From fb0a89ee25104c910ac77f5446c80f80dec185a0 Mon Sep 17 00:00:00 2001 From: tedu Date: Thu, 29 Nov 2018 14:25:06 +0000 Subject: update for libtls default cert changes. bonus: this exposed a few missing const qualifiers. --- usr.sbin/ntpd/constraint.c | 4 ++-- usr.sbin/ntpd/ntpd.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'usr.sbin/ntpd') diff --git a/usr.sbin/ntpd/constraint.c b/usr.sbin/ntpd/constraint.c index 68db1f7cf45..76dc4f7bdf5 100644 --- a/usr.sbin/ntpd/constraint.c +++ b/usr.sbin/ntpd/constraint.c @@ -1,4 +1,4 @@ -/* $OpenBSD: constraint.c,v 1.37 2018/11/06 20:41:36 jsing Exp $ */ +/* $OpenBSD: constraint.c,v 1.38 2018/11/29 14:25:07 tedu Exp $ */ /* * Copyright (c) 2015 Reyk Floeter @@ -339,7 +339,7 @@ priv_constraint_child(const char *pw_dir, uid_t pw_uid, gid_t pw_gid) /* Init TLS and load CA certs before chroot() */ if (tls_init() == -1) fatalx("tls_init"); - if ((conf->ca = tls_load_file(TLS_CA_CERT_FILE, + if ((conf->ca = tls_load_file(tls_default_ca_cert_file(), &conf->ca_len, NULL)) == NULL) fatalx("failed to load constraint ca"); diff --git a/usr.sbin/ntpd/ntpd.c b/usr.sbin/ntpd/ntpd.c index a3847c4f4cf..a927be1a749 100644 --- a/usr.sbin/ntpd/ntpd.c +++ b/usr.sbin/ntpd/ntpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.c,v 1.118 2018/11/06 20:41:36 jsing Exp $ */ +/* $OpenBSD: ntpd.c,v 1.119 2018/11/29 14:25:07 tedu Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -248,7 +248,7 @@ main(int argc, char *argv[]) * Constraint processes are forked with certificates in memory, * then privdrop into chroot before speaking to the outside world. */ - if (unveil(TLS_CA_CERT_FILE, "r") == -1) + if (unveil(tls_default_ca_cert_file(), "r") == -1) err(1, "unveil"); if (unveil("/usr/sbin/ntpd", "x") == -1) err(1, "unveil"); -- cgit v1.2.3-59-g8ed1b