On Tuesday, December 27, 2005 at 4:27:28 +0000, Steve Kostecke wrote: > I don't see anything in the code _requiring_ the existence of a client > sym-link to activate an Identity Scheme.
Thanks for Luking at the source. I downloaded ntp-dev-4.2.0b-20051225 to exactly follow you. And took Debian ntp_4.2.0a+stable-2sarge1 source package as comparision. I believe your analysis is mostly OK, but you stopped too early. 3 steps, 2 variants: 1) In crypto_setup() loading a ntpkey_iff_hostname at startup does set a CRYPTO_FLAG_IFF in crypto_flags, which is the global var for host's default flags. 2) In crypto_recv() for the CRYPTO_ASSOC response (2nd step of the dance), peer->crypto which is the assoc flags is initialised with: - Stable: The server default flags. - Dev: Host default flags AND server default flags. Binary AND. This means assoc flags has only common schemes loaded at startup on both. 3) Later in the dance, in crypto_ident(), ntpkey_iff_issuer is loaded only if (peer->crypto & CRYPTO_FLAG_IFF). With stable, a client symlink is not necessary. With dev, it is. I don't understand why your experience failed? > I won't be pulled in to that Tiergrube. What's that? Anyway my trick question's only interest was the embedded hint. Serge. -- Serge point Bets arobase laposte point net _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
