It's an interesting problem: how to make it LOOK like we're using one library, when we're actually using a completely different one?
GNUTLS comes packaged with an openssl library (-l gnutls-openssl) and associated headers (gnutls/openssl.h). They do a fairly admirable job of allowing us to keep our OpenSSL code.
I've noticed a couple of problems, though:
If you are making a product that will employ unique self-signed certificates and private keys, how would you go about it? The two basic techniques are:
Run a tool like OpenSSL's cert tool, either at user discretion or through a script
Build the certificate generator directly into your program
Let's take a quick look at what each
The next few posts will relate to gnutls, an Open Source library designed to form encrypted SSL/TLS connections (similar to OpenSSL, but with more open licenses). The library does not have the best documentation, so this will largely serve as an example of useful techniques and processes for working with such code.
Before we begin,
If it hasn't happened to you yet, it will:
You're working with library code - say, GNUTLS. You've dug around and installed all the prerequesites, and the libraries are all set up. You're all ready to get to work...
But the documentation doesn't match the headers you have. It turns out that all the documentation matches