faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
chrony/test
History
Miroslav Lichvar 689605b6a2 nts: switch client to compliant key exporter on NTS NAK 
Implement a fallback for the NTS-NTP client to switch to the compliant
AES-128-GCM-SIV exporter context when the server is using the compliant
context, but does not support the new NTS-KE record negotiating its use,
assuming it can respond with an NTS NAK to the request authenticated
with the incorrect key.

Export both sets of keys when processing the NTS-KE response. If an NTS
NAK is the only valid response from the server after the last NTS-KE
session, switch to the keys exported with the compliant context for the
following requests instead of dropping all cookies and restarting
NTS-KE. Don't switch back to the original keys if an NTS NAK is received
again.
2024-10-03 15:02:03 +02:00
..
compilation test: add --enable-debug option to 002-scanbuild 2024-04-11 12:53:01 +02:00
kernel test: extend frequency in ntp_adjtime() test 2020-08-31 10:17:21 +02:00
simulation test: make 110-chronyc more reliable 2024-08-29 09:37:50 +02:00
system conf: don't repeat error message when adding sourcedir source 2024-08-07 09:48:24 +02:00
unit nts: switch client to compliant key exporter on NTS NAK 2024-10-03 15:02:03 +02:00