r7 - 2012-08-20 - 20:38:50 - RajulSrivastavaYou are here: NTP >  Dev Web > GoogleSummerOfCode > GSoC2012LoggingDebugging > GSoC2012LoggingDebuggingTodoList
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p13 was released on 07 March 2019. It addresses 1 medium-severity security issue in ntpd, and provides 17 non-security bugfixes and 1 other improvements over 4.2.8p12.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Tasks yet to be done

Config Related

  1. Implement saveconfig
  2. Implement show output to ntpq (HMS: can be done later)
  3. To convert the config structure from an array to a linked list... (HMS: can be done later)
  4. To implement the code for including the size and version in case of file logging channels (HMS: can be done later)

API Implementation Related

  1. Work out the code for memory management and optimise the memory usage of the API code.
  2. Implement logging to various facilities of SYSLOG.
  3. Optimise code algorithms and data structures to make the it more time- and memory- efficient.
  4. Work out ways to more efficiently tag statements and use these tags for selective logging and other purposes.
  5. Resolve the bugs listed on the wiki page associated with the project.

Documentation Related

  1. Bring the documentation up-to-date with all the currently implemented features..

Logging System Related

  1. Clean out the obsolete and wrong Logging Statements.
  2. Figure out the categories in which the logs may be placed and tagged (HMS: can be done later)

Testing

  1. Demonstrate that the new code works.
  2. Implement a number of test cases showing logging directives in ntp.conf and use saveconfig to show that we "recognize" the directives.

API Design Related

HMS: These can all be done later.

  1. Designing and Implementation of a Sink-type structure that can store log messages and serve as an alternate logging channel
  2. Design and Implementation of a Message Management Client for the Logging System
  3. Implement features to include more information in the log.

-- RajulSrivastava - 2012-08-19

Discussion and Comments

 
Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r7 < r6 < r5 < r4 < r3 | More topic actions
Dev.GSoC2012LoggingDebuggingTodoList moved from Dev.GSoC2011LoggingDebuggingTodoList on 2012-08-20 - 00:16 by RajulSrivastava - put it back
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback