GnuTLS-1.6.3

Introduction to GnuTLS

The GnuTLS package contains a library and userspace tools which provide a secure layer over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group. Quoting from the TLS protocol specification:

The TLS protocol provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.

GnuTLS provides support for TLS 1.1, TLS 1.0 and SSL 3.0 protocols, TLS extensions, including server name and max record size. Additionally, the library supports authentication using the SRP protocol, X.509 certificates and OpenPGP keys, along with support for the TLS Pre-Shared-Keys (PSK) extension, the Inner Application (TLS/IA) extension and X.509 and OpenPGP certificate handling.

Package Information

GnuTLS Dependencies

Required

Libgcrypt-1.2.4

Optional

GTK-Doc-1.8, OpenCDK, Tiny ASN.1, libcfg+, LZO-2.02, and Valgrind (used during the test suite)

Optional Debugging Libraries

Dmalloc and Electric Fence

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/gnutls

Installation of GnuTLS

Install GnuTLS by running the following commands:

./configure --prefix=/usr &&
make

To test the results, issue: make check.

Now, as the root user:

make install &&

install -v -m755 -d /usr/share/doc/gnutls-1.6.3/reference &&
install -v -m644    doc/reference/html/* \
                    /usr/share/doc/gnutls-1.6.3/reference &&
install -v -m644    doc/*.{html,png,eps,pdf,ps} \
                    /usr/share/doc/gnutls-1.6.3

Contents

Installed Programs: certtool, gnutls-cli, gnutls-cli-debug, gnutls-serv, libgnutls-config, libgnutls-extra-config, psktool, and srptool
Installed Libraries: libgnutls.{so,a}, libgnutls-extra.{so,a}, libgnutls-openssl.{so,a}, and libgnutlsxx.{so,a}
Installed Directory: /usr/include/gnutls and /usr/share/doc/gnutls-1.6.3

Short Descriptions

certtool

is used to generate X.509 certificates, certificate requests, and private keys.

gnutls-cli

is a simple client program to set up a TLS connection to some other computer.

gnutls-cli-debug

is a simple client program to set up a TLS connection to some other computer and produces very verbose progress results.

gnutls-serv

is a simple server program that listens to incoming TLS connections.

gnutls-config

is a utility used to configure and build applications based on the gnutls(3) library. It can be used to query the C compiler and linker flags which are required to correctly compile and link the application against the gnutls(3) library.

gnutls-extra-config

is a utility used to configure and build applications based on the gnutls-extra(3) library. It can be used to query the C compiler and linker flags which are required to correctly compile and link the application against the gnutls-extra(3) library.

psktool

is a simple program that generates random keys for use with TLS-PSK.

srptool

is a simple program that emulates the programs in the Stanford SRP (Secure Remote Password) libraries using GNU TLS.

libgnutls.{so,a}

contains the core API functions and X.509 certificate API functions.

Last updated on 2008-05-09 08:00:42 -0500