ln5 / tlsdate Goto Github PK
View Code? Open in Web Editor NEWThis project forked from ioerror/tlsdate
secure parasitic rdate replacement
License: Other
This project forked from ioerror/tlsdate
secure parasitic rdate replacement
License: Other
tlsdate: secure parasitic rdate replacement tlsdate sets the local clock by securely connecting with TLS to remote servers and extracting the remote time out of the secure handshake. Unlike ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS enabled service, and provides some protection against adversaries that try to feed you malicious time information. On Debian GNU/Linux and related systems, we provide an init.d script that controls the tlsdated daemon. It will notice network changes and regularly invoke tlsdate to keep the clock in sync. Start it like so: /etc/init.d/tlsdate start Here is an example an unprivileged user fetching the remote time: % tlsdate -v -V -n V: tlsdate version 0.0.1 V: We were called with the following arguments: V: validate SSL certificates host = www.ptb.de:443 V: time is currently 1342197117.577381 V: using TLSv1_client_method() V: SSL certificate verification passed V: server time 1342197117 (difference is about 0 s) was fetched in 705 ms Fri Jul 13 18:31:57 CEST 2012 This is an example run - starting as root and dropping to nobody: % sudo ./tlsdate -v V: tlsdate version 0.0.1 V: We were called with the following arguments: V: validate SSL certificates host = www.ptb.de:443 V: time is currently 1342197222.273552 V: using TLSv1_client_method() V: SSL certificate verification passed V: server time 1342197222 (difference is about 0 s) was fetched in 520 ms V: setting time succeeded Here is an example with a custom host and custom port without verification: % sudo tlsdate -v --skip-verification -p 80 -H rgnx.net V: tlsdate version 0.0.1 V: We were called with the following arguments: V: disable SSL certificate check host = rgnx.net:80 WARNING: Skipping certificate verification! V: time is currently 1342197285.298607 V: using TLSv1_client_method() V: Certificate verification skipped! V: server time 1342197286 (difference is about -1 s) was fetched in 765 ms V: setting time succeeded Here is an example of a false ticker that is detected and rejected: % sudo tlsdate -v -H facebook.com V: tlsdate version 0.0.1 V: We were called with the following arguments: V: validate SSL certificates host = facebook.com:443 V: time is currently 1342197379.931852 V: using TLSv1_client_method() V: SSL certificate verification passed V: server time 2693501503 (difference is about -1351304124 s) was fetched in 724 ms remote server is a false ticker from the future! Here is an example where a system may not have any kind of RTC at boot. Do the time warp to restore sanity and do so with a leap of faith: % sudo tlsdate -v -V -l -t V: tlsdate version 0.0.1 V: We were called with the following arguments: V: validate SSL certificates host = www.ptb.de:443 V: RECENT_COMPILE_DATE is 1342407042.000000 V: time is currently 1342488229.659967 V: time is greater than RECENT_COMPILE_DATE V: using TLSv1_client_method() V: freezing time for x509 verification V: remote peer provided: 1342488230, prefered over compile time: 1342407042 V: freezing time with X509_VERIFY_PARAM_set_time V: SSL certificate verification passed V: server time 1342488230 (difference is about -1 s) was fetched in 791 ms Mon Jul 16 18:23:50 PDT 2012 V: setting time succeeded
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.