Tal Maoz (tmaoz)
2018-05-22 17:58:10 UTC
Hey guys,
I hope someone can help with this as it is pretty urgent.
I'm trying to build a simple secure server over libmicrohttpd.
I compiled version 0.9.59 with libgnutls 3.5.18.
I'm trying to use TLS-PSK with AES-256-GCM and SHA384 but I get an error:
Ø Error: invalid credentials type 4 specified.
My code:
daemon = MHD_start_daemon(MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG,
arguments.port_arg,
NULL,
NULL,
&request_handler,
NULL,
MHD_OPTION_CONNECTION_TIMEOUT, 256,
MHD_OPTION_HTTPS_CRED_TYPE, GNUTLS_CRD_PSK,
MHD_OPTION_HTTPS_PRIORITIES, "NONE:+AES-256-GCM:+SHA384",
MHD_OPTION_HTTPS_MEM_KEY, key_pem,
MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
MHD_OPTION_END);
I looked into the source code of libmicrohttps and in microhttpd/daemon.c:576 I see that, for some reason, if anything other than GNUTLS_CRD_CERTIFICATE is used, this error message is given. The documentation says:
MHD_OPTION_HTTPS_CRED_TYPE
Daemon credentials type. Either certificate or anonymous, this option should be followed by one of the values listed in "enum gnutls_credentials_type_t".
Any Idea on what to do with this? Is there some other config I need to use/change for this to work? When I remove the "MHD_OPTION_HTTPS_CRED_TYPE" and "MHD_OPTION_HTTPS_PRIORITIES" , the server works (but not in the mode I need, obviously).
If this is simply not supported, any idea if there are any plans to ever support this?
Any help will be very much appreciated.
Thanks,
Tal
[Loading Image...
]
Tal Maoz
Senior Software Engineer
CTAO Innovation Group
***@cisco.com<mailto:***@cisco.com>
Tel: +972-2-5886289
Cisco Systems Israel Ltd.
5 Shlomo Halevi Street
Har Hotzvim High Tech Park
Jerusalem
9777019
Israel
Cisco.com<http://www.cisco.com/web/IL/>
[Loading Image...
]<https://il.linkedin.com/in/tal-maoz-7247693>
[Loading Image...
] Think before you print.
I hope someone can help with this as it is pretty urgent.
I'm trying to build a simple secure server over libmicrohttpd.
I compiled version 0.9.59 with libgnutls 3.5.18.
I'm trying to use TLS-PSK with AES-256-GCM and SHA384 but I get an error:
Ø Error: invalid credentials type 4 specified.
My code:
daemon = MHD_start_daemon(MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG,
arguments.port_arg,
NULL,
NULL,
&request_handler,
NULL,
MHD_OPTION_CONNECTION_TIMEOUT, 256,
MHD_OPTION_HTTPS_CRED_TYPE, GNUTLS_CRD_PSK,
MHD_OPTION_HTTPS_PRIORITIES, "NONE:+AES-256-GCM:+SHA384",
MHD_OPTION_HTTPS_MEM_KEY, key_pem,
MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
MHD_OPTION_END);
I looked into the source code of libmicrohttps and in microhttpd/daemon.c:576 I see that, for some reason, if anything other than GNUTLS_CRD_CERTIFICATE is used, this error message is given. The documentation says:
MHD_OPTION_HTTPS_CRED_TYPE
Daemon credentials type. Either certificate or anonymous, this option should be followed by one of the values listed in "enum gnutls_credentials_type_t".
Any Idea on what to do with this? Is there some other config I need to use/change for this to work? When I remove the "MHD_OPTION_HTTPS_CRED_TYPE" and "MHD_OPTION_HTTPS_PRIORITIES" , the server works (but not in the mode I need, obviously).
If this is simply not supported, any idea if there are any plans to ever support this?
Any help will be very much appreciated.
Thanks,
Tal
[Loading Image...
]Tal Maoz
Senior Software Engineer
CTAO Innovation Group
***@cisco.com<mailto:***@cisco.com>
Tel: +972-2-5886289
Cisco Systems Israel Ltd.
5 Shlomo Halevi Street
Har Hotzvim High Tech Park
Jerusalem
9777019
Israel
Cisco.com<http://www.cisco.com/web/IL/>
[Loading Image...
]<https://il.linkedin.com/in/tal-maoz-7247693>[Loading Image...
] Think before you print.