[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Shishi 0.0.37

From: Simon Josefsson
Subject: Shishi 0.0.37
Date: Tue, 24 Jun 2008 13:35:29 +0200
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/22.2 (gnu/linux)

Shishi is an implementation of the Kerberos 5 network authentication
system.  Shishi can be used to authenticate users in distributed
systems.  Shishi is part of a GNU system.

* Version 0.0.37 (released 2008-06-24)

** libshishi: New functions to set a password prompt callback.
You register the callback using shishi_prompt_password_callback_set
and can retrieve the current callback using
shishi_prompt_password_callback_get.  The callback function should
follow the shishi_prompt_password_func function prototype.  The
shishi_prompt_password function has been updated to call the
callbacks, if registered.  Inspired by discussion with Graham Shaw

** libshishi: New ticketset hint flag SHISHI_TKTSHINTFLAGS_NON_INTERACTIVE.
When this flag is passed to ticketset functions, it will never query
the user for a password.  Inspired by discussion with Graham Shaw

** libshishi: When doing pre-authentication with a pre-seeded password,
** don't ask for a new password.
Reported by Graham Shaw <address@hidden> in

** libshishi: add new function to debug print ASN.1 structures.
shishi_asn1_print: ADD.

** libshishi: Cleanup type declaration of Shishi_asn1.
Now it is mapped to ASN1_TYPE if you included libtasn1.h, otherwise to

** Update examples for new API.
Now the examples are also built by default, so we notice any build
failures for them.

** Translations files not stored directly in git to avoid merge conflicts.
This allows us to avoid use of --no-location which makes the
translation teams happier.

** Dist gdoc-error to avoid build failures when building modified sources.
Reported by Graham Shaw <address@hidden> in

** Internal copy of libtasn1 updated to version 1.4.

** Update gnulib files.

** New APIs to deal with password queries.

Shishi contains a library ('libshishi') that can be used by application
developers to add support for Kerberos 5.  Shishi contains a command
line utility ('shishi') that is used by users to acquire and manage
tickets (and more).  The server side, a Key Distribution Center (KDC),
is implemented by 'shishid', and support X.509 authenticated TLS via
GnuTLS.  Of course, a manual documenting usage aspects as well as the
programming API is included.

Shishi currently supports AS/TGS exchanges for acquiring tickets,
pre-authentication, the AP exchange for performing client and server
authentication, and SAFE/PRIV for integrity/privacy protected
application data exchanges.  The DES, 3DES, ARCFOUR, and AES
cryptographic algorithms are supported.

Shishi aims to be internationalized, thread safe and portable.  Shishi
is written in ANSI/ISO C89, and has been ported to numerous platforms,
including most major Unix platforms and Windows, running on devices
including iPAQ handhelds and S/390 mainframes.  Shishi can also be cross
compiled to Microsoft Windows using mingw32 and embedded platforms such
as the Motorola Coldfire.

Current work items include improvements on the server (KDC), integration
of initial authentication via OpenPGP using GnuTLS, set-passwd
implementation, and a LDAP backend for the Shisa library used in the KDC
for information storage.  Assistance is appreciated on any of these (or
other) items.

Known problems in this release:

** Libgcrypt is required since the gnulib crypto code-path has
   regressed since the last few releases.  This will hopefully be
   fixed in the future.

Improving Shishi is costly, but you can help!  We are looking for
organizations that find Shishi useful and wish to contribute back.  You
can contribute by reporting bugs, improve the software, or donate money
or equipment.

Commercial support contracts for Shishi are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a Stockholm
based privately held company, is currently funding Shishi maintenance.
We are always looking for interesting development projects.  See for more details.

If you need help to use Shishi, or want to help others, you are
invited to join our help-shishi mailing list, see:

The project web page is available at: (updated fastest)

Here are the compressed sources (3.6MB):

Here are GPG detached signatures signed using key 0xB565716F:

The software is cryptographically signed by the author using an
OpenPGP key identified by the following information:

pub   1280R/B565716F 2002-05-05 [expires: 2008-06-30]
      Key fingerprint = 0424 D4EE 81A0 E3D1 19C6  F835 EDA2 1E94 B565 716F
uid                  Simon Josefsson <address@hidden>
uid                  Simon Josefsson <address@hidden>

The key is available from:

Here are the build reports for various platforms:

Here are the SHA-1 and SHA-224 checksums:

c0ad1f55d9ef0d3147cdeecd5b078c6887710197  shishi-0.0.37.tar.gz

1ed07b547b5aa608ddd3f0f253419574f2348aa6b879ed54420143ef  shishi-0.0.37.tar.gz

Happy hacking,

Attachment: pgpwDsTuSgcV9.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]