Projects / GNU Transport Layer Securit...

Download
More Information
GNU Transport Layer Security Library

GNU Transport Layer Security Library is a library which implements a secure layer over a reliable transport layer such as TCP/IP. It implements the TLS 1.1 and SSL 3.0 protocols, accompanied with authentication methods such as X.509, OpenPGP, and SRP.

Tags Security Cryptography Software Development Libraries
Licenses GPL LGPL
Operating Systems Unix POSIX
Implementation C

Tweet this project Short link

Rss Recent releases

  • Rrelease-mid
  •  28 May 2009 10:52
  • Rrelease-after

Changes: New APIs were added for handling extensions in Certificate Requests and CRLs, for setting credentials from a PKCS#12 object stored in memory, and for verifying a hash against a certificate. The linker version script now lists all exported APIs explicitly, and no longer exports the majority of internal _gnutls* functions. There were many other fixes and improvements.

  • Rrelease-mid
  •  30 Sep 2008 18:14
  • Rrelease-after

Changes: This release fixes minor crashes and a small memory leak. The included libtasn1 library has been updated to version 1.5.

  • Rrelease-mid
  •  04 Sep 2007 06:39
  • Rrelease-after

Changes: This is a major stable release. External RSA/DSA signing for TLS client authentication is supported. Signing X.509 certificates using RSA with SHA-256/384/512 is supported. There is experimental support for TLS 1.2. X.509 Proxy Certificates (RFC 3820), Supplemental handshakes messages (RFC 4680), TLS authorization extension (draft-housley-tls-authz-extns-07), and the X.509 "otherName" Subject Altnerative Names (for XMPP) are supported. Guile bindings for GnuTLS were added. Several new APIs were added. Build improvements were made for Windows, Mac OS X, uClinux, etc.

  • Rrelease-mid
  •  04 Sep 2007 06:39
  • Rrelease-after

Changes: New API functions were added to extract DER encoded X.509 Subject/Issuer DN. The PKCS8 parser now returns better error codes. A memory leak for sessions with client authentication via certificates was fixed. Building of a "tlsia" self test was fixed.

  • Rrelease-mid
  •  19 Apr 2007 10:36
  • Rrelease-after

Changes: X.509 RSA signing has been fixed to use NULL instead of absent parameters, which solves failure in some external programs (e.g. GnuPG 2.x) when verifying GnuTLS-generated RSA X.509 certificates. The PKIX ASN.1 syntax tree was regenerated to fix a mistake made in the last release.

Rss Recent comments

Rcomment-before 15 May 2007 10:27 Rcomment-trans free2malloc Rcomment-after

Re: License

> An SSL/TLS library under the GPL. Yuck!

> What's the

> purpose of this except of having a GNU

> label in front of

> a SSL library?

>

> OpenSSL can do the same, while having a

> much more

> reasonable license.

>

good point. i say the same about linux, what a

stupid project, let's just all use windows because it

works the way we all expect it to.

pfft...

Rcomment-before 14 Dec 2002 09:50 Rcomment-trans jharr Rcomment-after

Re: License
TAKE THAT :P

(to the original poster) Honestly do you have to be that partial to OpenSSL. GPL is about keeping your mind open. OpenSSL has to get some merrit for being one of the first open source SSL implementations, however stuff doesn't get better unless it is challenged. And if OpenSSL gets shot down by GNUTLS because of its speed and reliability, it'll be for a reason. I'm not saying it will, but it could happen.

>
> % OpenSSL can do the same, while having
> % a much more
> % reasonable license.
> %
>
>
> resonability is in the eye of the
> beholder; dismissing
> something based on your own preferences
> is a bit
> silly. some people would prefer a GPL'd
>
> implementation.
>
> beyond that, OpenSSL is getting rather
> huge and
> slow (or so my crypto budies tell me)
> and a rewrite
> resulting in a smaller, faster library
> could be exactly
> what the doctor ordered for many
> projects.
>
> then again, perhaps those involved in
> the project
> simply wanted to write a TLS library for
> their own
> satisfaction and education.
>
>

Rcomment-before 16 Jun 2002 22:46 Rcomment-trans bug1 Rcomment-after

Re: License
Its questionable wether GPL'ed binaries can link to openssl. The issue is mentioned in the openssl FAQ, however its not as clear cut as they make out.

openssl is not Free to developers who use the GPL, gnutls is.

Rcomment-before 06 Nov 2001 13:26 Rcomment-trans aseigo Rcomment-after

Re: License

> OpenSSL can do the same, while having
> a much more
> reasonable license.
>

resonability is in the eye of the beholder; dismissing
something based on your own preferences is a bit
silly. some people would prefer a GPL'd
implementation.

beyond that, OpenSSL is getting rather huge and
slow (or so my crypto budies tell me) and a rewrite
resulting in a smaller, faster library could be exactly
what the doctor ordered for many projects.

then again, perhaps those involved in the project
simply wanted to write a TLS library for their own
satisfaction and education.

Rcomment-before 06 Nov 2001 11:34 Rcomment-trans dglaude Rcomment-after

Re: License

> What's the purpose of this
> except of having a GNU
> label in front of a SSL library?

Good question...

Maybe someone will be more likely to invest time in contributing to something that will stay free and open rather than something that can/could be used in closed world with private modification distribute as binary.

Check for GPL in http://www.openssl.org/support/faq.html
and you see the begining of an issue with openssl.

Does anybody know GPL program that use OpenSSL
and do they have a GPL exception stated?

Links

Google Chart

Heartbeat

Popularity Score
766.04
Vitality Score
93.14
Subscriptions
184
Voting Score: 8 (10 votes)

Articles about this project

A89a6a1d72c2d365245ee667151acad0_thumb

Project Spotlight

gumnut

Software to find the most supported proposals within large groups of people.

No-screenshot

Project Spotlight

uli-plugins

A collection of LV2 plugins.