Bug 14757 - Support for MS-SNTP extended authenticator in ntp_signd
Summary: Support for MS-SNTP extended authenticator in ntp_signd
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.14.4
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-07-14 09:47 UTC by Andreas Schneider
Modified: 2021-07-14 09:47 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Schneider 2021-07-14 09:47:18 UTC
The MS-SNTP specification includes a new extended authenticator field, which is apparently used by w32time in latest Windows versions. It's not supported by ntp_signd yet. Latest versions of the specification are here:

https://msdn.microsoft.com/en-us/library/cc246877.aspx

A support for ntp_signd was recently implemented in chrony and it can detect MS-SNTP packets using the new extended authenticator field, but there is no way to pass the additional data to ntp_signd. A new command or version of the protocol will probably need to be specified.