[Git][NTPsec/ntpsec][master] 10 commits: Drop bogus use of CMAC_resume
Hal Murray
gitlab at mg.gitlab.com
Fri Jul 10 19:07:59 UTC 2020
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
27cc92d3 by Hal Murray at 2020-06-17T18:39:24-07:00
Drop bogus use of CMAC_resume
- - - - -
1587b693 by Hal Murray at 2020-06-17T18:39:24-07:00
Switch default port for NTS client to 4460
- - - - -
e1b48910 by Hal Murray at 2020-06-17T18:39:24-07:00
Tweaks to attic/digest-timing.c for OpenSSL 3.0.0
- - - - -
58e13da8 by Hal Murray at 2020-06-17T18:39:24-07:00
Tweaks to attic/digest-find.c for OpenSSL 3.0.0
- - - - -
450f05c1 by Hal Murray at 2020-06-17T18:39:24-07:00
Move getdents(64) from early to main seccomp list
It's used by OpenSSL 3.0.0
- - - - -
29c6320c by Hal Murray at 2020-06-17T23:20:02-07:00
Speedup for PKEY case in attic/cmac-timing
Thanks to Kurt Roeckx on the openssl-users list.
- - - - -
f3a9398f by Hal Murray at 2020-07-07T23:34:09-07:00
Doc tweaks for shared key authentication
- - - - -
22650f14 by Hal Murray at 2020-07-09T02:18:20-07:00
Minor cleanup on restrict bits
- - - - -
631d2e19 by Hal Murray at 2020-07-10T10:53:36-07:00
Split out code calling OpenSSL from libntp/pymodule.c
OpenSSL and Python.h don't play well together.
They get shadow warning for freefunc
It may work without warnings if the order of includes is right.
This doesn't depend on any magic like that.
There is other magic associated with redefining _POSIX_C_SOURCE
and _XOPEN_SOURCE. Keep your fingers crossed.
- - - - -
6f72d3bf by Hal Murray at 2020-07-10T11:09:16-07:00
Disable DEPRECATED warnings from OpenSSL/CMAC
This lets it work with OpenSSL 3.0 alpha
The longer term fix is to use PKEY
- - - - -
19 changed files:
- NEWS.adoc
- attic/cmac-timing.c
- attic/digest-find.c
- attic/digest-timing.c
- docs/authentic.adoc
- docs/includes/ntp.keys-body.adoc
- include/ntp.h
- libntp/authreadkeys.c
- libntp/macencrypt.c
- + libntp/pymodule-mac.c
- + libntp/pymodule-mac.h
- libntp/pymodule.c
- libntp/ssl_init.c
- libntp/statestr.c
- libntp/wscript
- ntpd/ntp_config.c
- ntpd/ntp_proto.c
- ntpd/ntp_sandbox.c
- ntpd/nts_client.c
Changes:
=====================================
NEWS.adoc
=====================================
@@ -12,6 +12,11 @@ on user-visible changes.
== Repository Head ==
+NTS KE client now defaults to port 4460.
+
+NTS KE server now listens on port 4460 as well as 123.
+(Listening on 123 will be removed for 1.2.0)
+
== 2020-05-23: 1.1.9 ==
Today is Blursday, Maprilay 84th, 2020, of the COVID-19 panic.
=====================================
attic/cmac-timing.c
=====================================
@@ -204,11 +204,13 @@ static void DoPKEY(
printf("## Oops, EVP_MD_CTX_new() failed.\n");
return;
}
+ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_FINALISE);
clock_gettime(CLOCK_MONOTONIC, &start);
for (int i = 0; i < NUM; i++) {
digestlength = One_PKEY(pkey, ctx, pkt, pktlength);
}
+
clock_gettime(CLOCK_MONOTONIC, &stop);
fast = (stop.tv_sec-start.tv_sec)*1E9 + (stop.tv_nsec-start.tv_nsec);
printf("%12s %2d %2d %2lu %6.0f %6.3f",
=====================================
attic/digest-find.c
=====================================
@@ -18,6 +18,9 @@
#include <stdio.h>
#include <openssl/objects.h>
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+#include <openssl/ssl.h>
+#endif
#include <openssl/evp.h>
#define UNUSED_ARG(arg) ((void)(arg))
@@ -42,6 +45,10 @@ main (
UNUSED_ARG(argc);
UNUSED_ARG(argv);
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+ SSL_CTX *ssl = SSL_CTX_new(TLS_client_method());
+#endif
+
unsigned int versionNumber = OPENSSL_VERSION_NUMBER;
const char *versionText = OPENSSL_VERSION_TEXT;
printf("OpenSSL xVersion is %x, %s\n", versionNumber, versionText);
@@ -59,16 +66,22 @@ main (
const EVP_MD *md;
keytype = OBJ_sn2nid(digests[i]);
if (NID_undef == keytype) {
- printf("%10s\n", digests[i]);
+ printf("%10s (no keytype)\n", digests[i]);
continue;
}
md = EVP_get_digestbynid(keytype);
if (NULL == md) {
- printf("%10s %4d\n", digests[i], keytype);
+ printf("%10s %4d (no digest)\n", digests[i], keytype);
continue;
}
- ctx = EVP_MD_CTX_create();
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+ if (1 && 0 == SSL_CTX_set_cipher_list(ssl, digests[i])) {
+ printf("%10s (no cipher_list)\n", digests[i]);
+ continue;
+ }
+#endif
/* libntp/macencrypt.c has an ifdef for this */
+ ctx = EVP_MD_CTX_create();
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
EVP_DigestInit_ex(ctx, md, NULL);
EVP_DigestUpdate(ctx, pkt, sizeof(pkt));
=====================================
attic/digest-timing.c
=====================================
@@ -29,6 +29,9 @@
#include <openssl/md5.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+#include <openssl/ssl.h>
+#endif
#define UNUSED_ARG(arg) ((void)(arg))
@@ -56,6 +59,10 @@ int NUM = 1000000;
#define MAX_KEY_LENGTH 64
EVP_MD_CTX *ctx;
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+SSL_CTX *ssl;
+#endif
+
static void ssl_init(void)
{
@@ -63,6 +70,9 @@ static void ssl_init(void)
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
ctx = EVP_MD_CTX_new();
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+ ssl = SSL_CTX_new(TLS_client_method());
+#endif
}
static unsigned int SSL_Digest(
@@ -116,9 +126,21 @@ static void DoDigest(
unsigned int digestlength = 0;
if (NULL == digest) {
+ printf("%10s no digest\n", name);
return;
}
+#if OPENSSL_VERSION_NUMBER > 0x20000000L
+ /* Required for OpenSSL 3.0.0
+ * This skips SHA224 and SHA512 which work,
+ * but RIPEMD160 gets Segmentation fault without this.
+ */
+ if (0 == SSL_CTX_set_cipher_list(ssl, name)) {
+ printf("%10s no cipher_list\n", name);
+ return;
+ }
+#endif
+
clock_gettime(CLOCK_MONOTONIC, &start);
for (int i = 0; i < NUM; i++) {
digestlength = SSL_Digest(digest, key, keylength, pkt, pktlength);
@@ -150,6 +172,8 @@ int main(int argc, char *argv[])
UNUSED_ARG(argc);
UNUSED_ARG(argv);
+ setlinebuf(stdout);
+
ssl_init();
RAND_bytes((unsigned char *)&key, MAX_KEY_LENGTH);
RAND_bytes((unsigned char *)&packet, PACKET_LENGTH);
=====================================
docs/authentic.adoc
=====================================
@@ -37,12 +37,19 @@ There are three forms of authentication: MAC, NTS, and MS-SNTP. This
section describes all three. Each is configured separately for each
association by options to the server command.
-Note: MAC authentication is going to be replaced by NTS. MAC
-authentication may be removed in a future release of NTPsec.
-
An "Autokey" mode using an early form of public-key cryptography
formerly existed but has been removed.
+MAC authentication requires cooperation between client and server.
+One side must make the key and securely send it to the other end.
+Both must install a key into their keys file.
+That isn't practical for a server with many clients.
+
+NTS is much easier to configure. On the server side, setting up
+a certificate works for all clients. On the client side, the
+OS/distro probably already distributes a collection of root certificates
+for use by web browsers.
+
A detailed discussion of the NTP multi-layer security model and
vulnerability analysis is in the white paper
{millshome}security.html[NTP Security Analysis].
@@ -73,7 +80,7 @@ discarded. Authentication doesn't prevent replays.
NTP allows use of any one of possibly 65,535 keys, each distinguished by a
32-bit key identifier, to authenticate an association. Both server and
-client must agree on the key and key identifier in order to
+client must agree on the key, key identifier and algorithm in order to
authenticate NTP packets. Keys and related information are specified
in a key file. More info in {ntpkeysman}. It must be distributed
and stored using secure means beyond the scope of the NTP protocol
@@ -154,15 +161,14 @@ access to all but correctly authenticated clients.
=== MAC Data Formats
The NTPv4 specification (RFC 5905) allows any one of possibly 65,535
-message digest keys (excluding zero), each distinguished by a 32-bit key
+keys (excluding zero), each distinguished by a 32-bit key
ID, to authenticate an association. The servers and clients involved
must agree on the key ID, key type and key to authenticate NTP packets.
The message digest is a cryptographic hash computed by an algorithm such
-as MD5 or SHA-1. While, +ntpd+'s digest mode could use any digest
+as MD5 or SHA-1. While, +ntpd+'s digest mode can use any digest
supported by libcrypto from the OpenSSL project, in practice MD5 and
-SHA-1 are the only supported types. This is very unlikely to change
-before MAC authentication is obsolesced by NTS.
+SHA-1 are the only commonly used types.
When authentication is specified, a message authentication code (MAC)
is appended to the NTP packet header. The MAC consists of a 32-bit key
=====================================
docs/includes/ntp.keys-body.adoc
=====================================
@@ -18,30 +18,41 @@ keyno type key
--------------
where `keyno` is a positive integer (between 1 and 65535),
-`type` is the message digest algorithm, and
+`type` is the message digest or cipher algorithm, and
`key` is the key itself.
The file does not need to be sorted by `keyno`.
-`type` can be any digest type supported by your OpenSSL package.
-Digests longer than 20 bytes will be truncated.
+`type` can be the name of any digest or cipher supported by your
+OpenSSL package. Digests or CMACs longer than 20 bytes will be truncated.
-You can probably get a list from `man 1 dgst` or `openssl help`.
+You can get a list from `openssl list -digest-algorithms` or
+`openssl list -cipher-algorithms`.
(As of Jan 2018, they lie. Be sure to try it. {ntpdman} will
print an error on startup if a selected type isn't supported.)
The following types are widely supported:
-----
md5, sha1, ripemd160, sha224, sha256, sha384, sha512
+ aes-128, aes-192, aes-256
-----
+Only the +-cbc+ cipher modes are useful.
+The +-cbc+ is appended to the `type` internally. Do not include it in `type`.
+
+AES is an abbreviation for aes-128.
+
+Note that MD5 was depricated by RFC 8573 in June of 2019.
++AES-128+ is currently prefered. The code still supports
+MD5 for backwards compatibility.
+
FIPS 140-2, FIPS 180-4, and/or FIPS 202 may restrict your choices.
If it matters to you, check with your lawyer. (Let us know if you
find a good reference.)
The `key` may be printable ASCII excluding "#" or hex encoded.
Keys longer than 20 characters are assumed to be hex. The max
-length of a (possibly de-hexified) key is 32 bytes. If you
+length of a (de-hexified) key is 32 bytes. If you
want to use an ASCII key longer than 20 bytes, you must hexify it.
Note that the keys used by the {ntpqman} programs are
=====================================
include/ntp.h
=====================================
@@ -689,16 +689,15 @@ struct restrict_u_tag {
#define RES_DONTSERVE 0x0002 /* access denied */
#define RES_DONTTRUST 0x0004 /* authentication required */
#define RES_VERSION 0x0008 /* version mismatch */
-#define RES_NOPEER 0x0010 /* new association denied */
-#define RES_LIMITED 0x0020 /* packet rate exceeded */
-#define RES_FLAGS (RES_IGNORE | RES_DONTSERVE |\
- RES_DONTTRUST | RES_VERSION |\
- RES_NOPEER | RES_LIMITED)
+#define RES_NOPEERx 0x0010 /* new association denied */
+#define RES_LIMITED 0x0020 /* packet rate exceeded */
+#define RES_FLAGS (RES_IGNORE | RES_DONTSERVE | RES_DONTTRUST | \
+ RES_VERSION | RES_LIMITED)
#define RES_NOQUERY 0x0040 /* mode 6 packet denied */
#define RES_NOMODIFY 0x0080 /* mode 6 modify denied */
-#define RES_NOTRAP 0x0100 /* mode 6 set trap denied (not used) */
-#define RES_LPTRAP 0x0200 /* mode 6 low priority trap (not used) */
+#define RES_NOTRAPx 0x0100 /* mode 6 set trap denied (not used) */
+#define RES_LPTRAPx 0x0200 /* mode 6 low priority trap (not used) */
#define RES_KOD 0x0400 /* send kiss of death packet */
#define RES_MSSNTP 0x0800 /* enable MS-SNTP authentication */
=====================================
libntp/authreadkeys.c
=====================================
@@ -1,6 +1,8 @@
/*
* authreadkeys.c - routines to support the reading of the key file
*/
+#define OPENSSL_SUPPRESS_DEPRECATED 1
+
#include "config.h"
#include <stdio.h>
#include <ctype.h>
=====================================
libntp/macencrypt.c
=====================================
@@ -1,6 +1,8 @@
/*
* CMAC and digest support for NTP
*/
+#define OPENSSL_SUPPRESS_DEPRECATED 1
+
#include "config.h"
#include <string.h>
@@ -64,7 +66,6 @@ cmac_encrypt(
size_t len;
CMAC_CTX *ctx = cmac_ctx;
- CMAC_resume(ctx);
if (!CMAC_Init(ctx, auth->key, auth->key_size, auth->cipher, NULL)) {
/* Shouldn't happen. Does if wrong key_size. */
msyslog(LOG_ERR,
@@ -98,7 +99,6 @@ cmac_decrypt(
size_t len;
CMAC_CTX *ctx = cmac_ctx;
- CMAC_resume(ctx);
if (!CMAC_Init(ctx, auth->key, auth->key_size, auth->cipher, NULL)) {
/* Shouldn't happen. Does if wrong key_size. */
msyslog(LOG_ERR,
=====================================
libntp/pymodule-mac.c
=====================================
@@ -0,0 +1,156 @@
+/*
+ * Copyright the NTPsec project contributors
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ */
+
+#include "config.h"
+
+#include <string.h>
+#include <ctype.h>
+
+#include "ntp_types.h"
+#include "ntp_stdlib.h"
+
+#include "pymodule-mac.h"
+
+/* Don't include Python.h */
+
+#define OPENSSL_SUPPRESS_DEPRECATED 1
+#include <openssl/evp.h>
+#include <openssl/cmac.h>
+
+/* Slightly older version of OpenSSL */
+/* Similar hack in ssl_init.c and attic/digest-timing.c */
+#ifndef EVP_MD_CTX_new
+#define EVP_MD_CTX_new() EVP_MD_CTX_create()
+#endif
+#ifndef EVP_MD_CTX_reset
+#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_init(ctx)
+#endif
+
+/* Needed on old versions of OpenSSL */
+static void SSL_init(void) {
+ static bool init_done = false;
+ if (init_done)
+ return;
+ init_done = true;
+ OpenSSL_add_all_ciphers();
+ OpenSSL_add_all_digests();
+}
+
+/* xx = ntp.ntpc.checkname(name)
+ * returns false if algorithm name is invalid. */
+
+int do_checkname(const char *name)
+{
+ char upcase[100];
+ const EVP_MD *digest;
+ const EVP_CIPHER *cipher;
+
+ SSL_init();
+
+ strlcpy(upcase, name, sizeof(upcase));
+ for (int i=0; upcase[i]!=0; i++) {
+ upcase[i] = toupper(upcase[i]);
+ }
+
+ digest = EVP_get_digestbyname(upcase);
+ if (NULL != digest) {
+ return true;
+ }
+
+ if ((strcmp(upcase, "AES") == 0) || (strcmp(upcase, "AES128CMAC") == 0)) {
+ strlcpy(upcase, "AES-128", sizeof(upcase));
+ }
+ strlcat(upcase, "-CBC", sizeof(upcase));
+ cipher = EVP_get_cipherbyname(upcase);
+ if (NULL != cipher) {
+ int length = EVP_CIPHER_key_length(cipher);
+ return length;
+ }
+
+ return false;
+}
+
+
+/* mac = ntp.ntpc.mac(data, key, name) */
+
+#if EVP_MAX_MD_SIZE > MAX_MAC_LENGTH
+#error "MAX_MAC_LENGTH isn't big enough"
+/* FIXME: Does this cover CMAC ?? */
+#endif
+
+void do_mac(char *name,
+ uint8_t *data, size_t datalen,
+ uint8_t *key, size_t keylen,
+ uint8_t mac[MAX_MAC_LENGTH], size_t *maclen)
+{
+ char upcase[100];
+ static EVP_MD_CTX *digest_ctx = NULL;
+ static CMAC_CTX *cmac_ctx = NULL;
+ const EVP_MD *digest;
+ const EVP_CIPHER *cipher;
+ size_t cipherlen;
+
+ SSL_init();
+
+ strlcpy(upcase, name, sizeof(upcase));
+ for (int i=0; upcase[i]!=0; i++) {
+ upcase[i] = toupper(upcase[i]);
+ }
+
+ digest = EVP_get_digestbyname(upcase);
+ if (NULL != digest) {
+ /* Old digest case, MD5, SHA1 */
+ unsigned int maclenint;
+ if (NULL == digest_ctx)
+ digest_ctx = EVP_MD_CTX_new();
+ EVP_MD_CTX_reset(digest_ctx);
+ if (!EVP_DigestInit_ex(digest_ctx, digest, NULL)) {
+ *maclen = 0;
+ return;
+ }
+ EVP_DigestUpdate(digest_ctx, key, keylen);
+ EVP_DigestUpdate(digest_ctx, data, (unsigned int)datalen);
+ EVP_DigestFinal_ex(digest_ctx, mac, &maclenint);
+ if (MAX_MAC_LENGTH < maclenint)
+ maclenint = MAX_MAC_LENGTH;
+ *maclen = maclenint;
+ return;
+ }
+
+ if ((strcmp(upcase, "AES") == 0) || (strcmp(upcase, "AES128CMAC") == 0)) {
+ strlcpy(upcase, "AES-128", sizeof(upcase));
+ }
+ strlcat(upcase, "-CBC", sizeof(upcase));
+
+ cipher = EVP_get_cipherbyname(upcase);
+ if (NULL == cipher) {
+ *maclen = 0;
+ return;
+ }
+ cipherlen = EVP_CIPHER_key_length(cipher);
+ if (cipherlen < keylen) {
+ keylen = cipherlen; /* truncate */
+ } else if (cipherlen > keylen) {
+ uint8_t newkey[EVP_MAX_KEY_LENGTH];
+ memcpy(newkey, key, keylen);
+ while (cipherlen > keylen)
+ key[keylen++] = 0; /* pad with 0s */
+ key = newkey;
+ }
+ if (NULL == cmac_ctx)
+ cmac_ctx = CMAC_CTX_new();
+ if (!CMAC_Init(cmac_ctx, key, keylen, cipher, NULL)) {
+ /* Shouldn't happen. Does if wrong key_size. */
+ *maclen = 0;
+ return;
+ }
+ CMAC_Update(cmac_ctx, data, (unsigned int)datalen);
+ CMAC_Final(cmac_ctx, mac, maclen);
+ if (MAX_MAC_LENGTH < *maclen)
+ *maclen = MAX_MAC_LENGTH;
+ return;
+}
+
=====================================
libntp/pymodule-mac.h
=====================================
@@ -0,0 +1,27 @@
+/*
+ * pymodule-mac.h -- hack for moving routines that call OpenSSL
+ * out of pymodule.c because of shadow warnings for freefunc
+ *
+ * Copyright the NTPsec project contributors
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ */
+
+#ifndef GUARD_PYMODULE_MAC_H
+#define GUARD_PYMODULE_MAC_H
+
+#include <stddef.h>
+#include <stdbool.h>
+
+/* can't include Python.h or anything from openssl */
+
+#define MAX_MAC_LENGTH 64
+
+int do_checkname(const char *name);
+
+void do_mac(char *name,
+ uint8_t *data, size_t datalen,
+ uint8_t *key, size_t keylen,
+ uint8_t mac[MAX_MAC_LENGTH], size_t *maclen);
+
+#endif /* GUARD_PYMODULE_MAC_H */
=====================================
libntp/pymodule.c
=====================================
@@ -4,6 +4,10 @@
*
* Python binding for selected libntp library functions
*/
+
+/* This include has to come early or we get warnings from redefining
+ * _POSIX_C_SOURCE and _XOPEN_SOURCE on some systems.
+ */
#define PY_SSIZE_T_CLEAN
#include <Python.h>
@@ -22,11 +26,12 @@
#include "ntp_control.h"
-#include "ntp_auth.h"
-#include <openssl/evp.h>
+#include "pymodule-mac.h"
#include "python_compatibility.h"
+/* Don't include anything from OpenSSL */
+
const char *progname = "libntpc";
/*
@@ -148,26 +153,14 @@ ntpc_step_systime(PyObject *self, PyObject *args)
/* --------------------------------------------------------------- */
/* Hook for CMAC/HMAC
* Not really part of libntp, but this is a handy place to put it.
+ *
+ * The worker parts have been moved to another module because of
+ * name clash between python and OpenSSL. Both use freefunc.
+ *
+ * All Python stuff here. All OpenSSL stuff in pymodule-mac.c
+ *
*/
-/* Slightly older version of OpenSSL */
-/* Similar hack in ssl_init.c and attic/digest-timing.c */
-#ifndef EVP_MD_CTX_new
-#define EVP_MD_CTX_new() EVP_MD_CTX_create()
-#endif
-#ifndef EVP_MD_CTX_reset
-#define EVP_MD_CTX_reset(ctx) EVP_MD_CTX_init(ctx)
-#endif
-
-/* Needed on old versions of OpenSSL */
-static void SSL_init(void) {
- static bool init_done = false;
- if (init_done)
- return;
- init_done = true;
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
-}
/* xx = ntp.ntpc.checkname(name)
* returns None if algorithm name is invalid. */
@@ -176,34 +169,15 @@ static PyObject *
ntpc_checkname(PyObject *self, PyObject *args)
{
const char *name;
- char upcase[100];
- const EVP_MD *digest;
- const EVP_CIPHER *cipher;
UNUSED_ARG(self);
-
- SSL_init();
+ int length;
if (!PyArg_ParseTuple(args, "s", &name))
- return NULL;
- strlcpy(upcase, name, sizeof(upcase));
- for (int i=0; upcase[i]!=0; i++) {
- upcase[i] = toupper(upcase[i]);
- }
+ Py_RETURN_NONE;
- digest = EVP_get_digestbyname(upcase);
- if (NULL != digest) {
- return Py_BuildValue("i", 1);
- }
-
- if ((strcmp(upcase, "AES") == 0) || (strcmp(upcase, "AES128CMAC") == 0)) {
- strlcpy(upcase, "AES-128", sizeof(upcase));
- }
- strlcat(upcase, "-CBC", sizeof(upcase));
- cipher = EVP_get_cipherbyname(upcase);
- if (NULL != cipher) {
- int length = EVP_CIPHER_key_length(cipher);
- return Py_BuildValue("i", length);
- }
+ length = do_checkname(name);
+
+ if (length != 0) return Py_BuildValue("i", 1);
Py_RETURN_NONE;
}
@@ -220,16 +194,9 @@ ntpc_mac(PyObject *self, PyObject *args)
uint8_t *key;
Py_ssize_t keylen;
char *name;
- uint8_t mac[CMAC_MAX_MAC_LENGTH];
+ uint8_t mac[MAX_MAC_LENGTH];
size_t maclen;
- char upcase[100];
- static EVP_MD_CTX *digest_ctx = NULL;
- static CMAC_CTX *cmac_ctx = NULL;
- const EVP_MD *digest;
- const EVP_CIPHER *cipher;
- int cipherlen;
- SSL_init();
#if PY_MAJOR_VERSION >= 3
if (!PyArg_ParseTuple(args, "y#y#s",
@@ -240,62 +207,14 @@ ntpc_mac(PyObject *self, PyObject *args)
#endif
Py_RETURN_NONE;
- strlcpy(upcase, name, sizeof(upcase));
- for (int i=0; upcase[i]!=0; i++) {
- upcase[i] = toupper(upcase[i]);
- }
+ do_mac(name,
+ data, datalen,
+ key, keylen,
+ mac, &maclen);
- digest = EVP_get_digestbyname(upcase);
- if (NULL != digest) {
- /* Old digest case, MD5, SHA1 */
- unsigned int maclenint;
- if (NULL == digest_ctx)
- digest_ctx = EVP_MD_CTX_new();
- EVP_MD_CTX_reset(digest_ctx);
- if (!EVP_DigestInit_ex(digest_ctx, digest, NULL))
- Py_RETURN_NONE;
- EVP_DigestUpdate(digest_ctx, key, keylen);
- EVP_DigestUpdate(digest_ctx, data, (unsigned int)datalen);
- EVP_DigestFinal_ex(digest_ctx, mac, &maclenint);
- if (MAX_BARE_MAC_LENGTH < maclenint)
- maclenint = MAX_BARE_MAC_LENGTH;
-#if PY_MAJOR_VERSION >= 3
- return Py_BuildValue("y#", &mac, maclenint);
-#else
- return Py_BuildValue("s#", &mac, maclenint);
-#endif
- }
-
- if ((strcmp(upcase, "AES") == 0) || (strcmp(upcase, "AES128CMAC") == 0)) {
- strlcpy(upcase, "AES-128", sizeof(upcase));
- }
- strlcat(upcase, "-CBC", sizeof(upcase));
-
- cipher = EVP_get_cipherbyname(upcase);
- if (NULL == cipher)
- Py_RETURN_NONE;
-
- cipherlen = EVP_CIPHER_key_length(cipher);
- if (cipherlen < keylen) {
- keylen = cipherlen; /* truncate */
- } else if (cipherlen > keylen) {
- uint8_t newkey[EVP_MAX_KEY_LENGTH];
- memcpy(newkey, key, keylen);
- while (cipherlen > keylen)
- key[keylen++] = 0; /* pad with 0s */
- key = newkey;
- }
- if (NULL == cmac_ctx)
- cmac_ctx = CMAC_CTX_new();
- CMAC_resume(cmac_ctx);
- if (!CMAC_Init(cmac_ctx, key, keylen, cipher, NULL)) {
- /* Shouldn't happen. Does if wrong key_size. */
- Py_RETURN_NONE;
- }
- CMAC_Update(cmac_ctx, data, (unsigned int)datalen);
- CMAC_Final(cmac_ctx, mac, &maclen);
- if (MAX_BARE_MAC_LENGTH < maclen)
- maclen = MAX_BARE_MAC_LENGTH;
+ if (maclen == 0)
+ Py_RETURN_NONE;
+
#if PY_MAJOR_VERSION >= 3
return Py_BuildValue("y#", &mac, maclen);
#else
=====================================
libntp/ssl_init.c
=====================================
@@ -1,6 +1,7 @@
/* ssl_init.c Common OpenSSL initialization code
* This is needed for crypto as well as NTS
*/
+#define OPENSSL_SUPPRESS_DEPRECATED 1
#include "config.h"
#include "ntp_stdlib.h"
=====================================
libntp/statestr.c
=====================================
@@ -178,7 +178,7 @@ static const struct codestring res_access_bits[] = {
{ RES_DONTTRUST, "notrust" },
{ RES_NOQUERY, "noquery" },
{ RES_NOMODIFY, "nomodify" },
- { RES_NOPEER, "nopeer" },
+ { RES_NOPEERx, "nopeer" },
{ RES_LIMITED, "limited" },
{ RES_VERSION, "version" },
{ RES_KOD, "kod" },
=====================================
libntp/wscript
=====================================
@@ -52,7 +52,7 @@ def build(ctx):
features="c cshlib pyext",
install_path='${PYTHONARCHDIR}/ntp',
includes=[ctx.bldnode.parent.abspath(), "../include"],
- source=["pymodule.c"] + libntp_source_sharable,
+ source=["pymodule.c", "pymodule-mac.c"] + libntp_source_sharable,
target="../pylib/ntpc", # Put the output in the pylib directory
use="M RT CRYPTO",
)
=====================================
ntpd/ntp_config.c
=====================================
@@ -1643,7 +1643,7 @@ config_access(
break;
case T_Nopeer:
- flags |= RES_NOPEER;
+ msyslog(LOG_ERR, "CONFIG: restrict nopeer ignored");
break;
case T_Noquery:
@@ -1655,12 +1655,7 @@ config_access(
break;
case T_Notrap:
- /*
- * No-op - included for backward compatibility
- * with all the world's boilerplate ntp.conf
- * files.
- */
- flags |= RES_NOTRAP;
+ msyslog(LOG_ERR, "CONFIG: restrict notrap ignored");
break;
case T_Notrust:
@@ -1692,16 +1687,6 @@ config_access(
msyslog(LOG_WARNING, "CONFIG: restrict %s: %s", kod_where, kod_warn);
}
- if (RES_NOTRAP & flags) {
- const char *notrap_where = (my_node->addr)
- ? my_node->addr->address
- : (mflags & RESM_SOURCE)
- ? "source"
- : "default";
-
- msyslog(LOG_WARNING, "CONFIG: restrict %s: notrap keyword is ignored.", notrap_where);
- }
-
ZERO_SOCK(&addr);
pai = NULL;
restrict_default = false;
=====================================
ntpd/ntp_proto.c
=====================================
@@ -472,7 +472,7 @@ static bool is_kod(
/* Check the restrictions which can be checked just based on the source
IP address and the first byte of the packet, namely RES_IGNORE,
- RES_FLAKE, RES_FLAKE, RES_NOQUERY, RES_DONTSERVE, and RES_VERSION. */
+ RES_FLAKE, RES_NOQUERY, RES_DONTSERVE, and RES_VERSION. */
static bool check_early_restrictions(
struct recvbuf const* rbufp,
@@ -2460,7 +2460,6 @@ dns_take_pool(
poll_update(peer, peer->hpoll);
restrict_mask = restrictions(&peer->srcadr);
- /* FIXME-DNS: RES_FLAGS includes RES_DONTSERVE?? */
if (RES_FLAGS & restrict_mask) {
msyslog(LOG_INFO, "DNS: Pool poking hole in restrictions for: %s",
socktoa(&peer->srcadr));
=====================================
ntpd/ntp_sandbox.c
=====================================
@@ -301,8 +301,6 @@ int scmp_sc[] = {
* these from the list.
*/
- SCMP_SYS(getdents), /* Scanning /etc/ntp.d/ */
- SCMP_SYS(getdents64),
#ifdef __NR_prlimit64
SCMP_SYS(prlimit64), /* 64 bit Fedora 26 with early_droproot*/
#endif
@@ -325,7 +323,8 @@ int scmp_sc[] = {
SCMP_SYS(fstat),
SCMP_SYS(fsync),
SCMP_SYS(futex), /* sem_xxx, used by threads */
-
+ SCMP_SYS(getdents), /* Scanning /etc/ntp.d/ */
+ SCMP_SYS(getdents64),
#ifdef __NR_getrandom
SCMP_SYS(getrandom), /* Added in 3.17 kernel */
=====================================
ntpd/nts_client.c
=====================================
@@ -267,7 +267,7 @@ int open_TCP_socket(struct peer *peer, const char *hostname) {
}
if (NULL == tmp) {
/* simple case, no : */
- strlcpy(port, NTS_KE_PORTA_OLD, sizeof(port));
+ strlcpy(port, NTS_KE_PORTA, sizeof(port));
} else {
/* Complicated case, found a : */
*tmp++ = 0;
@@ -747,7 +747,7 @@ bool nts_server_lookup(char *server, sockaddr_u *addr, int af) {
hints.ai_socktype = SOCK_DGRAM;
hints.ai_family = af;
- gai_rc = getaddrinfo(server, NTS_KE_PORTA_OLD, &hints, &answer);
+ gai_rc = getaddrinfo(server, NTS_KE_PORTA, &hints, &answer);
if (0 != gai_rc) {
msyslog(LOG_INFO, "NTSc: DNS error trying to lookup %s: %d, %s",
server, gai_rc, gai_strerror(gai_rc));
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/e2eda5d072d8888e198d81a05700a405229acee0...6f72d3bfb0614b24219e69d990d3701393eb92ae
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/compare/e2eda5d072d8888e198d81a05700a405229acee0...6f72d3bfb0614b24219e69d990d3701393eb92ae
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20200710/e444cd07/attachment-0001.htm>
More information about the vc
mailing list