DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 19:45:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

conf: add set selection to ntstrustedcerts

Browse Source 
Add an optional set-ID argument to the ntstrustedcerts directive to
enable multiple sets of trusted certificates to be specified.
This commit is contained in:
Miroslav Lichvar
2021-02-18 17:15:10 +01:00
parent 6615bb1b78
commit a8bc25e543
4 changed files with 46 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nts_ke_client.c
View File

@@ -283,9 +283,7 @@ NKC_CreateInstance(IPSockAddr *address, const char *name, uint32_t cert_set)
inst->destroying = 0;
inst->got_response = 0;
n_certs = CNF_GetNtsTrustedCertsPaths(&trusted_certs);
certs_ids = MallocArray(uint32_t, n_certs);
memset(certs_ids, 0, sizeof (uint32_t) * n_certs);
n_certs = CNF_GetNtsTrustedCertsPaths(&trusted_certs, &certs_ids);
/* Share the credentials among clients using the default set of trusted
certificates, which likely contains most certificates */
@@ -301,8 +299,6 @@ NKC_CreateInstance(IPSockAddr *address, const char *name, uint32_t cert_set)
n_certs, cert_set);
}
Free(certs_ids);
return inst;
}