[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntp-bugs
Subject:    [ntp:bugs] [Bug 2879] Improve NTP security against timing attacks
From:       bugzilla-daemon () ntp ! org
Date:       2015-12-12 10:44:34
Message-ID: bug-2879-1197-OAcAUXD68c () http ! bugs ! ntp ! org/
[Download RAW message or body]

https://bugs.ntp.org/show_bug.cgi?id=2879

Juergen Perlinger <perlinger@ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|IN_PROGRESS                 |READY

--- Comment #5 from Juergen Perlinger <perlinger@ntp.org> 2015-12-12 10:44:34 UTC ---
Loganaden, thanks for the patch.

Unfortunately there have been several issues I had to address when integrating
your changes:

1. The code for 'timingsafe_memcmp()' you gave is *not* portable C. I know this
thing is out in the wild, but that doesn't make it portable. (I think I
remember a discussion about this issue earlier this year.)

2.) You patched libisc to use a function from libntp, while it should be the
other way round.

So I rewrote the compare from scratch in a way that should not exhibit any
platform dependencies (well, 'unsigned int' must be wider than 'unsigned
char'...) and placed it under the lib/isc subtree. That resulted in some
renaming. There was also actually one instance where using the time-safe
compare was not necessary, as only the existence of a non-null digest was
tested.

And I added some unit tests for the compare function.

Harlan, the repo is in

   psp.ntp.org:~perlinger/ntp-stable-2879

-- 
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
bugs-announce mailing list
bugs-announce@lists.ntp.org
http://lists.ntp.org/listinfo/bugs-announce
[prev in list] [next in list] [prev in thread] [next in thread]