Release Notes: Debian packages are available. The internal crypto code was replaced with modules from gnulib. A shared library versioning script was added. libidn detection code was improved. The manual doesn't have any invariant sections. gnulib compatibility files were updated. libtasn1 was updated.
Release Notes: This release adds documentation improvements, such as making the Shishi API manual available in DevHelp format, and updated gnulib compatibility files.
Release Notes: This release fixes some memory leaks, revamps the autogenerated documentation, improves the documentation, updates libtasn1 to 0.2.11, cleans the ASN.1 API, and adds various other API fixes so that functions that take fixed size buffers are replaced by functions that allocate dynamically-sized buffers of the correct length. When generating an AP-REP, the generated EncAPRepPart is now remembered.
Release Notes: There was a revamp of GNUlib compatibility files, and fixes for warnings.
Release Notes: This release adds support for overriding the configuration via a few environment variables. Experimental KDC now supports non-default ticket life lengths. Nettle is preferred over Libgcrypt. The pkg-config script no longer specifies -R. Files copied from libtasn1 and gnulib were updated.
Release Notes: The high-level AP interface now supports setting raw checksum field values.
Release Notes: The user database supports multiple keys per user. The Kerberos server (KDC) supports TLS resumption, which improves handshake speed. The manual documents the Shisa user database API. There are error handling and various other improvements to the KDC.
Release Notes: The client and server (KDC) now support X.509 authentication via TLS. The manual was updated and now contains a walk-through on setting up a Kerberos CA, as well as a walk-through on generating certificates for kerberos clients/KDCs.
Release Notes: Support for DES-CBC-CRC and ARCFOUR encryption types has been added. Short-hand aliases (e.g. "aes") can be used instead of the full encryption type names (e.g. "aes256-cts-hmac-sha1-96").
Release Notes: Proxiable, proxy, forwardable, and forwarded tickets are supported. Man pages for all public functions are included. Installed versions of Libgcrypt and libtasn1 used where possible. It is possible to enable and disable specific cipher suites at compile time. The internal crypto interface is now fully modularized. The logging destination for warnings and informational messages can be changed.