[Git][NTPsec/ntpsec][master] Address Fitlab issue #699: ntpkeygen generates insecure keys

Eric S. Raymond (@esr) gitlab at mg.gitlab.com
Tue May 11 12:08:30 UTC 2021



Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
b09be47d by Eric S. Raymond at 2021-05-11T08:10:10-04:00
Address Fitlab issue #699: ntpkeygen generates insecure keys

- - - - -


1 changed file:

- ntpclients/ntpkeygen.py


Changes:

=====================================
ntpclients/ntpkeygen.py
=====================================
@@ -33,7 +33,8 @@ try:
         if asciified:
             result = ''
             for index in range(bytes):
-                result += chr(0x21 + secrets.randbelow(0x5d))
+                # Start ASCII characters with 0x24 so as not to include comment-beginning #
+                result += chr(0x24 + secrets.randbelow(0x5a))
             return result
         else:
             return secrets.token_hex(bytes)
@@ -43,7 +44,8 @@ except ImportError:
         result = ''
         if asciified:
             for index in range(bytes):
-                result += chr(random.randint(0x21, 0x7e))
+                # Start ASCII characters with 0x24 so as not to include comment-beginning #
+                result += chr(random.randint(0x24, 0x7e))
         else:
             for index in range(bytes):
                 result += "%02x" % random.randint(0x0, 0xff)



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/b09be47d650280cc7ebdcd45dfa07eca4b9a52f8

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/b09be47d650280cc7ebdcd45dfa07eca4b9a52f8
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20210511/6071e44e/attachment.htm>


More information about the vc mailing list