ONEWS   [plain text]

New in 1.5.26
* Interoperability bug in DIGEST-MD5's layers was fixed.
* DIGEST-MD5's DES layer has been disabled until the interoperability 
  can be worked out.

New in 1.5.25

* The DIGEST-MD5 plugin now includes an implementation of RC4, since
  it's a lot easier to get working than interfacing with OpenSSL.
* A delayed-open plugin mode has been implemented, but not yet documented.

New in 1.5.24
* be a little paranoid about what we give PAM
* small bugfixes

New in 1.5.22
* fixed some DIGEST-MD5 buglets
* fixed serious bug that a client could avoid the authorization callback
* added pwcheck method "sia" for Digital Unix
* now should try libdb-3 before libdb.

New in 1.5.21
* build process fixes

New in 1.5.20
* bug fixes
* LOGIN mechanism has a compatibility tweak

New in 1.5.19
* Initial srp work
* Programmers Guide more complete
* bug fixes (of course)

New in 1.5.18
* javasasl library in conformance with internet draft
* man pages for all functions written
* bug fixes (of course)

New in 1.5.17
* give application authentication name and realm more uniformly
* sasldblistusers utility to list users in sasldb
* memory leaks eliminated; boundary cases tested

New in 1.5.16
* pwcheck_method now defaults to sasldb.

* sanity checking inputs throughout the code.
* Unsupported LOGIN plugin added to the Windows build.
* calling sasl_checkpass() with pwcheck_method: kerberos_v4 restores the
  old ticket file before returning.

New in 1.5.15
* configure now correctly detects Berkeley DB 3.x (Claus Assmann).

New in 1.5.14
* Upgraded to libtool 1.3.4.
* External SSF handled more uniformly, and handle min/max SSF requests
* Unsupported LOGIN plugin added, by Rainer Schoepf <>.
  Please don't enable it unless you know you need it.
* HP/UX support, contributed by Claus Assmann.

New in 1.5.13
* Sanity check to make sure there's at least something in sasldb

* Fixes to how external layers are handled (some fixes by Alexey Melnikov)
* Berkeley DB 3.x support contributed by Greg Shapiro
* Additional pwcheck fixes (Joe Hohertz)
* Fixed Heimdal krb5 configure checks
* other random fixes

New in 1.5.12
* lots of bugfixes
* DIGEST-MD5 more in conformance with spec
* support for Berkeley DB
* support for OpenSSL's version of RC4

New in 1.5.11
* bugfix in realm support for DIGEST-MD5

New in 1.5.10
* DIGEST-MD5 layer support
* dbconversion utility added

New in 1.5.9
* Bug fixes
* More win32 support
* Realm support in the database (database format changed again, sorry)
  Other realm support in plugins; need to document it
* Preliminary code for pwcheck added; not yet tested (and probably not 
* config stuff should be less case/whitespace sensitive
* more error conditions logged

New in 1.5.5
* Bug fixes
* sasldb plaintext support (database format changed!!!)
* Handles multiple realms in DIGEST
* New Windows compatibility (tested!)

New in 1.5.3
* Bug fixes
* Tested GSSAPI & added layers
* Some changes for Windows compatibility (next release)

New in 1.5.2
* A few bug fixes
* Better portability
* Upgraded libtool

New in 1.5.0
* Lots of bug fixes
* A few API changes (watch especially sasl_get_prop() and sasl_set_prop()!)
* Digest authentication works
* Configuration file
* Some more documentation (doc/programming)
* Code cleanup

New in 1.4.1
* Tested kerberos4, cram, plain, and anonymous fairly extensively
* Many bugs fixed
* Created sample programs
* Added digest
* Prototype credential API

New in 1.3b1
* Added saslpasswd for setting sasl passwords
* Added sfsasl for people using sfio
* Lots of bug fixes

New in 1.2b3
* Slightly better documentation, easier compilation
* Plain now understands authorization and callbacks

New in 1.2b2
* Win32 support
* Fixes to anonymous, kerberos mechs
* Some signed lengths in the API changed to unsigned

New in 1.2b1
* Lots of bug fixes
* Cleaner getopt interface
* Cleaner plugin callback lookup interface
* Global inits now take callback list, not just a sasl_getopt_t
* Preliminary Java support
* Authentication database hook
* Default AuthDB routines moved from mechanisms to library
* Logging hook
* Default syslog-based logging hook in library
* Preliminary plaintext transition for CRAM/SCRAM