From 2775846db79a763b778e9dc9e5c30c6207e27f2a Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Thu, 16 Apr 2020 12:06:55 +0200
Subject: [PATCH] nts: provide time function to gnutls

Use the internal time instead of system time for validation checks in
gnutls.
---
 nts_ke_session.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/nts_ke_session.c b/nts_ke_session.c
index 2883273..78c9735 100644
--- a/nts_ke_session.c
+++ b/nts_ke_session.c
@@ -31,6 +31,7 @@
 #include "nts_ke_session.h"
 
 #include "conf.h"
+#include "local.h"
 #include "logging.h"
 #include "memory.h"
 #include "siv.h"
@@ -537,6 +538,20 @@ read_write_socket(int fd, int event, void *arg)
 
 /* ================================================== */
 
+static time_t
+get_time(time_t *t)
+{
+  struct timespec now;
+
+  LCL_ReadCookedTime(&now, NULL);
+  if (t)
+    *t = now.tv_sec;
+
+  return now.tv_sec;
+}
+
+/* ================================================== */
+
 static int gnutls_initialised = 0;
 
 static void
@@ -558,6 +573,8 @@ init_gnutls(void)
   if (r < 0)
     LOG_FATAL("Could not initialise %s : %s", "priority cache", gnutls_strerror(r));
 
+  gnutls_global_set_time_function(get_time);
+
   gnutls_initialised = 1;
 }