+ if(gnutls_session_get_id2(ssl->sess, &sessid) == GNUTLS_E_SUCCESS) {
+ esessid = base64encode((void *)sessid.data, sessid.size);
+ headappheader(req, "X-Ash-TLS-Session", esessid);
+ free(esessid);
+ }
+ return(0);
+}
+
+static int setcreds(gnutls_session_t sess)
+{
+ int i, o, u;
+ struct sslport *pd;
+ unsigned int ntype;
+ char nambuf[256];
+ size_t namlen;
+
+ pd = gnutls_session_get_ptr(sess);
+ for(i = 0; 1; i++) {
+ namlen = sizeof(nambuf);
+ if(gnutls_server_name_get(sess, nambuf, &namlen, &ntype, i) != 0)
+ break;
+ if(ntype != GNUTLS_NAME_DNS)
+ continue;
+ for(o = 0; pd->ncreds[o] != NULL; o++) {
+ for(u = 0; pd->ncreds[o]->names[u] != NULL; u++) {
+ if(!strcmp(pd->ncreds[o]->names[u], nambuf)) {
+ gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->ncreds[o]->creds);
+ if(pd->clreq)
+ gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
+ return(0);
+ }
+ }
+ }
+ }
+ gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, pd->creds);
+ if(pd->clreq)
+ gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);