#define MAX_SERVER_KEYS (1U << KEY_ID_INDEX_BITS)
#define FUTURE_KEYS 1
-#define MIN_KEY_ROTATE_INTERVAL 1.0
-
#define DUMP_FILENAME "ntskeys"
#define DUMP_IDENTIFIER "NKS0\n"
static ServerKey server_keys[MAX_SERVER_KEYS];
static int current_server_key;
static double last_server_key_ts;
+static int key_rotation_interval;
static int server_sock_fd4;
static int server_sock_fd6;
double last_key_age;
FILE *f;
+ /* Don't save the keys if rotation is disabled to enable an external
+ management of the keys (e.g. share them with another server) */
+ if (key_rotation_interval == 0)
+ return;
+
dump_dir = CNF_GetNtsDumpDir();
if (!dump_dir)
return;
generate_key((current_server_key + FUTURE_KEYS) % MAX_SERVER_KEYS);
save_keys();
- SCH_AddTimeoutByDelay(MAX(CNF_GetNtsRotate(), MIN_KEY_ROTATE_INTERVAL),
- key_timeout, NULL);
+ SCH_AddTimeoutByDelay(key_rotation_interval, key_timeout, NULL);
}
/* ================================================== */
load_keys();
- key_delay = MAX(CNF_GetNtsRotate(), MIN_KEY_ROTATE_INTERVAL) -
- (SCH_GetLastEventMonoTime() - last_server_key_ts);
- SCH_AddTimeoutByDelay(MAX(key_delay, 0.0), key_timeout, NULL);
+ key_rotation_interval = MAX(CNF_GetNtsRotate(), 0);
+
+ if (key_rotation_interval > 0) {
+ key_delay = key_rotation_interval - (SCH_GetLastEventMonoTime() - last_server_key_ts);
+ SCH_AddTimeoutByDelay(MAX(key_delay, 0.0), key_timeout, NULL);
+ }
processes = CNF_GetNtsServerProcesses();
projects / thirdparty / chrony.git / commitdiff
