File: use-var-lib-ntpsec-for-cookies.patch

package info (click to toggle)
ntpsec 1.2.3%2Bdfsg1-8
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 10,960 kB
  • sloc: ansic: 62,004; python: 32,017; sh: 1,553; yacc: 1,293; makefile: 190; javascript: 138
file content (54 lines) | stat: -rw-r--r-- 2,175 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
Description: Use /var/lib/ntpsec for cookies
 This is the path used in the ntpsec packaging, to stay out of the namespace
 of the ntp package.
Forwarded: not-needed
Origin: vendor
Author: Richard Laager <rlaager@debian.org>
Last-Update: 2024-03-10
--- a/docs/NTS-QuickStart.adoc
+++ b/docs/NTS-QuickStart.adoc
@@ -129,11 +129,10 @@
 their owner and mode so `ntpd` running as user `ntpsec` can read them.
 
 You may need to tell your system where to store the keys used
-to encrypt cookies.  The default is `/var/lib/ntp/nts-keys`.
-Some distros use `/var/db/` rather than `/var/lib/`.
+to encrypt cookies.  The default is `/var/lib/ntpsec/nts-keys`.
 
 ------------------------------------------------------------
-nts cookie /var/lib/ntp/nts-keys
+nts cookie /var/lib/ntpsec/nts-keys
 ------------------------------------------------------------
 
 Again, make sure the bad guys can't read that file.
--- a/docs/includes/nts-commands.adoc
+++ b/docs/includes/nts-commands.adoc
@@ -29,7 +29,7 @@
 +cookie+ _location_::
   Use the file (or directory) specified by _location_ to
   store the keys used to make and decode cookies.  The default
-  is _/var/lib/ntp/nts-keys_.
+  is _/var/lib/ntpsec/nts-keys_.
 
 +enable+::
   Enable NTS-KE server.
@@ -104,7 +104,7 @@
   The same +aead+ algorithms are also used to encrypt cookies.
   The default is AES_SIV_CMAC_256.  There is no config file option to
   change it, but you can change it by editing the saved cookie key
-  file, probably _/var/lib/ntp/nts-keys_.  Adjust the _L:_ slot to be
+  file, probably _/var/lib/ntpsec/nts-keys_.  Adjust the _L:_ slot to be
   48 or 64 and adjust the _I:_ slots to have the right number of bytes.
   Then restart the server.  (All old cookies held by clients will be
   rejected so their next 8 NTP requests will be ignored.  They should
--- a/include/nts.h
+++ b/include/nts.h
@@ -15,7 +15,7 @@
 /* default file names */
 #define NTS_CERT_FILE "/etc/ntpsec/cert-chain.pem"
 #define NTS_KEY_FILE "/etc/ntpsec/key.pem"
-#define NTS_COOKIE_KEY_FILE "/var/lib/ntp/nts-keys"
+#define NTS_COOKIE_KEY_FILE "/var/lib/ntpsec/nts-keys"
 
 #define NTS_KE_PORT		4460
 #define NTS_KE_PORTA		"4460"