gpointer lowconn;
};
+#define DH_BITS 1024
+static gnutls_anon_server_credentials_t
+ssl_server_get_credentials (void)
+{
+ static int initialized = 0;
+ static gnutls_anon_server_credentials_t cred;
+ gnutls_dh_params_t dh_params;
+ if (initialized)
+ return cred;
+ gnutls_dh_params_init (&dh_params);
+ gnutls_dh_params_generate2 (dh_params, DH_BITS);
+ gnutls_anon_allocate_server_credentials (&cred);
+ gnutls_anon_set_server_dh_params (cred, dh_params);
+ initialized = 1;
+ return cred;
+}
+
+static void
+ssl_server_session_new (gnutls_session_t *session)
+{
+ static gnutls_anon_server_credentials_t cred;
+ cred = ssl_server_get_credentials ();
+ gnutls_init (session, GNUTLS_SERVER);
+ gnutls_priority_set_direct (*session, "NORMAL:+ANON-DH", NULL);
+ gnutls_credentials_set (*session, GNUTLS_CRD_ANON, cred);
+ gnutls_dh_set_prime_bits (*session, DH_BITS);
+}
+#undef DH_BITS
+
static void
ssl_client_session_new (gnutls_session_t *session)
{
ssl_data_new (int server)
{
struct ssl_data *ssl;
- if (server)
- return NULL;
ssl = g_slice_new (struct ssl_data);
- ssl_client_session_new (&ssl->session);
+ if (server)
+ ssl_server_session_new (&ssl->session);
+ else
+ ssl_client_session_new (&ssl->session);
ssl->buffer = g_string_sized_new (4096);
ssl->handshaking = FALSE;
return ssl;
{
return hc_conn_set_driver_ssl (conn, lowconn, 0);
}
+
+int
+hc_conn_set_driver_ssl_server (HCConn *conn, HCConn *lowconn)
+{
+ return hc_conn_set_driver_ssl (conn, lowconn, 1);
+}
client_conn_new (int fd)
{
HCConn *conn;
+ HCConn *ssl_conn;
HCConn *pop_conn;
int r;
conn = hc_conn_new (NULL, NULL);
close (fd);
return NULL;
}
+ ssl_conn = hc_conn_new (NULL, NULL);
+ hc_conn_set_driver_ssl_server (ssl_conn, conn);
+ if (r != 0)
+ {
+ hc_conn_close (ssl_conn);
+ hc_conn_close (conn);
+ return NULL;
+ }
pop_conn = hc_conn_new (NULL, NULL);
r = hc_conn_set_driver_pop (pop_conn, conn);
if (r != 0)
{
hc_conn_close (pop_conn);
- hc_conn_close (conn);
+ hc_conn_close (ssl_conn);
return NULL;
}
return pop_conn;