nts: provide time function to gnutls

Use the internal time instead of system time for validation checks in
gnutls.

diff --git a/nts_ke_session.c b/nts_ke_session.c
index 2883273841d57620f60935f78d64c8e218bfeae0..78c9735460bb461eee9fe9931742847f4557d332 100644 (file)
--- a/nts_ke_session.c
+++ b/nts_ke_session.c
@@ -31,6 +31,7 @@
 #include "nts_ke_session.h"
 
 #include "conf.h"
+#include "local.h"
 #include "logging.h"
 #include "memory.h"
 #include "siv.h"
@@ -537,6 +538,20 @@ read_write_socket(int fd, int event, void *arg)
 
 /* ================================================== */
 
+static time_t
+get_time(time_t *t)
+{
+  struct timespec now;
+
+  LCL_ReadCookedTime(&now, NULL);
+  if (t)
+    *t = now.tv_sec;
+
+  return now.tv_sec;
+}
+
+/* ================================================== */
+
 static int gnutls_initialised = 0;
 
 static void
@@ -558,6 +573,8 @@ init_gnutls(void)
   if (r < 0)
     LOG_FATAL("Could not initialise %s : %s", "priority cache", gnutls_strerror(r));
 
+  gnutls_global_set_time_function(get_time);
+
   gnutls_initialised = 1;
 }