From 9dedf1cb7a54c3ef6c9363ded09392d1bd931ec8 Mon Sep 17 00:00:00 2001
From: "7u83@mail.ru" <7u83@mail.ru@noemail.net>
Date: Mon, 9 Mar 2015 22:51:13 +0000
Subject: [PATCH] Added dh_params stuff.

FossilOrigin-Name: b6b4b1d0e022a160dd80e9953331fbd44093f601ddffbdec09acc1c4ef3463ef
---
 src/capwap/dtls_gnutls.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/src/capwap/dtls_gnutls.c b/src/capwap/dtls_gnutls.c
index f26f8d9e..328ee2a6 100644
--- a/src/capwap/dtls_gnutls.c
+++ b/src/capwap/dtls_gnutls.c
@@ -63,8 +63,10 @@ int dtls_gnutls_write(struct conn * conn, const uint8_t *buffer, int len)
 
 int dtls_gnutls_read(struct conn * conn, uint8_t *buffer, int len)
 {
+	uint8_t seq[8];
+	
 	struct dtls_gnutls_data * d = conn->dtls_data;
-	int rc = gnutls_record_recv(d->session,buffer,len);
+	int rc = gnutls_record_recv_seq(d->session,buffer,len,seq);
 
 	if ( rc == GNUTLS_E_AGAIN )
 		return 0;
@@ -100,6 +102,21 @@ struct dtls_gnutls_data *dtls_gnutls_data_create(struct conn *conn,int config)
 		return 0;
 	}
 
+
+
+	int bits;
+	bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_INSECURE);
+        /* Generate Diffie-Hellman parameters - for use with DHE
+         * kx algorithms. When short bit length is used, it might
+         * be wise to regenerate parameters often.
+         */
+        gnutls_dh_params_init(&d->dh_params);
+        gnutls_dh_params_generate2(d->dh_params, bits);
+        gnutls_certificate_set_dh_params(d->x509_cred, d->dh_params);
+
+
+
+
 	/* Set ciphers */
 	const char *errpos;
 	rc = gnutls_priority_init(&d->priority_cache, conn->dtls_cipher, &errpos);