proto: enhance ntp configuration

1. allow to set more than one NTP server
2. allow to make NTP servers from cloud controller exclusively used,
   i.e. the NTP servers that got announced via DHCP are not used
   (in certain cases this an attacker might send DHCP responses with
   a different NTP server set and therefore can control time on EVE)

Signed-off-by: Christoph Ostarek <christoph@zededa.com>

proto/config/netcmn.proto

@@ -83,12 +83,25 @@ message ipspec {
   string subnet = 3;
   string gateway = 5;
   string domain = 6;
+  // ntp and more_ntp are used to specify several NTP servers
   string ntp = 7;
+  repeated string more_ntp = 10;
   repeated string dns = 8;
 
   // for IPAM management when dhcp is turned on.
   // If none provided, system will default pool.
   ipRange dhcpRange = 9;
+
+  DhcpOptionsIgnore dhcp_options_ignore = 11;
+}
+
+// DhcpOptionsIgnore is used to ignore dhcp options like f.e. the NTP servers
+// - currently no other options are supported, but DNS servers might be a
+// good candidate in the future
+message DhcpOptionsIgnore {
+  // use exclusively specified NTP servers
+  // if set to true and no NTP server is provided then no NTP servers should be used
+  bool ntp_server_exclusively = 1;
 }
 
 enum NetworkType {
@@ -143,4 +156,4 @@ message ConnectivityProbe {
   // Endpoint to probe using the selected probing mechanism to determine
   // the connectivity status.
   ProbeEndpoint probe_endpoint = 2;
-}
+}

proto/info/info.proto

@@ -766,7 +766,9 @@ message DevicePort {
   string gateway = 13;
   // domainname - OBSOLETE - obsoleted by dns
   string domainname = 14;
+  // ntpServer and more_ntp_servers are used to report several NTP servers
   string ntpServer = 15;
+  repeated string more_ntp_servers = 35;
   // dnsServers - OBSOLETE - obsoleted by dns
   repeated string dnsServers = 16;
   string dhcpRangeLow = 17;