[ntp:hackers] Protocol specification modification for MS-SNTP
mills at udel.edu
Tue Jul 7 03:41:40 UTC 2009
Ah well, I was having a funky dream. The suggestion on digest algorithm
Andrew Bartlett wrote:
>On Mon, 2009-07-06 at 21:28 +0000, David Mills wrote:
>>The Samba folks have modified ntpd to support Microsoft authentication,
>>which requies some bending of the protocol specification and
>>implementation. I'd like to make it much simpler, reduce the code
>>clutter and support alternative digest algorithms. The present protocol
>>specification requires a nonzero key ID and MD5 digest algorithm by
>>default. The ntpd never generates a MAC with a zero key ID.
>The Key ID is not zero in MS-SNTP authentication. It is the little
>endian RID of the machine account.
>What is zero is the MAC (16 bytes). (How could the key ID be zero?
>What otherwise would determine what key to use to sign the reply?)
>>MS-SNTP code uses a 20-octet all-zero MAC, causing ntpd to hand the
>>packet off to another program which fills in the MAC. This makes
>>"legal" and much more likely to be supported by "official" servers. I
>>propose to add something like this, either to the protocol
>>or as an addendum:
>>"A received MAC with a zero key ID is a special case. By default, the
>>packet is treated as if the MAC were not present, so is not
>>authenticated. On output the MAC is returned exactly as received and
>>packet is not authenticated. As a configurable option, an output
>>with zero key ID can be passed to another program that fills in the
>This simply needs to be reworded to be 'an all Zero MAC (with a non-zero
>key id) is a special case...'
More information about the hackers