Hi Dormando, I was just curious to know whether you were able to reproduce the above mentioned issue?
Thanks and Regards, Om Kale On Mon, Apr 9, 2018 at 12:53 PM, Om Kale <omkal...@gmail.com> wrote: > Yes, that will be very helpful Dormando. I agree, might be missing > something. > The points where I think I might be going wrong are as follows: > > 1. The exact location and contents of memcached.conf and the sasl db file > - memcached-sasl-pwdb (and the interaction between the two). > As per my understanding, SASL_CONF_PATH, tells the memcached server where > to read the file from and then the line sasldb_path in the conf file tells > the server where to get the sasl db file for username:password > authentication. I feel this linkage is not happening correctly in my case. > > 2. Is the sasl db file generated on its own when I run the server? If yes, > do we need to add command line parameters while running the memcached > server for this to happen. (FYI: I have configured --enable-sasl-pwdb while > running configure) > > The main problem I am facing right now is memcached-sasl-pwdb is not > getting created and populated on its own. > Please do let me know the outcome once you try to reproduce it. I am > cuurently using MAC-OS high Sierra. > > Thanks and Regards, > Om Kale > > > On Mon, Apr 9, 2018 at 12:28 PM, dormando <dorma...@rydia.net> wrote: > >> Hey, >> >> I'll try to reproduce this today. I have a feeling you're skipping some >> steps but it's definitely a confusing process... >> >> On Mon, 9 Apr 2018, Om Kale wrote: >> >> > Currently my set up is as follows: >> > 1. My memcached.conf exists at /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/ >> > 2. The memcached server on starting reads from this file as shown in >> the log: >> > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v >> > Reading configuration from: </Users/okale/Library/Caches/H >> omebrew/memcached-1.5.7/memcached.conf> >> > Initialized SASL. >> > 3. The contents of the memcached.conf are: >> > mech_list: plain >> > log_level: 5 >> > sasldb_path: /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/memcached-sasl-pwdb >> > 4. The memcached-sasl-pwdb is located at >> > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ >> and has the line: >> > (I am adding this line manually as the command 'echo "testpass" | >> saslpasswd2 -a memcached -c -p testuser' is not creating the file and >> adding the >> > content in it) >> > ok:hello >> > >> > However, I still see same error on server side: >> > mech: ``SRP'' with 15 bytes of data >> > SASL (severity 2): no secret in database >> > sasl result code: -4 >> > Unknown sasl response: -4 >> > >> > Also on client side, I still see: >> > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost >> > Set failed: AUTHENTICATION FAILURE >> > >> > >> > One more question is: >> > Is there any additional info to be provided while starting the >> memcached server itself? >> > >> > Thanks and Regards,Om Kale >> > >> > >> > On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> wrote: >> > Hey Dormando, >> > I do not see the memcached-sasl-pwdb created and the password added in >> it. >> > The steps are same as above. >> > Also, is there a specific location where memcached.conf and the sasl db >> file: memcached-sasl-pwdb, need to be put? >> > I do not see the memcached-sasl-pwdb created automatically. Also the >> memcached.conf is located at t/sasl/memcached.conf, do I need to make the >> > modification in this file to point to sasl db or can I create my own >> memcached.conf at another location? >> > >> > >> > >> > >> > Thanks and Regards,Om Kale >> > >> > >> > On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> wrote: >> > Hey, >> > >> > Did the memcached-sasl-pwdb file get created and is there a line >> in it? >> > >> > On Fri, 6 Apr 2018, Om Kale wrote: >> > >> > > Got it. I see the line you mentioned in the test code. >> > > I executed the following steps but still see same issue. (I ran >> ./configure after the echo command) >> > > >> > > >> > > Here are the steps: >> > > >> > > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | saslpasswd2 >> -a memcached -c -p ok >> > > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i >> 'memcached.conf' >> > > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 memcached.conf >> > > OKALE-M-33H5:memcached-1.5.7 okale$ >> > > OKALE-M-33H5:memcached-1.5.7 okale$ >> > > OKALE-M-33H5:memcached-1.5.7 okale$ >> > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf >> > > mech_list: plain >> > > log_level: 5 >> > > sasldb_path: /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/memcached-sasl-pwdb >> > > OKALE-M-33H5:memcached-1.5.7 okale$ >> > > OKALE-M-33H5:memcached-1.5.7 okale$ >> > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v >> > > Reading configuration from: </Users/okale/Library/Caches/H >> omebrew/memcached-1.5.7/memcached.conf> >> > > Initialized SASL. >> > > mech: ``SRP'' with 15 bytes of data >> > > SASL (severity 2): no secret in database >> > > sasl result code: -4 >> > > Unknown sasl response: -4 >> > > >> > > >> > > >> > > Client side: >> > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost >> > > Set failed: AUTHENTICATION FAILURE >> > > OKALE-M-33H5:mycode okale$ >> > > >> > > >> > > >> > > Is there a specific location where memcached.conf and the sasl >> db file: memcached-sasl-pwdb, need to be put? >> > > >> > > >> > > >> > > >> > > Thanks and Regards,Om Kale >> > > >> > > >> > > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> wrote: >> > > Read the 30 lines around where I said, not just that line. >> > > >> > > though I guess it's just: >> > > >> > > system("echo testpass | $saslpasswd_path -a memcached -c -p >> testuser"); >> > > >> > > so that means: >> > > >> > > echo "testpass" | saslpasswd2 -a memcached -c -p testuser >> > > if you run that from the same directory as your memcached.conf >> (or use -f >> > > to point to it?), it should create the file properly. >> > > >> > > I'm saying to use the tool instead of just putting the >> username/password >> > > into the file, and also using the sasldb_path: argument in >> memcached.conf >> > > to point to the sasldb, instead of the environment variable. >> > > >> > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > >> > > > Hey Dormando, >> > > > Ok. When I look at the 't/binary-sasl.t' and search for the >> section you mentioned, >> > > > I see this: >> > > > >> > > > # Build the auth DB for testing. >> > > > >> > > > my $sasldb = '/tmp/test-memcached.sasldb'; >> > > > >> > > > unlink $sasldb; >> > > > >> > > > >> > > > In the t/sasl/memcached.conf, I see the following: >> > > > mech_list: plain cram-md5 >> > > > log_level: 5 >> > > > sasldb_path: /tmp/test-memcached.sasldb >> > > > >> > > > Now, let me know what I need to do....a bit confused. >> > > > Do I need to change any of the above or do I create >> test-memcached.sasldb under tmp on my machine, add a username:password to it >> > and then >> > > run ./configure >> > > > followed by make? >> > > > >> > > > >> > > > >> > > > >> > > > Thanks and Regards,Om Kale >> > > > >> > > > >> > > > On Fri, Apr 6, 2018 at 2:48 PM, dormando <dorma...@rydia.net> >> wrote: >> > > > Just for sanity's sake, if you look at: >> t/sasl/memcached.conf in the >> > > > tarball, and look at t/binary-sasl.t (look for the >> section starting with >> > > > "my $sasldb =", and build a passwd + configure the pwdb >> that way, does it >> > > > work? >> > > > >> > > > to reiterate; the test config file explicitly declares >> the path for the db >> > > > within memcached.conf, and then adds the passwords to >> it via the >> > > > saslpasswd tool. >> > > > >> > > > Would help rule things out anyway. thanks! >> > > > >> > > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > > >> > > > > Yup, it will be really helpful if you could try and >> reproduce it. >> > > > > Yes...that's the thing I was wondering, 'no secret in >> database' means its able to reach the database, but unable to >> > read/load the >> > > > memcached-sasl-pwdb >> > > > > file. Additionally, I was wondering, if there is need >> to write additional code for some shared secret at client side or any >> > other >> > > > dependencies. >> > > > > Currently, I am directly using >> memcached_set_sasl_auth_data function in the client. >> > > > > >> > > > > Here are the steps to reproduce: >> > > > > 1. I installed the memcached server with the >> enable-sasl and enable-sasl-db. >> > > > > 2. Wrote a c client as attached in the email. >> > > > > 3. Created a file with the username:password entry >> named memcached-sasl-pwdb as shown before. >> > > > > 4. Created a memcached.conf with mech:plain >> > > > > 5. Ran the server using ./memcached -S -vv >> > > > > 6. Ran the client using ./testsasl username password >> localhost >> > > > > >> > > > > Couple more things to add: >> > > > > 1. I have followed the following wiki: >> > > > > https://github.com/memcached/memcached/wiki/SASLHowto >> > > > > >> > > > > 2. I haven't used this but added the user:pass in the >> memcached-sasl-pwdb file manually. >> > > > > >> > > > > saslpasswd2 -a memcached -c cacheuser >> > > > > 3. For the SASL library cyrus-sasl-plain, I have >> installed it, but havent used/pointed to it in code or on the server as I >> > did not >> > > see >> > > > steps for this. >> > > > > >> > > > > 4.I see its mentioned configure option >> --enable-sasl-pwdb is not working on the wiki, but saw that its there in >> one of the >> > new PRs. >> > > > > https://github.com/memcached/memcached/issues/365 >> > > > > >> > > > > >> > > > > Let me know if you need any additional info from my >> side. >> > > > > >> > > > > Regards, >> > > > > Om Kale >> > > > > >> > > > > >> > > > > >> > > > > On Friday, April 6, 2018 at 12:45:26 PM UTC-7, >> Dormando wrote: >> > > > > No secret in database means it thinks the pwdb >> is empty (or it can't >> > > > > load/find the pwdb). >> > > > > >> > > > > I'm not sure why offhand.. I can try to >> reproduce it but won't have time >> > > > > until later today. >> > > > > >> > > > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > > > >> > > > > > Hi Dormando, >> > > > > > Thanks for the quick reply. I used the >> environment variable you suggested before running the memcached server >> > instance: >> > > > > > MEMCACHED_SASL_PWDB="/Users/ok >> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > > >> > > > > > I have added the following in my >> memcached.conf file (so basically tells plain text). I have openssl and >> openldap >> > installed >> > > on my >> > > > machine >> > > > > but haven't >> > > > > > specified it any config or pointed to it in >> the code. >> > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat >> memcached.conf >> > > > > > > mech_list: plain >> > > > > > >> > > > > > Now I run: >> > > > > > ./memcached -S -v >> > > > > > >> > > > > > Followed by the client: >> > > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok >> hello localhost >> > > > > > Set failed: AUTHENTICATION FAILURE >> > > > > > >> > > > > > But still get the same error as before on the >> memcached server: >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ export >> > > > MEMCACHED_SASL_PWDB="/Users/o >> kale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ >> ./memcached -S -v >> > > > > > Reading configuration from: >> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> >> > > > > > Initialized SASL. >> > > > > > mech: ``SRP'' with 15 bytes of data >> > > > > > SASL (severity 2): no secret in database >> > > > > > sasl result code: -4 >> > > > > > Unknown sasl response: -4 >> > > > > > >> > > > > > >> > > > > > >> > > > > > You could refer to my attached client code >> above but I still don't understand why it says 'no secret in database'. >> > > > > > >> > > > > > >> > > > > > >> > > > > > Thanks and Regards, >> > > > > > Om Kale >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > >> > > > > > On Friday, April 6, 2018 at 12:19:17 PM >> UTC-7, Dormando wrote: >> > > > > > >> > > > > > >> > > > > > On Fri, 6 Apr 2018, Om Kale wrote: >> > > > > > >> > > > > > > and then try to run my client, I get >> the following error on the server: >> > > > > > > >> > > > > > > >> > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ >> ./memcached -S -v >> > > > > > > Reading configuration from: >> </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf> >> > > > > > > Initialized SASL. >> > > > > > > mech: ``SRP'' with 15 bytes of data >> > > > > > > SASL (severity 2): no secret in >> database >> > > > > > > sasl result code: -4 >> > > > > > > Unknown sasl response: -4 >> > > > > > > >> > > > > > > >> > > > > > > I have added my username, password in >> a file called memcached-sasl-pwdb which is located at >> > > > > > > /Users/okale/Library/Caches/Ho >> mebrew/memcached-1.5.7/memcached-sasl-pwdb >> > > > > > > >> > > > > > > >> > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ >> cat memcached-sasl-pwdb >> > > > > > > ok:hello >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > My memcached.conf located at >> /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf and >> > contains: >> > > > > > > >> > > > > > > >> > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ >> cat memcached.conf >> > > > > > > mech_list: plain >> > > > > > > >> > > > > > > >> > > > > > > I have a couple of questions: >> > > > > > > 1. How can the memcached server on >> start up know the configured users and the username:password details. >> > (Does it >> > > read it >> > > > from >> > > > > > memcached-sasl-pwdb? If >> > > > > > > yes, how do I configure it/point to >> it?) >> > > > > > >> > > > > > I guess the wiki didn't get fully >> updated :( If you use PWDB, it's via >> > > > > > MEMCACHED_SASL_PWDB as an environment >> variable, so: >> > > > > > $ >> > > > > > MEMCACHED_SASL_PWDB="/Users/ok >> ale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sasl-pwdb" >> > > > > > ./memcached -S -v >> > > > > > >> > > > > > >> > > > > > > 2. What's the use of the >> memcached.conf file in the "Reading configuration from: >> > > > > > </Users/okale/Library/Caches/H >> omebrew/memcached-1.5.7/memcached.conf>" >> > > > > > >> > > > > > Stating the supported mechanisms for >> sasl authentication (ie; the at-rest >> > > > > > state of the password data) >> > > > > > >> > > > > > > in the output. I am presuming this >> read will tell the memcached server the username:password details. If >> > yes, what >> > > should >> > > > be the >> > > > > location >> > > > > > of this file >> > > > > > > 3. Do I need to install/point to any >> additional ssl libraries during server bring up? >> > > > > > >> > > > > > Should be answered above. Hopefully >> that works for you >> > > > > > >> > > > > > -- >> > > > > > >> > > > > > --- >> > > > > > You received this message because you are >> subscribed to the Google Groups "memcached" group. >> > > > > > To unsubscribe from this group and stop >> receiving emails from it, send an email to memcached+...@googlegroups.com >> . >> > > > > > For more options, visit >> https://groups.google.com/d/optout. >> > > > > > >> > > > > > >> > > > > >> > > > > -- >> > > > > >> > > > > --- >> > > > > You received this message because you are subscribed >> to the Google Groups "memcached" group. >> > > > > To unsubscribe from this group and stop receiving >> emails from it, send an email to memcached+unsubscr...@googlegroups.com. >> > > > > For more options, visit >> https://groups.google.com/d/optout. >> > > > > >> > > > > >> > > > >> > > > -- >> > > > >> > > > --- >> > > > You received this message because you are subscribed to >> the Google Groups "memcached" group. >> > > > To unsubscribe from this group and stop receiving >> emails from it, send an email to memcached+unsubscr...@googlegroups.com. >> > > > For more options, visit https://groups.google.com/d/op >> tout. >> > > > >> > > > >> > > > -- >> > > > >> > > > --- >> > > > You received this message because you are subscribed to the >> Google Groups "memcached" group. >> > > > To unsubscribe from this group and stop receiving emails from >> it, send an email to memcached+unsubscr...@googlegroups.com. >> > > > For more options, visit https://groups.google.com/d/optout. >> > > > >> > > > >> > > >> > > -- >> > > >> > > --- >> > > You received this message because you are subscribed to the >> Google Groups "memcached" group. >> > > To unsubscribe from this group and stop receiving emails from >> it, send an email to memcached+unsubscr...@googlegroups.com. >> > > For more options, visit https://groups.google.com/d/optout. >> > > >> > > >> > > -- >> > > >> > > --- >> > > You received this message because you are subscribed to the Google >> Groups "memcached" group. >> > > To unsubscribe from this group and stop receiving emails from it, >> send an email to memcached+unsubscr...@googlegroups.com. >> > > For more options, visit https://groups.google.com/d/optout. >> > > >> > > >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups "memcached" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an email to memcached+unsubscr...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. >> > >> > >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups "memcached" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an email to memcached+unsubscr...@googlegroups.com. >> > For more options, visit https://groups.google.com/d/optout. >> > >> > >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "memcached" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to memcached+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.