You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree:
7433fa0bce
OPENBSD_2_0
OPENBSD_2_1
OPENBSD_2_2
OPENBSD_2_3
OPENBSD_2_4
OPENBSD_2_5
OPENBSD_2_6
OPENBSD_2_7
OPENBSD_2_8
OPENBSD_2_9
OPENBSD_3_0
OPENBSD_3_1
OPENBSD_3_2
OPENBSD_3_3
OPENBSD_3_4
OPENBSD_3_5
OPENBSD_3_6
OPENBSD_3_7
OPENBSD_3_8
OPENBSD_3_9
OPENBSD_4_0
OPENBSD_4_1
OPENBSD_4_2
OPENBSD_4_3
OPENBSD_4_4
OPENBSD_4_5
OPENBSD_4_6
OPENBSD_4_7
OPENBSD_4_8
OPENBSD_4_9
OPENBSD_5_0
OPENBSD_5_1
OPENBSD_5_2
OPENBSD_5_3
OPENBSD_5_4
OPENBSD_5_5
OPENBSD_5_6
OPENBSD_5_7
OPENBSD_5_8
OPENBSD_5_9
OPENBSD_6_0
OPENBSD_6_1
OPENBSD_6_2
OPENBSD_6_3
OPENBSD_6_4
OPENBSD_6_5
OPENBSD_6_6
OPENBSD_6_7
master
startup100
openntpd-6.2p3
openntpd-6.2p2
openntpd-6.2p1
openntpd-6.1p1
openntpd-6.0p1
openntpd-5.9p1
openntpd-5.7p4
openntpd-5.7p3
openntpd-5.7p2
openntpd-5.7p1
PPP1_5
PEFO960729
OPENBSD_6_7_BASE
OPENBSD_6_6_BASE
OPENBSD_6_5_BASE
OPENBSD_6_4_BASE
OPENBSD_6_3_BASE
OPENBSD_6_2_BASE
OPENBSD_6_1_BASE
OPENBSD_6_0_BASE
OPENBSD_5_9_BASE
OPENBSD_5_8_BASE
OPENBSD_5_7_BASE
OPENBSD_5_6_BASE
OPENBSD_5_5_BASE
OPENBSD_5_4_BASE
OPENBSD_5_3_BASE
OPENBSD_5_2_BASE
OPENBSD_5_1_BASE
OPENBSD_5_0_BASE
OPENBSD_4_9_BASE
OPENBSD_4_8_BASE
OPENBSD_4_7_BASE
OPENBSD_4_6_BASE
OPENBSD_4_5_BASE
OPENBSD_4_4_BASE
OPENBSD_4_3_BASE
OPENBSD_4_2_BASE
OPENBSD_4_1_BASE
OPENBSD_4_0_BASE
OPENBSD_3_9_BASE
OPENBSD_3_8_BASE
OPENBSD_3_7_BASE
OPENBSD_3_6_BASE
OPENBSD_3_5_BASE
OPENBSD_3_4_BASE
OPENBSD_3_3_BASE
OPENBSD_3_2_BASE
OPENBSD_3_1_BASE
OPENBSD_3_0_BASE
OPENBSD_2_9_BASE
OPENBSD_2_8_BASE
OPENBSD_2_7_BASE
OPENBSD_2_6_BASE
OPENBSD_2_5_BASE
OPENBSD_2_4_BASE
OPENBSD_2_3_BASE
OPENBSD_2_2_BASE
OPENBSD_2_1_BASE
OPENBSD_2_0_BASE
reyk
7433fa0bce
Add support for "constraints": when configured, ntpd(8) will query the
time from HTTPS servers, by parsing the Date: header, and use the median constraint time as a boundary to verify NTP responses. This adds some level of authentication and protection against MITM attacks while preserving the accuracy of the NTP protocol; without relying on authentication options for NTP that are basically unavailable at present. This is an initial implementation and the semantics will be improved once it is in the tree. Discussed with deraadt@ and henning@ OK henning@ |
9 years ago | |
|---|---|---|
| src | Add support for "constraints": when configured, ntpd(8) will query the | 9 years ago |