Currently my set up is as follows:
1. My memcached.conf exists at /Users/okale/Library/Caches/
Homebrew/memcached-1.5.7/
2. The memcached server on starting reads from this file as shown in the
log:
OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
Reading configuration from: </Users/okale/Library/Caches/
Homebrew/memcached-1.5.7/memcached.conf>
Initialized SASL.
3. The contents of the memcached.conf are:
mech_list: plain
log_level: 5
sasldb_path: /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/
memcached-sasl-pwdb
4. The memcached-sasl-pwdb is located at /Users/okale/Library/Caches/
Homebrew/memcached-1.5.7/ and has the line:
(I am adding this line manually as the command 'echo "testpass" |
saslpasswd2 -a memcached -c -p testuser' is not creating the file and
adding the content in it)
ok:hello
However, I still see same error on server side:
mech: ``SRP'' with 15 bytes of data
SASL (severity 2): no secret in database
sasl result code: -4
Unknown sasl response: -4
Also on client side, I still see:
OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
Set failed: AUTHENTICATION FAILURE
One more question is:
Is there any additional info to be provided while starting the memcached
server itself?
Thanks and Regards,
Om Kale
On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> wrote:
> Hey Dormando,
> I do not see the memcached-sasl-pwdb created and the password added in it.
> The steps are same as above.
> Also, is there a specific location where memcached.conf and the sasl db
> file: memcached-sasl-pwdb, need to be put?
> I do not see the memcached-sasl-pwdb created automatically. Also the
> memcached.conf is located at t/sasl/memcached.conf, do I need to make the
> modification in this file to point to sasl db or can I create my own
> memcached.conf at another location?
>
>
>
>
> Thanks and Regards,
> Om Kale
>
>
> On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> wrote:
>
>> Hey,
>>
>> Did the memcached-sasl-pwdb file get created and is there a line in it?
>>
>> On Fri, 6 Apr 2018, Om Kale wrote:
>>
>> > Got it. I see the line you mentioned in the test code.
>> > I executed the following steps but still see same issue. (I ran
>> ./configure after the echo command)
>> >
>> >
>> > Here are the steps:
>> >
>> > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 -a
>> memcached -c -p ok
>> > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i 'memcached.conf'
>> > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf
>> > OKALE-M-33H5:memcached-1.5.7 okale$
>> > OKALE-M-33H5:memcached-1.5.7 okale$
>> > OKALE-M-33H5:memcached-1.5.7 okale$
>> > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf
>> > mech_list: plain
>> > log_level: 5
>> > sasldb_path: /Users/okale/Library/Caches/Ho
>> mebrew/memcached-1.5.7/memcached-sasl-pwdb
>> > OKALE-M-33H5:memcached-1.5.7 okale$
>> > OKALE-M-33H5:memcached-1.5.7 okale$
>> > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v
>> > Reading configuration from: </Users/okale/Library/Caches/H
>> omebrew/memcached-1.5.7/memcached.conf>
>> > Initialized SASL.
>> > mech: ``SRP'' with 15 bytes of data
>> > SASL (severity 2): no secret in database
>> > sasl result code: -4
>> > Unknown sasl response: -4
>> >
>> >
>> >
>> > Client side:
>> > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost
>> > Set failed: AUTHENTICATION FAILURE
>> > OKALE-M-33H5:mycode okale$
>> >
>> >
>> >
>> > Is there a specific location where memcached.conf and the sasl db file:
>> memcached-sasl-pwdb, need to be put?
>> >
>> >
>> >
>> >
>> > Thanks and Regards,Om Kale
>> >
>> >
>> > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote:
>> > Read the 30 lines around where I said, not just that line.
>> >
>> > though I guess it's just:
>> >
>> > system("echo testpass | $saslpasswd_path -a memcached -c -p
>> testuser");
>> >
>> > so that means:
>> >
>> > echo "testpass" | saslpasswd2 -a memcached -c -p testuser
>> > if you run that from the same directory as your memcached.conf
>> (or use -f
>> > to point to it?), it should create the file properly.
>> >
>> > I'm saying to use the tool instead of just putting the
>> username/password
>> > into the file, and also using the sasldb_path: argument in
>> memcached.conf
>> > to point to the sasldb, instead of the environment variable.
>> >
>> > On Fri, 6 Apr 2018, Om Kale wrote:
>> >
>> > > Hey Dormando,
>> > > Ok. When I look at the 't/binary-sasl.t' and search for the
>> section you mentioned,
>> > > I see this:
>> > >
>> > > # Build the auth DB for testing.
>> > >
>> > > my $sasldb = '/tmp/test-memcached.sasldb';
>> > >
>> > > unlink $sasldb;
>> > >
>> > >
>> > > In the t/sasl/memcached.conf, I see the following:
>> > > mech_list: plain cram-md5
>> > > log_level: 5
>> > > sasldb_path: /tmp/test-memcached.sasldb
>> > >
>> > > Now, let me know what I need to do....a bit confused.
>> > > Do I need to change any of the above or do I create
>> test-memcached.sasldb under tmp on my machine, add a username:password to
>> it and then
>> > run ./configure
>> > > followed by make?
>> > >
>> > >
>> > >
>> > >
>> > > Thanks and Regards,Om Kale
>> > >
>> > >
>> > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net>
>> wrote:
>> > > Just for sanity's sake, if you look at:
>> t/sasl/memcached.conf in the
>> > > tarball, and look at t/binary-sasl.t (look for the
>> section starting with
>> > > "my $sasldb =", and build a passwd + configure the pwdb
>> that way, does it
>> > > work?
>> > >
>> > > to reiterate; the test config file explicitly declares
>> the path for the db
>> > > within memcached.conf, and then adds the passwords to it
>> via the
>> > > saslpasswd tool.
>> > >
>> > > Would help rule things out anyway. thanks!
>> > >
>> > > On Fri, 6 Apr 2018, Om Kale wrote:
>> > >
>> > > > Yup, it will be really helpful if you could try and
>> reproduce it.
>> > > > Yes...that's the thing I was wondering, 'no secret in
>> database' means its able to reach the database, but unable to read/load the
>> > > memcached-sasl-pwdb
>> > > > file. Additionally, I was wondering, if there is need
>> to write additional code for some shared secret at client side or any other
>> > > dependencies.
>> > > > Currently, I am directly using
>> memcached_set_sasl_auth_data function in the client.
>> > > >
>> > > > Here are the steps to reproduce:
>> > > > 1. I installed the memcached server with the
>> enable-sasl and enable-sasl-db.
>> > > > 2. Wrote a c client as attached in the email.
>> > > > 3. Created a file with the username:password entry
>> named memcached-sasl-pwdb as shown before.
>> > > > 4. Created a memcached.conf with mech:plain
>> > > > 5. Ran the server using ./memcached -S -vv
>> > > > 6. Ran the client using ./testsasl username password
>> localhost
>> > > >
>> > > > Couple more things to add:
>> > > > 1. I have followed the following wiki:
>> > > > https://github.com/memcached/memcached/wiki/SASLHowto
>> > > >
>> > > > 2. I haven't used this but added the user:pass in the
>> memcached-sasl-pwdb file manually.
>> > > >
>> > > > saslpasswd2 -a memcached -c cacheuser
>> > > > 3. For the SASL library cyrus-sasl-plain, I have
>> installed it, but havent used/pointed to it in code or on the server as I
>> did not
>> > see
>> > > steps for this.
>> > > >
>> > > > 4.I see its mentioned configure option
>> --enable-sasl-pwdb is not working on the wiki, but saw that its there in
>> one of the new PRs.
>> > > > https://github.com/memcached/memcached/issues/365
>> > > >
>> > > >
>> > > > Let me know if you need any additional info from my
>> side.
>> > > >
>> > > > Regards,
>> > > > Om Kale
>> > > >
>> > > >
>> > > >
>> > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, Dormando
>> wrote:
>> > > > No secret in database means it thinks the pwdb is
>> empty (or it can't
>> > > > load/find the pwdb).
>> > > >
>> > > > I'm not sure why offhand.. I can try to reproduce
>> it but won't have time
>> > > > until later today.
>> > > >
>> > > > On Fri, 6 Apr 2018, Om Kale wrote:
>> > > >
>> > > > > Hi Dormando,
>> > > > > Thanks for the quick reply. I used the
>> environment variable you suggested before running the memcached server
>> instance:
>> > > > > MEMCACHED_SASL_PWDB="/Users/ok
>> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>> > > > >
>> > > > > I have added the following in my memcached.conf
>> file (so basically tells plain text). I have openssl and openldap installed
>> > on my
>> > > machine
>> > > > but haven't
>> > > > > specified it any config or pointed to it in the
>> code.
>> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat
>> memcached.conf
>> > > > > > mech_list: plain
>> > > > >
>> > > > > Now I run:
>> > > > > ./memcached -S -v
>> > > > >
>> > > > > Followed by the client:
>> > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello
>> localhost
>> > > > > Set failed: AUTHENTICATION FAILURE
>> > > > >
>> > > > > But still get the same error as before on the
>> memcached server:
>> > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export
>> > > MEMCACHED_SASL_PWDB="/Users/o
>> kale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>> > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached
>> -S -v
>> > > > > Reading configuration from:
>> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>
>> > > > > Initialized SASL.
>> > > > > mech: ``SRP'' with 15 bytes of data
>> > > > > SASL (severity 2): no secret in database
>> > > > > sasl result code: -4
>> > > > > Unknown sasl response: -4
>> > > > >
>> > > > >
>> > > > >
>> > > > > You could refer to my attached client code
>> above but I still don't understand why it says 'no secret in database'.
>> > > > >
>> > > > >
>> > > > >
>> > > > > Thanks and Regards,
>> > > > > Om Kale
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > > On Friday, April 6, 2018 at 12:19:17 PM UTC-7,
>> Dormando wrote:
>> > > > >
>> > > > >
>> > > > > On Fri, 6 Apr 2018, Om Kale wrote:
>> > > > >
>> > > > > > and then try to run my client, I get
>> the following error on the server:
>> > > > > >
>> > > > > >
>> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$
>> ./memcached -S -v
>> > > > > > Reading configuration from:
>> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf>
>> > > > > > Initialized SASL.
>> > > > > > mech: ``SRP'' with 15 bytes of data
>> > > > > > SASL (severity 2): no secret in database
>> > > > > > sasl result code: -4
>> > > > > > Unknown sasl response: -4
>> > > > > >
>> > > > > >
>> > > > > > I have added my username, password in a
>> file called memcached-sasl-pwdb which is located at
>> > > > > > /Users/okale/Library/Caches/Ho
>> mebrew/memcached-1.5.7/memcached-sasl-pwdb
>> > > > > >
>> > > > > >
>> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat
>> memcached-sasl-pwdb
>> > > > > > ok:hello
>> > > > > >
>> > > > > >
>> > > > > >
>> > > > > > My memcached.conf located at
>> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and
>> contains:
>> > > > > >
>> > > > > >
>> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat
>> memcached.conf
>> > > > > > mech_list: plain
>> > > > > >
>> > > > > >
>> > > > > > I have a couple of questions:
>> > > > > > 1. How can the memcached server on
>> start up know the configured users and the username:password details. (Does
>> it
>> > read it
>> > > from
>> > > > > memcached-sasl-pwdb? If
>> > > > > > yes, how do I configure it/point to it?)
>> > > > >
>> > > > > I guess the wiki didn't get fully updated
>> :( If you use PWDB, it's via
>> > > > > MEMCACHED_SASL_PWDB as an environment
>> variable, so:
>> > > > > $
>> > > > > MEMCACHED_SASL_PWDB="/Users/ok
>> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb"
>> > > > > ./memcached -S -v
>> > > > >
>> > > > >
>> > > > > > 2. What's the use of the memcached.conf
>> file in the "Reading configuration from:
>> > > > > </Users/okale/Library/Caches/H
>> omebrew/memcached-1.5.7/memcached.conf>"
>> > > > >
>> > > > > Stating the supported mechanisms for sasl
>> authentication (ie; the at-rest
>> > > > > state of the password data)
>> > > > >
>> > > > > > in the output. I am presuming this read
>> will tell the memcached server the username:password details. If yes, what
>> > should
>> > > be the
>> > > > location
>> > > > > of this file
>> > > > > > 3. Do I need to install/point to any
>> additional ssl libraries during server bring up?
>> > > > >
>> > > > > Should be answered above. Hopefully that
>> works for you
>> > > > >
>> > > > > --
>> > > > >
>> > > > > ---
>> > > > > You received this message because you are
>> subscribed to the Google Groups "memcached" group.
>> > > > > To unsubscribe from this group and stop
>> receiving emails from it, send an email to memcached+...@googlegroups.com
>> .
>> > > > > For more options, visit
>> https://groups.google.com/d/optout.
>> > > > >
>> > > > >
>> > > >
>> > > > --
>> > > >
>> > > > ---
>> > > > You received this message because you are subscribed to
>> the Google Groups "memcached" group.
>> > > > To unsubscribe from this group and stop receiving
>> emails from it, send an email to memcached+unsubscr...@googlegroups.com.
>> > > > For more options, visit https://groups.google.com/d/op
>> tout.
>> > > >
>> > > >
>> > >
>> > > --
>> > >
>> > > ---
>> > > You received this message because you are subscribed to
>> the Google Groups "memcached" group.
>> > > To unsubscribe from this group and stop receiving emails
>> from it, send an email to memcached+unsubscr...@googlegroups.com.
>> > > For more options, visit https://groups.google.com/d/op
>> tout.
>> > >
>> > >
>> > > --
>> > >
>> > > ---
>> > > You received this message because you are subscribed to the
>> Google Groups "memcached" group.
>> > > To unsubscribe from this group and stop receiving emails from
>> it, send an email to memcached+unsubscr...@googlegroups.com.
>> > > For more options, visit https://groups.google.com/d/optout.
>> > >
>> > >
>> >
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the
>> Google Groups "memcached" group.
>> > To unsubscribe from this group and stop receiving emails from it,
>> send an email to memcached+unsubscr...@googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>> >
>> >
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the Google
>> Groups "memcached" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to memcached+unsubscr...@googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>> >
>> >
>>
>> --
>>
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "memcached" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to memcached+unsubscr...@googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
---
You received this message because you are subscribed to the Google Groups
"memcached" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to memcached+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
