From fc50a701faafe60f117473016868770df54a6444 Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Tue, 11 May 2021 08:10:10 -0400
Subject: [PATCH] Don't generate # into ASCIIfied keys.

---
 ntpclients/ntpkeygen.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ntpclients/ntpkeygen.py b/ntpclients/ntpkeygen.py
index 969be76a6..10d220f43 100644
--- a/ntpclients/ntpkeygen.py
+++ b/ntpclients/ntpkeygen.py
@@ -33,7 +33,8 @@ try:
         if asciified:
             result = ''
             for index in range(bytes):
-                result += chr(0x21 + secrets.randbelow(0x5d))
+                # Start ASCII characters with 0x24 so as not to include comment-beginning #
+                result += chr(0x24 + secrets.randbelow(0x5a))
             return result
         else:
             return secrets.token_hex(bytes)
@@ -43,7 +44,8 @@ except ImportError:
         result = ''
         if asciified:
             for index in range(bytes):
-                result += chr(random.randint(0x21, 0x7e))
+                # Start ASCII characters with 0x24 so as not to include comment-beginning #
+                result += chr(random.randint(0x24, 0x7e))
         else:
             for index in range(bytes):
                 result += "%02x" % random.randint(0x0, 0xff)
-- 
2.25.1