+#endif
+
+static void initialize_gnutls(void) {
+ int result;
+ char *dh_parameters;
+ gnutls_datum_t dh_parameters_datum;
+
+/* Recent versions of GnuTLS automatically initialize the cryptography layer
+ * in gnutls_global_init(), including a thread-safe setup. */
+#if GNUTLS_VERSION_NUMBER <= 0x020b00
+ gcry_error_t error;
+
+ /* Thread safe setup. Must be called before gnutls_global_init(). */
+ error = gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
+ if (error != 0) {
+ fprintf(stderr, "gcry_control(): %s/%s\n", gcry_strsource(error),
+ gcry_strerror(error));
+ exit(EXIT_FAILURE);
+ }
+ /* Prevent usage of blocking /dev/random. */
+ error = gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
+ if (error != 0) {
+ fprintf(stderr, "gcry_control(): %s/%s\n", gcry_strsource(error),
+ gcry_strerror(error));
+ exit(EXIT_FAILURE);
+ }
+#endif
+
+ if (gnutls_check_version(GNUTLS_VERSION) == NULL) {
+ fprintf(stderr, "gnutls_check_version(): version mismatch, "
+ "expected at least '" GNUTLS_VERSION "'\n");
+ exit(EXIT_FAILURE);
+ }
+
+ /* Initialize GnuTLS. */
+ result = gnutls_global_init();
+ GNUTLS_ERROR_EXIT(result, "gnutls_global_init()");
+
+#if 0
+ gnutls_global_set_log_level(10);
+ gnutls_global_set_log_function(log_function_gnutls);
+#endif
+
+ /* Setup GnuTLS cipher suites. */
+ result = gnutls_priority_init(&global_tls_priority_cache,
+ PROXY_TLS_PRIORITIES, NULL);
+ GNUTLS_ERROR_EXIT(result, "gnutls_priority_init()");