GNU SASL is a modern C library that implement the standard network security protocol Simple Authentication and Security Layer (SASL). The framework itself and a couple of common SASL mechanisms are implemented. GNU SASL can be used by network applications for IMAP, SMTP, XMPP and other protocols to provide authentication services. Supported mechanisms include CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, SCRAM-SHA-1(-PLUS), GS2-KRB5, SAML20, OPENID20, LOGIN, NTLM.
* Version 1.8.1 (released 2019-08-02) [stable] ** gsasl: IMAP client code now permits empty SASL tokens prefixed with '+'. Normally servers should send '+ '. Buggy servers include Microsoft Exchange. Reported by Adam Sjøgren. ** GSSAPI client: Now retrieves GSASL_AUTHZID for authorization identity. ** GSSAPI client: Can now transmit an empty/missing authorization identity. See lib/NEWS for more information. ** Build fixes. Update of gnulib, including how it is bootstrapped. ** GSSAPI client: Now retrieves GSASL_AUTHZID for authorization identity. ** GSSAPI client: Can now transmit an empty/missing authorization identity. Before the GSSAPI client retrieved GSASL_AUTHID (authentication identity) and used that as the authorization identity. For backwards compatibility, the code now first tries GSASL_AUTHZID and then GSASL_AUTHID when discovering the authorization identity. If you don't want any authorization identity (and thus let the server fall back on the identity implied from the Kerberos layer) then return GSASL_NO_CALLBACK on both. Please update code to use GSASL_AUTHZID instead of GSASL_AUTHID, in case we remove the backwards compatibility code. Reported by Amon Ott. ** GSSAPI server: Fix memory leak after successful authentication. Report and patch by Goktan Kantarcioglu. ** libgsasl: gsasl_md5, gsasl_hmac_md5, gsasl_sha1, gsasl_hmac_sha1 API fix. The final output variable used to be 'char *out[16]' and 'char *out[20]' respectively, however this triggered bug in the gdoc automated documentation generator script so the types are now 'char *out[]'. This should not require any changes in any application using the library. ** i18n: Updated translations. ** The API and ABI is fully backwards compatible with version 1.6.x. The project's web page is available at: https://www.gnu.org/software/gsasl/ All manuals are available from: https://www.gnu.org/software/gsasl/manual/ The main manual: https://www.gnu.org/software/gsasl/manual/gsasl.html - HTML format https://www.gnu.org/software/gsasl/manual/gsasl.pdf - PDF format API Reference manual: https://www.gnu.org/software/gsasl/reference/ - GTK-DOC HTML Doxygen documentation: https://www.gnu.org/software/gsasl/doxygen/ - HTML format https://www.gnu.org/software/gsasl/doxygen/gsasl.pdf - PDF format For code coverage, cyclomatic code complexity charts and clang output see: https://www.gnu.org/software/gsasl/coverage/ https://www.gnu.org/software/gsasl/cyclo/ https://www.gnu.org/software/gsasl/clang-analyzer/ If you need help to use GNU SASL, or want to help others, you are invited to join our help-gsasl mailing list, see: https://lists.gnu.org/mailman/listinfo/help-gsasl Here are the compressed sources of the entire package: ftp://ftp.gnu.org/gnu/gsasl/gsasl-1.8.1.tar.gz (5.6MB) ftp://ftp.gnu.org/gnu/gsasl/gsasl-1.8.1.tar.gz.sig (OpenPGP) Here are the compressed sources of the LGPL library (included above): ftp://ftp.gnu.org/gnu/gsasl/libgsasl-1.8.0.tar.gz (1.8MB) ftp://ftp.gnu.org/gnu/gsasl/libgsasl-1.8.0.tar.gz.sig (OpenPGP) The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub rsa3744 2014-06-22 [SC] 9AA9 BDB1 1BB1 B99A 2128 5A33 0664 A769 5426 5E8C uid [ultimate] Simon Josefsson <si...@josefsson.org> sub rsa2048 2014-06-22 [S] sub rsa2048 2014-06-22 [E] sub rsa2048 2014-06-22 [A] The key is available from: https://josefsson.org/54265e8c.txt Future releases will (hopefully) be signed with an OpenPGP Ed25519 key created on 2019-03-20 with the following fingerprint: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid [ultimate] Simon Josefsson <si...@josefsson.org> sub cv25519 2019-03-20 [E] sub ed25519 2019-03-20 [A] sub ed25519 2019-03-20 [S] The key is available from: https://josefsson.org/key-20190320.txt Here are the SHA-1 and SHA-224 checksums: 82ba0079da6918784a8170d4a13ee133d9df1d7a gsasl-1.8.1.tar.gz 2fddefb2e849a74d5e9c177b4c2ef5517964bcdbf1c6ac367353ab3b gsasl-1.8.1.tar.gz a34b1459e4b888e60d5f8f8065fb4ab8e91be698 libgsasl-1.8.1.tar.gz 837964e533b59279123e9cfc12c6a5b9a8f1bd5215dc5c182073e9ee libgsasl-1.8.1.tar.gz Happy hacking, Simon
signature.asc
Description: PGP signature
-- If you have a working or partly working program that you'd like to offer to the GNU project as a GNU package, see https://www.gnu.org/help/evaluation.html.
