[Rack] Fwd: Shishi 1.0.2 released

maestro maestro415 at gmail.com
Thu Apr 4 18:02:19 UTC 2013

* thought this may be of interest to some...

* possibly some use with the rack(s) though maybe overkill, 'piling on', or
no use at all not sure...

message ends

---------- Forwarded message ----------
From: Simon Josefsson <simon at josefsson.org>
Date: Wed, Apr 3, 2013 at 4:05 AM
Subject: Shishi 1.0.2 released
To: help-shishi at gnu.org, info-gnu at gnu.org

Shishi is an implementation of the Kerberos 5 network authentication
system.  Shishi can be used to authenticate users in distributed
systems.  Shishi is part of a GNU system.

* Version 1.0.2 (released 2013-04-03)

** libshishi: Fix server-realm handling.
Reported by Mats Erik Andersson <gnu at gisladisker.se>.

** libshishi: Fix salt derivation for principals with multiple components.
Before, when adding a principal such as "user/admin" using shisa it
would use the wrong salt.  Reported by Mats Erik Andersson
<gnu at gisladisker.se>.

** libshishi: Fix setting principals with multiple components in
Before, the shishid KDC would return the wrong client principal name
in a KDC-REP when principals such as "user/admin" were used.  That
would lead to errors when getting a ticket for such principals.
Reported by Mats Erik Andersson <gnu at gisladisker.se>.

** libshishi: Fixes to .k5login authorization.
Patch by Mats Erik Andersson <gnu at gisladisker.se>.

** shishid: The syslog facility is now LOG_AUTH instead of LOG_DAEMON.
Suggested by Mats Erik Andersson <gnu at gisladisker.se>.

** minitasn1: Removed.  You must use an external installed libtasn1.
With recent libtasn1 it is no longer trivial to build libtasn1 as
copied source code files.

** Update gnulib files and various other fixes.

Shishi contains a library ('libshishi') that can be used by application
developers to add support for Kerberos 5.  Shishi contains a command
line utility ('shishi') that is used by users to acquire and manage
tickets (and more).  The server side, a Key Distribution Center (KDC),
is implemented by 'shishid', and support X.509 authenticated TLS via
GnuTLS.  Of course, a manual documenting usage aspects as well as the
programming API is included.

Shishi currently supports AS/TGS exchanges for acquiring tickets,
pre-authentication, the AP exchange for performing client and server
authentication, and SAFE/PRIV for integrity/privacy protected
application data exchanges.  The DES, 3DES, ARCFOUR, and AES
cryptographic algorithms are supported.

Shishi aims to be internationalized, thread safe and portable.  Shishi
is written in ANSI/ISO C89, and has been ported to numerous platforms,
including most major Unix platforms and Windows, running on devices
including iPAQ handhelds and S/390 mainframes.  Shishi can also be cross
compiled to Microsoft Windows using mingw32 and embedded platforms such
as the Motorola Coldfire.

Current work items include improvements on the server (KDC), integration
of initial authentication via OpenPGP using GnuTLS, set-passwd
implementation, and a LDAP backend for the Shisa library used in the KDC
for information storage.  Assistance is appreciated on any of these (or
other) items.

The project web page is available at:

All manuals are available from:

Direct links to the manual:
  HTML: https://www.gnu.org/software/shishi/manual/shishi.html
  PDF: https://www.gnu.org/software/shishi/manual/shishi.pdf

Direct links to the API Reference manual:
  HTML: https://www.gnu.org/software/shishi/reference/
  PDF: https://www.gnu.org/software/shishi/reference/shishi.pdf

For code coverage and cyclomatic code complexity charts:

If you need help to use Shishi, or want to help others, you are
invited to join our help-shishi mailing list, see:

Here are the compressed sources (4.8MB):

Here are GPG detached signatures signed using key 0xB565716F:

Improving Shishi is costly, but you can help!  We are looking for
organizations that find Shishi useful and wish to contribute back.  You
can contribute by reporting bugs, improve the software, or donate money
or equipment.

Commercial support contracts for Shishi are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult AB, a
Stockholm based privately held company, is currently funding Shishi
maintenance.  We are always looking for interesting development
projects.  See http://josefsson.org/ for more details.

The software is cryptographically signed by the author using an OpenPGP
key identified by the following information:

pub   1280R/B565716F 2002-05-05 [expires: 2013-05-10]
      Key fingerprint = 0424 D4EE 81A0 E3D1 19C6  F835 EDA2 1E94 B565 716F
uid                  Simon Josefsson <simon at josefsson.org>
sub   2048R/105E722E 2012-03-13 [expires: 2013-07-26]

The key is available from:

Here are the SHA-1 and SHA-224 checksums:

c065838baae18d2e39ccd0556e7b7364e2db48bb  shishi-1.0.2.tar.gz

Happy hacking,

GNU Announcement mailing list <info-gnu at gnu.org>


*~the quieter you become, the more you are able to hear...*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/rack/attachments/20130404/bc22de73/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 499 bytes
Desc: not available
URL: <http://www.noisebridge.net/pipermail/rack/attachments/20130404/bc22de73/attachment-0001.pgp>

More information about the Rack mailing list