--- a/freeDiameter/CMakeLists.txt	Fri Oct 02 18:57:06 2009 +0900
+++ b/freeDiameter/CMakeLists.txt	Mon Oct 05 14:03:05 2009 +0900
@@ -30,6 +30,11 @@
 FIND_PACKAGE(GNUTLS REQUIRED)
 INCLUDE_DIRECTORIES(${GNUTLS_INCLUDE_DIRS})
 SET(FD_LIBS ${FD_LIBS} ${GNUTLS_LIBRARIES})
+find_path(GCRYPT_INCLUDE_DIR NAMES gcrypt.h)
+If ( NOT GCRYPT_INCLUDE_DIR )
+	MESSAGE(SEND_ERROR "Unable to find gcrypt.h, please install libgcrypt-dev or equivalent")
+Endif ( NOT GCRYPT_INCLUDE_DIR )
+INCLUDE_DIRECTORIES(${GCRYPT_INCLUDE_DIR})
 
 # Building the executable
 ADD_EXECUTABLE(freeDiameterd ${FD_COMMON_SRC} ${FD_COMMON_GEN_SRC} main.c)

--- a/freeDiameter/config.c	Fri Oct 02 18:57:06 2009 +0900
+++ b/freeDiameter/config.c	Mon Oct 05 14:03:05 2009 +0900
@@ -121,6 +121,11 @@
 	#endif /* DISABLE_SCTP */
 	fd_log_debug("          - Pref. proto .. : %s\n", fd_g_config->cnf_flags.pr_tcp ? "TCP" : "SCTP");
 	fd_log_debug("          - TLS method ... : %s\n", fd_g_config->cnf_flags.tls_alg ? "INBAND" : "Separate port");
+	fd_log_debug("  TLS :   - Certificate .. : %s\n", fd_g_config->cnf_sec_data.cert_file ?: "(none)");
+	fd_log_debug("          - Private key .. : %s\n", fd_g_config->cnf_sec_data.key_file ?: "(none)");
+	fd_log_debug("          - CA ........... : %s\n", fd_g_config->cnf_sec_data.ca_file ?: "(none)");
+	fd_log_debug("          - CRL .......... : %s\n", fd_g_config->cnf_sec_data.crl_file ?: "(none)");
+	fd_log_debug("          - Priority ..... : %s\n", fd_g_config->cnf_sec_data.prio_string ?: "(default)");
 	fd_log_debug("  Origin-State-Id ........ : %u\n", fd_g_config->cnf_orstateid);
 }
 
@@ -202,5 +207,11 @@
 		return EINVAL;
 	}
 	
+	/* TLS parameters */
+	CHECK_GNUTLS_DO( gnutls_certificate_allocate_credentials (&fd_g_config->cnf_sec_data.credentials), return ENOMEM );
+	
+	CHECK_GNUTLS_DO( gnutls_dh_params_init (&fd_g_config->cnf_sec_data.dh_cache), return ENOMEM );
+
+	
 	return 0;
 }

--- a/freeDiameter/main.c	Fri Oct 02 18:57:06 2009 +0900
+++ b/freeDiameter/main.c	Mon Oct 05 14:03:05 2009 +0900
@@ -38,11 +38,9 @@
 #include <signal.h>
 #include <getopt.h>
 #include <locale.h>
+#include <gcrypt.h>
 
-#ifdef GCRY_THREAD_OPTION_PTHREAD_IMPL
 GCRY_THREAD_OPTION_PTHREAD_IMPL;
-#endif /* GCRY_THREAD_OPTION_PTHREAD_IMPL */
-
 
 /* forward declarations */
 static void * sig_hdl(void * arg);
@@ -79,6 +77,7 @@
 	CHECK_FCT(  main_cmdline(argc, argv)  );
 	
 	/* Initialize gnutls */
+	(void) gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
 	CHECK_GNUTLS_DO( gnutls_global_init(), return EINVAL );
 	if ( ! gnutls_check_version(GNUTLS_VERSION) ) {
 		fprintf(stderr, "The GNUTLS library is too old; found '%s', need '" GNUTLS_VERSION "'\n", gnutls_check_version(NULL));

--- a/include/freeDiameter/CMakeLists.txt	Fri Oct 02 18:57:06 2009 +0900
+++ b/include/freeDiameter/CMakeLists.txt	Mon Oct 05 14:03:05 2009 +0900
@@ -11,7 +11,7 @@
 # Disable SCTP support completly ?
 OPTION(DISABLE_SCTP "Disable SCTP support?")
 
-# Disable SCTP support completly ?
+# Find TODO items in the code easily ?
 OPTION(ERRORS_ON_TODO "(development) Generate compilation errors on TODO items ?" OFF)
 
 

--- a/include/freeDiameter/freeDiameter.h	Fri Oct 02 18:57:06 2009 +0900
+++ b/include/freeDiameter/freeDiameter.h	Mon Oct 05 14:03:05 2009 +0900
@@ -89,8 +89,17 @@
 	} 		 cnf_flags;
 	
 	struct {
-			/* GNUTLS global state */
-			/* Server credential(s) */
+		/* Credentials parameters */
+		char *					key_file;
+		char *  				cert_file;
+		char *  				ca_file;
+		char *  				crl_file;
+		char *					prio_string;
+		/* GNUTLS server credential(s) (created from previous files) */
+		gnutls_certificate_credentials_t	credentials;
+		/* Other GNUTLS global parameters */
+		gnutls_priority_t 			prio_cache;
+		gnutls_dh_params_t 			dh_cache;
 	} 		 cnf_sec_data;
 	
 	uint32_t	 cnf_orstateid;	/* The value to use in Origin-State-Id, default to random value */