Skip to main content

ntp_server/
lib.rs

1// Copyright 2026 U.S. Federal Government (in countries where recognized)
2// SPDX-License-Identifier: Apache-2.0
3
4//! NTP server library with tokio/smol runtime support and NTS-KE.
5//!
6//! This crate provides NTPv4 server implementations using either the tokio
7//! or smol async runtimes, with optional NTS (Network Time Security) support.
8//!
9//! # Feature Flags
10//!
11//! | Feature | Default | Description |
12//! |---------|---------|-------------|
13//! | `tokio` | no | NTP server using the tokio runtime. |
14//! | `smol-runtime` | no | NTP server using the smol runtime. |
15//! | `nts` | no | NTS-KE server (RFC 8915) via tokio + tokio-rustls. Implies `tokio`. |
16//! | `nts-smol` | no | NTS-KE server via smol + futures-rustls. Implies `smol-runtime`. Cannot be combined with `nts` (different TLS backends). |
17//! | `pq-nts` | no | Enable post-quantum key exchange for NTS (ML-KEM via aws-lc-rs). |
18//! | `symmetric` | no | NTP symmetric passive mode (RFC 5905 mode 2). |
19//! | `broadcast` | no | NTP broadcast mode (mode 5). Deprecated by RFC 8633. |
20//! | `refclock` | no | Reference clock support for Stratum 1. Implies `tokio`, pulls in `ntp_usg-client`. |
21//! | `gps` | no | GPS reference clock driver. Implies `refclock`. |
22//! | `pps` | no | PPS reference clock driver. Implies `refclock`. |
23//! | `socket-opts` | no | DSCP, `IPV6_V6ONLY`, and multicast socket options via `socket2`. |
24//! | `ipv4` | no | Default to `0.0.0.0` instead of `[::]` for listen addresses. |
25//! | `ntpv5` | no | NTPv5 draft support (draft-ietf-ntp-ntpv5). |
26
27#![warn(missing_docs)]
28
29// Re-export protocol types from ntp_proto for convenience.
30pub use ntp_proto::{error, extension, protocol, unix_time};
31
32/// Shared NTS logic re-exported from `ntp_proto`.
33#[cfg(any(feature = "nts", feature = "nts-smol"))]
34pub(crate) use ntp_proto::nts_common;
35
36/// TLS configuration for NTS-KE server (crypto provider selection).
37#[cfg(any(feature = "nts", feature = "nts-smol"))]
38pub(crate) mod tls_config;
39
40/// Default listen address based on the `ipv4` feature flag.
41///
42/// Without `ipv4`: binds to `[::]` (IPv6 dual-stack, accepts both IPv4 and IPv6).
43/// With `ipv4`: binds to `0.0.0.0` (IPv4 only).
44#[cfg(any(feature = "tokio", feature = "smol-runtime"))]
45pub(crate) fn default_listen_addr(port: u16) -> String {
46    #[cfg(not(feature = "ipv4"))]
47    {
48        format!("[::]:{port}")
49    }
50    #[cfg(feature = "ipv4")]
51    {
52        format!("0.0.0.0:{port}")
53    }
54}
55
56/// Socket options for `IPV6_V6ONLY` and DSCP/Traffic Class control.
57#[cfg(any(feature = "tokio", feature = "smol-runtime"))]
58mod socket_opts;
59
60/// Shared types and logic for the NTP server.
61///
62/// Provides request validation, response building, rate limiting, access control,
63/// and interleaved mode tracking per RFC 5905, RFC 8633, and RFC 9769.
64#[cfg(any(feature = "tokio", feature = "smol-runtime"))]
65pub mod server_common;
66
67/// NTP server using the Tokio runtime.
68///
69/// Provides a configurable NTPv4 server that responds to client requests.
70#[cfg(feature = "tokio")]
71pub mod server;
72
73/// NTP server using the smol runtime.
74///
75/// Provides the same server functionality as [`server`] but using the smol
76/// async runtime.
77#[cfg(feature = "smol-runtime")]
78pub mod smol_server;
79
80/// Shared NTS server logic (cookie generation, master key management, NTS request processing).
81#[cfg(any(feature = "nts", feature = "nts-smol"))]
82pub mod nts_server_common;
83
84/// NTS-KE server using the Tokio runtime (RFC 8915).
85///
86/// Provides a TLS 1.3 listener for NTS Key Establishment, distributing cookies
87/// and negotiating AEAD algorithms with NTS clients.
88#[cfg(feature = "nts")]
89pub mod nts_ke_server;
90
91/// NTS-KE server using the smol runtime (RFC 8915).
92///
93/// Provides the same NTS-KE server functionality as [`nts_ke_server`] but
94/// using the smol async runtime and futures-rustls.
95#[cfg(feature = "nts-smol")]
96pub mod smol_nts_ke_server;
97
98/// NTP broadcast mode (mode 5) packet building per RFC 5905 Section 8.
99///
100/// Deprecated by BCP 223 (RFC 8633) but implemented for spec completeness.
101#[cfg(all(
102    feature = "broadcast",
103    any(feature = "tokio", feature = "smol-runtime")
104))]
105pub mod broadcast;
106
107/// IPv6 multicast NTP discovery support.
108///
109/// Extends broadcast mode with IPv6-specific multicast group management
110/// using `socket2` for `IPV6_JOIN_GROUP` socket options.
111#[cfg(feature = "socket-opts")]
112pub mod multicast;