ntpsec | mssntp in ntp.conf breaks time service to all clients (#785)

Hal Murray halmurray at sonic.net
Mon May 1 23:36:40 UTC 2023

I took a scan at the code.  It's pretty broken.  It won't be a quick fix.

Given how broken the code is, this seems to be the first time anybody has 
tried to use that feature. :)  [If there were others, they didn't bother to 
tell anybody.]

Can we get a packet trace of a working example?
I think we'll need a Windows box to generate the SNTP request.
Either old/classic ntpd or a real DC should provide a good response.

I think we should write/collect a HOWTO setup and run a test environment.  I 
assume that will have several sections:
  Setup Samba as a DC
  Build/setup ntpd to process MS-SNTP
  Build/run some test code.

I'm willing to write some hack code to generate/check MS-SNTP requests.

Does anybody know enough about Samba to write (or point us at) a minimal 
setup?  All it needs to do is sign MS-SNTP requests.

These are my opinions.  I hate spam.

More information about the devel mailing list