[Bug 3802] ntp-keygen -I default identity modulus bits too small for OpenSSL 3.

ntp-keygen.c:
  Use different buffers for in/out args to readlink() to respect "restrict" modifiers and avoid undefined behavior.
smeartest.c:
  clean up warning re: main() vs main(void)

bk: 64159126o9zSKZtLZIiqdoVjts9hOA

diff --git a/ChangeLog b/ChangeLog
index 7aba47a788285eda9251fae285c76cc9eaa39aa0..fd97d49a316c5ff774d313d318f9adfa17ff16ea 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,6 @@
 ---
+* [Bug 3802] ntp-keygen -I default identity modulus bits too small for
+             OpenSSL 3.  Reported by rmsh1216@163.com <hart@ntp.org>
 * [Bug 3797] Windows getaddrinfo w/AI_ADDRCONFIG fails for localhost when 
              disconnected, breaking ntpq and ntpdc. <hart@ntp.org>
 * [Bug 3795] pollskewlist documentation uses | when it shouldn't.
@@ -58,6 +60,7 @@
   - applied patch by Gerry Garvey
 * [Bug 3432] refclocks that 'write()' should check the result <perlinger@ntp.org>
   - backport from -dev, plus some more work on warnings for unchecked results
+* [Bug 3103] libopts zsave_warn format string too few arguments <bkorb@gnu.org>
 * [Bug 2525] Turn on automake subdir-objects across the project. <hart@ntp.org>
 * [Bug 2410] syslog an error message on panic exceeded. <brian.utterback@oracle.com>
 * Use https in the AC_INIT URLs in configure.ac.  <stenn@ntp.org>

diff --git a/sntp/include/copyright.def b/sntp/include/copyright.def
index 07b0b9870f0189542e811ba60660083eb41af3ad..c93887e2cdaebd783cec184db10238d23a013d7f 100644 (file)
--- a/sntp/include/copyright.def
+++ b/sntp/include/copyright.def
@@ -3,7 +3,7 @@
 copyright = {
     date  = "1992-2023";
     owner = "The University of Delaware and Network Time Foundation";
-    eaddr = "http://bugs.ntp.org, bugs@ntp.org";
+    eaddr = "https://bugs.ntp.org, bugs@ntp.org";
     type  = ntp;
 };
 

diff --git a/tests/sandbox/smeartest.c b/tests/sandbox/smeartest.c
index cc4e50304dbd03ac50c7e83f7dcc0afbf7398b30..7b11d11edea444f45bf953925770bbe52f7f0e8e 100644 (file)
--- a/tests/sandbox/smeartest.c
+++ b/tests/sandbox/smeartest.c
@@ -127,7 +127,7 @@ ltor(l_fp l)
 
 
 int
-main()
+main(void)
 {
        l_fp l;
        int rc;

diff --git a/util/ntp-keygen-opts.def b/util/ntp-keygen-opts.def
index f89ee334484f38174021f245cb941e6366a5d148..632dbbec778d9bcd8d67ff5ec2fdb0dec8091508 100644 (file)
--- a/util/ntp-keygen-opts.def
+++ b/util/ntp-keygen-opts.def
@@ -22,7 +22,7 @@ flag = {
     ifdef     = AUTOKEY;
     descrip   = "identity modulus bits";
     doc = <<-  _EndOfDoc_
-       The number of bits in the identity modulus.  The default is 256.
+       The number of bits in the identity modulus.  The default is 512.
        _EndOfDoc_;
 };
 

diff --git a/util/ntp-keygen.c b/util/ntp-keygen.c
index eb2cb34f7ed79de242aed14938cec1dce526e697..c40a85298b1165ced1db044cae409cf3a713c0a8 100644 (file)
--- a/util/ntp-keygen.c
+++ b/util/ntp-keygen.c
@@ -121,7 +121,7 @@
 #define        MD5SIZE         20      /* maximum key size */
 #ifdef AUTOKEY
 #define        PLEN            512     /* default prime modulus size (bits) */
-#define        ILEN            256     /* default identity modulus size (bits) */
+#define        ILEN            512     /* default identity modulus size (bits) */
 #define        MVMAX           100     /* max MV parameters */
 
 /*
@@ -266,7 +266,7 @@ InitWin32Sockets() {
 /*
  * followlink() - replace filename with its target if symlink.
  *
- * Some readlink() implementations do not null-terminate the result.
+ * readlink() does not null-terminate the result.
  */
 void
 followlink(
@@ -274,18 +274,22 @@ followlink(
        size_t  bufsiz
        )
 {
-       int len;
+       ssize_t len;
+       char *  target;
 
        REQUIRE(bufsiz > 0);
 
-       len = readlink(fname, fname, (int)bufsiz);
+       target = emalloc(bufsiz);
+       len = readlink(fname, target, bufsiz);
        if (len < 0 ) {
                fname[0] = '\0';
                return;
        }
        if (len > (int)bufsiz - 1)
                len = (int)bufsiz - 1;
+       memcpy(fname, target, len);
        fname[len] = '\0';
+       free(target);
 }