descriptionImplementation of the SSL/TLS protocol
homepage URL
last changeThu, 6 Dec 2012 08:02:54 +0000 (6 09:02 +0100)
content tags
GnuTLS README -- Important introductory notes.
Copyright (C) 2000-2012 Free Software Foundation, Inc.
See the end of this document for copying conditions.

GnuTLS implements the TLS/SSL (Transport Layer Security aka Secure
Sockets Layer) protocol.  GnuTLS is a GNU project.  Additional
information can be found at <>
and <>.

This README is targeted for users of the library who build from
sources but do not necessarily develop.  If you are interested
in developing and contributing to the GnuTLS project, please
see README-alpha and visit

A typical command sequence for building the library is shown below.
A complete list of options available for configure can be found
by running './configure --help'.

    cd gnutls-<version>
    ./configure --prefix=/usr
    sudo make install

The commands above build and install the static archive (libgnutls.a),
the shared object (, and additional binaries such as certtool 
and gnutls-cli.

The library depends on libnettle. Optionally it may use the 
following libraries:
 * p11-kit: for smart card support
 * libtspi: for Trusted Platform Module (TPM) support,
 * libunbound: For DNSSEC/DANE support,
 * libz: For compression support.
 * libtasn1: For ASN.1 parsing (a copy is included, if not found)

Versions 2.10.3 and prior used libgcrypt as the default cryptographic library.
Nettle can be found at, while
p11-kit can be found at <>.

To configure libnettle for installation and use by GnuTLS, a typical
command sequence would be:

    cd nettle-<version>
    ./configure --prefix=/usr --disable-openssl --enable-shared
    sudo make install

For the Nettle project, --enable-shared will instruct automake and
friends to build and install both the static archive (libnettle.a)
and the shared object (

In case you are compiling for an embedded system, you can disable
unneeded features of GnuTLS.  In general, it is usually best not to
disable anything (for future mailing list questions and possible bugs).

Depending on your installation, additional libraries, such as libtasn1
and zlib, may be required.

See the documentation in doc/ and online at

See the examples in doc/examples/ and online at 'How To Use GnuTLS in
Applications' at

The project collects and publishes information on past security
incidents and vulnerabilities.  Open information exchange, including
information which is [sometimes] suppressed in non-open or non-free
projects, is one of the goals of the GnuTLS project.  Please visit

The GnuTLS project maintains mailing lists for users, developers, and
commits.  Please see

Since GnuTLS version 3.0.0, the core library has been released under
the GNU Lesser General Public License (LGPL) version 3 or later.

The GNU LGPL applies to the main GnuTLS library, while the
included applications as well as gnutls-openssl 
library are under the GNU GPL version 3.  The gnutls library is 
located in the lib/ directory, while the applications in src/ and
gnutls-openssl library is at extra/.

For any copyright year range specified as YYYY-ZZZZ in this package
note that the range specifies every single year in that closed interval.

Thorough testing is very important and expensive.  Often, the 
developers do not have access to a particular piece of hardware or 
configuration to reproduce a scenario.  Notifying the developers about a 
possible bug will greatly help the project.  

If you believe you have found a bug, please report it to
together with any applicable information.  A web interface for the system
is available at

Applicable information would include why the issue is a GnuTLS bug (if
not readily apparent), output from 'uname -a', the version of the library or
tool being used, a stack trace if available ('bt full' if under gdb or
valgrind output), and perhaps a network trace.  Vague queries or piecemeal 
messages are difficult to act upon and don't help the development effort.

Additional information can be found at the project's manual.

Patches are welcome and encouraged. Patches can be submitted through the 
bug tracking system or the mailing list.  When submitting patches, please 
be sure to use sources from the git repository, and preferrably from the 
master branch.  To create a patch for the project from a local git repository, 
please use the following commands. 'gnutls' should be the local directory 
of a previous git clone.

    cd gnutls
    git add the-file-you-modified.c another-file.c
    git commit the-file-you-modified.c another-file.c
    git format-patch

For more information on use of Git, visit

Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
2012-12-06 Nikos Mavrogiannopouloscorrected copyright noticesmaster
2012-12-06 Nikos Mavrogiannopoulosupdated documentation.
2012-12-06 Nikos Mavrogiannopoulos_gnutls_strdatum_to_buf() will account for NULL input.
2012-12-06 Nikos Mavrogiannopoulosallow GNUTLS_E_SHORT_MEMORY_BUFFER in gnutls_x509_crq_g...
2012-12-06 Nikos Mavrogiannopoulosdoc update
2012-12-06 Nikos Mavrogiannopoulosupdated documentation
2012-12-06 Nikos MavrogiannopoulosImport PKCS #12 keys
2012-12-04 Nikos Mavrogiannopoulosdocument fix
2012-12-04 Nikos MavrogiannopoulosCorrected bugs in record parsing.
2012-12-01 Nikos Mavrogiannopoulosdocumented fixes
2012-12-01 Nikos Mavrogiannopouloscorrected copyright
2012-11-30 Ludovic Courtèsguile: Fix dependencies to be parallel-safe.
2012-11-27 Nikos MavrogiannopoulosRevert "do not document low-level functions"
2012-11-27 Nikos Mavrogiannopoulosmention dependencies in readme
2012-11-27 Nikos Mavrogiannopoulosupdate @VERSION@ -> actual version on the web manual
2012-11-27 Nikos Mavrogiannopoulosdoc update
6 years ago gnutls_3_1_5 released 3.1.5
6 years ago gnutls_3_1_4 released 3.1.4
6 years ago gnutls_3_0_26 released 3.0.26
6 years ago gnutls_2_12_21 released 2.12.21
6 years ago gnutls_3_1_3 released 3.1.3
6 years ago gnutls_3_0_25 released 3.0.25
6 years ago gnutls_3_1_2 released 3.1.2.
6 years ago gnutls_3_0_24 released 3.0.24
6 years ago gnutls_3_1_1 released gnutls 3.1.1
6 years ago gnutls_3_0_23 released 3.0.23
6 years ago gnutls_3_1_0 released 3.1.0.
6 years ago gnutls_3_1_0pre0 released 3.1.0pre0
6 years ago gnutls_3_0_22 released 3.0.22.
6 years ago gnutls_3_0_21_real released 3.0.21
6 years ago gnutls_3_0_21 released 3.0.21
6 years ago gnutls_2_12_20 released 2.12.20
6 years ago web-pages
6 years ago master
6 years ago gnutls_3_0_x-2
6 years ago gnutls_2_12_x
11 years ago pub
11 years ago gnutls_2_0_x
11 years ago gnutls_1_7_14_with_pkcs11
11 years ago gnutls_1_6_x
11 years ago guile
11 years ago gnutls_1_7_8_with_pkcs11
12 years ago gnutls_1_4_x
12 years ago gnutls_1_2_patches
13 years ago gnutls_1_2_9_security
13 years ago gnutls_1_2_8_with_ia
13 years ago gnutls_1_2_9_with_psk
13 years ago gnutls_1_2_with_libtommath