From d503e5c209c0bbbb06bc49c2c0bddb34aa020b58 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon, 1 Dec 2003 08:04:23 +0000
Subject: *** empty log message ***

---
 doc/tex/ex-serv-export.tex | 18 +++++++++---------
 doc/tex/ex-serv-srp.tex    | 16 +++++++++++++++-
 doc/tex/preface.tex        |  7 ++++---
 3 files changed, 28 insertions(+), 13 deletions(-)

(limited to 'doc')

diff --git a/doc/tex/ex-serv-export.tex b/doc/tex/ex-serv-export.tex
index c34b612dda..3b5e33f839 100644
--- a/doc/tex/ex-serv-export.tex
+++ b/doc/tex/ex-serv-export.tex
@@ -27,7 +27,7 @@
 #define DH_BITS 1024
 
 /* These are global */
-gnutls_certificate_credentials x509_cred;
+gnutls_certificate_credentials cert_cred;
 
 static void wrap_db_init(void);
 static void wrap_db_deinit(void);
@@ -47,7 +47,7 @@ gnutls_session initialize_tls_session()
     */
    gnutls_set_default_export_priority(session);
 
-   gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
+   gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred);
 
    /* request client certificate if any.
     */
@@ -118,15 +118,15 @@ int main()
     */
    gnutls_global_init();
 
-   gnutls_certificate_allocate_credentials(&x509_cred);
+   gnutls_certificate_allocate_credentials(&cert_cred);
 
-   gnutls_certificate_set_x509_trust_file(x509_cred, CAFILE,
+   gnutls_certificate_set_x509_trust_file(cert_cred, CAFILE,
                                           GNUTLS_X509_FMT_PEM);
 
-   gnutls_certificate_set_x509_crl_file(x509_cred, CRLFILE,
+   gnutls_certificate_set_x509_crl_file(cert_cred, CRLFILE,
                                           GNUTLS_X509_FMT_PEM);
 
-   gnutls_certificate_set_x509_key_file(x509_cred, CERTFILE, KEYFILE,
+   gnutls_certificate_set_x509_key_file(cert_cred, CERTFILE, KEYFILE,
                                         GNUTLS_X509_FMT_PEM);
 
    generate_dh_params();
@@ -136,8 +136,8 @@ int main()
       wrap_db_init();
    }
 
-   gnutls_certificate_set_dh_params(x509_cred, dh_params);
-   gnutls_certificate_set_rsa_export_params(x509_cred, rsa_params);
+   gnutls_certificate_set_dh_params(cert_cred, dh_params);
+   gnutls_certificate_set_rsa_export_params(cert_cred, rsa_params);
 
    /* Socket operations
     */
@@ -211,7 +211,7 @@ int main()
    }
    close(listen_sd);
 
-   gnutls_certificate_free_credentials(x509_cred);
+   gnutls_certificate_free_credentials(cert_cred);
 
    gnutls_global_deinit();
 
diff --git a/doc/tex/ex-serv-srp.tex b/doc/tex/ex-serv-srp.tex
index 11acbb1aba..553c2deed6 100644
--- a/doc/tex/ex-serv-srp.tex
+++ b/doc/tex/ex-serv-srp.tex
@@ -15,6 +15,10 @@
 #define SRP_PASSWD "tpasswd"
 #define SRP_PASSWD_CONF "tpasswd.conf"
 
+#define KEYFILE "key.pem"
+#define CERTFILE "cert.pem"
+#define CAFILE "ca.pem"
+
 /* This is a sample TLS-SRP echo server.
  */
 
@@ -25,11 +29,13 @@
 
 /* These are global */
 gnutls_srp_server_credentials srp_cred;
+gnutls_certificate_credentials cert_cred;
 
 gnutls_session initialize_tls_session()
 {
    gnutls_session session;
-   const int kx_priority[] = { GNUTLS_KX_SRP, 0 };
+   const int kx_priority[] = { GNUTLS_KX_SRP, GNUTLS_KX_SRP_DSS,
+      GNUTLS_KX_SRP_RSA, 0 };
 
    gnutls_init(&session, GNUTLS_SERVER);
 
@@ -37,6 +43,9 @@ gnutls_session initialize_tls_session()
    gnutls_kx_set_priority(session, kx_priority);
 
    gnutls_credentials_set(session, GNUTLS_CRD_SRP, srp_cred);
+   /* for the certificate authenticated ciphersuites.
+    */
+   gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cert_cred);
 
    /* request client certificate if any.
     */
@@ -70,6 +79,10 @@ int main()
    gnutls_srp_allocate_server_credentials(&srp_cred);
    gnutls_srp_set_server_credentials_file(srp_cred, SRP_PASSWD, SRP_PASSWD_CONF);
 
+   gnutls_certificate_allocate_credentials(&cert_cred);
+   gnutls_certificate_set_x509_trust_file(cert_cred, CAFILE, GNUTLS_X509_FMT_PEM);
+   gnutls_certificate_set_x509_key_file(cert_cred, CERTFILE, KEYFILE,
+                                        GNUTLS_X509_FMT_PEM);
 
    /* TCP socket operations
     */
@@ -146,6 +159,7 @@ int main()
    close(listen_sd);
 
    gnutls_srp_free_server_credentials(srp_cred);
+   gnutls_certificate_free_credentials(cert_cred);
 
    gnutls_global_deinit();
 
diff --git a/doc/tex/preface.tex b/doc/tex/preface.tex
index 01aa48ba03..a06f76d9b7 100644
--- a/doc/tex/preface.tex
+++ b/doc/tex/preface.tex
@@ -8,9 +8,10 @@ the \gnutls{} purpose and actual offerings.
 Even if \gnutls{} is a typical library software, it operates over several
 security and cryptographic protocols, which require the programmer
 to make careful and correct usage of them. Otherwise he risks to offer
-just a false sense of security. Also note that a program should not be
-considered secure just because it uses \gnutls{} or any other cryptographic library.
-There are several ways to compromise a program or a communication line
+just a false sense of security. Security is a very general term for computer
+software and cannot be restricted to a single cryptographic library.
+A program should not be considered secure just because it uses \gnutls{},
+there are several ways to compromise a program or a communication line
 and \gnutls{} only helps with some of them. 
 \par
 This document tries to be self contained, although basic 
-- 
cgit v1.2.1