[Git][NTPsec/ntpsec][master] Package site-wide NTS config into a struct.

Fri Feb 8 13:47:23 UTC 2019

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
ae7328fb by Eric S. Raymond at 2019-02-08T13:46:26Z
Package site-wide NTS config into a struct.

- - - - -


3 changed files:

- include/nts.h
- ntpd/ntp_config.c
- ntpd/nts.c


Changes:

=====================================
include/nts.h
=====================================
@@ -12,12 +12,6 @@
 #define FLAG_NTS_REQ	0x04u	/* NTS, ask for specified server */
 #define FLAG_NTS_NOVAL	0x08u	/* do not validate the server certificate */
 
-extern bool ntsenable; 		/* enable NTS on this ntpd instance */
-extern float mintls;		/* minimum TLS version allowed */
-extern float maxtls;		/* maximum TLS version allowed */
-extern char *tlsciphers;	/* allowed TLS 1.2 ciphers */
-extern char *tlsciphersuites;	/* allowed TLS 1.3 ciphersuites */
-
 /* Configuration data for an NTS association */
 struct ntscfg_t {
     char *server;	/* if NULL, use the peer itself (normal case) */
@@ -34,4 +28,15 @@ struct ntsstate_t {
     int cookie_count;
 };
 
+/* Configuration data for an NTS server of client instance */
+struct ntsconfig_t {
+    bool ntsenable; 		/* enable NTS on this ntpd instance */
+    float mintls;		/* minimum TLS version allowed */
+    float maxtls;		/* maximum TLS version allowed */
+    char *tlsciphers;	/* allowed TLS 1.2 ciphers */
+    char *tlsciphersuites;	/* allowed TLS 1.3 ciphersuites */
+};
+
+extern struct ntsconfig_t ntsconfig;
+
 #endif /* GUARD_NTS_H */


=====================================
ntpd/ntp_config.c
=====================================
@@ -1994,27 +1994,27 @@ config_crypto(
 			break;
 
 		case T_Maxtls:
-			maxtls = crypto->value.d;
+			ntsconfig.maxtls = crypto->value.d;
 			break;
 
 		case T_Mintls:
-			mintls = crypto->value.d;
+			ntsconfig.mintls = crypto->value.d;
 			break;
 
 		case T_Tlsciphers:
-			tlsciphers = estrdup(crypto->value.s);
+			ntsconfig.tlsciphers = estrdup(crypto->value.s);
 			break;
 
 		case T_Tlsciphersuites:
-			tlsciphersuites = estrdup(crypto->value.s);
+			ntsconfig.tlsciphersuites = estrdup(crypto->value.s);
 			break;
 
 		case T_Enable:
-			ntsenable = true;
+			ntsconfig.ntsenable = true;
 			break;
 
 		case T_Disable:
-			ntsenable = false;
+			ntsconfig.ntsenable = false;
 			break;
 		}
 	}


=====================================
ntpd/nts.c
=====================================
@@ -15,11 +15,7 @@
 #include "ntp_types.h"
 #include "ntpd.h"
 
-bool ntsenable = true; 		/* enable NTS on this ntpd instance */
-float mintls = 1.2;		/* minimum TLS version allowed */
-float maxtls;			/* maximum TLS version allowed */
-char *tlsciphers;		/* allowed TLS 1.2 ciphers */
-char *tlsciphersuites;		/* allowed TLS 1.3 ciphersuites */
+struct ntsconfig_t ntsconfig;
 
 /* By design, there is no per-client-side state on the server */
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/ae7328fb3fb179f5e0558b9087a3b95d2bec5e85

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/ae7328fb3fb179f5e0558b9087a3b95d2bec5e85
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190208/f2aba94c/attachment-0001.html>
