From dbbdd5af0661bdbe51c0d35e5c93668275b5b60a Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 22 Nov 2021 16:44:24 +0100 Subject: [PATCH] ntp: make default NTP version with xleave to be always 4 If the xleave option is enabled, ignore the key option and the hash length. Always use version 4 as the default to get interleaved responses from new chrony servers. --- doc/chrony.conf.adoc | 9 +++++---- ntp_core.c | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/doc/chrony.conf.adoc b/doc/chrony.conf.adoc index 6f734d2..21a8d75 100644 --- a/doc/chrony.conf.adoc +++ b/doc/chrony.conf.adoc @@ -273,10 +273,11 @@ sources are unreachable. *version* _version_::: This option sets the NTP version of packets sent to the server. This can be useful when the server runs an old NTP implementation that does not respond to -requests using a newer version. The default version depends on whether a key is -specified by the *key* option and which authentication hash function the key -is using. If the output size of the hash function is longer than 160 bits, the -default version is 3 for compatibility with older *chronyd* servers. Otherwise, +requests using a newer version. The default version depends on other options. +If the *extfield* or *xleave* option is used, the default version is 4. If +those options are not used and the *key* option specifies a key using a hash +function with output size longer than 160 bits (e.g. SHA256), the default +version is 3 for compatibility with older *chronyd* servers. In other cases, the default version is 4. *copy*::: This option specifies that the server and client are closely related, their diff --git a/ntp_core.c b/ntp_core.c index a0ed651..945aec9 100644 --- a/ntp_core.c +++ b/ntp_core.c @@ -620,7 +620,7 @@ NCR_CreateInstance(NTP_Remote_Address *remote_addr, NTP_Source_Type type, result->auth = NAU_CreateNoneInstance(); } - if (result->ext_field_flags) + if (result->ext_field_flags || result->interleaved) result->version = NTP_VERSION; else result->version = NAU_GetSuggestedNtpVersion(result->auth);