bool generate_dh_params(gnutls_dh_params_t *const dh_params) { /* int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW); */ int bits = 1248; /* Equivalent, gnutls_sec_param_to_pk_bits is available since 2.12 */ int ret; assert(dh_params != NULL); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. When short bit length is used, it might * be wise to regenerate parameters often. */ ret = gnutls_dh_params_init(dh_params); if(ret != GNUTLS_E_SUCCESS) { trace(LOG_ERR, "failed to initialize Diffie-Hellman parameters"); goto error; } ret = gnutls_dh_params_generate2(*dh_params, bits); if(ret != GNUTLS_E_SUCCESS) { trace(LOG_ERR, "failed to generate Diffie-Hellman parameters"); goto free_dh; } return true; free_dh: gnutls_dh_params_deinit(*dh_params); error: return false; }
static void read_dh_parameters(int fd, const char *fname) { gnutls_datum dbits, prime, generator; int ret, bits; if ((ret = gnutls_dh_params_init(&dh_params)) < 0) { i_fatal("gnutls_dh_params_init() failed: %s", gnutls_strerror(ret)); } /* read until bits field is 0 */ for (;;) { read_next_field(fd, &dbits, fname, "DH bits"); if (dbits.size != sizeof(int)) { (void)unlink(fname); i_fatal("Corrupted SSL parameter file %s: " "Field 'DH bits' has invalid size %u", fname, dbits.size); } bits = *((int *) dbits.data); if (bits == 0) break; read_next_field(fd, &prime, fname, "DH prime"); read_next_field(fd, &generator, fname, "DH generator"); ret = gnutls_dh_params_set(dh_params, prime, generator, bits); if (ret < 0) { i_fatal("gnutls_dh_params_set() failed: %s", gnutls_strerror(ret)); } } }
int ufwissl_ssl_context_set_dh_file(ufwissl_ssl_context * ctx, const char *filename) { gnutls_datum_t datum_dh; int ret; datum_dh.data = NULL; if (!filename) return UFWISSL_ERROR; /* read CRL and CA */ ret = read_to_datum(filename, &datum_dh); if (ret != 0) return UFWISSL_ERROR; if (gnutls_dh_params_init(&ctx->dh) < 0) { free(datum_dh.data); return UFWISSL_ERROR; } if (gnutls_dh_params_import_pkcs3(ctx->dh, &datum_dh, GNUTLS_X509_FMT_PEM) < 0) { free(datum_dh.data); return UFWISSL_ERROR; } free(datum_dh.data); return UFWISSL_OK; }
void TLSSocket::init(const std::string& caPath, const std::string& crlPath, const std::string& certPath, const std::string& keyPath) { gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); gnutls_global_init(); gnutls_certificate_allocate_credentials(&xcred); if (!caPath.empty()) { gnutls_certificate_set_x509_trust_file(xcred, caPath.c_str(), GNUTLS_X509_FMT_PEM); gnutls_certificate_set_verify_flags (xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); } if (!crlPath.empty()) { gnutls_certificate_set_x509_crl_file(xcred, crlPath.c_str(), GNUTLS_X509_FMT_PEM); } gnutls_certificate_set_x509_key_file(xcred, certPath.c_str(), keyPath.c_str(), GNUTLS_X509_FMT_PEM); gnutls_dh_params_init(&dh_params); gnutls_dh_params_generate2(dh_params, 1024); gnutls_priority_init(&priority_cache, "NORMAL", NULL); gnutls_certificate_set_dh_params(xcred, dh_params); }
static int generate_dh_params(struct rfbssl_ctx *ctx) { int ret; if (GNUTLS_E_SUCCESS == (ret = gnutls_dh_params_init(&ctx->dh_params))) ret = gnutls_dh_params_generate2(ctx->dh_params, 1024); return ret; }
static int vnc_tls_initialize(void) { static int tlsinitialized = 0; if (tlsinitialized) return 1; if (gnutls_global_init () < 0) return 0; /* XXX ought to re-generate diffie-hellman params periodically */ if (gnutls_dh_params_init (&dh_params) < 0) return 0; if (gnutls_dh_params_generate2 (dh_params, DH_BITS) < 0) return 0; #if defined(_VNC_DEBUG) && _VNC_DEBUG >= 2 gnutls_global_set_log_level(10); gnutls_global_set_log_function(vnc_debug_gnutls_log); #endif tlsinitialized = 1; return 1; }
int manos_tls_regenerate_dhparams (int bits) { gnutls_dh_params_t params, oldparams; int err; err = gnutls_dh_params_init (¶ms); if (err != 0) { return err; } err = gnutls_dh_params_generate2 (params, bits); if (err != 0) { gnutls_dh_params_deinit (params); return err; } oldparams = dh_params; dh_params = params; if (oldparams != NULL) { gnutls_dh_params_deinit (oldparams); } return 0; }
static int generate_dh_params (void) { gnutls_dh_params_init (&dh_params); gnutls_dh_params_generate2 (dh_params, DH_BITS); return 0; }
int rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile) { int ret; gnutls_datum_t *d_cert, *d_key; if(cert == NULL) { rb_lib_log("rb_setup_ssl_server: No certificate file"); return 0; } if((d_cert = rb_load_file_into_datum_t(cert)) == NULL) { rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno)); return 0; } if((d_key = rb_load_file_into_datum_t(keyfile)) == NULL) { rb_lib_log("rb_setup_ssl_server: Error loading key: %s", strerror(errno)); return 0; } if((ret = gnutls_certificate_set_x509_key_mem(x509, d_cert, d_key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS) { rb_lib_log("rb_setup_ssl_server: Error loading certificate or key file: %s", gnutls_strerror(ret)); return 0; } rb_free_datum_t(d_cert); rb_free_datum_t(d_key); if(dhfile != NULL) { if(gnutls_dh_params_init(&dh_params) == GNUTLS_E_SUCCESS) { gnutls_datum_t *data; int xret; data = rb_load_file_into_datum_t(dhfile); if(data != NULL) { xret = gnutls_dh_params_import_pkcs3(dh_params, data, GNUTLS_X509_FMT_PEM); if(xret < 0) rb_lib_log ("rb_setup_ssl_server: Error parsing DH file: %s\n", gnutls_strerror(xret)); rb_free_datum_t(data); } gnutls_certificate_set_dh_params(x509, dh_params); } else rb_lib_log("rb_setup_ssl_server: Unable to setup DH parameters"); } return 1; }
void dh_info(FILE * infile, FILE * outfile, common_info_st * ci) { gnutls_datum_t params; size_t size; int ret; gnutls_dh_params_t dh_params; gnutls_datum_t p, g; unsigned int q_bits = 0; if (gnutls_dh_params_init(&dh_params) < 0) { fprintf(stderr, "Error in dh parameter initialization\n"); exit(1); } params.data = (void *) fread_file(infile, &size); params.size = size; ret = gnutls_dh_params_import_pkcs3(dh_params, ¶ms, ci->incert_format); if (ret < 0) { fprintf(stderr, "Error parsing dh params: %s\n", gnutls_strerror(ret)); exit(1); } ret = gnutls_dh_params_export_raw(dh_params, &p, &g, &q_bits); if (ret < 0) { fprintf(stderr, "Error exporting parameters: %s\n", gnutls_strerror(ret)); exit(1); } if (ci->outcert_format == GNUTLS_X509_FMT_PEM) print_dh_info(outfile, &p, &g, q_bits, ci->cprint); if (!ci->cprint) { /* generate a PKCS#3 structure */ size_t len = buffer_size; ret = gnutls_dh_params_export_pkcs3(dh_params, ci->outcert_format, buffer, &len); if (ret == 0) { if (ci->outcert_format == GNUTLS_X509_FMT_PEM) { fprintf(outfile, "\n%s", buffer); } else { fwrite(buffer, 1, len, outfile); } } else { fprintf(stderr, "Error: %s\n", gnutls_strerror(ret)); } } gnutls_dh_params_deinit(dh_params); }
/** Generate initial DH and RSA params. * Loads the pre-generated DH primes. */ static void _crywrap_tls_init(void) { gnutls_dh_params_init(&dh_params); gnutls_dh_params_import_pkcs3(dh_params, &dh_file, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_dh_params(cred, dh_params); }
void TLSServer::init ( const std::string& ca, const std::string& crl, const std::string& cert, const std::string& key) { _ca = ca; _crl = crl; _cert = cert; _key = key; int ret = gnutls_global_init (); if (ret < 0) throw format ("TLS init error. {1}", gnutls_strerror (ret)); ret = gnutls_certificate_allocate_credentials (&_credentials); if (ret < 0) throw format ("TLS allocation error. {1}", gnutls_strerror (ret)); if (_ca != "" && (ret = gnutls_certificate_set_x509_trust_file (_credentials, _ca.c_str (), GNUTLS_X509_FMT_PEM)) < 0) throw format ("Bad CA file. {1}", gnutls_strerror (ret)); if ( _crl != "" && (ret = gnutls_certificate_set_x509_crl_file (_credentials, _crl.c_str (), GNUTLS_X509_FMT_PEM)) < 0) throw format ("Bad CRL file. {1}", gnutls_strerror (ret)); if (_cert != "" && _key != "" && (ret = gnutls_certificate_set_x509_key_file (_credentials, _cert.c_str (), _key.c_str (), GNUTLS_X509_FMT_PEM)) < 0) throw format ("Bad CERT file. {1}", gnutls_strerror (ret)); #if GNUTLS_VERSION_NUMBER >= 0x020b00 #if GNUTLS_VERSION_NUMBER >= 0x03000d unsigned int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); #else unsigned int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_NORMAL); #endif #else unsigned int bits = DH_BITS; #endif gnutls_dh_params_init (&_params); gnutls_dh_params_generate2 (_params, bits); if (_ciphers == "") _ciphers = "NORMAL"; gnutls_priority_init (&_priorities, _ciphers.c_str (), NULL); gnutls_certificate_set_dh_params (_credentials, _params); #if GNUTLS_VERSION_NUMBER >= 0x02090a // The automatic verification for the client certificate with // gnutls_certificate_set_verify_function only works with gnutls // >=2.9.10. So with older versions we should call the verify function // manually after the gnutls handshake. gnutls_certificate_set_verify_function (_credentials, verify_certificate_callback); #endif }
static int generate_dh_params (void) { const gnutls_datum_t p3 = { pkcs3, strlen (pkcs3) }; /* Generate Diffie Hellman parameters - for use with DHE * kx algorithms. These should be discarded and regenerated * once a day, once a week or once a month. Depending on the * security requirements. */ gnutls_dh_params_init (&dh_params); return gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM); }
static Ecore_Con_Ssl_Error _ecore_con_ssl_server_prepare_gnutls(Ecore_Con_Server *svr, int ssl_type) { int ret; if (ssl_type & ECORE_CON_USE_SSL2) return ECORE_CON_SSL_ERROR_SSL2_NOT_SUPPORTED; switch (ssl_type) { case ECORE_CON_USE_SSL3: case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT: case ECORE_CON_USE_TLS: case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT: case ECORE_CON_USE_MIXED: case ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT: break; default: return ECORE_CON_SSL_ERROR_NONE; } SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_certificate_allocate_credentials(&svr->cert)); if ((!svr->use_cert) && svr->created) { SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_dh_params_init(&svr->dh_params)); INF("Generating DH params"); SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_dh_params_generate2(svr->dh_params, 1024)); SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_anon_allocate_server_credentials(&svr->anoncred_s)); /* TODO: implement PSK */ // SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_server_credentials(&svr->pskcred_s)); gnutls_anon_set_server_dh_params(svr->anoncred_s, svr->dh_params); gnutls_certificate_set_dh_params(svr->cert, svr->dh_params); //gnutls_psk_set_server_dh_params(svr->pskcred_s, svr->dh_params); INF("DH params successfully generated and applied!"); } else if (!svr->use_cert) { //SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_psk_allocate_client_credentials(&svr->pskcred_c)); SSL_ERROR_CHECK_GOTO_ERROR(ret = gnutls_anon_allocate_client_credentials(&svr->anoncred_c)); } return ECORE_CON_SSL_ERROR_NONE; error: _gnutls_print_errors(ret); _ecore_con_ssl_server_shutdown_gnutls(svr); return ECORE_CON_SSL_ERROR_SERVER_INIT_FAILED; }
void gtlsGlobalServerData::generate_dh_params() { int ret = 0; ret = gnutls_dh_params_init(&dh_params); // printerror("gnutls_dh_params_init", ret); if (ret < 0) { initialized_ = false; } ret = gnutls_dh_params_generate2(dh_params, gtlsGeneric::GNUTLSIF_DH_BITS); // printerror("gnutls_dh_params_generate2", ret); if (ret < 0) { initialized_ = false; } }
/* Server mode: Set DH parameters */ int ufwissl_ssl_context_set_dh_bits(ufwissl_ssl_context * ctx, unsigned int dh_bits) { ctx->dh_bits = dh_bits; if (gnutls_dh_params_init(&ctx->dh) < 0) return UFWISSL_ERROR; if (gnutls_dh_params_generate2(ctx->dh, ctx->dh_bits) < 0) return UFWISSL_ERROR; return UFWISSL_OK; }
static int generate_dh_params (void) { /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. These should be discarded and regenerated * once a day, once a week or once a month. Depending on the * security requirements. */ gnutls_dh_params_init (&dh_params); gnutls_dh_params_generate2 (dh_params, DH_BITS); return 0; }
static int generate_dh_params (void) { int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. When short bit length is used, it might * be wise to regenerate parameters often. */ gnutls_dh_params_init (&dh_params); gnutls_dh_params_generate2 (dh_params, bits); return 0; }
static int generate_dh_params(void) { /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. When short bit length is used, it might * be wise to regenerate parameters. * * Check the ex-serv-export.c example for using static * parameters. */ gnutls_dh_params_init(&dh_params); gnutls_dh_params_generate2(dh_params, DH_BITS); return 0; }
void initialize_tls_global(void) { gnutls_global_init (); gnutls_certificate_allocate_credentials (&x509_cred); gnutls_certificate_set_x509_trust_file (x509_cred, CACERT, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_x509_crl_file (x509_cred, CACRL, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_x509_key_file (x509_cred, SERVERCERT, SERVERKEY, GNUTLS_X509_FMT_PEM); gnutls_dh_params_init (&dh_params); gnutls_dh_params_generate2 (dh_params, DH_BITS); gnutls_certificate_set_dh_params (x509_cred, dh_params); }
void doit(void) { gnutls_dh_params_t dh_params; gnutls_x509_privkey_t privkey; gnutls_datum_t p1, g1, p2, g2, q; unsigned bits = 0; int ret; /* import DH parameters from DSA key and verify they are the same */ gnutls_dh_params_init(&dh_params); gnutls_x509_privkey_init(&privkey); ret = gnutls_x509_privkey_import(privkey, &dsa_key, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); ret = gnutls_dh_params_import_dsa(dh_params, privkey); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); ret = gnutls_dh_params_export_raw(dh_params, &p1, &g1, &bits); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); ret = gnutls_x509_privkey_export_dsa_raw(privkey, &p2, &q, &g2, NULL, NULL); if (ret < 0) fail("error in %s: %d\n", __FILE__, __LINE__); if (bits > q.size*8 || bits < q.size*8-8) fail("error in %s: %d\n", __FILE__, __LINE__); if (compare(&p1, &p2) != 0) fail("error in %s: %d\n", __FILE__, __LINE__); if (compare(&g1, &g2) != 0) fail("error in %s: %d\n", __FILE__, __LINE__); gnutls_free(p1.data); gnutls_free(g1.data); gnutls_free(p2.data); gnutls_free(g2.data); gnutls_free(q.data); gnutls_dh_params_deinit(dh_params); gnutls_x509_privkey_deinit(privkey); success("all ok\n"); }
void TLSServer::init ( const std::string& ca, const std::string& crl, const std::string& cert, const std::string& key) { _ca = ca; _crl = crl; _cert = cert; _key = key; gnutls_global_init (); gnutls_certificate_allocate_credentials (&_credentials); if (_ca != "" && gnutls_certificate_set_x509_trust_file (_credentials, _ca.c_str (), GNUTLS_X509_FMT_PEM) < 0) throw std::string ("Missing CA file."); if ( _crl != "" && gnutls_certificate_set_x509_crl_file (_credentials, _crl.c_str (), GNUTLS_X509_FMT_PEM) < 0) throw std::string ("Missing CRL file."); if (_cert != "" && _key != "" && gnutls_certificate_set_x509_key_file (_credentials, _cert.c_str (), _key.c_str (), GNUTLS_X509_FMT_PEM) < 0) throw std::string ("Missing CERT file."); #if GNUTLS_VERSION_NUMBER >= 0x020b00 #if GNUTLS_VERSION_NUMBER >= 0x03000d unsigned int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); #else unsigned int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_NORMAL); #endif #else unsigned int bits = DH_BITS; #endif gnutls_dh_params_init (&_params); gnutls_dh_params_generate2 (_params, bits); if (_ciphers == "") _ciphers = "NORMAL"; gnutls_priority_init (&_priorities, _ciphers.c_str (), NULL); gnutls_certificate_set_dh_params (_credentials, _params); #if GNUTLS_VERSION_NUMBER >= 0x02090a gnutls_certificate_set_verify_function (_credentials, verify_certificate_callback); #endif }
static rfbBool InitializeTLS(void) { int ret; if (rfbTLSInitialized) return TRUE; if ((ret = gnutls_global_init()) < 0 || (ret = gnutls_dh_params_init(&rfbDHParams)) < 0 || (ret = gnutls_dh_params_generate2(rfbDHParams, DH_BITS)) < 0) { rfbClientLog("Failed to initialized GnuTLS: %s.\n", gnutls_strerror(ret)); return FALSE; } rfbClientLog("GnuTLS initialized.\n"); rfbTLSInitialized = TRUE; return TRUE; }
/// Enables TLS on the given server. static void onion_enable_tls(onion *o){ #ifdef HAVE_PTHREADS gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); #endif if (!(o->flags&O_USE_DEV_RANDOM)){ gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); } gnutls_global_init (); gnutls_certificate_allocate_credentials (&o->x509_cred); gnutls_dh_params_init (&o->dh_params); gnutls_dh_params_generate2 (o->dh_params, 1024); gnutls_certificate_set_dh_params (o->x509_cred, o->dh_params); gnutls_priority_init (&o->priority_cache, "NORMAL", NULL); o->flags|=O_SSL_ENABLED; }
int server_create(prelude_client_profile_t *cp, const char *addr, unsigned int port, prelude_bool_t keepalive, const char *pass, gnutls_x509_privkey_t key, gnutls_x509_crt_t cacrt, gnutls_x509_crt_t crt) { int sock; size_t size; struct pollfd pfd[128]; gnutls_dh_params_t dh_params; #ifdef GNUTLS_SRP_ENABLED int ret; ret = gnutls_srp_allocate_server_credentials(&srpcred); if ( ret < 0 ) { fprintf(stderr, "error creating SRP credentials: %s.\n", gnutls_strerror(ret)); return -1; } gnutls_srp_set_server_credentials_function(srpcred, srp_callback); #endif one_shot_passwd = pass; gnutls_anon_allocate_server_credentials(&anoncred); fprintf(stderr, "Generating %d bits Diffie-Hellman key for anonymous authentication...", ANON_DH_BITS); gnutls_dh_params_init(&dh_params); gnutls_dh_params_generate2(dh_params, ANON_DH_BITS); gnutls_anon_set_server_dh_params(anoncred, dh_params); fprintf(stderr, "\n"); size = sizeof(pfd) / sizeof(*pfd); sock = setup_server(addr, port, pfd, &size); if ( sock < 0 ) return -1; wait_connection(cp, sock, pfd, size, keepalive, key, cacrt, crt); #ifdef GNUTLS_SRP_ENABLED gnutls_srp_free_server_credentials(srpcred); #endif gnutls_anon_free_server_credentials(anoncred); return 0; }
static gnutls_dh_params get_dh_params(void) { static gnutls_dh_params dh_params; static bool initialized = FALSE; if (!initialized) { if (gnutls_dh_params_init(&dh_params)) { g_warning("%s(): gnutls_dh_params_init() failed", G_STRFUNC); return NULL; } if (gnutls_dh_params_generate2(dh_params, TLS_DH_BITS)) { g_warning("%s(): gnutls_dh_params_generate2() failed", G_STRFUNC); return NULL; } initialized = TRUE; } return dh_params; }
SslContext::SslContext() : enabled(true), certFile(this), keyFile(this), crlFile(this), trustFile(this), error_(), logger_(0), numX509Certs_(0), clientVerifyMode_(GNUTLS_CERT_IGNORE), caList_(0) { TRACE("SslContext()"); gnutls_dh_params_init(&dhParams_); gnutls_dh_params_generate2(dhParams_, 1024); gnutls_certificate_allocate_credentials(&certs_); gnutls_anon_allocate_server_credentials(&anonCreds_); }
void doit(void) { gnutls_dh_params_t dh_params = NULL; int rc; rc = global_init(); if (rc) fail("global_init\n"); if (gnutls_dh_params_init(&dh_params) < 0) fail("Error in dh parameter initialization\n"); if (gnutls_dh_params_generate2(dh_params, 1024) < 0) fail("Error in prime generation\n"); gnutls_dh_params_deinit(dh_params); gnutls_global_deinit(); if (debug) success("generated DH params OK\n"); }
static struct gnutls_dh_params_int* gnutls_dh_params_create (void) { struct gnutls_dh_params_int* result = NULL; struct gnutls_dh_params_int* _result_ = NULL; gint ret = 0; struct gnutls_dh_params_int* _tmp0_ = NULL; gint _tmp1_ = 0; gint _tmp2_ = 0; _tmp1_ = gnutls_dh_params_init (&_tmp0_); _gnutls_dh_params_deinit0 (_result_); _result_ = _tmp0_; ret = _tmp1_; _tmp2_ = ret; if (_tmp2_ != 0) { gint _tmp3_ = 0; const gchar* _tmp4_ = NULL; _tmp3_ = ret; _tmp4_ = gnutls_strerror ((int) _tmp3_); g_error ("gnutls.vapi:359: %s", _tmp4_); } result = _result_; return result; }
GnuTlsInit::GnuTlsInit() { int ret; cxxtools::MutexLock lock(mutex); if (_initCount++ == 0) { log_debug("gnutls_global_init()"); ret = gnutls_global_init(); if (ret != 0) throw GnuTlsException("gnutls_global_init", ret); log_debug("gnutls_dh_params_init(dhParams)"); ret = gnutls_dh_params_init(&_dhParams); if (ret != 0) throw GnuTlsException("gnutls_dh_params_init", ret); log_debug("gnutls_dh_params_generate2(dh_params, 1024)"); ret = gnutls_dh_params_generate2(_dhParams, 1024); if (ret != 0) throw GnuTlsException("gnutls_dh_params_generate2", ret); } }