#sasl #authentication #sso #framework #middleware


The Rust SASL framework, aimed at both middleware-style protocol implementation and application code. Designed to make SASL authentication simple and safe while handing as much control to the user as possible

22 releases (6 stable)

Uses new Rust 2021

new 2.0.0-preview9 Aug 8, 2022
2.0.0-preview6 Jul 25, 2022
2.0.0-preview3 Mar 16, 2022
1.4.2 Dec 3, 2021
0.1.1 Apr 28, 2020

#48 in Authentication

Download history 13/week @ 2022-04-21 138/week @ 2022-04-28 112/week @ 2022-05-05 274/week @ 2022-05-12 75/week @ 2022-05-19 90/week @ 2022-05-26 191/week @ 2022-06-02 2/week @ 2022-06-09 3/week @ 2022-06-16 21/week @ 2022-06-23 18/week @ 2022-06-30 18/week @ 2022-07-07 6/week @ 2022-07-14 123/week @ 2022-07-21 64/week @ 2022-07-28 69/week @ 2022-08-04

280 downloads per month

Apache-2.0 OR MIT

7.5K SLoC

The Rust SASL framework

Latest Version docs maintenance license msrv

rsasl is an framework for RFC 4422; the Simple Authentication and Security Layer — aka SASL.

It is designed to enable implementing SASL support in protocol handling crates while abstracting away the details, allowing downstream users to select available mechanisms and add support for additional mechanisms without any changes required in the protocol handling crate.

rsasl provide a number of mechanisms by itself:

  • SCRAM-SHA-256 and SCRAM-SHA-256-PLUS
  • XOAUTH2 (Client side only)

Support for the following mechanisms was available in rsasl 1 but is not implemented in rsasl 2:

  • OPENID20
  • SAML20
  • GS2-KRB5
  • NTLM
  • CRAM-MD5

Additional mechanisms can be implemented by other crates. (NOTE: In the current v2.0.0 this feature is unstable)

Conditional compilation of mechanism

rsasl allows users to select the available mechanisms at compile time using cargo features. For an overview refer to the module documentation of rsasl::mechanisms.

MSRV — Minimum Supported Rust Version

The current msrv rsasl is Rust 1.56.0, however do note that certain features (e.g. registry_static) have dependencies with much more recent msrv.


Major version 1 of this crate uses gsasl-sys which are binding to GNU gsasl. This makes the use of unsafe code and FFI necessary. You can find the latest 1.X.Y version in the branch 1.X.X

Version 2.0.0-preview is a pure-Rust rewrite using sources transpiled using c2rust. Keep in mind that despite being Rust this code is as least as unsafe as the original C code. Most of this unsafe code will be removed before the first non-preview 2.0.0 release.


Version 2 and later of this library are dual licensed under both Apache-2.0 and MIT, at your option.


You can find a few examples on GitHub.