diff options
Diffstat (limited to 'include/ntp_crypto.h')
-rw-r--r-- | include/ntp_crypto.h | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/include/ntp_crypto.h b/include/ntp_crypto.h index fb1955c..14795e7 100644 --- a/include/ntp_crypto.h +++ b/include/ntp_crypto.h @@ -31,9 +31,10 @@ /* * Flags used for certificate management */ -#define CERT_SIGN 0x01 /* certificate is signed */ -#define CERT_TRUST 0x02 /* certificate is trusted */ -#define CERT_PRIV 0x04 /* certificate is private */ +#define CERT_TRUST 0x01 /* certificate is trusted */ +#define CERT_SIGN 0x02 /* certificate is signed */ +#define CERT_VALID 0x04 /* certificate is valid */ +#define CERT_PRIV 0x08 /* certificate is private */ #define CERT_ERROR 0x80 /* certificate has errors */ /* @@ -63,17 +64,19 @@ #define XEVNT_LEN XEVNT_CMD(1) /* bad field format or length */ #define XEVNT_TSP XEVNT_CMD(2) /* bad timestamp */ #define XEVNT_FSP XEVNT_CMD(3) /* bad filestamp */ -#define XEVNT_PUB XEVNT_CMD(4) /* bad procedure or data */ +#define XEVNT_PUB XEVNT_CMD(4) /* bad or missing public key */ #define XEVNT_MD XEVNT_CMD(5) /* unsupported digest type */ #define XEVNT_KEY XEVNT_CMD(6) /* unsupported identity type */ #define XEVNT_SGL XEVNT_CMD(7) /* bad signature length */ #define XEVNT_SIG XEVNT_CMD(8) /* signature not verified */ #define XEVNT_VFY XEVNT_CMD(9) /* certificate not verified */ -#define XEVNT_PER XEVNT_CMD(10) /* certificate expired */ +#define XEVNT_PER XEVNT_CMD(10) /* host certificate expired */ #define XEVNT_CKY XEVNT_CMD(11) /* bad or missing cookie */ #define XEVNT_DAT XEVNT_CMD(12) /* bad or missing leapseconds table */ #define XEVNT_CRT XEVNT_CMD(13) /* bad or missing certificate */ -#define XEVNT_ID XEVNT_CMD(14) /* bad or missing identification */ +#define XEVNT_ID XEVNT_CMD(14) /* bad or missing group key */ +#define XEVNT_ERR XEVNT_CMD(15) /* protocol error */ +#define XEVNT_SRV XEVNT_CMD(16) /* server certificate expired */ /* * Configuration codes @@ -90,6 +93,7 @@ #define CRYPTO_CONF_GQPAR 9 /* GQ parameters file name */ #define CRYPTO_CONF_MVPAR 10 /* GQ parameters file name */ #define CRYPTO_CONF_PW 11 /* private key password */ +#define CRYPTO_CONF_IDENT 12 /* specify identity scheme */ /* * Miscellaneous crypto stuff @@ -98,6 +102,7 @@ #define NTP_AUTOMAX 13 /* log2 default max session key life */ #define KEY_REVOKE 16 /* log2 default key revoke timeout */ #define NTP_MAXEXTEN 1024 /* maximum extension field size */ +#define TAI_1972 10 /* initial TAI offset (s) */ /* * The autokey structure holds the values used to authenticate key IDs. @@ -145,8 +150,8 @@ struct cert_info { int nid; /* signature/digest ID */ const EVP_MD *digest; /* message digest algorithm */ u_long serial; /* serial number */ - tstamp_t first; /* valid not before */ - tstamp_t last; /* valid not after */ + tstamp_t first; /* not valid before */ + tstamp_t last; /* not valid after */ char *subject; /* subject common name */ char *issuer; /* issuer common name */ u_char *grpkey; /* GQ group key */ @@ -162,5 +167,4 @@ extern u_int crypto_flags; /* status word */ extern struct value hostval; /* host name/value */ extern struct cert_info *cinfo; /* host certificate information */ extern struct value tai_leap; /* leapseconds table */ -extern u_int sys_tai; /* current UTC offset from TAI */ #endif /* OPENSSL */ |