| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | /* $NetBSD: ntp_crypto.c,v 1.13.18.1 2009/01/16 02:48:56 snj Exp $ */ | | 1 | /* $NetBSD: ntp_crypto.c,v 1.13.18.1.2.1 2009/05/26 04:20:14 snj Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * ntp_crypto.c - NTP version 4 public key routines | | 4 | * ntp_crypto.c - NTP version 4 public key routines |
5 | */ | | 5 | */ |
6 | #ifdef HAVE_CONFIG_H | | 6 | #ifdef HAVE_CONFIG_H |
7 | #include <config.h> | | 7 | #include <config.h> |
8 | #endif | | 8 | #endif |
9 | | | 9 | |
10 | #ifdef OPENSSL | | 10 | #ifdef OPENSSL |
11 | #include <stdio.h> | | 11 | #include <stdio.h> |
12 | #include <sys/types.h> | | 12 | #include <sys/types.h> |
13 | #include <sys/param.h> | | 13 | #include <sys/param.h> |
14 | #include <unistd.h> | | 14 | #include <unistd.h> |
| @@ -562,27 +562,27 @@ crypto_recv( | | | @@ -562,27 +562,27 @@ crypto_recv( |
562 | | | 562 | |
563 | /* | | 563 | /* |
564 | * Save status word, host name and message | | 564 | * Save status word, host name and message |
565 | * digest/signature type. | | 565 | * digest/signature type. |
566 | */ | | 566 | */ |
567 | peer->crypto = fstamp; | | 567 | peer->crypto = fstamp; |
568 | peer->digest = dp; | | 568 | peer->digest = dp; |
569 | peer->subject = emalloc(vallen + 1); | | 569 | peer->subject = emalloc(vallen + 1); |
570 | memcpy(peer->subject, ep->pkt, vallen); | | 570 | memcpy(peer->subject, ep->pkt, vallen); |
571 | peer->subject[vallen] = '\0'; | | 571 | peer->subject[vallen] = '\0'; |
572 | peer->issuer = emalloc(vallen + 1); | | 572 | peer->issuer = emalloc(vallen + 1); |
573 | strcpy(peer->issuer, peer->subject); | | 573 | strcpy(peer->issuer, peer->subject); |
574 | temp32 = (fstamp >> 16) & 0xffff; | | 574 | temp32 = (fstamp >> 16) & 0xffff; |
575 | sprintf(statstr, | | 575 | snprintf(statstr, NTP_MAXSTRLEN, |
576 | "flags 0x%x host %s signature %s", fstamp, | | 576 | "flags 0x%x host %s signature %s", fstamp, |
577 | peer->subject, OBJ_nid2ln(temp32)); | | 577 | peer->subject, OBJ_nid2ln(temp32)); |
578 | record_crypto_stats(&peer->srcadr, statstr); | | 578 | record_crypto_stats(&peer->srcadr, statstr); |
579 | #ifdef DEBUG | | 579 | #ifdef DEBUG |
580 | if (debug) | | 580 | if (debug) |
581 | printf("crypto_recv: %s\n", statstr); | | 581 | printf("crypto_recv: %s\n", statstr); |
582 | #endif | | 582 | #endif |
583 | break; | | 583 | break; |
584 | | | 584 | |
585 | /* | | 585 | /* |
586 | * Decode X509 certificate in ASN.1 format and extract | | 586 | * Decode X509 certificate in ASN.1 format and extract |
587 | * the data containing, among other things, subject | | 587 | * the data containing, among other things, subject |
588 | * name and public key. In the default identification | | 588 | * name and public key. In the default identification |
| @@ -628,27 +628,28 @@ crypto_recv( | | | @@ -628,27 +628,28 @@ crypto_recv( |
628 | * that this certificate might not be signed by | | 628 | * that this certificate might not be signed by |
629 | * the server, so we can't check the | | 629 | * the server, so we can't check the |
630 | * signature/digest NID. | | 630 | * signature/digest NID. |
631 | */ | | 631 | */ |
632 | if (peer->pkey == NULL) { | | 632 | if (peer->pkey == NULL) { |
633 | ptr = (u_char *)cinfo->cert.ptr; | | 633 | ptr = (u_char *)cinfo->cert.ptr; |
634 | cert = d2i_X509(NULL, &ptr, | | 634 | cert = d2i_X509(NULL, &ptr, |
635 | ntohl(cinfo->cert.vallen)); | | 635 | ntohl(cinfo->cert.vallen)); |
636 | peer->pkey = X509_get_pubkey(cert); | | 636 | peer->pkey = X509_get_pubkey(cert); |
637 | X509_free(cert); | | 637 | X509_free(cert); |
638 | } | | 638 | } |
639 | peer->flash &= ~TEST8; | | 639 | peer->flash &= ~TEST8; |
640 | temp32 = cinfo->nid; | | 640 | temp32 = cinfo->nid; |
641 | sprintf(statstr, "cert %s 0x%x %s (%u) fs %u", | | 641 | snprintf(statstr, NTP_MAXSTRLEN, |
| | | 642 | "cert %s 0x%x %s (%u) fs %u", |
642 | cinfo->subject, cinfo->flags, | | 643 | cinfo->subject, cinfo->flags, |
643 | OBJ_nid2ln(temp32), temp32, | | 644 | OBJ_nid2ln(temp32), temp32, |
644 | ntohl(ep->fstamp)); | | 645 | ntohl(ep->fstamp)); |
645 | record_crypto_stats(&peer->srcadr, statstr); | | 646 | record_crypto_stats(&peer->srcadr, statstr); |
646 | #ifdef DEBUG | | 647 | #ifdef DEBUG |
647 | if (debug) | | 648 | if (debug) |
648 | printf("crypto_recv: %s\n", statstr); | | 649 | printf("crypto_recv: %s\n", statstr); |
649 | #endif | | 650 | #endif |
650 | break; | | 651 | break; |
651 | | | 652 | |
652 | /* | | 653 | /* |
653 | * Schnorr (IFF)identity scheme. This scheme is designed | | 654 | * Schnorr (IFF)identity scheme. This scheme is designed |
654 | * for use with shared secret group keys and where the | | 655 | * for use with shared secret group keys and where the |
| @@ -677,27 +678,27 @@ crypto_recv( | | | @@ -677,27 +678,27 @@ crypto_recv( |
677 | * the certificate public key, as well as the | | 678 | * the certificate public key, as well as the |
678 | * server public key, signatyre and identity are | | 679 | * server public key, signatyre and identity are |
679 | * all verified at the same time. The server is | | 680 | * all verified at the same time. The server is |
680 | * declared trusted, so we skip further | | 681 | * declared trusted, so we skip further |
681 | * certificate stages and move immediately to | | 682 | * certificate stages and move immediately to |
682 | * the cookie stage. | | 683 | * the cookie stage. |
683 | */ | | 684 | */ |
684 | if ((rval = crypto_iff(ep, peer)) != XEVNT_OK) | | 685 | if ((rval = crypto_iff(ep, peer)) != XEVNT_OK) |
685 | break; | | 686 | break; |
686 | | | 687 | |
687 | peer->crypto |= CRYPTO_FLAG_VRFY | | | 688 | peer->crypto |= CRYPTO_FLAG_VRFY | |
688 | CRYPTO_FLAG_PROV; | | 689 | CRYPTO_FLAG_PROV; |
689 | peer->flash &= ~TEST8; | | 690 | peer->flash &= ~TEST8; |
690 | sprintf(statstr, "iff fs %u", | | 691 | snprintf(statstr, NTP_MAXSTRLEN, "iff fs %u", |
691 | ntohl(ep->fstamp)); | | 692 | ntohl(ep->fstamp)); |
692 | record_crypto_stats(&peer->srcadr, statstr); | | 693 | record_crypto_stats(&peer->srcadr, statstr); |
693 | #ifdef DEBUG | | 694 | #ifdef DEBUG |
694 | if (debug) | | 695 | if (debug) |
695 | printf("crypto_recv: %s\n", statstr); | | 696 | printf("crypto_recv: %s\n", statstr); |
696 | #endif | | 697 | #endif |
697 | break; | | 698 | break; |
698 | | | 699 | |
699 | /* | | 700 | /* |
700 | * Guillou-Quisquater (GQ) identity scheme. This scheme | | 701 | * Guillou-Quisquater (GQ) identity scheme. This scheme |
701 | * is designed for use with public certificates carrying | | 702 | * is designed for use with public certificates carrying |
702 | * the GQ public key in an extension field. The client | | 703 | * the GQ public key in an extension field. The client |
703 | * sends a challenge to the server, which performs a | | 704 | * sends a challenge to the server, which performs a |
| @@ -725,27 +726,27 @@ crypto_recv( | | | @@ -725,27 +726,27 @@ crypto_recv( |
725 | * the certificate public key, as well as the | | 726 | * the certificate public key, as well as the |
726 | * server public key, signatyre and identity are | | 727 | * server public key, signatyre and identity are |
727 | * all verified at the same time. The server is | | 728 | * all verified at the same time. The server is |
728 | * declared trusted, so we skip further | | 729 | * declared trusted, so we skip further |
729 | * certificate stages and move immediately to | | 730 | * certificate stages and move immediately to |
730 | * the cookie stage. | | 731 | * the cookie stage. |
731 | */ | | 732 | */ |
732 | if ((rval = crypto_gq(ep, peer)) != XEVNT_OK) | | 733 | if ((rval = crypto_gq(ep, peer)) != XEVNT_OK) |
733 | break; | | 734 | break; |
734 | | | 735 | |
735 | peer->crypto |= CRYPTO_FLAG_VRFY | | | 736 | peer->crypto |= CRYPTO_FLAG_VRFY | |
736 | CRYPTO_FLAG_PROV; | | 737 | CRYPTO_FLAG_PROV; |
737 | peer->flash &= ~TEST8; | | 738 | peer->flash &= ~TEST8; |
738 | sprintf(statstr, "gq fs %u", | | 739 | snprintf(statstr, NTP_MAXSTRLEN, "gq fs %u", |
739 | ntohl(ep->fstamp)); | | 740 | ntohl(ep->fstamp)); |
740 | record_crypto_stats(&peer->srcadr, statstr); | | 741 | record_crypto_stats(&peer->srcadr, statstr); |
741 | #ifdef DEBUG | | 742 | #ifdef DEBUG |
742 | if (debug) | | 743 | if (debug) |
743 | printf("crypto_recv: %s\n", statstr); | | 744 | printf("crypto_recv: %s\n", statstr); |
744 | #endif | | 745 | #endif |
745 | break; | | 746 | break; |
746 | | | 747 | |
747 | /* | | 748 | /* |
748 | * MV | | 749 | * MV |
749 | */ | | 750 | */ |
750 | case CRYPTO_MV | CRYPTO_RESP: | | 751 | case CRYPTO_MV | CRYPTO_RESP: |
751 | | | 752 | |
| @@ -766,27 +767,27 @@ crypto_recv( | | | @@ -766,27 +767,27 @@ crypto_recv( |
766 | * the certificate public key, as well as the | | 767 | * the certificate public key, as well as the |
767 | * server public key, signatyre and identity are | | 768 | * server public key, signatyre and identity are |
768 | * all verified at the same time. The server is | | 769 | * all verified at the same time. The server is |
769 | * declared trusted, so we skip further | | 770 | * declared trusted, so we skip further |
770 | * certificate stages and move immediately to | | 771 | * certificate stages and move immediately to |
771 | * the cookie stage. | | 772 | * the cookie stage. |
772 | */ | | 773 | */ |
773 | if ((rval = crypto_mv(ep, peer)) != XEVNT_OK) | | 774 | if ((rval = crypto_mv(ep, peer)) != XEVNT_OK) |
774 | break; | | 775 | break; |
775 | | | 776 | |
776 | peer->crypto |= CRYPTO_FLAG_VRFY | | | 777 | peer->crypto |= CRYPTO_FLAG_VRFY | |
777 | CRYPTO_FLAG_PROV; | | 778 | CRYPTO_FLAG_PROV; |
778 | peer->flash &= ~TEST8; | | 779 | peer->flash &= ~TEST8; |
779 | sprintf(statstr, "mv fs %u", | | 780 | snprintf(statstr, NTP_MAXSTRLEN, "mv fs %u", |
780 | ntohl(ep->fstamp)); | | 781 | ntohl(ep->fstamp)); |
781 | record_crypto_stats(&peer->srcadr, statstr); | | 782 | record_crypto_stats(&peer->srcadr, statstr); |
782 | #ifdef DEBUG | | 783 | #ifdef DEBUG |
783 | if (debug) | | 784 | if (debug) |
784 | printf("crypto_recv: %s\n", statstr); | | 785 | printf("crypto_recv: %s\n", statstr); |
785 | #endif | | 786 | #endif |
786 | break; | | 787 | break; |
787 | | | 788 | |
788 | /* | | 789 | /* |
789 | * Cookie request in symmetric modes. Roll a random | | 790 | * Cookie request in symmetric modes. Roll a random |
790 | * cookie and install in symmetric mode. Encrypt for the | | 791 | * cookie and install in symmetric mode. Encrypt for the |
791 | * response, which is transmitted later. | | 792 | * response, which is transmitted later. |
792 | */ | | 793 | */ |
| @@ -820,27 +821,27 @@ crypto_recv( | | | @@ -820,27 +821,27 @@ crypto_recv( |
820 | | | 821 | |
821 | /* | | 822 | /* |
822 | * Install cookie values and light the cookie | | 823 | * Install cookie values and light the cookie |
823 | * bit. The transmit side will pick up and | | 824 | * bit. The transmit side will pick up and |
824 | * encrypt it for the response. | | 825 | * encrypt it for the response. |
825 | */ | | 826 | */ |
826 | key_expire(peer); | | 827 | key_expire(peer); |
827 | peer->cookval.tstamp = ep->tstamp; | | 828 | peer->cookval.tstamp = ep->tstamp; |
828 | peer->cookval.fstamp = ep->fstamp; | | 829 | peer->cookval.fstamp = ep->fstamp; |
829 | RAND_bytes((u_char *)&peer->pcookie, 4); | | 830 | RAND_bytes((u_char *)&peer->pcookie, 4); |
830 | peer->crypto &= ~CRYPTO_FLAG_AUTO; | | 831 | peer->crypto &= ~CRYPTO_FLAG_AUTO; |
831 | peer->crypto |= CRYPTO_FLAG_AGREE; | | 832 | peer->crypto |= CRYPTO_FLAG_AGREE; |
832 | peer->flash &= ~TEST8; | | 833 | peer->flash &= ~TEST8; |
833 | sprintf(statstr, "cook %x ts %u fs %u", | | 834 | snprintf(statstr, NTP_MAXSTRLEN, "cook %x ts %u fs %u", |
834 | peer->pcookie, ntohl(ep->tstamp), | | 835 | peer->pcookie, ntohl(ep->tstamp), |
835 | ntohl(ep->fstamp)); | | 836 | ntohl(ep->fstamp)); |
836 | record_crypto_stats(&peer->srcadr, statstr); | | 837 | record_crypto_stats(&peer->srcadr, statstr); |
837 | #ifdef DEBUG | | 838 | #ifdef DEBUG |
838 | if (debug) | | 839 | if (debug) |
839 | printf("crypto_recv: %s\n", statstr); | | 840 | printf("crypto_recv: %s\n", statstr); |
840 | #endif | | 841 | #endif |
841 | break; | | 842 | break; |
842 | | | 843 | |
843 | /* | | 844 | /* |
844 | * Cookie response in client and symmetric modes. If the | | 845 | * Cookie response in client and symmetric modes. If the |
845 | * cookie bit is set, the working cookie is the EXOR of | | 846 | * cookie bit is set, the working cookie is the EXOR of |
846 | * the current and new values. | | 847 | * the current and new values. |
| @@ -885,27 +886,27 @@ crypto_recv( | | | @@ -885,27 +886,27 @@ crypto_recv( |
885 | peer->cookval.tstamp = ep->tstamp; | | 886 | peer->cookval.tstamp = ep->tstamp; |
886 | peer->cookval.fstamp = ep->fstamp; | | 887 | peer->cookval.fstamp = ep->fstamp; |
887 | if (peer->crypto & CRYPTO_FLAG_AGREE) | | 888 | if (peer->crypto & CRYPTO_FLAG_AGREE) |
888 | peer->pcookie ^= cookie; | | 889 | peer->pcookie ^= cookie; |
889 | else | | 890 | else |
890 | peer->pcookie = cookie; | | 891 | peer->pcookie = cookie; |
891 | if (peer->hmode == MODE_CLIENT && | | 892 | if (peer->hmode == MODE_CLIENT && |
892 | !(peer->cast_flags & MDF_BCLNT)) | | 893 | !(peer->cast_flags & MDF_BCLNT)) |
893 | peer->crypto |= CRYPTO_FLAG_AUTO; | | 894 | peer->crypto |= CRYPTO_FLAG_AUTO; |
894 | else | | 895 | else |
895 | peer->crypto &= ~CRYPTO_FLAG_AUTO; | | 896 | peer->crypto &= ~CRYPTO_FLAG_AUTO; |
896 | peer->crypto |= CRYPTO_FLAG_AGREE; | | 897 | peer->crypto |= CRYPTO_FLAG_AGREE; |
897 | peer->flash &= ~TEST8; | | 898 | peer->flash &= ~TEST8; |
898 | sprintf(statstr, "cook %x ts %u fs %u", | | 899 | snprintf(statstr, NTP_MAXSTRLEN, "cook %x ts %u fs %u", |
899 | peer->pcookie, ntohl(ep->tstamp), | | 900 | peer->pcookie, ntohl(ep->tstamp), |
900 | ntohl(ep->fstamp)); | | 901 | ntohl(ep->fstamp)); |
901 | record_crypto_stats(&peer->srcadr, statstr); | | 902 | record_crypto_stats(&peer->srcadr, statstr); |
902 | #ifdef DEBUG | | 903 | #ifdef DEBUG |
903 | if (debug) | | 904 | if (debug) |
904 | printf("crypto_recv: %s\n", statstr); | | 905 | printf("crypto_recv: %s\n", statstr); |
905 | #endif | | 906 | #endif |
906 | break; | | 907 | break; |
907 | | | 908 | |
908 | /* | | 909 | /* |
909 | * Install autokey values in broadcast client and | | 910 | * Install autokey values in broadcast client and |
910 | * symmetric modes. We have to do this every time the | | 911 | * symmetric modes. We have to do this every time the |
911 | * sever/peer cookie changes or a new keylist is | | 912 | * sever/peer cookie changes or a new keylist is |
| @@ -936,27 +937,27 @@ crypto_recv( | | | @@ -936,27 +937,27 @@ crypto_recv( |
936 | */ | | 937 | */ |
937 | if (peer->recval.ptr == NULL) | | 938 | if (peer->recval.ptr == NULL) |
938 | peer->recval.ptr = | | 939 | peer->recval.ptr = |
939 | emalloc(sizeof(struct autokey)); | | 940 | emalloc(sizeof(struct autokey)); |
940 | bp = (struct autokey *)peer->recval.ptr; | | 941 | bp = (struct autokey *)peer->recval.ptr; |
941 | peer->recval.tstamp = ep->tstamp; | | 942 | peer->recval.tstamp = ep->tstamp; |
942 | peer->recval.fstamp = ep->fstamp; | | 943 | peer->recval.fstamp = ep->fstamp; |
943 | ap = (struct autokey *)ep->pkt; | | 944 | ap = (struct autokey *)ep->pkt; |
944 | bp->seq = ntohl(ap->seq); | | 945 | bp->seq = ntohl(ap->seq); |
945 | bp->key = ntohl(ap->key); | | 946 | bp->key = ntohl(ap->key); |
946 | peer->pkeyid = bp->key; | | 947 | peer->pkeyid = bp->key; |
947 | peer->crypto |= CRYPTO_FLAG_AUTO; | | 948 | peer->crypto |= CRYPTO_FLAG_AUTO; |
948 | peer->flash &= ~TEST8; | | 949 | peer->flash &= ~TEST8; |
949 | sprintf(statstr, | | 950 | snprintf(statstr, NTP_MAXSTRLEN, |
950 | "auto seq %d key %x ts %u fs %u", bp->seq, | | 951 | "auto seq %d key %x ts %u fs %u", bp->seq, |
951 | bp->key, ntohl(ep->tstamp), | | 952 | bp->key, ntohl(ep->tstamp), |
952 | ntohl(ep->fstamp)); | | 953 | ntohl(ep->fstamp)); |
953 | record_crypto_stats(&peer->srcadr, statstr); | | 954 | record_crypto_stats(&peer->srcadr, statstr); |
954 | #ifdef DEBUG | | 955 | #ifdef DEBUG |
955 | if (debug) | | 956 | if (debug) |
956 | printf("crypto_recv: %s\n", statstr); | | 957 | printf("crypto_recv: %s\n", statstr); |
957 | #endif | | 958 | #endif |
958 | break; | | 959 | break; |
959 | | | 960 | |
960 | /* | | 961 | /* |
961 | * X509 certificate sign response. Validate the | | 962 | * X509 certificate sign response. Validate the |
962 | * certificate signed by the server and install. Later | | 963 | * certificate signed by the server and install. Later |
| @@ -979,27 +980,28 @@ crypto_recv( | | | @@ -979,27 +980,28 @@ crypto_recv( |
979 | break; | | 980 | break; |
980 | | | 981 | |
981 | /* | | 982 | /* |
982 | * Scan the certificate list to delete old | | 983 | * Scan the certificate list to delete old |
983 | * versions and link the newest version first on | | 984 | * versions and link the newest version first on |
984 | * the list. | | 985 | * the list. |
985 | */ | | 986 | */ |
986 | if ((rval = cert_install(ep, peer)) != XEVNT_OK) | | 987 | if ((rval = cert_install(ep, peer)) != XEVNT_OK) |
987 | break; | | 988 | break; |
988 | | | 989 | |
989 | peer->crypto |= CRYPTO_FLAG_SIGN; | | 990 | peer->crypto |= CRYPTO_FLAG_SIGN; |
990 | peer->flash &= ~TEST8; | | 991 | peer->flash &= ~TEST8; |
991 | temp32 = cinfo->nid; | | 992 | temp32 = cinfo->nid; |
992 | sprintf(statstr, "sign %s 0x%x %s (%u) fs %u", | | 993 | snprintf(statstr, NTP_MAXSTRLEN, |
| | | 994 | "sign %s 0x%x %s (%u) fs %u", |
993 | cinfo->issuer, cinfo->flags, | | 995 | cinfo->issuer, cinfo->flags, |
994 | OBJ_nid2ln(temp32), temp32, | | 996 | OBJ_nid2ln(temp32), temp32, |
995 | ntohl(ep->fstamp)); | | 997 | ntohl(ep->fstamp)); |
996 | record_crypto_stats(&peer->srcadr, statstr); | | 998 | record_crypto_stats(&peer->srcadr, statstr); |
997 | #ifdef DEBUG | | 999 | #ifdef DEBUG |
998 | if (debug) | | 1000 | if (debug) |
999 | printf("crypto_recv: %s\n", statstr); | | 1001 | printf("crypto_recv: %s\n", statstr); |
1000 | #endif | | 1002 | #endif |
1001 | break; | | 1003 | break; |
1002 | | | 1004 | |
1003 | /* | | 1005 | /* |
1004 | * Install leapseconds table in symmetric modes. This | | 1006 | * Install leapseconds table in symmetric modes. This |
1005 | * table is proventicated to the NIST primary servers, | | 1007 | * table is proventicated to the NIST primary servers, |
| @@ -1063,27 +1065,28 @@ crypto_recv( | | | @@ -1063,27 +1065,28 @@ crypto_recv( |
1063 | if (ntohl(peer->tai_leap.fstamp) > | | 1065 | if (ntohl(peer->tai_leap.fstamp) > |
1064 | ntohl(tai_leap.fstamp)) { | | 1066 | ntohl(tai_leap.fstamp)) { |
1065 | tai_leap.fstamp = ep->fstamp; | | 1067 | tai_leap.fstamp = ep->fstamp; |
1066 | tai_leap.vallen = ep->vallen; | | 1068 | tai_leap.vallen = ep->vallen; |
1067 | if (tai_leap.ptr != NULL) | | 1069 | if (tai_leap.ptr != NULL) |
1068 | free(tai_leap.ptr); | | 1070 | free(tai_leap.ptr); |
1069 | tai_leap.ptr = emalloc(vallen); | | 1071 | tai_leap.ptr = emalloc(vallen); |
1070 | memcpy(tai_leap.ptr, ep->pkt, vallen); | | 1072 | memcpy(tai_leap.ptr, ep->pkt, vallen); |
1071 | crypto_update(); | | 1073 | crypto_update(); |
1072 | } | | 1074 | } |
1073 | crypto_flags |= CRYPTO_FLAG_TAI; | | 1075 | crypto_flags |= CRYPTO_FLAG_TAI; |
1074 | peer->crypto |= CRYPTO_FLAG_LEAP; | | 1076 | peer->crypto |= CRYPTO_FLAG_LEAP; |
1075 | peer->flash &= ~TEST8; | | 1077 | peer->flash &= ~TEST8; |
1076 | sprintf(statstr, "leap %u ts %u fs %u", vallen, | | 1078 | snprintf(statstr, NTP_MAXSTRLEN, |
| | | 1079 | "leap %u ts %u fs %u", vallen, |
1077 | ntohl(ep->tstamp), ntohl(ep->fstamp)); | | 1080 | ntohl(ep->tstamp), ntohl(ep->fstamp)); |
1078 | record_crypto_stats(&peer->srcadr, statstr); | | 1081 | record_crypto_stats(&peer->srcadr, statstr); |
1079 | #ifdef DEBUG | | 1082 | #ifdef DEBUG |
1080 | if (debug) | | 1083 | if (debug) |
1081 | printf("crypto_recv: %s\n", statstr); | | 1084 | printf("crypto_recv: %s\n", statstr); |
1082 | #endif | | 1085 | #endif |
1083 | break; | | 1086 | break; |
1084 | | | 1087 | |
1085 | /* | | 1088 | /* |
1086 | * We come here in symmetric modes for miscellaneous | | 1089 | * We come here in symmetric modes for miscellaneous |
1087 | * commands that have value fields but are processed on | | 1090 | * commands that have value fields but are processed on |
1088 | * the transmit side. All we need do here is check for | | 1091 | * the transmit side. All we need do here is check for |
1089 | * valid field length. Remaining checks are below and on | | 1092 | * valid field length. Remaining checks are below and on |
| @@ -1119,27 +1122,27 @@ crypto_recv( | | | @@ -1119,27 +1122,27 @@ crypto_recv( |
1119 | peer->cmmd = fp; | | 1122 | peer->cmmd = fp; |
1120 | } | | 1123 | } |
1121 | } | | 1124 | } |
1122 | | | 1125 | |
1123 | /* | | 1126 | /* |
1124 | * We don't log length/format/timestamp errors and | | 1127 | * We don't log length/format/timestamp errors and |
1125 | * duplicates, which are log clogging vulnerabilities. | | 1128 | * duplicates, which are log clogging vulnerabilities. |
1126 | * The first error found terminates the extension field | | 1129 | * The first error found terminates the extension field |
1127 | * scan and we return the laundry to the caller. A | | 1130 | * scan and we return the laundry to the caller. A |
1128 | * length/format/timestamp error on transmit is | | 1131 | * length/format/timestamp error on transmit is |
1129 | * cheerfully ignored, as the message is not sent. | | 1132 | * cheerfully ignored, as the message is not sent. |
1130 | */ | | 1133 | */ |
1131 | if (rval > XEVNT_TSP) { | | 1134 | if (rval > XEVNT_TSP) { |
1132 | sprintf(statstr, | | 1135 | snprintf(statstr, NTP_MAXSTRLEN, |
1133 | "error %x opcode %x ts %u fs %u", rval, | | 1136 | "error %x opcode %x ts %u fs %u", rval, |
1134 | code, tstamp, fstamp); | | 1137 | code, tstamp, fstamp); |
1135 | record_crypto_stats(&peer->srcadr, statstr); | | 1138 | record_crypto_stats(&peer->srcadr, statstr); |
1136 | report_event(rval, peer); | | 1139 | report_event(rval, peer); |
1137 | #ifdef DEBUG | | 1140 | #ifdef DEBUG |
1138 | if (debug) | | 1141 | if (debug) |
1139 | printf("crypto_recv: %s\n", statstr); | | 1142 | printf("crypto_recv: %s\n", statstr); |
1140 | #endif | | 1143 | #endif |
1141 | break; | | 1144 | break; |
1142 | | | 1145 | |
1143 | } else if (rval > XEVNT_OK && (code & CRYPTO_RESP)) { | | 1146 | } else if (rval > XEVNT_OK && (code & CRYPTO_RESP)) { |
1144 | rval = XEVNT_OK; | | 1147 | rval = XEVNT_OK; |
1145 | } | | 1148 | } |
| @@ -1445,27 +1448,28 @@ crypto_xmit( | | | @@ -1445,27 +1448,28 @@ crypto_xmit( |
1445 | * flag as error. | | 1448 | * flag as error. |
1446 | */ | | 1449 | */ |
1447 | default: | | 1450 | default: |
1448 | if (opcode & CRYPTO_RESP) | | 1451 | if (opcode & CRYPTO_RESP) |
1449 | rval = XEVNT_ERR; | | 1452 | rval = XEVNT_ERR; |
1450 | } | | 1453 | } |
1451 | | | 1454 | |
1452 | /* | | 1455 | /* |
1453 | * In case of error, flame the log. If a request, toss the | | 1456 | * In case of error, flame the log. If a request, toss the |
1454 | * puppy; if a response, return so the sender can flame, too. | | 1457 | * puppy; if a response, return so the sender can flame, too. |
1455 | */ | | 1458 | */ |
1456 | if (rval != XEVNT_OK) { | | 1459 | if (rval != XEVNT_OK) { |
1457 | opcode |= CRYPTO_ERROR; | | 1460 | opcode |= CRYPTO_ERROR; |
1458 | sprintf(statstr, "error %x opcode %x", rval, opcode); | | 1461 | snprintf(statstr, NTP_MAXSTRLEN, |
| | | 1462 | "error %x opcode %x", rval, opcode); |
1459 | record_crypto_stats(srcadr_sin, statstr); | | 1463 | record_crypto_stats(srcadr_sin, statstr); |
1460 | report_event(rval, NULL); | | 1464 | report_event(rval, NULL); |
1461 | #ifdef DEBUG | | 1465 | #ifdef DEBUG |
1462 | if (debug) | | 1466 | if (debug) |
1463 | printf("crypto_xmit: %s\n", statstr); | | 1467 | printf("crypto_xmit: %s\n", statstr); |
1464 | #endif | | 1468 | #endif |
1465 | if (!(opcode & CRYPTO_RESP)) | | 1469 | if (!(opcode & CRYPTO_RESP)) |
1466 | return (0); | | 1470 | return (0); |
1467 | } | | 1471 | } |
1468 | | | 1472 | |
1469 | /* | | 1473 | /* |
1470 | * Round up the field length to a multiple of 8 bytes and save | | 1474 | * Round up the field length to a multiple of 8 bytes and save |
1471 | * the request code and length. | | 1475 | * the request code and length. |
| @@ -1944,27 +1948,28 @@ crypto_update(void) | | | @@ -1944,27 +1948,28 @@ crypto_update(void) |
1944 | */ | | 1948 | */ |
1945 | if (tai_leap.vallen != 0) { | | 1949 | if (tai_leap.vallen != 0) { |
1946 | tai_leap.tstamp = hostval.tstamp; | | 1950 | tai_leap.tstamp = hostval.tstamp; |
1947 | tai_leap.siglen = 0; | | 1951 | tai_leap.siglen = 0; |
1948 | if (tai_leap.sig == NULL) | | 1952 | if (tai_leap.sig == NULL) |
1949 | tai_leap.sig = emalloc(sign_siglen); | | 1953 | tai_leap.sig = emalloc(sign_siglen); |
1950 | EVP_SignInit(&ctx, sign_digest); | | 1954 | EVP_SignInit(&ctx, sign_digest); |
1951 | EVP_SignUpdate(&ctx, (u_char *)&tai_leap, 12); | | 1955 | EVP_SignUpdate(&ctx, (u_char *)&tai_leap, 12); |
1952 | EVP_SignUpdate(&ctx, tai_leap.ptr, | | 1956 | EVP_SignUpdate(&ctx, tai_leap.ptr, |
1953 | ntohl(tai_leap.vallen)); | | 1957 | ntohl(tai_leap.vallen)); |
1954 | if (EVP_SignFinal(&ctx, tai_leap.sig, &len, sign_pkey)) | | 1958 | if (EVP_SignFinal(&ctx, tai_leap.sig, &len, sign_pkey)) |
1955 | tai_leap.siglen = htonl(len); | | 1959 | tai_leap.siglen = htonl(len); |
1956 | } | | 1960 | } |
1957 | sprintf(statstr, "update ts %u", ntohl(hostval.tstamp)); | | 1961 | snprintf(statstr, NTP_MAXSTRLEN, |
| | | 1962 | "update ts %u", ntohl(hostval.tstamp)); |
1958 | record_crypto_stats(NULL, statstr); | | 1963 | record_crypto_stats(NULL, statstr); |
1959 | #ifdef DEBUG | | 1964 | #ifdef DEBUG |
1960 | if (debug) | | 1965 | if (debug) |
1961 | printf("crypto_update: %s\n", statstr); | | 1966 | printf("crypto_update: %s\n", statstr); |
1962 | #endif | | 1967 | #endif |
1963 | } | | 1968 | } |
1964 | | | 1969 | |
1965 | | | 1970 | |
1966 | /* | | 1971 | /* |
1967 | * value_free - free value structure components. | | 1972 | * value_free - free value structure components. |
1968 | * | | 1973 | * |
1969 | * Returns void (no errors) | | 1974 | * Returns void (no errors) |
1970 | */ | | 1975 | */ |
| @@ -3598,27 +3603,27 @@ crypto_key( | | | @@ -3598,27 +3603,27 @@ crypto_key( |
3598 | pkey = PEM_read_PrivateKey(str, NULL, NULL, passwd); | | 3603 | pkey = PEM_read_PrivateKey(str, NULL, NULL, passwd); |
3599 | fclose(str); | | 3604 | fclose(str); |
3600 | if (pkey == NULL) { | | 3605 | if (pkey == NULL) { |
3601 | msyslog(LOG_ERR, "crypto_key %s\n", | | 3606 | msyslog(LOG_ERR, "crypto_key %s\n", |
3602 | ERR_error_string(ERR_get_error(), NULL)); | | 3607 | ERR_error_string(ERR_get_error(), NULL)); |
3603 | return (NULL); | | 3608 | return (NULL); |
3604 | } | | 3609 | } |
3605 | | | 3610 | |
3606 | /* | | 3611 | /* |
3607 | * Leave tracks in the cryptostats. | | 3612 | * Leave tracks in the cryptostats. |
3608 | */ | | 3613 | */ |
3609 | if ((ptr = strrchr(linkname, '\n')) != NULL) | | 3614 | if ((ptr = strrchr(linkname, '\n')) != NULL) |
3610 | *ptr = '\0'; | | 3615 | *ptr = '\0'; |
3611 | sprintf(statstr, "%s mod %d", &linkname[2], | | 3616 | snprintf(statstr, NTP_MAXSTRLEN, "%s mod %d", &linkname[2], |
3612 | EVP_PKEY_size(pkey) * 8); | | 3617 | EVP_PKEY_size(pkey) * 8); |
3613 | record_crypto_stats(NULL, statstr); | | 3618 | record_crypto_stats(NULL, statstr); |
3614 | #ifdef DEBUG | | 3619 | #ifdef DEBUG |
3615 | if (debug) | | 3620 | if (debug) |
3616 | printf("crypto_key: %s\n", statstr); | | 3621 | printf("crypto_key: %s\n", statstr); |
3617 | if (debug > 1) { | | 3622 | if (debug > 1) { |
3618 | if (pkey->type == EVP_PKEY_DSA) | | 3623 | if (pkey->type == EVP_PKEY_DSA) |
3619 | DSA_print_fp(stdout, pkey->pkey.dsa, 0); | | 3624 | DSA_print_fp(stdout, pkey->pkey.dsa, 0); |
3620 | else | | 3625 | else |
3621 | RSA_print_fp(stdout, pkey->pkey.rsa, 0); | | 3626 | RSA_print_fp(stdout, pkey->pkey.rsa, 0); |
3622 | } | | 3627 | } |
3623 | #endif | | 3628 | #endif |
3624 | return (pkey); | | 3629 | return (pkey); |
| @@ -3707,28 +3712,28 @@ crypto_cert( | | | @@ -3707,28 +3712,28 @@ crypto_cert( |
3707 | free(name); | | 3712 | free(name); |
3708 | | | 3713 | |
3709 | /* | | 3714 | /* |
3710 | * Parse certificate and generate info/value structure. | | 3715 | * Parse certificate and generate info/value structure. |
3711 | */ | | 3716 | */ |
3712 | ret = cert_parse(data, len, fstamp); | | 3717 | ret = cert_parse(data, len, fstamp); |
3713 | free(data); | | 3718 | free(data); |
3714 | (void)fclose(str); | | 3719 | (void)fclose(str); |
3715 | if (ret == NULL) | | 3720 | if (ret == NULL) |
3716 | return (NULL); | | 3721 | return (NULL); |
3717 | | | 3722 | |
3718 | if ((ptr = strrchr(linkname, '\n')) != NULL) | | 3723 | if ((ptr = strrchr(linkname, '\n')) != NULL) |
3719 | *ptr = '\0'; | | 3724 | *ptr = '\0'; |
3720 | sprintf(statstr, "%s 0x%x len %lu", &linkname[2], ret->flags, | | 3725 | snprintf(statstr, NTP_MAXSTRLEN, |
3721 | len); | | 3726 | "%s 0x%x len %lu", &linkname[2], ret->flags, len); |
3722 | record_crypto_stats(NULL, statstr); | | 3727 | record_crypto_stats(NULL, statstr); |
3723 | #ifdef DEBUG | | 3728 | #ifdef DEBUG |
3724 | if (debug) | | 3729 | if (debug) |
3725 | printf("crypto_cert: %s\n", statstr); | | 3730 | printf("crypto_cert: %s\n", statstr); |
3726 | #endif | | 3731 | #endif |
3727 | return (ret); | | 3732 | return (ret); |
3728 | } | | 3733 | } |
3729 | | | 3734 | |
3730 | | | 3735 | |
3731 | /* | | 3736 | /* |
3732 | * crypto_tai - load leapseconds table from file | | 3737 | * crypto_tai - load leapseconds table from file |
3733 | * | | 3738 | * |
3734 | * This routine loads the ERTS leapsecond file in NIST text format, | | 3739 | * This routine loads the ERTS leapsecond file in NIST text format, |
| @@ -3824,27 +3829,27 @@ crypto_tai( | | | @@ -3824,27 +3829,27 @@ crypto_tai( |
3824 | } | | 3829 | } |
3825 | | | 3830 | |
3826 | /* | | 3831 | /* |
3827 | * The extension field table entries consists of the NTP seconds | | 3832 | * The extension field table entries consists of the NTP seconds |
3828 | * of leap insertion in network byte order. | | 3833 | * of leap insertion in network byte order. |
3829 | */ | | 3834 | */ |
3830 | len = i * sizeof(u_int32); | | 3835 | len = i * sizeof(u_int32); |
3831 | tai_leap.vallen = htonl(len); | | 3836 | tai_leap.vallen = htonl(len); |
3832 | ptr = emalloc(len); | | 3837 | ptr = emalloc(len); |
3833 | tai_leap.ptr = (u_char *)ptr; | | 3838 | tai_leap.ptr = (u_char *)ptr; |
3834 | for (j = 0; j < i; j++) | | 3839 | for (j = 0; j < i; j++) |
3835 | *ptr++ = htonl(leapsec[j]); | | 3840 | *ptr++ = htonl(leapsec[j]); |
3836 | crypto_flags |= CRYPTO_FLAG_TAI; | | 3841 | crypto_flags |= CRYPTO_FLAG_TAI; |
3837 | sprintf(statstr, "%s fs %u leap %u len %u", cp, fstamp, | | 3842 | snprintf(statstr, NTP_MAXSTRLEN, "%s fs %u leap %u len %u", cp, fstamp, |
3838 | leapsec[--j], len); | | 3843 | leapsec[--j], len); |
3839 | record_crypto_stats(NULL, statstr); | | 3844 | record_crypto_stats(NULL, statstr); |
3840 | #ifdef DEBUG | | 3845 | #ifdef DEBUG |
3841 | if (debug) | | 3846 | if (debug) |
3842 | printf("crypto_tai: %s\n", statstr); | | 3847 | printf("crypto_tai: %s\n", statstr); |
3843 | #endif | | 3848 | #endif |
3844 | } | | 3849 | } |
3845 | | | 3850 | |
3846 | | | 3851 | |
3847 | /* | | 3852 | /* |
3848 | * crypto_setup - load keys, certificate and leapseconds table | | 3853 | * crypto_setup - load keys, certificate and leapseconds table |
3849 | * | | 3854 | * |
3850 | * This routine loads the public/private host key and certificate. If | | 3855 | * This routine loads the public/private host key and certificate. If |