Downloading and Installing

Next: Bug Reports, Previous: Commercial Support, Up: Preface

1.3 Downloading and Installing

GnuTLS is available for download from the following URL:

http://www.gnutls.org/download.html

The latest version is stored in a file, e.g., ‘gnutls-2.10.0.tar.gz’ where the ‘2.10.0’ value is the highest version number in the directory.

GnuTLS uses a Linux-like development cycle: even minor version numbers indicate a stable release and a odd minor version number indicates a development release. For example, GnuTLS 1.6.3 denote a stable release since 6 is even, and GnuTLS 1.7.11 denote a development release since 7 is odd.

GnuTLS depends on Libgcrypt, and you will need to install Libgcrypt before installing GnuTLS. Libgcrypt is available from ftp://ftp.gnupg.org/gcrypt/libgcrypt. Libgcrypt needs another library, libgpg-error, and you need to install libgpg-error before installing Libgcrypt. Libgpg-error is available from ftp://ftp.gnupg.org/gcrypt/libgpg-error.

Don't forget to verify the cryptographic signature after downloading source code packages.

The package is then extracted, configured and built like many other packages that use Autoconf. For detailed information on configuring and building it, refer to the INSTALL file that is part of the distribution archive. Typically you invoke ./configure and then make check install. There are a number of compile-time parameters, as discussed below.

The compression libraries (libz and lzo) are optional dependencies. You can get libz from http://www.zlib.net/. You can get lzo from http://www.oberhumer.com/opensource/lzo/.

The X.509 part of GnuTLS needs ASN.1 functionality, from a library called libtasn1. A copy of libtasn1 is included in GnuTLS. If you want to install it separately (e.g., to make it possibly to use libtasn1 in other programs), you can get it from http://www.gnu.org/software/gnutls/download.html.

The OpenPGP part of GnuTLS uses a stripped down version of OpenCDK for parsing OpenPGP packets. It is included GnuTLS. Use parameter --disable-openpgp-authentication to disable the OpenPGP functionality in GnuTLS. Unfortunately, we didn't have resources to maintain the code in a separate library.

Regarding the Guile bindings, there are additional installation considerations, see See Guile Preparations.

A few configure options may be relevant, summarized in the table.

--disable-srp-authentication
--disable-psk-authentication
--disable-anon-authentication
--disable-extra-pki
--disable-openpgp-authentication
--disable-openssl-compatibility: Disable or enable particular features. Generally not recommended.

For the complete list, refer to the output from configure --help.