Requesting code review on possible fix for nopeer/pool conflict
Daniel Franke
dfoxfranke at gmail.com
Tue Jul 5 14:32:42 UTC 2016
On 7/5/16, Eric S. Raymond <esr at thyrsus.com> wrote:
> Hal's bug report reads like this:
>
> restrict nopeer kills using the pool command. (Try it.) The symptom is
> that no slots ever show up in ntpq -p
>
> The nopeer restriction is intended to prevent attackers from
> pretending to be a peer and then screwing up the local clock. The pool
> command is using the same peer mechanism to setup a temporary slot. We
> should be able to bypass that part of the restrict filter. We know
> what IP address to expect. The server slots already do it.
I think this working as designed. 'restrict nopeer' means "Don't
establish unauthenticated ephemeral associations with this IP
address", which is exactly what pool does. I agree this is stupid
design but I don't think it's a bug. One more reason I need to get my
ACL language implemented and restrict needs to die.
The whole receive() function you're looking at is about to get blown
away in my ntp_proto refactor. Can you hold off on touching it until
next week?
More information about the devel
mailing list