Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Simon Josefsson <jas <at> extundo.com>
Subject: Shishi 0.0.23
Newsgroups: gmane.comp.gnu.shishi.general
Date: Saturday 25th March 2006 21:32:45 UTC (over 10 years ago)
I am pleased to announce the availability of Shishi version 0.0.23!

Shishi is an implementation of the Kerberos 5 network authentication
system.  Shishi can be used to authenticate users in distributed
systems.  Shishi is part of a GNU system.

Noteworthy changes since the last version:

** Debian packages are available from http://josefsson.org/shishi/debian/
   Thanks to Russ Allbery, Yvan Bassuel and Elrond for help on the
   Debian packaging.

** Added shishi_derive_default_salt and shishi_key_from_name APIs.
   Used to create a key from principal and password.  Suggested by
   Elrond .

** Replace internal crypto code with modules from gnulib.

** Added shared library versioning script, suggested by Steve Langasek.

** Improved libidn detection code.

** Updated gnulib compatibility files.

** Updated libtasn1.

** Minor bugfixes and improvements.

Shishi contains a library ('libshishi') that can be used by
application developers to add support for Kerberos 5.  Shishi contains
a command line utility ('shishi') that is used by users to acquire and
manage tickets (and more).  The server side, a Key Distribution
Center, is implemented by 'shishid', and support X.509 authenticated
TLS via GnuTLS.  Of course, a manual documenting usage aspects as well
as the programming API is included.

Shishi currently supports AS/TGS exchanges for acquiring tickets, the
AP exchange for performing client and server authentication, and
SAFE/PRIV for integrity/privacy protected application data exchanges.
The DES, 3DES, ARCFOUR, and AES cryptographic algorithms are
supported.

Shishi aims to be internationalized, thread safe and portable.  Shishi
is written in ANSI/ISO C89, and has been ported to numerous platforms,
including most major Unix platforms and Windows, running on devices
including iPAQ handhelds and S/390 mainframes.  Shishi can also be
cross compiled to Microsoft Windows using mingw32 and embedded
platforms such as the Motorola Coldfire.

Current work items include improvements on the server (KDC),
integration of initial authentication via OpenPGP using GnuTLS,
set-passwd implementation, and a LDAP backend for the Shisa library
used in the KDC for information storage.  Assistance is appreciated on
any of these (or other) items.

Known problems in this release:

** Libgcrypt is required, the gnulib crypto code-path has regressed
   since the last release.  This will hopefully be fixed in the next
   release.

Improving Shishi is costly, but you can help!  We are looking for
organizations that find Shishi useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.

Commercial support contracts for Shishi are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding Shishi
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

If you need help to use Shishi, or want to help others, you are
invited to join our help-shishi mailing list, see:
<http://lists.gnu.org/mailman/listinfo/help-shishi>.

The project web page is available at:
  http://www.gnu.org/software/shishi/
  http://josefsson.org/shishi/
(updated fastest)

Here are the compressed sources (3.3MB):
  ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.23.tar.gz
  http://josefsson.org/shishi/releases/shishi-0.0.23.tar.gz

Here are GPG detached signatures signed using key 0xB565716F:
  ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.23.tar.gz.sig
  http://josefsson.org/shishi/releases/shishi-0.0.23.tar.gz.sig

The software is cryptographically signed by the author using an
OpenPGP key identified by the following information:

pub   1280R/B565716F 2002-05-05 [expires: 2006-08-14]
      Key fingerprint = 0424 D4EE 81A0 E3D1 19C6  F835 EDA2 1E94 B565 716F
uid                  Simon Josefsson 
uid                  Simon Josefsson <[email protected]>
sub   1280R/4D5D40AE 2002-05-05 [expires: 2006-08-14]
sub   1024R/09CC4670 2006-03-18 [expires: 2007-04-22]
sub   1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22]
sub   1024R/A14C401A 2006-03-18 [expires: 2007-04-22]

Note that the software is signed using my sub-key 0xAABB1F7B which is
stored on an OpenPGP smartcard, see <https://www.fsfe.org/en/card>.

The key is available from:
  http://josefsson.org/key.txt
  dns:b565716f.josefsson.org?TYPE=CERT

Here are the build reports for various platforms:
  http://josefsson.org/autobuild-logs/shishi.html

Here are the SHA-1 and SHA-224 checksums:

e4b546bbff6a388e643ff9d196a79086440fdb5c  shishi-0.0.23.tar.gz
0320b216b9c64ac7da2e96604815155683bb1b5c  shishi-0.0.23.tar.gz.sig

e775e9490cc9ea0220212871e3ba7df1f88791b9e7335155da166aa9 
shishi-0.0.23.tar.gz
5a45c9a20e6d31791961bc2eb37088913d5ac33a6431d55a2c43416b 
shishi-0.0.23.tar.gz.sig

Happy hacking,
Simon
 
CD: 3ms