Re: SCRAM-SHA-1 support in GSASL

[Lothar May]

Simon,

thank you for the quick reply!

2010/3/22 Simon Josefsson <address@hidden>:
[...]
>> Great, thanks! I've also updated to the latest version of gsasl. Is
>> SCRAM compatible to the first release in 1.2?
>
> It should be -- except that versions earlier than 1.4.2 have bugs that
> may lead to crashes.  There is a fix in master for SCRAM which you may
> want too.  I'm thinking of releasing v1.4.3 with that fix in it, but I'm
> trying to get to v1.6.0 that would introduce GS2-KRB5 support too.
> GS2-KRB5 is working now, but I need to polish some details.

Well I can use any latest release on Windows, but on Linux we're tied
to whichever version the system has installed ;-).

With the new GS2-KRB5 - do you mean this one?
http://tools.ietf.org/html/draft-ietf-sasl-gs2-20

[...]
>> Oh well... Does anyone know how I can use a user name containing utf8
>> characters without prior conversion?
>
> If you use non-ascii strings, you need to build Libidn and link GNU SASL
> to it as well -- GNU SASL will reject any non-ascii strings when Libidn
> is not enabled.  You could hack around this in lib/src/saslprep.c if you
> want, but (of course) then you aren't fully SCRAM standards compliant.

Oh OK that is the cause of the problem. Is there any chance that I can
use the prebuilt mingw gsasl with libidn?

Regards,
Lothar