nts: add server support for NTP server negotiation
Add ntsntpserver directive to specify the hostname of the NTP server provided in NTS-KE response to clients.
This commit is contained in:
Miroslav Lichvar
parent
958d66f8a7
commit
4aff08e95d
3 changed files with 19 additions and 6 deletions
14
conf.c
14
conf.c
|
|
@ -223,8 +223,9 @@ static char *leapsec_tz = NULL;
|
|||
/* Name of the user to which will be dropped root privileges. */
|
||||
static char *user;
|
||||
|
||||
/* NTS dump dir, certificates, private key, and port */
|
||||
/* NTS server and client configuration */
|
||||
static char *nts_dump_dir = NULL;
|
||||
static char *nts_ntp_server = NULL;
|
||||
static char *nts_server_cert_file = NULL;
|
||||
static char *nts_server_key_file = NULL;
|
||||
static int nts_server_port = 11443;
|
||||
|
|
@ -405,6 +406,7 @@ CNF_Finalise(void)
|
|||
Free(tempcomp_sensor_file);
|
||||
Free(tempcomp_point_file);
|
||||
Free(nts_dump_dir);
|
||||
Free(nts_ntp_server);
|
||||
Free(nts_server_cert_file);
|
||||
Free(nts_server_key_file);
|
||||
Free(nts_trusted_cert_file);
|
||||
|
|
@ -554,6 +556,8 @@ CNF_ParseLine(const char *filename, int number, char *line)
|
|||
} else if (!strcasecmp(command, "ntscachedir") ||
|
||||
!strcasecmp(command, "ntsdumpdir")) {
|
||||
parse_string(p, &nts_dump_dir);
|
||||
} else if (!strcasecmp(command, "ntsntpserver")) {
|
||||
parse_string(p, &nts_ntp_server);
|
||||
} else if (!strcasecmp(command, "ntsport")) {
|
||||
parse_int(p, &nts_server_port);
|
||||
} else if (!strcasecmp(command, "ntsprocesses")) {
|
||||
|
|
@ -2077,6 +2081,14 @@ CNF_GetNtsDumpDir(void)
|
|||
|
||||
/* ================================================== */
|
||||
|
||||
char *
|
||||
CNF_GetNtsNtpServer(void)
|
||||
{
|
||||
return nts_ntp_server;
|
||||
}
|
||||
|
||||
/* ================================================== */
|
||||
|
||||
char *
|
||||
CNF_GetNtsServerCertFile(void)
|
||||
{
|
||||
|
|
|
|||
1
conf.h
1
conf.h
|
|
@ -140,6 +140,7 @@ typedef struct {
|
|||
extern int CNF_GetHwTsInterface(unsigned int index, CNF_HwTsInterface **iface);
|
||||
|
||||
extern char *CNF_GetNtsDumpDir(void);
|
||||
extern char *CNF_GetNtsNtpServer(void);
|
||||
extern char *CNF_GetNtsServerCertFile(void);
|
||||
extern char *CNF_GetNtsServerKeyFile(void);
|
||||
extern int CNF_GetNtsServerPort(void);
|
||||
|
|
|
|||
|
|
@ -299,6 +299,7 @@ prepare_response(NKSN_Instance session, int error, int next_protocol, int aead_a
|
|||
{
|
||||
NKE_Context context;
|
||||
NKE_Cookie cookie;
|
||||
char *ntp_server;
|
||||
uint16_t datum;
|
||||
int i;
|
||||
|
||||
|
|
@ -325,11 +326,10 @@ prepare_response(NKSN_Instance session, int error, int next_protocol, int aead_a
|
|||
return 0;
|
||||
}
|
||||
|
||||
/* This should be configurable */
|
||||
if (0) {
|
||||
const char server[] = "::1";
|
||||
if (!NKSN_AddRecord(session, 1, NKE_RECORD_NTPV4_SERVER_NEGOTIATION, server,
|
||||
sizeof (server) - 1))
|
||||
ntp_server = CNF_GetNtsNtpServer();
|
||||
if (ntp_server) {
|
||||
if (!NKSN_AddRecord(session, 1, NKE_RECORD_NTPV4_SERVER_NEGOTIATION,
|
||||
ntp_server, strlen(ntp_server)))
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue