<HTML><HEAD> <title>Cyrus SASLv2 README</title> <!-- $Id: readme.html,v 1.9 2002/10/21 14:39:15 ken3 Exp $ --> </HEAD> <BODY> <H1>Read Me First</H1> This document offers a general overview of the SASL library. <H2>FEATURES</H2> The following <a href="mechanisms.html">mechanisms</a> are included in this distribution: <ul> <li>ANONYMOUS <li>CRAM-MD5 <li>DIGEST-MD5 <li>EXTERNAL <li>GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5) <li>KERBEROS_V4 <li>LOGIN <li>NTLM (requires OpenSSL libcrypto) <li>OTP (requires OpenSSL libcrypto) <li>PLAIN <li>SRP (work in progress; requires OpenSSL libcrypto) </ul> The library uses a Berkeley DB, gdbm or ndbm file on the server side to store per-user authentication secrets. The utility <tt>saslpasswd</tt> has been included for adding authentication secrets to the file.<p> PLAIN uses the saslauthd (preferred and now standard), the pwcheck daemon (obsolete), or an auxilliary property plugin (for example, sasldb).<p> The sample directory contains two programs which provide a reference for using the library, as well as making it easy to test a mechanism on the command line. See <a href="programming.html">programming.html</a> for more information.<p> This library is believed to be thread safe IF: <ul> <li>you supply mutex functions (see sasl_set_mutex()) <li>you make no libsasl calls until sasl_client/server_init() completes <li>no libsasl calls are made after sasl_done() is begun <li>the GSSAPI plugin requires a thread-safe GSS Kerberos 5 library. </ul> <H2>INSTALLATION</H2> If you are upgrading from libsasl v1, please see <a href="upgrading.html">upgrading.html</a>.<p> Please see the file <a href="install.html">install.html</a> to install this package. We hope it to be relatively straightforward; if you try it on systems that we haven't, please contact us with your experiences.<p> The library uses the environment variable SASL_PATH to locate the directory where the mechanisms are; this should be a colon-separated list of directories containing plugins. <H2>INSTALLATION ON MAC OS X</H2> Please read <A HREF="macosx.html">macosx.html</A> <H2>CONFIGURATION</H2> By default, libsasl looks for configuration files in /usr/lib/sasl/Appname.conf where Appname is settable by the application (for example, Sendmail 8.10 and later set this to "Sendmail"). Applications can also override this default configuration mechanism.<p> For a detailed guide on configuring libsasl, please look at <A HREF=sysadmin.html>sysadmin.html</A> and <A HREF=options.html>options.html</A> <H2>KNOWN BUGS</H2> <ul> <li>There are some interoperability problems with the DIGEST-MD5 plugin. <li>libtool doesn't always link libraries together. In our environment, we only have static Krb5 libraries; the GSSAPI plugin should link these libraries in on platforms that support it (Solaris and Linux among them) but it does not. It also doesn't always get the runpath of libraries correct. <li>Also see the "TODO" file and our <A HREF=http://bugzilla.andrew.cmu.edu>bugzilla</A>. </ul> <H2>UPGRADING from Cyrus SASL v1</H2> See <a href="upgrading.html">upgrading.html</a>. <H2>AUTHORS</H2> For any comments/suggestions/bug reports, please contact <a href="mailto:cyrus-bugs@andrew.cmu.edu">cyrus-bugs@andrew.cmu.edu</a>. Be sure to include the version of libsasl and your operating system; messages without this information will not be answered.<p> Major contributors to the libsasl code can be found in the top-level file AUTHORS.<p> <hr> Back to the <A href=index.html>index</a> </body> </html>