[ntp:hackers] Samba's MS-NTP implementation

Danny Mayer mayer at ntp.org
Mon Jul 13 01:11:53 UTC 2009


I have been reviewing the code that the Samba team introduced into the
NTP dev code base and I am seeing a lot of problems that disturb me
about this contribution. So let me enumerate the problems with the
implementation:

1) The code uses a TCP socket to call another server. This is even
though NTP only uses UDP
2) The code only seems to try to contact a Samba server but it should
equally be able to connect to an Active Directory Domain Controller or a
Kerberos server.
3) The code blocks on the connect, the send (write) and the recv (read)
calls all of which violate the basic requirements of NTP. I am unsure of
the affect of using this on a Windows system.
4) The code uses AF_UNIX instead of AF_INET or AF_INET6 as appropriate
5) The time for another server to respond is indeterminate and cannot be
relied upon.
6) The requirement that it waits for another server makes it easy to
mount a DOS attack on such an NTP server.
7) The reliance on another server increases the likelihood that the
jitter and delay will increase enormously in unexpected and unreliable
ways and that is something that NTP cannot afford.
8) There maybe some issues over the copyright of the protocol which is
covered under Microsoft's Open Specifications copyright but I am not a
lawyer and cannot say if there are any legal issues involved with this code.

This is so at variance with the NTP design requirements that I am
recommending that we completely remove the Samba contribution from the
4.2.5 code at this time. If at some point in the future this can be done
without involving a third system then it can be reconsidered. Even if
this is released we should explicitly be turning off this capability and
require that anyone who wants to use it turn it on.

Danny


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the hackers mailing list