@deftypefun {void} {gnutls_srp_set_server_credentials_function} (gnutls_srp_server_credentials_t @var{cred}, gnutls_srp_server_credentials_function * @var{func})
@var{cred}: is a @code{gnutls_srp_server_credentials_t} type.
@var{func}: is the callback function
This function can be used to set a callback to retrieve the user's
SRP credentials. The callback's function form is:
int (*callback)(gnutls_session_t, const char* username,
gnutls_datum_t *salt, gnutls_datum_t *verifier, gnutls_datum_t *generator,
gnutls_datum_t *prime);
@code{username} contains the actual username.
The @code{salt} , @code{verifier} , @code{generator} and @code{prime} must be filled
in using the @code{gnutls_malloc()} . For convenience @code{prime} and @code{generator} may also be one of the static parameters defined in gnutls.h.
Initially, the data field is NULL in every @code{gnutls_datum_t}
structure that the callback has to fill in. When the
callback is done GnuTLS deallocates all of those buffers
which are non-NULL, regardless of the return value.
In order to prevent attackers from guessing valid usernames,
if a user does not exist, g and n values should be filled in
using a random user's parameters. In that case the callback must
return the special value (1).
See @code{gnutls_srp_set_server_fake_salt_seed} too.
If this is not required for your application, return a negative
number from the callback to abort the handshake.
The callback function will only be called once per handshake.
The callback function should return 0 on success, while
-1 indicates an error.
@end deftypefun