[pkg-ntp-maintainers] Bug#562065: Bug#562065: ntp server didn't support mssntp
Matthieu Patou
mat at matws.net
Tue Dec 22 18:53:00 UTC 2009
On 22/12/2009 20:53, Kurt Roeckx wrote:
> On Tue, Dec 22, 2009 at 02:33:54PM +0300, Matthieu Patou wrote:
>> Subject: ntp server didn't support mssntp
>> Package: ntp
>> Version: 4.2.4p4+dfsg-8lenny3
>> Severity: wishlist
>> Tags: patch
>
> You tagged it patch, but you don't provide any patch?
No good excuse, but I was missing a category saying that the patch is
already in the upstream source.
>
>> Current version of ntp in debian do not support MS SNTP extension.
> [...]
>> Version 4.2.6 of ntp (released on 12/12/09) now include patches for
>> allowing this extension but must be complied specifically with the
>> option --enable-ntp-signd to effectively build this extension.
>
> So this is a wishlist bug asking for a new upstream version
> with tht configure option? Any idea why this isn't on by default?
See the talk in this bug
https://support.ntp.org/bugs/show_bug.cgi?id=1405. Basically I'll say
that Ph. D. Mills is a bit overcautious as he don't want ntp to be
blamed for an admin that activated this option and get flooded. It's in
fact the same problem as refclock that has to be explicitly activated
during configure if you want to have it (as debian does).
I am not of course willing to make debian user run a risk when using the
new version of ntp with this extension. So it must be noted that even if
the extension is built in the ntp server it must be opted in to start to
work. This piece of code protects the emission to the signed socket:
if (flags & RES_MSSNTP) {
send_via_ntp_signd(rbufp, xmode, xkeyid, flags, &xpkt);
return;
}
If no restrict is defined or if didn't match the user ip address then
the send_via_ntp_signd is not called.
It's obvious that any publicly available server shoudn't have this
activated.
In any case if this option is activated and no samba4 server is there to
answer (because the admin has misconfigurated his/her server). There
will be no such hang. The local kernel knows if the socket does not
exist, or no process is bound to it (because the author of the patch
choose to use unix domain socket).
(from an strace of ux_client, the code I based the ntp code on):
connect(3, {sa_family=AF_FILE, path="/tmp/ux_demo"}, 110) = -1
ECONNREFUSED (Connection refused)
So it will cost 1 syscall.
Of course if the option is activated and a samba4 server is running then
there is a risk of DOS _but_ it means that the admin is making his
active directory directly available on internet so I guess that there
worse problems in this case.
Matthieu.
More information about the pkg-ntp-maintainers
mailing list