[Git][NTPsec/ntpsec][master] NTS: Switch to official EXPORTER string

[Hal Murray]

Hal Murray pushed to branch master at NTPsec / ntpsec


Commits:
c22aefa6 by Hal Murray at 2019-03-24T06:51:38Z
NTS: Switch to official EXPORTER string
  Breaks FreeBSD which is still using OpenSSL 1.1.1a

- - - - -


1 changed file:

- ntpd/nts_client.c


Changes:

=====================================
ntpd/nts_client.c
=====================================
@@ -312,13 +312,14 @@ bool check_certificate(struct peer* peer, SSL *ssl) {
 }
 
 bool nts_make_keys(SSL *ssl, uint16_t aead, uint8_t *c2s, uint8_t *s2c, int keylen) {
-  // char *label = "EXPORTER-network-time-security/1";
+  // There is a bug in OpenSSL 1.1.1a
+  // Until Mar-23, we were using:
+  //    const char *label = "EXPORTER-nts/1";
   // Subject: [Ntp] [NTS4NTP] info for NTS developers
   // From: Martin Langer <mart.langer at ostfalia.de>
   // Date: Tue, 15 Jan 2019 11:40:13 +0100
   // https://mailarchive.ietf.org/arch/msg/ntp/nkc-9n6XOPt5Glgi_ueLvuD9EfY
-  // bug in OpenSSL 1.1.1a
-  const char *label = "EXPORTER-nts/1";
+  const char *label = "EXPORTER-network-time-security/1";
   // FIXME, first 2 bytes, next protocol ID (0)
   unsigned char context[5] = {0x00, 0x00, 0x00, 0x0f, 0x00};
   context[2] = (aead >> 8) & 0xFF;



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/c22aefa6de046a600354834376d865a344cf1d4d

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/c22aefa6de046a600354834376d865a344cf1d4d
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190324/f63880ed/attachment.html>