From: Harlan Stenn Date: Sat, 15 Jul 2000 00:28:03 +0000 (-0000) Subject: ChangeLog, Makefile.am, Makefile.in, ntp_crypto.c, ntp_proto.c: X-Git-Tag: NTP_4_0_99_K~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f336d8317ac3097efc47e826d9cfd694396d0643;p=thirdparty%2Fntp.git ChangeLog, Makefile.am, Makefile.in, ntp_crypto.c, ntp_proto.c: * ElectricFence/Makefile.am (check-local): Don't run the tests if we didn't build the programs... bk: 396fb013fud-66_9WPW-098z308VFA --- diff --git a/ChangeLog b/ChangeLog index 032a71b17f..bd1c8b3c05 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2000-07-14 Harlan Stenn + * ElectricFence/Makefile.am (check-local): Don't run the tests if + we didn't build the programs... + * ElectricFence/page.c: #include config.h if it's there. Properly handle the sys_errlist declaration. diff --git a/ElectricFence/Makefile.am b/ElectricFence/Makefile.am index 95d55bb3db..f243d7e92a 100644 --- a/ElectricFence/Makefile.am +++ b/ElectricFence/Makefile.am @@ -27,5 +27,5 @@ LDADD = libefence.a # CFLAGS= -g -Bstatic -DPAGE_PROTECTION_VIOLATED_SIGNAL=SIGBUS check-local: - ./eftest - ./tstheap 3072 + [ -f eftest] && ./eftest + [ -f tstheap ] && ./tstheap 3072 diff --git a/ElectricFence/Makefile.in b/ElectricFence/Makefile.in index 5c76701ad9..3fec188ecd 100644 --- a/ElectricFence/Makefile.in +++ b/ElectricFence/Makefile.in @@ -376,8 +376,8 @@ maintainer-clean-generic clean mostlyclean distclean maintainer-clean # CFLAGS= -g -Bstatic -DPAGE_PROTECTION_VIOLATED_SIGNAL=SIGBUS check-local: - ./eftest - ./tstheap 3072 + [ -f eftest] && ./eftest + [ -f tstheap ] && ./tstheap 3072 # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c index e291373bf8..07a5d445bb 100644 --- a/ntpd/ntp_crypto.c +++ b/ntpd/ntp_crypto.c @@ -335,7 +335,7 @@ crypto_recv( /* * Install association ID. This is used in multicast - * client mode only only. + * client mode only. */ case CRYPTO_ASSOC | CRYPTO_RESP: if (ntohl(pkt[i + 1]) != 0 && peer->flags & @@ -345,14 +345,18 @@ crypto_recv( /* * Install autokey values in broadcast client and - * symmetric modes. + * symmetric modes. Tricky here - discard old + * timestamps, but don't discard duplicate timestamps if + * the authentic bit is not set. */ case CRYPTO_AUTO | CRYPTO_RESP: ap = (struct autokey *)&pkt[i + 2]; #ifdef PUBKEY temp = ntohl(ap->siglen); kp = (R_RSA_PUBLIC_KEY *)peer->pubkey; - if (tstamp <= peer->recauto.tstamp) { + if (tstamp < peer->recauto.tstamp || (tstamp == + peer->recauto.tstamp && peer->flags & + FLAG_AUTOKEY)) { rval = RV_TSP; } else if (!crypto_flags) { rval = RV_OK; @@ -367,7 +371,9 @@ crypto_recv( (u_char *)ap->pkt, temp, kp); } #else /* PUBKEY */ - if (tstamp <= peer->recauto.tstamp) + if (tstamp <= peer->recauto.tstamp || (tstamp == + peer->recauto.tstamp && peer->flags & + FLAG_AUTOKEY)) rval = RV_TSP; else rval = RV_OK; @@ -392,7 +398,9 @@ crypto_recv( break; /* - * Install session cookie in client and symmetric modes. + * Install session cookie in client mode. Use this also + * in symmetric modes when rsaref20 has not been + * installed for test. */ case CRYPTO_PRIV: peer->cmmd = ntohl(pkt[i]); @@ -494,6 +502,7 @@ crypto_recv( #endif if (rval != RV_OK || temp == 0) break; + peer->flash &= ~TEST10; /* * Initialize Diffie-Hellman parameters and @@ -695,6 +704,7 @@ crypto_recv( #endif if (rval != RV_OK || temp == 0) break; + peer->flash &= ~TEST10; /* * Initialize TAI leapsecond table and extension diff --git a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c index 4ab7ee8d28..2680e212e7 100644 --- a/ntpd/ntp_proto.c +++ b/ntpd/ntp_proto.c @@ -182,7 +182,6 @@ transmit( peer->flags &= ~FLAG_BURST; peer->hmode = MODE_BCLIENT; #ifdef AUTOKEY - peer->pcookie.tstamp = 0; key_expire(peer); #endif /* AUTOKEY */ } @@ -751,12 +750,18 @@ receive( #ifdef PUBKEY /* * If the autokey boogie fails, the server may be bogus - * or worse. Raise an alarm and rekey this thing. + * or worse. Raise an alarm and retrieve the autokey + * values again. If the server has in fact come up with + * new autokey values, this saves a timeout and general + * reset. On the other hand, an intruder could replay at + * speed packets from old associations with different + * cookies, which would cause needless server requests + * and burdensome responses. Since victim client sends a + * message only at poll intervals and victim server + * burns no PKI cycles, the attack doesn't do much harm. */ - if (peer->flash & TEST10) { + if (peer->flash & TEST10) peer->flags &= ~FLAG_AUTOKEY; - peer->recauto.tstamp = 0; - } if (!(peer->flags & FLAG_AUTOKEY)) peer->flash |= TEST11; @@ -1969,8 +1974,7 @@ peer_xmit( CRYPTO_RESP, peer->hcookie, peer->associd); if (!crypto_flags && peer->pcookie.tstamp == - 0 && peer->recauto.tstamp != 0 && - sys_leap != LEAP_NOTINSYNC) + 0 && sys_leap != LEAP_NOTINSYNC) sendlen += crypto_xmit((u_int32 *)&xpkt, sendlen, CRYPTO_PRIV, peer->hcookie, peer->assoc); @@ -1983,8 +1987,7 @@ peer_xmit( sendlen, CRYPTO_DHPAR, peer->hcookie, peer->assoc); else if (crypto_flags && peer->pcookie.tstamp == - 0 && peer->recauto.tstamp != 0 && - sys_leap != LEAP_NOTINSYNC) + 0 && sys_leap != LEAP_NOTINSYNC) sendlen += crypto_xmit((u_int32 *)&xpkt, sendlen, CRYPTO_DH, peer->hcookie, peer->assoc); @@ -1994,8 +1997,7 @@ peer_xmit( sendlen, (peer->cmmd >> 16) | CRYPTO_RESP, peer->hcookie, peer->associd); - if (peer->pcookie.tstamp == 0 && - peer->recauto.tstamp != 0 && sys_leap != + if (peer->pcookie.tstamp == 0 && sys_leap != LEAP_NOTINSYNC) sendlen += crypto_xmit((u_int32 *)&xpkt, sendlen, CRYPTO_PRIV, peer->hcookie,