GnuTLS-3.0.19
Introduction to GnuTLS
The GnuTLS package contains
libraries and userspace tools which provide a secure layer over a
reliable transport layer. Currently the GnuTLS library implements the proposed
standards by the IETF's TLS working group. Quoting from the TLS
protocol specification:
“The TLS protocol provides communications
privacy over the Internet. The protocol allows client/server
applications to communicate in a way that is designed to prevent
eavesdropping, tampering, or message forgery.”
GnuTLS provides support for TLS
1.1, TLS 1.0 and SSL 3.0 protocols, TLS extensions, including
server name and max record size. Additionally, the library supports
authentication using the SRP protocol, X.509 certificates and
OpenPGP keys, along with support for the TLS Pre-Shared-Keys (PSK)
extension, the Inner Application (TLS/IA) extension and X.509 and
OpenPGP certificate handling.
This package is known to build and work properly using an LFS-7.1
platform.
Package Information
GnuTLS Dependencies
Required
nettle-2.4
Optional
GTK-Doc-1.18, Guile-2.0.5,
libidn-1.24, libtasn1-2.12,
p11-kit-0.12 and Valgrind (used during the test suite)
Note that if you do not install libtasn1-2.12,
an older version shipped in the GnuTLS tarball will be used instead.
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gnutls
Installation of GnuTLS
Install GnuTLS by running the
following commands:
./configure --prefix=/usr &&
make
To test the results, issue: make
check.
Now, as the root user:
make install &&
install -v -m755 -d /usr/share/doc/gnutls-3.0.19 &&
install -v -m644 doc/*.{html,png,eps,pdf,ps} doc/cyclo/*.html \
/usr/share/doc/gnutls-3.0.19 &&
cp -v -R doc/credentials \
/usr/share/doc/gnutls-3.0.19
If you did not pass the --enable-gtk-doc parameter to the configure script, install the API
documentation to the /usr/share/gtk-doc/html/gnutls directory using
the following command as the root
user:
make -C doc/reference install-data-local
Command Explanations
--disable-static: This switch prevents
installation of static versions of the libraries.
--enable-gtk-doc: Use this parameter if
GTK-Doc is installed and you wish
to rebuild and install the API documentation.
Contents
Installed Programs:
certtool, crywrap, gnutls-cli,
gnutls-cli-debug, gnutls-serv, ocsptool, p11tool, psktool, and
srptool
Installed Libraries:
libgnutls.{so,a},
libgnutls-openssl.{so,a}, and libgnutlsxx.{so,a}
Installed Directories:
/usr/include/gnutls,
/usr/share/doc/gnutls-3.0.19 and
/usr/share/gtk-doc/html/gnutls
Short Descriptions
|
certtool
|
is used to generate X.509 certificates, certificate
requests, and private keys.
|
|
crywrap
|
is a simple wrapper that waits for TLS/SSL connections,
and proxies them to an unencrypted location.
|
|
gnutls-cli
|
is a simple client program to set up a TLS connection to
some other computer.
|
|
gnutls-cli-debug
|
is a simple client program to set up a TLS connection to
some other computer and produces very verbose progress
results.
|
|
gnutls-serv
|
is a simple server program that listens to incoming TLS
connections.
|
|
ocsptool
|
is a program that can parse and print information about
OCSP requests/responses, generate requests and verify
responses.
|
|
p11tool
|
is a program that allows handling data from PKCS #11
smart cards and security modules.
|
|
psktool
|
is a simple program that generates random keys for use
with TLS-PSK.
|
|
srptool
|
is a simple program that emulates the programs in the
Stanford SRP (Secure Remote Password) libraries using
GnuTLS.
|
|
libgnutls.{so,a}
|
contains the core API functions and X.509 certificate API
functions.
|
Last updated on 2012-05-24 02:48:38 +0000