[ntp:hackers] NTP cores in authistrustedip.

brian utterback brian.utterback at oracle.com
Wed Apr 20 01:15:38 UTC 2016

I was trying to set up autokey for some testing and my NTP client is
crashing in authistrustedip in an INSIST macro.

If I follow the packet, it is being processed in receive() at this point:

 901                  * Compute the cryptosum. Note a clogging attack may
 902                  * succeed in bloating the key cache. If an autokey,
 903                  * purge it immediately, since we won't be needing it
 904                  * again. If the packet is authentic, it can
mobilize an
 905                  * association. Note that there is no key zero.
 906                  */
 907                 if (!authdecrypt(skeyid, (u_int32 *)pkt, authlen,
 908                     has_mac))
 909                         is_authentic = AUTH_ERROR;
 910                 else
 911                         is_authentic = AUTH_OK;
 912 #ifdef AUTOKEY
 913                 if (crypto_flags && skeyid > NTP_MAXKEY)
 914                         authtrust(skeyid, 0);
 915 #endif  /* AUTOKEY */

The packet is fine, so is_authentic gets AUTH_OK, but the call to
authtrust sets the trust to 0 and the key is removed from the cache and
the key table.

Later on after all of the FLASH tests and validation, we get to this point:

1612         switch (hismode) {
1613             case MODE_SERVER:           /* server mode */
1614             case MODE_BROADCAST:        /* broadcast mode */
1615             case MODE_ACTIVE:           /* symmetric active mode */
1616                 if (   is_authentic == AUTH_OK
1617                     && !authistrustedip(skeyid, &peer->srcadr)) {
1618                         report_event(PEVNT_AUTH, peer, "authIP");
1619                         peer->badauth++;
1620                         return;
1621                 }
1622                 break;

Well, is_authentic is AUTH_OK, so we call authistrustedip() with the
skeyid (which we purged) and the source address. The function looks like

563                 authkeyuncached++;
564                 bucket = &key_hash[KEYHASH(keyno)];
565                 for (sk = *bucket; sk != NULL; sk = sk->hlink) {
566                         if (keyno == sk->keyid)
567                                 break;
568                 }
569                 if (NULL == sk || !(KEY_TRUSTED & sk->flags)) {
570                         INSIST(!"authistrustedip: keyid not
571                         return FALSE;
572                 }

Since we purged the key from the table, the key isn't found and the
INSIST gets invoked and the process aborts. So, it looks to me like this
INSIST shouldn't have been there, maybe a DPRINT or something, since the
return after it will never get executed. But more to the point, how can
the processing ever work since we purged the key?

It may be possible that I have get up autokey incorrectly. I am trying
to test IFF, but I really need to test all of them. The instructions on
how to do it are simply abysmal on the web site and are out of date and
I think they might have been incomplete to begin with. Does anyone have
cheatsheet on setting up autokey?

Oracle <http://www.oracle.com>
Brian Utterback | Principal Software Engineer
Phone: +1 6038973049 <tel:+1%206038973049>
Oracle Systems/RPE Solaris Network
1 Oracle Dr. | Nashua, NH 03062
All working systems eventually start to exhibit their own agenda
Green Oracle <http://www.oracle.com/commitment> Oracle is committed to
developing practices and products that help protect the environment

More information about the hackers mailing list