head 1.20; access; symbols pkgsrc-2023Q4:1.20.0.12 pkgsrc-2023Q4-base:1.20 pkgsrc-2023Q3:1.20.0.10 pkgsrc-2023Q3-base:1.20 pkgsrc-2023Q2:1.20.0.8 pkgsrc-2023Q2-base:1.20 pkgsrc-2023Q1:1.20.0.6 pkgsrc-2023Q1-base:1.20 pkgsrc-2022Q4:1.20.0.4 pkgsrc-2022Q4-base:1.20 pkgsrc-2022Q3:1.20.0.2 pkgsrc-2022Q3-base:1.20 pkgsrc-2022Q2:1.19.0.12 pkgsrc-2022Q2-base:1.19 pkgsrc-2022Q1:1.19.0.10 pkgsrc-2022Q1-base:1.19 pkgsrc-2021Q4:1.19.0.8 pkgsrc-2021Q4-base:1.19 pkgsrc-2021Q3:1.19.0.6 pkgsrc-2021Q3-base:1.19 pkgsrc-2021Q2:1.19.0.4 pkgsrc-2021Q2-base:1.19 pkgsrc-2021Q1:1.19.0.2 pkgsrc-2021Q1-base:1.19 pkgsrc-2020Q4:1.18.0.2 pkgsrc-2020Q4-base:1.18 pkgsrc-2020Q3:1.17.0.68 pkgsrc-2020Q3-base:1.17 pkgsrc-2020Q2:1.17.0.64 pkgsrc-2020Q2-base:1.17 pkgsrc-2020Q1:1.17.0.44 pkgsrc-2020Q1-base:1.17 pkgsrc-2019Q4:1.17.0.66 pkgsrc-2019Q4-base:1.17 pkgsrc-2019Q3:1.17.0.62 pkgsrc-2019Q3-base:1.17 pkgsrc-2019Q2:1.17.0.60 pkgsrc-2019Q2-base:1.17 pkgsrc-2019Q1:1.17.0.58 pkgsrc-2019Q1-base:1.17 pkgsrc-2018Q4:1.17.0.56 pkgsrc-2018Q4-base:1.17 pkgsrc-2018Q3:1.17.0.54 pkgsrc-2018Q3-base:1.17 pkgsrc-2018Q2:1.17.0.52 pkgsrc-2018Q2-base:1.17 pkgsrc-2018Q1:1.17.0.50 pkgsrc-2018Q1-base:1.17 pkgsrc-2017Q4:1.17.0.48 pkgsrc-2017Q4-base:1.17 pkgsrc-2017Q3:1.17.0.46 pkgsrc-2017Q3-base:1.17 pkgsrc-2017Q2:1.17.0.42 pkgsrc-2017Q2-base:1.17 pkgsrc-2017Q1:1.17.0.40 pkgsrc-2017Q1-base:1.17 pkgsrc-2016Q4:1.17.0.38 pkgsrc-2016Q4-base:1.17 pkgsrc-2016Q3:1.17.0.36 pkgsrc-2016Q3-base:1.17 pkgsrc-2016Q2:1.17.0.34 pkgsrc-2016Q2-base:1.17 pkgsrc-2016Q1:1.17.0.32 pkgsrc-2016Q1-base:1.17 pkgsrc-2015Q4:1.17.0.30 pkgsrc-2015Q4-base:1.17 pkgsrc-2015Q3:1.17.0.28 pkgsrc-2015Q3-base:1.17 pkgsrc-2015Q2:1.17.0.26 pkgsrc-2015Q2-base:1.17 pkgsrc-2015Q1:1.17.0.24 pkgsrc-2015Q1-base:1.17 pkgsrc-2014Q4:1.17.0.22 pkgsrc-2014Q4-base:1.17 pkgsrc-2014Q3:1.17.0.20 pkgsrc-2014Q3-base:1.17 pkgsrc-2014Q2:1.17.0.18 pkgsrc-2014Q2-base:1.17 pkgsrc-2014Q1:1.17.0.16 pkgsrc-2014Q1-base:1.17 pkgsrc-2013Q4:1.17.0.14 pkgsrc-2013Q4-base:1.17 pkgsrc-2013Q3:1.17.0.12 pkgsrc-2013Q3-base:1.17 pkgsrc-2013Q2:1.17.0.10 pkgsrc-2013Q2-base:1.17 pkgsrc-2013Q1:1.17.0.8 pkgsrc-2013Q1-base:1.17 pkgsrc-2012Q4:1.17.0.6 pkgsrc-2012Q4-base:1.17 pkgsrc-2012Q3:1.17.0.4 pkgsrc-2012Q3-base:1.17 pkgsrc-2012Q2:1.17.0.2 pkgsrc-2012Q2-base:1.17 pkgsrc-2012Q1:1.16.0.8 pkgsrc-2012Q1-base:1.16 pkgsrc-2011Q4:1.16.0.6 pkgsrc-2011Q4-base:1.16 pkgsrc-2011Q3:1.16.0.4 pkgsrc-2011Q3-base:1.16 pkgsrc-2011Q2:1.16.0.2 pkgsrc-2011Q2-base:1.16 pkgsrc-2011Q1:1.15.0.2 pkgsrc-2011Q1-base:1.15 pkgsrc-2010Q4:1.14.0.18 pkgsrc-2010Q4-base:1.14 pkgsrc-2010Q3:1.14.0.16 pkgsrc-2010Q3-base:1.14 pkgsrc-2010Q2:1.14.0.14 pkgsrc-2010Q2-base:1.14 pkgsrc-2010Q1:1.14.0.12 pkgsrc-2010Q1-base:1.14 pkgsrc-2009Q4:1.14.0.10 pkgsrc-2009Q4-base:1.14 pkgsrc-2009Q3:1.14.0.8 pkgsrc-2009Q3-base:1.14 pkgsrc-2009Q2:1.14.0.6 pkgsrc-2009Q2-base:1.14 pkgsrc-2009Q1:1.14.0.4 pkgsrc-2009Q1-base:1.14 pkgsrc-2008Q4:1.14.0.2 pkgsrc-2008Q4-base:1.14 pkgsrc-2008Q3:1.13.0.4 pkgsrc-2008Q3-base:1.13 cube-native-xorg:1.13.0.2 cube-native-xorg-base:1.13 pkgsrc-2008Q2:1.11.0.4 pkgsrc-2008Q2-base:1.11 cwrapper:1.11.0.2 pkgsrc-2008Q1:1.10.0.4 pkgsrc-2008Q1-base:1.10 pkgsrc-2007Q4:1.10.0.2 pkgsrc-2007Q4-base:1.10 pkgsrc-2007Q3:1.9.0.8 pkgsrc-2007Q3-base:1.9 pkgsrc-2007Q2:1.9.0.6 pkgsrc-2007Q2-base:1.9 pkgsrc-2007Q1:1.9.0.4 pkgsrc-2007Q1-base:1.9 pkgsrc-2006Q4:1.9.0.2 pkgsrc-2006Q4-base:1.9 pkgsrc-2006Q3:1.8.0.4 pkgsrc-2006Q3-base:1.8 pkgsrc-2006Q2:1.8.0.2 pkgsrc-2006Q2-base:1.8 pkgsrc-2006Q1:1.6.0.10 pkgsrc-2006Q1-base:1.6 pkgsrc-2005Q4:1.6.0.8 pkgsrc-2005Q4-base:1.6 pkgsrc-2005Q3:1.6.0.6 pkgsrc-2005Q3-base:1.6 pkgsrc-2005Q2:1.6.0.4 pkgsrc-2005Q2-base:1.6 pkgsrc-2005Q1:1.6.0.2 pkgsrc-2005Q1-base:1.6 pkgsrc-2004Q4:1.4.0.2 pkgsrc-2004Q4-base:1.4 pkgsrc-2004Q3:1.3.0.2 pkgsrc-2004Q3-base:1.3 pkgsrc-2004Q2:1.2.0.4 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.2 pkgsrc-2004Q1-base:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.20 date 2022.07.17.08.24.53; author wiz; state Exp; branches; next 1.19; commitid SYqQl6Jq1YLpXdMD; 1.19 date 2021.01.07.22.09.52; author wiz; state Exp; branches; next 1.18; commitid 1cVtMDJd6DJnoQCC; 1.18 date 2020.11.16.13.05.07; author wiz; state Exp; branches; next 1.17; commitid Vuku6dmcdmGf37wC; 1.17 date 2012.05.30.06.52.58; author adam; state Exp; branches; next 1.16; 1.16 date 2011.06.01.10.05.57; author adam; state Exp; branches; next 1.15; 1.15 date 2011.01.28.08.16.55; author adam; state Exp; branches; next 1.14; 1.14 date 2008.11.07.18.40.52; author adam; state Exp; branches; next 1.13; 1.13 date 2008.09.08.08.58.49; author adam; state Exp; branches; next 1.12; 1.12 date 2008.08.14.10.01.03; author adam; state Exp; branches; next 1.11; 1.11 date 2008.05.21.15.22.56; author obache; state Exp; branches; next 1.10; 1.10 date 2007.10.25.21.24.53; author adam; state Exp; branches; next 1.9; 1.9 date 2006.12.09.14.06.13; author obache; state Exp; branches; next 1.8; 1.8 date 2006.04.17.07.07.33; author jlam; state Exp; branches; next 1.7; 1.7 date 2006.03.31.23.56.29; author jlam; state Exp; branches; next 1.6; 1.6 date 2005.02.28.13.29.31; author wiz; state Exp; branches; next 1.5; 1.5 date 2004.12.26.22.56.09; author wiz; state Exp; branches; next 1.4; 1.4 date 2004.09.22.08.09.52; author jlam; state Exp; branches; next 1.3; 1.3 date 2004.09.19.12.48.45; author wiz; state Exp; branches; next 1.2; 1.2 date 2004.03.10.00.28.13; author seb; state Exp; branches; next 1.1; 1.1 date 2003.12.03.19.23.13; author xtraeme; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2003.12.03.19.23.13; author xtraeme; state Exp; branches; next ; desc @@ 1.20 log @gsasl: update to 2.0.1. * Noteworthy changes in release 2.0.1 (2022-07-15) [stable] ** Support for the libgssglue GSS-API library were added. We encourage you to build with libgssglue, as that allows system administrators and end-users to chose between MIT Kerberos, Heimdal and GNU GSS during run-time. Read about the background here: https://blog.josefsson.org/2022/07/14/towards-pluggable-gss-api-modules/ ** GSSAPI client: don't use AUTHID as fallback for AUTHZID. The code historically used the AUTHID as authorization identity, but in 2012 we changed it to first query for AUTHZID, and only if that is not available, fall back to using AUTHID as the authorization identity. The change was not released until version 1.8.1 on 2019-08-02, when it was properly documented to be removed 'after the year 2012'. While documented behaviour, this seems like just surprising behaviour and we now finally make the change. ** GSSAPI server: don't set AUTHZID to empty string when absent. The GSS-API SASL protocol does not differentiate between an absent authorization identity and an authorization identity that is the empty string. Previously libgsasl would set it to the empty string but now it is set to NULL. The manual explains that this is a protocol limitation. ** The examples/smtp-server.c now supports GSSAPI/GS2-KRB5. The example is used during CI/CD testing of GNU SASL and thus it made sense to extend it. Some bugs related to getline error conditions were also fixed. ** GSSAPI server: Fix out-of-bounds read. A malicious client can after it has authenticated with Kerberos send a specially crafted message that causes Libgsasl to read out of bounds and cause a crash in the server. * Noteworthy changes in release 2.0.0 (2022-06-20) [stable] ** Compared to last stable branch 1.10.x the 2.0.0 release ** drops all obsolete APIs, drops the abandoned KERBEROS_V5 mechanism, ** stops shipping a separate tarball for only the library, adds new APIs ** gsasl_mechanism_name_p() and gsasl_property_free(). Numerous other translation improvements, code cleanups, bug fixes, documentation additions, build improvements and portability enhancements were made as well. @ text @@@comment $NetBSD$ bin/gsasl include/gsasl-mech.h include/gsasl-version.h include/gsasl.h info/gsasl.info lib/libgsasl.la lib/pkgconfig/libgsasl.pc man/man1/gsasl.1 man/man3/gsasl_base64_from.3 man/man3/gsasl_base64_to.3 man/man3/gsasl_callback.3 man/man3/gsasl_callback_hook_get.3 man/man3/gsasl_callback_hook_set.3 man/man3/gsasl_callback_set.3 man/man3/gsasl_check_version.3 man/man3/gsasl_client_mechlist.3 man/man3/gsasl_client_start.3 man/man3/gsasl_client_suggest_mechanism.3 man/man3/gsasl_client_support_p.3 man/man3/gsasl_decode.3 man/man3/gsasl_done.3 man/man3/gsasl_encode.3 man/man3/gsasl_finish.3 man/man3/gsasl_free.3 man/man3/gsasl_hash_length.3 man/man3/gsasl_hex_from.3 man/man3/gsasl_hex_to.3 man/man3/gsasl_init.3 man/man3/gsasl_mechanism_name.3 man/man3/gsasl_mechanism_name_p.3 man/man3/gsasl_nonce.3 man/man3/gsasl_property_fast.3 man/man3/gsasl_property_free.3 man/man3/gsasl_property_get.3 man/man3/gsasl_property_set.3 man/man3/gsasl_property_set_raw.3 man/man3/gsasl_random.3 man/man3/gsasl_register.3 man/man3/gsasl_saslprep.3 man/man3/gsasl_scram_secrets_from_password.3 man/man3/gsasl_scram_secrets_from_salted_password.3 man/man3/gsasl_server_mechlist.3 man/man3/gsasl_server_start.3 man/man3/gsasl_server_support_p.3 man/man3/gsasl_session_hook_get.3 man/man3/gsasl_session_hook_set.3 man/man3/gsasl_simple_getpass.3 man/man3/gsasl_step.3 man/man3/gsasl_step64.3 man/man3/gsasl_strerror.3 man/man3/gsasl_strerror_name.3 share/locale/da/LC_MESSAGES/gsasl.mo share/locale/de/LC_MESSAGES/gsasl.mo share/locale/eo/LC_MESSAGES/gsasl.mo share/locale/es/LC_MESSAGES/gsasl.mo share/locale/eu/LC_MESSAGES/gsasl.mo share/locale/fi/LC_MESSAGES/gsasl.mo share/locale/fr/LC_MESSAGES/gsasl.mo share/locale/ga/LC_MESSAGES/gsasl.mo share/locale/hr/LC_MESSAGES/gsasl.mo share/locale/hu/LC_MESSAGES/gsasl.mo share/locale/id/LC_MESSAGES/gsasl.mo share/locale/it/LC_MESSAGES/gsasl.mo share/locale/nl/LC_MESSAGES/gsasl.mo share/locale/pl/LC_MESSAGES/gsasl.mo share/locale/pt_BR/LC_MESSAGES/gsasl.mo share/locale/ro/LC_MESSAGES/gsasl.mo share/locale/sk/LC_MESSAGES/gsasl.mo share/locale/sq/LC_MESSAGES/gsasl.mo share/locale/sr/LC_MESSAGES/gsasl.mo share/locale/sv/LC_MESSAGES/gsasl.mo share/locale/uk/LC_MESSAGES/gsasl.mo share/locale/vi/LC_MESSAGES/gsasl.mo share/locale/zh_CN/LC_MESSAGES/gsasl.mo share/locale/zh_TW/LC_MESSAGES/gsasl.mo @ 1.19 log @gsasl: update to 1.10.0. * Version 1.10.0 (released 2021-01-01) [stable] ** This is a new major stable release. Brief changes compared to 1.8.x: *** SCRAM-SHA-256 and SCRAM-SHA-256-PLUS support per RFC 7677. *** SCRAM supports password-less usage (StoredKey/ServerKey). *** New 'gsasl --mkpasswd' command to prepare SCRAM salted/hashed passwords. *** Final warning that obsolete APIs will be removed. *** Various cleanups, portability and other bug fixes. See the entries in NEWS and lib/NEWS covering the 1.9.x branch for details. * Version 1.9.3 (released 2021-01-01) [beta] ** Fix build/portability problems. GnuTLS >= 3.4 is required. Thanks to Bruno Haible for reports. * Version 1.9.2 (released 2020-12-24) [beta] ** gsasl: Don't abort command on some exepected TLS events (for TLS 1.3). Patch from Enrico Scholz in: https://lists.gnu.org/archive/html/help-gsasl/2020-08/msg00000.html ** gsasl: Use GnuTLS system trust settings by default for X.509 server ** certificate validation. Before it was documented behaviour that unless --x509-ca-file was used, no verification of the server-side certificate was performed. Now instead it will use the system trust settings, which on properly configured systems results in verification of the server certificate. As a result, you may now start to get server certificate verification errors in situations where you didn't expect them. Use --x509-ca-file with the empty string ("") as a file name to use the old behaviour to not abort on server certificate verification failures. ** SCRAM, GS2 and GSSAPI retrieve properties later in ** the authentication process. Before the property GSASL_CB_TLS_UNIQUE was retrieved during SCRAM gsasl_client_start() and gsasl_server_start(), and the properties GSSAPI_SERVICE and GSSAPI_HOSTNAME was retrived during GS2/GSSAPI gsasl_server_start(). Now they are retrieved during the first call to gsasl_step(). The only user-visible impact of this should be that 'gsasl --client-mechanisms' and 'gsasl --server-mechanisms' will now not query for parameters before giving a list of supported mechanisms, which arguable gives a better user experience. The downside of this is that SCRAM-*-PLUS, GS2 and GSSAPI may be advertised even though completing the server mechanism may not complete. The problem with calling callbacks in the start() function is that the callback will have no per-session context at that point, only a global context, so the only way to give per-session unique callback responses is to use a separate global handle per session. This was discovered in the Exim implementation of gsasl with SCRAM that used to request the GSASL_CB_TLS_UNIQUE property in the start() function. After noticing this design issue, and writing this self test, it was discovered that it also happened for the GSSAPI/GS2 server (not client) mechanism for the GSASL_SERVICE and GSASL_HOSTNAME properties. Thanks to Jeremy Harris for noticing the problem and discussion, see https://lists.gnu.org/archive/html/help-gsasl/2020-01/msg00035.html ** gsasl: The --mkpasswd output format follows Dovecot 'doveadm pw'. ** Filenames of images in the manual are now prefixed with 'gsasl-'. This makes /usr/share/info more understandable, and it is suggested by at least Debian to do this in upstream. ** Build changes. Some more compiler warnings used and code fixed. Improved ./configure diagnostics. * Version 1.9.1 (released 2020-01-14) [beta] ** gsasl: New --mkpasswd argument to prepare salted/hashed passwords. Currently mechanisms SCRAM-SHA-1 and SCRAM-SHA-256 are supported. New parameter --iteration-count to indicate number of PBKDF2 rounds, default being 65536. New parameter --salt to specify PBKDF2 salt. * Version 1.9.0 (released 2020-01-03) [beta] ** Client and server support for SCRAM-SHA-256 and SCRAM-SHA-256-PLUS. ** gsasl: If PORT argument is "587" or "submission", SMTP mode is used. Further, unrecognized PORT arguments will now on raise an error to specify --smtp or --imap. @ text @a2 1 include/gsasl-compat.h d4 1 a9 6 man/man3/gsasl_appinfo_get.3 man/man3/gsasl_appinfo_set.3 man/man3/gsasl_application_data_get.3 man/man3/gsasl_application_data_set.3 man/man3/gsasl_base64_decode.3 man/man3/gsasl_base64_encode.3 a16 25 man/man3/gsasl_client_application_data_get.3 man/man3/gsasl_client_application_data_set.3 man/man3/gsasl_client_callback_anonymous_get.3 man/man3/gsasl_client_callback_anonymous_set.3 man/man3/gsasl_client_callback_authentication_id_get.3 man/man3/gsasl_client_callback_authentication_id_set.3 man/man3/gsasl_client_callback_authorization_id_get.3 man/man3/gsasl_client_callback_authorization_id_set.3 man/man3/gsasl_client_callback_maxbuf_get.3 man/man3/gsasl_client_callback_maxbuf_set.3 man/man3/gsasl_client_callback_passcode_get.3 man/man3/gsasl_client_callback_passcode_set.3 man/man3/gsasl_client_callback_password_get.3 man/man3/gsasl_client_callback_password_set.3 man/man3/gsasl_client_callback_pin_get.3 man/man3/gsasl_client_callback_pin_set.3 man/man3/gsasl_client_callback_qop_get.3 man/man3/gsasl_client_callback_qop_set.3 man/man3/gsasl_client_callback_realm_get.3 man/man3/gsasl_client_callback_realm_set.3 man/man3/gsasl_client_callback_service_get.3 man/man3/gsasl_client_callback_service_set.3 man/man3/gsasl_client_ctx_get.3 man/man3/gsasl_client_finish.3 man/man3/gsasl_client_listmech.3 a18 2 man/man3/gsasl_client_step.3 man/man3/gsasl_client_step_base64.3 a20 1 man/man3/gsasl_ctx_get.3 a21 1 man/man3/gsasl_decode_inline.3 a23 1 man/man3/gsasl_encode_inline.3 a28 2 man/man3/gsasl_hmac_md5.3 man/man3/gsasl_hmac_sha1.3 a29 2 man/man3/gsasl_md5.3 man/man3/gsasl_md5pwd_get_password.3 d31 1 d34 1 a38 1 man/man3/gsasl_randomize.3 a42 31 man/man3/gsasl_server_application_data_get.3 man/man3/gsasl_server_application_data_set.3 man/man3/gsasl_server_callback_anonymous_get.3 man/man3/gsasl_server_callback_anonymous_set.3 man/man3/gsasl_server_callback_cipher_get.3 man/man3/gsasl_server_callback_cipher_set.3 man/man3/gsasl_server_callback_cram_md5_get.3 man/man3/gsasl_server_callback_cram_md5_set.3 man/man3/gsasl_server_callback_digest_md5_get.3 man/man3/gsasl_server_callback_digest_md5_set.3 man/man3/gsasl_server_callback_external_get.3 man/man3/gsasl_server_callback_external_set.3 man/man3/gsasl_server_callback_gssapi_get.3 man/man3/gsasl_server_callback_gssapi_set.3 man/man3/gsasl_server_callback_maxbuf_get.3 man/man3/gsasl_server_callback_maxbuf_set.3 man/man3/gsasl_server_callback_qop_get.3 man/man3/gsasl_server_callback_qop_set.3 man/man3/gsasl_server_callback_realm_get.3 man/man3/gsasl_server_callback_realm_set.3 man/man3/gsasl_server_callback_retrieve_get.3 man/man3/gsasl_server_callback_retrieve_set.3 man/man3/gsasl_server_callback_securid_get.3 man/man3/gsasl_server_callback_securid_set.3 man/man3/gsasl_server_callback_service_get.3 man/man3/gsasl_server_callback_service_set.3 man/man3/gsasl_server_callback_validate_get.3 man/man3/gsasl_server_callback_validate_set.3 man/man3/gsasl_server_ctx_get.3 man/man3/gsasl_server_finish.3 man/man3/gsasl_server_listmech.3 a44 3 man/man3/gsasl_server_step.3 man/man3/gsasl_server_step_base64.3 man/man3/gsasl_server_suggest_mechanism.3 a47 1 man/man3/gsasl_sha1.3 a52 3 man/man3/gsasl_stringprep_nfkc.3 man/man3/gsasl_stringprep_saslprep.3 man/man3/gsasl_stringprep_trace.3 a53 1 share/locale/da/LC_MESSAGES/libgsasl.mo a54 5 share/locale/de/LC_MESSAGES/libgsasl.mo share/locale/en@@boldquot/LC_MESSAGES/gsasl.mo share/locale/en@@boldquot/LC_MESSAGES/libgsasl.mo share/locale/en@@quot/LC_MESSAGES/gsasl.mo share/locale/en@@quot/LC_MESSAGES/libgsasl.mo a55 1 share/locale/eo/LC_MESSAGES/libgsasl.mo a56 1 share/locale/es/LC_MESSAGES/libgsasl.mo a58 1 share/locale/fi/LC_MESSAGES/libgsasl.mo a59 1 share/locale/fr/LC_MESSAGES/libgsasl.mo a60 1 share/locale/ga/LC_MESSAGES/libgsasl.mo a62 1 share/locale/hu/LC_MESSAGES/libgsasl.mo a63 1 share/locale/id/LC_MESSAGES/libgsasl.mo a64 1 share/locale/it/LC_MESSAGES/libgsasl.mo a65 1 share/locale/nl/LC_MESSAGES/libgsasl.mo a66 1 share/locale/pl/LC_MESSAGES/libgsasl.mo a67 1 share/locale/pt_BR/LC_MESSAGES/libgsasl.mo a68 1 share/locale/ro/LC_MESSAGES/libgsasl.mo a69 1 share/locale/sk/LC_MESSAGES/libgsasl.mo a71 1 share/locale/sr/LC_MESSAGES/libgsasl.mo a72 1 share/locale/sv/LC_MESSAGES/libgsasl.mo a73 1 share/locale/uk/LC_MESSAGES/libgsasl.mo a74 1 share/locale/vi/LC_MESSAGES/libgsasl.mo a75 1 share/locale/zh_CN/LC_MESSAGES/libgsasl.mo @ 1.18 log @gsasl: update to 1.8.1. * Version 1.8.1 (released 2019-08-02) [stable] ** gsasl: IMAP client code now permits empty SASL tokens prefixed with '+'. Normally servers should send '+ '. Buggy servers include Microsoft Exchange. Reported by Adam Sjøgren. ** GSSAPI client: Now retrieves GSASL_AUTHZID for authorization identity. ** GSSAPI client: Can now transmit an empty/missing authorization identity. See lib/NEWS for more information. ** Build fixes. Update of gnulib, including how it is bootstrapped. ** i18n: Updated translations. @ text @d62 3 d80 2 @ 1.17 log @Changes 1.8.0: This is a new major stable release. Brief changes compared to 1.6.x: * SAML20 support following RFC 6595. * OPENID20 support following RFC 6616. * Added SMTP server examples (for e.g., SCRAM, SAML20, OPENID20). * Various cleanups, portability and other bug fixes. See the NEWS entries during the 1.7.x branch for details. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.16 2011/06/01 10:05:57 adam Exp $ d125 2 d128 1 d135 2 d144 3 d155 2 @ 1.16 log @Changes 1.6.1: * build: Demand gettext >= 0.18.1 in order to get newer M4 files. The old M4 files associated with 0.17 caused problems on Solaris, which will hopefully be fixed with this. * doc: Typo fix in autoconf snippet. * i18n: Updated translations. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.15 2011/01/28 08:16:55 adam Exp $ d156 2 @ 1.15 log @PLIST fix @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.14 2008/11/07 18:40:52 adam Exp $ d130 2 @ 1.14 log @Changes 0.2.29: * gsasl: Don't use poll with POLLOUT to avoid busy-waiting. * doc: Error codes are now extracted using official library APIs. * doc: Included cyclomatic code complexity charts of the library code. * tests: Add self test of obsolete base64 functions. * Update gnulib files. Improves Windows compatibility. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.13 2008/09/08 08:58:49 adam Exp $ d63 1 d116 1 d131 2 d139 2 d147 1 @ 1.13 log @Changes 0.2.28: * Rewrite to use poll instead of select. * Improve Windows installation instructions in the manual. * tests: New self test of gsasl_mechanism_name function. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.12 2008/08/14 10:01:03 adam Exp $ d119 1 d134 1 @ 1.12 log @Changes 0.2.27: * Fix SASL operations through TLS. * Update gnulib files, and include gnulib self-tests. * Update translations. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.11 2008/05/21 15:22:56 obache Exp $ d66 1 @ 1.11 log @Update gsasl to 0.2.26. Based on patch provided by Eric Schnoebelen in PR 38692. While here, marked as DESTDIR support. Also fix CONFIGURE option for GSSAPI implement (I don't know from when). * Version 0.2.26 (released 2008-05-05) ** Translations files not stored directly in git to avoid merge conflicts. This allows us to avoid use of --no-location which makes the translation teams happier. ** Build fixes for the documentation. ** Update gnulib files. * Version 0.2.25 (released 2008-03-10) ** gsasl: Fix buffering issue to avoid mixing stdout/stderr outputs. This would manifest itself when redirecting output to a pipe, such as when used with Gnus. Reported by Enrico Scholz , see . ** Fix non-portable use of brace expansion in makefiles. * Version 0.2.24 (released 2008-01-15) ** Link self-tests with gnulib, to fix link failures under MinGW. * Version 0.2.23 (released 2008-01-15) ** Improve CRAM-MD5 self-test to detect if challenges are the same. ** Improve gsasl --help and --version to conform with GNU standards. ** Use gettext 0.17. ** Update gnulib files. * Version 0.2.22 (released 2007-10-08) ** Development git tree moved to savannah. See . ** Fix warnings when building the tool 'gsasl'. ** Update gnulib files. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.10 2007/10/25 21:24:53 adam Exp $ d147 1 @ 1.10 log @Changes 0.2.21: * Fix typos in manual. * Update gnulib files. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.9 2006/12/09 14:06:13 obache Exp $ d138 1 @ 1.9 log @Update gsasl to 0.2.15, based on patch provided by PR 33638. * Version 0.2.15 (released 2006-08-22) ** Changed libgsasl shared library version. The shared library version was not incremented correctly in the last release, even though new APIs were added. * Version 0.2.14 (released 2006-08-19) ** New section "Requirements" in the manual, lists the external components. Suggested by James Mansion. ** Update of gnulib files. * Version 0.2.13 (released 2006-06-14) ** Update of gnulib files. Further improves portability to MinGW. ** Various improvements in the manuals. ** The tests are run under valgrind, if it is installed. Use --disable-valgrind-tests to unconditionally disable this. It is disabled by default for cross compiles. ** Various minor fixes. * Version 0.2.12 (released 2006-03-08) ** Update of gnulib files. Improves portability to Mingw32. * Version 0.2.11 (released 2006-02-07) ** Ported to Windows by cross-compiling using Mingw32. Using Debian's mingw32 compiler, you can build it for Windows by invoking `./configure --host=i586-mingw32msvc --disable-gssapi'. ** Update of gnulib files. * Version 0.2.10 (released 2005-10-23) ** Work around bug in GnuTLS that made the command line tool exit after ** failing to write a zero length message to the peer. ** Don't use GnuTLS if gnutls_certificate_verify_peers2 isn't present. ** Update of gnulib files. * Version 0.2.9 (released 2005-10-07) ** Update of gnulib files. * Version 0.2.8 (released 2005-09-08) ** The gsasl tool now support STARTTLS for IMAP and SMTP using GnuTLS. ** The --client and --server parameters for the gsasl tool now work properly. ** The --client and --server stdin/stdout modes now use the readline library. ** Fixed build problems in getpass on uClibc and Mingw32 platforms. ** Kinyarwanda translation added. * Version 0.2.7 (released 2005-08-25) ** Fix build problems when cross-compiling to uClibc and Mingw32 platforms. ** Detecting and using the readline library has been improved. * Version 0.2.6 (released 2005-08-08) ** The gsasl tool now try to connect to all addresses for a server name. ** The help-gsasl@@gnu.org mailing list is now mentioned in documentation. ** The license template in files were updated with the new FSF address. ** Update of gnulib files. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.8 2006/04/17 07:07:33 jlam Exp $ d61 1 d131 1 d146 1 @ 1.8 log @Strip ${PKGLOCALEDIR} from PLISTs of packages that already obey PKGLOCALEDIR and which install their locale files directly under ${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now on, pkgsrc/mk/plist/plist-locale.awk will automatically handle transforming the PLIST to refer to the correct locale directory. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.7 2006/03/31 23:56:29 jlam Exp $ d111 2 @ 1.7 log @List the info pages directly in the PLIST and ensure that we honor PKGINFODIR. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.6 2005/02/28 13:29:31 wiz Exp $ d118 24 a141 24 ${PKGLOCALEDIR}/locale/de/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/en@@boldquot/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/en@@boldquot/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/en@@quot/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/en@@quot/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/eu/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/fr/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/fr/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/ga/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/ga/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/nl/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/nl/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/pl/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/pl/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/ro/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/ro/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/sq/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/sr/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/sr/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/vi/LC_MESSAGES/gsasl.mo ${PKGLOCALEDIR}/locale/vi/LC_MESSAGES/libgsasl.mo ${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/gsasl.mo @ 1.6 log @Update to 0.2.5: * Version 0.2.5 (released 2005-02-08) ** Added self test of EXTERNAL mechanism. ** Vietnamese translation added, thanks to Clytie Siddall. * Version 0.2.4 (released 2005-01-01) ** The CRAM-MD5 mechanism is now preferred over DIGEST-MD5. This decision was based on recent public research that suggest MD5 is broken, while HMAC-MD5 not immediately compromised, and the lack of public analysis on what consequences the MD5 break have for DIGEST-MD5. Support for CRAM-SHA1 is under investigation, to enable users to avoid MD5 completely ** Fixed a bug that prevented SMTP client from working. ** New configure option --disable-obsolete to remove backwards compatibility. This is mostly intended to be used when compiling for platforms with constrained memory/space resources. ** DIGEST-MD5 rewritten and enabled by default (see lib/NEWS for details). ** Command line tool now query for realm, hostname and service name properly. ** Documentation updates and improvements. ** Self test improvements. ** Update of gnulib files. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.5 2004/12/26 22:56:09 wiz Exp $ d6 1 @ 1.5 log @Update to 0.2.3. * Version 0.2.3 (released 2004-12-15) ** Fix example code to handle base64 encoded data properly. ** DIGEST-MD5 is disabled by default, pending a rewrite for the new API. ** Command line tool uses new callback interface to the library. ** Command line tool uses "iconvme" from gnulib for UTF-8 string conversion. ** Server mode in the command line tool does not work currently. It is unclear if this feature was ever that useful. If there are no objections, it will be removed completely in future versions. ** Documentation fixes. ** Fix self test bugs. * Version 0.2.2 (released 2004-11-29) ** Update of gnulib files. * Version 0.2.1 (released 2004-11-19) ** Documentation fixes; the old callback API functions are marked as obsolete. * Version 0.2.0 (released 2004-11-07) ** Added new directory examples/ with complete examples for new API. ** Documentation improvements. For example, you can now browse the GNU SASL API manual using DevHelp. ** Update of gnulib files. ** More self tests. ** Translation fixes. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.4 2004/09/22 08:09:52 jlam Exp $ d110 1 d138 2 @ 1.4 log @Mechanical changes to package PLISTs to make use of LIBTOOLIZE_PLIST. All library names listed by *.la files no longer need to be listed in the PLIST, e.g., instead of: lib/libfoo.a lib/libfoo.la lib/libfoo.so lib/libfoo.so.0 lib/libfoo.so.0.1 one simply needs: lib/libfoo.la and bsd.pkg.mk will automatically ensure that the additional library names are listed in the installed package +CONTENTS file. Also make LIBTOOLIZE_PLIST default to "yes". @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.3 2004/09/19 12:48:45 wiz Exp $ d3 2 d15 6 d55 1 d58 1 d65 4 d71 2 d125 1 d132 1 d134 1 d137 1 @ 1.3 log @Update to 0.1.4, provided by Sergio Jimenez in PR 26974. Changes since 0.0.8: * Changes in 0.1.4 (released 2004-08-08) ** Revamp of gnulib compatibility files. ** More translations. German (by Roland Illig), Basque (by Mikel Olasagasti), French (by Michel Robitaille), Irish (by Kevin Patrick Scannell), Dutch (by Elros Cyriatan), Polish (by Jakub Bogusz), Romanian (by Laurentiu Buzdugan), and Serbian (by Aleksandar Jelenak). * Changes in 0.1.3 (released 2004-08-04) ** Command line tool support IPv6 (and other protocol families). Requires that your system has `getaddrinfo'. ** Command line behaviour for gsasl tool improved. The --client and --imap parameters are now the default. The --connect host and port can now be specified directly. If --authentication-id is not specified, the username of the user invoking gsasl is used (i.e., getpwuid(getuid)->pw_name). Alltogether, this allows simple usage, as in `gsasl mail.example.com' to connect, via IMAP, to mail.example.com. * Changes in 0.1.2 (released 2004-07-16) ** The SMTP mode in `gsasl' should now work. ** Cross compile builds should work. It should work for any sane cross compile target, but the only tested platform is uClibc/uClinux on Motorola Coldfire. ** The GNU Readline library is used to read data, if available. ** Passwords read from stdin are not echoed to the terminal. * Changes in 0.1.1 (released 2004-06-26) ** In the command line client, the default quality of protection is now none. * Changes in 0.1.0 (released 2004-04-16) ** The library re-licensed to LGPL and distributed as a separate package. This means a fork of this NEWS file, all the entries below relate to the combined work of earlier versions. New entries above does not document user visible changes for the library ("libgsasl"), for that see NEWS in the lib/ sub-directory, which is also distributed as a stand-alone package. * Changes in 0.0.14 (released 2004-01-22) ** Moved all mechanism specific code into sub-directories of lib/. Each backend is built into its own library (e.g., libgsasl-plain.so), to facilitate future possible use of dlopen to dynamically load backends. ** Moved compatibility files (getopt*) to gl/, and added more (strdup*). * Changes in 0.0.13 (released 2004-01-17) ** Nettle (the crypto functionality, crypto/) has been updated. This fixes two portability issues, the new code should work on platforms that doesn't have inttypes.h and alloca. * Changes in 0.0.12 (released 2004-01-15) ** Protocol line parser in 'gsasl' tool more reliable. Earlier it assumed two lines were sent in one packet in one place, and sent as two packets in another place. ** Various bugfixes. * Changes in 0.0.11 (released 2004-01-06) ** The client part of CRAM-MD5 now uses SASLprep instead of NFKC. This aligns with draft-ietf-sasl-crammd5-01. ** The CRAM-MD5 challenge string now conform to the proper syntax. ** The string preparation (SASLprep and trace) functions now work correctly. ** DocBook manuals no longer included. The reason is that recent DocBook tools from the distribution I use (Debian) fails with an error. DocBook manuals may be included in the future, if I can get the tools to work. ** API and ABI modifications. GSASL_SASLPREP_ERROR: ADD. * Changes in 0.0.10 (released 2003-11-22) ** The CRAM-MD5 server now reject invalid passwords. The logic flaw was introduced in 0.0.9, after blindly making code changes to shut up valgrind just before the release. ** Various build improvements. Pkg-config is no longer needed. GTK-DOC is only used if present. * Changes in 0.0.9 (released 2003-11-21) ** Command line client can talk to SMTP servers with --smtp. ** DocBook manuals in XML, PDF, PostScript, ASCII and HTML formats included. ** Token parser in DIGEST-MD5 fixed, improve interoperability of DIGEST-MD5. ** Libgcrypt >= 1.1.42 is used if available (for CRAM-MD5 and DIGEST-MD5). The previous libgcrypt API is no longer supported. ** CRAM-MD5 and DIGEST-MD5 no longer require libgcrypt (but can still use it). If libgcrypt 1.1.42 or later is not found, it uses a minimalistic cryptographic library based on Nettle, from crypto/. Currently only MD5 and HMAC-MD5 is needed, making a dependence on libgcrypt overkill. ** Listing supported server mechanisms with gsasl_server_mechlist work. ** Autoconf 2.59, Automake 1.8 beta, Libtool CVS used. ** Source code for each SASL mechanism moved to its own sub-directory in lib/. ** The command line interface now uses getopt instead of argp. The reason is portability, this also means we no longer use gnulib. ** API and ABI modifications. gsasl_randomize: ADD. gsasl_md5: ADD. gsasl_hmac_md5: ADD. gsasl_hexdump: REMOVED. Never intended to be exported. gsasl_step: ADD. gsasl_step64: ADD. gsasl_client_step: DEPRECATED: use gsasl_step instead. gsasl_server_step: DEPRECATED: use gsasl_step instead. gsasl_client_step_base64: DEPRECATED: use gsasl_step64 instead. gsasl_server_step_base64: DEPRECATED: use gsasl_step64 instead. gsasl_finish: ADD. gsasl_client_finish: DEPRECATED: use gsasl_finish instead. gsasl_server_finish: DEPRECATED: use gsasl_finish instead. gsasl_ctx_get: ADD. gsasl_client_ctx_get: DEPRECATED: use gsasl_ctx_get instead. gsasl_server_ctx_get: DEPRECATED: use gsasl_ctx_get instead. gsasl_appinfo_get: ADD. gsasl_appinfo_set: ADD. gsasl_client_application_data_get: DEPRECATED: use gsasl_appinfo_get instead. gsasl_client_application_data_set: DEPRECATED: use gsasl_appinfo_set instead. gsasl_server_application_data_get: DEPRECATED: use gsasl_appinfo_get instead. gsasl_server_application_data_set: DEPRECATED: use gsasl_appinfo_set instead. Gsasl: ADD. Gsasl_ctx: DEPRECATED: use Gsasl instead. Gsasl_session: ADD. Gsasl_session_ctx: DEPRECATED: use Gsasl_session instead. GSASL_CRYPTO_ERROR: ADD, replaces deprecated GSASL_LIBGCRYPT_ERROR. GSASL_LIBGCRYPT_ERROR: DEPRECATED: use GSASL_CRYPTO_ERROR instead. GSASL_KERBEROS_V5_INTERNAL_ERROR: ADD, replaces deprecated GSASL_SHISHI_ERROR. GSASL_SHISHI_ERROR: DEPRECATED: use GSASL_KERBEROS_V5_INTERNAL_ERROR instead. GSASL_INVALID_HANDLE: ADD. @ text @d1 1 a1 1 @@comment $NetBSD$ a3 1 lib/libgsasl.a a4 3 lib/libgsasl.so lib/libgsasl.so.6 lib/libgsasl.so.6.3 @ 1.2 log @Remove info files entries from PLIST. @ text @d1 1 a1 1 @@comment $NetBSD: PLIST,v 1.1.1.1 2003/12/03 19:23:13 xtraeme Exp $ d7 2 a8 2 lib/libgsasl.so.4 lib/libgsasl.so.4.0 d11 2 d49 1 d53 2 a54 1 man/man3/gsasl_hexdump.3 d56 1 d58 3 d98 2 d104 16 a119 4 share/doc/html/gsasl/c4.html share/doc/html/gsasl/gsasl-gsasl.html share/doc/html/gsasl/index.html share/doc/html/gsasl/index.sgml d121 1 a121 1 @@dirrm share/doc/html/gsasl @ 1.1 log @Initial revision @ text @d1 1 a1 1 @@comment $NetBSD$ a3 1 info/gsasl.info @ 1.1.1.1 log @Initial import gsasl-0.0.8 from pkgsrc-wip. GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers (e.g., IMAP, SMTP) to request authentication from clients, and in clients to authenticate against servers. GNU SASL contains a library (`libgsasl'), a command line utility (`gsasl') to access the library from the shell, and a manual. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM and KERBEROS_V5 mechanisms. @ text @@