GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers.
GNU SASL consists of a library (`libgsasl'), a command line utility (`gsasl') to access the library from the shell, and a manual. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM and KERBEROS_V5 mechanisms.
The library is portable because it does not do network communication by itself, but rather leaves it up to the calling application. The library is flexible with regards to the authorization infrastructure used, as it utilizes callbacks into the application to decide whether an user is authorized or not.
GNU SASL is written in pure ANSI C89 to be portable to embedded and otherwise limited platforms. The entire library, with full support for ANONYMOUS, EXTERNAL, PLAIN, LOGIN and CRAM-MD5, and the front-end that support client and server mode, and the IMAP and SMTP protocols, fits in under 60kb on an Intel x86 platform, without any modifications to the code.
GNU SASL is developed for the GNU/Linux system, but runs on over 20 platforms including most major Unix platforms and Windows, and many kind of devices including iPAQ handhelds and S/390 mainframes.
For more information:
The core GNU SASL library, and most mechanisms, are licensed under the GNU Lesser General Public License. It is distributed separately, as the "libgsasl" package. The GNU SASL command line application, self test suite and more are licensed under the GNU General Public License. The "gsasl" package distribution includes the library part as well, so you do not need to install two packages.
Refer to the GNU SASL Manual web page for links to the manual in all formats; however, quick links to the most popular formats:
Currently the ANONYMOUS, EXTERNAL, PLAIN, LOGIN, SECURID, and CRAM-MD5 mechanisms are fully implemented in both client and server mode. The NTLM mechanism is implemented in client mode only. DIGEST-MD5 and GSSAPI are implemented in client and server mode, but not all features are supported (e.g., no security layers nor fast resumption).
The library has received very little real-world testing and should be considered alpha quality.
Projects using GNU SASL include:
Let us know about more projects that use GNU SASL!
A mailing list where GNU SASL users may help each other exists, and you can reach it by sending e-mail to firstname.lastname@example.org. Archives of the mailing list discussions, and an interface to manage subscriptions, is available through the World Wide Web at http://lists.gnu.org/mailman/listinfo/help-gsasl.
If you are interested in paid support of GNU SASL, or sponsor the development, please contact me. If you provide paid services for GNU SASL, and would like to be mentioned here, also contact me.
If you find GNU SASL useful, please consider making a donation. No amount is too small!
Information on what is new in the package itself can be found in the NEWS file (live CVS version).
The releases are distributed from ftp://alpha.gnu.org/pub/gnu/gsasl/ and http://josefsson.org/gsasl/releases/.
All official releases are signed with an OpenPGP key with fingerprint 0xB565716F.
GNU SASL is developed in CVS on a private machine. At irregular intervals, it is synchronized against a publicly available machine (just press enter at the password prompt):
$ cvs -d :pserver:email@example.com:/home/cvs/public-cvs login Logging in to :pserver:firstname.lastname@example.org:2401/home/cvs/public-cvs CVS password: $ cvs -d :pserver:email@example.com:/home/cvs/public-cvs co gsasl
See the file README-alpha on how to bootstrap and build the package from CVS.
If you only wish to extract the code covered by LGPL, do as follows:
$ cvs -d :pserver:firstname.lastname@example.org:/home/cvs/public-cvs co gsasl/lib
This package is simpler to bootstrap, as it only includes a library and no manual or programs, but see lib/README-alpha for the full story.
The online CVS repository is available, and there is also some CVS statistics.
A log of recent CVS activity is also available. If you prefer a mailing list, notifications of each CVS change is also sent to email@example.com.
If you have trouble using CVS, you may download a daily snapshot. The
snapshots are prepared similar to regular releases, i.e., you simply
build them using
./configure && make.
Before each release, the package is built on many platforms. The latest results from the autobuilder are available online.
You need at least a shell, a C compiler and a Make tool to build GNU SASL.
GNU SASL will enable certain features if you have the following optional external libraries installed:
Report all problems to firstname.lastname@example.org, but please read the manual on how to report bugs first.
Return to GNU's home page.
Please send FSF & GNU inquiries & questions to email@example.com. There are also other ways to contact the FSF.
Please send comments on these web pages to firstname.lastname@example.org, send other questions to email@example.com.
Copyright © 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
Updated: $Date: 2006/11/24 08:37:28 $ $Author: ramprasadb $