[ntp:security] [Bug 861] leapfile handling broken

David L.Mills via the NTP Bugzilla bugzilla at ntp.org
Fri Oct 16 15:51:25 UTC 2009


http://bugs.ntp.org/861



----------------------------------------------------------------------------
Additional Comments From mills at udel.edu (David L. Mills)
Submitted on 2009-10-16 15:51

Subject: leapfile handling broken

Steve,

The date on this report is recent and the version seems correct, but the 
bug is marked FIXED. I checked anyway and everything said is wrong. The 
ntpq does report the leapsecond and TAI; but, remember the TAI cannot be 
determined until th eclock is reliably set. The TAI bit in the status 
word cannot be set until the leapsecond values have been signed. If the 
client is synchronized to a server via Autokey, this won't happen until 
the certificate trail has been hiked and the identity verified.

Dave

Steve Kostecke via the NTP Bugzilla wrote:

[---=| TOFU protection by t-prot: 12 lines snipped |=---]


-- 
David L. Mills <mills at udel.edu>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list