planix.org/actube
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added dh_params stuff.

Browse Source 
FossilOrigin-Name: b6b4b1d0e022a160dd80e9953331fbd44093f601ddffbdec09acc1c4ef3463ef
This commit is contained in:
7u83@mail.ru 2015-03-09 22:51:13 +00:00
parent 5f25dcd395
commit 9dedf1cb7a
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/capwap/dtls_gnutls.c
View File

@ -63,8 +63,10 @@ int dtls_gnutls_write(struct conn * conn, const uint8_t *buffer, int len)
int dtls_gnutls_read(struct conn * conn, uint8_t *buffer, int len)
{
uint8_t seq[8];
struct dtls_gnutls_data * d = conn->dtls_data;
int rc = gnutls_record_recv(d->session,buffer,len);
int rc = gnutls_record_recv_seq(d->session,buffer,len,seq);
if ( rc == GNUTLS_E_AGAIN )
return 0;
@ -100,6 +102,21 @@ struct dtls_gnutls_data *dtls_gnutls_data_create(struct conn *conn,int config)
return 0;
}
int bits;
bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_INSECURE);
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. When short bit length is used, it might
* be wise to regenerate parameters often.
*/
gnutls_dh_params_init(&d->dh_params);
gnutls_dh_params_generate2(d->dh_params, bits);
gnutls_certificate_set_dh_params(d->x509_cred, d->dh_params);
/* Set ciphers */
const char *errpos;
rc = gnutls_priority_init(&d->priority_cache, conn->dtls_cipher, &errpos);