| /* |
| chronyd/chronyc - Programs for keeping computer clocks accurate. |
| |
| ********************************************************************** |
| * Copyright (C) Miroslav Lichvar 2019 |
| * |
| * This program is free software; you can redistribute it and/or modify |
| * it under the terms of version 2 of the GNU General Public License as |
| * published by the Free Software Foundation. |
| * |
| * This program is distributed in the hope that it will be useful, but |
| * WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * General Public License for more details. |
| * |
| * You should have received a copy of the GNU General Public License along |
| * with this program; if not, write to the Free Software Foundation, Inc., |
| * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| * |
| ********************************************************************** |
| |
| ======================================================================= |
| |
| Header file for NTP authentication |
| */ |
| |
| #ifndef GOT_NTP_AUTH_H |
| #define GOT_NTP_AUTH_H |
| |
| #include "addressing.h" |
| #include "ntp.h" |
| #include "reports.h" |
| |
| typedef struct NAU_Instance_Record *NAU_Instance; |
| |
| /* Create an authenticator instance in a specific mode */ |
| extern NAU_Instance NAU_CreateNoneInstance(void); |
| extern NAU_Instance NAU_CreateSymmetricInstance(uint32_t key_id); |
| extern NAU_Instance NAU_CreateNtsInstance(IPSockAddr *nts_address, const char *name, |
| uint32_t cert_set, uint16_t ntp_port); |
| |
| /* Destroy an instance */ |
| extern void NAU_DestroyInstance(NAU_Instance instance); |
| |
| /* Check if an instance is not in the None mode */ |
| extern int NAU_IsAuthEnabled(NAU_Instance instance); |
| |
| /* Get NTP version recommended for better compatibility */ |
| extern int NAU_GetSuggestedNtpVersion(NAU_Instance instance); |
| |
| /* Perform operations necessary for NAU_GenerateRequestAuth() */ |
| extern int NAU_PrepareRequestAuth(NAU_Instance instance); |
| |
| /* Extend a request with data required by the authentication mode */ |
| extern int NAU_GenerateRequestAuth(NAU_Instance instance, NTP_Packet *request, |
| NTP_PacketInfo *info); |
| |
| /* Verify that a request is authentic. If it is not authentic and a non-zero |
| kod code is returned, a KoD response should be sent back. */ |
| extern int NAU_CheckRequestAuth(NTP_Packet *request, NTP_PacketInfo *info, uint32_t *kod); |
| |
| /* Extend a response with data required by the authentication mode. This |
| function can be called only if the previous call of NAU_CheckRequestAuth() |
| was on the same request. */ |
| extern int NAU_GenerateResponseAuth(NTP_Packet *request, NTP_PacketInfo *request_info, |
| NTP_Packet *response, NTP_PacketInfo *response_info, |
| NTP_Remote_Address *remote_addr, |
| NTP_Local_Address *local_addr, |
| uint32_t kod); |
| |
| /* Verify that a response is authentic */ |
| extern int NAU_CheckResponseAuth(NAU_Instance instance, NTP_Packet *response, |
| NTP_PacketInfo *info); |
| |
| /* Change an authentication-specific address (e.g. after replacing a source) */ |
| extern void NAU_ChangeAddress(NAU_Instance instance, IPAddr *address); |
| |
| /* Save authentication-specific data to speed up the next start */ |
| extern void NAU_DumpData(NAU_Instance instance); |
| |
| /* Provide a report about the current authentication state */ |
| extern void NAU_GetReport(NAU_Instance instance, RPT_AuthReport *report); |
| |
| #endif |
