The NetBSD Project

CVS log for pkgsrc/security/gsasl/PLIST

[BACK] Up to [] / pkgsrc / security / gsasl

Request diff between arbitrary revisions

Default branch: MAIN
Current tag: MAIN

Revision 1.20 / (download) - annotate - [select for diffs], Sun Jul 17 08:24:53 2022 UTC (10 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1, pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, HEAD
Changes since 1.19: +3 -104 lines
Diff to previous 1.19 (colored)

gsasl: update to 2.0.1.

* Noteworthy changes in release 2.0.1 (2022-07-15) [stable]

** Support for the libgssglue GSS-API library were added.
We encourage you to build with libgssglue, as that allows system
administrators and end-users to chose between MIT Kerberos, Heimdal
and GNU GSS during run-time.  Read about the background here:

** GSSAPI client: don't use AUTHID as fallback for AUTHZID.
The code historically used the AUTHID as authorization identity, but
in 2012 we changed it to first query for AUTHZID, and only if that is
not available, fall back to using AUTHID as the authorization
identity.  The change was not released until version 1.8.1 on
2019-08-02, when it was properly documented to be removed 'after the
year 2012'.  While documented behaviour, this seems like just
surprising behaviour and we now finally make the change.

** GSSAPI server: don't set AUTHZID to empty string when absent.
The GSS-API SASL protocol does not differentiate between an absent
authorization identity and an authorization identity that is the empty
string.  Previously libgsasl would set it to the empty string but now
it is set to NULL.  The manual explains that this is a protocol

** The examples/smtp-server.c now supports GSSAPI/GS2-KRB5.
The example is used during CI/CD testing of GNU SASL and thus it made
sense to extend it.  Some bugs related to getline error conditions
were also fixed.

** GSSAPI server: Fix out-of-bounds read.
A malicious client can after it has authenticated with Kerberos send a
specially crafted message that causes Libgsasl to read out of bounds
and cause a crash in the server.

* Noteworthy changes in release 2.0.0 (2022-06-20) [stable]

** Compared to last stable branch 1.10.x the 2.0.0 release
** drops all obsolete APIs, drops the abandoned KERBEROS_V5 mechanism,
** stops shipping a separate tarball for only the library, adds new APIs
** gsasl_mechanism_name_p() and gsasl_property_free().
Numerous other translation improvements, code cleanups, bug fixes,
documentation additions, build improvements and portability
enhancements were made as well.

Revision 1.19 / (download) - annotate - [select for diffs], Thu Jan 7 22:09:52 2021 UTC (2 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4, pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2, pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.18: +5 -0 lines
Diff to previous 1.18 (colored)

gsasl: update to 1.10.0.

* Version 1.10.0 (released 2021-01-01) [stable]

** This is a new major stable release.  Brief changes compared to 1.8.x:

*** SCRAM-SHA-256 and SCRAM-SHA-256-PLUS support per RFC 7677.

*** SCRAM supports password-less usage (StoredKey/ServerKey).

*** New 'gsasl --mkpasswd' command to prepare SCRAM salted/hashed passwords.

*** Final warning that obsolete APIs will be removed.

*** Various cleanups, portability and other bug fixes.
See the entries in NEWS and lib/NEWS covering the 1.9.x branch for details.

* Version 1.9.3 (released 2021-01-01) [beta]

** Fix build/portability problems.  GnuTLS >= 3.4 is required.
Thanks to Bruno Haible for reports.

* Version 1.9.2 (released 2020-12-24) [beta]

** gsasl: Don't abort command on some exepected TLS events (for TLS 1.3).
Patch from Enrico Scholz <> in:

** gsasl: Use GnuTLS system trust settings by default for X.509 server
** certificate validation.
Before it was documented behaviour that unless --x509-ca-file was
used, no verification of the server-side certificate was performed.
Now instead it will use the system trust settings, which on properly
configured systems results in verification of the server certificate.
As a result, you may now start to get server certificate verification
errors in situations where you didn't expect them.  Use --x509-ca-file
with the empty string ("") as a file name to use the old behaviour to
not abort on server certificate verification failures.

** SCRAM, GS2 and GSSAPI retrieve properties later in
** the authentication process.
Before the property GSASL_CB_TLS_UNIQUE was retrieved during SCRAM
gsasl_client_start() and gsasl_server_start(), and the properties
gsasl_server_start().  Now they are retrieved during the first call to

The only user-visible impact of this should be that 'gsasl
--client-mechanisms' and 'gsasl --server-mechanisms' will now not
query for parameters before giving a list of supported mechanisms,
which arguable gives a better user experience.  The downside of this
is that SCRAM-*-PLUS, GS2 and GSSAPI may be advertised even though
completing the server mechanism may not complete.

The problem with calling callbacks in the start() function is that the
callback will have no per-session context at that point, only a global
context, so the only way to give per-session unique callback responses
is to use a separate global handle per session.  This was discovered
in the Exim implementation of gsasl with SCRAM that used to request
the GSASL_CB_TLS_UNIQUE property in the start() function.  After
noticing this design issue, and writing this self test, it was
discovered that it also happened for the GSSAPI/GS2 server (not
client) mechanism for the GSASL_SERVICE and GSASL_HOSTNAME properties.

Thanks to Jeremy Harris for noticing the problem and discussion, see

** gsasl: The --mkpasswd output format follows Dovecot 'doveadm pw'.

** Filenames of images in the manual are now prefixed with 'gsasl-'.
This makes /usr/share/info more understandable, and it is suggested by
at least Debian to do this in upstream.

** Build changes.
Some more compiler warnings used and code fixed.  Improved ./configure

* Version 1.9.1 (released 2020-01-14) [beta]

** gsasl: New --mkpasswd argument to prepare salted/hashed passwords.
Currently mechanisms SCRAM-SHA-1 and SCRAM-SHA-256 are supported.  New
parameter --iteration-count to indicate number of PBKDF2 rounds,
default being 65536.  New parameter --salt to specify PBKDF2 salt.

* Version 1.9.0 (released 2020-01-03) [beta]

** Client and server support for SCRAM-SHA-256 and SCRAM-SHA-256-PLUS.

** gsasl: If PORT argument is "587" or "submission", SMTP mode is used.
Further, unrecognized PORT arguments will now on raise an error to
specify --smtp or --imap.

Revision 1.18 / (download) - annotate - [select for diffs], Mon Nov 16 13:05:07 2020 UTC (2 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.17: +11 -1 lines
Diff to previous 1.17 (colored)

gsasl: update to 1.8.1.

* Version 1.8.1 (released 2019-08-02) [stable]

** gsasl: IMAP client code now permits empty SASL tokens prefixed with '+'.
Normally servers should send '+ '.  Buggy servers include Microsoft
Exchange.  Reported by Adam Sj√łgren.

** GSSAPI client: Now retrieves GSASL_AUTHZID for authorization identity.
** GSSAPI client: Can now transmit an empty/missing authorization identity.
See lib/NEWS for more information.

** Build fixes.
Update of gnulib, including how it is bootstrapped.

** i18n: Updated translations.

Revision 1.17 / (download) - annotate - [select for diffs], Wed May 30 06:52:58 2012 UTC (11 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.16: +3 -1 lines
Diff to previous 1.16 (colored)

Changes 1.8.0:
This is a new major stable release.  Brief changes compared to 1.6.x:
* SAML20 support following RFC 6595.
* OPENID20 support following RFC 6616.
* Added SMTP server examples (for e.g., SCRAM, SAML20, OPENID20).
* Various cleanups, portability and other bug fixes.
See the NEWS entries during the 1.7.x branch for details.

Revision 1.16 / (download) - annotate - [select for diffs], Wed Jun 1 10:05:57 2011 UTC (12 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.15: +3 -1 lines
Diff to previous 1.15 (colored)

Changes 1.6.1:
* build: Demand gettext >= 0.18.1 in order to get newer M4 files.
  The old M4 files associated with 0.17 caused problems on Solaris,
  which will hopefully be fixed with this.
* doc: Typo fix in autoconf snippet.
* i18n: Updated translations.

Revision 1.15 / (download) - annotate - [select for diffs], Fri Jan 28 08:16:55 2011 UTC (12 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1
Changes since 1.14: +8 -1 lines
Diff to previous 1.14 (colored)


Revision 1.14 / (download) - annotate - [select for diffs], Fri Nov 7 18:40:52 2008 UTC (14 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4
Changes since 1.13: +3 -1 lines
Diff to previous 1.13 (colored)

Changes 0.2.29:
* gsasl: Don't use poll with POLLOUT to avoid busy-waiting.
* doc: Error codes are now extracted using official library APIs.
* doc: Included cyclomatic code complexity charts of the library code.
* tests: Add self test of obsolete base64 functions.
* Update gnulib files. Improves Windows compatibility.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Sep 8 08:58:49 2008 UTC (14 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Changes since 1.12: +2 -1 lines
Diff to previous 1.12 (colored)

Changes 0.2.28:
* Rewrite to use poll instead of select.
* Improve Windows installation instructions in the manual.
* tests: New self test of gsasl_mechanism_name function.

Revision 1.12 / (download) - annotate - [select for diffs], Thu Aug 14 10:01:03 2008 UTC (14 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)

Changes 0.2.27:
* Fix SASL operations through TLS.
* Update gnulib files, and include gnulib self-tests.
* Update translations.

Revision 1.11 / (download) - annotate - [select for diffs], Wed May 21 15:22:56 2008 UTC (15 years ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)

Update gsasl to 0.2.26.
Based on patch provided by Eric Schnoebelen in PR 38692.
While here, marked as DESTDIR support.
Also fix CONFIGURE option for GSSAPI implement (I don't know from when).

* Version 0.2.26 (released 2008-05-05)

** Translations files not stored directly in git to avoid merge conflicts.
This allows us to avoid use of --no-location which makes the
translation teams happier.

** Build fixes for the documentation.

** Update gnulib files.

* Version 0.2.25 (released 2008-03-10)

** gsasl: Fix buffering issue to avoid mixing stdout/stderr outputs.
This would manifest itself when redirecting output to a pipe, such as
when used with Gnus.  Reported by Enrico Scholz
<>, see

** Fix non-portable use of brace expansion in makefiles.

* Version 0.2.24 (released 2008-01-15)

** Link self-tests with gnulib, to fix link failures under MinGW.

* Version 0.2.23 (released 2008-01-15)

** Improve CRAM-MD5 self-test to detect if challenges are the same.

** Improve gsasl --help and --version to conform with GNU standards.

** Use gettext 0.17.

** Update gnulib files.

* Version 0.2.22 (released 2007-10-08)

** Development git tree moved to savannah.
See <>.

** Fix warnings when building the tool 'gsasl'.

** Update gnulib files.

Revision 1.10 / (download) - annotate - [select for diffs], Thu Oct 25 21:24:53 2007 UTC (15 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.9: +4 -1 lines
Diff to previous 1.9 (colored)

Changes 0.2.21:
* Fix typos in manual.
* Update gnulib files.

Revision 1.9 / (download) - annotate - [select for diffs], Sat Dec 9 14:06:13 2006 UTC (16 years, 5 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4
Changes since 1.8: +3 -1 lines
Diff to previous 1.8 (colored)

Update gsasl to 0.2.15, based on patch provided by PR 33638.

* Version 0.2.15 (released 2006-08-22)

** Changed libgsasl shared library version.
The shared library version was not incremented correctly in the last
release, even though new APIs were added.

* Version 0.2.14 (released 2006-08-19)

** New section "Requirements" in the manual, lists the external components.
Suggested by James Mansion.

** Update of gnulib files.

* Version 0.2.13 (released 2006-06-14)

** Update of gnulib files.
Further improves portability to MinGW.

** Various improvements in the manuals.

** The tests are run under valgrind, if it is installed.
Use --disable-valgrind-tests to unconditionally disable this.  It is
disabled by default for cross compiles.

** Various minor fixes.

* Version 0.2.12 (released 2006-03-08)

** Update of gnulib files.
Improves portability to Mingw32.

* Version 0.2.11 (released 2006-02-07)

** Ported to Windows by cross-compiling using Mingw32.
Using Debian's mingw32 compiler, you can build it for Windows by invoking
`./configure --host=i586-mingw32msvc --disable-gssapi'.

** Update of gnulib files.

* Version 0.2.10 (released 2005-10-23)

** Work around bug in GnuTLS that made the command line tool exit after
** failing to write a zero length message to the peer.

** Don't use GnuTLS if gnutls_certificate_verify_peers2 isn't present.

** Update of gnulib files.

* Version 0.2.9 (released 2005-10-07)

** Update of gnulib files.

* Version 0.2.8 (released 2005-09-08)

** The gsasl tool now support STARTTLS for IMAP and SMTP using GnuTLS.

** The --client and --server parameters for the gsasl tool now work properly.

** The --client and --server stdin/stdout modes now use the readline library.

** Fixed build problems in getpass on uClibc and Mingw32 platforms.

** Kinyarwanda translation added.

* Version 0.2.7 (released 2005-08-25)

** Fix build problems when cross-compiling to uClibc and Mingw32 platforms.

** Detecting and using the readline library has been improved.

* Version 0.2.6 (released 2005-08-08)

** The gsasl tool now try to connect to all addresses for a server name.

** The mailing list is now mentioned in documentation.

** The license template in files were updated with the new FSF address.

** Update of gnulib files.

Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 17 07:07:33 2006 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2
Changes since 1.7: +25 -25 lines
Diff to previous 1.7 (colored)

Strip ${PKGLOCALEDIR} from PLISTs of packages that already obey
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries.  From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.

Revision 1.7 / (download) - annotate - [select for diffs], Fri Mar 31 23:56:29 2006 UTC (17 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)

List the info pages directly in the PLIST and ensure that we honor

Revision 1.6 / (download) - annotate - [select for diffs], Mon Feb 28 13:29:31 2005 UTC (18 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1, pkgsrc-2005Q4-base, pkgsrc-2005Q4, pkgsrc-2005Q3-base, pkgsrc-2005Q3, pkgsrc-2005Q2-base, pkgsrc-2005Q2, pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.5: +4 -1 lines
Diff to previous 1.5 (colored)

Update to 0.2.5:
* Version 0.2.5 (released 2005-02-08)

** Added self test of EXTERNAL mechanism.

** Vietnamese translation added, thanks to Clytie Siddall.

* Version 0.2.4 (released 2005-01-01)

** The CRAM-MD5 mechanism is now preferred over DIGEST-MD5.
This decision was based on recent public research that suggest MD5 is
broken, while HMAC-MD5 not immediately compromised, and the lack of
public analysis on what consequences the MD5 break have for
DIGEST-MD5.  Support for CRAM-SHA1 is under investigation, to enable
users to avoid MD5 completely

** Fixed a bug that prevented SMTP client from working.

** New configure option --disable-obsolete to remove backwards compatibility.
This is mostly intended to be used when compiling for platforms with
constrained memory/space resources.

** DIGEST-MD5 rewritten and enabled by default (see lib/NEWS for details).

** Command line tool now query for realm, hostname and service name properly.

** Documentation updates and improvements.

** Self test improvements.

** Update of gnulib files.

Revision 1.5 / (download) - annotate - [select for diffs], Sun Dec 26 22:56:09 2004 UTC (18 years, 5 months ago) by wiz
Branch: MAIN
Changes since 1.4: +21 -1 lines
Diff to previous 1.4 (colored)

Update to 0.2.3.

* Version 0.2.3 (released 2004-12-15)

** Fix example code to handle base64 encoded data properly.

** DIGEST-MD5 is disabled by default, pending a rewrite for the new API.

** Command line tool uses new callback interface to the library.

** Command line tool uses "iconvme" from gnulib for UTF-8 string conversion.

** Server mode in the command line tool does not work currently.
It is unclear if this feature was ever that useful.  If there are no
objections, it will be removed completely in future versions.

** Documentation fixes.

** Fix self test bugs.

* Version 0.2.2 (released 2004-11-29)

** Update of gnulib files.

* Version 0.2.1 (released 2004-11-19)

** Documentation fixes; the old callback API functions are marked as obsolete.

* Version 0.2.0 (released 2004-11-07)

** Added new directory examples/ with complete examples for new API.

** Documentation improvements.
For example, you can now browse the GNU SASL API manual using DevHelp.

** Update of gnulib files.

** More self tests.

** Translation fixes.

Revision 1.4 / (download) - annotate - [select for diffs], Wed Sep 22 08:09:52 2004 UTC (18 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.3: +1 -5 lines
Diff to previous 1.3 (colored)

Mechanical changes to package PLISTs to make use of LIBTOOLIZE_PLIST.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:


one simply needs:


and will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.

Also make LIBTOOLIZE_PLIST default to "yes".

Revision 1.3 / (download) - annotate - [select for diffs], Sun Sep 19 12:48:45 2004 UTC (18 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3
Changes since 1.2: +31 -9 lines
Diff to previous 1.2 (colored)

Update to 0.1.4, provided by Sergio Jimenez in PR 26974.
Changes since 0.0.8:

* Changes in 0.1.4 (released 2004-08-08)

** Revamp of gnulib compatibility files.

** More translations.
German (by Roland Illig), Basque (by Mikel Olasagasti), French (by
Michel Robitaille), Irish (by Kevin Patrick Scannell), Dutch (by Elros
Cyriatan), Polish (by Jakub Bogusz), Romanian (by Laurentiu Buzdugan),
and Serbian (by Aleksandar Jelenak).

* Changes in 0.1.3 (released 2004-08-04)

** Command line tool support IPv6 (and other protocol families).
Requires that your system has `getaddrinfo'.

** Command line behaviour for gsasl tool improved.
The --client and --imap parameters are now the default.  The --connect
host and port can now be specified directly.  If --authentication-id
is not specified, the username of the user invoking gsasl is used
(i.e., getpwuid(getuid)->pw_name).  Alltogether, this allows simple
usage, as in `gsasl' to connect, via IMAP, to

* Changes in 0.1.2 (released 2004-07-16)

** The SMTP mode in `gsasl' should now work.

** Cross compile builds should work.
It should work for any sane cross compile target, but the only tested
platform is uClibc/uClinux on Motorola Coldfire.

** The GNU Readline library is used to read data, if available.

** Passwords read from stdin are not echoed to the terminal.

* Changes in 0.1.1 (released 2004-06-26)

** In the command line client, the default quality of protection is now none.

* Changes in 0.1.0 (released 2004-04-16)

** The library re-licensed to LGPL and distributed as a separate package.
This means a fork of this NEWS file, all the entries below relate to
the combined work of earlier versions.  New entries above does not
document user visible changes for the library ("libgsasl"), for that
see NEWS in the lib/ sub-directory, which is also distributed as a
stand-alone package.

* Changes in 0.0.14 (released 2004-01-22)

** Moved all mechanism specific code into sub-directories of lib/.
Each backend is built into its own library (e.g.,,
to facilitate future possible use of dlopen to dynamically load

** Moved compatibility files (getopt*) to gl/, and added more (strdup*).

* Changes in 0.0.13 (released 2004-01-17)

** Nettle (the crypto functionality, crypto/) has been updated.
This fixes two portability issues, the new code should work on
platforms that doesn't have inttypes.h and alloca.

* Changes in 0.0.12 (released 2004-01-15)

** Protocol line parser in 'gsasl' tool more reliable.
Earlier it assumed two lines were sent in one packet in one place, and
sent as two packets in another place.

** Various bugfixes.

* Changes in 0.0.11 (released 2004-01-06)

** The client part of CRAM-MD5 now uses SASLprep instead of NFKC.
This aligns with draft-ietf-sasl-crammd5-01.

** The CRAM-MD5 challenge string now conform to the proper syntax.

** The string preparation (SASLprep and trace) functions now work correctly.

** DocBook manuals no longer included.
The reason is that recent DocBook tools from the distribution I use
(Debian) fails with an error.  DocBook manuals may be included in the
future, if I can get the tools to work.

** API and ABI modifications.

* Changes in 0.0.10 (released 2003-11-22)

** The CRAM-MD5 server now reject invalid passwords.
The logic flaw was introduced in 0.0.9, after blindly making code
changes to shut up valgrind just before the release.

** Various build improvements.
Pkg-config is no longer needed.  GTK-DOC is only used if present.

* Changes in 0.0.9 (released 2003-11-21)

** Command line client can talk to SMTP servers with --smtp.

** DocBook manuals in XML, PDF, PostScript, ASCII and HTML formats included.

** Token parser in DIGEST-MD5 fixed, improve interoperability of DIGEST-MD5.

** Libgcrypt >= 1.1.42 is used if available (for CRAM-MD5 and DIGEST-MD5).
The previous libgcrypt API is no longer supported.

** CRAM-MD5 and DIGEST-MD5 no longer require libgcrypt (but can still use it).
If libgcrypt 1.1.42 or later is not found, it uses a minimalistic
cryptographic library based on Nettle, from crypto/.  Currently only
MD5 and HMAC-MD5 is needed, making a dependence on libgcrypt overkill.

** Listing supported server mechanisms with gsasl_server_mechlist work.

** Autoconf 2.59, Automake 1.8 beta, Libtool CVS used.

** Source code for each SASL mechanism moved to its own sub-directory in lib/.

** The command line interface now uses getopt instead of argp.
The reason is portability, this also means we no longer use gnulib.

** API and ABI modifications.
gsasl_randomize: ADD.
gsasl_md5: ADD.
gsasl_hmac_md5: ADD.

gsasl_hexdump: REMOVED.  Never intended to be exported.

gsasl_step: ADD.
gsasl_step64: ADD.
gsasl_client_step: DEPRECATED: use gsasl_step instead.
gsasl_server_step: DEPRECATED: use gsasl_step instead.
gsasl_client_step_base64: DEPRECATED: use gsasl_step64 instead.
gsasl_server_step_base64: DEPRECATED: use gsasl_step64 instead.

gsasl_finish: ADD.
gsasl_client_finish: DEPRECATED: use gsasl_finish instead.
gsasl_server_finish: DEPRECATED: use gsasl_finish instead.

gsasl_ctx_get: ADD.
gsasl_client_ctx_get: DEPRECATED: use gsasl_ctx_get instead.
gsasl_server_ctx_get: DEPRECATED: use gsasl_ctx_get instead.

gsasl_appinfo_get: ADD.
gsasl_appinfo_set: ADD.
gsasl_client_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
gsasl_client_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.
gsasl_server_application_data_get: DEPRECATED: use gsasl_appinfo_get instead.
gsasl_server_application_data_set: DEPRECATED: use gsasl_appinfo_set instead.

Gsasl: ADD.
Gsasl_ctx: DEPRECATED: use Gsasl instead.
Gsasl_session: ADD.
Gsasl_session_ctx: DEPRECATED: use Gsasl_session instead.




Revision 1.2 / (download) - annotate - [select for diffs], Wed Mar 10 00:28:13 2004 UTC (19 years, 2 months ago) by seb
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base, pkgsrc-2004Q2, pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.1: +1 -2 lines
Diff to previous 1.1 (colored)

Remove info files entries from PLIST.

Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 3 19:23:13 2003 UTC (19 years, 5 months ago) by xtraeme
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>