fixed GnuTLS related crash when daemonizing

additional fix for DH-parameters not being set

diff --git a/src/main.c b/src/main.c
index 5e2b3e19981949601d85ee212ddc6275a1817b69..a18363dd721bc579bdbcd842e295d4c8b0223132 100644 (file)
--- a/src/main.c
+++ b/src/main.c
@@ -199,6 +199,10 @@ void daemonize()
        for (i = getdtablesize(); i >= 0; --i)
                close(i); /* close all descriptors */
 
+#ifdef USE_GNUTLS
+        gnutls_global_init();
+#endif
+
        i = open("/dev/null",O_RDWR);
        (void)dup(i);
        (void)dup(i);

diff --git a/src/ssli_gnutls.c b/src/ssli_gnutls.c
index 3cbb17b3cbbfcd4215bba230106946a81f7fc3df..ac5eb90eca12c404fee3e3b2967fa0b56e80c70a 100644 (file)
--- a/src/ssli_gnutls.c
+++ b/src/ssli_gnutls.c
@@ -68,16 +68,21 @@ void SSLi_init()
 {
        unsigned const bitCount = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
 
+       gnutls_priority_init(&cipherCache, ciphers, NULL);
+       initializeCertificate();
+
        gnutls_dh_params_init(&dhParameters);
-       gnutls_dh_params_generate2(dhParameters, bitCount);
 
-#if GNUTLS_VERSION_NUMBER < 0x030300
-       gnutls_global_init();
-#endif
+       Log_info("Generating Diffie-Hellman parameters (%i bits)", bitCount);
+       int error = gnutls_dh_params_generate2(dhParameters, bitCount);
 
-       gnutls_priority_init(&cipherCache, ciphers, NULL);
+       if(!error) {
+               Log_info("Successfully generated Diffie-Hellman parameters");
+       } else {
+               Log_warn("Failed to generate Diffie-Hellman parameters: %s", gnutls_strerror(error));
+       }
 
-       initializeCertificate();
+       gnutls_certificate_set_dh_params(certificate, dhParameters);
 
        Log_info("Sucessfully initialized GNUTLS version %s", gnutls_check_version(NULL));