DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:35:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

ntp: accept NTPv4 packets with truncated MACs

Browse Source 
In order to allow deterministic parsing of NTPv4 extension fields, the
MAC must not be longer than 192 bits (RFC 7822). One way to get around
this limitation when using symmetric keys which produce longer MACs is
to truncate them to 192 bits (32-bit key ID and 160-bit hash).

Modify the code to accept NTPv4 packets with MACs truncated to 192
bits, but still allow long MACs in NTPv4 packets to not break
compatibility with older chrony clients.
This commit is contained in:
Miroslav Lichvar
2016-11-29 12:52:20 +01:00
parent 38c4a7ff97
commit 89b127bf6c
2 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ntp.h
View File

@@ -56,6 +56,10 @@ typedef uint32_t NTP_int32;
#define NTP_MIN_MAC_LENGTH (4 + 16)
#define NTP_MAX_MAC_LENGTH (4 + MAX_HASH_LENGTH)
/* The maximum length of MAC in NTPv4 packets which allows deterministic
parsing of extension fields (RFC 7822) */
#define NTP_MAX_V4_MAC_LENGTH (4 + 20)
/* Type definition for leap bits */
typedef enum {
LEAP_Normal = 0,