[Git][NTPsec/ntpsec][master] Remove machinery for aging keys.
Eric S. Raymond
gitlab at mg.gitlab.com
Sun Sep 25 12:54:22 UTC 2016
Eric S. Raymond pushed to branch master at NTPsec / ntpsec
Commits:
e4ad9f21 by Eric S. Raymond at 2016-09-25T08:52:03-04:00
Remove machinery for aging keys.
This had utility once, under AUTOKEY. But private keys never aged out,
and Daniel Franke tells us NTS won't use the existing key infrastructure.
- - - - -
6 changed files:
- include/ntp_stdlib.h
- libntp/authkeys.c
- ntpd/ntp_control.c
- ntpd/ntpd.c
- ntpq/ntpq.c
- tests/libntp/authkeys.c
Changes:
=====================================
include/ntp_stdlib.h
=====================================
--- a/include/ntp_stdlib.h
+++ b/include/ntp_stdlib.h
@@ -59,7 +59,7 @@ extern int authencrypt (keyid_t, uint32_t *, int);
extern int authhavekey (keyid_t);
extern int authistrusted (keyid_t);
extern bool authreadkeys (const char *);
-extern void authtrust (keyid_t, unsigned int);
+extern void authtrust (keyid_t, bool);
extern bool authusekey (keyid_t, int, const uint8_t *);
/*
@@ -168,7 +168,6 @@ extern void signal_no_reset (int, void (*func)(int));
extern void set_ctrl_c_hook (ctrl_c_fn);
extern void getauthkeys (const char *);
-extern void auth_agekeys (void);
extern void rereadkeys (void);
/*
@@ -179,7 +178,6 @@ extern void rereadkeys (void);
extern unsigned int authkeynotfound; /* keys not found */
extern unsigned int authkeylookups; /* calls to lookup keys */
extern unsigned int authnumkeys; /* number of active keys */
-extern unsigned int authkeyexpired; /* key lifetime expirations */
extern unsigned int authkeyuncached; /* cache misses */
extern unsigned int authencryptions; /* calls to encrypt */
extern unsigned int authdecryptions; /* calls to decrypt */
=====================================
libntp/authkeys.c
=====================================
--- a/libntp/authkeys.c
+++ b/libntp/authkeys.c
@@ -23,7 +23,6 @@ struct savekey {
symkey * hlink; /* next in hash bucket */
DECL_DLIST_LINK(symkey, llink); /* for overall & free lists */
uint8_t * secret; /* shared secret */
- unsigned int lifetime; /* remaining lifetime */
keyid_t keyid; /* key identifier */
unsigned short type; /* OpenSSL digest NID */
unsigned short secretsize; /* secret octets */
@@ -49,7 +48,7 @@ symkey_alloc * authallocs;
static inline unsigned short auth_log2(double x);
static void auth_resize_hashtable(void);
static void allocsymkey(symkey **, keyid_t, unsigned short,
- unsigned short, unsigned int, unsigned short, uint8_t *);
+ unsigned short, unsigned short, uint8_t *);
static void freesymkey(symkey *, symkey **);
#ifdef DEBUG
static void free_auth_mem(void);
@@ -69,7 +68,6 @@ symkey **key_hash;
unsigned int authkeynotfound; /* keys not found */
unsigned int authkeylookups; /* calls to lookup keys */
unsigned int authnumkeys; /* number of active keys */
-unsigned int authkeyexpired; /* key lifetime expirations */
unsigned int authkeyuncached; /* cache misses */
unsigned int authnokey; /* calls to encrypt with no key */
unsigned int authencryptions; /* calls to encrypt */
@@ -260,7 +258,6 @@ allocsymkey(
keyid_t id,
unsigned short flags,
unsigned short type,
- unsigned int lifetime,
unsigned short secretsize,
uint8_t * secret
)
@@ -276,7 +273,6 @@ allocsymkey(
sk->type = type;
sk->secretsize = secretsize;
sk->secret = secret;
- sk->lifetime = lifetime;
LINK_SLIST(*bucket, sk, hlink);
LINK_TAIL_DLIST(key_listhead, sk, llink);
authnumfreekeys--;
@@ -419,12 +415,11 @@ authhavekey(
void
authtrust(
keyid_t id,
- unsigned int trust
+ bool trust
)
{
symkey ** bucket;
symkey * sk;
- unsigned int lifetime;
/*
* Search bin for key; if it does not exist and is untrusted,
@@ -450,16 +445,10 @@ authtrust(
}
/*
- * Key exists. If it is to be trusted, say so and
- * update its lifetime.
+ * Key exists. If it is to be trusted, say so.
*/
- if (trust > 0) {
+ if (trust) {
sk->flags |= KEY_TRUSTED;
- if (trust > 1)
- sk->lifetime = current_time + trust;
- else
- sk->lifetime = 0;
- return;
}
/* No longer trusted, return it to the free list. */
@@ -467,16 +456,7 @@ authtrust(
return;
}
- /*
- * keyid is not present, but the is to be trusted. We allocate
- * a new key, but do not specify a key type or secret.
- */
- if (trust > 1) {
- lifetime = current_time + trust;
- } else {
- lifetime = 0;
- }
- allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL);
+ allocsymkey(bucket, id, KEY_TRUSTED, 0, 0, NULL);
}
@@ -550,7 +530,7 @@ MD5auth_setkey(
secretsize = len;
secret = emalloc(secretsize);
memcpy(secret, key, secretsize);
- allocsymkey(bucket, keyno, 0, (unsigned short)keytype, 0,
+ allocsymkey(bucket, keyno, 0, (unsigned short)keytype,
(unsigned short)secretsize, secret);
#ifdef DEBUG
if (debug >= 4) {
@@ -587,7 +567,6 @@ auth_delkeys(void)
sk->secret = NULL;
}
sk->secretsize = 0;
- sk->lifetime = 0;
} else {
freesymkey(sk, &key_hash[KEYHASH(sk->keyid)]);
}
@@ -596,25 +575,6 @@ auth_delkeys(void)
/*
- * auth_agekeys - delete keys whose lifetimes have expired
- */
-void
-auth_agekeys(void)
-{
- symkey * sk;
-
- ITER_DLIST_BEGIN(key_listhead, sk, llink, symkey)
- if (sk->lifetime > 0 && current_time > sk->lifetime) {
- freesymkey(sk, &key_hash[KEYHASH(sk->keyid)]);
- authkeyexpired++;
- }
- ITER_DLIST_END()
- DPRINTF(1, ("auth_agekeys: at %lu keys %u expired %u\n",
- current_time, authnumkeys, authkeyexpired));
-}
-
-
-/*
* authencrypt - generate message authenticator
*
* Returns length of authenticator field, zero if key not found.
=====================================
ntpd/ntp_control.c
=====================================
--- a/ntpd/ntp_control.c
+++ b/ntpd/ntp_control.c
@@ -1750,7 +1750,8 @@ ctl_putsys(
break;
case CS_AUTHKEXPIRED:
- ctl_putuint(sys_var[varid].text, authkeyexpired);
+ /* historical relic - autokey used to expire keys */
+ ctl_putuint(sys_var[varid].text, 0);
break;
case CS_AUTHENCRYPTS:
=====================================
ntpd/ntpd.c
=====================================
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -775,7 +775,7 @@ ntpdmain(
ntp_optarg);
exit(0);
} else {
- authtrust(tkey, 1);
+ authtrust(tkey, true);
}
}
break;
=====================================
ntpq/ntpq.c
=====================================
--- a/ntpq/ntpq.c
+++ b/ntpq/ntpq.c
@@ -1276,7 +1276,7 @@ sendrequest(
}
authusekey(info_auth_keyid, info_auth_keytype,
(uint8_t *)pass);
- authtrust(info_auth_keyid, 1);
+ authtrust(info_auth_keyid, true);
}
/*
@@ -2369,7 +2369,7 @@ passwd(
}
authusekey(info_auth_keyid, info_auth_keytype,
(const uint8_t *)pass);
- authtrust(info_auth_keyid, 1);
+ authtrust(info_auth_keyid, true);
}
=====================================
tests/libntp/authkeys.c
=====================================
--- a/tests/libntp/authkeys.c
+++ b/tests/libntp/authkeys.c
@@ -48,11 +48,11 @@ void AddTrustedKey(keyid_t keyno) {
*/
MD5auth_setkey(keyno, KEYTYPE, NULL, 0);
- authtrust(keyno, 1);
+ authtrust(keyno, true);
}
void AddUntrustedKey(keyid_t keyno) {
- authtrust(keyno, 0);
+ authtrust(keyno, false);
}
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/e4ad9f215ed23acc042550ec332e4629b512d653
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20160925/74e56547/attachment.html>
More information about the vc
mailing list