fdfcabd79b
Don't accept NTPv4 packets which have a MAC longer than 24 octets to strictly follow RFC 7822, which specifies the maximum length of a MAC and the minimum length of the last extension field to avoid an ambiguity in parsing of the packet. This removes an ugly hack that was needed to accept packets that contained one or more extension fields without a MAC, before RFC 7822 was written and NTP implementations started using truncated MACs. The long MACs were used by chrony in versions 2.x when configured to authenticate a server or peer with a key using a 256-bit or longer hash (e.g. SHA256). For compatibility with chrony >= 4.0, these clients/peers will need to have "version 3" added to the server/peer line in chrony.conf. |
||
|---|---|---|
| .. | ||
| compilation | ||
| kernel | ||
| simulation | ||
| system | ||
| unit | ||