#sasl #sso #framework #middleware

no-std rsasl

The Rust SASL framework, aimed at both middleware-style protocol implementation and application code. Designed to make SASL authentication simple and safe while handing as much control to the user as possible

31 releases (7 stable)

2.0.0 Feb 4, 2023
2.0.0-rc.4 Nov 22, 2022
2.0.0-rc.3 Oct 12, 2022
2.0.0-preview6 Jul 25, 2022
0.1.1 Apr 28, 2020

#110 in Authentication

Download history 250/week @ 2023-11-02 197/week @ 2023-11-09 297/week @ 2023-11-16 346/week @ 2023-11-23 257/week @ 2023-11-30 600/week @ 2023-12-07 231/week @ 2023-12-14 205/week @ 2023-12-21 190/week @ 2023-12-28 182/week @ 2024-01-04 165/week @ 2024-01-11 271/week @ 2024-01-18 224/week @ 2024-01-25 236/week @ 2024-02-01 207/week @ 2024-02-08 595/week @ 2024-02-15

1,286 downloads per month
Used in 11 crates (3 directly)

Apache-2.0 OR MIT


The Rust SASL framework

Latest Version docs maintenance license msrv

rsasl is an framework for RFC 4422; the Simple Authentication and Security Layer — aka SASL.

It is designed to enable implementing SASL support in protocol handling crates while abstracting away the details, allowing downstream users to select available mechanisms and add support for additional mechanisms without any changes required in the protocol handling crate.

rsasl provide a number of mechanisms by itself:

  • SCRAM-SHA-256 and SCRAM-SHA-256-PLUS

Support for the following mechanisms was available in rsasl 1 but is not implemented in rsasl 2:

  • OPENID20
  • SAML20
  • GS2-KRB5
  • NTLM
  • CRAM-MD5

Additional mechanisms can be implemented by other crates. (NOTE: In the current v2.0.0 this feature is unstable)

Conditional compilation of mechanism

rsasl allows users to select the available mechanisms at compile time using cargo features. For an overview refer to the module documentation of rsasl::mechanisms.

MSRV — Minimum Supported Rust Version

The current msrv rsasl is Rust 1.56.0, however do note that certain features (e.g. registry_static) have dependencies with much more recent msrv.


The CHANGELOG.md contains a detailed release history, including added features and fixed bugs.

Major version 1 of this crate uses gsasl-sys which are binding to GNU gsasl. This makes the use of unsafe code and FFI necessary. You can find the latest 1.X.Y version in the branch 1.X.X

Version 2.0.0 is a pure-Rust rewrite of this crate that is able to drop almost all unsafe code from the crate. It is currently in a release-candidate testing phase as 2.0.0-rc.X to ensure the API is usable as is.


Version 2 and later of this library are dual licensed under both Apache-2.0 and MIT, at your option.


You can find a few examples on GitHub.


~406K SLoC