|
|
||
|---|---|---|
| .github/workflows | ||
| .gitlab/issue_templates | ||
| cligen@59911854af | ||
| devel | ||
| doc | ||
| extra | ||
| fuzz | ||
| gl/override | ||
| gnulib@05c63bc908 | ||
| lib | ||
| libdane | ||
| m4 | ||
| po | ||
| src | ||
| tests | ||
| .clang-format | ||
| .dir-locals.el | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .gitmodules | ||
| .mailmap | ||
| .packit.yaml | ||
| .triage-policies.yml | ||
| .x-sc_error_message_period | ||
| .x-sc_error_message_uppercase | ||
| .x-sc_makefile_at_at_check | ||
| .x-sc_space_tab | ||
| bootstrap | ||
| bootstrap.conf | ||
| cfg.mk | ||
| configure.ac | ||
| CONTRIBUTING.md | ||
| COPYING | ||
| COPYING.LESSERv2 | ||
| INSTALL.md | ||
| Makefile.am | ||
| NEWS | ||
| README.md | ||
| RELEASES.md | ||
| SECURITY.md | ||
| THANKS | ||
| Branch | CI system | Status | Test suite coverage | Fuzzer coverage |
|---|---|---|---|---|
| Master/3.8.x | Gitlab |  |
 |
 |
| Master/3.8.x | Github Actions |  |
N/A | N/A |
| 3.7.x | Gitlab |  |
N/A | N/A |
| 3.6.x | Gitlab |  |
N/A | N/A |
GnuTLS -- Information for developers
GnuTLS implements the TLS/SSL (Transport Layer Security aka Secure Sockets Layer) protocol. Additional information can be found at www.gnutls.org.
This file contains instructions for developers and advanced users that want to build from version controlled sources. See INSTALL.md for building released versions.
We require several tools to check out and build the software, including:
- Make
- Automake (use 1.11.3 or later)
- Autoconf
- Python (use 3.6 or later)
- Libtool
- Gettext
- Texinfo
- Tar
- Gzip
- Texlive & epsf (for PDF manual)
- GTK-DOC (for API manual)
- Git
- Perl
- Nettle
- p11-kit
- gperf
- libtasn1 (optional)
- Libidn2 (optional, for internationalization of DNS, IDNA 2008)
- Libunistring (optional, for internationalization)
- AWK (for make dist, pmccabe2html)
- bison (for datetime parser in certtool)
- libunbound (for DANE support)
- libabigail (for abi comparison in make dist)
- tpm2-tss (for TPM 2.0 support; optional)
- tcsd (for TPM support; optional)
- swtpm (for TPM test; optional)
- tpm-tools (for TPM test; optional)
- tpm2-tools (for TPM 2.0 test; optional)
- tpm2-tss-engine (for TPM 2.0 test; optional)
- ncat (for TPM test; optional)
- expect (for TPM test; optional)
The required software is typically distributed with your operating system, and the instructions for installing them differ. Here are some hints:
Debian/Ubuntu:
apt-get install -y dash git-core autoconf libtool gettext autopoint
apt-get install -y automake python3 nettle-dev libp11-kit-dev libtspi-dev libunistring-dev
apt-get install -y libtasn1-bin libtasn1-6-dev libidn2-0-dev gawk gperf
apt-get install -y libtss2-dev libunbound-dev dns-root-data bison gtk-doc-tools
apt-get install -y texinfo texlive texlive-plain-generic texlive-extra-utils
NOTE: Some software versions might not be available in older releases, e.g. nettle-dev.
Available backport repos, APT-Pinning or source code compiling can be used to install these versions (and dependencies) from a newer release.
Fedora/RHEL:
yum install -y dash git autoconf libtool gettext-devel automake patch
yum install -y nettle-devel p11-kit-devel libunistring-devel
yum install -y tpm2-tss-devel trousers-devel libtasn1-devel libidn2-devel gawk gperf
yum install -y libtasn1-tools unbound-devel bison gtk-doc texinfo texlive
Sometimes, you may need to install more recent versions of Automake, Nettle, and P11-kit, which you will need to build from sources.
Dependencies that are used during make check or make dist are listed below. Moreover, for basic interoperability testing you may want to install openssl and mbedtls.
- Valgrind (optional)
- Libasan (optional)
- faketime (preferred) or datefudge (optional)
- nodejs (needed for certain test cases)
- softhsm (for testing smart card support)
- dieharder (for testing PRNG)
- lcov (for code coverage)
- util-linux or just lscpu (for CPU feature detection)
- libev (for testing)
Debian/Ubuntu:
apt-get install -y valgrind nodejs softhsm2 faketime lcov libssl-dev libcmocka-dev expect libev-dev
apt-get install -y dieharder openssl abigail-tools socat net-tools ppp util-linux
NOTE: libubsan0 and libasan1 are required on older versions of Ubuntu <= 16.04. This packages must be manually added on these versions:
apt-get install -y v libubsan0 libasan1
Fedora/RHEL:
yum install -y valgrind libasan libasan-static libubsan nodejs softhsm faketime lcov openssl-devel expect libev-devel
yum install -y dieharder mbedtls-utils openssl libabigail libcmocka-devel socat util-linux
To download the version controlled sources:
$ git clone https://gitlab.com/gnutls/gnutls.git
$ cd gnutls
The next step is to bootstrap and ./configure:
$ ./bootstrap
$ ./configure
When built this way, some developer defaults will be enabled. See cfg.mk for details.
Then build the project normally, and run the test suite.
$ make
$ make check
To test the code coverage of the test suite use the following:
$ ./configure --enable-code-coverage
$ make && make check && make code-coverage-capture
Individual tests that may require additional hardware (e.g., smart cards) are:
$ sh tests/suite/testpkcs11
Building for windows
It is recommended to cross compile using Fedora and the following dependencies:
yum install -y wine mingw32-nettle mingw32-libtasn1 mingw32-gcc
and build as:
mingw32-configure --disable-non-suiteb-curves --disable-doc --without-p11-kit
mingw32-make
mingw32-make check
Continuous Integration (CI)
We utilize two continuous integration systems, the gitlab-ci and travis. Gitlab-CI is used to test most of the Linux systems (see .gitlab-ci.yml), and is split in two phases, build image creation and compilation/test. The build image creation is done at the gnutls/build-images subproject and uploads the image at the gitlab.com container registry. The compilation/test phase is on every commit to gnutls project.
The Travis based CI, is used to test compilation on MacOSX based systems.
Licensing
The GnuTLS distribution consists of the main libraries (libgnutls and libdane, located in the lib/ and libdane/ directories), gnutls-openssl extra library (in the extra/ directory), applications (in the src/ directory), tests (in the tests/ directory) and documentation.
Since GnuTLS version 3.1.10, the main libraries are released under the GNU Lesser General Public License version 2.1 or later (LGPLv2+, see COPYING.LESSERv2 for the license terms), while the others are under the GNU General Public License version 3 or later (GPLv3+, see COPYING for the license terms), unless otherwise specified in the indivual source files.
The documentation in the doc/ directory is under the GNU Free Documentation License version 1.3 or later (GFDLv1.3+).
Note, however, that the nettle and the gmp libraries which are GnuTLS dependencies, are distributed under a LGPLv3+ or GPLv2+ dual license. As such binaries linking to them need to adhere to either LGPLv3+ or the GPLv2+ license.
For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval.
Contributing
See the contributing document.
Happy hacking!
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.