如何编译安装gnutls-devel 3.7?
- By : Will
- Category : 编译安装
- Tags: 3.7, gnutls-devel
1 基础知识
1.1 GnuTLS的简介
– GnuTLS是一个安全的通讯库
– GnuTLS使用TLS/SSL(传输层安全协议又称安全套接字层)和DTLS协议实现安全通讯
– GnuTLS提供一个简单的C语言应用程序编程接口
– GnuTLS编程接口用于访问安全通讯协议
– GnuTLS编程接口用于解析和编写X.509、PKCS#12和其他需求的API构造
1.2 GnuTLS的特点
– 支持TLS 1.3、1.2、1.1、1.0和SSL 3.0(可选)
– 支持DTLS 1.2和DTLS 1.0协议
– 支持证书路径验证以及第一次使用时的DANE和信任
– 支持在线证书状态协议(OCSP)
– 支持公钥包括RSA和Elliptic曲线以及弥合和秘钥认证方法(如SRP和PSK协议)
– 支持所有强大的加密算法,包括AES和Camellia
– 支持使用VIA挂锁和AES-NI指令集的CPU辅助加密
– 支持加密加速器驱动程序(通过/dev/crypto)
– 支持本机HSM和加密令牌(通过PKCS#11和可信平台模块,即TPM)
– 支持大多数的Unix平台和Windows平台
1.3 GnuTLS的安装要求
1.3.1 需要预先安装的依赖包
– Make
– Automake (use 1.11.3 or later)
– Autoconf
– Autogen (use 5.16 or later)
– Libtool
– Gettext
– Texinfo
– Tar
– Gzip
– Texlive & epsf (for PDF manual)
– GTK-DOC (for API manual)
– Git
– Perl
– Nettle
– Guile
– p11-kit
– gperf
– libtasn1 (optional)
– Libidn2 (optional, for internationalization of DNS, IDNA 2008)
– Libunistring (optional, for internationalization)
– AWK (for make dist, pmccabe2html)
– bison (for datetime parser in certtool)
– libunbound (for DANE support)
– libabigail (for abi comparison in make dist)
– tcsd (for TPM support; optional)
– swtpm (for TPM test; optional)
– ncat (for TPM test; optional)
– tpm-tools (for TPM test; optional)
– expect (for TPM test; optional)
1.3.2 编译需要安装的依赖包
– Valgrind(可选)
– Libasan(可选)
– datefudge(可选)
– nodejs(某些测试用例需要)
– softhsm(用于测试智能卡支持)
– dieharder(用于测试PRNG)
– lcov(代码覆盖率)
2 最佳实践
2.1 安装前的准备
2.1.1 安装编译工具
yum -y install gcc make m4
2.1.2 下载软件包
cd ~ wget https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.0.tar.xz
注意:其他版本请从以下目录下载,
https://www.gnupg.org/ftp/gcrypt/gnutls/
2.1.3 解压软件包
cd ~
tar -xf gnutls-3.7.0.tar.xz
2.2 编译安装
2.2.1 预编译软件库
cd ~/gnutls-3.7.0
./configure --prefix=/usr \
--docdir=/usr/share/doc/gnutls-3.7.0 \
--libdir=/usr/lib64 \
--disable-guile \
--with-default-trust-store-pkcs11="pkcs11:"
cd ~ tar -xf gnutls-3.7.0.tar.xz
2.2 编译安装
2.2.1 预编译软件库
cd ~/gnutls-3.7.0
./configure --prefix=/usr \
--docdir=/usr/share/doc/gnutls-3.7.0 \
--libdir=/usr/lib64 \
--disable-guile \
--with-default-trust-store-pkcs11="pkcs11:"
如果遇到如下错误,
configure: error: *** *** Libnettle 3.4.1 was not found.
你可能需要参阅以下章节解决依赖问题,
如果遇到如下错误,
configure: error: *** *** gmp was not found.
你可能需要通过如下命令解决此依关系,
yum install -y gmp-devel
如果遇到如下错误,
configure: error: *** *** Libtasn1 4.9 was not found. To use the included one, use --with-included-libtasn1
你可能需要通过如下命令解决此依关系,
yum install -y libtasn1-devel
如果遇到如下错误,
configure: error: *** *** Libunistring was not found. To use the included one, use --with-included-unistring
你可能需要通过如下命令解决此依关系,
yum install -y libunistring-devel
如果遇到如下错误,
configure: error: *** *** p11-kit >= 0.23.1 was not found. To disable PKCS #11 support *** use --without-p11-kit, otherwise you may get p11-kit from *** http://p11-glue.freedesktop.org/p11-kit.html ***
你可能需要通过如下命令解决此依关系,
yum install -y p11-kit-devel
2.2.2 编译并安装软件库
cd ~/gnutls-3.6.9 make
如果你遇到如下错误,
CC pkcs11_privkey.lo
pkcs11_privkey.c: In function '_gnutls_pkcs11_privkey_sign':
pkcs11_privkey.c:335:32: error: storage size of 'rsa_pss_params' isn't known
struct ck_rsa_pkcs_pss_params rsa_pss_params;
^
pkcs11_privkey.c:335:32: warning: unused variable 'rsa_pss_params' [-Wunused-var iable]
make[4]: *** [pkcs11_privkey.lo] Error 1
make[4]: Leaving directory `/root/gnutls-3.6.9/lib'
make[3]: *** [all-recursive] Error 1
make[3]: Leaving directory `/root/gnutls-3.6.9/lib'
make[2]: *** [all] Error 2
make[2]: Leaving directory `/root/gnutls-3.6.9/lib'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/gnutls-3.6.9'
make: *** [all] Error 2
你可以参照以下链接解决此问题,
https://gitlab.com/gnutls/gnutls/issues/812
另外,如果实在无法配置,可使用“–without-p11-kit”参数禁用p11-kit,
cd ~/gnutls-3.7.0
./configure --prefix=/usr \
--docdir=/usr/share/doc/gnutls-3.7.0 \
--libdir=/usr/lib64 \
--disable-guile \
--without-p11-kit
2.2.3 安装软件库
cd ~/gnutls-3.6.9 make install
参阅文档
===========================
编译安装的方法
———————
http://linuxfromscratch.org/blfs/view/svn/postlfs/gnutls.html
官方首页
———————-
https://gitlab.com/gnutls/gnutls
https://www.gnutls.org/index.html
GitHub首页
—————-
https://www.gnupg.org/ftp/gcrypt/gnutls/
https://github.com/gnutls/gnutls
软件下载
—————–
https://github.com/gnutls/gnutls/releases
错误处理
————
https://lists.gnutls.org/pipermail/gnutls-help/2016-February/004085.html
非官方的参考
————
https://amon.org/gnutls
没有评论