Add support for different authentication hashes

Allow different hash functions to be used in the NTP and cmdmon protocols. This breaks the cmdmon protocol compatibility. Extended key file format is used to specify the hash functions for chronyd and new authhash command is added to chronyc. MD5 is the default and the only function included in the chrony source code, other functions will be available from libraries.
2025-12-03 17:35:06 -05:00 · 2011-10-19 13:26:03 +02:00
parent 6015f99d98
commit 777303f130
20 changed files with 473 additions and 329 deletions
--- a/util.h
+++ b/util.h
@@ -32,6 +32,7 @@
 #include "addressing.h"
 #include "ntp.h"
 #include "candm.h"
+#include "hash.h"

 /* Convert a timeval into a floating point number of seconds */
 extern void UTI_TimevalToDouble(struct timeval *a, double *b);
@@ -101,6 +102,11 @@ extern Float UTI_FloatHostToNetwork(double x);
 /* Set FD_CLOEXEC on descriptor */
 extern void UTI_FdSetCloexec(int fd);

+extern int UTI_GenerateNTPAuth(int hash_id, const unsigned char *key, int key_len,
+    const unsigned char *data, int data_len, unsigned char *auth, int auth_len);
+extern int UTI_CheckNTPAuth(int hash_id, const unsigned char *key, int key_len,
+    const unsigned char *data, int data_len, const unsigned char *auth, int auth_len);
+
 #if defined (INLINE_UTILITIES)
 #define INLINE_STATIC inline static
 #include "util.c"