[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Shishi 0.0.4 alpha released
From: |
Simon Josefsson |
Subject: |
Shishi 0.0.4 alpha released |
Date: |
Sun, 31 Aug 2003 16:30:06 +0200 |
User-agent: |
Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3.50 (gnu/linux) |
Shishi is a (still incomplete) implementation of the Kerberos 5
network authentication system. Shishi can be used to authenticate
users in distributed systems.
Shishi contains a library ('libshishi') that can be used by
application developers to add support for Kerberos 5. Shishi contains
a command line utility ('shishi') that is used by users to acquire and
manage tickets (and more). The server side, a Key Distribution
Center, is implemented by 'shishid'. Of course, a manual documenting
usage aspects as well as the programming API is included.
Shishi currently supports AS/TGS exchanges for acquiring tickets, the
AP exchange for performing client and server authentication, and SAFE
for integrity protected application data exchanges. Shishi is
internationalized; error and status messages can be translated into
the users' language; user name and passwords can be converted into any
available character set (normally including ISO-8859-1 and UTF-8) and
also be processed using an experimental Stringprep profile. The
des-cbc-md4, des-cbc-md5, des3-cbc-sha1-kd, aes128-cts-hmac-sha1-96,
and aes256-cts-hmac-sha1-96 encryption types, and the rsa-md4-des,
rsa-md5-des, hmac-sha1-des3-kd, hmac-sha1-96-aes128,
hmac-sha1-96-aes256 checksum types are supported.
Shishi is developed for the GNU/Linux system, but runs on over 20
platforms including most major Unix platforms and Windows, and many
kind of devices including iPAQ handhelds and S/390 mainframes.
Shishi is free software licensed under the GNU Public License.
The project web page:
http://www.gnu.org/software/shishi/
Here are the compressed sources:
http://josefsson.org/shishi/releases/shishi-0.0.4.tar.gz (1.8MB)
Here are GPG detached signatures using key 0xB565716F:
http://josefsson.org/shishi/releases/shishi-0.0.4.tar.gz.asc
Here are the MD5 and SHA1 signatures:
e1aa632025f0f604353ed909ec2e031e shishi-0.0.4.tar.gz
de5cab8f4344f7cde19e016e9d76f0a176e7d517 shishi-0.0.4.tar.gz
All noteworthy changes not announced here:
* Version 0.0.4 (released 2003-08-31)
** The rsh/rlogin client 'rsh-redone' ported to Shishi, by Nicolas Pouvesle.
The client is located in extra/rsh-redone/. It supports
authentication and encryption. It interoperate with other
implementations.
** Authenticator subkeys are supported, and is used by default in AP/TGS.
Some KDCs does not understand subkeys in TGS requests, and use the
session key instead. Shishi detect and work around this problem but
prints a warning.
** Simplistic key distribution center (KDC) is working.
See the Administration Manual for a walk through on how to get it up
and running.
** Various API changes.
* Version 0.0.3 (released 2003-08-22)
** Documentation fixes.
** Cleanups.
* Version 0.0.2 (released 2003-08-17)
** Command line handling of the 'shishi' application rewritten.
See the (updated) user manual and --help output for the new story.
** It is possible to acquire renewable tickets.
** Example client and server included.
Application data protection is not supported, but authentication is
demonstrated. The files are in src/client.c and src/server.c.
** New configuration verbs: 'ticket-life' and 'renew-life'.
** AES ciphers didn't work when nettle was used.
** Cleanups, bug fixes and improved portability.
* Version 0.0.1 (released 2003-08-10)
** InetUtils copy removed.
The patches (also found in extra/inetutils.diff) are forwarded upstream.
** Libidn copy removed.
Libidn is optional, but recommended. It is used automatically if
present on your system.
** Gettext not included.
Due to some conflicts between libtool and gettext, if you want i18n on
platforms that does not already have a useful gettext implementation,
you can install GNU gettext before building this package. If you
don't care about i18n, this package should work fine (except for i18n,
of course).
** Low-level crypto uses nettle if libgcrypt is not installed.
Libgcrypt is not shipped with Shishi any more, instead a more
streamlined crypto implementation based on nettle is included.
Specify --with-libgcrypt to use libgcrypt.
** Libtasn1 updated and replaced by "minitasn1" from gnutls.
Specify --with-system-libtasn1 to link with the installed libtasn1, if
you have it.
** KDC addresses are now found via DNS SRV RRs as a last resort.
This is only enabled if libresolv and resolv.h is found on your
system.
** Argp and other compatibility files replaced by gl/ directory.
** Cleanups, bug fixes and various improvements.
* Version 0.0.0 (released 2003-06-02)
** Initial release
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Shishi 0.0.4 alpha released,
Simon Josefsson <=