ntpquery: Don't leak local time, and check origin time in reply

This implements the transmit time suggestion in (abandoned?) draft-ietf-ntp-data-minimization. (The other suggestions were already implemented as far as I can tell.)
Author: https://github.com/nico Commit: https://github.com/SerenityOS/serenity/commit/5f50af3b4f0 Pull-request: https://github.com/SerenityOS/serenity/pull/3786
2025-04-21 03:55:24 +00:00 · 2020-10-16 15:59:53 -04:00 · 2020-10-16 15:59:53 -04:00 · 5f50af3b4f · 2024-07-19 01:52:55 +09:00
commit 5f50af3b4f
parent 019788a150
2 changed files with 14 additions and 2 deletions
--- a/AK/Random.h
+++ b/AK/Random.h
@ -62,3 +62,6 @@ inline T get_random()
 }

 }
+
+using AK::fill_with_random;
+using AK::get_random;
--- a/Userland/ntpquery.cpp
+++ b/Userland/ntpquery.cpp
@ -25,6 +25,7 @@
 */

 #define _GNU_SOURCE
+#include <AK/Random.h>
 #include <LibCore/ArgsParser.h>
 #include <arpa/inet.h>
 #include <endian.h>
@ -168,9 +169,12 @@ int main(int argc, char** argv)
    packet.li_vn_mode = (4 << 3) | 3; // Version 4, client connection.

    // The server will copy the transmit_timestamp to origin_timestamp in the reply.
+    // To not leak the local time, keep the time we sent the packet locally and
+    // send random bytes to the server.
+    auto random_transmit_timestamp = get_random<NtpTimestamp>();
    timeval local_transmit_time;
    gettimeofday(&local_transmit_time, nullptr);
-    packet.transmit_timestamp = htobe64(ntp_timestamp_from_timeval(local_transmit_time));
+    packet.transmit_timestamp = random_transmit_timestamp;

    ssize_t rc;
    rc = sendto(fd, &packet, sizeof(packet), 0, (const struct sockaddr*)&peer_address, sizeof(peer_address));
@ -205,7 +209,12 @@ int main(int argc, char** argv)
    timeval kernel_receive_time;
    memcpy(&kernel_receive_time, CMSG_DATA(cmsg), sizeof(kernel_receive_time));

-    NtpTimestamp origin_timestamp = be64toh(packet.origin_timestamp);
+    if (packet.origin_timestamp != random_transmit_timestamp) {
+        fprintf(stderr, "expected %#016llx as origin timestamp, got %#016llx\n", random_transmit_timestamp, packet.origin_timestamp);
+        return 1;
+    }
+
+    NtpTimestamp origin_timestamp = ntp_timestamp_from_timeval(local_transmit_time);
    NtpTimestamp receive_timestamp = be64toh(packet.receive_timestamp);
    NtpTimestamp transmit_timestamp = be64toh(packet.transmit_timestamp);
    NtpTimestamp destination_timestamp = ntp_timestamp_from_timeval(kernel_receive_time);