15 A mailing list where users may help each other exists, and you can
16 reach it by sending e-mail to @email{gnutls-help@@gnutls.org}. Archives
17 of the mailing list discussions, and an interface to manage
18 subscriptions, is available through the World Wide Web at
19 @url{http://lists.gnutls.org/pipermail/gnutls-help/}.
21 A mailing list for developers are also available, see
22 @url{http://www.gnutls.org/lists.html}.
23 Bug reports should be sent to @email{bugs@@gnutls.org}, see
26 @node Commercial Support
27 @section Commercial Support
29 Commercial support is available for users of GnuTLS. The kind of
30 support that can be purchased may include:
34 @item Implement new features.
35 Such as a new TLS extension.
37 @item Port GnuTLS to new platforms.
38 This could include porting to an embedded platforms that may need
39 memory or size optimization.
41 @item Integrating TLS as a security environment in your existing project.
43 @item System design of components related to TLS.
47 If you are interested, please write to:
50 Simon Josefsson Datakonsult
55 E-mail: simon@josefsson.org
58 If your company provides support related to GnuTLS and would like to
59 be mentioned here, contact the authors.
64 @cindex reporting bugs
66 If you think you have found a bug in GnuTLS, please investigate it and
71 @item Please make sure that the bug is really in GnuTLS, and
72 preferably also check that it hasn't already been fixed in the latest
75 @item You have to send us a test case that makes it possible for us to
78 @item You also have to explain what is wrong; if you get a crash, or
79 if the results printed are not good and in that case, in what way.
80 Make sure that the bug report includes all information you would need
81 to fix this kind of bug for someone else.
85 Please make an effort to produce a self-contained report, with
86 something definite that can be tested or debugged. Vague queries or
87 piecemeal messages are difficult to act on and don't help the
90 If your bug report is good, we will do our best to help you to get a
91 corrected version of the software; if the bug report is poor, we won't
92 do anything about it (apart from asking you to send better bug
95 If you think something in this manual is unclear, or downright
96 incorrect, or if the language needs to be improved, please also send a
99 Send your bug report to:
101 @center @samp{bugs@@gnutls.org}
104 @section Contributing
108 If you want to submit a patch for inclusion -- from solving a typo you
109 discovered, up to adding support for a new feature -- you should
110 submit it as a bug report, using the process in @ref{Bug Reports}. There are some
111 things that you can do to increase the chances for it to be included
112 in the official package.
114 Unless your patch is very small (say, under 10 lines) we require that
115 you assign the copyright of your work to the Free Software Foundation.
116 This is to protect the freedom of the project. If you have not
117 already signed papers, we will send you the necessary information when
118 you submit your contribution.
120 For contributions that doesn't consist of actual programming code, the
121 only guidelines are common sense.
122 For code contributions, a number of style guides will help you:
127 Follow the GNU Standards document.
128 @c (@pxref{top, GNU Coding Standards,,standards}).
130 If you normally code using another coding standard, there is no
131 problem, but you should use @samp{indent} to reformat the code
132 @c (@pxref{top, GNU Indent,, indent})
133 before submitting your work.
135 @item Use the unified diff format @samp{diff -u}.
138 No reason whatsoever should abort the execution of the library. Even
139 memory allocation errors, e.g. when malloc return NULL, should work
140 although result in an error code.
142 @item Design with thread safety in mind.
143 Don't use global variables. Don't even write to per-handle global
144 variables unless the documented behaviour of the function you write is
145 to write to the per-handle global variable.
147 @item Avoid using the C math library.
148 It causes problems for embedded implementations, and in most
149 situations it is very easy to avoid using it.
151 @item Document your functions.
152 Use comments before each function headers, that, if properly
153 formatted, are extracted into Texinfo manuals and GTK-DOC web pages.
155 @item Supply a ChangeLog and NEWS entries, where appropriate.
160 @section Certification
161 @cindex certification
163 Many cryptographic libraries claim certifications from national or international bodies. These certifications are tied on a specific (and often restricted) version of the library or a
164 specific product using the library, and typically in the case of software they assure that the algorithms implemented are correct. The major certifications known are:
166 @item USA's FIPS 140-2 at Level 1 which certifies that approved algorithms are used (see @url{http://en.wikipedia.org/wiki/FIPS_140-2});
167 @item Common Criteria for Information Technology Security Evaluation (CC), an international standard for verification of elaborate security claims (see @url{http://en.wikipedia.org/wiki/Common_Criteria}).
170 Obtaining such a certification is an expensive and elaborate job that has no immediate value for a continuously developed free software library (as the certification is tied to the
171 particular version tested). While, as a free software project, we are not actively pursuing this kind of certification, GnuTLS has been FIPS-140-2 certified in several systems by
172 third parties. If you are, interested, see @ref{Commercial Support}.
projects / platform / upstream / gnutls.git / blob