Shishi 0.0.13 alpha released

[Simon Josefsson]

Shishi is an implementation of the Kerberos 5 network authentication
system.  Shishi can be used to authenticate users in distributed
systems.

The project page of the library is available at:
  http://www.gnu.org/software/shishi/
  http://josefsson.org/shishi/

Here are the compressed sources:
  ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.13.tar.gz         (2.5MB)
  http://josefsson.org/shishi/releases/shishi-0.0.13.tar.gz   (2.5MB)

Here are GPG detached signatures using key 0xB565716F:
  ftp://alpha.gnu.org/gnu/shishi/shishi-0.0.13.tar.gz.sig
  http://josefsson.org/shishi/releases/shishi-0.0.13.tar.gz.sig

Here are the build reports for various platforms:
  http://josefsson.org/autobuild/shishi.html

Here are the MD5 checksums:
fd240f295f58b201112bfbac5fca4bcb  shishi-0.0.13.tar.gz
f91c32f430e96e854613211bdb5a0609  shishi-0.0.13.tar.gz.sig

Noteworthy changes (since 0.0.9, last version announced here):

* Version 0.0.13 (released 2004-01-15)

** Fixed salt calculation in shisa.
The earlier salt computed was incorrect, so existing keys in your
Shisa database, that were derived from passwords, are incorrect, and
should be changed.

** Fixed shisa key file parser to handle keys with leading whitespace.
The parser used fscanf, which skip whitespace.  If your cryptographic
key (not passwords), in binary format, had leading whitespace, it
would fail to read the correct key.

** Fix shishid crash on startup when sockets can't be opened.

** Various minor bugfixes.

* Version 0.0.12 (released 2004-01-02)

** The user database library Shisa has been improved.
Shisa now support multiple keys for users, and you can now selectively
add and remove keys via the command line interface.

** The Shishi client and Shishid KDC now support TLS resumption.
This improve TLS handshake speed, in particular for the normal AS plus
TGS combination.  Currently the TLS resume database is only stored in
memory, so if either the client or server process is restarted, the
TLS resume information is lost.  This add --resume-limit to Shishid,
which can be used to specify the size of the TLS resume database (or
to disable it).

** The KDC has been cleaned up and the error handling is more robust.

** The Shisa programming API is documented in the manual.

* Version 0.0.11 (released 2003-12-21)

** The Shishi library now support X.509 authenticated KDC connections via TLS.
The client currently do not check server authentication, however this
is no worse than existing UDP/TCP connections.  If client certificates
are available, the X.509 client certificate is simply sent (via TLS
handshake) to the KDC for possible pre-authentication purposes.

** The KDC now support X.509 authentication.
If server certificates are available, X.509 authenticated TLS may be
negotiated.  The KDC currently only use the client certificate details
for logging purposes.  However, it do verify client certificate
against CA certificates, if those are available.

** The KDC has been cleaned up and the error handling is more robust.

* Version 0.0.10 (released 2003-12-16)

** The TLS support in Shishid now works.

** All command line interfaces now uses getopt instead of argp.