Permalink
Commits on Jun 2, 2010
  1. Release 2.15

    gbarr committed Jun 2, 2010
  2. Makes sure that user callbacks are called

    yannk committed with gbarr Jun 1, 2010
    Even for dumb mechanisms like LOGIN and PLAIN
Commits on Mar 29, 2010
  1. Release 2.1401

    gbarr committed Mar 29, 2010
Commits on Mar 11, 2010
  1. Release 2.14

    gbarr committed Mar 11, 2010
  2. update .gitignore

    gbarr committed Mar 11, 2010
Commits on Sep 25, 2009
  1. Skip tests requiring Crypt::*

    yannk committed with gbarr Sep 25, 2009
    This fixes a problem with the test suite failing on some system
Commits on Sep 24, 2009
  1. Transformed server_start and server_step to use callbacks

    yannk committed with gbarr Mar 5, 2009
    allowing me to execute SASL negotiations fully asynchronously within
    djabberd.
    
    Tests are still expecting a linear run
  2. set_success really returns the status, there is no need

    yannk committed with gbarr Feb 11, 2009
    to return 1 for PLAIN authentication, otherwise this is
    sent to the client which confuses some implementations.
  3. removed the SQOP global variable hack that I used in tests

    yannk committed with gbarr Jan 24, 2009
    to change qop for the server
  4. revised server_new and the options that can be passed to it

    yannk committed with gbarr Jan 24, 2009
    takes a hash with no_integrity and no_confidentiality configurations.
  5. Trying different logic for LOGIN in the client.

    yannk committed with gbarr Jan 17, 2009
    I'm still not sure about this change.
    I'm also pondering about renaming set_success to something less ambiguous.
    We might need better semantic in the client, where success of a negotiation
    is communicated to the client thru specific protocol means sometimes.
  6. I think this fixes a bug that always enable auth-conf when

    yannk committed with gbarr Jan 16, 2009
    the system doesn't support it and vice-versa
  7. No ambiguity with licensing

    yannk committed with gbarr Jan 16, 2009
  8. Added server LOGIN support for fun

    yannk committed with gbarr Jan 16, 2009
  9. typo 'response' and not 'challenge'

    yannk committed with gbarr Jan 16, 2009
  10. Trying to be a bit more compatible with the future Authen::SASL::XS

    yannk committed with gbarr Jan 16, 2009
    It has to be noted that getsecret is a deprecated callback in SASL v2
    (apparently).
  11. Helped MakeMaker finding my new tests

    yannk committed with gbarr Jan 14, 2009
    Fixed tests issues
  12. - Added maxbuf to the challenge (we should probably omit it when auth

    yannk committed with gbarr Jan 14, 2009
      is proposed only, but that should be fine)
    - Fixed an issue (I believe) where the client was looking for 'server-maxbuf'
      insted of 'maxbuf'
    - renamed a test (consistency)
  13. - Partly fixed digest-uri checking

    yannk committed with gbarr Jan 14, 2009
    - Added more unit tests
  14. updated todo

    yannk committed with gbarr Jan 14, 2009
  15. test plan

    yannk committed with gbarr Jan 14, 2009
  16. test plan

    yannk committed with gbarr Jan 14, 2009
  17. - Added new tests using complete negotiations using one Authen::SASL

    yannk committed with gbarr Jan 14, 2009
      client and one Authen::SASL server
    - Fixed realm challenge parsing when the challenge originates from
      the client. In this case it shouldn't be a multivalued token
  18. - Added support for server in DIGEST_MD5

    yannk committed with gbarr Jan 13, 2009
    - Refactored Perl.pm where necessary to support client and server
    
    Still experimental
  19. Some changes to the API that I think would be nice. need_step

    yannk committed with gbarr Jan 11, 2009
    is consistent with the Cyrus implementation.
  20. Added server API description

    yannk committed with gbarr Jan 11, 2009
  21. Release v2.13

    gbarr committed Sep 24, 2009
  22. RT#675 Authorization with Authen::SASL::Perl::External

    Norbert Klasen committed with gbarr Sep 24, 2009
    the EXTERNAL mechanism has only one round trip so that the
    authorize-id needs to be send in client_start. client_step will never get
    called and can be removed. Also, the noanonymous flag can be set. See
    attached patch.
    
    Signed-off-by: Graham Barr <gbarr@pobox.com>