- msg_Dbg( p_server, "computing DHE ciphers parameters" );
- val = gnutls_dh_params_generate2 (p_sys->dh_params,
- config_GetInt (obj, "gnutls-dh-bits"));
-
- /* Write the DH parameter to cache */
- const char *cachedir = p_server->p_libvlc->psz_cachedir;
- char cachefile[strlen (cachedir) + sizeof ("/dh_params.pem")];
- sprintf (cachefile, "%s/dh_params.pem", cachedir);
-
- FILE *cache = utf8_fopen (cachefile, "wb");
- if (cache != NULL)
- {
- size_t len = 0;
- gnutls_dh_params_export_pkcs3 (p_sys->dh_params,
- GNUTLS_X509_FMT_PEM, NULL, &len);
- msg_Dbg (p_server, "caching DHE parameters (%u bytes) to %s",
- (unsigned)len, cachefile);
-
- unsigned char buf[len];
- gnutls_dh_params_export_pkcs3 (p_sys->dh_params,
- GNUTLS_X509_FMT_PEM, buf, &len);
- if (fwrite (buf, 1, len, cache) != len)
- msg_Warn (p_server, "cannot write to %s: %m", cachefile);
- fclose (cache);
- }
- else
- msg_Warn (p_server, "cannot open to %s: %m", cachefile);
-
+ const gnutls_datum_t data = {
+ .data = (unsigned char *)dh_params,
+ .size = sizeof (dh_params) - 1,
+ };
+
+ val = gnutls_dh_params_import_pkcs3 (p_sys->dh_params, &data,
+ GNUTLS_X509_FMT_PEM);
+ if (val == 0)
+ gnutls_certificate_set_dh_params (p_sys->x509_cred,
+ p_sys->dh_params);