The following packages have been uploaded for testing in Cygwin:
* gsasl 2.2.1
* libgsasl-doc 2.2.1
* libgsasl-devel 2.2.1
* libgsasl-common 2.2.1
* libgsasl18 2.2.1
GNU SASL is an implementation of the Simple Authentication and Security
Layer (SASL) framework, consisting of a library with several plugins,
and command-line application.
For more information see the project home page:
https://www.gnu.org/software/gsasl/
See below or read /usr/share/doc/gsasl/NEWS after installation for
a summary of changes since the last Cygwin release, or read
/usr/share/doc/gsasl/ChangeLog after installation for details.
Noteworthy changes in release 2.2.1 2024-01-02
- Base64 encoding/decoding now rejects non-conforming data.
- SCRAM server: Add support for GSASL_SCRAM_SALTED_PASSWORD.
If the server knows GSASL_SCRAM_SALTED_PASSWORD with matching
GSASL_SCRAM_ITER and GSASL_SCRAM_SALT values, it can avoid having to
compute the expensive PBKDF2 operation.
The SCRAM client already supports this mode.
It is recommended for servers to store GSASL_SCRAM_SERVERKEY and
GSASL_SCRAM_STOREDKEY values in a database, but sometimes storing
GSASL_SCRAM_SALTED_PASSWORD, GSASL_SCRAM_ITER and GSASL_SCRAM_SALT has
other advantages.
- gsasl: Added --scram-salted-password=STRING for test purposes.
- tests: Resolve spurious 'Improper format of Kerberos configuration'.
The gsasl-dovecot-gssapi.sh and gsasl-mailutils-gs2krb5-gssapi.sh
self-tests configures a local Kerberos KDC running as non-root with
configuration and database in local temporary directories.
The kadmin.local tool will read and parse all files under the
directory pointed to by KRB5_KDC_PROFILE assuming it contain
configuration files.
We accidentally put the KDC internal database in that directory.
Normally reading these binary files (databases with encryption keys)
is harmless, the garbage content is just ignored.
However once in a while the encryption key or database will contain a
line feed followed by the [ character, causing the configuration file
parser to look for a balancing ] character, and if this cannot be
found the tool fails.
Since this only happened once in a while it was challenging to debug.
- Reasonable compiler warnings are now enabled by default.
You may disable this using --disable-gcc-warnings (old behaviour) or
turn them into fatal build errors using --enable-gcc-warnings=error to
enable -Werror.
- Various minor bug fixes and improvements.
--
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
The easiest way to unsubscribe is to visit
<https://cygwin.com/mailman/options/cygwin-announce>, and click 'Unsubscribe'.
If you need more information on unsubscribing, start reading here:
<https://sourceware.org/lists.html#unsubscribe>.
