[Sec 2542] Strengthen the mrulist nonce

bk: 52f74394IKO9Kr2xa91uj8V_6mFy4w

diff --git a/ChangeLog b/ChangeLog
index df93ced9b119d735f36f12261eaf606e61b6661f..b744937e77a9a368b86a483d56aa6854ec176a7e 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 * [Bug 492] Clearly document ntpdate's pending deprecation.
 * [Bug 1186] ntpd fails with link local IPv6 addresses.
+* [Sec 2542] Strengthen the mrulist nonce.
 (4.2.7p419) 2014/02/08 Released by Harlan Stenn <stenn@ntp.org>
 * [Bug 2466] Wrap NMEA timestamps in 1024 week cycles.
 (4.2.7p418) 2014/02/05 Released by Harlan Stenn <stenn@ntp.org>

diff --git a/ntpd/ntp_control.c b/ntpd/ntp_control.c
index c2fb501d00cc22710535ba327a3d5dd9fff0e611..c73dd7247928e691014a80ceaaac24cfe55298aa 100644 (file)
--- a/ntpd/ntp_control.c
+++ b/ntpd/ntp_control.c
@@ -3335,7 +3335,8 @@ static u_int32 derive_nonce(
        u_int32         ts_f
        )
 {
-       static u_int32  salt[2];
+       static u_int32  salt[4];
+       static u_long   last_salt_update;
        union d_tag {
                u_char  digest[EVP_MAX_MD_SIZE];
                u_int32 extract;
@@ -3343,9 +3344,13 @@ static u_int32 derive_nonce(
        EVP_MD_CTX      ctx;
        u_int           len;
 
-       while (!salt[0])
+       while (!salt[0] || current_time - last_salt_update >= 3600) {
                salt[0] = ntp_random();
-       salt[1] = conf_file_sum;
+               salt[1] = ntp_random();
+               salt[2] = ntp_random();
+               salt[3] = ntp_random();
+               last_salt_update = current_time;
+       }
 
        EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
        EVP_DigestUpdate(&ctx, salt, sizeof(salt));