Re: ntpd: prefer %z when formatting size_t

[Todd C. Miller]

On Mon, 09 Feb 2015 22:32:55 -0600, Brent Cook wrote:

 Pretty trivial conversion. ok?

OK but size_t should be printed %zu (%zd is ssize_t).

 - todd

Re: ntpd: prefer %z when formatting size_t

[Martin Natano]

Obviously not that trivial: The return type of sizeof() is size_t, which
is unsigned, thus the second conversion specification should be %zu.
(The printf manpage notes that the %zd conversion indicates that the
argument is of a signed type equivalent in size to a size_t.).

natano

On Mon, Feb 09, 2015 at 10:32:55PM -0600, Brent Cook wrote:
 Pretty trivial conversion. ok?
 
 Index: ntp_msg.c
 ===
 RCS file: /cvs/src/usr.sbin/ntpd/ntp_msg.c,v
 retrieving revision 1.20
 diff -u -p -u -p -r1.20 ntp_msg.c
 --- ntp_msg.c 9 Jan 2015 07:35:37 -   1.20
 +++ ntp_msg.c 10 Feb 2015 04:23:03 -
 @@ -62,7 +62,7 @@ ntp_sendmsg(int fd, struct sockaddr *sa,
   }
 
   if (n != sizeof(*msg)) {
 - log_warnx(ntp_sendmsg: only %ld of %ld bytes sent, n,
 + log_warnx(ntp_sendmsg: only %zd of %zd bytes sent, n,
   sizeof(*msg));
   return (-1);
   }
 

Re: ntpd: be more verbose when logging privsep errors

[Todd C. Miller]

On Mon, 09 Feb 2015 22:34:20 -0600, Brent Cook wrote:

 This makes it easier for a sysadmin to diagnose a privilege separation
 path problem without looking at the source code for why 'stat' failed.

OK but when printing stb.st_mode you should AND it with ALLPERMS
so you don't print non-user bits.

 - todd

Re: ntpd: prefer %z when formatting size_t

[Joerg Sonnenberger]

On Mon, Feb 09, 2015 at 10:32:55PM -0600, Brent Cook wrote:
 Pretty trivial conversion. ok?

Well, if it is size_t, it should be %zu.

Joerg

Re: ntpd: prefer %z when formatting size_t

[Brent Cook]

 On Feb 10, 2015, at 9:37 AM, Todd C. Miller todd.mil...@courtesan.com wrote:
 
 On Mon, 09 Feb 2015 22:32:55 -0600, Brent Cook wrote:
 
 Pretty trivial conversion. ok?
 
 OK but size_t should be printed %zu (%zd is ssize_t).
 
 - todd
 

If I had known I would get so many emails over this, I would have just done %zu
in the first place :) I was just trying to keep them the same.

Re: pf congestion handling

[Henning Brauer]

I already talked to dlg here, but that obviously cuts you out which
isn't good :/

* Alexander Bluhm alexander.bl...@gmx.net [2015-02-10 23:12]:
 We do not use the pf congestion feature, we have disabled it with
 an #ifdef.  Prefering states over rules means that you cannot login
 into a congested box.  There are cases where this policy makes
 sense, in our use case it does not.

well, you can over the console, and preferring existing states is the
right thing to do imo:
-(D)DoS-Traffic won't match a state, prefering states means that your
 legit traffic has a much higher chance
-ruleset evaluation is MUCH more expensive than state matching

not sure whether your product is the extreme outlier here; if it is
then the you have to ifdef it out is perfectly acceptable imo;
if it isn't we might need a button (shrug). the fact that nobody asked
for a button or the like in a decade makes me tend towards not
needed. 

 I can't see cases where different congestion states for each input
 queue are useful.

me neither. things are significantly different now than they were 10+
years ago when bob  I chose ipintrq full as trigger. the congestion
trick isn't as effective any more as it used to be since the arrival
of MCLGETI - which overall is much more effective, and less selective
at the same time. the two should cooperate.

Re: Getting in touch

[Bob Beck]

The way to get attention around here is show diffs :)

On Tue, Feb 10, 2015 at 12:51 AM, aixtools aixto...@gmail.com wrote:
 L.S.,

 Trying for a bit over a week to gt a response re: libressl.

 1) If you have a established mailing-list for libressl - I did not find it.
 That of course says something about me - and maybe you are trying to keep
 people who cannot seek well enough away. I can only hope that you take this
 as intended - a hint you are hard to find.
 2) I have some patches/ideas that could be a step forward to having
 libressl-portable be buildable/packageable for AIX 5.3 TL7 and up.

 Looking forward to your reply,

 regards,
 Michael Felt
 (aka @rootvgnet, http://www.rootvg.net)

Re: OK... how dare you both even to not publish patches...

[David Coppa]

On Tue, Feb 10, 2015 at 5:05 AM, Ted Unangst t...@tedunangst.com wrote:
 Sebastian's emails don't make it to the list, but in the interest of
 transparency and not hiding any secrets about OpenBSD's security, I'm
 forwarding it along as requested.

Uff. Another one who forgot to get his meds...

Ciao!
David

 Sebastian Rother wrote:

Authenticated TLS contraints in ntpd(8)

[Reyk Floeter]

Hi!

Theo, Henning, and me developed an idea to utilize TLS in some way for
authenticated time in ntpd(8).  We are not intending to use it as a
direct time source, but as a constraint to verify the NTP responses.
I came up with an implementation that has been designed to be an
optional, non-intrusive feature that is now part of OpenBSD -current. 

From the ntpd.conf(5) man page: ntpd(8) can be configured to query
the `Date' from trusted HTTPS servers via TLS.  This time information
is not used for precision but acts as an authenticated constraint,
thereby reducing the impact of unauthenticated NTP `Man-In-The-Middle'
attacks.  Received NTP packets with time information falling outside
of a range near the constraint will be discarded and such NTP servers
will be marked as invalid.

The standardized attempts to add authentication to NTP are a) fairly
horrible (ASN.1 etc.) and b) rarely deployed.  HTTPS is most widely
deployed and provides a reference time in the Date: header.  The
resolution is not good enough as a time source, only seconds and it
does not consider network and I/O delays, but it is good enough to
provide bounds that can be used to verify the NTP responses.  We only
use the time from the HTTPS header, and not the TLS timestamp, as the
latter is most possibly randomized in modern SSL/TLS implementations.

To test it, you can configure one or more HTTPS URLs or hosts in your
ntpd.conf that will be queried upon startup of ntpd.  Any HTTPS URL
would work and the path is fully optional.  The server certificate is
currently verified against the CA certificates in /etc/ssl/cert.pem; a
self-signed certificate would not work unless you add your own CA to
the file.

---snip---
servers pool.ntp.org
constraints from https://www.google.com/search?q=openntpd;
constraints from www.twitter.com
constraint from www.apple.com
---snap---

The feature is still experimental and we're continuing to improve the
semantics.  But it is already fully functional and ready to be tested.
The HTTPS client requests are executed in independent processes that
are fully isolated from each other and from the NTP processes - a
strict separation protects the daemon from any potential failures in
the TLS execution.

Related commit:
http://marc.info/?l=openbsd-cvsm=142355043928397w=2

Have fun with catching the outliars!

Reyk

Re: Getting in touch

[aixtools]

On 2015-02-10 9:55 AM, Bob Beck wrote:

The way to get attention around here is show diffs :)

On Tue, Feb 10, 2015 at 12:51 AM, aixtoolsaixto...@gmail.com  wrote:

L.S.,

Trying for a bit over a week to gt a response re: libressl.

1) If you have a established mailing-list for libressl - I did not find it.
That of course says something about me - and maybe you are trying to keep
people who cannot seek well enough away. I can only hope that you take this
as intended - a hint you are hard to find.
2) I have some patches/ideas that could be a step forward to having
libressl-portable be buildable/packageable for AIX 5.3 TL7 and up.

Looking forward to your reply,

regards,
Michael Felt
(aka @rootvgnet, http://www.rootvg.net)



Then first the simple diff's :)

diff -ur libressl-2.1.3/configure libressl-2.1.3.save/configure
--- libressl-2.1.3/configure2015-01-21 14:42:11 +
+++ libressl-2.1.3.save/configure   2015-02-08 14:25:22 +
@@ -3049,7 +3049,16 @@
PLATFORM_LDADD='-lnsl -lsocket'

;;
-   *) ;;
+   *aix*)
+   HOST_OS=aix
+   CFLAGS=
+   PLATFORM_LDADD='-lpthread'
+
+   ;;
+   *)
+   echo $host_os not found
+   exit
+   ;;
 esac

 case $host_cpu in
diff -ur libressl-2.1.3/crypto/compat/arc4random.h 
libressl-2.1.3.save/crypto/compat/arc4random.h

--- libressl-2.1.3/crypto/compat/arc4random.h   2015-01-21 14:04:57 +
+++ libressl-2.1.3.save/crypto/compat/arc4random.h  2015-02-08 
15:16:01 +

@@ -6,6 +6,9 @@
 #if defined(__FreeBSD__)
 #include arc4random_freebsd.h

+#elif defined(_AIX)
+#include arc4random_aix.h
+
 #elif defined(__hpux)
 #include arc4random_hpux.h

For arc4random_aix.h I was lazy and just copied arc4random_hpux.h

root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]diff 
arc4random_hpux.h arc4random_aix.h
root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]ls 
-l arc4random_hpux.h arc4random_aix.h

-rw-r--r-- 1 michael felt   2193 Feb  8 15:13 arc4random_aix.h
-rw-r--r-- 1 rootsystem 2193 Jan 21 11:46 arc4random_hpux.h

And the attachments:
root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]ls 
-l *aix.c

-rw-r--r-- 1 michael felt 13110 Feb  9 17:19 getentropy_aix.c
-rw-r--r-- 1 michael felt  2401 Feb  9 17:19 issetugid_aix.c

As I do not understand, in detail, what the pseudo entrophy routines are 
doing I am guessing
I made an error, i.e., may be introducing some non-randomness by using 
the mod (%) operator on the PURR register counters that run in 
nanoseconds. I may have left the size at sizeof(u_long_long_t) while the 
'random' part is smaller (so high 0 bits not random).


To link on AIX - to support errlog() -lrts is needed (both non-root/root 
can write to errpt for this event). Whether you want to use the syslog_r 
addition - especially the part
looking up the process name (depends on /proc, so also potentially 
affected by a chroot() environment).


Basically, ideas.

I have not change the makefile in compat to add the *aix.o files into 
the archive.


Comments welcome!

Michael

p.s. compiling on AIX 5.3 TL7 - 5300-07-10-0943, using IBM C compiler 
V11, on a Power6


/*  $OpenBSD: $ */

/*
 * Copyright (c) 2015 Michael Felt aixto...@gmail.com
 * Copyright (c) 2014 Theo de Raadt dera...@openbsd.org
 * Copyright (c) 2014 Bob Beck b...@obtuse.com
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
 * Intended to Emulate getentropy(2) as documented at:
 * http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2
 */
/*
 * -lperfstat is needed for the psuedo entropy data
 * -lrst is needed for errlog
 * also, cc_r, or equivelent is needed for syslog_r (multi-thread safe 
libraries)
 */

#include sys/mman.h
#include sys/resource.h
#include sys/socket.h
#include sys/stat.h
#include sys/statvfs.h
#include sys/timers.h
#include stdio.h
#include fcntl.h
#include signal.h
#include termios.h
#include errno.h

#include openssl/sha.h

#include libperfstat.h

#define REPEAT 5
#define min(a, b) (((a)  (b)) ? (a) : (b))

#define HX(a, b) \
do { \
if ((a)) \
HD(errno); \
else \
HD(b); \
} while (0)

Re: Getting in touch

[Bob Beck]

Well.. there are issues with that both if you require libraries, and
are not certain how the other stuff works. In short, we
have to be a lot more careful than this and we can't depend on
external libraries.

Ideally, for us to deal with this we'd need an decent AIX running
machine with OS and compilers,  preferably in Austin Texas - It's
something we'd need to spend a little time with to fix up.

Is that anything you could assist us with?




On Tue, Feb 10, 2015 at 3:00 AM, aixtools aixto...@gmail.com wrote:
 On 2015-02-10 9:55 AM, Bob Beck wrote:

 The way to get attention around here is show diffs :)

 On Tue, Feb 10, 2015 at 12:51 AM, aixtoolsaixto...@gmail.com  wrote:

 L.S.,

 Trying for a bit over a week to gt a response re: libressl.

 1) If you have a established mailing-list for libressl - I did not find
 it.
 That of course says something about me - and maybe you are trying to keep
 people who cannot seek well enough away. I can only hope that you take
 this
 as intended - a hint you are hard to find.
 2) I have some patches/ideas that could be a step forward to having
 libressl-portable be buildable/packageable for AIX 5.3 TL7 and up.

 Looking forward to your reply,

 regards,
 Michael Felt
 (aka @rootvgnet, http://www.rootvg.net)


 Then first the simple diff's :)

 diff -ur libressl-2.1.3/configure libressl-2.1.3.save/configure
 --- libressl-2.1.3/configure2015-01-21 14:42:11 +
 +++ libressl-2.1.3.save/configure   2015-02-08 14:25:22 +
 @@ -3049,7 +3049,16 @@
 PLATFORM_LDADD='-lnsl -lsocket'

 ;;
 -   *) ;;
 +   *aix*)
 +   HOST_OS=aix
 +   CFLAGS=
 +   PLATFORM_LDADD='-lpthread'
 +
 +   ;;
 +   *)
 +   echo $host_os not found
 +   exit
 +   ;;
  esac

  case $host_cpu in
 diff -ur libressl-2.1.3/crypto/compat/arc4random.h
 libressl-2.1.3.save/crypto/compat/arc4random.h
 --- libressl-2.1.3/crypto/compat/arc4random.h   2015-01-21 14:04:57 +
 +++ libressl-2.1.3.save/crypto/compat/arc4random.h  2015-02-08 15:16:01
 +
 @@ -6,6 +6,9 @@
  #if defined(__FreeBSD__)
  #include arc4random_freebsd.h

 +#elif defined(_AIX)
 +#include arc4random_aix.h
 +
  #elif defined(__hpux)
  #include arc4random_hpux.h

 For arc4random_aix.h I was lazy and just copied arc4random_hpux.h

 root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]diff
 arc4random_hpux.h arc4random_aix.h
 root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]ls
 -l arc4random_hpux.h arc4random_aix.h
 -rw-r--r-- 1 michael felt   2193 Feb  8 15:13 arc4random_aix.h
 -rw-r--r-- 1 rootsystem 2193 Jan 21 11:46 arc4random_hpux.h

 And the attachments:
 root@x064:[/data/prj/openbsd/libressl/libressl-2.1.3.save/crypto/compat]ls
 -l *aix.c
 -rw-r--r-- 1 michael felt 13110 Feb  9 17:19 getentropy_aix.c
 -rw-r--r-- 1 michael felt  2401 Feb  9 17:19 issetugid_aix.c

 As I do not understand, in detail, what the pseudo entrophy routines are
 doing I am guessing
 I made an error, i.e., may be introducing some non-randomness by using the
 mod (%) operator on the PURR register counters that run in nanoseconds. I
 may have left the size at sizeof(u_long_long_t) while the 'random' part is
 smaller (so high 0 bits not random).

 To link on AIX - to support errlog() -lrts is needed (both non-root/root can
 write to errpt for this event). Whether you want to use the syslog_r
 addition - especially the part
 looking up the process name (depends on /proc, so also potentially affected
 by a chroot() environment).

 Basically, ideas.

 I have not change the makefile in compat to add the *aix.o files into the
 archive.

 Comments welcome!

 Michael

 p.s. compiling on AIX 5.3 TL7 - 5300-07-10-0943, using IBM C compiler V11,
 on a Power6

Re: Authenticated TLS contraints in ntpd(8)

[Kevin Chadwick]

On Tue, 10 Feb 2015 10:55:53 +0100
Reyk Floeter wrote:

 The standardized attempts to add authentication to NTP are a) fairly
 horrible (ASN.1 etc.) and b) rarely deployed.

When ntpd acts as a server, could the package signing code be of use
with ntpd keys?

Re: Authenticated TLS contraints in ntpd(8)

[Stuart Henderson]

On 2015/02/10 12:32, Reyk Floeter wrote:
 Let me share the answer to a question that I got in a private mail:
 
  On Tue, Feb 10, 2015 at 10:55:53AM +0100, Reyk Floeter wrote:
  ---snip---
  servers pool.ntp.org
  constraints from https://www.google.com/search?q=openntpd;

Cue google turning on captchas for searches for openntpd ;-)

Re: Authenticated TLS contraints in ntpd(8)

[Kevin Chadwick]

On Tue, 10 Feb 2015 13:03:27 +
David Dahlberg wrote:

   The standardized attempts to add authentication to NTP are a) fairly
   horrible (ASN.1 etc.) and b) rarely deployed.  
  
  When ntpd acts as a server, could the package signing code be of use
  with ntpd keys?  
 
 How exactly? You cannot use signing for PSK, Private Cert GK as they
 require peer-to-peer shared secrets. The rest of the autokey protocols
 do not provide any usable identity checks anyway. Nice read:
 http://zero-entropy.de/autokey_analysis.pdf
 
 The HTTPS-based scheme is at least able to link a rough time constraint
 to a PKI (which autokey is not even able to do) and it follows the
 general design approach of OpenNTPd: Being simple and good enough for
 most use cases.

I was meaning just for internal OpenBSD use between ntpds really (you
would still need a trusted or checked source with a decent crystal)
without resorting to handing axes out, outside the standards meeting
with the time_t pdf link enscribed in the handle ;-).

Re: Authenticated TLS contraints in ntpd(8)

[Reyk Floeter]

On Tue, Feb 10, 2015 at 10:51:12PM -0700, Theo de Raadt wrote:
 So I gave Reyk some beer, and he did the impossible :-)
 

I sense a pattern here.

Reyk

Re: pf congestion handling

[David Gwynne]

 On 11 Feb 2015, at 8:12 am, Alexander Bluhm alexander.bl...@gmx.net wrote:
 
 On Tue, Feb 10, 2015 at 04:01:19PM +1000, David Gwynne wrote:
 i want to remove the congestion stuff in ifqueue, but i dont want
 to remove the pf functionality. my attempt at this below.
 
 I like that you replaced the malloc and timeout with a ticks
 comparison as it makes the code simpler.  The semantic changes a
 bit.  If the box was unter high network load without softtimer
 interrupts, the old code did not clear the congestion.  I don't
 know wether that behavior was intentional.

i doubt it was intentional.

 We do not use the pf congestion feature, we have disabled it with
 an #ifdef.  Prefering states over rules means that you cannot login
 into a congested box.  There are cases where this policy makes
 sense, in our use case it does not.

maybe we could create explicit pf rule checks for it:

pass in on port ssh
block in quick congested
pass in on port { http https }

instead of having what is effectively an implicit block in quick congested at 
the top of the ruleset.

 I can't see cases where different congestion states for each input
 queue are useful.

me either.

dlg

Re: Authenticated TLS contraints in ntpd(8)

[Bob Beck]

On Tue, Feb 10, 2015 at 11:19 PM, Reyk Floeter r...@openbsd.org wrote:
 On Tue, Feb 10, 2015 at 10:51:12PM -0700, Theo de Raadt wrote:
 So I gave Reyk some beer, and he did the impossible :-)


 I sense a pattern here.

 Reyk

Not enough samples to be a pattern yet.. You shouldn't worry..

It's too bad supporting IkeV1 in your software is impossible.

Re: Authenticated TLS contraints in ntpd(8)

[Henning Brauer]

* Henning Brauer hb-openbsdt...@ml.bsws.de [2015-02-10 13:21]:
 * Kevin Chadwick ma1l1i...@yahoo.co.uk [2015-02-10 13:14]:
  On Tue, 10 Feb 2015 10:55:53 +0100
  Reyk Floeter wrote:
   The standardized attempts to add authentication to NTP are a) fairly
   horrible (ASN.1 etc.) and b) rarely deployed.
  When ntpd acts as a server, could the package signing code be of use
  with ntpd keys?
 getting the signature into the ntp packets in a way that doesn't break
 compatibility is the challenge.

let me elaborate slightly: even if we came up with a überauth
mechanism that doesn't suck and doesn't break compat, it wouldn't be
of much use unless the servers you sync from support it - one of the
pools for most. even if you could completely trust them and whatever
model of key distribution, for them to support this, you have to get it
standarized. and even if we managed to get it pushed through the
standards corpses^Wbodies, it would take ages until it gets deployed,
IF it ever gets widely deployed.
That's a lot of ifs, I leave the judgement on likeliness to you.

constraints from https, however - that works today.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS. Virtual  Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: Authenticated TLS contraints in ntpd(8)

[Theo de Raadt]

 * Henning Brauer hb-openbsdt...@ml.bsws.de [2015-02-10 13:21]:
  * Kevin Chadwick ma1l1i...@yahoo.co.uk [2015-02-10 13:14]:
   On Tue, 10 Feb 2015 10:55:53 +0100
   Reyk Floeter wrote:
The standardized attempts to add authentication to NTP are a) fairly
horrible (ASN.1 etc.) and b) rarely deployed.
   When ntpd acts as a server, could the package signing code be of use
   with ntpd keys?
  getting the signature into the ntp packets in a way that doesn't break
  compatibility is the challenge.
 
 let me elaborate slightly: even if we came up with a überauth
 mechanism that doesn't suck and doesn't break compat, it wouldn't be
 of much use unless the servers you sync from support it - one of the
 pools for most. even if you could completely trust them and whatever
 model of key distribution, for them to support this, you have to get it
 standarized. and even if we managed to get it pushed through the
 standards corpses^Wbodies, it would take ages until it gets deployed,
 IF it ever gets widely deployed.
 That's a lot of ifs, I leave the judgement on likeliness to you.
 
 constraints from https, however - that works today.

So full disclosure, this was my idea, though Reyk wrote the code.

I was struck by how 2 decades ago there was common practice to use
rdate -a, thus using the RFC 868 timed protocol.  It is a one-shot,
triggering a slide using the kernel adjtime system call.  Then ntp
showed up, kind of but it was heavy, and it became more common
practice to have small machines do rdate -an.  Once again, it is a
one-shot, triggering a slide using the kernel adjtime system call.
Such practice was good enough for most uses.  Some people did this in
cron.  ntp was just too large to compile, too complicated for
automatic setup, so it was rarely used back in those days.

Some time went by, and more people started using official NTP, but
we wavered, not liking the sourc code.

Finally openntpd arrived, designed to be light and secure -- enough so
we could run it in all circumstances.  It contains protection against
NTP packet spoofing, but cannot solve the NTP protocol MITM problems.

Recently, tlsdate showed up, which is basically rdate -TLS, and
perhaps it has an option like -a, but still that would be the
one-shot triggering a slide in the kernel.  Solving nothing new really
in terms of time quality...

However it struck me that we could use such a method to authenticate
information learned from NTP sources.  As long as the information was
handled correctly in one daemon.  Asyncronously, and very carefully,
using the privsep model for safety.

So I gave Reyk some beer, and he did the impossible :-)

Re: pf congestion handling

[Alexander Bluhm]

On Tue, Feb 10, 2015 at 04:01:19PM +1000, David Gwynne wrote:
 i want to remove the congestion stuff in ifqueue, but i dont want
 to remove the pf functionality. my attempt at this below.

I like that you replaced the malloc and timeout with a ticks
comparison as it makes the code simpler.  The semantic changes a
bit.  If the box was unter high network load without softtimer
interrupts, the old code did not clear the congestion.  I don't
know wether that behavior was intentional.

We do not use the pf congestion feature, we have disabled it with
an #ifdef.  Prefering states over rules means that you cannot login
into a congested box.  There are cases where this policy makes
sense, in our use case it does not.

I can't see cases where different congestion states for each input
queue are useful.

OK bluhm@

Re: ntpd: prefer %z when formatting size_t

[Ted Unangst]

Brent Cook wrote:
 
  On Feb 10, 2015, at 9:37 AM, Todd C. Miller todd.mil...@courtesan.com 
  wrote:
  
  On Mon, 09 Feb 2015 22:32:55 -0600, Brent Cook wrote:
  
  Pretty trivial conversion. ok?
  
  OK but size_t should be printed %zu (%zd is ssize_t).
  
  - todd
  
 
 If I had known I would get so many emails over this, I would have just done 
 %zu
 in the first place :) I was just trying to keep them the same.
 

I don't think I've ever seen a size_t value in the wild that was:
1) larger than SIZE_MAX / 2
2) not the result of an error

Usually, if %zu vs %zd matters, it's because somebody screwed up and you
actually are looking at a negative size_t. possible exception: -1 as a sentinel.
Either way, it may be desirable to make such numbers look negative.

Re: Authenticated TLS contraints in ntpd(8)

[David Dahlberg]

Am Dienstag, den 10.02.2015, 12:35 + schrieb Kevin Chadwick:
 On Tue, 10 Feb 2015 10:55:53 +0100
 Reyk Floeter wrote:
 
  The standardized attempts to add authentication to NTP are a) fairly
  horrible (ASN.1 etc.) and b) rarely deployed.
 
 When ntpd acts as a server, could the package signing code be of use
 with ntpd keys?

How exactly? You cannot use signing for PSK, Private Cert GK as they
require peer-to-peer shared secrets. The rest of the autokey protocols
do not provide any usable identity checks anyway. Nice read:
http://zero-entropy.de/autokey_analysis.pdf

The HTTPS-based scheme is at least able to link a rough time constraint
to a PKI (which autokey is not even able to do) and it follows the
general design approach of OpenNTPd: Being simple and good enough for
most use cases.

-- 
David Dahlberg 

Fraunhofer FKIE, Dept. Communication Systems (KOM) | Tel: +49-228-9435-845
Fraunhoferstr. 20, 53343 Wachtberg, Germany| Fax: +49-228-856277

Re: Authenticated TLS contraints in ntpd(8)

[Henning Brauer]

* Kevin Chadwick ma1l1i...@yahoo.co.uk [2015-02-10 13:14]:
 On Tue, 10 Feb 2015 10:55:53 +0100
 Reyk Floeter wrote:
  The standardized attempts to add authentication to NTP are a) fairly
  horrible (ASN.1 etc.) and b) rarely deployed.
 When ntpd acts as a server, could the package signing code be of use
 with ntpd keys?

getting the signature into the ntp packets in a way that doesn't break
compatibility is the challenge.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS. Virtual  Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: ntpd: prefer %z when formatting size_t

[Theo de Raadt]

 Brent Cook wrote:
  
   On Feb 10, 2015, at 9:37 AM, Todd C. Miller todd.mil...@courtesan.com 
   wrote:
   
   On Mon, 09 Feb 2015 22:32:55 -0600, Brent Cook wrote:
   
   Pretty trivial conversion. ok?
   
   OK but size_t should be printed %zu (%zd is ssize_t).
   
   - todd
   
  
  If I had known I would get so many emails over this, I would have just done 
  %zu
  in the first place :) I was just trying to keep them the same.
  
 
 I don't think I've ever seen a size_t value in the wild that was:
 1) larger than SIZE_MAX / 2
 2) not the result of an error
 
 Usually, if %zu vs %zd matters, it's because somebody screwed up and you
 actually are looking at a negative size_t. possible exception: -1 as a 
 sentinel.
 Either way, it may be desirable to make such numbers look negative.

Yeah, I agree.  Bugs are more likely to be fixed if people see -1.  More
people will know where to look.