RE: Query about Meinberg NTPV4 4.2.4p7 client compatibility with other thirdparty NTPV4 servers

[Emmanuel, Mathews IN BLR SISL]

Thanks Viktor. I will check the usage of strcpy () and strlen ().
I may have to contact the NTP developer's group for further clarifications.

With best regards,
Mathews Emmanuel

Siemens Information Systems Ltd
CTDC I IA&DT IN
Survey No. 39, 41, 42
Block B, Salarpuria Infozone
Electronic City
Hosur Road, Bangalore - 560 100
Tel.  : + 91 80 6711 1143
Fax. : + 91 80 6711 1600
mailto. : mathews.emmann...@siemens.com
www.siemens.co.in


-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Victor Duchovni
Sent: Tuesday, January 19, 2010 8:37 PM
To: openssl-users@openssl.org
Subject: Re: Query about Meinberg NTPV4 4.2.4p7 client compatibility with other 
thirdparty NTPV4 servers

On Tue, Jan 19, 2010 at 07:43:34PM +0530, Emmanuel, Mathews  IN BLR SISL wrote:

> Inference:
> 'Meinberg NTPV4 4.2.4p7' client sends the ASSOC request and receive the ASSOC 
> response from our server. But the Meinberg client again sends the ASSOC 
> request to our server instead of sending the CERT request.

This is the OpenSSL users list. It seems to me that question belongs on
an NTP developer list. If you have a question about how to construct
message digests, please ask that question, directly.

A common pitfall, which I am guessing you did not fall into, but just
in case: Make sure you don't use strlen() or strcpy(), ... with raw
binary message digests, as these will contain null bytes, with a probability
of 1/256 per byte. The odds of an MD5 digest containing no null bytes are:

(255/256)^16 ~ 93.9%

For SHA1 these drop to:

(255/256)^20 ~ 92.5%

perhaps your MD5 test was "lucky", and SHA1 test was unlucky? If you
are actually computing and copying the hash value correctly, the rest
is material for an NTP protocol discussion list.

--
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Important notice: This e-mail and any attachment there to contains corporate 
proprietary information. If you have received it by mistake, please notify us 
immediately by reply e-mail and delete this e-mail and its attachments from 
your system.
Thank You.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Query about Meinberg NTPV4 4.2.4p7 client compatibility with other thirdparty NTPV4 servers

[Victor Duchovni]

On Tue, Jan 19, 2010 at 07:43:34PM +0530, Emmanuel, Mathews  IN BLR SISL wrote:

> Inference:
> 'Meinberg NTPV4 4.2.4p7' client sends the ASSOC request and receive the ASSOC 
> response from our server. But the Meinberg client again sends the ASSOC 
> request to our server instead of sending the CERT request.

This is the OpenSSL users list. It seems to me that question belongs on
an NTP developer list. If you have a question about how to construct
message digests, please ask that question, directly.

A common pitfall, which I am guessing you did not fall into, but just
in case: Make sure you don't use strlen() or strcpy(), ... with raw
binary message digests, as these will contain null bytes, with a probability
of 1/256 per byte. The odds of an MD5 digest containing no null bytes are:

(255/256)^16 ~ 93.9% 

For SHA1 these drop to:

(255/256)^20 ~ 92.5% 

perhaps your MD5 test was "lucky", and SHA1 test was unlucky? If you
are actually computing and copying the hash value correctly, the rest
is material for an NTP protocol discussion list.

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org