[LEDE-DEV] [OpenWrt-Devel] [PATCH] busybox: sysntpd - Support for NTP servers received via DHCP(v6)

Amine Aouled Hamed amine.ahd at gmail.com
Fri May 20 07:27:10 PDT 2016


Hi,
Please add raw triggers to only the interfaces specified in the list.

Regards,
Amine.

On Fri, May 20, 2016 at 4:11 PM, Hans Dedecker <dedeckeh at gmail.com> wrote:
> On Fri, May 20, 2016 at 3:59 PM, Conor O'Gorman <i at conorogorman.net> wrote:
>>
>>
>> On 20/05/16 14:43, Hans Dedecker wrote:
>>>
>>> On Fri, May 20, 2016 at 3:18 PM, David Lang <david at lang.hm> wrote:
>>>>
>>>> On Fri, 20 May 2016, Jo-Philipp Wich wrote:
>>>>
>>>>> Hi Hans,
>>>>>
>>>>>> I wanted to preserve the ntp server behavior and only change the
>>>>>> behavior when configured in order to keep backwards compatibility. You
>>>>>> favour enabling DHCP ntp server config without explicit config ?
>>>>>
>>>>>
>>>>> Personally I do because thats likely what most users expect, but then
>>>>> trusting foreign NTP server advertisements might be a security sensitive
>>>>> topic - on the other hand one trusts the default gateway and DNS
>>>>> advertisements too, so I don't know.
>>>>
>>>>
>>>> NTP isn't signed.
>>>>
>>>> If I can control your DNS, I can probably control your NTP by giving you
>>>> the
>>>> wrong IP for the NTP server
>>>>
>>>> If I can control your gateway, I can redirect all your NTP queries to
>>>> someone else (NAT, redirects, etc)
>>>>
>>>> so why not trust the NTP server being provided?
>>>
>>> OK let's make the concensus to enable use_dhcp by default
>>>
>>>
>> If there are none from dhcp, it'll fall back to the configured list?
>>
>> Servers from dhcp are extra? or replacing the configured?
> Servers from DHCP are extra; thus on top of the configured ones
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the Lede-dev mailing list