Profile(const std::string& profilename, const std::string& certstr, const std::string& keystr,
std::auto_ptr<DHParams>& DH, unsigned int mindh, const std::string& hashstr,
const std::string& priostr, std::auto_ptr<X509CertList>& CA, std::auto_ptr<X509CRL>& CRL)
: name(profilename)
, x509cred(certstr, keystr)
, min_dh_bits(mindh)
, hash(hashstr)
, priority(priostr)
{
x509cred.SetDH(DH);
x509cred.SetCA(CA, CRL);
}
/** Set up the given session with the settings in this profile
*/
void SetupSession(gnutls_session_t sess)
{
priority.SetupSession(sess);
x509cred.SetupSession(sess);
gnutls_dh_set_prime_bits(sess, min_dh_bits);
// Request client certificate if we are a server, no-op if we're a client
gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
}
void SetX509CertAndKey(X509Credentials& x509cred)
{
mbedtls_ssl_conf_own_cert(&conf, x509cred.getcerts(), x509cred.getkey());
}
/** Set up the given session with the settings in this profile
*/
void SetupSession(gnutls_session_t sess)
{
priority.SetupSession(sess);
x509cred.SetupSession(sess);
gnutls_dh_set_prime_bits(sess, min_dh_bits);
}
