[ntp:questions] What to do for clients less than 4.2.8?

[David Woolley]

On 21/12/14 11:38, Rob wrote:
> David Woolley <david at ex.djwhome.demon.invalid> wrote:
>> On 21/12/14 10:48, Rob wrote:
>>> People say "disable crypto" but there is no clear direction in the docs
>>> on how to do that.  There is no "crypto off" or "disable crypto" config
>>> directive at first glance.  So how is this done?
>>
>> I would assume by not enabling it.
>
> Ok, but in that case why the worry about the "millions of vulnerable
> servers" on the internet, I think most users who just want to get and

Paranoia?  Security alerts are generally not that explicit (and this one 
is actually unusually explicit) because they provide information to the 
hackers.

> serve time don't spend the week of time needed to get the crypto working
> and to coordinate with other servers doing the same.
>
> So for now I presume it is on by default...  also because of what I saw
> in the OpenSUSE example config.  (or would the "keys" config directive
> be the magic enable crypto directive?)

There are only two places where crypto_recv is called.  One is 
definitely only active if autokey has been explicitly configured.  The 
other is only active for broadcast clients and the comments imply that 
it is only used for autokey, but it does seem possible that it is the 
remote side that decides this (I didn't follow the code any deeper); it 
is in the initial broadcast client handshake.

I'm using 4.2.7p333, rather than the latest 4.2.7 source code.

"Carefully crafted" in alerts generally means that the data has to look 
like the address of some instructions and those instructions, with the 
exact memory layout under which that instance is running.  It also 
normally assumes that the machine doesn't have stack execution 
permission disabled for ntpd.
>