nts: update NTS-KE port number

The port assigned by IANA for NTS-KE is 4460.

diff --git a/conf.c b/conf.c
index f140a68d3ad8cc68b377c64cd08cbb50485dbf56..d0f002c9e3240e816f8bf8bfdfc06b3badb36830 100644 (file)
--- a/conf.c
+++ b/conf.c
@@ -33,6 +33,7 @@
 #include "conf.h"
 #include "ntp_sources.h"
 #include "ntp_core.h"
+#include "nts_ke.h"
 #include "refclock.h"
 #include "cmdmon.h"
 #include "srcparams.h"
@@ -243,7 +244,7 @@ static char *nts_dump_dir = NULL;
 static char *nts_ntp_server = NULL;
 static char *nts_server_cert_file = NULL;
 static char *nts_server_key_file = NULL;
-static int nts_server_port = 11443;
+static int nts_server_port = NKE_PORT;
 static int nts_server_processes = 1;
 static int nts_server_connections = 100;
 static int nts_refresh = 2419200; /* 4 weeks */

diff --git a/doc/chrony.conf.adoc b/doc/chrony.conf.adoc
index b03862945d4659b898566cb3b540bcffdce5cccd..0f4d74c84f8b93d7160979406e183ff77736a003 100644 (file)
--- a/doc/chrony.conf.adoc
+++ b/doc/chrony.conf.adoc
@@ -228,7 +228,7 @@ be specified. For normal servers this option should not be required (the
 default is 123, the standard NTP port).
 *ntsport* _port_:::
 This option specifies the TCP port on which the server is listening for NTS-KE
-connections when the *nts* option is enabled. The default is 11443.
+connections when the *nts* option is enabled. The default is 4460.
 *presend* _poll_:::
 If the timing measurements being made by *chronyd* are the only network data
 passing between two computers, you might find that some measurements are badly
@@ -1472,7 +1472,7 @@ ntpsigndsocket /var/lib/samba/ntp_signd
 
 [[ntsport]]*ntsport* _port_::
 This directive specifies the TCP port on which *chronyd* will provide the NTS
-Key Establishment (NTS-KE) service. The default port is 11443.
+Key Establishment (NTS-KE) service. The default port is 4460.
 +
 The port will be open only when a certificate and key is specified by the
 *ntsservercert* and *ntsserverkey* directives.

diff --git a/nts_ke.h b/nts_ke.h
index ed6fdc758664af1e1d4d0c7371de3c88a46dddee..e7497af00f779e4bc956f0500071514bc5d89df5 100644 (file)
--- a/nts_ke.h
+++ b/nts_ke.h
@@ -29,6 +29,8 @@
 
 #include "siv.h"
 
+#define NKE_PORT                        4460
+
 #define NKE_RECORD_CRITICAL_BIT         (1U << 15)
 #define NKE_RECORD_END_OF_MESSAGE       0
 #define NKE_RECORD_NEXT_PROTOCOL        1

diff --git a/srcparams.h b/srcparams.h
index 59d8a2348d81f441c0d5084a79d4394866543c23..529013812e13a2cb3fab6a3e7ea2f3bb62a3121c 100644 (file)
--- a/srcparams.h
+++ b/srcparams.h
@@ -76,7 +76,7 @@ typedef struct {
 #define SRC_DEFAULT_MINSAMPLES (-1)
 #define SRC_DEFAULT_MAXSAMPLES (-1)
 #define SRC_DEFAULT_ASYMMETRY 1.0
-#define SRC_DEFAULT_NTSPORT 11443
+#define SRC_DEFAULT_NTSPORT 4460
 #define INACTIVE_AUTHKEY 0
 
 /* Flags for source selection */

diff --git a/test/simulation/139-nts b/test/simulation/139-nts
index ddfb9b2824e301c47b388d65e81f110d6e25eec5..b0d9917b472e3e933e43b6e72b1cd08e2af9d6c2 100755 (executable)
--- a/test/simulation/139-nts
+++ b/test/simulation/139-nts
@@ -46,7 +46,7 @@ check_sync || test_fail
 
 check_file_messages "20.*123\.1.* 111 111 1111" 75 80 measurements.log || test_fail
 check_file_messages "20.*123\.1.* 111 001 0000" 37 39 measurements.log || test_fail
-check_file_messages "  2       1       .*      11443   " 260 300 log.packets || test_fail
+check_file_messages "  2       1       .*      4460    " 260 300 log.packets || test_fail
 check_file_messages "." 6 6 ntskeys || test_fail
 rm -f tmp/measurements.log
 
@@ -61,7 +61,7 @@ check_sync || test_fail
 
 check_file_messages "20.*123\.1.* 111 111 1111" 99 103 measurements.log || test_fail
 check_file_messages "20.*123\.1.* 111 001 0000" 0 0 measurements.log || test_fail
-check_file_messages "  2       1       .*      11443   " 350 390 log.packets || test_fail
+check_file_messages "  2       1       .*      4460    " 350 390 log.packets || test_fail
 check_file_messages "." 6 6 ntskeys || test_fail
 check_file_messages "." 11 12 192.168.123.1.nts || test_fail
 rm -f tmp/measurements.log
@@ -80,8 +80,8 @@ check_sync || test_fail
 
 check_file_messages "20.*123\.1.* 111 111 1111" 150 160 measurements.log || test_fail
 check_file_messages "20.*123\.1.* 111 001 0000" 0 0 measurements.log || test_fail
-check_file_messages "  2       1       .*      11443   " 6 10 log.packets || test_fail
-check_file_messages "^9\.......e+03    2       1       .*      11443   " 6 10 log.packets || test_fail
+check_file_messages "  2       1       .*      4460    " 6 10 log.packets || test_fail
+check_file_messages "^9\.......e+03    2       1       .*      4460    " 6 10 log.packets || test_fail
 check_file_messages "." 6 6 ntskeys || test_fail
 check_file_messages "." 11 12 192.168.123.1.nts || test_fail
 rm -f tmp/measurements.log
@@ -95,6 +95,6 @@ check_source_selection && test_fail
 check_sync && test_fail
 
 check_file_messages "  2       1       .*      123     " 0 0 log.packets || test_fail
-check_file_messages "  2       1       .*      11443   " 10 20 log.packets || test_fail
+check_file_messages "  2       1       .*      4460    " 10 20 log.packets || test_fail
 
 test_pass