From: Dave Hart <davehart@dlh-7551.ad.hartbrothers.com>
Subject: ntpd rejects source UDP ports less than 123 as bogus.
Forwarded: yes
Applied-Upstream: 4.2.7, http://bk.ntp.org/ntp-dev/?PAGE=patch&REV=4f977538lZC_iBKp-J-Xg1LFrR9foQ
Bug: http://bugs.ntp.org/show_bug.cgi?id=2174
Bug-Debian: http://bugs.debian.org/691412

--- 1.340/ntpd/ntp_proto.c	2012-03-10 17:27:45 +00:00
+++ 1.341/ntpd/ntp_proto.c	2012-04-25 03:53:27 +00:00
@@ -394,18 +394,15 @@ receive(
 	 * reveals a clogging attack.
 	 */
 	sys_received++;
-	if (SRCPORT(&rbufp->recv_srcadr) < NTP_PORT) {
+	if (0 == SRCPORT(&rbufp->recv_srcadr)) {
 		sys_badlength++;
 		return;				/* bogus port */
 	}
 	restrict_mask = restrictions(&rbufp->recv_srcadr);
-#ifdef DEBUG
-	if (debug > 1)
-		printf("receive: at %ld %s<-%s flags %x restrict %03x\n",
+	DPRINTF(2, ("receive: at %ld %s<-%s flags %x restrict %03x\n",
 		    current_time, stoa(&rbufp->dstadr->sin),
 		    stoa(&rbufp->recv_srcadr),
-		    rbufp->dstadr->flags, restrict_mask);
-#endif
+		    rbufp->dstadr->flags, restrict_mask));
 	pkt = &rbufp->recv_pkt;
 	hisversion = PKT_VERSION(pkt->li_vn_mode);
 	hisleap = PKT_LEAP(pkt->li_vn_mode);