};
#define DH_BITS 1024
-static gnutls_anon_server_credentials_t
-ssl_server_get_credentials (void)
+void *
+hc_conn_ssl_server_init_credentials (char *certfile, char *keyfile)
{
static int initialized = 0;
- static gnutls_anon_server_credentials_t cred;
+ static gnutls_certificate_credentials_t cred;
gnutls_dh_params_t dh_params;
if (initialized)
return cred;
gnutls_dh_params_init (&dh_params);
gnutls_dh_params_generate2 (dh_params, DH_BITS);
- gnutls_anon_allocate_server_credentials (&cred);
- gnutls_anon_set_server_dh_params (cred, dh_params);
+ gnutls_certificate_allocate_credentials (&cred);
+ gnutls_certificate_set_x509_key_file (cred, certfile, keyfile,
+ GNUTLS_X509_FMT_PEM);
+ gnutls_certificate_set_dh_params (cred, dh_params);
initialized = 1;
return cred;
}
+static void *
+ssl_server_get_credentials(void)
+{
+ return hc_conn_ssl_server_init_credentials (NULL, NULL);
+}
+
static void
ssl_server_session_new (gnutls_session_t *session)
{
- static gnutls_anon_server_credentials_t cred;
+ static void *cred;
cred = ssl_server_get_credentials ();
gnutls_init (session, GNUTLS_SERVER);
- gnutls_priority_set_direct (*session, "NORMAL:+ANON-DH", NULL);
- gnutls_credentials_set (*session, GNUTLS_CRD_ANON, cred);
+ gnutls_priority_set_direct (*session, "NORMAL", NULL);
+ gnutls_credentials_set (*session, GNUTLS_CRD_CERTIFICATE, cred);
gnutls_dh_set_prime_bits (*session, DH_BITS);
}
#undef DH_BITS
projects / cascardo / rnetproxy.git / blobdiff