Hey, Please interpret this with kindness: if you're struggling getting sasl to work, getting asynchronous TLS to work, be performant enough, and not buggy, while also forking the project, is going to be a very very bad idea for you.
If you're willing to put the effort into figuring out TLS into memcached, you're better off reading the cyrus source code to figure out how password databases work. Read the SASL protocol spec (it's not too bad). I see you spending a huge amount of time trying to work around the bugs you encounter; instead of going around, go through them. Get the password file to work the way you want it to. On Wed, 2 May 2018, Om Kale wrote: > Hi Dormando,Thanks for your reply. Yes, that works. Also, one more thing that > I was > curious to know or rather want to add to memcached. > Is there anyway I can go ahead and modify memcached itself to support SSL/TLS > (using > certificates) without using this third-party cyrus plugin/libsasl2? > If yes, where the memcached code need to be added for this. Basically, I want > to know > where exactly in the memcached code does the client connect to server and do > the SASL > protocol negotiation/exchanges) > I was thinking of adding a way in which memcached would be able to support > authentication depending on whatever ssl library the user wants to use. (not > restrict it > to cyrus-sasl or libsasl2) > > > Thanks and Regards,Om Kale > > > On Mon, Apr 30, 2018 at 1:50 PM, dormando <dorma...@rydia.net> wrote: > Hey, > > The passwd needs to be created with saslpasswd for most of the other > auth > types to work, otherwise you'll have to do it manually and I have no > idea > how to do that. IE; the saslpasswd files I created when trying to > reproduce your method worked fine with DIGEST-MD5 as well. > > On Mon, 30 Apr 2018, Om Kale wrote: > > > Hi All,I am trying to get my head around making memcached work with > SASL > support. The PLAIN auth is working but still running into issues for > > DIGEST-MD5. > > I have changed my memcached client side code to enable MD5 as > follows. I > have enabled the behavior to support MD5 and then passed the MD5 > > > > /* > > * Test that libmemcached is built with SASL support. > > */ > > #include <stdio.h> > > #include <inttypes.h> > > #include <stdlib.h> > > #include <string.h> > > #include <libmemcached/memcached.h> > > > > const char* key = "abc"; > > const char* value = "value"; > > > > // test basic get/set operation works. > > void test_getset(memcached_st* cache) > > { > > char* r_value; > > uint32_t flags = 0; > > uint32_t r_flags = 0; > > size_t val_length; > > memcached_return_t rc; > > > > > > rc = memcached_set(cache, key, strlen(key), value, strlen(value), > (time_t)0, flags); > > if (rc == MEMCACHED_TIMEOUT) { > > fprintf(stderr, "Set timeout\n"); > > return; > > } else if (rc != MEMCACHED_SUCCESS) { > > fprintf(stderr, "Set failed: %s\n", memcached_strerror(cache, > rc)); > > return; > > } > > > > r_value = memcached_get(cache, key, strlen(key), &val_length, > &r_flags, > &rc); > > if (rc == MEMCACHED_TIMEOUT) { > > fprintf(stderr, "Get timeout\n"); > > return; > > } else if (rc != MEMCACHED_SUCCESS) { > > fprintf(stderr, "Get failed: %s\n", memcached_strerror(cache, > rc)); > > return; > > } > > > > if (strcmp(value, r_value) != 0) { > > fprintf(stderr, "Get returned bad value! (%s != %s)!\n", value, > r_value); > > } > > > > if (r_flags != flags) { > > fprintf(stderr, "Get returned bad flags! (%u != %u)!\n", flags, > r_flags); > > } > > > > fprintf(stdout, "Get/Set success!\n"); > > } > > > > // connect with SASL. > > void authTest(const char* user, const char* pass, const char* server) > > { > > memcached_server_st *servers = NULL; > > memcached_return_t rc; > > memcached_st *cache; > > uint32_t hashVal; > > uint32_t hashPass; > > uint32_t hash; > > uint64_t behavior = 0; > > > > > > cache = memcached_create(NULL); > > // uint32_t hashusername = memcached_generate_hash(cache, user, > strlen(user)); > > //hash = memcached_generate_hash(cache, user, strlen(user)); > > //printf ("Hash value is: %" PRIu32 "\n", hash); > > > > // hashVal = memcached_generate_hash_value(user, strlen(user), > MEMCACHED_HASH_MD5); > > // printf ("Hash value is: %" PRIu32 "\n", hashVal); > > > > // hashPass = memcached_generate_hash_value(pass, strlen(pass), > MEMCACHED_HASH_MD5); > > // printf ("Hash value is: %" PRIu32 "\n", hashPass); > > > > > > rc = memcached_behavior_set(cache, MEMCACHED_HASH_MD5, 1); > > if (rc != MEMCACHED_SUCCESS) > > fprintf(stderr, "Couldn't use digest md5 hashing: %s\n", > memcached_strerror(cache, rc)); > > > > rc = memcached_set_sasl_auth_data(cache, > "$1$$dZY0EB48u3cuRp7JFyg68", > "$1$$JN/baUhJCUwYKagp48tsP0"); > > if (rc != MEMCACHED_SUCCESS) > > fprintf(stderr, "Couldn't setup SASL auth: %s\n", > memcached_strerror(cache, rc)); > > > > rc = memcached_behavior_set(cache, > MEMCACHED_BEHAVIOR_BINARY_PROTOCOL, > 1); > > if (rc != MEMCACHED_SUCCESS) > > fprintf(stderr, "Couldn't use the binary protocol: %s\n", > memcached_strerror(cache, rc)); > > > > rc = memcached_behavior_set(cache, > MEMCACHED_BEHAVIOR_CONNECT_TIMEOUT, > 10000); > > if (rc != MEMCACHED_SUCCESS) > > fprintf(stderr, "Couldn't set the connect timeout: %s\n", > memcached_strerror(cache, rc)); > > > > // rc = memcached_behavior_set(cache, MEMCACHED_HASH_MD5, 1); > > // if (rc != MEMCACHED_SUCCESS) > > // fprintf(stderr, "Couldn't use digest md5 hashing: %s\n", > memcached_strerror(cache, rc)); > > > > behavior = memcached_behavior_get(cache, MEMCACHED_HASH_MD5); > > printf ("hash behavior is: %" PRIu64 "\n", behavior); > > > > > > // hashVal = memcached_generate_hash_value(user, strlen(user), > MEMCACHED_HASH_MD5); > > // printf ("Hash value is: %" PRIu32 "\n", hashVal); > > //hash = memcached_generate_hash(cache, user, strlen(user)); > > //printf ("Hash value is: %" PRIu32 "\n", hash); > > > > servers = memcached_server_list_append(servers, server, 11211, &rc); > > rc = memcached_server_push(cache, servers); > > > > if (rc != MEMCACHED_SUCCESS) > > fprintf(stderr, "Couldn't add server: %s\n", > memcached_strerror(cache, > rc)); > > > > test_getset(cache); > > > > memcached_free(cache); > > } > > > > // start program. > > int main(int argv, char *args[]) > > { > > if (argv != 4) { > > fprintf(stderr, "ERROR: usage => %s [username] [password] > [server]\n", > args[0]); > > return 1; > > } > > > > authTest(args[1], args[2], args[3]); > > return 0; > > } > > > > On client side, I see following error after running the code: > > :~/Desktop$ ./testsasl testuser testpass 127.0.0.1 > > hash behavior is: 1 > > Set failed: WRITE FAILURE > > > > > > On server side I still get following error: > > > > <28 new binary client connection. > > <28 Read binary protocol data: > > <28 0x80 0x20 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x02 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > authenticated() in cmd 0x20 is true > > >28 Writing bin response: > > >28 0x81 0x20 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x0a > > >28 0x00 0x02 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > <28 Read binary protocol data: > > <28 0x80 0x21 0x00 0x0a > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x0a > > <28 0x00 0x02 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > authenticated() in cmd 0x21 is true > > mech: ``DIGEST-MD5'' with 0 bytes of data > > SASL (severity 5): DIGEST-MD5 server step 1 > > sasl result code: 1 > > >28 Writing bin response: > > >28 0x81 0x21 0x00 0x00 > > >28 0x00 0x00 0x00 0x21 > > >28 0x00 0x00 0x00 0x7b > > >28 0x00 0x02 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > <28 connection closed. > > SASL (severity 5): DIGEST-MD5 common mech dispose > > > > > > Thanks and Regards,Om Kale > > > > > > On Thu, Apr 26, 2018 at 3:39 PM, Om Kale <omkal...@gmail.com> wrote: > > Hi Dormando,Hope your doing well and thanks for all the help you have > >been > providing. One quick question on using other SASL mechanisms like > > DIGEST-MD5, CRAM-MD5. Apart from adding them to the memcached.conf > >under > mech_list, is there other chages needed on client side code/ > > memcached-sasl-pwdb to support these other mechanisms. > > Currently I have just made the change in the memcached.conf file as follows > (just a change in the mech_list): > > mech_list: DIGEST-MD5 > > log_level: 5 > > sasldb_path: /home/cisco/sasl/memcached-sasl-pwdb > > > > > > It gives me following errors on server side: > > <28 new binary client connection. > > <28 Read binary protocol data: > > <28 0x80 0x20 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x02 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > authenticated() in cmd 0x20 is true > > >28 Writing bin response: > > >28 0x81 0x20 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x0a > > >28 0x00 0x02 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > <28 Read binary protocol data: > > <28 0x80 0x21 0x00 0x0a > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x0a > > <28 0x00 0x02 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > <28 0x00 0x00 0x00 0x00 > > authenticated() in cmd 0x21 is true > > mech: ``DIGEST-MD5'' with 0 bytes of data > > SASL (severity 5): DIGEST-MD5 server step 1 > > sasl result code: 1 > > >28 Writing bin response: > > >28 0x81 0x21 0x00 0x00 > > >28 0x00 0x00 0x00 0x21 > > >28 0x00 0x00 0x00 0x7b > > >28 0x00 0x02 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > >28 0x00 0x00 0x00 0x00 > > <28 connection closed. > > SASL (severity 5): DIGEST-MD5 common mech dispose > > > > > > > > Thanks and Regards, > > Om Kale > > > > > > On Tue, Apr 17, 2018 at 7:25 PM, Om Kale <omkal...@gmail.com> wrote: > > Hi Dormando,Don't worry about it. I figured it out. I had to make some > changes in the cyrus-sasl config files and re-configure and then > > make memcached again. Also had to re-configure libmemcached with > --enable-sasl option. > > Looking forward to your token based implementation. > > > > Regards, > > Om Kale > > On Tue, Apr 17, 2018, 7:04 PM dormando <dorma...@rydia.net> wrote: > > Ah, I think you're stuck with SASL then. > > > > If I try to help you further I'll just be googling cyrus stuff and > >reading > > its source code; it's not really something I can help you with, sorry > >:( > > > > On Tue, 17 Apr 2018, Om Kale wrote: > > > > > Unique to the client. > > > > > > Thanks and Regards, > > > Om Kale > > > > > > On Tue, Apr 17, 2018 at 3:41 PM, dormando <dorma...@rydia.net> > >wrote: > > > Are you saying the tokens need to be unique to each client, > >or can > they > > > all share a single token? > > > > > > On Tue, 17 Apr 2018, Om Kale wrote: > > > > > > > So my wireless application needs authentication support > >before a > trusted client can do a get/set. > > > > As long as I can do this, the underlying mechanism is not > >that > critical. The token proposol can also work but again > > there should be a > > > mechanism where > > > > server authenticates for the clients and the number of > >clients > can be pretty large. > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > On Tue, Apr 17, 2018 at 3:25 PM, dormando > ><dorma...@rydia.net> > wrote: > > > > Also, I should ask again; do you need SASL in > >specific or > would something > > > > like my authentication token proposal from a week ago > work? > > > > > > > > On Tue, 17 Apr 2018, dormando wrote: > > > > > > > > > "failed to list sasl mechanisms" is beyond my > >knowledge > :/ you might not > > > > > have config files for cyrus sasl. you should search > their > > > > > knowledgebases/mails/etc. > > > > > > > > > > On Tue, 17 Apr 2018, Om Kale wrote: > > > > > > > > > > > Sorry about that it was a typo in the email: > > > > > > > > > > > > :~/sasl$ cat memcached.conf > > > > > > mech_list: plain > > > > > > log_level: 5 > > > > > > sasldb_path: /home/okale/sasl/memcached-sasl-pwdb > > > > > > > > > > > > > > > > > > :~/sasl$ pwd > > > > > > /home/okale/sasl > > > > > > :~/sasl$ > > > > > > :~/sasl$ ls > > > > > > memcached.conf memcached-sasl-pwdb > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > On Tue, Apr 17, 2018 at 3:11 PM, dormando > <dorma...@rydia.net> wrote: > > > > > > Hey, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Btw, I do have the correct memcached.conf > >file > entry > > > > > > > mech_list: plain > > > > > > > log_level: 5 > > > > > > > sasldb_path: > >/home//sasl/memcached-sasl-pwdb > > > > > > > > > > > > Is this missing your username? is the > memcached-sasl-pwdb file actually > > > > > > there? > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > > > > > > > On Tue, Apr 17, 2018 at 2:25 PM, dormando > <dorma...@rydia.net> wrote: > > > > > > > Hey, > > > > > > > > > > > > > > That's because memcached isn't > >linking > against the library you're > > > > > > > specifying... It's going to be much > faster for you to search the internet > > > > > > > for that specific error. "error > >while > loading shared libraries" "no such > > > > > > > file or directory". there should be > >a > good number of stackoverflow > > > > > > > responses walking you through this > >sort > of thing. > > > > > > > > > > > > > > Once you build sasl, you need to > >rebuild > memcached from scratch with a new > > > > > > > ./configure, but the old sasl > >libraries > should not exist and should not be > > > > > > > in any paths first. > > > > > > > > > > > > > > On Tue, 17 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > > > Hey Dormando, > > > > > > > > Thanks for the reply. I am doing > >this > as I need to use sasl packages/libraries available > > under openwrt as I am > > > using > > > > memcached for > > > > > > a > > > > > > > wireless > > > > > > > > application. This is the reason I > >have > to use cyrus-sasl only. > > > > > > > > Earlier I had installed sasl > >support > using following: > > > > > > > > apt-get install libsasl2-2 > >sasl2-bin > libsasl2-2 libsasl2-dev libsasl2-modules > > > > > > > > > > > > > > > > Now what I want to do is just use > >the > latest cyrus-sasl package for memcached to work with > > sasl. > > > > > > > > > > > > > > > > After downloading the tarball > cyrus-sasl-2.1.27, I use the following to configure. > > > > > > > > > > > > > > > > cd (directory it was untarred > >into) > > > > > > > > ./configure > > > > > > > > make > > > > > > > > make install > > > > > > > > ln -s /usr/local/lib/sasl2 > /usr/lib/sasl2 > > > > > > > > > > > > > > > > Now, I run memcached. > > > > > > > > I am aware of the library path > >issue > as I see this: > > > > > > > > > > > > > > > > ~/Downloads/memcached-1.5.7$ > >memcached > > > > > > > > memcached: error while loading > >shared > libraries: libsasl2.so.2: cannot open shared object > > file: No such file or > > > directory > > > > > > > > ~/Downloads/memcached-1.5.7$ ldd > memcached > > > > > > > > linux-vdso.so.1 => > (0x00007ffcbd536000) > > > > > > > > libevent-2.0.so.5 => > /usr/lib/x86_64-linux-gnu/libevent-2.0.so.5 (0x00007fa8f7a03000) > > > > > > > > libsasl2.so.2 => not found > > > > > > > > libpthread.so.0 => > /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007fa8f77e6000) > > > > > > > > libc.so.6 => > /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa8f741c000) > > > > > > > > /lib64/ld-linux-x86-64.so.2 > (0x00007fa8f7c49000) > > > > > > > > > > > > > > > > As you see above, this particular > libsasl2.so.2 is not found by memcached. > > > > > > > > I checked under /usr/local/bin and > other locations as well, but I couldn't find the > > libsasl2.so.2 file. > > > > > > > > > > > > > > > > Additionally, ldconfig -p doesn't > >show > this particular file. (libsasl2.so.2) > > > > > > > > ~/Downloads/memcached-1.5.7$ > >ldconfig > -p | grep -i 'libsasl' > > > > > > > > libsasl2.so.3 (libc6,x86-64) > >=> > /usr/local/lib/libsasl2.so.3 > > > > > > > > libsasl2.so (libc6,x86-64) => > /usr/local/lib/libsasl2.so > > > > > > > > :~/Downloads/memcached-1.5.7$ > > > > > > > > > > > > > > > > > > > > > > > > What I wanted to see is if anyone > >else > ran across this issue/ how could I add this > > dependency, as the memcached > > > wiki > > > > mentions > > > > > > cyrus-sasl in > > > > > > > the SASLHowto > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Apr 17, 2018 at 12:21 PM, > dormando <dorma...@rydia.net> wrote: > > > > > > > > Why are you doing this? I > >think > you're moving beyond the scope of support > > > > > > > > this mailing list can > >provide; > you need to ensure build paths are correct, > > > > > > > > ldconfig's cache has the > >paths > to the library, etc. > > > > > > > > > > > > > > > > It should be much simpler to > just use ubuntu's existing libraries? > > > > > > > > > > > > > > > > On Tue, 17 Apr 2018, Om Kale > wrote: > > > > > > > > > > > > > > > > > Here are the steps I took: > > > > > > > > > 1. I uninstalled the > >following > libsasl2-2 sasl2-bin libsasl2-2 libsasl2-dev > > libsasl2-modules, since I am > > > trying > > > > to do it > > > > > > only with > > > > > > > the > > > > > > > > cyrus sasl > > > > > > > > > package. (This includes > >the > other libararies) > > > > > > > > > 2. Installed and > >configured > cyrus-sasl-2.1.27 > > > > > > > > > 3. Ran the ./configure > --enable-sasl --enable-sasl-pwdb inside latest memcached > > folder, followed by make > > > and make > > > > install > > > > > > > > > > > > > > > > > > Then I see the error. > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Apr 17, 2018 at > >12:03 > PM, dormando <dorma...@rydia.net> wrote: > > > > > > > > > Did you recompile > memcached on there or copy the binary? > > > > > > > > > > > > > > > > > > On Tue, 17 Apr > >2018, Om > Kale wrote: > > > > > > > > > > > > > > > > > > > Hey Dormando, > > > > > > > > > > I was trying to > >play > around with memcached sasl a bit more on Ubuntu. > > > > > > > > > > I tried to use the > cyrus sasl libraries. > > > > > > > > > > However, when I > >try to > run the memcached server it gives the following error: > > > > > > > > > > > ~/Downloads/memcached-1.5.7$ memcached -S -vv > > > > > > > > > > memcached: error > >while > loading shared libraries: libsasl2.so.2: cannot open > > shared object file: > > > No such > > > > file or > > > > > > directory > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I checked in > usr/local/lib and I see libsasl2.so.3 present. > > > > > > > > > > > cisco@dd17-ubuntu-namsoo:/usr/local/lib$ ls -lrt > > > > > > > > > > drwxrwsr-x 3 root > staff 4096 Feb 28 10:25 python3.5 > > > > > > > > > > drwxrwsr-x 4 root > staff 4096 Feb 28 10:35 python2.7 > > > > > > > > > > drwxr-xr-x 2 root > root 4096 Apr 16 08:47 sasl2 > > > > > > > > > > -rwxr-xr-x 1 root > root 163912 Apr 17 03:09 libhashkit.so.2.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 19 Apr 17 03:09 libhashkit.so.2 -> > > libhashkit.so.2.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 19 Apr 17 03:09 libhashkit.so -> > > libhashkit.so.2.0.0 > > > > > > > > > > -rwxr-xr-x 1 root > root 938 Apr 17 03:09 libhashkit.la > > > > > > > > > > -rwxr-xr-x 1 root > root 1373952 Apr 17 03:09 libmemcached.so.11.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 22 Apr 17 03:09 libmemcached.so.11 -> > > libmemcached.so.11.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 22 Apr 17 03:09 libmemcached.so -> > > libmemcached.so.11.0.0 > > > > > > > > > > -rwxr-xr-x 1 root > root 978 Apr 17 03:09 libmemcached.la > > > > > > > > > > -rwxr-xr-x 1 root > root 114792 Apr 17 03:09 libmemcachedutil.so.2.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 25 Apr 17 03:09 libmemcachedutil.so.2 -> > > libmemcachedutil.so.2.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 25 Apr 17 03:09 libmemcachedutil.so -> > > libmemcachedutil.so.2.0.0 > > > > > > > > > > -rwxr-xr-x 1 root > root 1033 Apr 17 03:09 libmemcachedutil.la > > > > > > > > > > -rw-r--r-- 1 root > root 329582 Apr 17 03:09 libhashkit.a > > > > > > > > > > -rw-r--r-- 1 root > root 3175600 Apr 17 03:09 libmemcached.a > > > > > > > > > > -rw-r--r-- 1 root > root 220608 Apr 17 03:09 libmemcachedutil.a > > > > > > > > > > drwxr-xr-x 2 root > root 4096 Apr 17 03:09 pkgconfig > > > > > > > > > > -rwxr-xr-x 1 root > root 485528 Apr 17 03:43 libsasl2.so.3.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 17 Apr 17 03:43 libsasl2.so.3 -> > > libsasl2.so.3.0.0 > > > > > > > > > > lrwxrwxrwx 1 root > root 17 Apr 17 03:43 libsasl2.so -> libsasl2.so.3.0.0 > > > > > > > > > > -rwxr-xr-x 1 root > root 652 Apr 17 03:43 libsasl2.la > > > > > > > > > > > cisco@dd17-ubuntu-namsoo:/usr/local/lib$ > > > > > > > > > > > > > > > > > > > > Has anyone else > >seen > similar error while working with cyrus-sasl-2.1.27? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om > >Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Wed, Apr 11, 2018 at > >8:34 > PM, dormando <dorma...@rydia.net> wrote: > > > > > > > > > > Hey, > > > > > > > > > > > > > > > > > > > > Good to hear! good > luck. > > > > > > > > > > > > > > > > > > > > SASL is the only > method. I sent a proposal to this mailing list yesterday > > > > > > > > > > for authentication > tokens. > > > > > > > > > > > > > > > > > > > > On Wed, 11 Apr > >2018, > Om Kale wrote: > > > > > > > > > > > > > > > > > > > > > Hey Dormando, > > > > > > > > > > > Works like a > >charm > with Ubuntu. So its a MAC problem then. > > > > > > > > > > > I also had an > additional question: > > > > > > > > > > > In memcached, is > there any way of doing authentication without actually > > using the SASL library > > > > available. For > > > > > > example, > > > > > > > using some > > > > > > > > other > > > > > > > > > > underlying ssl > > > > > > > > > > > libraries. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and > Regards,Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Wed, Apr 11, > >2018 > at 4:14 PM, dormando <dorma...@rydia.net> wrote: > > > > > > > > > > > I don't > >see > anything wrong with it. Since you ultimately need this to > > run > > > > > > > > > > > on > >ubuntu, why > don't you start testing with a VM? It might not matter > > at > > > > > > > > > > > all if the > problem is just with the mac. > > > > > > > > > > > > > > > > > > > > > > On Wed, > >11 Apr > 2018, Om Kale wrote: > > > > > > > > > > > > > > > > > > > > > > > Ah, I > >see. > This person on the memcached group also observed the > > same issue on Cent OS > > > (I see it > > > > on Mac > > > > > > OS) some > > > > > > > time > > > > > > > > back: > > > > > > > > > > > > > > > > > > > > > > > > > https://groups.google.com/forum/#!topic/memcached/mtzcFVYahZo > > > > > > > > > > > > > > > > > > > > > > > > I have > attached my client program testsasl2.c with this mail. I > > don't see any errors in > > > the > > > > code. Please > > > > > > do let > > > > > > > me know > > > > > > > > if you > > > > > > > > > find > > > > > > > > > > > anything. > > > > > > > > > > > > > > > > > > > > > > > > Used > following to compile and run: > > > > > > > > > > > > > OKALE-M-33H5:mycode okale$ gcc -o testsasl2 testsasl2.c -lmemcached > > -lsasl2 -lssl > > > > > > > > > > > > > OKALE-M-33H5:mycode okale$ ./testsasl2 testuser testpass localhost > > > > > > > > > > > > Set > >failed: > AUTHENTICATION FAILURE > > > > > > > > > > > > > OKALE-M-33H5:mycode okale$ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On > >memcached > server side I see the same error when I use > > testuser:testpass in the sasl > > > > database. > > > > > > > > > > > > > OKALE-M-33H5:tmp okale$ pwd > > > > > > > > > > > > /tmp > > > > > > > > > > > > > OKALE-M-33H5:tmp okale$ cat memcached-sasl-db > > > > > > > > > > > > > testuser:testpass > > > > > > > > > > > > > OKALE-M-33H5:tmp okale$ > > > > > > > > > > > > > > > > > > > > > > > > > >Memcached > server: > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > SASL_CONF_PATH="/Users/okale/sasl" memcached -S -vv > > > > > > > > > > > > Reading > configuration from: </Users/okale/sasl> > > > > > > > > > > > > > >Initialized > SASL. > > > > > > > > > > > > slab > >class > 1: chunk size 96 perslab 10922 > > > > > > > > > > > > slab > >class > 2: chunk size 120 perslab 8738 > > > > > > > > > > > > slab > >class > 3: chunk size 152 perslab 6898 > > > > > > > > > > > > slab > >class > 4: chunk size 192 perslab 5461 > > > > > > > > > > > > slab > >class > 5: chunk size 240 perslab 4369 > > > > > > > > > > > > slab > >class > 6: chunk size 304 perslab 3449 > > > > > > > > > > > > slab > >class > 7: chunk size 384 perslab 2730 > > > > > > > > > > > > slab > >class > 8: chunk size 480 perslab 2184 > > > > > > > > > > > > slab > >class > 9: chunk size 600 perslab 1747 > > > > > > > > > > > > slab > >class > 10: chunk size 752 perslab 1394 > > > > > > > > > > > > slab > >class > 11: chunk size 944 perslab 1110 > > > > > > > > > > > > slab > >class > 12: chunk size 1184 perslab 885 > > > > > > > > > > > > slab > >class > 13: chunk size 1480 perslab 708 > > > > > > > > > > > > slab > >class > 14: chunk size 1856 perslab 564 > > > > > > > > > > > > slab > >class > 15: chunk size 2320 perslab 451 > > > > > > > > > > > > slab > >class > 16: chunk size 2904 perslab 361 > > > > > > > > > > > > slab > >class > 17: chunk size 3632 perslab 288 > > > > > > > > > > > > slab > >class > 18: chunk size 4544 perslab 230 > > > > > > > > > > > > slab > >class > 19: chunk size 5680 perslab 184 > > > > > > > > > > > > slab > >class > 20: chunk size 7104 perslab 147 > > > > > > > > > > > > slab > >class > 21: chunk size 8880 perslab 118 > > > > > > > > > > > > slab > >class > 22: chunk size 11104 perslab 94 > > > > > > > > > > > > slab > >class > 23: chunk size 13880 perslab 75 > > > > > > > > > > > > slab > >class > 24: chunk size 17352 perslab 60 > > > > > > > > > > > > slab > >class > 25: chunk size 21696 perslab 48 > > > > > > > > > > > > slab > >class > 26: chunk size 27120 perslab 38 > > > > > > > > > > > > slab > >class > 27: chunk size 33904 perslab 30 > > > > > > > > > > > > slab > >class > 28: chunk size 42384 perslab 24 > > > > > > > > > > > > slab > >class > 29: chunk size 52984 perslab 19 > > > > > > > > > > > > slab > >class > 30: chunk size 66232 perslab 15 > > > > > > > > > > > > slab > >class > 31: chunk size 82792 perslab 12 > > > > > > > > > > > > slab > >class > 32: chunk size 103496 perslab 10 > > > > > > > > > > > > slab > >class > 33: chunk size 129376 perslab 8 > > > > > > > > > > > > slab > >class > 34: chunk size 161720 perslab 6 > > > > > > > > > > > > slab > >class > 35: chunk size 202152 perslab 5 > > > > > > > > > > > > slab > >class > 36: chunk size 252696 perslab 4 > > > > > > > > > > > > slab > >class > 37: chunk size 315872 perslab 3 > > > > > > > > > > > > slab > >class > 38: chunk size 394840 perslab 2 > > > > > > > > > > > > slab > >class > 39: chunk size 524288 perslab 2 > > > > > > > > > > > > <17 > >server > listening (binary) > > > > > > > > > > > > <18 > >server > listening (binary) > > > > > > > > > > > > <19 new > binary client connection. > > > > > > > > > > > > <19 Read > binary protocol data: > > > > > > > > > > > > <19 > >0x80 > 0x20 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x02 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > > authenticated() in cmd 0x20 is true > > > > > > > > > > > > >19 > >Writing > bin response: > > > > > > > > > > > > >19 > >0x81 > 0x20 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x05 > > > > > > > > > > > > >19 > >0x00 > 0x02 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 Read > binary protocol data: > > > > > > > > > > > > <19 > >0x80 > 0x21 0x00 0x05 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x1f > > > > > > > > > > > > <19 > >0x00 > 0x02 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > > authenticated() in cmd 0x21 is true > > > > > > > > > > > > mech: > ``PLAIN'' with 26 bytes of data > > > > > > > > > > > > INFO: > >User > <testuser@OKALE-M-33H5> failed to authenticate > > > > > > > > > > > > SASL > (severity 2): Password verification failed > > > > > > > > > > > > sasl > >result > code: -20 > > > > > > > > > > > > Unknown > >sasl > response: -20 > > > > > > > > > > > > >19 > >Writing > an error: Auth failure. > > > > > > > > > > > > >19 > >Writing > bin response: > > > > > > > > > > > > >19 > >0x81 > 0x21 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x20 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x0d > > > > > > > > > > > > >19 > >0x00 > 0x02 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > >19 > >0x00 > 0x00 0x00 0x00 > > > > > > > > > > > > <19 > connection closed. > > > > > > > > > > > > ^CSignal > handled: Interrupt: 2. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks > >and > Regards, > > > > > > > > > > > > Om Kale > > > > > > > > > > > > > > > > > > > > > > > > On Wed, > >Apr > 11, 2018 at 10:14 AM, dormando <dorma...@rydia.net> > > wrote: > > > > > > > > > > > > > >I'm on > ubuntu.. I didn't do anything special or change > > anything, I gave a > > > > > > > > > > > > > >list > of all the commands I ran to make it work verbatim. > > > > > > > > > > > > > > > > > > > > > > > > I > didn't have the username@ETC issue happen at all. If I had > > to guess, > > > > > > > > > > > > > >that > would need to be fixed on the client side. > > > > > > > > > > > > > > > > > > > > > > > > On > Wed, 11 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > >Hey > Dormando, > > > > > > > > > > > > > > >No > the saslpasswd2 command didn't give me any output. I > > will use strace to > > > check for > > > > errors. > > > > > > > > > > > > > > Additionally, are you using an Ubuntu machine (If yes, how > > did you install sasl > > > on your > > > > machine > > > > > > and did > > > > > > > you make > > > > > > > > any > > > > > > > > > > changes to it > > > > > > > > > > > inorder > > > > > > > > > > > > to > make it > > > > > > > > > > > > > > work). I am asking this as I will also be running this on > > Ubuntu later. > > > > > > > > > > > > > > >On > my MAC, for SASL, I just installed the sasl2bin library > > and some other > > > dependencies. > > > > (I tried > > > > > > with > > > > > > > > cyrus-sasl-plain as > > > > > > > > > > well, but > > > > > > > > > > > did't > > > > > > > > > > > > > >seem > to work) > > > > > > > > > > > > > > Also, for my other question about memcached client > > appending mylocalhost-mac > > > name as > > > > > > > 'testuser@OKALE-M-33H5'? I > > > > > > > > saw some > > > > > > > > > > posts > > > > > > > > > > > reporting > > > > > > > > > > > > > >this > same issue > > > > > > > > > > > > > > >on > the group and stackoverflow. > > > > > > > > > > > > > > >Will > I be able to perform the authentication without saving > > the username in > > > this format > > > > in my > > > > > > sasl db > > > > > > > file? > > > > > > > > > > > > > > > > > > > > > > > > > > > Thanks and Regards,Om Kale > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >On > Tue, Apr 10, 2018 at 11:40 PM, dormando > > <dorma...@rydia.net> wrote: > > > > > > > > > > > > > > > > I don't really know. I don't have a mac so I don't > > know why saslpasswd2 > > > > > > > > > > > > > > > > doesn't work. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > If it gives you any output when it doesn't work (with > > the -f argument), > > > > > > > > > > > > > > > > please share it. You can also strace the command to > > see if there are any > > > > > > > > > > > > > > > > obvious errors before it exits. There must be some > > reason why it's not > > > > > > > > > > > > > > > > writing the file; it worked fine for me immediately. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > how did you install sasl on your machine? or did it > > come with it? > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, 10 Apr 2018, Om Kale wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi Dormando, > > > > > > > > > > > > > > > > > I finally figured it out the issue from the above > > thread itself. > > > > > > > > > > > > > > > > > The small change in steps as shown below work on my > > MAC machine: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ echo > > > "testuser@OKALE-M-33H5:testpass" > > > > > > > > /tmp/memcached-sasl-db > > > > > > > > > > > > > > > > > OKALE-M-33H5:memcached-1.5.7 okale$ > > SASL_CONF_PATH="/Users/okale/sasl" > > > > memcached -v -S > > > > > > > > > > > > > > > > > Reading configuration from: </Users/okale/sasl> > > > > > > > > > > > > > > > > > Initialized SASL. > > > > > > > > > > > > > > > > > mech: ``PLAIN'' with 26 bytes of data > > > > > > > > > > > > > > > > > sasl result code: 0 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Client Side: > > > > > > > > > > > > > > > > > OKALE-M-33H5:mycode okale$ ./testsasl testuser > > testpass 127.0.0.1 > > > > > > > > > > > > > > > > > Get/Set success! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I observe two things here: > > > > > > > > > > > > > > > > > 1. The saslpasswd2 doesn't create the > > memcached-sasl-db file for me, I > > > instead > > > > used the > > > > > > echo > > > > > > > command > > > > > > > > listed > > > > > > > > > above. > > > > > > > > > > > > > > > > > 2. Now memcached appends mylocalhost-mac name i.e. > > @OKALE-M-33H5 to the > > > > username when I > > > > > > run the > > > > > > > client. > > > > > > > > (Not sure > > > > > > > > > > why this > > > > > > > > > > > is the > > > > > > > > > > > > > >case) > > > > > > > > > > > > > > > > > It would be great if you could guide me as to > > whether there is a > > > specific > > > > reason to it > > > > > > and will I > > > > > > > be able > > > > > > > > to > > > > > > > > > > perform the > > > > > > > > > > > > > authentication > > > > > > > > > > > > > > > > without saving > > > > > > > > > > > > > > > > > the username in this format in my sasl db file. > > > > > > > > > > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > "memcached" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email > to memcached+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to > memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "memcached" > group. > To unsubscribe from this group and stop receiving emails from it, send an > email to > memcached+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > -- --- You received this message because you are subscribed to the Google Groups "memcached" group. To unsubscribe from this group and stop receiving emails from it, send an email to memcached+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.