From: Miroslav Lichvar Date: Fri, 21 Mar 2014 11:47:52 +0000 (+0100) Subject: cmdparse: don't allow NTP key ID of 0 X-Git-Tag: 1.30-pre1~118 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6c2a1e62e0335ef1845ea62452ed4e7d90eadcae;p=thirdparty%2Fchrony.git cmdparse: don't allow NTP key ID of 0 Key number 0 is used as inactive key, prevent the user from inadvertently not using authentication. --- diff --git a/chrony.texi.in b/chrony.texi.in index 9429f500..21289443 100644 --- a/chrony.texi.in +++ b/chrony.texi.in @@ -1746,7 +1746,8 @@ pairs. The format of the file is shown below Each line consists of an ID, a name of authentication hash function (optional) and a password. The ID can be any unsigned integer in the range 0 through -2**32-1. The hash function is MD5 by default, depending on how was +2**32-1, but ID of 0 can be used only for the command key and not for the NTP +authentication. The hash function is MD5 by default, depending on how was @code{chronyd} compiled other allowed hash functions may be SHA1, SHA256, SHA384, SHA512, RMD128, RMD160, RMD256, RMD320, TIGER and WHIRLPOOL. The password can be encoded as a string of characters not containing a space with @@ -2829,7 +2830,8 @@ keys file, defined by the keyfile command. If the key option is present, @code{chronyd} will attempt to use authenticated packets when communicating with this server. The key -number used will be the single argument to the key option. The server +number used will be the single argument to the key option (an +unsigned integer in the range 1 through 2**32-1). The server must have the same password for this key number configured, otherwise no relationship between the computers will be possible. diff --git a/cmdparse.c b/cmdparse.c index f8558e83..437dfbd8 100644 --- a/cmdparse.c +++ b/cmdparse.c @@ -134,7 +134,8 @@ CPS_ParseNTPSourceAdd(char *line, CPS_NTP_Source *src) line += n; } } else if (!strcasecmp(cmd, "key")) { - if (sscanf(line, "%lu%n", &src->params.authkey, &n) != 1) { + if (sscanf(line, "%lu%n", &src->params.authkey, &n) != 1 || + src->params.authkey == INACTIVE_AUTHKEY) { result = CPS_BadKey; ok = 0; done = 1;