[ntp:hackers] Weekend report

David L. Mills mills at udel.edu
Sat Mar 12 17:51:01 PST 2005


Guys,

I lied in my last. Some time ago I changed the transmit procedure in 
ntp_proto.c to reset a persistent association if it became unreachable. 
That was wrong according to my previous message. However, it was and is 
my intent to demobilize an ephemeral association when the server becomes 
unreachable (broadcast client and symmetric passive). I fixed that and 
confirmed persistent associations do survive after the server is lost. I 
also verified that a client of the orphaned server lasts about five 
hours before the orphan is declared unfit for synchronization. This can 
be tinkered as the maxdist parameter.

I found and repaired an error in the notrust restriction that prevented 
an autokey client from recovering after server key refresh. I found and 
fixed errors in the novolley function with symmetric keys. I found and 
fixed inconsistencies in the timestamp auditing, loopback check and 
crypto-NAK code. The loopback/crypto-NAK code operates very much like 
the TCP RESET function and is designed to avoid spurious crypto resets 
by teenage terrorists. The resulting code is smaller, cleaner and 
flowchartable.

There is a known vulnerability where the hacker spews packets with all 
timestamps zero except the transmit timestamp. This prevents the victim 
from ever synchronizing to a legitimate source as long as the hacker 
spews. In some crypto modes the hacker could prevent the autokey dance 
from completing by sending spurious crypto-NAK messages, but the 
modified loopback/crypto-NAK should now avoid that vulnerability.

I've updated the test suite as various wrinkles have showed up. This is 
still very preliminary. One of my favorite is to purposely crash either 
the server or client in the middle of an autokey dance and verify the 
protocol recovers correctly after restart. This is exactly what the 
Internet Construction Corps and I did at Jon Postel's Bakeoff Parties 25 
years ago. We were testing our TCP implementations by connecting and 
then trying to destroy each others implementation. We need a NTP Bakeoff 
today, but it seems I'm the only baker.

Dave



More information about the hackers mailing list