nts: save new server keys on start

If ntsdumpdir is specified and the server NTS keys are not reloaded from the file, save the generated keys on start instead of waiting for the first rotation or exit. This allows the keys to be shared with another server without having to use the dump command.
2020-10-07 15:26:40 +02:00 · 2020-10-07 15:26:40 +02:00 · d327cfea5a
commit d327cfea5a
parent c94e7c72e7
1 changed files with 10 additions and 6 deletions
--- a/nts_ke_server.c
+++ b/nts_ke_server.c
@ -556,7 +556,7 @@ error:

 #define MAX_WORDS 2

-static void
+static int
 load_keys(void)
 {
  char *dump_dir, line[1024], *words[MAX_WORDS];
@ -568,11 +568,11 @@ load_keys(void)

  dump_dir = CNF_GetNtsDumpDir();
  if (!dump_dir)
-    return;
+    return 0;

  f = UTI_OpenFile(dump_dir, DUMP_FILENAME, NULL, 'r', 0);
  if (!f)
-    return;
+    return 0;

  if (!fgets(line, sizeof (line), f) || strcmp(line, DUMP_IDENTIFIER) != 0 ||
      !fgets(line, sizeof (line), f) || UTI_SplitString(line, words, MAX_WORDS) != 2 ||
@ -607,11 +607,13 @@ load_keys(void)

  fclose(f);

-  return;
+  return 1;

 error:
  DEBUG_LOG("Could not %s server keys", "load");
  fclose(f);
+
+  return 0;
 }

 /* ================================================== */
@ -764,10 +766,12 @@ NKS_Initialise(void)
    server_sock_fd4 = open_socket(IPADDR_INET4);
    server_sock_fd6 = open_socket(IPADDR_INET6);

-    load_keys();
-
    key_rotation_interval = MAX(CNF_GetNtsRotate(), 0);

+    /* Reload saved keys, or save the new keys */
+    if (!load_keys())
+      save_keys();
+
    if (key_rotation_interval > 0) {
      key_delay = key_rotation_interval - (SCH_GetLastEventMonoTime() - last_server_key_ts);
      SCH_AddTimeoutByDelay(MAX(key_delay, 0.0), key_timeout, NULL);