[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Interest in packaging GNU Shishi and GNU Generic Security Service?

Russ Allbery <rra@stanford.edu> writes:

> Simon Josefsson <jas@extundo.com> writes:
>> Hi.  I'd like to get in contact with someone who would be interested in
>> creating and supporting Debian packages for my Kerberos 5
>> implementation, and its related GSS-API library.  Web pages are
>> available at:
>> http://www.gnu.org/software/shishi/
>> http://www.gnu.org/software/gss/
>> Shishi and GSS can be used by GNU SASL, GNU Mailutils, Fetchmail, Curl
>> and maybe other projects.
> I *might* be interested in this, although I'm fairly busy at the moment.
> But I certainly have a strong interest in good Kerberos implementations
> and have a lot of experience with the existing packages.
> I'd be very interested in making sure that it can co-exist with MIT
> Kerberos on the same system, since I can't really switch away from MIT
> Kerberos for my own personal use, but I'd want to have it installed to be
> able to easily test.
> Certainly, if multiple people are interested in working on this, I'd be
> glad to be part of a maintainer team.

Having you as a co-maintainer would be great.

I expect the initial packaging to be simple, it is just a './configure
&& make install' package.  Part of the 'make install' procedure should
be duplicated in the apt install scripts, for the KDC side, but that
part is not important.  I think it is more important to simply get the
library and binaries packaged.  How to better co-exist with MIT and
Heimdal is something that will need to be figured out along the way.

If there is interest in the idea, improving the GSS library to be able
to dlopen the MIT or Heimdal GSS libraries is an idea I have been
playing with.  Then Debian packages (like gsasl, fetchmail, curl,
mailutils, etc, that support GSS) would only have to be linked with
GNU GSS, and the user can, during run-time through a configuration
file, decide which actual implementation should be used.  GNU GSS
would then merely be a shim between MIT, Heimdal or Shishi.  Then
enabling GSS in more packages would be simpler, without having a
strong dependency on just one of MIT, Heimdal or Shishi.


Reply to: