diff options
author | Simon Josefsson <simon@josefsson.org> | 2007-02-05 12:58:42 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2007-02-05 12:58:42 +0000 |
commit | 972789a3fc51ac7b732423cadb2e370086671767 (patch) | |
tree | 34bd0f5f4d6c402c0932a0fc01ebcad6653a02ab | |
parent | 3ecb8ef3b501b96bb8f7983b9ac96c0747497a35 (diff) | |
download | gnutls-972789a3fc51ac7b732423cadb2e370086671767.tar.gz |
use static DH params if none or provided
-rw-r--r-- | src/serv.c | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/src/serv.c b/src/serv.c index dd27726857..e24695659d 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2006 Free Software Foundation + * Copyright (C) 2004, 2006, 2007 Free Software Foundation * Copyright (C) 2001,2002 Paul Sheer * Portions Copyright (C) 2002,2003 Nikos Mavroyanopoulos * @@ -238,6 +238,38 @@ read_dh_params (void) } +static char pkcs3[] = + "-----BEGIN DH PARAMETERS-----\n" + "MIGGAoGAtkxw2jlsVCsrfLqxrN+IrF/3W8vVFvDzYbLmxi2GQv9s/PQGWP1d9i22\n" + "P2DprfcJknWt7KhCI1SaYseOQIIIAYP78CfyIpGScW/vS8khrw0rlQiyeCvQgF3O\n" + "GeGOEywcw+oQT4SmFOD7H0smJe2CNyjYpexBXQ/A0mbTF9QKm1cCAQU=\n" + "-----END DH PARAMETERS-----\n"; + +static int +static_dh_params (void) +{ + gnutls_datum params = { pkcs3, sizeof (pkcs3) }; + int ret; + + if (gnutls_dh_params_init (&dh_params) < 0) + { + fprintf (stderr, "Error in dh parameter initialization\n"); + exit (1); + } + + ret = gnutls_dh_params_import_pkcs3 (dh_params, ¶ms, GNUTLS_X509_FMT_PEM); + + if (ret < 0) + { + fprintf (stderr, "Error parsing dh params: %s\n", safe_strerror (ret)); + exit (1); + } + + printf ("Set static Diffie Hellman parameters, consider --dhparams.\n"); + + return 0; +} + static int get_params (gnutls_session session, gnutls_params_type type, gnutls_params_st * st) @@ -724,11 +756,14 @@ main (int argc, char **argv) generate_rsa_params (); generate_dh_primes (); } - - if (dh_params_file && generate == 0) + else if (dh_params_file) { read_dh_params (); } + else + { + static_dh_params (); + } if (gnutls_certificate_allocate_credentials (&cert_cred) < 0) { |