ntp: add support for MS-SNTP authentication in Samba

Add support for authenticating MS-SNTP responses in Samba (ntp_signd).
Supported is currently only the old MS-SNTP authenticator field. It's
disabled by default. It can be enabled with the --enable-ntp-signd
configure option and the ntpsigndsocket directive, which specifies the
location of the Samba ntp_signd socket.

conf.c

@@ -181,6 +181,9 @@ static IPAddr bind_cmd_address4, bind_cmd_address6;
 /* Path to the Unix domain command socket. */
 static char *bind_cmd_path;
 
+/* Path to Samba (ntp_signd) socket. */
+static char *ntp_signd_socket = NULL;
+
 /* Filename to use for storing pid of running chronyd, to prevent multiple
  * chronyds being started. */
 static char *pidfile;
@@ -361,6 +364,7 @@ CNF_Finalise(void)
   Free(leapsec_tz);
   Free(logdir);
   Free(bind_cmd_path);
+  Free(ntp_signd_socket);
   Free(pidfile);
   Free(rtc_device);
   Free(rtc_file);
@@ -506,6 +510,8 @@ CNF_ParseLine(const char *filename, int number, char *line)
     parse_int(p, &min_sources);
   } else if (!strcasecmp(command, "noclientlog")) {
     no_client_log = parse_null(p);
+  } else if (!strcasecmp(command, "ntpsigndsocket")) {
+    parse_string(p, &ntp_signd_socket);
   } else if (!strcasecmp(command, "peer")) {
     parse_source(p, NTP_PEER, 0);
   } else if (!strcasecmp(command, "pidfile")) {
@@ -1736,6 +1742,14 @@ CNF_GetBindCommandAddress(int family, IPAddr *addr)
 
 /* ================================================== */
 
+char *
+CNF_GetNtpSigndSocket(void)
+{
+  return ntp_signd_socket;
+}
+
+/* ================================================== */
+
 char *
 CNF_GetPidFile(void)
 {