From snigdhamukherjee at bel.co.in Tue Feb 1 08:59:42 2011 From: snigdhamukherjee at bel.co.in (snigdhamukherjee at bel.co.in) Date: Tue, 1 Feb 2011 13:29:42 +0530 Subject: Assertion failure and access violation error in gnutls In-Reply-To: <20110105171205.929B340704A@mx1.bel.co.in> References: <20110105171205.929B340704A@mx1.bel.co.in> Message-ID: <511e0d225ff7dccbe32c202d948eb7c9.squirrel@mail.bel.co.in> Hello, I am writing a proxy code for windows based clients. The browser connects to the HTTP proxy via localhost and port. The proxy initiates the tls session between the client proxy and backend server. The handshake happens between the client proxy and backend server and encrypted data flows. The browser only receives and sends non-encrypted data to and from client proxy. The client proxy uses libgnutls for tls functionality which internally uses libgcrypt. Gnutls version: 2.10.1 libgcrypt version: 1.4.5 In this I am getting the following problems: 1. Assertion failed in file ath.c line 193. Expression: *lock==MUTEX_Unlocked I searched the internet and forums for this error and it seems I have to initialize threading in libgcrypt before gnutls_global_init(). So, I added the following #include #include #include #include #include #include #include GMutex *mutex; static int gthread_mutex_init(void **priv) { *priv = g_mutex_new(); return 0; } static int gthread_mutex_destroy(void **priv) { g_mutex_free((GMutex *) (*priv)); return 0; } static int gthread_mutex_lock(void **priv) { g_mutex_lock((GMutex *) (*priv)); return 0; } static int gthread_mutex_unlock(void **priv) { g_mutex_unlock((GMutex *) (*priv)); return 0; } static const struct gcry_thread_cbs gcry_gthreads_cbs = { GCRY_THREAD_OPTION_USER, NULL, gthread_mutex_init, gthread_mutex_destroy, gthread_mutex_lock, gthread_mutex_unlock }; . . . int main() { . . . . if(!g_thread_supported()) g_thread_init (NULL); gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_gthreads_cbs); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); gcry_control (GCRYCTL_RESUME_SECMEM_WARN); gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); gnutls_global_init (); . . . } The library used for threading is glib. But this also has not resolved the problem. Am i doing something wrong during initialization? 2. The second problem I am facing is "access violation reading location" in gnutls_handshake(). Sometimes during handshake the debugger stops and tells unhandeled exception in clientproxy.exe; access violation reading location 0x..... I have no idea how to resolve this. So, please can someone help?? Thanks, Snigdha Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Bharat Electronics or support at bel.co.in immediately and destroy all copies of this message and any attachments. From nmav at gnutls.org Tue Feb 1 18:55:15 2011 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 01 Feb 2011 18:55:15 +0100 Subject: Assertion failure and access violation error in gnutls In-Reply-To: <511e0d225ff7dccbe32c202d948eb7c9.squirrel@mail.bel.co.in> References: <20110105171205.929B340704A@mx1.bel.co.in> <511e0d225ff7dccbe32c202d948eb7c9.squirrel@mail.bel.co.in> Message-ID: <4D484903.3090903@gnutls.org> On 02/01/2011 08:59 AM, snigdhamukherjee at bel.co.in wrote: > Hello, > > I am writing a proxy code for windows based clients. The browser connects > to the HTTP proxy via localhost and port. The proxy initiates the tls > session between the client proxy and backend server. The handshake happens > between the client proxy and backend server and encrypted data flows. The > browser only receives and sends non-encrypted data to and from client > proxy. > The client proxy uses libgnutls for tls functionality which internally > uses libgcrypt. > 1. Assertion failed in file ath.c line 193. Expression: *lock==MUTEX_Unlocked The problems you describe are due to memory corruption due to lack of locks. I'd suggest the you try the implicit pthread locks as in: http://www.gnu.org/software/gnutls/manual/html_node/Multi_002dthreaded-applications.html (the git version of gnutls uses that, and allows overriding it, if required). > int main() > { > if(!g_thread_supported()) > g_thread_init (NULL); > gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_gthreads_cbs); > gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); > gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); > gcry_control (GCRYCTL_RESUME_SECMEM_WARN); > gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); Why do you use this stuff? > The library used for threading is glib. But this also has not resolved the > problem. Am i doing something wrong during initialization? I don't see anything obvious, but since you still have the problem there is something there. > > 2. The second problem I am facing is "access violation reading location" > in gnutls_handshake(). Sometimes during handshake the debugger stops and > tells unhandeled exception in clientproxy.exe; access violation reading > location 0x..... I have no idea how to resolve this. So, please can > someone help?? If you have a threading issue it is normal to expect memory corruption. First solve the issue with threads and later check that. If you want to debug this kind of errors, I'd suggest valgrind. regards, Nikos From simon at josefsson.org Mon Feb 7 10:50:08 2011 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 07 Feb 2011 10:50:08 +0100 Subject: TLS Inner Application? Message-ID: <87aai89nsf.fsf@latte.josefsson.org> Is anyone using or cares about TLS/IA support in GnuTLS? The implementation of TLS/IA was done against a draft that has expired 5 years ago and that never made it into a proper RFC. It would be nice to remove obsolete stuff, so we want to remove it. /Simon From nmav at gnutls.org Mon Feb 7 11:08:40 2011 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Mon, 07 Feb 2011 11:08:40 +0100 Subject: TLS Inner Application? In-Reply-To: <87aai89nsf.fsf@latte.josefsson.org> References: <87aai89nsf.fsf@latte.josefsson.org> Message-ID: <4D4FC4A8.5070408@gnutls.org> On 02/07/2011 10:50 AM, Simon Josefsson wrote: > Is anyone using or cares about TLS/IA support in GnuTLS? The > implementation of TLS/IA was done against a draft that has expired 5 > years ago and that never made it into a proper RFC. It would be > nice to remove obsolete stuff, so we want to remove it. Just to summarize our discussion in fosdem in list. The 2.12.x release will be a backwards compatible release with several "old" functions marked as deprecated. New functionality that breaks binary compatibility will wait for 3.0.0, where all obsolete functions will be removed. regards, Nikos From jkmalinen at gmail.com Tue Feb 8 17:47:57 2011 From: jkmalinen at gmail.com (Jouni Malinen) Date: Tue, 8 Feb 2011 18:47:57 +0200 Subject: TLS Inner Application? In-Reply-To: <87aai89nsf.fsf@latte.josefsson.org> References: <87aai89nsf.fsf@latte.josefsson.org> Message-ID: On Mon, Feb 7, 2011 at 11:50 AM, Simon Josefsson wrote: > Is anyone using or cares about TLS/IA support in GnuTLS? ?The > implementation of TLS/IA was done against a draft that has expired 5 > years ago and that never made it into a proper RFC. ?It would be nice to > remove obsolete stuff, so we want to remove it. There is a preliminary implementation of EAP-TTLSv1 in wpa_supplicant(peer) and hostapd(server). However, I do not know whether anyone really uses that, but there is indeed code that is currently assuming this functionality to be available in GnuTLS. That code is disabled by default in wpa_supplicant/hostapd, so removing this from GnuTLS would not break the default build. In addition, enabling of this code is not documented anywhere, so one would need to go through the source code to figure out how to enable this. - Jouni From simon at josefsson.org Tue Feb 8 18:51:05 2011 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 08 Feb 2011 18:51:05 +0100 Subject: TLS Inner Application? In-Reply-To: (Jouni Malinen's message of "Tue, 8 Feb 2011 18:47:57 +0200") References: <87aai89nsf.fsf@latte.josefsson.org> Message-ID: <87lj1ql8ja.fsf@latte.josefsson.org> Jouni Malinen writes: > On Mon, Feb 7, 2011 at 11:50 AM, Simon Josefsson wrote: >> Is anyone using or cares about TLS/IA support in GnuTLS? ?The >> implementation of TLS/IA was done against a draft that has expired 5 >> years ago and that never made it into a proper RFC. ?It would be nice to >> remove obsolete stuff, so we want to remove it. > > There is a preliminary implementation of EAP-TTLSv1 in > wpa_supplicant(peer) and hostapd(server). However, I do not know > whether anyone really uses that, but there is indeed code that is > currently assuming this functionality to be available in GnuTLS. That > code is disabled by default in wpa_supplicant/hostapd, so removing > this from GnuTLS would not break the default build. In addition, > enabling of this code is not documented anywhere, so one would need to > go through the source code to figure out how to enable this. Thanks for information. Do you know if you managed to do interop of TLS/IA with anyone else? I'm wondering if there is still some people interested in the draft version of TLS/IA. /Simon From jkmalinen at gmail.com Wed Feb 9 10:32:13 2011 From: jkmalinen at gmail.com (Jouni Malinen) Date: Wed, 9 Feb 2011 11:32:13 +0200 Subject: TLS Inner Application? In-Reply-To: <87lj1ql8ja.fsf@latte.josefsson.org> References: <87aai89nsf.fsf@latte.josefsson.org> <87lj1ql8ja.fsf@latte.josefsson.org> Message-ID: On Tue, Feb 8, 2011 at 7:51 PM, Simon Josefsson wrote: > Thanks for information. ?Do you know if you managed to do interop of > TLS/IA with anyone else? ?I'm wondering if there is still some people > interested in the draft version of TLS/IA. I'm not aware of any other implementation of EAP-TTLSv1. I think I would like to see where IETF emu working group goes with the tunnel-based method development this year since at least in theory, EAP-TTLSv1 would be a possible submission into that process. However, once that is done and assuming EAP-TTLSv1 was not selected as a basis for it, there may be quite a bit less interest in TLS/IA in the future from EAP view point. - Jouni From nmav at gnutls.org Wed Feb 9 12:28:18 2011 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 9 Feb 2011 12:28:18 +0100 Subject: TLS Inner Application? In-Reply-To: References: <87aai89nsf.fsf@latte.josefsson.org> <87lj1ql8ja.fsf@latte.josefsson.org> Message-ID: On Wed, Feb 9, 2011 at 10:32 AM, Jouni Malinen wrote: > On Tue, Feb 8, 2011 at 7:51 PM, Simon Josefsson wrote: >> Thanks for information. ?Do you know if you managed to do interop of >> TLS/IA with anyone else? ?I'm wondering if there is still some people >> interested in the draft version of TLS/IA. > I'm not aware of any other implementation of EAP-TTLSv1. > I think I would like to see where IETF emu working group goes with the > tunnel-based method development this year since at least in theory, > EAP-TTLSv1 would be a possible submission into that process. However, > once that is done and assuming EAP-TTLSv1 was not selected as a basis > for it, there may be quite a bit less interest in TLS/IA in the future > from EAP view point. Currently I have removed the TLS/IA implementation from what is to become 3.0.0 release, on the basis that the protocol itself is not published (and there is no indication that somebody plans to do it). Would submitting EAP-TTLSv1 to that process mean that somebody would revive the TLS/IA draft, or could they even modifying the method completely to avoid TLS/IA? (is there anyone to contact about that?) In any case the version to be released (2.12.x) will have this functionality available but marked as deprecated. If the protocol revives I'll add the functionality back to the development branch as well. regards, Nikos From jkmalinen at gmail.com Wed Feb 9 15:57:18 2011 From: jkmalinen at gmail.com (Jouni Malinen) Date: Wed, 9 Feb 2011 16:57:18 +0200 Subject: TLS Inner Application? In-Reply-To: References: <87aai89nsf.fsf@latte.josefsson.org> <87lj1ql8ja.fsf@latte.josefsson.org> Message-ID: On Wed, Feb 9, 2011 at 1:28 PM, Nikos Mavrogiannopoulos wrote: > Currently I have removed the TLS/IA implementation from what is to become > 3.0.0 release, on the basis that the protocol itself is not published (and there > is no indication that somebody plans to do it). Would submitting EAP-TTLSv1 > to that process mean that somebody would revive the TLS/IA draft, or could > they even modifying the method completely to avoid TLS/IA? > (is there anyone to contact about that?) If someone were to want to push for EAP-TTLSv1 to be used, then yes, TLS/IA would probably need to be revived, too. Both of these internet drafts expired years ago and I have not heard of much activity behind them since then. The design could be changed completely, too, but I'm not sure whether TTLSv1 would be the best starting point if that is the goal. Anyway, I would hope that we will know quite a bit more later this year. The IETF emu working group is the most likely place where activity on this area would happen. > In any case the version to be released (2.12.x) will have this functionality > available but marked as deprecated. If the protocol revives I'll add the > functionality back to the development branch as well. OK. I will probably remove the preliminary EAP-TTLSv1 implementation from hostapd/wpa_supplicant later this year once the emu process gets a bit further (obviously assuming that it does not move towards TTLSv1). - Jouni From simon at josefsson.org Wed Feb 9 19:55:38 2011 From: simon at josefsson.org (Simon Josefsson) Date: Wed, 09 Feb 2011 19:55:38 +0100 Subject: TLS Inner Application? In-Reply-To: (Jouni Malinen's message of "Wed, 9 Feb 2011 16:57:18 +0200") References: <87aai89nsf.fsf@latte.josefsson.org> <87lj1ql8ja.fsf@latte.josefsson.org> Message-ID: <87wrl9xck5.fsf@latte.josefsson.org> Jouni Malinen writes: > On Wed, Feb 9, 2011 at 1:28 PM, Nikos Mavrogiannopoulos wrote: >> Currently I have removed the TLS/IA implementation from what is to become >> 3.0.0 release, on the basis that the protocol itself is not published (and there >> is no indication that somebody plans to do it). Would submitting EAP-TTLSv1 >> to that process mean that somebody would revive the TLS/IA draft, or could >> they even modifying the method completely to avoid TLS/IA? >> (is there anyone to contact about that?) > > If someone were to want to push for EAP-TTLSv1 to be used, then yes, > TLS/IA would probably need to be revived, too. Both of these internet > drafts expired years ago and I have not heard of much activity behind > them since then. The design could be changed completely, too, but I'm > not sure whether TTLSv1 would be the best starting point if that is > the goal. Anyway, I would hope that we will know quite a bit more > later this year. The IETF emu working group is the most likely place > where activity on this area would happen. > >> In any case the version to be released (2.12.x) will have this functionality >> available but marked as deprecated. If the protocol revives I'll add the >> functionality back to the development branch as well. > > OK. I will probably remove the preliminary EAP-TTLSv1 implementation > from hostapd/wpa_supplicant later this year once the emu process gets > a bit further (obviously assuming that it does not move towards > TTLSv1). Thanks for update -- based on this I think we are right to remove the implementation for GnuTLS 3.0. TLS/IA will still be available on older releases (and even in the next stable release) and if there is ever more interest in it, I'm sure we can revive the patches. It sounds as if TLS/IA is not going to look the same if it ever reaches RFC status. /Simon From derleader at abv.bg Thu Feb 17 15:12:32 2011 From: derleader at abv.bg (derleader mail) Date: Thu, 17 Feb 2011 16:12:32 +0200 (EET) Subject: support for AIX and HP-UX Message-ID: <1545624608.12790.1297951952441.JavaMail.apache@mail21.abv.bg> Hi, I'm interested is it possible to use GnuTLS with IBM AIX and HP-UX? I need to develop a application which uses GnuTLS for secure communication on these platforms. Regards Peter -------------- next part -------------- An HTML attachment was scrubbed... URL: From nmav at gnutls.org Thu Feb 17 15:50:49 2011 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 17 Feb 2011 15:50:49 +0100 Subject: support for AIX and HP-UX In-Reply-To: <1545624608.12790.1297951952441.JavaMail.apache@mail21.abv.bg> References: <1545624608.12790.1297951952441.JavaMail.apache@mail21.abv.bg> Message-ID: On Thu, Feb 17, 2011 at 3:12 PM, derleader mail wrote: > ?Hi, > ? I'm interested is it possible to use GnuTLS with IBM AIX and HP-UX? I need > to develop a application which uses GnuTLS for secure communication on these > platforms. You shouldn't have any problem on these platforms since they are supposed to be POSIX compliant. If you have any issue report it as bug. regards, Nikos From david.kirkby at onetel.net Thu Feb 17 18:32:30 2011 From: david.kirkby at onetel.net (Dr. David Kirkby) Date: Thu, 17 Feb 2011 17:32:30 +0000 Subject: support for AIX and HP-UX In-Reply-To: References: <1545624608.12790.1297951952441.JavaMail.apache@mail21.abv.bg> Message-ID: <4D5D5BAE.8000708@onetel.net> On 02/17/11 02:50 PM, Nikos Mavrogiannopoulos wrote: > On Thu, Feb 17, 2011 at 3:12 PM, derleader mail wrote: >> Hi, >> I'm interested is it possible to use GnuTLS with IBM AIX and HP-UX? I need >> to develop a application which uses GnuTLS for secure communication on these >> platforms. > > You shouldn't have any problem on these platforms since they are supposed to be > POSIX compliant. If you have any issue report it as bug. > > regards, > Nikos I had problems when trying to build GnuTLS on both AIX and HP-UX, as part of the Sage maths program. Though this was with a rather old version of GnuTLS (2.2.1) Here's the issue I had on AIX 5.3 http://trac.sagemath.org/sage_trac/ticket/9975 Here's the issue I had on HP-UX 11.11B http://trac.sagemath.org/sage_trac/ticket/7511 (note I did report this HP-UX. I don't recall getting any feedback, but I may have done). > _______________________________________________ > Help-gnutls mailing list > Help-gnutls at gnu.org > http://lists.gnu.org/mailman/listinfo/help-gnutls > -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Dave From nmav at gnutls.org Thu Feb 17 23:22:37 2011 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 17 Feb 2011 23:22:37 +0100 Subject: support for AIX and HP-UX In-Reply-To: <4D5D5BAE.8000708@onetel.net> References: <1545624608.12790.1297951952441.JavaMail.apache@mail21.abv.bg> <4D5D5BAE.8000708@onetel.net> Message-ID: <4D5D9FAD.2090805@gnutls.org> On 02/17/2011 06:32 PM, Dr. David Kirkby wrote: > On 02/17/11 02:50 PM, Nikos Mavrogiannopoulos wrote: >> On Thu, Feb 17, 2011 at 3:12 PM, derleader mail wrote: >>> Hi, >>> I'm interested is it possible to use GnuTLS with IBM AIX and >>> HP-UX? I need >>> to develop a application which uses GnuTLS for secure communication >>> on these >>> platforms. >> >> You shouldn't have any problem on these platforms since they are >> supposed to be >> POSIX compliant. If you have any issue report it as bug. >> >> regards, >> Nikos > > I had problems when trying to build GnuTLS on both AIX and HP-UX, as > part of the Sage maths program. Though this was with a rather old > version of GnuTLS (2.2.1) > > Here's the issue I had on AIX 5.3 > http://trac.sagemath.org/sage_trac/ticket/9975 > Here's the issue I had on HP-UX 11.11B > http://trac.sagemath.org/sage_trac/ticket/7511 > (note I did report this HP-UX. I don't recall getting any feedback, but > I may have done). As I can understand from the logs, the gnutls-serv and gnutls-cli programs do not build. Does this affect you on using the library? regards, Nikos From simon at josefsson.org Mon Feb 28 14:06:11 2011 From: simon at josefsson.org (Simon Josefsson) Date: Mon, 28 Feb 2011 14:06:11 +0100 Subject: GnuTLS 2.10.5 released Message-ID: <871v2sb96k.fsf@latte.josefsson.org> We are proud to announce a new stable GnuTLS release: Version 2.10.5. GnuTLS is a modern C library that implements the standard network security protocol Transport Layer Security (TLS), for use by network applications. GnuTLS is developed for GNU/Linux, but works on many Unix-like systems and comes with a binary installer for Windows. The GnuTLS library is distributed under the terms of the GNU Lesser General Public License version 2.1 (or later). The "extra" GnuTLS library (which contains TLS/IA support, LZO compression and Libgcrypt FIPS-mode handler), the OpenSSL compatibility library, the self tests and the command line tools are all distributed under the GNU General Public License version 3.0 (or later). The manual is distributed under the GNU Free Documentation License version 1.3 (or later). The project page of the library is available at: http://www.gnu.org/software/gnutls/ What's New ========== ** libgnutls: Corrected verification of finished messages. ** libgnutls: Corrected signature generation and verification in the Certificate Verify message when in TLS 1.2. Reported by Todd A. Ouska. ** pkg-config gnutls.pc improvements. The file uses 'Requires.private' for libtasn1 and libz when needed, instead of Libs.private. From Andreas Metzler. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded from one of the mirror sites or direct from . The list of mirrors can be found at . Here are the BZIP2 compressed sources (7.0MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5.tar.bz2 http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5.tar.bz2 Here are OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5.tar.bz2.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5.tar.bz2.sig Note, that we don't distribute gzip compressed tarballs. In order to check that the version of GnuTLS which you are going to install is an original and unmodified one, you should verify the OpenPGP signature. You can use the command gpg --verify gnutls-2.10.5.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. The signing key can be identified with the following information: pub 1280R/B565716F 2002-05-05 [expires: 2011-03-30] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2011-03-30] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Alternatively, after successfully verifying the OpenPGP signature of this announcement, you could verify that the files match the following checksum values. The values are for SHA-1 and SHA-224 respectively: 4530657082a0e754356de89a5529d1ad7a18e777 gnutls-2.10.5.tar.bz2 546e8631b68358cb495fcd6fd13274ba5a7370ef3848a459172d4370 gnutls-2.10.5.tar.bz2 Documentation ============= The manual is available online at: http://www.gnu.org/software/gnutls/documentation.html In particular the following formats are available: HTML: http://www.gnu.org/software/gnutls/manual/html_node/index.html PDF: http://www.gnu.org/software/gnutls/manual/gnutls.pdf For developers there is a GnuTLS API reference manual formatted using the GTK-DOC tools: HTML: http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html PDF: http://www.gnu.org/software/gnutls/reference/gnutls.pdf Community ========= If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: http://lists.gnu.org/mailman/listinfo/help-gnutls If you wish to participate in the development of GnuTLS, you are invited to join our gnutls-dev mailing list, see: http://lists.gnu.org/mailman/listinfo/gnutls-devel Windows installer ================= GnuTLS has been ported to the Windows operating system, and a binary installer is available. The installer contains DLLs for application development, manuals, examples, and source code. The installer uses libgpg-error v1.8, libgcrypt v1.4.6, and GnuTLS v2.10.5. The Windows binary installer: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5-x86.exe (16MB) ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5-x86.exe.sig (OpenPGP) The checksum values for SHA-1 and SHA-224 are: 85bed4c33f50941f62560275a485c942dd7e5645 gnutls-2.10.5-x86.exe 915c7b1fb53b8a4f22fcd526c0ccb8ea021709040d180f61b9914fc4 gnutls-2.10.5-x86.exe A ZIP archive containing the Windows binaries: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5-x86.zip (5.8MB) ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.5-x86.zip.sig (OpenPGP) A Debian mingw32 package is also available: ftp://ftp.gnu.org/gnu/gnutls/mingw32-gnutls_2.10.5-1_all.deb (5.3MB) The checksum values for SHA-1 and SHA-224 are: 73ee95cf76f2fcfc04fc44c3750776cbac53fe29 mingw32-gnutls_2.10.5-1_all.deb 7463ab8a17cee7bd0e8ab70b977868e7f577829bf5221c18c8f86f6a mingw32-gnutls_2.10.5-1_all.deb Internationalization ==================== The GnuTLS library messages have been translated into Czech, Dutch, French, German, Italian, Malay, Polish, Simplified Chinese, Swedish, and Vietnamese. We welcome the addition of more translations. Support ======= Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. The GnuTLS service directory is available at: http://www.gnu.org/software/gnutls/commercial.html Happy Hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 424 bytes Desc: not available URL: