[ntp:hackers] Samba's MS-NTP implementation
abartlet at samba.org
Mon Jul 13 02:18:00 UTC 2009
On Mon, 2009-07-13 at 01:46 +0000, Harlan Stenn wrote:
> > I have been reviewing the code that the Samba team introduced into the
> > NTP dev code base and I am seeing a lot of problems that disturb me
> > about this contribution. So let me enumerate the problems with the
> > implementation:
> > 1) The code uses a TCP socket to call another server. This is even
> > though NTP only uses UDP
> So what? This is the code the Samba team says makes for the easiest
> integration with samba.
> That is the entire point of this whack of code.
I chose a stream socket deliberately. (It's not TCP, but a connected
stream over a unix domain socket). This ensures that NTPd knows when
Samba goes away (should it crash, for example), and is not left hanging
waiting for a reply, as it would if a datagram socket were used.
> > 2) The code only seems to try to contact a Samba server but it should
> > equally be able to connect to an Active Directory Domain Controller or a
> > Kerberos server.
> Why do you say this? The samba folks know what they need, and sent us
> code to do what they need.
Indeed. Part of what I have tried to do here is to put the minimum
possible logic in NTPd, to solve the real problem my users have.
> > 6) The requirement that it waits for another server makes it easy to
> > mount a DOS attack on such an NTP server.
> Yes, and since this service should only be set up to support local
> users, there is less risk. And we document this.
> > 7) The reliance on another server increases the likelihood that the
> > jitter and delay will increase enormously in unexpected and unreliable
> > ways and that is something that NTP cannot afford.
> Says who? And if indeed this interaction is between T2 and T3, where is
> this problem you speak of? And if this really does turn out to be ab ig
> deal, we'll hear about it, see if we can fix it, and either way folks
> can decide to use it or not.
I hope the extra text I just sent will provide the appropriate level of
Talking to another process on the same host isn't free, but it isn't
*that* expensive that consenting adults should not be permitted to
enable it for their own networks.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ntp.org/pipermail/hackers/attachments/20090713/dde17923/attachment.bin
More information about the hackers