[Git][NTPsec/ntpsec][master] 2 commits: Typo fixes.
Eric S. Raymond
gitlab at mg.gitlab.com
Fri Feb 1 14:54:48 UTC 2019
Eric S. Raymond pushed to branch master at NTPsec / ntpsec
Commits:
50828a12 by Eric S. Raymond at 2019-02-01T14:15:05Z
Typo fixes.
- - - - -
e22f52ec by Eric S. Raymond at 2019-02-01T14:53:37Z
Configuration code and documentation for NTS's client side.
- - - - -
13 changed files:
- devel/nts.adoc
- docs/authentic.adoc
- docs/confopt.adoc
- docs/includes/assoc-options.adoc
- docs/ntpsec.adoc
- include/ntp.h
- include/ntpd.h
- include/nts.h
- ntpd/keyword-gen.c
- ntpd/ntp_config.c
- ntpd/ntp_parser.y
- ntpd/ntp_proto.c
- ntpd/nts.c
Changes:
=====================================
devel/nts.adoc
=====================================
@@ -232,30 +232,7 @@ and intermediate certificate bundles without a full daemon restart.
== NTP Configuration parameters ==
-=== nts ===
-
-To specify that an NTPD client should initiate a connection to
-a remote NTS-KE (nts-ke.example.com), accept the provided
-NTPD server hostname (ntd.example.com) or IP, and then make a
-secure NTPD connection to that server:
-
-....
-nts nts-ke.example.com
-....
-
-Use the optional keyword `ask` to ask for, but not require, a cookie and
-association to a given server (ntpd.example.com).
-
-....
-nts nts-ke.example.com ask ntpd.example.com
-....
-
-Use the optional keyword `require` to require a cookie and association
-to a given server (ntpd.example.com). server (ntpd.example.com).
-
-....
-nts nts-ke.example.com require ntpd.example.com
-....
+This is now part of the NTP documentation.
== NTS-KE Server Configuration parameters ==
=====================================
docs/authentic.adoc
=====================================
@@ -18,12 +18,10 @@ include::includes/authopt.adoc[]
== Table of Contents ==
* link:#auth[Introduction]
-* link:#symm[Symmetric Key Cryptography]
-* link:#operation[Operation]
-* link:#keys[Key Management]
-* link:#algorithms[Algorithms]
-* link:#formats[Data Formats]
-//* link:#windows[Microsoft Windows Authentication]
+* link:#mac[MAC authentication]
+* link:#nts[Network Time Security]
+* link:#windows[Microsoft Windows Authentication]
+* link:#autokey[Autokey]
'''''
@@ -31,18 +29,37 @@ include::includes/authopt.adoc[]
Authentication support allows the NTP client to verify that the server
is in fact known and trusted and not an intruder accidentally
-or intentionally masquerading as that server. NTP performs
-authentication via message digests. It computes a one-way hash, which
-verifies that the server has the correct private key and key identifier.
+or intentionally masquerading as that server.
+
+There are three forms of authentication: MAC, NTS, and MS-SNTP. This
+section describes all three. Each is configured separately for each
+association by options to the server command.
+
+Note: MAC authentication is going to be replaced by NTS. MAC
+authentication may be removed in a future release of NTPsec.
+
+An "Autokey" mode using an early form of public-key cryptography
+formerly existed but has been removed.
A detailed discussion of the NTP multi-layer security model and
vulnerability analysis is in the white paper
{millshome}security.html[NTP Security Analysis].
-Authentication is configured separately for each association using the +key+
-subcommand on the +server+ configuration commands. The authentication
-options described below specify the locations of the key files and
-which symmetric keys are trusted.
+[[mac]]
+=== MAC authentication ===
+
+MAC authentication uses symmetric-key cryptography via message
+digests. It computes a one-way hash, which verifies that the server
+has the correct private key and key identifier.
+
+Beware: both commonly supported message digest formats, MD5 and SHA-1,
+have been either entirely or partly cracked and should not ne
+consideredc strong security.
+
+MAC authentication is is configured using the +key+ subcommand on the
++server+ configuration commands. The authentication options described
+below specify the locations of the key files and which symmetric keys
+are trusted.
Authentication is always enabled, although ineffective if not configured
as described below. If an NTP packet arrives including a message
@@ -52,9 +69,6 @@ message digest. If the packet has been modified in any way
by an intruder, it will fail one or more of these checks and be
discarded. Authentication doesn't prevent replays.
-[[symm]]
-=== Symmetric-Key Cryptography ===
-
NTP allows use of any one of possibly 65,535 keys, each distinguished by a
32-bit key identifier, to authenticate an association. Both server and
client must agree on the key and key identifier in order to
@@ -75,7 +89,7 @@ that can be used if a key becomes compromised. The +controlkey+ command
selects the key used as the password for the {ntpqman} utility.
[[operation]]
-== Operation ==
+=== MAC Operation ===
A server receiving an unauthenticated packet will respond with an
unauthenticated packet, while the same server receiving a packet of a
@@ -105,14 +119,14 @@ to other servers; he can run multiple configured associations with multiple
different servers (or the same server, although that might not be useful).
[[keys]]
-== Key Management ==
+=== MAC Key Management ===
Shared keys used for authentication are incorporated
into the keys files generated by the {ntpkeygenman} utility
program.
[[algorithms]]
-== Algorithms ==
+=== MAC Algorithms ===
The NTP standards include symmetric (private-key) authentication using
any message digest algorithm supported by the OpenSSL package.
@@ -135,7 +149,7 @@ link:authopt.html[Access Control Options] page, can be used to disable
access to all but correctly authenticated clients.
[[formats]]
-== Data Formats ==
+=== MAC Data Formats ===
The NTPv4 specification (RFC 5905) allows any one of possibly 65,535
message digest keys (excluding zero), each distinguished by a 32-bit key
@@ -193,6 +207,17 @@ batches of keys and then activating a key remotely using +ntpq+.
The +controlkey+ command selects the key ID used as the password
for the +ntpq+ utility.
+[[nts]]
+== Network Time Security ==
+
+This section is a placeholder for complete documentation on NTS. The
+NTS implementation is work in progress conforming to a draft RFC not
+yet accepted. NTPsec's future direction is to fully support NTS
+and remove older, insecure authentication methods.
+
+There is some documentation of client-side configuration on the
+link:confopt.html#options[Server Commands and Options] page.
+
[[windows]]
== Microsoft Windows Authentication ==
@@ -207,11 +232,15 @@ another process that could potentially block, denying services to other
users. Therefore, this flag should be used only for a dedicated server
with no clients other than MS-SNTP.*
+[[autokey]]
+== Autokey ==
-== History ==
+Old versions of NTP supported Autokey, which used an early form of
+public-key cryptography for authentication. It was described in RFC 5906.
-Old versions of NTP supported Autokey. It is described in RFC 5906.
-It used key ids greater than 64K.
+Unfortunately, autokey was buggy and a source of vulnerabilities; it
+has been removed. NTS is intended to replace it. It is mentioned here
+only for historical completeness.
'''''
=====================================
docs/confopt.adoc
=====================================
@@ -18,7 +18,7 @@ include::includes/confopt.adoc[]
* link:#address[Server and Peer Addresses]
* link:#association[Association Commands]
-* link:#option[Server Command Options]
+* link:#options[Server Command Options]
'''''
@@ -60,7 +60,7 @@ otherwise.
include::includes/assoc-commands.adoc[]
-[[option]]
+[[options]]
== Server Command Options ==
include::includes/assoc-options.adoc[]
=====================================
docs/includes/assoc-options.adoc
=====================================
@@ -72,4 +72,16 @@
Specifies the version number to be used for outgoing NTP packets.
Versions 1-4 are the choices, with version 4 the default.
++nts+::
+ Use Network Time Security for authentication and encryption.
+ Request key exchange from the NTP server.
+
++nts ask+ 'servername'::
+ Use Network Time Security for authentication and encryption.
+ Ask for a specific NTS server, which may differ from the NTP server.
+
++nts require+ 'servername'::
+ Use Network Time Security for authentication and encryption.
+ Require a specific NTS server, which may differ from the NTP server.
+
// end
=====================================
docs/ntpsec.adoc
=====================================
@@ -163,7 +163,7 @@ codebase has been outright removed, with less than 5% new code added.
system clock (e.g. at boot time on a system with missing or damaged
battery back up) without requiring sync to a remote peer.
-* We've fixed bug inherited from Classic that could cause the jitter
+* We've fixed a bug inherited from Classic that could cause the jitter
of a bad peer to be incorrectly zeroed, possibly causing that peer
to be selected. This probably accounts for some flakiness within
8 polling intervals of startup on older versions.
@@ -212,7 +212,7 @@ codebase has been outright removed, with less than 5% new code added.
variable that is the root distance of the selected peer. This can
fill in the MIB's ntpEntTimeDistance entry.
-* ntpq displays the root distance (aka. syncronization distance) in the
+* ntpq displays the root distance (aka. synchronization distance) in the
sysinfo command.
== Configuration Improvements ==
=====================================
include/ntp.h
=====================================
@@ -183,6 +183,7 @@ struct peer_ctl {
uint32_t flags;
keyid_t peerkey;
double bias;
+ struct ntscfg_t nts_cfg;
uint32_t mode; /* only used by refclocks */
#ifdef REFCLOCK
uint32_t baud;
@@ -254,7 +255,7 @@ struct peer {
uint8_t cast_flags; /* additional flags */
uint8_t last_event; /* last peer error code */
uint8_t num_events; /* number of error events */
- struct ntspeer_t nts; /* per-peer Network Time Security state */
+ struct ntsstate_t nts_state; /* per-peer Network Time Security state */
/*
* Variables used by reference clock support
=====================================
include/ntpd.h
=====================================
@@ -421,11 +421,11 @@ extern const uint8_t num_refclock_conf;
#endif
/* nts.c */
-int nts_client_ke_request(void);
-int nts_server_ke_verify(void);
-int nts_client_ke_verify(struct ntspeer_t *);
-int nts_daily(void);
-int nts_validate(struct parsed_pkt *, struct ntspeer_t *);
-int nts_decorate(uint32_t *, size_t, struct ntspeer_t *);
+int nts_client_ke_request(struct ntscfg_t *);
+int nts_server_ke_verify(struct ntscfg_t *);
+int nts_client_ke_verify(struct ntscfg_t *, struct ntsstate_t *);
+int nts_daily(struct ntscfg_t *);
+int nts_validate(struct ntscfg_t *, struct ntsstate_t *, struct parsed_pkt *);
+int nts_decorate(struct ntscfg_t *, struct ntsstate_t *, uint32_t *, size_t);
#endif /* GUARD_NTPD_H */
=====================================
include/nts.h
=====================================
@@ -7,11 +7,21 @@
#define NTS_MAX_COOKIES 8 /* RFC 4.1.6 */
#define NTS_COOKIELEN 128 /* placeholder - see RFC 6 */
+#define FLAG_NTS 0x01u /* use NTS (network time security) */
+#define FLAG_NTS_ASK 0x02u /* NTS, ask for specified server */
+#define FLAG_NTS_REQ 0x04u /* NTS, ask for specified server */
+
+/* Configuration data for an NTS association */
+struct ntscfg_t {
+ char *server;
+ uint32_t flags;
+};
+
/* Client-side state per connection to server */
-struct ntspeer_t {
- /* we treat an empty cookie string as a sentinel */
+struct ntsstate_t {
char cookies[NTS_MAX_COOKIES][NTS_COOKIELEN];
int current_cookie;
+ int cookie_count;
};
#endif /* GUARD_NTS_H */
=====================================
ntpd/keyword-gen.c
=====================================
@@ -195,6 +195,10 @@ struct key_tok ntp_keywords[] = {
{ "wildcard", T_Wildcard, FOLLBY_TOKEN },
{ "listen", T_Listen, FOLLBY_TOKEN },
{ "drop", T_Drop, FOLLBY_TOKEN },
+/* NTS */
+{ "nts", T_Nts, FOLLBY_TOKEN },
+{ "ask", T_Ask, FOLLBY_STRING },
+{ "require", T_Require, FOLLBY_STRING },
};
typedef struct big_scan_state_tag {
=====================================
ntpd/ntp_config.c
=====================================
@@ -628,6 +628,10 @@ create_peer_node(
my_node->ctl.flags |= FLAG_NOSELECT;
break;
+ case T_Nts:
+ my_node->ctl.nts_cfg.flags |= FLAG_NTS;
+ break;
+
case T_Prefer:
my_node->ctl.flags |= FLAG_PREFER;
break;
@@ -705,6 +709,16 @@ create_peer_node(
my_node->ctl.bias = option->value.d;
break;
+ case T_Ask:
+ my_node->ctl.nts_cfg.flags |= FLAG_NTS_ASK;
+ my_node->ctl.nts_cfg.server = estrdup(option->value.s);
+ break;
+
+ case T_Require:
+ my_node->ctl.nts_cfg.flags |= FLAG_NTS_REQ;
+ my_node->ctl.nts_cfg.server = estrdup(option->value.s);
+ break;
+
#ifdef REFCLOCK
case T_Path:
my_node->ctl.path = estrdup(option->value.s);
=====================================
ntpd/ntp_parser.y
=====================================
@@ -54,6 +54,7 @@
%token <Integer> T_All
%token <Integer> T_Allan
%token <Integer> T_Allpeers
+%token <Integer> T_Ask
%token <Integer> T_Auth
%token <Integer> T_Average
%token <Integer> T_Baud
@@ -157,6 +158,7 @@
%token <Integer> T_Ntp
%token <Integer> T_Ntpport
%token <Integer> T_NtpSignDsocket
+%token <Integer> T_Nts
%token <Integer> T_Orphan
%token <Integer> T_Orphanwait
%token <Integer> T_Panic
@@ -174,6 +176,7 @@
%token <Integer> T_Refclock
%token <Integer> T_Refid
%token <Integer> T_Requestkey
+%token <Integer> T_Require
%token <Integer> T_Reset
%token <Integer> T_Restrict
%token <Integer> T_Rlimit
@@ -402,6 +405,7 @@ option_flag_keyword
: T_Burst
| T_Iburst
| T_Noselect
+ | T_Nts
| T_Prefer
| T_True
;
@@ -450,6 +454,10 @@ option_string
{ $$ = create_attr_sval($1, $2); }
| T_Ppspath T_String
{ $$ = create_attr_sval($1, $2); }
+ | T_Ask T_String
+ { $$ = create_attr_sval($1, $2); }
+ | T_Require T_String
+ { $$ = create_attr_sval($1, $2); }
;
option_double_keyword
=====================================
ntpd/ntp_proto.c
=====================================
@@ -761,7 +761,7 @@ receive(
switch (PKT_MODE(rbufp->pkt.li_vn_mode)) {
case MODE_ACTIVE: /* remote site using "peer" in config file */
case MODE_CLIENT: /* Request for us as a server. */
- if (nts_validate(&rbufp->pkt, NULL) != 0) {
+ if (nts_validate(NULL, NULL, &rbufp->pkt) != 0) {
stat_count.sys_declined++;
break;
}
@@ -769,7 +769,8 @@ receive(
stat_count.sys_processed++;
break;
case MODE_SERVER: /* Reply to our request to a server. */
- if (peer == NULL || nts_validate(&rbufp->pkt, &peer->nts) != 0) {
+ if (peer == NULL || nts_validate(&peer->cfg.nts_cfg, &peer->nts_state,
+ &rbufp->pkt) != 0) {
stat_count.sys_declined++;
break;
}
@@ -2110,7 +2111,8 @@ peer_xmit(
xpkt.xmt = htonl_fp(peer->org_rand); /* out in xmt, back in org */
- sendlen += nts_decorate(xpkt.exten, sizeof(xpkt.exten), &peer->nts);
+ sendlen += nts_decorate(&peer->cfg.nts_cfg, &peer->nts_state,
+ xpkt.exten, sizeof(xpkt.exten));
/*
* If the peer (aka server) was configured with a key, authenticate
@@ -2287,7 +2289,8 @@ fast_xmit(
*/
sendlen = LEN_PKT_NOMAC;
if (NULL == auth) {
- sendlen += nts_decorate(xpkt.exten, sizeof(xpkt.exten), NULL);
+ sendlen += nts_decorate(NULL, NULL,
+ xpkt.exten, sizeof(xpkt.exten));
sendpkt(&rbufp->recv_srcadr, rbufp->dstadr, &xpkt, (int)sendlen);
DPRINT(1, ("transmit: at %u %s->%s mode %d len %zu\n",
current_time, socktoa(&rbufp->dstadr->sin),
=====================================
ntpd/nts.c
=====================================
@@ -19,8 +19,6 @@
/*
* Key exchange support.
- *
- * These function headers will probably need to change
*/
/*
@@ -32,9 +30,10 @@
* o <NTP Server Negotiation>
* o End of Message
*/
-int nts_client_ke_request(void)
+int nts_client_ke_request(struct ntscfg_t *cfg)
{
- return 0;
+ UNUSED_ARG(cfg);
+ return 0;
}
/*
@@ -50,8 +49,9 @@ int nts_client_ke_request(void)
* o <New Cookie for NTPv4>
* o End of Message
*/
-int nts_server_ke_verify(void)
+int nts_server_ke_verify(struct ntscfg_t *cfg)
{
+ UNUSED_ARG(cfg);
return 0;
}
@@ -60,17 +60,19 @@ int nts_server_ke_verify(void)
* - Verify server response message
* - Extract cookie(s).
*/
-int nts_client_ke_verify(struct ntspeer_t *ntspeer)
+int nts_client_ke_verify(struct ntscfg_t *cfg, struct ntsstate_t *state)
{
- UNUSED_ARG(ntspeer);
+ UNUSED_ARG(cfg);
+ UNUSED_ARG(state);
return 0;
}
/*
* Daily rotation of server-side master keys.
*/
-int nts_daily(void)
+int nts_daily(struct ntscfg_t *cfg)
{
+ UNUSED_ARG(cfg);
return 0;
}
@@ -79,28 +81,32 @@ int nts_daily(void)
/*
* Extract and validate NTS validation information from packet
* extension fields in an incoming request or response. On the server
- * side, the ntspeer pointer is expected to be NULL as there is no
- * per-client server state. A nonzero return causes the packet to be
- * discarded.
+ * side, the ntscfg and state pointers are expected to be NULL as
+ * there is no per-client server state. A nonzero return causes the
+ * packet to be discarded.
*/
-int nts_validate(struct parsed_pkt *pkt, struct ntspeer_t *ntspeer)
+int nts_validate(struct ntscfg_t *cfg, struct ntsstate_t *state,
+ struct parsed_pkt *pkt)
{
+ UNUSED_ARG(cfg);
UNUSED_ARG(pkt);
- UNUSED_ARG(ntspeer);
+ UNUSED_ARG(state);
return 0;
}
/*
* Decorate an outgoing client request or server response with packet
* extension fields carrying NTS information. For a server response,
- * the ntspeer pointer is expected to be NULL as there is no
- * per-client server state. Return the count of words appended.
+ * the ntscfg and state pointers are expected to be NULL as there
+ * is no per-client server state. Return the count of words appended.
*/
-int nts_decorate(uint32_t *extdata, size_t extlen, struct ntspeer_t *ntspeer)
+int nts_decorate(struct ntscfg_t *cfg, struct ntsstate_t *state,
+ uint32_t *extdata, size_t extlen)
{
+ UNUSED_ARG(cfg);
UNUSED_ARG(extdata);
UNUSED_ARG(extlen);
- UNUSED_ARG(ntspeer);
+ UNUSED_ARG(state);
return 0;
}
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/86d8302a98e34a9de6917af446e02e5c0acfd04a...e22f52ec588d6084ccb7d197c37e4c87005289a8
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/86d8302a98e34a9de6917af446e02e5c0acfd04a...e22f52ec588d6084ccb7d197c37e4c87005289a8
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190201/deb5edc1/attachment-0001.html>
More information about the vc
mailing list