The GNU Generic Security Service Library offers an implementation of Generic Security Service API, enabling secure communication between applications.
The only requirements for using this library are GNU Shishi (recommended) and pkg-config (optional). It is important to note that GSS has received minimal testing and should currently be considered alpha quality. Despite this, the source code framework is in place, documentation is outlined, and there are simple self-tests available.
The Kerberos 5 mechanism (RFC 1964) supports mutual authentication and the standard DES cipher, while the non-standard 3DES cipher is also implemented. Unfortunately, no specifications for AES are available. GNU SASL can easily use GSS to connect to GNU Mailutils and Cyrus IMAP servers using GSS implementations from MIT Kerberos or Heimdal. Additionally, GNU MailUtils is capable of serving GSSAPI clients. LSH provides a SSH client and server with GSS authentication upon patching.
Although developed for GNU/Linux systems, GSS also runs on over 20 platforms including most major Unix platforms and Windows, as well as many other devices including iPAQ handhelds and S/390 mainframes. Furthermore, GSS relies on Shishi to implement the Kerberos V5 mechanism.
Notably, some projects currently using GSS include GNU SASL, GNU Mailutils, Curl, and Fetchmail. As for what's new in the latest version of GSS, new releases will no longer be announced. Instead, users are encouraged to read help-gss or check the release directory periodically. That being said, GSS 0.0.10 was recently released.
Overall, GSS is a powerful tool for developers who need to provide security services for their network applications. Despite limited testing and ongoing development, GSS remains a valuable addition to any software toolkit.
Version 0.0.19: N/A