--- ./gl/ftell.c~0	2016-05-28 11:02:45.000000000 +0300
+++ ./gl/ftell.c	2016-10-02 18:20:51.687500000 +0300
@@ -35,3 +35,6 @@ ftell (FILE *fp)
       return -1;
     }
 }
+
+#include "../src/gl/fseek.c"
+#include "../src/gl/fseeko.c"
--- ./lib/accelerated/x86/x86-common.c~0	2016-05-28 11:02:19.000000000 +0300
+++ ./lib/accelerated/x86/x86-common.c	2016-10-02 15:51:41.765625000 +0300
@@ -42,7 +42,9 @@
  * This is a format compatible with openssl's CPUID detection.
  */
 #if defined(__GNUC__)
+#ifndef __MINGW32__
 __attribute__((visibility("hidden")))
+#endif
 #elif defined(__SUNPRO_C)
 __hidden
 #endif
--- ./lib/nettle/rnd-common.c~0	2015-01-19 19:38:09.000000000 +0200
+++ ./lib/nettle/rnd-common.c	2016-10-02 16:07:00.015625000 +0300
@@ -110,8 +110,6 @@ int _rnd_system_entropy_check(void)
 
 int _rnd_system_entropy_init(void)
 {
-	int old;
-
 	if (!CryptAcquireContext
 		(&device_fd, NULL, NULL, PROV_RSA_FULL,
 		 CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) {
--- ./lib/opencdk/misc.c~0	2016-02-29 18:15:30.000000000 +0200
+++ ./lib/opencdk/misc.c	2016-10-02 16:22:39.671875000 +0300
@@ -157,7 +157,7 @@ FILE *_cdk_tmpfile(void)
 	/* Because the tmpfile() version of wine is not really useful,
 	   we implement our own version to avoid problems with 'make check'. */
 	static const char *letters = "abcdefghijklmnopqrstuvwxyz";
-	unsigned char buf[512], rnd[24];
+	char buf[512], rnd[24];
 	FILE *fp;
 	int fd, i;
 
--- ./lib/system-keys-win.c~0	2015-11-21 12:34:26.000000000 +0200
+++ ./lib/system-keys-win.c	2016-10-02 18:18:00.859375000 +0300
@@ -46,7 +46,32 @@
 
 #define DYN_NCRYPT
 
-#include <ncrypt.h>
+#ifdef __MINGW32__
+# include <_mingw.h>
+# ifdef __MINGW64_VERSION_MAJOR
+/* MinGW64 */
+#  include <ncrypt.h>
+# else
+/* mingw.org's MinGW */
+# include <security.h>
+# define BCRYPT_PAD_PKCS1 0x00000002
+# define BCRYPT_RSA_ALGORITHM L"RSA"
+# define BCRYPT_DSA_ALGORITHM L"DSA"
+# define BCRYPT_SHA1_ALGORITHM L"SHA1"
+# define BCRYPT_SHA256_ALGORITHM L"SHA256"
+# define BCRYPT_SHA384_ALGORITHM L"SHA384"
+# define BCRYPT_SHA512_ALGORITHM L"SHA512"
+# define BCRYPT_ECDSA_P256_ALGORITHM L"ECDSA_P256"
+# define BCRYPT_ECDSA_P384_ALGORITHM L"ECDSA_P384"
+# define BCRYPT_ECDSA_P521_ALGORITHM L"ECDSA_P521"
+  typedef ULONG_PTR NCRYPT_HANDLE;
+  typedef ULONG_PTR NCRYPT_PROV_HANDLE;
+  typedef ULONG_PTR NCRYPT_KEY_HANDLE;
+  typedef struct _BCRYPT_PKCS1_PADDING_INFO {
+    LPCWSTR pszAlgId;
+  } BCRYPT_PKCS1_PADDING_INFO;
+# endif
+#endif
 
 // MinGW headers may not have these defines
 #ifndef NCRYPT_SHA1_ALGORITHM
@@ -178,7 +203,7 @@ get_id(const char *url, uint8_t *bin, si
 		url_size = (p2-p);
 	}
 
-	tmp.data = p;
+	tmp.data = (unsigned char *)p;
 	tmp.size = url_size;
 	ret = gnutls_hex_decode(&tmp, bin, bin_size);
 	if (ret < 0)
@@ -369,8 +394,8 @@ _gnutls_privkey_import_system_url(gnutls
 	const CERT_CONTEXT *cert = NULL;
 	CRYPT_HASH_BLOB blob;
 	CRYPT_KEY_PROV_INFO *kpi = NULL;
-	NCRYPT_KEY_HANDLE nc = NULL;
-	NCRYPT_PROV_HANDLE sctx = NULL;
+	NCRYPT_KEY_HANDLE nc = 0;
+	NCRYPT_PROV_HANDLE sctx = 0;
 	DWORD kpi_size;
 	SECURITY_STATUS r;
 	int ret, enc_too = 0;
--- ./lib/system.c~0	2016-09-07 23:52:18.000000000 +0300
+++ ./lib/system.c	2016-10-02 16:14:09.937500000 +0300
@@ -431,7 +431,6 @@ static
 int add_system_trust(gnutls_x509_trust_list_t list, unsigned int tl_flags,
 		     unsigned int tl_vflags)
 {
-	char path[GNUTLS_PATH_MAX];
 	unsigned int i;
 	int r = 0;
 
@@ -631,7 +630,7 @@ int _gnutls_ucs2_to_utf8(const void *dat
 	src[size] = 0;
 	src[size+1] = 0;
 
-	src_len = wcslen(src);
+	src_len = wcslen((wchar_t *)src);
 
 	ret =
 	    WideCharToMultiByte(CP_UTF8, flags,
@@ -661,7 +660,7 @@ int _gnutls_ucs2_to_utf8(const void *dat
 	}
 	dst[len - 1] = 0;
 
-	output->data = dst;
+	output->data = (unsigned char *)dst;
 	output->size = ret;
 
 	ret = 0;
--- ./lib/x509/verify-high.c~0	2016-01-08 10:55:36.000000000 +0200
+++ ./lib/x509/verify-high.c	2016-10-02 15:38:50.609375000 +0300
@@ -348,7 +348,9 @@ static int
 advance_iter(gnutls_x509_trust_list_t list,
              gnutls_x509_trust_list_iter_t iter)
 {
+#ifdef ENABLE_PKCS11
 	int ret;
+#endif
 
 	if (iter->node_index < list->size) {
 		++iter->ca_index;
--- ./src/benchmark.c~0	2014-01-01 19:13:31.000000000 +0200
+++ ./src/benchmark.c	2016-10-03 15:18:10.625000000 +0300
@@ -32,7 +32,8 @@ int benchmark_must_finish = 0;
 
 #if defined(_WIN32)
 #include <windows.h>
-DWORD WINAPI alarm_handler(LPVOID lpParameter)
+static DWORD WINAPI
+alarm_handler(LPVOID lpParameter)
 {
 	HANDLE wtimer = *((HANDLE *) lpParameter);
 	WaitForSingleObject(wtimer, INFINITE);
--- ./src/certtool-cfg.c~0	2016-02-06 21:50:36.000000000 +0200
+++ ./src/certtool-cfg.c	2016-10-03 13:49:56.203125000 +0300
@@ -48,6 +48,10 @@
 #include <ws2tcpip.h>
 #endif
 
+#ifdef __MINGW32__
+# include <arpa/inet.h>
+#endif
+
 /* Gnulib portability files. */
 #include <getpass.h>
 #include "certtool-common.h"
@@ -1214,7 +1218,7 @@ void get_rand_int_value(unsigned char* s
 
 #if SIZEOF_LONG < 8
 		default_serial_int = ts.tv_sec;
-		snprintf(tmsg, sizeof(tmsg), "%s (default: %" PRIu64"): ", msg, default_serial_int);
+		snprintf(tmsg, sizeof(tmsg), "%s (default: %" PRIu64 "): ", msg, default_serial_int);
 #else
 		default_serial_int = (ts.tv_sec << 32) | ts.tv_nsec;
 		snprintf(tmsg, sizeof(tmsg), "%s (default: %lu): ", msg, default_serial_int);
--- ./src/common.h~0	2015-07-21 12:42:08.000000000 +0300
+++ ./src/common.h	2016-10-03 13:53:12.625000000 +0300
@@ -89,7 +89,7 @@ static int system_recv_timeout(gnutls_tr
 {
 	fd_set rfds;
 	struct timeval tv;
-	int ret, fd = (long)ptr;
+	int fd = (long)ptr;
 
 	FD_ZERO(&rfds);
 	FD_SET(fd, &rfds);
--- ./tests/certuniqueid.c~0	2014-01-01 19:13:31.000000000 +0200
+++ ./tests/certuniqueid.c	2016-10-03 15:40:17.343750000 +0300
@@ -213,7 +213,7 @@ void doit(void)
 	if (result != GNUTLS_E_SHORT_MEMORY_BUFFER)
 		fail("get_issuer_unique_id short error %d\n", result);
 	if (buf_size != 16)
-		fail("get_issuer_unique_id buf size %zd\n", buf_size);
+		fail("get_issuer_unique_id buf size %u\n", buf_size);
 
 	buf_size = 16;
 	result =
@@ -229,7 +229,7 @@ void doit(void)
 	if (result != GNUTLS_E_SHORT_MEMORY_BUFFER)
 		fail("get_subject_unique_id short error %d\n", result);
 	if (buf_size != 16)
-		fail("get_subject_unique_id buf size %zd\n", buf_size);
+		fail("get_subject_unique_id buf size %u\n", buf_size);
 
 	buf_size = 16;
 	result =
--- ./tests/utils.c~0	2016-06-06 19:51:03.000000000 +0300
+++ ./tests/utils.c	2016-10-03 15:28:47.843750000 +0300
@@ -36,6 +36,22 @@
 #else
 #include <windows.h>		/* for Sleep */
 #include <winbase.h>
+
+/* Stolen from Gnulib.  */
+static unsigned int
+sleep (unsigned int seconds)
+{
+  unsigned int remaining;
+
+  /* Sleep for 1 second many times, because
+       1. Sleep is not interruptible by Ctrl-C,
+       2. we want to avoid arithmetic overflow while multiplying with 1000.  */
+  for (remaining = seconds; remaining > 0; remaining--)
+    Sleep (1000);
+
+  return remaining;
+}
+
 #endif
 
 #include <gnutls/gnutls.h>
