ntp: fix definition of minimum and maximum MAC length
The NTP_*_MAC_LENGTH macros didn't include the key ID, which caused the NTP authentication check to ignore MACs with 512-bit hashes (SHA512, WHIRLPOOL). This was broken since update to NTPv4.
This commit is contained in:
Miroslav Lichvar
parent
46e1e79921
commit
5e61c002a6
1 changed files with 3 additions and 3 deletions
6
ntp.h
6
ntp.h
|
|
@ -53,8 +53,8 @@ typedef uint32_t NTP_int32;
|
|||
#define NTP_MAX_EXTENSIONS_LENGTH 1024
|
||||
|
||||
/* The minimum and maximum supported length of MAC */
|
||||
#define NTP_MIN_MAC_LENGTH 16
|
||||
#define NTP_MAX_MAC_LENGTH MAX_HASH_LENGTH
|
||||
#define NTP_MIN_MAC_LENGTH (4 + 16)
|
||||
#define NTP_MAX_MAC_LENGTH (4 + MAX_HASH_LENGTH)
|
||||
|
||||
/* Type definition for leap bits */
|
||||
typedef enum {
|
||||
|
|
@ -91,7 +91,7 @@ typedef struct {
|
|||
|
||||
/* Optional message authentication code (MAC) */
|
||||
NTP_int32 auth_keyid;
|
||||
uint8_t auth_data[NTP_MAX_MAC_LENGTH];
|
||||
uint8_t auth_data[NTP_MAX_MAC_LENGTH - 4];
|
||||
} NTP_Packet;
|
||||
|
||||
#define NTP_NORMAL_PACKET_LENGTH (int)offsetof(NTP_Packet, auth_keyid)
|
||||
|
|
|
|||
Loading…
Reference in a new issue