From: Juergen Perlinger Date: Mon, 19 Oct 2020 18:27:38 +0000 (+0200) Subject: [Bug 3689] Extension for MD5, SHA-1 and other keys X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2f3b5bb5223c2cc1dfc010b54623fd27bbde7e2;p=thirdparty%2Fntp.git [Bug 3689] Extension for MD5, SHA-1 and other keys - enum for password encoding, symdef for secret size - update docs bk: 5f8dda9ap5taVSmvX0Cuc0okzeKfIw --- diff --git a/html/authentic.html b/html/authentic.html index 52703e456..62066c3b5 100644 --- a/html/authentic.html +++ b/html/authentic.html @@ -135,13 +135,14 @@ Ordinarily, the ntp.keys file is generated by the ntp-keygen program, but it can be constructed and edited using an ordinary text editor.

-

Each line of the keys file consists of three or four fields: a key - ID in the range 1 to 65,535, inclusive, a key type, a message digest - key consisting of a printable ASCII string less than 40 characters or - a 40-character hex digit string, and an optional comma-separated list - of IPs that are allowed to serve time. If the OpenSSL library is - installed, the key type can be any message digest algorithm supported - by the library. If the OpenSSL library is not installed, the only +

Each line of the keys file consists of three or four fields: a + key ID in the range 1 to 65,535, inclusive, a key type, a + message digest key consisting of a printable ASCII string up to + 20 characters or a hex digit string with more than 20 + characters, and an optional comma-separated list of IPs that are + allowed to serve time. If the OpenSSL library is installed, the + key type can be any message digest algorithm supported by the + library. If the OpenSSL library is not installed, the only permitted key type is MD5.

diff --git a/html/ntpdc.html b/html/ntpdc.html index 7a68dd2f7..8a66a0d01 100644 --- a/html/ntpdc.html +++ b/html/ntpdc.html @@ -75,7 +75,8 @@
quit
Exit ntpdc.
passwd
-
This command prompts you to type in a password (which will not be echoed) which will be used to authenticate configuration requests. The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful.
+
This command prompts you to type in a password (which will not be echoed) which will be used to authenticate configuration requests. The password must correspond to the key configured for use by the NTP server for this purpose if such requests are to be successful. + It follows the same rules as a password entry in the keys file of ntpd.
timeout milliseconds
Specify a timeout period for responses to server queries. The default is about 8000 milliseconds. Note that since ntpdc retries each query once after a timeout, the total waiting time for a timeout will be twice the timeout value set.
diff --git a/html/ntpq.html b/html/ntpq.html index 4789c8ba9..e143d8596 100644 --- a/html/ntpq.html +++ b/html/ntpq.html @@ -75,7 +75,8 @@
ntpversion 1 | 2 | 3 | 4
Sets the NTP version number which ntpq claims in packets. Defaults to 2, Note that mode-6 control messages (and modes, for that matter) didn't exist in NTP version 1.
passwd
-
This command prompts for a password to authenticate requests. The password must correspond to the key ID configured in ntp.conf for this purpose.
+
This command prompts for a password to authenticate requests. The password must correspond to the key ID configured in ntp.conf for this purpose. + It follows the same rules as a password entry in the keys file of ntpd.
quit
Exit ntpq.
raw
diff --git a/include/ntp_stdlib.h b/include/ntp_stdlib.h index 873e9d90f..d65528647 100644 --- a/include/ntp_stdlib.h +++ b/include/ntp_stdlib.h @@ -67,13 +67,17 @@ extern int xsbprintf(char**, char* const, char const*, ...) NTP_PRINTF(3, 4); typedef void (*ctrl_c_fn)(void); /* authkeys.c */ -#define AUTHPWD_UNSPEC 0 -#define AUTHPWD_PLAIN 1 -#define AUTHPWD_HEX 2 +#define AUTHPWD_MAXSECLEN 64 /* max. length of secret blob */ + +enum AuthPwdEnc { + AUTHPWD_UNSPEC, /* format unspecified, length used for discrimination */ + AUTHPWD_PLAIN, /* plain text, used as is */ + AUTHPWD_HEX /* hex-encoded string */ +}; extern void auth_delkeys (void); extern int auth_havekey (keyid_t); -extern size_t authdecodepw (u_char *dst, size_t dstlen, const char *src, int fmt); +extern size_t authdecodepw (u_char *dst, size_t dstlen, const char *src, enum AuthPwdEnc); extern int authdecrypt (keyid_t, u_int32 *, size_t, size_t); extern size_t authencrypt (keyid_t, u_int32 *, size_t); extern int authhavekey (keyid_t); diff --git a/libntp/authkeys.c b/libntp/authkeys.c index bf9628b73..3d16228af 100644 --- a/libntp/authkeys.c +++ b/libntp/authkeys.c @@ -119,7 +119,7 @@ keyacc_new_push( ) { KeyAccT * node = emalloc(sizeof(KeyAccT)); - + memcpy(&node->addr, addr, sizeof(sockaddr_u)); node->subnetbits = subnetbits; node->next = head; @@ -219,7 +219,7 @@ keyacc_amatch( * other checks if we find object identity. But that use case is * too rare to care for it. */ - + /* 2nd check: Address families must be the same. */ if (AF(a1) != AF(a2)) return FALSE; @@ -317,7 +317,7 @@ free_auth_mem(void) cache_keyacclist = NULL; for (alloc = authallocs; alloc != NULL; alloc = next_alloc) { next_alloc = alloc->link; - free(alloc->mem); + free(alloc->mem); } authfreekeys = NULL; authnumfreekeys = 0; @@ -525,7 +525,7 @@ freesymkey( authcache_flush_id(sk->keyid); keyacc_all_free(sk->keyacclist); - + bucket = &key_hash[KEYHASH(sk->keyid)]; if (sk->secret != NULL) { memset(sk->secret, '\0', sk->secretsize); @@ -649,7 +649,7 @@ authtrust( * There are two conditions remaining. Either it does not * exist and is to be trusted or it does exist and is or is * not to be trusted. - */ + */ if (sk != NULL) { /* * Key exists. If it is to be trusted, say so and update @@ -727,9 +727,9 @@ authistrusted( return (KEY_TRUSTED & sk->flags) && keyacc_contains(sk->keyacclist, sau, TRUE); } - + authkeynotfound++; - return FALSE; + return FALSE; } /* Note: There are two locations below where 'strncpy()' is used. While @@ -754,7 +754,7 @@ MD5auth_setkey( { symkey * sk; u_char * secret; - + DEBUG_ENSURE(keytype <= USHRT_MAX); DEBUG_ENSURE(secretsize < 4 * 1024); /* @@ -809,7 +809,7 @@ MD5auth_setkey( printf("%02x", secret[j]); } printf("\n"); - } + } #endif } @@ -953,7 +953,7 @@ pwdecode_hex( ) { static const char hex[] = "00112233445566778899AaBbCcDdEeFf"; - + size_t srclen = strlen(src); size_t reslen = (srclen >> 1) + (srclen & 1); u_char tmp; @@ -963,7 +963,7 @@ pwdecode_hex( if (reslen > dstlen) { errno = ENOMEM; reslen = (size_t)-1; - } else { + } else { for (j = 0; j < srclen; ++j) { tmp = *(const unsigned char*)(src + j); ptr = strchr(hex, tmp); @@ -990,16 +990,16 @@ authdecodepw( u_char * dst, size_t dstlen, const char * src, - int fmt + enum AuthPwdEnc enc ) { size_t reslen; - + if ( !(dst && dstlen && src)) { errno = EINVAL; reslen = (size_t)-1; } else { - switch (fmt) { + switch (enc) { case AUTHPWD_UNSPEC: if (strlen(src) <= 20) reslen = pwdecode_plain(dst, dstlen, src); diff --git a/libntp/authreadkeys.c b/libntp/authreadkeys.c index adf53beae..da91bd0d3 100644 --- a/libntp/authreadkeys.c +++ b/libntp/authreadkeys.c @@ -142,7 +142,7 @@ authreadkeys( keyid_t keyno; int keytype; char buf[512]; /* lots of room for line */ - u_char keystr[64]; /* Bug 2537 */ + u_char keystr[AUTHPWD_MAXSECLEN]; size_t len; u_int nerr; KeyDataT *list = NULL; diff --git a/libntp/authusekey.c b/libntp/authusekey.c index abc762188..3c8da1d3c 100644 --- a/libntp/authusekey.c +++ b/libntp/authusekey.c @@ -21,13 +21,13 @@ authusekey( ) { size_t len; - u_char buf[64]; - + u_char buf[AUTHPWD_MAXSECLEN]; + len = authdecodepw(buf, sizeof(buf), (const char*)str, AUTHPWD_UNSPEC); if (len < 1 || len > sizeof(buf)) return 0; - + MD5auth_setkey(keyno, keytype, buf, len, NULL); memset(buf, 0, sizeof(buf)); return 1;