]> git.ipfire.org Git - thirdparty/chrony.git/commit
projects / thirdparty / chrony.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0d298bf) | patch
hash: drop support for RIPEMD hash functions
authorMiroslav Lichvar <mlichvar@redhat.com>
Tue, 17 Sep 2019 14:51:39 +0000 (16:51 +0200)
committerMiroslav Lichvar <mlichvar@redhat.com>
Tue, 24 Sep 2019 09:32:31 +0000 (11:32 +0200)
commit4a219ecbf1e2689c4d45d22ad4cbf5a697529da9
treee3535c57fa7403d8d75ace667a6e30e93eba76c3tree
parent0d298bfc4c606be15ec0ce6239a2002ce8b1f574commit | diff
hash: drop support for RIPEMD hash functions

An analysis by Tim Ruffing [1] shows that a length extension attack
adding valid extension fields to NTPv4 packets is possible with some
specific key lengths and hash functions using little-endian length like
MD5 and RIPEMD160.

chronyd currently doesn't process or generate any extension fields, but
it could be a problem in future when a non-authentication extension
field is supported.

Drop support for all RIPEMD functions as they don't seem to be secure in
the context of the NTPv4 MAC. MD5 is kept only for compatibility.

[1] https://mailarchive.ietf.org/arch/msg/ntp/gvibuB6bTbDRBumfHNdJ84Kq4kA
doc/chrony.conf.adoc diff | blob | blame | history
hash_nettle.c diff | blob | blame | history
hash_tomcrypt.c diff | blob | blame | history
test/unit/hash.c diff | blob | blame | history
Mirror of https://git.tuxfamily.org/chrony/chrony.git