DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

keys: warn about short key only if used by source

Browse Source 
After restricting authentication of servers and peers to the specified
key, a short key in the key file is a security problem from the client's
point of view only if it's specified for a source.
This commit is contained in:
Miroslav Lichvar
2016-01-25 16:50:51 +01:00
parent f225469e6e
commit aad42ceaec
3 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
keys.c
View File

@@ -198,9 +198,6 @@ KEY_Reload(void)
continue;
}
if (key.len < MIN_SECURE_KEY_LENGTH)
LOG(LOGS_WARN, LOGF_Keys, "Key %"PRIu32" is too short", key_id);
key.id = key_id;
key.val = MallocArray(char, key.len);
memcpy(key.val, keyval, key.len);
@@ -295,6 +292,21 @@ KEY_GetAuthDelay(uint32_t key_id)
/* ================================================== */
int
KEY_CheckKeyLength(uint32_t key_id)
{
Key *key;
key = get_key_by_id(key_id);
if (!key)
return 0;
return key->len >= MIN_SECURE_KEY_LENGTH;
}
/* ================================================== */
int
KEY_GenerateAuth(uint32_t key_id, const unsigned char *data, int data_len,
unsigned char *auth, int auth_len)