1 files changed, 57 insertions, 0 deletions
diff --git a/src/gnutls/setup_connection.c b/src/gnutls/setup_connection.c
new file mode 100644
index 00000000..c789613d
--- /dev/null
+++ b/src/gnutls/setup_connection.c
@@ -0,0 +1,57 @@
+setup_connection ()
+{
+        connection->tls_state = MHD_TLS_CONN_INIT;
+      MHD_set_https_callbacks (connection);
+      gnutls_init (&connection->tls_session,
+                   GNUTLS_SERVER
+#if (GNUTLS_VERSION_NUMBER+0 >= 0x030402)
+                   | GNUTLS_NO_SIGNAL
+#endif /* GNUTLS_VERSION_NUMBER >= 0x030402 */
+#if GNUTLS_VERSION_MAJOR >= 3
+                   | GNUTLS_NONBLOCK
+#endif /* GNUTLS_VERSION_MAJOR >= 3*/
+                  );
+      gnutls_priority_set (connection->tls_session,
+                           daemon->priority_cache);
+      switch (daemon->cred_type)
+        {
+          /* set needed credentials for certificate authentication. */
+        case GNUTLS_CRD_CERTIFICATE:
+          gnutls_credentials_set (connection->tls_session,
+                                  GNUTLS_CRD_CERTIFICATE,
+                                  daemon->x509_cred);
+          break;
+        default:
+#ifdef HAVE_MESSAGES
+          MHD_DLOG (connection->daemon,
+                    _("Failed to setup TLS credentials: unknown credential type %d\n"),
+                    daemon->cred_type);
+#endif
+          MHD_socket_close_chk_ (client_socket);
+          MHD_ip_limit_del (daemon,
+                            addr,
+                            addrlen);
+          free (connection);
+          MHD_PANIC (_("Unknown credential type"));
+#if EINVAL
+          errno = EINVAL;
+#endif
+          return MHD_NO;
+        }
+#if (GNUTLS_VERSION_NUMBER+0 >= 0x030109) && !defined(_WIN64)
+      gnutls_transport_set_int (connection->tls_session, (int)(client_socket));
+#else  /* GnuTLS before 3.1.9 or Win x64 */
+      gnutls_transport_set_ptr (connection->tls_session, (gnutls_transport_ptr_t)(intptr_t)(client_socket));
+#endif /* GnuTLS before 3.1.9 */
+#ifdef MHD_TLSLIB_NEED_PUSH_FUNC
+      gnutls_transport_set_push_function (connection->tls_session, MHD_tls_push_func_);
+#endif /* MHD_TLSLIB_NEED_PUSH_FUNC */
+      if (daemon->https_mem_trust)
+          gnutls_certificate_server_set_request (connection->tls_session,
+                                                 GNUTLS_CERT_REQUEST);
+#else  /* ! HTTPS_SUPPORT */
+      return NULL;
+}

diff --git a/src/gnutls/setup_connection.c b/src/gnutls/setup_connection.c new file mode 100644 index 00000000..c789613d --- /dev/null +++ b/src/gnutls/setup_connection.c
@@ -0,0 +1,57 @@
	1
	2
	3	setup_connection ()
	4	{
	5	connection->tls_state = MHD_TLS_CONN_INIT;
	6	MHD_set_https_callbacks (connection);
	7	gnutls_init (&connection->tls_session,
	8	GNUTLS_SERVER
	9	#if (GNUTLS_VERSION_NUMBER+0 >= 0x030402)
	10	\| GNUTLS_NO_SIGNAL
	11	#endif /* GNUTLS_VERSION_NUMBER >= 0x030402 */
	12	#if GNUTLS_VERSION_MAJOR >= 3
	13	\| GNUTLS_NONBLOCK
	14	#endif /* GNUTLS_VERSION_MAJOR >= 3*/
	15	);
	16	gnutls_priority_set (connection->tls_session,
	17	daemon->priority_cache);
	18	switch (daemon->cred_type)
	19	{
	20	/* set needed credentials for certificate authentication. */
	21	case GNUTLS_CRD_CERTIFICATE:
	22	gnutls_credentials_set (connection->tls_session,
	23	GNUTLS_CRD_CERTIFICATE,
	24	daemon->x509_cred);
	25	break;
	26	default:
	27	#ifdef HAVE_MESSAGES
	28	MHD_DLOG (connection->daemon,
	29	_("Failed to setup TLS credentials: unknown credential type %d\n"),
	30	daemon->cred_type);
	31	#endif
	32	MHD_socket_close_chk_ (client_socket);
	33	MHD_ip_limit_del (daemon,
	34	addr,
	35	addrlen);
	36	free (connection);
	37	MHD_PANIC (_("Unknown credential type"));
	38	#if EINVAL
	39	errno = EINVAL;
	40	#endif
	41	return MHD_NO;
	42	}
	43	#if (GNUTLS_VERSION_NUMBER+0 >= 0x030109) && !defined(_WIN64)
	44	gnutls_transport_set_int (connection->tls_session, (int)(client_socket));
	45	#else /* GnuTLS before 3.1.9 or Win x64 */
	46	gnutls_transport_set_ptr (connection->tls_session, (gnutls_transport_ptr_t)(intptr_t)(client_socket));
	47	#endif /* GnuTLS before 3.1.9 */
	48	#ifdef MHD_TLSLIB_NEED_PUSH_FUNC
	49	gnutls_transport_set_push_function (connection->tls_session, MHD_tls_push_func_);
	50	#endif /* MHD_TLSLIB_NEED_PUSH_FUNC */
	51	if (daemon->https_mem_trust)
	52	gnutls_certificate_server_set_request (connection->tls_session,
	53	GNUTLS_CERT_REQUEST);
	54	#else /* ! HTTPS_SUPPORT */
	55	return NULL;
	56
	57	}