scripts \
include \
ElectricFence \
- librsaref \
libntp \
libparse \
ntpd \
README This file.
-README.cvs Instructions for folks who use the CVS-repository
+README.bk Instructions for folks who use the BitKeeper-repository
version of NTP.
-README.des If you *need* DES support.
-
README.hackers Notes to folks who want to hack on the code.
TODO List of items the NTP developers are working on.
libntp Directory containing library source code used by most
programs in the distribution.
-librsaref Staging directory for RSAREF.
-
ntp_update Update an NTP CVS tree.
ntpdate Directory containing sources for a program to set the
+++ /dev/null
-To get the NTP distribution via anonymous CVS:
-
- % cvs -d :pserver:anoncvs@www.ntp.org:/cvs/ntp login
-
-the password is: anoncvs
-
- % rm -rf ntp
- % cvs -d :pserver:anoncvs@www.ntp.org:/cvs/ntp co ntp
-
-after which the "ntp_update" script in the top-level of the tree should
-keep things in synch and properly timestamped.
-
-PLEASE NOTE:
-
- When obtaining the NTP distribution directly via CVS instead of
- using "ntp_update", the files are installed in an arbitrary
- order.
-
- When you run "make", this may cause some of the generated files
- to be reconstructed.
-
- If you do not have the right verison of automake and autoconf,
- these files will be regenerated incorrectly.
-
- In this case, you can "fix" your distribution by running:
-
- ntp_update -C
-
- which will force any local changes to your NTP files to be
- discarded and replaced with the versions in the repository.
-
- If "ntp_update -C" does not work just remove the "broken"
- files (probably Makefile.in files) and re-run ntp_udate.
-
-There are some mailing lists for the NTP CVS distribution. For more
-information, send a message to <majordomo@ntp.org> with the word "lists"
-in the body of the message.
-
-If you get NTP via CVS, you MAY need to build the release using GNU make
-and gcc.
-
-You can then "make dist" to build a release tarball that does not require
-GNU make or gcc.
-
-The reason GNU make and gcc may be required is because the repository
-version of NTP does not have the make dependencies built-in. These
-dependencies are created dynamically, and this dynamic process may
-require GNU make and gcc.
-
-I'm told that the version of automake we are now using does not require
-GNU make or gcc for the dependency tracking, but I haven't tested this
-yet.
+++ /dev/null
-If you want DES support in ntp:
-
-- Use MD5 instead:
-- - convert your DES keys to MD5 by changing the 'A', 'N' or 'S' to 'M'
-
-If you *need* DES support:
-
-- first see if you can simply "want" DES support instead
-- Follow the instructions in README.rsa
-
-Be advised that the RSA DES code is not quite as portable as one might
-wish for. In particular, DES under NTP will only work between machines
-of the same "endianness".
-
-Dave would prefer that new/alternative encryption schemes follow the
-RSA API.
+++ /dev/null
-If you want to use the RSA stuff for crypto keys:
-
-- Get RSAREF or RSAEURO.
-- - Unpack it in the top-level source directory of the NTP distribution
- in a directory named rsaref2 or rsaeuro1, respectively
- (You should see directories like ports, rsaref2, scripts)
-
-Make sure rsa.c has the security patch applied - a copy of it is at the
-end of this file.
-
-When you run configure, the Right Thing will happen.
-
-Be advised that the RSA DES code is not quite as portable os one might
-wish for. In particular, DES under NTP will only work between machines
-of the same "endianness".
-
-Dave would prefer that new/alternative encryption schemes follow the
-RSA API.
-
-
---- rsa.c.orig Fri Mar 25 14:01:48 1994
-+++ rsaref2/source/rsa.c Mon Dec 13 13:10:28 1999
-@@ -33,6 +33,9 @@
- unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-
-+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (publicKey->bits + 7) / 8;
- if (inputLen + 11 > modulusLen)
- return (RE_LEN);
-@@ -78,6 +81,9 @@
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (publicKey->bits + 7) / 8;
- if (inputLen > modulusLen)
- return (RE_LEN);
-@@ -128,6 +134,9 @@
- int status;
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-+
-+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-
- modulusLen = (privateKey->bits + 7) / 8;
- if (inputLen + 11 > modulusLen)
-@@ -168,6 +177,9 @@
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (privateKey->bits + 7) / 8;
- if (inputLen > modulusLen)
- return (RE_LEN);
-
---- rsa.c.orig Sat Sep 28 22:59:40 1996
-+++ rsaeuro1/source/rsa.c Sat Jul 8 00:33:13 2000
-@@ -51,6 +51,9 @@ R_RANDOM_STRUCT *randomStruct; /* rando
- unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-
-+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (publicKey->bits + 7) / 8;
-
- if(inputLen + 11 > modulusLen)
-@@ -101,6 +104,9 @@ R_RSA_PUBLIC_KEY *publicKey; /* RSA p
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (publicKey->bits + 7) / 8;
-
- if(inputLen > modulusLen)
-@@ -154,6 +160,9 @@ R_RSA_PRIVATE_KEY *privateKey; /* RSA p
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-
-+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (privateKey->bits + 7) / 8;
-
- if(inputLen + 11 > modulusLen)
-@@ -193,6 +202,9 @@ R_RSA_PRIVATE_KEY *privateKey; /* RSA p
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
-+ return (RE_LEN);
-+
- modulusLen = (privateKey->bits + 7) / 8;
-
- if(inputLen > modulusLen)
/* Minutes per DST adjustment */
#undef DSTMINUTES
-/* MD5 authentication */
-#undef MD5
-
-/* DES authentication (COCOM only) */
-#undef DES
-
/* time_t */
#undef time_t
/* Minutes per DST adjustment */
#undef DSTMINUTES
-/* MD5 authentication */
-#undef MD5
-
-/* DES authentication (COCOM only) */
-#undef DES
-
/* time_t */
#undef time_t
/* Define as the return type of signal handlers (`int' or `void'). */
#undef RETSIGTYPE
-/* Use RSAREF? */
-#undef RSAREF
-
/* The size of a `int', as computed by sizeof. */
#undef SIZEOF_INT
AC_MSG_CHECKING(for the level of crypto support)
AC_ARG_WITH(crypto,
- AC_HELP_STRING([--with-crypto], [+ ={autokey,openssl,rsaref}]),
-dnl AC_HELP_STRING([--with-crypto], [+ ={autokey,rsaref}]),
+ AC_HELP_STRING([--with-crypto], [+ ={autokey,openssl}]),
[ans=$withval], [ans=yes])
case "$ans" in
no) ;;
- yes|rsaref|openssl)
- case "$ans" in
- rsaref)
+ yes|openssl)
+ if test -z "$OPENSSL_LIB" -o -z "$OPENSSL_INC"
+ then
ans=no
- ;;
- *)
- if test -z "$OPENSSL_LIB" -o -z "$OPENSSL_INC"
- then
- ans=no
- else
- # We have OpenSSL inc/lib - use them.
- ans=openssl
- CPPFLAGS="$CPPFLAGS -I$OPENSSL_INC"
- LDFLAGS="$LDFLAGS -L$OPENSSL_LIB"
- LIBS="$LIBS -lcrypto"
- AC_DEFINE(DES)
- AC_DEFINE(OPENSSL, , [Use OpenSSL?])
- AC_DEFINE(PUBKEY, , [Public key?])
- fi
- ;;
- esac
-
- case "$ans" in
- no)
- if test -f $srcdir/rsaref2/source/digit.c
- then
- ans=rsaref
- RSAOBJS=digit.o
- RSASRCS="digit.c digit.h"
- RSADIR=rsaref2
- fi
- if test -f $srcdir/rsaeuro1/source/rsaeuro.h
- then
- ans=rsaref
- RSAOBJS="md4c.o shsc.o"
- RSASRCS="md4c.c shsc.c"
- RSADIR=rsaeuro1
- fi
- if test "$ans" = "rsaref"; then
- LIBRSAREF=../librsaref/librsaref.a
- MAKE_LIBRSAREF=librsaref.a
- AC_DEFINE(DES)
- AC_DEFINE(PUBKEY)
- AC_DEFINE(RSAREF, , [Use RSAREF?])
- fi
- ;;
- esac
+ else
+ # We have OpenSSL inc/lib - use them.
+ ans=openssl
+ CPPFLAGS="$CPPFLAGS -I$OPENSSL_INC"
+ LDFLAGS="$LDFLAGS -L$OPENSSL_LIB"
+ LIBS="$LIBS -lcrypto"
+ AC_DEFINE(OPENSSL, , [Use OpenSSL?])
+ AC_DEFINE(PUBKEY, , [Public key?])
+ fi
;;
esac
AC_SUBST(AUTOKEY)
LIBOBJS=`echo $LIBOBJS|sed 's/\.o /\$U.o /g;s/\.o$/\$U.o/'`
AC_CONFIG_FILES(Makefile adjtimed/Makefile clockstuff/Makefile \
-ElectricFence/Makefile
-include/Makefile kernel/Makefile kernel/sys/Makefile libntp/Makefile \
-libparse/Makefile librsaref/Makefile ntpd/Makefile ntpdc/Makefile \
+ElectricFence/Makefile include/Makefile kernel/Makefile kernel/sys/Makefile \
+libntp/Makefile libparse/Makefile ntpd/Makefile ntpdc/Makefile \
ntpdate/Makefile ntpq/Makefile ntptrace/Makefile parseutil/Makefile \
scripts/Makefile scripts/calc_tickadj scripts/checktime scripts/freq_adj \
scripts/mkver scripts/ntp-wait scripts/ntpsweep scripts/ntpver \
#endif
/*
- * Byte order woes. The DES code is sensitive to byte order. This
- * used to be resolved by calling ntohl() and htonl() to swap things
+ * Byte order woes.
+ * This used to be resolved by calling ntohl() and htonl() to swap things
* around, but this turned out to be quite costly on Vaxes where those
* things are actual functions. The code now straightens out byte
* order troubles on its own, with no performance penalty for little
extern int auth_moremem P((void));
extern int ymd2yd P((int, int, int));
-#ifdef DES
-extern int DESauthdecrypt P((u_char *, u_int32 *, int, int));
-extern int DESauthencrypt P((u_char *, u_int32 *, int));
-extern void DESauth_setkey P((keyid_t, const u_int32 *));
-extern void DESauth_subkeys P((const u_int32 *, u_char *, u_char *));
-extern void DESauth_des P((u_int32 *, u_char *));
-extern int DESauth_parity P((u_int32 *));
-#endif /* DES */
-
extern int MD5authdecrypt P((u_char *, u_int32 *, int, int));
extern int MD5authencrypt P((u_char *, u_int32 *, int));
extern void MD5auth_setkey P((keyid_t, const u_char *, const int));
AUTOMAKE_OPTIONS = ../util/ansi2knr
noinst_LIBRARIES = libntp.a
libntp_a_SOURCES = a_md5encrypt.c adjtime.c atoint.c atolfp.c atouint.c \
- authencrypt.c authkeys.c authparity.c authreadkeys.c authusekey.c \
+ authkeys.c authreadkeys.c authusekey.c \
buftvtots.c caljulian.c calleapwhen.c caltontp.c calyearstart.c \
clocktime.c clocktypes.c decodenetnum.c dofptoa.c dolfptoa.c \
emalloc.c findconfig.c fptoa.c fptoms.c getopt.c hextoint.c \
strdup.c strerror.c
libntp_a_LIBADD = @LIBOBJS@
libntp_a_DEPENDENCIES = @LIBOBJS@
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/librsaref
+INCLUDES = -I$(top_srcdir)/include
ETAGS_ARGS = Makefile.am
noinst_HEADERS = lib_strbuf.h log.h
+++ /dev/null
-/*
- * DES interface for rsaref2.0
- *
- * These routines implement an interface for the RSA Laboratories
- * implementation of the Data Encryption Standard (DES) algorithm
- * operating in Cipher-Block Chaining (CBC) mode. This algorithm is
- * included in the rsaref2.0 package available from RSA in the US and
- * foreign countries. Further information is available at www.rsa.com.
- */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <stdio.h>
-#include "ntp_types.h"
-#include "ntp_string.h"
-#include "ntp_stdlib.h"
-
-#ifdef DES
-
-/*
- * DESauthencrypt - generate DES-CBC message authenticator
- *
- * Returns length of authenticator field.
- */
-int
-DESauthencrypt(
- u_char *key, /* key pointer */
- u_int32 *pkt, /* packet pointer */
- int length /* packet length */
- )
-{
-}
-
-
-/*
- * DESauthdecrypt - verify DES message authenticator
- *
- * Returns one if authenticator valid, zero if invalid.
- */
-int
-DESauthdecrypt(
- u_char *key, /* key pointer */
- u_int32 *pkt, /* packet pointer */
- int length, /* packet length */
- int size /* size of MAC field */
- )
-{
-}
-#else
-int authencrypt_bs;
-#endif /* DES */
struct savekey *next;
union {
long bogon; /* Make sure nonempty */
-#ifdef DES
- u_int32 DES_key[2]; /* DES key */
-#endif
u_char MD5_key[32]; /* MD5 key */
} k;
keyid_t keyid; /* key identifier */
};
#define KEY_TRUSTED 0x001 /* this key is trusted */
-#define KEY_DES 0x100 /* this is a DES type key */
#define KEY_MD5 0x200 /* this is a MD5 type key */
/*
cache_keylen = sk->keylen;
return (1);
}
-#ifdef DES
- if (sk->flags & KEY_DES) {
- cache_key = (u_char *)sk->k.DES_key;
- return (1);
- }
-#endif
return (0);
}
}
-
-#ifdef DES
-/*
- * DESauth_setkey - set a key into the key array
- */
-void
-DESauth_setkey(
- keyid_t keyno,
- const u_int32 *key
- )
-{
- struct savekey *sk;
-
- /*
- * See if we already have the key. If so just stick in the
- * new value.
- */
- sk = key_hash[KEYHASH(keyno)];
- while (sk != 0) {
- if (keyno == sk->keyid) {
- sk->k.DES_key[0] = key[0];
- sk->k.DES_key[1] = key[1];
- sk->flags |= KEY_DES;
- if (cache_keyid == keyno)
- cache_flags = 0;
- cache_keyid = 0;
- return;
- }
- sk = sk->next;
- }
-
- /*
- * Need to allocate new structure. Do it.
- */
- if (authnumfreekeys == 0) {
- if (auth_moremem() == 0)
- return;
- }
- sk = authfreekeys;
- authfreekeys = sk->next;
- authnumfreekeys--;
-
- sk->k.DES_key[0] = key[0];
- sk->k.DES_key[1] = key[1];
- sk->keyid = keyno;
- sk->flags = KEY_DES;
- sk->lifetime = 0;
- sk->next = key_hash[KEYHASH(keyno)];
- key_hash[KEYHASH(keyno)] = sk;
- authnumkeys++;
- return;
-}
-#endif
-
void
MD5auth_setkey(
keyid_t keyno,
if (!authhavekey(keyno))
return (0);
-#ifdef DES
- if (cache_flags & KEY_DES)
- return (DESauthencrypt(cache_key, pkt, length));
-#endif
-
if (cache_flags & KEY_MD5)
return (MD5authencrypt(cache_key, pkt, length));
if (!authhavekey(keyno) || size < 4)
return (0);
-#ifdef DES
- if (cache_flags & KEY_DES)
- return (DESauthdecrypt(cache_key, pkt, length, size));
-#endif
-
if (cache_flags & KEY_MD5)
return (MD5authdecrypt(cache_key, pkt, length, size));
+++ /dev/null
-/*
- * auth_parity - set parity on a key/check for odd parity
- */
-
-#ifdef HAVE_CONFIG_H
-# include <config.h>
-#endif
-
-#ifdef DES
-#include "ntp_stdlib.h"
-
-int
-DESauth_parity(
- u_int32 *key
- )
-{
- u_int32 mask;
- int parity_err;
- int bitcount;
- int half;
- int byte;
- int i;
-
- /*
- * Go through counting bits in each byte. Check to see if
- * each parity bit was set correctly. If not, note the error
- * and set it right.
- */
- parity_err = 0;
- for (half = 0; half < 2; half++) { /* two halves of key */
- mask = 0x80000000;
- for (byte = 0; byte < 4; byte++) { /* 4 bytes per half */
- bitcount = 0;
- for (i = 0; i < 7; i++) { /* 7 data bits / byte */
- if (key[half] & mask)
- bitcount++;
- mask >>= 1;
- }
-
- /*
- * If bitcount is even, parity must be set. If
- * bitcount is odd, parity must be clear.
- */
- if ((bitcount & 0x1) == 0) {
- if (!(key[half] & mask)) {
- parity_err++;
- key[half] |= mask;
- }
- } else {
- if (key[half] & mask) {
- parity_err++;
- key[half] &= ~mask;
- }
- }
- mask >>= 1;
- }
- }
-
- /*
- * Return the result of the parity check.
- */
- return (parity_err == 0);
-}
-#else
-int authparity_bs;
-#endif /* DES */
#include "ntp_syslog.h"
#include "ntp_stdlib.h"
-#ifdef DES
-/*
- * Types of ascii representations for keys. "Standard" means a 64 bit
- * hex number in NBS format, i.e. with the low order bit of each byte
- * a parity bit. "NTP" means a 64 bit key in NTP format, with the
- * high order bit of each byte a parity bit. "Ascii" means a 1-to-8
- * character string whose ascii representation is used as the key.
- */
-#define KEY_TYPE_STD 1
-#define KEY_TYPE_NTP 2
-#define KEY_TYPE_ASCII 3
-#endif
-
/*
* Arbitrary long string of ASCII characters.
*/
continue;
}
switch (*token) {
-#ifdef DES
- case 'S':
- case 's':
- keytype = KEY_TYPE_STD; break;
-
- case 'N':
- case 'n':
- keytype = KEY_TYPE_NTP; break;
-
- case 'A':
- case 'a':
- keytype = KEY_TYPE_ASCII; break;
-#endif
case 'M':
case 'm':
keytype = KEY_TYPE_MD5; break;
keyno);
} else {
switch(keytype) {
-#ifdef DES
- case KEY_TYPE_STD:
- case KEY_TYPE_NTP:
- case KEY_TYPE_ASCII:
- if (!authusekey(keyno, keytype,
- (u_char *)token))
- msyslog(LOG_ERR,
- "format/parity error for DES key %ld, not used",
- keyno);
- break;
-#endif
case KEY_TYPE_MD5:
if (!authusekey(keyno, keytype,
(u_char *)token))
* high order bit of each byte a parity bit. "Ascii" means a 1-to-8
* character string whose ascii representation is used as the key.
*/
-#ifdef DES
-#define KEY_TYPE_STD 1
-#define KEY_TYPE_NTP 2
-#define KEY_TYPE_ASCII 3
-
-#define STD_PARITY_BITS ((unsigned)0x01010101)
-
-#endif
#define KEY_TYPE_MD5 4
const u_char *str
)
{
-#ifdef DES
- u_int32 key[2];
- u_char keybytes[8];
- char *xdigit;
- int i;
- static const char *hex = "0123456789abcdef";
-#endif
const u_char *cp;
int len;
return 0;
switch(keytype) {
-#ifdef DES
- case KEY_TYPE_STD:
- case KEY_TYPE_NTP:
- if (len != 16) /* Lazy. Should define constant */
- return 0;
- /*
- * Decode hex key.
- */
- key[0] = 0;
- key[1] = 0;
- for (i = 0; i < 16; i++) {
- if (!isascii(*cp))
- return 0;
- xdigit = strchr(hex, isupper(*cp) ? tolower(*cp) : *cp);
- cp++;
- if (xdigit == 0)
- return 0;
- key[i>>3] <<= 4;
- key[i>>3] |= (u_int32)(xdigit - hex) & 0xf;
- }
-
- /*
- * If this is an NTP format key, put it into NBS format
- */
- if (keytype == KEY_TYPE_NTP) {
- for (i = 0; i < 2; i++)
- key[i] = ((key[i] << 1) & ~STD_PARITY_BITS)
- | ((key[i] >> 7) & STD_PARITY_BITS);
- }
-
- /*
- * Check the parity, reject the key if the check fails
- */
- if (!DESauth_parity(key)) {
- return 0;
- }
-
- /*
- * We can't find a good reason not to use this key.
- * So use it.
- */
- DESauth_setkey(keyno, key);
- break;
-
- case KEY_TYPE_ASCII:
- /*
- * Make up key from ascii representation
- */
- memset((char *) keybytes, 0, sizeof(keybytes));
- for (i = 0; i < 8 && i < len; i++)
- keybytes[i] = *cp++ << 1;
- key[0] = (u_int32)keybytes[0] << 24 | (u_int32)keybytes[1] << 16
- | (u_int32)keybytes[2] << 8 | (u_int32)keybytes[3];
- key[1] = (u_int32)keybytes[4] << 24 | (u_int32)keybytes[5] << 16
- | (u_int32)keybytes[6] << 8 | (u_int32)keybytes[7];
-
- /*
- * Set parity on key
- */
- (void)DESauth_parity(key);
-
- /*
- * Now set key in.
- */
- DESauth_setkey(keyno, key);
- break;
-#endif
-
case KEY_TYPE_MD5:
MD5auth_setkey(keyno, str, (int)strlen((const char *)str));
break;
+++ /dev/null
-#AUTOMAKE_OPTIONS = ../util/ansi2knr no-dependencies
-#AUTOMAKE_OPTIONS = ../util/ansi2knr
-noinst_LIBRARIES = @MAKE_LIBRSAREF@
-EXTRA_LIBRARIES = librsaref.a
-CLEANFILES = $(EXTRA_LIBRARIES)
-
-# NOTES:
-# don't use RSAREF's global.h - we use ours.
-
-nodist_librsaref_a_SOURCES = \
- desc.c \
- md2c.c \
- md5c.c \
- nn.c \
- prime.c \
- r_dh.c \
- r_encode.c \
- r_enhanc.c \
- r_keygen.c \
- r_random.c \
- r_stdlib.c \
- rsa.c \
- des.h \
- md2.h \
- md5.h \
- nn.h \
- prime.h \
- r_random.h \
- rsa.h \
- rsaref.h @RSASRCS@
-
-librsaref_a_LIBADD = @RSAOBJS@
-librsaref_a_DEPENDENCIES = $(librsaref_a_LIBADD)
-
-BUILT_SOURCES = $(nodist_librsaref_a_SOURCES)
-INCLUDES = -I$(top_srcdir)/include
-ETAGS_ARGS = Makefile.am
-
-DISTCLEANFILES = $(nodist_librsaref_a_SOURCES) stamp-rsaref
-
-#EXTRA_DIST =
-
-$(nodist_librsaref_a_SOURCES): stamp-rsaref
-
-stamp-rsaref:
- @rm -f stamp-rsaref stamp-rsarefT
- @echo timestamp > stamp-rsarefT 2> /dev/null
- for i in $(nodist_librsaref_a_SOURCES); do \
- case "@MAKE_LIBRSAREF@" in \
- '') touch $$i ;; \
- *) case "$$i" in \
- *.h) r_dst=$(srcdir)/$$i ;; \
- *) r_dst=$$i ;; \
- esac ; \
- cmp -s $${r_dst} $(srcdir)/../@RSADIR@/source/$$i 2>/dev/null \
- || cp $(srcdir)/../@RSADIR@/source/$$i $${r_dst} ;; \
- esac ; \
- done
- @echo timestamp > stamp-rsarefT 2> /dev/null
- @mv stamp-rsarefT stamp-rsaref
#AUTOMAKE_OPTIONS = ../util/ansi2knr no-dependencies
AUTOMAKE_OPTIONS = ../util/ansi2knr
bin_PROGRAMS = ntpd
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/librsaref
+INCLUDES = -I$(top_srcdir)/include
# LDADD might need RESLIB and ADJLIB
-LDADD = version.o @LIBPARSE@ ../libntp/libntp.a @LIBRSAREF@
+LDADD = version.o @LIBPARSE@ ../libntp/libntp.a
# ntpd may need:
# log10 refclock_wwv.o
# sqrt ntp_control.o
../libparse/libparse.a:
cd ../libparse && $(MAKE)
-version.o: $(ntpd_OBJECTS) ../libntp/libntp.a @LIBPARSE@ @LIBRSAREF@ Makefile
+version.o: $(ntpd_OBJECTS) ../libntp/libntp.a @LIBPARSE@ Makefile
$(top_builddir)/scripts/mkver ntpd
$(COMPILE) -c version.c
* the game to reduce the exposure to a clogging attack. Now we
* have to burn some cycles to find the association and
* authenticate the packet if required. Note that we burn only
- * MD5 or DES cycles, again to reduce exposure. There may be no
+ * MD5 cycles, again to reduce exposure. There may be no
* matching association and that's okay.
*
* More on the autokey mambo. Normally the local interface is
ntptimeset_SOURCES = ntptimeset.c ntptime_config.c
INCLUDES = -I$(top_srcdir)/include
# LDADD might need RESLIB and ADJLIB
-LDADD = version.o ../libntp/libntp.a @LIBRSAREF@
+LDADD = version.o ../libntp/libntp.a
DISTCLEANFILES = .version version.c stamp-v
noinst_HEADERS = ntpdate.h
#EXTRA_DIST = ntpdate.mak
../libntp/libntp.a:
cd ../libntp && $(MAKE)
-version.o: $(ntpdate_OBJECTS) ../libntp/libntp.a @LIBRSAREF@ Makefile
+version.o: $(ntpdate_OBJECTS) ../libntp/libntp.a Makefile
$(top_builddir)/scripts/mkver ntpdate
$(COMPILE) -c version.c
bin_PROGRAMS = ntpdc
INCLUDES = -I$(top_srcdir)/include
# LDADD might need RESLIB and ADJLIB
-LDADD = version.o ../libntp/libntp.a @LIBRSAREF@
+LDADD = version.o ../libntp/libntp.a
DISTCLEANFILES = .version version.c
noinst_HEADERS = ntpdc.h
#EXTRA_DIST = ntpdc.mak
../libntp/libntp.a:
cd ../libntp && $(MAKE)
-version.o: $(ntpdc_OBJECTS) ../libntp/libntp.a @LIBRSAREF@ Makefile
+version.o: $(ntpdc_OBJECTS) ../libntp/libntp.a Makefile
$(top_builddir)/scripts/mkver ntpdc
$(COMPILE) -c version.c
static u_long info_auth_keyid;
/*
- * Type of key md5 or des
+ * Type of key md5
*/
-#define KEY_TYPE_DES 3
#define KEY_TYPE_MD5 4
-static int info_auth_keytype = KEY_TYPE_MD5; /* MD5*/
+static int info_auth_keytype = KEY_TYPE_MD5; /* MD5 */
u_long current_time; /* needed by authkeys; not used */
int ntpdcmain P((int, char **));
info_auth_keyid = maclen;
}
if (!authistrusted(info_auth_keyid)) {
- pass = getpass((info_auth_keytype == KEY_TYPE_DES)
- ? "DES Password: " : "MD5 Password: ");
+ pass = getpass("MD5 Password: ");
if (*pass == '\0') {
(void) fprintf(stderr,
"Invalid password\n");
{
if (pcmd->nargs == 0)
fprintf(fp, "keytype is %s\n",
- (info_auth_keytype == KEY_TYPE_MD5) ? "MD5" : "DES");
+ (info_auth_keytype == KEY_TYPE_MD5) ? "MD5" : "???");
else
switch (*(pcmd->argval[0].string)) {
case 'm':
info_auth_keytype = KEY_TYPE_MD5;
break;
- case 'd':
- case 'D':
- info_auth_keytype = KEY_TYPE_DES;
- break;
-
default:
- fprintf(fp, "keytype must be 'md5' or 'des'\n");
+ fprintf(fp, "keytype must be 'md5'\n");
}
}
(u_char *)pcmd->argval[0].string);
authtrust(info_auth_keyid, 1);
} else {
- pass = getpass((info_auth_keytype == KEY_TYPE_DES)
- ? "DES Password: "
- : "MD5 Password: "
- );
+ pass = getpass("MD5 Password: ");
if (*pass == '\0')
(void) fprintf(fp, "Password unchanged\n");
else {
bin_PROGRAMS = ntpq
INCLUDES = -I$(top_srcdir)/include
# LDADD might need RESLIB and ADJLIB
-LDADD = version.o ../libntp/libntp.a @LIBRSAREF@
+LDADD = version.o ../libntp/libntp.a
DISTCLEANFILES = .version version.c
noinst_HEADERS = ntpq.h
#EXTRA_DIST = ntpq.mak
../libntp/libntp.a:
cd ../libntp && $(MAKE)
-version.o: $(ntpq_OBJECTS) ../libntp/libntp.a @LIBRSAREF@ Makefile
+version.o: $(ntpq_OBJECTS) ../libntp/libntp.a Makefile
$(top_builddir)/scripts/mkver ntpq
$(COMPILE) -c version.c
u_long info_auth_keyid = NTP_MAXKEY;
/*
- * Type of key md5 or des
+ * Type of key md5
*/
-#define KEY_TYPE_DES 3
#define KEY_TYPE_MD5 4
static int info_auth_keytype = KEY_TYPE_MD5; /* MD5 */
}
}
if (!authistrusted(info_auth_keyid)) {
- pass = getpass((info_auth_keytype == KEY_TYPE_DES)
- ? "DES Password: " : "MD5 Password: ");
+ pass = getpass("MD5 Password: ");
if (*pass == '\0') {
(void) fprintf(stderr,
"Invalid password\n");
{
if (pcmd->nargs == 0)
fprintf(fp, "keytype is %s\n",
- (info_auth_keytype == KEY_TYPE_MD5) ? "MD5" : "DES");
+ (info_auth_keytype == KEY_TYPE_MD5) ? "MD5" : "???");
else
switch (*(pcmd->argval[0].string)) {
case 'm':
info_auth_keytype = KEY_TYPE_MD5;
break;
- case 'd':
- case 'D':
- info_auth_keytype = KEY_TYPE_DES;
- break;
-
default:
- fprintf(fp, "keytype must be 'md5' or 'des'\n");
+ fprintf(fp, "keytype must be 'md5'\n");
}
}
return;
}
}
- pass = getpass((info_auth_keytype == KEY_TYPE_DES)
- ? "DES Password: "
- : "MD5 Password: "
- );
+ pass = getpass("MD5 Password: ");
if (*pass == '\0')
(void) fprintf(fp, "Password unchanged\n");
else
#endif
# undef OPEN_BCAST_SOCKET /* for ntp_io.c */
# undef UDP_WILDCARD_DELIVERY /* for ntp_io.c */ /* 98/06/01 */
-# undef DES /* from libntp.mak */
-# define MD5 /* from libntp.mak */
# define HAVE_RANDOM
#define MAXHOSTNAMELEN 64
#define AUTOKEY
EXTRA_PROGRAMS = byteorder hist jitter kern longsize ntptime \
precision sht testrs6000 tickadj timetrim
-#ntp_genkeys_LDADD = ../ntpd/ntp_config$U.o ../libntp/libntp.a $(LIBRSAREF)
-#ntp_genkeys_DEPENDENCIES = ../ntpd/ntp_config$U.o ../libntp/libntp.a $(LIBRSAREF)
+#ntp_genkeys_LDADD = ../ntpd/ntp_config$U.o ../libntp/libntp.a
+#ntp_genkeys_DEPENDENCIES = ../ntpd/ntp_config$U.o ../libntp/libntp.a
-INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/librsaref
+INCLUDES = -I$(top_srcdir)/include
# LDADD might need RESLIB and ADJLIB
LDADD = ../libntp/libntp.a
#EXTRA_DIST = README TAGS
/*
* This program generates (up to) four files:
*
- * ntp.keys containing the DES/MD5 private keys,
+ * ntp.keys containing the MD5 private keys,
* ntpkey containing the RSA private key,
* ntpkey_HOST containing the RSA public key
* where HOST is the DNS name of the generating machine,
* distributed by secure means to other servers and clients sharing the
* same security compartment.
*
- * The key identifiers for MD5 and DES keys must be less than 65536,
+ * The key identifiers for MD5 keys must be less than 65536,
* although this program uses only the identifiers from 1 to 16. The key
* identifier for each association is specified as the key argument in
* the server or peer configuration file command.
projects / thirdparty / ntp.git / commitdiff
