[ntp:hackers] Protocol specification modification for MS-SNTP
martin.burnicki at meinberg.de
Thu Jul 9 13:03:05 UTC 2009
Dave Mills wrote:
> I might not have been clear. The resonse to a symmetric active request
> is unconditionally a symmetric pasive packet. If authentirated, an
> association is mobilized. There is no way a symmetric active peer can
> tell if an association has been mobilized or not. This is all consistent
> with the spec and no enable bit is necessary.
That's IMHO a good solution and I appreciate this.
> I continue to be uncomfortable with an agenda that says compile the code
> whether or not it might be used. Is there some way you can tell from the
> environment that Samba is active? Thie Autokey code is compiled only if
> OpenSSL is present by default. This puppy is getting downright huge and
> needs to be potty trained.
In my opinion the problem is that nowadays only few people build the NTP
package on their final target systems.
Not only the Windows port is shipped as a set of binaries, also Linux,
Solaris, and (AFAIK) FreeBSD provide binary packages which are precompiled by
the maintainers of the OS or distribution. So, for example, only the
maintainers need to have the openSSL headers installed. On the end user's
target system it is sufficient to have the openSSL libs installed.
Similarly, the end user can decide whether he wants to have the Samba daemon
running or not, and I don't believe he would be happy to recompile the NTP
daemon just because Sambe shall be running but the NTP installation package
comes with support for Samba authentication disabled.
More information about the hackers