GNUTLS: Basic Connection with OpenSSL

It's an interesting problem: how to make it LOOK like we're using one library, when we're actually using a completely different one? GNUTLS comes packaged with an openssl library (-l gnutls-openssl) and associated headers (gnutls/openssl.h). They do a fairly admirable job of allowing us to keep our OpenSSL code. I've noticed a couple of problems, though: BIO_set_conn_hostname()

Tools vs APIs

If you are making a product that will employ unique self-signed certificates and private keys, how would you go about it? The two basic techniques are: Run a tool like OpenSSL's cert tool, either at user discretion or through a script Build the certificate generator directly into your program Let's take a quick look at what each

Installing GNUTLS: A Guide for the Rest of Us

The next few posts will relate to gnutls, an Open Source library designed to form encrypted SSL/TLS connections (similar to OpenSSL, but with more open licenses). The library does not have the best documentation, so this will largely serve as an example of useful techniques and processes for working with such code. Pre-Installation Before we begin,

Working with Poor Documentation: Options are Limited…

If it hasn't happened to you yet, it will: You're working with library code - say, GNUTLS. You've dug around and installed all the prerequesites, and the libraries are all set up. You're all ready to get to work... But the documentation doesn't match the headers you have. It turns out that all the documentation matches