From 7d5b81e9936b1c778fd6408f3f22478e9ab9486b Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <matthias@gamezock.de>
Date: Sat, 6 Sep 2008 03:15:06 +0200
Subject: X.509-basierte TLS-Verbindung funktioniert

---
 src/Net/ServerConnection.cpp | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

(limited to 'src/Net/ServerConnection.cpp')

diff --git a/src/Net/ServerConnection.cpp b/src/Net/ServerConnection.cpp
index c011f66..0c35991 100644
--- a/src/Net/ServerConnection.cpp
+++ b/src/Net/ServerConnection.cpp
@@ -57,26 +57,18 @@ void ServerConnection::connectionHeaderReceiveHandler(const void *data, unsigned
   enterReceiveLoop();
 }
 
-ServerConnection::ServerConnection(int sock0, const IPAddress &address, gnutls_dh_params_t dh_params)
+ServerConnection::ServerConnection(int sock0, const IPAddress &address, gnutls_dh_params_t dh_params, const std::string &x905CertFile, const std::string &x905KeyFile)
 : daemon(false) {
   sock = sock0;
 
-  gnutls_anon_allocate_server_credentials(&anoncred);
-
-
-  gnutls_anon_set_server_dh_params(anoncred, dh_params);
-
   peer = new IPAddress(address);
 
-  gnutls_init(&session, GNUTLS_SERVER);
+  gnutls_certificate_set_dh_params(x509_cred, dh_params);
+  gnutls_certificate_set_x509_key_file(x509_cred, x905CertFile.c_str(), x905KeyFile.c_str(), GNUTLS_X509_FMT_PEM);
 
+  gnutls_init(&session, GNUTLS_SERVER);
   gnutls_set_default_priority(session);
-
-  const int kx_list[] = {GNUTLS_KX_ANON_DH, 0};
-  gnutls_kx_set_priority(session, kx_list);
-
-  gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
-
+  gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
   gnutls_transport_set_ptr(session, reinterpret_cast<gnutls_transport_ptr_t>(sock));
 
   handshake();
-- 
cgit v1.2.3