diff options
Diffstat (limited to 'src/gnutls/setup_connection.c')
-rw-r--r-- | src/gnutls/setup_connection.c | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/gnutls/setup_connection.c b/src/gnutls/setup_connection.c new file mode 100644 index 00000000..c789613d --- /dev/null +++ b/src/gnutls/setup_connection.c | |||
@@ -0,0 +1,57 @@ | |||
1 | |||
2 | |||
3 | setup_connection () | ||
4 | { | ||
5 | connection->tls_state = MHD_TLS_CONN_INIT; | ||
6 | MHD_set_https_callbacks (connection); | ||
7 | gnutls_init (&connection->tls_session, | ||
8 | GNUTLS_SERVER | ||
9 | #if (GNUTLS_VERSION_NUMBER+0 >= 0x030402) | ||
10 | | GNUTLS_NO_SIGNAL | ||
11 | #endif /* GNUTLS_VERSION_NUMBER >= 0x030402 */ | ||
12 | #if GNUTLS_VERSION_MAJOR >= 3 | ||
13 | | GNUTLS_NONBLOCK | ||
14 | #endif /* GNUTLS_VERSION_MAJOR >= 3*/ | ||
15 | ); | ||
16 | gnutls_priority_set (connection->tls_session, | ||
17 | daemon->priority_cache); | ||
18 | switch (daemon->cred_type) | ||
19 | { | ||
20 | /* set needed credentials for certificate authentication. */ | ||
21 | case GNUTLS_CRD_CERTIFICATE: | ||
22 | gnutls_credentials_set (connection->tls_session, | ||
23 | GNUTLS_CRD_CERTIFICATE, | ||
24 | daemon->x509_cred); | ||
25 | break; | ||
26 | default: | ||
27 | #ifdef HAVE_MESSAGES | ||
28 | MHD_DLOG (connection->daemon, | ||
29 | _("Failed to setup TLS credentials: unknown credential type %d\n"), | ||
30 | daemon->cred_type); | ||
31 | #endif | ||
32 | MHD_socket_close_chk_ (client_socket); | ||
33 | MHD_ip_limit_del (daemon, | ||
34 | addr, | ||
35 | addrlen); | ||
36 | free (connection); | ||
37 | MHD_PANIC (_("Unknown credential type")); | ||
38 | #if EINVAL | ||
39 | errno = EINVAL; | ||
40 | #endif | ||
41 | return MHD_NO; | ||
42 | } | ||
43 | #if (GNUTLS_VERSION_NUMBER+0 >= 0x030109) && !defined(_WIN64) | ||
44 | gnutls_transport_set_int (connection->tls_session, (int)(client_socket)); | ||
45 | #else /* GnuTLS before 3.1.9 or Win x64 */ | ||
46 | gnutls_transport_set_ptr (connection->tls_session, (gnutls_transport_ptr_t)(intptr_t)(client_socket)); | ||
47 | #endif /* GnuTLS before 3.1.9 */ | ||
48 | #ifdef MHD_TLSLIB_NEED_PUSH_FUNC | ||
49 | gnutls_transport_set_push_function (connection->tls_session, MHD_tls_push_func_); | ||
50 | #endif /* MHD_TLSLIB_NEED_PUSH_FUNC */ | ||
51 | if (daemon->https_mem_trust) | ||
52 | gnutls_certificate_server_set_request (connection->tls_session, | ||
53 | GNUTLS_CERT_REQUEST); | ||
54 | #else /* ! HTTPS_SUPPORT */ | ||
55 | return NULL; | ||
56 | |||
57 | } | ||