1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
GNU TLS README -- Important introductory notes.
Copyright (C) 2004, 2005, 2008 Simon Josefsson
Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos
See the end for copying conditions.
This is the GNUTLS library. GNUTLS implements the TLS/SSL (Transport
Layer Security aka Secure Sockets Layer) protocol. GnuTLS is a GNU
project. More up to date information can be found at
<http://www.gnu.org/software/gnutls/> and <http://www.gnutls.org/>.
See the documentation in doc/ and examples in doc/examples/.
COMPILATION ISSUES
------------------
The library needs libgcrypt. You can find libgcrypt at
<ftp://ftp.gnupg.org/pub/gcrypt/alpha/libgcrypt/>. Note that by
compiling libgcrypt with CPU optimizations gnutls' speed will
increase.
For OpenPGP key support, the OpenCDK library can be used. You can
find libopencdk at: <ftp://ftp.gnutls.org/pub/gnutls/opencdk/>. A
copy of libopencdk is also included with GnuTLS.
In case you are compiling for embedded systems you should check the
configure options (that is run: 'configure --help'), and disable
unneeded features of gnutls.
Experimental:
If you specify --with-builtin-crypto, you will use gnulib instead of
libgcrypt for (some) crypto routines.
Currently the generic crypto interface only support secret key
ciphering, hashing and gathering of random data. Supporting
RSA/DSA/DH/SEXP/MPI in the generic crypto interface is pending.
If --with-builtin-crypto is specified, random data will be read from
system device files (e.g., /dev/random) directly. The files used are
printed when running configure, you can override them using
--enable-random-device, --enable-pseudo-random-device, and
--enable-nonce-device. Please let us know if the defaults for some
systems are wrong.
The goal here is to make GnuTLS build standalone, in case Libgcrypt is
not available, but also to allow easy use of other crypto libraries or
crypto hardware.
LICENSE ISSUES
--------------
Since the 0.4.2 version the gnutls library is covered under the GNU
Lesser GPL. Previously released versions were licensed under the GNU
GPL.
We changed the license for most of GNUTLS because other free libraries
already exist that do the same jobs and have lax licenses. We want
GNUTLS to be usable in all the same places as those other libraries.
We kept some parts of GNUTLS under the GPL because they are unique,
and with the GPL they provide free software projects (which deserve
our help) an advantage over non-free projects (which do not deserve
our help, since they refuse to share with us). For more explanation,
see http://www.gnu.org/philosophy/why-not-lgpl.html.
The GNU Lesser GPL license applies to the main gnutls library, while
the gnutls-extra library is under the GPL. The gnutls-extra library
contains the code for "GnuTLS Inner Application" support and the
OpenSSL compatibility layer. The gnutls library is located in the
lib/ directory, while the gnutls-extra library is at libextra/.
BUGS
----
Currently GnuTLS needs testing. By notifying the developers about a
possible bug you may help a lot, since testing is really important and
expensive. If you think you found a bug, report it to
bug-gnutls@gnu.org together with the needed information, in order for
developers to reproduce it.
----------------------------------------------------------------------
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
|
