faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nts: provide time function to gnutls

Browse source 
Use the internal time instead of system time for validation checks in
gnutls.
This commit is contained in:
Miroslav Lichvar 2020-04-16 12:06:55 +02:00
parent 4aff08e95d
commit 2775846db7
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
nts_ke_session.c
View file

@ -31,6 +31,7 @@
#include "nts_ke_session.h" #include "nts_ke_session.h"
#include "conf.h" #include "conf.h"
#include "local.h"
#include "logging.h" #include "logging.h"
#include "memory.h" #include "memory.h"
#include "siv.h" #include "siv.h"
@ -537,6 +538,20 @@ read_write_socket(int fd, int event, void *arg)
/* ================================================== */ /* ================================================== */
static time_t
get_time(time_t *t)
{
struct timespec now;
LCL_ReadCookedTime(&now, NULL);
if (t)
*t = now.tv_sec;
return now.tv_sec;
}
/* ================================================== */
static int gnutls_initialised = 0; static int gnutls_initialised = 0;
static void static void
@ -558,6 +573,8 @@ init_gnutls(void)
if (r < 0) if (r < 0)
LOG_FATAL("Could not initialise %s : %s", "priority cache", gnutls_strerror(r)); LOG_FATAL("Could not initialise %s : %s", "priority cache", gnutls_strerror(r));
gnutls_global_set_time_function(get_time);
gnutls_initialised = 1; gnutls_initialised = 1;
} }