BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
{
gnutls_session_t *s = (gnutls_session_t*)session;
char priority[64] = "NORMAL", *p;
unsigned i;
int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
return FALSE;
}
p = priority + strlen(priority);
for(i=0; i < sizeof(protocol_priority_flags)/sizeof(*protocol_priority_flags); i++) {
*p++ = ':';
*p++ = (cred->enabled_protocols & protocol_priority_flags[i].enable_flag) ? '+' : '-';
strcpy(p, protocol_priority_flags[i].gnutls_flag);
p += strlen(p);
}
TRACE("Using %s priority\n", debugstr_a(priority));
err = pgnutls_priority_set_direct(*s, priority, NULL);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
pgnutls_deinit(*s);
return FALSE;
}
err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE,
(gnutls_certificate_credentials_t)cred->credentials);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
pgnutls_deinit(*s);
return FALSE;
}
pgnutls_transport_set_pull_function(*s, schan_pull_adapter);
pgnutls_transport_set_push_function(*s, schan_push_adapter);
return TRUE;
}
BOOL schan_imp_create_session(schan_imp_session *session, BOOL is_server,
schan_imp_certificate_credentials cred)
{
gnutls_session_t *s = (gnutls_session_t*)session;
int err = pgnutls_init(s, is_server ? GNUTLS_SERVER : GNUTLS_CLIENT);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
return FALSE;
}
/* FIXME: We should be using the information from the credentials here. */
FIXME("Using hardcoded \"NORMAL\" priority\n");
err = pgnutls_set_default_priority(*s);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
pgnutls_deinit(*s);
return FALSE;
}
err = pgnutls_credentials_set(*s, GNUTLS_CRD_CERTIFICATE,
(gnutls_certificate_credentials)cred);
if (err != GNUTLS_E_SUCCESS)
{
pgnutls_perror(err);
pgnutls_deinit(*s);
return FALSE;
}
pgnutls_transport_set_pull_function(*s, schan_pull_adapter);
pgnutls_transport_set_push_function(*s, schan_push_adapter);
return TRUE;
}