Yup, it will be really helpful if you could try and reproduce it. Yes...that's the thing I was wondering, 'no secret in database' means its able to reach the database, but unable to read/load the memcached-sasl-pwdb file. Additionally, I was wondering, if there is need to write additional code for some shared secret at client side or any other dependencies. Currently, I am directly using memcached_set_sasl_auth_data function in the client.
Here are the steps to reproduce: 1. I installed the memcached server with the enable-sasl and enable-sasl-db. 2. Wrote a c client as attached in the email. 3. Created a file with the username:password entry named memcached-sasl-pwdb as shown before. 4. Created a memcached.conf with mech:plain 5. Ran the server using ./memcached -S -vv 6. Ran the client using ./testsasl username password localhost Couple more things to add: 1. I have followed the following wiki: https://github.com/memcached/memcached/wiki/SASLHowto 2. I haven't used this but added the user:pass in the memcached-sasl-pwdb file manually. saslpasswd2 -a memcached -c cacheuser 3. For the SASL library cyrus-sasl-plain, I have installed it, but havent used/pointed to it in code or on the server as I did not see steps for this. 4.I see its mentioned configure option --enable-sasl-pwdb is not working on the wiki, but saw that its there in one of the new PRs. https://github.com/memcached/memcached/issues/365 Let me know if you need any additional info from my side. Regards, Om Kale On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando wrote: > > No secret in database means it thinks the pwdb is empty (or it can't > load/find the pwdb). > > I'm not sure why offhand.. I can try to reproduce it but won't have time > until later today. > > On Fri, 6 Apr 2018, Om Kale wrote: > > > Hi Dormando, > > Thanks for the quick reply. I used the environment variable you > suggested before running the memcached server instance: > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > > > I have added the following in my memcached.conf file (so basically tells > plain text). I have openssl and openldap installed on my machine but > haven't > > specified it any config or pointed to it in the code. > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > Now I run: > > ./memcached -S -v > > > > Followed by the client: > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > Set failed: AUTHENTICATION FAILURE > > > > But still get the same error as before on the memcached server: > > OKALE-M-33H5:memcached-1.5.7 okale$ export > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > Initialized SASL. > > mech: ``SRP'' with 15 bytes of data > > SASL (severity 2): no secret in database > > sasl result code: -4 > > Unknown sasl response: -4 > > > > > > > > You could refer to my attached client code above but I still don't > understand why it says 'no secret in database'. > > > > > > > > Thanks and Regards, > > Om Kale > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7, Dormando wrote: > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > and then try to run my client, I get the following error on the > server: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > Reading configuration from: > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> > > > Initialized SASL. > > > mech: ``SRP'' with 15 bytes of data > > > SASL (severity 2): no secret in database > > > sasl result code: -4 > > > Unknown sasl response: -4 > > > > > > > > > I have added my username, password in a file called > memcached-sasl-pwdb which is located at > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached-sasl-pwdb > > > ok:hello > > > > > > > > > > > > My memcached.conf located at > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and > contains: > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > mech_list: plain > > > > > > > > > I have a couple of questions: > > > 1. How can the memcached server on start up know the configured > users and the username:password details. (Does it read it from > > memcached-sasl-pwdb? If > > > yes, how do I configure it/point to it?) > > > > I guess the wiki didn't get fully updated :( If you use PWDB, it's > via > > MEMCACHED_SASL_PWDB as an environment variable, so: > > $ > > > MEMCACHED_SASL_PWDB="/Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" > > > > ./memcached -S -v > > > > > > > 2. What's the use of the memcached.conf file in the "Reading > configuration from: > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>" > > > > Stating the supported mechanisms for sasl authentication (ie; the > at-rest > > state of the password data) > > > > > in the output. I am presuming this read will tell the memcached > server the username:password details. If yes, what should be the location > > of this file > > > 3. Do I need to install/point to any additional ssl libraries > during server bring up? > > > > Should be answered above. Hopefully that works for you > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to memcached+...@googlegroups.com <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > > > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
