[ntp:security] authkey.c

Harlan Stenn stenn at nwtime.org
Mon Feb 22 12:24:47 UTC 2016


Hi Frank,

On 2/21/16 1:56 PM, Frank Kardel wrote:
> Hi !
> 
> The INSIST in line 570 authkey.c function authistrustedip() seems
> inappropriate as it sometimes fires in normal operation killing the
> daemon. This happens with 4.2.8p6.
> 
> Feb 21 21:19:40 Andromeda ntpd[21736]: authkeys.c:570:
> INSIST(!"authistrustedip: keyid not found/trusted!") failed
> Feb 21 21:19:40 Andromeda ntpd[21736]: exiting (due to assertion failure)
> 
> As the keyid is derived from packet data this might also be a DoS vector
> - not verified/analysed - just by code inspection and observing
> assertion failures.

Strange - I'll look.  As I recall, the call to authistrustedip() is
around line 1758 of ntp_proto.c, which requires is_authentic to be
AUTH_OK, which only gets set on line 990 after a call to authdecrypt()
which means the skeyid must exist.  That's why I expect the INSIST to be OK.

I'll dig as I must have missed something.

> BTW: do you have a public key for security sesitive eMail (S/MIME or PGP?)

Yes, and it looks like it needs to be better published.

I'll attach it here - the NTP Security Daily Use key.

> Frank
> _______________________________________________
> security mailing list
> security at lists.ntp.org
> http://lists.ntp.org/listinfo/security
> 

-- 
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x0066B2FD.asc
Type: application/pgp-keys
Size: 4531 bytes
Desc: not available
URL: <http://lists.ntp.org/private/security/attachments/20160222/05deee6e/attachment.key>


More information about the security mailing list