Hey guys,
I hope someone can help with this as it is pretty urgent.
I'm trying to build a simple secure server over libmicrohttpd.
I compiled version 0.9.59 with libgnutls 3.5.18.
I'm trying to use TLS-PSK with AES-256-GCM and SHA384 but I get an error:
Ø Error: invalid credentials type 4 specified.
My code:
daemon = MHD_start_daemon(MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
MHD_USE_DEBUG,
arguments.port_arg,
NULL,
NULL,
&request_handler,
NULL,
MHD_OPTION_CONNECTION_TIMEOUT, 256,
MHD_OPTION_HTTPS_CRED_TYPE, GNUTLS_CRD_PSK,
MHD_OPTION_HTTPS_PRIORITIES,
"NONE:+AES-256-GCM:+SHA384",
MHD_OPTION_HTTPS_MEM_KEY, key_pem,
MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
MHD_OPTION_END);
I looked into the source code of libmicrohttps and in microhttpd/daemon.c:576 I
see that, for some reason, if anything other than GNUTLS_CRD_CERTIFICATE is
used, this error message is given. The documentation says:
MHD_OPTION_HTTPS_CRED_TYPE
Daemon credentials type. Either certificate or anonymous, this option should be
followed by one of the values listed in "enum gnutls_credentials_type_t".
Any Idea on what to do with this? Is there some other config I need to
use/change for this to work? When I remove the "MHD_OPTION_HTTPS_CRED_TYPE" and
"MHD_OPTION_HTTPS_PRIORITIES" , the server works (but not in the mode I need,
obviously).
If this is simply not supported, any idea if there are any plans to ever
support this?
Any help will be very much appreciated.
Thanks,
Tal
[http://www.cisco.com/c/dam/m/en_us/employee-connection/signaturetool/images/banners/Photography/banner7.png]
Tal Maoz
Senior Software Engineer
CTAO Innovation Group
tm...@cisco.com<mailto:tm...@cisco.com>
Tel: +972-2-5886289
Cisco Systems Israel Ltd.
5 Shlomo Halevi Street
Har Hotzvim High Tech Park
Jerusalem
9777019
Israel
Cisco.com<http://www.cisco.com/web/IL/>
[http://www.cisco.com/c/dam/m/en_us/signaturetool/images/linkedin-16x16.png]<https://il.linkedin.com/in/tal-maoz-7247693>
[http://www.cisco.com/assets/swa/img/thinkbeforeyouprint.gif] Think before you
print.
