chrony

History

Miroslav Lichvar 4a219ecbf1 hash: drop support for RIPEMD hash functions An analysis by Tim Ruffing [1] shows that a length extension attack adding valid extension fields to NTPv4 packets is possible with some specific key lengths and hash functions using little-endian length like MD5 and RIPEMD160. chronyd currently doesn't process or generate any extension fields, but it could be a problem in future when a non-authentication extension field is supported. Drop support for all RIPEMD functions as they don't seem to be secure in the context of the NTPv4 MAC. MD5 is kept only for compatibility. [1] https://mailarchive.ietf.org/arch/msg/ntp/gvibuB6bTbDRBumfHNdJ84Kq4kA		2019-09-24 11:32:31 +02:00
..
addrfilt.c	test: fix DEBUG_LOG use in unit tests	2017-03-13 12:04:26 +01:00
clientlog.c	fix printf()/scanf() format signedness	2018-06-20 16:57:04 +02:00
hash.c	hash: drop support for RIPEMD hash functions	2019-09-24 11:32:31 +02:00
hwclock.c	update copyright years	2018-09-12 11:38:10 +02:00
keys.c	test: fix keys unit test	2017-09-01 11:28:55 +02:00
Makefile.in	test: fix Makefile to not create .deps in project root	2018-09-19 16:38:15 +02:00
ntp_core.c	ntp: skip loop test if no server socket is open	2019-09-12 13:01:18 +02:00
ntp_core.keys	test: extend ntp_core unit test	2018-08-28 18:27:03 +02:00
ntp_sources.c	test: fix tests to skip when missing required feature	2018-09-27 11:42:38 +02:00
regress.c	test: add regress unit test	2017-06-27 15:29:01 +02:00
samplefilt.c	test: fix samplefilt unit test to work with low-precision clock	2018-09-10 14:56:03 +02:00
smooth.c	main: don't require root privileges with -Q option	2017-07-13 16:10:54 +02:00
sources.c	update copyright years	2018-09-12 11:38:10 +02:00
test.c	test: fix building of unit tests	2019-07-16 13:46:37 +02:00
test.h	test: allow unit tests to be skipped	2018-09-27 11:42:38 +02:00
util.c	test: add copyright header to util unit test	2019-08-27 17:11:49 +02:00