NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p18 was released on 25 May 2024 and addresses 40 bugs and provides 40 improvements.

Please see the NTP 4.2.8p18 Changelog for details.

Bug 1709 - ntpdate ignores replies with equal receive and transmit timestamps
Summary: ntpdate ignores replies with equal receive and transmit timestamps
Status: VERIFIED FIXED
Alias: None
Product: ntp
Classification: Unclassified
Component: - other (show other bugs)
Version: 4.2.6
Hardware: PC Linux
: P5 enhancement
Assignee: Harlan Stenn
URL:
: 1716 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-11-08 12:42 UTC by Miroslav Lichvar
Modified: 2010-11-10 12:41 UTC (History)
3 users (show)

See Also:
stenn: blocking4.2.6+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Miroslav Lichvar 2010-11-08 12:42:52 UTC 
In the change which added the 2s spacing between ntpdate requests there was an additional check included L_ISEQU(&rec, &server->org) which apparently fails with some NTP servers. (https://bugzilla.redhat.com/show_bug.cgi?id=649365)

http://ntp.bkbits.net:8080/ntp-dev/ntpdate/ntpdate.c?PAGE=diffs&REV=4bc54843gnZTa6H_F-iROkQzw-KSOQ

Is there a reason why a reply with equal receive and transmit timestamps should be ignored?
Comment 1 Dave Hart 2010-11-08 15:38:58 UTC 
I can see no reason for the L_ISEQU(&rec, &server->org).  As Miroslav pointed out elsewhere, ntpd doesn't enforce that test on its sources.  My hunch is I added that test as a first attempt at honoring KoD packets, and then failed to remove it when a more complete KoD test was added in a later revision of the patch.

This was a regression in 4.2.6p2 and should be fixed in 4.2.6.
Comment 2 Dave Hart 2010-11-08 18:58:14 UTC 
This is ready in

~hart/ntp-stable-1709
~hart/ntp-dev-1709

Note the -stable repo does not yet have a ChangeLog entry, because I am not sure if it will be in 4.2.6p3-RC8 or 4.2.6p4-beta1 or similar, and merging a ChangeLog entry to -dev requires that -stable version knowledge.  This way, we can pull into -dev first without creating a misleading "from" attribution.
Comment 3 Harlan Stenn 2010-11-08 21:58:59 UTC 
Let's fix this, and I would much rather we get sntp to the point where we can really and truly get rid of the old ntpdate code.
Comment 4 Dave Hart 2010-11-09 06:37:07 UTC 
Now also in:

~hart/ntp-stable-1574-1681-83-91-1709
~hart/ntp-dev-1574-1681-83-91-1709
Comment 5 Dave Hart 2010-11-09 19:48:06 UTC 
*** Bug 1716 has been marked as a duplicate of this bug. ***
Comment 6 Harlan Stenn 2010-11-09 22:15:59 UTC 
Miroslav,

Thanks for the report.  Please check 4.2.6p3-RC9 or 4.2.7p80 and mark this bug as VERIFIED or REOPENED, as appropriate.

Dave, thanks for your work on this one.
Comment 7 Miroslav Lichvar 2010-11-10 12:41:04 UTC 
Works fine now, thanks.