GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers.
GNU SASL consists of a library (`libgsasl'), a command line utility (`gsasl') to access the library from the shell, and a manual. GNU SASL includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, GSSAPI, LOGIN, NTLM.
The library is portable because it does not do network communication by itself, but rather leaves it up to the calling application. The library is flexible with regards to the authorization infrastructure used, as it utilizes callbacks into the application to decide whether an user is authorized or not.
GNU SASL is written in pure ANSI C89 to be portable to embedded and otherwise limited platforms. The entire library, with full support for ANONYMOUS, EXTERNAL, PLAIN, LOGIN and CRAM-MD5, and the front-end that support client and server mode, and the IMAP and SMTP protocols, fits in under 60kb on an Intel x86 platform, without any modifications to the code.
GNU SASL is developed for the GNU/Linux system, but runs on over 20 platforms including most major Unix platforms and Windows, and many kind of devices including iPAQ handhelds and S/390 mainframes.
The core GNU SASL library, and most mechanisms, are licensed under the GNU Lesser General Public License. It is distributed separately, as the "libgsasl" package. The GNU SASL command line application, self test suite and more are licensed under the GNU General Public License. The "gsasl" package distribution includes the library part as well, so you do not need to install two packages.
What's New in This Release: [ read full changelog ]
· SAML20 support following RFC 6595. OPENID20 support following RFC 6616.
· SMTP server examples (e.g. for SCRAM, SAML20, and OPENID20).
· Various cleanups, portability fixes, and other bugfixes.
· The API and ABI are fully backwards compatible with version 1.6.x.