Skip to content

Set random NTP port by default #198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Sep 3, 2020
Merged

Set random NTP port by default #198

merged 10 commits into from
Sep 3, 2020

Conversation

luigigubello
Copy link
Contributor

@luigigubello luigigubello commented Sep 2, 2020
edited
Loading

Added method to set a (pseudo)random local port, so that the board needs not to use always the same embedded local port for receiving NTP packets.

At the moment, ArduinoIoTCloud library uses the fixed port 8888 for receiving NTP packets via unencrypted UDP connection. Changing randomly port to receive NTP packets doesn't improve cryptographic security and it is not the final solution, but it adds a layer to make harder the attacker's job.

How it works

NTPUtils.h

extern const int  MIN_NTP_PORT;
extern const int  MAX_NTP_PORT;

NTPUtils.cpp

unsigned long NTPUtils::getTime(UDP & udp)
{
  NTPUtils randomPort;
  int _randomPort = randomPort.setRandomPort(MIN_NTP_PORT, MAX_NTP_PORT);
  udp.begin(_randomPort);
  [...]
}

int NTPUtils::setRandomPort(int minValue, int maxValue) {
  if (has_crypto) {
    return ECCX08.random(minValue, maxValue);
  } else {
    randomSeed(analogRead(0));
    return random(minValue, maxValue);
  }
}

The user sets the variables MIN_NTP_PORT and MIN_NTP_PORT and the ArduinoIoTCloud library will use this range to calculate a random port for receiving NTP packets.

How to use

In ThingProperties.h add the lines:

int MIN_NTP_PORT = 49152;
int MAX_NTP_PORT = 65535;

The user can set arbitrary ports, 49152 and 65535 are based on IANA Standard.

@codecov-commenter
Copy link

codecov-commenter commented Sep 2, 2020
edited
Loading

Codecov Report

Merging #198 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #198   +/-   ##
=======================================
  Coverage   95.27%   95.27%           
=======================================
  Files          25       25           
  Lines         889      889           
=======================================
  Hits          847      847           
  Misses         42       42

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f4d07c8...11054bd. Read the comment docs.

@arduino-libraries arduino-libraries deleted a comment from github-actions bot Sep 3, 2020
@arduino-libraries arduino-libraries deleted a comment from github-actions bot Sep 3, 2020
@arduino-libraries arduino-libraries deleted a comment from github-actions bot Sep 3, 2020
@arduino-libraries arduino-libraries deleted a comment from github-actions bot Sep 3, 2020
@aentinger aentinger merged commit 0b45114 into arduino-libraries:master Sep 3, 2020
@aentinger aentinger deleted the improving_ntputils branch September 3, 2020 09:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@luigigubello @codecov-commenter @aentinger