Re: ntp_to_nstime rfc2030 bit 0

[Pascal Quantin <pascal.quantin () gmail com>]

HI Keoma,

2017-07-12 20:57 GMT+02:00 Keoma Brun-Laguna via Wireshark-dev <
wireshark-dev () wireshark org>:

> Hi,
>
> RFC2030 part 3 says that the first bit of the payload is used as a flag to
> determine the time range (1968->2036 or 2036->2104).
> The *ntp_to_nstime* function in *epan/dissectors/packet-ntp.c* references
> [rfc2030][1] but seems to use the first 4 bytes instead of using only the
> first bit [ref][2].
>
> Note that this function is only used in *epan/dissectors/packet-zep.c*.
> Note that the code is "duplicated" [here too][3].
>
> [Here][4] is a commit that reference that part of the code.
>
>
>   [1]: https://tools.ietf.org/html/rfc2030
>   [2]: https://github.com/wireshark/wireshark/blob/master/epan/
> dissectors/packet-ntp.c#L767
>   [3]: https://github.com/wireshark/wireshark/blob/master/epan/
> proto.c#L1758
>   [4]: https://github.com/wireshark/wireshark/commit/
> d97b4ec325830bee235568138ba4151edc253c54
>
> ------
> I am looking a the code that is in the official Wireshark GitHub repo,
> last commit is aa78d3c.
> (I tried to send this to ask.wireshark.org but got treated as spam so I'm
> sending here)

The code is not checking the range, but checking whether we should
substract 2208988800 seconds (the time difference between the 1st of
January 1900 at midnight and epoch) or not (keeping the 0 case apart).
Did you test the current code (using the capture from
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10440 for example)? It
seems to work fine.

Regards,
Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe