
|
log_debug("Invalid reply, returned times before epoch. Ignoring.");
|
||||||
|
return manager_connect(m);
|
||||||
|
}
|
||||||
|
|
||||||
if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
|
if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
|
||||||
log_debug("Server is not synchronized. Disconnecting.");
|
log_debug("Server is not synchronized. Disconnecting.");
|
||||||
return manager_connect(m);
|
return manager_connect(m);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (NTP_FIELD_VERSION(ntpmsg.field) != 4 && NTP_FIELD_VERSION(ntpmsg.field) != 3) {
|
if (!IN_SET(NTP_FIELD_VERSION(ntpmsg.field), 3, 4)) {
|
||||||
log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
|
log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
|
||||||
return manager_connect(m);
|
return manager_connect(m);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue