[ntp:questions] NTP MD5
Brad Knowles
brad at stop.mail-abuse.org
Mon Sep 12 10:37:11 UTC 2005
At 5:41 PM +0800 2005-09-12, Eric Liu wrote:
> I am testing authentication with ntp-4.2.0.
If you're going to test ntpd-4.2.x, then you should be testing
one of the latest ntp-dev snapshot tarballs. Go to
<http://ntp.isc.org/bin/view/Main/SoftwareDownloads>, follow the link
to <http://ntp.isc.org/bin/view/Main/SoftwareDevelopment>, then the
link to <http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/> (or the FTP
equivalent), then ultimately down to
<http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/snapshots/ntp-dev/2005/09/>.
The point is that 4.2.0-RELEASE was cut almost two years ago, and
in the meanwhile there have been a whole host of changes that have
happened throughout the code. Many vendors have decided to back-port
some of these changes to their versions of ntpd which are actually
based on older code, but they haven't increased the version number.
So, the 4.2.0-RELEASE code you get from us might have an older
MD5 library routine than the ntpd-4.1.2-whatever code provided by Red
Hat, and which they have hacked a great deal on.
If you make sure to get one of our latest ntp-dev tarballs, you
will have the absolute latest code in this area. Alternatively, you
can wait a couple of weeks (or maybe less), for the official
4.2.1-RELEASE version to come out.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the questions
mailing list