GNU SASL is a modern C library that implement the standard network security protocol Simple Authentication and Security Layer (SASL). The framework itself and a couple of common SASL mechanisms are implemented. GNU SASL can be used by network applications for IMAP, SMTP, XMPP and similar protocols to provide authentication services.
Top-level NEWS entries: * Version 1.1 (released 2009-03-25) ** gsasl: Reading integrity protected data from server now works. Before it didn't decode data. ** gsasl: The --quality-of-protection parameter now works. It was just a dummy before. Only relevant for DIGEST-MD5. Note that the parameter value have been modified to match the library keywords. ** Only detect sufficiently recent GnuTLS versions. Version 2.2.x or later is required. Library (lib/) NEWS entries: * Version 1.1 (released 2009-03-25) ** DIGEST-MD5 client: Add support for client integrity layer. The layer is not used by default, the application needs to request it specifically in a callback or by setting the GSASL_QOP property. ** DIGEST-MD5: Decoding of integrity protected sessions now works better. Reported by Andery Melnikov <temnota...@gmail.com>. ** libgsasl: Add new property GSASL_QOPS. The DIGEST-MD5 server query for this property to get the set of quality of protection (QOP) values to advertise. The property holds strings with comma separated keywords denoting the set of qops to use, for example "qop-auth, qop-int". Valid keywords are "qop-auth", "qop-int", and "qop-conf". The GSSAPI mechanism may be enhanced to use this property as well in the future. ** libgsasl: Add new property GSASL_QOP. The DIGEST-MD5 client query for this property to get the quality of protection (QOP) values to request. The property value is one of the keywords for GSASL_QOPS. The client must chose one of the QOP values offered by the server (which may be inspected through the GSASL_QOPS property). The GSSAPI mechanism may be enhanced to use this property as well in the future. ** DIGEST-MD5 client: Now queries application for QOP value This makes it possible for client applications to request support for authentication only and/or authentication plus integrity. Before, the client only supported authentication. Note that confidentiality is not supported, and if you request it you will get an error. ** DIGEST-MD5 server: Now queries application for QOP values. This makes it possible for server applications to influence whether to advertise support for authentication only and/or authentication plus integrity. Before, the server unconditionally advertised support for both. Note that confidentiality is not supported, and if you request it you will get an error. Suggested by Andery Melnikov <temnota...@gmail.com>. ** DIGEST-MD5 server: No longer advertises support for integrity by default. You can request it specifically through a callback or setting the GSASL_QOPS property. ** libgsasl: Added C pre-processor expressions for version handling. The new symbols GSASL_VERSION_MAJOR, GSASL_VERSION_MINOR, GSASL_VERSION_PATCH, and GSASL_VERSION_NUMBER can be used in numeric comparisons to test version level. ** libgsasl: Use a LD version script on platforms where it is supported. Currently only GNU LD and the Solaris linker supports it. This helps Debian package tools to produce better dependencies. Before we used Libtool -export-symbols-regex that created an anonymous version tag. We use -export-symbols-regex when the system does not support LD version scripts, but that only affect symbol visibility. ** libgsasl: Compiled with -fvisibility=hidden by default if supported. Currently only GCC supports it for ELF targets. This hides internal symbols and has other advantages, see <http://gcc.gnu.org/wiki/Visibility>. ** API and ABI modifications. GSASL_VERSION_MAJOR: ADDED GSASL_VERSION_MINOR: ADDED GSASL_VERSION_PATCH: ADDED GSASL_VERSION_NUMBER: ADDED GSASL_QOP: ADDED GSASL_QOPS: ADDED Improving GNU SASL is costly, but you can help! We are looking for organizations that find GNU SASL useful and wish to contribute back. You can contribute by reporting bugs, improve the software, purchase support contracts, or donate money or equipment. Commercial support contracts for GNU SASL are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding GNU SASL maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. The project's web page is available at: http://www.gnu.org/software/gsasl/ All manuals are available from: http://www.gnu.org/software/gsasl/manual/ Specifically, the following formats are available. The main manual: http://www.gnu.org/software/gsasl/manual/gsasl.html - HTML format http://www.gnu.org/software/gsasl/manual/gsasl.pdf - PDF format API Reference manual: http://www.gnu.org/software/gsasl/reference/ - GTK-DOC HTML Doxygen documentation: http://www.gnu.org/software/gsasl/doxygen/ - HTML format http://www.gnu.org/software/gsasl/doxygen/gsasl.pdf - PDF format Instructions for how to build GNU SASL under uClinux are available from <http://josefsson.org/uclinux/>. If your uClinux toolchain is broken, it is possible to build GNU SASL without using the ./configure mechanism, see <http://josefsson.org/uclinux/old/>. If you need help to use GNU SASL, or want to help others, you are invited to join our help-gsasl mailing list, see: <http://lists.gnu.org/mailman/listinfo/help-gsasl>. Here are the compressed sources of the entire package: ftp://ftp.gnu.org/pub/gnu/gsasl/gsasl-1.1.tar.gz (3.7MB) ftp://ftp.gnu.org/pub/gnu/gsasl/gsasl-1.1.tar.gz.sig (PGP) Here are the compressed sources of the LGPL library (included above): ftp://ftp.gnu.org/pub/gnu/gsasl/libgsasl-1.1.tar.gz (908KB) ftp://ftp.gnu.org/pub/gnu/gsasl/libgsasl-1.1.tar.gz.sig (PGP) We also provide pre-built Windows binaries: http://josefsson.org/gnutls4win/gsasl-1.1.zip http://josefsson.org/gnutls4win/mingw32-gsasl_1.1-1_all.deb Here are the build reports for various platforms: http://autobuild.josefsson.org/gsasl/ Daily builds of the package are available from: http://daily.josefsson.org/gsasl/ The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2010-02-22] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson <si...@josefsson.org> uid Simon Josefsson <j...@extundo.com> sub 1280R/4D5D40AE 2002-05-05 [expires: 2009-04-21] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 18ad50a16da8cbb53b720968545330fa5cdaa380 gsasl-1.1.tar.gz 899cdafc0200751151ae40e009830fe8dfa29cacab220c0fe2d36a6c gsasl-1.1.tar.gz 6261807a5251eba564175169af0662e6e1583ca7 libgsasl-1.1.tar.gz 81498a24de361cb64a67c44aa38399bccd36a80cdc03d322f28a58a8 libgsasl-1.1.tar.gz 1283c77fb53d8d8e8ba9650cde65af68d3835389 gsasl-1.1.zip c7c880d6e1729f5d79551ed4b5e28ae8dc171a606e82dff80d50e2ba gsasl-1.1.zip 45a3510d074b776f9f38480ba03850c172391be2 mingw32-gsasl_1.1-1_all.deb 9ccb2b959ab4833df1411b569c7706d7950f7b058dae6c6fb4676c43 mingw32-gsasl_1.1-1_all.deb Happy hacking, Simon
pgp0K283c8LCA.pgp
Description: PGP signature
_______________________________________________ GNU Announcement mailing list <info-gnu@gnu.org> http://lists.gnu.org/mailman/listinfo/info-gnu
