Shishi 0.0.13 alpha
Shishi is an implementation of the Kerberos 5 network
authentication system. Shishi can be used to authenticate users in
distributed systems.
The project page of the library is available at: http://www.gnu.org/software/shishi/
Here are the compressed sources:
ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.13.tar.gz
(2.5MB)
http://josefsson.org/shishi/releases/shishi-0.0.13.tar.gz
(2.5MB)
Here are GPG detached signatures using key 0xB565716F: ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.13.tar.gz.sig
http://josefsson.org/shishi/releases/shishi-0.0.13.tar.gz.sig
Here are the build reports for various platforms: http://josefsson.org/autobuild/shishi.html
Here are the MD5 checksums:
fd240f295f58b201112bfbac5fca4bcb shishi-0.0.13.tar.gz
f91c32f430e96e854613211bdb5a0609 shishi-0.0.13.tar.gz.sig
Noteworthy changes (since 0.0.9, last version announced
here):
- Version 0.0.13 (released 2004-01-15)
- Fixed salt calculation in shisa. The earlier salt computed was
incorrect, so existing keys in your Shisa database, that were
derived from passwords, are incorrect, and should be changed. - Fixed shisa key file parser to handle keys with leading
whitespace. The parser used fscanf, which skip whitespace. If your
cryptographic key (not passwords), in binary format, had leading
whitespace, it would fail to read the correct key. - Fix shishid crash on startup when sockets can’t be opened.
- Various minor bugfixes.
- Fixed salt calculation in shisa. The earlier salt computed was
- Version 0.0.12 (released 2004-01-02)
- The user database library Shisa has been improved. Shisa now
support multiple keys for users, and you can now selectively add
and remove keys via the command line interface. - The Shishi client and Shishid KDC now support TLS resumption.
This improve TLS handshake speed, in particular for the normal AS
plus TGS combination. Currently the TLS resume database is only
stored in memory, so if either the client or server process is
restarted, the TLS resume information is lost. This add
–resume-limit to Shishid, which can be used to specify the size of
the TLS resume database (or to disable it). - The KDC has been cleaned up and the error handling is more
robust. - The Shisa programming API is documented in the manual.
- The user database library Shisa has been improved. Shisa now
- Version 0.0.11 (released 2003-12-21)
- The Shishi library now support X.509 authenticated KDC
connections via TLS. The client currently do not check server
authentication, however this is no worse than existing UDP/TCP
connections. If client certificates are available, the X.509 client
certificate is simply sent (via TLS handshake) to the KDC for
possible pre-authentication purposes. - The KDC now support X.509 authentication. If server
certificates are available, X.509 authenticated TLS may be
negotiated. The KDC currently only use the client certificate
details for logging purposes. However, it do verify client
certificate against CA certificates, if those are available. - The KDC has been cleaned up and the error handling is more
robust.
- The Shishi library now support X.509 authenticated KDC
- Version 0.0.10 (released 2003-12-16)
- The TLS support in Shishid now works.
- All command line interfaces now uses getopt instead of
argp.
3DLDF Release 1.1.5.1
Release of 3DLDF 1.1.5.1.
3DLDF is a GNU package for three-dimensional drawing with
MetaPost output.
It is available from http://ftp.gnu.org/gnu/3dldf and
other ftp servers.
Please see the author’s website,
http://wwwuser.gwdg.de/~lfinsto1
and
http://www.gnu.org/directory/graphics/3D/3DLDF.html
for more information.
- Added missing Texinfo files to the `3dldf_TEXINFOS’ variable in
`3DLDF-1.1.5.1/DOC/TEXINFO/Makefile.am’, and reordered the
filenames. - Changed the names of the PNG (Portable Network Graphics) files
included in the HTML version of the _3DLDF User and Reference
Manual_. Changed the names in the commands for including these
files in the Texinfo files. I wasn’t able to write some of the
files with the old names to a CD-R (Compact Disk, Recordable).
GNU Automake 1.8.2
We’re pleased to announce the release of Automake 1.8.2.
Automake is a tool for automatically generating `Makefile.in’s
suitable for use with Autoconf, compliant with the GNU Makefile
standards, and portable to various make implementations.
This is a bug fix release for the Automake 1.8 series. It
supersedes Automake 1.8.1, which was not announced here because of
a serious bug discovered immediately after its release. Appended is
the list of bugs fixed between 1.8 and 1.8.2
You can find the new release here:
ftp://ftp.gnu.org/gnu/automake/automake-1.8.2.tar.gz
ftp://ftp.gnu.org/gnu/automake/automake-1.8.2.tar.gz.sig
ftp://ftp.gnu.org/gnu/automake/automake-1.8.2.tar.bz2
ftp://ftp.gnu.org/gnu/automake/automake-1.8.2.tar.bz2.sig
ftp://sources.redhat.com/pub/automake/automake-1.8.2.tar.gz
ftp://sources.redhat.com/pub/automake/automake-1.8.2.tar.gz.sig
ftp://sources.redhat.com/pub/automake/automake-1.8.2.tar.bz2
ftp://sources.redhat.com/pub/automake/automake-1.8.2.tar.bz2.sig
MD5 checksums:
7a8138b29361baec06548e6a0ac63189 automake-1.8.2.tar.bz2
181b4218ccd604898956f74f5877eb35 automake-1.8.2.tar.gz
Soon it will also appear on the sources and GNU mirrors listed
here:
http://www.gnu.org/order/ftp.html
http://sources.redhat.com/mirrors.html
Please report bugs to <bug-automake@gnu.org>.
Bug fixed in 1.8.2:
- Bugs introduced by 1.8:
- Fix Config.pm import error with old Perl versions (at least
5.005_03). One symptom is that aclocal could not find its macro
directory. - Automake 1.8 used `mkdir -m 0755 -p –‘ to ensure that
directories created by `make install’ are always world readable,
even if the installer happens to have an overly restrictive umask
(e.g. 077). This was a mistake and has been reverted. There are at
least two reasons why we must not use `-m 0755′:- it causes special bits like SGID to be ignored,
- it may be too restrictive (some setups expect 775
directories).
- Fix aclocal to honor definitions located in files which have
been m4_included manually. aclocal 1.8 had been updated to check
m4_included files for new requirements, but forgot that these
m4_included files can also provide new definitions.Note that if you have such a setup, we recommend you get rid of
it. In the past, there was a reason to m4_include files manually:
aclocal used to duplicate entire M4 files into aclocal.m4, even
files that were distributed. Some packages were therefore
m4_including the distributed file directly, and playing some tricks
to ensure aclocal would not copy that file to aclocal.m4, in order
to limit the amount of duplication. Since aclocal 1.8.x will
precisely output m4_includes for local M4 files, we recommend that
you clean up your setup, removing all manual m4_includes and
letting aclocal output them.
- Fix Config.pm import error with old Perl versions (at least
- Output detailed menus in the Info version if the Automake
manual, so that Emacs can locate the indexes. - configure.ac and configure were listed twice in DIST_COMMON (an
internal variable where Automake lists configury files to
distribute). This was harmless, but unaesthetic. - Use `chmod a-w’ instead of `chmod -w’ as the latter honors
umask. This was an issue only in the Automake package itself, not
in its output. - Automake assumed that all AC_CONFIG_LINKS arguments had the
form DEST:SRC. This was wrong, as some packages do
AC_CONFIG_LINKS($computedlinks). This version no longer abort in
that situation. - Contrary to mkinstalldirs, $(mkdir_p) was expecting exactly one
argument. This caused two kinds of failures:- Rules installing data in a conditionally defined directory
failed when that directory was undefined. In this case no argument
was supplied. - `make installdirs’ failed, because several directories were
passed to $(mkdir_p). This was an issue only on platform were
$(mkdir_p) is implemented with `install-sh -d’. $(mkdir_p) as been
changed to accept 0 or more arguments, as mkinstalldirs did.- Long-standing bugs:
- Rules installing data in a conditionally defined directory
- Fix an unexpected diagnostic occurring when users attempt to
override some internal variables that Automake appends to. - aclocal now scans configure.ac for macro definitions
(PR/319). - Fix a portability issue with OSF1/Tru64 Make. If a directory
distributes files which are outside itself (this usually occurs
when using AC_CONFIG_AUX_DIR([../dir]) to use auxiliary files from
a parent package), then `make distcheck’ fails due to an
optimization performed by OSF1/Tru64 Make in its VPATH handling.
(tests/subpkg2.test failure) - Fix another portability issue with Sun and OSF1/Tru64 Make. In
a VPATH-build configuration, `make install’ would install nobase_
files to wrong locations. - Fix a Perl `uninitialized value’ diagnostic occurring when
automake complains that a Texinfo file does not have a @setfilename
statement. - Erase config.status.lineno/ during
`make distclean’. This file can be created by config.status.
Automake already knew about configure.lineno, but forgot config.status.lineno/. - Distribute all files, even those which are built and installed
conditionally. This change affects files listed in conditionally
defined *_HEADERS and *_PYTHON variable (unless they are nodist_*)
as well as those listed in conditionally defined dist_*_DATA,
dist_*_JAVA, dist_*_LISP, and dist_*_SCRIPTS variables. - Fix AM_PATH_LISPDIR to avoid ? in sed regular expressions; it
doesn’t conform to POSIX. - Normalize help strings for configure variables and options
added by Automake macros. - Fix install rules for conditionally built python files.
- Anticipation:
- Check for python2.4 in AM_PATH_PYTHON.
- Spurious failures in test suite:
- tests/libtool5.test, tests/ltcond.test, tests/ltcond2.test,
tests/ltconv.test: fix failures with CVS Libtool. - tests/aclocal6.test: fix failure if autom4te.cache is
disabled. - tests/txinfo24.test, tests/txinfo25.test, tests/txinfo28.test:
fix failures with old Texinfo versions.
GNU SASL 0.0.12 alpha
GNU SASL is an implementation of the Simple Authentication and
Security Layer framework and a few common SASL mechanisms. SASL is
used by network servers (e.g., IMAP, SMTP) to request
authentication from clients, and in clients to authenticate against
servers.
The project page of the library is available at: http://www.gnu.org/software/gsasl/
Here are the compressed sources:
ftp://alpha.gnu.org/gnu/gsasl/gsasl-0.0.12.tar.gz
(1.3MB)
http://josefsson.org/gsasl/releases/gsasl-0.0.12.tar.gz
(1.3MB)
Here are GPG detached signatures using key 0xB565716F:
ftp://alpha.gnu.org/gnu/gsasl/gsasl-0.0.12.tar.gz.sig
http://josefsson.org/gsasl/releases/gsasl-0.0.12.tar.gz.sig
Here are the build reports for various platforms: http://josefsson.org/autobuild/gsasl.html
Here are the MD5 checksums:
a8960acdb90b63046b28e2defb20a125 gsasl-0.0.12.tar.gz
b5c7ed56df02112b0c2ef8514fe5d6da gsasl-0.0.12.tar.gz.sig
Noteworthy changes (since 0.0.10, last version announced
here):
- Changes in 0.0.12 (released 2004-01-15)
- Protocol line parser in ‘gsasl’ tool more reliable. Earlier it
assumed two lines were sent in one packet in one place, and sent as
two packets in another place. - Various bugfixes.
- Protocol line parser in ‘gsasl’ tool more reliable. Earlier it
- Changes in 0.0.11 (released 2004-01-06)
- The client part of CRAM-MD5 now uses SASLprep instead of NFKC.
This aligns with draft-ietf-sasl-crammd5-01. - The CRAM-MD5 challenge string now conform to the proper
syntax. - The string preparation (SASLprep and trace) functions now work
correctly. - DocBook manuals no longer included. The reason is that recent
DocBook tools from the distribution I use (Debian) fails with an
error. DocBook manuals may be included in the future, if I can get
the tools to work. - API and ABI modifications.
GSASL_SASLPREP_ERROR: ADD.
- The client part of CRAM-MD5 now uses SASLprep instead of NFKC.
GNU Generic Security Service Library 0.0.9 alpha
GSS is an implementation of the Generic Security Service
Application Program Interface (GSS-API). GSS-API is used by network
servers to provide security services, e.g., to authenticate
SMTP/IMAP clients against SMTP/IMAP servers. GSS consists of a
library and a manual.
The project page of the library is available at:
http://www.gnu.org/software/gss/
Here are the compressed sources:
ftp://alpha.gnu.org/gnu/gss/gss-0.0.9.tar.gz
(1.2MB)
http://josefsson.org/gss/releases/gss-0.0.9.tar.gz
(1.2MB)
Here are GPG detached signatures using key 0xB565716F: ftp://alpha.gnu.org/gnu/gss/gss-0.0.9.tar.gz.sig
http://josefsson.org/gss/releases/gss-0.0.9.tar.gz.sig
Here are the build reports for various platforms: http://josefsson.org/autobuild/gss.html
Here are the MD5 checksums:
b054b5732273b25de28cf3ebaf2569a7 gss-0.0.9.tar.gz
92e43720a5342ec72885d3015c247530 gss-0.0.9.tar.gz.sig
Noteworthy changes (since 0.0.7, last version announced
here):
- Changes in 0.0.9 (released 2004-01-15)
- Implemented gss_exportname and
gss_krb5_inquire_credby_mech. The Kerberos 5 backend also
support them. - gss_inquire_cred support default credentials.
- Kerberos 5 gss_canonicalize_name now support all mandatory name
types. - Kerberos 5 gss_accept_sec_context now support sub-session keys
in AP-REQ. - Added new extended function API: gss_userok. This is the same
as invoking gss_export_name on a name, removing the OID, and then
comparing the remaining material using memcmp. - API documentation in HTML format from GTK-DOC included in
doc/reference/.
- Implemented gss_exportname and
- Changes in 0.0.8 (released 2004-01-11)
- Moved all backend specific code into sub-directories of lib/.
This means everything related to the Kerberos 5 backend is now
located in lib/krb5/. The backend is built into its own library
(libgss-shishi.so), to facilitate future possible use of dlopen to
dynamically load backends. - The gss_duplicate_name function now allocate the output result
properly. - Man pages for all public functions are included.
- Documentation fixes. For example, all official APIs are now
documented.
- Moved all backend specific code into sub-directories of lib/.