Hi Dormando, Thanks for the update. I will try this out now. But before this I had one more quick question. Did you create the sasl folder and memcached.conf manually inside /home/dormando/ ?
Thanks and Regards, Om Kale On Tue, Apr 10, 2018 at 3:38 PM, dormando <dorma...@rydia.net> wrote: > Hey, > > Was able to authenticate with your tool: > > $ pwd > /home/dormando/sasl > $ cat memcached.conf > mech_list: plain > log_level: 5 > sasldb_path: /home/dormando/sasl/memcached-sasl-pwdb > $ echo testpass | saslpasswd2 -f > /home/dormando/sasl/memcached-sasl-pwdb -a memcached -c -p testuser > $ SASL_CONF_PATH="/home/dormando/sasl" memcached -S -v > INFO: MEMCACHED_SASL_PWDB not specified. Internal passwd database disabled > Initialized SASL. > $ ./testsasl testuser testpass 127.0.0.1 > Get/Set success! > > Just add the "-f /path/to/sasl-pwdb" to saslpasswd2 and let it create the > entry for you. Your manual passwd DB isn't valid. > > Without the -f the tool was exiting with "Generic failure" (should've > asked you what the exit code was earlier, sorry). Strace'ing it showed it > was trying to open /etc/sasl and write a new file, but I wasn't running as > root. > > On Tue, 10 Apr 2018, Om Kale wrote: > > > Hey Dormando, > > Today I tried reinstalling memcached from scratch and followed the > procedure in the wiki > > and the points you mentiibed however same issue of 'no secret in > database' is still > > observed. > > > > In addition, did the following steps but still no success. > > https://stackoverflow.com/questions/12919032/can-i-set- > username-and-password-on-memcach > > ed-like-mysql > > > > > > Thanks and Regards,Om Kale > > > > On Mon, Apr 9, 2018 at 11:58 PM, dormando <dorma...@rydia.net> wrote: > > Sorry, ran out of time today. will try for earlier tomorrow > > > > On Mon, 9 Apr 2018, Om Kale wrote: > > > > > Hi Dormando,I was just curious to know whether you were able to > reproduce > > the above > > > mentioned issue? > > > > > > Thanks and Regards,Om Kale > > > > > > On Mon, Apr 9, 2018 at 12:53 PM, Om Kale <omkal...@gmail.com> > wrote: > > > Yes, that will be very helpful Dormando. I agree, might be > missing > > > something. > > > The points where I think I might be going wrong are as follows: > > > > > > 1. The exact location and contents of memcached.conf and the > sasl db file > > - > > > memcached-sasl-pwdb (and the interaction between the two). > > > As per my understanding, SASL_CONF_PATH, tells the memcached > server where > > to read > > > the file from and then the line sasldb_path in the conf file > tells the > > server > > > where to get the sasl db file for username:password > authentication. I feel > > this > > > linkage is not happening correctly in my case. > > > > > > 2. Is the sasl db file generated on its own when I run the > server? If yes, > > do we > > > need to add command line parameters while running the memcached > server for > > this to > > > happen. (FYI: I have configured --enable-sasl-pwdb while running > > configure) > > > > > > The main problem I am facing right now is memcached-sasl-pwdb is > not > > getting > > > created and populated on its own. > > > Please do let me know the outcome once you try to reproduce it. > I am > > cuurently > > > using MAC-OS high Sierra. > > > > > > Thanks and Regards,Om Kale > > > > > > > > > On Mon, Apr 9, 2018 at 12:28 PM, dormando <dorma...@rydia.net> > wrote: > > > Hey, > > > > > > I'll try to reproduce this today. I have a feeling you're > skipping > > > some > > > steps but it's definitely a confusing process... > > > > > > On Mon, 9 Apr 2018, Om Kale wrote: > > > > > > > Currently my set up is as follows: > > > > 1. My memcached.conf exists at > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > > > > 2. The memcached server on starting reads from this file > as shown > > in > > > the log: > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > > Reading configuration from: > > > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached.conf> > > > > Initialized SASL. > > > > 3. The contents of the memcached.conf are: > > > > mech_list: plain > > > > log_level: 5 > > > > sasldb_path: > > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached-sasl-pwdb > > > > 4. The memcached-sasl-pwdb is located > > > at /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > and has the > > > line: > > > > (I am adding this line manually as the command 'echo > "testpass" | > > > saslpasswd2 -a memcached -c -p testuser' is not creating > the file > > and > > > adding the > > > > content in it) > > > > ok:hello > > > > > > > > However, I still see same error on server side: > > > > mech: ``SRP'' with 15 bytes of data > > > > SASL (severity 2): no secret in database > > > > sasl result code: -4 > > > > Unknown sasl response: -4 > > > > > > > > Also on client side, I still see: > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello localhost > > > > Set failed: AUTHENTICATION FAILURE > > > > > > > > > > > > One more question is: > > > > Is there any additional info to be provided while > starting the > > > memcached server itself? > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > On Mon, Apr 9, 2018 at 10:35 AM, Om Kale <omkal...@gmail.com> > wrote: > > > > Hey Dormando, > > > > I do not see the memcached-sasl-pwdb created and the password > added in > > it. > > > > The steps are same as above. > > > > Also, is there a specific location where memcached.conf and > the sasl db > > > file: memcached-sasl-pwdb, need to be put? > > > > I do not see the memcached-sasl-pwdb created automatically. > Also the > > > memcached.conf is located at t/sasl/memcached.conf, do I need to > make the > > > > modification in this file to point to sasl db or can I create > my own > > > memcached.conf at another location? > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > On Fri, Apr 6, 2018 at 5:53 PM, dormando <dorma...@rydia.net> > wrote: > > > > Hey, > > > > > > > > Did the memcached-sasl-pwdb file get created and is > there a line > > in > > > it? > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > Got it. I see the line you mentioned in the test code. > > > > > I executed the following steps but still see same > issue. (I ran > > > ./configure after the echo command) > > > > > > > > > > > > > > > Here are the steps: > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ echo "hello" | > saslpasswd2 > > -a > > > memcached -c -p ok > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ls -lrth | grep -i > > > 'memcached.conf' > > > > > -rw-r--r-- 1 okale staff 116B Apr 6 15:28 > memcached.conf > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ cat memcached.conf > > > > > mech_list: plain > > > > > log_level: 5 > > > > > sasldb_path: > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached-sasl-pwdb > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ ./memcached -S -v > > > > > Reading configuration from: > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached.conf> > > > > > Initialized SASL. > > > > > mech: ``SRP'' with 15 bytes of data > > > > > SASL (severity 2): no secret in database > > > > > sasl result code: -4 > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > Client side: > > > > > OKALE-M-33H5:mycode okale$ ./testsasl ok hello > localhost > > > > > Set failed: AUTHENTICATION FAILURE > > > > > OKALE-M-33H5:mycode okale$ > > > > > > > > > > > > > > > > > > > > Is there a specific location where memcached.conf and > the sasl > > db > > > file: memcached-sasl-pwdb, need to be put? > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > On Fri, Apr 6, 2018 at 3:54 PM, dormando <dorma...@rydia.net> > wrote: > > > > > Read the 30 lines around where I said, not just that > line. > > > > > > > > > > though I guess it's just: > > > > > > > > > > system("echo testpass | $saslpasswd_path -a memcached > -c -p > > > testuser"); > > > > > > > > > > so that means: > > > > > > > > > > echo "testpass" | saslpasswd2 -a memcached -c -p > testuser > > > > > if you run that from the same directory as your > memcached.conf > > (or > > > use -f > > > > > to point to it?), it should create the file properly. > > > > > > > > > > I'm saying to use the tool instead of just putting the > > > username/password > > > > > into the file, and also using the sasldb_path: > argument in > > > memcached.conf > > > > > to point to the sasldb, instead of the environment > variable. > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > Hey Dormando, > > > > > > Ok. When I look at the 't/binary-sasl.t' and search > for the > > > section you mentioned, > > > > > > I see this: > > > > > > > > > > > > # Build the auth DB for testing. > > > > > > > > > > > > my $sasldb = '/tmp/test-memcached.sasldb'; > > > > > > > > > > > > unlink $sasldb; > > > > > > > > > > > > > > > > > > In the t/sasl/memcached.conf, I see the following: > > > > > > mech_list: plain cram-md5 > > > > > > log_level: 5 > > > > > > sasldb_path: /tmp/test-memcached.sasldb > > > > > > > > > > > > Now, let me know what I need to do....a bit confused. > > > > > > Do I need to change any of the above or do I create > > > test-memcached.sasldb under tmp on my machine, add a > username:password to > > it > > > > and then > > > > > run ./configure > > > > > > followed by make? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > > > > On Fri, Apr 6, 2018 at 2:48 PM, dormando < > dorma...@rydia.net> > > > wrote: > > > > > > Just for sanity's sake, if you look at: > > > t/sasl/memcached.conf in the > > > > > > tarball, and look at t/binary-sasl.t (look for > the > > section > > > starting with > > > > > > "my $sasldb =", and build a passwd + configure > the pwdb > > > that way, does it > > > > > > work? > > > > > > > > > > > > to reiterate; the test config file explicitly > declares > > the > > > path for the db > > > > > > within memcached.conf, and then adds the > passwords to it > > > via the > > > > > > saslpasswd tool. > > > > > > > > > > > > Would help rule things out anyway. thanks! > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > Yup, it will be really helpful if you could > try and > > > reproduce it. > > > > > > > Yes...that's the thing I was wondering, 'no > secret in > > > database' means its able to reach the database, but unable to > > > > read/load the > > > > > > memcached-sasl-pwdb > > > > > > > file. Additionally, I was wondering, if > there is need > > to > > > write additional code for some shared secret at client side or > any > > > > other > > > > > > dependencies. > > > > > > > Currently, I am directly using > > > memcached_set_sasl_auth_data function in the client. > > > > > > > > > > > > > > Here are the steps to reproduce: > > > > > > > 1. I installed the memcached server with the > > enable-sasl > > > and enable-sasl-db. > > > > > > > 2. Wrote a c client as attached in the email. > > > > > > > 3. Created a file with the username:password > entry > > named > > > memcached-sasl-pwdb as shown before. > > > > > > > 4. Created a memcached.conf with mech:plain > > > > > > > 5. Ran the server using ./memcached -S -vv > > > > > > > 6. Ran the client using ./testsasl username > password > > > localhost > > > > > > > > > > > > > > Couple more things to add: > > > > > > > 1. I have followed the following wiki: > > > > > > > https://github.com/memcached/ > memcached/wiki/SASLHowto > > > > > > > > > > > > > > 2. I haven't used this but added the > user:pass in the > > > memcached-sasl-pwdb file manually. > > > > > > > > > > > > > > saslpasswd2 -a memcached -c cacheuser > > > > > > > 3. For the SASL library cyrus-sasl-plain, I > have > > > installed it, but havent used/pointed to it in code or on the > server as I > > > > did not > > > > > see > > > > > > steps for this. > > > > > > > > > > > > > > 4.I see its mentioned configure option > > > --enable-sasl-pwdb is not working on the wiki, but saw that its > there in > > one > > > of the > > > > new PRs. > > > > > > > https://github.com/memcached/ > memcached/issues/365 > > > > > > > > > > > > > > > > > > > > > Let me know if you need any additional info > from my > > > side. > > > > > > > > > > > > > > Regards, > > > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:45:26 PM > UTC-7, > > Dormando > > > wrote: > > > > > > > No secret in database means it thinks > the pwdb > > is > > > empty (or it can't > > > > > > > load/find the pwdb). > > > > > > > > > > > > > > I'm not sure why offhand.. I can try to > > reproduce > > > it but won't have time > > > > > > > until later today. > > > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > > > Hi Dormando, > > > > > > > > Thanks for the quick reply. I used > the > > > environment variable you suggested before running the memcached > server > > > > instance: > > > > > > > >MEMCACHED_SASL_PWDB="/ > Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-s > > as > > > l-pwdb" > > > > > > > > > > > > > > > > I have added the following in my > > memcached.conf > > > file (so basically tells plain text). I have openssl and openldap > > > > installed > > > > > on my > > > > > > machine > > > > > > > but haven't > > > > > > > > specified it any config or pointed > to it in > > the > > > code. > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 > okale$ cat > > > memcached.conf > > > > > > > > > mech_list: plain > > > > > > > > > > > > > > > > Now I run: > > > > > > > > ./memcached -S -v > > > > > > > > > > > > > > > > Followed by the client: > > > > > > > > OKALE-M-33H5:mycode okale$ > ./testsasl ok hello > > > localhost > > > > > > > > Set failed: AUTHENTICATION FAILURE > > > > > > > > > > > > > > > > But still get the same error as > before on the > > > memcached server: > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > export > > > > > > MEMCACHED_SASL_PWDB="/ > Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-s > > a > > > sl-pwdb" > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > ./memcached > > > -S -v > > > > > > > > Reading configuration from: > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached.conf> > > > > > > > > Initialized SASL. > > > > > > > > mech: ``SRP'' with 15 bytes of data > > > > > > > > SASL (severity 2): no secret in > database > > > > > > > > sasl result code: -4 > > > > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > You could refer to my attached > client code > > above > > > but I still don't understand why it says 'no secret in database'. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards, > > > > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Friday, April 6, 2018 at 12:19:17 > PM UTC-7, > > > Dormando wrote: > > > > > > > > > > > > > > > > > > > > > > > > On Fri, 6 Apr 2018, Om Kale > wrote: > > > > > > > > > > > > > > > > > and then try to run my > client, I get > > the > > > following error on the server: > > > > > > > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 > okale$ > > > ./memcached -S -v > > > > > > > > > Reading configuration from: > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached.conf> > > > > > > > > > Initialized SASL. > > > > > > > > > mech: ``SRP'' with 15 bytes > of data > > > > > > > > > SASL (severity 2): no secret > in > > database > > > > > > > > > sasl result code: -4 > > > > > > > > > Unknown sasl response: -4 > > > > > > > > > > > > > > > > > > > > > > > > > > > I have added my username, > password in > > a > > > file called memcached-sasl-pwdb which is located at > > > > > > > > > > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached-sasl-pwdb > > > > > > > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 > okale$ > > cat > > > memcached-sasl-pwdb > > > > > > > > > ok:hello > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > My memcached.conf located at > > > /Users/okale/Library/Caches/Homebrew/memcached-1.5.7/memcached.conf > and > > > > contains: > > > > > > > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 > okale$ > > cat > > > memcached.conf > > > > > > > > > mech_list: plain > > > > > > > > > > > > > > > > > > > > > > > > > > > I have a couple of questions: > > > > > > > > > 1. How can the memcached > server on > > start > > > up know the configured users and the username:password details. > > > > (Does it > > > > > read it > > > > > > from > > > > > > > > memcached-sasl-pwdb? If > > > > > > > > > yes, how do I configure > it/point to > > it?) > > > > > > > > > > > > > > > > I guess the wiki didn't get > fully > > updated > > > :( If you use PWDB, it's via > > > > > > > > MEMCACHED_SASL_PWDB as an > environment > > > variable, so: > > > > > > > > $ > > > > > > > > MEMCACHED_SASL_PWDB="/Users/ > okale/Library/Caches/Homebrew/memcached-1.5.7/memcached-sa > > s > > > l-pwdb" > > > > > > > > ./memcached -S -v > > > > > > > > > > > > > > > > > > > > > > > > > 2. What's the use of the > > memcached.conf > > > file in the "Reading configuration from: > > > > > > > > > > > </Users/okale/Library/Caches/Homebrew/memcached-1.5.7/ > memcached.conf>" > > > > > > > > > > > > > > > > Stating the supported > mechanisms for > > sasl > > > authentication (ie; the at-rest > > > > > > > > state of the password data) > > > > > > > > > > > > > > > > > in the output. I am > presuming this > > read > > > will tell the memcached server the username:password details. If > > > > yes, what > > > > > should > > > > > > be the > > > > > > > location > > > > > > > > of this file > > > > > > > > > 3. Do I need to > install/point to any > > > additional ssl libraries during server bring up? > > > > > > > > > > > > > > > > Should be answered above. > Hopefully that > > > works for you > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > --- > > > > > > > > You received this message because > you are > > > subscribed to the Google Groups "memcached" group. > > > > > > > > To unsubscribe from this group and > stop > > > receiving emails from it, send an email to > memcached+...@googlegroups.com. > > > > > > > > For more options, visit > > > https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > --- > > > > > > > You received this message because you are > subscribed > > to > > > the Google Groups "memcached" group. > > > > > > > To unsubscribe from this group and stop > receiving > > emails > > > from it, send an email to memcached+unsubscr...@googlegroups.com > . > > > > > > > For more options, visit > > > https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > --- > > > > > > You received this message because you are > subscribed to > > > the Google Groups "memcached" group. > > > > > > To unsubscribe from this group and stop > receiving emails > > > from it, send an email to memcached+unsubscr...@googlegroups.com > . > > > > > > For more options, visit > > > https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > --- > > > > > > You received this message because you are subscribed > to the > > > Google Groups "memcached" group. > > > > > > To unsubscribe from this group and stop receiving > emails from > > > it, send an email to memcached+unsubscr...@googlegroups.com. > > > > > > For more options, visit https://groups.google.com/d/ > optout. > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > --- > > > > > You received this message because you are subscribed > to the > > Google > > > Groups "memcached" group. > > > > > To unsubscribe from this group and stop receiving > emails from > > it, > > > send an email to memcached+unsubscr...@googlegroups.com. > > > > > For more options, visit https://groups.google.com/d/ > optout. > > > > > > > > > > > > > > > -- > > > > > > > > > > --- > > > > > You received this message because you are subscribed to the > Google > > > Groups "memcached" group. > > > > > To unsubscribe from this group and stop receiving emails > from it, send > > > an email to memcached+unsubscr...@googlegroups.com. > > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to the > Google > > Groups > > > "memcached" group. > > > > To unsubscribe from this group and stop receiving emails from > it, send > > an > > > email to memcached+unsubscr...@googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > > > > -- > > > > > > > > --- > > > > You received this message because you are subscribed to the > Google > > Groups > > > "memcached" group. > > > > To unsubscribe from this group and stop receiving emails from > it, send > > an > > > email to memcached+unsubscr...@googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the > Google Groups > > > "memcached" group. > > > To unsubscribe from this group and stop receiving emails from > it, send an > > > email to memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > > > -- > > > > > > --- > > > You received this message because you are subscribed to the > Google Groups > > "memcached" > > > group. > > > To unsubscribe from this group and stop receiving emails from > it, send an > > email to > > > memcached+unsubscr...@googlegroups.com. > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, > send an > > email to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups "memcached" > > group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to > > memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
