KELB always returns NO_PROTOCOL on negotiation failure

NO_PROTOCOL should be returned when no protocol can be negotiated, but the KELB also returns it in case no algorithm can be negotiated.

E.g. using the code from https://github.com/squell/nts:

Normal operation:
```
$ ./demo time.tweede.golf 256_GCM_SIV
NTS error: INSUFFICIENT_DATA (read: 2 bytes)
NTS error: INSUFFICIENT_DATA (read: 2 bytes)
NTS error: INSUFFICIENT_DATA (read: 2 bytes)
NTS error: INSUFFICIENT_DATA (read: 2 bytes)
NTS error: NO_AEAD (read: 2 bytes)
```
Which is expected.

(Ignore the INSUFFICIENT_DATA, that's just the demo client informing us that the `ntpd-rs` version at time.tweede.golf sends fragmented data over the line due to the known RusTLS-issue, which I believe is fixed on main?)

But with the KELB:
```
$ ./demo ke.experimental.ntspooltest.org 256_GCM_SIV
NTS error: NO_PROTOCOL (read: 8 bytes)
```

So in this case the KELB isn't fully the same as a pure NTS time source. Of course a valid NTS client should always offer to support to SIV_CMAC_256, so this is not a big issue.



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

KELB always returns NO_PROTOCOL on negotiation failure #408

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

KELB always returns NO_PROTOCOL on negotiation failure #408

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions