* some IDE fixes merged

 * gnutls with associated fcl-net revisions merged.

git-svn-id: branches/fixes_3_2@41900 -

.gitattributes

@@ -2531,6 +2531,7 @@ packages/fcl-net/src/netware/resolve.inc svneol=native#text/plain
 packages/fcl-net/src/netwlibc/resolve.inc svneol=native#text/plain
 packages/fcl-net/src/os2/resolve.inc svneol=native#text/plain
 packages/fcl-net/src/resolve.pp svneol=native#text/plain
+packages/fcl-net/src/sslbase.pp svneol=native#text/plain
 packages/fcl-net/src/sslsockets.pp svneol=native#text/plain
 packages/fcl-net/src/ssockets.pp svneol=native#text/plain
 packages/fcl-net/src/unix/resolve.inc svneol=native#text/plain
@@ -3757,6 +3758,15 @@ packages/gnome1/src/zvt/libzvt.pp svneol=native#text/plain
 packages/gnome1/src/zvt/lists.inc svneol=native#text/plain
 packages/gnome1/src/zvt/vt.inc svneol=native#text/plain
 packages/gnome1/src/zvt/vtx.inc svneol=native#text/plain
+packages/gnutls/Makefile svneol=native#text/plain
+packages/gnutls/Makefile.fpc svneol=native#text/plain
+packages/gnutls/examples/httpget.pp svneol=native#text/plain
+packages/gnutls/examples/privkey.pp svneol=native#text/plain
+packages/gnutls/examples/srvcacert.pp svneol=native#text/plain
+packages/gnutls/examples/testgnutls.pp svneol=native#text/plain
+packages/gnutls/fpmake.pp svneol=native#text/plain
+packages/gnutls/src/gnutls.pp svneol=native#text/plain
+packages/gnutls/src/gnutlssockets.pp svneol=native#text/plain
 packages/googleapi/Makefile svneol=native#text/plain
 packages/googleapi/Makefile.fpc svneol=native#text/plain
 packages/googleapi/README.txt svneol=native#text/plain
@@ -6638,6 +6648,7 @@ packages/openssl/examples/test1.pas svneol=native#text/plain
 packages/openssl/fpmake.pp svneol=native#text/plain
 packages/openssl/src/fpopenssl.pp svneol=native#text/plain
 packages/openssl/src/openssl.pas svneol=native#text/plain
+packages/openssl/src/opensslsockets.pp svneol=native#text/plain
 packages/oracle/Makefile svneol=native#text/plain
 packages/oracle/Makefile.fpc svneol=native#text/plain
 packages/oracle/Makefile.fpc.fpcmake svneol=native#text/plain

packages/fcl-net/fpmake.pp

@@ -19,7 +19,6 @@ begin
 {$endif ALLPACKAGES}
     P.Version:='3.2.0-beta';
     P.Dependencies.Add('fcl-base');
-    P.Dependencies.Add('openssl',AllUnixOSes+AllWindowsOSes);
     P.Dependencies.Add('fcl-xml');
     P.Dependencies.Add('fcl-passrc');
     P.Dependencies.Add('fcl-async',[linux,freebsd,netbsd,openbsd,dragonfly]);
@@ -44,6 +43,7 @@ begin
 
     // IP and Sockets
     T:=P.Targets.AddUnit('netdb.pp',AllUnixOSes);
+    T:=P.Targets.AddUnit('sslbase.pp');
     T:=P.Targets.AddUnit('resolve.pp',AllUnixOSes+AllWindowsOSes+AllAmigaLikeOSes+[OS2,EMX]);
       with T.Dependencies do
         begin
@@ -57,10 +57,11 @@ begin
           AddUnit('resolve');
         end;
     T.ResourceStrings := True;
-    T:=P.Targets.AddUnit('sslsockets.pp',AllUnixOSes+AllWindowsOSes);
+    T:=P.Targets.AddUnit('sslsockets.pp',AllUnixOSes+AllWindowsOSes+AllAmigaLikeOSes+[OS2,EMX]);
       with T.Dependencies do
         begin
           AddUnit('ssockets');
+          Addunit('sslbase');
         end;
     T.ResourceStrings := True;
 

packages/fcl-net/src/sslbase.pp

@@ -0,0 +1,242 @@
+unit sslbase;
+
+{$mode objfpc}{$H+}
+
+interface
+
+uses
+  Classes, SysUtils;
+
+Type
+  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
+
+  { TSSLData }
+
+  TSSLData = Class(TPersistent)
+  private
+    FFileName: String;
+    FValue: TBytes;
+  Public
+    Function Empty : Boolean;
+    Procedure Assign(Source : TPersistent);override;
+    Property FileName : String Read FFileName Write FFileName;
+    Property Value: TBytes Read FValue Write FValue;
+  end;
+
+Const
+  SSLDataCount = 4; // 0 based.
+  StrDataCount = 2; // 0 based.
+
+Type
+  { TSSLSocketHandler }
+
+  { TCertificateData }
+
+  TCertificateData = Class(TPersistent)
+  Private
+    FStrData : Array[0..StrDataCount] of string;
+    FCertData : Array[0..SSLDataCount] of TSSLData;
+    function GetSSLData(AIndex: Integer): TSSLData;
+    procedure SetSSLData(AIndex: Integer; AValue: TSSLData);
+    function GetString(AIndex: Integer): String;
+    procedure SetString(AIndex: Integer; AValue: String);
+  Public
+    constructor Create;
+    Destructor Destroy; override;
+    Procedure Assign(Source : TPersistent); override;
+    Function NeedCertificateData : Boolean;
+  Published
+    property KeyPassword: string Index 0 read GetString write SetString;
+    property CipherList: string Index 1 read GetString write SetString;
+    Property HostName : String Index 2 read GetString write SetString;
+    property Certificate : TSSLData Index 0 Read GetSSLData Write SetSSLData;
+    property TrustedCertificate : TSSLData Index 1 Read GetSSLData Write SetSSLData;
+    property PrivateKey : TSSLData Index 2 Read GetSSLData Write SetSSLData;
+    property PFX: TSSLData Index 3 Read GetSSLData Write SetSSLData;
+    property CertCA: TSSLData Index 4 Read GetSSLData Write SetSSLData;
+  end;
+
+    { TX509Certificate }
+  TCertAndKey = Record
+    Certificate : TBytes;
+    PrivateKey : TBytes;
+  end;
+
+  TX509Certificate = Class (TObject)
+  private
+    FCommonName: string;
+    FCountry: String;
+    FHostName: string;
+    FKeySize: Integer;
+    FOrganization: String;
+    FSerial: Integer;
+    FValidFrom: TDateTime;
+    FValidTo: TDateTime;
+    FVersion: Integer;
+    function GetKeySize: Integer;
+    function GetValidFrom: TDateTime;
+    function GetValidTo: TDateTime;
+    function GetVersion: Integer;
+  Protected
+    Function GetRealSerial : Integer;
+  Public
+    Function CreateCertificateAndKey : TCertAndKey; virtual; abstract;
+    Procedure CreateCertificateAndKey(Var aCertificate,aKey : TBytes);
+    Property Country : String Read FCountry Write FCountry;
+    Property HostName : string Read FHostName Write FHostName;
+    Property CommonName : string Read FCommonName Write FCommonName;
+    Property Organization : String Read FOrganization Write FOrganization;
+    Property KeySize : Integer Read GetKeySize Write FKeySize;
+    // Valid from. Default today -1;
+    Property ValidFrom : TDateTime Read GetValidFrom Write FValidFrom;
+    // Valid To. Default today + 31;
+    Property ValidTo : TDateTime Read GetValidTo Write FValidTo;
+    // Version Default 1.
+    Property Version : Integer Read GetVersion Write FVersion;
+    // Serial. If zero, then a serial is generated.
+    Property Serial : Integer Read FSerial Write FSerial;
+
+  end;
+
+implementation
+
+{ TSSLData }
+
+Function TSSLData.Empty: Boolean;
+begin
+  Result:=(Length(Value)=0) and (FileName='');
+end;
+
+Procedure TSSLData.Assign(Source: TPersistent);
+
+begin
+  if Source is TSSLData then
+   With TSSLData(Source) do
+    begin
+    Self.FValue:=FValue;
+    Self.FFileName:=FFileName;
+    end
+  else
+    inherited Assign(Source);
+end;
+
+{ TCertificateData }
+
+function TCertificateData.GetSSLData(AIndex: Integer): TSSLData;
+begin
+  Result:=FCertData[AIndex];
+end;
+
+procedure TCertificateData.SetSSLData(AIndex: Integer; AValue: TSSLData);
+begin
+  FCertData[AIndex].Assign(AValue);
+end;
+
+function TCertificateData.GetString(AIndex: Integer): String;
+begin
+  Result:=FStrData[AIndex];
+  if (AIndex=2) and (result='') then
+    Result:='localhost';
+end;
+
+procedure TCertificateData.SetString(AIndex: Integer; AValue: String);
+begin
+  FStrData[AIndex]:=aValue;
+end;
+
+constructor TCertificateData.Create;
+
+Var
+  I : Integer;
+
+begin
+  CipherList:='DEFAULT';
+  HostName:='localhost';
+  For I:=0 to SSLDataCount do
+    FCertData[i]:=TSSLData.Create;
+end;
+
+destructor TCertificateData.Destroy;
+
+Var
+  I : Integer;
+
+begin
+  For I:=0 to SSLDataCount do
+    FreeAndNil(FCertData[i]);
+  inherited Destroy;
+end;
+
+procedure TCertificateData.Assign(Source: TPersistent);
+
+Var
+  CD : TCertificateData;
+  I : Integer;
+
+begin
+  if Source is TCertificateData then
+    begin
+    CD:=Source as TCertificateData;
+    For I:=0 to StrDataCount do
+      FStrData[i]:=CD.FStrData[i];
+    For I:=0 to SSLDataCount do
+      FCertData[i].Assign(CD.FCertData[i])
+    end
+  else
+    inherited Assign(Source);
+end;
+
+function TCertificateData.NeedCertificateData: Boolean;
+begin
+  Result:=Certificate.Empty and PFX.Empty;
+end;
+
+function TX509Certificate.GetKeySize: Integer;
+begin
+  Result:=FKeySize;
+  if Result=0 then
+    Result:=1024;
+end;
+
+function TX509Certificate.GetValidFrom: TDateTime;
+begin
+  Result:=FValidFrom;
+  If Result=0 then
+    Result:=Date-1;
+end;
+
+function TX509Certificate.GetValidTo: TDateTime;
+begin
+  Result:=FValidTo;
+  If Result=0 then
+    Result:=Date+31;
+end;
+
+
+function TX509Certificate.GetVersion: Integer;
+begin
+  Result:=FVersion;
+  if FVersion=0 then
+    FVersion:=1;
+end;
+
+function TX509Certificate.GetRealSerial: Integer;
+begin
+  Result:=FSerial;
+  if Result=0 then
+    Result:=10; // MinutesBetween(Now,EncodeDate(2019,1,1));
+end;
+
+procedure TX509Certificate.CreateCertificateAndKey(var aCertificate, aKey: TBytes);
+
+Var
+  CK : TCertAndKey;
+
+begin
+  CK:=CreateCertificateAndKey;
+  aCertificate:=CK.Certificate;
+  aKey:=CK.PrivateKey;
+end;
+
+end.
+

packages/fcl-net/src/sslsockets.pp

@@ -19,444 +19,203 @@ unit sslsockets;
 interface
 
 uses
-  Classes, SysUtils, sockets, ssockets, openssl, fpopenssl;
+  Classes, SysUtils, sockets, ssockets, sslbase;
 
 Const
-  SSLDataCount = 4; // 0 based.
+  SUseCertData = 'use CertificateData instead';
 
 Type
+  ESSLSocketError = Class(ESocketError);
+  TSSLSocketHandler = class;
   TVerifyCertificateEvent = Procedure(Sender : TObject; Allow : Boolean) of object;
+  TSSLSocketHandlerClass = class of TSSLSocketHandler;
+
   { TSSLSocketHandler }
 
   TSSLSocketHandler = class(TSocketHandler)
   private
-    FRemoteHostName: String;
-    FSSLLastErrorString: string;
-    FCipherList: string;
+    FCertGenerator: TX509Certificate;
+    FCertificateData: TCertificateData;
     FVerifyPeerCert: Boolean;
     FOnVerifyCertificate: TVerifyCertificateEvent;
     FSSLType: TSSLType;
-    FKeyPassword: string;
-    FUsername: string;
-    FPassword: string;
-    FCertData : Array[0..4] of TSSLData;
-    FSSL: TSSL;
-    FCTX : TSSLContext;
     FSSLActive : Boolean;
     FSendHostAsSNI : Boolean;
     function GetSSLData(AIndex: Integer): TSSLData;
+    function GetString(AIndex: Integer): string;
+    procedure SetCertificateData(AValue: TCertificateData);
     procedure SetSSLData(AIndex: Integer; AValue: TSSLData);
-    procedure SetSSLLastErrorString(AValue: string);
+    procedure SetString(AIndex: Integer; AValue: string);
+  Private
+    Class Var FDefaultHandlerClass : TSSLSocketHandlerClass;
   protected
-    Function FetchErrorInfo: Boolean;
-    function CheckSSL(SSLResult: Integer): Boolean;
-    function CheckSSL(SSLResult: Pointer): Boolean;
-    function InitContext(NeedCertificate: Boolean): Boolean; virtual;
-    function DoneContext: Boolean; virtual;
-    function InitSslKeys: boolean;virtual;
-    function DoVerifyCert:boolean;
+    Procedure SetSSLActive(aValue : Boolean);
+    function DoVerifyCert: boolean;
   public
     constructor Create; override;
     Destructor Destroy; override;
+    // Class factory methods
+    Class Procedure SetDefaultHandlerClass(aClass : TSSLSocketHandlerClass);
+    Class Function GetDefaultHandlerClass : TSSLSocketHandlerClass;
+    Class Function GetDefaultHandler : TSSLSocketHandler;
     // Socket methods
-    function Connect : Boolean; override;
-    function Close : Boolean; override;
-    function Accept : Boolean; override;
-    function Shutdown(BiDirectional : Boolean): boolean; override;
-    function Send(Const Buffer; Count: Integer): Integer; override;
-    function Recv(Const Buffer; Count: Integer): Integer; override;
-    function BytesAvailable: Integer; override;
-    Function SSLActive: Boolean;
-    function CreateSelfSignedCertificate(Const AHostName: string): Boolean; virtual;
-    // Result of last CheckSSL call.
-    Function SSLLastError: integer;
-    property SSLLastErrorString: string read FSSLLastErrorString write SetSSLLastErrorString;
+    Function CreateCertificateData : TCertificateData; virtual;
+    Function CreateCertGenerator : TX509Certificate; virtual;
+    function CreateSelfSignedCertificate: Boolean; virtual;
+    Property CertGenerator : TX509Certificate Read FCertGenerator;
+    Property SSLActive: Boolean read FSSLActive;
   published
     property SSLType: TSSLType read FSSLType write FSSLType;
-    {:Password for decrypting of encoded certificate or key.}
-    property Username: string read FUsername write FUsername;
-    property Password: string read FPassword write FPassword;
-    property KeyPassword: string read FKeyPassword write FKeyPassword;
-    property CipherList: string read FCipherList write FCipherList;
-    property Certificate : TSSLData Index 0 Read GetSSLData Write SetSSLData;
-    property TrustedCertificate : TSSLData Index 1 Read GetSSLData Write SetSSLData;
-    property PrivateKey : TSSLData Index 2 Read GetSSLData Write SetSSLData;
-    property PFX: TSSLData Index 3 Read GetSSLData Write SetSSLData;
-    property CertCA: TSSLData Index 4 Read GetSSLData Write SetSSLData;
     property VerifyPeerCert: Boolean read FVerifyPeerCert Write FVerifyPeerCert;
     Property SendHostAsSNI : Boolean Read FSendHostAsSNI Write FSendHostAsSNI;
+    Property CertificateData : TCertificateData Read FCertificateData Write SetCertificateData;
+    // Deprecated, use CertificateData instead.
+    property KeyPassword: string Index 0 read GetString write SetString; deprecated 'use CertificateData instead';
+    property CipherList: string Index 1 read GetString write SetString; deprecated 'use CertificateData instead';
     // In case a certificate must be generated as server, this is the hostname that will be used.
-    property RemoteHostName : String Read FRemoteHostName Write FRemoteHostName;
+    property RemoteHostName : String Index 2 read GetString write SetString; deprecated 'use CertificateData instead';
+    property Certificate : TSSLData Index 0 Read GetSSLData Write SetSSLData; deprecated 'use CertificateData instead';
+    property TrustedCertificate : TSSLData Index 1 Read GetSSLData Write SetSSLData;deprecated 'use CertificateData instead';
+    property PrivateKey : TSSLData Index 2 Read GetSSLData Write SetSSLData;deprecated 'use CertificateData instead';
+    property PFX: TSSLData Index 3 Read GetSSLData Write SetSSLData;deprecated 'use CertificateData instead';
+    property CertCA: TSSLData Index 4 Read GetSSLData Write SetSSLData;deprecated 'use CertificateData instead';
     property OnVerifyCertificate: TVerifyCertificateEvent read FOnVerifyCertificate write FOnVerifyCertificate;
   end;
 
 
+
 implementation
 
-{ TSocketHandler }
 Resourcestring
-  SErrNoLibraryInit = 'Could not initialize OpenSSL library';
-
-Procedure MaybeInitSSLInterface;
-
-begin
-  if not IsSSLloaded then
-    if not InitSSLInterface then
-      Raise EInOutError.Create(SErrNoLibraryInit);
-end;
-
+  SErrNoSSLSupport =
+    'No SSL Socket support compiled in.'+sLineBreak+
+    'Please include opensslsockets unit in program and recompile it.';
+  SErrNoX509Certificate =
+    'Cannot create a X509 certificate without SLL support';
 
 { TSSLSocketHandler }
 
-function TSSLSocketHandler.GetSSLData(AIndex: Integer): TSSLData;
-begin
-  Result:=FCertData[AIndex];
-end;
-
-procedure TSSLSocketHandler.SetSSLData(AIndex: Integer; AValue: TSSLData);
-begin
-  FCertData[AIndex].Assign(AValue);
-end;
-
-procedure TSSLSocketHandler.SetSSLLastErrorString(AValue: string);
-begin
-  if FSSLLastErrorString=AValue then Exit;
-  FSSLLastErrorString:=AValue;
-end;
-
-
-function TSSLSocketHandler.DoVerifyCert: boolean;
-begin
-  Result:=True;
-  If Assigned(OnVerifyCertificate) then
-    OnVerifyCertificate(Self,Result);
-end;
-
-constructor TSSLSocketHandler.Create;
-
-Var
-  I : Integer;
-begin
-  inherited Create;
-  FSendHostAsSNI:=True;
-  MaybeInitSSLInterface;
-  FCipherList:='DEFAULT';
-  For I:=0 to SSLDataCount do
-    FCertData[i]:=TSSLData.Create;
-end;
-
-Destructor TSSLSocketHandler.Destroy;
-
-Var
-  I : Integer;
 
+function TSSLSocketHandler.GetSSLData(AIndex: Integer): TSSLData;
 begin
-  FreeAndNil(FSSL);
-  FreeAndNil(FCTX);
-  inherited Destroy;
-  For I:=0 to SSLDataCount do
-    FreeAndNil(FCertData[i]);
+  Case aIndex of
+    0 : Result:=FCertificateData.Certificate;
+    1 : Result:=FCertificateData.TrustedCertificate;
+    2 : Result:=FCertificateData.PrivateKey;
+    3 : Result:=FCertificateData.PFX;
+    4 : Result:=FCertificateData.CertCA;
+  end;
 end;
 
-function TSSLSocketHandler.CreateSelfSignedCertificate(Const AHostName: string): Boolean;
-
-Const
-  OneDay = 60*60*24;
-  SixtyDays = 60*OneDay;
-
-var
-  PK : PEVP_PKEY;
-  X509 : PX509;
-  RSA : PRSA;
-  UTC : PASN1_UTCTIME;
-  SN : PX509_NAME;
-  B : PBIO;
-
+function TSSLSocketHandler.GetString(AIndex: Integer): string;
 begin
-  Result:=False;
-  PK:=Nil;
-  X509:=Nil;
-  try
-    PK:=EvpPkeynew;
-    X509:=X509New;
-    RSA:=RsaGenerateKey(1024,$10001,nil,nil);
-    EvpPkeyAssign(PK,EVP_PKEY_RSA,RSA);
-    X509SetVersion(X509,2);
-    Asn1IntegerSet(X509getSerialNumber(X509),0);
-    UTC:=Asn1UtctimeNew;
-    try
-      X509GmtimeAdj(UTC,-OneDay);
-      X509SetNotBefore(X509,UTC);
-      X509GmtimeAdj(UTC,SixtyDays);
-      X509SetNotAfter(X509,UTC);
-    finally
-      Asn1UtctimeFree(UTC);
-    end;
-    X509SetPubkey(X509,PK);
-    SN:=X509GetSubjectName(X509);
-    X509NameAddEntryByTxt(SN,'C',$1001,'CZ',-1,-1,0);
-    X509NameAddEntryByTxt(SN,'CN',$1001, AHostName,-1,-1,0);
-    x509SetIssuerName(X509,SN);
-    x509Sign(X509,PK,EvpGetDigestByName('SHA1'));
-    B:=BioNew(BioSMem);
-    try
-      i2dX509Bio(B,X509);
-      Certificate.Value:=BioToString(B);
-    finally
-      BioFreeAll(b);
-    end;
-    B:=BioNew(BioSMem);
-    try
-      i2dPrivatekeyBio(B,PK);
-      Privatekey.Value:=BioToString(B);
-    finally
-      BioFreeAll(b);
-    end;
-  finally
-    X509free(X509);
-    EvpPkeyFree(PK);
+  Case AIndex of
+    0 : Result:=FCertificateData.KeyPassword;
+    1 : Result:=FCertificateData.CipherList;
+    2 : Result:=FCertificateData.HostName;
   end;
 end;
 
-function TSSLSocketHandler.Connect: Boolean;
+procedure TSSLSocketHandler.SetCertificateData(AValue: TCertificateData);
 begin
-  Result:=Inherited Connect;
-  Result := Result and InitContext(False);
-  if Result then
-    begin
-    Result:=CheckSSL(FSSL.SetFD(FSocket.Handle));
-    if Result then
-     begin
-     if FSendHostAsSNI  and (FSocket is TInetSocket) then
-       FSSL.Ctrl(SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,PAnsiChar(AnsiString((FSocket as TInetSocket).Host)));
-     Result:=CheckSSL(FSSL.Connect);
-     if Result and VerifyPeerCert then
-       Result:=(FSSL.VerifyResult<>0) or (not DoVerifyCert);
-     if Result then
-       FSSLActive:=True;
-     end;
-    end;
+  if FCertificateData=AValue then Exit;
+  FCertificateData.Assign(AValue);
 end;
 
-function TSSLSocketHandler.Close: Boolean;
+procedure TSSLSocketHandler.SetSSLData(AIndex: Integer; AValue: TSSLData);
 begin
-  Result:=Shutdown(False);
+  Case aIndex of
+    0 : FCertificateData.Certificate:=AValue;
+    1 : FCertificateData.TrustedCertificate:=AValue;
+    2 : FCertificateData.PrivateKey:=AValue;
+    3 : FCertificateData.PFX:=AValue;
+    4 : FCertificateData.CertCA:=AValue;
+  end;
 end;
 
-Function TSSLSocketHandler.FetchErrorInfo : Boolean;
 
-var
-  S : AnsiString;
 
+procedure TSSLSocketHandler.SetString(AIndex: Integer; AValue: string);
 begin
-  FSSLLastErrorString:='';
-  FLastError:=ErrGetError;
-  ErrClearError;
-  Result:=(FLastError<>0);
-  if not Result then
-    begin
-    S:=StringOfChar(#0,256);
-    ErrErrorString(FLastError,S,256);
-    FSSLLastErrorString:=s;
-    end;
-end;
-
-function TSSLSocketHandler.CheckSSL(SSLResult : Integer) : Boolean;
-
-begin
-  Result:=SSLResult>=1;
-  if Not Result then
-     begin
-     FLastError:=SSLResult;
-     FetchErrorInfo;
-     end;
+  Case AIndex of
+    0 : FCertificateData.KeyPassword:=AValue;
+    1 : FCertificateData.CipherList:=AValue;
+    2 : begin
+        FCertificateData.HostName:=AValue;
+        FCertGenerator.HostName:=aValue;
+        end;
+  end;
 end;
 
-function TSSLSocketHandler.CheckSSL(SSLResult: Pointer): Boolean;
+procedure TSSLSocketHandler.SetSSLActive(aValue: Boolean);
 begin
-  Result:=(SSLResult<>Nil);
-  if not Result then
-    Result:=FetchErrorInfo;
+  FSSLActive:=aValue;
 end;
 
-function TSSLSocketHandler.DoneContext: Boolean;
 
+function TSSLSocketHandler.DoVerifyCert: boolean;
 begin
-  FreeAndNil(FSSL);
-  FreeAndNil(FCTX);
-  ErrRemoveState(0);
-  FSSLActive:=False;
   Result:=True;
+  If Assigned(OnVerifyCertificate) then
+    OnVerifyCertificate(Self,Result);
 end;
 
-Function HandleSSLPwd(buf : PAnsiChar; len:Integer; flags:Integer; UD : Pointer):Integer; cdecl;
-
-var
-  Pwd: AnsiString;
-  H :  TSSLSocketHandler;
+constructor TSSLSocketHandler.Create;
 
 begin
-  if Not Assigned(UD) then
-    PWD:=''
-  else
-    begin
-    H:=TSSLSocketHandler(UD);
-    Pwd:=H.KeyPassword;
-    end;
-  if (len<Length(Pwd)+1) then
-    SetLength(Pwd,len-1);
-  pwd:=pwd+#0;
-  Result:=Length(Pwd);
-  Move(Pointer(Pwd)^,Buf^,Result);
+  inherited Create;
+  FSendHostAsSNI:=True;
+  FCertGenerator:=CreateCertGenerator;
+  FCertificateData:=CreateCertificateData;
 end;
 
-function TSSLSocketHandler.InitSslKeys: boolean;
+Destructor TSSLSocketHandler.Destroy;
 
 begin
-  Result:=(FCTX<>Nil);
-  if not Result then
-    Exit;
-  if not Certificate.Empty then
-    Result:=CheckSSL(FCTX.UseCertificate(Certificate));
-  if Result and not PrivateKey.Empty then
-    Result:=CheckSSL(FCTX.UsePrivateKey(PrivateKey));
-  if Result and (CertCA.FileName<>'') then
-    Result:=CheckSSL(FCTX.LoadVerifyLocations(CertCA.FileName,''));
-  if Result and not PFX.Empty then
-    Result:=CheckSSL(FCTX.LoadPFX(PFX,Self.KeyPassword));
+  FreeAndNil(FCertificateData);
+  FreeAndNil(FCertGenerator);
+  inherited Destroy;
 end;
 
-function TSSLSocketHandler.InitContext(NeedCertificate:Boolean): Boolean;
-
-Const
-  VO : Array[Boolean] of Integer = (SSL_VERIFY_NONE,SSL_VERIFY_PEER);
-
-var
-  s: AnsiString;
-
+class procedure TSSLSocketHandler.SetDefaultHandlerClass(aClass: TSSLSocketHandlerClass);
 begin
-  Result:=DoneContext;
-  if Not Result then
-    Exit;
-  try
-    FCTX:=TSSLContext.Create(SSLType);
-  Except
-    CheckSSL(Nil);
-    Result:=False;
-    Exit;
-  end;
-  S:=FCipherList;
-  FCTX.SetCipherList(S);
-  FCTX.SetVerify(VO[FVerifypeerCert],Nil);
-  FCTX.SetDefaultPasswdCb(@HandleSSLPwd);
-  FCTX.SetDefaultPasswdCbUserdata(self);
-  If NeedCertificate and Certificate.Empty and PFX.Empty then
-    if Not CreateSelfSignedCertificate(RemoteHostName) then
-      begin
-      DoneContext;
-      Exit(False);
-      end;
-   if Not InitSSLKeys then
-     begin
-     DoneContext;
-     Exit(False);
-     end;
-   try
-     FSSL:=TSSL.Create(FCTX);
-     Result:=True;
-   Except
-     CheckSSL(Nil);
-     DoneContext;
-     Result:=False;
-   end;
+  FDefaultHandlerClass:=aClass;
 end;
 
-function TSSLSocketHandler.Accept: Boolean;
-
+class function TSSLSocketHandler.GetDefaultHandlerClass: TSSLSocketHandlerClass;
 begin
-  Result:=InitContext(True);
-  if Result then
-    begin
-    Result:=CheckSSL(FSSL.setfd(Socket.Handle));
-    if Result then
-      Result:=CheckSSL(FSSL.Accept);
-    end;
-  FSSLActive:=Result;
+  Result:=FDefaultHandlerClass;
 end;
 
-function TSSLSocketHandler.Shutdown(BiDirectional : Boolean): boolean;
-
-var
-  r : integer;
-
+class function TSSLSocketHandler.GetDefaultHandler: TSSLSocketHandler;
 begin
-  Result:=assigned(FSsl);
-  if Result then
-    If Not BiDirectional then
-      Result:=CheckSSL(FSSL.Shutdown)
-    else
-      begin
-      r:=FSSL.Shutdown;
-      if r<>0 then
-        Result:=CheckSSL(r)
-      else
-        begin
-        Result:=fpShutdown(FSocket.Handle,1)=0;
-        if Result then
-          Result:=CheckSSL(FSsl.Shutdown);
-        end
-      end;
-  If Result then
-    Result:=DoneContext;
+  if FDefaultHandlerClass=Nil then
+    Raise ESSLSocketError.Create(SErrNoSSLSupport);
+  Result:=FDefaultHandlerClass.Create;
 end;
 
-function TSSLSocketHandler.Send(Const Buffer; Count: Integer): Integer;
-var
-  e: integer;
+function TSSLSocketHandler.CreateCertificateData: TCertificateData;
 begin
-  FLastError := 0;
-  FSSLLastErrorString:='';
-  repeat
-    Result:=FSsl.Write(@Buffer,Count);
-    e:=FSsl.GetError(Result);
-  until Not (e in [SSL_ERROR_WANT_READ,SSL_ERROR_WANT_WRITE]);
-  if (E=SSL_ERROR_ZERO_RETURN) then
-    Result:=0
-  else if (e<>0) then
-    FLastError:=e;
+  Result:=TCertificateData.Create;
 end;
 
-function TSSLSocketHandler.Recv(Const Buffer; Count: Integer): Integer;
-
-var
-  e: integer;
+function TSSLSocketHandler.CreateCertGenerator: TX509Certificate;
 begin
-  FLastError:=0;
-  FSSLLastErrorString:= '';
-  repeat
-    Result:=FSSL.Read(@Buffer ,Count);
-    e:=FSSL.GetError(Result);
-  until Not (e in [SSL_ERROR_WANT_READ,SSL_ERROR_WANT_WRITE]);
-  if (E=SSL_ERROR_ZERO_RETURN) then
-    Result:=0
-  else if (e<>0) then
-    FLastError:=e;
+  Raise ESSLSocketError.Create(SErrNoX509Certificate);
 end;
 
-function TSSLSocketHandler.BytesAvailable: Integer;
-begin
-  Result:= FSSL.Pending;
-end;
+function TSSLSocketHandler.CreateSelfSignedCertificate: Boolean;
 
-Function TSSLSocketHandler.SSLActive: Boolean;
-begin
-  Result:=FSSLActive;
-end;
+Var
+  CK:TCertAndKey;
 
-Function TSSLSocketHandler.SSLLastError: integer;
 begin
-  Result:=FLastError;
+  CK:=CertGenerator.CreateCertificateAndKey;
+  CertificateData.Certificate.Value:=CK.Certificate;
+  CertificateData.PrivateKey.Value:=CK.PrivateKey;
+  Result:=(Length(CK.Certificate)<>0) and (Length(CK.PrivateKey)<>0);
 end;
 
+
 end.
 

packages/fcl-net/src/ssockets.pp

@@ -45,24 +45,26 @@ type
 
   TAcceptErrorAction = (aeaRaise,aeaIgnore,aeaStop);
   TSocketStream = Class;
+  TSocketServer = Class;
 
   // Handles all OS calls
 
   { TSocketHandler }
 
   TSocketHandler = Class(TObject)
+  Private
+    FServer: TSocketServer;
     FSocket: TSocketStream;
-    FLastError : integer;
   Protected
+    FLastError : integer;
     Procedure SetSocket(const AStream: TSocketStream); virtual;
     Procedure CheckSocket;
   Public
     constructor Create; virtual;
     // Called after the connect call succeded. Returns True to continue, false to close connection.
     function Connect: boolean; virtual;
-    // Called after the accept call succeded.
+    // Called after the accept call succeded on the NEW client socket
     function Accept : Boolean; virtual;
-
     Function Close : Boolean; virtual;
     function Shutdown(BiDirectional : Boolean): boolean; virtual;
     function Recv(Const Buffer; Count: Integer): Integer; virtual;
@@ -111,6 +113,7 @@ type
   TConnectEvent = Procedure (Sender : TObject; Data : TSocketStream) Of Object;
   TConnectQuery = Procedure (Sender : TObject; ASocket : Longint; Var Allow : Boolean) of Object;
   TOnAcceptError = Procedure (Sender : TObject; ASocket : Longint; E : Exception; Var ErrorAction : TAcceptErrorAction) of Object;
+  TGetClientSocketHandlerEvent = Procedure (Sender : TObject; Out AHandler : TSocketHandler) of object;
 
   { TSocketServer }
 
@@ -118,6 +121,7 @@ type
   Private
     FIdleTimeOut: Cardinal;
     FOnAcceptError: TOnAcceptError;
+    FOnCreateClientSocketHandler: TGetClientSocketHandlerEvent;
     FOnIdle : TNotifyEvent;
     FNonBlocking : Boolean;
     FSocket : longint;
@@ -148,6 +152,7 @@ type
     Function RunIdleLoop : Boolean;
     function GetConnection: TSocketStream; virtual; abstract;
     Function HandleAcceptError(E : ESocketError) : TAcceptErrorAction;
+    Function GetClientSocketHandler(aSocket : Longint) : TSocketHandler; virtual;
     Property Handler : TSocketHandler Read FHandler;
   Public
     Constructor Create(ASocket : Longint; AHandler : TSocketHandler);
@@ -176,6 +181,7 @@ type
     // Accept Timeout in milliseconds.
     // If Different from 0, then there will be an idle loop before accepting new connections, Calling OnIdle if no new connection appeared in the specified timeout.
     Property AcceptIdleTimeOut : Cardinal Read FIdleTimeOut Write FIdleTimeout;
+    Property OnCreateClientSocketHandler : TGetClientSocketHandlerEvent Read FOnCreateClientSocketHandler Write FOnCreateClientSocketHandler;
   end;
 
   { TInetServer }
@@ -256,6 +262,7 @@ type
   end;
 {$endif}
 
+
 Implementation
 
 uses
@@ -379,6 +386,7 @@ begin
   Result:=True;
 end;
 
+
 constructor ESocketError.Create(ACode: TSocketErrorType; const MsgArgs: array of const);
 var
   s: String;
@@ -658,6 +666,15 @@ begin
     FOnAcceptError(Self,FSocket,E,Result);
 end;
 
+function TSocketServer.GetClientSocketHandler(aSocket : Longint): TSocketHandler;
+begin
+  If Assigned(FOnCreateClientSocketHandler) then
+    FOnCreateClientSocketHandler(Self,Result)
+  else
+    if Assigned(FHandler) then
+      Result:=TSocketHandlerClass(FHandler.ClassType).Create;
+end;
+
 procedure TSocketServer.StartAccepting;
 
 Var
@@ -856,10 +873,19 @@ end;
 
 Function  TInetServer.SockToStream (ASocket : Longint) : TSocketStream;
 
+Var
+  H : TSocketHandler;
+
 begin
-  Result:=TInetSocket.Create(ASocket);
+  H:=GetClientSocketHandler(aSocket);
+  Result:=TInetSocket.Create(ASocket,H);
   (Result as TInetSocket).FHost:='';
   (Result as TInetSocket).FPort:=FPort;
+  if Not H.Accept then
+    begin
+    H.Shutdown(False);
+    FreeAndNil(Result);
+    end;
 end;
 
 Function TInetServer.Accept : Longint;
@@ -882,7 +908,7 @@ begin
     If R=ESysEWOULDBLOCK then
       Raise ESocketError.Create(seAcceptWouldBlock,[socket]);
 {$endif}
-  if (Result<0) or Not (FAccepting and FHandler.Accept) then
+  if (Result<0) or Not FAccepting then
     begin
     If (Result>=0) then
       CloseSocket(Result);

packages/fcl-web/examples/httpclient/httpget.pas

@@ -3,7 +3,7 @@ program httpget;
 {$mode objfpc}{$H+}
 
 uses
-  SysUtils, Classes, fphttpclient, sslsockets, fpopenssl;
+  SysUtils, Classes, fphttpclient, sslsockets, fpopenssl, opensslsockets;
 
 Type
 

packages/fcl-web/examples/httpclient/httppost.pp

@@ -3,7 +3,7 @@ program httppost;
 {$mode objfpc}{$H+}
 
 uses
-  SysUtils, Classes, fphttpclient;
+  SysUtils, Classes, fphttpclient, opensslsockets;
 
 Var
   F : TFileStream;

packages/fcl-web/examples/httpclient/httppostfile.pp

@@ -3,7 +3,7 @@ program httppostfile;
 {$mode objfpc}{$H+}
 
 uses
-  SysUtils, Classes, fphttpclient;
+  SysUtils, Classes, fphttpclient, opensslsockets;
 
 Var
   F : TFileStream;

packages/fcl-web/examples/httpclient/keepalive.pp

@@ -3,7 +3,7 @@ program keepalive;
 {$mode objfpc}{$H+}
 
 uses
-  Classes, SysUtils, CustApp, fphttpclient;
+  Classes, SysUtils, CustApp, fphttpclient, opensslsockets;
 
 const
   URL_DIRECT = 'https://www.google.com/humans.txt';

packages/fcl-web/examples/simpleserver/simpleserver.lpi

@@ -4,8 +4,12 @@
     <Version Value="11"/>
     <General>
       <Flags>
+        <SaveClosedFiles Value="False"/>
+        <SaveOnlyProjectUnits Value="True"/>
         <MainUnitHasCreateFormStatements Value="False"/>
         <MainUnitHasTitleStatement Value="False"/>
+        <SaveJumpHistory Value="False"/>
+        <SaveFoldState Value="False"/>
       </Flags>
       <SessionStorage Value="InProjectDir"/>
       <MainUnit Value="0"/>
@@ -20,16 +24,31 @@
       <Version Value="2"/>
     </PublishOptions>
     <RunParams>
+      <local>
+        <CommandLineParams Value="-p 3003 -s -H nickname.freepascal.org"/>
+      </local>
       <FormatVersion Value="2"/>
       <Modes Count="1">
-        <Mode0 Name="default"/>
+        <Mode0 Name="default">
+          <local>
+            <CommandLineParams Value="-p 3003 -s -H nickname.freepascal.org"/>
+          </local>
+        </Mode0>
       </Modes>
     </RunParams>
-    <Units Count="1">
+    <Units Count="3">
       <Unit0>
         <Filename Value="simpleserver.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit0>
+      <Unit1>
+        <Filename Value="sslbase.pp"/>
+        <IsPartOfProject Value="True"/>
+      </Unit1>
+      <Unit2>
+        <Filename Value="opensslsockets.pp"/>
+        <IsPartOfProject Value="True"/>
+      </Unit2>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

packages/fcl-web/examples/simpleserver/simpleserver.pas

@@ -2,7 +2,7 @@
 {$h+}
 program simpleserver;
 
-uses sysutils,custhttpapp, fpwebfile;
+uses sysutils, custhttpapp, fpwebfile, sslbase, opensslsockets;
 
 Type
 
@@ -48,6 +48,8 @@ begin
   Writeln('-p --port=NNNN      TCP/IP port to listen on (default is 3000)');
   Writeln('-m --mimetypes=file path of mime.types, default under unix: /etc/mime.types');
   Writeln('-q --quiet          Do not write diagnostic messages');
+  Writeln('-s --ssl            Use SSL');
+  Writeln('-H --hostname=NAME  set hostname for self-signed SSL certificate');
   Halt(Ord(Msg<>''));
 end;
 
@@ -57,7 +59,7 @@ Var
   S,IndexPage,D : String;
 
 begin
-  S:=Checkoptions('hqd:ni:p:',['help','quiet','noindexpage','directory:','port:','indexpage:']);
+  S:=Checkoptions('hqd:ni:p:sH:',['help','quiet','noindexpage','directory:','port:','indexpage:','ssl','hostname:']);
   if (S<>'') or HasOption('h','help') then
     usage(S);
   Quiet:=HasOption('q','quiet');
@@ -66,7 +68,9 @@ begin
   if D='' then
     D:=GetCurrentDir;
   Log(etInfo,'Listening on port %d, serving files from directory: %s',[Port,D]);
-
+  UseSSL:=HasOption('s','ssl');
+  if HasOption('H','hostname') then
+    HostName:=GetOptionValue('H','hostname');
   if HasOption('m','mimetypes') then
     MimeTypesFile:=GetOptionValue('m','mimetypes');
 {$ifdef unix}

packages/fcl-web/fpmake.pp

@@ -29,6 +29,7 @@ begin
     P.Dependencies.Add('fcl-net');
     P.Dependencies.Add('fcl-process');
     P.Dependencies.Add('fcl-fpcunit');
+    P.Dependencies.Add('openssl',AllUnixOSes+AllWindowsOSes);
     P.Dependencies.Add('fastcgi');
     P.Dependencies.Add('httpd22', AllOses - [amiga,aros,morphos]);
     P.Dependencies.Add('httpd24', AllOses - [amiga,aros,morphos]);

packages/fcl-web/src/base/custhttpapp.pp

@@ -51,11 +51,14 @@ Type
     FServer: TEmbeddedHTTPServer;
     function GetAllowConnect: TConnectQuery;
     function GetAddress: string;
+    function GetHostName: String;
     function GetIdle: TNotifyEvent;
     function GetIDleTimeOut: Cardinal;
     function GetPort: Word;
     function GetQueueSize: Word;
     function GetThreaded: Boolean;
+    function GetUseSSL: Boolean;
+    procedure SetHostName(AValue: String);
     procedure SetIdle(AValue: TNotifyEvent);
     procedure SetIDleTimeOut(AValue: Cardinal);
     procedure SetOnAllowConnect(const AValue: TConnectQuery);
@@ -65,6 +68,7 @@ Type
     procedure SetThreaded(const AValue: Boolean);
     function GetLookupHostNames : Boolean;
     Procedure SetLookupHostnames(Avalue : Boolean);
+    procedure SetUseSSL(AValue: Boolean);
   protected
     procedure HTTPHandleRequest(Sender: TObject; var ARequest: TFPHTTPConnectionRequest; var AResponse: TFPHTTPConnectionResponse); virtual;
     procedure HandleRequestError(Sender: TObject; E: Exception); virtual;
@@ -96,6 +100,10 @@ Type
     Property OnAcceptIdle : TNotifyEvent Read GetIdle Write SetIdle;
     // If >0, when no new connection appeared after timeout, OnAcceptIdle is called.
     Property AcceptIdleTimeout : Cardinal Read GetIDleTimeOut Write SetIDleTimeOut;
+    // Use SSL or not ?
+    Property UseSSL : Boolean Read GetUseSSL Write SetUseSSL;
+    // HostName to use when using SSL
+    Property HostName : String Read GetHostName Write SetHostName;
   end;
 
   { TCustomHTTPApplication }
@@ -103,9 +111,12 @@ Type
   TCustomHTTPApplication = Class(TCustomWebApplication)
   private
     procedure FakeConnect;
+    function GetHostName: String;
     function GetIdle: TNotifyEvent;
     function GetIDleTimeOut: Cardinal;
     function GetLookupHostNames : Boolean;
+    function GetUseSSL: Boolean;
+    procedure SetHostName(AValue: String);
     procedure SetIdle(AValue: TNotifyEvent);
     procedure SetIDleTimeOut(AValue: Cardinal);
     Procedure SetLookupHostnames(Avalue : Boolean);
@@ -119,6 +130,7 @@ Type
     procedure SetPort(const AValue: Word);
     procedure SetQueueSize(const AValue: Word);
     procedure SetThreaded(const AValue: Boolean);
+    procedure SetUseSSL(AValue: Boolean);
   protected
     function InitializeWebHandler: TWebHandler; override;
     Function HTTPHandler : TFPHTTPServerHandler;
@@ -138,6 +150,10 @@ Type
     Property OnAcceptIdle : TNotifyEvent Read GetIdle Write SetIdle;
     // If >0, when no new connection appeared after timeout, OnAcceptIdle is called.
     Property AcceptIdleTimeout : Cardinal Read GetIDleTimeOut Write SetIDleTimeOut;
+    // Use SSL ?
+    Property UseSSL : Boolean Read GetUseSSL Write SetUseSSL;
+    // Hostname to use when using SSL
+    Property HostName : String Read GetHostName Write SetHostName;
   end;
 
 
@@ -179,6 +195,16 @@ begin
   Result:=HTTPHandler.LookupHostNames;
 end;
 
+function TCustomHTTPApplication.GetUseSSL: Boolean;
+begin
+
+end;
+
+procedure TCustomHTTPApplication.SetHostName(AValue: String);
+begin
+  HTTPHandler.HostName:=aValue;
+end;
+
 procedure TCustomHTTPApplication.SetIdle(AValue: TNotifyEvent);
 begin
   HTTPHandler.OnAcceptIdle:=AValue;
@@ -245,6 +271,11 @@ begin
   HTTPHandler.Threaded:=Avalue;
 end;
 
+procedure TCustomHTTPApplication.SetUseSSL(AValue: Boolean);
+begin
+  HTTPHandler.UseSSL:=aValue;
+end;
+
 function TCustomHTTPApplication.InitializeWebHandler: TWebHandler;
 begin
   Result:=TFPHTTPServerHandler.Create(Self);
@@ -265,6 +296,11 @@ begin
   end
 end;
 
+function TCustomHTTPApplication.GetHostName: String;
+begin
+  Result:=HTTPHandler.HostName;
+end;
+
 procedure TCustomHTTPApplication.Terminate;
 
 begin
@@ -316,6 +352,11 @@ begin
   FServer.LookupHostNames:=AValue;
 end;
 
+procedure TFPHTTPServerHandler.SetUseSSL(AValue: Boolean);
+begin
+  FServer.UseSSL:=aValue;
+end;
+
 function TFPHTTPServerHandler.GetAllowConnect: TConnectQuery;
 begin
   Result:=FServer.OnAllowConnect;
@@ -326,6 +367,11 @@ begin
   Result:=FServer.Address;
 end;
 
+function TFPHTTPServerHandler.GetHostName: String;
+begin
+  Result:=FServer.HostName;
+end;
+
 function TFPHTTPServerHandler.GetIdle: TNotifyEvent;
 begin
   Result:=FServer.OnAcceptIdle;
@@ -351,6 +397,16 @@ begin
   Result:=FServer.Threaded;
 end;
 
+function TFPHTTPServerHandler.GetUseSSL: Boolean;
+begin
+  Result:=FServer.UseSSL;
+end;
+
+procedure TFPHTTPServerHandler.SetHostName(AValue: String);
+begin
+  FServer.HostName:=aValue;
+end;
+
 procedure TFPHTTPServerHandler.SetIdle(AValue: TNotifyEvent);
 begin
   FServer.OnAcceptIdle:=AValue;

packages/fcl-web/src/base/fphttpclient.pp

@@ -41,6 +41,7 @@ Type
   TDataEvent   = Procedure (Sender : TObject; Const ContentLength, CurrentPos : Int64) of object;
   // Use this to set up a socket handler. UseSSL is true if protocol was https
   TGetSocketHandlerEvent = Procedure (Sender : TObject; Const UseSSL : Boolean; Out AHandler : TSocketHandler) of object;
+  TSocketHandlerCreatedEvent = Procedure (Sender : TObject; AHandler : TSocketHandler) of object;
 
   TFPCustomHTTPClient = Class;
 
@@ -95,6 +96,7 @@ Type
     FTerminated: Boolean;
     FUserName: String;
     FOnGetSocketHandler : TGetSocketHandlerEvent;
+    FAfterSocketHandlerCreated : TSocketHandlerCreatedEvent;
     FProxy : TProxyData;
     function CheckContentLength: Int64;
     function CheckTransferEncoding: string;
@@ -326,7 +328,8 @@ Type
     Property OnHeaders : TNotifyEvent Read FOnHeaders Write FOnHeaders;
     // Called to create socket handler. If not set, or Nil is returned, a standard socket handler is created.
     Property OnGetSocketHandler : TGetSocketHandlerEvent Read FOnGetSocketHandler Write FOnGetSocketHandler;
-
+    // Called after create socket handler was created, with the created socket handler.
+    Property AfterSocketHandlerCreate : TSocketHandlerCreatedEvent Read FAfterSocketHandlerCreated Write FAfterSocketHandlerCreated;
   end;
 
 
@@ -362,9 +365,8 @@ Function EncodeURLElement(S : String) : String;
 Function DecodeURLElement(Const S : String) : String;
 
 implementation
-{$if not defined(hasamiga)}
+
 uses sslsockets;
-{$endif}
 
 resourcestring
   SErrInvalidProtocol = 'Invalid protocol : "%s"';
@@ -587,12 +589,12 @@ begin
   if Assigned(FonGetSocketHandler) then
     FOnGetSocketHandler(Self,UseSSL,Result);
   if (Result=Nil) then
-  {$if not defined(HASAMIGA)}
     If UseSSL then
-      Result:=TSSLSocketHandler.Create
+      Result:=TSSLSocketHandler.GetDefaultHandler
     else
-  {$endif}  
       Result:=TSocketHandler.Create;
+  if Assigned(AfterSocketHandlerCreate) then
+    AfterSocketHandlerCreate(Self,Result);
 end;
 
 procedure TFPCustomHTTPClient.ConnectToServer(const AHost: String;

packages/fcl-web/src/base/fphttpserver.pp

@@ -20,7 +20,7 @@ unit fphttpserver;
 interface
 
 uses
-  Classes, SysUtils, sockets, ssockets, resolve, httpdefs;
+  Classes, SysUtils, sockets, sslbase, sslsockets, ssockets, resolve, httpdefs;
 
 Const
   ReadBufLen = 4096;
@@ -30,6 +30,8 @@ Type
   TFPHTTPConnectionThread = Class;
   TFPCustomHttpServer = Class;
   TRequestErrorHandler = Procedure (Sender : TObject; E : Exception) of object;
+  TGetSocketHandlerEvent = Procedure (Sender : TObject; Const UseSSL : Boolean; Out AHandler : TSocketHandler) of object;
+  TSocketHandlerCreatedEvent = Procedure (Sender : TObject; AHandler : TSocketHandler) of object;
 
   { TFPHTTPConnectionRequest }
 
@@ -104,8 +106,12 @@ Type
     FAcceptIdleTimeout: Cardinal;
     FAdminMail: string;
     FAdminName: string;
+    FAfterSocketHandlerCreated: TSocketHandlerCreatedEvent;
+    FCertificateData: TCertificateData;
+    FHostName: string;
     FOnAcceptIdle: TNotifyEvent;
     FOnAllowConnect: TConnectQuery;
+    FOnGetSocketHandler: TGetSocketHandlerEvent;
     FOnRequest: THTTPServerRequestHandler;
     FOnRequestError: TRequestErrorHandler;
     FAddress: string;
@@ -117,9 +123,14 @@ Type
     FLookupHostNames,
     FThreaded: Boolean;
     FConnectionCount : Integer;
+    FUseSSL: Boolean;
+    procedure DoCreateClientHandler(Sender: TObject; out AHandler: TSocketHandler);
     function GetActive: Boolean;
+    function GetHostName: string;
     procedure SetAcceptIdleTimeout(AValue: Cardinal);
     procedure SetActive(const AValue: Boolean);
+    procedure SetCertificateData(AValue: TCertificateData);
+    procedure SetHostName(AValue: string);
     procedure SetIdle(AValue: TNotifyEvent);
     procedure SetOnAllowConnect(const AValue: TConnectQuery);
     procedure SetAddress(const AValue: string);
@@ -129,6 +140,12 @@ Type
     procedure SetupSocket;
     procedure WaitForRequests;
   Protected
+    // Override this to create descendent
+    function CreateSSLSocketHandler: TSocketHandler;
+    // Override this to create descendent
+    Function CreateCertificateData : TCertificateData; virtual;
+    // Override this to create descendent
+    Function GetSocketHandler(Const UseSSL : Boolean) : TSocketHandler;  virtual;
     // Override these to create descendents of the request/response instead.
     Function CreateRequest : TFPHTTPConnectionRequest; virtual;
     Function CreateResponse(ARequest : TFPHTTPConnectionRequest) : TFPHTTPConnectionResponse; virtual;
@@ -189,6 +206,17 @@ Type
     property AdminName: string read FAdminName write FAdminName;
     property ServerBanner: string read FServerBanner write FServerBanner;
     Property LookupHostNames : Boolean Read FLookupHostNames Write FLookupHostNames;
+    // You need to set this if you want to use SSL
+    property HostName : string Read GetHostName Write SetHostName; deprecated 'Use certificatedata instead';
+    // Properties to use when doing SSL handshake
+    Property CertificateData  : TCertificateData Read FCertificateData Write SetCertificateData;
+    // Set to true if you want to use SSL
+    Property UseSSL : Boolean Read FUseSSL Write FUseSSL;
+    // Called to create socket handler. If not set, or Nil is returned, a standard socket handler is created.
+    Property OnGetSocketHandler : TGetSocketHandlerEvent Read FOnGetSocketHandler Write FOnGetSocketHandler;
+    // Called after create socket handler was created, with the created socket handler.
+    Property AfterSocketHandlerCreate : TSocketHandlerCreatedEvent Read FAfterSocketHandlerCreated Write FAfterSocketHandlerCreated;
+
   end;
 
   TFPHttpServer = Class(TFPCustomHttpServer)
@@ -480,6 +508,7 @@ Var
   S : String;
 
 begin
+  S:='';
   L:=ARequest.ContentLength;
   If (L>0) then
     begin
@@ -648,6 +677,16 @@ begin
     Result:=Assigned(FServer);
 end;
 
+procedure TFPCustomHttpServer.DoCreateClientHandler(Sender: TObject; out AHandler: TSocketHandler);
+begin
+  AHandler:=GetSocketHandler(UseSSL);
+end;
+
+function TFPCustomHttpServer.GetHostName: string;
+begin
+  Result:=FCertificateData.HostName;
+end;
+
 procedure TFPCustomHttpServer.SetAcceptIdleTimeout(AValue: Cardinal);
 begin
   if FAcceptIdleTimeout=AValue then Exit;
@@ -677,6 +716,17 @@ begin
       StopServerSocket;
 end;
 
+procedure TFPCustomHttpServer.SetCertificateData(AValue: TCertificateData);
+begin
+  if FCertificateData=AValue then Exit;
+  FCertificateData:=AValue;
+end;
+
+procedure TFPCustomHttpServer.SetHostName(AValue: string);
+begin
+  FCertificateData.HostName:=aValue;
+end;
+
 procedure TFPCustomHttpServer.SetIdle(AValue: TNotifyEvent);
 begin
   FOnAcceptIdle:=AValue;
@@ -787,11 +837,13 @@ begin
 end;
 
 procedure TFPCustomHttpServer.CreateServerSocket;
+
 begin
   if FAddress='' then
     FServer:=TInetServer.Create(FPort)
   else
     FServer:=TInetServer.Create(FAddress,FPort);
+  FServer.OnCreateClientSocketHandler:=@DoCreateClientHandler;
   FServer.MaxConnections:=-1;
   FServer.OnConnectQuery:=OnAllowConnect;
   FServer.OnConnect:=@DOConnect;
@@ -824,7 +876,8 @@ begin
   inherited Create(AOwner);
   FPort:=80;
   FQueueSize:=5;
-  FServerBanner := 'Freepascal';
+  FServerBanner := 'FreePascal';
+  FCertificateData:=CreateCertificateData;
 end;
 
 procedure TFPCustomHttpServer.WaitForRequests;
@@ -845,11 +898,57 @@ begin
     end;
 end;
 
+function TFPCustomHttpServer.CreateCertificateData: TCertificateData;
+begin
+  Result:=TCertificateData.Create;
+end;
+
+function TFPCustomHttpServer.CreateSSLSocketHandler : TSocketHandler;
+
+Var
+  S : TSSLSocketHandler;
+  CK : TCertAndKey;
+
+begin
+  S:=TSSLSocketHandler.GetDefaultHandler;
+  try
+    // We must create the certificate once in our global copy of CertificateData !
+    if CertificateData.NeedCertificateData then
+      begin
+      S.CertGenerator.HostName:=CertificateData.Hostname;
+      CK:=S.CertGenerator.CreateCertificateAndKey;
+      CertificateData.Certificate.Value:=CK.Certificate;
+      CertificateData.PrivateKey.Value:=CK.PrivateKey;
+      end;
+    S.CertificateData:=Self.CertificateData;
+    Result:=S;
+  except
+    S.free;
+    Raise;
+  end;
+end;
+
+function TFPCustomHttpServer.GetSocketHandler(const UseSSL: Boolean): TSocketHandler;
+
+begin
+  Result:=Nil;
+  if Assigned(FonGetSocketHandler) then
+    FOnGetSocketHandler(Self,UseSSL,Result);
+  if (Result=Nil) then
+    If UseSSL then
+      Result:=CreateSSLSocketHandler
+    else
+      Result:=TSocketHandler.Create;
+  if Assigned(FAfterSocketHandlerCreated) then
+    FAfterSocketHandlerCreated(Self,Result);
+end;
+
 destructor TFPCustomHttpServer.Destroy;
 begin
   Active:=False;
   if Threaded and (FConnectionCount>0) then
     WaitForRequests;
+  FreeAndNil(FCertificateData);
   inherited Destroy;
 end;
 

packages/fpmake_add.inc

@@ -139,5 +139,6 @@
   add_libfontconfig(ADirectory+IncludeTrailingPathDelimiter('libfontconfig'));
   add_fcl_report(ADirectory+IncludeTrailingPathDelimiter('fcl-report'));
   add_webidl(ADirectory+IncludeTrailingPathDelimiter('webidl'));
+  add_gnutls(ADirectory+IncludeTrailingPathDelimiter('gnutls'));
   add_ide(ADirectory+IncludeTrailingPathDelimiter('ide'));
   

packages/fpmake_proc.inc

@@ -535,6 +535,12 @@ begin
 {$include openssl/fpmake.pp}
 end;
 
+procedure add_gnutls(const ADirectory: string);
+begin
+  with Installer do
+{$include gnutls/fpmake.pp}
+end;
+
 procedure add_oracle(const ADirectory: string);
 begin
   with Installer do

packages/fv/src/drivers.pas

@@ -229,9 +229,12 @@ CONST
 {                         MOUSE BUTTON STATE MASKS                          }
 {---------------------------------------------------------------------------}
 CONST
-   mbLeftButton   = $01;                              { Left mouse button }
-   mbRightButton  = $02;                              { Right mouse button }
-   mbMiddleButton = $04;                              { Middle mouse button }
+   mbLeftButton      = $01;                           { Left mouse button }
+   mbRightButton     = $02;                           { Right mouse button }
+   mbMiddleButton    = $04;                           { Middle mouse button }
+   mbScrollWheelDown = $08;                           { Scroll wheel down}
+   mbScrollWheelUp   = $10;                           { Scroll wheel up }
+
 
 {---------------------------------------------------------------------------}
 {                         SCREEN CRT MODE CONSTANTS                         }

packages/gnutls/Makefile

@@ -0,0 +1,2682 @@
+#
+# Don't edit, this file is generated by FPCMake Version 2.0.0
+#
+default: all
+MAKEFILETARGETS=i386-linux i386-go32v2 i386-win32 i386-os2 i386-freebsd i386-beos i386-haiku i386-netbsd i386-solaris i386-netware i386-openbsd i386-wdosx i386-darwin i386-emx i386-watcom i386-netwlibc i386-wince i386-embedded i386-symbian i386-nativent i386-iphonesim i386-android i386-aros m68k-linux m68k-netbsd m68k-amiga m68k-atari m68k-palmos m68k-macos m68k-embedded powerpc-linux powerpc-netbsd powerpc-amiga powerpc-macos powerpc-darwin powerpc-morphos powerpc-embedded powerpc-wii powerpc-aix sparc-linux sparc-netbsd sparc-solaris sparc-embedded x86_64-linux x86_64-freebsd x86_64-netbsd x86_64-solaris x86_64-openbsd x86_64-darwin x86_64-win64 x86_64-embedded x86_64-iphonesim x86_64-android x86_64-aros x86_64-dragonfly arm-linux arm-netbsd arm-palmos arm-darwin arm-wince arm-gba arm-nds arm-embedded arm-symbian arm-android arm-aros powerpc64-linux powerpc64-darwin powerpc64-embedded powerpc64-aix avr-embedded armeb-linux armeb-embedded mips-linux mipsel-linux mipsel-embedded mipsel-android jvm-java jvm-android i8086-embedded i8086-msdos i8086-win16 aarch64-linux aarch64-darwin aarch64-android wasm-wasm sparc64-linux riscv32-linux riscv32-embedded riscv64-linux riscv64-embedded
+BSDs = freebsd netbsd openbsd darwin dragonfly
+UNIXs = linux $(BSDs) solaris qnx haiku aix
+LIMIT83fs = go32v2 os2 emx watcom msdos win16 atari
+OSNeedsComspecToRunBatch = go32v2 watcom
+FORCE:
+.PHONY: FORCE
+override PATH:=$(patsubst %/,%,$(subst \,/,$(PATH)))
+ifneq ($(findstring darwin,$(OSTYPE)),)
+inUnix=1 #darwin
+SEARCHPATH:=$(filter-out .,$(subst :, ,$(PATH)))
+else
+ifeq ($(findstring ;,$(PATH)),)
+inUnix=1
+SEARCHPATH:=$(filter-out .,$(subst :, ,$(PATH)))
+else
+SEARCHPATH:=$(subst ;, ,$(PATH))
+endif
+endif
+SEARCHPATH+=$(patsubst %/,%,$(subst \,/,$(dir $(MAKE))))
+PWD:=$(strip $(wildcard $(addsuffix /pwd.exe,$(SEARCHPATH))))
+ifeq ($(PWD),)
+PWD:=$(strip $(wildcard $(addsuffix /pwd,$(SEARCHPATH))))
+ifeq ($(PWD),)
+$(error You need the GNU utils package to use this Makefile)
+else
+PWD:=$(firstword $(PWD))
+SRCEXEEXT=
+endif
+else
+PWD:=$(firstword $(PWD))
+SRCEXEEXT=.exe
+endif
+ifndef inUnix
+ifeq ($(OS),Windows_NT)
+inWinNT=1
+else
+ifdef OS2_SHELL
+inOS2=1
+endif
+endif
+else
+ifneq ($(findstring cygdrive,$(PATH)),)
+inCygWin=1
+endif
+endif
+ifdef inUnix
+SRCBATCHEXT=.sh
+else
+ifdef inOS2
+SRCBATCHEXT=.cmd
+else
+SRCBATCHEXT=.bat
+endif
+endif
+ifdef COMSPEC
+ifneq ($(findstring $(OS_SOURCE),$(OSNeedsComspecToRunBatch)),)
+ifndef RUNBATCH
+RUNBATCH=$(COMSPEC) /C
+endif
+endif
+endif
+ifdef inUnix
+PATHSEP=/
+else
+PATHSEP:=$(subst /,\,/)
+ifdef inCygWin
+PATHSEP=/
+endif
+endif
+ifdef PWD
+BASEDIR:=$(subst \,/,$(shell $(PWD)))
+ifdef inCygWin
+ifneq ($(findstring /cygdrive/,$(BASEDIR)),)
+BASENODIR:=$(patsubst /cygdrive%,%,$(BASEDIR))
+BASEDRIVE:=$(firstword $(subst /, ,$(BASENODIR)))
+BASEDIR:=$(subst /cygdrive/$(BASEDRIVE)/,$(BASEDRIVE):/,$(BASEDIR))
+endif
+endif
+else
+BASEDIR=.
+endif
+ifdef inOS2
+ifndef ECHO
+ECHO:=$(strip $(wildcard $(addsuffix /gecho$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(ECHO),)
+ECHO:=$(strip $(wildcard $(addsuffix /echo$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(ECHO),)
+ECHO=echo
+else
+ECHO:=$(firstword $(ECHO))
+endif
+else
+ECHO:=$(firstword $(ECHO))
+endif
+endif
+export ECHO
+endif
+override DEFAULT_FPCDIR=../..
+ifndef FPC
+ifdef PP
+FPC=$(PP)
+endif
+endif
+ifndef FPC
+FPCPROG:=$(strip $(wildcard $(addsuffix /fpc$(SRCEXEEXT),$(SEARCHPATH))))
+ifneq ($(FPCPROG),)
+FPCPROG:=$(firstword $(FPCPROG))
+ifneq ($(CPU_TARGET),)
+FPC:=$(shell $(FPCPROG) -P$(CPU_TARGET) -PB)
+else
+FPC:=$(shell $(FPCPROG) -PB)
+endif
+ifneq ($(findstring Error,$(FPC)),)
+override FPC=$(firstword $(strip $(wildcard $(addsuffix /ppc386$(SRCEXEEXT),$(SEARCHPATH)))))
+else
+ifeq ($(strip $(wildcard $(FPC))),)
+FPC:=$(firstword $(FPCPROG))
+endif
+endif
+else
+override FPC=$(firstword $(strip $(wildcard $(addsuffix /ppc386$(SRCEXEEXT),$(SEARCHPATH)))))
+endif
+endif
+override FPC:=$(subst $(SRCEXEEXT),,$(FPC))
+override FPC:=$(subst \,/,$(FPC))$(SRCEXEEXT)
+FOUNDFPC:=$(strip $(wildcard $(FPC)))
+ifeq ($(FOUNDFPC),)
+FOUNDFPC=$(strip $(wildcard $(addsuffix /$(FPC),$(SEARCHPATH))))
+ifeq ($(FOUNDFPC),)
+$(error Compiler $(FPC) not found)
+endif
+endif
+ifndef FPC_COMPILERINFO
+FPC_COMPILERINFO:=$(shell $(FPC) -iVSPTPSOTO)
+endif
+ifndef FPC_VERSION
+FPC_VERSION:=$(word 1,$(FPC_COMPILERINFO))
+endif
+export FPC FPC_VERSION FPC_COMPILERINFO
+unexport CHECKDEPEND ALLDEPENDENCIES
+ifndef CPU_TARGET
+ifdef CPU_TARGET_DEFAULT
+CPU_TARGET=$(CPU_TARGET_DEFAULT)
+endif
+endif
+ifndef OS_TARGET
+ifdef OS_TARGET_DEFAULT
+OS_TARGET=$(OS_TARGET_DEFAULT)
+endif
+endif
+ifndef CPU_SOURCE
+CPU_SOURCE:=$(word 2,$(FPC_COMPILERINFO))
+endif
+ifndef CPU_TARGET
+CPU_TARGET:=$(word 3,$(FPC_COMPILERINFO))
+endif
+ifndef OS_SOURCE
+OS_SOURCE:=$(word 4,$(FPC_COMPILERINFO))
+endif
+ifndef OS_TARGET
+OS_TARGET:=$(word 5,$(FPC_COMPILERINFO))
+endif
+FULL_TARGET=$(CPU_TARGET)-$(OS_TARGET)
+FULL_SOURCE=$(CPU_SOURCE)-$(OS_SOURCE)
+ifeq ($(CPU_TARGET),armeb)
+ARCH=arm
+override FPCOPT+=-Cb
+else
+ifeq ($(CPU_TARGET),armel)
+ARCH=arm
+override FPCOPT+=-CaEABI
+else
+ARCH=$(CPU_TARGET)
+endif
+endif
+ifeq ($(FULL_TARGET),arm-embedded)
+ifeq ($(SUBARCH),)
+$(error When compiling for arm-embedded, a sub-architecture (e.g. SUBARCH=armv4t or SUBARCH=armv7m) must be defined)
+endif
+override FPCOPT+=-Cp$(SUBARCH)
+endif
+ifeq ($(FULL_TARGET),avr-embedded)
+ifeq ($(SUBARCH),)
+$(error When compiling for avr-embedded, a sub-architecture (e.g. SUBARCH=avr25 or SUBARCH=avr35) must be defined)
+endif
+override FPCOPT+=-Cp$(SUBARCH)
+endif
+ifeq ($(FULL_TARGET),mipsel-embedded)
+ifeq ($(SUBARCH),)
+$(error When compiling for mipsel-embedded, a sub-architecture (e.g. SUBARCH=pic32mx) must be defined)
+endif
+override FPCOPT+=-Cp$(SUBARCH)
+endif
+ifneq ($(findstring $(OS_SOURCE),$(LIMIT83fs)),)
+TARGETSUFFIX=$(OS_TARGET)
+SOURCESUFFIX=$(OS_SOURCE)
+else
+ifneq ($(findstring $(OS_TARGET),$(LIMIT83fs)),)
+TARGETSUFFIX=$(OS_TARGET)
+else
+TARGETSUFFIX=$(FULL_TARGET)
+endif
+SOURCESUFFIX=$(FULL_SOURCE)
+endif
+ifneq ($(FULL_TARGET),$(FULL_SOURCE))
+CROSSCOMPILE=1
+endif
+ifeq ($(findstring makefile,$(MAKECMDGOALS)),)
+ifeq ($(findstring $(FULL_TARGET),$(MAKEFILETARGETS)),)
+$(error The Makefile doesn't support target $(FULL_TARGET), please run fpcmake first)
+endif
+endif
+ifneq ($(findstring $(OS_TARGET),$(BSDs)),)
+BSDhier=1
+endif
+ifeq ($(OS_TARGET),linux)
+linuxHier=1
+endif
+ifndef CROSSCOMPILE
+BUILDFULLNATIVE=1
+export BUILDFULLNATIVE
+endif
+ifdef BUILDFULLNATIVE
+BUILDNATIVE=1
+export BUILDNATIVE
+endif
+export OS_TARGET OS_SOURCE ARCH CPU_TARGET CPU_SOURCE FULL_TARGET FULL_SOURCE TARGETSUFFIX SOURCESUFFIX CROSSCOMPILE
+ifdef FPCDIR
+override FPCDIR:=$(subst \,/,$(FPCDIR))
+ifeq ($(wildcard $(addprefix $(FPCDIR)/,rtl)),)
+override FPCDIR=wrong
+endif
+else
+override FPCDIR=wrong
+endif
+ifdef DEFAULT_FPCDIR
+ifeq ($(FPCDIR),wrong)
+override FPCDIR:=$(subst \,/,$(DEFAULT_FPCDIR))
+ifeq ($(wildcard $(addprefix $(FPCDIR)/,rtl)),)
+override FPCDIR=wrong
+endif
+endif
+endif
+ifeq ($(FPCDIR),wrong)
+ifdef inUnix
+override FPCDIR=/usr/local/lib/fpc/$(FPC_VERSION)
+ifeq ($(wildcard $(FPCDIR)/units),)
+override FPCDIR=/usr/lib/fpc/$(FPC_VERSION)
+endif
+else
+override FPCDIR:=$(subst /$(FPC),,$(firstword $(strip $(wildcard $(addsuffix /$(FPC),$(SEARCHPATH))))))
+override FPCDIR:=$(FPCDIR)/..
+ifeq ($(wildcard $(addprefix $(FPCDIR)/,rtl)),)
+override FPCDIR:=$(FPCDIR)/..
+ifeq ($(wildcard $(addprefix $(FPCDIR)/,rtl)),)
+override FPCDIR:=$(BASEDIR)
+ifeq ($(wildcard $(addprefix $(FPCDIR)/,rtl)),)
+override FPCDIR=c:/pp
+endif
+endif
+endif
+endif
+endif
+ifndef CROSSBINDIR
+CROSSBINDIR:=$(wildcard $(FPCDIR)/bin/$(TARGETSUFFIX))
+endif
+ifneq ($(findstring $(OS_TARGET),darwin iphonesim),)
+ifeq ($(OS_SOURCE),darwin)
+DARWIN2DARWIN=1
+endif
+endif
+ifndef BINUTILSPREFIX
+ifndef CROSSBINDIR
+ifdef CROSSCOMPILE
+ifneq ($(OS_TARGET),msdos)
+ifndef DARWIN2DARWIN
+ifneq ($(CPU_TARGET),jvm)
+BINUTILSPREFIX=$(CPU_TARGET)-$(OS_TARGET)-
+ifeq ($(OS_TARGET),android)
+ifeq ($(CPU_TARGET),arm)
+BINUTILSPREFIX=arm-linux-androideabi-
+else
+ifeq ($(CPU_TARGET),i386)
+BINUTILSPREFIX=i686-linux-android-
+else
+BINUTILSPREFIX=$(CPU_TARGET)-linux-android-
+endif
+endif
+endif
+endif
+endif
+else
+BINUTILSPREFIX=$(OS_TARGET)-
+endif
+endif
+endif
+endif
+UNITSDIR:=$(wildcard $(FPCDIR)/units/$(TARGETSUFFIX))
+ifeq ($(UNITSDIR),)
+UNITSDIR:=$(wildcard $(FPCDIR)/units/$(OS_TARGET))
+endif
+PACKAGESDIR:=$(wildcard $(FPCDIR) $(FPCDIR)/packages)
+ifndef FPCFPMAKE
+ifdef CROSSCOMPILE
+ifeq ($(strip $(wildcard $(addsuffix /compiler/ppc$(SRCEXEEXT),$(FPCDIR)))),)
+FPCPROG:=$(strip $(wildcard $(addsuffix /fpc$(SRCEXEEXT),$(SEARCHPATH))))
+ifneq ($(FPCPROG),)
+FPCPROG:=$(firstword $(FPCPROG))
+FPCFPMAKE:=$(shell $(FPCPROG) -PB)
+ifeq ($(strip $(wildcard $(FPCFPMAKE))),)
+FPCFPMAKE:=$(firstword $(FPCPROG))
+endif
+else
+override FPCFPMAKE=$(firstword $(strip $(wildcard $(addsuffix /ppc386$(SRCEXEEXT),$(SEARCHPATH)))))
+endif
+else
+FPCFPMAKE=$(strip $(wildcard $(addsuffix /compiler/ppc$(SRCEXEEXT),$(FPCDIR))))
+FPMAKE_SKIP_CONFIG=-n
+export FPCFPMAKE
+export FPMAKE_SKIP_CONFIG
+endif
+else
+FPMAKE_SKIP_CONFIG=-n
+FPCFPMAKE=$(FPC)
+endif
+endif
+override PACKAGE_NAME=gnutls
+override PACKAGE_VERSION=3.3.1
+FPMAKE_BIN_CLEAN=$(wildcard ./fpmake$(SRCEXEEXT))
+ifdef OS_TARGET
+FPC_TARGETOPT+=--os=$(OS_TARGET)
+endif
+ifdef CPU_TARGET
+FPC_TARGETOPT+=--cpu=$(CPU_TARGET)
+endif
+LOCALFPMAKE=./fpmake$(SRCEXEEXT)
+override INSTALL_FPCPACKAGE=y
+ifdef REQUIRE_UNITSDIR
+override UNITSDIR+=$(REQUIRE_UNITSDIR)
+endif
+ifdef REQUIRE_PACKAGESDIR
+override PACKAGESDIR+=$(REQUIRE_PACKAGESDIR)
+endif
+ifdef ZIPINSTALL
+ifneq ($(findstring $(OS_TARGET),$(UNIXs)),)
+UNIXHier=1
+endif
+else
+ifneq ($(findstring $(OS_SOURCE),$(UNIXs)),)
+UNIXHier=1
+endif
+endif
+ifndef INSTALL_PREFIX
+ifdef PREFIX
+INSTALL_PREFIX=$(PREFIX)
+endif
+endif
+ifndef INSTALL_PREFIX
+ifdef UNIXHier
+INSTALL_PREFIX=/usr/local
+else
+ifdef INSTALL_FPCPACKAGE
+INSTALL_BASEDIR:=/pp
+else
+INSTALL_BASEDIR:=/$(PACKAGE_NAME)
+endif
+endif
+endif
+export INSTALL_PREFIX
+ifdef INSTALL_FPCSUBDIR
+export INSTALL_FPCSUBDIR
+endif
+ifndef DIST_DESTDIR
+DIST_DESTDIR:=$(BASEDIR)
+endif
+export DIST_DESTDIR
+ifndef COMPILER_UNITTARGETDIR
+ifdef PACKAGEDIR_MAIN
+COMPILER_UNITTARGETDIR=$(PACKAGEDIR_MAIN)/units/$(TARGETSUFFIX)
+else
+COMPILER_UNITTARGETDIR=units/$(TARGETSUFFIX)
+endif
+endif
+ifndef COMPILER_TARGETDIR
+COMPILER_TARGETDIR=.
+endif
+ifndef INSTALL_BASEDIR
+ifdef UNIXHier
+ifdef INSTALL_FPCPACKAGE
+INSTALL_BASEDIR:=$(INSTALL_PREFIX)/lib/fpc/$(FPC_VERSION)
+else
+INSTALL_BASEDIR:=$(INSTALL_PREFIX)/lib/$(PACKAGE_NAME)
+endif
+else
+INSTALL_BASEDIR:=$(INSTALL_PREFIX)
+endif
+endif
+ifndef INSTALL_BINDIR
+ifdef UNIXHier
+INSTALL_BINDIR:=$(INSTALL_PREFIX)/bin
+else
+INSTALL_BINDIR:=$(INSTALL_BASEDIR)/bin
+ifdef INSTALL_FPCPACKAGE
+ifdef CROSSCOMPILE
+ifdef CROSSINSTALL
+INSTALL_BINDIR:=$(INSTALL_BINDIR)/$(SOURCESUFFIX)
+else
+INSTALL_BINDIR:=$(INSTALL_BINDIR)/$(TARGETSUFFIX)
+endif
+else
+INSTALL_BINDIR:=$(INSTALL_BINDIR)/$(TARGETSUFFIX)
+endif
+endif
+endif
+endif
+ifndef INSTALL_UNITDIR
+INSTALL_UNITDIR:=$(INSTALL_BASEDIR)/units/$(TARGETSUFFIX)
+ifdef INSTALL_FPCPACKAGE
+ifdef PACKAGE_NAME
+INSTALL_UNITDIR:=$(INSTALL_UNITDIR)/$(PACKAGE_NAME)
+endif
+endif
+endif
+ifndef INSTALL_LIBDIR
+ifdef UNIXHier
+INSTALL_LIBDIR:=$(INSTALL_PREFIX)/lib
+else
+INSTALL_LIBDIR:=$(INSTALL_UNITDIR)
+endif
+endif
+ifndef INSTALL_SOURCEDIR
+ifdef UNIXHier
+ifdef BSDhier
+SRCPREFIXDIR=share/src
+else
+ifdef linuxHier
+SRCPREFIXDIR=share/src
+else
+SRCPREFIXDIR=src
+endif
+endif
+ifdef INSTALL_FPCPACKAGE
+ifdef INSTALL_FPCSUBDIR
+INSTALL_SOURCEDIR:=$(INSTALL_PREFIX)/$(SRCPREFIXDIR)/fpc-$(FPC_VERSION)/$(INSTALL_FPCSUBDIR)/$(PACKAGE_NAME)
+else
+INSTALL_SOURCEDIR:=$(INSTALL_PREFIX)/$(SRCPREFIXDIR)/fpc-$(FPC_VERSION)/$(PACKAGE_NAME)
+endif
+else
+INSTALL_SOURCEDIR:=$(INSTALL_PREFIX)/$(SRCPREFIXDIR)/$(PACKAGE_NAME)-$(PACKAGE_VERSION)
+endif
+else
+ifdef INSTALL_FPCPACKAGE
+ifdef INSTALL_FPCSUBDIR
+INSTALL_SOURCEDIR:=$(INSTALL_BASEDIR)/source/$(INSTALL_FPCSUBDIR)/$(PACKAGE_NAME)
+else
+INSTALL_SOURCEDIR:=$(INSTALL_BASEDIR)/source/$(PACKAGE_NAME)
+endif
+else
+INSTALL_SOURCEDIR:=$(INSTALL_BASEDIR)/source
+endif
+endif
+endif
+ifndef INSTALL_DOCDIR
+ifdef UNIXHier
+ifdef BSDhier
+DOCPREFIXDIR=share/doc
+else
+ifdef linuxHier
+DOCPREFIXDIR=share/doc
+else
+DOCPREFIXDIR=doc
+endif
+endif
+ifdef INSTALL_FPCPACKAGE
+INSTALL_DOCDIR:=$(INSTALL_PREFIX)/$(DOCPREFIXDIR)/fpc-$(FPC_VERSION)/$(PACKAGE_NAME)
+else
+INSTALL_DOCDIR:=$(INSTALL_PREFIX)/$(DOCPREFIXDIR)/$(PACKAGE_NAME)-$(PACKAGE_VERSION)
+endif
+else
+ifdef INSTALL_FPCPACKAGE
+INSTALL_DOCDIR:=$(INSTALL_BASEDIR)/doc/$(PACKAGE_NAME)
+else
+INSTALL_DOCDIR:=$(INSTALL_BASEDIR)/doc
+endif
+endif
+endif
+ifndef INSTALL_EXAMPLEDIR
+ifdef UNIXHier
+ifdef INSTALL_FPCPACKAGE
+ifdef BSDhier
+INSTALL_EXAMPLEDIR:=$(INSTALL_PREFIX)/share/examples/fpc-$(FPC_VERSION)/$(PACKAGE_NAME)
+else
+ifdef linuxHier
+INSTALL_EXAMPLEDIR:=$(INSTALL_DOCDIR)/examples
+else
+INSTALL_EXAMPLEDIR:=$(INSTALL_PREFIX)/doc/fpc-$(FPC_VERSION)/examples/$(PACKAGE_NAME)
+endif
+endif
+else
+ifdef BSDhier
+INSTALL_EXAMPLEDIR:=$(INSTALL_PREFIX)/share/examples/$(PACKAGE_NAME)-$(PACKAGE_VERSION)
+else
+ifdef linuxHier
+INSTALL_EXAMPLEDIR:=$(INSTALL_DOCDIR)/examples/$(PACKAGE_NAME)-$(PACKAGE_VERSION)
+else
+INSTALL_EXAMPLEDIR:=$(INSTALL_PREFIX)/doc/$(PACKAGE_NAME)-$(PACKAGE_VERSION)
+endif
+endif
+endif
+else
+ifdef INSTALL_FPCPACKAGE
+INSTALL_EXAMPLEDIR:=$(INSTALL_BASEDIR)/examples/$(PACKAGE_NAME)
+else
+INSTALL_EXAMPLEDIR:=$(INSTALL_BASEDIR)/examples
+endif
+endif
+endif
+ifndef INSTALL_DATADIR
+INSTALL_DATADIR=$(INSTALL_BASEDIR)
+endif
+ifndef INSTALL_SHAREDDIR
+INSTALL_SHAREDDIR=$(INSTALL_PREFIX)/lib
+endif
+ifdef CROSSCOMPILE
+ifndef CROSSBINDIR
+CROSSBINDIR:=$(wildcard $(CROSSTARGETDIR)/bin/$(SOURCESUFFIX))
+ifeq ($(CROSSBINDIR),)
+CROSSBINDIR:=$(wildcard $(INSTALL_BASEDIR)/cross/$(TARGETSUFFIX)/bin/$(FULL_SOURCE))
+endif
+endif
+else
+CROSSBINDIR=
+endif
+BATCHEXT=.bat
+LOADEREXT=.as
+EXEEXT=.exe
+PPLEXT=.ppl
+PPUEXT=.ppu
+OEXT=.o
+ASMEXT=.s
+SMARTEXT=.sl
+STATICLIBEXT=.a
+SHAREDLIBEXT=.so
+SHAREDLIBPREFIX=libfp
+STATICLIBPREFIX=libp
+IMPORTLIBPREFIX=libimp
+RSTEXT=.rst
+EXEDBGEXT=.dbg
+ifeq ($(OS_TARGET),go32v1)
+STATICLIBPREFIX=
+SHORTSUFFIX=v1
+endif
+ifeq ($(OS_TARGET),go32v2)
+STATICLIBPREFIX=
+SHORTSUFFIX=dos
+IMPORTLIBPREFIX=
+endif
+ifeq ($(OS_TARGET),watcom)
+STATICLIBPREFIX=
+OEXT=.obj
+ASMEXT=.asm
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=wat
+IMPORTLIBPREFIX=
+endif
+ifneq ($(CPU_TARGET),jvm)
+ifeq ($(OS_TARGET),android)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=lnx
+endif
+endif
+ifeq ($(OS_TARGET),linux)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=lnx
+endif
+ifeq ($(OS_TARGET),dragonfly)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=df
+endif
+ifeq ($(OS_TARGET),freebsd)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=fbs
+endif
+ifeq ($(OS_TARGET),netbsd)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=nbs
+endif
+ifeq ($(OS_TARGET),openbsd)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=obs
+endif
+ifeq ($(OS_TARGET),win32)
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=w32
+endif
+ifeq ($(OS_TARGET),os2)
+BATCHEXT=.cmd
+AOUTEXT=.out
+STATICLIBPREFIX=
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=os2
+ECHO=echo
+IMPORTLIBPREFIX=
+endif
+ifeq ($(OS_TARGET),emx)
+BATCHEXT=.cmd
+AOUTEXT=.out
+STATICLIBPREFIX=
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=emx
+ECHO=echo
+IMPORTLIBPREFIX=
+endif
+ifeq ($(OS_TARGET),amiga)
+EXEEXT=
+SHAREDLIBEXT=.library
+SHORTSUFFIX=amg
+endif
+ifeq ($(OS_TARGET),aros)
+EXEEXT=
+SHAREDLIBEXT=.library
+SHORTSUFFIX=aros
+endif
+ifeq ($(OS_TARGET),morphos)
+EXEEXT=
+SHAREDLIBEXT=.library
+SHORTSUFFIX=mos
+endif
+ifeq ($(OS_TARGET),atari)
+EXEEXT=.ttp
+SHORTSUFFIX=ata
+endif
+ifeq ($(OS_TARGET),beos)
+BATCHEXT=.sh
+EXEEXT=
+SHORTSUFFIX=be
+endif
+ifeq ($(OS_TARGET),haiku)
+BATCHEXT=.sh
+EXEEXT=
+SHORTSUFFIX=hai
+endif
+ifeq ($(OS_TARGET),solaris)
+BATCHEXT=.sh
+EXEEXT=
+SHORTSUFFIX=sun
+endif
+ifeq ($(OS_TARGET),qnx)
+BATCHEXT=.sh
+EXEEXT=
+SHORTSUFFIX=qnx
+endif
+ifeq ($(OS_TARGET),netware)
+EXEEXT=.nlm
+STATICLIBPREFIX=
+SHORTSUFFIX=nw
+IMPORTLIBPREFIX=imp
+endif
+ifeq ($(OS_TARGET),netwlibc)
+EXEEXT=.nlm
+STATICLIBPREFIX=
+SHORTSUFFIX=nwl
+IMPORTLIBPREFIX=imp
+endif
+ifeq ($(OS_TARGET),macos)
+BATCHEXT=
+EXEEXT=
+DEBUGSYMEXT=.xcoff
+SHORTSUFFIX=mac
+IMPORTLIBPREFIX=imp
+endif
+ifneq ($(findstring $(OS_TARGET),darwin iphonesim),)
+BATCHEXT=.sh
+EXEEXT=
+HASSHAREDLIB=1
+SHORTSUFFIX=dwn
+EXEDBGEXT=.dSYM
+endif
+ifeq ($(OS_TARGET),gba)
+EXEEXT=.gba
+SHAREDLIBEXT=.so
+SHORTSUFFIX=gba
+endif
+ifeq ($(OS_TARGET),symbian)
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=symbian
+endif
+ifeq ($(OS_TARGET),NativeNT)
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=nativent
+endif
+ifeq ($(OS_TARGET),wii)
+EXEEXT=.dol
+SHAREDLIBEXT=.so
+SHORTSUFFIX=wii
+endif
+ifeq ($(OS_TARGET),aix)
+BATCHEXT=.sh
+EXEEXT=
+SHAREDLIBEXT=.a
+SHORTSUFFIX=aix
+endif
+ifeq ($(OS_TARGET),java)
+OEXT=.class
+ASMEXT=.j
+SHAREDLIBEXT=.jar
+SHORTSUFFIX=java
+endif
+ifeq ($(CPU_TARGET),jvm)
+ifeq ($(OS_TARGET),android)
+OEXT=.class
+ASMEXT=.j
+SHAREDLIBEXT=.jar
+SHORTSUFFIX=android
+endif
+endif
+ifeq ($(OS_TARGET),msdos)
+STATICLIBPREFIX=
+STATICLIBEXT=.a
+SHORTSUFFIX=d16
+endif
+ifeq ($(OS_TARGET),embedded)
+ifeq ($(CPU_TARGET),i8086)
+STATICLIBPREFIX=
+STATICLIBEXT=.a
+else
+EXEEXT=.bin
+endif
+SHORTSUFFIX=emb
+endif
+ifeq ($(OS_TARGET),win16)
+STATICLIBPREFIX=
+STATICLIBEXT=.a
+SHAREDLIBEXT=.dll
+SHORTSUFFIX=w16
+endif
+ifneq ($(findstring $(OS_SOURCE),$(LIMIT83fs)),)
+FPCMADE=fpcmade.$(SHORTSUFFIX)
+ZIPSUFFIX=$(SHORTSUFFIX)
+ZIPCROSSPREFIX=
+ZIPSOURCESUFFIX=src
+ZIPEXAMPLESUFFIX=exm
+else
+FPCMADE=fpcmade.$(TARGETSUFFIX)
+ZIPSOURCESUFFIX=.source
+ZIPEXAMPLESUFFIX=.examples
+ifdef CROSSCOMPILE
+ZIPSUFFIX=.$(SOURCESUFFIX)
+ZIPCROSSPREFIX=$(TARGETSUFFIX)-
+else
+ZIPSUFFIX=.$(TARGETSUFFIX)
+ZIPCROSSPREFIX=
+endif
+endif
+ifndef ECHO
+ECHO:=$(strip $(wildcard $(addsuffix /gecho$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(ECHO),)
+ECHO:=$(strip $(wildcard $(addsuffix /echo$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(ECHO),)
+ECHO= __missing_command_ECHO
+else
+ECHO:=$(firstword $(ECHO))
+endif
+else
+ECHO:=$(firstword $(ECHO))
+endif
+endif
+export ECHO
+ifndef DATE
+DATE:=$(strip $(wildcard $(addsuffix /gdate$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(DATE),)
+DATE:=$(strip $(wildcard $(addsuffix /date$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(DATE),)
+DATE= __missing_command_DATE
+else
+DATE:=$(firstword $(DATE))
+endif
+else
+DATE:=$(firstword $(DATE))
+endif
+endif
+export DATE
+ifndef GINSTALL
+GINSTALL:=$(strip $(wildcard $(addsuffix /ginstall$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(GINSTALL),)
+GINSTALL:=$(strip $(wildcard $(addsuffix /install$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(GINSTALL),)
+GINSTALL= __missing_command_GINSTALL
+else
+GINSTALL:=$(firstword $(GINSTALL))
+endif
+else
+GINSTALL:=$(firstword $(GINSTALL))
+endif
+endif
+export GINSTALL
+ifndef CPPROG
+CPPROG:=$(strip $(wildcard $(addsuffix /cp$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(CPPROG),)
+CPPROG= __missing_command_CPPROG
+else
+CPPROG:=$(firstword $(CPPROG))
+endif
+endif
+export CPPROG
+ifndef RMPROG
+RMPROG:=$(strip $(wildcard $(addsuffix /rm$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(RMPROG),)
+RMPROG= __missing_command_RMPROG
+else
+RMPROG:=$(firstword $(RMPROG))
+endif
+endif
+export RMPROG
+ifndef MVPROG
+MVPROG:=$(strip $(wildcard $(addsuffix /mv$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(MVPROG),)
+MVPROG= __missing_command_MVPROG
+else
+MVPROG:=$(firstword $(MVPROG))
+endif
+endif
+export MVPROG
+ifndef MKDIRPROG
+MKDIRPROG:=$(strip $(wildcard $(addsuffix /gmkdir$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(MKDIRPROG),)
+MKDIRPROG:=$(strip $(wildcard $(addsuffix /mkdir$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(MKDIRPROG),)
+MKDIRPROG= __missing_command_MKDIRPROG
+else
+MKDIRPROG:=$(firstword $(MKDIRPROG))
+endif
+else
+MKDIRPROG:=$(firstword $(MKDIRPROG))
+endif
+endif
+export MKDIRPROG
+ifndef ECHOREDIR
+ifndef inUnix
+ECHOREDIR=echo
+else
+ECHOREDIR=$(ECHO)
+endif
+endif
+ifndef COPY
+COPY:=$(CPPROG) -fp
+endif
+ifndef COPYTREE
+COPYTREE:=$(CPPROG) -Rfp
+endif
+ifndef MKDIRTREE
+MKDIRTREE:=$(MKDIRPROG) -p
+endif
+ifndef MOVE
+MOVE:=$(MVPROG) -f
+endif
+ifndef DEL
+DEL:=$(RMPROG) -f
+endif
+ifndef DELTREE
+DELTREE:=$(RMPROG) -rf
+endif
+ifndef INSTALL
+ifdef inUnix
+INSTALL:=$(GINSTALL) -c -m 644
+else
+INSTALL:=$(COPY)
+endif
+endif
+ifndef INSTALLEXE
+ifdef inUnix
+INSTALLEXE:=$(GINSTALL) -c -m 755
+else
+INSTALLEXE:=$(COPY)
+endif
+endif
+ifndef MKDIR
+MKDIR:=$(GINSTALL) -m 755 -d
+endif
+export ECHOREDIR COPY COPYTREE MOVE DEL DELTREE INSTALL INSTALLEXE MKDIR
+ifndef PPUMOVE
+PPUMOVE:=$(strip $(wildcard $(addsuffix /ppumove$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(PPUMOVE),)
+PPUMOVE= __missing_command_PPUMOVE
+else
+PPUMOVE:=$(firstword $(PPUMOVE))
+endif
+endif
+export PPUMOVE
+ifndef FPCMAKE
+FPCMAKE:=$(strip $(wildcard $(addsuffix /fpcmake$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(FPCMAKE),)
+FPCMAKE= __missing_command_FPCMAKE
+else
+FPCMAKE:=$(firstword $(FPCMAKE))
+endif
+endif
+export FPCMAKE
+ifndef ZIPPROG
+ZIPPROG:=$(strip $(wildcard $(addsuffix /zip$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(ZIPPROG),)
+ZIPPROG= __missing_command_ZIPPROG
+else
+ZIPPROG:=$(firstword $(ZIPPROG))
+endif
+endif
+export ZIPPROG
+ifndef TARPROG
+TARPROG:=$(strip $(wildcard $(addsuffix /gtar$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(TARPROG),)
+TARPROG:=$(strip $(wildcard $(addsuffix /tar$(SRCEXEEXT),$(SEARCHPATH))))
+ifeq ($(TARPROG),)
+TARPROG= __missing_command_TARPROG
+else
+TARPROG:=$(firstword $(TARPROG))
+endif
+else
+TARPROG:=$(firstword $(TARPROG))
+endif
+endif
+export TARPROG
+ASNAME=$(BINUTILSPREFIX)as
+LDNAME=$(BINUTILSPREFIX)ld
+ARNAME=$(BINUTILSPREFIX)ar
+RCNAME=$(BINUTILSPREFIX)rc
+NASMNAME=$(BINUTILSPREFIX)nasm
+ifndef ASPROG
+ifdef CROSSBINDIR
+ASPROG=$(CROSSBINDIR)/$(ASNAME)$(SRCEXEEXT)
+else
+ASPROG=$(ASNAME)
+endif
+endif
+ifndef LDPROG
+ifdef CROSSBINDIR
+LDPROG=$(CROSSBINDIR)/$(LDNAME)$(SRCEXEEXT)
+else
+LDPROG=$(LDNAME)
+endif
+endif
+ifndef RCPROG
+ifdef CROSSBINDIR
+RCPROG=$(CROSSBINDIR)/$(RCNAME)$(SRCEXEEXT)
+else
+RCPROG=$(RCNAME)
+endif
+endif
+ifndef ARPROG
+ifdef CROSSBINDIR
+ARPROG=$(CROSSBINDIR)/$(ARNAME)$(SRCEXEEXT)
+else
+ARPROG=$(ARNAME)
+endif
+endif
+ifndef NASMPROG
+ifdef CROSSBINDIR
+NASMPROG=$(CROSSBINDIR)/$(NASMNAME)$(SRCEXEEXT)
+else
+NASMPROG=$(NASMNAME)
+endif
+endif
+AS=$(ASPROG)
+LD=$(LDPROG)
+RC=$(RCPROG)
+AR=$(ARPROG)
+NASM=$(NASMPROG)
+ifdef inUnix
+PPAS=./ppas$(SRCBATCHEXT)
+else
+PPAS=ppas$(SRCBATCHEXT)
+endif
+ifdef inUnix
+LDCONFIG=ldconfig
+else
+LDCONFIG=
+endif
+ifdef DATE
+DATESTR:=$(shell $(DATE) +%Y%m%d)
+else
+DATESTR=
+endif
+ZIPOPT=-9
+ZIPEXT=.zip
+ifeq ($(USETAR),bz2)
+TAROPT=vj
+TAREXT=.tar.bz2
+else
+TAROPT=vz
+TAREXT=.tar.gz
+endif
+override REQUIRE_PACKAGES=rtl fpmkunit fcl-net
+ifeq ($(FULL_TARGET),i386-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-go32v2)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-win32)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-os2)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-freebsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-beos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-haiku)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-solaris)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-netware)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-openbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-wdosx)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-emx)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-watcom)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-netwlibc)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-wince)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-symbian)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-nativent)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-iphonesim)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i386-aros)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-amiga)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-atari)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-palmos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-macos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),m68k-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-amiga)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-macos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-morphos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-wii)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc-aix)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),sparc-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),sparc-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),sparc-solaris)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),sparc-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-freebsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-solaris)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-openbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-win64)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-iphonesim)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-aros)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),x86_64-dragonfly)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-netbsd)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-palmos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-wince)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-gba)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-nds)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-symbian)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),arm-aros)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc64-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc64-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc64-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),powerpc64-aix)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),avr-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),armeb-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),armeb-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),mips-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),mipsel-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),mipsel-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),mipsel-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),jvm-java)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),jvm-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i8086-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i8086-msdos)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),i8086-win16)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),aarch64-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),aarch64-darwin)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),aarch64-android)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),wasm-wasm)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),sparc64-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),riscv32-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),riscv32-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),riscv64-linux)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifeq ($(FULL_TARGET),riscv64-embedded)
+REQUIRE_PACKAGES_RTL=1
+REQUIRE_PACKAGES_PASZLIB=1
+REQUIRE_PACKAGES_FCL-PROCESS=1
+REQUIRE_PACKAGES_HASH=1
+REQUIRE_PACKAGES_LIBTAR=1
+REQUIRE_PACKAGES_FPMKUNIT=1
+REQUIRE_PACKAGES_FCL-NET=1
+endif
+ifdef REQUIRE_PACKAGES_RTL
+PACKAGEDIR_RTL:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /rtl/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_RTL),)
+ifneq ($(wildcard $(PACKAGEDIR_RTL)/units/$(TARGETSUFFIX)),)
+UNITDIR_RTL=$(PACKAGEDIR_RTL)/units/$(TARGETSUFFIX)
+else
+UNITDIR_RTL=$(PACKAGEDIR_RTL)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_RTL)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_RTL=$(PACKAGEDIR_RTL)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_RTL)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_RTL=$(PACKAGEDIR_RTL)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_RTL=$(PACKAGEDIR_RTL)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_RTL)/$(OS_TARGET)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_RTL)/$(OS_TARGET) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_RTL)/$(OS_TARGET)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_RTL=
+UNITDIR_RTL:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /rtl/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_RTL),)
+UNITDIR_RTL:=$(firstword $(UNITDIR_RTL))
+else
+UNITDIR_RTL=
+endif
+endif
+ifdef UNITDIR_RTL
+override COMPILER_UNITDIR+=$(UNITDIR_RTL)
+endif
+ifdef UNITDIR_FPMAKE_RTL
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_RTL)
+endif
+endif
+ifdef REQUIRE_PACKAGES_PASZLIB
+PACKAGEDIR_PASZLIB:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /paszlib/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_PASZLIB),)
+ifneq ($(wildcard $(PACKAGEDIR_PASZLIB)/units/$(TARGETSUFFIX)),)
+UNITDIR_PASZLIB=$(PACKAGEDIR_PASZLIB)/units/$(TARGETSUFFIX)
+else
+UNITDIR_PASZLIB=$(PACKAGEDIR_PASZLIB)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_PASZLIB)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_PASZLIB=$(PACKAGEDIR_PASZLIB)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_PASZLIB)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_PASZLIB=$(PACKAGEDIR_PASZLIB)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_PASZLIB=$(PACKAGEDIR_PASZLIB)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_PASZLIB)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_PASZLIB) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_PASZLIB)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_PASZLIB=
+UNITDIR_PASZLIB:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /paszlib/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_PASZLIB),)
+UNITDIR_PASZLIB:=$(firstword $(UNITDIR_PASZLIB))
+else
+UNITDIR_PASZLIB=
+endif
+endif
+ifdef UNITDIR_PASZLIB
+override COMPILER_UNITDIR+=$(UNITDIR_PASZLIB)
+endif
+ifdef UNITDIR_FPMAKE_PASZLIB
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_PASZLIB)
+endif
+endif
+ifdef REQUIRE_PACKAGES_FCL-PROCESS
+PACKAGEDIR_FCL-PROCESS:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /fcl-process/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_FCL-PROCESS),)
+ifneq ($(wildcard $(PACKAGEDIR_FCL-PROCESS)/units/$(TARGETSUFFIX)),)
+UNITDIR_FCL-PROCESS=$(PACKAGEDIR_FCL-PROCESS)/units/$(TARGETSUFFIX)
+else
+UNITDIR_FCL-PROCESS=$(PACKAGEDIR_FCL-PROCESS)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_FCL-PROCESS)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FCL-PROCESS=$(PACKAGEDIR_FCL-PROCESS)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_FCL-PROCESS)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FCL-PROCESS=$(PACKAGEDIR_FCL-PROCESS)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_FCL-PROCESS=$(PACKAGEDIR_FCL-PROCESS)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_FCL-PROCESS)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_FCL-PROCESS) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_FCL-PROCESS)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_FCL-PROCESS=
+UNITDIR_FCL-PROCESS:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /fcl-process/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_FCL-PROCESS),)
+UNITDIR_FCL-PROCESS:=$(firstword $(UNITDIR_FCL-PROCESS))
+else
+UNITDIR_FCL-PROCESS=
+endif
+endif
+ifdef UNITDIR_FCL-PROCESS
+override COMPILER_UNITDIR+=$(UNITDIR_FCL-PROCESS)
+endif
+ifdef UNITDIR_FPMAKE_FCL-PROCESS
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_FCL-PROCESS)
+endif
+endif
+ifdef REQUIRE_PACKAGES_HASH
+PACKAGEDIR_HASH:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /hash/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_HASH),)
+ifneq ($(wildcard $(PACKAGEDIR_HASH)/units/$(TARGETSUFFIX)),)
+UNITDIR_HASH=$(PACKAGEDIR_HASH)/units/$(TARGETSUFFIX)
+else
+UNITDIR_HASH=$(PACKAGEDIR_HASH)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_HASH)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_HASH=$(PACKAGEDIR_HASH)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_HASH)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_HASH=$(PACKAGEDIR_HASH)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_HASH=$(PACKAGEDIR_HASH)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_HASH)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_HASH) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_HASH)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_HASH=
+UNITDIR_HASH:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /hash/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_HASH),)
+UNITDIR_HASH:=$(firstword $(UNITDIR_HASH))
+else
+UNITDIR_HASH=
+endif
+endif
+ifdef UNITDIR_HASH
+override COMPILER_UNITDIR+=$(UNITDIR_HASH)
+endif
+ifdef UNITDIR_FPMAKE_HASH
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_HASH)
+endif
+endif
+ifdef REQUIRE_PACKAGES_LIBTAR
+PACKAGEDIR_LIBTAR:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /libtar/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_LIBTAR),)
+ifneq ($(wildcard $(PACKAGEDIR_LIBTAR)/units/$(TARGETSUFFIX)),)
+UNITDIR_LIBTAR=$(PACKAGEDIR_LIBTAR)/units/$(TARGETSUFFIX)
+else
+UNITDIR_LIBTAR=$(PACKAGEDIR_LIBTAR)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_LIBTAR)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_LIBTAR=$(PACKAGEDIR_LIBTAR)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_LIBTAR)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_LIBTAR=$(PACKAGEDIR_LIBTAR)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_LIBTAR=$(PACKAGEDIR_LIBTAR)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_LIBTAR)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_LIBTAR) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_LIBTAR)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_LIBTAR=
+UNITDIR_LIBTAR:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /libtar/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_LIBTAR),)
+UNITDIR_LIBTAR:=$(firstword $(UNITDIR_LIBTAR))
+else
+UNITDIR_LIBTAR=
+endif
+endif
+ifdef UNITDIR_LIBTAR
+override COMPILER_UNITDIR+=$(UNITDIR_LIBTAR)
+endif
+ifdef UNITDIR_FPMAKE_LIBTAR
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_LIBTAR)
+endif
+endif
+ifdef REQUIRE_PACKAGES_FPMKUNIT
+PACKAGEDIR_FPMKUNIT:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /fpmkunit/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_FPMKUNIT),)
+ifneq ($(wildcard $(PACKAGEDIR_FPMKUNIT)/units/$(TARGETSUFFIX)),)
+UNITDIR_FPMKUNIT=$(PACKAGEDIR_FPMKUNIT)/units/$(TARGETSUFFIX)
+else
+UNITDIR_FPMKUNIT=$(PACKAGEDIR_FPMKUNIT)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_FPMKUNIT)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FPMKUNIT=$(PACKAGEDIR_FPMKUNIT)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_FPMKUNIT)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FPMKUNIT=$(PACKAGEDIR_FPMKUNIT)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_FPMKUNIT=$(PACKAGEDIR_FPMKUNIT)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_FPMKUNIT)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_FPMKUNIT) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_FPMKUNIT)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_FPMKUNIT=
+UNITDIR_FPMKUNIT:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /fpmkunit/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_FPMKUNIT),)
+UNITDIR_FPMKUNIT:=$(firstword $(UNITDIR_FPMKUNIT))
+else
+UNITDIR_FPMKUNIT=
+endif
+endif
+ifdef UNITDIR_FPMKUNIT
+override COMPILER_UNITDIR+=$(UNITDIR_FPMKUNIT)
+endif
+ifdef UNITDIR_FPMAKE_FPMKUNIT
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_FPMKUNIT)
+endif
+endif
+ifdef REQUIRE_PACKAGES_FCL-NET
+PACKAGEDIR_FCL-NET:=$(firstword $(subst /Makefile.fpc,,$(strip $(wildcard $(addsuffix /fcl-net/Makefile.fpc,$(PACKAGESDIR))))))
+ifneq ($(PACKAGEDIR_FCL-NET),)
+ifneq ($(wildcard $(PACKAGEDIR_FCL-NET)/units/$(TARGETSUFFIX)),)
+UNITDIR_FCL-NET=$(PACKAGEDIR_FCL-NET)/units/$(TARGETSUFFIX)
+else
+UNITDIR_FCL-NET=$(PACKAGEDIR_FCL-NET)
+endif
+ifneq ($(wildcard $(PACKAGEDIR_FCL-NET)/units/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FCL-NET=$(PACKAGEDIR_FCL-NET)/units/$(SOURCESUFFIX)
+else
+ifneq ($(wildcard $(PACKAGEDIR_FCL-NET)/units_bs/$(SOURCESUFFIX)),)
+UNITDIR_FPMAKE_FCL-NET=$(PACKAGEDIR_FCL-NET)/units_bs/$(SOURCESUFFIX)
+else
+UNITDIR_FPMAKE_FCL-NET=$(PACKAGEDIR_FCL-NET)
+endif
+endif
+ifdef CHECKDEPEND
+$(PACKAGEDIR_FCL-NET)/$(FPCMADE):
+	$(MAKE) -C $(PACKAGEDIR_FCL-NET) $(FPCMADE)
+override ALLDEPENDENCIES+=$(PACKAGEDIR_FCL-NET)/$(FPCMADE)
+endif
+else
+PACKAGEDIR_FCL-NET=
+UNITDIR_FCL-NET:=$(subst /Package.fpc,,$(strip $(wildcard $(addsuffix /fcl-net/Package.fpc,$(UNITSDIR)))))
+ifneq ($(UNITDIR_FCL-NET),)
+UNITDIR_FCL-NET:=$(firstword $(UNITDIR_FCL-NET))
+else
+UNITDIR_FCL-NET=
+endif
+endif
+ifdef UNITDIR_FCL-NET
+override COMPILER_UNITDIR+=$(UNITDIR_FCL-NET)
+endif
+ifdef UNITDIR_FPMAKE_FCL-NET
+override COMPILER_FPMAKE_UNITDIR+=$(UNITDIR_FPMAKE_FCL-NET)
+endif
+endif
+ifndef NOCPUDEF
+override FPCOPTDEF=$(ARCH)
+endif
+ifneq ($(OS_TARGET),$(OS_SOURCE))
+override FPCOPT+=-T$(OS_TARGET)
+endif
+ifneq ($(CPU_TARGET),$(CPU_SOURCE))
+override FPCOPT+=-P$(ARCH)
+endif
+ifeq ($(OS_SOURCE),openbsd)
+override FPCOPT+=-FD$(NEW_BINUTILS_PATH)
+override FPCMAKEOPT+=-FD$(NEW_BINUTILS_PATH)
+override FPMAKE_BUILD_OPT+=-FD$(NEW_BINUTILS_PATH)
+endif
+ifndef CROSSBOOTSTRAP
+ifneq ($(BINUTILSPREFIX),)
+override FPCOPT+=-XP$(BINUTILSPREFIX)
+endif
+ifneq ($(BINUTILSPREFIX),)
+override FPCOPT+=-Xr$(RLINKPATH)
+endif
+endif
+ifndef CROSSCOMPILE
+ifneq ($(BINUTILSPREFIX),)
+override FPCMAKEOPT+=-XP$(BINUTILSPREFIX)
+override FPMAKE_BUILD_OPT+=-XP$(BINUTILSPREFIX)
+endif
+endif
+ifdef UNITDIR
+override FPCOPT+=$(addprefix -Fu,$(UNITDIR))
+endif
+ifdef LIBDIR
+override FPCOPT+=$(addprefix -Fl,$(LIBDIR))
+endif
+ifdef OBJDIR
+override FPCOPT+=$(addprefix -Fo,$(OBJDIR))
+endif
+ifdef INCDIR
+override FPCOPT+=$(addprefix -Fi,$(INCDIR))
+endif
+ifdef LINKSMART
+override FPCOPT+=-XX
+endif
+ifdef CREATESMART
+override FPCOPT+=-CX
+endif
+ifdef DEBUG
+override FPCOPT+=-gl
+override FPCOPTDEF+=DEBUG
+endif
+ifdef RELEASE
+ifneq ($(findstring 2.0.,$(FPC_VERSION)),)
+ifeq ($(CPU_TARGET),i386)
+FPCCPUOPT:=-OG2p3
+endif
+ifeq ($(CPU_TARGET),powerpc)
+FPCCPUOPT:=-O1r
+endif
+else
+FPCCPUOPT:=-O2
+endif
+override FPCOPT+=-Ur -Xs $(FPCCPUOPT) -n
+override FPCOPTDEF+=RELEASE
+endif
+ifdef STRIP
+override FPCOPT+=-Xs
+endif
+ifdef OPTIMIZE
+override FPCOPT+=-O2
+endif
+ifdef VERBOSE
+override FPCOPT+=-vwni
+endif
+ifdef COMPILER_OPTIONS
+override FPCOPT+=$(COMPILER_OPTIONS)
+endif
+ifdef COMPILER_UNITDIR
+override FPCOPT+=$(addprefix -Fu,$(COMPILER_UNITDIR))
+endif
+ifdef COMPILER_LIBRARYDIR
+override FPCOPT+=$(addprefix -Fl,$(COMPILER_LIBRARYDIR))
+endif
+ifdef COMPILER_OBJECTDIR
+override FPCOPT+=$(addprefix -Fo,$(COMPILER_OBJECTDIR))
+endif
+ifdef COMPILER_INCLUDEDIR
+override FPCOPT+=$(addprefix -Fi,$(COMPILER_INCLUDEDIR))
+endif
+ifdef CROSSBINDIR
+override FPCOPT+=-FD$(CROSSBINDIR)
+endif
+ifdef COMPILER_TARGETDIR
+override FPCOPT+=-FE$(COMPILER_TARGETDIR)
+ifeq ($(COMPILER_TARGETDIR),.)
+override TARGETDIRPREFIX=
+else
+override TARGETDIRPREFIX=$(COMPILER_TARGETDIR)/
+endif
+endif
+ifdef COMPILER_UNITTARGETDIR
+override FPCOPT+=-FU$(COMPILER_UNITTARGETDIR)
+ifeq ($(COMPILER_UNITTARGETDIR),.)
+override UNITTARGETDIRPREFIX=
+else
+override UNITTARGETDIRPREFIX=$(COMPILER_UNITTARGETDIR)/
+endif
+else
+ifdef COMPILER_TARGETDIR
+override COMPILER_UNITTARGETDIR=$(COMPILER_TARGETDIR)
+override UNITTARGETDIRPREFIX=$(TARGETDIRPREFIX)
+endif
+endif
+ifdef CREATESHARED
+override FPCOPT+=-Cg
+endif
+ifneq ($(findstring $(OS_TARGET),dragonfly freebsd openbsd netbsd linux solaris),)
+ifneq ($(findstring $(CPU_TARGET),x86_64 mips mipsel),)
+override FPCOPT+=-Cg
+endif
+endif
+ifdef LINKSHARED
+endif
+ifdef OPT
+override FPCOPT+=$(OPT)
+endif
+ifdef FPMAKEBUILDOPT
+override FPMAKE_BUILD_OPT+=$(FPMAKEBUILDOPT)
+endif
+ifdef FPCOPTDEF
+override FPCOPT+=$(addprefix -d,$(FPCOPTDEF))
+endif
+ifdef CFGFILE
+override FPCOPT+=@$(CFGFILE)
+endif
+ifdef USEENV
+override FPCEXTCMD:=$(FPCOPT)
+override FPCOPT:=!FPCEXTCMD
+export FPCEXTCMD
+endif
+override AFULL_TARGET=$(CPU_TARGET)-$(OS_TARGET)
+override AFULL_SOURCE=$(CPU_SOURCE)-$(OS_SOURCE)
+ifneq ($(AFULL_TARGET),$(AFULL_SOURCE))
+override ACROSSCOMPILE=1
+endif
+ifdef ACROSSCOMPILE
+override FPCOPT+=$(CROSSOPT)
+endif
+override COMPILER:=$(strip $(FPC) $(FPCOPT))
+ifneq (,$(findstring -sh ,$(COMPILER)))
+UseEXECPPAS=1
+endif
+ifneq (,$(findstring -s ,$(COMPILER)))
+ifeq ($(FULL_SOURCE),$(FULL_TARGET))
+UseEXECPPAS=1
+endif
+endif
+ifneq ($(UseEXECPPAS),1)
+EXECPPAS=
+else
+ifdef RUNBATCH
+EXECPPAS:=@$(RUNBATCH) $(PPAS)
+else
+EXECPPAS:=@$(PPAS)
+endif
+endif
+ifdef TARGET_RSTS
+override RSTFILES=$(addsuffix $(RSTEXT),$(TARGET_RSTS))
+override CLEANRSTFILES+=$(RSTFILES)
+endif
+.PHONY: fpc_install fpc_sourceinstall fpc_exampleinstall
+ifdef INSTALL_UNITS
+override INSTALLPPUFILES+=$(addsuffix $(PPUEXT),$(INSTALL_UNITS))
+endif
+ifdef INSTALL_BUILDUNIT
+override INSTALLPPUFILES:=$(filter-out $(INSTALL_BUILDUNIT)$(PPUEXT),$(INSTALLPPUFILES))
+endif
+ifdef INSTALLPPUFILES
+ifneq ($(IMPORTLIBPREFIX)-$(STATICLIBEXT),$(STATICLIBPREFIX)-$(STATICLIBEXT))
+override INSTALLPPULINKFILES:=$(subst $(PPUEXT),$(OEXT),$(INSTALLPPUFILES)) $(addprefix $(STATICLIBPREFIX),$(subst $(PPUEXT),$(STATICLIBEXT),$(INSTALLPPUFILES))) $(addprefix $(IMPORTLIBPREFIX),$(subst $(PPUEXT),$(STATICLIBEXT),$(INSTALLPPUFILES)))
+else
+override INSTALLPPULINKFILES:=$(subst $(PPUEXT),$(OEXT),$(INSTALLPPUFILES)) $(addprefix $(STATICLIBPREFIX),$(subst $(PPUEXT),$(STATICLIBEXT),$(INSTALLPPUFILES)))
+endif
+ifneq ($(UNITTARGETDIRPREFIX),)
+override INSTALLPPUFILES:=$(addprefix $(UNITTARGETDIRPREFIX),$(notdir $(INSTALLPPUFILES)))
+override INSTALLPPULINKFILES:=$(wildcard $(addprefix $(UNITTARGETDIRPREFIX),$(notdir $(INSTALLPPULINKFILES))))
+endif
+override INSTALL_CREATEPACKAGEFPC=1
+endif
+ifdef INSTALLEXEFILES
+ifneq ($(TARGETDIRPREFIX),)
+override INSTALLEXEFILES:=$(addprefix $(TARGETDIRPREFIX),$(notdir $(INSTALLEXEFILES)))
+endif
+endif
+fpc_install: all $(INSTALLTARGET)
+ifdef INSTALLEXEFILES
+	$(MKDIR) $(INSTALL_BINDIR)
+	$(INSTALLEXE) $(INSTALLEXEFILES) $(INSTALL_BINDIR)
+endif
+ifdef INSTALL_CREATEPACKAGEFPC
+ifdef FPCMAKE
+ifdef PACKAGE_VERSION
+ifneq ($(wildcard Makefile.fpc),)
+	$(FPCMAKE) -p -T$(CPU_TARGET)-$(OS_TARGET) Makefile.fpc
+	$(MKDIR) $(INSTALL_UNITDIR)
+	$(INSTALL) Package.fpc $(INSTALL_UNITDIR)
+endif
+endif
+endif
+endif
+ifdef INSTALLPPUFILES
+	$(MKDIR) $(INSTALL_UNITDIR)
+	$(INSTALL) $(INSTALLPPUFILES) $(INSTALL_UNITDIR)
+ifneq ($(INSTALLPPULINKFILES),)
+	$(INSTALL) $(INSTALLPPULINKFILES) $(INSTALL_UNITDIR)
+endif
+ifneq ($(wildcard $(LIB_FULLNAME)),)
+	$(MKDIR) $(INSTALL_LIBDIR)
+	$(INSTALL) $(LIB_FULLNAME) $(INSTALL_LIBDIR)
+ifdef inUnix
+	ln -sf $(LIB_FULLNAME) $(INSTALL_LIBDIR)/$(LIB_NAME)
+endif
+endif
+endif
+ifdef INSTALL_FILES
+	$(MKDIR) $(INSTALL_DATADIR)
+	$(INSTALL) $(INSTALL_FILES) $(INSTALL_DATADIR)
+endif
+fpc_sourceinstall: distclean
+	$(MKDIR) $(INSTALL_SOURCEDIR)
+	$(COPYTREE) $(BASEDIR)/* $(INSTALL_SOURCEDIR)
+fpc_exampleinstall: $(EXAMPLEINSTALLTARGET) $(addsuffix _distclean,$(TARGET_EXAMPLEDIRS))
+ifdef HASEXAMPLES
+	$(MKDIR) $(INSTALL_EXAMPLEDIR)
+endif
+ifdef EXAMPLESOURCEFILES
+	$(COPY) $(EXAMPLESOURCEFILES) $(INSTALL_EXAMPLEDIR)
+endif
+ifdef TARGET_EXAMPLEDIRS
+	$(COPYTREE) $(addsuffix /*,$(TARGET_EXAMPLEDIRS)) $(INSTALL_EXAMPLEDIR)
+endif
+.PHONY: fpc_distinstall
+fpc_distinstall: install exampleinstall
+.PHONY: fpc_zipinstall fpc_zipsourceinstall fpc_zipexampleinstall
+ifndef PACKDIR
+ifndef inUnix
+PACKDIR=$(BASEDIR)/../fpc-pack
+else
+PACKDIR=/tmp/fpc-pack
+endif
+endif
+ifndef ZIPNAME
+ifdef DIST_ZIPNAME
+ZIPNAME=$(DIST_ZIPNAME)
+else
+ZIPNAME=$(PACKAGE_NAME)
+endif
+endif
+ifndef FULLZIPNAME
+FULLZIPNAME=$(ZIPCROSSPREFIX)$(ZIPPREFIX)$(ZIPNAME)$(ZIPSUFFIX)
+endif
+ifndef ZIPTARGET
+ifdef DIST_ZIPTARGET
+ZIPTARGET=DIST_ZIPTARGET
+else
+ZIPTARGET=install
+endif
+endif
+ifndef USEZIP
+ifdef inUnix
+USETAR=1
+endif
+endif
+ifndef inUnix
+USEZIPWRAPPER=1
+endif
+ifdef USEZIPWRAPPER
+ZIPPATHSEP=$(PATHSEP)
+ZIPWRAPPER=$(subst /,$(PATHSEP),$(DIST_DESTDIR)/fpczip$(SRCBATCHEXT))
+else
+ZIPPATHSEP=/
+endif
+ZIPCMD_CDPACK:=cd $(subst /,$(ZIPPATHSEP),$(PACKDIR))
+ZIPCMD_CDBASE:=cd $(subst /,$(ZIPPATHSEP),$(BASEDIR))
+ifdef USETAR
+ZIPDESTFILE:=$(DIST_DESTDIR)/$(FULLZIPNAME)$(TAREXT)
+ZIPCMD_ZIP:=$(TARPROG) c$(TAROPT)f $(ZIPDESTFILE) *
+else
+ZIPDESTFILE:=$(DIST_DESTDIR)/$(FULLZIPNAME)$(ZIPEXT)
+ZIPCMD_ZIP:=$(subst /,$(ZIPPATHSEP),$(ZIPPROG)) -Dr $(ZIPOPT) $(ZIPDESTFILE) *
+endif
+fpc_zipinstall:
+	$(MAKE) $(ZIPTARGET) INSTALL_PREFIX=$(PACKDIR) ZIPINSTALL=1
+	$(MKDIR) $(DIST_DESTDIR)
+	$(DEL) $(ZIPDESTFILE)
+ifdef USEZIPWRAPPER
+ifneq ($(ECHOREDIR),echo)
+	$(ECHOREDIR) -e "$(subst \,\\,$(ZIPCMD_CDPACK))" > $(ZIPWRAPPER)
+	$(ECHOREDIR) -e "$(subst \,\\,$(ZIPCMD_ZIP))" >> $(ZIPWRAPPER)
+	$(ECHOREDIR) -e "$(subst \,\\,$(ZIPCMD_CDBASE))" >> $(ZIPWRAPPER)
+else
+	echo $(ZIPCMD_CDPACK) > $(ZIPWRAPPER)
+	echo $(ZIPCMD_ZIP) >> $(ZIPWRAPPER)
+	echo $(ZIPCMD_CDBASE) >> $(ZIPWRAPPER)
+endif
+ifdef inUnix
+	/bin/sh $(ZIPWRAPPER)
+else
+ifdef RUNBATCH
+	$(RUNBATCH) $(ZIPWRAPPER)
+else
+	$(ZIPWRAPPER)
+endif
+endif
+	$(DEL) $(ZIPWRAPPER)
+else
+	$(ZIPCMD_CDPACK) ; $(ZIPCMD_ZIP) ; $(ZIPCMD_CDBASE)
+endif
+	$(DELTREE) $(PACKDIR)
+fpc_zipsourceinstall:
+	$(MAKE) fpc_zipinstall ZIPTARGET=sourceinstall ZIPSUFFIX=$(ZIPSOURCESUFFIX)
+fpc_zipexampleinstall:
+ifdef HASEXAMPLES
+	$(MAKE) fpc_zipinstall ZIPTARGET=exampleinstall ZIPSUFFIX=$(ZIPEXAMPLESUFFIX)
+endif
+fpc_zipdistinstall:
+	$(MAKE) fpc_zipinstall ZIPTARGET=distinstall
+.PHONY: fpc_clean fpc_cleanall fpc_distclean
+ifdef EXEFILES
+override CLEANEXEFILES:=$(addprefix $(TARGETDIRPREFIX),$(CLEANEXEFILES))
+override CLEANEXEDBGFILES:=$(addprefix $(TARGETDIRPREFIX),$(CLEANEXEDBGFILES))
+endif
+ifdef CLEAN_PROGRAMS
+override CLEANEXEFILES+=$(addprefix $(TARGETDIRPREFIX),$(addsuffix $(EXEEXT), $(CLEAN_PROGRAMS)))
+override CLEANEXEDBGFILES+=$(addprefix $(TARGETDIRPREFIX),$(addsuffix $(EXEDBGEXT), $(CLEAN_PROGRAMS)))
+endif
+ifdef CLEAN_UNITS
+override CLEANPPUFILES+=$(addsuffix $(PPUEXT),$(CLEAN_UNITS))
+endif
+ifdef CLEANPPUFILES
+override CLEANPPULINKFILES:=$(subst $(PPUEXT),$(OEXT),$(CLEANPPUFILES)) $(addprefix $(STATICLIBPREFIX),$(subst $(PPUEXT),$(STATICLIBEXT),$(CLEANPPUFILES))) $(addprefix $(IMPORTLIBPREFIX),$(subst $(PPUEXT),$(STATICLIBEXT),$(CLEANPPUFILES)))
+ifdef DEBUGSYMEXT
+override CLEANPPULINKFILES+=$(subst $(PPUEXT),$(DEBUGSYMEXT),$(CLEANPPUFILES))
+endif
+override CLEANPPUFILES:=$(addprefix $(UNITTARGETDIRPREFIX),$(CLEANPPUFILES))
+override CLEANPPULINKFILES:=$(wildcard $(addprefix $(UNITTARGETDIRPREFIX),$(CLEANPPULINKFILES)))
+endif
+fpc_clean: $(CLEANTARGET)
+ifdef CLEANEXEFILES
+	-$(DEL) $(CLEANEXEFILES)
+endif
+ifdef CLEANEXEDBGFILES
+	-$(DELTREE) $(CLEANEXEDBGFILES)
+endif
+ifdef CLEANPPUFILES
+	-$(DEL) $(CLEANPPUFILES)
+endif
+ifneq ($(CLEANPPULINKFILES),)
+	-$(DEL) $(CLEANPPULINKFILES)
+endif
+ifdef CLEANRSTFILES
+	-$(DEL) $(addprefix $(UNITTARGETDIRPREFIX),$(CLEANRSTFILES))
+endif
+ifdef CLEAN_FILES
+	-$(DEL) $(CLEAN_FILES)
+endif
+ifdef LIB_NAME
+	-$(DEL) $(LIB_NAME) $(LIB_FULLNAME)
+endif
+	-$(DEL) $(FPCMADE) Package.fpc $(PPAS) script.res link.res $(FPCEXTFILE) $(REDIRFILE)
+	-$(DEL) *$(ASMEXT) *_ppas$(BATCHEXT) ppas$(BATCHEXT) ppaslink$(BATCHEXT)
+fpc_cleanall: $(CLEANTARGET)
+ifdef CLEANEXEFILES
+	-$(DEL) $(CLEANEXEFILES)
+endif
+ifdef COMPILER_UNITTARGETDIR
+ifdef CLEANPPUFILES
+	-$(DEL) $(CLEANPPUFILES)
+endif
+ifneq ($(CLEANPPULINKFILES),)
+	-$(DEL) $(CLEANPPULINKFILES)
+endif
+ifdef CLEANRSTFILES
+	-$(DEL) $(addprefix $(UNITTARGETDIRPREFIX),$(CLEANRSTFILES))
+endif
+endif
+ifdef CLEAN_FILES
+	-$(DEL) $(CLEAN_FILES)
+endif
+	-$(DELTREE) units
+	-$(DEL) *$(OEXT) *$(PPUEXT) *$(RSTEXT) *$(ASMEXT) *$(STATICLIBEXT) *$(SHAREDLIBEXT) *$(PPLEXT)
+ifneq ($(PPUEXT),.ppu)
+	-$(DEL) *.o *.ppu *.a
+endif
+	-$(DELTREE) *$(SMARTEXT)
+	-$(DEL) fpcmade.* Package.fpc $(PPAS) script.res link.res $(FPCEXTFILE) $(REDIRFILE)
+	-$(DEL) *_ppas$(BATCHEXT) ppas$(BATCHEXT) ppaslink$(BATCHEXT)
+ifdef AOUTEXT
+	-$(DEL) *$(AOUTEXT)
+endif
+ifdef DEBUGSYMEXT
+	-$(DEL) *$(DEBUGSYMEXT)
+endif
+ifdef LOCALFPMAKEBIN
+	-$(DEL) $(LOCALFPMAKEBIN)
+	-$(DEL) $(FPMAKEBINOBJ)
+endif
+fpc_distclean: cleanall
+.PHONY: fpc_baseinfo
+override INFORULES+=fpc_baseinfo
+fpc_baseinfo:
+	@$(ECHO)
+	@$(ECHO)  == Package info ==
+	@$(ECHO)  Package Name..... $(PACKAGE_NAME)
+	@$(ECHO)  Package Version.. $(PACKAGE_VERSION)
+	@$(ECHO)
+	@$(ECHO)  == Configuration info ==
+	@$(ECHO)
+	@$(ECHO)  FPC.......... $(FPC)
+	@$(ECHO)  FPC Version.. $(FPC_VERSION)
+	@$(ECHO)  Source CPU... $(CPU_SOURCE)
+	@$(ECHO)  Target CPU... $(CPU_TARGET)
+	@$(ECHO)  Source OS.... $(OS_SOURCE)
+	@$(ECHO)  Target OS.... $(OS_TARGET)
+	@$(ECHO)  Full Source.. $(FULL_SOURCE)
+	@$(ECHO)  Full Target.. $(FULL_TARGET)
+	@$(ECHO)  SourceSuffix. $(SOURCESUFFIX)
+	@$(ECHO)  TargetSuffix. $(TARGETSUFFIX)
+	@$(ECHO)  FPC fpmake... $(FPCFPMAKE)
+	@$(ECHO)
+	@$(ECHO)  == Directory info ==
+	@$(ECHO)
+	@$(ECHO)  Required pkgs... $(REQUIRE_PACKAGES)
+	@$(ECHO)
+	@$(ECHO)  Basedir......... $(BASEDIR)
+	@$(ECHO)  FPCDir.......... $(FPCDIR)
+	@$(ECHO)  CrossBinDir..... $(CROSSBINDIR)
+	@$(ECHO)  UnitsDir........ $(UNITSDIR)
+	@$(ECHO)  PackagesDir..... $(PACKAGESDIR)
+	@$(ECHO)
+	@$(ECHO)  GCC library..... $(GCCLIBDIR)
+	@$(ECHO)  Other library... $(OTHERLIBDIR)
+	@$(ECHO)
+	@$(ECHO)  == Tools info ==
+	@$(ECHO)
+	@$(ECHO)  As........ $(AS)
+	@$(ECHO)  Ld........ $(LD)
+	@$(ECHO)  Ar........ $(AR)
+	@$(ECHO)  Rc........ $(RC)
+	@$(ECHO)
+	@$(ECHO)  Mv........ $(MVPROG)
+	@$(ECHO)  Cp........ $(CPPROG)
+	@$(ECHO)  Rm........ $(RMPROG)
+	@$(ECHO)  GInstall.. $(GINSTALL)
+	@$(ECHO)  Echo...... $(ECHO)
+	@$(ECHO)  Shell..... $(SHELL)
+	@$(ECHO)  Date...... $(DATE)
+	@$(ECHO)  FPCMake... $(FPCMAKE)
+	@$(ECHO)  PPUMove... $(PPUMOVE)
+	@$(ECHO)  Zip....... $(ZIPPROG)
+	@$(ECHO)
+	@$(ECHO)  == Object info ==
+	@$(ECHO)
+	@$(ECHO)  Target Loaders........ $(TARGET_LOADERS)
+	@$(ECHO)  Target Units.......... $(TARGET_UNITS)
+	@$(ECHO)  Target Implicit Units. $(TARGET_IMPLICITUNITS)
+	@$(ECHO)  Target Programs....... $(TARGET_PROGRAMS)
+	@$(ECHO)  Target Dirs........... $(TARGET_DIRS)
+	@$(ECHO)  Target Examples....... $(TARGET_EXAMPLES)
+	@$(ECHO)  Target ExampleDirs.... $(TARGET_EXAMPLEDIRS)
+	@$(ECHO)
+	@$(ECHO)  Clean Units......... $(CLEAN_UNITS)
+	@$(ECHO)  Clean Files......... $(CLEAN_FILES)
+	@$(ECHO)
+	@$(ECHO)  Install Units....... $(INSTALL_UNITS)
+	@$(ECHO)  Install Files....... $(INSTALL_FILES)
+	@$(ECHO)
+	@$(ECHO)  == Install info ==
+	@$(ECHO)
+	@$(ECHO)  DateStr.............. $(DATESTR)
+	@$(ECHO)  ZipName.............. $(ZIPNAME)
+	@$(ECHO)  ZipPrefix............ $(ZIPPREFIX)
+	@$(ECHO)  ZipCrossPrefix....... $(ZIPCROSSPREFIX)
+	@$(ECHO)  ZipSuffix............ $(ZIPSUFFIX)
+	@$(ECHO)  FullZipName.......... $(FULLZIPNAME)
+	@$(ECHO)  Install FPC Package.. $(INSTALL_FPCPACKAGE)
+	@$(ECHO)
+	@$(ECHO)  Install base dir..... $(INSTALL_BASEDIR)
+	@$(ECHO)  Install binary dir... $(INSTALL_BINDIR)
+	@$(ECHO)  Install library dir.. $(INSTALL_LIBDIR)
+	@$(ECHO)  Install units dir.... $(INSTALL_UNITDIR)
+	@$(ECHO)  Install source dir... $(INSTALL_SOURCEDIR)
+	@$(ECHO)  Install doc dir...... $(INSTALL_DOCDIR)
+	@$(ECHO)  Install example dir.. $(INSTALL_EXAMPLEDIR)
+	@$(ECHO)  Install data dir..... $(INSTALL_DATADIR)
+	@$(ECHO)
+	@$(ECHO)  Dist destination dir. $(DIST_DESTDIR)
+	@$(ECHO)  Dist zip name........ $(DIST_ZIPNAME)
+	@$(ECHO)
+.PHONY: fpc_info
+fpc_info: $(INFORULES)
+.PHONY: fpc_makefile fpc_makefiles fpc_makefile_sub1 fpc_makefile_sub2 \
+	fpc_makefile_dirs
+fpc_makefile:
+	$(FPCMAKE) -w -T$(OS_TARGET) Makefile.fpc
+fpc_makefile_sub1:
+ifdef TARGET_DIRS
+	$(FPCMAKE) -w -T$(OS_TARGET) $(addsuffix /Makefile.fpc,$(TARGET_DIRS))
+endif
+ifdef TARGET_EXAMPLEDIRS
+	$(FPCMAKE) -w -T$(OS_TARGET) $(addsuffix /Makefile.fpc,$(TARGET_EXAMPLEDIRS))
+endif
+fpc_makefile_sub2: $(addsuffix _makefile_dirs,$(TARGET_DIRS) $(TARGET_EXAMPLEDIRS))
+fpc_makefile_dirs: fpc_makefile_sub1 fpc_makefile_sub2
+fpc_makefiles: fpc_makefile fpc_makefile_dirs
+units:
+examples:
+shared:
+sourceinstall: fpc_sourceinstall
+exampleinstall: fpc_exampleinstall
+zipexampleinstall: fpc_zipexampleinstall
+info: fpc_info
+makefiles: fpc_makefiles
+.PHONY: units examples shared sourceinstall exampleinstall zipexampleinstall info makefiles
+ifneq ($(wildcard fpcmake.loc),)
+include fpcmake.loc
+endif
+override FPCOPT:=$(filter-out -FU%,$(FPCOPT))
+override FPCOPT:=$(filter-out -FE%,$(FPCOPT))
+override FPCOPT:=$(filter-out $(addprefix -Fu,$(COMPILER_UNITDIR)),$(FPCOPT))# Compose general fpmake-parameters
+ifdef FPMAKEOPT
+FPMAKE_OPT+=$(FPMAKEOPT)
+endif
+FPMAKE_OPT+=--localunitdir=../..
+FPMAKE_OPT+=--globalunitdir=..
+FPMAKE_OPT+=$(FPC_TARGETOPT)
+FPMAKE_OPT+=$(addprefix -o ,$(FPCOPT))
+FPMAKE_OPT+=--compiler=$(FPC)
+FPMAKE_OPT+=-bu
+.NOTPARALLEL:
+fpmake$(SRCEXEEXT): fpmake.pp
+	$(FPCFPMAKE) fpmake.pp $(FPMAKE_SKIP_CONFIG) $(addprefix -Fu,$(COMPILER_FPMAKE_UNITDIR)) $(FPCMAKEOPT) $(OPT)
+all:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT)
+smart:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -XX -o -CX
+release:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -dRELEASE
+debug:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -dDEBUG
+ifeq ($(FPMAKE_BIN_CLEAN),)
+clean:
+else
+clean:
+	$(FPMAKE_BIN_CLEAN) clean $(FPMAKE_OPT)
+endif
+ifeq ($(FPMAKE_BIN_CLEAN),)
+distclean:	$(addsuffix _distclean,$(TARGET_DIRS)) fpc_cleanall
+else
+distclean:
+ifdef inUnix
+	{ $(FPMAKE_BIN_CLEAN) distclean $(FPMAKE_OPT); if [ $$? != "0" ]; then { echo Something wrong with fpmake exectable. Remove the executable and call make recursively to recover.; $(DEL) $(FPMAKE_BIN_CLEAN); $(MAKE) fpc_cleanall; }; fi;  }
+else
+	$(FPMAKE_BIN_CLEAN) distclean $(FPMAKE_OPT)
+endif
+	-$(DEL) $(LOCALFPMAKE)
+endif
+cleanall: distclean
+install:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_PREFIX) --baseinstalldir=$(INSTALL_LIBDIR)/fpc/$(FPC_VERSION) --unitinstalldir=$(INSTALL_UNITDIR)
+else
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_BASEDIR) --baseinstalldir=$(INSTALL_BASEDIR) --unitinstalldir=$(INSTALL_UNITDIR)
+endif
+distinstall:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_PREFIX) --baseinstalldir=$(INSTALL_LIBDIR)/fpc/$(FPC_VERSION) --unitinstalldir=$(INSTALL_UNITDIR) -ie -fsp 0
+else
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_BASEDIR) --baseinstalldir=$(INSTALL_BASEDIR) --unitinstalldir=$(INSTALL_UNITDIR) -ie -fsp 0
+endif
+zipinstall:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) zipinstall $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX)
+zipdistinstall:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) zipinstall $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) -ie -fsp 0
+zipsourceinstall:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) archive $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) --prefix=share/src/fpc-\$$\(PACKAGEVERSION\)/$(INSTALL_FPCSUBDIR)/\$$\(PACKAGEDIRECTORY\)
+else
+	$(LOCALFPMAKE) archive $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) --prefix=source\\$(INSTALL_FPCSUBDIR)\\\$$\(PACKAGEDIRECTORY\)
+endif

packages/gnutls/Makefile.fpc

@@ -0,0 +1,102 @@
+#
+#   Makefile.fpc for running fpmake
+#
+
+[package]
+name=gnutls
+version=3.3.1
+
+[require]
+packages=rtl fpmkunit fcl-net
+
+[install]
+fpcpackage=y
+
+[default]
+fpcdir=../..
+
+[prerules]
+FPMAKE_BIN_CLEAN=$(wildcard ./fpmake$(SRCEXEEXT))
+ifdef OS_TARGET
+FPC_TARGETOPT+=--os=$(OS_TARGET)
+endif
+ifdef CPU_TARGET
+FPC_TARGETOPT+=--cpu=$(CPU_TARGET)
+endif
+LOCALFPMAKE=./fpmake$(SRCEXEEXT)
+
+[rules]
+# Do not pass the Makefile's unit and binary target locations. Fpmake uses it's own.
+override FPCOPT:=$(filter-out -FU%,$(FPCOPT))
+override FPCOPT:=$(filter-out -FE%,$(FPCOPT))
+# Do not pass the package-unitdirectories. Fpmake adds those and this way they don't apear in the .fpm
+override FPCOPT:=$(filter-out $(addprefix -Fu,$(COMPILER_UNITDIR)),$(FPCOPT))# Compose general fpmake-parameters
+# Compose general fpmake-parameters
+ifdef FPMAKEOPT
+FPMAKE_OPT+=$(FPMAKEOPT)
+endif
+FPMAKE_OPT+=--localunitdir=../..
+FPMAKE_OPT+=--globalunitdir=..
+FPMAKE_OPT+=$(FPC_TARGETOPT)
+FPMAKE_OPT+=$(addprefix -o ,$(FPCOPT))
+FPMAKE_OPT+=--compiler=$(FPC)
+FPMAKE_OPT+=-bu
+.NOTPARALLEL:
+
+fpmake$(SRCEXEEXT): fpmake.pp
+	$(FPCFPMAKE) fpmake.pp $(FPMAKE_SKIP_CONFIG) $(addprefix -Fu,$(COMPILER_FPMAKE_UNITDIR)) $(FPCMAKEOPT) $(OPT)
+all:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT)
+smart:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -XX -o -CX
+release:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -dRELEASE
+debug:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) compile $(FPMAKE_OPT) -o -dDEBUG
+# If no fpmake exists and (dist)clean is called, do not try to build fpmake, it will
+# most often fail because the dependencies are cleared.
+# In case of a clean, simply do nothing
+ifeq ($(FPMAKE_BIN_CLEAN),)
+clean:
+else
+clean:
+	$(FPMAKE_BIN_CLEAN) clean $(FPMAKE_OPT)
+endif
+# In case of a distclean, perform an 'old'-style distclean. This to avoid problems
+# when the package is compiled using fpcmake prior to running this clean using fpmake
+ifeq ($(FPMAKE_BIN_CLEAN),)
+distclean:	$(addsuffix _distclean,$(TARGET_DIRS)) fpc_cleanall
+else
+distclean:
+ifdef inUnix
+        { $(FPMAKE_BIN_CLEAN) distclean $(FPMAKE_OPT); if [ $$? != "0" ]; then { echo Something wrong with fpmake exectable. Remove the executable and call make recursively to recover.; $(DEL) $(FPMAKE_BIN_CLEAN); $(MAKE) fpc_cleanall; }; fi;  }
+else
+        $(FPMAKE_BIN_CLEAN) distclean $(FPMAKE_OPT)
+endif
+	-$(DEL) $(LOCALFPMAKE)
+endif
+cleanall: distclean
+install:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_PREFIX) --baseinstalldir=$(INSTALL_LIBDIR)/fpc/$(FPC_VERSION) --unitinstalldir=$(INSTALL_UNITDIR)
+else
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_BASEDIR) --baseinstalldir=$(INSTALL_BASEDIR) --unitinstalldir=$(INSTALL_UNITDIR)
+endif
+# distinstall also installs the example-sources and omits the location of the source-
+# files from the fpunits.cfg files.
+distinstall:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_PREFIX) --baseinstalldir=$(INSTALL_LIBDIR)/fpc/$(FPC_VERSION) --unitinstalldir=$(INSTALL_UNITDIR) -ie -fsp 0
+else
+	$(LOCALFPMAKE) install $(FPMAKE_OPT) --prefix=$(INSTALL_BASEDIR) --baseinstalldir=$(INSTALL_BASEDIR) --unitinstalldir=$(INSTALL_UNITDIR) -ie -fsp 0
+endif
+zipinstall:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) zipinstall $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX)
+zipdistinstall:	fpmake$(SRCEXEEXT)
+	$(LOCALFPMAKE) zipinstall $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) -ie -fsp 0
+zipsourceinstall:	fpmake$(SRCEXEEXT)
+ifdef UNIXHier
+	$(LOCALFPMAKE) archive $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) --prefix=share/src/fpc-\$$\(PACKAGEVERSION\)/$(INSTALL_FPCSUBDIR)/\$$\(PACKAGEDIRECTORY\)
+else
+	$(LOCALFPMAKE) archive $(FPMAKE_OPT) --zipprefix=$(DIST_DESTDIR)/$(ZIPPREFIX) --prefix=source\\$(INSTALL_FPCSUBDIR)\\\$$\(PACKAGEDIRECTORY\)
+endif

packages/gnutls/examples/httpget.pp

@@ -0,0 +1,155 @@
+program httpget;
+
+{$mode objfpc}
+{$h+}
+
+uses sysutils, ssockets, gnutls, uriparser;
+
+Const
+  logLevel = 0; // Set to positive value to enable logging.
+  // Correct this for your system.
+  DefaultCerts : PChar =  '/etc/ssl/certs/ca-certificates.crt';
+
+  MAX_BUF = 1024*256;
+  MSG = 'GET %s HTTP/1.0'#13#10'Host: %s'#13#10#13#10;
+
+
+Procedure MyLogFunc(level : longint; msg : PChar); cdecl;
+begin
+  writeln(StdErr,'Log[',Level:2,']: ',msg);
+end;
+
+Var
+  sock : TInetSocket;
+  ret : integer;
+  session : tgnutls_session_t;
+  buf : Array[0..MAX_BUF] of char;
+  cred : tgnutls_certificate_credentials_t;
+  errptr,desc : pchar;
+  FN, URL,S, HostName : String;
+  port : word;
+
+  uri : TURI;
+
+begin
+  if paramCount<1 then
+    begin
+    writeln('Usage : ',ExtractFileName(ParamStr(0)),' url');
+    Halt(1);
+    end;
+  url:=ParamStr(1);
+  uri:=ParseURI(URL,'https',443);
+  hostname:=uri.Host;
+  if uri.Protocol<>'https' then
+    begin
+    Writeln('Only https supported');
+    Halt(1);
+    end;
+  Port:=URI.Port;
+  FN:=uri.Path+URI.Document;
+  if (URI.Params<>'') then
+    FN:=FN+'?'+URI.Params;
+  if FN='' then FN:='/';
+  LoadGNutls();
+  gnutls_global_init();
+  ret := gnutls_certificate_allocate_credentials (@cred);
+  if (ret <> GNUTLS_E_SUCCESS) then
+    begin
+    writeln(stderr, 'error: gnutls_certificate_allocate_credentials: ', gnutls_strerror(ret));
+    halt(1);
+    end;
+  ret := gnutls_certificate_set_x509_trust_file(cred, defaultcerts, GNUTLS_X509_FMT_PEM);
+  if (ret = 0) then
+    begin
+    writeln(stderr, 'error: no certificates found in:', defaultcerts);
+    halt(1);
+    end
+  else if (ret < 0) then
+    begin
+    writeln(stderr, 'error: gnutls_certificate_set_x509_trust_files(',defaultcerts,'): ',
+	     gnutls_strerror(ret));
+    halt(1);
+    end;
+  if (logLevel>0) then
+    begin
+    gnutls_global_set_log_function(@MyLogFunc);
+    gnutls_global_set_log_level(logLevel);
+    end;
+  gnutls_init(@session, GNUTLS_CLIENT);
+  // We can also use
+  //  ret:=gnutls_set_default_priority(session);
+  ret := gnutls_priority_set_direct(session, 'NORMAL', @errptr);
+  if (ret <> GNUTLS_E_SUCCESS) then
+    begin
+    writeln(stderr, 'error: gnutls_priority_set_direct: ',gnutls_strerror(ret) , ' error: at: ', errptr);
+    halt(1);
+    end;
+
+  ret := gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, cred);
+  if (ret <> GNUTLS_E_SUCCESS) then
+    begin
+    writeln(stderr, 'error: gnutls_credentials_set: ', gnutls_strerror(ret));
+    halt(1);
+    end;
+
+  Sock:=TINetSocket.Create(HostName,Port);
+  gnutls_transport_set_int(session, Sock.Handle);
+  gnutls_handshake_set_timeout(session,GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+
+  ret := gnutls_server_name_set(session, GNUTLS_NAME_DNS,pchar(HostName), length(HostName));
+  if (ret <> GNUTLS_E_SUCCESS) then
+    begin
+    writeln(stderr, 'error: gnutls_server_name_set: ', gnutls_strerror(ret));
+    halt(1);
+    end;
+  
+  gnutls_session_set_verify_cert(session,pchar(HostName),0);
+  
+  Repeat
+    ret:=gnutls_handshake(session);
+    if Ret<>GNUTLS_E_SUCCESS then
+      Case ret of
+        GNUTLS_E_AGAIN : Writeln(StdErr,'Handshake again');
+        GNUTLS_E_INTERRUPTED : Writeln(StdErr,'Handshake interrupted');
+      else
+        Writeln(StdErr,'Error ',ret,' received, fatal : ',gnutls_error_is_fatal(ret));
+      end;
+  until (ret>=0)  or (gnutls_error_is_fatal(ret) <> 0);
+  if (ret < 0) then
+    begin
+    writeln(stderr, '*** Handshake failed');
+    gnutls_perror(ret);
+    end
+  else  
+    begin
+    desc := gnutls_session_get_desc(session);
+    writeln(StdErr,'- Session info: ', desc);
+//    gnutls_free(desc);
+    end;
+  S:=Format(Msg,[FN,HostName]);
+  Writeln(StdErr,'Sending request : ',S);
+  gnutls_record_send(session, Pchar(S), length(S));
+  repeat
+    ret := gnutls_record_recv(session, @buf, MAX_BUF);
+    if (ret=0) then
+      writeln(StdErr,'- Peer has closed the TLS connection\n')
+    else if ((ret < 0) and (gnutls_error_is_fatal(ret) = 0)) then
+      writeln(stderr, '*** Warning: ', gnutls_strerror(ret))
+    else if (ret < 0) and (ret<>GNUTLS_E_PREMATURE_TERMINATION) then
+      Writeln(stderr, '*** Error: ', ret, ' : ',gnutls_strerror(ret))
+    else if (ret > 0) then
+        begin
+        writeln(StdErr,'- Received ',ret,' bytes: ');
+        SetLength(S,Ret);
+        Move(Buf[0],S[1],Ret);
+        Write(S);
+        end;
+  until (ret<=0) and Not ((ret=GNUTLS_E_INTERRUPTED) or (Ret=GNUTLS_E_AGAIN));
+  Writeln;
+  gnutls_bye(session, GNUTLS_SHUT_RDWR);
+  Sock.Free;
+  gnutls_deinit(session);
+  gnutls_certificate_free_credentials(cred);
+  gnutls_global_deinit();
+  FreeGnuTLS;
+end.

packages/gnutls/examples/privkey.pp

@@ -0,0 +1,50 @@
+{
+  Simple low-level example for how generate a RSA private key (4096 bytes) using
+  the GnuTLS binding.
+
+  Author(s): Silvio Clecio (silvioprog), Michael Van Canneyt
+  Date: Mon Jan  7 01:36:18 -03 2019
+  GnuTLS version: 3.4+
+}
+
+program privkey;
+
+{$MODE OBJFPC}{$H+}
+{$ASSERTIONS ON}
+
+uses
+  sysutils,
+  ctypes,
+  gnutls;
+
+type
+  EGnuTLS = Exception;
+
+procedure TLSCheckRet(Aret: cint); inline;
+begin
+  if Aret <> GNUTLS_E_SUCCESS then
+    raise EGnuTLS.Create(gnutls_strerror(Aret));
+end;
+
+var
+  priv_key: AnsiString = '';
+  priv_key_size: cuint;
+  key: Tgnutls_x509_privkey_t;
+begin
+  LoadGnuTLS;
+  Assert(GnuTLSLoaded);
+  key:=nil;
+  try
+    TLSCheckRet(gnutls_x509_privkey_init(@key));
+    priv_key_size := gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA,GNUTLS_SEC_PARAM_HIGH);
+    SetLength(priv_key, Pred(priv_key_size));
+    TLSCheckRet(gnutls_x509_privkey_generate(key, GNUTLS_PK_RSA, priv_key_size, 0));
+    TLSCheckRet(gnutls_x509_privkey_export(key, GNUTLS_X509_FMT_PEM, @priv_key[1], @priv_key_size));
+    SetLength(priv_key, Pred(priv_key_size));
+    WriteLn(priv_key);
+  finally
+    if key<>Nil then
+      gnutls_x509_privkey_deinit(key);
+    FreeGnuTLS;
+  end;
+end.

packages/gnutls/examples/srvcacert.pp

@@ -0,0 +1,344 @@
+{
+  Simple low-level example using the GnuTLS binding for how generate an own CA
+  and self-signed certificate for HTTP server and client.
+
+  Author: Silvio Clecio (silvioprog)
+  Date: Wed Jan  9 03:10:58 BRT 2019
+  GnuTLS version: 3.4+
+
+  Testing the generated files.
+
+  Server side:
+
+    gnutls-serv --port 8080 --http \
+      --x509cafile ca.pem \
+      --x509keyfile server.key \
+      --x509certfile server.pem
+
+  Client side:
+
+    curl -k --key client.key --cert client.pem https://localhost:8080
+
+  or:
+
+    gnutls-cli localhost --port 8080 --insecure \
+      --x509keyfile client.key \
+      --x509certfile client.pem
+}
+
+program srvcacert;
+
+{$MODE OBJFPC}{$H+}
+{$ASSERTIONS ON}
+
+uses
+  sysutils,
+  classes,
+  dateutils,
+  ctypes,
+  gnutls;
+
+const
+  CA_KEY = 'ca.key';
+  CA_PEM = 'ca.pem';
+  SERVER_KEY = 'server.key';
+  SERVER_PEM = 'server.pem';
+  CLIENT_KEY = 'client.key';
+  CLIENT_PEM = 'client.pem';
+
+  CERT_SIZE = 4096;
+
+type
+  EGnuTLS = Exception;
+
+procedure Save(const S: AnsiString; const AFileName: TFileName);
+begin
+  with TStringStream.Create(S) do
+  try
+    SaveToFile(AFileName);
+  finally
+    Free;
+  end;
+end;
+
+procedure TLSCheckRet(Aret: cint); inline;
+begin
+  if Aret <> GNUTLS_E_SUCCESS then
+    raise EGnuTLS.Create(gnutls_strerror(Aret));
+end;
+
+procedure TLSCheck(Aexp: Boolean; Aret: cint); inline;
+begin
+  if Aexp then
+    raise EGnuTLS.Create(gnutls_strerror(Aret));
+end;
+
+procedure TLSGenPrivKey(out Apriv_key: AnsiString);
+var
+  Vkey: Tgnutls_x509_privkey_t;
+  Vpriv_key_size: cuint;
+begin
+  try
+    TLSCheckRet(gnutls_x509_privkey_init(@Vkey));
+    Vpriv_key_size := gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA,
+      GNUTLS_SEC_PARAM_HIGH);
+    Apriv_key := '';
+    SetLength(Apriv_key, Pred(Vpriv_key_size));
+    TLSCheckRet(gnutls_x509_privkey_generate(Vkey, GNUTLS_PK_RSA,
+      Vpriv_key_size, 0));
+    TLSCheckRet(gnutls_x509_privkey_export(Vkey, GNUTLS_X509_FMT_PEM,
+      @Apriv_key[1], @Vpriv_key_size));
+    SetLength(Apriv_key, Pred(Vpriv_key_size));
+  except
+    gnutls_x509_privkey_deinit(Vkey);
+    raise;
+  end;
+end;
+
+procedure TLSGenCACert(const Aca_priv_key: AnsiString; out Aca_pem: AnsiString;
+  const Acommon_name, Aserial: AnsiString; Adays: Word);
+var
+  Vkey: Tgnutls_x509_privkey_t;
+  Vcrt: Tgnutls_x509_crt_t = nil;
+  Vdata: Tgnutls_datum_t;
+  Vkeyid: AnsiString = '';
+  Vkeyidsize: csize_t;
+  Vactivation: ttime_t;
+  Vca_pem_size: csize_t;
+  Vret: cint;
+begin
+  try
+    TLSCheckRet(gnutls_x509_privkey_init(@Vkey));
+    Vdata.data := @Aca_priv_key[1];
+    Vdata.size := Length(Aca_priv_key);
+    TLSCheckRet(gnutls_x509_privkey_import(Vkey, @Vdata, GNUTLS_X509_FMT_PEM));
+    TLSCheckRet(gnutls_x509_crt_init(@Vcrt));
+    TLSCheckRet(gnutls_x509_crt_set_key(Vcrt, Vkey));
+    TLSCheckRet(gnutls_x509_crt_set_dn_by_oid(Vcrt, GNUTLS_OID_X520_COMMON_NAME,
+      0, @Acommon_name[1], Length(Acommon_name)));
+    TLSCheckRet(gnutls_x509_crt_set_version(Vcrt, 3));
+    TLSCheckRet(gnutls_x509_crt_set_serial(Vcrt, @Aserial[1], Length(Aserial)));
+    Vactivation := DateTimeToUnix(Now,False);
+    TLSCheckRet(gnutls_x509_crt_set_activation_time(Vcrt, Vactivation));
+    TLSCheckRet(gnutls_x509_crt_set_expiration_time(Vcrt,
+      Vactivation + (Adays * 86400)));
+    TLSCheckRet(gnutls_x509_crt_set_ca_status(Vcrt, Ord(True)));
+    TLSCheckRet(gnutls_x509_crt_set_key_usage(Vcrt, GNUTLS_KEY_KEY_CERT_SIGN));
+    Vkeyidsize := 0;
+    Vret := gnutls_x509_crt_get_key_id(Vcrt, GNUTLS_KEYID_USE_SHA1, nil,
+      @Vkeyidsize);
+    TLSCheck((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Pred(Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_get_key_id(Vcrt, GNUTLS_KEYID_USE_SHA1,
+      @Vkeyid[1], @Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_set_subject_key_id(Vcrt, @Vkeyid[1], Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_sign2(Vcrt, Vcrt, Vkey, GNUTLS_DIG_SHA256, 0));
+    Aca_pem := '';
+    Vca_pem_size := CERT_SIZE;
+    SetLength(Aca_pem, Pred(Vca_pem_size));
+    TLSCheckRet(gnutls_x509_crt_export(Vcrt, GNUTLS_X509_FMT_PEM, @Aca_pem[1],
+      @Vca_pem_size));
+    SetLength(Aca_pem, Pred(Vca_pem_size));
+  except
+    gnutls_x509_privkey_deinit(Vkey);
+    gnutls_x509_crt_deinit(Vcrt);
+    raise;
+  end;
+end;
+
+procedure TLSGenSrvCert(const Aca_priv_key, Aca_pem, Asrv_priv_key: AnsiString;
+  out Asrv_pem: AnsiString; const Acommon_name, Aorganization,
+  Aserial: AnsiString; Adays: Word);
+var
+  Vsrv_key: Tgnutls_x509_privkey_t = nil;
+  Vca_key: Tgnutls_x509_privkey_t = nil;
+  Vca_crt: Tgnutls_x509_crt_t = nil;
+  Vsrv_crt: Tgnutls_x509_crt_t = nil;
+  Vdata: Tgnutls_datum_t;
+  Vkeyid: AnsiString = '';
+  Vkeyidsize: csize_t;
+  Vactivation: ttime_t;
+  Vsrv_pem_size: csize_t;
+  Vret: cint;
+begin
+  try
+  TLSCheckRet(gnutls_x509_privkey_init(@Vca_key));
+  Vdata.data := @Aca_priv_key[1];
+  Vdata.size := Length(Aca_priv_key);
+  TLSCheckRet(gnutls_x509_privkey_import(Vca_key, @Vdata, GNUTLS_X509_FMT_PEM));
+  TLSCheckRet(gnutls_x509_privkey_init(@Vsrv_key));
+  Vdata.data := @Asrv_priv_key[1];
+  Vdata.size := Length(Asrv_priv_key);
+  TLSCheckRet(gnutls_x509_privkey_import(Vsrv_key, @Vdata, GNUTLS_X509_FMT_PEM));
+  TLSCheckRet(gnutls_x509_crt_init(@Vca_crt));
+  Vdata.data := @Aca_pem[1];
+  Vdata.size := Length(Aca_pem);
+  TLSCheckRet(gnutls_x509_crt_import(Vca_crt, @Vdata, GNUTLS_X509_FMT_PEM));
+  TLSCheckRet(gnutls_x509_crt_init(@Vsrv_crt));
+  TLSCheckRet(gnutls_x509_crt_set_key(Vsrv_crt, Vsrv_key));
+  TLSCheckRet(gnutls_x509_crt_set_dn_by_oid(Vsrv_crt,
+    GNUTLS_OID_X520_COMMON_NAME, 0, @Acommon_name[1], Length(Acommon_name)));
+  TLSCheckRet(gnutls_x509_crt_set_dn_by_oid(Vsrv_crt,
+    GNUTLS_OID_X520_ORGANIZATION_NAME, 0, @Aorganization[1],
+    Length(Aorganization)));
+  TLSCheckRet(gnutls_x509_crt_set_version(Vsrv_crt, 3));
+  TLSCheckRet(gnutls_x509_crt_set_serial(Vsrv_crt, @Aserial[1],
+    Length(Aserial)));
+  Vactivation := DateTimeToUnix(Now,False);
+  TLSCheckRet(gnutls_x509_crt_set_activation_time(Vsrv_crt, Vactivation));
+  TLSCheckRet(gnutls_x509_crt_set_expiration_time(Vsrv_crt,
+    Vactivation + (Adays * 86400)));
+  TLSCheckRet(gnutls_x509_crt_set_ca_status(Vsrv_crt, Ord(False)));
+  TLSCheckRet(gnutls_x509_crt_set_key_purpose_oid(Vsrv_crt,
+    @GNUTLS_KP_TLS_WWW_SERVER[1], Ord(False)));
+  Vkeyidsize := 0;
+  Vret := gnutls_x509_crt_get_subject_key_id(Vca_crt, nil, @Vkeyidsize, nil);
+  TLSCheck((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or  (Vkeyidsize < 1), Vret);
+  SetLength(Vkeyid, Pred(Vkeyidsize));
+  TLSCheckRet(gnutls_x509_crt_get_subject_key_id(Vca_crt, @Vkeyid[1],
+    @Vkeyidsize, nil));
+  TLSCheckRet(gnutls_x509_crt_set_subject_key_id(Vsrv_crt, @Vkeyid[1],
+    Vkeyidsize));
+  Vkeyidsize := 0;
+  gnutls_x509_crt_get_key_id(Vsrv_crt, GNUTLS_KEYID_USE_SHA1, nil, @Vkeyidsize);
+  TLSCheck((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+  SetLength(Vkeyid, Pred(Vkeyidsize));
+  TLSCheckRet(gnutls_x509_crt_get_key_id(Vsrv_crt, GNUTLS_KEYID_USE_SHA1,
+    @Vkeyid[1], @Vkeyidsize));
+  TLSCheckRet(gnutls_x509_crt_set_authority_key_id(Vsrv_crt,
+    @Vkeyid[1], Vkeyidsize));
+  TLSCheckRet(gnutls_x509_crt_sign2(Vsrv_crt, Vca_crt, Vca_key,
+    GNUTLS_DIG_SHA256, 0));
+  Vsrv_pem_size := CERT_SIZE;
+  Asrv_pem := '';
+  SetLength(Asrv_pem, Pred(Vsrv_pem_size));
+  TLSCheckRet(gnutls_x509_crt_export(Vsrv_crt, GNUTLS_X509_FMT_PEM,
+    @Asrv_pem[1], @Vsrv_pem_size));
+  SetLength(Asrv_pem, Vsrv_pem_size);
+  except
+    gnutls_x509_privkey_deinit(Vsrv_key);
+    gnutls_x509_privkey_deinit(Vca_key);
+    gnutls_x509_crt_deinit(Vca_crt);
+    gnutls_x509_crt_deinit(Vsrv_crt);
+    raise;
+  end;
+end;
+
+procedure TLSGenCliCert(const Aca_priv_key, Aca_pem, Acli_priv_key: AnsiString;
+  out Acli_pem: AnsiString; const Acommon_name, Aserial: AnsiString;
+  Adays: Word);
+var
+  Vcli_key: Tgnutls_x509_privkey_t = nil;
+  Vca_key: Tgnutls_x509_privkey_t = nil;
+  Vca_crt: Tgnutls_x509_crt_t = nil;
+  Vcli_crt: Tgnutls_x509_crt_t = nil;
+  Vdata: Tgnutls_datum_t;
+  Vkeyid: AnsiString = '';
+  Vkeyidsize: csize_t;
+  Vactivation: ttime_t;
+  Vcli_pem_size: csize_t;
+  Vret: cint;
+begin
+  try
+    TLSCheckRet(gnutls_x509_privkey_init(@Vca_key));
+    Vdata.data := @Aca_priv_key[1];
+    Vdata.size := Length(Aca_priv_key);
+    TLSCheckRet(gnutls_x509_privkey_import(Vca_key, @Vdata,
+      GNUTLS_X509_FMT_PEM));
+    TLSCheckRet(gnutls_x509_privkey_init(@Vcli_key));
+    Vdata.data := @Acli_priv_key[1];
+    Vdata.size := Length(Acli_priv_key);
+    TLSCheckRet(gnutls_x509_privkey_import(Vcli_key, @Vdata,
+      GNUTLS_X509_FMT_PEM));
+    TLSCheckRet(gnutls_x509_crt_init(@Vca_crt));
+    Vdata.data := @Aca_pem[1];
+    Vdata.size := Length(Aca_pem);
+    TLSCheckRet(gnutls_x509_crt_import(Vca_crt, @Vdata, GNUTLS_X509_FMT_PEM));
+    TLSCheckRet(gnutls_x509_crt_init(@Vcli_crt));
+    TLSCheckRet(gnutls_x509_crt_set_key(Vcli_crt, Vcli_key));
+    TLSCheckRet(gnutls_x509_crt_set_dn_by_oid(Vcli_crt,
+      GNUTLS_OID_X520_COMMON_NAME, 0, @Acommon_name[1], Length(Acommon_name)));
+    TLSCheckRet(gnutls_x509_crt_set_version(Vcli_crt, 3));
+    TLSCheckRet(gnutls_x509_crt_set_serial(Vcli_crt, @Aserial[1],
+      Length(Aserial)));
+    Vactivation := DateTimeToUnix(Now,False);
+    TLSCheckRet(gnutls_x509_crt_set_activation_time(Vcli_crt, Vactivation));
+    TLSCheckRet(gnutls_x509_crt_set_expiration_time(Vcli_crt,
+      Vactivation + (Adays * 86400)));
+    TLSCheckRet(gnutls_x509_crt_set_ca_status(Vcli_crt, Ord(False)));
+    TLSCheckRet(gnutls_x509_crt_set_key_purpose_oid(Vcli_crt,
+      @GNUTLS_KP_TLS_WWW_CLIENT[1], Ord(False)));
+    Vkeyidsize := 0;
+    Vret := gnutls_x509_crt_get_subject_key_id(Vca_crt, nil, @Vkeyidsize, nil);
+    TLSCheck((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Pred(Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_get_subject_key_id(Vca_crt, @Vkeyid[1],
+      @Vkeyidsize, nil));
+    TLSCheckRet(gnutls_x509_crt_set_subject_key_id(Vcli_crt, @Vkeyid[1],
+      Vkeyidsize));
+    Vkeyidsize := 0;
+    Vret := gnutls_x509_crt_get_key_id(Vca_crt, GNUTLS_KEYID_USE_SHA1,
+      nil, @Vkeyidsize);
+    TLSCheck((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Vkeyidsize);
+    TLSCheckRet(gnutls_x509_crt_get_key_id(Vca_crt, GNUTLS_KEYID_USE_SHA1,
+      @Vkeyid[1], @Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_set_authority_key_id(Vcli_crt, @Vkeyid[1],
+      Vkeyidsize));
+    TLSCheckRet(gnutls_x509_crt_sign2(Vcli_crt, Vca_crt, Vca_key,
+      GNUTLS_DIG_SHA256, 0));
+    Vcli_pem_size := CERT_SIZE;
+    Acli_pem := '';
+    SetLength(Acli_pem, Pred(Vcli_pem_size));
+    TLSCheckRet(gnutls_x509_crt_export(Vcli_crt, GNUTLS_X509_FMT_PEM,
+      @Acli_pem[1], @Vcli_pem_size));
+    SetLength(Acli_pem, Vcli_pem_size);
+  except
+    gnutls_x509_privkey_deinit(Vcli_key);
+    gnutls_x509_privkey_deinit(Vca_key);
+    gnutls_x509_crt_deinit(Vca_crt);
+    gnutls_x509_crt_deinit(Vcli_crt);
+    raise;
+  end;
+end;
+
+var
+  ca_pkey, ca_crt, pkey, crt: AnsiString;
+begin
+  LoadGnuTLS;
+  Assert(GnuTLSLoaded);
+  try
+    WriteLn('Generating ', CA_KEY);
+    TLSGenPrivKey(ca_pkey);
+    Save(ca_pkey, CA_KEY);
+    WriteLn('Done!');
+
+    WriteLn('Generating ', CA_PEM);
+    TLSGenCACert(ca_pkey, ca_crt, 'GnuTLS test CA', '01', 365);
+    Save(ca_crt, CA_PEM);
+    WriteLn('Done!');
+
+    WriteLn('Generating ', SERVER_KEY);
+    TLSGenPrivKey(pkey);
+    Save(pkey, SERVER_KEY);
+    WriteLn('Done!');
+
+    WriteLn('Generating ', SERVER_PEM);
+    TLSGenSrvCert(ca_pkey, ca_crt, pkey, crt, 'test.gnutls.org',
+      'GnuTLS test server', '01', 365);
+    Save(crt, SERVER_PEM);
+    WriteLn('Done!');
+
+    WriteLn('Generating ', CLIENT_KEY);
+    TLSGenPrivKey(pkey);
+    Save(pkey, CLIENT_KEY);
+    WriteLn('Done!');
+
+    WriteLn('Generating ', CLIENT_PEM);
+    TLSGenCliCert(ca_pkey, ca_crt, pkey, crt, 'GnuTLS test client', '01', 365);
+    Save(crt, CLIENT_PEM);
+    WriteLn('Done!');
+  finally
+    FreeGnuTLS;
+  end;
+end.

packages/gnutls/examples/testgnutls.pp

@@ -0,0 +1,7 @@
+program testgnutls;
+
+uses gnutls;
+
+begin
+  loadGnuTLS;
+end.

packages/gnutls/fpmake.pp

@@ -0,0 +1,39 @@
+{$ifndef ALLPACKAGES}
+{$mode objfpc}{$H+}
+program fpmake;
+
+uses fpmkunit;
+
+Var
+  P : TPackage;
+  T : TTarget;
+begin
+  With Installer do
+    begin
+{$endif ALLPACKAGES}
+
+    P:=AddPackage('gnutls');
+    P.Dependencies.Add('fcl-net');
+    P.ShortName:='gnutls';
+    P.Description := 'Interface units for GNU TLS libraries supporting SSL-encrypted network communication.';
+{$ifdef ALLPACKAGES}
+    P.Directory:=ADirectory;
+{$endif ALLPACKAGES}
+    P.Version:='3.3.1';
+    P.SourcePath.Add('src');
+    P.OSes := AllUnixOSes+AllWindowsOSes-[qnx];
+    if Defaults.CPU=jvm then
+      P.OSes := P.OSes - [java,android];
+    T:=P.Targets.AddUnit('gnutls.pp');
+    T:=P.Targets.AddUnit('gnutlssockets.pp');
+      T.Dependencies.AddUnit('gnutls');
+    P.ExamplePath.Add('examples');
+    P.Targets.AddExampleProgram('testgnutls.pp');
+    P.Targets.AddExampleProgram('privkey.pp');
+    P.Targets.AddExampleProgram('srvcacert.pp');
+    
+{$ifndef ALLPACKAGES}
+    Run;
+    end;
+end.
+{$endif ALLPACKAGES}

packages/gnutls/src/gnutls.pp

@@ -0,0 +1,3314 @@
+{
+    This file is part of the Free Pascal run time library.
+    Copyright (c) 2019 by Michael Van Canneyt and Silvio Clecio (silvioprog),
+    members of the Free Pascal development team
+
+    Low-level binding for GnuTLS library.
+
+    See the file COPYING.FPC, included in this distribution,
+    for details about the copyright.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+ **********************************************************************}
+
+{$mode objfpc}
+
+unit gnutls;
+
+interface
+
+uses ctypes;
+
+{
+  Automatically converted by H2Pas 1.0.0 from gnutls.c
+  The following command line parameters were used:
+    -D
+    -l
+    libgnutls.so
+    -o
+    gnutls.pp
+    -u
+    gnutls
+    -T
+    -P
+    -p
+    -c
+    -e
+    gnutls.c
+}
+
+const
+  LibGnuTLS ='libgnutls.so'; {Setup as you need}
+
+
+{ Converted enums}
+Const
+  // Tgnutls_cipher_algorithm
+  
+  GNUTLS_CIPHER_UNKNOWN = 0;
+  GNUTLS_CIPHER_NULL = 1;
+  GNUTLS_CIPHER_ARCFOUR_128 = 2;
+  GNUTLS_CIPHER_3DES_CBC = 3;
+  GNUTLS_CIPHER_AES_128_CBC = 4;
+  GNUTLS_CIPHER_AES_256_CBC = 5;
+  GNUTLS_CIPHER_ARCFOUR_40 = 6;
+  GNUTLS_CIPHER_CAMELLIA_128_CBC = 7;
+  GNUTLS_CIPHER_CAMELLIA_256_CBC = 8;
+  GNUTLS_CIPHER_AES_192_CBC = 9;
+  GNUTLS_CIPHER_AES_128_GCM = 10;
+  GNUTLS_CIPHER_AES_256_GCM = 11;
+  GNUTLS_CIPHER_CAMELLIA_192_CBC = 12;
+  GNUTLS_CIPHER_SALSA20_256 = 13;
+  GNUTLS_CIPHER_ESTREAM_SALSA20_256 = 14;
+  GNUTLS_CIPHER_CAMELLIA_128_GCM = 15;
+  GNUTLS_CIPHER_CAMELLIA_256_GCM = 16;
+  GNUTLS_CIPHER_RC2_40_CBC = 17;
+  GNUTLS_CIPHER_DES_CBC = 18;
+  GNUTLS_CIPHER_AES_128_CCM = 19;
+  GNUTLS_CIPHER_AES_256_CCM = 20;
+  GNUTLS_CIPHER_AES_128_CCM_8 = 21;
+  GNUTLS_CIPHER_AES_256_CCM_8 = 22;
+  GNUTLS_CIPHER_CHACHA20_POLY1305 = 23;
+  GNUTLS_CIPHER_IDEA_PGP_CFB = 200;
+  GNUTLS_CIPHER_3DES_PGP_CFB = 201;
+  GNUTLS_CIPHER_CAST5_PGP_CFB = 202;
+  GNUTLS_CIPHER_BLOWFISH_PGP_CFB = 203;
+  GNUTLS_CIPHER_SAFER_SK128_PGP_CFB = 204;
+  GNUTLS_CIPHER_AES128_PGP_CFB = 205;
+  GNUTLS_CIPHER_AES192_PGP_CFB = 206;
+  GNUTLS_CIPHER_AES256_PGP_CFB = 207;
+  GNUTLS_CIPHER_TWOFISH_PGP_CFB = 208;
+
+
+  // gnutls_kx_algorithm_t ;
+
+  GNUTLS_KX_UNKNOWN = 0;
+  GNUTLS_KX_RSA = 1;
+  GNUTLS_KX_DHE_DSS = 2;
+  GNUTLS_KX_DHE_RSA = 3;
+  GNUTLS_KX_ANON_DH = 4;
+  GNUTLS_KX_SRP = 5;
+  GNUTLS_KX_RSA_EXPORT = 6;
+  GNUTLS_KX_SRP_RSA = 7;
+  GNUTLS_KX_SRP_DSS = 8;
+  GNUTLS_KX_PSK = 9;
+  GNUTLS_KX_DHE_PSK = 10;
+  GNUTLS_KX_ANON_ECDH = 11;
+  GNUTLS_KX_ECDHE_RSA = 12;
+  GNUTLS_KX_ECDHE_ECDSA = 13;
+  GNUTLS_KX_ECDHE_PSK = 14;
+  GNUTLS_KX_RSA_PSK = 15;
+
+  // Init options
+  GNUTLS_SERVER                = 1;
+  GNUTLS_CLIENT                = (1 shl 1);
+  GNUTLS_DATAGRAM              = (1 shl 2);
+  GNUTLS_NONBLOCK              = (1 shl 3);
+  GNUTLS_NO_EXTENSIONS         = (1 shl 4);
+  GNUTLS_NO_REPLAY_PROTECTION  = (1 shl 5);
+  GNUTLS_NO_SIGNAL             = (1 shl 6);
+
+  GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT = cardinal(-1);
+
+  // gnutls_params_type_t
+  GNUTLS_PARAMS_RSA_EXPORT = 1;
+  GNUTLS_PARAMS_DH = 2;
+  GNUTLS_PARAMS_ECDH = 3;
+
+  // gnutls_credentials_type_t
+  GNUTLS_CRD_CERTIFICATE = 1;
+  GNUTLS_CRD_ANON = 2;
+  GNUTLS_CRD_SRP = 3;
+  GNUTLS_CRD_PSK = 4;
+  GNUTLS_CRD_IA = 5;
+
+  // gnutls_mac_algorithm_t
+  GNUTLS_MAC_UNKNOWN = 0;
+  GNUTLS_MAC_NULL = 1;
+  GNUTLS_MAC_MD5 = 2;
+  GNUTLS_MAC_SHA1 = 3;
+  GNUTLS_MAC_RMD160 = 4;
+  GNUTLS_MAC_MD2 = 5;
+  GNUTLS_MAC_SHA256 = 6;
+  GNUTLS_MAC_SHA384 = 7;
+  GNUTLS_MAC_SHA512 = 8;
+  GNUTLS_MAC_SHA224 = 9;
+  GNUTLS_MAC_AEAD = 200;
+  GNUTLS_MAC_UMAC_96 = 201;
+  GNUTLS_MAC_UMAC_128 = 202;
+
+  // gnutls_digest_algorithm_t
+  GNUTLS_DIG_UNKNOWN = GNUTLS_MAC_UNKNOWN;
+  GNUTLS_DIG_NULL = GNUTLS_MAC_NULL;
+  GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5;
+  GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1;
+  GNUTLS_DIG_RMD160 = GNUTLS_MAC_RMD160;
+  GNUTLS_DIG_MD2 = GNUTLS_MAC_MD2;
+  GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256;
+  GNUTLS_DIG_SHA384 = GNUTLS_MAC_SHA384;
+  GNUTLS_DIG_SHA512 = GNUTLS_MAC_SHA512;
+  GNUTLS_DIG_SHA224 = GNUTLS_MAC_SHA224;
+
+  // gnutls_compression_method_t
+  GNUTLS_COMP_UNKNOWN = 0;
+  GNUTLS_COMP_NULL = 1;
+  GNUTLS_COMP_DEFLATE = 2;
+  GNUTLS_COMP_ZLIB = GNUTLS_COMP_DEFLATE;
+
+  // gnutls_alert_level_t
+  GNUTLS_AL_WARNING = 1;
+  GNUTLS_AL_FATAL = 2;
+
+  // gnutls_alert_description_t ;
+  GNUTLS_A_CLOSE_NOTIFY = 0;
+  GNUTLS_A_UNEXPECTED_MESSAGE = 10;
+  GNUTLS_A_BAD_RECORD_MAC = 20;
+  GNUTLS_A_DECRYPTION_FAILED = 21;
+  GNUTLS_A_RECORD_OVERFLOW = 22;
+  GNUTLS_A_DECOMPRESSION_FAILURE = 30;
+  GNUTLS_A_HANDSHAKE_FAILURE = 40;
+  GNUTLS_A_SSL3_NO_CERTIFICATE = 41;
+  GNUTLS_A_BAD_CERTIFICATE = 42;
+  GNUTLS_A_UNSUPPORTED_CERTIFICATE = 43;
+  GNUTLS_A_CERTIFICATE_REVOKED = 44;
+  GNUTLS_A_CERTIFICATE_EXPIRED = 45;
+  GNUTLS_A_CERTIFICATE_UNKNOWN = 46;
+  GNUTLS_A_ILLEGAL_PARAMETER = 47;
+  GNUTLS_A_UNKNOWN_CA = 48;
+  GNUTLS_A_ACCESS_DENIED = 49;
+  GNUTLS_A_DECODE_ERROR = 50;
+  GNUTLS_A_DECRYPT_ERROR = 51;
+  GNUTLS_A_EXPORT_RESTRICTION = 60;
+  GNUTLS_A_PROTOCOL_VERSION = 70;
+  GNUTLS_A_INSUFFICIENT_SECURITY = 71;
+  GNUTLS_A_INTERNAL_ERROR = 80;
+  GNUTLS_A_INAPPROPRIATE_FALLBACK = 86;
+  GNUTLS_A_USER_CANCELED = 90;
+  GNUTLS_A_NO_RENEGOTIATION = 100;
+  GNUTLS_A_UNSUPPORTED_EXTENSION = 110;
+  GNUTLS_A_CERTIFICATE_UNOBTAINABLE = 111;
+  GNUTLS_A_UNRECOGNIZED_NAME = 112;
+  GNUTLS_A_UNKNOWN_PSK_IDENTITY = 115;
+  GNUTLS_A_NO_APPLICATION_PROTOCOL = 120;
+
+  // gnutls_handshake_description_t
+
+  GNUTLS_HANDSHAKE_HELLO_REQUEST = 0;
+  GNUTLS_HANDSHAKE_CLIENT_HELLO = 1;
+  GNUTLS_HANDSHAKE_SERVER_HELLO = 2;
+  GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST = 3;
+  GNUTLS_HANDSHAKE_NEW_SESSION_TICKET = 4;
+  GNUTLS_HANDSHAKE_CERTIFICATE_PKT = 11;
+  GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE = 12;
+  GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST = 13;
+  GNUTLS_HANDSHAKE_SERVER_HELLO_DONE = 14;
+  GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY = 15;
+  GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE = 16;
+  GNUTLS_HANDSHAKE_FINISHED = 20;
+  GNUTLS_HANDSHAKE_CERTIFICATE_STATUS = 22;
+  GNUTLS_HANDSHAKE_SUPPLEMENTAL = 23;
+  GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC = 254;
+  GNUTLS_HANDSHAKE_CLIENT_HELLO_V2 = 1024;
+
+  // gnutls_certificate_status_t
+  GNUTLS_CERT_INVALID = 1 shl 1;
+  GNUTLS_CERT_REVOKED = 1 shl 5;
+  GNUTLS_CERT_SIGNER_NOT_FOUND = 1 shl 6;
+  GNUTLS_CERT_SIGNER_NOT_CA = 1 shl 7;
+  GNUTLS_CERT_INSECURE_ALGORITHM = 1 shl 8;
+  GNUTLS_CERT_NOT_ACTIVATED = 1 shl 9;
+  GNUTLS_CERT_EXPIRED = 1 shl 10;
+  GNUTLS_CERT_SIGNATURE_FAILURE = 1 shl 11;
+  GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED = 1 shl 12;
+  GNUTLS_CERT_UNEXPECTED_OWNER = 1 shl 14;
+  GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE = 1 shl 15;
+  GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE = 1 shl 16;
+  GNUTLS_CERT_MISMATCH = 1 shl 17;
+  GNUTLS_CERT_PURPOSE_MISMATCH = 1 shl 18;
+
+  // gnutls_certificate_request_t
+  GNUTLS_CERT_IGNORE = 0;
+  GNUTLS_CERT_REQUEST = 1;
+  GNUTLS_CERT_REQUIRE = 2;
+
+  // gnutls_openpgp_crt_status_t
+  GNUTLS_OPENPGP_CERT = 0;
+  GNUTLS_OPENPGP_CERT_FINGERPRINT = 1;
+
+  // gnutls_close_request_t
+  GNUTLS_SHUT_RDWR = 0;
+  GNUTLS_SHUT_WR = 1;
+
+  // gnutls_protocol_t
+  GNUTLS_SSL3 = 1;
+  GNUTLS_TLS1_0 = 2;
+  GNUTLS_TLS1 = GNUTLS_TLS1_0;
+  GNUTLS_TLS1_1 = 3;
+  GNUTLS_TLS1_2 = 4;
+  GNUTLS_DTLS0_9 = 200;
+  GNUTLS_DTLS1_0 = 201;
+  GNUTLS_DTLS1_2 = 202;
+  GNUTLS_DTLS_VERSION_MIN = GNUTLS_DTLS0_9;
+  GNUTLS_DTLS_VERSION_MAX = GNUTLS_DTLS1_2;
+  GNUTLS_TLS_VERSION_MAX = GNUTLS_TLS1_2;
+  GNUTLS_VERSION_UNKNOWN = $ff;
+
+  // gnutls_certificate_type_t
+  GNUTLS_CRT_UNKNOWN = 0;
+  GNUTLS_CRT_X509 = 1;
+  GNUTLS_CRT_OPENPGP = 2;
+  GNUTLS_CRT_RAW = 3;
+
+  // gnutls_x509_crt_fmt_t
+  GNUTLS_X509_FMT_DER = 0;
+  GNUTLS_X509_FMT_PEM = 1;
+
+  // gnutls_certificate_print_formats
+  GNUTLS_CRT_PRINT_FULL = 0;
+  GNUTLS_CRT_PRINT_ONELINE = 1;
+  GNUTLS_CRT_PRINT_UNSIGNED_FULL = 2;
+  GNUTLS_CRT_PRINT_COMPACT = 3;
+  GNUTLS_CRT_PRINT_FULL_NUMBERS = 4;
+
+  // gnutls_pk_algorithm_t
+  GNUTLS_PK_UNKNOWN = 0;
+  GNUTLS_PK_RSA = 1;
+  GNUTLS_PK_DSA = 2;
+  GNUTLS_PK_DH = 3;
+  GNUTLS_PK_EC = 4;
+
+  // gnutls_sign_algorithm_t
+  GNUTLS_SIGN_UNKNOWN = 0;
+  GNUTLS_SIGN_RSA_SHA1 = 1;
+  GNUTLS_SIGN_RSA_SHA = GNUTLS_SIGN_RSA_SHA1;
+  GNUTLS_SIGN_DSA_SHA1 = 2;
+  GNUTLS_SIGN_DSA_SHA = GNUTLS_SIGN_DSA_SHA1;
+  GNUTLS_SIGN_RSA_MD5 = 3;
+  GNUTLS_SIGN_RSA_MD2 = 4;
+  GNUTLS_SIGN_RSA_RMD160 = 5;
+  GNUTLS_SIGN_RSA_SHA256 = 6;
+  GNUTLS_SIGN_RSA_SHA384 = 7;
+  GNUTLS_SIGN_RSA_SHA512 = 8;
+  GNUTLS_SIGN_RSA_SHA224 = 9;
+  GNUTLS_SIGN_DSA_SHA224 = 10;
+  GNUTLS_SIGN_DSA_SHA256 = 11;
+  GNUTLS_SIGN_ECDSA_SHA1 = 12;
+  GNUTLS_SIGN_ECDSA_SHA224 = 13;
+  GNUTLS_SIGN_ECDSA_SHA256 = 14;
+  GNUTLS_SIGN_ECDSA_SHA384 = 15;
+  GNUTLS_SIGN_ECDSA_SHA512 = 16;
+  GNUTLS_SIGN_DSA_SHA384 = 17;
+  GNUTLS_SIGN_DSA_SHA512 = 18;
+
+  // gnutls_ecc_curve_t
+  GNUTLS_ECC_CURVE_INVALID = 0;
+  GNUTLS_ECC_CURVE_SECP224R1 = 1;
+  GNUTLS_ECC_CURVE_SECP256R1 = 2;
+  GNUTLS_ECC_CURVE_SECP384R1 = 3;
+  GNUTLS_ECC_CURVE_SECP521R1 = 4;
+  GNUTLS_ECC_CURVE_SECP192R1 = 5;
+
+  // Tgnutls_sec_param_t
+  GNUTLS_SEC_PARAM_UNKNOWN = 0;
+  GNUTLS_SEC_PARAM_INSECURE = 5;
+  GNUTLS_SEC_PARAM_EXPORT = 10;
+  GNUTLS_SEC_PARAM_VERY_WEAK = 15;
+  GNUTLS_SEC_PARAM_WEAK = 20;
+  GNUTLS_SEC_PARAM_LOW = 25;
+  GNUTLS_SEC_PARAM_LEGACY = 30;
+  GNUTLS_SEC_PARAM_MEDIUM = 35;
+  GNUTLS_SEC_PARAM_HIGH = 40;
+  GNUTLS_SEC_PARAM_ULTRA = 45;
+  GNUTLS_SEC_PARAM_FUTURE = 50;
+
+  // gnutls_channel_binding_t
+  GNUTLS_CB_TLS_UNIQUE = 0;
+
+  // gnutls_server_name_type_t
+  GNUTLS_NAME_DNS = 1;
+
+  // gnutls_supplemental_data_format_type_t
+  GNUTLS_SUPPLEMENTAL_UNKNOWN = 0;
+
+  // gnutls_srtp_profile_t
+  GNUTLS_SRTP_AES128_CM_HMAC_SHA1_80 = $0001;
+  GNUTLS_SRTP_AES128_CM_HMAC_SHA1_32 = $0002;
+  GNUTLS_SRTP_NULL_HMAC_SHA1_80 = $0005;
+  GNUTLS_SRTP_NULL_HMAC_SHA1_32 = $0006;
+
+  // gnutls_vdata_types_t
+  GNUTLS_DT_UNKNOWN = 0;
+  GNUTLS_DT_DNS_HOSTNAME = 1;
+  GNUTLS_DT_KEY_PURPOSE_OID = 2;
+  GNUTLS_DT_RFC822NAME = 3;
+
+  // gnutls_certificate_flags
+  GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH = 1;
+
+  // gnutls_random_art
+  GNUTLS_RANDOM_ART_OPENSSH = 1;
+
+  // gnutls_psk_key_flags
+  GNUTLS_PSK_KEY_RAW = 0;
+  GNUTLS_PSK_KEY_HEX = 1;
+  // gnutls_privkey_type_t
+  GNUTLS_PRIVKEY_X509 = 0;
+  GNUTLS_PRIVKEY_OPENPGP = 1;
+  GNUTLS_PRIVKEY_PKCS11 = 2;
+  GNUTLS_PRIVKEY_EXT = 3;
+
+  // gnutls_x509_subject_alt_name_t
+  GNUTLS_SAN_DNSNAME = 1;
+  GNUTLS_SAN_RFC822NAME = 2;
+  GNUTLS_SAN_URI = 3;
+  GNUTLS_SAN_IPADDRESS = 4;
+  GNUTLS_SAN_OTHERNAME = 5;
+  GNUTLS_SAN_DN = 6;
+  GNUTLS_SAN_OTHERNAME_XMPP = 1000;
+
+  // gnutls_pin_flag_t
+  GNUTLS_PIN_USER = 1 shl 0;
+  GNUTLS_PIN_SO = 1 shl 1;
+  GNUTLS_PIN_FINAL_TRY = 1 shl 2;
+  GNUTLS_PIN_COUNT_LOW = 1 shl 3;
+  GNUTLS_PIN_CONTEXT_SPECIFIC = 1 shl 4;
+  GNUTLS_PIN_WRONG = 1 shl 5;
+
+  // gnutls_ext_parse_type_t
+  GNUTLS_EXT_ANY = 0;
+  GNUTLS_EXT_APPLICATION = 1;
+  GNUTLS_EXT_TLS = 2;
+  GNUTLS_EXT_MANDATORY = 3;
+  GNUTLS_EXT_NONE = 4;
+
+
+  // GNU TLS Error codes
+  GNUTLS_E_SUCCESS = 0;
+
+  GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM= -3;
+  GNUTLS_E_UNKNOWN_CIPHER_TYPE =-6;
+  GNUTLS_E_LARGE_PACKET =-7;
+  GNUTLS_E_UNSUPPORTED_VERSION_PACKET =-8;
+  GNUTLS_E_UNEXPECTED_PACKET_LENGTH =-9;
+  GNUTLS_E_INVALID_SESSION =-10;
+  GNUTLS_E_FATAL_ALERT_RECEIVED =-12;
+  GNUTLS_E_UNEXPECTED_PACKET =-15;
+  GNUTLS_E_WARNING_ALERT_RECEIVED= -16;
+  GNUTLS_E_ERROR_IN_FINISHED_PACKET= -18;
+  GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET= -19;
+  GNUTLS_E_UNKNOWN_CIPHER_SUITE= -21;
+  GNUTLS_E_UNWANTED_ALGORITHM= -22;
+  GNUTLS_E_MPI_SCAN_FAILED= -23;
+  GNUTLS_E_DECRYPTION_FAILED= -24;
+  GNUTLS_E_MEMORY_ERROR =-25;
+  GNUTLS_E_DECOMPRESSION_FAILED =-26;
+  GNUTLS_E_COMPRESSION_FAILED= -27;
+  GNUTLS_E_AGAIN= -28;
+  GNUTLS_E_EXPIRED =-29;
+  GNUTLS_E_DB_ERROR =-30;
+  GNUTLS_E_SRP_PWD_ERROR =-31;
+  GNUTLS_E_INSUFFICIENT_CREDENTIALS =-32;
+  GNUTLS_E_INSUFICIENT_CREDENTIALS =GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+  GNUTLS_E_INSUFFICIENT_CRED =GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+  GNUTLS_E_INSUFICIENT_CRED =GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+
+  GNUTLS_E_HASH_FAILED =-33;
+  GNUTLS_E_BASE64_DECODING_ERROR =-34;
+
+  GNUTLS_E_MPI_PRINT_FAILED =-35;
+  GNUTLS_E_REHANDSHAKE =-37;
+  GNUTLS_E_GOT_APPLICATION_DATA =-38;
+  GNUTLS_E_RECORD_LIMIT_REACHED =-39;
+  GNUTLS_E_ENCRYPTION_FAILED= -40;
+
+  GNUTLS_E_PK_ENCRYPTION_FAILED =-44;
+  GNUTLS_E_PK_DECRYPTION_FAILED =-45;
+  GNUTLS_E_PK_SIGN_FAILED =-46;
+  GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION =-47;
+  GNUTLS_E_KEY_USAGE_VIOLATION =-48;
+  GNUTLS_E_NO_CERTIFICATE_FOUND =-49;
+  GNUTLS_E_INVALID_REQUEST= -50;
+  GNUTLS_E_SHORT_MEMORY_BUFFER =-51;
+  GNUTLS_E_INTERRUPTED =-52;
+  GNUTLS_E_PUSH_ERROR =-53;
+  GNUTLS_E_PULL_ERROR =-54;
+  GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER =-55;
+  GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE =-56;
+  GNUTLS_E_PKCS1_WRONG_PAD =-57;
+  GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION =-58;
+  GNUTLS_E_INTERNAL_ERROR =-59;
+  GNUTLS_E_DH_PRIME_UNACCEPTABLE =-63;
+  GNUTLS_E_FILE_ERROR =-64;
+  GNUTLS_E_TOO_MANY_EMPTY_PACKETS= -78;
+  GNUTLS_E_UNKNOWN_PK_ALGORITHM =-80;
+  GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS =-81;
+
+  GNUTLS_E_NO_TEMPORARY_RSA_PARAMS = -(84);
+  GNUTLS_E_NO_COMPRESSION_ALGORITHMS = -(86);
+  GNUTLS_E_NO_CIPHER_SUITES = -(87);
+  GNUTLS_E_OPENPGP_GETKEY_FAILED = -(88);
+  GNUTLS_E_PK_SIG_VERIFY_FAILED = -(89);
+  GNUTLS_E_ILLEGAL_SRP_USERNAME = -(90);
+  GNUTLS_E_SRP_PWD_PARSING_ERROR = -(91);
+  GNUTLS_E_NO_TEMPORARY_DH_PARAMS = -(93);
+
+  { For certificate and key stuff }
+  GNUTLS_E_ASN1_ELEMENT_NOT_FOUND = -(67);
+  GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND = -(68);
+  GNUTLS_E_ASN1_DER_ERROR = -(69);
+  GNUTLS_E_ASN1_VALUE_NOT_FOUND = -(70);
+  GNUTLS_E_ASN1_GENERIC_ERROR = -(71);
+  GNUTLS_E_ASN1_VALUE_NOT_VALID = -(72);
+  GNUTLS_E_ASN1_TAG_ERROR = -(73);
+  GNUTLS_E_ASN1_TAG_IMPLICIT = -(74);
+  GNUTLS_E_ASN1_TYPE_ANY_ERROR = -(75);
+  GNUTLS_E_ASN1_SYNTAX_ERROR = -(76);
+  GNUTLS_E_ASN1_DER_OVERFLOW = -(77);
+  GNUTLS_E_OPENPGP_UID_REVOKED = -(79);
+  GNUTLS_E_CERTIFICATE_ERROR = -(43);
+  GNUTLS_E_X509_CERTIFICATE_ERROR = GNUTLS_E_CERTIFICATE_ERROR;
+  GNUTLS_E_CERTIFICATE_KEY_MISMATCH = -(60);
+
+  { GNUTLS_A_UNSUPPORTED_CERTIFICATE  }
+  GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE = -(61);
+  GNUTLS_E_X509_UNKNOWN_SAN = -(62);
+  GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED = -(94);
+  GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE = -(95);
+  GNUTLS_E_UNKNOWN_HASH_ALGORITHM = -(96);
+  GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE = -(97);
+  GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE = -(98);
+  GNUTLS_E_INVALID_PASSWORD = -(99);
+
+  { for PKCS #12 MAC  }
+  GNUTLS_E_MAC_VERIFY_FAILED = -(100);
+  GNUTLS_E_CONSTRAINT_ERROR = -(101);
+  GNUTLS_E_WARNING_IA_IPHF_RECEIVED = -(102);
+  GNUTLS_E_WARNING_IA_FPHF_RECEIVED = -(103);
+  GNUTLS_E_IA_VERIFY_FAILED = -(104);
+  GNUTLS_E_UNKNOWN_ALGORITHM = -(105);
+  GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM = -(106);
+  GNUTLS_E_SAFE_RENEGOTIATION_FAILED = -(107);
+  GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED = -(108);
+  GNUTLS_E_UNKNOWN_SRP_USERNAME = -(109);
+  GNUTLS_E_PREMATURE_TERMINATION = -(110);
+  GNUTLS_E_BASE64_ENCODING_ERROR = -(201);
+
+  { obsolete  }
+  GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY = -(202);
+  GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY = -(202);
+  GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY = -(203);
+  GNUTLS_E_OPENPGP_KEYRING_ERROR = -(204);
+  GNUTLS_E_X509_UNSUPPORTED_OID = -(205);
+  GNUTLS_E_RANDOM_FAILED = -(206);
+  GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR = -(207);
+  GNUTLS_E_OPENPGP_SUBKEY_ERROR = -(208);
+  GNUTLS_E_ALREADY_REGISTERED = -(209);
+  GNUTLS_E_CRYPTO_ALREADY_REGISTERED = GNUTLS_E_ALREADY_REGISTERED;
+  GNUTLS_E_HANDSHAKE_TOO_LARGE = -(210);
+  GNUTLS_E_CRYPTODEV_IOCTL_ERROR = -(211);
+  GNUTLS_E_CRYPTODEV_DEVICE_ERROR = -(212);
+  GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE = -(213);
+  GNUTLS_E_BAD_COOKIE = -(214);
+  GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR = -(215);
+  GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL = -(216);
+  GNUTLS_E_INSUFFICIENT_SECURITY = -(217);
+  GNUTLS_E_HEARTBEAT_PONG_RECEIVED = -(292);
+  GNUTLS_E_HEARTBEAT_PING_RECEIVED = -(293);
+
+  { PKCS11 related  }
+  GNUTLS_E_PKCS11_ERROR = -(300);
+  GNUTLS_E_PKCS11_LOAD_ERROR = -(301);
+  GNUTLS_E_PARSING_ERROR = -(302);
+  GNUTLS_E_PKCS11_PIN_ERROR = -(303);
+  GNUTLS_E_PKCS11_SLOT_ERROR = -(305);
+  GNUTLS_E_LOCKING_ERROR = -(306);
+  GNUTLS_E_PKCS11_ATTRIBUTE_ERROR = -(307);
+  GNUTLS_E_PKCS11_DEVICE_ERROR = -(308);
+  GNUTLS_E_PKCS11_DATA_ERROR = -(309);
+  GNUTLS_E_PKCS11_UNSUPPORTED_FEATURE_ERROR = -(310);
+  GNUTLS_E_PKCS11_KEY_ERROR = -(311);
+  GNUTLS_E_PKCS11_PIN_EXPIRED = -(312);
+  GNUTLS_E_PKCS11_PIN_LOCKED = -(313);
+  GNUTLS_E_PKCS11_SESSION_ERROR = -(314);
+  GNUTLS_E_PKCS11_SIGNATURE_ERROR = -(315);
+  GNUTLS_E_PKCS11_TOKEN_ERROR = -(316);
+  GNUTLS_E_PKCS11_USER_ERROR = -(317);
+  GNUTLS_E_CRYPTO_INIT_FAILED = -(318);
+  GNUTLS_E_TIMEDOUT = -(319);
+  GNUTLS_E_USER_ERROR = -(320);
+  GNUTLS_E_ECC_NO_SUPPORTED_CURVES = -(321);
+  GNUTLS_E_ECC_UNSUPPORTED_CURVE = -(322);
+  GNUTLS_E_PKCS11_REQUESTED_OBJECT_NOT_AVAILBLE = -(323);
+  GNUTLS_E_CERTIFICATE_LIST_UNSORTED = -(324);
+  GNUTLS_E_ILLEGAL_PARAMETER = -(325);
+  GNUTLS_E_NO_PRIORITIES_WERE_SET = -(326);
+  GNUTLS_E_X509_UNSUPPORTED_EXTENSION = -(327);
+  GNUTLS_E_SESSION_EOF = -(328);
+  GNUTLS_E_TPM_ERROR = -(329);
+  GNUTLS_E_TPM_KEY_PASSWORD_ERROR = -(330);
+  GNUTLS_E_TPM_SRK_PASSWORD_ERROR = -(331);
+  GNUTLS_E_TPM_SESSION_ERROR = -(332);
+  GNUTLS_E_TPM_KEY_NOT_FOUND = -(333);
+  GNUTLS_E_TPM_UNINITIALIZED = -(334);
+  GNUTLS_E_TPM_NO_LIB = -(335);
+  GNUTLS_E_NO_CERTIFICATE_STATUS = -(340);
+  GNUTLS_E_OCSP_RESPONSE_ERROR = -(341);
+  GNUTLS_E_RANDOM_DEVICE_ERROR = -(342);
+  GNUTLS_E_AUTH_ERROR = -(343);
+  GNUTLS_E_NO_APPLICATION_PROTOCOL = -(344);
+  GNUTLS_E_SOCKETS_INIT_ERROR = -(345);
+  GNUTLS_E_KEY_IMPORT_FAILED = -(346);
+  {GNUTLS_A_INAPPROPRIATE_FALLBACK }
+  GNUTLS_E_INAPPROPRIATE_FALLBACK = -(347);
+  GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR = -(348);
+  GNUTLS_E_SELF_TEST_ERROR = -(400);
+  GNUTLS_E_NO_SELF_TEST = -(401);
+  GNUTLS_E_LIB_IN_ERROR_STATE = -(402);
+  GNUTLS_E_PK_GENERATION_ERROR = -(403);
+  GNUTLS_E_IDNA_ERROR = -(404);
+  GNUTLS_E_NEED_FALLBACK = -(405);
+  GNUTLS_E_UNIMPLEMENTED_FEATURE = -(1250);
+  GNUTLS_E_APPLICATION_ERROR_MAX = -(65000);
+  GNUTLS_E_APPLICATION_ERROR_MIN = -(65500);
+const
+  GNUTLS_OID_X520_COUNTRY_NAME = '2.5.4.6';
+  GNUTLS_OID_X520_ORGANIZATION_NAME = '2.5.4.10';
+  GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME = '2.5.4.11';
+  GNUTLS_OID_X520_COMMON_NAME = '2.5.4.3';
+  GNUTLS_OID_X520_LOCALITY_NAME = '2.5.4.7';
+  GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME = '2.5.4.8';
+  GNUTLS_OID_X520_INITIALS = '2.5.4.43';
+  GNUTLS_OID_X520_GENERATION_QUALIFIER = '2.5.4.44';
+  GNUTLS_OID_X520_SURNAME = '2.5.4.4';
+  GNUTLS_OID_X520_GIVEN_NAME = '2.5.4.42';
+  GNUTLS_OID_X520_TITLE = '2.5.4.12';
+  GNUTLS_OID_X520_DN_QUALIFIER = '2.5.4.46';
+  GNUTLS_OID_X520_PSEUDONYM = '2.5.4.65';
+  GNUTLS_OID_X520_POSTALCODE = '2.5.4.17';
+  GNUTLS_OID_X520_NAME = '2.5.4.41';
+  GNUTLS_OID_LDAP_DC = '0.9.2342.19200300.100.1.25';
+  GNUTLS_OID_LDAP_UID = '0.9.2342.19200300.100.1.1';
+  GNUTLS_OID_PKCS9_EMAIL = '1.2.840.113549.1.9.1';
+  GNUTLS_OID_PKIX_DATE_OF_BIRTH = '1.3.6.1.5.5.7.9.1';
+  GNUTLS_OID_PKIX_PLACE_OF_BIRTH = '1.3.6.1.5.5.7.9.2';
+  GNUTLS_OID_PKIX_GENDER = '1.3.6.1.5.5.7.9.3';
+  GNUTLS_OID_PKIX_COUNTRY_OF_CITIZENSHIP = '1.3.6.1.5.5.7.9.4';
+  GNUTLS_OID_PKIX_COUNTRY_OF_RESIDENCE = '1.3.6.1.5.5.7.9.5';
+  GNUTLS_KP_TLS_WWW_SERVER = '1.3.6.1.5.5.7.3.1';
+  GNUTLS_KP_TLS_WWW_CLIENT = '1.3.6.1.5.5.7.3.2';
+  GNUTLS_KP_CODE_SIGNING = '1.3.6.1.5.5.7.3.3';
+  GNUTLS_KP_MS_SMART_CARD_LOGON = '1.3.6.1.4.1.311.20.2.2';
+  GNUTLS_KP_EMAIL_PROTECTION = '1.3.6.1.5.5.7.3.4';
+  GNUTLS_KP_TIME_STAMPING = '1.3.6.1.5.5.7.3.8';
+  GNUTLS_KP_OCSP_SIGNING = '1.3.6.1.5.5.7.3.9';
+  GNUTLS_KP_IPSEC_IKE = '1.3.6.1.5.5.7.3.17';
+  GNUTLS_KP_ANY = '2.5.29.37.0';
+  GNUTLS_OID_AIA = '1.3.6.1.5.5.7.1.1';
+  GNUTLS_OID_AD_OCSP = '1.3.6.1.5.5.7.48.1';
+  GNUTLS_OID_AD_CAISSUERS = '1.3.6.1.5.5.7.48.2';
+  GNUTLS_FSAN_SET = 0;
+  GNUTLS_FSAN_APPEND = 1;
+  GNUTLS_X509EXT_OID_SUBJECT_KEY_ID = '2.5.29.14';
+  GNUTLS_X509EXT_OID_KEY_USAGE = '2.5.29.15';
+  GNUTLS_X509EXT_OID_PRIVATE_KEY_USAGE_PERIOD = '2.5.29.16';
+  GNUTLS_X509EXT_OID_SAN = '2.5.29.17';
+  GNUTLS_X509EXT_OID_IAN = '2.5.29.18';
+  GNUTLS_X509EXT_OID_BASIC_CONSTRAINTS = '2.5.29.19';
+  GNUTLS_X509EXT_OID_NAME_CONSTRAINTS = '2.5.29.30';
+  GNUTLS_X509EXT_OID_CRL_DIST_POINTS = '2.5.29.31';
+  GNUTLS_X509EXT_OID_CRT_POLICY = '2.5.29.32';
+  GNUTLS_X509EXT_OID_AUTHORITY_KEY_ID = '2.5.29.35';
+  GNUTLS_X509EXT_OID_EXTENDED_KEY_USAGE = '2.5.29.37';
+  GNUTLS_X509EXT_OID_AUTHORITY_INFO_ACCESS = '1.3.6.1.5.5.7.1.1';
+  GNUTLS_X509EXT_OID_PROXY_CRT_INFO = '1.3.6.1.5.5.7.1.14';
+  GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND = 1;
+
+{ was #define dname def_expr }
+  GNUTLS_MAX_QUALIFIERS = 8;
+  GNUTLS_X509_DN_OID_RETURN_OID = 1;
+  GNUTLS_VFLAGS_PROFILE_MASK = $ff000000;
+
+  GNUTLS_TL_VERIFY_CRL = 1;
+  GNUTLS_TL_USE_IN_TLS = 1 shl 1;
+  GNUTLS_TL_NO_DUPLICATES = 1 shl 2;
+  GNUTLS_TL_NO_DUPLICATE_KEY = 1 shl 3;
+  GNUTLS_TL_GET_COPY = 1 shl 4;
+
+  GNUTLS_PKCS7_ATTR_ENCODE_OCTET_STRING = 1;
+
+  //gnutls_info_access_what_t =  Longint;
+  GNUTLS_IA_ACCESSMETHOD_OID = 1;
+  GNUTLS_IA_ACCESSLOCATION_GENERALNAME_TYPE = 2;
+  GNUTLS_IA_URI = 106;
+  GNUTLS_IA_UNKNOWN = 10000;
+  GNUTLS_IA_OCSP_URI = 10006;
+  GNUTLS_IA_CAISSUERS_URI = 10106;
+
+  // gnutls_x509_crl_reason_flags_t =  Longint;
+  GNUTLS_CRL_REASON_UNSPECIFIED = 0;
+  GNUTLS_CRL_REASON_PRIVILEGE_WITHDRAWN = 1;
+  GNUTLS_CRL_REASON_CERTIFICATE_HOLD = 2;
+  GNUTLS_CRL_REASON_CESSATION_OF_OPERATION = 4;
+  GNUTLS_CRL_REASON_SUPERSEDED = 8;
+  GNUTLS_CRL_REASON_AFFILIATION_CHANGED = 16;
+  GNUTLS_CRL_REASON_CA_COMPROMISE = 32;
+  GNUTLS_CRL_REASON_KEY_COMPROMISE = 64;
+  GNUTLS_CRL_REASON_UNUSED = 128;
+  GNUTLS_CRL_REASON_AA_COMPROMISE = 32768;
+  GNUTLS_CRL_REASON_SUPERSEEDED = GNUTLS_CRL_REASON_SUPERSEDED;
+
+  // gnutls_x509_qualifier_t =  Longint;
+  GNUTLS_X509_QUALIFIER_UNKNOWN = 0;
+  GNUTLS_X509_QUALIFIER_URI = 1;
+  GNUTLS_X509_QUALIFIER_NOTICE = 2;
+
+  // gnutls_certificate_verify_flags
+  GNUTLS_VERIFY_DISABLE_CA_SIGN = 1 shl 0;
+  GNUTLS_VERIFY_DO_NOT_ALLOW_SAME = 1 shl 2;
+  GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT = 1 shl 3;
+  GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 = 1 shl 4;
+  GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5 = 1 shl 5;
+  GNUTLS_VERIFY_DISABLE_TIME_CHECKS = 1 shl 6;
+  GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS = 1 shl 7;
+  GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT = 1 shl 8;
+  GNUTLS_VERIFY_DISABLE_CRL_CHECKS = 1 shl 9;
+  GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 shl 10;
+  GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 shl 11;
+  GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 shl 12;
+  GNUTLS_VERIFY_USE_TLS1_RSA = 1 shl 13;
+
+  GNUTLS_VERIFY_ALLOW_BROKEN = GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2 or GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
+
+  // gnutls_certificate_verification_profiles_t
+
+  GNUTLS_PROFILE_VERY_WEAK = 1;
+  GNUTLS_PROFILE_LOW = 2;
+  GNUTLS_PROFILE_LEGACY = 4;
+  GNUTLS_PROFILE_MEDIUM = 5;
+  GNUTLS_PROFILE_HIGH = 6;
+  GNUTLS_PROFILE_ULTRA = 7;
+  GNUTLS_PROFILE_SUITEB128 = 32;
+  GNUTLS_PROFILE_SUITEB192 = 33;
+
+  // gnutls_pkcs7_sign_flags
+
+  GNUTLS_PKCS7_EMBED_DATA = 1;
+  GNUTLS_PKCS7_INCLUDE_TIME = 1 shl 1;
+  GNUTLS_PKCS7_INCLUDE_CERT = 1 shl 2;
+  GNUTLS_PKCS7_WRITE_SPKI = 1 shl 3;
+
+  // gnutls_pkcs_encrypt_flags_t
+
+  GNUTLS_PKCS_PLAIN = 1;
+  GNUTLS_PKCS_PKCS12_3DES = 1 shl 1;
+  GNUTLS_PKCS_PKCS12_ARCFOUR = 1 shl 2;
+  GNUTLS_PKCS_PKCS12_RC2_40 = 1 shl 3;
+  GNUTLS_PKCS_PBES2_3DES = 1 shl 4;
+  GNUTLS_PKCS_PBES2_AES_128 = 1 shl 5;
+  GNUTLS_PKCS_PBES2_AES_192 = 1 shl 6;
+  GNUTLS_PKCS_PBES2_AES_256 = 1 shl 7;
+  GNUTLS_PKCS_NULL_PASSWORD = 1 shl 8;
+  GNUTLS_PKCS_PBES2_DES = 1 shl 9;
+  GNUTLS_PKCS8_PLAIN = GNUTLS_PKCS_PLAIN;
+
+  // gnutls_certificate_import_flags
+  GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED = 1;
+  GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED = 1 shl 1;
+  GNUTLS_X509_CRT_LIST_SORT = 1 shl 2;
+
+  // gnutls_keyid_flags_t
+
+  GNUTLS_KEYID_USE_SHA1 = 0;
+  GNUTLS_KEYID_USE_SHA256 = 1 shl 0;
+  GNUTLS_KEYID_USE_BEST_KNOWN = 1 shl 30;
+
+  GNUTLS_PKCS8_USE_PKCS12_3DES = GNUTLS_PKCS_PKCS12_3DES;
+  GNUTLS_PKCS8_USE_PKCS12_ARCFOUR = GNUTLS_PKCS_PKCS12_ARCFOUR;
+  GNUTLS_PKCS8_USE_PKCS12_RC2_40 = GNUTLS_PKCS_PKCS12_RC2_40;
+
+  GNUTLS_PKCS_USE_PKCS12_3DES = GNUTLS_PKCS_PKCS12_3DES;
+  GNUTLS_PKCS_USE_PKCS12_ARCFOUR = GNUTLS_PKCS_PKCS12_ARCFOUR;
+  GNUTLS_PKCS_USE_PKCS12_RC2_40 = GNUTLS_PKCS_PKCS12_RC2_40;
+  GNUTLS_PKCS_USE_PBES2_3DES = GNUTLS_PKCS_PBES2_3DES;
+  GNUTLS_PKCS_USE_PBES2_AES_128 = GNUTLS_PKCS_PBES2_AES_128;
+  GNUTLS_PKCS_USE_PBES2_AES_192 = GNUTLS_PKCS_PBES2_AES_192;
+  GNUTLS_PKCS_USE_PBES2_AES_256 = GNUTLS_PKCS_PBES2_AES_256;
+
+  // when the key is to be used for signing:
+  GNUTLS_KEY_DIGITAL_SIGNATURE = 128;
+  GNUTLS_KEY_NON_REPUDIATION = 64;
+  // when the key is to be used for encryption:
+  GNUTLS_KEY_KEY_ENCIPHERMENT = 32;
+  GNUTLS_KEY_DATA_ENCIPHERMENT = 16;
+  GNUTLS_KEY_KEY_AGREEMENT = 8;
+  GNUTLS_KEY_KEY_CERT_SIGN = 4;
+  GNUTLS_KEY_CRL_SIGN = 2;
+  GNUTLS_KEY_ENCIPHER_ONLY = 1;
+  GNUTLS_KEY_DECIPHER_ONLY = 32768;
+
+{ Pointers to basic pascal types, inserted by h2pas conversion program.}
+Type
+  PLongint  = ^Longint;
+  PSmallInt = ^SmallInt;
+  PByte     = ^Byte;
+  PWord     = ^Word;
+  PDWord    = ^DWord;
+  PDouble   = ^Double;
+  Tsize_t = cint;
+  Tssize_t = cint;
+  Ttime_t = int64; // Used as such in gnutls
+  PPdword = ^PDWord;
+
+Type
+  {$IFDEF FPC}
+  {$PACKRECORDS C}
+  {$ENDIF}
+
+  Pgiovec_t  = ^Tgiovec_t;
+  Pgnutls_alert_description_t  = ^Tgnutls_alert_description_t;
+  Pgnutls_alert_level_t  = ^Tgnutls_alert_level_t;
+  Pgnutls_alloc_function  = ^Tgnutls_alloc_function;
+  Pgnutls_anon_client_credentials_st  = ^Tgnutls_anon_client_credentials_st;
+  Pgnutls_anon_client_credentials_t  = ^Tgnutls_anon_client_credentials_t;
+  Pgnutls_anon_server_credentials_st  = ^Tgnutls_anon_server_credentials_st;
+  Pgnutls_anon_server_credentials_t  = ^Tgnutls_anon_server_credentials_t;
+  Pgnutls_buffer_st  = ^Tgnutls_buffer_st;
+  Pgnutls_buffer_t  = ^Tgnutls_buffer_t;
+  Pgnutls_calloc_function  = ^Tgnutls_calloc_function;
+  Pgnutls_certificate_client_credentials  = ^Tgnutls_certificate_client_credentials;
+  Pgnutls_certificate_credentials_st  = ^Tgnutls_certificate_credentials_st;
+  Pgnutls_certificate_credentials_t  = ^Tgnutls_certificate_credentials_t;
+  Pgnutls_certificate_flags  = ^Tgnutls_certificate_flags;
+  Pgnutls_certificate_print_formats  = ^Tgnutls_certificate_print_formats;
+  Pgnutls_certificate_print_formats_t  = ^Tgnutls_certificate_print_formats_t;
+  Pgnutls_certificate_request_t  = ^Tgnutls_certificate_request_t;
+  Pgnutls_certificate_retrieve_function  = ^Tgnutls_certificate_retrieve_function;
+  Pgnutls_certificate_server_credentials  = ^Tgnutls_certificate_server_credentials;
+  Pgnutls_certificate_status_t  = ^Tgnutls_certificate_status_t;
+  Pgnutls_certificate_type_t  = ^Tgnutls_certificate_type_t;
+  Pgnutls_certificate_verify_function  = ^Tgnutls_certificate_verify_function;
+  Pgnutls_channel_binding_t  = ^Tgnutls_channel_binding_t;
+  Pgnutls_cipher_algorithm  = ^Tgnutls_cipher_algorithm;
+  Pgnutls_cipher_algorithm_t  = ^Tgnutls_cipher_algorithm_t;
+  Pgnutls_close_request_t  = ^Tgnutls_close_request_t;
+  Pgnutls_compression_method_t  = ^Tgnutls_compression_method_t;
+  Pgnutls_credentials_type_t  = ^Tgnutls_credentials_type_t;
+  Pgnutls_datum_t  = ^Tgnutls_datum_t;
+  Pgnutls_dh_params_int  = ^Tgnutls_dh_params_int;
+  Pgnutls_dh_params_t  = ^Tgnutls_dh_params_t;
+  Pgnutls_digest_algorithm_t  = ^Tgnutls_digest_algorithm_t;
+  Pgnutls_ecc_curve_t  = ^Tgnutls_ecc_curve_t;
+  Pgnutls_ext_parse_type_t  = ^Tgnutls_ext_parse_type_t;
+  Pgnutls_ext_priv_data_t  = ^Tgnutls_ext_priv_data_t;
+  Pgnutls_handshake_description_t  = ^Tgnutls_handshake_description_t;
+  Pgnutls_kx_algorithm_t  = ^Tgnutls_kx_algorithm_t;
+  Pgnutls_mac_algorithm_t  = ^Tgnutls_mac_algorithm_t;
+  Pgnutls_openpgp_crt_int  = ^Tgnutls_openpgp_crt_int;
+  Pgnutls_openpgp_crt_status_t  = ^Tgnutls_openpgp_crt_status_t;
+  Pgnutls_openpgp_crt_t  = ^Tgnutls_openpgp_crt_t;
+  Pgnutls_openpgp_keyring_int  = ^Tgnutls_openpgp_keyring_int;
+  Pgnutls_openpgp_keyring_t  = ^Tgnutls_openpgp_keyring_t;
+  Pgnutls_openpgp_privkey_int  = ^Tgnutls_openpgp_privkey_int;
+  Pgnutls_openpgp_privkey_t  = ^Tgnutls_openpgp_privkey_t;
+  Pgnutls_packet_t  = ^Tgnutls_packet_t;
+  Pgnutls_params_function  = ^Tgnutls_params_function;
+  Pgnutls_params_st  = ^Tgnutls_params_st;
+  Pgnutls_params_type_t  = ^Tgnutls_params_type_t;
+  Pgnutls_pin_flag_t  = ^Tgnutls_pin_flag_t;
+  Pgnutls_pk_algorithm_t  = ^Tgnutls_pk_algorithm_t;
+  Pgnutls_pkcs11_privkey_st  = ^Tgnutls_pkcs11_privkey_st;
+  Pgnutls_pkcs11_privkey_t  = ^Tgnutls_pkcs11_privkey_t;
+  Pgnutls_priority_st  = ^Tgnutls_priority_st;
+  Pgnutls_priority_t  = ^Tgnutls_priority_t;
+  Pgnutls_privkey_st  = ^Tgnutls_privkey_st;
+  Pgnutls_privkey_t  = ^Tgnutls_privkey_t;
+  Pgnutls_privkey_type_t  = ^Tgnutls_privkey_type_t;
+  Pgnutls_protocol_t  = ^Tgnutls_protocol_t;
+  Pgnutls_psk_client_credentials_function  = ^Tgnutls_psk_client_credentials_function;
+  Pgnutls_psk_client_credentials_st  = ^Tgnutls_psk_client_credentials_st;
+  Pgnutls_psk_client_credentials_t  = ^Tgnutls_psk_client_credentials_t;
+  Pgnutls_psk_key_flags  = ^Tgnutls_psk_key_flags;
+  Pgnutls_psk_server_credentials_function  = ^Tgnutls_psk_server_credentials_function;
+  Pgnutls_psk_server_credentials_st  = ^Tgnutls_psk_server_credentials_st;
+  Pgnutls_psk_server_credentials_t  = ^Tgnutls_psk_server_credentials_t;
+  Pgnutls_pubkey_st  = ^Tgnutls_pubkey_st;
+  Pgnutls_pubkey_t  = ^Tgnutls_pubkey_t;
+  Pgnutls_random_art  = ^Tgnutls_random_art;
+  Pgnutls_random_art_t  = ^Tgnutls_random_art_t;
+  Pgnutls_range_st  = ^Tgnutls_range_st;
+  Pgnutls_realloc_function  = ^Tgnutls_realloc_function;
+  Pgnutls_retr2_st  = ^Tgnutls_retr2_st;
+  Pgnutls_rsa_params_t  = ^Tgnutls_rsa_params_t;
+  Pgnutls_sec_param_t  = ^Tgnutls_sec_param_t;
+  Pgnutls_server_name_type_t  = ^Tgnutls_server_name_type_t;
+  Pgnutls_session_int  = ^Tgnutls_session_int;
+  Pgnutls_session_t  = ^Tgnutls_session_t;
+  Pgnutls_sign_algorithm_t  = ^Tgnutls_sign_algorithm_t;
+  Pgnutls_srp_client_credentials_function  = ^Tgnutls_srp_client_credentials_function;
+  Pgnutls_srp_client_credentials_st  = ^Tgnutls_srp_client_credentials_st;
+  Pgnutls_srp_client_credentials_t  = ^Tgnutls_srp_client_credentials_t;
+  Pgnutls_srp_server_credentials_function  = ^Tgnutls_srp_server_credentials_function;
+  Pgnutls_srp_server_credentials_st  = ^Tgnutls_srp_server_credentials_st;
+  Pgnutls_srp_server_credentials_t  = ^Tgnutls_srp_server_credentials_t;
+  Pgnutls_srtp_profile_t  = ^Tgnutls_srtp_profile_t;
+  Pgnutls_supplemental_data_format_type_t  = ^Tgnutls_supplemental_data_format_type_t;
+  Pgnutls_tdb_int  = ^Tgnutls_tdb_int;
+  Pgnutls_tdb_t  = ^Tgnutls_tdb_t;
+  Pgnutls_transport_ptr_t  = ^Tgnutls_transport_ptr_t;
+  Pgnutls_typed_vdata_st  = ^Tgnutls_typed_vdata_st;
+  Pgnutls_vdata_types_t  = ^Tgnutls_vdata_types_t;
+  Pgnutls_x509_crl_int  = ^Tgnutls_x509_crl_int;
+  Pgnutls_x509_crl_t  = ^Tgnutls_x509_crl_t;
+  Pgnutls_x509_crq_int  = ^Tgnutls_x509_crq_int;
+  Pgnutls_x509_crq_t  = ^Tgnutls_x509_crq_t;
+  Pgnutls_x509_crt_fmt_t  = ^Tgnutls_x509_crt_fmt_t;
+  Pgnutls_x509_crt_int  = ^Tgnutls_x509_crt_int;
+  Pgnutls_x509_crt_t  = ^Tgnutls_x509_crt_t;
+  Pgnutls_x509_privkey_int  = ^Tgnutls_x509_privkey_int;
+  Pgnutls_x509_privkey_t  = ^Tgnutls_x509_privkey_t;
+  Pgnutls_x509_subject_alt_name_t  = ^Tgnutls_x509_subject_alt_name_t;
+  Pmbuffer_st  = ^Tmbuffer_st;
+  Psize_t  = ^Tsize_t;
+  Ptime_t  = ^Ttime_t;
+
+
+  Tgnutls_cipher_algorithm =  Longint;
+  Tgnutls_cipher_algorithm_t = Tgnutls_cipher_algorithm;
+  Tgnutls_kx_algorithm_t =  Longint;
+  Tgnutls_params_type_t =  Longint;
+  Tgnutls_credentials_type_t =  Longint;
+  Tgnutls_mac_algorithm_t =  Longint;
+  Tgnutls_digest_algorithm_t =  Longint;
+  Tgnutls_compression_method_t =  Longint;
+  Tgnutls_alert_level_t =  Longint;
+  Tgnutls_alert_description_t =  Longint;
+  Tgnutls_handshake_description_t =  Longint;
+  Tgnutls_certificate_status_t =  Longint;
+  Tgnutls_certificate_request_t =  Longint;
+  Tgnutls_openpgp_crt_status_t =  Longint;
+  Tgnutls_close_request_t =  Longint;
+  Tgnutls_protocol_t =  Longint;
+  Tgnutls_certificate_type_t =  Longint;
+  Tgnutls_x509_crt_fmt_t =  Longint;
+  Tgnutls_certificate_print_formats =  Longint;
+  Tgnutls_certificate_print_formats_t =  Tgnutls_certificate_print_formats;
+  Tgnutls_pk_algorithm_t =  Longint;
+  Tgnutls_sign_algorithm_t =  Longint;
+  Tgnutls_ecc_curve_t =  Longint;
+  Tgnutls_sec_param_t =  Longint;
+  Tgnutls_channel_binding_t =  Longint;
+
+  PPgnutls_x509_crt_t = ^Pgnutls_x509_crt_t;
+
+  Tgnutls_transport_ptr_t = pointer;
+
+  Tgnutls_session_int = record
+      {undefined structure}
+  end;
+  Tgnutls_session_t = Pgnutls_session_int;
+  Tgnutls_dh_params_int = record
+      {undefined structure}
+  end;
+
+
+  Tgnutls_dh_params_t = Pgnutls_dh_params_int;
+  Tgnutls_x509_privkey_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_rsa_params_t = Pgnutls_x509_privkey_int;
+  Tgnutls_priority_st = record
+      {undefined structure}
+    end;
+
+  Tgnutls_priority_t = Pgnutls_priority_st;
+
+  Tgnutls_datum_t = record
+      data : Pbyte;
+      size : dword;
+    end;
+
+  Tgnutls_params_st = record
+      _type : Tgnutls_params_type_t;
+      params : record
+          case longint of
+            0 : ( dh : Tgnutls_dh_params_t );
+            1 : ( rsa_export : Tgnutls_rsa_params_t );
+          end;
+      deinit : longint;
+    end;
+
+
+  Tgnutls_range_st = record
+      low : Tsize_t;
+      high : Tsize_t;
+    end;
+
+
+  Tgnutls_packet_t = Pmbuffer_st;
+  Tgnutls_server_name_type_t =  Longint;
+  Tgnutls_supplemental_data_format_type_t =  Longint;
+  Tgnutls_srtp_profile_t =  Longint;
+  Tgnutls_vdata_types_t =  Longint;
+  Tgnutls_typed_vdata_st = record
+      _type : Tgnutls_vdata_types_t;
+      data : Pbyte;
+      size : dword;
+    end;
+
+  Tgnutls_pubkey_st = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_pubkey_t = Pgnutls_pubkey_st;
+  Tgnutls_privkey_st = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_privkey_t = Pgnutls_privkey_st;
+
+  Tgnutls_x509_privkey_t = Pgnutls_x509_privkey_int;
+  Tgnutls_x509_crl_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_x509_crl_t = Pgnutls_x509_crl_int;
+  Tgnutls_x509_crt_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_x509_crt_t = Pgnutls_x509_crt_int;
+  Tgnutls_x509_crq_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_x509_crq_t = Pgnutls_x509_crq_int;
+  Tgnutls_openpgp_keyring_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_openpgp_keyring_t = Pgnutls_openpgp_keyring_int;
+  Tgnutls_certificate_credentials_st = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_certificate_credentials_t = Pgnutls_certificate_credentials_st;
+  Tgnutls_certificate_server_credentials = Tgnutls_certificate_credentials_t;
+  Tgnutls_certificate_client_credentials = Tgnutls_certificate_credentials_t;
+  Tgnutls_anon_server_credentials_t = Pgnutls_anon_server_credentials_st;
+  Tgnutls_anon_client_credentials_t = Pgnutls_anon_client_credentials_st;
+
+  tgnutls_anon_client_credentials_st = record
+  end;
+  tgnutls_anon_server_credentials_st = record
+  end;
+  tgnutls_psk_client_credentials_st = record
+  end;
+  tgnutls_psk_server_credentials_st = record
+  end;
+  tgnutls_srp_client_credentials_st = record
+  end;
+  tgnutls_srp_server_credentials_st = record
+  end;
+  tmbuffer_st = record
+  end;
+
+  Tgnutls_certificate_flags =  Longint;
+
+  Tgiovec_t = record
+    iov_base : pointer;
+    iov_len : Tsize_t;
+  end;
+
+
+  Tgnutls_random_art =  Longint;
+  Tgnutls_random_art_t = Tgnutls_random_art;
+
+  Tgnutls_srp_server_credentials_t = Pgnutls_srp_server_credentials_st;
+  Tgnutls_srp_client_credentials_t = Pgnutls_srp_client_credentials_st;
+  Tgnutls_psk_server_credentials_t = Pgnutls_psk_server_credentials_st;
+  Tgnutls_psk_client_credentials_t = Pgnutls_psk_client_credentials_st;
+
+  Tgnutls_psk_key_flags =  Longint;
+
+  Tgnutls_x509_subject_alt_name_t =  Longint;
+
+  Tgnutls_openpgp_crt_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_openpgp_crt_t = Pgnutls_openpgp_crt_int;
+  Tgnutls_openpgp_privkey_int = record
+      {undefined structure}
+    end;
+
+
+  Tgnutls_openpgp_privkey_t = Pgnutls_openpgp_privkey_int;
+  Tgnutls_pkcs11_privkey_st = record
+      {undefined structure}
+    end;
+
+  tgnutls_buffer_st = record
+  end;
+  Tgnutls_pkcs11_privkey_t = Pgnutls_pkcs11_privkey_st;
+
+  Tgnutls_privkey_type_t =  Longint;
+
+  Tgnutls_retr2_st = record
+      cert_type : Tgnutls_certificate_type_t;
+      key_type : Tgnutls_privkey_type_t;
+      cert : record
+          case longint of
+            0 : ( x509 : Pgnutls_x509_crt_t );
+            1 : ( pgp : Tgnutls_openpgp_crt_t );
+          end;
+      ncerts : dword;
+      key : record
+          case longint of
+            0 : ( x509 : Tgnutls_x509_privkey_t );
+            1 : ( pgp : Tgnutls_openpgp_privkey_t );
+            2 : ( pkcs11 : Tgnutls_pkcs11_privkey_t );
+          end;
+      deinit_all : dword;
+    end;
+
+  tgnutls_pkcs_encrypt_flags_t = longint;
+
+  Tgnutls_tdb_int = record
+      {undefined structure}
+    end;
+  Tgnutls_tdb_t = Pgnutls_tdb_int;
+
+  Tgnutls_pin_flag_t =  Longint;
+
+  Tgnutls_buffer_t = Pgnutls_buffer_st;
+  Tgnutls_ext_priv_data_t = pointer;
+  Tgnutls_ext_parse_type_t =  Longint;
+  tgnutls_certificate_verify_flags = Longint;
+
+  Tgnutls_pin_callback_t = function (userdata:pointer; attempt:longint; token_url:Pchar; token_label:Pchar; flags:dword; pin:Pchar; pin_max:Tsize_t):longint;cdecl;
+  Tgnutls_supp_recv_func = function (session:Tgnutls_session_t; data:Pbyte; data_size:Tsize_t):longint;cdecl;
+  Tgnutls_supp_send_func = function (session:Tgnutls_session_t; buf:Tgnutls_buffer_t):longint;cdecl;
+  Tgnutls_ext_recv_func = function (session:Tgnutls_session_t; data:Pbyte; len:Tsize_t):longint;cdecl;
+  Tgnutls_ext_send_func = function (session:Tgnutls_session_t; extdata:Tgnutls_buffer_t):longint;cdecl;
+  Tgnutls_ext_deinit_data_func = procedure (data:Tgnutls_ext_priv_data_t);cdecl;
+  Tgnutls_ext_pack_func = function (data:Tgnutls_ext_priv_data_t; packed_data:Tgnutls_buffer_t):longint;cdecl;
+  Tgnutls_ext_unpack_func = function (packed_data:Tgnutls_buffer_t; data:Pgnutls_ext_priv_data_t):longint;cdecl;
+  Tgnutls_tdb_store_func = function (db_name:Pchar; host:Pchar; service:Pchar; expiration:Ttime_t; pubkey:Pgnutls_datum_t):longint;cdecl;
+  Tgnutls_tdb_store_commitment_func = function (db_name:Pchar; host:Pchar; service:Pchar; expiration:Ttime_t; hash_algo:Tgnutls_digest_algorithm_t;  hash:Pgnutls_datum_t):longint;cdecl;
+  Tgnutls_tdb_verify_func = function (db_name:Pchar; host:Pchar; service:Pchar; pubkey:Pgnutls_datum_t):longint;cdecl;
+  Tgnutls_pull_func = function (para1:Tgnutls_transport_ptr_t; para2:pointer; para3:Tsize_t):Tssize_t;cdecl;
+  Tgnutls_push_func = function (para1:Tgnutls_transport_ptr_t; para2:pointer; para3:Tsize_t):Tssize_t;cdecl;
+  Tgnutls_pull_timeout_func = function (para1:Tgnutls_transport_ptr_t; ms:dword):longint;cdecl;
+  Tgnutls_vec_push_func = function (para1:Tgnutls_transport_ptr_t; iov:Pgiovec_t; iovcnt:longint):Tssize_t;cdecl;
+  Tgnutls_errno_func = function (para1:Tgnutls_transport_ptr_t):longint;cdecl;
+  Tgnutls_time_func = function (t:Ptime_t):Ttime_t;cdecl;
+  Tmutex_init_func = function (mutex:Ppointer):longint;cdecl;
+  Tmutex_lock_func = function (mutex:Ppointer):longint;cdecl;
+  Tmutex_unlock_func = function (mutex:Ppointer):longint;cdecl;
+  Tmutex_deinit_func = function (mutex:Ppointer):longint;cdecl;
+  Tgnutls_alloc_function = function (para1:Tsize_t):pointer;cdecl;
+  Tgnutls_calloc_function = function (para1:Tsize_t; para2:Tsize_t):pointer;cdecl;
+  Tgnutls_is_secure_function = function (para1:pointer):longint;cdecl;
+  Tgnutls_free_function = procedure (para1:pointer);cdecl;
+  Tgnutls_realloc_function = function (para1:pointer; para2:Tsize_t):pointer;cdecl;
+  Tgnutls_log_func = procedure (para1:longint; para2:Pchar);cdecl;
+  Tgnutls_audit_log_func = procedure (para1:Tgnutls_session_t; para2:Pchar);cdecl;
+
+  // Callback typedefs
+    Tgnutls_status_request_ocsp_func = function (session:Tgnutls_session_t; ptr:pointer; ocsp_response:Pgnutls_datum_t):longint;cdecl;
+  Tgnutls_params_function =  function(a : tgnutls_session_t; b: tgnutls_params_type_t; c : tgnutls_params_st ) : cInt; cdecl;
+  Tgnutls_srp_server_credentials_function = Function (a :tgnutls_session_t; username : pchar; salt : pgnutls_datum_t; verifier : pgnutls_datum_t; generator : pgnutls_datum_t; prime : pgnutls_datum_t) : cint ; cdecl;
+  Tgnutls_psk_server_credentials_function = Function (a : tgnutls_session_t; username : pchar; key : pgnutls_datum_t) : cInt; cdecl;
+  Tgnutls_psk_client_credentials_function = Function (a : tgnutls_session_t; username : ppchar; key : pgnutls_datum_t) : cint; cdecl;
+  Tgnutls_srp_client_credentials_function = Function (a : tgnutls_session_t; b : ppchar; c : ppchar): cint; cdecl;
+  Tgnutls_certificate_verify_function = function (a : tgnutls_session_t) : cint; cdecl;
+  Tgnutls_db_store_func = function (para1:pointer; key:Tgnutls_datum_t; data:Tgnutls_datum_t):longint;cdecl;
+  Tgnutls_db_remove_func = function (para1:pointer; key:Tgnutls_datum_t):longint;cdecl;
+  Tgnutls_db_retr_func = function (para1:pointer; key:Tgnutls_datum_t):Tgnutls_datum_t;cdecl;
+  tgnutls_certificate_retrieve_function = function (a: tgnutls_session_t;  req_ca_rdn : pgnutls_datum_t; nreqs : cint; pk_algos : pgnutls_pk_algorithm_t; pk_algos_length : cint ; st: pgnutls_retr2_st) : cint; cdecl;
+  Tgnutls_handshake_hook_func = function (para1:Tgnutls_session_t; htype:dword; post:dword; incoming:dword; msg:Pgnutls_datum_t):longint;cdecl;
+  Tgnutls_handshake_post_client_hello_func = function (para1:Tgnutls_session_t):longint;cdecl;
+
+  TSeqArray = array[0..7] of byte;
+
+  Pgnutls_name_constraints_st = ^gnutls_name_constraints_st;
+  gnutls_name_constraints_st = record
+  end;
+  PPgnutls_x509_crl_t = ^Pgnutls_x509_crl_t;
+
+  Pgnutls_certificate_import_flags = ^Tgnutls_certificate_import_flags;
+  Tgnutls_certificate_import_flags =  Longint;
+  Pgnutls_keyid_flags_t = ^Tgnutls_keyid_flags_t;
+  Tgnutls_keyid_flags_t =  Longint;
+  Pgnutls_info_access_what_t = ^Tgnutls_info_access_what_t;
+  Tgnutls_info_access_what_t =  Longint;
+  Pgnutls_x509_name_constraints_t = ^Tgnutls_x509_name_constraints_t;
+  Tgnutls_x509_name_constraints_t = Pgnutls_name_constraints_st;
+  Pgnutls_x509_crl_reason_flags_t = ^Tgnutls_x509_crl_reason_flags_t;
+  Tgnutls_x509_crl_reason_flags_t =  Longint;
+  Pgnutls_x509_qualifier_t = ^Tgnutls_x509_qualifier_t;
+  Tgnutls_x509_qualifier_t =  Longint;
+  Pgnutls_x509_policy_st = ^Tgnutls_x509_policy_st;
+  Tgnutls_x509_policy_st = record
+      oid : Pchar;
+      qualifiers : dword;
+      qualifier : array[0..7] of record
+          _type : Tgnutls_x509_qualifier_t;
+          data : Pchar;
+          size : dword;
+        end;
+    end;
+  Pgnutls_x509_dn_st = ^gnutls_x509_dn_st;
+  gnutls_x509_dn_st = record
+  end;
+
+  Pgnutls_x509_dn_t = ^Tgnutls_x509_dn_t;
+  Tgnutls_x509_dn_t = Pgnutls_x509_dn_st;
+
+  Pgnutls_x509_ava_st = ^Tgnutls_x509_ava_st;
+  Tgnutls_x509_ava_st = record
+      oid : Tgnutls_datum_t;
+      value : Tgnutls_datum_t;
+      value_tag : dword;
+    end;
+  Pgnutls_x509_crl_iter = ^tgnutls_x509_crl_iter;
+  tgnutls_x509_crl_iter = record
+      end;
+  Pgnutls_x509_crl_iter_t = ^Tgnutls_x509_crl_iter_t;
+  Tgnutls_x509_crl_iter_t = Pgnutls_x509_crl_iter;
+  Pgnutls_certificate_verify_flags = ^Tgnutls_certificate_verify_flags;
+  Pgnutls_pkcs_encrypt_flags_t = ^Tgnutls_pkcs_encrypt_flags_t;
+
+  Pgnutls_certificate_verification_profiles_t = ^Tgnutls_certificate_verification_profiles_t;
+  Tgnutls_certificate_verification_profiles_t =  Longint;
+  Pgnutls_x509_trust_list_t = ^Tgnutls_x509_trust_list_t;
+  Pgnutls_x509_trust_list_st = ^Tgnutls_x509_trust_list_st;
+  Tgnutls_x509_trust_list_st = record
+  end;
+  Tgnutls_x509_trust_list_t = Pgnutls_x509_trust_list_st;
+  Pgnutls_x509_trust_list_iter_t = ^Tgnutls_x509_trust_list_iter_t;
+  Pgnutls_x509_trust_list_iter = ^Tgnutls_x509_trust_list_iter;
+  tgnutls_x509_trust_list_iter  = record
+  end;
+  Tgnutls_x509_trust_list_iter_t = Pgnutls_x509_trust_list_iter;
+
+  Tgnutls_verify_output_function = function(cert : tgnutls_x509_crt_t; issuer :tgnutls_x509_crt_t; crl : tgnutls_x509_crl_t; verification_output : dword) : cint; cdecl;
+
+  Pgnutls_x509_ext_st = ^Tgnutls_x509_ext_st;
+  Tgnutls_x509_ext_st = record
+      oid : Pchar;
+      critical : dword;
+      data : Tgnutls_datum_t;
+  end;
+  Pgnutls_pkcs7_int = ^Tgnutls_pkcs7_int;
+  Tgnutls_pkcs7_int = record
+      {undefined structure}
+  end;
+
+  Pgnutls_pkcs7_t = ^Tgnutls_pkcs7_t;
+  Tgnutls_pkcs7_t = Pgnutls_pkcs7_int;
+  Pgnutls_pkcs7_attrs_st = ^Tgnutls_pkcs7_attrs_st;
+  Tgnutls_pkcs7_attrs_st = record
+  end;
+
+  Pgnutls_pkcs7_attrs_t = ^Tgnutls_pkcs7_attrs_t;
+  Tgnutls_pkcs7_attrs_t = Pgnutls_pkcs7_attrs_st;
+
+  Pgnutls_pkcs7_signature_info_st = ^Tgnutls_pkcs7_signature_info_st;
+  Tgnutls_pkcs7_signature_info_st = record
+      algo : Tgnutls_sign_algorithm_t;
+      sig : Tgnutls_datum_t;
+      issuer_dn : Tgnutls_datum_t;
+      signer_serial : Tgnutls_datum_t;
+      issuer_keyid : Tgnutls_datum_t;
+      signing_time : Ttime_t;
+      signed_attrs : Tgnutls_pkcs7_attrs_t;
+      unsigned_attrs : Tgnutls_pkcs7_attrs_t;
+      pad : array[0..63] of char;
+    end;
+  Pgnutls_pkcs7_sign_flags = ^Tgnutls_pkcs7_sign_flags;
+  Tgnutls_pkcs7_sign_flags =  Longint;
+
+Var
+  gnutls_malloc : Tgnutls_alloc_function;cvar;external;
+  gnutls_realloc : Tgnutls_realloc_function;cvar;external;
+  gnutls_calloc : Tgnutls_calloc_function;cvar;external;
+  gnutls_free : Tgnutls_free_function;cvar;external;
+  gnutls_strdup : function (para1:Pchar):Pchar;cvar;external;
+  gnutls_srp_4096_group_prime : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_4096_group_generator : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_3072_group_prime : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_3072_group_generator : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_2048_group_prime : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_2048_group_generator : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_1536_group_prime : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_1536_group_generator : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_1024_group_prime : Tgnutls_datum_t;cvar;external;
+  gnutls_srp_1024_group_generator : Tgnutls_datum_t;cvar;external;
+
+
+var
+  gnutls_handshake_description_get_name : function(_type:Tgnutls_handshake_description_t):Pchar;cdecl;
+  gnutls_pk_algorithm_get_name : function(algorithm:Tgnutls_pk_algorithm_t):Pchar;cdecl;
+  gnutls_init : function(session:Pgnutls_session_t; flags:dword):longint;cdecl;
+  gnutls_deinit : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_bye : function(session:Tgnutls_session_t; how:Tgnutls_close_request_t):longint;cdecl;
+  gnutls_handshake : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_handshake_set_timeout : procedure(session:Tgnutls_session_t; ms:dword);cdecl;
+  gnutls_rehandshake : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_alert_get : function(session:Tgnutls_session_t):Tgnutls_alert_description_t;cdecl;
+  gnutls_alert_send : function(session:Tgnutls_session_t; level:Tgnutls_alert_level_t; desc:Tgnutls_alert_description_t):longint;cdecl;
+  gnutls_alert_send_appropriate : function(session:Tgnutls_session_t; err:longint):longint;cdecl;
+  gnutls_alert_get_name : function(alert:Tgnutls_alert_description_t):Pchar;cdecl;
+  gnutls_alert_get_strname : function(alert:Tgnutls_alert_description_t):Pchar;cdecl;
+  gnutls_pk_bits_to_sec_param : function(algo:Tgnutls_pk_algorithm_t; bits:dword):Tgnutls_sec_param_t;cdecl;
+  gnutls_sec_param_get_name : function(param:Tgnutls_sec_param_t):Pchar;cdecl;
+  gnutls_sec_param_to_pk_bits : function(algo:Tgnutls_pk_algorithm_t; param:Tgnutls_sec_param_t):dword;cdecl;
+  gnutls_sec_param_to_symmetric_bits : function(param:Tgnutls_sec_param_t):dword;cdecl;
+  gnutls_ecc_curve_get_name : function(curve:Tgnutls_ecc_curve_t):Pchar;cdecl;
+  gnutls_ecc_curve_get_oid : function(curve:Tgnutls_ecc_curve_t):Pchar;cdecl;
+  gnutls_ecc_curve_get_size : function(curve:Tgnutls_ecc_curve_t):longint;cdecl;
+  gnutls_ecc_curve_get : function(session:Tgnutls_session_t):Tgnutls_ecc_curve_t;cdecl;
+  gnutls_cipher_get : function(session:Tgnutls_session_t):Tgnutls_cipher_algorithm_t;cdecl;
+  gnutls_kx_get : function(session:Tgnutls_session_t):Tgnutls_kx_algorithm_t;cdecl;
+  gnutls_mac_get : function(session:Tgnutls_session_t):Tgnutls_mac_algorithm_t;cdecl;
+  gnutls_compression_get : function(session:Tgnutls_session_t):Tgnutls_compression_method_t;cdecl;
+  gnutls_certificate_type_get : function(session:Tgnutls_session_t):Tgnutls_certificate_type_t;cdecl;
+  gnutls_sign_algorithm_get : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_sign_algorithm_get_client : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_sign_algorithm_get_requested : function(session:Tgnutls_session_t; indx:Tsize_t; algo:Pgnutls_sign_algorithm_t):longint;cdecl;
+  gnutls_cipher_get_name : function(algorithm:Tgnutls_cipher_algorithm_t):Pchar;cdecl;
+  gnutls_mac_get_name : function(algorithm:Tgnutls_mac_algorithm_t):Pchar;cdecl;
+  gnutls_digest_get_name : function(algorithm:Tgnutls_digest_algorithm_t):Pchar;cdecl;
+  gnutls_digest_get_oid : function(algorithm:Tgnutls_digest_algorithm_t):Pchar;cdecl;
+  gnutls_compression_get_name : function(algorithm:Tgnutls_compression_method_t):Pchar;cdecl;
+  gnutls_kx_get_name : function(algorithm:Tgnutls_kx_algorithm_t):Pchar;cdecl;
+  gnutls_certificate_type_get_name : function(_type:Tgnutls_certificate_type_t):Pchar;cdecl;
+  gnutls_pk_get_name : function(algorithm:Tgnutls_pk_algorithm_t):Pchar;cdecl;
+  gnutls_pk_get_oid : function(algorithm:Tgnutls_pk_algorithm_t):Pchar;cdecl;
+  gnutls_sign_get_name : function(algorithm:Tgnutls_sign_algorithm_t):Pchar;cdecl;
+  gnutls_sign_get_oid : function(algorithm:Tgnutls_sign_algorithm_t):Pchar;cdecl;
+  gnutls_cipher_get_key_size : function(algorithm:Tgnutls_cipher_algorithm_t):Tsize_t;cdecl;
+  gnutls_mac_get_key_size : function(algorithm:Tgnutls_mac_algorithm_t):Tsize_t;cdecl;
+  gnutls_sign_is_secure : function(algorithm:Tgnutls_sign_algorithm_t):longint;cdecl;
+  gnutls_sign_get_hash_algorithm : function(sign:Tgnutls_sign_algorithm_t):Tgnutls_digest_algorithm_t;cdecl;
+  gnutls_sign_get_pk_algorithm : function(sign:Tgnutls_sign_algorithm_t):Tgnutls_pk_algorithm_t;cdecl;
+  gnutls_pk_to_sign : function(pk:Tgnutls_pk_algorithm_t; hash:Tgnutls_digest_algorithm_t):Tgnutls_sign_algorithm_t;cdecl;
+  gnutls_mac_get_id : function(name:Pchar):Tgnutls_mac_algorithm_t;cdecl;
+  gnutls_digest_get_id : function(name:Pchar):Tgnutls_digest_algorithm_t;cdecl;
+  gnutls_compression_get_id : function(name:Pchar):Tgnutls_compression_method_t;cdecl;
+  gnutls_cipher_get_id : function(name:Pchar):Tgnutls_cipher_algorithm_t;cdecl;
+  gnutls_kx_get_id : function(name:Pchar):Tgnutls_kx_algorithm_t;cdecl;
+  gnutls_protocol_get_id : function(name:Pchar):Tgnutls_protocol_t;cdecl;
+  gnutls_certificate_type_get_id : function(name:Pchar):Tgnutls_certificate_type_t;cdecl;
+  gnutls_pk_get_id : function(name:Pchar):Tgnutls_pk_algorithm_t;cdecl;
+  gnutls_sign_get_id : function(name:Pchar):Tgnutls_sign_algorithm_t;cdecl;
+  gnutls_ecc_curve_get_id : function(name:Pchar):Tgnutls_ecc_curve_t;cdecl;
+  gnutls_oid_to_digest : function(oid:Pchar):Tgnutls_digest_algorithm_t;cdecl;
+  gnutls_oid_to_pk : function(oid:Pchar):Tgnutls_pk_algorithm_t;cdecl;
+  gnutls_oid_to_sign : function(oid:Pchar):Tgnutls_sign_algorithm_t;cdecl;
+  gnutls_oid_to_ecc_curve : function(oid:Pchar):Tgnutls_ecc_curve_t;cdecl;
+  gnutls_ecc_curve_list : function:Pgnutls_ecc_curve_t;cdecl;
+  gnutls_cipher_list : function:Pgnutls_cipher_algorithm_t;cdecl;
+  gnutls_mac_list : function:Pgnutls_mac_algorithm_t;cdecl;
+  gnutls_digest_list : function:Pgnutls_digest_algorithm_t;cdecl;
+  gnutls_compression_list : function:Pgnutls_compression_method_t;cdecl;
+  gnutls_protocol_list : function:Pgnutls_protocol_t;cdecl;
+  gnutls_certificate_type_list : function:Pgnutls_certificate_type_t;cdecl;
+  gnutls_kx_list : function:Pgnutls_kx_algorithm_t;cdecl;
+  gnutls_pk_list : function:Pgnutls_pk_algorithm_t;cdecl;
+  gnutls_sign_list : function:Pgnutls_sign_algorithm_t;cdecl;
+  gnutls_cipher_suite_info : function(idx:Tsize_t; cs_id:Pbyte; kx:Pgnutls_kx_algorithm_t; cipher:Pgnutls_cipher_algorithm_t; mac:Pgnutls_mac_algorithm_t; min_version:Pgnutls_protocol_t):Pchar;cdecl;
+  gnutls_error_is_fatal : function(error:longint):longint;cdecl;
+  gnutls_error_to_alert : function(err:longint; level:Plongint):longint;cdecl;
+  gnutls_perror : procedure(error:longint);cdecl;
+  gnutls_strerror : function(error:longint):Pchar;cdecl;
+  gnutls_strerror_name : function(error:longint):Pchar;cdecl;
+  gnutls_handshake_set_private_extensions : procedure(session:Tgnutls_session_t; allow:longint);cdecl;
+  gnutls_handshake_set_random : function(session:Tgnutls_session_t; random:Pgnutls_datum_t):longint;cdecl;
+  gnutls_handshake_get_last_out : function(session:Tgnutls_session_t):Tgnutls_handshake_description_t;cdecl;
+  gnutls_handshake_get_last_in : function(session:Tgnutls_session_t):Tgnutls_handshake_description_t;cdecl;
+  gnutls_heartbeat_ping : function(session:Tgnutls_session_t; data_size:Tsize_t; max_tries:dword; flags:dword):longint;cdecl;
+  gnutls_heartbeat_pong : function(session:Tgnutls_session_t; flags:dword):longint;cdecl;
+  gnutls_record_set_timeout : procedure(session:Tgnutls_session_t; ms:dword);cdecl;
+  gnutls_record_disable_padding : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_record_cork : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_record_uncork : function(session:Tgnutls_session_t; flags:dword):longint;cdecl;
+  gnutls_record_discard_queued : function(session:Tgnutls_session_t):Tsize_t;cdecl;
+  gnutls_record_get_state : function(session:Tgnutls_session_t; read:dword; mac_key:Pgnutls_datum_t; IV:Pgnutls_datum_t; cipher_key:Pgnutls_datum_t; seq_number: tseqarray):longint;cdecl;
+  gnutls_record_set_state : function(session:Tgnutls_session_t; read:dword; seq_number: TSeqArray):longint;cdecl;
+  gnutls_range_split : function(session:Tgnutls_session_t; orig:Pgnutls_range_st; small_range:Pgnutls_range_st; rem_range:Pgnutls_range_st):longint;cdecl;
+  gnutls_record_send : function(session:Tgnutls_session_t; data:pointer; data_size:Tsize_t):Tssize_t;cdecl;
+  gnutls_record_send_range : function(session:Tgnutls_session_t; data:pointer; data_size:Tsize_t; range:Pgnutls_range_st):Tssize_t;cdecl;
+  gnutls_record_recv : function(session:Tgnutls_session_t; data:pointer; data_size:Tsize_t):Tssize_t;cdecl;
+  gnutls_record_recv_packet : function(session:Tgnutls_session_t; packet:Pgnutls_packet_t):Tssize_t;cdecl;
+  gnutls_packet_get : procedure(packet:Tgnutls_packet_t; data:Pgnutls_datum_t; sequence:Pbyte);cdecl;
+  gnutls_packet_deinit : procedure(packet:Tgnutls_packet_t);cdecl;
+  gnutls_record_recv_seq : function(session:Tgnutls_session_t; data:pointer; data_size:Tsize_t; seq:Pbyte):Tssize_t;cdecl;
+  gnutls_record_overhead_size : function(session:Tgnutls_session_t):Tsize_t;cdecl;
+  gnutls_est_record_overhead_size : function(version:Tgnutls_protocol_t; cipher:Tgnutls_cipher_algorithm_t; mac:Tgnutls_mac_algorithm_t; comp:Tgnutls_compression_method_t; flags:dword):Tsize_t;cdecl;
+  gnutls_session_enable_compatibility_mode : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_record_can_use_length_hiding : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_record_get_direction : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_record_get_max_size : function(session:Tgnutls_session_t):Tsize_t;cdecl;
+  gnutls_record_set_max_size : function(session:Tgnutls_session_t; size:Tsize_t):Tssize_t;cdecl;
+  gnutls_record_check_pending : function(session:Tgnutls_session_t):Tsize_t;cdecl;
+  gnutls_record_check_corked : function(session:Tgnutls_session_t):Tsize_t;cdecl;
+  gnutls_session_force_valid : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_prf : function(session:Tgnutls_session_t; label_size:Tsize_t; _label:Pchar; server_random_first:longint; extra_size:Tsize_t;  extra:Pchar; outsize:Tsize_t; outs :Pchar):longint;cdecl;
+  gnutls_prf_rfc5705 : function(session:Tgnutls_session_t; label_size:Tsize_t; _label:Pchar; context_size:Tsize_t; context:Pchar; outsize:Tsize_t; outs:Pchar):longint;cdecl;
+  gnutls_prf_raw : function(session:Tgnutls_session_t; label_size:Tsize_t; _label:Pchar; seed_size:Tsize_t; seed:Pchar;  outsize:Tsize_t; outs:Pchar):longint;cdecl;
+  gnutls_server_name_set : function(session:Tgnutls_session_t; _type:Tgnutls_server_name_type_t; name:pointer; name_length:Tsize_t):longint;cdecl;
+  gnutls_server_name_get : function(session:Tgnutls_session_t; data:pointer; data_length:Psize_t; _type:Pdword; indx:dword):longint;cdecl;
+  gnutls_heartbeat_get_timeout : function(session:Tgnutls_session_t):dword;cdecl;
+  gnutls_heartbeat_set_timeouts : procedure(session:Tgnutls_session_t; retrans_timeout:dword; total_timeout:dword);cdecl;
+  gnutls_heartbeat_enable : procedure(session:Tgnutls_session_t; _type:dword);cdecl;
+  gnutls_heartbeat_allowed : function(session:Tgnutls_session_t; _type:dword):longint;cdecl;
+  gnutls_safe_renegotiation_status : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_session_ext_master_secret_status : function(session:Tgnutls_session_t):dword;cdecl;
+  gnutls_session_etm_status : function(session:Tgnutls_session_t):dword;cdecl;
+  gnutls_supplemental_get_name : function(_type:Tgnutls_supplemental_data_format_type_t):Pchar;cdecl;
+  gnutls_session_ticket_key_generate : function(key:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_ticket_enable_client : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_session_ticket_enable_server : function(session:Tgnutls_session_t; key:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srtp_set_profile : function(session:Tgnutls_session_t; profile:Tgnutls_srtp_profile_t):longint;cdecl;
+  gnutls_srtp_set_profile_direct : function(session:Tgnutls_session_t; profiles:Pchar; err_pos:PPchar):longint;cdecl;
+  gnutls_srtp_get_selected_profile : function(session:Tgnutls_session_t; profile:Pgnutls_srtp_profile_t):longint;cdecl;
+  gnutls_srtp_get_profile_name : function(profile:Tgnutls_srtp_profile_t):Pchar;cdecl;
+  gnutls_srtp_get_profile_id : function(name:Pchar; profile:Pgnutls_srtp_profile_t):longint;cdecl;
+  gnutls_srtp_get_keys : function(session:Tgnutls_session_t; key_material:pointer; key_material_size:dword; client_key:Pgnutls_datum_t; client_salt:Pgnutls_datum_t;  server_key:Pgnutls_datum_t; server_salt:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srtp_set_mki : function(session:Tgnutls_session_t; mki:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srtp_get_mki : function(session:Tgnutls_session_t; mki:Pgnutls_datum_t):longint;cdecl;
+  gnutls_alpn_get_selected_protocol : function(session:Tgnutls_session_t; protocol:Pgnutls_datum_t):longint;cdecl;
+  gnutls_alpn_set_protocols : function(session:Tgnutls_session_t; protocols:Pgnutls_datum_t; protocols_size:dword; flags:dword):longint;cdecl;
+  gnutls_key_generate : function(key:Pgnutls_datum_t; key_size:dword):longint;cdecl;
+  gnutls_priority_init : function(priority_cache:Pgnutls_priority_t; priorities:Pchar; err_pos:PPchar):longint;cdecl;
+  gnutls_priority_deinit : procedure(priority_cache:Tgnutls_priority_t);cdecl;
+  gnutls_priority_get_cipher_suite_index : function(pcache:Tgnutls_priority_t; idx:dword; sidx:Pdword):longint;cdecl;
+  gnutls_priority_string_list : function(iter:dword; flags:dword):Pchar;cdecl;
+  gnutls_priority_set : function(session:Tgnutls_session_t; priority:Tgnutls_priority_t):longint;cdecl;
+  gnutls_priority_set_direct : function(session:Tgnutls_session_t; priorities:Pchar; err_pos:PPchar):longint;cdecl;
+  gnutls_priority_certificate_type_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_sign_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_protocol_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_compression_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_ecc_curve_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_kx_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_cipher_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_priority_mac_list : function(pcache:Tgnutls_priority_t; list:PPdword):longint;cdecl;
+  gnutls_set_default_priority : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_cipher_suite_get_name : function(kx_algorithm:Tgnutls_kx_algorithm_t; cipher_algorithm:Tgnutls_cipher_algorithm_t; mac_algorithm:Tgnutls_mac_algorithm_t):Pchar;cdecl;
+  gnutls_protocol_get_version : function(session:Tgnutls_session_t):Tgnutls_protocol_t;cdecl;
+  gnutls_protocol_get_name : function(version:Tgnutls_protocol_t):Pchar;cdecl;
+  gnutls_session_set_data : function(session:Tgnutls_session_t; session_data:pointer; session_data_size:Tsize_t):longint;cdecl;
+  gnutls_session_get_data : function(session:Tgnutls_session_t; session_data:pointer; session_data_size:Psize_t):longint;cdecl;
+  gnutls_session_get_data2 : function(session:Tgnutls_session_t; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_get_random : procedure(session:Tgnutls_session_t; client:Pgnutls_datum_t; server:Pgnutls_datum_t);cdecl;
+  gnutls_session_get_desc : function(session:Tgnutls_session_t):Pchar;cdecl;
+  gnutls_session_set_verify_function : procedure(session:Tgnutls_session_t; func:tgnutls_certificate_verify_function);cdecl;
+  gnutls_session_set_verify_cert : procedure(session:Tgnutls_session_t; hostname:Pchar; flags:dword);cdecl;
+  gnutls_session_set_verify_cert2 : procedure(session:Tgnutls_session_t; data:Pgnutls_typed_vdata_st; elements:dword; flags:dword);cdecl;
+  gnutls_session_get_verify_cert_status : function(para1:Tgnutls_session_t):dword;cdecl;
+  gnutls_session_set_premaster : function(session:Tgnutls_session_t; entity:dword; version:Tgnutls_protocol_t; kx:Tgnutls_kx_algorithm_t; cipher:Tgnutls_cipher_algorithm_t;
+      mac:Tgnutls_mac_algorithm_t; comp:Tgnutls_compression_method_t; master:Pgnutls_datum_t; session_id:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_get_id : function(session:Tgnutls_session_t; session_id:pointer; session_id_size:Psize_t):longint;cdecl;
+  gnutls_session_get_id2 : function(session:Tgnutls_session_t; session_id:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_set_id : function(session:Tgnutls_session_t; sid:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_channel_binding : function(session:Tgnutls_session_t; cbtype:Tgnutls_channel_binding_t; cb:Pgnutls_datum_t):longint;cdecl;
+  gnutls_session_is_resumed : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_session_resumption_requested : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_db_set_cache_expiration : procedure(session:Tgnutls_session_t; seconds:longint);cdecl;
+  gnutls_db_get_default_cache_expiration : function:dword;cdecl;
+  gnutls_db_remove_session : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_db_set_retrieve_function : procedure(session:Tgnutls_session_t; retr_func:Tgnutls_db_retr_func);cdecl;
+  gnutls_db_set_remove_function : procedure(session:Tgnutls_session_t; rem_func:Tgnutls_db_remove_func);cdecl;
+  gnutls_db_set_store_function : procedure(session:Tgnutls_session_t; store_func:Tgnutls_db_store_func);cdecl;
+  gnutls_db_set_ptr : procedure(session:Tgnutls_session_t; ptr:pointer);cdecl;
+  gnutls_db_get_ptr : function(session:Tgnutls_session_t):pointer;cdecl;
+  gnutls_db_check_entry : function(session:Tgnutls_session_t; session_entry:Tgnutls_datum_t):longint;cdecl;
+  gnutls_db_check_entry_time : function(entry:Pgnutls_datum_t):Ttime_t;cdecl;
+  gnutls_handshake_set_hook_function : procedure(session:Tgnutls_session_t; htype:dword; post:longint; func:Tgnutls_handshake_hook_func);cdecl;
+  gnutls_handshake_set_post_client_hello_function : procedure(session:Tgnutls_session_t; func:Tgnutls_handshake_post_client_hello_func);cdecl;
+  gnutls_handshake_set_max_packet_length : procedure(session:Tgnutls_session_t; max:Tsize_t);cdecl;
+  gnutls_check_version : function(req_version:Pchar):Pchar;cdecl;
+  gnutls_credentials_clear : procedure(session:Tgnutls_session_t);cdecl;
+  gnutls_credentials_set : function(session:Tgnutls_session_t; _type:Tgnutls_credentials_type_t; cred:pointer):longint;cdecl;
+  gnutls_credentials_get : function(session:Tgnutls_session_t; _type:Tgnutls_credentials_type_t; cred:Ppointer):longint;cdecl;
+  gnutls_anon_free_server_credentials : procedure(sc:Tgnutls_anon_server_credentials_t);cdecl;
+  gnutls_anon_allocate_server_credentials : function(sc:Pgnutls_anon_server_credentials_t):longint;cdecl;
+  gnutls_anon_set_server_dh_params : procedure(res:Tgnutls_anon_server_credentials_t; dh_params:Tgnutls_dh_params_t);cdecl;
+  gnutls_anon_set_server_params_function : procedure(res:Tgnutls_anon_server_credentials_t; func: tgnutls_params_function);cdecl;
+  gnutls_anon_free_client_credentials : procedure(sc:Tgnutls_anon_client_credentials_t);cdecl;
+  gnutls_anon_allocate_client_credentials : function(sc:Pgnutls_anon_client_credentials_t):longint;cdecl;
+  gnutls_certificate_free_credentials : procedure(sc:Tgnutls_certificate_credentials_t);cdecl;
+  gnutls_certificate_allocate_credentials : function(res:Pgnutls_certificate_credentials_t):longint;cdecl;
+  gnutls_certificate_get_issuer : function(sc:Tgnutls_certificate_credentials_t; cert:Tgnutls_x509_crt_t; issuer:Pgnutls_x509_crt_t; flags:dword):longint;cdecl;
+  gnutls_certificate_get_crt_raw : function(sc:Tgnutls_certificate_credentials_t; idx1:dword; idx2:dword; cert:Pgnutls_datum_t):longint;cdecl;
+  gnutls_certificate_get_x509_crt : function(res:Tgnutls_certificate_credentials_t; index:dword; crt_list:PPgnutls_x509_crt_t; crt_list_size:Pdword):longint;cdecl;
+  gnutls_certificate_get_x509_key : function(res:Tgnutls_certificate_credentials_t; index:dword; key:Pgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_certificate_free_keys : procedure(sc:Tgnutls_certificate_credentials_t);cdecl;
+  gnutls_certificate_free_cas : procedure(sc:Tgnutls_certificate_credentials_t);cdecl;
+  gnutls_certificate_free_ca_names : procedure(sc:Tgnutls_certificate_credentials_t);cdecl;
+  gnutls_certificate_free_crls : procedure(sc:Tgnutls_certificate_credentials_t);cdecl;
+  gnutls_certificate_set_dh_params : procedure(res:Tgnutls_certificate_credentials_t; dh_params:Tgnutls_dh_params_t);cdecl;
+  gnutls_certificate_set_verify_flags : procedure(res:Tgnutls_certificate_credentials_t; flags:dword);cdecl;
+  gnutls_certificate_get_verify_flags : function(res:Tgnutls_certificate_credentials_t):dword;cdecl;
+  gnutls_certificate_set_flags : procedure(para1:Tgnutls_certificate_credentials_t; flags:dword);cdecl;
+  gnutls_certificate_set_verify_limits : procedure(res:Tgnutls_certificate_credentials_t; max_bits:dword; max_depth:dword);cdecl;
+  gnutls_certificate_set_x509_system_trust : function(cred:Tgnutls_certificate_credentials_t):longint;cdecl;
+  gnutls_certificate_set_x509_trust_file : function(cred:Tgnutls_certificate_credentials_t; cafile:Pchar; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_trust_dir : function(cred:Tgnutls_certificate_credentials_t; ca_dir:Pchar; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_trust_mem : function(res:Tgnutls_certificate_credentials_t; ca:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_crl_file : function(res:Tgnutls_certificate_credentials_t; crlfile:Pchar; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_crl_mem : function(res:Tgnutls_certificate_credentials_t; CRL:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_key_file : function(res:Tgnutls_certificate_credentials_t; certfile:Pchar; keyfile:Pchar; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_key_file2 : function(res:Tgnutls_certificate_credentials_t; certfile:Pchar; keyfile:Pchar; _type:Tgnutls_x509_crt_fmt_t; pass:Pchar;
+      flags:dword):longint;cdecl;
+  gnutls_certificate_set_x509_key_mem : function(res:Tgnutls_certificate_credentials_t; cert:Pgnutls_datum_t; key:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_certificate_set_x509_key_mem2 : function(res:Tgnutls_certificate_credentials_t; cert:Pgnutls_datum_t; key:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t; pass:Pchar;
+      flags:dword):longint;cdecl;
+  gnutls_certificate_send_x509_rdn_sequence : procedure(session:Tgnutls_session_t; status:longint);cdecl;
+  gnutls_certificate_set_x509_simple_pkcs12_file : function(res:Tgnutls_certificate_credentials_t; pkcs12file:Pchar; _type:Tgnutls_x509_crt_fmt_t; password:Pchar):longint;cdecl;
+  gnutls_certificate_set_x509_simple_pkcs12_mem : function(res:Tgnutls_certificate_credentials_t; p12blob:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t; password:Pchar):longint;cdecl;
+  gnutls_certificate_set_x509_key : function(res:Tgnutls_certificate_credentials_t; cert_list:Pgnutls_x509_crt_t; cert_list_size:longint; key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_certificate_set_x509_trust : function(res:Tgnutls_certificate_credentials_t; ca_list:Pgnutls_x509_crt_t; ca_list_size:longint):longint;cdecl;
+  gnutls_certificate_set_x509_crl : function(res:Tgnutls_certificate_credentials_t; crl_list:Pgnutls_x509_crl_t; crl_list_size:longint):longint;cdecl;
+  gnutls_certificate_set_ocsp_status_request_function : procedure(res:Tgnutls_certificate_credentials_t; ocsp_func:Tgnutls_status_request_ocsp_func; ptr:pointer);cdecl;
+  gnutls_certificate_set_ocsp_status_request_file : function(res:Tgnutls_certificate_credentials_t; response_file:Pchar; flags:dword):longint;cdecl;
+  gnutls_ocsp_status_request_enable_client : function(session:Tgnutls_session_t; responder_id:Pgnutls_datum_t; responder_id_size:Tsize_t; request_extensions:Pgnutls_datum_t):longint;cdecl;
+  gnutls_ocsp_status_request_get : function(session:Tgnutls_session_t; response:Pgnutls_datum_t):longint;cdecl;
+  gnutls_ocsp_status_request_is_checked : function(session:Tgnutls_session_t; flags:dword):longint;cdecl;
+  gnutls_global_init : function:longint;cdecl;
+  gnutls_global_deinit : procedure;cdecl;
+  gnutls_global_set_mutex : procedure(init:Tmutex_init_func; deinit:Tmutex_deinit_func; lock:Tmutex_lock_func; unlock:Tmutex_unlock_func);cdecl;
+  gnutls_global_set_time_function : procedure(time_func:Tgnutls_time_func);cdecl;
+  gnutls_memset : procedure(data:pointer; c:longint; size:Tsize_t);cdecl;
+  gnutls_memcmp : function(s1:pointer; s2:pointer; n:Tsize_t):longint;cdecl;
+  gnutls_global_set_log_function : procedure(log_func:Tgnutls_log_func);cdecl;
+  gnutls_global_set_audit_log_function : procedure(log_func:Tgnutls_audit_log_func);cdecl;
+  gnutls_global_set_log_level : procedure(level:longint);cdecl;
+  gnutls_dh_params_init : function(dh_params:Pgnutls_dh_params_t):longint;cdecl;
+  gnutls_dh_params_deinit : procedure(dh_params:Tgnutls_dh_params_t);cdecl;
+  gnutls_dh_params_import_raw : function(dh_params:Tgnutls_dh_params_t; prime:Pgnutls_datum_t; generator:Pgnutls_datum_t):longint;cdecl;
+  gnutls_dh_params_import_raw2 : function(dh_params:Tgnutls_dh_params_t; prime:Pgnutls_datum_t; generator:Pgnutls_datum_t; key_bits:dword):longint;cdecl;
+  gnutls_dh_params_import_pkcs3 : function(params:Tgnutls_dh_params_t; pkcs3_params:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_dh_params_generate2 : function(params:Tgnutls_dh_params_t; bits:dword):longint;cdecl;
+  gnutls_dh_params_export_pkcs3 : function(params:Tgnutls_dh_params_t; format:Tgnutls_x509_crt_fmt_t; params_data:Pbyte; params_data_size:Psize_t):longint;cdecl;
+  gnutls_dh_params_export2_pkcs3 : function(params:Tgnutls_dh_params_t; format:Tgnutls_x509_crt_fmt_t; outd :Pgnutls_datum_t):longint;cdecl;
+  gnutls_dh_params_export_raw : function(params:Tgnutls_dh_params_t; prime:Pgnutls_datum_t; generator:Pgnutls_datum_t; bits:Pdword):longint;cdecl;
+  gnutls_dh_params_cpy : function(dst:Tgnutls_dh_params_t; src:Tgnutls_dh_params_t):longint;cdecl;
+  gnutls_system_recv_timeout : function(ptr:Tgnutls_transport_ptr_t; ms:dword):longint;cdecl;
+  gnutls_transport_set_int2 : procedure(session:Tgnutls_session_t; r:longint; s:longint);cdecl;
+  gnutls_transport_get_int2 : procedure(session:Tgnutls_session_t; r:Plongint; s:Plongint);cdecl;
+  gnutls_transport_get_int : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_transport_set_ptr : procedure(session:Tgnutls_session_t; ptr:Tgnutls_transport_ptr_t);cdecl;
+  gnutls_transport_set_ptr2 : procedure(session:Tgnutls_session_t; recv_ptr:Tgnutls_transport_ptr_t; send_ptr:Tgnutls_transport_ptr_t);cdecl;
+  gnutls_transport_get_ptr : function(session:Tgnutls_session_t):Tgnutls_transport_ptr_t;cdecl;
+  gnutls_transport_get_ptr2 : procedure(session:Tgnutls_session_t; recv_ptr:Pgnutls_transport_ptr_t; send_ptr:Pgnutls_transport_ptr_t);cdecl;
+  gnutls_transport_set_vec_push_function : procedure(session:Tgnutls_session_t; vec_func:Tgnutls_vec_push_func);cdecl;
+  gnutls_transport_set_push_function : procedure(session:Tgnutls_session_t; push_func:Tgnutls_push_func);cdecl;
+  gnutls_transport_set_pull_function : procedure(session:Tgnutls_session_t; pull_func:Tgnutls_pull_func);cdecl;
+  gnutls_transport_set_pull_timeout_function : procedure(session:Tgnutls_session_t; func:Tgnutls_pull_timeout_func);cdecl;
+  gnutls_transport_set_errno_function : procedure(session:Tgnutls_session_t; errno_func:Tgnutls_errno_func);cdecl;
+  gnutls_transport_set_errno : procedure(session:Tgnutls_session_t; err:longint);cdecl;
+  gnutls_session_set_ptr : procedure(session:Tgnutls_session_t; ptr:pointer);cdecl;
+  gnutls_session_get_ptr : function(session:Tgnutls_session_t):pointer;cdecl;
+  gnutls_openpgp_send_cert : procedure(session:Tgnutls_session_t; status:Tgnutls_openpgp_crt_status_t);cdecl;
+  gnutls_fingerprint : function(algo:Tgnutls_digest_algorithm_t; data:Pgnutls_datum_t; result:pointer; result_size:Psize_t):longint;cdecl;
+  gnutls_random_art : function(_type:Tgnutls_random_art_t; key_type:Pchar; key_size:dword; fpr:pointer; fpr_size:Tsize_t;  art:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srp_free_client_credentials : procedure(sc:Tgnutls_srp_client_credentials_t);cdecl;
+  gnutls_srp_allocate_client_credentials : function(sc:Pgnutls_srp_client_credentials_t):longint;cdecl;
+  gnutls_srp_set_client_credentials : function(res:Tgnutls_srp_client_credentials_t; username:Pchar; password:Pchar):longint;cdecl;
+  gnutls_srp_free_server_credentials : procedure(sc:Tgnutls_srp_server_credentials_t);cdecl;
+  gnutls_srp_allocate_server_credentials : function(sc:Pgnutls_srp_server_credentials_t):longint;cdecl;
+  gnutls_srp_set_server_credentials_file : function(res:Tgnutls_srp_server_credentials_t; password_file:Pchar; password_conf_file:Pchar):longint;cdecl;
+  gnutls_srp_server_get_username : function(session:Tgnutls_session_t):Pchar;cdecl;
+  gnutls_srp_set_prime_bits : procedure(session:Tgnutls_session_t; bits:dword);cdecl;
+  gnutls_srp_verifier : function(username:Pchar; password:Pchar; salt:Pgnutls_datum_t; generator:Pgnutls_datum_t; prime:Pgnutls_datum_t; res:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srp_set_server_credentials_function : procedure(cred:Tgnutls_srp_server_credentials_t; func:tgnutls_srp_server_credentials_function);cdecl;
+  gnutls_srp_set_client_credentials_function : procedure(cred:Tgnutls_srp_client_credentials_t; func:tgnutls_srp_client_credentials_function);cdecl;
+  gnutls_srp_base64_encode : function(data:Pgnutls_datum_t; result:Pchar; result_size:Psize_t):longint;cdecl;
+  gnutls_srp_base64_encode2 : function(data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srp_base64_decode : function(b64_data:Pgnutls_datum_t; result:Pchar; result_size:Psize_t):longint;cdecl;
+  gnutls_srp_base64_decode2 : function(b64_data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_srp_set_server_fake_salt_seed : procedure(sc:Tgnutls_srp_server_credentials_t; seed:Pgnutls_datum_t; salt_length:dword);cdecl;
+  gnutls_psk_free_client_credentials : procedure(sc:Tgnutls_psk_client_credentials_t);cdecl;
+  gnutls_psk_allocate_client_credentials : function(sc:Pgnutls_psk_client_credentials_t):longint;cdecl;
+  gnutls_psk_set_client_credentials : function(res:Tgnutls_psk_client_credentials_t; username:Pchar; key:Pgnutls_datum_t; flags:Tgnutls_psk_key_flags):longint;cdecl;
+  gnutls_psk_free_server_credentials : procedure(sc:Tgnutls_psk_server_credentials_t);cdecl;
+  gnutls_psk_allocate_server_credentials : function(sc:Pgnutls_psk_server_credentials_t):longint;cdecl;
+  gnutls_psk_set_server_credentials_file : function(res:Tgnutls_psk_server_credentials_t; password_file:Pchar):longint;cdecl;
+  gnutls_psk_set_server_credentials_hint : function(res:Tgnutls_psk_server_credentials_t; hint:Pchar):longint;cdecl;
+  gnutls_psk_server_get_username : function(session:Tgnutls_session_t):Pchar;cdecl;
+  gnutls_psk_client_get_hint : function(session:Tgnutls_session_t):Pchar;cdecl;
+  gnutls_psk_set_server_credentials_function : procedure(cred:Tgnutls_psk_server_credentials_t; func:Tgnutls_psk_server_credentials_function);cdecl;
+  gnutls_psk_set_client_credentials_function : procedure(cred:Tgnutls_psk_client_credentials_t; func:Tgnutls_psk_client_credentials_function);cdecl;
+  gnutls_hex_encode : function(data:Pgnutls_datum_t; result:Pchar; result_size:Psize_t):longint;cdecl;
+  gnutls_hex_decode : function(hex_data:Pgnutls_datum_t; result:pointer; result_size:Psize_t):longint;cdecl;
+  gnutls_hex_encode2 : function(data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_hex_decode2 : function(data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_psk_set_server_dh_params : procedure(res:Tgnutls_psk_server_credentials_t; dh_params:Tgnutls_dh_params_t);cdecl;
+  gnutls_psk_set_server_params_function : procedure(res:Tgnutls_psk_server_credentials_t; func: tgnutls_params_function);cdecl;
+  gnutls_auth_get_type : function(session:Tgnutls_session_t):Tgnutls_credentials_type_t;cdecl;
+  gnutls_auth_server_get_type : function(session:Tgnutls_session_t):Tgnutls_credentials_type_t;cdecl;
+  gnutls_auth_client_get_type : function(session:Tgnutls_session_t):Tgnutls_credentials_type_t;cdecl;
+  gnutls_dh_set_prime_bits : procedure(session:Tgnutls_session_t; bits:dword);cdecl;
+  gnutls_dh_get_secret_bits : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_dh_get_peers_public_bits : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_dh_get_prime_bits : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_dh_get_group : function(session:Tgnutls_session_t; raw_gen:Pgnutls_datum_t; raw_prime:Pgnutls_datum_t):longint;cdecl;
+  gnutls_dh_get_pubkey : function(session:Tgnutls_session_t; raw_key:Pgnutls_datum_t):longint;cdecl;
+  gnutls_certificate_set_retrieve_function : procedure(cred:Tgnutls_certificate_credentials_t; func:Pgnutls_certificate_retrieve_function);cdecl;
+  gnutls_certificate_set_verify_function : procedure(cred:Tgnutls_certificate_credentials_t; func:Pgnutls_certificate_verify_function);cdecl;
+  gnutls_certificate_server_set_request : procedure(session:Tgnutls_session_t; req:Tgnutls_certificate_request_t);cdecl;
+  gnutls_certificate_get_peers : function(session:Tgnutls_session_t; list_size:Pdword):Pgnutls_datum_t;cdecl;
+  gnutls_certificate_get_ours : function(session:Tgnutls_session_t):Pgnutls_datum_t;cdecl;
+  gnutls_certificate_get_peers_subkey_id : function(session:Tgnutls_session_t; id:Pgnutls_datum_t):longint;cdecl;
+  gnutls_certificate_activation_time_peers : function(session:Tgnutls_session_t):Ttime_t;cdecl;
+  gnutls_certificate_expiration_time_peers : function(session:Tgnutls_session_t):Ttime_t;cdecl;
+  gnutls_certificate_client_get_request_status : function(session:Tgnutls_session_t):longint;cdecl;
+  gnutls_certificate_verify_peers2 : function(session:Tgnutls_session_t; status:Pdword):longint;cdecl;
+  gnutls_certificate_verify_peers3 : function(session:Tgnutls_session_t; hostname:Pchar; status:Pdword):longint;cdecl;
+  gnutls_certificate_verify_peers : function(session:Tgnutls_session_t; data:Pgnutls_typed_vdata_st; elements:dword; status:Pdword):longint;cdecl;
+  gnutls_certificate_verification_status_print : function(status:dword; _type:Tgnutls_certificate_type_t; outa:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_pem_base64_encode : function(msg:Pchar; data:Pgnutls_datum_t; result:Pchar; result_size:Psize_t):longint;cdecl;
+  gnutls_pem_base64_decode : function(header:Pchar; b64_data:Pgnutls_datum_t; result:Pbyte; result_size:Psize_t):longint;cdecl;
+  gnutls_pem_base64_encode2 : function(msg:Pchar; data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pem_base64_decode2 : function(header:Pchar; b64_data:Pgnutls_datum_t; result:Pgnutls_datum_t):longint;cdecl;
+  gnutls_certificate_set_params_function : procedure(res:Tgnutls_certificate_credentials_t; func:Pgnutls_params_function);cdecl;
+  gnutls_anon_set_params_function : procedure(res:Tgnutls_anon_server_credentials_t; func:Pgnutls_params_function);cdecl;
+  gnutls_psk_set_params_function : procedure(res:Tgnutls_psk_server_credentials_t; func:Pgnutls_params_function);cdecl;
+  gnutls_hex2bin : function(hex_data:Pchar; hex_size:Tsize_t; bin_data:pointer; bin_size:Psize_t):longint;cdecl;
+  gnutls_tdb_init : function(tdb:Pgnutls_tdb_t):longint;cdecl;
+  gnutls_tdb_set_store_func : procedure(tdb:Tgnutls_tdb_t; store:Tgnutls_tdb_store_func);cdecl;
+  gnutls_tdb_set_store_commitment_func : procedure(tdb:Tgnutls_tdb_t; cstore:Tgnutls_tdb_store_commitment_func);cdecl;
+  gnutls_tdb_set_verify_func : procedure(tdb:Tgnutls_tdb_t; verify:Tgnutls_tdb_verify_func);cdecl;
+  gnutls_tdb_deinit : procedure(tdb:Tgnutls_tdb_t);cdecl;
+  gnutls_verify_stored_pubkey : function(db_name:Pchar; tdb:Tgnutls_tdb_t; host:Pchar; service:Pchar; cert_type:Tgnutls_certificate_type_t;
+      cert:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_store_commitment : function(db_name:Pchar; tdb:Tgnutls_tdb_t; host:Pchar; service:Pchar; hash_algo:Tgnutls_digest_algorithm_t;
+      hash:Pgnutls_datum_t; expiration:Ttime_t; flags:dword):longint;cdecl;
+  gnutls_store_pubkey : function(db_name:Pchar; tdb:Tgnutls_tdb_t; host:Pchar; service:Pchar; cert_type:Tgnutls_certificate_type_t;
+      cert:Pgnutls_datum_t; expiration:Ttime_t; flags:dword):longint;cdecl;
+  gnutls_load_file : function(filename:Pchar; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_url_is_supported : function(url:Pchar):longint;cdecl;
+  gnutls_certificate_set_pin_function : procedure(para1:Tgnutls_certificate_credentials_t; fn:Tgnutls_pin_callback_t; userdata:pointer);cdecl;
+    gnutls_buffer_append_data : function(para1:Tgnutls_buffer_t; data:pointer; data_size:Tsize_t):longint;cdecl;
+  gnutls_ext_set_data : procedure(session:Tgnutls_session_t; _type:dword; para3:Tgnutls_ext_priv_data_t);cdecl;
+  gnutls_ext_get_data : function(session:Tgnutls_session_t; _type:dword; para3:Pgnutls_ext_priv_data_t):longint;cdecl;
+  gnutls_ext_register : function(name:Pchar; _type:longint; parse_type:Tgnutls_ext_parse_type_t; recv_func:Tgnutls_ext_recv_func; send_func:Tgnutls_ext_send_func;
+      deinit_func:Tgnutls_ext_deinit_data_func; pack_func:Tgnutls_ext_pack_func; unpack_func:Tgnutls_ext_unpack_func):longint;cdecl;
+  gnutls_supplemental_register : function(name:Pchar; _type:Tgnutls_supplemental_data_format_type_t; supp_recv_func:Tgnutls_supp_recv_func; supp_send_func:Tgnutls_supp_send_func):longint;cdecl;
+  gnutls_supplemental_recv : procedure(session:Tgnutls_session_t; do_recv_supplemental:dword);cdecl;
+  gnutls_supplemental_send : procedure(session:Tgnutls_session_t; do_send_supplemental:dword);cdecl;
+  gnutls_fips140_mode_enabled : function:longint;cdecl;
+var
+  gnutls_x509_crt_init : function(cert:Pgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crt_deinit : procedure(cert:Tgnutls_x509_crt_t);cdecl;
+  gnutls_x509_crt_import : function(cert:Tgnutls_x509_crt_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_crt_list_import2 : function(certs:PPgnutls_x509_crt_t; size:Pdword; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; flags:dword):longint;cdecl;
+  gnutls_x509_crt_list_import : function(certs:Pgnutls_x509_crt_t; cert_max:Pdword; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; flags:dword):longint;cdecl;
+  gnutls_x509_crt_import_url : function(crt:Tgnutls_x509_crt_t; url:Pchar; flags:dword):longint;cdecl;
+  gnutls_x509_crt_export : function(cert:Tgnutls_x509_crt_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_export2 : function(cert:Tgnutls_x509_crt_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_private_key_usage_period : function(cert:Tgnutls_x509_crt_t; activation:Ptime_t; expiration:Ptime_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_issuer_dn : function(cert:Tgnutls_x509_crt_t; buf:Pchar; buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer_dn2 : function(cert:Tgnutls_x509_crt_t; dn:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer_dn_oid : function(cert:Tgnutls_x509_crt_t; indx:longint; oid:pointer; oid_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer_dn_by_oid : function(cert:Tgnutls_x509_crt_t; oid:Pchar; indx:longint; raw_flag:dword; buf:pointer;
+      buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_dn : function(cert:Tgnutls_x509_crt_t; buf:Pchar; buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_dn2 : function(cert:Tgnutls_x509_crt_t; dn:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_dn_oid : function(cert:Tgnutls_x509_crt_t; indx:longint; oid:pointer; oid_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_dn_by_oid : function(cert:Tgnutls_x509_crt_t; oid:Pchar; indx:longint; raw_flag:dword; buf:pointer;
+      buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_check_hostname : function(cert:Tgnutls_x509_crt_t; hostname:Pchar):longint;cdecl;
+  gnutls_x509_crt_check_hostname2 : function(cert:Tgnutls_x509_crt_t; hostname:Pchar; flags:dword):longint;cdecl;
+  gnutls_x509_crt_check_email : function(cert:Tgnutls_x509_crt_t; email:Pchar; flags:dword):longint;cdecl;
+  gnutls_x509_crt_get_signature_algorithm : function(cert:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crt_get_signature : function(cert:Tgnutls_x509_crt_t; sig:Pchar; sizeof_sig:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_version : function(cert:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crt_get_key_id : function(crt:Tgnutls_x509_crt_t; flags:dword; output_data:Pbyte; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_set_private_key_usage_period : function(crt:Tgnutls_x509_crt_t; activation:Ttime_t; expiration:Ttime_t):longint;cdecl;
+  gnutls_x509_crt_set_authority_key_id : function(cert:Tgnutls_x509_crt_t; id:pointer; id_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_get_authority_key_id : function(cert:Tgnutls_x509_crt_t; id:pointer; id_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_authority_key_gn_serial : function(cert:Tgnutls_x509_crt_t; seq:dword; alt:pointer; alt_size:Psize_t; alt_type:Pdword;
+      serial:pointer; serial_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_subject_key_id : function(cert:Tgnutls_x509_crt_t; ret:pointer; ret_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_subject_unique_id : function(crt:Tgnutls_x509_crt_t; buf:Pchar; buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer_unique_id : function(crt:Tgnutls_x509_crt_t; buf:Pchar; buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_set_pin_function : procedure(crt:Tgnutls_x509_crt_t; fn:Tgnutls_pin_callback_t; userdata:pointer);cdecl;
+  gnutls_x509_crt_get_authority_info_access : function(crt:Tgnutls_x509_crt_t; seq:dword; what:longint; data:Pgnutls_datum_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_name_constraints_check : function(nc:Tgnutls_x509_name_constraints_t; _type:Tgnutls_x509_subject_alt_name_t; name:Pgnutls_datum_t):dword;cdecl;
+  gnutls_x509_name_constraints_check_crt : function(nc:Tgnutls_x509_name_constraints_t; _type:Tgnutls_x509_subject_alt_name_t; crt:Tgnutls_x509_crt_t):dword;cdecl;
+  gnutls_x509_name_constraints_init : function(nc:Pgnutls_x509_name_constraints_t):longint;cdecl;
+  gnutls_x509_name_constraints_deinit : procedure(nc:Tgnutls_x509_name_constraints_t);cdecl;
+  gnutls_x509_crt_get_name_constraints : function(crt:Tgnutls_x509_crt_t; nc:Tgnutls_x509_name_constraints_t; flags:dword; critical:Pdword):longint;cdecl;
+  gnutls_x509_name_constraints_add_permitted : function(nc:Tgnutls_x509_name_constraints_t; _type:Tgnutls_x509_subject_alt_name_t; name:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_name_constraints_add_excluded : function(nc:Tgnutls_x509_name_constraints_t; _type:Tgnutls_x509_subject_alt_name_t; name:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_set_name_constraints : function(crt:Tgnutls_x509_crt_t; nc:Tgnutls_x509_name_constraints_t; critical:dword):longint;cdecl;
+  gnutls_x509_name_constraints_get_permitted : function(nc:Tgnutls_x509_name_constraints_t; idx:dword; _type:Pdword; name:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_name_constraints_get_excluded : function(nc:Tgnutls_x509_name_constraints_t; idx:dword; _type:Pdword; name:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_crl_dist_points : function(cert:Tgnutls_x509_crt_t; seq:dword; ret:pointer; ret_size:Psize_t; reason_flags:Pdword;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_set_crl_dist_points2 : function(crt:Tgnutls_x509_crt_t; _type:Tgnutls_x509_subject_alt_name_t; data:pointer; data_size:dword; reason_flags:dword):longint;cdecl;
+  gnutls_x509_crt_set_crl_dist_points : function(crt:Tgnutls_x509_crt_t; _type:Tgnutls_x509_subject_alt_name_t; data_string:pointer; reason_flags:dword):longint;cdecl;
+  gnutls_x509_crt_cpy_crl_dist_points : function(dst:Tgnutls_x509_crt_t; src:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crl_sign2 : function(crl:Tgnutls_x509_crl_t; issuer:Tgnutls_x509_crt_t; issuer_key:Tgnutls_x509_privkey_t; dig:Tgnutls_digest_algorithm_t; flags:dword):longint;cdecl;
+  gnutls_x509_crt_get_activation_time : function(cert:Tgnutls_x509_crt_t):Ttime_t;cdecl;
+  gnutls_x509_crt_get_expiration_time : function(cert:Tgnutls_x509_crt_t):Ttime_t;cdecl;
+  gnutls_x509_crt_get_serial : function(cert:Tgnutls_x509_crt_t; result:pointer; result_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_pk_algorithm : function(cert:Tgnutls_x509_crt_t; bits:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_pk_rsa_raw : function(crt:Tgnutls_x509_crt_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_pk_dsa_raw : function(crt:Tgnutls_x509_crt_t; p:Pgnutls_datum_t; q:Pgnutls_datum_t; g:Pgnutls_datum_t; y:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_pk_ecc_raw : function(crt:Tgnutls_x509_crt_t; curve:Pgnutls_ecc_curve_t; x:Pgnutls_datum_t; y:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_subject_alt_name : function(cert:Tgnutls_x509_crt_t; seq:dword; san:pointer; san_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_subject_alt_name2 : function(cert:Tgnutls_x509_crt_t; seq:dword; san:pointer; san_size:Psize_t; san_type:Pdword;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_subject_alt_othername_oid : function(cert:Tgnutls_x509_crt_t; seq:dword; oid:pointer; oid_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer_alt_name : function(cert:Tgnutls_x509_crt_t; seq:dword; ian:pointer; ian_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_issuer_alt_name2 : function(cert:Tgnutls_x509_crt_t; seq:dword; ian:pointer; ian_size:Psize_t; ian_type:Pdword;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_issuer_alt_othername_oid : function(cert:Tgnutls_x509_crt_t; seq:dword; ret:pointer; ret_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_ca_status : function(cert:Tgnutls_x509_crt_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_basic_constraints : function(cert:Tgnutls_x509_crt_t; critical:Pdword; ca:Pdword; pathlen:Plongint):longint;cdecl;
+  gnutls_x509_crt_get_key_usage : function(cert:Tgnutls_x509_crt_t; key_usage:Pdword; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_set_key_usage : function(crt:Tgnutls_x509_crt_t; usage:dword):longint;cdecl;
+  gnutls_x509_crt_set_authority_info_access : function(crt:Tgnutls_x509_crt_t; what:longint; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_proxy : function(cert:Tgnutls_x509_crt_t; critical:Pdword; pathlen:Plongint; policyLanguage:PPchar; policy:PPchar;
+      sizeof_policy:Psize_t):longint;cdecl;
+  gnutls_x509_policy_release : procedure(policy:Pgnutls_x509_policy_st);cdecl;
+  gnutls_x509_crt_get_policy : function(crt:Tgnutls_x509_crt_t; indx:longint; policy:Pgnutls_x509_policy_st; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_set_policy : function(crt:Tgnutls_x509_crt_t; policy:Pgnutls_x509_policy_st; critical:dword):longint;cdecl;
+  gnutls_x509_dn_oid_known : function(oid:Pchar):longint;cdecl;
+  gnutls_x509_dn_oid_name : function(oid:Pchar; flags:dword):Pchar;cdecl;
+  gnutls_x509_crt_get_extension_oid : function(cert:Tgnutls_x509_crt_t; indx:longint; oid:pointer; oid_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_extension_by_oid : function(cert:Tgnutls_x509_crt_t; oid:Pchar; indx:longint; buf:pointer; buf_size:Psize_t;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_signature_algorithm : function(crq:Tgnutls_x509_crq_t):longint;cdecl;
+  gnutls_x509_crq_get_extension_by_oid2 : function(crq:Tgnutls_x509_crq_t; oid:Pchar; indx:longint; output:Pgnutls_datum_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_extension_info : function(cert:Tgnutls_x509_crt_t; indx:longint; oid:pointer; oid_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_extension_data : function(cert:Tgnutls_x509_crt_t; indx:longint; data:pointer; sizeof_data:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_extension_data2 : function(cert:Tgnutls_x509_crt_t; indx:dword; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_set_extension_by_oid : function(crt:Tgnutls_x509_crt_t; oid:Pchar; buf:pointer; sizeof_buf:Tsize_t; critical:dword):longint;cdecl;
+  gnutls_x509_crt_set_dn : function(crt:Tgnutls_x509_crt_t; dn:Pchar; err:PPchar):longint;cdecl;
+  gnutls_x509_crt_set_dn_by_oid : function(crt:Tgnutls_x509_crt_t; oid:Pchar; raw_flag:dword; name:pointer; sizeof_name:dword):longint;cdecl;
+  gnutls_x509_crt_set_issuer_dn_by_oid : function(crt:Tgnutls_x509_crt_t; oid:Pchar; raw_flag:dword; name:pointer; sizeof_name:dword):longint;cdecl;
+  gnutls_x509_crt_set_issuer_dn : function(crt:Tgnutls_x509_crt_t; dn:Pchar; err:PPchar):longint;cdecl;
+  gnutls_x509_crt_set_version : function(crt:Tgnutls_x509_crt_t; version:dword):longint;cdecl;
+  gnutls_x509_crt_set_key : function(crt:Tgnutls_x509_crt_t; key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_crt_set_ca_status : function(crt:Tgnutls_x509_crt_t; ca:dword):longint;cdecl;
+  gnutls_x509_crt_set_basic_constraints : function(crt:Tgnutls_x509_crt_t; ca:dword; pathLenConstraint:longint):longint;cdecl;
+  gnutls_x509_crt_set_subject_unique_id : function(cert:Tgnutls_x509_crt_t; id:pointer; id_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_set_issuer_unique_id : function(cert:Tgnutls_x509_crt_t; id:pointer; id_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_set_subject_alternative_name : function(crt:Tgnutls_x509_crt_t; _type:Tgnutls_x509_subject_alt_name_t; data_string:Pchar):longint;cdecl;
+  gnutls_x509_crt_set_subject_alt_name : function(crt:Tgnutls_x509_crt_t; _type:Tgnutls_x509_subject_alt_name_t; data:pointer; data_size:dword; flags:dword):longint;cdecl;
+  gnutls_x509_crt_set_issuer_alt_name : function(crt:Tgnutls_x509_crt_t; _type:Tgnutls_x509_subject_alt_name_t; data:pointer; data_size:dword; flags:dword):longint;cdecl;
+  gnutls_x509_crt_sign : function(crt:Tgnutls_x509_crt_t; issuer:Tgnutls_x509_crt_t; issuer_key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_crt_sign2 : function(crt:Tgnutls_x509_crt_t; issuer:Tgnutls_x509_crt_t; issuer_key:Tgnutls_x509_privkey_t; dig:Tgnutls_digest_algorithm_t; flags:dword):longint;cdecl;
+  gnutls_x509_crt_set_activation_time : function(cert:Tgnutls_x509_crt_t; act_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crt_set_expiration_time : function(cert:Tgnutls_x509_crt_t; exp_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crt_set_serial : function(cert:Tgnutls_x509_crt_t; serial:pointer; serial_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_set_subject_key_id : function(cert:Tgnutls_x509_crt_t; id:pointer; id_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_set_proxy_dn : function(crt:Tgnutls_x509_crt_t; eecrt:Tgnutls_x509_crt_t; raw_flag:dword; name:pointer; sizeof_name:dword):longint;cdecl;
+  gnutls_x509_crt_set_proxy : function(crt:Tgnutls_x509_crt_t; pathLenConstraint:longint; policyLanguage:Pchar; policy:Pchar; sizeof_policy:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_print : function(cert:Tgnutls_x509_crt_t; format:Tgnutls_certificate_print_formats_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crl_print : function(crl:Tgnutls_x509_crl_t; format:Tgnutls_certificate_print_formats_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_raw_issuer_dn : function(cert:Tgnutls_x509_crt_t; start:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_get_raw_dn : function(cert:Tgnutls_x509_crt_t; start:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_rdn_get : function(idn:Pgnutls_datum_t; buf:Pchar; sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_rdn_get_oid : function(idn:Pgnutls_datum_t; indx:longint; buf:pointer; sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_rdn_get_by_oid : function(idn:Pgnutls_datum_t; oid:Pchar; indx:longint; raw_flag:dword; buf:pointer;
+      sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_subject : function(cert:Tgnutls_x509_crt_t; dn:Pgnutls_x509_dn_t):longint;cdecl;
+  gnutls_x509_crt_get_issuer : function(cert:Tgnutls_x509_crt_t; dn:Pgnutls_x509_dn_t):longint;cdecl;
+  gnutls_x509_dn_get_rdn_ava : function(dn:Tgnutls_x509_dn_t; irdn:longint; iava:longint; ava:Pgnutls_x509_ava_st):longint;cdecl;
+  gnutls_x509_dn_get_str : function(dn:Tgnutls_x509_dn_t; str:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_dn_init : function(dn:Pgnutls_x509_dn_t):longint;cdecl;
+  gnutls_x509_dn_import : function(dn:Tgnutls_x509_dn_t; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_dn_export : function(dn:Tgnutls_x509_dn_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_dn_export2 : function(dn:Tgnutls_x509_dn_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_dn_deinit : procedure(dn:Tgnutls_x509_dn_t);cdecl;
+  gnutls_x509_crl_init : function(crl:Pgnutls_x509_crl_t):longint;cdecl;
+  gnutls_x509_crl_deinit : procedure(crl:Tgnutls_x509_crl_t);cdecl;
+  gnutls_x509_crl_import : function(crl:Tgnutls_x509_crl_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_crl_export : function(crl:Tgnutls_x509_crl_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_crl_export2 : function(crl:Tgnutls_x509_crl_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crl_get_raw_issuer_dn : function(crl:Tgnutls_x509_crl_t; dn:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crl_get_issuer_dn : function(crl:Tgnutls_x509_crl_t; buf:Pchar; sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_issuer_dn2 : function(crl:Tgnutls_x509_crl_t; dn:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crl_get_issuer_dn_by_oid : function(crl:Tgnutls_x509_crl_t; oid:Pchar; indx:longint; raw_flag:dword; buf:pointer;
+      sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_dn_oid : function(crl:Tgnutls_x509_crl_t; indx:longint; oid:pointer; sizeof_oid:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_signature_algorithm : function(crl:Tgnutls_x509_crl_t):longint;cdecl;
+  gnutls_x509_crl_get_signature : function(crl:Tgnutls_x509_crl_t; sig:Pchar; sizeof_sig:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_version : function(crl:Tgnutls_x509_crl_t):longint;cdecl;
+  gnutls_x509_crl_get_this_update : function(crl:Tgnutls_x509_crl_t):Ttime_t;cdecl;
+  gnutls_x509_crl_get_next_update : function(crl:Tgnutls_x509_crl_t):Ttime_t;cdecl;
+  gnutls_x509_crl_get_crt_count : function(crl:Tgnutls_x509_crl_t):longint;cdecl;
+  gnutls_x509_crl_get_crt_serial : function(crl:Tgnutls_x509_crl_t; indx:longint; serial:Pbyte; serial_size:Psize_t; t:Ptime_t):longint;cdecl;
+  gnutls_x509_crl_iter_crt_serial : function(crl:Tgnutls_x509_crl_t; para2:Pgnutls_x509_crl_iter_t; serial:Pbyte; serial_size:Psize_t; t:Ptime_t):longint;cdecl;
+  gnutls_x509_crl_iter_deinit : procedure(para1:Tgnutls_x509_crl_iter_t);cdecl;
+  gnutls_x509_crl_check_issuer : function(crl:Tgnutls_x509_crl_t; issuer:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crl_list_import2 : function(crls:PPgnutls_x509_crl_t; size:Pdword; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; flags:dword):longint;cdecl;
+  gnutls_x509_crl_list_import : function(crls:Pgnutls_x509_crl_t; crl_max:Pdword; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; flags:dword):longint;cdecl;
+  gnutls_x509_crl_set_version : function(crl:Tgnutls_x509_crl_t; version:dword):longint;cdecl;
+  gnutls_x509_crl_set_this_update : function(crl:Tgnutls_x509_crl_t; act_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crl_set_next_update : function(crl:Tgnutls_x509_crl_t; exp_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crl_set_crt_serial : function(crl:Tgnutls_x509_crl_t; serial:pointer; serial_size:Tsize_t; revocation_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crl_set_crt : function(crl:Tgnutls_x509_crl_t; crt:Tgnutls_x509_crt_t; revocation_time:Ttime_t):longint;cdecl;
+  gnutls_x509_crl_get_authority_key_id : function(crl:Tgnutls_x509_crl_t; id:pointer; id_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crl_get_authority_key_gn_serial : function(crl:Tgnutls_x509_crl_t; seq:dword; alt:pointer; alt_size:Psize_t; alt_type:Pdword;
+      serial:pointer; serial_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crl_get_number : function(crl:Tgnutls_x509_crl_t; ret:pointer; ret_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crl_get_extension_oid : function(crl:Tgnutls_x509_crl_t; indx:longint; oid:pointer; sizeof_oid:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_extension_info : function(crl:Tgnutls_x509_crl_t; indx:longint; oid:pointer; sizeof_oid:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crl_get_extension_data : function(crl:Tgnutls_x509_crl_t; indx:longint; data:pointer; sizeof_data:Psize_t):longint;cdecl;
+  gnutls_x509_crl_get_extension_data2 : function(crl:Tgnutls_x509_crl_t; indx:dword; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crl_set_authority_key_id : function(crl:Tgnutls_x509_crl_t; id:pointer; id_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crl_set_number : function(crl:Tgnutls_x509_crl_t; nr:pointer; nr_size:Tsize_t):longint;cdecl;
+  gnutls_x509_crt_check_issuer : function(cert:Tgnutls_x509_crt_t; issuer:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_crt_list_verify : function(cert_list:Pgnutls_x509_crt_t; cert_list_length:longint; CA_list:Pgnutls_x509_crt_t; CA_list_length:longint; CRL_list:Pgnutls_x509_crl_t;
+      CRL_list_length:longint; flags:dword; verify:Pdword):longint;cdecl;
+  gnutls_x509_crt_verify : function(cert:Tgnutls_x509_crt_t; CA_list:Pgnutls_x509_crt_t; CA_list_length:longint; flags:dword; verify:Pdword):longint;cdecl;
+  gnutls_x509_crl_verify : function(crl:Tgnutls_x509_crl_t; CA_list:Pgnutls_x509_crt_t; CA_list_length:longint; flags:dword; verify:Pdword):longint;cdecl;
+  gnutls_x509_crt_verify_data2 : function(crt:Tgnutls_x509_crt_t; algo:Tgnutls_sign_algorithm_t; flags:dword; data:Pgnutls_datum_t; signature:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_check_revocation : function(cert:Tgnutls_x509_crt_t; crl_list:Pgnutls_x509_crl_t; crl_list_length:longint):longint;cdecl;
+  gnutls_x509_crt_get_fingerprint : function(cert:Tgnutls_x509_crt_t; algo:Tgnutls_digest_algorithm_t; buf:pointer; buf_size:Psize_t):longint;cdecl;
+  gnutls_x509_crt_get_key_purpose_oid : function(cert:Tgnutls_x509_crt_t; indx:longint; oid:pointer; oid_size:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_set_key_purpose_oid : function(cert:Tgnutls_x509_crt_t; oid:pointer; critical:dword):longint;cdecl;
+  gnutls_pkcs_schema_get_name : function(schema:dword):Pchar;cdecl;
+  gnutls_pkcs_schema_get_oid : function(schema:dword):Pchar;cdecl;
+  gnutls_x509_privkey_init : function(key:Pgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_privkey_deinit : procedure(key:Tgnutls_x509_privkey_t);cdecl;
+  gnutls_x509_privkey_sec_param : function(key:Tgnutls_x509_privkey_t):Tgnutls_sec_param_t;cdecl;
+  gnutls_x509_privkey_set_pin_function : procedure(key:Tgnutls_x509_privkey_t; fn:Tgnutls_pin_callback_t; userdata:pointer);cdecl;
+  gnutls_x509_privkey_cpy : function(dst:Tgnutls_x509_privkey_t; src:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_privkey_import : function(key:Tgnutls_x509_privkey_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_privkey_import_pkcs8 : function(key:Tgnutls_x509_privkey_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; password:Pchar; flags:dword):longint;cdecl;
+  gnutls_x509_privkey_import_openssl : function(key:Tgnutls_x509_privkey_t; data:Pgnutls_datum_t; password:Pchar):longint;cdecl;
+  gnutls_pkcs8_info : function(data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; schema:Pdword; cipher:Pdword; salt:pointer;
+      salt_size:Pdword; iter_count:Pdword; oid:PPchar):longint;cdecl;
+  gnutls_x509_privkey_import2 : function(key:Tgnutls_x509_privkey_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t; password:Pchar; flags:dword):longint;cdecl;
+  gnutls_x509_privkey_import_rsa_raw : function(key:Tgnutls_x509_privkey_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t; d:Pgnutls_datum_t; p:Pgnutls_datum_t;
+      q:Pgnutls_datum_t; u:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_import_rsa_raw2 : function(key:Tgnutls_x509_privkey_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t; d:Pgnutls_datum_t; p:Pgnutls_datum_t;
+      q:Pgnutls_datum_t; u:Pgnutls_datum_t; e1:Pgnutls_datum_t; e2:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_import_ecc_raw : function(key:Tgnutls_x509_privkey_t; curve:Tgnutls_ecc_curve_t; x:Pgnutls_datum_t; y:Pgnutls_datum_t; k:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_fix : function(key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_privkey_export_dsa_raw : function(key:Tgnutls_x509_privkey_t; p:Pgnutls_datum_t; q:Pgnutls_datum_t; g:Pgnutls_datum_t; y:Pgnutls_datum_t;
+      x:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_import_dsa_raw : function(key:Tgnutls_x509_privkey_t; p:Pgnutls_datum_t; q:Pgnutls_datum_t; g:Pgnutls_datum_t; y:Pgnutls_datum_t;
+      x:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_get_pk_algorithm : function(key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_privkey_get_pk_algorithm2 : function(key:Tgnutls_x509_privkey_t; bits:Pdword):longint;cdecl;
+  gnutls_x509_privkey_get_key_id : function(key:Tgnutls_x509_privkey_t; flags:dword; output_data:Pbyte; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_privkey_generate : function(key:Tgnutls_x509_privkey_t; algo:Tgnutls_pk_algorithm_t; bits:dword; flags:dword):longint;cdecl;
+  gnutls_x509_privkey_verify_params : function(key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_privkey_export : function(key:Tgnutls_x509_privkey_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_privkey_export2 : function(key:Tgnutls_x509_privkey_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_export_pkcs8 : function(key:Tgnutls_x509_privkey_t; format:Tgnutls_x509_crt_fmt_t; password:Pchar; flags:dword; output_data:pointer;
+      output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_privkey_export2_pkcs8 : function(key:Tgnutls_x509_privkey_t; format:Tgnutls_x509_crt_fmt_t; password:Pchar; flags:dword; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_export_rsa_raw2 : function(key:Tgnutls_x509_privkey_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t; d:Pgnutls_datum_t; p:Pgnutls_datum_t;
+      q:Pgnutls_datum_t; u:Pgnutls_datum_t; e1:Pgnutls_datum_t; e2:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_export_rsa_raw : function(key:Tgnutls_x509_privkey_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t; d:Pgnutls_datum_t; p:Pgnutls_datum_t;
+      q:Pgnutls_datum_t; u:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_export_ecc_raw : function(key:Tgnutls_x509_privkey_t; curve:Pgnutls_ecc_curve_t; x:Pgnutls_datum_t; y:Pgnutls_datum_t; k:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_privkey_sign_data : function(key:Tgnutls_x509_privkey_t; digest:Tgnutls_digest_algorithm_t; flags:dword; data:Pgnutls_datum_t; signature:pointer;
+      signature_size:Psize_t):longint;cdecl;
+  gnutls_x509_crq_sign2 : function(crq:Tgnutls_x509_crq_t; key:Tgnutls_x509_privkey_t; dig:Tgnutls_digest_algorithm_t; flags:dword):longint;cdecl;
+  gnutls_x509_crq_print : function(crq:Tgnutls_x509_crq_t; format:Tgnutls_certificate_print_formats_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crq_verify : function(crq:Tgnutls_x509_crq_t; flags:dword):longint;cdecl;
+  gnutls_x509_crq_init : function(crq:Pgnutls_x509_crq_t):longint;cdecl;
+  gnutls_x509_crq_deinit : procedure(crq:Tgnutls_x509_crq_t);cdecl;
+  gnutls_x509_crq_import : function(crq:Tgnutls_x509_crq_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_crq_get_private_key_usage_period : function(cert:Tgnutls_x509_crq_t; activation:Ptime_t; expiration:Ptime_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_dn : function(crq:Tgnutls_x509_crq_t; buf:Pchar; sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_dn2 : function(crq:Tgnutls_x509_crq_t; dn:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crq_get_dn_oid : function(crq:Tgnutls_x509_crq_t; indx:longint; oid:pointer; sizeof_oid:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_dn_by_oid : function(crq:Tgnutls_x509_crq_t; oid:Pchar; indx:longint; raw_flag:dword; buf:pointer;
+      sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crq_set_dn : function(crq:Tgnutls_x509_crq_t; dn:Pchar; err:PPchar):longint;cdecl;
+  gnutls_x509_crq_set_dn_by_oid : function(crq:Tgnutls_x509_crq_t; oid:Pchar; raw_flag:dword; data:pointer; sizeof_data:dword):longint;cdecl;
+  gnutls_x509_crq_set_version : function(crq:Tgnutls_x509_crq_t; version:dword):longint;cdecl;
+  gnutls_x509_crq_get_version : function(crq:Tgnutls_x509_crq_t):longint;cdecl;
+  gnutls_x509_crq_set_key : function(crq:Tgnutls_x509_crq_t; key:Tgnutls_x509_privkey_t):longint;cdecl;
+  gnutls_x509_crq_set_challenge_password : function(crq:Tgnutls_x509_crq_t; pass:Pchar):longint;cdecl;
+  gnutls_x509_crq_get_challenge_password : function(crq:Tgnutls_x509_crq_t; pass:Pchar; sizeof_pass:Psize_t):longint;cdecl;
+  gnutls_x509_crq_set_attribute_by_oid : function(crq:Tgnutls_x509_crq_t; oid:Pchar; buf:pointer; sizeof_buf:Tsize_t):longint;cdecl;
+  gnutls_x509_crq_get_attribute_by_oid : function(crq:Tgnutls_x509_crq_t; oid:Pchar; indx:longint; buf:pointer; sizeof_buf:Psize_t):longint;cdecl;
+  gnutls_x509_crq_export : function(crq:Tgnutls_x509_crq_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_crq_export2 : function(crq:Tgnutls_x509_crq_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crt_set_crq : function(crt:Tgnutls_x509_crt_t; crq:Tgnutls_x509_crq_t):longint;cdecl;
+  gnutls_x509_crt_set_crq_extensions : function(crt:Tgnutls_x509_crt_t; crq:Tgnutls_x509_crq_t):longint;cdecl;
+  gnutls_x509_crq_set_private_key_usage_period : function(crq:Tgnutls_x509_crq_t; activation:Ttime_t; expiration:Ttime_t):longint;cdecl;
+  gnutls_x509_crq_set_key_rsa_raw : function(crq:Tgnutls_x509_crq_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crq_set_subject_alt_name : function(crq:Tgnutls_x509_crq_t; nt:Tgnutls_x509_subject_alt_name_t; data:pointer; data_size:dword; flags:dword):longint;cdecl;
+  gnutls_x509_crq_set_key_usage : function(crq:Tgnutls_x509_crq_t; usage:dword):longint;cdecl;
+  gnutls_x509_crq_set_basic_constraints : function(crq:Tgnutls_x509_crq_t; ca:dword; pathLenConstraint:longint):longint;cdecl;
+  gnutls_x509_crq_set_key_purpose_oid : function(crq:Tgnutls_x509_crq_t; oid:pointer; critical:dword):longint;cdecl;
+  gnutls_x509_crq_get_key_purpose_oid : function(crq:Tgnutls_x509_crq_t; indx:longint; oid:pointer; sizeof_oid:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_extension_data : function(crq:Tgnutls_x509_crq_t; indx:longint; data:pointer; sizeof_data:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_extension_data2 : function(crq:Tgnutls_x509_crq_t; indx:dword; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crq_get_extension_info : function(crq:Tgnutls_x509_crq_t; indx:longint; oid:pointer; sizeof_oid:Psize_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_attribute_data : function(crq:Tgnutls_x509_crq_t; indx:longint; data:pointer; sizeof_data:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_attribute_info : function(crq:Tgnutls_x509_crq_t; indx:longint; oid:pointer; sizeof_oid:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_pk_algorithm : function(crq:Tgnutls_x509_crq_t; bits:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_key_id : function(crq:Tgnutls_x509_crq_t; flags:dword; output_data:Pbyte; output_data_size:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_key_rsa_raw : function(crq:Tgnutls_x509_crq_t; m:Pgnutls_datum_t; e:Pgnutls_datum_t):longint;cdecl;
+  gnutls_x509_crq_get_key_usage : function(crq:Tgnutls_x509_crq_t; key_usage:Pdword; critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_basic_constraints : function(crq:Tgnutls_x509_crq_t; critical:Pdword; ca:Pdword; pathlen:Plongint):longint;cdecl;
+  gnutls_x509_crq_get_subject_alt_name : function(crq:Tgnutls_x509_crq_t; seq:dword; ret:pointer; ret_size:Psize_t; ret_type:Pdword;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crq_get_subject_alt_othername_oid : function(crq:Tgnutls_x509_crq_t; seq:dword; ret:pointer; ret_size:Psize_t):longint;cdecl;
+  gnutls_x509_crq_get_extension_by_oid : function(crq:Tgnutls_x509_crq_t; oid:Pchar; indx:longint; buf:pointer; sizeof_buf:Psize_t;
+      critical:Pdword):longint;cdecl;
+  gnutls_x509_crt_get_extension_by_oid2 : function(cert:Tgnutls_x509_crt_t; oid:Pchar; indx:longint; output:Pgnutls_datum_t; critical:Pdword):longint;cdecl;
+  gnutls_x509_trust_list_init : function(list:Pgnutls_x509_trust_list_t; size:dword):longint;cdecl;
+  gnutls_x509_trust_list_deinit : procedure(list:Tgnutls_x509_trust_list_t; all:dword);cdecl;
+  gnutls_x509_trust_list_get_issuer : function(list:Tgnutls_x509_trust_list_t; cert:Tgnutls_x509_crt_t; issuer:Pgnutls_x509_crt_t; flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_get_issuer_by_dn : function(list:Tgnutls_x509_trust_list_t; dn:Pgnutls_datum_t; issuer:Pgnutls_x509_crt_t; flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_get_issuer_by_subject_key_id : function(list:Tgnutls_x509_trust_list_t; dn:Pgnutls_datum_t; spki:Pgnutls_datum_t; issuer:Pgnutls_x509_crt_t; flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_add_cas : function(list:Tgnutls_x509_trust_list_t; clist:Pgnutls_x509_crt_t; clist_size:dword; flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_remove_cas : function(list:Tgnutls_x509_trust_list_t; clist:Pgnutls_x509_crt_t; clist_size:longint):longint;cdecl;
+  gnutls_x509_trust_list_add_named_crt : function(list:Tgnutls_x509_trust_list_t; cert:Tgnutls_x509_crt_t; name:pointer; name_size:Tsize_t; flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_add_crls : function(list:Tgnutls_x509_trust_list_t; crl_list:Pgnutls_x509_crl_t; crl_size:longint; flags:dword; verification_flags:dword):longint;cdecl;
+  gnutls_x509_trust_list_iter_get_ca : function(list:Tgnutls_x509_trust_list_t; iter:Pgnutls_x509_trust_list_iter_t; crt:Pgnutls_x509_crt_t):longint;cdecl;
+  gnutls_x509_trust_list_iter_deinit : procedure(iter:Tgnutls_x509_trust_list_iter_t);cdecl;
+    gnutls_x509_trust_list_verify_named_crt : function(list:Tgnutls_x509_trust_list_t; cert:Tgnutls_x509_crt_t; name:pointer; name_size:Tsize_t; flags:dword;
+      verify:Pdword; func:Tgnutls_verify_output_function):longint;cdecl;
+  gnutls_x509_trust_list_verify_crt2 : function(list:Tgnutls_x509_trust_list_t; cert_list:Pgnutls_x509_crt_t; cert_list_size:dword; data:Pgnutls_typed_vdata_st; elements:dword;
+      flags:dword; voutput:Pdword; func:Tgnutls_verify_output_function):longint;cdecl;
+  gnutls_x509_trust_list_verify_crt : function(list:Tgnutls_x509_trust_list_t; cert_list:Pgnutls_x509_crt_t; cert_list_size:dword; flags:dword; verify:Pdword;
+      func:Tgnutls_verify_output_function):longint;cdecl;
+  gnutls_x509_trust_list_add_trust_mem : function(list:Tgnutls_x509_trust_list_t; cas:Pgnutls_datum_t; crls:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t; tl_flags:dword;
+      tl_vflags:dword):longint;cdecl;
+  gnutls_x509_trust_list_add_trust_file : function(list:Tgnutls_x509_trust_list_t; ca_file:Pchar; crl_file:Pchar; _type:Tgnutls_x509_crt_fmt_t; tl_flags:dword;
+      tl_vflags:dword):longint;cdecl;
+  gnutls_x509_trust_list_add_trust_dir : function(list:Tgnutls_x509_trust_list_t; ca_dir:Pchar; crl_dir:Pchar; _type:Tgnutls_x509_crt_fmt_t; tl_flags:dword;
+      tl_vflags:dword):longint;cdecl;
+  gnutls_x509_trust_list_remove_trust_file : function(list:Tgnutls_x509_trust_list_t; ca_file:Pchar; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_trust_list_remove_trust_mem : function(list:Tgnutls_x509_trust_list_t; cas:Pgnutls_datum_t; _type:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_x509_trust_list_add_system_trust : function(list:Tgnutls_x509_trust_list_t; tl_flags:dword; tl_vflags:dword):longint;cdecl;
+  gnutls_certificate_set_trust_list : procedure(res:Tgnutls_certificate_credentials_t; tlist:Tgnutls_x509_trust_list_t; flags:dword);cdecl;
+  gnutls_certificate_get_trust_list : procedure(res:Tgnutls_certificate_credentials_t; tlist:Pgnutls_x509_trust_list_t);cdecl;
+  gnutls_x509_ext_deinit : procedure(ext:Pgnutls_x509_ext_st);cdecl;
+  gnutls_x509_ext_print : function(exts:Pgnutls_x509_ext_st; exts_size:dword; format:Tgnutls_certificate_print_formats_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_init : function(pkcs7:Pgnutls_pkcs7_t):longint;cdecl;
+  gnutls_pkcs7_deinit : procedure(pkcs7:Tgnutls_pkcs7_t);cdecl;
+  gnutls_pkcs7_import : function(pkcs7:Tgnutls_pkcs7_t; data:Pgnutls_datum_t; format:Tgnutls_x509_crt_fmt_t):longint;cdecl;
+  gnutls_pkcs7_export : function(pkcs7:Tgnutls_pkcs7_t; format:Tgnutls_x509_crt_fmt_t; output_data:pointer; output_data_size:Psize_t):longint;cdecl;
+  gnutls_pkcs7_export2 : function(pkcs7:Tgnutls_pkcs7_t; format:Tgnutls_x509_crt_fmt_t; outd:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_get_signature_count : function(pkcs7:Tgnutls_pkcs7_t):longint;cdecl;
+  gnutls_pkcs7_get_embedded_data : function(pkcs7:Tgnutls_pkcs7_t; idx:dword; data:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_get_crt_count : function(pkcs7:Tgnutls_pkcs7_t):longint;cdecl;
+  gnutls_pkcs7_get_crt_raw : function(pkcs7:Tgnutls_pkcs7_t; indx:longint; certificate:pointer; certificate_size:Psize_t):longint;cdecl;
+  gnutls_pkcs7_set_crt_raw : function(pkcs7:Tgnutls_pkcs7_t; crt:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_set_crt : function(pkcs7:Tgnutls_pkcs7_t; crt:Tgnutls_x509_crt_t):longint;cdecl;
+  gnutls_pkcs7_delete_crt : function(pkcs7:Tgnutls_pkcs7_t; indx:longint):longint;cdecl;
+  gnutls_pkcs7_get_crl_raw : function(pkcs7:Tgnutls_pkcs7_t; indx:longint; crl:pointer; crl_size:Psize_t):longint;cdecl;
+  gnutls_pkcs7_get_crl_count : function(pkcs7:Tgnutls_pkcs7_t):longint;cdecl;
+  gnutls_pkcs7_set_crl_raw : function(pkcs7:Tgnutls_pkcs7_t; crl:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_set_crl : function(pkcs7:Tgnutls_pkcs7_t; crl:Tgnutls_x509_crl_t):longint;cdecl;
+  gnutls_pkcs7_delete_crl : function(pkcs7:Tgnutls_pkcs7_t; indx:longint):longint;cdecl;
+  gnutls_pkcs7_signature_info_deinit : procedure(info:Pgnutls_pkcs7_signature_info_st);cdecl;
+  gnutls_pkcs7_get_signature_info : function(pkcs7:Tgnutls_pkcs7_t; idx:dword; info:Pgnutls_pkcs7_signature_info_st):longint;cdecl;
+  gnutls_pkcs7_verify_direct : function(pkcs7:Tgnutls_pkcs7_t; signer:Tgnutls_x509_crt_t; idx:dword; data:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_pkcs7_verify : function(pkcs7:Tgnutls_pkcs7_t; tl:Tgnutls_x509_trust_list_t; vdata:Pgnutls_typed_vdata_st; vdata_size:dword; idx:dword;
+      data:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_pkcs7_add_attr : function(list:Pgnutls_pkcs7_attrs_t; oid:Pchar; data:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_pkcs7_attrs_deinit : procedure(list:Tgnutls_pkcs7_attrs_t);cdecl;
+  gnutls_pkcs7_get_attr : function(list:Tgnutls_pkcs7_attrs_t; idx:dword; oid:PPchar; data:Pgnutls_datum_t; flags:dword):longint;cdecl;
+  gnutls_pkcs7_sign : function(pkcs7:Tgnutls_pkcs7_t; signer:Tgnutls_x509_crt_t; signer_key:Tgnutls_privkey_t; data:Pgnutls_datum_t; signed_attrs:Tgnutls_pkcs7_attrs_t;
+      unsigned_attrs:Tgnutls_pkcs7_attrs_t; dig:Tgnutls_digest_algorithm_t; flags:dword):longint;cdecl;
+  gnutls_pkcs7_get_crt_raw2 : function(pkcs7:Tgnutls_pkcs7_t; indx:longint; cert:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_get_crl_raw2 : function(pkcs7:Tgnutls_pkcs7_t; indx:longint; crl:Pgnutls_datum_t):longint;cdecl;
+  gnutls_pkcs7_print : function(pkcs7:Tgnutls_pkcs7_t; format:Tgnutls_certificate_print_formats_t; outd:Pgnutls_datum_t):longint;cdecl;
+
+
+
+function GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION : Ttime_t;
+function gnutls_x509_crl_get_certificate_count(crl:Tgnutls_x509_crl_t)  : cint;
+function gnutls_x509_crl_get_certificate (crl:Tgnutls_x509_crl_t; indx:longint; serial:Pbyte; serial_size:Psize_t; t:Ptime_t):longint;
+
+
+procedure gnutls_transport_set_int(s : tgnutls_session_t; r : cint);
+
+procedure LoadGnuTLS(alib : String = '');
+procedure FreeGnuTLS;
+Function GnuTLSloaded : Boolean;
+
+
+implementation
+
+uses
+  SysUtils, dynlibs;
+
+{ was #define dname def_expr }
+function GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION : Ttime_t;
+  begin
+    GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION:=Ttime_t(4294197631);
+  end;
+
+function gnutls_x509_crl_get_certificate (crl:Tgnutls_x509_crl_t; indx:longint; serial:Pbyte; serial_size:Psize_t; t:Ptime_t):longint;
+
+begin
+  Result:=gnutls_x509_crl_get_crt_serial(crl,indx,serial,serial_size,t);
+end;
+
+function gnutls_x509_crl_get_certificate_count(crl:Tgnutls_x509_crl_t)  : cint;
+
+begin
+  Result:=gnutls_x509_crl_get_crt_count(crl);
+end;
+
+procedure gnutls_transport_set_int(s : tgnutls_session_t; r : cint);
+
+begin
+  gnutls_transport_set_int2(s,r,r);
+end;
+
+var
+  hlib : tlibhandle;
+  LoadedLibName : String;
+
+Function GnuTLSloaded : Boolean;
+
+begin
+  Result:=hlib<>NilHandle;
+end;
+
+procedure FreeGnuTLS;
+
+begin
+  if Not GnuTLSLoaded then
+    Exit;
+  FreeLibrary(hlib);
+  hlib:=NilHandle;
+  LoadedLibName:='';
+  gnutls_handshake_description_get_name:=nil;
+  gnutls_pk_algorithm_get_name:=nil;
+  gnutls_init:=nil;
+  gnutls_deinit:=nil;
+  gnutls_bye:=nil;
+  gnutls_handshake:=nil;
+  gnutls_handshake_set_timeout:=nil;
+  gnutls_rehandshake:=nil;
+  gnutls_alert_get:=nil;
+  gnutls_alert_send:=nil;
+  gnutls_alert_send_appropriate:=nil;
+  gnutls_alert_get_name:=nil;
+  gnutls_alert_get_strname:=nil;
+  gnutls_pk_bits_to_sec_param:=nil;
+  gnutls_sec_param_get_name:=nil;
+  gnutls_sec_param_to_pk_bits:=nil;
+  gnutls_sec_param_to_symmetric_bits:=nil;
+  gnutls_ecc_curve_get_name:=nil;
+  gnutls_ecc_curve_get_oid:=nil;
+  gnutls_ecc_curve_get_size:=nil;
+  gnutls_ecc_curve_get:=nil;
+  gnutls_cipher_get:=nil;
+  gnutls_kx_get:=nil;
+  gnutls_mac_get:=nil;
+  gnutls_compression_get:=nil;
+  gnutls_certificate_type_get:=nil;
+  gnutls_sign_algorithm_get:=nil;
+  gnutls_sign_algorithm_get_client:=nil;
+  gnutls_sign_algorithm_get_requested:=nil;
+  gnutls_cipher_get_name:=nil;
+  gnutls_mac_get_name:=nil;
+  gnutls_digest_get_name:=nil;
+  gnutls_digest_get_oid:=nil;
+  gnutls_compression_get_name:=nil;
+  gnutls_kx_get_name:=nil;
+  gnutls_certificate_type_get_name:=nil;
+  gnutls_pk_get_name:=nil;
+  gnutls_pk_get_oid:=nil;
+  gnutls_sign_get_name:=nil;
+  gnutls_sign_get_oid:=nil;
+  gnutls_cipher_get_key_size:=nil;
+  gnutls_mac_get_key_size:=nil;
+  gnutls_sign_is_secure:=nil;
+  gnutls_sign_get_hash_algorithm:=nil;
+  gnutls_sign_get_pk_algorithm:=nil;
+  gnutls_pk_to_sign:=nil;
+  gnutls_mac_get_id:=nil;
+  gnutls_digest_get_id:=nil;
+  gnutls_compression_get_id:=nil;
+  gnutls_cipher_get_id:=nil;
+  gnutls_kx_get_id:=nil;
+  gnutls_protocol_get_id:=nil;
+  gnutls_certificate_type_get_id:=nil;
+  gnutls_pk_get_id:=nil;
+  gnutls_sign_get_id:=nil;
+  gnutls_ecc_curve_get_id:=nil;
+  gnutls_oid_to_digest:=nil;
+  gnutls_oid_to_pk:=nil;
+  gnutls_oid_to_sign:=nil;
+  gnutls_oid_to_ecc_curve:=nil;
+  gnutls_ecc_curve_list:=nil;
+  gnutls_cipher_list:=nil;
+  gnutls_mac_list:=nil;
+  gnutls_digest_list:=nil;
+  gnutls_compression_list:=nil;
+  gnutls_protocol_list:=nil;
+  gnutls_certificate_type_list:=nil;
+  gnutls_kx_list:=nil;
+  gnutls_pk_list:=nil;
+  gnutls_sign_list:=nil;
+  gnutls_cipher_suite_info:=nil;
+  gnutls_error_is_fatal:=nil;
+  gnutls_error_to_alert:=nil;
+  gnutls_perror:=nil;
+  gnutls_strerror:=nil;
+  gnutls_strerror_name:=nil;
+  gnutls_handshake_set_private_extensions:=nil;
+  gnutls_handshake_set_random:=nil;
+  gnutls_handshake_get_last_out:=nil;
+  gnutls_handshake_get_last_in:=nil;
+  gnutls_heartbeat_ping:=nil;
+  gnutls_heartbeat_pong:=nil;
+  gnutls_record_set_timeout:=nil;
+  gnutls_record_disable_padding:=nil;
+  gnutls_record_cork:=nil;
+  gnutls_record_uncork:=nil;
+  gnutls_record_discard_queued:=nil;
+  gnutls_record_get_state:=nil;
+  gnutls_record_set_state:=nil;
+  gnutls_range_split:=nil;
+  gnutls_record_send:=nil;
+  gnutls_record_send_range:=nil;
+  gnutls_record_recv:=nil;
+  gnutls_record_recv_packet:=nil;
+  gnutls_packet_get:=nil;
+  gnutls_packet_deinit:=nil;
+  gnutls_record_recv_seq:=nil;
+  gnutls_record_overhead_size:=nil;
+  gnutls_est_record_overhead_size:=nil;
+  gnutls_session_enable_compatibility_mode:=nil;
+  gnutls_record_can_use_length_hiding:=nil;
+  gnutls_record_get_direction:=nil;
+  gnutls_record_get_max_size:=nil;
+  gnutls_record_set_max_size:=nil;
+  gnutls_record_check_pending:=nil;
+  gnutls_record_check_corked:=nil;
+  gnutls_session_force_valid:=nil;
+  gnutls_prf:=nil;
+  gnutls_prf_rfc5705:=nil;
+  gnutls_prf_raw:=nil;
+  gnutls_server_name_set:=nil;
+  gnutls_server_name_get:=nil;
+  gnutls_heartbeat_get_timeout:=nil;
+  gnutls_heartbeat_set_timeouts:=nil;
+  gnutls_heartbeat_enable:=nil;
+  gnutls_heartbeat_allowed:=nil;
+  gnutls_safe_renegotiation_status:=nil;
+  gnutls_session_ext_master_secret_status:=nil;
+  gnutls_session_etm_status:=nil;
+  gnutls_supplemental_get_name:=nil;
+  gnutls_session_ticket_key_generate:=nil;
+  gnutls_session_ticket_enable_client:=nil;
+  gnutls_session_ticket_enable_server:=nil;
+  gnutls_srtp_set_profile:=nil;
+  gnutls_srtp_set_profile_direct:=nil;
+  gnutls_srtp_get_selected_profile:=nil;
+  gnutls_srtp_get_profile_name:=nil;
+  gnutls_srtp_get_profile_id:=nil;
+  gnutls_srtp_get_keys:=nil;
+  gnutls_srtp_set_mki:=nil;
+  gnutls_srtp_get_mki:=nil;
+  gnutls_alpn_get_selected_protocol:=nil;
+  gnutls_alpn_set_protocols:=nil;
+  gnutls_key_generate:=nil;
+  gnutls_priority_init:=nil;
+  gnutls_priority_deinit:=nil;
+  gnutls_priority_get_cipher_suite_index:=nil;
+  gnutls_priority_string_list:=nil;
+  gnutls_priority_set:=nil;
+  gnutls_priority_set_direct:=nil;
+  gnutls_priority_certificate_type_list:=nil;
+  gnutls_priority_sign_list:=nil;
+  gnutls_priority_protocol_list:=nil;
+  gnutls_priority_compression_list:=nil;
+  gnutls_priority_ecc_curve_list:=nil;
+  gnutls_priority_kx_list:=nil;
+  gnutls_priority_cipher_list:=nil;
+  gnutls_priority_mac_list:=nil;
+  gnutls_set_default_priority:=nil;
+  gnutls_cipher_suite_get_name:=nil;
+  gnutls_protocol_get_version:=nil;
+  gnutls_protocol_get_name:=nil;
+  gnutls_session_set_data:=nil;
+  gnutls_session_get_data:=nil;
+  gnutls_session_get_data2:=nil;
+  gnutls_session_get_random:=nil;
+  gnutls_session_get_desc:=nil;
+  gnutls_session_set_verify_function:=nil;
+  gnutls_session_set_verify_cert:=nil;
+  gnutls_session_set_verify_cert2:=nil;
+  gnutls_session_get_verify_cert_status:=nil;
+  gnutls_session_set_premaster:=nil;
+  gnutls_session_get_id:=nil;
+  gnutls_session_get_id2:=nil;
+  gnutls_session_set_id:=nil;
+  gnutls_session_channel_binding:=nil;
+  gnutls_session_is_resumed:=nil;
+  gnutls_session_resumption_requested:=nil;
+  gnutls_db_set_cache_expiration:=nil;
+  gnutls_db_get_default_cache_expiration:=nil;
+  gnutls_db_remove_session:=nil;
+  gnutls_db_set_retrieve_function:=nil;
+  gnutls_db_set_remove_function:=nil;
+  gnutls_db_set_store_function:=nil;
+  gnutls_db_set_ptr:=nil;
+  gnutls_db_get_ptr:=nil;
+  gnutls_db_check_entry:=nil;
+  gnutls_db_check_entry_time:=nil;
+  gnutls_handshake_set_hook_function:=nil;
+  gnutls_handshake_set_post_client_hello_function:=nil;
+  gnutls_handshake_set_max_packet_length:=nil;
+  gnutls_check_version:=nil;
+  gnutls_credentials_clear:=nil;
+  gnutls_credentials_set:=nil;
+  gnutls_credentials_get:=nil;
+  gnutls_anon_free_server_credentials:=nil;
+  gnutls_anon_allocate_server_credentials:=nil;
+  gnutls_anon_set_server_dh_params:=nil;
+  gnutls_anon_set_server_params_function:=nil;
+  gnutls_anon_free_client_credentials:=nil;
+  gnutls_anon_allocate_client_credentials:=nil;
+  gnutls_certificate_free_credentials:=nil;
+  gnutls_certificate_allocate_credentials:=nil;
+  gnutls_certificate_get_issuer:=nil;
+  gnutls_certificate_get_crt_raw:=nil;
+  gnutls_certificate_get_x509_crt:=nil;
+  gnutls_certificate_get_x509_key:=nil;
+  gnutls_certificate_free_keys:=nil;
+  gnutls_certificate_free_cas:=nil;
+  gnutls_certificate_free_ca_names:=nil;
+  gnutls_certificate_free_crls:=nil;
+  gnutls_certificate_set_dh_params:=nil;
+  gnutls_certificate_set_verify_flags:=nil;
+  gnutls_certificate_get_verify_flags:=nil;
+  gnutls_certificate_set_flags:=nil;
+  gnutls_certificate_set_verify_limits:=nil;
+  gnutls_certificate_get_verify_flags:=nil;
+  gnutls_certificate_set_x509_system_trust:=nil;
+  gnutls_certificate_set_x509_trust_file:=nil;
+  gnutls_certificate_set_x509_trust_dir:=nil;
+  gnutls_certificate_set_x509_trust_mem:=nil;
+  gnutls_certificate_set_x509_crl_file:=nil;
+  gnutls_certificate_set_x509_crl_mem:=nil;
+  gnutls_certificate_set_x509_key_file:=nil;
+  gnutls_certificate_set_x509_key_file2:=nil;
+  gnutls_certificate_set_x509_key_mem:=nil;
+  gnutls_certificate_set_x509_key_mem2:=nil;
+  gnutls_certificate_send_x509_rdn_sequence:=nil;
+  gnutls_certificate_set_x509_simple_pkcs12_file:=nil;
+  gnutls_certificate_set_x509_simple_pkcs12_mem:=nil;
+  gnutls_certificate_set_x509_key:=nil;
+  gnutls_certificate_set_x509_trust:=nil;
+  gnutls_certificate_set_x509_crl:=nil;
+  gnutls_certificate_get_x509_key:=nil;
+  gnutls_certificate_get_x509_crt:=nil;
+  gnutls_certificate_set_ocsp_status_request_function:=nil;
+  gnutls_certificate_set_ocsp_status_request_file:=nil;
+  gnutls_ocsp_status_request_enable_client:=nil;
+  gnutls_ocsp_status_request_get:=nil;
+  gnutls_ocsp_status_request_is_checked:=nil;
+  gnutls_global_init:=nil;
+  gnutls_global_deinit:=nil;
+  gnutls_global_set_mutex:=nil;
+  gnutls_global_set_time_function:=nil;
+  gnutls_memset:=nil;
+  gnutls_memcmp:=nil;
+  gnutls_global_set_log_function:=nil;
+  gnutls_global_set_audit_log_function:=nil;
+  gnutls_global_set_log_level:=nil;
+  gnutls_dh_params_init:=nil;
+  gnutls_dh_params_deinit:=nil;
+  gnutls_dh_params_import_raw:=nil;
+  gnutls_dh_params_import_raw2:=nil;
+  gnutls_dh_params_import_pkcs3:=nil;
+  gnutls_dh_params_generate2:=nil;
+  gnutls_dh_params_export_pkcs3:=nil;
+  gnutls_dh_params_export2_pkcs3:=nil;
+  gnutls_dh_params_export_raw:=nil;
+  gnutls_dh_params_cpy:=nil;
+  gnutls_system_recv_timeout:=nil;
+  gnutls_transport_set_int2:=nil;
+  gnutls_transport_get_int2:=nil;
+  gnutls_transport_get_int:=nil;
+  gnutls_transport_set_ptr:=nil;
+  gnutls_transport_set_ptr2:=nil;
+  gnutls_transport_get_ptr:=nil;
+  gnutls_transport_get_ptr2:=nil;
+  gnutls_transport_set_vec_push_function:=nil;
+  gnutls_transport_set_push_function:=nil;
+  gnutls_transport_set_pull_function:=nil;
+  gnutls_transport_set_pull_timeout_function:=nil;
+  gnutls_transport_set_errno_function:=nil;
+  gnutls_transport_set_errno:=nil;
+  gnutls_session_set_ptr:=nil;
+  gnutls_session_get_ptr:=nil;
+  gnutls_openpgp_send_cert:=nil;
+  gnutls_fingerprint:=nil;
+  gnutls_random_art:=nil;
+  gnutls_srp_free_client_credentials:=nil;
+  gnutls_srp_allocate_client_credentials:=nil;
+  gnutls_srp_set_client_credentials:=nil;
+  gnutls_srp_free_server_credentials:=nil;
+  gnutls_srp_allocate_server_credentials:=nil;
+  gnutls_srp_set_server_credentials_file:=nil;
+  gnutls_srp_server_get_username:=nil;
+  gnutls_srp_set_prime_bits:=nil;
+  gnutls_srp_verifier:=nil;
+  gnutls_srp_set_server_credentials_function:=nil;
+  gnutls_srp_set_client_credentials_function:=nil;
+  gnutls_srp_base64_encode:=nil;
+  gnutls_srp_base64_encode2:=nil;
+  gnutls_srp_base64_decode:=nil;
+  gnutls_srp_base64_decode2:=nil;
+  gnutls_srp_set_server_fake_salt_seed:=nil;
+  gnutls_psk_free_client_credentials:=nil;
+  gnutls_psk_allocate_client_credentials:=nil;
+  gnutls_psk_set_client_credentials:=nil;
+  gnutls_psk_free_server_credentials:=nil;
+  gnutls_psk_allocate_server_credentials:=nil;
+  gnutls_psk_set_server_credentials_file:=nil;
+  gnutls_psk_set_server_credentials_hint:=nil;
+  gnutls_psk_server_get_username:=nil;
+  gnutls_psk_client_get_hint:=nil;
+  gnutls_psk_set_server_credentials_function:=nil;
+  gnutls_psk_set_client_credentials_function:=nil;
+  gnutls_hex_encode:=nil;
+  gnutls_hex_decode:=nil;
+  gnutls_hex_encode2:=nil;
+  gnutls_hex_decode2:=nil;
+  gnutls_psk_set_server_dh_params:=nil;
+  gnutls_psk_set_server_params_function:=nil;
+  gnutls_auth_get_type:=nil;
+  gnutls_auth_server_get_type:=nil;
+  gnutls_auth_client_get_type:=nil;
+  gnutls_dh_set_prime_bits:=nil;
+  gnutls_dh_get_secret_bits:=nil;
+  gnutls_dh_get_peers_public_bits:=nil;
+  gnutls_dh_get_prime_bits:=nil;
+  gnutls_dh_get_group:=nil;
+  gnutls_dh_get_pubkey:=nil;
+  gnutls_certificate_set_retrieve_function:=nil;
+  gnutls_certificate_set_verify_function:=nil;
+  gnutls_certificate_server_set_request:=nil;
+  gnutls_certificate_get_peers:=nil;
+  gnutls_certificate_get_ours:=nil;
+  gnutls_certificate_get_peers_subkey_id:=nil;
+  gnutls_certificate_activation_time_peers:=nil;
+  gnutls_certificate_expiration_time_peers:=nil;
+  gnutls_certificate_client_get_request_status:=nil;
+  gnutls_certificate_verify_peers2:=nil;
+  gnutls_certificate_verify_peers3:=nil;
+  gnutls_certificate_verify_peers:=nil;
+  gnutls_certificate_verification_status_print:=nil;
+  gnutls_pem_base64_encode:=nil;
+  gnutls_pem_base64_decode:=nil;
+  gnutls_pem_base64_encode2:=nil;
+  gnutls_pem_base64_decode2:=nil;
+  gnutls_certificate_set_params_function:=nil;
+  gnutls_anon_set_params_function:=nil;
+  gnutls_psk_set_params_function:=nil;
+  gnutls_hex2bin:=nil;
+  gnutls_tdb_init:=nil;
+  gnutls_tdb_set_store_func:=nil;
+  gnutls_tdb_set_store_commitment_func:=nil;
+  gnutls_tdb_set_verify_func:=nil;
+  gnutls_tdb_deinit:=nil;
+  gnutls_verify_stored_pubkey:=nil;
+  gnutls_store_commitment:=nil;
+  gnutls_store_pubkey:=nil;
+  gnutls_load_file:=nil;
+  gnutls_url_is_supported:=nil;
+  gnutls_certificate_set_pin_function:=nil;
+  gnutls_buffer_append_data:=nil;
+  gnutls_ext_set_data:=nil;
+  gnutls_ext_get_data:=nil;
+  gnutls_ext_register:=nil;
+  gnutls_supplemental_register:=nil;
+  gnutls_supplemental_recv:=nil;
+  gnutls_supplemental_send:=nil;
+  gnutls_fips140_mode_enabled:=nil;
+  gnutls_x509_crt_init:=nil;
+  gnutls_x509_crt_deinit:=nil;
+  gnutls_x509_crt_import:=nil;
+  gnutls_x509_crt_list_import2:=nil;
+  gnutls_x509_crt_list_import:=nil;
+  gnutls_x509_crt_import_url:=nil;
+  gnutls_x509_crt_export:=nil;
+  gnutls_x509_crt_export2:=nil;
+  gnutls_x509_crt_get_private_key_usage_period:=nil;
+  gnutls_x509_crt_get_issuer_dn:=nil;
+  gnutls_x509_crt_get_issuer_dn2:=nil;
+  gnutls_x509_crt_get_issuer_dn_oid:=nil;
+  gnutls_x509_crt_get_issuer_dn_by_oid:=nil;
+  gnutls_x509_crt_get_dn:=nil;
+  gnutls_x509_crt_get_dn2:=nil;
+  gnutls_x509_crt_get_dn_oid:=nil;
+  gnutls_x509_crt_get_dn_by_oid:=nil;
+  gnutls_x509_crt_check_hostname:=nil;
+  gnutls_x509_crt_check_hostname2:=nil;
+  gnutls_x509_crt_check_email:=nil;
+  gnutls_x509_crt_get_signature_algorithm:=nil;
+  gnutls_x509_crt_get_signature:=nil;
+  gnutls_x509_crt_get_version:=nil;
+  gnutls_x509_crt_get_key_id:=nil;
+  gnutls_x509_crt_set_private_key_usage_period:=nil;
+  gnutls_x509_crt_set_authority_key_id:=nil;
+  gnutls_x509_crt_get_authority_key_id:=nil;
+  gnutls_x509_crt_get_authority_key_gn_serial:=nil;
+  gnutls_x509_crt_get_subject_key_id:=nil;
+  gnutls_x509_crt_get_subject_unique_id:=nil;
+  gnutls_x509_crt_get_issuer_unique_id:=nil;
+  gnutls_x509_crt_set_pin_function:=nil;
+  gnutls_x509_crt_get_authority_info_access:=nil;
+  gnutls_x509_name_constraints_check:=nil;
+  gnutls_x509_name_constraints_check_crt:=nil;
+  gnutls_x509_name_constraints_init:=nil;
+  gnutls_x509_name_constraints_deinit:=nil;
+  gnutls_x509_crt_get_name_constraints:=nil;
+  gnutls_x509_name_constraints_add_permitted:=nil;
+  gnutls_x509_name_constraints_add_excluded:=nil;
+  gnutls_x509_crt_set_name_constraints:=nil;
+  gnutls_x509_name_constraints_get_permitted:=nil;
+  gnutls_x509_name_constraints_get_excluded:=nil;
+  gnutls_x509_crt_get_crl_dist_points:=nil;
+  gnutls_x509_crt_set_crl_dist_points2:=nil;
+  gnutls_x509_crt_set_crl_dist_points:=nil;
+  gnutls_x509_crt_cpy_crl_dist_points:=nil;
+  gnutls_x509_crl_sign2:=nil;
+  gnutls_x509_crt_get_activation_time:=nil;
+  gnutls_x509_crt_get_expiration_time:=nil;
+  gnutls_x509_crt_get_serial:=nil;
+  gnutls_x509_crt_get_pk_algorithm:=nil;
+  gnutls_x509_crt_get_pk_rsa_raw:=nil;
+  gnutls_x509_crt_get_pk_dsa_raw:=nil;
+  gnutls_x509_crt_get_pk_ecc_raw:=nil;
+  gnutls_x509_crt_get_subject_alt_name:=nil;
+  gnutls_x509_crt_get_subject_alt_name2:=nil;
+  gnutls_x509_crt_get_subject_alt_othername_oid:=nil;
+  gnutls_x509_crt_get_issuer_alt_name:=nil;
+  gnutls_x509_crt_get_issuer_alt_name2:=nil;
+  gnutls_x509_crt_get_issuer_alt_othername_oid:=nil;
+  gnutls_x509_crt_get_ca_status:=nil;
+  gnutls_x509_crt_get_basic_constraints:=nil;
+  gnutls_x509_crt_get_key_usage:=nil;
+  gnutls_x509_crt_set_key_usage:=nil;
+  gnutls_x509_crt_set_authority_info_access:=nil;
+  gnutls_x509_crt_get_proxy:=nil;
+  gnutls_x509_policy_release:=nil;
+  gnutls_x509_crt_get_policy:=nil;
+  gnutls_x509_crt_set_policy:=nil;
+  gnutls_x509_dn_oid_known:=nil;
+  gnutls_x509_dn_oid_name:=nil;
+  gnutls_x509_crt_get_extension_oid:=nil;
+  gnutls_x509_crt_get_extension_by_oid:=nil;
+  gnutls_x509_crq_get_signature_algorithm:=nil;
+  gnutls_x509_crq_get_extension_by_oid2:=nil;
+  gnutls_x509_crt_get_extension_info:=nil;
+  gnutls_x509_crt_get_extension_data:=nil;
+  gnutls_x509_crt_get_extension_data2:=nil;
+  gnutls_x509_crt_set_extension_by_oid:=nil;
+  gnutls_x509_crt_set_dn:=nil;
+  gnutls_x509_crt_set_dn_by_oid:=nil;
+  gnutls_x509_crt_set_issuer_dn_by_oid:=nil;
+  gnutls_x509_crt_set_issuer_dn:=nil;
+  gnutls_x509_crt_set_version:=nil;
+  gnutls_x509_crt_set_key:=nil;
+  gnutls_x509_crt_set_ca_status:=nil;
+  gnutls_x509_crt_set_basic_constraints:=nil;
+  gnutls_x509_crt_set_subject_unique_id:=nil;
+  gnutls_x509_crt_set_issuer_unique_id:=nil;
+  gnutls_x509_crt_set_subject_alternative_name:=nil;
+  gnutls_x509_crt_set_subject_alt_name:=nil;
+  gnutls_x509_crt_set_issuer_alt_name:=nil;
+  gnutls_x509_crt_sign:=nil;
+  gnutls_x509_crt_sign2:=nil;
+  gnutls_x509_crt_set_activation_time:=nil;
+  gnutls_x509_crt_set_expiration_time:=nil;
+  gnutls_x509_crt_set_serial:=nil;
+  gnutls_x509_crt_set_subject_key_id:=nil;
+  gnutls_x509_crt_set_proxy_dn:=nil;
+  gnutls_x509_crt_set_proxy:=nil;
+  gnutls_x509_crt_print:=nil;
+  gnutls_x509_crl_print:=nil;
+  gnutls_x509_crt_get_raw_issuer_dn:=nil;
+  gnutls_x509_crt_get_raw_dn:=nil;
+  gnutls_x509_rdn_get:=nil;
+  gnutls_x509_rdn_get_oid:=nil;
+  gnutls_x509_rdn_get_by_oid:=nil;
+  gnutls_x509_crt_get_subject:=nil;
+  gnutls_x509_crt_get_issuer:=nil;
+  gnutls_x509_dn_get_rdn_ava:=nil;
+  gnutls_x509_dn_get_str:=nil;
+  gnutls_x509_dn_init:=nil;
+  gnutls_x509_dn_import:=nil;
+  gnutls_x509_dn_export:=nil;
+  gnutls_x509_dn_export2:=nil;
+  gnutls_x509_dn_deinit:=nil;
+  gnutls_x509_crl_init:=nil;
+  gnutls_x509_crl_deinit:=nil;
+  gnutls_x509_crl_import:=nil;
+  gnutls_x509_crl_export:=nil;
+  gnutls_x509_crl_export2:=nil;
+  gnutls_x509_crl_get_raw_issuer_dn:=nil;
+  gnutls_x509_crl_get_issuer_dn:=nil;
+  gnutls_x509_crl_get_issuer_dn2:=nil;
+  gnutls_x509_crl_get_issuer_dn_by_oid:=nil;
+  gnutls_x509_crl_get_dn_oid:=nil;
+  gnutls_x509_crl_get_signature_algorithm:=nil;
+  gnutls_x509_crl_get_signature:=nil;
+  gnutls_x509_crl_get_version:=nil;
+  gnutls_x509_crl_get_this_update:=nil;
+  gnutls_x509_crl_get_next_update:=nil;
+  gnutls_x509_crl_get_crt_count:=nil;
+  gnutls_x509_crl_get_crt_serial:=nil;
+  gnutls_x509_crl_iter_crt_serial:=nil;
+  gnutls_x509_crl_iter_deinit:=nil;
+  gnutls_x509_crl_check_issuer:=nil;
+  gnutls_x509_crl_list_import2:=nil;
+  gnutls_x509_crl_list_import:=nil;
+  gnutls_x509_crl_set_version:=nil;
+  gnutls_x509_crl_set_this_update:=nil;
+  gnutls_x509_crl_set_next_update:=nil;
+  gnutls_x509_crl_set_crt_serial:=nil;
+  gnutls_x509_crl_set_crt:=nil;
+  gnutls_x509_crl_get_authority_key_id:=nil;
+  gnutls_x509_crl_get_authority_key_gn_serial:=nil;
+  gnutls_x509_crl_get_number:=nil;
+  gnutls_x509_crl_get_extension_oid:=nil;
+  gnutls_x509_crl_get_extension_info:=nil;
+  gnutls_x509_crl_get_extension_data:=nil;
+  gnutls_x509_crl_get_extension_data2:=nil;
+  gnutls_x509_crl_set_authority_key_id:=nil;
+  gnutls_x509_crl_set_number:=nil;
+  gnutls_x509_crt_check_issuer:=nil;
+  gnutls_x509_crt_list_verify:=nil;
+  gnutls_x509_crt_verify:=nil;
+  gnutls_x509_crl_verify:=nil;
+  gnutls_x509_crt_verify_data2:=nil;
+  gnutls_x509_crt_check_revocation:=nil;
+  gnutls_x509_crt_get_fingerprint:=nil;
+  gnutls_x509_crt_get_key_purpose_oid:=nil;
+  gnutls_x509_crt_set_key_purpose_oid:=nil;
+  gnutls_pkcs_schema_get_name:=nil;
+  gnutls_pkcs_schema_get_oid:=nil;
+  gnutls_x509_privkey_init:=nil;
+  gnutls_x509_privkey_deinit:=nil;
+  gnutls_x509_privkey_sec_param:=nil;
+  gnutls_x509_privkey_set_pin_function:=nil;
+  gnutls_x509_privkey_cpy:=nil;
+  gnutls_x509_privkey_import:=nil;
+  gnutls_x509_privkey_import_pkcs8:=nil;
+  gnutls_x509_privkey_import_openssl:=nil;
+  gnutls_pkcs8_info:=nil;
+  gnutls_x509_privkey_import2:=nil;
+  gnutls_x509_privkey_import_rsa_raw:=nil;
+  gnutls_x509_privkey_import_rsa_raw2:=nil;
+  gnutls_x509_privkey_import_ecc_raw:=nil;
+  gnutls_x509_privkey_fix:=nil;
+  gnutls_x509_privkey_export_dsa_raw:=nil;
+  gnutls_x509_privkey_import_dsa_raw:=nil;
+  gnutls_x509_privkey_get_pk_algorithm:=nil;
+  gnutls_x509_privkey_get_pk_algorithm2:=nil;
+  gnutls_x509_privkey_get_key_id:=nil;
+  gnutls_x509_privkey_generate:=nil;
+  gnutls_x509_privkey_verify_params:=nil;
+  gnutls_x509_privkey_export:=nil;
+  gnutls_x509_privkey_export2:=nil;
+  gnutls_x509_privkey_export_pkcs8:=nil;
+  gnutls_x509_privkey_export2_pkcs8:=nil;
+  gnutls_x509_privkey_export_rsa_raw2:=nil;
+  gnutls_x509_privkey_export_rsa_raw:=nil;
+  gnutls_x509_privkey_export_ecc_raw:=nil;
+  gnutls_x509_privkey_sign_data:=nil;
+  gnutls_x509_crq_sign2:=nil;
+  gnutls_x509_crq_print:=nil;
+  gnutls_x509_crq_verify:=nil;
+  gnutls_x509_crq_init:=nil;
+  gnutls_x509_crq_deinit:=nil;
+  gnutls_x509_crq_import:=nil;
+  gnutls_x509_crq_get_private_key_usage_period:=nil;
+  gnutls_x509_crq_get_dn:=nil;
+  gnutls_x509_crq_get_dn2:=nil;
+  gnutls_x509_crq_get_dn_oid:=nil;
+  gnutls_x509_crq_get_dn_by_oid:=nil;
+  gnutls_x509_crq_set_dn:=nil;
+  gnutls_x509_crq_set_dn_by_oid:=nil;
+  gnutls_x509_crq_set_version:=nil;
+  gnutls_x509_crq_get_version:=nil;
+  gnutls_x509_crq_set_key:=nil;
+  gnutls_x509_crq_set_challenge_password:=nil;
+  gnutls_x509_crq_get_challenge_password:=nil;
+  gnutls_x509_crq_set_attribute_by_oid:=nil;
+  gnutls_x509_crq_get_attribute_by_oid:=nil;
+  gnutls_x509_crq_export:=nil;
+  gnutls_x509_crq_export2:=nil;
+  gnutls_x509_crt_set_crq:=nil;
+  gnutls_x509_crt_set_crq_extensions:=nil;
+  gnutls_x509_crq_set_private_key_usage_period:=nil;
+  gnutls_x509_crq_set_key_rsa_raw:=nil;
+  gnutls_x509_crq_set_subject_alt_name:=nil;
+  gnutls_x509_crq_set_key_usage:=nil;
+  gnutls_x509_crq_set_basic_constraints:=nil;
+  gnutls_x509_crq_set_key_purpose_oid:=nil;
+  gnutls_x509_crq_get_key_purpose_oid:=nil;
+  gnutls_x509_crq_get_extension_data:=nil;
+  gnutls_x509_crq_get_extension_data2:=nil;
+  gnutls_x509_crq_get_extension_info:=nil;
+  gnutls_x509_crq_get_attribute_data:=nil;
+  gnutls_x509_crq_get_attribute_info:=nil;
+  gnutls_x509_crq_get_pk_algorithm:=nil;
+  gnutls_x509_crq_get_key_id:=nil;
+  gnutls_x509_crq_get_key_rsa_raw:=nil;
+  gnutls_x509_crq_get_key_usage:=nil;
+  gnutls_x509_crq_get_basic_constraints:=nil;
+  gnutls_x509_crq_get_subject_alt_name:=nil;
+  gnutls_x509_crq_get_subject_alt_othername_oid:=nil;
+  gnutls_x509_crq_get_extension_by_oid:=nil;
+  gnutls_x509_crt_get_extension_by_oid2:=nil;
+  gnutls_x509_trust_list_init:=nil;
+  gnutls_x509_trust_list_deinit:=nil;
+  gnutls_x509_trust_list_get_issuer:=nil;
+  gnutls_x509_trust_list_get_issuer_by_dn:=nil;
+  gnutls_x509_trust_list_get_issuer_by_subject_key_id:=nil;
+  gnutls_x509_trust_list_add_cas:=nil;
+  gnutls_x509_trust_list_remove_cas:=nil;
+  gnutls_x509_trust_list_add_named_crt:=nil;
+  gnutls_x509_trust_list_add_crls:=nil;
+  gnutls_x509_trust_list_iter_get_ca:=nil;
+  gnutls_x509_trust_list_iter_deinit:=nil;
+  gnutls_x509_trust_list_verify_named_crt:=nil;
+  gnutls_x509_trust_list_verify_crt2:=nil;
+  gnutls_x509_trust_list_verify_crt:=nil;
+  gnutls_x509_trust_list_add_trust_mem:=nil;
+  gnutls_x509_trust_list_add_trust_file:=nil;
+  gnutls_x509_trust_list_add_trust_dir:=nil;
+  gnutls_x509_trust_list_remove_trust_file:=nil;
+  gnutls_x509_trust_list_remove_trust_mem:=nil;
+  gnutls_x509_trust_list_add_system_trust:=nil;
+  gnutls_certificate_set_trust_list:=nil;
+  gnutls_certificate_get_trust_list:=nil;
+  gnutls_x509_ext_deinit:=nil;
+  gnutls_x509_ext_print:=nil;
+  gnutls_pkcs7_init:=nil;
+  gnutls_pkcs7_deinit:=nil;
+  gnutls_pkcs7_import:=nil;
+  gnutls_pkcs7_export:=nil;
+  gnutls_pkcs7_export2:=nil;
+  gnutls_pkcs7_get_signature_count:=nil;
+  gnutls_pkcs7_get_embedded_data:=nil;
+  gnutls_pkcs7_get_crt_count:=nil;
+  gnutls_pkcs7_get_crt_raw:=nil;
+  gnutls_pkcs7_set_crt_raw:=nil;
+  gnutls_pkcs7_set_crt:=nil;
+  gnutls_pkcs7_delete_crt:=nil;
+  gnutls_pkcs7_get_crl_raw:=nil;
+  gnutls_pkcs7_get_crl_count:=nil;
+  gnutls_pkcs7_set_crl_raw:=nil;
+  gnutls_pkcs7_set_crl:=nil;
+  gnutls_pkcs7_delete_crl:=nil;
+  gnutls_pkcs7_signature_info_deinit:=nil;
+  gnutls_pkcs7_get_signature_info:=nil;
+  gnutls_pkcs7_verify_direct:=nil;
+  gnutls_pkcs7_verify:=nil;
+  gnutls_pkcs7_add_attr:=nil;
+  gnutls_pkcs7_attrs_deinit:=nil;
+  gnutls_pkcs7_get_attr:=nil;
+  gnutls_pkcs7_sign:=nil;
+  gnutls_pkcs7_get_crt_raw2:=nil;
+  gnutls_pkcs7_get_crl_raw2:=nil;
+  gnutls_pkcs7_print:=nil;
+end;
+
+
+procedure LoadGnuTLS(alib : String = '');
+
+  Function GPA(aName : string) : Pointer;
+
+  begin
+    Result:=GetProcAddress(hlib,aName);
+    // For debugging purposes
+    if Result=Nil then
+      Writeln('Failed to get address for '+AName);
+  end;
+
+begin
+  // Default if needed.
+  if ALib='' then
+    aLib:=LibGnuTLS;
+  // If it is a different one, unload current.
+  if GnuTLSloaded and (aLib<>LoadedLibName) then
+    FreeGnuTLS;
+  // Bail out on error.
+  if GnuTLSloaded then
+    exit;
+  // Load !
+  hlib:=LoadLibrary(alib);
+  if (hlib=NilHandle) then
+    raise Exception.Create(format('Could not load library: %s',[alib]));
+  pointer(gnutls_handshake_description_get_name):=GPA('gnutls_handshake_description_get_name');
+  pointer(gnutls_pk_algorithm_get_name):=GPA('gnutls_pk_algorithm_get_name');
+  pointer(gnutls_init):=GPA('gnutls_init');
+  pointer(gnutls_deinit):=GPA('gnutls_deinit');
+  pointer(gnutls_bye):=GPA('gnutls_bye');
+  pointer(gnutls_handshake):=GPA('gnutls_handshake');
+  pointer(gnutls_handshake_set_timeout):=GPA('gnutls_handshake_set_timeout');
+  pointer(gnutls_rehandshake):=GPA('gnutls_rehandshake');
+  pointer(gnutls_alert_get):=GPA('gnutls_alert_get');
+  pointer(gnutls_alert_send):=GPA('gnutls_alert_send');
+  pointer(gnutls_alert_send_appropriate):=GPA('gnutls_alert_send_appropriate');
+  pointer(gnutls_alert_get_name):=GPA('gnutls_alert_get_name');
+  pointer(gnutls_alert_get_strname):=GPA('gnutls_alert_get_strname');
+  pointer(gnutls_pk_bits_to_sec_param):=GPA('gnutls_pk_bits_to_sec_param');
+  pointer(gnutls_sec_param_get_name):=GPA('gnutls_sec_param_get_name');
+  pointer(gnutls_sec_param_to_pk_bits):=GPA('gnutls_sec_param_to_pk_bits');
+  pointer(gnutls_sec_param_to_symmetric_bits):=GPA('gnutls_sec_param_to_symmetric_bits');
+  pointer(gnutls_ecc_curve_get_name):=GPA('gnutls_ecc_curve_get_name');
+  pointer(gnutls_ecc_curve_get_oid):=GPA('gnutls_ecc_curve_get_oid');
+  pointer(gnutls_ecc_curve_get_size):=GPA('gnutls_ecc_curve_get_size');
+  pointer(gnutls_ecc_curve_get):=GPA('gnutls_ecc_curve_get');
+  pointer(gnutls_cipher_get):=GPA('gnutls_cipher_get');
+  pointer(gnutls_kx_get):=GPA('gnutls_kx_get');
+  pointer(gnutls_mac_get):=GPA('gnutls_mac_get');
+  pointer(gnutls_compression_get):=GPA('gnutls_compression_get');
+  pointer(gnutls_certificate_type_get):=GPA('gnutls_certificate_type_get');
+  pointer(gnutls_sign_algorithm_get):=GPA('gnutls_sign_algorithm_get');
+  pointer(gnutls_sign_algorithm_get_client):=GPA('gnutls_sign_algorithm_get_client');
+  pointer(gnutls_sign_algorithm_get_requested):=GPA('gnutls_sign_algorithm_get_requested');
+  pointer(gnutls_cipher_get_name):=GPA('gnutls_cipher_get_name');
+  pointer(gnutls_mac_get_name):=GPA('gnutls_mac_get_name');
+  pointer(gnutls_digest_get_name):=GPA('gnutls_digest_get_name');
+  pointer(gnutls_digest_get_oid):=GPA('gnutls_digest_get_oid');
+  pointer(gnutls_compression_get_name):=GPA('gnutls_compression_get_name');
+  pointer(gnutls_kx_get_name):=GPA('gnutls_kx_get_name');
+  pointer(gnutls_certificate_type_get_name):=GPA('gnutls_certificate_type_get_name');
+  pointer(gnutls_pk_get_name):=GPA('gnutls_pk_get_name');
+  pointer(gnutls_pk_get_oid):=GPA('gnutls_pk_get_oid');
+  pointer(gnutls_sign_get_name):=GPA('gnutls_sign_get_name');
+  pointer(gnutls_sign_get_oid):=GPA('gnutls_sign_get_oid');
+  pointer(gnutls_cipher_get_key_size):=GPA('gnutls_cipher_get_key_size');
+  pointer(gnutls_mac_get_key_size):=GPA('gnutls_mac_get_key_size');
+  pointer(gnutls_sign_is_secure):=GPA('gnutls_sign_is_secure');
+  pointer(gnutls_sign_get_hash_algorithm):=GPA('gnutls_sign_get_hash_algorithm');
+  pointer(gnutls_sign_get_pk_algorithm):=GPA('gnutls_sign_get_pk_algorithm');
+  pointer(gnutls_pk_to_sign):=GPA('gnutls_pk_to_sign');
+  pointer(gnutls_mac_get_id):=GPA('gnutls_mac_get_id');
+  pointer(gnutls_digest_get_id):=GPA('gnutls_digest_get_id');
+  pointer(gnutls_compression_get_id):=GPA('gnutls_compression_get_id');
+  pointer(gnutls_cipher_get_id):=GPA('gnutls_cipher_get_id');
+  pointer(gnutls_kx_get_id):=GPA('gnutls_kx_get_id');
+  pointer(gnutls_protocol_get_id):=GPA('gnutls_protocol_get_id');
+  pointer(gnutls_certificate_type_get_id):=GPA('gnutls_certificate_type_get_id');
+  pointer(gnutls_pk_get_id):=GPA('gnutls_pk_get_id');
+  pointer(gnutls_sign_get_id):=GPA('gnutls_sign_get_id');
+  pointer(gnutls_ecc_curve_get_id):=GPA('gnutls_ecc_curve_get_id');
+  pointer(gnutls_oid_to_digest):=GPA('gnutls_oid_to_digest');
+  pointer(gnutls_oid_to_pk):=GPA('gnutls_oid_to_pk');
+  pointer(gnutls_oid_to_sign):=GPA('gnutls_oid_to_sign');
+  pointer(gnutls_oid_to_ecc_curve):=GPA('gnutls_oid_to_ecc_curve');
+  pointer(gnutls_ecc_curve_list):=GPA('gnutls_ecc_curve_list');
+  pointer(gnutls_cipher_list):=GPA('gnutls_cipher_list');
+  pointer(gnutls_mac_list):=GPA('gnutls_mac_list');
+  pointer(gnutls_digest_list):=GPA('gnutls_digest_list');
+  pointer(gnutls_compression_list):=GPA('gnutls_compression_list');
+  pointer(gnutls_protocol_list):=GPA('gnutls_protocol_list');
+  pointer(gnutls_certificate_type_list):=GPA('gnutls_certificate_type_list');
+  pointer(gnutls_kx_list):=GPA('gnutls_kx_list');
+  pointer(gnutls_pk_list):=GPA('gnutls_pk_list');
+  pointer(gnutls_sign_list):=GPA('gnutls_sign_list');
+  pointer(gnutls_cipher_suite_info):=GPA('gnutls_cipher_suite_info');
+  pointer(gnutls_error_is_fatal):=GPA('gnutls_error_is_fatal');
+  pointer(gnutls_error_to_alert):=GPA('gnutls_error_to_alert');
+  pointer(gnutls_perror):=GPA('gnutls_perror');
+  pointer(gnutls_strerror):=GPA('gnutls_strerror');
+  pointer(gnutls_strerror_name):=GPA('gnutls_strerror_name');
+  pointer(gnutls_handshake_set_private_extensions):=GPA('gnutls_handshake_set_private_extensions');
+  pointer(gnutls_handshake_set_random):=GPA('gnutls_handshake_set_random');
+  pointer(gnutls_handshake_get_last_out):=GPA('gnutls_handshake_get_last_out');
+  pointer(gnutls_handshake_get_last_in):=GPA('gnutls_handshake_get_last_in');
+  pointer(gnutls_heartbeat_ping):=GPA('gnutls_heartbeat_ping');
+  pointer(gnutls_heartbeat_pong):=GPA('gnutls_heartbeat_pong');
+  pointer(gnutls_record_set_timeout):=GPA('gnutls_record_set_timeout');
+  pointer(gnutls_record_disable_padding):=GPA('gnutls_record_disable_padding');
+  pointer(gnutls_record_cork):=GPA('gnutls_record_cork');
+  pointer(gnutls_record_uncork):=GPA('gnutls_record_uncork');
+  pointer(gnutls_record_discard_queued):=GPA('gnutls_record_discard_queued');
+  pointer(gnutls_record_get_state):=GPA('gnutls_record_get_state');
+  pointer(gnutls_record_set_state):=GPA('gnutls_record_set_state');
+  pointer(gnutls_range_split):=GPA('gnutls_range_split');
+  pointer(gnutls_record_send):=GPA('gnutls_record_send');
+  pointer(gnutls_record_send_range):=GPA('gnutls_record_send_range');
+  pointer(gnutls_record_recv):=GPA('gnutls_record_recv');
+  pointer(gnutls_record_recv_packet):=GPA('gnutls_record_recv_packet');
+  pointer(gnutls_packet_get):=GPA('gnutls_packet_get');
+  pointer(gnutls_packet_deinit):=GPA('gnutls_packet_deinit');
+  pointer(gnutls_record_recv_seq):=GPA('gnutls_record_recv_seq');
+  pointer(gnutls_record_overhead_size):=GPA('gnutls_record_overhead_size');
+  pointer(gnutls_est_record_overhead_size):=GPA('gnutls_est_record_overhead_size');
+  pointer(gnutls_session_enable_compatibility_mode):=GPA('gnutls_session_enable_compatibility_mode');
+  pointer(gnutls_record_can_use_length_hiding):=GPA('gnutls_record_can_use_length_hiding');
+  pointer(gnutls_record_get_direction):=GPA('gnutls_record_get_direction');
+  pointer(gnutls_record_get_max_size):=GPA('gnutls_record_get_max_size');
+  pointer(gnutls_record_set_max_size):=GPA('gnutls_record_set_max_size');
+  pointer(gnutls_record_check_pending):=GPA('gnutls_record_check_pending');
+  pointer(gnutls_record_check_corked):=GPA('gnutls_record_check_corked');
+  pointer(gnutls_session_force_valid):=GPA('gnutls_session_force_valid');
+  pointer(gnutls_prf):=GPA('gnutls_prf');
+  pointer(gnutls_prf_rfc5705):=GPA('gnutls_prf_rfc5705');
+  pointer(gnutls_prf_raw):=GPA('gnutls_prf_raw');
+  pointer(gnutls_server_name_set):=GPA('gnutls_server_name_set');
+  pointer(gnutls_server_name_get):=GPA('gnutls_server_name_get');
+  pointer(gnutls_heartbeat_get_timeout):=GPA('gnutls_heartbeat_get_timeout');
+  pointer(gnutls_heartbeat_set_timeouts):=GPA('gnutls_heartbeat_set_timeouts');
+  pointer(gnutls_heartbeat_enable):=GPA('gnutls_heartbeat_enable');
+  pointer(gnutls_heartbeat_allowed):=GPA('gnutls_heartbeat_allowed');
+  pointer(gnutls_safe_renegotiation_status):=GPA('gnutls_safe_renegotiation_status');
+  pointer(gnutls_session_ext_master_secret_status):=GPA('gnutls_session_ext_master_secret_status');
+  pointer(gnutls_session_etm_status):=GPA('gnutls_session_etm_status');
+  pointer(gnutls_supplemental_get_name):=GPA('gnutls_supplemental_get_name');
+  pointer(gnutls_session_ticket_key_generate):=GPA('gnutls_session_ticket_key_generate');
+  pointer(gnutls_session_ticket_enable_client):=GPA('gnutls_session_ticket_enable_client');
+  pointer(gnutls_session_ticket_enable_server):=GPA('gnutls_session_ticket_enable_server');
+  pointer(gnutls_srtp_set_profile):=GPA('gnutls_srtp_set_profile');
+  pointer(gnutls_srtp_set_profile_direct):=GPA('gnutls_srtp_set_profile_direct');
+  pointer(gnutls_srtp_get_selected_profile):=GPA('gnutls_srtp_get_selected_profile');
+  pointer(gnutls_srtp_get_profile_name):=GPA('gnutls_srtp_get_profile_name');
+  pointer(gnutls_srtp_get_profile_id):=GPA('gnutls_srtp_get_profile_id');
+  pointer(gnutls_srtp_get_keys):=GPA('gnutls_srtp_get_keys');
+  pointer(gnutls_srtp_set_mki):=GPA('gnutls_srtp_set_mki');
+  pointer(gnutls_srtp_get_mki):=GPA('gnutls_srtp_get_mki');
+  pointer(gnutls_alpn_get_selected_protocol):=GPA('gnutls_alpn_get_selected_protocol');
+  pointer(gnutls_alpn_set_protocols):=GPA('gnutls_alpn_set_protocols');
+  pointer(gnutls_key_generate):=GPA('gnutls_key_generate');
+  pointer(gnutls_priority_init):=GPA('gnutls_priority_init');
+  pointer(gnutls_priority_deinit):=GPA('gnutls_priority_deinit');
+  pointer(gnutls_priority_get_cipher_suite_index):=GPA('gnutls_priority_get_cipher_suite_index');
+  pointer(gnutls_priority_string_list):=GPA('gnutls_priority_string_list');
+  pointer(gnutls_priority_set):=GPA('gnutls_priority_set');
+  pointer(gnutls_priority_set_direct):=GPA('gnutls_priority_set_direct');
+  pointer(gnutls_priority_certificate_type_list):=GPA('gnutls_priority_certificate_type_list');
+  pointer(gnutls_priority_sign_list):=GPA('gnutls_priority_sign_list');
+  pointer(gnutls_priority_protocol_list):=GPA('gnutls_priority_protocol_list');
+  pointer(gnutls_priority_compression_list):=GPA('gnutls_priority_compression_list');
+  pointer(gnutls_priority_ecc_curve_list):=GPA('gnutls_priority_ecc_curve_list');
+  pointer(gnutls_priority_kx_list):=GPA('gnutls_priority_kx_list');
+  pointer(gnutls_priority_cipher_list):=GPA('gnutls_priority_cipher_list');
+  pointer(gnutls_priority_mac_list):=GPA('gnutls_priority_mac_list');
+  pointer(gnutls_set_default_priority):=GPA('gnutls_set_default_priority');
+  pointer(gnutls_cipher_suite_get_name):=GPA('gnutls_cipher_suite_get_name');
+  pointer(gnutls_protocol_get_version):=GPA('gnutls_protocol_get_version');
+  pointer(gnutls_protocol_get_name):=GPA('gnutls_protocol_get_name');
+  pointer(gnutls_session_set_data):=GPA('gnutls_session_set_data');
+  pointer(gnutls_session_get_data):=GPA('gnutls_session_get_data');
+  pointer(gnutls_session_get_data2):=GPA('gnutls_session_get_data2');
+  pointer(gnutls_session_get_random):=GPA('gnutls_session_get_random');
+  pointer(gnutls_session_get_desc):=GPA('gnutls_session_get_desc');
+  pointer(gnutls_session_set_verify_function):=GPA('gnutls_session_set_verify_function');
+  pointer(gnutls_session_set_verify_cert):=GPA('gnutls_session_set_verify_cert');
+  pointer(gnutls_session_set_verify_cert2):=GPA('gnutls_session_set_verify_cert2');
+  pointer(gnutls_session_get_verify_cert_status):=GPA('gnutls_session_get_verify_cert_status');
+  pointer(gnutls_session_set_premaster):=GPA('gnutls_session_set_premaster');
+  pointer(gnutls_session_get_id):=GPA('gnutls_session_get_id');
+  pointer(gnutls_session_get_id2):=GPA('gnutls_session_get_id2');
+  pointer(gnutls_session_set_id):=GPA('gnutls_session_set_id');
+  pointer(gnutls_session_channel_binding):=GPA('gnutls_session_channel_binding');
+  pointer(gnutls_session_is_resumed):=GPA('gnutls_session_is_resumed');
+  pointer(gnutls_session_resumption_requested):=GPA('gnutls_session_resumption_requested');
+  pointer(gnutls_db_set_cache_expiration):=GPA('gnutls_db_set_cache_expiration');
+  pointer(gnutls_db_get_default_cache_expiration):=GPA('gnutls_db_get_default_cache_expiration');
+  pointer(gnutls_db_remove_session):=GPA('gnutls_db_remove_session');
+  pointer(gnutls_db_set_retrieve_function):=GPA('gnutls_db_set_retrieve_function');
+  pointer(gnutls_db_set_remove_function):=GPA('gnutls_db_set_remove_function');
+  pointer(gnutls_db_set_store_function):=GPA('gnutls_db_set_store_function');
+  pointer(gnutls_db_set_ptr):=GPA('gnutls_db_set_ptr');
+  pointer(gnutls_db_get_ptr):=GPA('gnutls_db_get_ptr');
+  pointer(gnutls_db_check_entry):=GPA('gnutls_db_check_entry');
+  pointer(gnutls_db_check_entry_time):=GPA('gnutls_db_check_entry_time');
+  pointer(gnutls_handshake_set_hook_function):=GPA('gnutls_handshake_set_hook_function');
+  pointer(gnutls_handshake_set_post_client_hello_function):=GPA('gnutls_handshake_set_post_client_hello_function');
+  pointer(gnutls_handshake_set_max_packet_length):=GPA('gnutls_handshake_set_max_packet_length');
+  pointer(gnutls_check_version):=GPA('gnutls_check_version');
+  pointer(gnutls_credentials_clear):=GPA('gnutls_credentials_clear');
+  pointer(gnutls_credentials_set):=GPA('gnutls_credentials_set');
+  pointer(gnutls_credentials_get):=GPA('gnutls_credentials_get');
+  pointer(gnutls_anon_free_server_credentials):=GPA('gnutls_anon_free_server_credentials');
+  pointer(gnutls_anon_allocate_server_credentials):=GPA('gnutls_anon_allocate_server_credentials');
+  pointer(gnutls_anon_set_server_dh_params):=GPA('gnutls_anon_set_server_dh_params');
+  pointer(gnutls_anon_set_server_params_function):=GPA('gnutls_anon_set_server_params_function');
+  pointer(gnutls_anon_free_client_credentials):=GPA('gnutls_anon_free_client_credentials');
+  pointer(gnutls_anon_allocate_client_credentials):=GPA('gnutls_anon_allocate_client_credentials');
+  pointer(gnutls_certificate_free_credentials):=GPA('gnutls_certificate_free_credentials');
+  pointer(gnutls_certificate_allocate_credentials):=GPA('gnutls_certificate_allocate_credentials');
+  pointer(gnutls_certificate_get_issuer):=GPA('gnutls_certificate_get_issuer');
+  pointer(gnutls_certificate_get_crt_raw):=GPA('gnutls_certificate_get_crt_raw');
+  pointer(gnutls_certificate_get_x509_crt):=GPA('gnutls_certificate_get_x509_crt');
+  pointer(gnutls_certificate_get_x509_key):=GPA('gnutls_certificate_get_x509_key');
+  pointer(gnutls_certificate_free_keys):=GPA('gnutls_certificate_free_keys');
+  pointer(gnutls_certificate_free_cas):=GPA('gnutls_certificate_free_cas');
+  pointer(gnutls_certificate_free_ca_names):=GPA('gnutls_certificate_free_ca_names');
+  pointer(gnutls_certificate_free_crls):=GPA('gnutls_certificate_free_crls');
+  pointer(gnutls_certificate_set_dh_params):=GPA('gnutls_certificate_set_dh_params');
+  pointer(gnutls_certificate_set_verify_flags):=GPA('gnutls_certificate_set_verify_flags');
+  pointer(gnutls_certificate_get_verify_flags):=GPA('gnutls_certificate_get_verify_flags');
+  pointer(gnutls_certificate_set_flags):=GPA('gnutls_certificate_set_flags');
+  pointer(gnutls_certificate_set_verify_limits):=GPA('gnutls_certificate_set_verify_limits');
+  pointer(gnutls_certificate_get_verify_flags):=GPA('gnutls_certificate_get_verify_flags');
+  pointer(gnutls_certificate_set_x509_system_trust):=GPA('gnutls_certificate_set_x509_system_trust');
+  pointer(gnutls_certificate_set_x509_trust_file):=GPA('gnutls_certificate_set_x509_trust_file');
+  pointer(gnutls_certificate_set_x509_trust_dir):=GPA('gnutls_certificate_set_x509_trust_dir');
+  pointer(gnutls_certificate_set_x509_trust_mem):=GPA('gnutls_certificate_set_x509_trust_mem');
+  pointer(gnutls_certificate_set_x509_crl_file):=GPA('gnutls_certificate_set_x509_crl_file');
+  pointer(gnutls_certificate_set_x509_crl_mem):=GPA('gnutls_certificate_set_x509_crl_mem');
+  pointer(gnutls_certificate_set_x509_key_file):=GPA('gnutls_certificate_set_x509_key_file');
+  pointer(gnutls_certificate_set_x509_key_file2):=GPA('gnutls_certificate_set_x509_key_file2');
+  pointer(gnutls_certificate_set_x509_key_mem):=GPA('gnutls_certificate_set_x509_key_mem');
+  pointer(gnutls_certificate_set_x509_key_mem2):=GPA('gnutls_certificate_set_x509_key_mem2');
+  pointer(gnutls_certificate_send_x509_rdn_sequence):=GPA('gnutls_certificate_send_x509_rdn_sequence');
+  pointer(gnutls_certificate_set_x509_simple_pkcs12_file):=GPA('gnutls_certificate_set_x509_simple_pkcs12_file');
+  pointer(gnutls_certificate_set_x509_simple_pkcs12_mem):=GPA('gnutls_certificate_set_x509_simple_pkcs12_mem');
+  pointer(gnutls_certificate_set_x509_key):=GPA('gnutls_certificate_set_x509_key');
+  pointer(gnutls_certificate_set_x509_trust):=GPA('gnutls_certificate_set_x509_trust');
+  pointer(gnutls_certificate_set_x509_crl):=GPA('gnutls_certificate_set_x509_crl');
+  pointer(gnutls_certificate_get_x509_key):=GPA('gnutls_certificate_get_x509_key');
+  pointer(gnutls_certificate_get_x509_crt):=GPA('gnutls_certificate_get_x509_crt');
+  pointer(gnutls_certificate_set_ocsp_status_request_function):=GPA('gnutls_certificate_set_ocsp_status_request_function');
+  pointer(gnutls_certificate_set_ocsp_status_request_file):=GPA('gnutls_certificate_set_ocsp_status_request_file');
+  pointer(gnutls_ocsp_status_request_enable_client):=GPA('gnutls_ocsp_status_request_enable_client');
+  pointer(gnutls_ocsp_status_request_get):=GPA('gnutls_ocsp_status_request_get');
+  pointer(gnutls_ocsp_status_request_is_checked):=GPA('gnutls_ocsp_status_request_is_checked');
+  pointer(gnutls_global_init):=GPA('gnutls_global_init');
+  pointer(gnutls_global_deinit):=GPA('gnutls_global_deinit');
+  pointer(gnutls_global_set_mutex):=GPA('gnutls_global_set_mutex');
+  pointer(gnutls_global_set_time_function):=GPA('gnutls_global_set_time_function');
+  pointer(gnutls_memset):=GPA('gnutls_memset');
+  pointer(gnutls_memcmp):=GPA('gnutls_memcmp');
+  pointer(gnutls_global_set_log_function):=GPA('gnutls_global_set_log_function');
+  pointer(gnutls_global_set_audit_log_function):=GPA('gnutls_global_set_audit_log_function');
+  pointer(gnutls_global_set_log_level):=GPA('gnutls_global_set_log_level');
+  pointer(gnutls_dh_params_init):=GPA('gnutls_dh_params_init');
+  pointer(gnutls_dh_params_deinit):=GPA('gnutls_dh_params_deinit');
+  pointer(gnutls_dh_params_import_raw):=GPA('gnutls_dh_params_import_raw');
+  pointer(gnutls_dh_params_import_raw2):=GPA('gnutls_dh_params_import_raw2');
+  pointer(gnutls_dh_params_import_pkcs3):=GPA('gnutls_dh_params_import_pkcs3');
+  pointer(gnutls_dh_params_generate2):=GPA('gnutls_dh_params_generate2');
+  pointer(gnutls_dh_params_export_pkcs3):=GPA('gnutls_dh_params_export_pkcs3');
+  pointer(gnutls_dh_params_export2_pkcs3):=GPA('gnutls_dh_params_export2_pkcs3');
+  pointer(gnutls_dh_params_export_raw):=GPA('gnutls_dh_params_export_raw');
+  pointer(gnutls_dh_params_cpy):=GPA('gnutls_dh_params_cpy');
+  pointer(gnutls_system_recv_timeout):=GPA('gnutls_system_recv_timeout');
+  pointer(gnutls_transport_set_int2):=GPA('gnutls_transport_set_int2');
+  pointer(gnutls_transport_get_int2):=GPA('gnutls_transport_get_int2');
+  pointer(gnutls_transport_get_int):=GPA('gnutls_transport_get_int');
+  pointer(gnutls_transport_set_ptr):=GPA('gnutls_transport_set_ptr');
+  pointer(gnutls_transport_set_ptr2):=GPA('gnutls_transport_set_ptr2');
+  pointer(gnutls_transport_get_ptr):=GPA('gnutls_transport_get_ptr');
+  pointer(gnutls_transport_get_ptr2):=GPA('gnutls_transport_get_ptr2');
+  pointer(gnutls_transport_set_vec_push_function):=GPA('gnutls_transport_set_vec_push_function');
+  pointer(gnutls_transport_set_push_function):=GPA('gnutls_transport_set_push_function');
+  pointer(gnutls_transport_set_pull_function):=GPA('gnutls_transport_set_pull_function');
+  pointer(gnutls_transport_set_pull_timeout_function):=GPA('gnutls_transport_set_pull_timeout_function');
+  pointer(gnutls_transport_set_errno_function):=GPA('gnutls_transport_set_errno_function');
+  pointer(gnutls_transport_set_errno):=GPA('gnutls_transport_set_errno');
+  pointer(gnutls_session_set_ptr):=GPA('gnutls_session_set_ptr');
+  pointer(gnutls_session_get_ptr):=GPA('gnutls_session_get_ptr');
+  pointer(gnutls_openpgp_send_cert):=GPA('gnutls_openpgp_send_cert');
+  pointer(gnutls_fingerprint):=GPA('gnutls_fingerprint');
+  pointer(gnutls_random_art):=GPA('gnutls_random_art');
+  pointer(gnutls_srp_free_client_credentials):=GPA('gnutls_srp_free_client_credentials');
+  pointer(gnutls_srp_allocate_client_credentials):=GPA('gnutls_srp_allocate_client_credentials');
+  pointer(gnutls_srp_set_client_credentials):=GPA('gnutls_srp_set_client_credentials');
+  pointer(gnutls_srp_free_server_credentials):=GPA('gnutls_srp_free_server_credentials');
+  pointer(gnutls_srp_allocate_server_credentials):=GPA('gnutls_srp_allocate_server_credentials');
+  pointer(gnutls_srp_set_server_credentials_file):=GPA('gnutls_srp_set_server_credentials_file');
+  pointer(gnutls_srp_server_get_username):=GPA('gnutls_srp_server_get_username');
+  pointer(gnutls_srp_set_prime_bits):=GPA('gnutls_srp_set_prime_bits');
+  pointer(gnutls_srp_verifier):=GPA('gnutls_srp_verifier');
+  pointer(gnutls_srp_set_server_credentials_function):=GPA('gnutls_srp_set_server_credentials_function');
+  pointer(gnutls_srp_set_client_credentials_function):=GPA('gnutls_srp_set_client_credentials_function');
+  pointer(gnutls_srp_base64_encode):=GPA('gnutls_srp_base64_encode');
+  pointer(gnutls_srp_base64_encode2):=GPA('gnutls_srp_base64_encode2');
+  pointer(gnutls_srp_base64_decode):=GPA('gnutls_srp_base64_decode');
+  pointer(gnutls_srp_base64_decode2):=GPA('gnutls_srp_base64_decode2');
+  pointer(gnutls_srp_set_server_fake_salt_seed):=GPA('gnutls_srp_set_server_fake_salt_seed');
+  pointer(gnutls_psk_free_client_credentials):=GPA('gnutls_psk_free_client_credentials');
+  pointer(gnutls_psk_allocate_client_credentials):=GPA('gnutls_psk_allocate_client_credentials');
+  pointer(gnutls_psk_set_client_credentials):=GPA('gnutls_psk_set_client_credentials');
+  pointer(gnutls_psk_free_server_credentials):=GPA('gnutls_psk_free_server_credentials');
+  pointer(gnutls_psk_allocate_server_credentials):=GPA('gnutls_psk_allocate_server_credentials');
+  pointer(gnutls_psk_set_server_credentials_file):=GPA('gnutls_psk_set_server_credentials_file');
+  pointer(gnutls_psk_set_server_credentials_hint):=GPA('gnutls_psk_set_server_credentials_hint');
+  pointer(gnutls_psk_server_get_username):=GPA('gnutls_psk_server_get_username');
+  pointer(gnutls_psk_client_get_hint):=GPA('gnutls_psk_client_get_hint');
+  pointer(gnutls_psk_set_server_credentials_function):=GPA('gnutls_psk_set_server_credentials_function');
+  pointer(gnutls_psk_set_client_credentials_function):=GPA('gnutls_psk_set_client_credentials_function');
+  pointer(gnutls_hex_encode):=GPA('gnutls_hex_encode');
+  pointer(gnutls_hex_decode):=GPA('gnutls_hex_decode');
+  pointer(gnutls_hex_encode2):=GPA('gnutls_hex_encode2');
+  pointer(gnutls_hex_decode2):=GPA('gnutls_hex_decode2');
+  pointer(gnutls_psk_set_server_dh_params):=GPA('gnutls_psk_set_server_dh_params');
+  pointer(gnutls_psk_set_server_params_function):=GPA('gnutls_psk_set_server_params_function');
+  pointer(gnutls_auth_get_type):=GPA('gnutls_auth_get_type');
+  pointer(gnutls_auth_server_get_type):=GPA('gnutls_auth_server_get_type');
+  pointer(gnutls_auth_client_get_type):=GPA('gnutls_auth_client_get_type');
+  pointer(gnutls_dh_set_prime_bits):=GPA('gnutls_dh_set_prime_bits');
+  pointer(gnutls_dh_get_secret_bits):=GPA('gnutls_dh_get_secret_bits');
+  pointer(gnutls_dh_get_peers_public_bits):=GPA('gnutls_dh_get_peers_public_bits');
+  pointer(gnutls_dh_get_prime_bits):=GPA('gnutls_dh_get_prime_bits');
+  pointer(gnutls_dh_get_group):=GPA('gnutls_dh_get_group');
+  pointer(gnutls_dh_get_pubkey):=GPA('gnutls_dh_get_pubkey');
+  pointer(gnutls_certificate_set_retrieve_function):=GPA('gnutls_certificate_set_retrieve_function');
+  pointer(gnutls_certificate_set_verify_function):=GPA('gnutls_certificate_set_verify_function');
+  pointer(gnutls_certificate_server_set_request):=GPA('gnutls_certificate_server_set_request');
+  pointer(gnutls_certificate_get_peers):=GPA('gnutls_certificate_get_peers');
+  pointer(gnutls_certificate_get_ours):=GPA('gnutls_certificate_get_ours');
+  pointer(gnutls_certificate_get_peers_subkey_id):=GPA('gnutls_certificate_get_peers_subkey_id');
+  pointer(gnutls_certificate_activation_time_peers):=GPA('gnutls_certificate_activation_time_peers');
+  pointer(gnutls_certificate_expiration_time_peers):=GPA('gnutls_certificate_expiration_time_peers');
+  pointer(gnutls_certificate_client_get_request_status):=GPA('gnutls_certificate_client_get_request_status');
+  pointer(gnutls_certificate_verify_peers2):=GPA('gnutls_certificate_verify_peers2');
+  pointer(gnutls_certificate_verify_peers3):=GPA('gnutls_certificate_verify_peers3');
+  pointer(gnutls_certificate_verify_peers):=GPA('gnutls_certificate_verify_peers');
+  pointer(gnutls_certificate_verification_status_print):=GPA('gnutls_certificate_verification_status_print');
+  pointer(gnutls_pem_base64_encode):=GPA('gnutls_pem_base64_encode');
+  pointer(gnutls_pem_base64_decode):=GPA('gnutls_pem_base64_decode');
+  pointer(gnutls_pem_base64_encode2):=GPA('gnutls_pem_base64_encode2');
+  pointer(gnutls_pem_base64_decode2):=GPA('gnutls_pem_base64_decode2');
+  pointer(gnutls_certificate_set_params_function):=GPA('gnutls_certificate_set_params_function');
+  pointer(gnutls_anon_set_params_function):=GPA('gnutls_anon_set_params_function');
+  pointer(gnutls_psk_set_params_function):=GPA('gnutls_psk_set_params_function');
+  pointer(gnutls_hex2bin):=GPA('gnutls_hex2bin');
+  pointer(gnutls_tdb_init):=GPA('gnutls_tdb_init');
+  pointer(gnutls_tdb_set_store_func):=GPA('gnutls_tdb_set_store_func');
+  pointer(gnutls_tdb_set_store_commitment_func):=GPA('gnutls_tdb_set_store_commitment_func');
+  pointer(gnutls_tdb_set_verify_func):=GPA('gnutls_tdb_set_verify_func');
+  pointer(gnutls_tdb_deinit):=GPA('gnutls_tdb_deinit');
+  pointer(gnutls_verify_stored_pubkey):=GPA('gnutls_verify_stored_pubkey');
+  pointer(gnutls_store_commitment):=GPA('gnutls_store_commitment');
+  pointer(gnutls_store_pubkey):=GPA('gnutls_store_pubkey');
+  pointer(gnutls_load_file):=GPA('gnutls_load_file');
+  pointer(gnutls_url_is_supported):=GPA('gnutls_url_is_supported');
+  pointer(gnutls_certificate_set_pin_function):=GPA('gnutls_certificate_set_pin_function');
+  pointer(gnutls_buffer_append_data):=GPA('gnutls_buffer_append_data');
+  pointer(gnutls_ext_set_data):=GPA('gnutls_ext_set_data');
+  pointer(gnutls_ext_get_data):=GPA('gnutls_ext_get_data');
+  pointer(gnutls_ext_register):=GPA('gnutls_ext_register');
+  pointer(gnutls_supplemental_register):=GPA('gnutls_supplemental_register');
+  pointer(gnutls_supplemental_recv):=GPA('gnutls_supplemental_recv');
+  pointer(gnutls_supplemental_send):=GPA('gnutls_supplemental_send');
+  pointer(gnutls_fips140_mode_enabled):=GPA('gnutls_fips140_mode_enabled');
+  pointer(gnutls_x509_crt_init):=GPA('gnutls_x509_crt_init');
+  pointer(gnutls_x509_crt_deinit):=GPA('gnutls_x509_crt_deinit');
+  pointer(gnutls_x509_crt_import):=GPA('gnutls_x509_crt_import');
+  pointer(gnutls_x509_crt_list_import2):=GPA('gnutls_x509_crt_list_import2');
+  pointer(gnutls_x509_crt_list_import):=GPA('gnutls_x509_crt_list_import');
+  pointer(gnutls_x509_crt_import_url):=GPA('gnutls_x509_crt_import_url');
+  pointer(gnutls_x509_crt_export):=GPA('gnutls_x509_crt_export');
+  pointer(gnutls_x509_crt_export2):=GPA('gnutls_x509_crt_export2');
+  pointer(gnutls_x509_crt_get_private_key_usage_period):=GPA('gnutls_x509_crt_get_private_key_usage_period');
+  pointer(gnutls_x509_crt_get_issuer_dn):=GPA('gnutls_x509_crt_get_issuer_dn');
+  pointer(gnutls_x509_crt_get_issuer_dn2):=GPA('gnutls_x509_crt_get_issuer_dn2');
+  pointer(gnutls_x509_crt_get_issuer_dn_oid):=GPA('gnutls_x509_crt_get_issuer_dn_oid');
+  pointer(gnutls_x509_crt_get_issuer_dn_by_oid):=GPA('gnutls_x509_crt_get_issuer_dn_by_oid');
+  pointer(gnutls_x509_crt_get_dn):=GPA('gnutls_x509_crt_get_dn');
+  pointer(gnutls_x509_crt_get_dn2):=GPA('gnutls_x509_crt_get_dn2');
+  pointer(gnutls_x509_crt_get_dn_oid):=GPA('gnutls_x509_crt_get_dn_oid');
+  pointer(gnutls_x509_crt_get_dn_by_oid):=GPA('gnutls_x509_crt_get_dn_by_oid');
+  pointer(gnutls_x509_crt_check_hostname):=GPA('gnutls_x509_crt_check_hostname');
+  pointer(gnutls_x509_crt_check_hostname2):=GPA('gnutls_x509_crt_check_hostname2');
+  pointer(gnutls_x509_crt_check_email):=GPA('gnutls_x509_crt_check_email');
+  pointer(gnutls_x509_crt_get_signature_algorithm):=GPA('gnutls_x509_crt_get_signature_algorithm');
+  pointer(gnutls_x509_crt_get_signature):=GPA('gnutls_x509_crt_get_signature');
+  pointer(gnutls_x509_crt_get_version):=GPA('gnutls_x509_crt_get_version');
+  pointer(gnutls_x509_crt_get_key_id):=GPA('gnutls_x509_crt_get_key_id');
+  pointer(gnutls_x509_crt_set_private_key_usage_period):=GPA('gnutls_x509_crt_set_private_key_usage_period');
+  pointer(gnutls_x509_crt_set_authority_key_id):=GPA('gnutls_x509_crt_set_authority_key_id');
+  pointer(gnutls_x509_crt_get_authority_key_id):=GPA('gnutls_x509_crt_get_authority_key_id');
+  pointer(gnutls_x509_crt_get_authority_key_gn_serial):=GPA('gnutls_x509_crt_get_authority_key_gn_serial');
+  pointer(gnutls_x509_crt_get_subject_key_id):=GPA('gnutls_x509_crt_get_subject_key_id');
+  pointer(gnutls_x509_crt_get_subject_unique_id):=GPA('gnutls_x509_crt_get_subject_unique_id');
+  pointer(gnutls_x509_crt_get_issuer_unique_id):=GPA('gnutls_x509_crt_get_issuer_unique_id');
+  pointer(gnutls_x509_crt_set_pin_function):=GPA('gnutls_x509_crt_set_pin_function');
+  pointer(gnutls_x509_crt_get_authority_info_access):=GPA('gnutls_x509_crt_get_authority_info_access');
+  pointer(gnutls_x509_name_constraints_check):=GPA('gnutls_x509_name_constraints_check');
+  pointer(gnutls_x509_name_constraints_check_crt):=GPA('gnutls_x509_name_constraints_check_crt');
+  pointer(gnutls_x509_name_constraints_init):=GPA('gnutls_x509_name_constraints_init');
+  pointer(gnutls_x509_name_constraints_deinit):=GPA('gnutls_x509_name_constraints_deinit');
+  pointer(gnutls_x509_crt_get_name_constraints):=GPA('gnutls_x509_crt_get_name_constraints');
+  pointer(gnutls_x509_name_constraints_add_permitted):=GPA('gnutls_x509_name_constraints_add_permitted');
+  pointer(gnutls_x509_name_constraints_add_excluded):=GPA('gnutls_x509_name_constraints_add_excluded');
+  pointer(gnutls_x509_crt_set_name_constraints):=GPA('gnutls_x509_crt_set_name_constraints');
+  pointer(gnutls_x509_name_constraints_get_permitted):=GPA('gnutls_x509_name_constraints_get_permitted');
+  pointer(gnutls_x509_name_constraints_get_excluded):=GPA('gnutls_x509_name_constraints_get_excluded');
+  pointer(gnutls_x509_crt_get_crl_dist_points):=GPA('gnutls_x509_crt_get_crl_dist_points');
+  pointer(gnutls_x509_crt_set_crl_dist_points2):=GPA('gnutls_x509_crt_set_crl_dist_points2');
+  pointer(gnutls_x509_crt_set_crl_dist_points):=GPA('gnutls_x509_crt_set_crl_dist_points');
+  pointer(gnutls_x509_crt_cpy_crl_dist_points):=GPA('gnutls_x509_crt_cpy_crl_dist_points');
+  pointer(gnutls_x509_crl_sign2):=GPA('gnutls_x509_crl_sign2');
+  pointer(gnutls_x509_crt_get_activation_time):=GPA('gnutls_x509_crt_get_activation_time');
+  pointer(gnutls_x509_crt_get_expiration_time):=GPA('gnutls_x509_crt_get_expiration_time');
+  pointer(gnutls_x509_crt_get_serial):=GPA('gnutls_x509_crt_get_serial');
+  pointer(gnutls_x509_crt_get_pk_algorithm):=GPA('gnutls_x509_crt_get_pk_algorithm');
+  pointer(gnutls_x509_crt_get_pk_rsa_raw):=GPA('gnutls_x509_crt_get_pk_rsa_raw');
+  pointer(gnutls_x509_crt_get_pk_dsa_raw):=GPA('gnutls_x509_crt_get_pk_dsa_raw');
+  pointer(gnutls_x509_crt_get_pk_ecc_raw):=GPA('gnutls_x509_crt_get_pk_ecc_raw');
+  pointer(gnutls_x509_crt_get_subject_alt_name):=GPA('gnutls_x509_crt_get_subject_alt_name');
+  pointer(gnutls_x509_crt_get_subject_alt_name2):=GPA('gnutls_x509_crt_get_subject_alt_name2');
+  pointer(gnutls_x509_crt_get_subject_alt_othername_oid):=GPA('gnutls_x509_crt_get_subject_alt_othername_oid');
+  pointer(gnutls_x509_crt_get_issuer_alt_name):=GPA('gnutls_x509_crt_get_issuer_alt_name');
+  pointer(gnutls_x509_crt_get_issuer_alt_name2):=GPA('gnutls_x509_crt_get_issuer_alt_name2');
+  pointer(gnutls_x509_crt_get_issuer_alt_othername_oid):=GPA('gnutls_x509_crt_get_issuer_alt_othername_oid');
+  pointer(gnutls_x509_crt_get_ca_status):=GPA('gnutls_x509_crt_get_ca_status');
+  pointer(gnutls_x509_crt_get_basic_constraints):=GPA('gnutls_x509_crt_get_basic_constraints');
+  pointer(gnutls_x509_crt_get_key_usage):=GPA('gnutls_x509_crt_get_key_usage');
+  pointer(gnutls_x509_crt_set_key_usage):=GPA('gnutls_x509_crt_set_key_usage');
+  pointer(gnutls_x509_crt_set_authority_info_access):=GPA('gnutls_x509_crt_set_authority_info_access');
+  pointer(gnutls_x509_crt_get_proxy):=GPA('gnutls_x509_crt_get_proxy');
+  pointer(gnutls_x509_policy_release):=GPA('gnutls_x509_policy_release');
+  pointer(gnutls_x509_crt_get_policy):=GPA('gnutls_x509_crt_get_policy');
+  pointer(gnutls_x509_crt_set_policy):=GPA('gnutls_x509_crt_set_policy');
+  pointer(gnutls_x509_dn_oid_known):=GPA('gnutls_x509_dn_oid_known');
+  pointer(gnutls_x509_dn_oid_name):=GPA('gnutls_x509_dn_oid_name');
+  pointer(gnutls_x509_crt_get_extension_oid):=GPA('gnutls_x509_crt_get_extension_oid');
+  pointer(gnutls_x509_crt_get_extension_by_oid):=GPA('gnutls_x509_crt_get_extension_by_oid');
+  pointer(gnutls_x509_crq_get_signature_algorithm):=GPA('gnutls_x509_crq_get_signature_algorithm');
+  pointer(gnutls_x509_crq_get_extension_by_oid2):=GPA('gnutls_x509_crq_get_extension_by_oid2');
+  pointer(gnutls_x509_crt_get_extension_info):=GPA('gnutls_x509_crt_get_extension_info');
+  pointer(gnutls_x509_crt_get_extension_data):=GPA('gnutls_x509_crt_get_extension_data');
+  pointer(gnutls_x509_crt_get_extension_data2):=GPA('gnutls_x509_crt_get_extension_data2');
+  pointer(gnutls_x509_crt_set_extension_by_oid):=GPA('gnutls_x509_crt_set_extension_by_oid');
+  pointer(gnutls_x509_crt_set_dn):=GPA('gnutls_x509_crt_set_dn');
+  pointer(gnutls_x509_crt_set_dn_by_oid):=GPA('gnutls_x509_crt_set_dn_by_oid');
+  pointer(gnutls_x509_crt_set_issuer_dn_by_oid):=GPA('gnutls_x509_crt_set_issuer_dn_by_oid');
+  pointer(gnutls_x509_crt_set_issuer_dn):=GPA('gnutls_x509_crt_set_issuer_dn');
+  pointer(gnutls_x509_crt_set_version):=GPA('gnutls_x509_crt_set_version');
+  pointer(gnutls_x509_crt_set_key):=GPA('gnutls_x509_crt_set_key');
+  pointer(gnutls_x509_crt_set_ca_status):=GPA('gnutls_x509_crt_set_ca_status');
+  pointer(gnutls_x509_crt_set_basic_constraints):=GPA('gnutls_x509_crt_set_basic_constraints');
+  pointer(gnutls_x509_crt_set_subject_unique_id):=GPA('gnutls_x509_crt_set_subject_unique_id');
+  pointer(gnutls_x509_crt_set_issuer_unique_id):=GPA('gnutls_x509_crt_set_issuer_unique_id');
+  pointer(gnutls_x509_crt_set_subject_alternative_name):=GPA('gnutls_x509_crt_set_subject_alternative_name');
+  pointer(gnutls_x509_crt_set_subject_alt_name):=GPA('gnutls_x509_crt_set_subject_alt_name');
+  pointer(gnutls_x509_crt_set_issuer_alt_name):=GPA('gnutls_x509_crt_set_issuer_alt_name');
+  pointer(gnutls_x509_crt_sign):=GPA('gnutls_x509_crt_sign');
+  pointer(gnutls_x509_crt_sign2):=GPA('gnutls_x509_crt_sign2');
+  pointer(gnutls_x509_crt_set_activation_time):=GPA('gnutls_x509_crt_set_activation_time');
+  pointer(gnutls_x509_crt_set_expiration_time):=GPA('gnutls_x509_crt_set_expiration_time');
+  pointer(gnutls_x509_crt_set_serial):=GPA('gnutls_x509_crt_set_serial');
+  pointer(gnutls_x509_crt_set_subject_key_id):=GPA('gnutls_x509_crt_set_subject_key_id');
+  pointer(gnutls_x509_crt_set_proxy_dn):=GPA('gnutls_x509_crt_set_proxy_dn');
+  pointer(gnutls_x509_crt_set_proxy):=GPA('gnutls_x509_crt_set_proxy');
+  pointer(gnutls_x509_crt_print):=GPA('gnutls_x509_crt_print');
+  pointer(gnutls_x509_crl_print):=GPA('gnutls_x509_crl_print');
+  pointer(gnutls_x509_crt_get_raw_issuer_dn):=GPA('gnutls_x509_crt_get_raw_issuer_dn');
+  pointer(gnutls_x509_crt_get_raw_dn):=GPA('gnutls_x509_crt_get_raw_dn');
+  pointer(gnutls_x509_rdn_get):=GPA('gnutls_x509_rdn_get');
+  pointer(gnutls_x509_rdn_get_oid):=GPA('gnutls_x509_rdn_get_oid');
+  pointer(gnutls_x509_rdn_get_by_oid):=GPA('gnutls_x509_rdn_get_by_oid');
+  pointer(gnutls_x509_crt_get_subject):=GPA('gnutls_x509_crt_get_subject');
+  pointer(gnutls_x509_crt_get_issuer):=GPA('gnutls_x509_crt_get_issuer');
+  pointer(gnutls_x509_dn_get_rdn_ava):=GPA('gnutls_x509_dn_get_rdn_ava');
+  pointer(gnutls_x509_dn_get_str):=GPA('gnutls_x509_dn_get_str');
+  pointer(gnutls_x509_dn_init):=GPA('gnutls_x509_dn_init');
+  pointer(gnutls_x509_dn_import):=GPA('gnutls_x509_dn_import');
+  pointer(gnutls_x509_dn_export):=GPA('gnutls_x509_dn_export');
+  pointer(gnutls_x509_dn_export2):=GPA('gnutls_x509_dn_export2');
+  pointer(gnutls_x509_dn_deinit):=GPA('gnutls_x509_dn_deinit');
+  pointer(gnutls_x509_crl_init):=GPA('gnutls_x509_crl_init');
+  pointer(gnutls_x509_crl_deinit):=GPA('gnutls_x509_crl_deinit');
+  pointer(gnutls_x509_crl_import):=GPA('gnutls_x509_crl_import');
+  pointer(gnutls_x509_crl_export):=GPA('gnutls_x509_crl_export');
+  pointer(gnutls_x509_crl_export2):=GPA('gnutls_x509_crl_export2');
+  pointer(gnutls_x509_crl_get_raw_issuer_dn):=GPA('gnutls_x509_crl_get_raw_issuer_dn');
+  pointer(gnutls_x509_crl_get_issuer_dn):=GPA('gnutls_x509_crl_get_issuer_dn');
+  pointer(gnutls_x509_crl_get_issuer_dn2):=GPA('gnutls_x509_crl_get_issuer_dn2');
+  pointer(gnutls_x509_crl_get_issuer_dn_by_oid):=GPA('gnutls_x509_crl_get_issuer_dn_by_oid');
+  pointer(gnutls_x509_crl_get_dn_oid):=GPA('gnutls_x509_crl_get_dn_oid');
+  pointer(gnutls_x509_crl_get_signature_algorithm):=GPA('gnutls_x509_crl_get_signature_algorithm');
+  pointer(gnutls_x509_crl_get_signature):=GPA('gnutls_x509_crl_get_signature');
+  pointer(gnutls_x509_crl_get_version):=GPA('gnutls_x509_crl_get_version');
+  pointer(gnutls_x509_crl_get_this_update):=GPA('gnutls_x509_crl_get_this_update');
+  pointer(gnutls_x509_crl_get_next_update):=GPA('gnutls_x509_crl_get_next_update');
+  pointer(gnutls_x509_crl_get_crt_count):=GPA('gnutls_x509_crl_get_crt_count');
+  pointer(gnutls_x509_crl_get_crt_serial):=GPA('gnutls_x509_crl_get_crt_serial');
+  pointer(gnutls_x509_crl_iter_crt_serial):=GPA('gnutls_x509_crl_iter_crt_serial');
+  pointer(gnutls_x509_crl_iter_deinit):=GPA('gnutls_x509_crl_iter_deinit');
+  pointer(gnutls_x509_crl_check_issuer):=GPA('gnutls_x509_crl_check_issuer');
+  pointer(gnutls_x509_crl_list_import2):=GPA('gnutls_x509_crl_list_import2');
+  pointer(gnutls_x509_crl_list_import):=GPA('gnutls_x509_crl_list_import');
+  pointer(gnutls_x509_crl_set_version):=GPA('gnutls_x509_crl_set_version');
+  pointer(gnutls_x509_crl_set_this_update):=GPA('gnutls_x509_crl_set_this_update');
+  pointer(gnutls_x509_crl_set_next_update):=GPA('gnutls_x509_crl_set_next_update');
+  pointer(gnutls_x509_crl_set_crt_serial):=GPA('gnutls_x509_crl_set_crt_serial');
+  pointer(gnutls_x509_crl_set_crt):=GPA('gnutls_x509_crl_set_crt');
+  pointer(gnutls_x509_crl_get_authority_key_id):=GPA('gnutls_x509_crl_get_authority_key_id');
+  pointer(gnutls_x509_crl_get_authority_key_gn_serial):=GPA('gnutls_x509_crl_get_authority_key_gn_serial');
+  pointer(gnutls_x509_crl_get_number):=GPA('gnutls_x509_crl_get_number');
+  pointer(gnutls_x509_crl_get_extension_oid):=GPA('gnutls_x509_crl_get_extension_oid');
+  pointer(gnutls_x509_crl_get_extension_info):=GPA('gnutls_x509_crl_get_extension_info');
+  pointer(gnutls_x509_crl_get_extension_data):=GPA('gnutls_x509_crl_get_extension_data');
+  pointer(gnutls_x509_crl_get_extension_data2):=GPA('gnutls_x509_crl_get_extension_data2');
+  pointer(gnutls_x509_crl_set_authority_key_id):=GPA('gnutls_x509_crl_set_authority_key_id');
+  pointer(gnutls_x509_crl_set_number):=GPA('gnutls_x509_crl_set_number');
+  pointer(gnutls_x509_crt_check_issuer):=GPA('gnutls_x509_crt_check_issuer');
+  pointer(gnutls_x509_crt_list_verify):=GPA('gnutls_x509_crt_list_verify');
+  pointer(gnutls_x509_crt_verify):=GPA('gnutls_x509_crt_verify');
+  pointer(gnutls_x509_crl_verify):=GPA('gnutls_x509_crl_verify');
+  pointer(gnutls_x509_crt_verify_data2):=GPA('gnutls_x509_crt_verify_data2');
+  pointer(gnutls_x509_crt_check_revocation):=GPA('gnutls_x509_crt_check_revocation');
+  pointer(gnutls_x509_crt_get_fingerprint):=GPA('gnutls_x509_crt_get_fingerprint');
+  pointer(gnutls_x509_crt_get_key_purpose_oid):=GPA('gnutls_x509_crt_get_key_purpose_oid');
+  pointer(gnutls_x509_crt_set_key_purpose_oid):=GPA('gnutls_x509_crt_set_key_purpose_oid');
+  pointer(gnutls_pkcs_schema_get_name):=GPA('gnutls_pkcs_schema_get_name');
+  pointer(gnutls_pkcs_schema_get_oid):=GPA('gnutls_pkcs_schema_get_oid');
+  pointer(gnutls_x509_privkey_init):=GPA('gnutls_x509_privkey_init');
+  pointer(gnutls_x509_privkey_deinit):=GPA('gnutls_x509_privkey_deinit');
+  pointer(gnutls_x509_privkey_sec_param):=GPA('gnutls_x509_privkey_sec_param');
+  pointer(gnutls_x509_privkey_set_pin_function):=GPA('gnutls_x509_privkey_set_pin_function');
+  pointer(gnutls_x509_privkey_cpy):=GPA('gnutls_x509_privkey_cpy');
+  pointer(gnutls_x509_privkey_import):=GPA('gnutls_x509_privkey_import');
+  pointer(gnutls_x509_privkey_import_pkcs8):=GPA('gnutls_x509_privkey_import_pkcs8');
+  pointer(gnutls_x509_privkey_import_openssl):=GPA('gnutls_x509_privkey_import_openssl');
+  pointer(gnutls_pkcs8_info):=GPA('gnutls_pkcs8_info');
+  pointer(gnutls_x509_privkey_import2):=GPA('gnutls_x509_privkey_import2');
+  pointer(gnutls_x509_privkey_import_rsa_raw):=GPA('gnutls_x509_privkey_import_rsa_raw');
+  pointer(gnutls_x509_privkey_import_rsa_raw2):=GPA('gnutls_x509_privkey_import_rsa_raw2');
+  pointer(gnutls_x509_privkey_import_ecc_raw):=GPA('gnutls_x509_privkey_import_ecc_raw');
+  pointer(gnutls_x509_privkey_fix):=GPA('gnutls_x509_privkey_fix');
+  pointer(gnutls_x509_privkey_export_dsa_raw):=GPA('gnutls_x509_privkey_export_dsa_raw');
+  pointer(gnutls_x509_privkey_import_dsa_raw):=GPA('gnutls_x509_privkey_import_dsa_raw');
+  pointer(gnutls_x509_privkey_get_pk_algorithm):=GPA('gnutls_x509_privkey_get_pk_algorithm');
+  pointer(gnutls_x509_privkey_get_pk_algorithm2):=GPA('gnutls_x509_privkey_get_pk_algorithm2');
+  pointer(gnutls_x509_privkey_get_key_id):=GPA('gnutls_x509_privkey_get_key_id');
+  pointer(gnutls_x509_privkey_generate):=GPA('gnutls_x509_privkey_generate');
+  pointer(gnutls_x509_privkey_verify_params):=GPA('gnutls_x509_privkey_verify_params');
+  pointer(gnutls_x509_privkey_export):=GPA('gnutls_x509_privkey_export');
+  pointer(gnutls_x509_privkey_export2):=GPA('gnutls_x509_privkey_export2');
+  pointer(gnutls_x509_privkey_export_pkcs8):=GPA('gnutls_x509_privkey_export_pkcs8');
+  pointer(gnutls_x509_privkey_export2_pkcs8):=GPA('gnutls_x509_privkey_export2_pkcs8');
+  pointer(gnutls_x509_privkey_export_rsa_raw2):=GPA('gnutls_x509_privkey_export_rsa_raw2');
+  pointer(gnutls_x509_privkey_export_rsa_raw):=GPA('gnutls_x509_privkey_export_rsa_raw');
+  pointer(gnutls_x509_privkey_export_ecc_raw):=GPA('gnutls_x509_privkey_export_ecc_raw');
+  pointer(gnutls_x509_privkey_sign_data):=GPA('gnutls_x509_privkey_sign_data');
+  pointer(gnutls_x509_crq_sign2):=GPA('gnutls_x509_crq_sign2');
+  pointer(gnutls_x509_crq_print):=GPA('gnutls_x509_crq_print');
+  pointer(gnutls_x509_crq_verify):=GPA('gnutls_x509_crq_verify');
+  pointer(gnutls_x509_crq_init):=GPA('gnutls_x509_crq_init');
+  pointer(gnutls_x509_crq_deinit):=GPA('gnutls_x509_crq_deinit');
+  pointer(gnutls_x509_crq_import):=GPA('gnutls_x509_crq_import');
+  pointer(gnutls_x509_crq_get_private_key_usage_period):=GPA('gnutls_x509_crq_get_private_key_usage_period');
+  pointer(gnutls_x509_crq_get_dn):=GPA('gnutls_x509_crq_get_dn');
+  pointer(gnutls_x509_crq_get_dn2):=GPA('gnutls_x509_crq_get_dn2');
+  pointer(gnutls_x509_crq_get_dn_oid):=GPA('gnutls_x509_crq_get_dn_oid');
+  pointer(gnutls_x509_crq_get_dn_by_oid):=GPA('gnutls_x509_crq_get_dn_by_oid');
+  pointer(gnutls_x509_crq_set_dn):=GPA('gnutls_x509_crq_set_dn');
+  pointer(gnutls_x509_crq_set_dn_by_oid):=GPA('gnutls_x509_crq_set_dn_by_oid');
+  pointer(gnutls_x509_crq_set_version):=GPA('gnutls_x509_crq_set_version');
+  pointer(gnutls_x509_crq_get_version):=GPA('gnutls_x509_crq_get_version');
+  pointer(gnutls_x509_crq_set_key):=GPA('gnutls_x509_crq_set_key');
+  pointer(gnutls_x509_crq_set_challenge_password):=GPA('gnutls_x509_crq_set_challenge_password');
+  pointer(gnutls_x509_crq_get_challenge_password):=GPA('gnutls_x509_crq_get_challenge_password');
+  pointer(gnutls_x509_crq_set_attribute_by_oid):=GPA('gnutls_x509_crq_set_attribute_by_oid');
+  pointer(gnutls_x509_crq_get_attribute_by_oid):=GPA('gnutls_x509_crq_get_attribute_by_oid');
+  pointer(gnutls_x509_crq_export):=GPA('gnutls_x509_crq_export');
+  pointer(gnutls_x509_crq_export2):=GPA('gnutls_x509_crq_export2');
+  pointer(gnutls_x509_crt_set_crq):=GPA('gnutls_x509_crt_set_crq');
+  pointer(gnutls_x509_crt_set_crq_extensions):=GPA('gnutls_x509_crt_set_crq_extensions');
+  pointer(gnutls_x509_crq_set_private_key_usage_period):=GPA('gnutls_x509_crq_set_private_key_usage_period');
+  pointer(gnutls_x509_crq_set_key_rsa_raw):=GPA('gnutls_x509_crq_set_key_rsa_raw');
+  pointer(gnutls_x509_crq_set_subject_alt_name):=GPA('gnutls_x509_crq_set_subject_alt_name');
+  pointer(gnutls_x509_crq_set_key_usage):=GPA('gnutls_x509_crq_set_key_usage');
+  pointer(gnutls_x509_crq_set_basic_constraints):=GPA('gnutls_x509_crq_set_basic_constraints');
+  pointer(gnutls_x509_crq_set_key_purpose_oid):=GPA('gnutls_x509_crq_set_key_purpose_oid');
+  pointer(gnutls_x509_crq_get_key_purpose_oid):=GPA('gnutls_x509_crq_get_key_purpose_oid');
+  pointer(gnutls_x509_crq_get_extension_data):=GPA('gnutls_x509_crq_get_extension_data');
+  pointer(gnutls_x509_crq_get_extension_data2):=GPA('gnutls_x509_crq_get_extension_data2');
+  pointer(gnutls_x509_crq_get_extension_info):=GPA('gnutls_x509_crq_get_extension_info');
+  pointer(gnutls_x509_crq_get_attribute_data):=GPA('gnutls_x509_crq_get_attribute_data');
+  pointer(gnutls_x509_crq_get_attribute_info):=GPA('gnutls_x509_crq_get_attribute_info');
+  pointer(gnutls_x509_crq_get_pk_algorithm):=GPA('gnutls_x509_crq_get_pk_algorithm');
+  pointer(gnutls_x509_crq_get_key_id):=GPA('gnutls_x509_crq_get_key_id');
+  pointer(gnutls_x509_crq_get_key_rsa_raw):=GPA('gnutls_x509_crq_get_key_rsa_raw');
+  pointer(gnutls_x509_crq_get_key_usage):=GPA('gnutls_x509_crq_get_key_usage');
+  pointer(gnutls_x509_crq_get_basic_constraints):=GPA('gnutls_x509_crq_get_basic_constraints');
+  pointer(gnutls_x509_crq_get_subject_alt_name):=GPA('gnutls_x509_crq_get_subject_alt_name');
+  pointer(gnutls_x509_crq_get_subject_alt_othername_oid):=GPA('gnutls_x509_crq_get_subject_alt_othername_oid');
+  pointer(gnutls_x509_crq_get_extension_by_oid):=GPA('gnutls_x509_crq_get_extension_by_oid');
+  pointer(gnutls_x509_crt_get_extension_by_oid2):=GPA('gnutls_x509_crt_get_extension_by_oid2');
+  pointer(gnutls_x509_trust_list_init):=GPA('gnutls_x509_trust_list_init');
+  pointer(gnutls_x509_trust_list_deinit):=GPA('gnutls_x509_trust_list_deinit');
+  pointer(gnutls_x509_trust_list_get_issuer):=GPA('gnutls_x509_trust_list_get_issuer');
+  pointer(gnutls_x509_trust_list_get_issuer_by_dn):=GPA('gnutls_x509_trust_list_get_issuer_by_dn');
+  pointer(gnutls_x509_trust_list_get_issuer_by_subject_key_id):=GPA('gnutls_x509_trust_list_get_issuer_by_subject_key_id');
+  pointer(gnutls_x509_trust_list_add_cas):=GPA('gnutls_x509_trust_list_add_cas');
+  pointer(gnutls_x509_trust_list_remove_cas):=GPA('gnutls_x509_trust_list_remove_cas');
+  pointer(gnutls_x509_trust_list_add_named_crt):=GPA('gnutls_x509_trust_list_add_named_crt');
+  pointer(gnutls_x509_trust_list_add_crls):=GPA('gnutls_x509_trust_list_add_crls');
+  pointer(gnutls_x509_trust_list_iter_get_ca):=GPA('gnutls_x509_trust_list_iter_get_ca');
+  pointer(gnutls_x509_trust_list_iter_deinit):=GPA('gnutls_x509_trust_list_iter_deinit');
+  pointer(gnutls_x509_trust_list_verify_named_crt):=GPA('gnutls_x509_trust_list_verify_named_crt');
+  pointer(gnutls_x509_trust_list_verify_crt2):=GPA('gnutls_x509_trust_list_verify_crt2');
+  pointer(gnutls_x509_trust_list_verify_crt):=GPA('gnutls_x509_trust_list_verify_crt');
+  pointer(gnutls_x509_trust_list_add_trust_mem):=GPA('gnutls_x509_trust_list_add_trust_mem');
+  pointer(gnutls_x509_trust_list_add_trust_file):=GPA('gnutls_x509_trust_list_add_trust_file');
+  pointer(gnutls_x509_trust_list_add_trust_dir):=GPA('gnutls_x509_trust_list_add_trust_dir');
+  pointer(gnutls_x509_trust_list_remove_trust_file):=GPA('gnutls_x509_trust_list_remove_trust_file');
+  pointer(gnutls_x509_trust_list_remove_trust_mem):=GPA('gnutls_x509_trust_list_remove_trust_mem');
+  pointer(gnutls_x509_trust_list_add_system_trust):=GPA('gnutls_x509_trust_list_add_system_trust');
+  pointer(gnutls_certificate_set_trust_list):=GPA('gnutls_certificate_set_trust_list');
+  pointer(gnutls_certificate_get_trust_list):=GPA('gnutls_certificate_get_trust_list');
+  pointer(gnutls_x509_ext_deinit):=GPA('gnutls_x509_ext_deinit');
+  pointer(gnutls_x509_ext_print):=GPA('gnutls_x509_ext_print');
+  pointer(gnutls_pkcs7_init):=GPA('gnutls_pkcs7_init');
+  pointer(gnutls_pkcs7_deinit):=GPA('gnutls_pkcs7_deinit');
+  pointer(gnutls_pkcs7_import):=GPA('gnutls_pkcs7_import');
+  pointer(gnutls_pkcs7_export):=GPA('gnutls_pkcs7_export');
+  pointer(gnutls_pkcs7_export2):=GPA('gnutls_pkcs7_export2');
+  pointer(gnutls_pkcs7_get_signature_count):=GPA('gnutls_pkcs7_get_signature_count');
+  pointer(gnutls_pkcs7_get_embedded_data):=GPA('gnutls_pkcs7_get_embedded_data');
+  pointer(gnutls_pkcs7_get_crt_count):=GPA('gnutls_pkcs7_get_crt_count');
+  pointer(gnutls_pkcs7_get_crt_raw):=GPA('gnutls_pkcs7_get_crt_raw');
+  pointer(gnutls_pkcs7_set_crt_raw):=GPA('gnutls_pkcs7_set_crt_raw');
+  pointer(gnutls_pkcs7_set_crt):=GPA('gnutls_pkcs7_set_crt');
+  pointer(gnutls_pkcs7_delete_crt):=GPA('gnutls_pkcs7_delete_crt');
+  pointer(gnutls_pkcs7_get_crl_raw):=GPA('gnutls_pkcs7_get_crl_raw');
+  pointer(gnutls_pkcs7_get_crl_count):=GPA('gnutls_pkcs7_get_crl_count');
+  pointer(gnutls_pkcs7_set_crl_raw):=GPA('gnutls_pkcs7_set_crl_raw');
+  pointer(gnutls_pkcs7_set_crl):=GPA('gnutls_pkcs7_set_crl');
+  pointer(gnutls_pkcs7_delete_crl):=GPA('gnutls_pkcs7_delete_crl');
+  pointer(gnutls_pkcs7_signature_info_deinit):=GPA('gnutls_pkcs7_signature_info_deinit');
+  pointer(gnutls_pkcs7_get_signature_info):=GPA('gnutls_pkcs7_get_signature_info');
+  pointer(gnutls_pkcs7_verify_direct):=GPA('gnutls_pkcs7_verify_direct');
+  pointer(gnutls_pkcs7_verify):=GPA('gnutls_pkcs7_verify');
+  pointer(gnutls_pkcs7_add_attr):=GPA('gnutls_pkcs7_add_attr');
+  pointer(gnutls_pkcs7_attrs_deinit):=GPA('gnutls_pkcs7_attrs_deinit');
+  pointer(gnutls_pkcs7_get_attr):=GPA('gnutls_pkcs7_get_attr');
+  pointer(gnutls_pkcs7_sign):=GPA('gnutls_pkcs7_sign');
+  pointer(gnutls_pkcs7_get_crt_raw2):=GPA('gnutls_pkcs7_get_crt_raw2');
+  pointer(gnutls_pkcs7_get_crl_raw2):=GPA('gnutls_pkcs7_get_crl_raw2');
+  pointer(gnutls_pkcs7_print):=GPA('gnutls_pkcs7_print');
+  LoadedLibName:=aLib;
+end;
+
+end.

packages/gnutls/src/gnutlssockets.pp

@@ -0,0 +1,604 @@
+unit gnutlssockets;
+
+{$mode objfpc}{$H+}
+
+interface
+
+uses
+  Classes, SysUtils, sockets, ssockets, sslsockets, dateUtils,
+  cTypes, sslbase, gnutls;
+
+Const
+  DefCertSize = 8192;
+
+Type
+  EGnuTLS = Class(Exception);
+
+  { TGNUTLSSocketHandler }
+
+  TGNUTLSSocketHandler = Class(TSSLSocketHandler)
+  Private
+    FSession : tgnutls_session_t;
+    FCred : tgnutls_certificate_credentials_t;
+    FGNUTLSLastErrorString: string;
+    FGNUTLSLastError : Integer;
+    FCurrentHostName : String;
+    FCurrentCypherlist : String;
+    function LoadTrustedCertificate(aCertData: TSSLData): Boolean;
+    function MaybeAllocateCredentials: Boolean;
+    procedure SetGNUTLSLastErrorString(AValue: string);
+    function SetTrustedCertificateDir(const aFileName: string): Boolean;
+  Protected
+    function LoadCertificate(aData, aKey: TSSLData): Boolean;
+    procedure FreeCredentials;
+    procedure FreeSession;
+    function DoHandShake: Boolean;
+    function GetCipherListString: String; virtual;
+    Function FetchErrorInfo: Boolean;
+    function Check(aResult: cInt) : cInt;
+    function CheckOK(aResult: cInt) : Boolean;
+    function InitSession(AsServer: Boolean): Boolean; virtual;
+    function DoneSession: Boolean; virtual;
+    function InitSslKeys: boolean;virtual;
+  Public
+    Constructor create; override;
+    destructor destroy; override;
+    function CreateCertGenerator: TX509Certificate; override;
+    function Connect : Boolean; override;
+    function Close : Boolean; override;
+    function Accept : Boolean; override;
+    function Shutdown(BiDirectional : Boolean): boolean; override;
+    function Send(Const Buffer; Count: Integer): Integer; override;
+    function Recv(Const Buffer; Count: Integer): Integer; override;
+    function BytesAvailable: Integer; override;
+    // Result of last CheckSSL call.
+    Function GNUTLSLastError: integer;
+    property GNUTLSLastErrorString: string read FGNUTLSLastErrorString write SetGNUTLSLastErrorString;
+  end;
+
+  { TGNUTLSX509Certificate }
+
+  TGNUTLSX509Certificate = class(TX509Certificate)
+  private
+    FMyFormat : tgnutls_x509_crt_fmt_t;
+    procedure Check(Aret: cint);
+    procedure Check(Aexp: Boolean; Aret: cint);
+    function GenCACert(const Aca_priv_key: TBytes; const Acommon_name, Aserial: AnsiString; Adays: Word): TBytes;
+    function GenPrivKey: TBytes;
+    function GenSrvCert(const Aca_priv_key, Aca_pem, Asrv_priv_key: TBytes; const Acommon_name, Aorganization, Aserial: AnsiString;
+      Adays: Word): TBytes;
+  public
+    constructor create;
+    function CreateCertificateAndKey: TCertAndKey; override;
+  end;
+
+implementation
+
+{ TSocketHandler }
+
+Procedure MaybeInitGNUTLS;
+
+begin
+  if not GnuTLSloaded then
+     LoadGnuTLS();
+end;
+
+{ TGNUTLSX509Certificate }
+
+procedure TGNUTLSX509Certificate.Check(Aret: cint); inline;
+
+begin
+  if Aret <> GNUTLS_E_SUCCESS then
+    raise EGnuTLS.Create(gnutls_strerror(Aret));
+end;
+
+procedure TGNUTLSX509Certificate.Check(Aexp: Boolean; Aret: cint); inline;
+begin
+  if Aexp then
+    raise EGnuTLS.Create(gnutls_strerror(Aret));
+end;
+
+function TGNUTLSX509Certificate.GenPrivKey : TBytes;
+
+var
+  akey: Tgnutls_x509_privkey_t;
+  aSize: cuint;
+
+begin
+  Result:=Default(TBytes);
+  try
+    Check(gnutls_x509_privkey_init(@akey));
+    aSize := gnutls_sec_param_to_pk_bits(GNUTLS_PK_RSA, GNUTLS_SEC_PARAM_HIGH);
+    SetLength(Result,asize);
+    Check(gnutls_x509_privkey_generate(akey, GNUTLS_PK_RSA, aSize, 0));
+    Check(gnutls_x509_privkey_export(akey,FMyFormat,Pointer(Result), @aSize));
+    SetLength(Result,asize);
+  except
+    gnutls_x509_privkey_deinit(akey);
+    raise;
+  end;
+end;
+
+
+Function TGNUTLSX509Certificate.GenCACert(const Aca_priv_key: TBytes; const Acommon_name, Aserial: AnsiString; Adays: Word) : TBytes;
+
+var
+  Vkey: Tgnutls_x509_privkey_t;
+  Vcrt: Tgnutls_x509_crt_t = nil;
+  Vdata: Tgnutls_datum_t;
+  Vkeyid: TBytes;
+  Vkeyidsize: csize_t;
+  Vactivation: ttime_t;
+  Vca_pem_size: csize_t;
+  Vret: cint;
+
+begin
+  Vkeyid:=Default(TBytes);
+  Result:=Default(TBytes);
+  try
+    Check(gnutls_x509_privkey_init(@Vkey));
+    Vdata.data := Pointer(Aca_priv_key);
+    Vdata.size := Length(Aca_priv_key);
+    Check(gnutls_x509_privkey_import(Vkey, @Vdata, FMyFormat));
+    Check(gnutls_x509_crt_init(@Vcrt));
+    Check(gnutls_x509_crt_set_key(Vcrt, Vkey));
+    Check(gnutls_x509_crt_set_dn_by_oid(Vcrt, GNUTLS_OID_X520_COMMON_NAME,0, @Acommon_name[1], Length(Acommon_name)));
+    Check(gnutls_x509_crt_set_version(Vcrt, 3));
+    Check(gnutls_x509_crt_set_serial(Vcrt, @Aserial[1], Length(Aserial)));
+    Vactivation := DateTimeToUnix(Now,False);
+    Check(gnutls_x509_crt_set_activation_time(Vcrt, Vactivation));
+    Check(gnutls_x509_crt_set_expiration_time(Vcrt, Vactivation + (Adays * 86400)));
+    Check(gnutls_x509_crt_set_ca_status(Vcrt, Ord(True)));
+    Check(gnutls_x509_crt_set_key_usage(Vcrt, GNUTLS_KEY_KEY_CERT_SIGN));
+    Vkeyidsize := 0;
+    Vret := gnutls_x509_crt_get_key_id(Vcrt, GNUTLS_KEYID_USE_SHA1, nil, @Vkeyidsize);
+    Check((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Pred(Vkeyidsize));
+    Check(gnutls_x509_crt_get_key_id(Vcrt, GNUTLS_KEYID_USE_SHA1, Pointer(Vkeyid), @Vkeyidsize));
+    Check(gnutls_x509_crt_set_subject_key_id(Vcrt, Pointer(Vkeyid), Vkeyidsize));
+    Check(gnutls_x509_crt_sign2(Vcrt, Vcrt, Vkey, GNUTLS_DIG_SHA256, 0));
+    SetLength(Result, DefCertSize);
+    Check(gnutls_x509_crt_export(Vcrt, FMyFormat, Pointer(Result), @Vca_pem_size));
+    SetLength(Result, Pred(Vca_pem_size));
+  except
+    gnutls_x509_privkey_deinit(Vkey);
+    gnutls_x509_crt_deinit(Vcrt);
+    raise;
+  end;
+end;
+
+Function TGNUTLSX509Certificate.GenSrvCert(const Aca_priv_key, Aca_pem, Asrv_priv_key: TBytes;  const Acommon_name, Aorganization,  Aserial: AnsiString; Adays: Word) : TBytes;
+
+var
+  Vsrv_key: Tgnutls_x509_privkey_t = nil;
+  Vca_key: Tgnutls_x509_privkey_t = nil;
+  Vca_crt: Tgnutls_x509_crt_t = nil;
+  Vsrv_crt: Tgnutls_x509_crt_t = nil;
+  Vdata: Tgnutls_datum_t;
+  Vkeyid: TBytes;
+  Vkeyidsize: csize_t;
+  Vactivation: ttime_t;
+  Vsrv_pem_size: csize_t;
+  Vret: cint;
+
+begin
+  Vkeyid:=Default(TBytes);
+  Result:=Default(TBytes);
+  try
+    Check(gnutls_x509_privkey_init(@Vca_key));
+    Vdata.data := Pointer(Aca_priv_key);
+    Vdata.size := Length(Aca_priv_key);
+    Check(gnutls_x509_privkey_import(Vca_key, @Vdata, FMyFormat));
+    Check(gnutls_x509_privkey_init(@Vsrv_key));
+    Vdata.data := Pointer(Asrv_priv_key);
+    Vdata.size := Length(Asrv_priv_key);
+    Check(gnutls_x509_privkey_import(Vsrv_key, @Vdata, FMyFormat));
+    Check(gnutls_x509_crt_init(@Vca_crt));
+    Vdata.data := Pointer(Aca_pem);
+    Vdata.size := Length(Aca_pem);
+    Check(gnutls_x509_crt_import(Vca_crt, @Vdata, FMyFormat));
+    Check(gnutls_x509_crt_init(@Vsrv_crt));
+    Check(gnutls_x509_crt_set_key(Vsrv_crt, Vsrv_key));
+    Check(gnutls_x509_crt_set_dn_by_oid(Vsrv_crt, GNUTLS_OID_X520_COMMON_NAME, 0, @Acommon_name[1], Length(Acommon_name)));
+    if (AOrganization<>'') then
+      Check(gnutls_x509_crt_set_dn_by_oid(Vsrv_crt, GNUTLS_OID_X520_ORGANIZATION_NAME, 0, @Aorganization[1], Length(Aorganization)));
+    Check(gnutls_x509_crt_set_version(Vsrv_crt, 3));
+    Check(gnutls_x509_crt_set_serial(Vsrv_crt, @Aserial[1],Length(Aserial)));
+    Vactivation := DateTimeToUnix(Now,False);
+    Check(gnutls_x509_crt_set_activation_time(Vsrv_crt, Vactivation));
+    Check(gnutls_x509_crt_set_expiration_time(Vsrv_crt, Vactivation + (Adays * 86400)));
+    Check(gnutls_x509_crt_set_ca_status(Vsrv_crt, Ord(False)));
+    Check(gnutls_x509_crt_set_key_purpose_oid(Vsrv_crt,  @GNUTLS_KP_TLS_WWW_SERVER[1], Ord(False)));
+    Vkeyidsize := 0;
+    Vret := gnutls_x509_crt_get_subject_key_id(Vca_crt, nil, @Vkeyidsize, nil);
+    Check((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or  (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Pred(Vkeyidsize));
+    Check(gnutls_x509_crt_get_subject_key_id(Vca_crt, Pointer(Vkeyid), @Vkeyidsize, nil));
+    Check(gnutls_x509_crt_set_subject_key_id(Vsrv_crt, Pointer(Vkeyid), Vkeyidsize));
+    Vkeyidsize := 0;
+    gnutls_x509_crt_get_key_id(Vsrv_crt, GNUTLS_KEYID_USE_SHA1, nil, @Vkeyidsize);
+    Check((Vret <> GNUTLS_E_SHORT_MEMORY_BUFFER) or (Vkeyidsize < 1), Vret);
+    SetLength(Vkeyid, Pred(Vkeyidsize));
+    Check(gnutls_x509_crt_get_key_id(Vsrv_crt, GNUTLS_KEYID_USE_SHA1, Pointer(Vkeyid), @Vkeyidsize));
+    Check(gnutls_x509_crt_set_authority_key_id(Vsrv_crt,  Pointer(Vkeyid), Vkeyidsize));
+    Check(gnutls_x509_crt_sign2(Vsrv_crt, Vca_crt, Vca_key,  GNUTLS_DIG_SHA256, 0));
+    Vsrv_pem_size := DefCertSize;
+    SetLength(Result, Pred(Vsrv_pem_size));
+    Check(gnutls_x509_crt_export(Vsrv_crt, FMyFormat,Pointer(Result), @Vsrv_pem_size));
+    SetLength(Result, Vsrv_pem_size);
+  except
+    gnutls_x509_privkey_deinit(Vsrv_key);
+    gnutls_x509_privkey_deinit(Vca_key);
+    gnutls_x509_crt_deinit(Vca_crt);
+    gnutls_x509_crt_deinit(Vsrv_crt);
+    raise;
+  end;
+end;
+
+constructor TGNUTLSX509Certificate.create;
+begin
+  FMyFormat:=GNUTLS_X509_FMT_PEM;
+end;
+
+function TGNUTLSX509Certificate.CreateCertificateAndKey: TCertAndKey;
+
+Var
+  PK,cacert : TBytes;
+
+begin
+  Result:=Default(TCertAndKey);
+  PK:=GenPrivKey;
+  CaCErt:=GenCACert(PK,Self.HostName,IntToStr(Serial),30);
+  Result.PrivateKey:=PK;
+  Result.Certificate:=GenSrvCert(PK,CaCert,PK,Self.HostName,'',IntToStr(Serial),30);
+end;
+
+function TGNUTLSSocketHandler.CreateCertGenerator: TX509Certificate;
+begin
+  Result:=TGNUTLSX509Certificate.Create;
+end;
+
+procedure TGNUTLSSocketHandler.SetGNUTLSLastErrorString(AValue: string);
+begin
+  if FGNUTLSLastErrorString=AValue then Exit;
+  FGNUTLSLastErrorString:=AValue;
+end;
+
+
+function TGNUTLSSocketHandler.Connect: Boolean;
+
+begin
+  Result:=Inherited Connect;
+  // Initsession sets handle
+  Result := Result and InitSession(False);
+  if Not Result then
+     exit;
+  if (Socket is TInetSocket) then
+    begin
+    FCurrentHostName:=(Socket as TInetSocket).Host;
+    if SendHostAsSNI then
+      begin
+      Result:=CheckOK(gnutls_server_name_set(FSession, GNUTLS_NAME_DNS,pchar(FCurrentHostName), length(FCurrentHostName)));
+      if not Result then
+        exit;
+      end;
+    gnutls_session_set_verify_cert(Fsession,pchar(FCurrentHostName),0);
+    end;
+  if Not Result then
+    exit;
+  Result:=DoHandShake;
+  if Result and VerifyPeerCert then
+    Result:=(not DoVerifyCert);
+  if Result then
+    SetSSLActive(True);
+end;
+
+function TGNUTLSSocketHandler.Close: Boolean;
+begin
+  Result:=CheckOK(gnutls_bye(FSession,GNUTLS_SHUT_WR));
+end;
+
+Function TGNUTLSSocketHandler.FetchErrorInfo : Boolean;
+
+Var
+  P : Pchar;
+
+begin
+  FGNUTLSLastErrorString:='';
+  Result:=(FGNUTLSLastError<>0);
+  if Result then
+    begin
+    P:=gnutls_strerror(FGNUTLSLastError);
+    if P<>Nil then
+      FGNUTLSLastErrorString:=StrPas(P)
+    else
+      FGNUTLSLastErrorString:=Format('Unknown error code: %d',[FGNUTLSLastError]);
+    end;
+end;
+
+function TGNUTLSSocketHandler.CheckOK(aResult: cInt): Boolean;
+begin
+  Result:=Check(aResult)>=0;
+end;
+
+function TGNUTLSSocketHandler.Check(aResult: cInt): cInt;
+begin
+  Result:=aResult;
+  if (Result<>GNUTLS_E_SUCCESS) then
+     begin
+     FGNUTLSLastError:=aResult;
+     FetchErrorInfo;
+     end;
+end;
+
+function TGNUTLSSocketHandler.GetCipherListString : String;
+
+begin
+  //  Set correct cipher list here
+  if FCurrentCypherlist='' then
+    begin
+    // We need it in a field variable, it seems GNUTLS expects it to last?
+    FCurrentCypherlist:='NORMAL';
+    end;
+  Result:=FCurrentCypherlist;
+end;
+
+function TGNUTLSSocketHandler.InitSession(AsServer: Boolean): Boolean;
+
+Const
+  InitFlags : Array[Boolean] of cInt = (GNUTLS_CLIENT,GNUTLS_SERVER);
+
+Var
+  flags :Cint;
+  errPtr : Pchar;
+
+begin
+  Flags:=InitFlags[AsServer];
+  Result:=CheckOK(gnutls_init(@FSession,Flags));
+  if not Result then
+    exit;
+  Result:=CheckOK(gnutls_priority_set_direct(FSession, PChar(GetCipherListString), @errptr));
+  if not Result then
+    FGNUTLSLastErrorString:=FGNUTLSLastErrorString+', error at: '+StrPas(errPtr);
+  If AsServer and CertificateData.NeedCertificateData  then
+    if Not CreateSelfSignedCertificate then
+      begin
+      DoneSession;
+      Exit(False);
+      end;
+  Result:=InitSslKeys;
+  if not Result then
+    DoneSession;
+{
+S:=CertificateData.CipherList;
+FCTX.SetVerify(VO[VerifypeerCert],Nil);
+FCTX.SetDefaultPasswdCb(@HandleSSLPwd);
+FCTX.SetDefaultPasswdCbUserdata(self);
+}
+  gnutls_transport_set_int2(FSession,Socket.Handle,Socket.Handle);
+  gnutls_handshake_set_timeout(FSession,GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+end;
+
+function TGNUTLSSocketHandler.DoneSession: Boolean;
+begin
+  FreeSession;
+  FreeCredentials;
+  Result:=True;
+end;
+
+function TGNUTLSSocketHandler.MaybeAllocateCredentials : Boolean;
+
+begin
+  Result:=Assigned(FCred);
+  if Result then
+    exit;
+  Result:=CheckOK(gnutls_certificate_allocate_credentials(@FCred));
+  if Result then
+    Result:=CheckOK(gnutls_credentials_set(FSession, GNUTLS_CRD_CERTIFICATE, FCred));
+end;
+
+function TGNUTLSSocketHandler.LoadCertificate(aData,aKey : TSSLData) : Boolean;
+var
+  key,cert : tgnutls_datum_t;
+
+begin
+  result:=MaybeAllocateCredentials;
+  if not Result then exit;
+  if (aData.FileName='') then
+    begin
+    cert.data:=Pointer(aData.Value);
+    cert.size:=Length(aData.Value);
+    key.data:=Pointer(aKey.Value);
+    key.size:=Length(aKey.Value);
+    Result:=CheckOK(gnutls_certificate_set_x509_key_mem(FCred,@cert,@key,GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_key_mem(FCred,@cert,@key,GNUTLS_X509_FMT_DER));
+    end
+  else
+    begin
+    Result:=CheckOK(gnutls_certificate_set_x509_key_file (FCred, pChar(aData.FileName),PChar(aKey.FileName),GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_key_file (FCred, pChar(aData.FileName),PChar(aKey.FileName),GNUTLS_X509_FMT_DER));
+    end;
+  if Result then
+    Result:=CheckOK(gnutls_credentials_set(FSession, GNUTLS_CRD_CERTIFICATE, FCred));
+end;
+
+function TGNUTLSSocketHandler.LoadTrustedCertificate(aCertData : TSSLData) : Boolean;
+
+var
+  ca : tgnutls_datum_t;
+
+begin
+  MaybeAllocateCredentials;
+  Result:=False;
+  if (aCertData.FileName<>'') then
+    begin
+    Result:=CheckOK(gnutls_certificate_set_x509_trust_file(FCred,PChar(aCertData.FileName),GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_trust_file(FCred,PChar(aCertData.FileName),GNUTLS_X509_FMT_DER));
+    end;
+  if (Length(aCertData.Value)>0) then
+    begin
+    ca.data:=Pointer(aCertData.Value);
+    ca.size:=Length(aCertData.Value);
+    Result:=CheckOK(gnutls_certificate_set_x509_trust_mem(FCred,@ca,GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_trust_mem(FCred,@ca,GNUTLS_X509_FMT_DER));
+    end;
+end;
+
+function TGNUTLSSocketHandler.SetTrustedCertificateDir(Const aFileName : string) : Boolean;
+
+Var
+  P : PChar;
+
+begin
+  MaybeAllocateCredentials;
+  P:=PAnsiChar(aFileName);
+  if DirectoryExists(aFileName) then
+    begin
+    Result:=CheckOK(gnutls_certificate_set_x509_trust_dir(FCred,P,GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_trust_dir(FCred,P,GNUTLS_X509_FMT_DER));
+    end
+  else
+    begin
+    Result:=CheckOK(gnutls_certificate_set_x509_trust_File(FCred,P,GNUTLS_X509_FMT_PEM));
+    if not Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_trust_File(FCred,P,GNUTLS_X509_FMT_DER));
+    end;
+end;
+
+function TGNUTLSSocketHandler.InitSslKeys: boolean;
+
+begin
+  Result:=(FSession<>Nil);
+  if not Result then
+    Exit;
+  if not (CertificateData.NeedCertificateData) then
+    Result:=LoadCertificate(CertificateData.Certificate,CertificateData.PrivateKey);
+  if Result and Not CertificateData.TrustedCertificate.Empty then
+    Result:=LoadTrustedCertificate(CertificateData.TrustedCertificate);
+  if Result and (CertificateData.CertCA.FileName<>'') then
+    Result:=Result and SetTrustedCertificateDir(CertificateData.CertCA.FileName);
+  // If nothing was set, set defaults.
+  if not Assigned(FCred) then
+    begin
+    Result:=MaybeAllocateCredentials;
+    if Result then
+      Result:=CheckOK(gnutls_certificate_set_x509_system_trust(FCred));
+    end;
+end;
+
+constructor TGNUTLSSocketHandler.create;
+begin
+  inherited create;
+  MaybeInitGNUTLS;
+end;
+
+destructor TGNUTLSSocketHandler.destroy;
+begin
+  DoneSession;
+  FreeSession;
+  FreeCredentials;
+  inherited destroy;
+end;
+
+Procedure TGNUTLSSocketHandler.FreeSession;
+
+begin
+  If (FSession<>Nil) then
+    begin
+    gnutls_deinit(Fsession);
+    Fsession:=Nil;
+    end;
+end;
+
+Procedure TGNUTLSSocketHandler.FreeCredentials;
+
+begin
+  If (FCred<>Nil) then
+    begin
+    gnutls_certificate_free_credentials(FCred);
+    FCred:=Nil;
+    end;
+end;
+
+function TGNUTLSSocketHandler.DoHandShake : Boolean;
+
+Var
+  Ret : cInt;
+
+begin
+  Repeat
+    ret:=Check(gnutls_handshake(FSession));
+  until (ret>=0) or (gnutls_error_is_fatal(ret) <> 0);
+  Result:=Ret>=0;
+end;
+
+function TGNUTLSSocketHandler.Accept: Boolean;
+
+begin
+  Result:=InitSession(True);
+  if Result then
+    Result:=DoHandShake;
+  SetSSLActive(Result);
+end;
+
+
+function TGNUTLSSocketHandler.Shutdown(BiDirectional : Boolean): boolean;
+
+begin
+  Result:=assigned(FSession);
+  if Result then
+    If Not BiDirectional then
+      gnutls_bye(FSession, GNUTLS_SHUT_WR)
+    else
+      begin
+      Result:=CheckOK(gnutls_bye(FSession, GNUTLS_SHUT_RDWR));
+      if Result then
+        Result:=fpShutdown(Socket.Handle,1)=0;
+      end;
+  If Result then
+    Result:=DoneSession;
+end;
+
+function TGNUTLSSocketHandler.Send(Const Buffer; Count: Integer): Integer;
+
+Var
+  P : PByte;
+
+begin
+  P:=PByte(@Buffer);
+  Result:=Check(gnutls_record_send(Fsession,P,Count));
+  if Result<0 then
+    Result:=-1;
+end;
+
+function TGNUTLSSocketHandler.Recv(Const Buffer; Count: Integer): Integer;
+
+Var
+  P : PByte;
+
+begin
+  P:=PByte(@Buffer);
+  Result:=Check(gnutls_record_recv(FSession,P,Count));
+  if Result<0 then
+    Result:=-1;
+end;
+
+function TGNUTLSSocketHandler.BytesAvailable: Integer;
+begin
+  Result:=gnutls_record_check_pending(FSession);
+end;
+
+Function TGNUTLSSocketHandler.GNUTLSLastError: integer;
+begin
+  Result:=FGNUTLSLastError;
+end;
+
+initialization
+  TSSLSocketHandler.SetDefaultHandlerClass(TGNUTLSSocketHandler);
+end.
+

packages/ide/fpide.pas

@@ -686,7 +686,7 @@ resourcestring  menu_local_gotosource = '~G~oto source';
                 msg_errorsavingconfigfile = 'Error saving config file.';
 
                 {Save options dialog.}
-                dialog_saveoptions = 'Save Options';
+                dialog_saveoptions = 'Save Options As';
                 dialog_ini_filename = 'Name of INI file';
 
                 {Window list dialog.}

packages/ide/fpmopts.inc

@@ -1588,7 +1588,7 @@ var D: PFileDialog;
     FileName: string;
     CanWrite: boolean;
 begin
-  New(D, Init('*'+ExtOf(INIFileName),dialog_saveoptions,dialog_ini_filename,fdOpenButton,hidSaveIniFile));
+  New(D, Init('*'+ExtOf(INIFileName),dialog_saveoptions,dialog_ini_filename,fdOkButton,hidSaveIniFile));
   D^.HelpCtx:=hcSaveAsINI;
   if Desktop^.ExecView(D)<>cmCancel then
     begin

packages/ide/fpviews.pas

@@ -4256,7 +4256,7 @@ begin
   C^.Insert(NewStr(S));
 end;
 begin
-  R.Assign(0,0,58,14{$ifdef NODEBUG}-1{$endif});
+  R.Assign(0,0,58,14{$ifdef USE_GRAPH_SWITCH}+1{$endif});
   inherited Init(R, dialog_about);
   HelpCtx:=hcAbout;
   GetExtent(R); R.Grow(-3,-2);

packages/ide/wcedit.pas

@@ -1382,13 +1382,14 @@ begin
                 WasInserting:=GetInsertMode;
                 SetInsertMode(true);
                 SetFlags(GetFlags or efNoIndent);
-                InsertLine(StartPos.Y,'');
+                InsertLine(StartPos.Y,GetStr(Text));
                 SetInsertMode(WasInserting);
                 if not HadefNoIndent then
                   SetFlags(GetFlags and not efNoIndent);
                 {DelEnd; wrong for eaCut at least }
                 SetCurPtr(StartPos.X,StartPos.Y);
-                SetLineText(StartPos.Y,Copy(GetDisplayText(StartPos.Y),1,StartPos.X)+GetStr(Text));
+                if StartPos.Y > EndPos.Y then
+                   SetLineText(EndPos.Y,Copy(GetDisplayText(EndPos.Y),1,EndPos.X));
                 SetMinMax(StartPos.Y);
               end;
             eaSelectionChanged :

packages/ide/weditor.pas

@@ -3418,6 +3418,7 @@ var
   E: TEvent;
   OldEvent : PEvent;
   CCAction: TCCAction;
+  LinesScroll : sw_integer;
 begin
   CCAction:=ccClear;
   E:=Event;
@@ -3433,6 +3434,18 @@ begin
   case Event.What of
     evMouseDown :
       if MouseInView(Event.Where) then
+       if (Event.Buttons=mbScrollWheelUp) then { mouse scroll up}
+         begin
+           LinesScroll:=1;
+           if Event.Double then LinesScroll:=LinesScroll+4;
+           ScrollTo(Delta.X, Delta.Y + LinesScroll);
+         end else
+       if (Event.Buttons=mbScrollWheelDown) then  { mouse scroll down }
+         begin
+           LinesScroll:=-1;
+           if Event.Double then LinesScroll:=LinesScroll-4;
+           ScrollTo(Delta.X, Delta.Y + LinesScroll);
+         end else
        if (Event.Buttons=mbRightButton) then
          begin
            MakeLocal(Event.Where,P); Inc(P.X); Inc(P.Y);
@@ -5120,7 +5133,7 @@ begin
   OK:=(S[StartPos] in WordChars);
   if OK then
     begin
-       While (StartPos>0) and (S[StartPos-1] in WordChars) do
+       While (StartPos>1) and (S[StartPos-1] in WordChars) do
          Dec(StartPos);
        While (EndPos<Length(S)) and (S[EndPos+1] in WordChars) do
          Inc(EndPos);
@@ -5974,12 +5987,11 @@ begin
 end;
 
 procedure TCustomCodeEditor.GotoLine;
-var
-  GotoRec: TGotoLineDialogRec;
+const
+  GotoRec: TGotoLineDialogRec = (LineNo:'1';Lines:0);  {keep previous goto line number}
 begin
   with GotoRec do
   begin
-    LineNo:='1';
     Lines:=GetLineCount;
     {Linecount can be 0, but in that case there still is a cursor blinking in top
      of the window, which will become line 1 as soon as sometype hits a key.}

packages/openssl/fpmake.pp

@@ -13,6 +13,7 @@ begin
 {$endif ALLPACKAGES}
 
     P:=AddPackage('openssl');
+    P.Dependencies.Add('fcl-net');
     P.ShortName:='ossl';
     P.Description := 'Interface units for OpenSSL libraries supporting SSL-encrypted network communication.';
 {$ifdef ALLPACKAGES}
@@ -29,6 +30,9 @@ begin
     T:=P.Targets.AddUnit('openssl.pas');
     T:=P.Targets.AddUnit('fpopenssl.pp');
       T.ResourceStrings:=true;
+    T:=P.Targets.AddUnit('opensslsockets.pp');
+      T.ResourceStrings:=true;
+      T.Dependencies.AddUnit('openssl');
 
     P.ExamplePath.Add('examples');
     P.Targets.AddExampleProgram('test1.pas');

packages/openssl/src/fpopenssl.pp

@@ -15,31 +15,23 @@
 unit fpopenssl;
 
 {$mode objfpc}{$H+}
+{$DEFINE DUMPCERT}
 
 interface
 
 uses
-  Classes, SysUtils, openssl, ctypes;
-Type
-  TSSLType = (stAny,stSSLv2,stSSLv3,stTLSv1,stTLSv1_1,stTLSv1_2);
-
-  //  PASN1_INTEGER = SslPtr;
-
-  { TSSLData }
-
-  TSSLData = Class(TPersistent)
-  private
-    FFileName: String;
-    FValue: String;
-  Public
-    Function Empty : Boolean;
-    Procedure Assign(Source : TPersistent);override;
-    Property FileName : String Read FFileName Write FFileName;
-    Property Value: String Read FValue Write FValue;
-  end;
+  Classes, SysUtils, sslbase, openssl, ctypes;
 
-  { TSocketHandler }
+{$IFDEF DUMPCERT}
+Const
+{$IFDEF UNIX}
+  DumpCertFile = '/tmp/x509.txt';
+{$ELSE}
+  DumpCertFile = 'C:\temp\x509.txt';
+{$ENDIF}
+{$ENDIF}
 
+Type
   { TSSLContext }
 
   TSSLContext = Class;
@@ -55,24 +47,27 @@ Type
     FCTX: PSSL_CTX;
     function UsePrivateKey(pkey: SslPtr): cInt;
     function UsePrivateKeyASN1(pk: cInt; d: String; len: cLong): cInt;
+    function UsePrivateKeyASN1(pk: cInt; d: TBytes; len: cLong): cInt;
     function UsePrivateKeyFile(const Afile: String; Atype: cInt): cInt;
   Public
     Constructor Create(AContext : PSSL_CTX = Nil); overload;
     Constructor Create(AType : TSSLType); overload;
     Destructor Destroy; override;
     Function SetCipherList(Var ACipherList : String) : Integer;
-    procedure SetVerify(mode: Integer; arg2: PFunction);
+    procedure SetVerify(mode: Integer; arg2: TSSLCTXVerifyCallback);
     procedure SetDefaultPasswdCb(cb: PPasswdCb);
     procedure SetDefaultPasswdCbUserdata(u: SslPtr);
     Function UsePrivateKey(Data : TSSLData) : cint;
     // Use certificate.
     Function UseCertificate(Data : TSSLData) : cint;
-    function UseCertificateASN1(len: cLong; d: String):cInt;
+    function UseCertificateASN1(len: cLong; d: String):cInt; overload; deprecated 'use TBytes overload';
+    function UseCertificateASN1(len: cLong; buf: TBytes):cInt; overload;
     function UseCertificateFile(const Afile: String; Atype: cInt):cInt;
     function UseCertificateChainFile(const Afile: PChar):cInt;
     function UseCertificate(x: SslPtr):cInt;
     function LoadVerifyLocations(const CAfile: String; const CApath: String):cInt;
-    function LoadPFX(Const S,APassword : AnsiString) : cint;
+    function LoadPFX(Const S,APassword : AnsiString) : cint; deprecated 'use TBytes overload';
+    function LoadPFX(Const Buf : TBytes;APassword : AnsiString) : cint;
     function LoadPFX(Data : TSSLData; Const APAssword : Ansistring) : cint;
     function SetOptions(AOptions: cLong): cLong;
     procedure SetTlsextServernameCallback(cb: PCallbackCb);
@@ -116,17 +111,30 @@ Type
     Property SSL: PSSL Read FSSL;
   end;
 
+
+  TOpenSSLX509Certificate = Class (TX509Certificate)
+  Protected
+    function CreateKey: PEVP_PKEY; virtual;
+    procedure SetNameData(x: PX509); virtual;
+    procedure SetTimes(x: PX509); virtual;
+  Public
+    Function CreateCertificateAndKey : TCertAndKey; override;
+  end;
+
   ESSL = Class(Exception);
 
-Function BioToString(B : PBIO) : AnsiString;
+Function BioToString(B : PBIO; FreeBIO : Boolean = False) : AnsiString;
 
 implementation
 
+uses dateutils;
+
 Resourcestring
   SErrCountNotGetContext = 'Failed to create SSL Context';
   SErrFailedToCreateSSL = 'Failed to create SSL';
 
-Function BioToString(B : PBIO) : AnsiString;
+
+Function BioToString(B : PBIO; FreeBIO : Boolean = False) : AnsiString;
 
 Var
   L,RL : Integer;
@@ -138,6 +146,25 @@ begin
     SetLength(Result,RL)
   else
     SetLength(Result,0);
+  if FreeBio then
+    BioFreeAll(B);
+end;
+
+Function BioToTBytes(B : PBIO; FreeBIO : Boolean = False) : TBytes;
+
+Var
+  L,RL : Integer;
+begin
+  l:=bioctrlpending(B);
+  SetLength(Result,l);
+  FillChar(Result[0],L,0);
+  RL:=BioRead(B,Result,L);
+  if (RL>0) then
+    SetLength(Result,RL)
+  else
+    SetLength(Result,0);
+  if FreeBio then
+    BioFreeAll(B);
 end;
 
 function SelectSNIContextCallback(ASSL: TSSL; ad: integer; arg: TTlsExtCtx): integer; cdecl;
@@ -167,6 +194,114 @@ begin
   result := SSL_TLSEXT_ERR_OK;
 end;
 
+{ TOpenSSLX509Certificate }
+
+
+procedure TOpenSSLX509Certificate.SetNameData(x: PX509);
+
+Var
+  ND : PX509_NAME;
+  S : AnsiString;
+
+  Procedure SetEntry(aCode,aValue : AnsiString);
+
+  begin
+    if (AValue<>'') then
+      X509NameAddEntryByTxt(ND, aCode, $1001, aValue, -1, -1, 0);
+  end;
+
+begin
+  ND:=X509GetSubjectName(x);
+  S:=Country;
+  if S='' then
+    S:='BE';
+  SetEntry('C',S);
+  S:=HostName;
+  if S='' then
+    S:='localhost';
+  SetEntry('CN',S);
+  SetEntry('O',Organization);
+  x509SetIssuerName(x,ND);
+end;
+
+Procedure TOpenSSLX509Certificate.SetTimes(x : PX509);
+
+var
+  Utc : PASN1_UTCTIME;
+
+begin
+  Utc:=Asn1UtctimeNew;
+  try
+    ASN1UtcTimeSetString(Utc,PAnsiChar(FormatDateTime('YYMMDDHHNNSS',ValidFrom)));
+    X509SetNotBefore(x, Utc);
+    ASN1UtcTimeSetString(Utc,PAnsiChar(FormatDateTime('YYMMDDHHNNSS',ValidTo)));
+    X509SetNotAfter(x,Utc);
+  finally
+    Asn1UtctimeFree(Utc);
+  end;
+end;
+
+
+function TOpenSSLX509Certificate.CreateKey : PEVP_PKEY;
+
+Var
+  rsa: PRSA;
+
+begin
+  Result:=EvpPkeynew;
+  rsa:=RsaGenerateKey(KeySize,$10001,nil,nil);
+  EvpPkeyAssign(Result,EVP_PKEY_RSA,rsa);
+end;
+
+function TOpenSSLX509Certificate.CreateCertificateAndKey: TCertAndKey;
+
+var
+  pk: PEVP_PKEY;
+  x: PX509;
+  b: PBIO;
+{$IFDEF DUMPCERT}
+  s : string;
+{$ENDIF}
+
+begin
+  SetLength(Result.Certificate,0);
+  SetLength(Result.PrivateKey,0);
+  pk := nil;
+  x := X509New;
+  try
+    X509SetVersion(x, Version);
+    Asn1IntegerSet(X509getSerialNumber(x), GetRealSerial);
+    SetTimes(X);
+    pk:=CreateKey;
+    X509SetPubkey(x, pk);
+    SetNameData(x);
+    x509Sign(x,pk,EvpGetDigestByName('SHA1'));
+    // Certificate
+    b := BioNew(BioSMem);
+    i2dX509Bio(b, x);
+    Result.Certificate:=BioToTbytes(B,True);
+    // Private key
+    b := BioNew(BioSMem);
+    i2dPrivatekeyBio(b, pk);
+    Result.PrivateKey:=BioToTbytes(B,True);
+{$IFDEF DUMPCERT}
+    b := BioNew(BioSMem);
+    PEM_write_bio_X509(b,x);
+    S:=BioToString(B,True);
+    With TStringList.Create do
+      try
+        Add(S);
+        SaveToFile(DumpCertFile);
+      finally
+        Free;
+      end;
+{$ENDIF}
+  finally
+    X509free(x);
+    EvpPkeyFree(pk);
+  end;
+end;
+
 { TSSLContext }
 
 Constructor TSSLContext.Create(AContext: PSSL_CTX);
@@ -211,7 +346,7 @@ begin
   Result:=SSLCTxSetCipherList(FCTX,ACipherList);
 end;
 
-procedure TSSLContext.SetVerify(mode: Integer; arg2: PFunction);
+procedure TSSLContext.SetVerify(mode: Integer; arg2: TSSLCTXVerifyCallback);
 begin
   SslCtxSetVerify(FCtx,Mode,arg2);
 end;
@@ -236,6 +371,11 @@ begin
   Result:=SslCtxUsePrivateKeyASN1(pk,FCtx,d,len);
 end;
 
+function TSSLContext.UsePrivateKeyASN1(pk: cInt; d: TBytes; len: cLong): cInt;
+begin
+  Result:=SslCtxUsePrivateKeyASN1(pk,FCtx,d,len);
+end;
+
 function TSSLContext.UsePrivateKeyFile(const Afile: String; Atype: cInt):cInt;
 begin
   Result:=SslCtxUsePrivateKeyFile(FCTX,AFile,AType);
@@ -245,44 +385,43 @@ end;
 Function TSSLContext.UsePrivateKey(Data: TSSLData): cint;
 
 Var
-  S : AnsiString;
+  FN : String;
+  l : integer;
 
 begin
   Result:=-1;
-  If (Data.Value<>'') then
-    begin
-    S:=Data.Value;
-    Result:=UsePrivateKeyASN1(EVP_PKEY_RSA,S,length(S));
-    end
+  L:=Length(Data.Value);
+  If (l<>0) then
+    Result:=UsePrivateKeyASN1(EVP_PKEY_RSA,Data.Value,L)
   else if (Data.FileName<>'') then
     begin
-    S:=Data.FileName;
-    Result:=UsePrivateKeyFile(S,SSL_FILETYPE_PEM);
+    FN:=Data.FileName;
+    Result:=UsePrivateKeyFile(FN,SSL_FILETYPE_PEM);
     if (Result<>1) then
-      Result:=UsePrivateKeyFile(S,SSL_FILETYPE_ASN1);
+      Result:=UsePrivateKeyFile(FN,SSL_FILETYPE_ASN1);
     end;
 end;
 
 Function TSSLContext.UseCertificate(Data: TSSLData): cint;
 
 Var
-  S : AnsiString;
+  l : integer;
+  FN : String;
+
 begin
   Result:=-1;
-  if (Data.Value<>'') then
-    begin
-    S:=Data.Value;
-    Result:=UseCertificateASN1(length(S),S);
-    end
+  L:=Length(Data.Value);
+  if (L<>0) then
+    Result:=UseCertificateASN1(length(Data.Value),Data.Value)
   else if (Data.FileName<>'') then
     begin
-    S:=Data.FileName;
-    Result:=UseCertificateChainFile(PChar(S));
+    FN:=Data.FileName;
+    Result:=UseCertificateChainFile(PChar(FN));
     if Result<>1 then
        begin
-       Result:=UseCertificateFile(S,SSL_FILETYPE_PEM);
-       if Result<>1 then
-         Result:=UseCertificateFile(S,SSL_FILETYPE_ASN1);
+       Result:=UseCertificateFile(FN,SSL_FILETYPE_PEM);
+       if (Result<>1) then
+         Result:=UseCertificateFile(FN,SSL_FILETYPE_ASN1);
        end;
     end
 end;
@@ -292,6 +431,11 @@ begin
   Result:=sslctxUseCertificateASN1(FCTX,len,d);
 end;
 
+function TSSLContext.UseCertificateASN1(len: cLong; buf: TBytes): cInt;
+begin
+  Result:=sslctxUseCertificateASN1(FCTX,len,Buf);
+end;
+
 function TSSLContext.UseCertificateFile(const Afile: String; Atype: cInt): cInt;
 begin
   Result:=sslctxUseCertificateFile(FCTX,Afile,Atype);
@@ -314,6 +458,17 @@ end;
 
 function TSSLContext.LoadPFX(Const S, APassword: AnsiString): cint;
 
+var
+  Buf : TBytes;
+
+begin
+  SetLength(Buf,Length(S));
+  Move(S[1],Buf[0],Length(S));
+  Result:=LoadPFX(Buf,APAssword);
+end;
+
+function TSSLContext.LoadPFX(const Buf: TBytes; APassword: AnsiString): cint;
+
 var
   b: PBIO;
   p12,c,pk,ca: SslPtr;
@@ -326,50 +481,46 @@ begin
   p12:=Nil;
   b:=BioNew(BioSMem);
   try
-    BioWrite(b,S,Length(S));
+    BioWrite(b,Buf,Length(Buf));
     p12:=d2iPKCS12bio(b,nil);
-  finally
-    BioFreeAll(b);
-  end;
-  if Not Assigned(p12) then
-    Exit;
-  try
-    try
+    if Assigned(p12) then
       if PKCS12parse(p12,APassword,pk,c,ca)>0 then
         begin
         Result:=UseCertificate(c);
         if (Result>0) then
           Result:=UsePrivateKey(pk);
         end;
-    finally
+  finally
+    if pk<>Nil then
       EvpPkeyFree(pk);
+    if c<>nil then
       X509free(c);
-//      SkX509PopFree(ca,_X509Free);
-    end;
-  finally
-    PKCS12free(p12);
+//  SkX509PopFree(ca,_X509Free);
+    if p12<>Nil then
+      PKCS12free(p12);
+    BioFreeAll(b);
   end;
 end;
 
 function TSSLContext.LoadPFX(Data: TSSLData; Const APAssword : Ansistring): cint;
 
 Var
-  S : String;
+  B : TBytes;
 
 begin
   Result:=-1;
   try
-    if (Data.Value<>'') then
-      S:=Data.Value
+    if (Length(Data.Value)<>0) then
+      B:=Data.Value
     else
       With TFileStream.Create(Data.FileName,fmOpenRead or fmShareDenyNone) do
         Try
-          SetLength(S,Size);
-          ReadBuffer(S[1],Size);
+          SetLength(B,Size);
+          ReadBuffer(B[0],Size);
         finally
           Free;
         end;
-    Result:=LoadPFX(s,APassword);
+    Result:=LoadPFX(B,APassword);
   except
     // Silently ignore
     Exit;
@@ -407,27 +558,6 @@ begin
   SslCtxCtrl(FCTX, SSL_CTRL_SET_ECDH_AUTO, larg, nil);
 end;
 
-{ TSSLData }
-
-Function TSSLData.Empty: Boolean;
-begin
-  Result:=(Value='') and (FileName='');
-end;
-
-Procedure TSSLData.Assign(Source: TPersistent);
-
-
-begin
-  if Source is TSSLData then
-   With TSSLData(Source) do
-    begin
-    Self.FValue:=FValue;
-    Self.FFileName:=FFileName;
-    end
-  else
-    inherited Assign(Source);
-end;
-
 { TSSL }
 
 Constructor TSSL.Create(ASSL: PSSL);
@@ -473,7 +603,11 @@ end;
 
 function TSSL.Shutdown: cInt;
 begin
-  Result:=sslShutDown(fSSL);
+  try
+    Result:=sslShutDown(fSSL);
+  except
+    // Sometimes, SSL gives an error when the connection is lost
+  end;
 end;
 
 function TSSL.Read(buf: SslPtr; num: cInt): cInt;
@@ -555,6 +689,7 @@ var
 
 begin
   Result:='';
+  S:='';
   c:=PeerCertificate;
   if Assigned(c) then
     try

packages/openssl/src/openssl.pas

@@ -254,6 +254,10 @@ type
   PASN1_cInt = SslPtr;
   PPasswdCb = SslPtr;
   PCallbackCb = SslPtr;
+
+  PX509_STORE_CTX = SslPtr;
+  TSSLCTXVerifyCallback = function (ok : cInt; ctx : PX509_STORE_CTX) : Cint; cdecl;
+
   PFunction = procedure;
   DES_cblock = array[0..7] of Byte;
   PDES_cblock = ^DES_cblock;
@@ -833,6 +837,35 @@ const
   RSA_NO_PADDING         = 3;
   RSA_PKCS1_OAEP_PADDING = 4;
 
+  // ASN1 values
+  V_ASN1_EOC                     = 0;
+  V_ASN1_BOOLEAN                 = 1;
+  V_ASN1_INTEGER                 = 2;
+  V_ASN1_BIT_STRING              = 3;
+  V_ASN1_OCTET_STRING            = 4;
+  V_ASN1_NULL                    = 5;
+  V_ASN1_OBJECT                  = 6;
+  V_ASN1_OBJECT_DESCRIPTOR       = 7;
+  V_ASN1_EXTERNAL                = 8;
+  V_ASN1_REAL                    = 9;
+  V_ASN1_ENUMERATED              = 10;
+  V_ASN1_UTF8STRING              = 12;
+  V_ASN1_SEQUENCE                = 16;
+  V_ASN1_SET                     = 17;
+  V_ASN1_NUMERICSTRING           = 18;
+  V_ASN1_PRINTABLESTRING         = 19;
+  V_ASN1_T61STRING               = 20;
+  V_ASN1_TELETEXSTRING           = 20;
+  V_ASN1_VIDEOTEXSTRING          = 21;
+  V_ASN1_IA5STRING               = 22;
+  V_ASN1_UTCTIME                 = 23;
+  V_ASN1_GENERALIZEDTIME         = 24;
+  V_ASN1_GRAPHICSTRING           = 25;
+  V_ASN1_ISO64STRING             = 26;
+  V_ASN1_VISIBLESTRING           = 26;
+  V_ASN1_GENERALSTRING           = 27;
+  V_ASN1_UNIVERSALSTRING         = 28;
+  V_ASN1_BMPSTRING               = 30;
 
   // BN
 {$ifdef cpu64}
@@ -1016,11 +1049,13 @@ var
   function SslMethodV23:PSSL_METHOD;
   function SslTLSMethod:PSSL_METHOD;
   function SslCtxUsePrivateKey(ctx: PSSL_CTX; pkey: SslPtr):cInt;
-  function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
+  function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;overload;
+  function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; b: TBytes; len: cLong):cInt;overload;
 //  function SslCtxUsePrivateKeyFile(ctx: PSSL_CTX; const _file: PChar; _type: cInt):cInt;
   function SslCtxUsePrivateKeyFile(ctx: PSSL_CTX; const _file: String; _type: cInt):cInt;
   function SslCtxUseCertificate(ctx: PSSL_CTX; x: SslPtr):cInt;
-  function SslCtxUseCertificateASN1(ctx: PSSL_CTX; len: cLong; d: String):cInt;
+  function SslCtxUseCertificateASN1(ctx: PSSL_CTX; len: cLong; d: String):cInt; overload;
+  function SslCtxUseCertificateASN1(ctx: PSSL_CTX; len: cLong; Buf: TBytes):cInt; overload;
   function SslCtxUseCertificateFile(ctx: PSSL_CTX; const _file: String; _type: cInt):cInt;
 //  function SslCtxUseCertificateChainFile(ctx: PSSL_CTX; const _file: PChar):cInt;
   function SslCtxUseCertificateChainFile(ctx: PSSL_CTX; const _file: String):cInt;
@@ -1040,7 +1075,7 @@ var
   function SslPending(ssl: PSSL):cInt;
   function SslGetVersion(ssl: PSSL):String;
   function SslGetPeerCertificate(ssl: PSSL):PX509;
-  procedure SslCtxSetVerify(ctx: PSSL_CTX; mode: cInt; arg2: PFunction);
+  procedure SslCtxSetVerify(ctx: PSSL_CTX; mode: cInt; arg2: TSSLCTXVerifyCallback);
   function SSLGetCurrentCipher(s: PSSL):SslPtr;
   function SSLCipherGetName(c: SslPtr): String;
   function SSLCipherGetBits(c: SslPtr; var alg_bits: cInt):cInt;
@@ -1086,6 +1121,9 @@ var
   function d2iPKCS12bio(b:PBIO; Pkcs12: SslPtr): SslPtr;
   function PKCS12parse(p12: SslPtr; pass: string; var pkey, cert, ca: SslPtr): cInt;
   procedure PKCS12free(p12: SslPtr);
+  function Asn1StringTypeNew(aType : cint): PASN1_STRING;
+  Function Asn1UtctimePrint(b : PBio; a: PASN1_UTCTIME) : integer;
+  Function ASN1UtcTimeSetString(t : PASN1_UTCTIME; s : PAnsichar) : cint;
   function Asn1UtctimeNew: PASN1_UTCTIME;
   procedure Asn1UtctimeFree(a: PASN1_UTCTIME);
   function Asn1IntegerSet(a: PASN1_INTEGER; v: integer): integer;
@@ -1243,14 +1281,17 @@ var
                u: pointer): integer;	
   function PEM_write_bio_PUBKEY(bp: pBIO; x: pEVP_PKEY): integer;
   function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: ppem_password_cb; u: pointer): PX509;
-  
+  function PEM_write_bio_X509(bp: pBIO;  x: px509): integer;
+
   // BIO Functions - bio.h
   function BioNew(b: PBIO_METHOD): PBIO;
   procedure BioFreeAll(b: PBIO);
   function BioSMem: PBIO_METHOD;
   function BioCtrlPending(b: PBIO): cInt;
   function BioRead(b: PBIO; var Buf: String; Len: cInt): cInt;
-  function BioWrite(b: PBIO; Buf: String; Len: cInt): cInt;
+  function BioRead(b: PBIO; Buf: TBytes; Len: cInt): cInt;
+  function BioWrite(b: PBIO; Buf: String; Len: cInt): cInt; overload;
+  function BioWrite(b: PBIO; Buf: TBytes; Len: cInt): cInt; overload;
   function BIO_ctrl(bp: PBIO; cmd: cint; larg: clong; parg: Pointer): clong;
   function BIO_read_filename(b: PBIO; const name: PChar): cint;
   
@@ -1558,7 +1599,9 @@ type
   Td2iPKCS12bio = function(b:PBIO; Pkcs12: SslPtr): SslPtr; cdecl;
   TPKCS12parse = function(p12: SslPtr; pass: PChar; var pkey, cert, ca: SslPtr): cInt; cdecl;
   TPKCS12free = procedure(p12: SslPtr); cdecl;
-  TAsn1UtctimeNew = function: PASN1_UTCTIME; cdecl;
+  TAsn1StringTypeNew = function(aype : cint): SSlPtr; cdecl;
+  TAsn1UtcTimeSetString = function(t : PASN1_UTCTIME; S : PAnsiChar): cint; cdecl;
+  TAsn1UtctimePrint = Function(b : PBio;a: PASN1_UTCTIME) : cint; cdecl;
   TAsn1UtctimeFree = procedure(a: PASN1_UTCTIME); cdecl;
   TAsn1IntegerSet = function(a: PASN1_INTEGER; v: integer): integer; cdecl;
   TAsn1IntegerGet = function(a: PASN1_INTEGER): integer; cdecl;
@@ -1684,6 +1727,7 @@ type
                u: pointer): integer; cdecl;	
   TPEM_write_bio_PUBKEY = function(bp: pBIO; x: pEVP_PKEY): integer; cdecl;
   TPEM_read_bio_X509 = function(bp: pBIO; x: PPX509; cb: Ppem_password_cb; u: pointer): px509; cdecl;
+  TPEM_write_bio_X509 = function(bp: pBIO; x: PX509): integer; cdecl;
 
   // BIO Functions
 
@@ -1783,7 +1827,9 @@ var
   _d2iPKCS12bio: Td2iPKCS12bio = nil;
   _PKCS12parse: TPKCS12parse = nil;
   _PKCS12free: TPKCS12free = nil;
-  _Asn1UtctimeNew: TAsn1UtctimeNew = nil;
+  _Asn1StringTypeNew: TAsn1StringTypeNew = nil;
+  _Asn1UtctimeSetString : TAsn1UtctimeSetString = Nil;
+  _Asn1UtctimePrint: TAsn1UtctimePrint = nil;
   _Asn1UtctimeFree: TAsn1UtctimeFree = nil;
   _Asn1IntegerSet: TAsn1IntegerSet = nil;
   _Asn1IntegerGet: TAsn1IntegerGet = nil;
@@ -1916,6 +1962,7 @@ var
   _PEM_write_bio_PrivateKey: TPEM_write_bio_PrivateKey = nil;	
   _PEM_write_bio_PUBKEY: TPEM_write_bio_PUBKEY = nil;
   _PEM_read_bio_X509: TPEM_read_bio_X509 = nil;
+  _PEM_write_bio_X509: TPEM_write_bio_X509 = nil;
   // BIO Functions
 
   _BIO_ctrl: TBIO_ctrl = nil;
@@ -2200,7 +2247,7 @@ begin
     Result := 0;
 end;
 
-function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt;
+function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; d: String; len: cLong):cInt; overload;
 begin
   if InitSSLInterface and Assigned(_SslCtxUsePrivateKeyASN1) then
     Result := _SslCtxUsePrivateKeyASN1(pk, ctx, Sslptr(d), len)
@@ -2208,6 +2255,14 @@ begin
     Result := 0;
 end;
 
+function SslCtxUsePrivateKeyASN1(pk: cInt; ctx: PSSL_CTX; b: TBytes; len: cLong): cInt;overload;
+begin
+  if InitSSLInterface and Assigned(_SslCtxUsePrivateKeyASN1) then
+    Result := _SslCtxUsePrivateKeyASN1(pk, ctx, Sslptr(b), len)
+  else
+    Result := 0;
+end;
+
 function SslCtxUsePrivateKeyFile(ctx: PSSL_CTX; const _file: String; _type: cInt):cInt;
 begin
   if InitSSLInterface and Assigned(_SslCtxUsePrivateKeyFile) then
@@ -2232,6 +2287,14 @@ begin
     Result := 0;
 end;
 
+function SslCtxUseCertificateASN1(ctx: PSSL_CTX; len: cLong; Buf: TBytes): cInt;
+begin
+  if InitSSLInterface and Assigned(_SslCtxUseCertificateASN1) then
+    Result := _SslCtxUseCertificateASN1(ctx, len, SslPtr(Buf))
+  else
+    Result := 0;
+end;
+
 function SslCtxUseCertificateFile(ctx: PSSL_CTX; const _file: String; _type: cInt):cInt;
 begin
   if InitSSLInterface and Assigned(_SslCtxUseCertificateFile) then
@@ -2363,7 +2426,7 @@ begin
     Result := nil;
 end;
 
-procedure SslCtxSetVerify(ctx: PSSL_CTX; mode: cInt; arg2: PFunction);
+procedure SslCtxSetVerify(ctx: PSSL_CTX; mode: cInt; arg2: TSSLCTXVerifyCallback);
 begin
   if InitSSLInterface and Assigned(_SslCtxSetVerify) then
     _SslCtxSetVerify(ctx, mode, @arg2);
@@ -2587,6 +2650,14 @@ begin
     Result := 0;
 end;
 
+function BioRead(b: PBIO; Buf: TBytes; Len: cInt): cInt;
+begin
+  if InitSSLInterface and Assigned(_BioRead) then
+    Result := _BioRead(b, PChar(Buf), Len)
+  else
+    Result := -2;
+end;
+
 function BioRead(b: PBIO; var Buf: String; Len: cInt): cInt;
 begin
   if InitSSLInterface and Assigned(_BioRead) then
@@ -2604,6 +2675,16 @@ begin
     Result := -2;
 end;
 
+function BioWrite(b: PBIO; Buf: TBytes; Len: cInt): cInt;
+
+begin
+  if InitSSLInterface and Assigned(_BioWrite) then
+    Result := _BioWrite(b, PChar(Buf), Len)
+  else
+    Result := -2;
+end;
+
+
 function X509print(b: PBIO; a: PX509): cInt;
 begin
   if InitSSLInterface and Assigned(_X509print) then
@@ -2694,8 +2775,14 @@ end;
 
 function Asn1UtctimeNew: PASN1_UTCTIME;
 begin
-  if InitSSLInterface and Assigned(_Asn1UtctimeNew) then
-    Result := _Asn1UtctimeNew
+  Result:=PASN1_UTCTIME(Asn1StringTypeNew(V_ASN1_UTCTIME));
+end;
+
+function Asn1StringTypeNew(aType : cint): PASN1_STRING;
+
+begin
+  if InitSSLInterface and Assigned(_Asn1StringTypeNew) then
+    Result := _Asn1StringTypeNew(aType)
   else
     Result := nil;
 end;
@@ -2706,6 +2793,22 @@ begin
     _Asn1UtctimeFree(a);
 end;
 
+function Asn1UtctimePrint(b: PBio; a: PASN1_UTCTIME): integer;
+begin
+  if InitSSLInterface and Assigned(_Asn1UtctimePrint) then
+    Result:=_Asn1UtctimePrint(b,a)
+  else
+    Result:=0;
+end;
+
+function ASN1UtcTimeSetString(t: PASN1_UTCTIME; s: PAnsichar): cint;
+begin
+  if InitSSLInterface and Assigned(_Asn1UtctimeSetString) then
+    Result:=_Asn1UtctimeSetString(t,s)
+  else
+    Result:=0;
+end;
+
 function Asn1IntegerSet(a: PASN1_INTEGER; v: integer): integer;
 begin
   if InitSSLInterface and Assigned(_Asn1IntegerSet) then
@@ -3558,7 +3661,7 @@ Begin
     Result := -1;
 end; 
 
-function PEM_read_bio_X509(bp: pBIO;  x: ppx509; cb: Ppem_password_cb; u: pointer): px509;
+function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: ppem_password_cb; u: pointer): PX509;
 begin
   if InitSSLInterface and Assigned(_PEM_read_bio_X509) then
     Result := _PEM_read_bio_X509(bp, x, cb, u)
@@ -3566,6 +3669,14 @@ begin
     Result := nil;
 end;
 
+function PEM_write_bio_X509(bp: pBIO;  x: px509): integer;
+begin
+  if InitSSLInterface and Assigned(_PEM_write_bio_X509) then
+    Result := _PEM_write_bio_X509(bp, x)
+  else
+    Result := 0;
+end;
+
 
 // BIO Functions
 
@@ -3582,7 +3693,7 @@ begin
   Result := BIO_ctrl(b, BIO_C_SET_FILENAME, BIO_CLOSE or BIO_FP_READ, name);
 end;
 
-function BIO_s_file: PBIO_METHOD;
+function BIO_s_file: pBIO_METHOD;
 begin
   if InitSSLInterface and Assigned(_BIO_s_file) then
     Result := _BIO_s_file
@@ -4643,7 +4754,9 @@ begin
   _d2iPKCS12bio := GetProcAddr(SSLUtilHandle, 'd2i_PKCS12_bio');
   _PKCS12parse := GetProcAddr(SSLUtilHandle, 'PKCS12_parse');
   _PKCS12free := GetProcAddr(SSLUtilHandle, 'PKCS12_free');
-  _Asn1UtctimeNew := GetProcAddr(SSLUtilHandle, 'ASN1_UTCTIME_new');
+  _Asn1UtctimeSetString := GetProcAddr(SSLUtilHandle, 'ASN1_UTCTIME_set_string');
+  _Asn1StringTypeNew := GetProcAddr(SSLUtilHandle, 'ASN1_STRING_type_new');
+  _Asn1UtctimePrint := GetProcAddr(SSLUtilHandle, 'ASN1_UTCTIME_print');
   _Asn1UtctimeFree := GetProcAddr(SSLUtilHandle, 'ASN1_UTCTIME_free');
   _Asn1IntegerSet := GetProcAddr(SSLUtilHandle, 'ASN1_INTEGER_set');
   _Asn1IntegerGet := GetProcAddr(SSLUtilHandle, 'ASN1_INTEGER_get');
@@ -4755,7 +4868,8 @@ begin
   _PEM_write_bio_PrivateKey := GetProcAddr(SSLUtilHandle, 'PEM_write_bio_PrivateKey');
   _PEM_write_bio_PUBKEY := GetProcAddr(SSLUtilHandle, 'PEM_write_bio_PUBKEY');
   _PEM_read_bio_X509 := GetProcAddr(SSLUtilHandle, 'PEM_read_bio_X509');
-  
+  _PEM_write_bio_X509 := GetProcAddr(SSLUtilHandle,'PEM_write_bio_X509');
+
   // BIO
   _BIO_ctrl := GetProcAddr(SSLUtilHandle, 'BIO_ctrl');
   _BIO_s_file := GetProcAddr(SSLUtilHandle, 'BIO_s_file');
@@ -5105,7 +5219,9 @@ begin
   _d2iPKCS12bio := nil;
   _PKCS12parse := nil;
   _PKCS12free := nil;
-  _Asn1UtctimeNew := nil;
+  _Asn1UtctimeSetString := nil;
+  _Asn1StringTypeNew := nil;
+  _Asn1UtctimePrint := nil;
   _Asn1UtctimeFree := nil;
   _Asn1IntegerSet:= nil;
   _Asn1IntegerGet:= nil;
@@ -5216,6 +5332,7 @@ begin
   _PEM_read_bio_PUBKEY := nil;
   _PEM_write_bio_PrivateKey := nil;
   _PEM_read_bio_X509 := nil;
+  _PEM_write_bio_X509 := nil;
 
   // BIO
 

packages/openssl/src/opensslsockets.pp

@@ -0,0 +1,321 @@
+unit opensslsockets;
+
+{$mode objfpc}{$H+}
+
+interface
+
+uses
+  Classes, SysUtils, sockets, ssockets, sslsockets, sslbase, openssl, fpopenssl;
+
+Type
+
+  { TOpenSSLSocketHandler }
+
+  TOpenSSLSocketHandler = Class(TSSLSocketHandler)
+  Private
+    FSSL: TSSL;
+    FCTX : TSSLContext;
+    FSSLLastErrorString: string;
+    FSSLLastError : Integer;
+  Protected
+    procedure SetSSLLastErrorString(AValue: string);
+    Function FetchErrorInfo: Boolean;
+    function CheckSSL(SSLResult: Integer): Boolean;
+    function CheckSSL(SSLResult: Pointer): Boolean;
+    function InitContext(NeedCertificate: Boolean): Boolean; virtual;
+    function DoneContext: Boolean; virtual;
+    function InitSslKeys: boolean;virtual;
+  Public
+    Constructor create; override;
+    destructor destroy; override;
+    function CreateCertGenerator: TX509Certificate; override;
+    function Connect : Boolean; override;
+    function Close : Boolean; override;
+    function Accept : Boolean; override;
+    function Shutdown(BiDirectional : Boolean): boolean; override;
+    function Send(Const Buffer; Count: Integer): Integer; override;
+    function Recv(Const Buffer; Count: Integer): Integer; override;
+    function BytesAvailable: Integer; override;
+    // Result of last CheckSSL call.
+    Function SSLLastError: integer;
+    property SSLLastErrorString: string read FSSLLastErrorString write SetSSLLastErrorString;
+  end;
+
+implementation
+
+{ TSocketHandler }
+Resourcestring
+  SErrNoLibraryInit = 'Could not initialize OpenSSL library';
+
+Procedure MaybeInitSSLInterface;
+
+begin
+  if not IsSSLloaded then
+    if not InitSSLInterface then
+      Raise EInOutError.Create(SErrNoLibraryInit);
+end;
+
+function TopenSSLSocketHandler.CreateCertGenerator: TX509Certificate;
+begin
+  Result:=TOpenSSLX509Certificate.Create;
+end;
+
+procedure TOpenSSLSocketHandler.SetSSLLastErrorString(AValue: string);
+begin
+  if FSSLLastErrorString=AValue then Exit;
+  FSSLLastErrorString:=AValue;
+end;
+
+function TOpenSSLSocketHandler.Connect: Boolean;
+begin
+  Result:=Inherited Connect;
+  Result := Result and InitContext(False);
+  if Result then
+    begin
+    Result:=CheckSSL(FSSL.SetFD(Socket.Handle));
+    if Result then
+     begin
+     if SendHostAsSNI  and (Socket is TInetSocket) then
+       FSSL.Ctrl(SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,PAnsiChar(AnsiString((Socket as TInetSocket).Host)));
+     Result:=CheckSSL(FSSL.Connect);
+     if Result and VerifyPeerCert then
+       Result:=(FSSL.VerifyResult<>0) or (not DoVerifyCert);
+     if Result then
+       SetSSLActive(True);
+     end;
+    end;
+end;
+
+function TOpenSSLSocketHandler.Close: Boolean;
+begin
+  Result:=Shutdown(False);
+end;
+
+Function TOpenSSLSocketHandler.FetchErrorInfo : Boolean;
+
+var
+  S : AnsiString;
+
+begin
+  FSSLLastErrorString:='';
+  FSSLLastError:=ErrGetError;
+  ErrClearError;
+  Result:=(FSSLLastError<>0);
+  if Result then
+    begin
+    S:=StringOfChar(#0,256);
+    ErrErrorString(FSSLLastError,S,256);
+    FSSLLastErrorString:=s;
+    end;
+end;
+
+function TOpenSSLSocketHandler.CheckSSL(SSLResult : Integer) : Boolean;
+
+begin
+  Result:=SSLResult>=1;
+  if Not Result then
+     begin
+     FSSLLastError:=SSLResult;
+     FetchErrorInfo;
+     end;
+end;
+
+function TOpenSSLSocketHandler.CheckSSL(SSLResult: Pointer): Boolean;
+begin
+  Result:=(SSLResult<>Nil);
+  if not Result then
+    Result:=FetchErrorInfo;
+end;
+
+function TOpenSSLSocketHandler.DoneContext: Boolean;
+
+begin
+  FreeAndNil(FSSL);
+  FreeAndNil(FCTX);
+  ErrRemoveState(0);
+  SetSSLActive(False);
+  Result:=True;
+end;
+
+Function HandleSSLPwd(buf : PAnsiChar; len:Integer; flags:Integer; UD : Pointer):Integer; cdecl;
+
+var
+  Pwd: AnsiString;
+  H :  TOpenSSLSocketHandler;
+
+begin
+  if Not Assigned(UD) then
+    PWD:=''
+  else
+    begin
+    H:=TOpenSSLSocketHandler(UD);
+    Pwd:=H.CertificateData.KeyPassword;
+    end;
+  if (len<Length(Pwd)+1) then
+    SetLength(Pwd,len-1);
+  pwd:=pwd+#0;
+  Result:=Length(Pwd);
+  Move(Pointer(Pwd)^,Buf^,Result);
+end;
+
+function TOpenSSLSocketHandler.InitSslKeys: boolean;
+
+begin
+  Result:=(FCTX<>Nil);
+  if not Result then
+    Exit;
+  if not CertificateData.Certificate.Empty then
+    Result:=CheckSSL(FCTX.UseCertificate(CertificateData.Certificate));
+  if Result and not CertificateData.PrivateKey.Empty then
+    Result:=CheckSSL(FCTX.UsePrivateKey(CertificateData.PrivateKey));
+  if Result and (CertificateData.CertCA.FileName<>'') then
+    Result:=CheckSSL(FCTX.LoadVerifyLocations(CertificateData.CertCA.FileName,''));
+  if Result and not CertificateData.PFX.Empty then
+    Result:=CheckSSL(FCTX.LoadPFX(CertificateData.PFX,CertificateData.KeyPassword));
+end;
+
+constructor TOpenSSLSocketHandler.create;
+begin
+  inherited create;
+  MaybeInitSSLInterface;
+end;
+
+destructor TOpenSSLSocketHandler.destroy;
+begin
+  FreeAndNil(FCTX);
+  FreeAndNil(FSSL);
+  inherited destroy;
+end;
+
+function TOpenSSLSocketHandler.InitContext(NeedCertificate:Boolean): Boolean;
+
+Const
+  VO : Array[Boolean] of Integer = (SSL_VERIFY_NONE,SSL_VERIFY_PEER);
+
+var
+  s: AnsiString;
+
+begin
+  Result:=DoneContext;
+  if Not Result then
+    Exit;
+  try
+    FCTX:=TSSLContext.Create(SSLType);
+  Except
+    CheckSSL(Nil);
+    Result:=False;
+    Exit;
+  end;
+  S:=CertificateData.CipherList;
+  FCTX.SetCipherList(S);
+  FCTX.SetVerify(VO[VerifypeerCert],Nil);
+  FCTX.SetDefaultPasswdCb(@HandleSSLPwd);
+  FCTX.SetDefaultPasswdCbUserdata(self);
+  If NeedCertificate and CertificateData.NeedCertificateData  then
+    if Not CreateSelfSignedCertificate then
+      begin
+      DoneContext;
+      Exit(False);
+      end;
+   if Not InitSSLKeys then
+     begin
+     DoneContext;
+     Exit(False);
+     end;
+   try
+     FSSL:=TSSL.Create(FCTX);
+     Result:=True;
+   Except
+     CheckSSL(Nil);
+     DoneContext;
+     Result:=False;
+   end;
+end;
+
+function TOpenSSLSocketHandler.Accept: Boolean;
+
+begin
+  Result:=InitContext(True);
+  if Result then
+    begin
+    Result:=CheckSSL(FSSL.setfd(Socket.Handle));
+    if Result then
+      Result:=CheckSSL(FSSL.Accept);
+    end;
+  SetSSLActive(Result);
+end;
+
+
+function TOpenSSLSocketHandler.Shutdown(BiDirectional : Boolean): boolean;
+
+var
+  r : integer;
+
+begin
+  Result:=assigned(FSsl);
+  if Result then
+    If Not BiDirectional then
+      Result:=CheckSSL(FSSL.Shutdown)
+    else
+      begin
+      r:=FSSL.Shutdown;
+      if r<>0 then
+        Result:=CheckSSL(r)
+      else
+        begin
+        Result:=fpShutdown(Socket.Handle,1)=0;
+        if Result then
+          Result:=CheckSSL(FSsl.Shutdown);
+        end
+      end;
+  If Result then
+    Result:=DoneContext;
+end;
+
+function TOpenSSLSocketHandler.Send(Const Buffer; Count: Integer): Integer;
+var
+  e: integer;
+begin
+  FSSLLastError := 0;
+  FSSLLastErrorString:='';
+  repeat
+    Result:=FSsl.Write(@Buffer,Count);
+    e:=FSsl.GetError(Result);
+  until Not (e in [SSL_ERROR_WANT_READ,SSL_ERROR_WANT_WRITE]);
+  if (E=SSL_ERROR_ZERO_RETURN) then
+    Result:=0
+  else if (e<>0) then
+    FSSLLastError:=e;
+end;
+
+function TOpenSSLSocketHandler.Recv(Const Buffer; Count: Integer): Integer;
+
+var
+  e: integer;
+begin
+  FSSLLastError:=0;
+  FSSLLastErrorString:= '';
+  repeat
+    Result:=FSSL.Read(@Buffer ,Count);
+    e:=FSSL.GetError(Result);
+  until Not (e in [SSL_ERROR_WANT_READ,SSL_ERROR_WANT_WRITE]);
+  if (E=SSL_ERROR_ZERO_RETURN) then
+    Result:=0
+  else if (e<>0) then
+    FSSLLastError:=e;
+end;
+
+function TOpenSSLSocketHandler.BytesAvailable: Integer;
+begin
+  Result:= FSSL.Pending;
+end;
+
+Function TOpenSSLSocketHandler.SSLLastError: integer;
+begin
+  Result:=FSSLLastError;
+end;
+
+initialization
+  TSSLSocketHandler.SetDefaultHandlerClass(TOpenSSLSocketHandler);
+end.
+