From 661278ee297247c0c7e0708924f8ce52284529fc Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 6 May 2014 18:08:04 +0200
Subject: timesyncd: never accept NTP time from server that is older than
 systemd's release time

---
 src/timesync/timesyncd.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'src/timesync/timesyncd.c')

diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c
index 6e38a2cb89..dabad5e196 100644
--- a/src/timesync/timesyncd.c
+++ b/src/timesync/timesyncd.c
@@ -573,12 +573,18 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re
 
         m->event_timeout = sd_event_source_unref(m->event_timeout);
 
+        if (be32toh(ntpmsg.recv_time.sec) < TIME_EPOCH + OFFSET_1900_1970 ||
+            be32toh(ntpmsg.trans_time.sec) < TIME_EPOCH + OFFSET_1900_1970) {
+                log_debug("Invalid reply, returned times before epoch. Ignoring.");
+                return manager_connect(m);
+        }
+
         if (NTP_FIELD_LEAP(ntpmsg.field) == NTP_LEAP_NOTINSYNC) {
                 log_debug("Server is not synchronized. Disconnecting.");
                 return manager_connect(m);
         }
 
-        if (NTP_FIELD_VERSION(ntpmsg.field) != 4 && NTP_FIELD_VERSION(ntpmsg.field) != 3) {
+        if (!IN_SET(NTP_FIELD_VERSION(ntpmsg.field), 3, 4)) {
                 log_debug("Response NTPv%d. Disconnecting.", NTP_FIELD_VERSION(ntpmsg.field));
                 return manager_connect(m);
         }
-- 
cgit v1.2.3-54-g00ecf