GNU SASL might have a couple of advantages over other libraries doing
a similar job.
- It's Free Software
- Anybody can use, modify, and redistribute it under the terms of the
GNU General Public License version 3.0 or later. The library uses the
GNU Lesser General Public License version 2.1 or later.
- It's thread-safe
- No global variables are used and multiple library handles and session
handles may be used in parallel.
- It's internationalized
- It handles non-ASCII usernames and passwords and user visible strings
used in the library (error messages) can be translated into the users'
- It's portable
- It should work on all Unix like operating systems, including Windows.
The library itself should be portable to any C89 system, not even
POSIX is required.
- It's small
- The library has been rewritten with embedded platforms in mind. For
example, no API consumes more than around 250 bytes of stack space.
Note that the library does not implement any policy to decide whether
a certain user is “authenticated” or “authorized” or not. Rather,
it uses a callback into the application to answer these questions.