New in 0.0.15:
** Documentation improvements.
For example, you can now browse the GSS manual using DevHelp.
** Libtool's -export-symbols-regex is now used to only export official APIs.
Before, applications might accidentally access internal functions.
Note that this is not supported on all platforms, so you must still
make sure you are not using undocumented symbols in GSS.
* Version 0.0.14 (released 2004-10-15)
** gss_import_name and gss_duplicate_name no longer clone the OID.
Instead, only the pointer to the OID is cloned. It seem unclear where
a cloned OID would be deallocated.
** Fixed handling of sequence numbers in gss_accept_sec_context, for servers.
** Fix crash in gss_accept_sec_context for NULL values of ret_flags.
** Fix memory leaks.
** Sync with new Shishi 0.0.18 API.
* Changes in 0.0.13 (released 2004-08-08)
** Revamp of gnulib compatibility files.
** More translations.
French (by Michel Robitaille) and Romanian (by Laurentiu Buzdugan).
* Changes in 0.0.12 (released 2004-08-01)
** Added rudimentary self tests of Kerberos 5 context init/accept.
Tests client and server authentication, with and without mutual
authentication, and that various aspects of the API like ret_flags
work.
** Various fixes, discovered while writing the Kerberos 5 self test.
** Cross compile builds should work.
It should work for any sane cross compile target, but the only tested
platform is uClibc/uClinux on Motorola Coldfire.
* Changes in 0.0.11 (released 2004-04-18)
** Minor cleanups to the core header file.
Using xom.h is no longer supported (the file doesn't exist on modern
systems).
** Kerberos 5 sequence number handling fixed.
First, gss_init_sec_context set the sequence numbers correctly, before
the incorrect sequence numbers prevented gss_(un)wrap from working
correctly. Secondly, gss_unwrap now check the sequence numbers
correctly. This was prompted by the addition of randomized sequence
numbers by default in Shishi 0.0.15.
** The compatibility files in gl/ where synced with Gnulib.
** Various bugfixes and cleanups.
** Polish translation added, by Jakub Bogusz.
Changes since 0.0.6:
- A command line tool "gss" added in src/.
- gss_display_status can return multiple description texts (using context).
- The Swedish translation has been updated.
- Various cleanups and improvements.
- Implemented gss_export_name and gss_krb5_inquire_cred_by_mech.
The Kerberos 5 backend also support them.
- gss_inquire_cred support default credentials.
- Kerberos 5 gss_canonicalize_name now support all mandatory name types.
- Kerberos 5 gss_accept_sec_context now support sub-session keys in AP-REQ.
- Added new extended function API: gss_userok.
- API documentation in HTML format from GTK-DOC included in doc/reference/.
- Moved all backend specific code into sub-directories of lib/.
- The gss_duplicate_name function now allocate the output result properly.
- Man pages for all public functions are included.
- Documentation fixes. For example, all official APIs are now documented.
- Fixed typo that broke gss_wrap for 3DES with Kerberos 5.
- Improvements to build environment.
- Autoconf 2.59, Automake 1.8 beta, Libtool CVS used.
GSS is an implementation of the Generic Security Service Application Program
Interface (GSS-API). GSS-API is used by network servers (e.g., IMAP, SMTP) to
provide security security services, e.g., authenticate clients against servers.
GSS consists of a library and a manual.