clientlog: add NTS-KE service

Instead of sharing the NTP rate limiting with NTS-KE, specify a new
service for NTS-KE and use it in the NTS-KE server.

Add ntsratelimit directive for configuration.

conf.c

@@ -204,6 +204,10 @@ static int ntp_ratelimit_enabled = 0;
 static int ntp_ratelimit_interval = 3;
 static int ntp_ratelimit_burst = 8;
 static int ntp_ratelimit_leak = 2;
+static int nts_ratelimit_enabled = 0;
+static int nts_ratelimit_interval = 6;
+static int nts_ratelimit_burst = 8;
+static int nts_ratelimit_leak = 2;
 static int cmd_ratelimit_enabled = 0;
 static int cmd_ratelimit_interval = -4;
 static int cmd_ratelimit_burst = 8;
@@ -577,6 +581,9 @@ CNF_ParseLine(const char *filename, int number, char *line)
     no_system_cert = parse_null(p);
   } else if (!strcasecmp(command, "ntpsigndsocket")) {
     parse_string(p, &ntp_signd_socket);
+  } else if (!strcasecmp(command, "ntsratelimit")) {
+    parse_ratelimit(p, &nts_ratelimit_enabled, &nts_ratelimit_interval,
+                    &nts_ratelimit_burst, &nts_ratelimit_leak);
   } else if (!strcasecmp(command, "ntstrustedcerts")) {
     parse_string(p, &nts_trusted_cert_file);
   } else if (!strcasecmp(command, "ntscachedir") ||
@@ -2093,6 +2100,16 @@ int CNF_GetNTPRateLimit(int *interval, int *burst, int *leak)
 
 /* ================================================== */
 
+int CNF_GetNtsRateLimit(int *interval, int *burst, int *leak)
+{
+  *interval = nts_ratelimit_interval;
+  *burst = nts_ratelimit_burst;
+  *leak = nts_ratelimit_leak;
+  return nts_ratelimit_enabled;
+}
+
+/* ================================================== */
+
 int CNF_GetCommandRateLimit(int *interval, int *burst, int *leak)
 {
   *interval = cmd_ratelimit_interval;