xref: /freebsd/contrib/ntp/sntp/networking.c (revision b077aed33b7b6aefca7b17ddb250cf521f938613)
1 #include <config.h>
2 #include "networking.h"
3 #include "ntp_debug.h"
4 
5 
6 /* Send a packet */
7 int
8 sendpkt (
9 	SOCKET rsock,
10 	sockaddr_u *dest,
11 	struct pkt *pkt,
12 	int len
13 	)
14 {
15 	int cc;
16 
17 #ifdef DEBUG
18 	if (debug > 2) {
19 		printf("sntp sendpkt: Packet data:\n");
20 		pkt_output(pkt, len, stdout);
21 	}
22 #endif
23 	TRACE(1, ("sntp sendpkt: Sending packet to %s ...\n",
24 		  sptoa(dest)));
25 
26 	cc = sendto(rsock, (void *)pkt, len, 0, &dest->sa,
27 		    SOCKLEN(dest));
28 	if (cc == SOCKET_ERROR) {
29 		msyslog(LOG_ERR, "sendpkt: sendto(%s) failed: %m",
30 			sptoa(dest));
31 		return FALSE;
32 	}
33 	TRACE(1, ("Packet sent.\n"));
34 
35 	return TRUE;
36 }
37 
38 
39 /* Receive raw data */
40 int
41 recvdata(
42 	SOCKET		rsock,
43 	sockaddr_u *	sender,
44 	void *		rdata,
45 	int		rdata_length
46 	)
47 {
48 	GETSOCKNAME_SOCKLEN_TYPE slen;
49 	int recvc;
50 
51 	slen = sizeof(*sender);
52 	recvc = recvfrom(rsock, rdata, rdata_length, 0,
53 			 &sender->sa, &slen);
54 	if (recvc < 0)
55 		return recvc;
56 #ifdef DEBUG
57 	if (debug > 2) {
58 		printf("Received %d bytes from %s:\n", recvc, sptoa(sender));
59 		pkt_output((struct pkt *)rdata, recvc, stdout);
60 	}
61 #endif
62 	return recvc;
63 }
64 
65 /* Parsing from a short 'struct pkt' directly is bound to create
66  * coverity warnings. These are hard to avoid, as the formal declaration
67  * does not reflect the true layout in the presence of autokey extension
68  * fields. Parsing and skipping the extension fields of a received packet
69  * until there's only the MAC left is better done in this separate
70  * function.
71  */
72 static void*
73 skip_efields(
74 	u_int32 *head,	/* head of extension chain 	*/
75 	u_int32 *tail	/* tail/end of extension chain	*/
76 	)
77 {
78 
79 	u_int nlen;	/* next extension length */
80 	while ((tail - head) > 6) {
81 		nlen = ntohl(*head) & 0xffff;
82 		++head;
83 		nlen = (nlen + 3) >> 2;
84 		if (nlen > (u_int)(tail - head) || nlen < 4)
85 			return NULL;	/* Blooper! Inconsistent! */
86 		head += nlen;
87 	}
88 	return head;
89 }
90 
91 /*
92 ** Check if it's data for us and whether it's useable or not.
93 **
94 ** If not, return a failure code so we can delete this server from our list
95 ** and continue with another one.
96 */
97 int
98 process_pkt (
99 	struct pkt *rpkt,
100 	sockaddr_u *sender,
101 	int pkt_len,
102 	int mode,
103 	struct pkt *spkt,
104 	const char * func_name
105 	)
106 {
107 	u_int		key_id;
108 	struct key *	pkt_key;
109 	int		is_authentic;
110 	int		mac_size;
111 	u_int		exten_len;
112 	u_int32 *       exten_end;
113 	u_int32 *       packet_end;
114 	l_fp		sent_xmt;
115 	l_fp		resp_org;
116 
117 	// key_id = 0;
118 	pkt_key = NULL;
119 	is_authentic = (HAVE_OPT(AUTHENTICATION)) ? 0 : -1;
120 
121 	/*
122 	 * Parse the extension field if present. We figure out whether
123 	 * an extension field is present by measuring the MAC size. If
124 	 * the number of words following the packet header is 0, no MAC
125 	 * is present and the packet is not authenticated. If 1, the
126 	 * packet is a crypto-NAK; if 3, the packet is authenticated
127 	 * with DES; if 5, the packet is authenticated with MD5; if 6,
128 	 * the packet is authenticated with SHA. If 2 or 4, the packet
129 	 * is a runt and discarded forthwith. If greater than 6, an
130 	 * extension field is present, so we subtract the length of the
131 	 * field and go around again.
132 	 */
133 	if (pkt_len < (int)LEN_PKT_NOMAC || (pkt_len & 3) != 0) {
134 		msyslog(LOG_ERR,
135 			"%s: Incredible packet length: %d.  Discarding.",
136 			func_name, pkt_len);
137 		return PACKET_UNUSEABLE;
138 	}
139 
140 	/* HMS: the following needs a bit of work */
141 	/* Note: pkt_len must be a multiple of 4 at this point! */
142 	packet_end = (void*)((char*)rpkt + pkt_len);
143 	exten_end = skip_efields(rpkt->exten, packet_end);
144 	if (NULL == exten_end) {
145 		msyslog(LOG_ERR,
146 			"%s: Missing extension field.  Discarding.",
147 			func_name);
148 		return PACKET_UNUSEABLE;
149 	}
150 
151 	/* get size of MAC in cells; can be zero */
152 	exten_len = (u_int)(packet_end - exten_end);
153 
154 	/* deduce action required from remaining length */
155 	switch (exten_len) {
156 
157 	case 0:	/* no Legacy MAC */
158 		break;
159 
160 	case 1:	/* crypto NAK */
161 		/* Only if the keyID is 0 and there were no EFs */
162 		key_id = ntohl(*exten_end);
163 		printf("Crypto NAK = 0x%08x from %s\n", key_id, stoa(sender));
164 		break;
165 
166 	case 3: /* key ID + 3DES MAC -- unsupported! */
167 		msyslog(LOG_ERR,
168 			"%s: Key ID + 3DES MAC is unsupported.  Discarding.",
169 			func_name);
170 		return PACKET_UNUSEABLE;
171 
172 	case 5:	/* key ID + MD5 MAC */
173 	case 6:	/* key ID + SHA MAC */
174 		/*
175 		** Look for the key used by the server in the specified
176 		** keyfile and if existent, fetch it or else leave the
177 		** pointer untouched
178 		*/
179 		key_id = ntohl(*exten_end);
180 		get_key(key_id, &pkt_key);
181 		if (!pkt_key) {
182 			printf("unrecognized key ID = 0x%08x\n", key_id);
183 			break;
184 		}
185 		/*
186 		** Seems like we've got a key with matching keyid.
187 		**
188 		** Generate a md5sum of the packet with the key from our
189 		** keyfile and compare those md5sums.
190 		*/
191 		mac_size = exten_len << 2;
192 		if (!auth_md5(rpkt, pkt_len - mac_size,
193 			      mac_size - 4, pkt_key)) {
194 			is_authentic = FALSE;
195 			break;
196 		}
197 		/* Yay! Things worked out! */
198 		is_authentic = TRUE;
199 		TRACE(1, ("sntp %s: packet from %s authenticated using key id %d.\n",
200 			  func_name, stoa(sender), key_id));
201 		break;
202 
203 	default:
204 		msyslog(LOG_ERR,
205 			"%s: Unexpected extension length: %d.  Discarding.",
206 			func_name, exten_len);
207 		return PACKET_UNUSEABLE;
208 	}
209 
210 	switch (is_authentic) {
211 
212 	case -1:	/* unknown */
213 		break;
214 
215 	case 0:		/* not authentic */
216 		return SERVER_AUTH_FAIL;
217 		break;
218 
219 	case 1:		/* authentic */
220 		break;
221 
222 	default:	/* error */
223 		break;
224 	}
225 
226 	/* Check for server's ntp version */
227 	if (PKT_VERSION(rpkt->li_vn_mode) < NTP_OLDVERSION ||
228 		PKT_VERSION(rpkt->li_vn_mode) > NTP_VERSION) {
229 		msyslog(LOG_ERR,
230 			"%s: Packet shows wrong version (%d)",
231 			func_name, PKT_VERSION(rpkt->li_vn_mode));
232 		return SERVER_UNUSEABLE;
233 	}
234 	/* We want a server to sync with */
235 	if (PKT_MODE(rpkt->li_vn_mode) != mode &&
236 	    PKT_MODE(rpkt->li_vn_mode) != MODE_PASSIVE) {
237 		msyslog(LOG_ERR,
238 			"%s: mode %d stratum %d", func_name,
239 			PKT_MODE(rpkt->li_vn_mode), rpkt->stratum);
240 		return SERVER_UNUSEABLE;
241 	}
242 	/* Stratum is unspecified (0) check what's going on */
243 	if (STRATUM_PKT_UNSPEC == rpkt->stratum) {
244 		char *ref_char;
245 
246 		TRACE(1, ("%s: Stratum unspecified, going to check for KOD (stratum: %d)\n",
247 			  func_name, rpkt->stratum));
248 		ref_char = (char *) &rpkt->refid;
249 		TRACE(1, ("%s: Packet refid: %c%c%c%c\n", func_name,
250 			  ref_char[0], ref_char[1], ref_char[2], ref_char[3]));
251 		/* If it's a KOD packet we'll just use the KOD information */
252 		if (ref_char[0] != 'X') {
253 			if (strncmp(ref_char, "DENY", 4) == 0)
254 				return KOD_DEMOBILIZE;
255 			if (strncmp(ref_char, "RSTR", 4) == 0)
256 				return KOD_DEMOBILIZE;
257 			if (strncmp(ref_char, "RATE", 4) == 0)
258 				return KOD_RATE;
259 			/*
260 			** There are other interesting kiss codes which
261 			** might be interesting for authentication.
262 			*/
263 		}
264 	}
265 	/* If the server is not synced it's not really useable for us */
266 	if (LEAP_NOTINSYNC == PKT_LEAP(rpkt->li_vn_mode)) {
267 		msyslog(LOG_ERR,
268 			"%s: %s not in sync, skipping this server",
269 			func_name, stoa(sender));
270 		return SERVER_UNUSEABLE;
271 	}
272 
273 	/*
274 	 * Decode the org timestamp and make sure we're getting a response
275 	 * to our last request, but only if we're not in broadcast mode.
276 	 */
277 	if (MODE_BROADCAST == mode)
278 		return pkt_len;
279 
280 	if (!L_ISEQU(&rpkt->org, &spkt->xmt)) {
281 		NTOHL_FP(&rpkt->org, &resp_org);
282 		NTOHL_FP(&spkt->xmt, &sent_xmt);
283 		msyslog(LOG_ERR,
284 			"%s response org expected to match sent xmt",
285 			stoa(sender));
286 		msyslog(LOG_ERR, "resp org: %s", prettydate(&resp_org));
287 		msyslog(LOG_ERR, "sent xmt: %s", prettydate(&sent_xmt));
288 		return PACKET_UNUSEABLE;
289 	}
290 
291 	return pkt_len;
292 }
293