prep for 1.0.1

Hal Murray hmurray at
Thu Mar 1 09:20:52 UTC 2018

> I see no real blockers.  We've got a bunch of little nits and documentation
> issues.  I might try to push a fix for #446. 

>From ntp at
> Please note that latest versions of ntp truncate long digests in MACs to 160
> bits, so the authentication should work with any hash function supported by
> OpenSSL. 

If you want to do it, it's 2 places in libntp/macencrypt.c
After EVP_DigestFinal_ex, truncate the length.

There is a 3rd place that uses EVP_DigestFinal_ex, but that is with MD5 which 
has an OK length.

We should add a warning to the read-keys path.

These are my opinions.  I hate spam.

More information about the devel mailing list