[ntp:questions] ntpdate.c unsafe buffer write

Harlan Stenn stenn at ntp.org
Sat Feb 9 21:03:54 UTC 2008


>>> In article <fojbt0$sj4$1 at scrotar.nss.udel.edu>, "David L. Mills" <mills at udel.edu> writes:

David> Harlan, You make some good points. However, if folks want SNTP from
David> here I think they would prefer it in its own distribution rather than
David> bundle it with the huge NTP distribution.

That's not the feedback I have received, but I will note it would be
possible to have an "ntp+sntp" distribution and a separate "sntp"
distribution.  It would take a couple of days' time to do this, and I have
much hotter fires to put out first.  Additionally, there will be significant
changes in the code layout as the sntp code is overhauled, so I'd prefer to
wait on this additional distribution tarball until that effort is completed.

David> You can make a strong
David> argument to host here if the claim that both NTP and SNTP are
David> strictly specification conformant. That's why I rewrote the SNTP
David> documentation to take out all mention that it could be used as a
David> server.

OK.

David> The three of us that wrote rfc 2030 had just come down from a massive
David> clogging situation at UWisc and NIST and were frantic to get across
David> the need for polite client behavior. This has to do with DNS lookups,
David> poll intervals and behavior when no response is received. Even so,
David> there remains at least three violators of those principles right now
David> on two of our public servers. Therefore, if an SNTP product leaves
David> here, it really and surely should compley with the on-wire protocol
David> in the NTPv4 spec and these best practices.

We're on the same page.

David> A aside, I should reveal my biases. At the moment, to configure the
David> current software on an Sun Ultra 5 takse 12 minutes, 6 minutes for
David> NTP and 6 minutes for SNTP. But, it takes only 8 minutes to compile
David> and link all programs, including both NTP and SNTP. It is not now
David> possible to build either separately.

I'm not sure what you mean about building separately.

We *used* to be able to build:

- ntp + sntp:
  configure ; make

- ntp only:
  configure --without-sntp ; make

- sntp only:
  cd sntp ; configure ; make

About a year and a half ago we got the SNTP code to the point where it would
build on Unix (nobody has done the work for Windows, but apparently nobody
is asking for it there either - http://bugs.ntp.org/500 has the details).

Since we've been announcing that ntpdate will be deprecated because its
functionality can be replaced by various combinations of ntpd and sntp, we
made sntp a 'required' part of the NTP build.

David> As I have said privately before, the NTP daemon can be operated in
David> SNTP mode which does everything NTP does, but terminates just after
David> the clock has been set for the first time. Yes, it has a rather large
David> footprint, but it lasts only about 11 seconds. The downside is that
David> it requires a configuration file containing a list of servers. If
David> this were done on the command line, NTP in SNTP mode would be
David> indistinguishable from SNTP other than a command line option.

You have provided a mechanism for doing this.  It will be an acceptable
choice for a good number of people.  But there is a significant group of
people for whom this particular mechanism will not work.

They require any or all of the following:

- a small footprint
- set the time with the smallest possible delay

While we might be able to achieve the "smallest delay" with ntpd, I don't
currently see how we can do that while also offering full NTP support from a
single binary and achieve the small footprint.

David> So, the ideal solution would seem to include a list of links on the
David> NTP home page to external sites and in addition internal links to the
David> NTP and SNTP distributions along with a statement that both are
David> strictly specification conformant. That might inspire other wannabees
David> to make and enforce similar claims.

We already have internal and external links on the ntp.org site.

And if somebody wants additional or different information there, contact
information is also listed in what should be obvious places.
-- 
Harlan Stenn <stenn at ntp.org>
http://ntpforum.isc.org  - be a member!




More information about the questions mailing list